This previous tweet was geared toward hardware-hacker twitter. I'd like to clarify a few things for those who might not pick up on the red flags that I see. https://twitter.com/securelyfitz/status/1293225556117356546
Flipper is a crowdfunded wireless hacking too. It's essentially a purpose-built heir to the Girl Tech IM-ME, with a newer cpu and all sorts of cool features.

I pledged and am looking forward to getting mine.
The problem with the vast capabilities of software is that it's really easy to add features. The dilemma is that while marketing and users might see features as selling points, developers and testers see them as more work. Feature creep can kill a project.
But what's the harm in adding a feature that doesn't work as planned vs not having it?
Adding features adds attack surface.
Adding incomplete, non-fully supported features adds very fertile attack surface.
Adding security features adds incentive to attack that surface.
So cool - you can use Flipper Zero as a U2F token. Nothing wrong with that in theory.
But an important feature of a U2F token is that it doesn't just give up your keys if you lose it.
The developers of Flipper Zero thought about this, possibly before but hopefully after supporters asked how these keys would be secure.

Their response - that a series of button presses will unlock the keys - shows that they don't understand the problem.
I can only assume that if they had any hardware security involved, they would have mentioned it. They didn't.

Which most likely means that there's some software that checks and matches your button presses before letting the software access your keys.
This means software is the gatekeeper.
This likely means software can access your keys.
This means that if you can control the software, you can access the keys.

I can't be certain, but my guess is that, with physical access, you can read, write, or modify the firmware easily
So, your flipper gets stolen. You don't share your secret keypresses. The thief, if they were targeting you and your U2F token, dumps the firmware and extracts your key.

Hopefully you can report it lost and invalidate the keys before they're used.
Even worse: you leave your flipper out of sight for an hour. Someone grabs it, dumps it, and puts it back. you don't know it happened, and your U2F keys are compromised.
You might say "Well don't use it for something important then"
To which I'd say, "Why are you using U2F if it's not important?"
You can't count on software to provide hardware security.

You can't count on someone making software-based security claims to have fully understood hardware threat models.
Again, I think Flipper looks like an awesome tool and I'm looking forward to mine.

I will not use it as a U2F device and hope you don't either.
Footnote: Yes, a U2F key with no physical security is still an improvement over none.

The issue arises when manufacturers make unfounded claims about physical security, intentionally or not.

Thanks @XMPPwocky for pointing this out.
You can follow @securelyfitz.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more