+86 400-003-5559 CN


Let’s Talk Security Tech About President Biden’s Peloton Bike | DC Rainmaker

tagsresistor 0402

In the past week,

For safety reasons, President Biden will not be able to bring his apparently beloved Peloton bicycle to the White House. The reason is that Peloton bicycles not only contain network connections, but also cameras and microphones. Cameras and microphones are designed for sports with friends, similar to Facetime, etc., although in reality few people use them. There are also Bluetooth and WiFi.

Nonetheless, cameras and microphones, as well as wired and wireless connections, do cause safety issues in any technical equipment (be it bicycles or phones). This is why in most high-security environments, such devices are strictly controlled (if allowed). However, there are speculations that somehow prevented Biden from bringing their Peloton bikes, which is stupid.

Here, let me explain.

Now, the first thing about Peloton bikes is that there are actually two main models of Peloton bikes: The Bike and

. They are similar in many ways, but they are also very different. From the perspective of the basic bicycle frame (the bulky metal parts), they are actually the same. However, the difference lies in the screen and there is an electronic resistance unit on the Bike+. But this has nothing to do with dialogue.

The basic design of these two bikes is that the top screen is

From a smart point of view. Essentially, it is a giant Android phone, but uses a large touch screen. The device runs Android (different versions, depending on the bike), but the average consumer will never really notice this. However, the Android platform does make it more attractive to attackers (and easier)


Both bikes have cameras on the top of the screen, but the Peloton Bike + also has a camera cover. This small piece of plastic allows you to cover the camera.

The microphones of both bikes are located above the screen. For the original Bike, it can actually be seen above the camera on the screen border. And Bike+ seems to place it behind the speaker structure.

Both Peloton bicycles have a dedicated headphone jack.

In terms of connectivity, although only the original Bike has built-in wired Ethernet, both bikes have WiFi connectivity. Instead, Bike+ requires someone to purchase a USB-C to Ethernet dongle to enable a wired connection. There is also a Bluetooth audio device (paired with a heart rate sensor). If you look at the device from a security perspective, they are likely to also intend to physically disable the Bluetooth connection, or they may pair with nearby Bluetooth audio devices.

Daily use does not require a camera and microphone, but a network connection is required. Without a network connection, you will not be able to load the course you want to take (or take a live course), and you will not be able to see any training data over time. However, you can use the unconnected bicycle in the basic mode without connection (basically like a simple spinning bicycle).

Now, although all these things are considered security risks, there is almost no precedent in the White House. In fact, in the end, as mentioned earlier, the Peloton bike is just a huge Android phone. However, in reality, every U.S. government agency has a department dedicated to dismantling equipment and making it stronger. But the type of "space" they want to enter must first be determined. For example, although there are many places in the White House that are considered sensitive segregated information facilities (SCIF) where confidential information can be discussed, many places do not. It is in these parts that most of the day-to-day work takes place, and the staff carry government-issued and personal equipment (the exact policies vary from government to government, and even within the government).

Of course, you should always be cautious when using any device and discussing official and confidential information. However, nowadays, iPhones, Android phones, smart watches, etc. have become the norm. For the classified information that will be discussed in the category "facility" (the term "facility" here is more of a building than a specific building-in some locations, the facility can be the entire building, and in other locations, it can It's a single small room).

Nevertheless, governments around the world have a long history of protecting equipment in unclassified (unclassified) and high-end (classified) areas. For high-security situations, they will dismantle them, understand how they work, delete risky components, and then put them back in place. This is not news. Just check the current PDB ("President’s Daily")

, as a

There are rumors that the former first lady Michelle Obama once or once owned a "Peloton" bicycle without a camera/microphone, but this does not relieve the security department from placing any connected devices in the White House. Trouble in the house. If the location of the equipment can be guaranteed, these same departments will still disassemble the equipment and carry out normal safe work. Peloton's removal of the camera/microphone will only save the government team's time to make the device work after disabling these components (because it usually fails various internal checks).

No matter what type of bicycle appears, the White House staff

It will then strive to follow standard safety guidelines (so-called STIG)

, And then they worked with other intelligence agencies to complete a more detailed assessment of the risks of that particular Peloton model to decide where to place it and what strengthening steps could or might not be taken. Considering how many government officials (such as embassy staff and former administrative officials) own Peloton bicycles, this is undoubtedly done many times before and is well documented.

Finally, although my Peloton bicycle is currently sitting in our bedroom-in the context of the White House, there is no doubt that confidential information will be discussed as the need for any president to consider through a difficult decision to put the bicycle in the White House. Is zero. After all, the White House is a huge building, including a gym, bowling alley and theater. Peloton bikes can be easily placed in the White House Stadium or another safe room just for exercise. You can see some long

So, in the final analysis, the task of ensuring that electronic devices/connected devices work in the White House is an easy-to-understand path that has been carried out countless times on more technically difficult devices. And more importantly, for more common equipment, it is continuous. Putting the connected bicycle somewhere in the storage room has a very low complexity factor for these departments.

Therefore, there is no doubt that the President and First Lady will continue to use their bicycles (regardless of the model) for some time to come.

There is-thanks for reading!

Your email address will not be published. The necessary places have been marked.

If you want a profile picture, just register at the following location

, Can be used in DCR and the entire network.

you can

add pictures

The first paragraph you wrote was: "President Biden cannot bring his apparently beloved Peloton bicycle to the White House,"-I think you mean "The White House"

Very strange, thanks!

"Of course, please be careful when using any equipment..."

Maybe "should always be careful"?

Although I am sure that there are many things I can do to reinforce Peloton or other connected fitness equipment, I am less concerned about how the White House IT staff will handle Peloton bicycles than I am about the president’s health data on Peloton.com. If someone were to invade Peloton (the weakest link in this case), it would get information such as the president's human resources data and the hours he worked each day (assuming he had a relatively regular schedule when he was in Washington). Leaked HR data can make people speculate about his health (or if he hasn't participated in exercise for several weeks without obvious reason).

For this reason, I may also care about connected fitness watches.

What caused me to ask this question – must connected fitness apps comply with HIPPA requirements?

The health data is small potatoes. This may imply something, but the "big intelligence coup" that other countries are looking for did not come from this.

If a well-funded opponent thinks the reward is worthwhile, then they can do surprising things. Think of Stuxnet destroying uranium enrichment hardware. It may not be possible, but for a bicycle intended for an outstanding politician, a specific modification was made to the breadboard and some additional "functions" were added, such as disguising the piezoelectric microphone as a capacitor. may. Related hardware, used to store and transmit records when an Internet connection is detected. It is purely my imagination, and I am not very imaginative. Is it possible? Yes, especially considering where it might be produced.

Ray's article is a good primer on the subject, but only realizes that he hardly scratches the surface of IT security in a confidential environment.

Agree, the HR details of a person's (or even the CEO's) exercise have no real value. HRV details will be more valuable, but as we all know, Peloton will not record this data.

"However, for an outstanding politician, a bicycle made specific modifications to the breadboard and added additional'features', such as piezoelectric microphones disguised as capacitors and associated hardware for storage and storage. , Of course this is not beyond the scope of possibility. The recording is transmitted when an Internet connection is detected."

In fact, in fact, *not* customizing a custom Peloton is a good reason instead of choosing a custom Peloton instead of a custom custom component, not a custom custom component, which is more vulnerable to the whole The crowd's harm awareness chain.

"Ray's article is a good primer on the subject, but only realizes that he barely touches the surface of IT security in a confidential environment."

Yes, my goal is to maintain a basic foundation here. The depth required to install devices in a confidential environment is very long (incredibly, even unupgraded), but in the end, I don't think they will be on the path to upgrade. They just posted it elsewhere in the White House, which is a low-risk area for such sensitive discussions. This is ultimately all part of a comprehensive threat assessment.

Place your bike in a dedicated "gym" room with your own private network (wired or wireless access point). Security personnel only enable the gym network when using bicycles, and if the "president" needs to interrupt exercise, they will shut down the network.

I can’t imagine a feature. When I exercise and sweat profusely, I would want fewer features than the camera and microphone! In particular, all objects are closed like this, and closed at least flattering angles known to mankind. Lol. Does anyone actually use this feature?

Before the pandemic, I actually thought so. Now, I regularly schedule time with various friends through video chat. This is a safe way to connect, exercise and motivate each other. It's like panting together in the gym. I doubt it very much, but like it now!

Very cool post-thanks for your insights.

The former president installed a golf simulator with internet connection in the White House. They will also manage a bicycle.

Thanks for your detailed post. However, this even needs to be a story seems a bit crazy. Staff at the White House should not only be able to install this equipment safely.

I am very disappointed that there is no pinball machine in the White House game room.

Obviously, if they want, they will put a spinning bike in it. The point of this story is not to really worry about whether they can, but to convey to people that Joe owns and uses the trombone. For this reason alone, this story was put on the media. In my opinion, this is not a political thing, all presidents will do these things (they publish the books they should read, the music lists they curate, set up golf simulators, etc.).

That's it.

Easy fix: throw away POS and get Neo LOL

I agree with that!

The irony is that it doesn't really solve the problem. For example, if he continues to use Zwift, he can still connect to Internet devices. It's just from becoming a large Android phone to becoming an iPad/iPhone/Android/Mac/PC, but the problem is still basically the same.

Of course, in the app world, there are more disconnect/offline options, but all of them require at least Bluetooth/ANT+ to be enabled.

I used to work with an agency that needed an airtight system, so any incoming information had to be printed or transcribed, and then manually entered into the next system. This is labor-intensive work and requires people (we don't trust people), so it caused a long discussion about scanners, MFD, fax and fax, and finally we can use modems instead of faxes!

So interesting?

I want to know if GPS watches like Garmin will harden. I. Displaying data such as the location of the president will be a security issue. I know it is not real-time (except for real-time tracking), but can anyone use it like this?

President Obama had Fitbit Surge, which is Fitbit's GPS activity tracker.

It (or Garmin) can be used offline without any practical problems. Generally speaking, Garmin is actually the only option left, and if you don't want it, you don't need an online account/connection at all. All other devices on the market require at least the initial instantiation using the phone/online platform.

Presumably, President Biden can always replace the safe spinning class with actual people in the conference room. Get secret service on a spinning bike, plus coaches and inspiring music. Tada has no safety issues. But yes, neutralizing the camera and microphone also seems simple.

But then you must neutralize those who know too much. Just like a spinning coach, knowing that you give up after 4.5 minutes every 5 minutes...

Have you ever posted a capillary ball comment? Interested in learning more about Bike+ accuracy.

I swim, bike and run. Then, I came here to write down my adventures. It's that simple. most of the time. If you are not familiar with these parts,

my story.

You will support the site and get ad-free DCR! In addition, you will become even better. Click all the details above. Oh, you can sign up for the newsletter here!

Want to save cash and support the website? The first use of the discount code is DCRAINMAKER's Backcountry.com or "Competitive Cyclist", you can save 15% of applicable products.

In the UK/EU/Australia/New Zealand? Then click Wiggle in the link below!

In addition, for all other products on the earth, just purchase products from Amazon through the link below, and I will give back to you as an Amazon partner. No cost, as easy as a pie!

Do you want to compare the functions or even the details of each product? No problem, the product comparison data will be constantly updated, including new products and new features added to the old products!

Do you want to create comparison charts for GPS, heart rate, power meter, etc. like me? No problem, this is the platform I use-so can you!

Think my written comments are profound? You should check my video. I brought things into a whole new depth of interaction!

Smart coach buying guide: Are you looking for smart coaches this winter? I have covered all units to be purchased (and avoided) during the indoor training season of 2020-2021. The Good, the Good and the Good.



, Contains the advantages of both gadgets and non-gadgets!

Get all the excellent high-quality DCR kits and equipment here! Oh, and free shipping in the US!

I have built an extensive list of my most common problems. The following are the most popular.

You may have stumbled on comments about sports gadgets here. If you want to decide which unit to buy, please check my 

. When printing out some comments, they are more than 60 pages long and contain hundreds of photos! My goal is to spare no effort.

This is my nearest


 -Covers almost all categories of sporting goods. Looking for the equipment I use every day? I also put my integrity 

, From swimming to cycling to running, and everything in between (and some other operations). It is commendable 

. Enjoy, and thank you for coming!

I travel for work and entertainment. This is a bunch

And the daily travel log I compiled and published. I have sorted everything by world geography to make it easy to figure out where I have been.

With the exception of the "best GPS watch for me" variant, the most common questions I receive are photography-based. Therefore, in order to reduce the number of emails that need to be sorted every day, I follow

Post for your curiosity! From daily sports technology lectures to today, this is a good break, I hope you can learn something from it!

Many readers stumbled into my website to search for information about the latest and greatest sports technology products. But in the end, you might be wondering "What will Ray use when not testing new products?". Therefore, here is a list of the latest products that I like and fit my bill. My training needs are greatest!

. But wait, are you a woman and think these things may not apply to you? If this is the case (but certainly not that my choice is bad for women) and you just want to see other gear fans "picky", please check