I felt that you would ask for it, and I already did.
or what do you want from me?
2 Likes
Well, damn. I am new to the community and I had no idea that all my requests would be done before I asked for them!
1 Like
I see this was committed to the dev branch. The DFU link created by the Github actions bot leads to a 404 page. So I upgraded to the dev branch on my flipper and it does not seem to work? I cannot save the frequency. It still shows locked.
Was this actually implemented on the dev branch?
Sorry, if I am missing something obvious. I am new.
1 Like
flipper is a mega creation that can predict the desire of ordinary people. yes DEV have everything
1 Like
Hey sorry to bother you again. It looks like even when I pull the Dev branch it still does not learn my garage code. Security+ 1 & 2, may be implemented but I am still not able to use my garage door opener via the flipper.
You cannot save rolling codes, only read them. This is a legal limitation and we’re not going to remove it.
1 Like
Accepting that it is necessary, I am curious to learn more about why this restriction is implemented in this place specifically. Is there a particular law or regulation that prohibits storing dynamic codes? Or do dynamic sub-GHz codes enable / block particularly (legally or morally) hazardous use cases?
I realize this won’t change in official builds: I’m really just interested to benefit from the team’s research into the legal (or moral?) landscape here—so any background you can share would be most welcome!
In short, rolling codes are still considered secure and are used in a lot of places. Enabling the ability to send them will open the door to a ton of possible misuse cases and possibly legal troubles for us afterwards. This does not apply to static codes, as right now they’re almost universally considered insecure.
So no, there’s no particular law about that, but if someone hacks someone else’s garage and steals all their stuff it may cause a lot of trouble for us, so we’d rather stay on the safe side
3 Likes
It is not my intention to press the issue. Since I am able to have a conversation with one of the developers, I feel like it would be a waste to not at least ask. I really appreciate your time by the way Astra and SkorP.
Does their need to be a complete ban on rolling codes? Instead of cloning a garage door opener, what about going through the learning process to pair the device as an original remote? The flipper zero is just a smarter universal remote and should not carry additional liability. I understand there is effort that goes into something like that, but if there was a patreon or something people would pay.
There are not enough RF experts like you guys around. I want to support this project however possible. I am sure I am going to get some response in the negative about rolling codes, which is fine. If anything you get from this comment, please open a patreon. I want to continue to support the project even if the only way I can is through monetary donations.
You can actually generate a random sendable dynamic signal on your Flipper via the “Add Manually” function, and then pair that to your garage as you would any other fob. The problem is capturing someone else’s key code and using it.
2 Likes
I can logically follow that, but not sure how to technically implement. I will try a few things and see what I can break.
Thank you for your time.
1 Like
I appreciate you asking, as I was unsure of this as well. Given the clarification (new random remotes are okay, cloning is not), I’ve filed an issue on the Flipper Zero firmware repository to help track this:
EDIT: Apologies, I misunderstood the distinction here between random but still static and random and dynamic/rolling code. This issue isn’t valid.
1 Like
Thanks—this is actually an extremely helpful clarification. If I understand you correctly, the issue is, at least in part, that rolling codes are often a best-available (albeit far from ideal) security technology. In view of this, the optics of stock firmware that readily captures and clones such codes are poor, especially when the feature would serve little educational or research purpose above and beyond the extant capture and decode capabilities.
Is this a fair way to characterize why the line was drawn here, even while emulating a variety of other RFID, NFC, 1-wire, and sub-GHz technologies?
(And again, just to underscore the point, I do not mean to implicitly push back on the team’s doubtless well-informed judgment here. It is simply a question of improving my own understanding!)
2 Likes
Yes, because for other technologies there are existing popular tools for their bypass/cloning/emulation (proxmark3, iKey, etc), but for the rolling codes this was mostly limited to a very niche group of codegrabbers, and we don’t want to expand that group.
1 Like
haha “will open the door…” well this is what I was here to find out… bummer.
1 Like
Thank you I can confirm the Sec+ 1.0 works with adding a new door opener using this firmware
Cool. I can still take pictures!
Thanks to SkorP, the flipper zero can be paired with lift master garage doors by using the “add manually” option. This is currently on the Dev branch (as of 27/05/2022). This should get pushed to prod when the next release comes out.
Thank you SkorP and Astra for paying such close attention to the forums.
2 Likes