SoylentNews

Freeman [soylentnews.org] writes:

Flipper’s new Video Game Module is powered by Raspberry Pi [raspberrypi.com]

Our friends at Flipper Devices have made a fantastic new video game accessory for their popular Flipper Zero. It turns your Flipper into a mini games console, adding device UI output to TV, motion sensing, and crazy-powerful GPIO expansion. It’s all built on our powerful RP2040 microcontroller [raspberrypi.com].
[...]
The Video Game Module lets you play retro games on your TV, or mirror your Flipper’s UI to the TV. You can also do some other cool new stuff, like using Flipper as an air mouse to control your computer over Bluetooth.
[...]
To learn more about the new Video Game Module, visit Flipper’s website here [flipper.net]. Or head to our RP2040 documentation [raspberrypi.com] to learn more about our microcontroller.

Canada declares Flipper Zero public enemy No. 1 in car-theft crackdown [arstechnica.com]

Canadian Prime Minister Justin Trudeau has identified an unlikely public enemy No. 1 in his new crackdown on car theft: the Flipper Zero, a $200 piece of open source hardware used to capture, analyze and interact with simple radio communications.

On Thursday, the Innovation, Science and Economic Development Canada agency said [canada.ca] it will “pursue all avenues to ban devices used to steal vehicles by copying the wireless signals for remote keyless entry, such as the Flipper Zero, which would allow for the removal of those devices from the Canadian marketplace through collaboration with law enforcement agencies.” A social media post by François-Philippe Champagne, the minister of that agency, said that as part of the push “we are banning the importation, sale and use of consumer hacking devices, like flippers, used to commit these crimes.”
[...]
Presumably, such tools subject to the ban would include HackRF One [hackrfone.com] and LimeSDR [limemicro.com], which have become crucial for analyzing and testing the security of all kinds of electronic devices to find vulnerabilities before they’re exploited. None of the government officials identified any of these tools, but in an email, a representative of the Canadian government reiterated the use of the phrase “pursuing all avenues to ban devices used to steal vehicles by copying the wireless signals for remote keyless entry.”
[...]
One thing the Flipper Zero is exceedingly ill-equipped for is defeating modern antihack protections built into cars, smartcards, phones, and other electronic devices.

The most prevalent form of electronics-assisted car theft these days, for instance, uses what are known as signal amplification relay devices [arstechnica.com] against keyless ignition and entry systems. This form of hack works by holding one device near a key fob and a second device near the vehicle the fob works with. In the most typical scenario, the fob is located on a shelf near a locked front door, and the car is several dozen feet away in a driveway. By placing one device near the front door and another one next to the car, the hack beams the radio signals necessary to unlock and start the device.

This attack requires a high-power transceiver that’s not capable with the Flipper Zero. These attacks are carried out using pricy off-the-shelf equipment and modifying it using a fair amount of expertise in radio frequency communications.
[...]
“You can’t perform a rolljam attack with a single Flipper Zero, and you sure as hell can’t use a 64 MHz, 32-bit ARM processor to crack rolling codes,” Rob Stumpf, a journalist who covers the intersection of cars and cybersecurity. At most, he said, a Flipper Zero can perform limited attacks on select modern cars, mostly from Honda and Acura, that can unlock and start a vehicle. These sorts of attacks, however, require the thief to be within close proximity of the owner while actively unlocking the car.

Stumpf touched on a newer technique for stealing cars using what's known as a CAN-injection attack [arstechnica.com].
[...]
“The more common relay attacks used in vehicle thefts are from sophisticated purpose-built tools,” Stumpf said. “Those devices are the real threat—not some kid opening a Tesla charging port with their Flipper Zero.”
[...]
It’s not the first time the hobbyist device has been portrayed as a tool for sophisticated crime. That impression is likely the result of a flood of videos [wired.com] on YouTube and TikTok showing the device used to empty ATMs and unlock cars. In reality, most of those videos were faked, likely by people attempting to drive sales to websites impersonating Flipper Zero vendors. Several months after the appearance of those videos, Amazon stopped selling the product, which it labeled as a "card skimming device [bleepingcomputer.com]." (It’s still sold here [flipperzero.one] but is currently not in stock.)

Kulagin said that governments in jurisdictions other than Canada have been much more open-minded about the Flipper Zero. One such body was the New Jersey Cybersecurity & Communications Integration Cell, which contacted the device maker directly following the rash of misleading videos. After investigating, the agency in January 2023 said [nj.gov] the Flipper Zero “can be used as a positive, legitimate, and convenient way for pentesters and curious minds to learn about, access, and dissect signals and protocols.”

Original Submission