Di2 Security Vulnerabilities investigated by GPLama

Published February 21, 2019 by BetterShifting, Last updated November 4, 2020

Shane Miller aka GPLama is well known for his extensive turbo trainer tests and in-depth tech content. His YouTube channel contains a lot of great content for the more tech-minded riders among us.

Having recently bought a Di2 bike Shane has been looking into the little quirks and general Di2 weirdness – both the good and the bad. This time he investigates Di2 security and explains how someone else can use any Garmin head unit to change your synchro-shift settings any time they like.. and there’s nothing you can do about it. Other than disconnecting your EW-WU111/Wireless Unit of course.

While Shane makes it sound like riders will fall off their bikes and die, the real world implications of this issue are a bit less serious.

Nonetheless it is a big security issue and since this video was originally posted Shimano have made it possible to switch off BluetoothLE and ANT+ radio in the E-Tube application. Switching off the ANT+ signal should resolve this issue..

Click the image below to view the video on Shane’s YouTube channel.