Get the top HN stories in your inbox every day.
tkems
CraigJPerry
>> or somewhat expensive and complex SDR
I don’t think that’s as accurate today as it used to be.
On the hardware side there are tons of options very cheaply available - iirc the flipper uses the c1100 (or a number like that) it’s a popular cheap chip and it’s well documented and interfaces easily with arduino.
More accessibly, lime mini SDRs are cheap but there’s quite a few alternatives too.
On the software side GNU Radio is free with decent tutorials - we’re not talking anything like blender levels of difficulty to adopt even if it is a complex domain.
Although on the more accessible side, urh is incredibly powerful given how easy to use it is https://github.com/jopohl/urh
I used the latter to tap into a 2 channel wireless bbq thermometer via a $10 rtl sdr and that was a breeze, an absolute walk in the park compared to when I reverse engineered the flysky telemetry system.
TeMPOraL
It's not the TX hardware part that will be expensive - but rather bespoke encoding and crypto. Not prohibitively expensive, just annoyingly expensive in money and/or time - enough to prevent anyone except criminals from tampering with those devices.
Or worse, vendors will use it as an excuse to make their products cloud-dependent, with strong cryptographic auth and actual processing done on the other side of the world.
(And with that enabling the rent seekers their recurring revenue, we arrive at the reality foretold by IIRC Philip K. Dick, where you have to subscribe to your own apartment doors.)
(EDIT: the more IoT embraces actual security, the more I feel that US gov had a point in classifying cryptography as munition. Perhaps there ought to be legal limits on using crypto against other people.)
tkems
As someone with a HackRF PortaPack knockoff I got from ebay, I would agree that SDRs are better and cheaper than ever before. However, I think the average person will struggle with using a HackRF for more complex projects. I've used URH before, and while useful, it can be intimidating for beginners.
Also, while I like the RTL-SDR (and the price tag!), you can't transmit with it. While this isn't a deal breaker to everyone, if you'd like to clone a garage door remote, for example, you need to be able to transmit. While you could use something like a raspberry pi and rpix [0], but I think it is more work than it's worth for many. Also, multiple RTL-SDRs are required for higher bandwidth applications like ASTC TV or trunked radios.
With the flipper, I think the main draw for most is the point-click-done nature. Include the Android/iOS app and it makes it easy to configure on the go without a computer. The expandability is one of the main feature that will increase adoption over time compared to the HackRF+PortaPack which, from what I saw in the past, lacked longer-term support and regular updates and new features.
elliottcarlson
The batteries died in my bedroom TV remote a few nights ago, it wasn't until I went to replace them did I notice that one of the batteries had leaked and seems to have caused some corrosion on the contact, so until I clean it up I've switched to my Flipper Zero as the remote for it (just need power and audio control, rest is via a Roku stick). Never thought this would be my use case for it, but it worked out perfectly.
petre
> one of the batteries had leaked and seems to have caused some corrosion on the contact
A reason why I have switched to NiMH rechargables. They leak less often. I've also grown tired of recycling spent alkaline batteries. Also Energizer has no leak guarantee on some of their batteries. I've got the green ones, Recharge Universal.
https://www.energizer.com/about-batteries/no-leaks-guarantee
dheerajvs
> phones no longer have IR blasters
Plently of phones still do [0]. I've configured mine to operate all my devices at home.
[0] https://www.gsmarena.com/results.php3?nYearMin=2023&chkInfra...
JKCalhoun
You just need a small Bluetooth-enabled box sitting on your coffee table near the TV that has an IR transmitter and a paired app on your phone that can send commands to the box.
Edit: I had only search and one did appear: https://www.amazon.com/PUCK-Smart-Universal-Remote-Model/dp/...
copperx
Universal remotes are still a thing, and much cheaper than that or a Flipper Zero.
dzhiurgis
Seems much cheaper than "infrared blasters" used for home automation
BossingAround
In other words, Chinese brands still have IR blasters. I don't know I would trust Chinese-brand of phones though.
sofixa
Why not? Most phones are manufactured in China anyways, and Xiaomi, OnePlus, Honor, Oppo are major and very widely popular and used brands all over the world (outside of the US which is allergic to Chinese brands unless it's for cheap crap or to outsource manufacturing to).
chpatrick
In terms of functionality they're night and day compared to Western brands which seem to just enshittify their devices while raising prices. They're all made in China at the end of the day.
MuffinFlavored
> Lots of things use that range (garage doors, gates, fan remotes, etc.) and are not very secure.
https://en.wikipedia.org/wiki/Rolling_code I didn't know this wasn't secure enough. I thought this was the basis of most modern vehicle keyless entry too?
It is hard for me to not think of the Flipper Zero as a script-kiddie tool to do super illegal things like open your neighbor's garage illegally.
tkems
While rolling codes can be secure (KeeLoq [0] is a more secure example but has it's own issues), this [1] is an example of some of the weaknesses that can happen if a rolling code algorithm is broken. I have personally been able to capture, decode, encode, and transmit garage door codes using that python script and a HackRF (which can also be done with a flipper and custom firmware).
MuffinFlavored
Can you help me understand why rolling code attacks aren't broken on most cars but are broken for garages?
Also, are attacks like this real/common/easy to pull off? https://youtu.be/1SUGf6OwRzw Where the signal is amplified from the key inside the house to the car. How does the car/keyfob not detect it's signal/noise ratio or time for roundtrip is all messed up distance wise?
bookmark99
A friend got this for me, but I'm struggling to put it into any useful purpose, any pointers with things I can experiment it.
Using it as a remote seems so cool, esp bc I lost my roku remote not so long ago so if you have any resources that could help I'd appreciate it.
The documentation I've seen so far seems far and scattered and it seems people are more scared of being implicit in illegal activities based on their resources.
tkems
For IR remotes, there are a few ways to go about it. If you have a remote you want to clone, you can just use the flipper to clone and map buttons to a custom remote. If you don't have the remote and have a common device (like TVs), I would check this repo on Github [0] and see if you can find a compatible IR file. Note, you need a micro SD card in order to move the files onto the flipper, but a small one works fine.
I've had good luck with the basic universal remote when I'm in a pinch. Also, you can create custom IR files, but it can be a pain with encoding. The flipper forums are a good resource too [1].
rft
Seems like there is at least a bit of interest [1] to convert lirc definitions [2], which is great, because there are so many of them. There even is a definition for my about 30 years old hifi! A really nice hack I saw is to send the code via something that reads lirc and capture it with a flipper in learning mode [3].
[1] https://forum.flipper.net/t/is-possible-to-convert-irplus-fi...
bookmark99
sweet. thank you
spacecadet
Great tool for learning Bluetooth Pen-testing. I run BTCTF-Infinity on an ESP32, powered through the flippers GPIO. It creates the BTCTF environment and I use the flipper to crack the examples. Kinda like a self-contained gaming handheld for BT practice.
Nexxxeh
Not answering your question, but the Roku app includes a better version of the remote.
sbdaman
You can buy a Roku remote for like $5.
devilsAdv0cate
[dead]
5440
My son was just arrested for using this in his hacking club at high school. Be careful if you have kids with one. According to witnesses in the room, he was showing it to kids in his hacking club and they all thought it was just turning off Apple phones in the classrooom. Apparently, it turned off phones including several teachers in adjoining classrooms. Anyways. The police came to the school and arrested him and are threatening him/us with federal crimes. They also executed a search warrant in our house and took all electronics. Its been a little traumatising to say the least.
d1str0
Sorry to hear about this. You probably shouldn’t post anymore about this for legal reasons.
For other readers, I’d be curious the jurisdiction.
The specific app that can turn off iPhones requires the “unleashed” firmware I believe.
Also, regarding legality, if you are DoSing cell phones, you are creating a hazard where users are no longer able to contact emergency services, and this is the most likely avenue of charges, as opposed to FCC fines (if in USA) for using locked spectrums.
127361
And so do reinforced concrete walls, they block the signal and thus prevent emergency services from being contacted too. And so many other things. Radio communications are unreliable by default. Someone's prank should not result in criminal charges unless tangible harm has occurred.
Reubachi
Intent, not the act is 99 percent etc etc. Wether or not harm took place does not matter, if it did, the entire basis of our legal system would rely upon only direct evidence of violent acts.
This is why attempted murder, kidnapping, etc is a charge. We do not yet have a charge of "attempted mass personal device disablement". and there is no reasonable case for......"manslaughter" of a device.
Being "realistic"/less analagous; Your mobile device is the most important inanimate object to you in every single category imaginable. And this is the case for most of humanity for some time now. If someone knowingly removed my access to my personal device maliciously, I would suddenly start caring very much about seeing that persons freedoms taken away.
Edit: after rambling I wanna reiterate my first bit....intent is 99 percent. In this case, it's a kid. The law has context, and I think they should of course be lenient.
nikolay
So, in San Fran, people break into cars and steal from stores, and they are not even arrested, but kids who are into electronics are being charged as the biggest criminals. It reminds me of the girl [0] who was into Chemistry and was charged with terrorism.
tamimio
There teachers are crazy and so is the police being this overdramatic while the actual crooks are out there free doing their crimes while they busy arresting kids, crazy!
jmrm
I find really excessive having the police involved in those things, specially when are child doing dumb things that hurts nobody.
I done a worse "hacking" actions when I was 12 and I were grounded without any access to any electronic device outside TV at lunch/dinner
obscurette
40+ years ago I did some dumb things in school as well. But in all cases I got punished by my father. Not because I hurt somebody, but because I wasted a lot of people's time who had to deal with consequences from my actions. I didn't respect other people and their time and it was enough for my father to punish me. And he had every right to do so.
When I was a teacher some time ago some kids did a dumb things as well – they "hacked" schools' computers by putting some really sticky putty under keyboard keys. I wasn't allowed to punish these kids by ordering to clean it after themselves and parents agreed to pay for a new keyboards after weeks of "discussions" with lawyers involved.
d1str0
They didnt know who was causing it or why. Blocking a persons ability to contact emergency services, by DoSing their phone can be devastating.
OOPMan
Right, but did anyones attempts to contact emergency services get affected in this case?
I'm guessing not.
No matter how you paint it, this was probably rather excessive on the part of the police.
tamimio
>Blocking a persons ability to contact emergency services
Looks like they still can call the “emergency” given the police was there after.
jaystraw
As someone with two and a half -- yes, and a half -- felonies for computer trespass from when I was in highschool, at 17, freshly 17, in 2003...I feel for you. Longer story, obviously. But no one knew how to deal with the situation, so "Something has to be done!"
In the words of Governor William J La Petomane, one of Mel Brooks' characters from Blazing Saddles, "We have to keep our phony baloney jobs gentlemen!"
127361
When I was a teenager I would pour Coca-Cola into the school computers after seeing a fellow student get into trouble for similar stuff. Never got caught for that. It's acid and worked especially well against powered up electronic equipment.
I wouldn't be surprised nowadays they would just start a rumor about the teacher's sexual misconduct or grooming of the students, in response, instead. And the accusation could spread and escalate, completely destroying the life of the teacher.
A certain percentage of the population will just make stuff up if they have the opportunity to do so, and "juicy" gossip can spread virally. So if they ask for "witnesses" to come forward, they will. Sex offenders are hated so much in society, they get beaten and abused in prison all the time, so it's essentially torture in the end.
bimguy
Assuming teachers were in class teaching when this occurred.
What do teachers use their phones for during class that they would have noticed this?
Genuinely intrigued as you never caught a teacher on their mobile phone in class when I was in school.
127361
Those are the actions of a de-facto police state.
devilsAdv0cate
[dead]
ChuckMcM
This is a super fun gizmo, it's discord channel is, uh, not great.
One cool thing is that you can talk to it serially. I pretty quickly had it organized with an IoT temperature sensor so that it could send commands to my ceiling fan given the temperature in my office.
I have also used it to capture the NFC code on a hotel card key so that I could still get into my room even after my key was inevitably "damaged" by nearness to other fields.
Some parts of it are silly, like the Tomagachi type game with the dolphin. Doesn't add value for me, but I can see how it might be something for someone.
There is also growing awareness with agencies about its flexibility, some apocryphal stories of them being confiscated by TSA checkpoints have come in.
Writing your own apps for them has a fairly high learning curve.
tekeous
The dolphin game is to allow them to avoid some import/export restrictions by classifying it as a toy, which it is, and not a hacking tool. It’s not a professional device.
justsid
The Discord server is terrible. It’s both overrun with kids and yet also weirdly harshly moderated.
The device itself is fantastic though. Gives me some real Pebble vibes in all of the best ways. It’s very hackable and even though I don’t do crazy pentest things with it, it’s just an overall fun device.
MOARDONGZPLZ
The reddit is the same way. All the threads are new people asking how to use it to “have fun” by “hacking” vending machines and stuff, or for help convincing their parents to let them get one, or whether it’s worth their allowance to get.
I do have one, I think it’s a fun thing to have in my bag, but haven’t had any luck finding forums of responsible adults, or even just adults, discussing development or things to do with it. Even the “adults” who post about it inevitably do something like get fired because they take it to work and try to clone their own badges and the enter their work with the flipper.
Sorry for the rant.
cruffle_duffle
Was going to say the exact same thing about /r/flipperzero. It feels more like a fan subreddit full of kids, which.... ain't my scene at all. People on that subreddit make it seem like it is this amazing thing that will get you in jail or something for posessing.
... But after owning one? I dunno. It's a neat gadget but to be honest about the only practical thing I've got out of it is cloning our apartment keyfobs and duplicating hotel cardkeys. Otherwise it's kinda fun opening up tesla charge doors and messing with iphones using Bluetooth LE. Somebody somewhere was starting a project to add CANbus support, which would be a perfect fit for the device.
I feel like the ecosystem needs a better way to add "apps" to the device. I might be missing something but it doesn't really have any official app registry or anything. Something like you'd see for npm, pypi, or platformio.
evilduck
There's a ton of TikTok/Instagram nonsense showing it out in the world doing those things.
A large volume of the stuff you can do with it is just spoofing a USB keyboard and running console commands. You could do that for years with tons of existing microcontrollers the price of a hotdog, but suddenly script kiddies have taken notice and are willing to pay 100x for the ability.
m0llusk
The dolphin annoyed me immediately, but it turns out that all of the graphic assets are simple to find in the firmware so it should be quite easy to change the look and feel of operation into something other than fun time with dolphin friend.
rdslw
Friend of mine has 3 yrs old. The "dolphin" is in constant use by the child. "What is he doing now?" " Let's check what dolphin is playing with today". "What does it say" "Does he miss me?" "Let's play with him".
It quickly became pal of the child.
Friend told that is one in top 5 toys of the child now :)
devilsAdv0cate
[dead]
futhey
When people realized anyone with a sophisticated police scanner could listen in on cordless (and then early cellular) phone calls, it forced manufacturers to actually implement a bare-minimum level of security on those devices.
I hope this pushes more manufacturers to switch to rolling-code algorithms (like the key fob your car uses), in place of simpler, less secure codes that can be captured and replayed.
tivert
> When people realized anyone with a sophisticated police scanner could listen in on cordless (and then early cellular) phone calls, it forced manufacturers to actually implement a bare-minimum level of security on those devices.
Did it?
IIRC, the biggest thing to fall out of that is the US government banned scanners that could pick up the frequencies commonly used by cordless phones.
cruffle_duffle
> IIRC, the biggest thing to fall out of that is the US government banned scanners that could pick up the frequencies commonly used by cordless phones.
I recall that. I think the age of SDR's made such a ban (law?) almost impossible to enforce.
dylan604
When did the age of SDRs begin where these devices were still in vogue? What's the overlap?
forinti
In the 1980s a friend of mine had a German radio which had a larger array of frequencies than that available in my country. It allowed us to listen to the police. Curious, but not interesting.
In the 90s my brother had a portable TV/Radio which we managed to tune into cellphone conversations.
Those were the days you could still telnet 25 to send emails with whatever sender you wanted. I used to send Christmas greetings from Santa to my colleagues at uni.
EA
In the late 1980's I had this VCR that would allow me to tune into over the air TV channels in the eastern US.
Being an elementary aged student poking around, I realized I could use the tuner to listen in to telephone calls somehow. Granted, I lived on a farm and there were probably only two dozen houses within a mile radius of our home; the nearest being a quarter mile away. I had a small rabbit ear antenna on the back of my CRT TV that could have been plugged into the VCR.
I don't recall the actual hardware I had.
I never figured out if I was listening to cordless phones (seems they would not be powerful enough to reach me), cell phone signals (there were few cell phones in my poor rural community I assume but I guess there could have been travelers on a nearby highway), or CB radio signals from truckers on the highway (these seemed like mundane person to person conversations; not trucker conversations). Perhaps it could have been long distance HAM operators though they didn't seem to use any HAM protocols while speaking.
ashleyn
Likely first-gen cell phone service (AMPS)[1]. Calls were entirely unencrypted analogue audio transmitted in bands formerly allocated to UHF television. Your VCR was likely a pre-83 model, which is when the frequencies were reallocated to AMPS[2].
[1]: https://www.telecomtrainer.com/amps-cellular/
[2]: https://en.m.wikipedia.org/wiki/Pan-American_television_freq...
porbelm
Well, DECT wasn't exactly very secure, and neither was GSM (2G) call encryption. And check out the recent TETRA-related CVE's for more fun ;)
IshKebab
Sure though in some cases it isn't worth the cost or effort, e.g. kinetic light switches. In some cases it's appropriate to expect people to not be arseholes.
w-ll
[flagged]
ChrisArchitect
Recent news discussions:
Flipper Zero can be used to crash iPhones running iOS 17
https://news.ycombinator.com/item?id=37919396
Apple Shuts Down Flipper Zero's Ability to Shut Down iPhones
https://news.ycombinator.com/item?id=38656607
Flipper Zero banned by Amazon for being a ‘card skimming device’
https://news.ycombinator.com/item?id=35481580
UK airport confiscates passenger's Flipper Zero
_v7gu
The last one is hilarious, just endless speculation on how the guy could have handled it better, the guy coming in with the account of how he handled thing pretty nicely, and then just crickets.
pugworthy
Good read indeed - a lot of conclusions being jumped to there.
Alifatisk
Someone on Twitter mentioned how some kid managed to crash and shutdown their insulin pump using the flipper zero.
Mad_ad
source? sounds fishy to me, can't believe insulin pumps are so vulnerable.
Alifatisk
https://twitter.com/morganiteproto/status/173065586102911433... https://twitter.com/hackerfantastic/status/17307842936416793...
But it's also from Twitter so take it with a grain of salt.
ablation
I don't have a source for OP's Flipper Zero story, but insulin pumps are surprisingly vulnerable: https://www.cisa.gov/news-events/ics-medical-advisories/icsm...
jandrese
Medical devices with shit firmware are hardly uncommon. I can totally believe someone crashed one with a device like this.
LZ2DMV
Apart from access control systems, it hardly has any good uses in the real world as a pen-testing device. If it was a pocket carry, true SDR, capable of recording RF signals as I/Q, performing actions on them, replaying them, etc, it would have justified its cost. But, with a limited set of modulations supported by the used RF chips, it is more like a toy for hacker wanna-be teenagers than a serious tool.
An investment in something like HackRF+PortaPack clone is far better, IMHO.
tkems
Totally agree that this isn't a good full pentesting device, but I also think that such a device doesn't need to be in order to be popular. Just look at the IM-ME when Samy Kamkar showed it off [0] and it sold out.
Most people don't need a full SDR like a HackRF in order to explore their RF devices and a Flipper gives that too them without the headache of software and the bulk of a full PortaPack.
(I love my HackRF and PortaPack for the record. The Flipper can't complete with the features and low-level access when you need it)
[0] https://hackaday.com/2015/06/08/hacking-the-im-me-to-open-ga...
some-natalie
It's good as a bluetooth presentation remote, sharing QR codes or NFC contact info at conferences, and jiggling your mouse so your VPN connection doesn't die when your laptop locks up. It was handy around the house over the holidays too (https://some-natalie.dev/blog/flipper-at-home/).
It's a decent multitool. :-)
rabbitofdeath
I have found it pretty useful in a few situations: - USB/Mouse keyboard when the iMac you are working on has totally dead batteries for the mouse/keyboard- its not fun but works in a pinch.
- Cloning weird ceiling fans/lights. Apparently I've bought horrible remotes but this helped.
- Used this as a nightstand clock while traveling.
- Used the authenticator app as a backup Yubi key
- Mouse jiggler to keep a computer awake
- blasting tvs at restaurants is a ton of fun and my kids like that.
- And the IR functionality for Nerf Laser Ops Pro (IR laser tag) is an absolute blast - the actual Nerf guns have a delayed trigger, but with Flipper there is no delay or need to "reload" so you are an unstoppable beast.
tkems
Just a heads up about the Flippers U2F implementation [0] and the possible weaknesses compared to a Yubikey/other U2F key.
rabbitofdeath
Thank you for this - It is really more of a backup/testing since I leave my Flipper at home 99% of the time and rely on my real Yubi for a few things. Mainly Github which was just because I can.
bcks
I had a lot of fun playing with the Flipper's Bad USB DuckyScript to automate some repetitive and tedious CMS workflow for a client, filling in a lot of input fields on multiple browser windows with a single press of a button. It improved my productivity and happiness. I've since graduated to Playwright, but it was the Flipper that sparked the idea.
crtasm
> blasting tvs at restaurants is a ton of fun and my kids like that.
You can likely still buy those "every TV" $5 power/volume remotes that fit on a keychain, if they're asking for their own.
byb
I tried using a Flipper with some NFC stickers so I wouldn't have to carry around so many FOBs and cards. It turns out that the Flipper does not excel at this task. It complained that the NFC stickers I bought were non-writable. And it couldn't read all the sectors on some NFC tags. However, I was able to use the Android MCT app to write to the same stickers and read the tags the flipper couldn't read. Cloning required copying strings to the clipboard, which is something the Flipper's UI is not really designed for.
cruffle_duffle
> It complained that the NFC stickers I bought were non-writable.
I'm not an expert at NFC but after playing around with Flipper I've learned that there are different types of NFC devices and they aren't at all interchangeable. They aren't just dumb devices but actual computers that power up and do shit (I think).
blep-arsh
Yeah, Flipper as a concept sounds cool but then I found out the current implementation is rather half-baked and comes with a lot of limitations. And the community is not that welcoming either.
pnw
I would love to get one but articles like this about the Russian connection put me off.
python273
So, they found nothing suspicious with devices or apps.
Also made some far fetched connections of Flipper Devices to companies owning the hackspace Pavel Zhovner worked in, and attributed his trolling and making anti-censorship tools "as actively supporting the authorities in Russia". lol.
sev1
Paranoia isn't the only factor in a purchasing decision. It seems quite clear to me it's a Russian company trying to hide that fact for obvious reasons. I appreciate pnw posting this and making me aware before I decided to send money (indirectly) to Russia.
python273
And how are they "trying to hide" it?
> send money (indirectly) to Russia
Even the report mentions the team members moving to Tbilisi, Georgia. Afaik Pavel moved to Dubai and still has Ukrainian citizenship. So I doubt a significant portion of company's money ending up in Russia, maybe except salaries of a few engineers. But it's pennies compared to how much the regime is paid for the resources, if that's what you worry about.
squarefoot
The device is nothing more than a quite powerful STM32 board with some interesting peripherals added and of course a very powerful firmware/software, which is what makes the difference. However, as everything is Open Source, it can be ported to a similarly designed, possibly different looking, device without the code that phones home, an it probably is what hackers should consider since the Flipper Zero has been banned in some places and being caught with it say in a airport could be enough for confiscation and/or interrogation. Also, it is overpriced for what it contains; they could sell it at half the price and still make a significant profit. And frankly, as someone who is 100% on Ukraine's side against the barbaric Putin invasion, I'd rather use my money to buy some electronics from Ukrainian surplus shops on Ebay.
Jibbedeyeah
[dead]
what-the-grump
As it should, and US consumer protection is failing to act, this is from the report. People do not understand the level of control the Russian authorities maintain over businesses in Russia and citizens.
1. Flipper Devices Inc. is registered in USA as their main office, but no development or business is done at that address. The address belongs to a ”mailbox” company. 2. A majority of registered staff on LinkedIn were until recently registered in the Moscow region, (but suddenly moved to Tbilisi, Georgia according to their LinkedIn profiles.) - No developers remain in Russia according to LinkedIn.
3. TZOR and Neuron Hackspace shared the same address during the period of 2012-2013. (Neuron Hackspace used the address before TZOR was founded.) The Company of the founder of Neuron Hackspace, Esage Lab/TZOR, is placed on US sanction lists due to the DNC hack 2016, under the claim that the company provided tools to the Russian intelligence GRU and FSB. The attributions were validated both 2017 and 2020.
4. The Company and founder of Neuron Hackspace, Esage Lab/TZOR, had contracts with at least two companies that delivered services for the Russian government, FSB and the Russian military.
5. The founder and CEO of Flipper Devices Inc., has been involved in activities, such as running the DDOS site putinvzrivaetdoma.org, that could have attracted the attention of Russian security services.
6. The founder and CEO of Flipper DevicesInc., has been involved in activities since he moved to Moscow that can be interpreted as actively supporting the authorities in Russia, like trying to sabotage Alexei Navalny’s blog in 2014 and building a tool, Zaborona_help, to circumvent Ukrainian blocking of the Russian websites
The assessment is that there is an even chance that Flipper Zero has links to Russian Intelligence Services. The founder and financier of Neuron Hackspace was placed under US-sanctions due to providing tools to FSB and GRU related to the DNC-hack. The validity of the investigations behind the US-sanctions has been confirmed in 2017 (Intelligence community assessment) and 2020 (Senate Intelligence Committee). Pavel Zhovner’s past activities and that he seems to have been an early member of Neuron Hackspace contribute to this assessment.
It is at the same time likely that Russian authorities are well aware of the distribution of Flipper Zero and monitors the situation for opportunities to gain other types of benefits, either in form of influence over the hacking community, recruitment of talented hackers for similar projects or even attacks of infrastructure or other targets in the future.
It is also likely that Russian authorities will remain to have a substantial influence or control over this hacker community and could benefit from the future possibility to recruit talents with some form of combined security and IT background or even to blackmail foreigners that have been connected to this community.
macinjosh
Russian xenophobia has gotten out of control.
Gormo
Interesting. Do you have any sources that substantiate the claims made on this blog post?
sev1
I wasn't aware of a Russia connection until this post. On flipperzero.com near the top it says:
>Our team was originally formed in Neuron Hackspace by collaborating with industrial design and manufacturing experts Design Heroes.
A quick Google search for Neuron Hackspace and Design Heroes shows their location as Moscow. I'm inclined to believe the detailed report from that blog post and am glad I did not end up buying the device.
Gormo
> I wasn't aware of a Russia connection until this post.
I'm still not aware of it after reading the post. Pointing out that some of the people on the project were members of a hackerspace in Moscow at some point in the past is not remotely sufficient to substantiate that there exists any current connection between the project and Putin's regime.
ex2can
You should probably educate yourself little bit
geor9e
$169 is a bit steep for me, so I went on Temu and bought a $8 125KHz RFID programmer & a $5 USB-C IR Blaster. Combined with my Samsung phones native NFC writing, bluetooth, etc I feel like it scratched the itch of 90% of what people do with Flipper for 10% the cost.
spookie
The point of the flipper zero is to have one good supported gadget that has a lot of people hacking away with it.
It's the same thing with the raspberry pi, sure you can get some cheap clone off less than ideal places, but you're gonna pay with your time. That's basically it.
jefftk
> It's the same thing with the raspberry pi, sure you can get some cheap clone...
It's a little different: from when the rPI first came out the price was a big driver of it's popularity. It started with the Model B at $35 (with the Model A at $25 "later this year") and this was so much cheaper than other options at the time. Look over threads from the time [1][2] and you'll see things like: "I teach middle school programming/computer classes. I cannot wait to get my hands on one of these. Right now it's cheap enough that I can tell the parents to buy one for their kids without a problem, and out of pocket it for those few of my students whose parents won't be able to afford it." and "The pricepoint is simply revoultionary. I intend to make a few amateur home automation gadgets with this."
regularfry
Allowing for inflation they've stayed in roughly the same ballpark, price-wise. It's just that there are now also cheaper boards available, which used not to be the case.
Scoundreller
That's what I like about InstantPots: having a standardized cooking device makes recipes a lot easier to share.
nonethewiser
Well sure, for pressure and slow cooking. You could say the same thing about the microwave.
omnimus
Arent most things in a kitchen standardized cooking device? Like stainless pan is stainless pan…
tkems
If you want to go deeper with RFID and can spend a bit more (~$50), I am pretty happy with my knockoff Proxmark3 Easy [0] I got on ebay. (Do some research to find a good seller as I have heard some sellers ship bad units). It can do both 125khz and 13.25Mhz RFID/NFC and is easier to use then some of the Android apps for cracking Mifare keys.
For the price, it is great for more complex attacks and almost has all the features of a full Proxmark RDV4 (minus BLE and a battery).
[0] https://proxmark.com/proxmark-3-hardware/proxmark-3-easy
stavros
Do you have any resources for learning about RFID? I have some tokens for opening my garage door that I'd like to clone, and I'd like to know how they work.
tkems
I would check out the Proxmark3 Github repo [0]. They have a cheatsheet [1] with the basics on how to get started. I also did a talk about RFID security last year about the basics [2]
To get started, the basics are: low freq (LF) is usually around 125khz and is rarely encrypted (HID Prox is the most common in the US). The data is often encoded in Wiegand format for access control systems (something to keep in mind when reading the raw data).
High freq (HF) (aka NFC) is ~13Mhz and is readable by most Android phones with NFC. Not all tag data can be read however. HF cards support a lot of different options including data storage (normally in a block layout with permissions to read and write depending on keys) and encryption (iCLASS and SEOS being the HID offerings and very common). Some can be cloned (like hotel cards) while others (like SEOS) require a downgrade attack to work correctly (SEOS -> normal SEOS reader -> Weigand data -> older style card like HID Prox).
[0] https://github.com/RfidResearchGroup/proxmark3
[1] https://github.com/RfidResearchGroup/proxmark3/blob/master/d...
michaelteter
> I went on Temu and bought
Too bad. I was sincerely hoping nobody would buy anything from them so they would die.
geor9e
Amazon costs twice as much, and Aliexpress takes twice as long to ship. I have an adblocker installed, so I haven't experienced the annoying ads people are mentioning. I don't install apps when a website is available, so it's not a a spyware concern. If Temu is more evil that the other main two options, I have yet to see an explanation.
dzhiurgis
AliExpress gotten so expensive too, Temu seems far cheaper (tho lacking lots of more interesting items)
camillomiller
I was thinking the same. It's a proven predatory and reckless company that can sell at these prices because of shady practices. But hey, savings!
kvdveer
I'm not ver familiar with Temu. Are these shady practices documented somewhere, and are they worse than industry peers (aliexpress, wish, overseas ebay, etc)?
tauntz
> so I went on Temu and bought a $8 125KHz RFID programmer
OT but if you found it for $8 on Temu, then you can most likely find the exact same device on Aliexpress for $1 - $2. Don't feed Temu - their ads are clogging up my feeds :)
moolcool
The M5Stack Cardputer seems like it would scratch the same itch as the Flipper Zero.
s17n
the whole point of the flipper is the sub-1ghz radio and nfc/rfid capabilities. It's not really intended to be used as a general purpose computer, it's more like a really extensible radio
lolinder
Yeah, but for me (and I imagine a lot of people on here) the itch that Flipper Zero teases is that of a hackable computer in a neat form factor, not the specific radio capabilities that it's actually meant for.
I didn't know about M5 before and now I'm hooked exploring M5's store, so I appreciate OP's pointing me there!
grishka
Also the 1-wire/iButton capabilities. Systems that use this kind of keys are probably nonexistent in the US, but in some other countries, they're everywhere.
SV_BubbleTime
So instead of supporting the community and a project with a specific goal, your point is that you bought a Chinese knockoff of a different product?
mightyham
Yes, gp seems to be pointing out the flippers' largest use cases can be satisfied by significantly cheaper products. They also aren't necessarily "Chinese knockoffs". It just so happens that they bought them from a Chinese online retailer, and I don't see how they could even be called knockoffs because what gp described are fairly different products from flipper.
NavinF
RFID programmers and USB-C IR Blasters are commodities. How could they possibly be knockoffs?
1oooqooq
no phone can act as a nfc card. your set up doesn't cover the main use case for the flipper on nfc space
baobun
Many (most recent) smartphone models can act as NFC cards very well, with the right software.
guitarlimeo
Phones unfortunately disallow setting the NFC UID on the hardware level (it's random each time), Flipper allows you to do anything.
1oooqooq
That is kinda misleading. They can act as a very limited version of a client of a very specific and largely unused spec.
geor9e
Sure but I have dozens of blank cards and stickers I bought for a few dollars.
ramraj07
“1200 seems too high for a phone, so I bought a raspberry Pi and attached a 4G module now I can make calls and browse the internet”…
thelastparadise
> “1200 seems too high for a phone, so I bought a raspberry Pi and attached a 4G module now I can make calls and browse the internet”…
That actually sounds really cool...
ThePowerOfFuet
Until you want to take it with you when you leave the house.
geor9e
iPhones aren't sitting unused in a drawer forgotten like 99% of Flippers. There's nothing differentiating or polished about clicking one button versus clicking a different button to clone an RFID tag. I'd rather have cheapo version of 1 time use gizmos.
camillomiller
Design is way more important than just what things look like. But it contributes to a product's success in ways that are sometimes hard to measure. That's why engineer-driven company don't understand it and engineers (as a sweeping generalization) usually hate it.
j0hnyl
Is this really the case? I would think there would be a mobile app interface for flipper?
ramraj07
For me the appeal of Flipper Zero is the mythical rare day when it becomes useful in an emergency, and until then it can stay in my draw peacefully.
hattmall
Or just one of the hundreds of equally capable reasonably priced phones.
jauntywundrkind
I would love love love this to become a vibe.
roughly
I’ve had one of these guys sitting around for a while - love the hardware, love the concept, but I haven’t really found a lot of use for it - what are y’all using them for?
gleenn
My friend found out the school he sysadmins for was using weak rfid card keys (despite the readers being smart enough to handle higher level encryption) and found he could clone his key and get in places. So basically he pen tested and then they decided to upgrade to the less or non-cloneable card keys. Security for the win.
Vegenoid
Before anyone tries this, doing this without first checking with security/facilities would likely be grounds for “disciplinary action, up to and including termination”
WantonQuantum
I don't know why you're getting downvoted for this. It's 100% correct advice. The person you're replying to is a sysadmin so they are probably okay in this situation but cloning access cards without permission would be a serious breach no matter how well intentioned or how easy.
wmidwestranger
If only issuing clone-able key cards were the infraction instead...
heavyset_go
Unfortunately, it sounds potentially criminal, as well.
spacebacon
Termination is a favor if security is that lax.
rekoil
Quite often the keycards have sequential IDs which means you can increase or decrease the number a few times and find a colleagues card with higher or lower privileges than you.
infinitedata
You can achieve this exact same use case with a $15 RFID reader/writer, supporting higher frequencies and encryption.
conradev
It's my backup key for my garage and my office door. I also use the universal remote to change TVs in public spaces occasionally. It's a chunker, so it's not a pocket carry, but I keep it in my backpack.
I recently discovered this, which I want to try: https://electroniccats.com/store/flipper-add-on-magspoof/
29athrowaway
What kind of garage opener do you have? I thought the Flipper zero won't provide that functionality unless you flash the firmware.
filoleg
Not the person you are replying to, but I use my flipper for the exact same purpose.
Not sure which specific garage opener my apartment building has. But the fob controller the leasing office gave out is way too weak, so i have to sometimes press it many many times and wiggle it in multiple ways until it triggers the garage door. With flipper, it works on the first try.
A funny anecdote: after using my flipper for about a year, I encountered another flipper user in my apartment elevator (the elevator requires a keyfob to go to any floor except the ground floor). I talked to him for a bit. Turns out, he manages a bunch of boat storage units here (in Seattle) that all use different keyfobs. So for him, it is just pure convenience to carry a single flipper device as opposed to always having a lot of different physical keyfobs on him, and then shuffling through them in his bag to get the right one.
Eji1700
The part I don't get is even if you flash the firmware, does that mean you can make sure it doesn't make all other remotes fail? My understanding of the whole rolling code system was that you could get a few uses and then you were screwed.
If that's not the case I really need to do this because having it handle my tv's, ceiling fans, and garage door would be a nice trick.
HanClinto
Not terribly difficult to flash the firmware.
rzazueta
I bought it in the hopes of causing mostly harmless mischief, but its capabilities in that realm are oversold.
That said, I knew very little about UART communication or SPI until I started playing with this and an ESP32 device. I also knew very little about bluetooth, RF, and RFID/NFR type stuff until I started exploring the world with this. It's been a fun journey that's rapidly advanced my understanding of quite a few things.
Others have said its overpriced or that you can build your own or whatever, but it's actually just the right price for a cool little educational tool that also works beyond the educational stage. It may even inspire me to build my own advanced version at some point.
If you're already a hardware hacker or EE, this is probably not much more than a toy for you. If you've always wanted to explore some of these topics but had no idea how to start, the Flipper is a good introduction. I immediately flashed it with custom firmware and it was easier than flashing my BIOS.
willis936
Well I found that my apartment NFC key is hardened against dictionary attacks and I'm not able to copy it. It also helped me learn that my parents' garage door is pretty secure. I'm able to have the opener learn my flipper like any other remote, but not crack it. This is even with the unleashed firmware that doesn't mind violating FCC regulations (some of the frequencies it hops to are restricted).
I was able to copy my work NFC badge, but I'm not really interested in trying it out.
It's handy as a pocket spectrum sniffer, but I don't have much day-to-day use for it outside of that. I'm glad it was given to me because I learned a lot. Potential future use for me might be an amiibo emulator, but I've grown out of those sorts of things.
spike021
My apartment uses Latch deadlocks. From what I've read the model _should_ support an NFC key, which of course we don't get. I'd love to figure out if I could do it myself. Ideally I'd be able to use my iPhone that way automatically though (the app on iOS apparently can't due to Apple rules but I'm not an expert). When my hands are full with groceries or whatever it can be a chore to pull out my phone, dig for the app, and get it to unlock the door.
AndrewKemendo
All garage doors have rolling keys which are non trivial to deal with unless you have pro stuff.
tzs
Speaking of garage door rolling codes I've noticed there is some sort of slack in the synchronization, probably so that if you press the remote button a few times while out of range your remote still opens the door. My guess is that the receiver looks not only for next code after the last one used, but also for several codes after that.
Question: how many times would you have to press the button on the remote for it to get so far ahead of what the receiver looks for that the remote no longer works without reprogramming the receiver?
epcoa
More like most garage doors sold in the last 20 years have a rolling code system, a few of which are non trivial to deal with.
This is already Western centric, but even here there are a ton of older static and fixed frequency systems still chugging along.
Of these rolling code systems most are not difficult to crack, especially those more than a decade old (and which are still sold today)
willis936
You can sync up on rolling codes with the flipper without too much effort. When there are a few private keys involved it gets more difficult.
dawnerd
Besides easy to open garage doors with a metal shim to pop the emergency latch. Happened to me once before just zip tying the latch.
sidmitra
My building charges USD 40+ to replace the white rfid cards if you lose it and something similar for the remote control for the parking gate. So i just cloned all my cards and remotes and keep them as backup, just in case.
robbiet480
Just used it + the MCT app on Android to clone my apartment key fob (Schlage 9691T) to a Dangerous Things Magic Ring https://dangerousthings.com/product/magic-ring/
margalabargala
I use it as an easy voltage tester for various hardware projects. I wrote an app that can do GPIO input (the built in only does output) so I can check which parts of a given circuit I'm building are high or low at a given time. Basically like a parallel multimeter.
sli
A bit different than the other replies, but I'm using mine like a very extensible input/output device for my own hardware projects and as a general STM board for fiddling with embedded on an STM chip (I usually stick to RP2040s and ESPs). I'm really interested in making expansion boards for the Flipper, especially ones built on the RP2040. Just sounds like a ton of fun.
Get the top HN stories in your inbox every day.
I got one not too long after the official launch and I've used it a decent amount (granted I am in cybersecurity and have a more real-world use cases then the average person). My favorite use case is the IR remote since phones no longer have IR blasters. It's saved me twice so far in having to buy/find a remote for something.
One thing people don't realize is that the custom firmware [0] that you can run allows you to receive and transmit on a wide range of frequencies under 1Ghz. Lots of things use that range (garage doors, gates, fan remotes, etc.) and are not very secure. I think that this will be a time looked back on where it's possible to interact with those devices without having to buy a custom PCB transmitter or somewhat expensive and complex SDR.
[0] https://github.com/DarkFlippers/unleashed-firmware