• no banana
    link
    English
    5510 months ago

    I see how that might make sense to lawmakers. It does present itself as a problem. But the fact that it is a symptom of a security issue is the reason it shouldn’t be outright banned. I haven’t used the thing, but it has looked to me like a pretty snazzy multitool.

    It’s like banning swiss army knives. I can see why it looks like it makes sense, but it really doesn’t.

    • @CosmicTurtle
      link
      English
      4610 months ago

      It reminds me of a lawmaker in one of the flyover states that wanted to make it illegal to look at the source code of a website.

      Think about this for a second.

      And realize that this twat is writing laws.

      • @rdyoung
        link
        English
        310 months ago

        I had not heard of that one. Was it the “internet is full of tubes” guy?

        • @CosmicTurtle
          link
          English
          2410 months ago

          No, it was a few years back when a researcher found that there was a plain text file of county employee social security numbers just sitting inside the JavaScript of a government website.

          There are too many Google results from the upcoming election for me to sort through but suffice it to say, the guy was a class A idiot.

        • @[email protected]
          link
          fedilink
          English
          1610 months ago

          I don’t think so, but it was in response to some smart people developing their government website with the database stored basically in the HTML of the website if I remember correctly. A good Samaritan reported it and was basically charged with hacking the state.

          • pixelmeow
            link
            English
            410 months ago

            The problem with this is that reading the generated HTML behind a page that has been served to your browser does not prove that data was stored in an HTML source file. The data is inserted into the page while it’s being served to the browser. That’s what the JavaScript does after it requests the data from the backend code, which gets the data from the database (or whatever storage is being used) and sends it back to the JavaScript, which puts it in the page.

            Saving data in source HTML files would mean every possible combination of data anyone might request must be saved in its own separate file, which is definitely not how web development is done. Laws should not be made by people who don’t know what they’re talking about.

          • Mario_Dies.wav
            link
            fedilink
            English
            110 months ago

            A good Samaritan reported it and was basically charged with hacking the state

            Wait, really? What would I search to read more about this? Do you remember which state?

            • lad
              link
              fedilink
              English
              510 months ago

              I remember hearing about this, so I tried searching for someone “being charged after reporting personal data exposed on a website”

              Turns out, it’s Missouri, 2019, or another article on the same topic

              • Mario_Dies.wav
                link
                fedilink
                English
                310 months ago

                Holy shit, that governor really made an ass of himself. He just kept doubling down lol

                Thanks for the links!

        • lad
          link
          fedilink
          English
          810 months ago

          Happened around 2021-10-15:

          Missouri Gov. Mike Parson said that his administration is pursuing the prosecution of a local newspaper reporter who alerted the government to website security flaws.

          It’s in the following sources, at least: TechCrunch, NPR, NY Times

        • Aatube
          link
          fedilink
          0
          edit-2
          10 months ago

          What’s wrong with that “a series of tubes” speech? It seems pretty accurate to bandwidth

          Edit: Searched it up. The part that was wrong was him blaming email delays on bandwidth.

    • lad
      link
      fedilink
      English
      1610 months ago

      It’s like banning swiss army knives

      That’s why we went forth and banned everything swiss, army, or knive, altogether

    • @rdyoung
      link
      English
      1210 months ago

      I’ve been watching flipper since it was announced. I should probably buy one and play with it.

      All this is going to do is increase sales of the thing and probably increase the number of “kids” trying to break into cars. Streisand effect ftw.

      • @[email protected]
        link
        fedilink
        English
        710 months ago

        I have one.

        Its fun.

        But on the subject of rolling codes, I was able to get through a security gate that relies on, essentially, a garage door opener.

        The exploit relied on the ridiculously low amount of rolling codes it cycled through.

        Capture one, and try it a few times to get through.

        Cars are more robust. Despite tinkering with it for about 8 hours, I wasn’t successful with defeating it. That being said, I picked up the device, in part, to start messing around with various signals as an educational tool.

        • @rdyoung
          link
          English
          210 months ago

          I really should get one. I should also grab the latest version of kali (if that’s still around), I haven’t played with that in a long time.

    • LazaroFilm
      link
      English
      4
      edit-2
      10 months ago

      The real problem is Flipper Zero is just a nicely packaged tool that can also br easily assembled with other off the shelf parts. And those parts alone can do many other things that should not be made illegal. The real solution should be from car manufacturers and ensuring that they don’t use tech that can be so easily hacked.