Technology

59427 readers

3000 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

750

Canada declares Flipper Zero public enemy No. 1 in car-theft crackdown (arstechnica.com)

submitted 9 months ago by fne8w2ah@lemmy.world to c/technology@lemmy.world

230 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[+] Clbull@lemmy.world -7 points 9 months ago* (last edited 9 months ago) (4 children)

This is about more than just cars. Anything that uses RFID, NFC, etc, such as an employee badge or even contactless credit/debit card payments, are vulnerable to such an attack.

Jason Thor Hall (ex-Blizzard employee) explains how such things can be used in social engineering attacks. A Proxmark is a similar device to the Flipper Zero.

Regardless of whether it's open source hardware/technology, should we be authorising sales of such prebuilt devices for $170 which can allow the average Joe to break into an office or steal a car?

[–] cadekat@pawb.social 36 points 9 months ago

Yes we should allow them, because the problem isn't that this tool is available. The problem is that cars and other devices aren't more secure.

If you broke into a bank vault with a screwdriver, you don't ban screwdrivers; you get mad at the bank.

[–] JudahBenHur@lemm.ee 2 points 9 months ago

did you read the article? the flipper can essentially "break into" next-to no cars produced after 1990

Should 'we' be 'authorizing sales' is an interesting choice of words imo also, nothing negative just saying it made me question who the "we" part really is, and if something being sold has thus been authorized by some all powerful body

[–] Toribor@corndog.social 1 points 9 months ago

I'd argue that these devices are so cheap and so capable that it exposes the poor security that is rampant everywhere. Banning them wont stop similar devices from being made and used criminally. Instead this should be a wake up call to everyone about which forms of communication or authentication are largely ineffective.

[–] PipedLinkBot@feddit.rocks 1 points 9 months ago

Here is an alternative Piped link(s):

Jason Thor Hall (ex-Blizzard employee) explains how such things can be used in social engineering attacks.

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.