I’ve used it in multiple places that I don’t like the questions. Hospitals when the tv remote has been “misplaced” (aka staff doesn’t give a fuck and someone stole it,) bars (with permission,) entry into hotel rooms, at my work because I forgot my badge.
And as mentioned, pen testing. Though not professionally and just at the office (with permission) to see how far it could get (surprisingly far actually, with the right badge.)
The thing about it is though, it stands out to an extreme. Even if I have it out on a table while sitting down (it’s rather bulky for a pocket) people take notice and ask what it is. “It’s like a universal remote” just raises more questions.
Yes? Pen testing is often “I am hiring you to see how far you can get into the company infrastructure under these constraints.” This includes human interaction, and humans can be a barrier to a pen test.
Part of that is going to be looking as innocuous as possible. Though admittedly that isn’t always the case. This kinda gets blown away when someone goes “oh look, that’s a flipper zero, aren’t those used for hacking?”
Ah okay, I see the confusion. A lot of people think pen testing is just “try to break into our app” or “try to get into our network” but those are usually narrow scope pen testing.
If you truly want to test your security, you can never rule out physical access. You could have the most secure network in the world and it would mean nothing if you kept it in an unlocked room in a publicly accessible area.
And you’d be surprised by the number of times pen testers gain access to those rooms because of human mistakes.
So what are you doing with it that makes you prefer not to be noticed?
I’ve used it in multiple places that I don’t like the questions. Hospitals when the tv remote has been “misplaced” (aka staff doesn’t give a fuck and someone stole it,) bars (with permission,) entry into hotel rooms, at my work because I forgot my badge.
And as mentioned, pen testing. Though not professionally and just at the office (with permission) to see how far it could get (surprisingly far actually, with the right badge.)
The thing about it is though, it stands out to an extreme. Even if I have it out on a table while sitting down (it’s rather bulky for a pocket) people take notice and ask what it is. “It’s like a universal remote” just raises more questions.
Could you unscrew the plastic case and 3d print something in black?
I’d not thought of that actually. I only have a resin printer though, which raises questions on fragility. But I’ll have to give that a shot.
Besides the obvious nefarious purposes, a pen test is something legit I can think of that would be useful for.
Why do you need the device to be unnoticeable for that?
You can’t see how being less detectable might be in your favor for a pen test?
It’s not spy work, it’s testing a system.
Part of modern pen testing absolutely involves a bit of social engineering to test policy enforcement
There can be a physical component to it though I’m not too sure about how prevalent it is. Which would be aided by blending in.
Is pen testing a visual test now?
How does the physical appearance of the device affect its electronic penetration?
Yes? Pen testing is often “I am hiring you to see how far you can get into the company infrastructure under these constraints.” This includes human interaction, and humans can be a barrier to a pen test.
Part of that is going to be looking as innocuous as possible. Though admittedly that isn’t always the case. This kinda gets blown away when someone goes “oh look, that’s a flipper zero, aren’t those used for hacking?”
Interesting. It sounded kind of ridiculous to me, I guess I didn’t consider gaining access to a building or something.
Ah okay, I see the confusion. A lot of people think pen testing is just “try to break into our app” or “try to get into our network” but those are usually narrow scope pen testing.
If you truly want to test your security, you can never rule out physical access. You could have the most secure network in the world and it would mean nothing if you kept it in an unlocked room in a publicly accessible area.
And you’d be surprised by the number of times pen testers gain access to those rooms because of human mistakes.
Some people just prefer to care for their little digital dolphin in peace.
Maybe read the article before presuming anyone using a flipper is a criminal. Like damn yo.