How I got tired of scratchy raw PCBs in my pockets and decided to make an all-in-one device
My name is Pavel Zhovner. I live in Moscow, Russia. It has been my passion since childhood to go deep in all areas of life: technology, nature, people. I specialize in hardware, networking, and security. Flipper is the most ambitious project in my life that I have cherished in my head for many years, and now it is in an active stage of development. It is a Tamagotchi cyber-dolphin with its own personality, who can live in your pocket, and at the same time it's a Swiss army knife for pentesters. I’ve been hatching this idea for many years.
I love to explore everything around and I constantly carry around with me various tools for this. In my backpack, I have a WiFi adapter, NFC reader, SDR, Proxmark3, HydraNFC, Raspberry Pi Zero (there are problems at the airport because of this). All these devices are not so easy to use on the run when you have a cup of coffee in one hand or you ride a bicycle. You need to sit down, put all the stuff out, get a computer - this is not always comfortable to do. I’ve been dreaming of a device that would implement typical attack scenarios, would always be on the alert and at the same time not be a pack of falling apart boards wound with electrical tape.
Recently, after an open implementation of the AirDrop protocol owlink.org and a study from HexWay guys about Apple-Bleee iOS vulnerabilities were published, I began to have fun in a new way for myself: meeting people on the subway, sending them pictures through AirDrop and collecting their phone numbers. Then I wanted to automate this process and made a device from the Raspberry Pi Zero W and batteries. Everything could be fine, but this device was extremely inconvenient to carry, it could not be put in a pocket, because sharp drops of solder tore the fabric of the pants. I tried to print the case on a 3d printer, but I did not like the result.
Hacking the Tamagotchi
A couple of years ago, the original Tamagotchi Friends from Bandai fell into my hands. It turned out that they are still being produced and that the original Tamagotchi is made only by the Japanese company Bandai. In modern versions, there is even an RFID module for exchanging data between other Tamagotchi, and they have a built-in 125khz antenna in the back.
I began to play with Tamagotchi and disassemble it. It turned out that it was enough to solder the t5577 chip directly to the Tamagotchi antenna so that Tamagotchi could open the intercom, while its wireless functions remained operational. I made a video about it on Youtube
Then I already thought that it would be cool to emulate 125 kHz tags directly with Tamagotchi MCU. To do this, you have to access the firmware. Unfortunately, the main Tamagotchi chip is made without a shell and filled with epoxy, so I couldn’t get to it. Then I found a blog of Natasha Natalie Silvanovich from Google who was hacking Tamagotchi, here’s a video of her report.
She made a special board for patching certain models of Tamagotchi TamaTown Tama-Go through hardware decorations, so that people could install their own firmware in Tamagotchi.
I also found a guy mr.Blinky who was engaged in reversing Tamagotchi and all sorts of old-school gaming devices. Bandai makes much cooler versions of Tamagotchi for the domestic Japanese market, they have color screen, real NFC, but the interface is only in Japanese. And Mr. Blinky made a patch to translate interface into English. Other guy Mike Szchys made a Tamagotchi ROM dump.
And I'm also in awe of Arduboy
It’s a portable gaming console with built-in display on a fully open Arduino platform, so anyone can write their own games for it and upload firmware.
Pwnagotchi — Tamagotchi for WiFi Hacking
Then I saw the amazing pwnagotchi project. It’s like Tamagotchi, but as a meal, he eats WPA handshakes and PMKID from Wi-Fi networks, which can then be brute on GPU farms. I liked this project so much that for several days I’ve been walking with my pwnagotchi through the streets and watching how he was enjoying the new prey. But it had all the same problems: you can’t put it in your pocket normally, there are no controls, so any user input is possible only from a smartphone or computer.
First DIY project: Epoxy NFC reader
I often came across the fact that the devices I need do not exist ready-made, so DIY always accompanied me. Often, DIY home-made devices are a bunch of boards wrapped with electrical tape, but I wanted to use not only functional but also beautiful and high-quality devices. My first attempt to make my own devices was when I started to research NFC: Epoxy NFC reader. I needed to carry an NFC pn532 reader, which requires a USB UART adapter to connect. It turned out to two devices connected by breadboard wires, with sticking sharp pins. It could not be simply put in a backpack because it tore the fabric. I had to put these boards in a separate bag. Very annoying. Then I decided to take both boards and fill it all with epoxy.
Funny fact, an article about making this device was declared illegal in Russia. Epoxy reliably fixes all connections and soldering is reliably protected. The device turned out so successful that for several years of constant wearing in a backpack nothing happened to him. I still use it and really love it.
After using pwngotchi I realized that I want a device that will simultaneously deliver joy in the Tamagotchi format, would be aesthetically similar to retro game consoles and will be evil enough to hack everything around.
I tweeted about it and the idea was liked by my product designer friends who make serious electronic stuff. They suggested making a full-fledged device, instead of a homebrewed DIY craft. With real factory production and quality fit parts. Flipper Zero is my attempt to make something cool and massive, and at the same time beautiful. I believe in open source, so the project will be completely open.
First Flipper sketches