Tristan Rice

Software Engineer and Student


Cracking Dropbike: Data Breach and Free Bike Rides

Edit 2018-09-20T15:42-07:00: Dropbike’s response to these issues

Edit 2018-09-19T19:38-07:00: Updated support comments to more accurately reflect their response.

Note: These issues were responsible disclosed and have since been fixed. This is my understanding of the issues to the best of my knowledge.

To give you a little bit of background, Dropbike is a new bike sharing service that just launched at the University of British Columbia as one of their first locations. They’re only about a year old and based out of Toronto. The service is pretty simple, they have a bunch of bikes with a cell connection and bluetooth low energy locks spread out all over campus. You can use their app to find nearby bikes and unlock them. Overall, it seems like a neat convenient service and I was super excited to have them on campus.