I just got mine a couple of days ago. I'm really impressed with how well its built and how polished the software is. It is much more polished than any other similar (useful!) hacking/debugging hobbyist devices I've bought. Its clear a lot of thought and care has gone into it.
PSA: the main benefit of this s the ease of use, due to a lcd display, buttons and software support.
If you're familiar with arduino/esp* programming, you can get the components (eg. esp32, cc1101, nfc reader, and infrared transciever) for a lot cheaper on aliexpress or your local reseller, and all of those things are in stock.
(or in other words, if you're one of those people who buy stuff like this, play with it for 2 minutes and then put it in a drawer, and now you're in the middle of thinking about how you could open your neighbours garage to mess with them... well, you can do it chaper)
Certainly you can spend time reading datashets, ordering components on aliexpress, soldering them together, going back to square 1 every time you burn something, etc.
Alternatively, you can pay a tad more and get everything in a single device with a nice interface.
This device lowers the entry barrier into hardware for software people.
> Other users have provided the link, but my heart sinks a little every time I see this brought up, especially when the commenter is singled out by name. People forget that this is a real person. He also happens to be a first-class HN contributor, and has been for many years.
> I realize it's internet fun to point neon arrows at people seeming outrageously wrong in the past, but the truth is that people aren't reading that comment accurately and there's a huge dose of hindsight fallacy here.
People make fun of this post on account of Dropbox having been a commercial success, but the first points are still valid (and even more true today, with modern tooling) that FOSS self-hosted solutions are far better, more flexible, and serve as a learning/building opportunity - something the 2022 world of vendor lock-in, dumbed-down "user friendly" solutions, and vast data collection sorely needs more of.
They were also very right about one critical point:
> without charging users for the service, is it reasonable to expect to make money off of this?
Dropbox was initially pitched as a free service, which was absolutely not sustainable, and someone would have been right to be very skeptical about the underlying business model. People might not have been quite as enthusiastic if they'd said from the beginning "oh, and it'll be $100/year for the rest of your life, or until you get your shit together and move your data elsewhere".
It was generally an in good faith comment specifically about the application.
The relevant bit to this is the “quite trivially” do X, Y, and Z non trivial thing.
Technical people often underestimate the value of good UX, generally there’s a lot of demand for it. That’s also where a lot of the value is in making something good. He also acknowledges as much in his reply to Drew.
In this case the “main benefit” of the flipper being ease of use, software, and hardware vs. some random components off of Ali express just reminds me of that.
"Usability" of software/hardware is often the biggest barrier for people looking to learn these kinds of skills. I applaud their effort, I would love to see more development and hacking tools take this approach.
You can build most of the things you own yourself. It's just that sometimes it's a) not worth your time, you'd rather skip the initial step and start building around the ready tool b) this thing actually looks and feels much better than you garage kit. Some people do care.
This is like the usual flame war about macbooks vs everything else.
All I see is it remove the motivation barrier and just create waste for the sake of creating waste. Another devices that people buy, tinker with it a few hours then sit in a drawer for years until it will be binned.
More than a nice hacking tool, this is a pollution and waste of resources tool. There is nothing positive about that.
This just make me want to make my own little Arduino device. I bet it would be more fun than buying a thing someone else made that I don't have a real use for.
Other comments mention how this was a Kickstarter that took two years to come to fruition and the supply chain is listed as the culprit. No one else has mentioned that while us backers were waiting, they sent out newsletters that detailed some of the complexities they were dealing with. Getting the case right took several iterations, and when you feel it in your hand you can tell that they took time to get it right.
You're right that one could put most of the functionality together, but not in a package that you're gonna toss in your pocket for EDC.
I have a passing interest in wireless hacking but I have no idea if I have the skillset to make any use of it. How useful is this for someone with zero pen testing and/or wireless experience?
I'm curious to know what it would take to hack my garage door or key fob for my car
Out of the box it supports limited raw rf capture and replay. Your garage door (probably) and your car key fob use rolling codes which change each time the button is pressed. This is not supported, and likely won’t be in the official firmware.
I’ve used mine to make copies of all rf and ir remotes in my home. Fans, tv, bidet, AC, etc.
Story time! Google is (was) famous for having Toto Washlet bidet seats in its restrooms, which have wireless control panels attached to the stalls.
New building opens up, vendor screws up and the control panel in stall #1 is programmed to control the Washlet in stall #2. Cue the predictable (and hilarious) email thread on #<building>-misc, along with a whole lot of memes.
There was a toilet in Japan I couldn't for the life of me work out how to flush, I spent ages in this bathroom checking for buttons here and there. Only after I had given up and walked away from the toiled did it flush.
Slight correction: There are two modes of RF Capture available : "Read RAW" and "Read".
"Read RAW" does exactly what it says on the label: Captures a raw stream, based on the specified frequency and demodulation.
"Read" captures, decodes and attempts to interpret the signal capture. The FlipperZero has a large built in database of brands + models of RF devices, and a database of KeeLoq master keys.
For rolling remotes that are KeeLoq based, with known keys, the Flipper can most definitely decode / decrypt rolling codes, and generate the next in the sequence.
TL;DR: Handles fixed + Rolling codes, via built in database of keys + models.
FWIW I've used mine to duplicate both of our car key fobs (middle 2000's Mazda and middle-2010's Jeep) so it'll probably be very dependent on make/model/age as to whether it uses rolling codes.
i have developed firmware for a few ism band products and basically had to create a few scrappy one off tools for testing and debugging. something like this ready to go is totally killer to have from a rf software standpoint too. but yea, rf is everywhere. key fobs. in your tires for tpms, garage doors, crappy bluetooth products whatever. i could see this being useful in many cases
Let's not fool ourselves into thinking that more than 1% of buyers will use this for anything else than changing channels on TVs displayed at Walmart, and feel like Mr Robot for a few minutes.
I love how movies show hacking devices as super serious futuristic goggles the open 6 different terminals that patch you through sockets on satellites, but the best thing in real life is a dolphin tamagotchi.
Seriously Keanu Reeves ins't a bad choice for a technological automaton representation, being Johnny Mnemonic and Neo and all. Though I guess dolphins in general are much more conciliatory on IPs, trademark and copyrights issues.
Finally a kickstarter i backed that keeps up to the promises. Got mine last week and it does everything that was promised and keeps constantly being improved.
I love my flipper zero; I’ve been using it to investigate NFC doodads.
I participated in the crowdfunding campaign and I must say it was one of the best run campaigns ever; the team was super transparent and took a lot of time communicating all the behind-the-scenes of developing the product; their updates were very interesting. Can’t wait to see what they do next.
Just got mine a few days ago (EU based). Well built, works as promised. But I find that it mostly works for simple things like controlling lights, tv etc. Most interesting targets use proper encryption (mifare classic for example) so I had no luck accessing my company badge. Mifare Desire data cannot be read properly at the moment it seems, but I'm sure that will be fixed. Fun little tool, will probably end up in a drawer soon.
MIFARE Classic support is quite good : the device will search through its (somewhat exhaustive) list of known keys, to attempt to unlock your badge.
If keys aren't found, you can perform a "Reader Attack" - take the nonces from the log during a sniffed authenticated exchange, place them in a MF32Key tool (there are online versions as well) - and this will calculate the key.
The device doesn't have enough computational power to crack on board (for that you need a Proxmark / iCopy-X) - but the team has roadmapped a tethered mode for performing these cracks.
I've been reading my bank cards with the 'unleashed' firmware, not tried a replay yet and it lists Mifare DESFire in the special read actions (not tried, not hw to test)
How do you get the details of the remotes you're replacing with it? Scanning through frequencies? Don't they have "secrets" for the actual ACK that lets your in and garage doors rotate through codes do they not? Just curious.
There's a few tools for figuring out radio stuff. The first is super simple, it just scans through the frequencies and tells you which is the strongest. Most devices will put this in their manual but it's nice to not need to have to look it up.
Once you know the frequency one option is to just take a raw sample at ____megahertz and play it back on demand. This doesn't work for some radio signals because they use rolling codes and it's also a bit inefficient (be VERY VERY careful using a Flipper with a car key fob, because they can sometimes go out of sync and you can't open your car afterwards)
The good news is, for many types of radio signals, the flipper can also determine the protocol and what digital data is being sent- so instead of playing back a 2 second sample of me holding down the "power" button on my lamp's remote, it knows it can just broadcast 0x1234 using protocol XYZ.
NFC and RFID devices are basically plug & play, although only a subset are supposed.
> (be VERY VERY careful using a Flipper with a car key fob, because they can sometimes go out of sync and you can't open your car afterwards)
FYI many cars with "keyless" entry have a traditional keyhole hidden under a piece of trim around the door handle and a key (sometimes plastic) hidden inside the fob; sometimes the key is part of the ring for a keyring, and can be released by pressing on the manufacturer's logo or inserting a paperclip in a hole.
> Don't they have "secrets" for the actual ACK that lets your in and garage doors rotate through codes do they not?
Remote door controls are painfully dumb and relied on the absence of affordable software-defined receivers and especially transmitters. With most of them you can set the code via binary DIP switches at the back and that's it. No replay protection, no nothing, if you're lucky the receiver has a brute-force detection.
ZigBee, Thread and a few others use IEEE 802.15.4 which allows three bands: 868/915/2450 MHz. According to the FlipperZero homepage, it supports two out these three bands: 868 and 915 MHz. So depending on your device, it might work with them too.
Probably not, but it depends on the garage door. I used to be able to open my neighbor's garage door with the remote for my own garage door. There's also the opensesame attack (replay attack, search for it). You can perform such with a YTS-0 (Yard Stick One). I still ordered a Flipper Zero. Its cute as hell, probably has a neat community, and its more portable than my PortaPack + HackRF or Proxmark + Blueshark.
Samy Kamkar who did Opensesame on the Radica Girltech also did a DefCon presentation about attacking rolling code remotes as well: http://samy.pl/defcon2015/
Why "yikes"? I don't think that's common anywhere, but the intersection between "hardware hackers who uses Flipper Zero" and "people with subdermal implants" is probably bigger than the intersection of "people not being hardware hackers" and "people with subdermal implants"
This front page seems to include a lot of info - it had a ‘Sub-1 GHz Transceiver’, then it has ‘125kHz RFID’:
> Low-frequency proximity cardsThis type of card is widely used in old access control systems around the world. It's pretty dumb, stores only an N-byte ID and has no authentication mechanism, allowing it to be read, cloned and emulated by anyone. A 125 kHz antenna is located on the bottom of Flipper — it can read EM-4100 and HID Prox cards, save them to memory to emulate later.
And
> Flipper Zero has a built-in NFC module (13.56 MHz). Along with the 125kHz module, it turns Flipper into an ultimate RFID device operating in both Low Frequency (LF) and High Frequency (HF) ranges. The NFC module supports all the major standards, such as NXP Mifare.
I have just received mine (kickstarter backer, EU based) and am impressed by the build quality. I still need to play with alternative firmware etc and found a very naive cloning of my access badge did not work, most likely due to some additional security in place. Had to check though after I picked up an SD card on my way to the office.
Curious to see what uses I can find for this, most likely it will end up in a drawer sooner rather than later, but I can see this be very useful on holidays ;)
Currently they don't list USA as a place with availability.
From the shop page:
Shipping in August 2022. Currently available only for:
Andorra, Austria, Belarus, Belgium, Bosnia & Herzegovina, Bulgaria, Croatia, Cyprus, Czechia, Denmark, Estonia, Finland, France, French Polynesia, Germany, Greece, Vatican City, Hungary, Iceland, Ireland, Italy, Kazakhstan, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Moldova, Netherlands, North Macedonia, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey, United Kingdom
I'm still waiting for my Kickstarter version (suposideley by July 26th) and as one of the first few backers I would hope I receive mine before others can just go buy one...
Yes I live in Switzerland but it's not at the edge or the world. Most have received theirs already but Swiss people had to wait a while...
Still waiting for mine as well. I'm in Singapore and it's apparently the last region to be served. I have yet to get a shipping notification. I hope to get it soon though.
I just tried to order the Wifi devboard and got a similar response (I live in the US). I ordered the actual Flipper Zero a few weeks ago but forgot to order the accessories. I hope I can still get them at some point.
Just wasted 20 minutes trying to figure out how to order. It kept saying no shipping rates found for my address. Turns out they aren't allowing US orders at the moment but they don't actually say that on the website you just get a cryptic shipping rates message. Not the greatest experience.
As someone who just ordered one to the EU, you people in the US finally get a taste of your own medicine :)
I can't even recount how many times I've wanted to order something, and not until the final step before doing the payment they put up a "Sorry, we only accept orders within the US & Canada".
I'd like to order one as well (EU, too), but I'm a bit repelled by the $35 tax on top of the price. Did you pay the same tax? Did you research whether you'll have to pay customs fees as well?
Order total: ~$300, where ~$50 is taxes and ~$50 is shipping. I did not research any customs fees, as I've been craving the device since I came across this comment: https://news.ycombinator.com/item?id=31534257 (2 months ago), so don't really care about the custom fees.
Not great but I’d cut them some slack. Designing hardware, software, a billing system, a website, production, shipping… I’m part of a two man hardware company and it’s a miracle it’s even possible.
The web is funny tho - an order page is just an order page - if it was built by a trillion dollar company or a startup barely paying rent - we go in with the same expectations.
Does that mean this is legal to buy in the us, considering the sanctions against russia for the ukraine war? I want to buy one, but the legal status seems unclear to me.
Flipper zero is more aimed at wireless hacking. Which is very cool, it's a fairly unexplored area of hacking (due to traditionally high barrier of entry), but is a subset of "hardware hacking".
For general hardware hacking I'd get a pirate bus ($30), and a saelae logic clone (cheap). Maybe a nice cheap oscilloscope (but they go for $300+), but logic clone can get you mostly there.
I just got my Pokit Pro multimeter in this week and it has an oscilloscope feature. Good for up to 600V. Not currently sure I would recommend it but Ive not found anything bad on it. It is almost $200 now though.
Depends what your trying to do with it to be honest. If you just wanna use the i2c/spi/uart stuff you can probably handle it. If you can plug some cables in, at worst soldering cables or headers to a board and can find the pins/pads themselves you’ll be fine.
At worst if you wanna try it out without spending so much money you can try out the bus pirate from dangerous prototypes it’s only ~27.
It's great for beginners as it has a huge and friendly community behind it and you can easily work your way up from beginner to more intermediate/advanced.
Given all the comments here praising the build quality and conspicuous lack of comments talking about the actual things it can do, I'm guessing it's fairly difficult to use for anything beyond admiring it's build quality
the quickest hit of functionality is duplicating buttons from your remotes.
Next it's fun to mess with the screens at the pub.
Somewhere along the way, realizing that someone out there has the remote you lost long ago and all you really want is an on/off button and now you can get one.
For me so far it's a universal remote with a kind of weird interface.
Yep, there are some videos of people using it to open the charging ports. I found the wireless "commands" (or whatever the correct terminology for it is) on github a while back before I received mine, but haven't gotten around to testing it out on local teslas here
As an aside, I'm curious about wireless hacking but don't know whether or not I possess the necessary expertise. Can someone with no prior knowledge of pen testing or wireless networks benefit from this?
Yes. But you'll have to learn a bit or two to make use of the more advanced stuff. It is indeed a great learning tool, as it offers almost everything you need to delve in.
There's good lectures out there, explaining the things you might not yet know and most of it is fun stuff to learn. Very much worth your time & effort. Hope you're fine with some advanced math concepts, though!
I'd say it's easier to start with an SDR receiver and passively listening to stuff. Figuring out remote control protocols and whatnot is relatively easy with those cheap tools. If you still enjoy it after playing with that, then jump to RX+TX tools like this, or a HackRF, or others, depending on what you want to hack.
Cool piece of hardware, however their software TX lock is bullshit. They didn't claim development platform exemption with the fcc like with a hackrf, ettus, etc. Users are forced to use custom firmware to unlock the full potential of the hardware.
The support person astra on their web forums goes around telling people its illegal to discuss things involving TX'ing and capturing rolling codes of a keyfob. I can't tell if it's plain stupidity or gas lighting...
This device is seducing me to learn new skills that I wish I already had so I could justify submission to the seduction - a familiar, odd loop. Do want!
The source is written in C. The provide a docker container that lets you simply download the repo, make changes, compile and then load to your flipper.
I hadn't actually written an original line of C code since the 1980s. After a couple evenings of following one of the tutorials, I was able to create some new functionality to a button that currently doesn't do anything.
At least one person on the Discord (Flipper Devices, I think) watches when someone mentions how they think it would be cool to make changes to the firmware, When that happens, they upload a PDF of the K&R book "The C Programming Language" to the chat.
Yeah I tried it with a pile of transit cards accumulated over the years from various places (Oyster, Octopus, Pasmo, Suica, Opal, Icoca, SmartLink, probably some others) and it was able to identify the Japanese cards but not do much more with the firmware I had.
As a Kickstarter backer residing in Europe, I can say that the quality of the product has exceeded my expectations. In the meantime, I've been experimenting with different versions of the firmware and discovered that an attempt to clone my access badge did not succeed, most likely because of the additional security measures in place. The SD card I bought on my way to work necessitated a double-check.
I'm glad that's hackable. I have an extra class ham radio license and can play with some additional frequencies, and want to at least have the option to enable them.
I've been rather curious as to what the license would legally allow one to do with this. Should this end up applying for some of the capable but disabled frequencies?
Context: I have a flipper zero and have been thinking about testing for amateur radio licenses.
I'm not sure, but a big part of the reason for having amateur radio licenses is for experimentation and learning. I have no idea what I'd actually do with those frequencies yet.
It's fine as it's not mass produced single purpose hardware like your wifi router. Just don't use it to break into your neighbors garage and you'll be fine and don't hook it up to a 500 watt wireless repeater/amplifier.
I guess, should you stop feeding it a steady stream of keys, signals, and flashes, it ... dies due to lack of care, just as a tamagotchi :(
With this number of radios, does it need to be FCC certified?
As a side note, in some of the promo images, the battery gauge is at 52% (or 73%), yet its icon shows a full battery... I guess it's fixed in the real implementation.
Don't know if this helps you, but the about screen has this:
FCC ID: 2A2V6-FZ
IC:27625-FZ
for all compliance certificates, please visit www.flipp.dev/compliance
Just simple things like copying a garage opener. I tried it a few times and couldn't work it out. I think It looks like I got it to capture something, but then nothing happens when I send it again. Makes me feel a bit dumb and haven't touched it since.
Garage Door openers aren't as easy as they sound. Try the infrared remotes first, you'll have better likelihood of doing something useful in a few minutes.
If you want to start writing code, https://flipper.atmanos.com/docs/overview/intro worked really well for me. If this was the free sample on the kindle store, I'd buy the rest of the book.
I encourage you go to this young man's main page and buy him a coffee (not me nor anyone I know, apparently I was the first person to actually use that button)
Got mine about a month ago and love it! The unleashed firmware is easy to install and you can get some De Bruijn sequence files for messing with 443Mhz garages and gates like the old OpenSesame by Sammy Kamkar. I can’t wait to see what plugins people will make for it!
It depends on the fob. I didn't get it to read mine.
That said, there was a post on Reddit of a EMT driver who used theirs to clone dozens of remotes that the ambulances need to open the gate to bring in a patient.
I just emailed support asking about this, will post here the response when I get it.
Update: Flipper says they'll be back in stock for US, Canada, and Australia in September but did not provide a mechanism for getting alerted when this happens.
I got one of these on the Kickstarter and for building key fobs and garage doors, it's been awesome. There's definitely room for growth but I'm happy with it so far!
Is it me or are the comments all complete spam? The top three all say the same thing, roughly, "well built / good build quality / impressed with build, etc".
Check my karma: It's not spam. It really is really well built. Should be: took them years to get it built, I bought into their kickstarter early. That said, I learned huge amounts about building hardware from their engineering blog, strongly recommend it.
Their engineering/status update bogs were really interesting. Particularly injection mold issues and RFID/NFC standards.
And I agree, the build quality is really nice - just wish they sold the screen protector during the kickstarter - I have the silicon protector and wifi dev board but my LCD screen is scuffed from carrying it around in my pocket.
I have had one since around April, and the hardware quality is good. Their blog also shows where they had to change processes because their QA caught things like the header plastic warping and is a good source of how to bring a product to market in the middle of a pandemic. I do feel like their software quality, while functional, could stand some polish, but it's fine. I'm currently working on making an add-on board for its gpio pins.
I have a couple friends with them and ordered mine about a month ago, should be delivered any day. I've only heard good things about this device, I really don't think it's spam.
I ordered a second one when I found out that there was already some code written for some a SubGhz radio intercom. Currently only available at the command line interface (yes, you can ssh to it while connected via usb) but shouldn't be too difficult to build some kind of interface for it.
As I was writing this, it occurs to me that you could might be able to capture a bluetooth signal with one, sent it via radio to another that might not be in line of sight, then retransmit from another.
The limit on what you're thinking is that the devices inside this are NOT the latest and greatest.
Wonder how hard it would be to pair it with two 1 GBit/s ethernet controllers, high speed storage and an FPGA with an embedded SoC. Think of something like "embed it between two network devices and mirror their traffic through a wifi AP".
Bought it anyway in the hope of someone more talented than me manages to make an expansion board :D
I've had one since April. The company, while established in the US, consists of many people who use English as a second language, and who have been under considerable difficulties with being a hardware startup servicing the world market during a pandemic.
amazing tool. if you have any tools in the shop with radio-remote (like lights, or a vacuum) - this tool can make you an evil king of a haunted space. but don't do that tho.
Only thing I’d care about is if it could operate like the loop card wallet thing that Samsung bought and then killed. Applepay is great but still isn’t accepted at Walmart and Krogers owned stores (among others) would love to have a little device like this that holds all my cards.
Katakana lettering, pixel art, retro-design...is this thing aimed at the "We're anonymous" - "Mr Robot" - "Jack Rhysider" l33t HAx0r type of "hacker"? Or is there actually anything clever about it besides the design?
For those of us who crowdfunded this a couple years ago (when it was a no-brainer muti-tool for the startup I was in at the time, dealing with fancy NFC/RFID/etc.), but don't have hobby time to play with it... where's the best place to sell it, and feel like a winner? eBay?
They did a kickstarter two years ago just before the microchip shortage. They posted frequent blog updates about their process on how to continue manufacturing while adapting to the shortage and swapping out components when available. Shipping to all countries just started a couple months ago.
perhaps a different reward tier for the kickstarter? it was a massive success. if you check the comment / karma history for people saying they have them they're not fake accounts.
I was able to get a US shipment of it to me about a month ago (not via KS), the store has had small batches of restocks available every once in a while.
I have one too. I think they are taking preorders and engaging their contract manufacturers when it makes sense. Took at least a month to actually get to me.
No actually this depends on your location. I was an early baker and I am still waiting for my device in the EU, while they already shipped it to ppl who pre-orderd after the kickstarter was finished.
Mine arrived earlier today. I was one of the backers of their Kickstarter campaign, which I think ran two years ago. They've shipped thousands of these already.
Like ixtli said, I am an early kickstarter backer from two years. They got crushed from the microchip shortage and fulfilled all backers before continuing on to preorders.
Unless somebody disassembles it and reverse engineers all embedded code, we can't be sure this is not a Trojan horse from Russia. Wouldn't put it past them.
Definitely not something I'd import into my country.
Well don't use your credit card. What else are they gonna get? There is nothing illegal about a wifi dev device and they aren't hiding anything. You can order it anywhere if you're willing to pay
