Daily Archives: February 12, 2024

Canada Moves to Ban the Flipper Zero Over Car Hacking Fears – instead of requiring good security on Cars

Posted on by

On Thursday, following a summit that focused on “the growing challenge of auto theft in Canada,” the country’s Minister of Innovation, Science and Industry posted a statement on X, saying “Criminals have been using sophisticated tools to steal cars…Today, I announced we are banning the importation, sale and use of consumer hacking devices, like flippers, used to commit these crimes.”

In a press release issued on Thursday, the Canadian government confirmed that it will be pursuing “all avenues to ban devices used to steal vehicles by copying the wireless signals for remote keyless entry, such as the Flipper Zero.”

The Flipper, which is technically a penetration testing device, has been controversial due to its ability to hack droves of smart products. Alex Kulagin, the COO of Flipper Devices, said in a statement shared with Gizmodo that the device couldn’t be used to “hijack any car” and that certain circumstances would have to be met for it to happen:

“Flipper Zero can’t be used to hijack any car, specifically the ones produced after the 1990s, since their security systems have rolling codes. Also, it’d require actively blocking the signal from the owner to catch the original signal, which Flipper Zero’s hardware is incapable of doing. Flipper Zero is intended for security testing and development and we have taken necessary precautions to ensure the device can’t be used for nefarious purposes”

[…]

Even if the Flipper isn’t considered a culprit in Canada’s car theft woes, it should be pointed out that hacking modern cars is notoriously easy. Major car manufacturers’ cybersecurity is terrible, and it seems difficult to imagine that banning the Flipper will make any serious dent in their security problems.

[…]

“Dude that’s not the solution. The car company needs to address the security of their products. Sincerely, Cyber security experts everywhere,” one X user, whose bio mentions infosec, posted.

“You can use screwdrivers to steal cars too,” another user posted, sarcastically.

“If you knew anything about technology you would know the flipper and others are just simple ARM processors with basic sensors attached,” said another user. “Nothing ground breaking this will not stop a thing but makes it look like your doing something. The trick of politicians everywhere and it is why people are fed up of you as everything else just crumbles.”

Source: Canada Moves to Ban the Flipper Zero Over Car Hacking Fears

1/2 of all French citizens data stolen in healthcare billing breach

Posted on by

Nearly half the citizens of France have had their data exposed in a massive security breach at two third-party healthcare payment servicers, the French data privacy watchdog disclosed last week.

Payments outfits Viamedis and Almerys both experienced breaches of their systems in late January, the National Commission on Informatics and Liberty (CNIL) revealed, leading to the theft of data belonging to more than 33 million customers. Affected data on customers and their families includes dates of birth, marital status, social security numbers and insurance information. No banking info, medical data or contact information was compromised, the CNIL added.

[…]

Viamedis was reportedly compromised through a phishing attack that targeted healthcare professionals, and used credentials stolen from such professionals to gain access to its systems. Almerys didn’t disclose how its compromise occurred, but it’s possible the ingress was similar in nature – it admitted the attacker gained access through a portal used by healthcare providers.

[…]

Source: 33m French citizens data stolen in healthcare billing breach