The makers of the [1]Flipper Zero are launching a campaign to fight
  Canada’s decision to ban the device for allegedly fueling car thefts in
  the country.

  The London-based Flipper Devices today announced an [2]online petition
  to “stop the absurd ban," and instead organize a new commission filled
  with technical experts to study the car theft problem.

  “Flipper Zero is not a tool for stealing cars since it lacks technical
  capabilities required to steal any modern vehicle, and there is simply
  no evidence to support this claim,” Flipper Devices CEO Pavlo Zhovner
  says in the petition. “We urge all security researchers, pentesters,
  and electronics enthusiasts —to sign this petition today!”
  Flipper Devices cartoon about the ban

  (Credit: Flipper Devices)

  The company started the petition a month after Canada announced it
  would pursue “all avenues [3]to ban devices used to steal vehicles,”
  including the Flipper Zero. The country is targeting the device because
  it can technically detect and copy wireless signals from a car’s key
  fob.

  But in a [4]blog post about the petition, Flipper Devices says the ban
  is flawed since radio signals can be captured through a variety of
  basic electronics, including a PC’s microphone input. “To protect
  against the interception of radio signals, it would be necessary to ban
  all electronics, including headphones, which is unrealistic,” the
  company wrote.

  It’s true that a $169 Flipper Zero can record and copy the wireless
  signal from a key fob. But the company says simply replaying the
  wireless signal isn’t enough to unlock a car. That’s because modern
  cars built over the past two decades rely on ever-changing “rolling
  codes,” instead of fixed codes,” to unlock a vehicle.
  How rolling codes work

  (Credit: Flipper Devices)

  "​This means that whenever the user presses a button on a remote, it
  generates a unique code based on a sequence known only by the access
  control system. Simply capturing a signal and replaying it wouldn't
  provide access since this set of numbers has already been used,” the
  company says.

  Still, security researchers have [5]developed a way to bypass the
  rolling codes through what's called a "[6]Rollback" attack. This
  involves capturing consecutive radio signals from a key fob. But even
  so, unlocking the car won't start the vehicle's engine.

  According to Flipper Devices, the real culprit behind car thefts is the
  use of “radio repeaters,” which can receive and then retransmit the
  wireless signal. These devices usually cost thousands of dollars and
  can be used to extend the radio range of a key fob while an owner is
  sleeping at home.

Recommended by Our Editors

  “Thieves work in pairs and use radio repeaters to trick the car into
  believing the key fob is nearby when it's actually inside the victim's
  house,” the company added. A car built with a keyless entry system will
  then automatically unlock its doors and start the engine, thinking the
  key fob is nearby. In contrast, the Flipper Zero has no such repeater
  function.
  How repeaters work

  (Credit: Flipper Devices)

  “Flipper Zero is equipped with only one sub-1 GHz radio module, while
  keyless repeaters have 4 radio modules: one for communication with the
  car, another one for communication with the key fob, and two for
  communication between the repeaters,” Flipper Devices says.

  The company adds that a Flipper Zero ban would also do nothing to
  require car makers to improve their keyless entry systems. “Instead of
  banning cybersecurity tools capable of finding vulnerabilities in
  security systems, these vulnerabilities must be fixed,” Flipper Devices
  says.

  The Canadian government didn’t immediately respond to a request for
  comment. But last month, authorities told PCMag they plan on
  “finalizing an action plan that will be released this winter” to combat
  the car thefts.

  CES 2024: I got to demo a self-driving car — and it actually wasn't
  terrifying

  PCMag Logo CES 2024: I got to demo a self-driving car — and it actually
  wasn't terrifying

Like What You're Reading?

  Sign up for SecurityWatch newsletter for our top privacy and security
  stories delivered right to your inbox.

  This newsletter may contain advertising, deals, or affiliate links.
  Subscribing to a newsletter indicates your consent to our [7]Terms of
  Use and [8]Privacy Policy. You may unsubscribe from the newsletters at
  any time.

References

  1. https://www.pcmag.com/news/first-look-flipper-zero-app-store
  2. https://www.change.org/p/stop-the-absurd-ban-of-flipper-zero-in-canada?ref=blog.flipper.net
  3. https://www.pcmag.com/news/canada-to-ban-flipper-zero-devices-over-car-thefts
  4. https://blog.flipper.net/response-to-canadian-government/
  5. https://archive.is/8le8p
  6. https://www.youtube.com/watch?v=auPtxnbly4s
  7. http://www.ziffdavis.com/terms-of-use
  8. https://www.ziffdavis.com/ztg-privacy-policy

You are viewing proxied material from 1436.ninja. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.