Home About Me Projects 29 Jan 2015 on reversing , nike , nike+ fuelband se , fuelband , nike fuelband , hacking , BLE , bluetooth low energy , protocol , authentication , bluetooth , nikeband During the last two weeks I had fun playing with the BLE protocol of the Nike+ FuelBand SE , a device to track daily steps, calories, time, etc. I've completely reversed its protocol and found out the following key points: The authentication system is vulnerable , anyone could connect to your device. The protocol supports direct reading and writing of the device memory , up to 65K of contents. The protocol supports commands that are not supposed to be implemented in a production release ( bootloader mode , device self test, etc ). I've published a proof of concept Android application on github , don't expect it to be production ready code of course, but it works :) Becau...