YOU KNOW THOSE SEGWAY THINGS AND HOVERING PRAT PLATFORMS? Well, good news. IOActive's embedded devices security consultant, Thomas Kilbride, as found a way to hack the bastards and stop them in their tracks.

Kilbride, aka the fun killer, has blogged about all the yucks he must have had when he discovered that a little reverse engineering could let him take control of the wanker planks, and potentially put passengers in a precarious position.

"However, there are currently no regulations centered on firmware integrity and validation, despite being integral to the safety of the system. As my research indicates, this lack of regulation could lead to a number of dangerous situations," he explained.

"Using reverse engineering and protocol analysis, I was able to discover a number of worrisome security threats," continued Kilbride. "For example, I determined that riders in the area were indexed using their smart phone's GPS. Therefore, each rider's location was publicly available, so the hoverboards could be found, tracked, hijacked, and controlled without the rider's knowledge."

We reckon that most people know someone who owns and rides these things in their local area, they might even have a name for them, but this kind of information may be useful to people without such easy access and evil plans in mind.

The hoverboard killed by Mr Kilbride let itself down by not changing its default password from a set of zeroes despite user intervention. That means it will let you down as well.

Speaking of his experiences with the Segway Ninebot, which looks like a quick way to reconnect with the ground to us, Kilbride said that he discovered several critical vulnerabilities that were wirelessly exploitable.

For example: "Even though the rider could set a PIN, the hoverboard did not actually change its default pin of "000000." This allowed me to connect over Bluetooth while bypassing the security controls. I could also document the communications between the app and the hoverboard, since they were not encrypted," he bemoaned.

"Additionally, after attempting to apply a corrupted firmware update, I noticed that the hoverboard did not implement any integrity checks on firmware images before applying them. This means an attacker could apply any arbitrary update to the hoverboard, which would allow them to bypass safety interlocks."

Our advice: Keep your feet planted on the floor. µ