-
Introduction: Why I started Flipper
04/12/2020 at 16:42 • 0 commentsHow I got tired of scratchy raw PCBs in my pockets and decided to make an all-in-one device
My name is Pavel Zhovner. I live in London, UK. It has been my passion since childhood to go deep in all areas of life: technology, nature, people. I specialize in hardware, networking, and security. Flipper is the most ambitious project in my life that I have cherished in my head for many years, and now it is in an active stage of development. It is a Tamagotchi cyber-dolphin with its own personality, who can live in your pocket, and at the same time it's a Swiss army knife for pentesters. I’ve been hatching this idea for many years.I love to explore everything around and I constantly carry around with me various tools for this. In my backpack, I have a WiFi adapter, NFC reader, SDR, Proxmark3, HydraNFC, Raspberry Pi Zero (there are problems at the airport because of this). All these devices are not so easy to use on the run when you have a cup of coffee in one hand or you ride a bicycle. You need to sit down, put all the stuff out, get a computer - this is not always comfortable to do. I’ve been dreaming of a device that would implement typical attack scenarios, would always be on the alert and at the same time not be a pack of falling apart boards wound with electrical tape.
Recently, after an open implementation of the AirDrop protocol owlink.org and a study from HexWay guys about Apple-Bleee iOS vulnerabilities were published, I began to have fun in a new way for myself: meeting people on the subway, sending them pictures through AirDrop and collecting their phone numbers. Then I wanted to automate this process and made a device from the Raspberry Pi Zero W and batteries. Everything could be fine, but this device was extremely inconvenient to carry, it could not be put in a pocket, because sharp drops of solder tore the fabric of the pants. I tried to print the case on a 3d printer, but I did not like the result.
Hacking the Tamagotchi
A couple of years ago, the original Tamagotchi Friends from Bandai fell into my hands. It turned out that they are still being produced and that the original Tamagotchi is made only by the Japanese company Bandai. In modern versions, there is even an RFID module for exchanging data between other Tamagotchi, and they have a built-in 125khz antenna in the back.I began to play with Tamagotchi and disassemble it. It turned out that it was enough to solder the t5577 chip directly to the Tamagotchi antenna so that Tamagotchi could open the intercom, while its wireless functions remained operational. I made a video about it on Youtube
Then I already thought that it would be cool to emulate 125 kHz tags directly with Tamagotchi MCU. To do this, you have to access the firmware. Unfortunately, the main Tamagotchi chip is made without a shell and filled with epoxy, so I couldn’t get to it. Then I found a blog of Natasha Natalie Silvanovich from Google who was hacking Tamagotchi, here’s a video of her report.
She made a special board for patching certain models of Tamagotchi TamaTown Tama-Go through hardware decorations, so that people could install their own firmware in Tamagotchi.I also found a guy mr.Blinky who was engaged in reversing Tamagotchi and all sorts of old-school gaming devices. Bandai makes much cooler versions of Tamagotchi for the domestic Japanese market, they have color screen, real NFC, but the interface is only in Japanese. And Mr. Blinky made a patch to translate interface into English. Other guy Mike Szchys made a Tamagotchi ROM dump.
And I'm also in awe of ArduboyIt’s a portable gaming console with built-in display on a fully open Arduino platform, so anyone can write their own games for it and upload firmware.
Pwnagotchi — Tamagotchi for WiFi Hacking
Then I saw the amazing pwnagotchi project. It’s like Tamagotchi, but as a meal, he eats WPA handshakes and PMKID from Wi-Fi networks, which can then be brute on GPU farms. I liked this project so much that for several days I’ve been walking with my pwnagotchi through the streets and watching how he was enjoying the new prey. But it had all the same problems: you can’t put it in your pocket normally, there are no controls, so any user input is possible only from a smartphone or computer.
First DIY project: Epoxy NFC reader
I often came across the fact that the devices I need do not exist ready-made, so DIY always accompanied me. Often, DIY home-made devices are a bunch of boards wrapped with electrical tape, but I wanted to use not only functional but also beautiful and high-quality devices. My first attempt to make my own devices was when I started to research NFC: Epoxy NFC reader. I needed to carry an NFC pn532 reader, which requires a USB UART adapter to connect. It turned out to two devices connected by breadboard wires, with sticking sharp pins. It could not be simply put in a backpack because it tore the fabric. I had to put these boards in a separate bag. Very annoying. Then I decided to take both boards and fill it all with epoxy.
Funny fact, an article about making this device was declared illegal in Russia. Epoxy reliably fixes all connections and soldering is reliably protected. The device turned out so successful that for several years of constant wearing in a backpack nothing happened to him. I still use it and really love it.
After using pwngotchi I realized that I want a device that will simultaneously deliver joy in the Tamagotchi format, would be aesthetically similar to retro game consoles and will be evil enough to hack everything around.
I tweeted about it and the idea was liked by my product designer friends who make serious electronic stuff. They suggested making a full-fledged device, instead of a homebrewed DIY craft. With real factory production and quality fit parts. Flipper Zero is my attempt to make something cool and massive, and at the same time beautiful. I believe in open source, so the project will be completely open.First Flipper sketches
-
Flipper Zero is on the go
04/12/2020 at 16:44 • 0 commentsFirst case samples of Flipper Zero have arrived. Wanted to run quick demo on LCD screen before new year but messed with soldering and screen didn't start. Have been so tired soldering 0.5mm contacts directly on FPC that I had no strength to redo.
-
[Flipper Zero Update] Moving away from Raspberry Pi, building own board from scratch
04/12/2020 at 16:45 • 2 commentsThere are many updates I want to share with you. We were working hard on new year holidays and came up with some rad changes. Due to all limitations of Raspberry Pi Zero we decided to build our own board from scratch based on NXP i.MX6 ULZ chip.
The main problems of Raspberry:
- Impossible to buy in a batch. There are no suppliers who can sell 1000 or more pieces of rpi0. Retail markets like adafruit/sparkfun have only ~100 pcs. in stock and sell 1 pcs. in one hand.
- Unstable Broadcom WiFi chip. It crashes on heavy load while in monitoring mode
- Lack of interfaces
- Old and power hungry processor, that becomes very hot on load
- No power management, that means no sleep and standby
- and more..
Building completely new single board computer is a big challenge for us, but it gives more freedom in development. We can make Flipper more compact, give it longer battery life and better WiFi chipset.
Display and interface
We finally chose the right display and started to build user interface, menus and icons. LCD is quite old school but I love it, especially for very low power consumption, so we plan to make it Always ON like on old monochrome phones and tamagotchi. No need to press buttons to activate the screen, I miss that on modern devices with color displays.
Here are some demos of how interface looks on the screen:
125khz tag reading/wiring/emulation
We have already working EM4100 reading-writing and emulation! All made in software on STM32L4 GPIO without any dedicated IC's. Now working on HID PROX protocol which has different modulation type.
433 Transmitter
Some of Sub-1GHz are working too with CC1101, right now it's only simple protocols and jamming, but all this stuff depends on a software.
GIF is too large, so here is MP4 https://zhovner.com/forever/flipper_443mhz_jammer.mp4
Flipper Architecture
Here is an old architecture scheme so you can understand the basic blocks. STM32 is always powered on and controls linux board that wakes up on demand.
Now we are fully focused on developing i.mx6 board and plan to finish the prototype in one month. When we have a complete working board we will start crowdfunding campaign on kickstarter. Thanks for your support.
Cheers,
Pavel Zhovner
-
Flipper opens the gate via 433 MHz
04/12/2020 at 16:47 • 0 commentsFlipper beta version of 433 sniffer functionality. Simple replay demo. Can't parse remote control protocols yet, just grabs.
-
Flipper Zero first batch of prototypes (Coronavirus affected)
04/12/2020 at 16:47 • 0 commentsWe've produced a first batch of Flipper prototypes and it is stuck on the China border right now. At the moment we can only wait until all this crisis ends and we can continue.
Here are some photos:
-
Flipper Zero — last steps to Kickstarters | New prototype
06/09/2020 at 17:14 • 3 commentsGreetings everyone! A lot of things happened in this month with Flipper Zero and I want to tell you about our plans. We've got the final Flipper Zero prototype where almost all features work as expected and we can finish the BOM and price.
Right now we are almost done with the Kickstarte campaign preparation. Currently doing some paperwork, negotiations with the bank, manufacturers and suppliers. I hope the next update here will be campaign launch.
Here are some demos of latest Flipper Zero prototype:
Flipper Zero — GPIO Fuzzer
Simple fuzzer to test MCU, demonstrating the GPIO feature
iButton and sub-1GHz transmitter demo
Simple hello world demo
Demonstrating plugins feature.
-
We are on Kickstarter! Are you still there?
08/10/2020 at 15:36 • 0 commentsHey, we are finally coming back to Hackaday!
In case you missed that, we are live on Kickstarter and we've already raised more than $2,600,000 and unlocked all the stretch goals!
Check out our Kickstarter campaign!
-
Flipper Developer Program is live!
08/10/2020 at 15:38 • 1 commentAt the very beginning of the project, we have chosen the tactics of maximum openness and transparency. We believe in open-source, the power of the community, and that enthusiasts can create cool projects without the involvement of large corporations. Therefore, we invite everyone interested in the project to take part in the development!
Below is a description for those who want to join the development and make the hardware modules.
Who is working on the project?
The project consists of several large-scale parts, and each part has its dedicated team:
- Firmware — all software development of firmware, including software modules for each Flipper’s component: radio, RFID, Bluetooth, infrared, U2F, USB stack, etc.
- Electronics Engineering (EE) — a team engaged in hardware development, which consists of schematics, PCB design, antennas, etc.
- Mechanical Engineering (ME) — mechanical design team, responsible for the layout of the mechanical parts: case, buttons, holes, connector locations, ease of assembly, etc.
- Manufacturing — the team responsible for ensuring that the result of ME and Hardware team’s work can and will be transferred to mass production.
At the moment we have a ~80% complete device in terms of hardware and mechanics. But the biggest part of Flipper's development is the firmware. We now have a working prototype, firmware architecture, and basic firmware components to grow the meat on.
At this stage, it is very important to correctly approach the unification of all components in order to maintain the readability of the code and a uniform understandable style, so that developers around the world can easily develop for our platform. We believe that this task will be of interest to the community and invite you to contribute to the process of creating Flipper, just as it was in the very first stages of the project.
How to join the firmware development?
All Flipper Zero firmware will be fully open-sourced and published on Github once the first devices get shipped to the backers. For now, we’ve decided not to open our code repositories to postpone the appearance of fakes on Aliexpress and similar platforms, which will definitely happen after such a success here on Kickstarter. And in general, we are not particularly worried about this.So for now, all development is done in a closed repository where we add people after they take a survey and sign the Developer Agreement (CLA). In the agreement, we ask you not to distribute the code without our explicit consent and agree on your code usage in Flipper, but be sure that your authorship will be saved.
At the moment we are using HAL / LL from STM and FreeRTOS. Most of the work with peripherals was generated by CubeMX, but in some hardcore places, we had to throw out the standard functions and work with registers directly.
The code compilation takes place through Make and GCC, but very soon we will need to add the ability to compile our code in the Arduino IDE and PlatformIO.
Here is the current Firmware architecture:
Who are we looking for?
Flipper's main components are written in C, C ++, and Rust, so knowledge of these languages will be useful. It will also be great if you have worked with microcontrollers and know how to debug electronics, but we mainly try to separate the hardware part from the code with a layer of abstractions, so that many components, such as the graphical interface or dolphin behavior, do not require working with hardware directly. We also need interface designers (placing an informative UI on a 128×64 screen is not an easy task), DevOps, and testers (if you are ready to test electronics and deal with setting testing stands up for remote debugging and testing).
Most importantly, you must be willing to contribute to development. To participate in the project, please fill this form out. Please try to fill it very carefully, as this is the only convenient way for us to understand your professionalism: write about your development experience and indicate only those Flipper components that you are really interested in developing. Will be great if you already have ideas that you want to implement as a developer, be sure to write them down if you do.
We will carefully review all applications and contact those who have the relevant experience. Then we will tell you how we can work together and introduce you to the project — add you to Github, give you instructions, and all the necessary documentation. At the same time, the terms of cooperation can be very different: from full-time work within our team to contributing as a hobby.
Dev Kit for hardware developers
For those developers who dare to take part in the hardware development, that is, test the physical part of the radio module, debug NFC / RFID, develop antennas, etc. we’ve designed a special dev kit. It will be a version of Flipper in a special casing for easy connection to debugging tools.
For module developers
Thanks to GPIO pins, Flipper's functions can be extended using hardware modules. Right now we are extremely focused on Flipper’s design and manufacturing, so we are ready to completely outsource this task to the community. It can be absolutely any module, for example: CAN Bus, Hall sensor, logic analyzer, environmental sensors, noise sensor, modem, LoraWAN, IMU, FM transmitter, and a whole bunch of other possible options, as far as your imagination goes.
If you are a business or a modest DIY enthusiast, and you have an idea for a hardware module for Flipper, we are ready to provide you with all the necessary 3D models and documentation, as well as actively provide technical support.
Furthermore, we will provide media support for the first 10 production-ready modules, list them on our websites, and in all Flipper's promotional materials. Therefore, everyone who knows about Flipper will also know about your modules. To participate in the development of modules, please fill out this form.
We promise to cover all the further development and manufacturing stages and keep you posted on all the updates. Separately, we want Flipper to be a learning platform for beginners and we are preparing the materials for learning digital protocols, the basics of electronics, and coding. Stay tuned.
- Firmware — all software development of firmware, including software modules for each Flipper’s component: radio, RFID, Bluetooth, infrared, U2F, USB stack, etc.
-
Lock Flipper with the Pass-combo!
08/11/2020 at 18:50 • 0 commentsYou’ve been asking how to deal with the fact that Flipper will store your secrets like U2F token and house keys. What if Flipper gets lost?
Well, no problem! For this case, we made a locking feature. You can lock Flipper and unlock it with the special pass-combo, like in good old fighting games (for example, →↑↑←↓↑↓). Users can set a pass-combo of any length, and all functions will be blocked until the combo is entered, including firmware flashing.
Additionally, it will be possible to hide some of the Flipper’s functions behind the secret joystick shortcut. And until this combination is entered, Flipper is just a harmless cute Tamagotchi with a bunch of cool mini-games and nothing else.
-
Join official Flipper Discord server
08/22/2020 at 16:02 • 0 commentsYou've been asking and we heard you loud and clear.
We're happy to announce we now have an official Flipper Discord server!
Join us to discuss Flipper development, cases of use and to meet some friends for your dolphin family: flipperzero.one/discord