Back to News
Advertisement
Advertisement

⚡ Community Insights

Discussion Sentiment

52% Positive

Analyzed from 2281 words in the discussion.

Trending Topics

#don#rfid#firmware#flipper#community#cards#why#furries#zero#furry

Discussion (76 Comments)Read Original on HackerNews

JacobAsmuthabout 2 hours ago
Why does their header image feature multiple furries, one at each station? One making a feature request, another presumably approving a pull request, and a third ostensibly submitting an app?

Is the Flipper Zero community tightly intertwined with the furry community? Is this a connection I've missed?

dimbletimbersabout 2 hours ago
It’s definitely a meme if nothing else that the cybersecurity community has a distribution of furries that would not reflect the general population’s.
nicceabout 2 hours ago
There is even a saying that furries run the internet.
rebolekabout 2 hours ago
Is there some study to explain why? Do they feel more safer pretending to be human sized...furry animal?
Gigachad16 minutes ago
I don't have a study, but I became a furry after seeing them in tech spaces all the time while I was learning to program.
kstrauserabout 2 hours ago
My hypothesis, based purely on personal experience and what friends have told me. I am not a furry.

I feel like infosec was one of the earliest "no one cares who you are if you have skills" user groups. Online, you were just a handle. Man, woman, both, neither, no one knew until if/when you met up IRL. Until then, all you had was your reputation. I think that led to people having a pretty good idea about the attitudes of people they were talking to online, staying away from people who were going to be jerks about identity or pastimes, and a lot of conversations like "General Mayhem is weird, but he's our weird, so no one mentions that fox tail he wears everywhere."

Over time, that was a positive feedback loop: people who weren't cookiecutter felt safer around infosec folks than most other crowds. => That increased the "weird density" of infosec meetups. => People who don't like being around uncommon appearance or behavior stayed away from infosec meetups. => Those meets became safer for uncommon folks. => Repeat.

I don't know if that's right, but again, that's what friends have expressed to me before. It seems plausible.

Note: When I say weird, I mean it affectionately. I've never met anyone in infosec who didn't have some quirk not far below the surface. Frankly, I love that. And because of that, and the virtuous circle I described, I've never had one single person in infosec confess to me that they weren't OK with gay or trans or furries or other type of behavior/identity/etc. I'm a straight white middle class dude, and unfortunately I have had people confess such things to me in other circles, mistakenly assuming that since I was in their demographic, I'd agree with them or at least be OK with it.

post-it24 minutes ago
Closest they can get to piloting a mech.
greggsyabout 1 hour ago
Why would we need a study? It’s just escapism.
Retr0id15 minutes ago
Why not? The flipper mascot is already an anthropomorphic dolphin.
mplewisabout 2 hours ago
Yep! Furries are represented strongly in cybersecurity.
ButlerianJihad33 minutes ago
BSD has always been the gayest OS, though
quietsegfaultabout 2 hours ago
Cause they like animals or the art style?
UqWBcuFx6NV4r39 minutes ago
OK, so they’re furries.

I love animals. I’ve never once thought: “these humans in this picture should be replaced with anthropomorphised animals”.

This is peak “I read it for the articles”.

iririririrabout 2 hours ago
what does it matter to you? honest question. would that impact your technical assessment somehow? do you just want in on some probable joke?
UqWBcuFx6NV4r35 minutes ago
Hi. Last I checked, one of the Hacker News rules isn’t “only have serious discussions regarding technical assessments. Failure to comply hereby entitles random people to fly off the handle and get very defensive”.
hoselabout 2 hours ago
Not OP, but I think furries are weird. You can do whatever you want, but I’ve never met a furry I liked. They also insert their weird fetish into everything they touch.
CursedSiliconabout 1 hour ago
Ah, the "I don't hate the gays I just wish they'd keep that at home!"
koolalaabout 2 hours ago
If you share biggoted opinions when people didn't ask you, you don't seem very likable so it might specifically be a you thing.
mplewisabout 2 hours ago
I guarantee you've met a furry and not known it.
dude250711about 2 hours ago
> Is the Flipper Zero community tightly intertwined with the furry community?

That is my conclusion. They are raising much-needed awareness about that underrepresented group.

doublerabbitabout 1 hour ago
Oh right, i'm flagged for speaking my truth. Typical.

> > underrepresented group. They've existed since the 80's. Usenet, alt.cult.furries or alt.cult.otherkin and they dig their own holes. It's not a pleasant fandom as they make out to be.

Excuse my anger but as a Ex-fursuiter, ex-furmeet host, ex-furry who wishes they would just exist off the internet. I was groomed by folks in the fandom when I was 21. Passed around. It took me eight years and recovery from a psychosis due to a OD of drugs that I finally realised I was in a cult.

But hey, they told me they were my friends. Convinced me that the outside was against me and my only hope was within the fandom. It was okay to act like I was, it was them who didn't understand. My vendetta is real.

They backstab, they manipulate, they use. The drama is out of the world. Low hanging fruit and a safe haven for pedophiles. Baby furs, cub furs, diaper furs all make me sick and yet known it's all accepted.

It's a lost cause at this point. I speak out about it because no one else will. If it works for you, fine. But don't you dare tell me it's a fantastical place or an "under represented" community.

They sow their own seeds of disgust and hate.

stevageabout 1 hour ago
It's slightly funny that the post says firmly that they aren't doing any form of real time engagement with the community anymore, then ends by announcing an AMA date and time.
yjftsjthsd-habout 5 hours ago
> TL;DR: We've allocated resources to maintain Flipper Zero firmware and support community contributions.

Is that the tldr? It sure sounds like it's still on minimal life support.

hdgrabout 4 hours ago
It is. As the article says, all development goals for FZ had been achieved and even overachieved - providing solid and feature-rich firmware, powerful SDK and developer tools. With that and development shift towards new products, updates to core firmare became infrequent - and we tried to address that.

Src: I'm one of the developers behind Flipper Zero.

jagged-chiselabout 3 hours ago
Why can't something be "done"?
bigiainabout 1 hour ago
Especially since, as that article describes, the "firmware" has a much more limited scope that it used to, now being mostly a loader for app rather that providing user functions.

Worrying about firmware development resources for a Flipper Zero seems a bit like concentrating on your bios instead of ongoing updates to Linux and the applications you use. Yeah, it's important, but it's probably exceedingly rare for the firmware here to need to change much.

busymom0about 3 hours ago
Was just reading something along those lines:

https://infosec.exchange/@millie/115719943870742405

> We need to normalize declaring software as finished. Not everything needs continuous updates to function. In fact, a minority of software needs this. Most software works as it is written. The code does not run out of date. I want more projects that are actually just finished, without the need to be continuously mutated and complexified ad infinitum.

ActorNightly30 minutes ago
Why would you need any support for things that are fully open source and flashable yourself?

Most everyone who has a flipper runs something like Unleashed firmware, and most of the functionality is in the apps that people built, not in the actual firmware.

nekusarabout 3 hours ago
Yeah whatever. I abandoned the "official crap" when they purged legit pentesting tools and silenced loads others. Momentum and extreme were so much better, and didn't play stupid games. They included everything.

And if you mention ANY of the alternate firmwares on their discord, and you get banned. Just fuck'em.

They may have created good hardware, but their software and discord community just sucked.

rufoabout 3 hours ago
Given they’ve had several skirmishes with customs and law enforcement agencies around the world, this always struck me as similar to the “don’t talk about installing retail Switch games on the Switch modding Discord” type of deal - everyone knows you can do that, but allowing mentions in official channels opens us to liability and causes nothing but headaches for both us and for customers, so if you’re going to do that, you need to talk about it somewhere else. I freely admit that’s an assumption on my part, though, and I don’t know if there’s something uglier there…?
nekusarabout 3 hours ago
Its one thing to have a skid come in going "I wanna hack the RFID on the gubbmints's doors how can i do that?"

Versus "we forked the firmware to include a wide range of pentesting tools"

And then get banned for even saying the alternate firmware.

And seriously, this little thing is a wonderful hacker multitool. You can seriously fuck shit up with the hardware they included. For fucks sake, thats WHY they created it.

UqWBcuFx6NV4r32 minutes ago
Absolutely nothing you said refutes anything in the comment you’re replying to. You are just reiterating “I’m angry and this is stupid”. Go write in your journal or something. It’s impossible to engage with someone who isn’t engaging themselves.
pocksuppetabout 2 hours ago
That's how you have to be on Discord, or else your guild gets banned from Discord. I wish we weren't using this crap. On IRC, sometimes you had to deal with cranky netops, but they mostly left you alone.
bigiainabout 1 hour ago
Any advice on good communities or sources of (reliable) information on alternative firmwares and pen testing type tools?
ButlerianJihad26 minutes ago
“Furries Forking Flipper Firmware” sounds like a promising and/or true and/or Garden-Path headline
hananovaabout 3 hours ago
What is the current go-to unofficial firmware? Mine had extreme but I think that one’s dead?
nekusarabout 3 hours ago
I'm currently using https://momentum-fw.dev/

Works well, and compiling modules like the epaper hacker tool is easy.

https://github.com/i12bp8/TagTinker

gear54rusabout 3 hours ago
I can understand why that happened at least remotely. If you do all those things they refused 'officially', it might be easier for stupid government idiots to paint it as a dangerous illegal tool.

Adding the necessary hardware while refusing to support arbitrarily iLLegAl things is the best of both worlds.

hdgrabout 3 hours ago
This. Many legit, but questionable features blown out of proportion already caused many issues with regulators who just don't want to get into details, but just delist from sales/ban the device.

And once you start talking about "jamming" and other 1337 h4x0r stuff - which is straight up illegal and can get you into trouble - on official platforms, don't get offended when that gets removed.

nekusarabout 3 hours ago
Sure. I get why you don't want the skids jamming. But hell, it is still in your github commit history. Your all historical work was that of a attacking hacker toolkit. Jamming proves that.

Now, that absolutely does NOT excuse Adkins on the discord from people asking how to get the PSK for garage door openers, and emulating the buttons. And especially since it was being asked by owners of said doors.

But you banned people with legitimate and legal uses too.

Good riddance to you all. I've stayed with 3rd party and steered others towards better actors than yourselves.

15155about 3 hours ago
> mention ANY of the alternate firmwares on their discord, and you get banned

Does it surprise you that a Russian product team would use these tactics?

nekusarabout 2 hours ago
Nyet.
arkitsabout 3 hours ago
are there any chinese knock offs of the hardware? i've yet to find something that integrates all the features this well
natbennettabout 6 hours ago
Flipper Zero is one of the handiest little pieces of tech I’ve ever owned. Being able to copy RFID keys is occasionally fantastically useful.
mikepurvisabout 3 hours ago
Is... that possible? I thought the whole point is that those were a challenge-response specifically to avoid ever them disclosing over the air the material necessary to impersonate one.
Aachen35 minutes ago
You're thinking of NFC, not RFID, and with NFC the owner might not have changed the default keys.

It's a common mix-up (people barely differentiate between the terms anymore, though I'm surprised nobody in 2 hours mentioned it yet), basically RFID is (historically) an ID; a username. Like an ID field in a database. NFC is near-field communication: bidirectional. It does challenge-response and typically runs on hardened chips. But yeah people will call NFC chips RFID and RFID chips NFC all the time. Both are waterproof devices doing radio transmissions on wireless power and you can't tell them apart without using some equipment to try and read the chip type (even if most phones can do that nowadays), so I can understand the terminology generalisation

DaSHacka13 minutes ago
Even that process can be flawed, see: Crypto1 and all the shenanigans that followed.

Recent UL-C/AES disclosure too IIRC

jchulceabout 3 hours ago
Keyfobs absolutely should use a secure challenge-response protocol in order to prevent cloning. Unfortunately, it's extremely common for RFID devices to simply use the tag ID which is trivially cloneable. Many of the systems that make some attempt at security still fail by using a broken protocol or a flawed implementation.
Rebelgeckoabout 1 hour ago
Many RFID cards are literally just an ID number, and will happily allow you to copy that number to your own RFID card (look up "blue cloner guns", although they have their own downsides). Basically just security through obscurity. Cards that do fancy crypto stuff exist, but odds are your workplace badge, apartment fob, or hotel room key is the simple kind (because those are cheaper)
GuB-42about 2 hours ago
Some cards don't have any form of security. For example Konami "e-amusement" cards are just an ID number, which is also written on the back of the card. It is a username so to speak, the password is the PIN you enter when you start the game.

Some cards use some kind of challenge-response but are weak and are easily crackable.

Some cards have an anti-copy protection based on rolling codes, be careful with these. The idea is that when you use it to, say, open a door, the card sends a code to the reader and if correct, that code is burned and the reader replies with the next code, which is stored in the card for the next time, making every other copy (possibly including the original) unusable. If the card emulator doesn't store the rolling code, you are completely locked out.

Some cards have a proper challenge-response mechanism that works and can't be easily copied.

Larrikinabout 1 hour ago
In my old apartment I was able to copy my fob from my apartment office. In my new one I had to record the interaction with the door and was then able to open the door
natbennettabout 3 hours ago
Oh yeah that’s how you’re supposed to do it. But it’s entirely possible to set up a system that uses RFID key fobs that uh, doesn’t.

In the case where it was most useful to make copies they did eventually replace the system with one where the keys weren’t copy able. Which was better!

givcabout 3 hours ago
I don’t know a whole lot about RFID, but some of the most basic cards can be copied very easily. When scanned, the reader always reads the same bits.

I believe there are some more secure cards, like Mifare DESFire EV3 that do provide some security. You’d be shocked how insecure most RFID readers for security cards are.

p_labout 3 hours ago
RFID keys vary from utterly dumb ID-based, to hackable challenge-response, to actual NFC smartcard (very rare).

Some of that can be trivially cloned.

aarjaneiroabout 3 hours ago
Most dont :)
fragmedeabout 3 hours ago
Depends on where you are. Newer systems are resistant to attack, but not everywhere has upgraded to newer systems.
gonzalohmabout 3 hours ago
Is this something you do often? I could see a few use cases and also for copying garage keys. But I don't think I would use it enough to justify the investment
gopalvabout 3 hours ago
> I don't think I would use it enough to justify the investment

This is not a rational purchase - most of the rule breaking done with the zero is for fun or convenience, rather than being truly illegal.

It used to be more fun before the hotels started handing out NFC unlocks with your phone.

Still, being able to send each other a key for a hotel room on Signal is a nice trick if you are traveling with a sufficiently tech savvy group of people.

HDBaseTabout 2 hours ago
You can't even clone you garage door opener key anyway.

Flipper Zero and its clones have always been pseudohacker nonsense. Fun little party trick I suppose.

natbennettabout 3 hours ago
Nope! Only occasionally. But it’s handy on those occasions.
drunken_thorabout 5 hours ago
What a great tool and community they have built. I find my flipper0 is like a computer Swiss Army knife. It’s so fun to carry around a tool of my own trade.
ughitsaaronabout 4 hours ago
I get ads for this all the time but still have no idea what I could do with it.
DaSHacka11 minutes ago
Logical NAND of a laptop featureset. Has things like IR, a subghz HDR, NFC+RFID, USB device support, iButton, and the like.

Some people get a lot of use out of it, but if you just saw that list of hardware and couldn't think of one area you'd apply it in, it's probably not going to be a useful device for you.

devmorabout 3 hours ago
Anything you might want to do with a radio or IR device but don’t have specialized hardware for. It’s kind of a swiss knife/leatherman tool for short range communications standards.
Gigachad11 minutes ago
I think of it as the browser dev tools of radio. Most people will have no use for it but it brings visibility and interactability in to an otherwise invisible world.
quietsegfaultabout 2 hours ago
I use mine mostly as a universal IR remote.