Experts Oppose Ban on Hacking Device That can be Used for Strengthening Cybersecurity

The Flipper Zero, a compact device loved by security researchers and hackers alike, has garnered attention on social media platforms such as TikTok. However, the authorities want to ban it citing the risk of its misuse by criminals to steal cars.

The gadget, inspired by the virtual dolphin character from the movie Johnny Mnemonic, proves highly beneficial for hacking tasks. It is engineered to scan radio frequencies, clone key fobs, and operate infrared-based devices, making it a valuable tool for security researchers aiming to enhance security measures.

Canada is currently grappling with a significant challenge regarding vehicle thefts, prompting the government to take decisive action. Recently, a national summit focused on combating vehicle theft was convened, during which plans to ban devices facilitating wireless vehicle theft, such as the Flipper Zero, were announced.

But, the decision to target devices like the Flipper Zero in the effort to curb vehicle thefts has sparked controversy and raised concerns within various quarters, including digital rights groups, hackers, and the cybersecurity community. There is a lack of concrete evidence linking the device specifically to vehicle thefts. It's important to note that the Flipper Zero is not capable of bypassing rolling code keyless entry systems, suggesting that it may not be directly implicated in the thefts targeted by the government's ban.

"We shouldn't be blaming manufacturers of radio transmitters for security lapses in the wireless unlock mechanisms of cars," Bill Budington, Senior Staff Technologist at the Electronic Frontier Foundation, said in a statement to Motherboard.

"Flipper Zero devices, because of their ease of use, are convenient scapegoats to blame for gaping security holes in fob implementations by car manufacturers. Moreover, tools like the Flipper Zero are used by security researchers involved in researching and hardening the security of systems like car fobs, and banning them will result in tangible harm," he added.

The Canadian digital rights group OpenMedia has condemned the decision to ban the Flipper Zero. With a focus on defending digital rights, promoting access to the internet, and safeguarding privacy, the group has long been at the forefront of advocating for policies that balance security concerns with individual freedoms.

"A ban on the sale of general purpose tools like the Flipper Zero will do more to hurt than help Canadian cybersecurity," said OpenMedia Executive Director Matt Hatfield. "Canada will make it harder for cybersecurity researchers to do their work of testing vulnerabilities and informing the Canadian public while doing little to prevent motivated car thieves from acquiring tools and exploiting these vulnerabilities," he said.

"I don’t find the Flipper to be that useful. Its built-in radio frequency support is barely more than you get from a good-rooted phone. I was unable to purchase the RF frequency modules because they were sold out. But imagine that *this* is considered a threat!," tweeted Matthew Green, a professor of cryptography at Johns Hopkins University.

Many cybersecurity experts have expressed skepticism regarding its use in facilitating vehicle theft. They emphasize the importance of distinguishing between theoretical capabilities and practical effectiveness when evaluating the potential impact of devices like the Flipper Zero on security and law enforcement efforts.