Nyon Unchained: Forensic Analysis of Bosch's eBike Board Computers

Modern eBike on-board computers are basically small PCs that not only offer motor control, navigation, and performance monitoring, but also store lots of sensitive user data. The Bosch Nyon series of board computers are cutting-edge devices from one of the market leaders in the eBike business, which is why they are especially interesting for forensics. Therefore, we conducted an in-depth forensic analysis of the two available Nyon models released in 2014 and 2021. On a first-generation Nyon device, Telnet access could be established by abusing a design flaw in the update procedure, which allowed the acquisition of relevant data without risking damage to the hardware. Besides the user's personal information, the data analysis revealed databases containing user activities, including timestamps and GPS coordinates. Furthermore, it was possible to forge the data on the device and transfer it to Bosch's servers to be persisted across their online service and smartphone app. On a current second-generation Nyon device, no software-based access could be obtained. For this reason, more intrusive hardware-based options were considered, and the data could be extracted via chip-off eventually. Despite encryption, the user data could be accessed and evaluated. Besides location and user information, the newer model holds even more forensically relevant data, such as nearby Bluetooth devices.