Tbh the team made the right decision to push the deadlines in order to deliver the quality they would be satisfied with. And I wholeheartedly support them in doing so.
I am totally ok with the device being delivered to me almost a year after the initially promised deadline, as long as that extra time went into getting the quality up to the level. So props to the team, I am happy that they actually took that time to polish up to the current level, instead of trying to meet an arbitrary deadline.
Their development blog played a heavy role in convincing me that they were not just stalling (which, sadly, has been my previous experience with quite a few promising hardware Kickstarted projects). Every single post has so much attention to even the most minuscule details that 90% wouldn't care for, it definitely reassured me that they were trying to be as transparent as possible about the whole process and their decision-making. I cannot say enough good things about writing quality of their dev blog posts. It was incredible and easy to digest, even for someone who hasn't worked much with such close-to-hardware level.
> "Flipper Zero is a portable multi-tool for pentesters and geeks in a toy-like body. It loves hacking digital stuff, such as radio protocols, access control systems, hardware and more. It's fully open-source and customizable, so you can extend it in whatever way you like."
That statement is essentially "It's a multitool for this target audience of users. It's really good for everything they want to do." - without giving any information about what that "everything" is. It does not provide an example use case - "hacking digital stuff such as radio protocols, access control systems, hardware" is not an use case but just an application domain, but an example use case would be some hint of how this tool would be actually applied to help someone do a security analysis of some radio protocol for an access control system.
Why not say something roughly like
"Flipper Zero is a portable multi-tool that includes transceivers for arbitrary interactions with most popular wireless systems - RFID, NFC, BluetoothLE, infrared and sub-1 Ghz wireless devices. It allows you to run custom exploit or analysis code for these protocols interactively from a convenient small hardware device." ?
That would actually tell a potential radio hardware hacker about its capabilities and limitations; e.g. the original description could just as well be said about the hackRF SDR system, which is substantially different piece of hardware but aimed at a similar audience.
Pentesting (or hacking in any sense of the term) often involves spending a lot of time researching and learning about things, typically heading onto paths where you don't know where you will end up.
Flipper Zero is a portable multi-tool for pentesters and geeks in a toy-like body. It loves hacking digital stuff, such as radio protocols, access control systems, hardware and more. It's fully open-source and customizable, so you can extend it in whatever way you like.
Third line on the page.
It is hard to make an introductory explanation to someone with close to zero context of what you are talking about when you yourself know it very well.
Here is a collection of some of the bigger projects being built for it.
Here's a description: https://flipperzero.one/ - it's a multitool for various wireless, IR and RFID (including 125 kHz) protocols, has GPIOs and contacts for certain electronic keys. And apparently also a tamagotchi.
Replace my bulky, awful complex-provided fob with a dolphin with attitude? Yes please.
I always wanted to "jailbreak" the NFC cards and key fobs I get from work and apartments. This minimal device seems fun and functional.
Probably thats why if you search on eBay there are a lot of scalpers.
From the sounds of it it's fulfilling a very different niche. I'd like you see a smartphone that exposes gpio pins.
The reason that I ask, is that I was on the design team for lockheed when we were selling RFID tags for shipping containers at a shitload per pop... (123 and 433 mhz)
and I brought up we had zero auth on any of our systems... and was just told to not speak about it.
I still thought it would be an mp3 player after reading about the battery modes and the sd card installation and the file system menu...then I gave up.
> It does whatever you want it to do
An answer worthy of Zombo COM
And similar to the early days of home computers, there's plenty of kits you can buy to build your own.
With devices like these, you're buying time. People doing reverse engineering for a living or as a serious hobby do not want to fuck around making their own. Robust hardware design/validation and supply chain handling are NOT trivial except for the most simple designs. The firmware is NOT trivial to recreate. The target market has already bought products that do most of the shit this device does, and now they can have a lot of it in one place instead of scattered across multiple devices.
It's an interesting marketing play. I wasn't suggesting people go out and make it themselves instead. Do it if you want. Buy the thing if you want. Whatever
> TI CC1101, the chip powering the Sub-Ghz feature, is in extreme shortage. To date, the supplier has shipped just a fraction of our initial order. The same situation is with our LED driver — TI LP5562. To overcome this we have to purchase these components on the spot-buy market at a much, much higher price (3-5x for CC1101 and 20-30x for LP5562)
Same could have been said for the original iPod. Design matters.
It's pretty nice: one less thing to carry around.
Most are not well designed.
Pair something like this with a smartphone(specially those with ML cores) and things could get... interesting.
Only, if we go full Cyborg / Trans-Human ;-)
I took one out with a simple spill, and I now cover the ports on the working one with electrical tape. I use a usbc dust plug for the charging port.
They even went the extra mile to use Qt for the client instead of Electron.
(Incidentally, someone made a Dear Imgui demo this way: https://jnmaloney.github.io/WebGui/imgui.html, minus involving Electron, of course.)
The only fullsize cards I even still bother buying are UHS-II ones for my cameras.
>integration of video
This is built-in feature of Ghost now.
It looks like the CC1101 supports quite a few modulation schemes, kind of curious though if you could build an SDR with a similar form factor to target things like lora too
Not the same but actually available to buy. Same NFC chip, no ui, no sub ghz sdr chip.
I'll get one, but I'll wait for the dust to settle. My "early adopter" days are few, and carefully managed.
I'm beginning to think all of our rf cards are insecure.
It would be nice to know the pros and cons of the CMs people are using.
I think I'll wait for the second batch, but dang it, I want one.
I still can't figure out WTF it It. Lotta hipster hype and brogrammer-speak.
Okay it's a little pwnigotchi or whatever that thing was called, except expensive. You can get little SDR kits that can do 90% of what this thing does for $50.
Looks polished, but way overpriced.
P.S. docs are built with www.archbee.io
Shipping Started - https://news.ycombinator.com/item?id=30024255 - Jan 2022 (3 comments)
Diving into RFID Protocols with Flipper Zero - https://news.ycombinator.com/item?id=28618679 - Sept 2021 (1 comment)
Flipper Zero Firmware Is Now Open Source - https://news.ycombinator.com/item?id=28461299 - Sept 2021 (6 comments)
Taking over TVs with Flipper Zero Infrared Port - https://news.ycombinator.com/item?id=28013900 - July 2021 (1 comment)
Flipper Zero: How it’s made and tested - https://news.ycombinator.com/item?id=27704883 - July 2021 (31 comments)
Flipper’s Electronics: How It's Made and Tested - https://news.ycombinator.com/item?id=27689787 - June 2021 (3 comments)
Taming iButton Keys with Flipper Zero - https://news.ycombinator.com/item?id=27531914 - June 2021 (1 comment)
Flipper Zero: Bringing Cases to Perfection - https://news.ycombinator.com/item?id=27479684 - June 2021 (6 comments)
Case manufacturing behind the scenes - https://news.ycombinator.com/item?id=27155584 - May 2021 (1 comment)
Flipper Zero: Tamagochi for Hackers - https://news.ycombinator.com/item?id=26405919 - March 2021 (48 comments)
Flipper Zero Manufacturing and Shipping Plan - https://news.ycombinator.com/item?id=25870255 - Jan 2021 (14 comments)
Flipper Zero (Repository will be open in public soon) - https://news.ycombinator.com/item?id=24090716 - Aug 2020 (1 comment)
Flipper Zero – Tamagochi for Hackers - https://news.ycombinator.com/item?id=23996733 - July 2020 (53 comments)
Show HN: Flipper Zero – Tamagotchi for Hackers - https://news.ycombinator.com/item?id=22941733 - April 2020 (10 comments)
Tamagotchi for Hackers - https://news.ycombinator.com/item?id=22859083 - April 2020 (1 comment)
Flipper Zero: Under Development Multi-Tool Device for Pen-Testers - https://news.ycombinator.com/item?id=21842830 - Dec 2019 (1 comment)
It's better than what's already there and they'll sell a lot of them, but I wouldn't go so far as to say that it has made the impossible possible.
The purpose of the blog is to promote your company/product.
When I visit your blog, I am now curious about what your product/service is. I expect to be able to click on the logo and find out about your company/product/service.
Linking the logo back to the blog itself is a missed opportunity to increase sales/marketing.
I'm curious about your product, but at first my curiosity is very low - I am willing to spend enough effort to click on the logo, but I am probably not curious enough to then go hunting to find your home page after the link sends me back to the blog.
A potential customer being willing to click one link on your site has significant value - don't squander it.
I don't know how many times I've had the exact same experience and thought the same thing.
I'm not well equipped to sandbox the PC app and watch its behavior or whatever (and I have no reason to suspect the dev is personally a bad guy), but even something as simple as the shipping list of everyone who bought this, is basically a who's-who of security researchers the world over. Since we've already seen attacks that tried to compromise security researchers, I figure this isn't hypothetical anymore. It was North Korea last time:
Sadly though, I kick start a lot of stuff that doesn't end up being 50% of what's promised if delivered at all. I still kick start fun projects like this though as a gamble on seeing someones ideas take place. I think the big problem for most of them is the designer suddenly has "all this cash" and has no clue how to manage or spend appropriately, ends up allocating to things they don't need or straight up siphoning off for lifestyle changes (SEE DUNE CASE) and then stuff is never delivered.
Either way HACK THE PLANET! I hope to see all these dolphins at Defcon!