Owner reverse-engineered his ride, revealing authentication was never properly individualized

An Estonian e-scooter owner locked out of his own ride after the manufacturer went bust did what any determined engineer might do. He reverse-engineered it, and claims he ended up discovering the master key that unlocks every scooter the company ever sold.

The company in question, Äike, which filed for bankruptcy last year, built app-controlled electric scooters that rely on a phone and backend servers to do as basic a task as turning them on. That setup worked while the startup was still around. Once it wasn't, owners were left with pricey scooters that only unlocked when the cloud happened to answer.

Some features limped along for a while, others stopped altogether. So rather than trust his commute to a bankrupt startup's servers, one owner, Rasmus Moorats, an Estonian security researcher and penetration tester, took matters into his own hands and started poking around to see how the ...