NHacker Next
  • new
  • past
  • show
  • ask
  • show
  • jobs
  • submit
The future of Flipper Zero development (blog.flipper.net)
pastaj36 17 hours ago [-]
Tough spot with community that expects firmware updates while hardware sells only once
EricBetts 13 hours ago [-]
It's sort of a self imposed problem as well because the community produces a bunch of pull requests, but only the corporate staff members can approve and merge them into the official firmware. It begs the question why have an official firmware if it's not at least slightly maintained.
godelski 9 hours ago [-]

  > why have an official firmware if it's not at least slightly maintained.
Because it's still useful to have a blessed child so that people getting into the space have somewhere to start. You could accept zero additional PRs and it would still be a useful thing to have.

The hardware is static so the rate of software rot is pretty low. It can effectively not be maintained as long as it's already in a stable state. Adding new features is cool and all but it also adds more bugs.

But the great thing is that there's a community, all using the same hardware, and people can fork. So people can still get those updates that they want. Maybe the only thing to do is create a community fork that is much more open but doesn't come with the same stability promises. But that can still be a lot of work, even if you get community maintainers

underdeserver 11 hours ago [-]
Easy fix: Allow donations, merge updates once donation pool is enough to pay for the maintainers' time.
rickdeckard 3 hours ago [-]
In my experience this doesn't work because people in large groups usually demand maintenance for free and donate explicitly for features they personally want.

You usually end up with insufficient donations to move anything, but now gained a bunch of users who think they own the devs and complain about every change which isn't that one thing they donated for...

Much easier fix: They already open-sourced everything, the official branch is sufficiently stable and feature-rich. People are free to fork and create something new, decoupled from the Flipper team and maybe even financed by donations if they want to.

itake 7 hours ago [-]
has that ever worked, ever?

I've heard people talk about this "solution" for over a decade, especially with crypto trying to justify itself, but I've never seen it successful.

gosub100 6 hours ago [-]
I would love to contribute towards getting Bluetooth keyboards working on freebsd. They have the drivers and most of the core working, even BT mice work, but keyboards aren't there yet.
yieldcrv 6 hours ago [-]
yeah in the crypto space there is never consensus on what a developer costs, the donation pools and bounties are priced for a passionate developer in Malaysia as there are very few speculators from the few High Cost of Living places that the builders get opportunities from, in comparison to the rest of the of the world

developers all end up launching their own things and getting all the money up front in some way or another

more communities burned

happyPersonR 5 hours ago [-]
This
rasz 9 hours ago [-]
Donating to a russian company with all the sanctions in place?
guenthert 8 hours ago [-]
What makes it a Russian company? The team is allegedly spread across the globe, the company (Flipper Devices Inc.) is registered in DE, USA and there's a London office.
rasz 6 hours ago [-]
They are registered all over the place yet somehow comply with neither UK nor EU warranty laws, and are unable to provide normal legal B2B documents in EU/UK (https://flipper.net/pages/b2b-and-tax-exemption-policy). Company is run by russians, for a long time they tried hard to hide the fact their servers were still in russia after they claimed to move out.
miki123211 12 hours ago [-]
Which is just another way of saying "this is why most developers prefer subscriptions over one-time sales"
wongarsu 9 hours ago [-]
What's funny, or maybe sad, is that this used to be a solved problem back in the CD-distribution era of software. You buy the software once (or in this case the hardware that comes with a software license). You get bugfix patches and minor updates for a year. Next year the next version releases with major new features, and you either pay the price of an update or you stay on the version you are on. Good incentives for all sides. Development stays aligned with existing users, because otherwise they just stop buying updates. And in return the developer gets predictable revenue.

Then Minecraft pioneered the model of users paying once and getting free lifetime updates. And shortly thereafter various SaaS pioneered the model of the user paying monthly while the software barely changes.

And somehow we pretend like those two business models aren't both broken, and like the first one somehow doesn't work anymore

AJRF 8 hours ago [-]
I don't remember minecraft being a driver of this - I do remember Patio11 on here being very influential in start ups doing subscription software instead of "finished" desktop applications.

That is not to blame him, but I remember his writing being very influential with start up founders.

hypfer 8 hours ago [-]
Are you sure that minecraft pioneered that model?

It is certainly a very well-known instance of it, but pioneered?

wongarsu 8 hours ago [-]
Maybe popularized is the better word. It probably wasn't the first software ever to do this; free lifetime updates became viable with the internet sometime in the nineties and Minecraft only started doing it in 2009. But at the risk of being proven wrong I'm willing to claim Minecraft was the first software to do this and go mainstream, being recognizable outside its niche
aacid 7 hours ago [-]
I know Guild Wars had original idea in the era of "lets make new world of warcraft and get rich from subscriptions" to release mmorpg without any subscription, you only buy it once and you can play forever. It was 2005.
wink 5 hours ago [-]
You have your timeline slightly wrong because GW1 (if we take dev time into account) basically launched at the same time as WoW - and WoW wasn't the first subscription MMO. I suppose if this was a major reason, EverQuest would be the one to inspire it.
ethbr1 5 hours ago [-]
Everquest was 1999. Ultima Online was 1997 and had a $10/month subscription price.
sanbor 5 hours ago [-]
I pay for LittleSnitch major releases. I’m kind of forced to, in order to keep up with macOS major releases.

Maybe they can sell the hardware which includes 1 major upgrade release.

Maybe they can have a Kickstarter campaign to fund new releases.

abcd_f 10 hours ago [-]
Yeah, they do, but an actually fair to all sides model is that of one-time sales coupled with optional paid-for updates.
vineyardmike 9 hours ago [-]
That's basically a variant of a subscription, but one where the end user churns aggressively.

It's worse in many ways too - it's a lot harder to gauge interest as the developer to understand how well any update will sell, and if the updates "stack", then a user only pays for the newest update to get all older features free. It's also worse from a cashflow perspective for the developer (but better for consumer) since they have to pre-build the update before any chance of getting paid for it.

jpfromlondon 9 hours ago [-]
I'd be surprised if the churn was as high as the subscription model.

If I buy a product and like it as-is then I don't necessarily want it to change over time.

Buy once is better, buy once with optional updates or periodic version releases is better still.

abcd_f 9 hours ago [-]
The principal difference is that things keep working if I stop paying. All other aspects are secondary.

And generally speaking there is a lot of options that are excellent for developers but complete shit for the users. That's obvious, but it's also off the point in the context of fairness.

matheusmoreira 5 hours ago [-]
Then just open source the firmware. We'll update it ourselves.
stevage 19 hours ago [-]
It's slightly funny that the post says firmly that they aren't doing any form of real time engagement with the community anymore, then ends by announcing an AMA date and time.
ethbr1 5 hours ago [-]
I read the post as implied they were talking about continuous realtime engagement.

Which TBF, answering every monkey with a typewriter on the internet is a huge time commitment from any team.

cindyllm 5 hours ago [-]
[dead]
rickdeckard 8 hours ago [-]
Might be an unpopular opinion, but:

1. They open sourced the entire Software under GPL from the start, and always pushed all their changes to that public github.

2. They supported the first-party firmware for years, including huge rewrites of the interfaces used by applications, etc.

3. They actively involved the community on many topics around the product and were always responsive.

They did their job very well, financed ONLY by one-time sales of hardware. NO subscription or additional licensing fees were ever charged.

There is still alot of potential in the hardware itself (e.g. Bluetooth/BLE, NFC Tag writing,...), and the Community is working on alot of different topics.

--

Tl;DR: The Flipper team is free to go and invest resources elsewhere now. Thanks for your support, keep up the great work!

AJRF 8 hours ago [-]
Everyone I know who owns a flipper almost immediately installs some 3rd party firmware like Momentum on it.
MomsAVoxell 7 hours ago [-]
Yes, this is the way things should be, imho - let the company building the hardware have the say on the base OS, but then let there be forks/contributions from the wider community, which will keep the hardware alive long past the cutoff valve on the production line.

There are many good examples of this working out great for the community, one that I am playing with recently is the community firmware for the Synthstrom Deluge music production workstation, where the community is just taking it into the stratosphere in terms of capabilities beyond the original factory firmware.

There will always be folks who want to share their work.

Another good example is the pwnagotchi scene, where the project is kept alive by its users due to the open source nature of the original firmware images.

egorfine 9 hours ago [-]
I wonder whether that future includes sending me the device I initially backed on the very first kickstarter. It's been >4 years of back-and-forth with support.
zhovner 3 hours ago [-]
Please send me your support ticket ID to pavel[at]flipper.net
egorfine 3 hours ago [-]
Sent!
yjftsjthsd-h 22 hours ago [-]
> TL;DR: We've allocated resources to maintain Flipper Zero firmware and support community contributions.

Is that the tldr? It sure sounds like it's still on minimal life support.

hdgr 21 hours ago [-]
It is. As the article says, all development goals for FZ had been achieved and even overachieved - providing solid and feature-rich firmware, powerful SDK and developer tools. With that and development shift towards new products, updates to core firmare became infrequent - and we tried to address that.

Src: I'm one of the developers behind Flipper Zero.

throwing_away 9 hours ago [-]
You guys have done such a good job that I've thought about buying one even though I don't need one at all just to support the project.

You've surely launched a generation of perhaps-someday-responsible hackers into the world.

jagged-chisel 21 hours ago [-]
Why can't something be "done"?
bigiain 18 hours ago [-]
Especially since, as that article describes, the "firmware" has a much more limited scope that it used to, now being mostly a loader for app rather that providing user functions.

Worrying about firmware development resources for a Flipper Zero seems a bit like concentrating on your bios instead of ongoing updates to Linux and the applications you use. Yeah, it's important, but it's probably exceedingly rare for the firmware here to need to change much.

hypfer 8 hours ago [-]
That's because we haven't yet started to laugh people out of the room that get uneasy and complain when the rate of updates of something starts slowing down.
ethbr1 5 hours ago [-]
I heard a graybeard story about a manager who walked into a new ~90s sysadmin shop and was immediately horrified that everyone was calmly and slowly working.

At his old company, the sysadmins had been constantly putting out emergency fires!

... seeing how the "used to infinitely patched software" generation is unable to parse "done" is interesting.

Eventually, competence means nothing to do.

busymom0 20 hours ago [-]
Was just reading something along those lines:

https://infosec.exchange/@millie/115719943870742405

> We need to normalize declaring software as finished. Not everything needs continuous updates to function. In fact, a minority of software needs this. Most software works as it is written. The code does not run out of date. I want more projects that are actually just finished, without the need to be continuously mutated and complexified ad infinitum.

godelski 13 hours ago [-]
To be fair, some software does rot. But when you have control of the hardware and the software, rot is pretty uncommon.

Honestly, I thought the whole point was to make a popular unified platform where the community could come together and expand on it. I really can't imagine a centralized player can predict nor create all features that users might want. But it seems like Flipper did the right thing: make the software flexible and easy to expand upon.

ethbr1 4 hours ago [-]
Software rot is mostly about dependency size, ne?

I'm curious if the agentic-based code flows will start to optimize higher-order programming goals in future evolutions.

   1. Code works
   2. Code works in all situations
   3. Code uses defensive practices for unanticipated situations
   4. Code is maintainable
   5. Code is well architected
   6. Code minimizes impact of rot
Right now, it feels like AI coding is ~2.5, if left to its own devices without human guidance.
nicman23 11 hours ago [-]
why it should?
ActorNightly 18 hours ago [-]
Why would you need any support for things that are fully open source and flashable yourself?

Most everyone who has a flipper runs something like Unleashed firmware, and most of the functionality is in the apps that people built, not in the actual firmware.

natbennett 23 hours ago [-]
Flipper Zero is one of the handiest little pieces of tech I’ve ever owned. Being able to copy RFID keys is occasionally fantastically useful.
pornel 16 hours ago [-]
I use it to clone remotes of "dumb" devices and emulate them with ESPHome to make them "smart" fully offline under my control.
dzhiurgis 8 hours ago [-]
Can you outline the process here? What transmitters do you use with esp32?
mikepurvis 21 hours ago [-]
Is... that possible? I thought the whole point is that those were a challenge-response specifically to avoid ever them disclosing over the air the material necessary to impersonate one.
Aachen 18 hours ago [-]
You're thinking of NFC, not RFID, and with NFC the owner might not have changed the default keys.

It's a common mix-up (people barely differentiate between the terms anymore, though I'm surprised nobody in 2 hours mentioned it yet), basically RFID is (historically) an ID; a username. Like an ID field in a database. NFC is near-field communication: bidirectional. It does challenge-response and typically runs on hardened chips. But yeah people will call NFC chips RFID and RFID chips NFC all the time. Both are waterproof devices doing radio transmissions on wireless power and you can't tell them apart without using some equipment to try and read the chip type (even if most phones can do that nowadays), so I can understand the terminology generalisation

GuB-42 20 hours ago [-]
Some cards don't have any form of security. For example Konami "e-amusement" cards are just an ID number, which is also written on the back of the card. It is a username so to speak, the password is the PIN you enter when you start the game.

Some cards use some kind of challenge-response but are weak and are easily crackable.

Some cards have an anti-copy protection based on rolling codes, be careful with these. The idea is that when you use it to, say, open a door, the card sends a code to the reader and if correct, that code is burned and the reader replies with the next code, which is stored in the card for the next time, making every other copy (possibly including the original) unusable. If the card emulator doesn't store the rolling code, you are completely locked out.

Some cards have a proper challenge-response mechanism that works and can't be easily copied.

ethbr1 4 hours ago [-]
Oof, that burned-code scheme sounds like it has some painfully sharp UX edges if something goes awry in the new code resync portion.

But I'm guessing that's for serious security, where going to the guard shack is preferable to letting anyone unauthorized in?

jchulce 21 hours ago [-]
Keyfobs absolutely should use a secure challenge-response protocol in order to prevent cloning. Unfortunately, it's extremely common for RFID devices to simply use the tag ID which is trivially cloneable. Many of the systems that make some attempt at security still fail by using a broken protocol or a flawed implementation.
miladyincontrol 10 hours ago [-]
As others have said, most are dumb, some just slightly less so. A few captured nonce values and a dictionary attack will crack most with ease.
Rebelgecko 19 hours ago [-]
Many RFID cards are literally just an ID number, and will happily allow you to copy that number to your own RFID card (look up "blue cloner guns", although they have their own downsides). Basically just security through obscurity. Cards that do fancy crypto stuff exist, but odds are your workplace badge, apartment fob, or hotel room key is the simple kind (because those are cheaper)
natbennett 20 hours ago [-]
Oh yeah that’s how you’re supposed to do it. But it’s entirely possible to set up a system that uses RFID key fobs that uh, doesn’t.

In the case where it was most useful to make copies they did eventually replace the system with one where the keys weren’t copy able. Which was better!

Larrikin 18 hours ago [-]
In my old apartment I was able to copy my fob from my apartment office. In my new one I had to record the interaction with the door and was then able to open the door
DaSHacka 18 hours ago [-]
Even that process can be flawed, see: Crypto1 and all the shenanigans that followed.

Recent UL-C/AES disclosure too IIRC

givc 21 hours ago [-]
I don’t know a whole lot about RFID, but some of the most basic cards can be copied very easily. When scanned, the reader always reads the same bits.

I believe there are some more secure cards, like Mifare DESFire EV3 that do provide some security. You’d be shocked how insecure most RFID readers for security cards are.

p_l 21 hours ago [-]
RFID keys vary from utterly dumb ID-based, to hackable challenge-response, to actual NFC smartcard (very rare).

Some of that can be trivially cloned.

fragmede 21 hours ago [-]
Depends on where you are. Newer systems are resistant to attack, but not everywhere has upgraded to newer systems.
aarjaneiro 20 hours ago [-]
Most dont :)
gonzalohm 21 hours ago [-]
Is this something you do often? I could see a few use cases and also for copying garage keys. But I don't think I would use it enough to justify the investment
gopalv 21 hours ago [-]
> I don't think I would use it enough to justify the investment

This is not a rational purchase - most of the rule breaking done with the zero is for fun or convenience, rather than being truly illegal.

It used to be more fun before the hotels started handing out NFC unlocks with your phone.

Still, being able to send each other a key for a hotel room on Signal is a nice trick if you are traveling with a sufficiently tech savvy group of people.

HDBaseT 20 hours ago [-]
You can't even clone you garage door opener key anyway.

Flipper Zero and its clones have always been pseudohacker nonsense. Fun little party trick I suppose.

EricBetts 13 hours ago [-]
Sometimes you can clone them. My 20+ year-old condo uses non-rolling code "MegaCode". It's hit or miss.
3 hours ago [-]
dzhiurgis 8 hours ago [-]
IMO for garage much easier to just add garage door opener that works from your phone.
natbennett 20 hours ago [-]
Nope! Only occasionally. But it’s handy on those occasions.
21 hours ago [-]
21 hours ago [-]
drunken_thor 22 hours ago [-]
What a great tool and community they have built. I find my flipper0 is like a computer Swiss Army knife. It’s so fun to carry around a tool of my own trade.
21 hours ago [-]
21 hours ago [-]
cindyllm 17 hours ago [-]
[dead]
ughitsaaron 21 hours ago [-]
I get ads for this all the time but still have no idea what I could do with it.
DaSHacka 18 hours ago [-]
Logical NAND of a laptop featureset. Has things like IR, a subghz HDR, NFC+RFID, USB device support, iButton, and the like.

Some people get a lot of use out of it, but if you just saw that list of hardware and couldn't think of one area you'd apply it in, it's probably not going to be a useful device for you.

devmor 21 hours ago [-]
Anything you might want to do with a radio or IR device but don’t have specialized hardware for. It’s kind of a swiss knife/leatherman tool for short range communications standards.
Gigachad 18 hours ago [-]
I think of it as the browser dev tools of radio. Most people will have no use for it but it brings visibility and interactability in to an otherwise invisible world.
quietsegfault 19 hours ago [-]
I use mine mostly as a universal IR remote.
nicman23 11 hours ago [-]
i vibed a .ir to tasmota IRSend commands and it is so good.
avipars 9 hours ago [-]
Can you open source it?
21 hours ago [-]
21 hours ago [-]
terry12341367 21 hours ago [-]
[flagged]
hamburgererror 5 hours ago [-]
[flagged]
tzs 2 hours ago [-]
How do you know they are furries? The illustration could be set in a world where humans and anthropomorphic animals coexist, like the fictional worlds in movies such as "The Bad Guys" or TV shows such as BoJack Horseman or Teenage Mutant Ninja Turtles.

Another possibility is that it is a medical and/or supernatural condition. They all appear to be canines. They could be werewolves, in a world where medicine and/or magic has developed a way to allow the change to just affect the body leaving their mind and personality intact.

myrmidon 4 hours ago [-]
There are. LGBT+furries seem significantly overrepresented in embedded software/emulation (more so than in compsci), so this makes sense for the target audience.
JacobAsmuth 20 hours ago [-]
[flagged]
dimbletimbers 20 hours ago [-]
It’s definitely a meme if nothing else that the cybersecurity community has a distribution of furries that would not reflect the general population’s.
nicce 20 hours ago [-]
There is even a saying that furries run the internet.
miki123211 12 hours ago [-]
Along with trans people.
nicce 5 hours ago [-]
Often it is the same thing. If you look up the history of furriness in this context.
SEJeff 14 hours ago [-]
It isn’t really a meme if it’s true is it?

Note: am not furry, but have worked with several.

rebolek 20 hours ago [-]
Is there some study to explain why? Do they feel more safer pretending to be human sized...furry animal?
AussieWog93 15 hours ago [-]
Yes, is a safety thing, but not directly.

The "missing link" correlating furries (and trans women) with hardcore programming and is autism (and related conditions).

Autistic people tend to be very good at this kind of work, and are also more likely to find the social dynamics of these particular groups welcoming rather than off-putting[1]. You find the same overlap to a lesser degree with competitive Pokemon, LOTR, retro gaming tech, political extremism or other autism-adjacent interests.

[1]Many Autistics trend to feel much more comfortable being in groups where people don't adhere properly to social norms, because it means they're not going to be singled out and ostracized.

kstrauser 20 hours ago [-]
My hypothesis, based purely on personal experience and what friends have told me. I am not a furry.

I feel like infosec was one of the earliest "no one cares who you are if you have skills" user groups. Online, you were just a handle. Man, woman, both, neither, no one knew until if/when you met up IRL. Until then, all you had was your reputation. I think that led to people having a pretty good idea about the attitudes of people they were talking to online, staying away from people who were going to be jerks about identity or pastimes, and a lot of conversations like "General Mayhem is weird, but he's our weird, so no one mentions that fox tail he wears everywhere."

Over time, that was a positive feedback loop: people who weren't cookiecutter felt safer around infosec folks than most other crowds. => That increased the "weird density" of infosec meetups. => People who don't like being around uncommon appearance or behavior stayed away from infosec meetups. => Those meets became safer for uncommon folks. => Repeat.

I don't know if that's right, but again, that's what friends have expressed to me before. It seems plausible.

Note: When I say weird, I mean it affectionately. I've never met anyone in infosec who didn't have some quirk not far below the surface. Frankly, I love that. And because of that, and the virtuous circle I described, I've never had one single person in infosec confess to me that they weren't OK with gay or trans or furries or other type of behavior/identity/etc. I'm a straight white middle class dude, and unfortunately I have had people confess such things to me in other circles, mistakenly assuming that since I was in their demographic, I'd agree with them or at least be OK with it.

cybrexalpha 19 hours ago [-]
The visibility is a huge part of it. It signals "it's okay to be yourself here" when most professional life, even in tech, is dominated by keeping up "professional" appearances.
kstrauser 18 hours ago [-]
That makes sense. And I do strongly believe in the "virtuous circle" bit: people who aren't OK with others being themselves tend not to feel comfortable at, or get invited back to, events. That would make it more comfortable for the next event's attendees, making it less pleasant for the remaining pains in the necks, and so on. I've participated in conversations like:

Q: Why do rightwing websites keep getting hacked?

A: Because none of the best infosec people want to work where their friends wouldn't be welcome.

woodpanel 13 hours ago [-]
Kind of transgressive to go from „someone not being ok with something“ to „so that’s totally fine to hack them“.
kstrauser 13 hours ago [-]
It would be, but I've never heard anyone making that claim, certainly not in this thread.
naishoya 10 hours ago [-]
You seem to misunderstand the logic flow of why the right-wing bigots' infrastructure is repeatedly getting hacked.

They don't get hacked specifically because of who they treat poorly, but because the very people who they treat poorly won't work for them. The subset of the population of whom they are publicly abusive and disrespectful is over-represented in the top performing defensive programmers.

point A > They wont hire from this subset of the population - which excludes a significant portion of infosec top talent. The neurodivergent talent pool that is adjacent to that subgroup, which itself may not be the direct targets of the abusive behavior is also over-represented in the top talent pool is less likely to feel comfortable supporting these clients.

point 2 > The remaining talent pool is thus a less concentrated distribution of top performing infosec professionals. Not that any individuals in this group are less capable in particular, but that the mean distribution of capability is somewhat lower in the remaining group.

point D > Hackers are prolific and adept at finding the least secure aspects of infrastructure, by definition. The concentration of talent in the hacking community probably follows the same distribution curves. This creates a subset of hackers with a motive to target both the less well prepared organizations, and have a negative opinion of those less prepared organizations with a history of abusive behaviour towards groups with which the subset of high performing hackers strongly identify or associate.

> Bigots, racists, far-right-wing Republican organizations get hacked. [Perhaps more frequently - unsubstantiated]. Apparently, because the outcomes of self-identification as intolerant asshats makes their specific infrastructure both an easy target for hackers of any orientation, and a preferred easy target for hackers opposed to bigotry, racism, and far-right-wing Republican organizations.

Period

Aachen 18 hours ago [-]
> Man, woman, both, neither, no one knew until if/when you met up IRL.

And sometimes not even then! Which is fine because indeed, who cares :)

weakfish 17 hours ago [-]
My philosophy in most things. Even if I don’t understand it, who cares? It’s America and that means freedom
kstrauser 17 hours ago [-]
That's exactly right. Between us, I don't understand furries at all. It doesn't remotely interest me and I can't really even imagine being interested in it. And that's OK! Someone else being into it doesn't harm me in any way. If it brings someone else joy, I don't have to understand it. I'm just glad my friends have a fun thing they enjoy with their other friends.
kstrauser 17 hours ago [-]
True that. Darned if I have any desire to verify! It doesn't matter one whit to me.
loneboat 17 hours ago [-]
That matches my experience (also not a furry). But there's also a whole additional layer of offsec being (by definition) "doing things you're not supposed to be allowed to do", which has obvious parallels with people who enjoy breaking social norms. I think some people just get a rush from the "transgressive" nature of both circles.
kstrauser 17 hours ago [-]
That's possible, too. There's not a lot of respect for arbitrary rules that don't seem to clearly benefit any legitimate purpose, and people don't tend to limit that thinking to one arena.
miki123211 12 hours ago [-]
I think it's partly also about what you see first.

It's far easier to be transphobic / racist / furry-phobic if the first thing you notice about a person is their gender / race / furriness.

If you are that kind of person, you immediately get into the mindset of "what they're saying isn't worth listening to because they're a <slur>, and <slur>s can't be smart by definition." If you first meet them online, you picture them as smart in your head, before you learn that they're black / trans / furry. When you do learn about that, you already think that they're smart, so it's much harder for your brain to dismiss them just because they're something you don't like.

Gigachad 18 hours ago [-]
I don't have a study, but I became a furry after seeing them in tech spaces all the time while I was learning to program.
post-it 18 hours ago [-]
Closest they can get to piloting a mech.
greggsy 18 hours ago [-]
Why would we need a study? It’s just escapism.
qwery 17 hours ago [-]
The drawing including a couple of anthropomorphised animal characters hardly seems surprising or even noteworthy. The project/product has always had a heavy emphasis on being "fun", including its dolphin mascot/theming/naming.

From the home page[0]:

> Flipper Zero is a tiny piece of hardware with a curious personality of a cyber-dolphin.

One assumes that that "curious personality", the creator's attitude and the styling/presentation of the product/project is part of the reason for the success of the product.

The "furries" (as you call them) don't seem like the primary focus focus of the picture anyway -- there's a wide variety of characters doing a bunch of stuff in the drawing. There's also a dog, a shady-looking person stick up a poster, someone with pink hair, a cyber-dolphin, and I think there might even be more than two genders being represented.

Would there be a problem if the Flipper Zero community was "intertwined with the furry community"?

[0] https://flipper.net/

root_axis 17 hours ago [-]
I would have never associated that image with furries. It looks like an anthropomorphized animal, which is not uncommon in marketing imagery.
xboxnolifes 16 hours ago [-]
Im not sure, but if they are then thats a positive signal for the quality of their tech.
Root_Denied 14 hours ago [-]
New unicorn founder 10x success signal just dropped
Retr0id 18 hours ago [-]
Why not? The flipper mascot is already an anthropomorphic dolphin.
sublinear 15 hours ago [-]
It's a reference to the dolphin in Johnny Mnemonic, and more broadly, dolphins were a forced trend of the 90s. Marketing was just as much of a hive mind back then as it is now.
elevation 14 hours ago [-]
Flipper Zero's marketing helps it to be able to pass as a toy to people who don't know about furries or security.
Gigachad 14 hours ago [-]
I mean it is a toy for 90% of the owners.
quietsegfault 19 hours ago [-]
Cause they like animals or the art style?
UqWBcuFx6NV4r 18 hours ago [-]
OK, so they’re furries.

I love animals. I’ve never once thought: “these humans in this picture should be replaced with anthropomorphised animals”.

This is peak “I read it for the articles”.

ChrisClark 16 hours ago [-]
so how do you explain the dolphin? And all the other cutesy art the product uses?
mplewis 19 hours ago [-]
Yep! Furries are represented strongly in cybersecurity.
ButlerianJihad 18 hours ago [-]
BSD has always been the gayest OS, though
dude250711 19 hours ago [-]
> Is the Flipper Zero community tightly intertwined with the furry community?

That is my conclusion. They are raising much-needed awareness about that underrepresented group.

doublerabbit 19 hours ago [-]
[flagged]
CursedSilicon 19 hours ago [-]
[flagged]
throw-the-towel 12 hours ago [-]
You just said they "chose to be" groomed. Disgusting.
17 hours ago [-]
doublerabbit 19 hours ago [-]
[flagged]
dblrabbit 17 hours ago [-]
[flagged]
doublerabbit 18 hours ago [-]
[flagged]
tomhow 10 hours ago [-]
I understand you have personal reasons for having strong feelings about this. But the guidelines still apply, otherwise there'd be no point in having them. The problem with posting comments in an inflammatory, enraged style is that the substantive point gets lost in the emotional noise. I'm not sure if there's a viable way to share your experience in a form that is compatible with HN's ideal of curious conversation, but if there is, the style of this comment is certainly not it.

The particular parts of the guidelines we need you to pay attention to are:

Be kind. Don't be snarky. Converse curiously; don't cross-examine. Edit out swipes.

Comments should get more thoughtful and substantive, not less, as a topic gets more divisive.

Please don't fulminate. Please don't sneer, including at the rest of the community.

Eschew flamebait. Avoid generic tangents. Omit internet tropes.

https://news.ycombinator.com/newsguidelines.html

iririririr 20 hours ago [-]
what does it matter to you? honest question. would that impact your technical assessment somehow? do you just want in on some probable joke?
UqWBcuFx6NV4r 18 hours ago [-]
Hi. Last I checked, one of the Hacker News rules isn’t “only have serious discussions regarding technical assessments. Failure to comply hereby entitles random people to fly off the handle and get very defensive”.
godelski 13 hours ago [-]

  >  Last I checked, one of the Hacker News rules 
The guidelines do have these points though:

  - Please don't complain about tangential annoyances—e.g. article or website formats, name collisions, or back-button breakage. They're too common to be interesting. 
  -  Please don't pick the most provocative thing in an article or post to complain about in the thread. Find something interesting to respond to instead. 
  -  Please don't post shallow dismissals, especially of other people's work. A good critical comment teaches us something. 
  -  Please don't use Hacker News for political or ideological battle. It tramples curiosity. 
  -  Eschew flamebait. Avoid generic tangents. Omit internet tropes. 
Which, let's be honest, the top comment and majority of the responses violate these guidelines. I was quite surprised to see that that was the top comment. I would have never noticed until they pointed it out. Personally, I don't care and I'd rather read comments about the actual content of the article than talk about furries. They don't live rent free in my head.
hosel 19 hours ago [-]
[flagged]
CursedSilicon 19 hours ago [-]
Ah, the "I don't hate the gays I just wish they'd keep that at home!"
thin_carapace 18 hours ago [-]
[flagged]
embedding-shape 18 hours ago [-]
> why is it okay for sex fetishists to act out sex fetishes in public around kids?

I don't think that's what furries generally do, nor homosexuals for that part, unless you count holding hands or kissing each other on the mouth as "acting out sex fetishes in public"? I don't think I've seen that even once, but living in a "party city", I've more than once seen drunk heterosexual couples having sex in the streets and in the metro.

thin_carapace 18 hours ago [-]
[flagged]
embedding-shape 17 hours ago [-]
Being in an animal suit is "act out sex fetishes in public" because that same suit might be used later in connection with sexual activities? Doesn't that make every heterosexual couples clothes also "acting out sex fetishes in public" somehow then?
thin_carapace 17 hours ago [-]
[flagged]
bschwindHN 16 hours ago [-]
> i can't play devil's advocate for intentionally doing that around kids. I can't even maintain good faith anymore, next time I see that shit I'm putting a stop to it, unless one of you can convince me not to.

We're gonna see some bad headlines coming from this guy's local Charles E. Cheese real soon...

thin_carapace 14 hours ago [-]
you are the third responder to engage in distractory tactics instead of addressing the issue. I'm starting to see a pattern. the question remains, are furries lying to the public, or lying to themselves?
bschwindHN 14 hours ago [-]
I don't have any commenting tactics except spotting the opportunity to slip in a joke. I think it's kind wild that a big thread raging about furries has spawned from the blog post of a hardware company making some quirky RF hardware.
thin_carapace 14 hours ago [-]
my bad, thats pretty funny when read correctly. you are correct, it wasn't appropriate of me to have kicked this off here, dang should wipe the whole comment chain. for the record, flipper zero is designed for western kids to wreak internal havoc, product dev applicability is secondary
bschwindHN 11 hours ago [-]
No worries! I imagine this comment chain is already "flagged" or whatever anyway.
koolala 18 hours ago [-]
Why do you think this has anything to do with the article? No one needs to endulge your bigotry.
thin_carapace 17 hours ago [-]
genuinely curious as to what makes people think it's okay to publicly engage in behaviour directly linked to a sexual fetish which links to the article as per the grandparent comment. I specified around the kids because furries near me go out of their way to have their parties exactly where kids have their parties. nobody has to respond to me, that's true. nobody has to call me names either yet here you are.
koolala 16 hours ago [-]
>what makes people think it's okay to publicly engage in behaviour directly linked

Because your the one linking it to your strawman that has nothing to do with the article. Furry art in the article isn't a sexual fetish. Only bigots here are saying all furries and people who like furry art are some scary sex thing. It's an entire broad genre or Art. The article has nothing to do with sex or kinks or any of this hateful crap. It's just a drawing of animal people.

Wanting to generalize your bad opinions to eveyone for no good reason is exactly what bigotry means. It's not an insult just because it describes what your doing.

thin_carapace 14 hours ago [-]
[flagged]
Gigachad 15 hours ago [-]
> furries near me go out of their way to have their parties exactly where kids have their parties.

Are you talking about public parks? Furries meet up there because it's free public space available to everyone. I am 1 million times more concerned over what happens in private organizations own buildings or billionaire private islands than I am people socializing in a park in view of literally everyone.

The furries meeting up in public parks are mostly teenagers looking to make friends in real life who usually don't have the money to hang out at bars or other commercial venues. The (mostly American) hate of people existing in public without spending money or some special approved activity is more disturbing than anything. I can't imagine being a young person today trying to go out and be social while a bunch of HN users sneer and insinuate you must be some kind of pedo for existing in a public space. Meanwhile they cheer for their favorite billionaire who literally is.

thin_carapace 14 hours ago [-]
the furries near me specifically choose to meet up at a kids playground when there are a million other public spots to choose from. public sexual deviancy has nothing to do with billionaires, trying to drag the conversation away instead of addressing the issue does not do your position any optics favors.
koolala 19 hours ago [-]
If you share biggoted opinions when people didn't ask you, you don't seem very likable so it might specifically be a you thing.
DaSHacka 18 hours ago [-]
[flagged]
Gigachad 18 hours ago [-]
If you see the picture in the article and think it's a kink image then that says more about you than anything.
DaSHacka 18 hours ago [-]
I was replying to GP's assertion more so than just the content in the post itself.

For minor references like the image in the OP post it's whatever. I personally find furry art/culture repugnant, but I know plenty of people feel the same way about other things I like (and of which I insert references to in my projects) so I can't exactly get mad about it.

Still don't agree with the overall concerning trend towards exposing kids to (deviant) sexual material from a young age though, and doubly so that anyone who feels the same is a 'bigot'.

First time I saw a dude on all fours with nothing but boxers, a leather bondage dog mask, and a leash being held by his partner at PRIDE while children came up to pet him was jarring, to say the least.

Gigachad 17 hours ago [-]
Context is everything though. I've met people who believe every flipper zero owner is criminal scum using it to steal cars or break in to houses. When the reality is it's a toy radio for the majority of users.

It's the same for everything. Most furry content has nothing sexual about it, the image in the article is entirely appropriate.

>saw a dude on all fours with nothing but boxers, a leather bondage dog mask

For what it's worth, as a furry I'm also very much not in favor of these people, but they are an entirely different group that doesn't have much to do with furries at all despite superficial similarities. Furries can no more control these people than developers and tinkerers can stop car thieves abusing RF bugs.

mplewis 19 hours ago [-]
I guarantee you've met a furry and not known it.
loneboat 17 hours ago [-]
Same. If the whole point is "people should be left alone to do what they want" then fine, but that should also include my right to think, "eh yeah, that's a bit weird".

And quite frankly, I think many people in the furry community enjoy being thought weird - for many it's sort of the point.

thin_carapace 17 hours ago [-]
exhibitionism being tied in with the fetish is the first valid explanation I've seen in the thread, I'll be impressed if the furries admit it themselves but so far it seems that name calling and spurious arguments is the best ill get, thanks for helping clarify things
11 hours ago [-]
senectus1 17 hours ago [-]
yeah... its a thing.

Its kinda annoying when you open a dev/cyb sec blog in the office and furry characters are scattered all over it.

I'm starting the think we should never have left the text only internet.

nekusar 21 hours ago [-]
[flagged]
tomhow 10 hours ago [-]
Please don't fulminate on HN. The guidelines make it clear we're trying for something better here. https://news.ycombinator.com/newsguidelines.html
rufo 21 hours ago [-]
Given they’ve had several skirmishes with customs and law enforcement agencies around the world, this always struck me as similar to the “don’t talk about installing retail Switch games on the Switch modding Discord” type of deal - everyone knows you can do that, but allowing mentions in official channels opens us to liability and causes nothing but headaches for both us and for customers, so if you’re going to do that, you need to talk about it somewhere else. I freely admit that’s an assumption on my part, though, and I don’t know if there’s something uglier there…?
nekusar 20 hours ago [-]
Its one thing to have a skid come in going "I wanna hack the RFID on the gubbmints's doors how can i do that?"

Versus "we forked the firmware to include a wide range of pentesting tools"

And then get banned for even saying the alternate firmware.

And seriously, this little thing is a wonderful hacker multitool. You can seriously fuck shit up with the hardware they included. For fucks sake, thats WHY they created it.

pocksuppet 19 hours ago [-]
That's how you have to be on Discord, or else your guild gets banned from Discord. I wish we weren't using this crap. On IRC, sometimes you had to deal with cranky netops, but they mostly left you alone.
UqWBcuFx6NV4r 18 hours ago [-]
Absolutely nothing you said refutes anything in the comment you’re replying to. You are just reiterating “I’m angry and this is stupid”. Go write in your journal or something. It’s impossible to engage with someone who isn’t engaging themselves.
bigiain 18 hours ago [-]
Any advice on good communities or sources of (reliable) information on alternative firmwares and pen testing type tools?
embedding-shape 18 hours ago [-]
IRC is still alive and there is bunch of communities around that are a bit more lax, probably because they're half-dead compared to what they used to be. Today probabably Libera.chat would be the best introduction if you haven't touched IRC before.
ButlerianJihad 18 hours ago [-]
“Furries Forking Flipper Firmware” sounds like a promising and/or true and/or Garden-Path headline
elliotec 17 hours ago [-]
Agreed 100% - they bricked the thing with official firmwares, and the "community" is the meanest most awful group of so-called hackers I've ever interacted with. It's more than just COA, they're actively aggressive and insular, not just on discord but reddit and less-known places too (which you can't know because you'll be banned for asking where you could find out).
hananova 21 hours ago [-]
What is the current go-to unofficial firmware? Mine had extreme but I think that one’s dead?
nekusar 21 hours ago [-]
I'm currently using https://momentum-fw.dev/

Works well, and compiling modules like the epaper hacker tool is easy.

https://github.com/i12bp8/TagTinker

hananova 16 hours ago [-]
Thanks for the suggestion!
Shorel 13 hours ago [-]
I would be interested in the names and descriptions of these legit pentesting tools.
gear54rus 21 hours ago [-]
I can understand why that happened at least remotely. If you do all those things they refused 'officially', it might be easier for stupid government idiots to paint it as a dangerous illegal tool.

Adding the necessary hardware while refusing to support arbitrarily iLLegAl things is the best of both worlds.

hdgr 21 hours ago [-]
This. Many legit, but questionable features blown out of proportion already caused many issues with regulators who just don't want to get into details, but just delist from sales/ban the device.

And once you start talking about "jamming" and other 1337 h4x0r stuff - which is straight up illegal and can get you into trouble - on official platforms, don't get offended when that gets removed.

nekusar 20 hours ago [-]
Sure. I get why you don't want the skids jamming. But hell, it is still in your github commit history. Your all historical work was that of a attacking hacker toolkit. Jamming proves that.

Now, that absolutely does NOT excuse Adkins on the discord from people asking how to get the PSK for garage door openers, and emulating the buttons. And especially since it was being asked by owners of said doors.

But you banned people with legitimate and legal uses too.

Good riddance to you all. I've stayed with 3rd party and steered others towards better actors than yourselves.

arkits 20 hours ago [-]
are there any chinese knock offs of the hardware? i've yet to find something that integrates all the features this well
avipars 9 hours ago [-]
On aliexpress there are but I can't vouch for their quality
15155 20 hours ago [-]
> mention ANY of the alternate firmwares on their discord, and you get banned

Does it surprise you that a Russian product team would use these tactics?

nekusar 20 hours ago [-]
Nyet.
asasidh 10 hours ago [-]
Why would they not consider open-sourcing the software side ? Its not like they make any money from the software.
swiftcoder 8 hours ago [-]
> Why would they not consider open-sourcing the software side ?

What part of their GPL-licensed firmware that is hosted in a public GitHub, do you consider not to be open-source?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact
Rendered at 17:47:50 GMT+0000 (Coordinated Universal Time) with Vercel.