This was passed along to me this morning
Talk of banning the Flipper Zero in Canada
and
This was passed along to me this morning
Talk of banning the Flipper Zero in Canada
and
Funny. I ordered one to play with last night.
Oh yeah. Where did you order it from? I’m also finally picking one up.
I ordered it direct and had it shipped to Blaine. The official Canadian supplier is out of stock, and the EU supplier was charging quite a bit more between the conversion and shipping
Maybe they should just require more secure lock systems from auto manufacturers… I’m sure you can do all the same things with any software defined radio, and I bet the criminal organizations that ship the cars abroad can afford the extra $100.
Isn’t flipper zero firmware also open source? Are they going to ban the Github repo and all of its forks?
Oh no and I haven’t had the chance to get mine yet. Hope I can grab one before it’s to late.
This is honestly the RIGHT answer to the problem but since when did the government do the right thing and blame the manufacturers of the vulnerable equipment.
This is a typical knee-jerk reaction from the government. Just like the boat license. (you could also add the hunting rifle ban too)
Just so it’s clear, the flipper zero can’t steal cars. It’s the wrong tool. I mean, if you had two of them, and you stood next to the car, maybe you could grab a code and jam the owners remote, but I think the owner would notice.
It might be of more use in a denial of service attack. But that would be the most that would be possible.
All new cars use rolling codes, and the flipper does not and can not “crack” them. If you capture a sent code, and replay it, the car will generally lock out the remote, resulting in you having to resync the genuine remote.
I don’t know a lot about stealing cars but I believe you want a relay attack for that, something that can make the keyfob think you’re near the car, so the keyfob does it’s thing and unlocks the car then you transmit that to the car.
Far easier to (again, I know little about this) but far easier to use the exposed usb ports that make this trivial.
As was said, the manufacturers are to blame, and they should issue a recall for all the cars that are vulnerable. A proper immobilizer would solve a lot of these problems.
What the flipper has done for me is this. Now I am knowledgable about keyless entry systems (on buildings) and I know which ones are secure and which ones aren’t. I can tell one of my clients “sorry, this uses rfid technology and is completely insecure, easily copied, in fact I can show you” vs “this seems to use desfire technology and doesn’t authenticate soley on uid, it’s currently not possible to copy and is secure.” It’s not like the security companies tell you the truth with this stuff. It’s resulted in a number of buildings that I know or am associated with make better decisions and end up with more secure building access systems than they would have otherwise.
Also, I didn’t have to stress that my mum couldn’t find the original remote to her tv. No sweat. =).
So strange to call out just a single open source device by name. How about we get legislation requiring a thorough security review of every new smart/IoT/wireless/internet-controllable/bell/whistle in a consumer product instead of banning the tools that merely enable security research to take place in the clear?
Who are you and can you show me how to use my flipper you have it figured out. I bought one but never had the time to really.use it or a reason.
It’s the same mentality has banning legal gun ownership; criminals can get an illegal gun off the street for $200, no questions asked!
I don’t think this is true, this argument is apples and oranges.
Flipper Zeroes, or a reasonable facsimile, can be assembled by the average hobbyist with other easily available components.
I mean, don’t expect anything exciting, but I can definitely show you what I’ve learnt, And help you tell the difference between secure and insecure technologies for some things. (You may want to avoid the insecure ones in critical applications.)
Again don’t expect anything exciting, but fyi, my knowledge mostly lies, and it’s not very deep, in rfid, And a little bit in the rest, but I’ll always happy to share what I’ve learnt.
Poke me on slack (I can’t find you!) and we’ll arrange a time/date? I’m posting this publicly in case anyone wants to join us, you’re totally welcome to! If you do, same invitation!
The biggest crime here is that secure technologies DO EXIST. We don’t live in the dark ages any more (well we do- the state of the world makes me so so sad- but technology wise). And then insecure technologies are used for various reasons.
Hi Omid & ObsidianPurr,
Thank you Omid! Do you mind if I join in your session? I am more interested it in from a Insani Haqq defensive point of view (words used to dodge some nefarious crawlers).
Thank you!
This argument is indeed apples to agent orange!
Gun confiscation has always preceded a Government Directed Genocide: Soviets, Nazis, Mao, etc.
We can discuss this over beer.
Flipper Zero Event by VANLUG by Levko Kravchuk!!!
Saturday, March 9, 2024 at 2:00 PM to 4:00 PM PST
350 W Georgia St · Vancouver, BC
on the 9th Floor function room 916, 917 and 918.
Please RSVP at:
Of course you can join us, that’s why i posted this publicly!
I poked you on slack to sort out a date/time!
I have a US address if someone needs an education tool.