Owners Resort to Hacking Smart Treadmills After NordicTrack Locks Them Out

Owners Resort to Hacking Smart Treadmills After NordicTrack Locks Them Out

It’s natural to expect that if you buy something, you can do whatever you want with it. However, the complexity of laws around intellectual property has made that difficult. The right to repair movement is gaining steam with even Apple loosening restrictions on tinkering with your own hardware. NordicTrack is not so enlightened, though. After customers started installing their own apps on the company’s $4,000 X32i smart treadmill, it released a software update that locked them out. Owners aren’t happy.

Exercise equipment is smarter than ever before. Companies like Peleton have made boatloads of cash by integrating subscription training services with the hardware, and that’s what NordicTrack does. The X32i is a spendy treadmill with a huge 32-inch touchscreen display, which delivers fitness content from NordicTrack’s iFit, a service that costs $39 per month. You’re probably familiar with these services, if only by reputation. There are suspiciously perky trainers urging you on, online leaderboards, 1-on-1 help, and more.

Until now, anyone who wanted more from their $4,000 treadmill could simply unlock the device’s underlying Android OS. According to owners, the process was simple and documented in NordicTrack’s help documents. Just tap the screen ten times, wait seven seconds, and tap ten more times. With access to the Android UI, you can sideload the apps of your choice and even use the browser to access a world of content online.

Owners Resort to Hacking Smart Treadmills After NordicTrack Locks Them Out

In October, NordicTrack started rolling out an update that removed the so-called “privilege mode” from all its connected workout machines. According to NordicTrack, this is just about safety. Since the software can control the mechanical components of the treadmill, it doesn’t want people to install third-party apps in a public setting (the X32i is available to both consumers and commercial buyers). Owners who relied on sideloading have suddenly found their expensive treadmills are much less useful, and they’re scrambling to find workarounds. So far, the best they’ve found involves factory resetting the treadmill. It restarts with old software that includes privilege mode. Then, you have to block NordicTrack’s update servers at the network level to keep the new software from asserting itself.

NordicTrack says anyone who has used a workaround to access privilege mode could find their warranty voided. That hasn’t stopped owners from trying to regain some of that lost functionality. NordicTrack can swear up and down this is a safety issue, but there are smarter ways to protect machines in public settings. For example, an administrator account for personal use, which is simple to implement in Android. If anything, this sounds like NordicTrack is doing whatever it can to keep people paying $39 every month for content on that big 32-inch screen. You know what doesn’t have any content restrictions? A TV. You can just put one of those in front of a cheaper treadmill, just as our ancestors did.

Continue reading

Signal Founder Hacks Cellebrite’s Phone Hacking Tools
Signal Founder Hacks Cellebrite’s Phone Hacking Tools

The Israeli firm recently bragged that it has helped law enforcement retrieve data from the encrypted Signal chat app. Well, Signal founder Moxie Marlinspike had something to say about that.

Wyze Left Security Cameras Open to Hacking for Three Years
Wyze Left Security Cameras Open to Hacking for Three Years

A new disclosure from security firm Bitdefender reveals that the original Wyze Cam has a major security vulnerability that could allow an attacker to remotely access your video, and Wyze has known about it for three years.

Apple to Block Police iPhone Hacking Tools in Future Update
Apple to Block Police iPhone Hacking Tools in Future Update

Apple reportedly started looking into the GrayKey exploit after news of the device surfaced last year. Rather than play a cat and mouse game with the company to patch exploits, Apple just opted to restrict data on the USB port.

Apple Denies Bloomberg Chinese Hacking Story to Congress
Apple Denies Bloomberg Chinese Hacking Story to Congress

Apple continues to deny its own involvement in any Chinese hack, this time to Congress. Meanwhile, Bloomberg isn't budging.