This is about more than just cars. Anything that uses RFID, NFC, etc, such as an employee badge or even contactless credit/debit card payments, are vulnerable to such an attack.
Regardless of whether it’s open source hardware/technology, should we be authorising sales of such prebuilt devices for $170 which can allow the average Joe to break into an office or steal a car?
did you read the article? the flipper can essentially “break into” next-to no cars produced after 1990
Should ‘we’ be ‘authorizing sales’ is an interesting choice of words imo also, nothing negative just saying it made me question who the “we” part really is, and if something being sold has thus been authorized by some all powerful body
I’d argue that these devices are so cheap and so capable that it exposes the poor security that is rampant everywhere. Banning them wont stop similar devices from being made and used criminally. Instead this should be a wake up call to everyone about which forms of communication or authentication are largely ineffective.
This is about more than just cars. Anything that uses RFID, NFC, etc, such as an employee badge or even contactless credit/debit card payments, are vulnerable to such an attack.
Jason Thor Hall (ex-Blizzard employee) explains how such things can be used in social engineering attacks. A Proxmark is a similar device to the Flipper Zero.
Regardless of whether it’s open source hardware/technology, should we be authorising sales of such prebuilt devices for $170 which can allow the average Joe to break into an office or steal a car?
Yes we should allow them, because the problem isn’t that this tool is available. The problem is that cars and other devices aren’t more secure.
If you broke into a bank vault with a screwdriver, you don’t ban screwdrivers; you get mad at the bank.
did you read the article? the flipper can essentially “break into” next-to no cars produced after 1990
Should ‘we’ be ‘authorizing sales’ is an interesting choice of words imo also, nothing negative just saying it made me question who the “we” part really is, and if something being sold has thus been authorized by some all powerful body
I’d argue that these devices are so cheap and so capable that it exposes the poor security that is rampant everywhere. Banning them wont stop similar devices from being made and used criminally. Instead this should be a wake up call to everyone about which forms of communication or authentication are largely ineffective.
Here is an alternative Piped link(s):
Jason Thor Hall (ex-Blizzard employee) explains how such things can be used in social engineering attacks.
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.