cybersecurity

5036 readers

14 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks

tweedge

163

Flipper Zero 'DarkWeb' Firmware Bypasses Rolling Code Security on Major Vehicle Brands (cybersecuritynews.com)

submitted 1 month ago by cm0002@lemmy.world to c/cybersecurity

27 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] mmmac@lemmy.zip 2 points 1 month ago (1 children)

Alright I'm sold. $200 seems pretty steep though

[–] ArcaneSlime@lemmy.dbzer0.com 1 points 1 month ago* (last edited 1 month ago)

Yeah that's true, I've heard there may be an updated version coming out eventually, maybe then it'll drop a little. It's definitely not for everyone, but if you think you'll use it a lot it can be worth it.

Also if you do get one I recommend installing the Momentum firmware, which isn't this "darkweb" firmware and can't do the attack in the article. This firmware is sold (iirc on telegram) and serial locked, an unlocked version is out there, but not where we can get it, maybe it'll leak one day. I'd eat my farts before I paid for it, Momentum is free both monetarily and FOSS. Momentum can do a less sophisticated version of the attack, but any such attempt on a rolling code fob will desync your fob, in both firmwares. It may be possible however to pair it with your car as a second fob, depending on your car. (Or if you're whipping an '02 like me enjoy your lack of rolling codes.)