Without access to “God mode”, runners are hacking their treadmills


NordicTrack owners are not giving up yet.
Enlarge / NordicTrack owners are not giving up yet.

Sam Whitney | fake images

JD Howard just wanted to see cloud security tutorials. Howard, a construction industry worker on a sabbatical, spent $ 4,000 on a NordicTrack X32i treadmill, lured by its 32-inch HD screen and the opportunity to exercise the body and mind. His plan was to spend his time outside of work exercising while watching technical videos from learning platforms like Pluralsight and Udemy. But his treadmill had other ideas.

Despite having a huge screen, NordicTrack’s hardware pushes people to subscribe to exercise software operated by iFit, its parent company, and does not allow you to view videos from other applications or external sources. IFit content includes exercise classes and running routes, which automatically change the incline of the treadmill based on the terrain on the screen. But Howard, and many other NordicTrack owners, weren’t drawn to the hardware by the iFit videos. They were drawn in by how easy it was to hack into fitness machines.

To get into his X32i, all Howard had to do was tap the touchscreen 10 times, wait seven seconds, and then tap 10 more times. Doing so unlocked the machine, allowing Howard to enter the underlying Android operating system. This privilege mode, a kind of God mode, gave Howard complete control over the tape: He could download applications and, using a built-in browser, access anything online. “It wasn’t complicated,” says Howard. After entering privilege mode, he installed a third-party browser that allowed him to save passwords and activate his beloved cloud security videos.

While NordicTrack does not advertise privilege mode as a client feature, its existence is not exactly a secret. Various unofficial guides tell people how to get into their machines, and even the iFit support pages explain how to access. The only reason Howard bought the X32i, he says, was because he could access God mode. But the good times didn’t last long.

Since October, NordicTrack has been automatically updating all of its exercise equipment – bikes, ellipticals, and rowing machines have large screens attached – to block access to privilege mode. The move has infuriated customers who are now struggling and finding solutions that allow them to skip the upgrade and see what they want while exercising.

“I got exactly what I paid for,” says Howard, adding that he already had a “horrible” treadmill with no screen before he bought the internet-connected model and he’s subscribed to the iFit software too. “Now they are trying to remove [features] that are of vital importance to me. I do not agree with that “.

Another NordicTrack owner, who asked not to be identified, says the tape is one of the most expensive purchases he has ever made and that he was “outraged” when the update prevented him and his partner from watching Netflix, YouTube and the Premier League. English. stands out while exercising. “You actually pushed an update to stop me from doing this, which is really weird,” he says. “It’s very frustrating because this beautiful screen is here.”

They are not alone in their complaints. In recent weeks multiple threads and publications regretting NordicTrack and iFit’s decision to block privilege mode has surfaced online. Customers complain that they have spent thousands of dollars on their machines and should be able to do whatever they want with them, with many arguing that being able to watch their favorite shows means they are more likely to spend time exercising. Some say they value the ability to stream iFit workout videos to a larger screen; others say they want to use their treadmills for Zoom calls. Many complain that, unlike previous software updates, they were forced to lock privilege mode.

“The privilege mode lock was installed automatically because we believe it improves safety and security when using fitness equipment that has multiple moving parts,” says a NordicTrack and iFit spokesperson. The company has never marketed its products in order to access other applications, the spokesperson adds. “Since there is no way of knowing what kinds of changes or errors a consumer might introduce to the software, there is no way of knowing what specific problems access to privilege mode could cause,” says the spokesperson. “Therefore, to maintain the safety, security and functionality of the machine, we have restricted access to privilege mode.” The spokesperson also emphasizes that the privilege mode “was never designed as a consumer-oriented functionality.” Rather, it was designed to allow the company’s customer service team to remotely access products to “troubleshoot, update, reset or repair our software.”


arstechnica.com

Leave a Reply

Your email address will not be published. Required fields are marked *