Posts

Marco Casagrande’s presentation of our E-Spoofer paper about Xiaomi e-scooters' security and privacy recorded at ACM WiSec'23

Riccardo Cestaro’s master thesis, done at EURECOM in my group as a visiting student from UniPD, won the second prize in the CLUSIT (Italian Association for Information Security) thesis contest. CLUSIT yearly awards some of the best Information security theses in Italy. The list of winners is available here.

I am looking for a postdoc interested in Industrial Internet-of-Thing (IIoT) network security and privacy. The postdoc will be funded by the PEPR5g ANR project, work under my supervision at and join EURECOM’s S3 group. I can start hiring from the beginning of this summer.

Marco Casagrande presented at WiSec'23 our paper titled: E-Spoofer: Attacking and Defending Xiaomi Electric Scooter Ecosystem.

In a nutshell, we reverse-engineered the proprietary wireless protocols used by Xiaomi e-scooters and companions applications (i.e., Mi Home) over BLE, found critical vulnerabilities, exploited them to get arbitrary read and write capabilities on an e-scooter both in proximity and remotely (via a malicious Android app), developed concrete countermeasures, released a toolkit to reproduce our findings and tamper with the protocols, and responsibly disclosed our results to Xiaomi.

The Digital Security Department of EURECOM invites applications for a tenured position at the Assistant Professor level in the area of Digital Security. Starting date: ASAP. Full info here.

Please spread the word 😄 !

Our talk titled BreakMi: Reversing, Exploiting and Fixing Xiaomi (and Fitbit) Fitness Tracking Ecosystems has been accepted at Hardwear.io USA'23. The talk extends and complements our paper titled BreakMi: Reversing, Exploiting and Fixing Xiaomi Fitness Tracking Ecosystem. The talk covers new relevant and educational aspect about our study that we did not have time to talk about during the paper presentation at CHES'22. For instance we will cover in detail:

Marco Casagrande presented his excellent poster about BreakMi: Reversing, Exploiting and Fixing Xiaomi Fitness Tracking Ecosystem during EURECOM’s Scientific Council (SC).

The call for papers for 2023 ACM Cyber-Physical System Security Workshop (CPSS) is open. The workshop is held in conjunction with ACM AsiaCCS'23 in Melbourne, Australia. For more information see the CPSS website and its call for papers.

We presented our paper titled BreakMi: Reversing, Exploiting and Fixing Xiaomi Fitness Tracking Ecosystem at CHES 2022 in the hardware security track.

Here is the excellent presentation given by Marco Casagrande. You can also check out the presentation slides and the BreakMi repository to reproduce our findings (with the help of video tutorials nicely prepared by Marco).

I’m glad to share three updates about the BLURtooth paper.

We successfully tested the BLUR attacks on a Google Pixel 6 (Bluetooth 5.2) and submitted our findings to Google. They classified the report with high severity, assigned CVE-2022-20361, and shipped fixes as part of August’s Android Security bulletin. More details about the fixes can be found here. This is yet another finding demonstrating that the attacks are effective on all Bluetooth versions supporting CTKD unlike stated in this note from the Bluetooth SIG .