Something is happening on TikTok and it is going viral, be aware and ensure you understand its capabilities:
"The $200 device is called Flipper Zero, and it’s a portable pen-testing tool designed for hackers of all levels of technical expertise. The tool is smaller than a phone, easily concealable, and is stuffed with a range of radios and sensors that allow you to intercept and replay signals from keyless entry systems, Internet of Things sensors, garage doors, NFC cards, and virtually any other device that communicates wirelessly in short ranges. For example, in just seconds, I used the Flipper Zero to seamlessly clone the signal of an office RFID badge tucked safely inside my wallet."
Remember the "Lost in Space" Series - Danger Danger Will Robinson etc.
Here's a tidy little compilation:
It's really incredible, and alarming.
@ericgeaterYes it is cool, dangerous do you want to shoot the next person who has one of these?
Now think how you can protect yourselves and your organisations against it?
The most alarming thing I can think of is door access. I've personally seen collisions happen at card readers far too often for me to have a lot of faith in those devices, let alone this tool which can copy a card easily.
An update on Flipper Zero, it now has a App store for third party applications..... Even though Amazon has banned it, it is still available.
On any communications channel.
About the time my phone got a NFC reader, I was looking at my door badge and learned that when in a "wireless charging" field, it simply starts transmitting a non-changing string one-way. Not much different than the magnetic stripe on a credit card.
The credit card companies have addressed this risk with tap-to-pay. As I understand it, they effectively do a DH key exchange, then allow the terminal to use the session key after your badge has left the field.
Somewhat wryly, I have occasionally realized I could improve my door security by making my employees tap-to-pay $0.01 to enter the building. Then, PCI and EMV controls would protect my door, but I would owe everyone a $3.65/yr raise.