| ▲ | The future of Flipper Zero development(blog.flipper.net) |
| 191 points by croes 5 hours ago | 49 comments |
| |
|
| ▲ | JacobAsmuth 2 hours ago | parent | next [-] |
| Why does their header image feature multiple furries, one at each station? One making a feature request, another presumably approving a pull request, and a third ostensibly submitting an app? Is the Flipper Zero community tightly intertwined with the furry community? Is this a connection I've missed? |
| |
| ▲ | dimbletimbers 2 hours ago | parent | next [-] | | It’s definitely a meme if nothing else that the cybersecurity community has a distribution of furries that would not reflect the general population’s. | | |
| ▲ | nicce an hour ago | parent | next [-] | | There is even a saying that furries run the internet. | |
| ▲ | rebolek an hour ago | parent | prev [-] | | Is there some study to explain why? Do they feel more safer pretending to be human sized...furry animal? | | |
| ▲ | kstrauser an hour ago | parent [-] | | My hypothesis, based purely on personal experience and what friends have told me. I am not a furry. I feel like infosec was one of the earliest "no one cares who you are if you have skills" user groups. Online, you were just a handle. Man, woman, both, neither, no one knew until if/when you met up IRL. Until then, all you had was your reputation. I think that led to people having a pretty good idea about the attitudes of people they were talking to online, staying away from people who were going to be jerks about identity or pastimes, and a lot of conversations like "General Mayhem is weird, but he's our weird, so no one mentions that fox tail he wears everywhere." Over time, that was a positive feedback loop: people who weren't cookiecutter felt safer around infosec folks than most other crowds. => That increased the "weird density" of infosec meetups. => People who don't like being around uncommon appearance or behavior stayed away from infosec meetups. => Those meets became safer for uncommon folks. => Repeat. I don't know if that's right, but again, that's what friends have expressed to me before. It seems plausible. Note: When I say weird, I mean it affectionately. I've never met anyone in infosec who didn't have some quirk not far below the surface. Frankly, I love that. And because of that, and the virtuous cycle I described, I've never had one single person in infosec confess to me that they weren't OK with gay or trans or furries or other type of behavior/identity/etc. I'm a straight white middle class dude, and unfortunately I have had people confess such things to me in other circles, mistakenly assuming that since I was in their demographic, I'd agree with them or at least be OK with it. | | |
| ▲ | cybrexalpha 34 minutes ago | parent [-] | | The visibility is a huge part of it. It signals "it's okay to be yourself here" when most professional life, even in tech, is dominated by keeping up "professional" appearances. | | |
| ▲ | kstrauser 6 minutes ago | parent [-] | | That makes sense. And I do strongly believe in the "virtuous circle" bit: people who aren't OK with others being themselves tend not to feel comfortable at, or get invited back to, events. That would make it more comfortable for the next event's attendees, making it less pleasant for the remaining pains in the necks, and so on. I've participated in conversations like: Q: Why do rightwing websites keep getting hacked? A: Because none of the best infosec people want to work where their friends wouldn't be welcome. |
|
|
|
| |
| ▲ | quietsegfault an hour ago | parent | prev | next [-] | | Cause they like animals or the art style? | |
| ▲ | mplewis an hour ago | parent | prev | next [-] | | Yep! Furries are represented strongly in cybersecurity. | |
| ▲ | iririririr an hour ago | parent | prev | next [-] | | what does it matter to you? honest question. would that impact your technical assessment somehow? do you just want in on some probable joke? | |
| ▲ | dude250711 an hour ago | parent | prev [-] | | > Is the Flipper Zero community tightly intertwined with the furry community? That is my conclusion. They are raising much-needed awareness about that underrepresented group. | | |
| ▲ | doublerabbit 7 minutes ago | parent [-] | | Oh right, i'm flagged for speaking my truth. Typical. > > underrepresented group.
They've existed since the 80's. Usenet, alt.cult.furries or alt.cult.otherkin and they dig their own holes. It's not a pleasant fandom as they make out to be. Excuse my anger but as a Ex-fursuiter, ex-furmeet host, ex-furry who wishes they would just exist off the internet. I was groomed by folks in the fandom when I was 21. Passed around. It took me eight years to discover I was, and it wasn't until an OD of drugs that finally realised I was in a cult. But hey, they told me they were my friends. Convinced me that the outside was against me and my only hope was within the fandom. My vendetta is real. They backstab, they manipulate, they use. The drama is a out of the world. Low hanging fruit and a safe haven for pedophiles. Baby furs, cub furs, diaper furs make me sick and yet known it's all accepted. |
|
|
|
| ▲ | stevage 26 minutes ago | parent | prev | next [-] |
| It's slightly funny that the post says firmly that they aren't doing any form of real time engagement with the community anymore, then ends by announcing an AMA date and time. |
|
| ▲ | yjftsjthsd-h 4 hours ago | parent | prev | next [-] |
| > TL;DR: We've allocated resources to maintain Flipper Zero firmware and support community contributions. Is that the tldr? It sure sounds like it's still on minimal life support. |
| |
| ▲ | hdgr 3 hours ago | parent | next [-] | | It is. As the article says, all development goals for FZ had been achieved and even overachieved - providing solid and feature-rich firmware, powerful SDK and developer tools. With that and development shift towards new products, updates to core firmare became infrequent - and we tried to address that. Src: I'm one of the developers behind Flipper Zero. | |
| ▲ | jagged-chisel 2 hours ago | parent | prev [-] | | Why can't something be "done"? | | |
| ▲ | bigiain 2 minutes ago | parent | next [-] | | Especially since, as that article describes, the "firmware" has a much more limited scope that it used to, now being mostly a loader for app rather that providing user functions. Worrying about firmware development resources for a Flipper Zero seems a bit like concentrating on your bios instead of ongoing updates to Linux and the applications you use. Yeah, it's important, but it's probably exceedingly rare for the firmware here to need to change much. | |
| ▲ | busymom0 2 hours ago | parent | prev [-] | | Was just reading something along those lines: https://infosec.exchange/@millie/115719943870742405 > We need to normalize declaring software as finished. Not everything needs continuous updates to function. In fact, a minority of software needs this. Most software works as it is written. The code does not run out of date. I want more projects that are actually just finished, without the need to be continuously mutated and complexified ad infinitum. |
|
|
|
| ▲ | nekusar 3 hours ago | parent | prev | next [-] |
| Yeah whatever. I abandoned the "official crap" when they purged legit pentesting tools and silenced loads others. Momentum and extreme were so much better, and didn't play stupid games. They included everything. And if you mention ANY of the alternate firmwares on their discord, and you get banned. Just fuck'em. They may have created good hardware, but their software and discord community just sucked. |
| |
| ▲ | rufo 2 hours ago | parent | next [-] | | Given they’ve had several skirmishes with customs and law enforcement agencies around the world, this always struck me as similar to the “don’t talk about installing retail Switch games on the Switch modding Discord” type of deal - everyone knows you can do that, but allowing mentions in official channels opens us to liability and causes nothing but headaches for both us and for customers, so if you’re going to do that, you need to talk about it somewhere else. I freely admit that’s an assumption on my part, though, and I don’t know if there’s something uglier there…? | | |
| ▲ | nekusar 2 hours ago | parent [-] | | Its one thing to have a skid come in going "I wanna hack the RFID on the gubbmints's doors how can i do that?" Versus "we forked the firmware to include a wide range of pentesting tools" And then get banned for even saying the alternate firmware. And seriously, this little thing is a wonderful hacker multitool. You can seriously fuck shit up with the hardware they included. For fucks sake, thats WHY they created it. | | |
| ▲ | pocksuppet an hour ago | parent [-] | | That's how you have to be on Discord, or else your guild gets banned from Discord. I wish we weren't using this crap. On IRC, sometimes you had to deal with cranky netops, but they mostly left you alone. |
|
| |
| ▲ | hananova 3 hours ago | parent | prev | next [-] | | What is the current go-to unofficial firmware? Mine had extreme but I think that one’s dead? | | | |
| ▲ | 15155 2 hours ago | parent | prev | next [-] | | > mention ANY of the alternate firmwares on their discord, and you get banned Does it surprise you that a Russian product team would use these tactics? | | | |
| ▲ | gear54rus 2 hours ago | parent | prev | next [-] | | I can understand why that happened at least remotely. If you do all those things they refused 'officially', it might be easier for stupid government idiots to paint it as a dangerous illegal tool. Adding the necessary hardware while refusing to support arbitrarily iLLegAl things is the best of both worlds. | | |
| ▲ | hdgr 2 hours ago | parent [-] | | This. Many legit, but questionable features blown out of proportion already caused many issues with regulators who just don't want to get into details, but just delist from sales/ban the device. And once you start talking about "jamming" and other 1337 h4x0r stuff - which is straight up illegal and can get you into trouble - on official platforms, don't get offended when that gets removed. | | |
| ▲ | nekusar 2 hours ago | parent [-] | | Sure. I get why you don't want the skids jamming. But hell, it is still in your github commit history. Your all historical work was that of a attacking hacker toolkit. Jamming proves that. Now, that absolutely does NOT excuse Adkins on the discord from people asking how to get the PSK for garage door openers, and emulating the buttons. And especially since it was being asked by owners of said doors. But you banned people with legitimate and legal uses too. Good riddance to you all. I've stayed with 3rd party and steered others towards better actors than yourselves. |
|
| |
| ▲ | arkits 2 hours ago | parent | prev [-] | | are there any chinese knock offs of the hardware? i've yet to find something that integrates all the features this well |
|
|
| ▲ | natbennett 5 hours ago | parent | prev | next [-] |
| Flipper Zero is one of the handiest little pieces of tech I’ve ever owned. Being able to copy RFID keys is occasionally fantastically useful. |
| |
| ▲ | mikepurvis 2 hours ago | parent | next [-] | | Is... that possible? I thought the whole point is that those were a challenge-response specifically to avoid ever them disclosing over the air the material necessary to impersonate one. | | |
| ▲ | Rebelgecko 11 minutes ago | parent | next [-] | | Many RFID cards are literally just an ID number, and will happily allow you to copy that number to your own RFID card (look up "blue cloner guns", although they have their own downsides). Basically just security through obscurity. Cards that do fancy crypto stuff exist, but odds are your workplace badge, apartment fob, or hotel room key is the simple kind (because those are cheaper) | |
| ▲ | Larrikin 8 minutes ago | parent | prev | next [-] | | In my old apartment I was able to copy my fob from my apartment office. In my new one I had to record the interaction with the door and was then able to open the door | |
| ▲ | jchulce 2 hours ago | parent | prev | next [-] | | Keyfobs absolutely should use a secure challenge-response protocol in order to prevent cloning. Unfortunately, it's extremely common for RFID devices to simply use the tag ID which is trivially cloneable. Many of the systems that make some attempt at security still fail by using a broken protocol or a flawed implementation. | |
| ▲ | GuB-42 an hour ago | parent | prev | next [-] | | Some cards don't have any form of security. For example Konami "e-amusement" cards are just an ID number, which is also written on the back of the card. It is a username so to speak, the password is the PIN you enter when you start the game. Some cards use some kind of challenge-response but are weak and are easily crackable. Some cards have an anti-copy protection based on rolling codes, be careful with these. The idea is that when you use it to, say, open a door, the card sends a code to the reader and if correct, that code is burned and the reader replies with the next code, which is stored in the card for the next time, making every other copy (possibly including the original) unusable. If the card emulator doesn't store the rolling code, you are completely locked out. Some cards have a proper challenge-response mechanism that works and can't be easily copied. | |
| ▲ | natbennett 2 hours ago | parent | prev | next [-] | | Oh yeah that’s how you’re supposed to do it. But it’s entirely possible to set up a system that uses RFID key fobs that uh, doesn’t. In the case where it was most useful to make copies they did eventually replace the system with one where the keys weren’t copy able. Which was better! | |
| ▲ | givc 2 hours ago | parent | prev | next [-] | | I don’t know a whole lot about RFID, but some of the most basic cards can be copied very easily. When scanned, the reader always reads the same bits. I believe there are some more secure cards, like Mifare DESFire EV3 that do provide some security. You’d be shocked how insecure most RFID readers for security cards are. | |
| ▲ | p_l 2 hours ago | parent | prev | next [-] | | RFID keys vary from utterly dumb ID-based, to hackable challenge-response, to actual NFC smartcard (very rare). Some of that can be trivially cloned. | |
| ▲ | aarjaneiro 2 hours ago | parent | prev | next [-] | | Most dont :) | |
| ▲ | fragmede 2 hours ago | parent | prev [-] | | Depends on where you are. Newer systems are resistant to attack, but not everywhere has upgraded to newer systems. |
| |
| ▲ | gonzalohm 2 hours ago | parent | prev [-] | | Is this something you do often? I could see a few use cases and also for copying garage keys. But I don't think I would use it enough to justify the investment | | |
| ▲ | gopalv 2 hours ago | parent | next [-] | | > I don't think I would use it enough to justify the investment This is not a rational purchase - most of the rule breaking done with the zero is for fun or convenience, rather than being truly illegal. It used to be more fun before the hotels started handing out NFC unlocks with your phone. Still, being able to send each other a key for a hotel room on Signal is a nice trick if you are traveling with a sufficiently tech savvy group of people. | |
| ▲ | HDBaseT an hour ago | parent | prev | next [-] | | You can't even clone you garage door opener key anyway. Flipper Zero and its clones have always been pseudohacker nonsense. Fun little party trick I suppose. | |
| ▲ | natbennett 2 hours ago | parent | prev [-] | | Nope! Only occasionally. But it’s handy on those occasions. |
|
|
|
| ▲ | drunken_thor 4 hours ago | parent | prev | next [-] |
| What a great tool and community they have built. I find my flipper0 is like a computer Swiss Army knife. It’s so fun to carry around a tool of my own trade. |
|
| ▲ | ughitsaaron 3 hours ago | parent | prev [-] |
| I get ads for this all the time but still have no idea what I could do with it. |
| |
| ▲ | devmor 3 hours ago | parent | next [-] | | Anything you might want to do with a radio or IR device but don’t have specialized hardware for. It’s kind of a swiss knife/leatherman tool for short range communications standards. | |
| ▲ | quietsegfault 43 minutes ago | parent | prev [-] | | I use mine mostly as a universal IR remote. |
|