Flipper Zero’s Co-Founder Says the Hacking Tool Exposes the Poor Security of Large Technology Companies

0

Flipper Zero’s Co-Founder Says the Hacking Tool Exposes the Poor Security of Large Technology Companies.

In an exclusive interview, Flipper COO Alex Kulagin revealed that the company is developing additional modules to augment Flipper’s functionalities.

The Flipper Zero is arguably one of the most multifunctional and disputed keychain-sized devices ever introduced to the market. Multiple signal types can be scanned, received, transmitted, and imitated by the device.  It is capable of scanning NFC and RFID signals, which are utilized by a variety of commonplace products. It may emulate the frequency utilized by the ID card of your place of employment.

This $169 doohickey is practical for performing commonplace tasks such as penetrating security systems and opening garage doors.  The Canadian government has also levied accusations against it, claiming that it possesses the capability to duplicate vehicle key fobs and even disable iPhones through DDoS attacks. Apple resolved the issue, so the Flipper may have fulfilled its purpose as a testing instrument.

Alex Kulagin, co-founder and chief operating officer of Flipper, is well aware of the controversy surrounding the product but continues to view it as more than a device that would be useful for a Mr. Robot-style infiltrator.  As of this month, when Flipper releases its game controller add-on, Kulagin considers the Zero to be a Swiss army knife for the technologically inclined or extra-technical.

According to him, the Flipper Zero exposes global security systems that are built upon obsolete, substandard, and susceptible to hacking technology.  A big tech giant conducted an in-depth interview with Kulagin regarding Flipper’s intentions to broaden the scope of their flagship product beyond its Tamagotchi-sized body, as well as his aspirations to transcend the ongoing, far-reaching controversy that surrounds it.

Interviewer: So could you describe the Video Game Module and what it contributes to the Flipper Zero that is not already present?

Alex Kulagin: Because this is our first collaboration or partnership of this magnitude, we are extremely enthusiastic. Raspberry Pi is globally renowned. The Video Game Model incorporates amusement functionalities, which were somewhat absent on the Flipper. To begin with, video outputs enable the Flipper screen to be mirrored onto a larger television. It is extremely entertaining to observe. It’s peculiar that the Flipper’s display is so tiny. It resembles 640×480 in resolution, but it can be scaled up. Additionally, it is entertaining to watch on a massive 4K television. As a result, the Flipper enlarges significantly and becomes extremely pointed. The IMU is an integrated motion sensor that enables the angling of the device to initiate gameplay. One of the initial demo games developed for this platform is the highly entertaining Air Arkanoid.

Interviewer: Like a Wii controller?

AK: Yeah. Powered by the Raspberry Pi microcontroller constitutes the third major feature, which is by no means insignificant. It is capable of utilizing the pre-existing code and application library that was developed specifically for the Raspberry Pi Pico. The semiconductor is exceptionally potent and distinct in its characteristics. For instance, Python can be executed on it. The Flipper is typically limited to C [the programming language] execution, whereas Python is considerably more intuitive.

Interviewer: So the Flipper has the capability of connecting to TVs [via IR signals] and other Internet of Things technologies. However, does it support the casting of videos from a distinct device to another screen? Might you even consider projecting it onto the screens of Times Square?

AK: No, the cable connection is in fact a prerequisite for this. It resembles a DVI-D output, which is supported by many televisions. You never know, but I doubt you can accomplish anything in that area with this. Occasionally, members of the community manifest extraordinary abilities. Nonetheless, its primary purpose is entertainment, not espionage.

Interviewer: Gotcha. I see your point. That indirectly relates to the philosophy of your company. You develop this technology primarily for do-it-yourselfers; everyone else is simply assembling their own items. Where does one’s mind wander when devising an item such as this? How did something of this nature come to be assembled in the manner that it did?

AK: The flipper is a highly extensible object. Consequently, its essence encourages design. It is open source, it has every GPIO pin, and it ships with a multitude of pre-installed functionalities. Although this was by design, we intended to extend it further. Frequently, we require internal software and hardware for business purposes, or it’s simply enjoyable to do so. This notion of projecting the Flipper video onto an external monitor originated with one of our developers, as we desired to display the Flipper screen at the entrance to our office. They were accomplishing this with a Raspberry Pi Pico, and our testing demonstrated that it functions as intended. Therefore, we hacked into a few components to accomplish it. It then occurred to me that it might be possible to create a product from it. It is comparable to how we developed the WiFi development board that we sell, as our supplier was out of this debugging hardware due to a shortage of chips. As a result, we were required to develop our own hardware in order to debug and utilize it as a team.

Interviewer: How was your connection to Raspberry Pi established? Have you initiated contact with them or have you been conversing with them regarding a potential partnership for some time?

AK: It appears that they initiated contact with us initially. At some point, we initiated a conversation regarding potential collaborative endeavors. Because they previously purchased processors from other vendors but are now attempting to manufacture their own. In addition, it is a critical commercial sector for them. Therefore, we endeavored to identify a point of connection so that both their and our audiences could be satisfied with the products.

Interviewer: You are all in a fascinating location. Although the devices are lawful virtually everywhere, you’ve received criticism from individuals whose comprehension of the device and its functionality remains uncertain. What are your perspectives on the ongoing discourse surrounding the Flipper and its current applications, which include both “legitimate uses” and mere system penetration to demonstrate capability?

AK: It is critical to note that Flipper does not, in fact, represent state-of-the-art technological advancement. We incorporated every piece of technology, including access control technologies that we utilize on a daily basis, into a single device. However, it cannot possibly communicate with the vast majority of ultra-modern, cutting-edge technologies, correct? Similar to a contemporary automobile, the Flipper is incapable of performing any action involving that. I believe it is crucial to recognize that there are numerous objects in our surroundings that are extremely obsolete and worn out, something that few people give much thought to. Suppose you attempt to secure your door with the most secure key lock possible, but many individuals believe that a secure garage door is equally unnecessary; instead, they utilize a garage opening device from the twenty-first century. Although individuals fail to consider the possibility of hacking, they continue to utilize low-cost products lacking encryption despite the fact that these weaknesses have been documented for decades. Nothing novel is accomplished in this domain. However, user awareness regarding these devices is extremely minimal.

https://youtu.be/cLHaAhrlsxc?si=65fuIsEEsz2irSab

Know More About Flipper Zero With the Help of This Amazing Video

Interviewer: So, do you consider yourselves to be advocates for raising awareness regarding these matters?

AK: Flipper raises awareness that this is not secure; for instance, if a $100 toy can compromise something, perhaps it is older than it should be. Doing this is crucial for us. Presently, we observe that some vendors who sell NFC readers introduce new products with advertisements that are resistant to Flipper Zero. They utilize it for promotional purposes, which must be advantageous for us, correct? That indicates we have accomplished something positive. Our adherence to this philosophy is unwavering.

Interviewer: What happens to those who fail to utilize it as instructed? Multiple additional software versions are compatible with the Flipper Zero.

AK: We observe a great deal of activity that occurs on a device. We utilize both Discord and Reddit to monitor the situation. As it is alternative firmware that is also open-sourced, we observe its activity. And if we determine that an object is potentially too sensitive, we attempt to contain it. Comparable to sub-GHz frequencies and login credentials. Despite the fact that it is technically feasible to replay an extremely old and heavily hacked video, we do not permit users to do so; there is no replay icon. My analogy is whether it is comparable to a doorknob or a keylock. In the case of a doorknob, there is no encryption present. It is not hacking in the traditional sense; rather, it is drawing attention to the fact that your system is completely insecure.

Interviewer: I believe this stems from the simplistic conception of hacking held by some individuals, particularly considering that the vast majority of hacking consists of social engineering. At times, do you feel as though you are nearly obligated to inform the world about the technical meanings of these definitions?

AK: Many consumers purchase Flipper without sufficient knowledge. They think it’s interesting when they see a TikTok, but are perplexed when it opens a Tesla charging port or does something else peculiar; they wonder what this cyberpunk device is. After purchasing it, they respond, “Okay, what should I do with it?” Not established experts, but simply tech-curious individuals who have never worked with Raspberry Pi or Arduino components. However, these small tweaks enlighten them to the way in which it actually operates. We believe it is essential to inform the public about the hazards and mechanisms of action of this substance. There are numerous individuals who possess considerably more advanced technological devices. Amazon carries far more capable products [Flipper has been prohibited from the site]. It does not appear to us to be increasing risk. We consider that by informing many individuals that their products have defects, we are reducing the risk for them.

Interviewer: As a society, will there ever come a time when our technical proficiency matches our technical knowledge?

AK: With sufficient publicity, I believe. Prior to 2015, there was little concern for data privacy. We were merely posting content to Facebook without considering the subsequent consequences. In the past eight years, it has emerged as a subject of considerable discussion. Currently, everyone is concerned with privacy, trackers, and everything else. It has become so popular because the media is discussing it so frequently, and Flipper also influences the media to discuss these topics. Consider the Apple DDoS incident. It had been available for a considerable duration and was compatible with numerous devices; however, Flipper rendered it more widely usable, sparked discourse, and compelled Apple to rectify the issue, which is for the best. One is unable to attain optimal awareness. Complete awareness is unattainable; however, it is conceivable that we might retain a rudimentary degree of it.

Interviewer: What are your future plans? Do you intend to continue adding modules to the Flipper in order to increase its functionality?

AK: Regarding models, we are currently developing a number of them. It will be unremarkable in comparison to other products released this year, even less significant than [the Video Game Module]. However, there are some crucial technologies that we have always intended to implement on paper but have yet to acquire the corresponding tangible hardware. Ultimately, we intend to create a market for it. No limitations were placed on the production and sale of custom modules. Our aspiration is to emulate the Arduino market, characterized by an extensive variety of models available for purchase from various vendors. Demonstrating one’s capabilities is the overarching aim. However, we shall see after a few additional modules are released. We are also focused on developing novel devices that were not developed using Flipper Zero.

Interviewer: Could you possibly offer some insight into your intentions regarding forthcoming devices other than Flipper?

AK: Yup, not exactly, not at this time. We will inform you, in the future.

About The Author:

Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space.  Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM.  Naager entered the field of content in an unusual way.  He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts.  He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field.  In the bottom line, he frequently writes for Craw Security.

READ MORE ARTICLE HERE

 

Meta Elaborates Coordination between WhatsApp and Messenger to Comply with EU DMA Regulations

Microsoft Validates Russian Hackers Obtained Customer Secrets and Source Code.

A Sextortion Trap Costs A 71-Year-Old Delhi Doctor ₹8.6 Lakhs, 2 Arrested

 

About Author

Leave a Reply

Your email address will not be published. Required fields are marked *

en_USEnglish
Open chat
Hello
Can we help you?