Blog: Shameless Self Promotion

Going to DefCon 23? Come to our IoT Village workshop!

Joe Bursell 29 Jul 2015

If you’re going to be at DefCon 23 in Las Vegas next week then do come along to our IoT Village workshop, Saturday August 8th at 10:00 (full schedule here).


Hacking You Fat: The Fitbit Aria Scales. A hands-on workshop

The hour long workshop will start with a brief presentation covering our research to date with Fitbit’s Aria scales; what we’ve found, what we’ve learned, where we’ve got stuck, and what we’ve guessed at.

We will discuss a few vulnerabilities that we have discovered and help get you started on finding some more. Once we’ve set the scene the workshop can begin. This is really a 101 on logic probing and hardware analysis, so we’ll share some basic techniques for logic probing; UART, SPI, Flash etc.

We will be bringing a number of sacrificial Fitbit Aria scales for you to work on yourselves, plus several sets of logic probes with us for you to use, with guidance from us if you’d like it.

If you would like to borrow our probes for the session, please make sure you have installed Logic from Saleae, or use your favourite logic analyser. If you’re bringing your own Fitbit Aria scales we advise that you check they are at firmware version 36 or below.

Tasks for the session:

  • Push old firmware to the Aria
  • Modify the startup display on the Aria LCD (‘hack me fat!’)
  • Turn the scales in to a network implant

Big thanks to Fitbit who are providing a number of Aria scales to work on.

Can’t come?

For those of you that can’t attend don’t cry too much, we’ll be blogging the results of the workshop as well as sharing additional findings that are discovered.