this post was submitted on 10 Feb 2024
354 points (96.1% liked)
Technology
59052 readers
6622 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I still don’t understand
Pen-testing is short for penetration testing. Which is testing if you can break into the things. Like a locked office or a computer system, etc. Legally, it's done to find flaws that need to be fixed before they get used nefariously.
Pen testing techniques and tools are essentially break in tools. In this case, a tool for mimicking car key fobs and the wireless signals they send to the car.
Pen-testing: penetration testing, basically good guy hacking to find security vulnerabilities so that they can be fixed, basically finding out how easy a security system is to penetrate.
Debugging: fixing problems in hardware and software
RFID (Radio Frequency IDentification), radio, NFC (Near Field Communication,) infrared, Bluetooth: different forms of wireless communication.
RFID is used for stuff like security tags on merchandise, car key fobs
NFC is similar (you could probably make an argument that NFC is basically a type of RFID) with a very short range used for things like making payments with your phone
Bluetooth you're probably somewhat familiar with, in used for a lot of consumer electronics, wireless headphones, speakers, computer mice, etc.
All of those use radio waves in some form to pass information from one device to another.
Infrared uses a infrared light to send information, the most common use you've probably seen is for TV remotes, which is why you have to point the remote at the TV to work, you're basically flashing an invisible flashlight at the sensor on the TV
This device can basically mimic any of those kinds of signals allowing it access, control, or bypass devices and systems that use those protocols.
This can be useful for people working on those kinds of systems, you don't need to have the actual key card, remote, device, etc. to test it out, you can try a bunch of different configurations without needing to reprogram the card a bunch of times, and gives you a lot of options to test for different vulnerabilities and issues.
But those same capabilities make it attractive to people who would use it maliciously. If they don't have the right security measures in place, something like this device could be used to gain access to secure areas by spoofing a key card, unlock cars, interfere with cell phones, snoop on wireless communications, gain access to a someone's devices, etc.
It's basically a 2 way radio with tools for those who like to mess with the radio spectrum. That's the most simple explanation I can make for such a device.