Inside the Underground Trade of ‘Flipper Zero’ Tech to Break into Cars
Technology
110
Beiträge
59
Kommentatoren
41
Aufrufe
-
And here I am just using my flipper zero to turn my fan on and off since the remote that came with it sucks.
I use it at work to clone a customer's proximity card when I work in their building so they don't have to leave me theirs to get around. The one legitimate use I found.
I guess being able to trigger the customer service announcement without having to find a button in a store is nice.
-
That's ... not a legitimate use.
-
Oh I think I used it to unlock some extra characters in Skylanders at some point too, but I don't really play those types of games anymore.
-
That's ... not a legitimate use.
That's probably debatable, if they have permission. They probably shouldn't have been given permission, but that's a separate issue
-
And here I am just using my flipper zero to turn my fan on and off since the remote that came with it sucks.
I do the same with mine.
-
That's probably debatable, if they have permission. They probably shouldn't have been given permission, but that's a separate issue
Ideally, there should be a visitor card available to be used, with its clearances configured as appropriate for the visitor in question. Having a person hand over their own card (and PIN, if applicable) isn't a great idea either, but it's far better than copying that card, with or without permission (probably without, if we're being honest).
-
The tech used here is the popular Flipper Zero, an ethical hacker’s swiss army knife, capable of all sorts of things such as WiFi attacks or emulating NFC tags. Now, 404 Media has found an underground trade where much shadier hackers sell extra software and patches for the Flipper Zero to unlock all manner of cars, including models popular in the U.S. The hackers say the tool can be used against Ford, Audi, Volkswagen, Subaru, Hyundai, Kia, and several other brands, including sometimes dozens of specific vehicle models, with no easy fix from car manufacturers.
The real issue here is that the systems that car manufacturers use for their vehicles are insecure and outdated. The Flipper Zero is just exposing their bad design decisions.
-
Ideally, there should be a visitor card available to be used, with its clearances configured as appropriate for the visitor in question. Having a person hand over their own card (and PIN, if applicable) isn't a great idea either, but it's far better than copying that card, with or without permission (probably without, if we're being honest).
Oh, absolutely. It's not something which should be encouraged, and against a well designed modern system it probably isn't possible (there must be some challenge-response type NFC systems on the market).
I'm just saying it isn't unambiguously "illegitimate"
-
And here I am just using my flipper zero to turn my fan on and off since the remote that came with it sucks.
You can get devices that connect to home assistant for that too! (Just a comment, not a suggestion that you are doing anything wrong.)
-
The real issue here is that the systems that car manufacturers use for their vehicles are insecure and outdated. The Flipper Zero is just exposing their bad design decisions.
"We're seeing an increase in new care purchases"
"What changed?"
"We made them super easy to steal" -
The tech used here is the popular Flipper Zero, an ethical hacker’s swiss army knife, capable of all sorts of things such as WiFi attacks or emulating NFC tags. Now, 404 Media has found an underground trade where much shadier hackers sell extra software and patches for the Flipper Zero to unlock all manner of cars, including models popular in the U.S. The hackers say the tool can be used against Ford, Audi, Volkswagen, Subaru, Hyundai, Kia, and several other brands, including sometimes dozens of specific vehicle models, with no easy fix from car manufacturers.
Really? I see these fairly often on local fb marketplace. I was tempted out of curiosity to get one but I dont have a use outside of mucking about.
-
le·git·i·mate adjective /ləˈjidəmət/
- conforming to the law or to rules.
"Do what thou wilt shall be the whole of the law" - Aleister Crowley
seems legit to me…
-
And here I am just using my flipper zero to turn my fan on and off since the remote that came with it sucks.
I like to hijack the robot vacuum when I go to DnD and ring my parents doorbell when I visit.
-
le·git·i·mate adjective /ləˈjidəmət/
- conforming to the law or to rules.
"Do what thou wilt shall be the whole of the law" - Aleister Crowley
seems legit to me…
If you're using Crowley to support what's legitimate, you're gonna have problems.
-
The tech used here is the popular Flipper Zero, an ethical hacker’s swiss army knife, capable of all sorts of things such as WiFi attacks or emulating NFC tags. Now, 404 Media has found an underground trade where much shadier hackers sell extra software and patches for the Flipper Zero to unlock all manner of cars, including models popular in the U.S. The hackers say the tool can be used against Ford, Audi, Volkswagen, Subaru, Hyundai, Kia, and several other brands, including sometimes dozens of specific vehicle models, with no easy fix from car manufacturers.
To be clear, the flipper is just a Girl Tech IM-me with an NFC chip. If it lets people do a thing, that thing has been possible for decades. Just wait until someone makes a popular device based on a cheap fully featured wideband SDR like the AD9363 or LMS7002. Shit is gonna get fucking wild.
-
Oh, absolutely. It's not something which should be encouraged, and against a well designed modern system it probably isn't possible (there must be some challenge-response type NFC systems on the market).
I'm just saying it isn't unambiguously "illegitimate"
there must be some challenge-response type NFC systems on the market
There are. Hotels use them for door key cards so they can't be cloned.
-
The tech used here is the popular Flipper Zero, an ethical hacker’s swiss army knife, capable of all sorts of things such as WiFi attacks or emulating NFC tags. Now, 404 Media has found an underground trade where much shadier hackers sell extra software and patches for the Flipper Zero to unlock all manner of cars, including models popular in the U.S. The hackers say the tool can be used against Ford, Audi, Volkswagen, Subaru, Hyundai, Kia, and several other brands, including sometimes dozens of specific vehicle models, with no easy fix from car manufacturers.
Yes let me stalk someone to steal their car temporarily. Honestly this thing is kinda a toy on par with my rooted LG V20 with its IR blaster and USB C port that I can plug anything into or my HP stream with a software defined radio I played around with. These people are kinda making software for the wrong type of devices to be frank with ya and I cannot wait until someone makes some weird app and USB C dongle for an android phone to replace the Flipper Zero with. You don't even need to have root access for this as apps can just take over the USB port anyway on your phone.
-
Really? I see these fairly often on local fb marketplace. I was tempted out of curiosity to get one but I dont have a use outside of mucking about.
outside of mucking about.
The best use case of all.
-
If you're using Crowley to support what's legitimate, you're gonna have problems.
that’s the only thing i use from him…
-
That's probably debatable, if they have permission. They probably shouldn't have been given permission, but that's a separate issue
I usually do it when we take over a customer's access control system and we have half their doors on the new system and half in the old still and are migrating them over. I'm an electronic security tech, this is what I do for a living.
