DEF CON is one of the world’s largest and most popular hacker conventions. It happens in Las Vegas each year in late July/early August, and Zwift was featured at this year’s conference in a presentation by Brad Dixon titled “Cheating in eSports: How to Cheat at Virtual Cycling Using USB Hacks”.
Should We Even Talk About Hacking Zwift?
Let’s start here.
Hacking isn’t always a bad thing. Sure, some hackers are are malicious, breaking into systems to do damage, hold data for ransom, or perform other nefarious acts. But other hackers are actually paid to breach security systems so holes can be found and fixed. And others just do it for fun, enjoying the challenge of making a system do something it wasn’t designed to do.
I would put Brad in the third category. And perhaps the second as well. He includes this line at the end of his talk: “Winners never cheat. Cheaters never win. Hackers sometimes cheat for fun.”
The point of Brad’s presentation is to demonstrate the security flaws inherent in systems like Zwift, with the idea that such a demonstration may push Zwift and others to develop more secure systems.
We’re featuring Brad’s presentation here for the very same reason. If Zwift wants to be taken seriously on the eSports level, more needs to be done to mitigate cheating.
Of course, this isn’t news to Zwift. They, more than anyone, know the holes in their system and what it will take to be ready for the world stage (think 2020 UCI championships and the Olympics.)
Presentation Summary
Brad’s presentation begins with a look at the growth of eSports, and in particular the “sweaty eSports”, where Zwift is leading the way. He briefly touches on the colorful history of doping in cycling, then digs into the basics of how Zwift functions.
Things get really technical next as Brad explains the details of the tools he’s developed to hack Zwift, but here’s a simple explanation.
USBQ is a tool Brad helped develop commercially, then repurposed for the task of hacking Zwift sensor data. It’s basically a “man-in-the-middle” tool for manipulating data flowing through the USB bus.
He then wrote a plugin that runs on top of USBQ. In a nod to Lance Armstrong it’s dubbed ELANCE: eSports Leet Automatic Network Cheating Enhancement. ELANCE is used to decode the ANT+ data coming in, manipulate it, then send it back out. It has two modes:
- EPO Mode: boost your power with a multiplier, and set all grades to flat
- Slacker Mode: no work required. Use a game controller trigger to set power levels!
Brad demonstrates his tool in a recorded Zwift session, then discusses the possibilities of using the tool to cheat in actual Zwift races. He says it’s plausible, but you’d have to be careful about it–creating an IRL track record on Strava, using multiple accounts to test the limits of Zwift’s performance verification, etc.
Watch his entire presentation:
Brad’s work on this project, along with related links, can be found at his edope.bike website.
My Thoughts
In his wrapup, Brad makes two key points:
- Indoor cycling’s overall system was not designed for high-stakes competition. Insecure sensor networks and untrusted hardware are not a good foundation for security.
- Electronics and software are part of cycling, now more than ever. These are new domains for cheaters to exploit, and organizations governing cycling need to look at how this affects competition.
Both of these points are obviously valid. But what can be done at this stage to deal with the problem of insecure sensors and other hardware, not to mention the ease of weight or height doping?
To date, Zwift has always held real-world events for their high-stakes races–it makes for more exciting race streams, but it also makes for secure racing! (You can’t cheat weight, height, or power numbers in real-life settings.) Is this the way forward? Will the vast majority of Zwift races be open to edoping, while only a few top events per year are held in the real-world?
I think we can do better.
My hope is that Zwift’s new Fitness Tech division can lead the way in pushing for more secure communication protocols and hardware to help reduce or eliminate edoping. Because if Zwift racing is going to explode on the world stage, it must first be more cheat-proof for everyday races in our homes. A more trustworthy system will ignite a stronger spirit of competition and fair play which will raise the stakes and competition levels of all races, including the big ones.
Your Thoughts
Do you race on Zwift? How concerned are you about cheating in these competitions, and what solutions (if any) can you propose? Share your thoughts below!
That is a lot of work to win a race. If this does become serious Zwift should start holding live races like they have for rowing called the erg sprints. Everyone rides a wahoo or similar bike so now theres no cheating. I messed around with my weight to see what would happen and boy does it make climbing a lot easier but I still wasn’t winning any races.