this post was submitted on 10 Feb 2024
378 points (96.3% liked)

Technology

59708 readers
1871 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Canada to ban the Flipper Zero to stop surge in car thefts::The Canadian government plans to ban the Flipper Zero and similar devices after tagging them as tools thieves can use to steal cars.

you are viewing a single comment's thread
view the rest of the comments
[–] QBertReynolds 44 points 9 months ago (4 children)

Only 30+ year old cars, but a coat hanger can do that too. Soooo...

[–] [email protected] 21 points 9 months ago

“Trudeau to ban coat hangers, other clothing care items, after rash of thefts of ancient vehicles”

[–] [email protected] 7 points 9 months ago (1 children)

And you need additional hardware and custom firmware. Then you have to GitHub that shit into the flipper.

Most people think it works like Dr. Who’s sonic screwdriver. Just press a button, wave it around and voila! You’re in the NSA database.

[–] QBertReynolds 3 points 9 months ago (2 children)

Signal playback doesn't require anything extra. I love that their docs have a giant warning to not use it on new cars though.

[–] [email protected] 6 points 9 months ago (2 children)

Isn't that because it can desync the actual keyfob?

Nvm... Clicked the link. That's exactly why you shouldn't do that.

[–] [email protected] 2 points 9 months ago

That is my understanding and why I haven’t ventured into that area with my personal vehicles yet.

[–] [email protected] 1 points 9 months ago (1 children)

Ah, so the cars still have shitty security implementations, only now it's in the direction of "car needs service if someone tries to playback a previous signal".

Though how does it work when you hit the button while out of range of the car?

It should be each fob has a private key that is used to generate a cryptographic hash of a random challenge string. Or hell, even give a rolling code a sequence number so they the car and fob can resync if necessary (I don't think this would break the security, since the sequence could be started at a number other than 0).

[–] [email protected] 3 points 9 months ago (1 children)

That sounds dangerously close to an open standard that would prevent charging $500 for key fobs.

[–] [email protected] 2 points 9 months ago

Any open standard can be tweaked slightly to make it a closed propriety one!

Though I do wish open standards were enforced for cars. Instead of each car/platform essentially being a mini monopoly that third parties need to design for specifically if they want to compete.

[–] mindbleach 1 points 9 months ago

If their gizmo can fuck up real keyfobs, that too is a failure by car companies.

Your threat model should include a radio-frequency YakBak.

[–] [email protected] 5 points 9 months ago (1 children)

Is that why I haven't seen a wire coat hanger in forever?

[–] [email protected] 4 points 9 months ago

No the world just ran out of coat hanger bones and is trying to hide it with plastic replacements

[–] [email protected] -5 points 9 months ago (1 children)

Who are you fooling? Tech savvy people don’t know how to handle coat hangers.

Plus videos show you that it also works on newer cars. To much Hassle though, but thatch’s also mentioned in the article.

[–] QBertReynolds 6 points 9 months ago (1 children)

Those videos are staged. The signal playback trick doesn't work on newer cars because the code changes every time you lock or unlock your car. You could probably replicate the functionality of a key fob on your Flipper, but it would need to be registered with the car's computer the same as any other key fob, which means you'd already have to have to access to the car.

[–] Socsa 3 points 9 months ago

There are definitely some basic attacks that you can do with a flipper. They are quite a bit more limited than what you can do with an SDR though, and I'm skeptical that they are widely deployed by anyone. You definitely can't steal a car like this, you can possibly unlock one. But hammers are much more useful in that regard and have a significantly lower skill floor.