Futaba _ Webs 🕸🕸🎃🕸🕸

🎃 Totsugeki

Premise 🕸🕸🎃🕸🕸

It’s no speculation that a lot of the news surrounding it lately was going to lead to its inevitable ban in the U.S. The tool is so popular in regards to what it’s being used for, that it could potentially be banned on a global scale, as it’s also in the process of being banned in places like Canada that also see it as a threat.

For those that don’t know, the Flipper Zero Tamagotchi is being used for motor vehicle car theft. The tool is so seamless and easy to use that even people that don’t understand anything about hacking could pull it off, hence its ban being set into motion. But… What if I told you it’s pointless to ban it?

I want to talk about why it’s pointless to ban the Flipper Zero, as well as some basic things that could be done to prevent motor vehicle car theft with it, as well as other methods similar to it.

I also want to talk about how Cyber Security is a game of chess, and how it is meant to be played to deter Cyber threats.

What is the Flipper Zero? 🕸🕸🎃🕸🕸

The Flipper Zero Tamagotchi is a multi functioning tool that is able to intercept, clone, and replay various data communication methods specifically tailored to Radio/RF and RFID/NFC. This allows it to clone any form of authentication credentials that might pertain to the end user, allowing a threat actor to bypass security and access the system.

In simpler terms, it’s able to clone the unique signature and data that is exchanged via remote control, such as a automobile car remote that unlocks the car door for you, or via RFID/NFC device tap, which exchanges data when you tap things like your ID badge to access a control room for example. It can even be simpler things like the NFC chips that are installed on our debit/credit cards, or our phones when we “tap” it to make purchases on a regular basis or access various facilities like storage units. An attacker could use this to: break into your car, purchase things on your behalf, access control systems and authenticate as if they were you, and a lot more. The list goes on!

This technique is also what is known as a Replay Attack, which is commonly used to intercept crypto keys in order to perform a Wrapping Attack that allows an attacker to man in the middle and change the overall contents of the data that is being exchanged as if they were the original sender, while using the key to peek and do so each time.

If you ban the Flipper Zero then you have to ban every hacking tool that exists

There are a ton of hacking tools on the market, even ones from Hack5 that also can do what the Flipper Zero does. To ban the Flipper Zero, means to ban all these tools as well.

Take For example the HackRF One which can also analyze RF frequencies for various purposes like the Flipper Zero and imitate them. It’s been around long before the Flipper Zero was ever made and it has yet to be banned. The only difference between the two, is that one is more accessible than the other. If that’s the case, then we need to upgrade our security so silly stuff like this DOESN’T happen. Rule of thumb, IF A SCRIPT KIDDIE CAN PWN IT, IT’S A PROBLEM!

Besides, it’s easy to make your own Flipper Zero if you're skilled enough to do so. You can even name it whatever you want and bypass the ban. The Flipper Zero isn’t anything we haven’t seen before, it’s just cute and popular!

It’s not the Flipper Zero, It’s our lack of Security 🕸🕸🎃🕸🕸

The problem isn't the Flipper Zero, it’s our lack of proper understanding of security practices that can be used to effectively neutralize the threat.

It’s no shocker that the implementation of Cyber Security practices are just now becoming a standard, with legal aspects cracking down HARD and punishing infrastructures for not implementing it, via fines and other means. This is because we are moving closer and closer to a more digital landscape where everything is connected, which is good news for hackers, since it extends the scope and range of what they can target now more than ever.

Security has been one of the many things ignored for far too long. It’s the main reason why we have so many security breaches. Most systems, even basic stuff like web applications, don’t factor security in terms of overall design. It’s our job to ensure that anything and everything is properly secured regardless of what format said technology comes from. This also includes automobiles, which is the main topic for today since it relates to the Flipper Zero Tamagotchi.

The problem now is that we are just now catching up, while hackers have already done their homework and pretty much can stay ahead of the game. We need to do the same!