The Latest Update to the Flipper Zero Lets It Flip-Flop Between Any of Its Three Frequency Bands

According to the incredible success of it's initial crowdfunding round, most of the internet seemed to have gotten wind of the Flipper Zero back when we covered the kick-off of the Kickstarter, some 6 months ago.

This slick, fine-looking device is touted as a digital Swiss Army knife of sorts — an open hardware platform with peripherals chosen to enable it to poke, probe, and prod nearly every physical interface you are likely to see in a commercial, consumer-grade product.

Designed to get you some insight on your wireless smart light, or reveal the hidden detail of an IrDA transmission, it's a portable pentesting tool for the discerning hardware "phreaker" on the move.

One hell of a ride!

The word spread like a wildfire, and well, the numbers simply speak for themselves. I sat watching that total ratcheting up towards the sky at near lightspeed for quite some time that day.

I've never seen anything quite like that surge!

With some nearly 40,000 people pledging a total amount just shy of $5 million dollars — reaching it's funding goals 81 times over, the hubbub about this handheld hardware phreaking device has clearly been heard far and wide!

So, what's been happening in the time since that success?

Well, the most interesting point of note in the recent updates is actually pretty impressive.

One of the main features of Flipper Zero is its inclusion of a CC1101 sub-GHz RF transceiver IC.

With many home automation systems relying upon the unlicensed ISM bands, Flipper is perfect for figuring out the RF packet coding needed to close the curtains.

The thing is, the frequency allocation for these bands varies by region, and that difference is several hundred MHz from continent to continent.

So while the CC1101 is more than capable of synthesizing the carrier frequencies for these ranges, you can't just dump the same external RF circuit and antenna onto the board for and expect it to work across the entire range. It just isn't going to work.

When I originally covered the Zero in our earlier linked article — I posited that it might be up to the end user to swap out the antenna and matching components themselves, allowing them to pick the desired band for their regional frequency allocation.

Flipper have raised the freakin' bar.

The main issue with trying to cover that wide a swathe of spectrum space is that you have to deal with tuning the antenna, and RF path components to resonate at the desired frequency.

If you're lucky, you might get away with some harmonic overtones when working with certain frequencies, but the range here simply won't be covered by a one-size-fits-all filter and tuning set.

RF design can be fraught with unexpected challenges and constraints

First and foremost, you need an antenna that has suitable gain for the spectrum you are looking to cover.

There's a saying that goes something along the lines of... "designing an antenna is easy — nearly anyone can do it without even trying. However, designing one that works as intended is the tricky bit.

At the end of the day — everything is an antenna in the RF world. Annoyingly so. The magic comes from making an antenna that has specific gain and resonance at a given frequency.

If you're very good, you can figure out the geometry needed for a wide-band antenna, that has decent gain across your frequencies of interest.

While most commercial, off the shelf parts will be optimised for a specific frequency, or group of bands, Flipper has forged ahead, and calculated the parameters required for a wide-band sub-GHz antenna of their own custom design, in order to meet the unusual use case needs.

I am not in any way a RF guy, but my feeling is that the wide-band coverage has something to-do with the variable pitch spacing we see in the plan view of the coil in the image above.

This is going to have a direct effect on the gain characteristics - but I would never have had the gall to assume that tuning for multiple bands would be as simple as a variable pitch wound coil antenna. It makes sense though — and might make for a good "further reading" topic for the quiz on Monday.

RF. It's witchcraft, I swear.

With a wide-band antenna in hand, there is still the case of tuning the matching that exists beyond the balun in the RF path.

A matching network, also called an impedance transformer, is used to create a matched impedance between a source and a load (for example, between a power amplifier and an antenna).

As there will be a different characteristic impedance of the matching network that is a function of frequency, while it seems that are indeed wide-band antennas, that just isn't as feasible for the function of the RF components.

Looking above, we can see a significant overhaul in how the radio section of the Flipper Zero is laid out. Shown below is the original, single-band tuned version.

We can clearly see there has been some significant improvement in the design, with the visible signs of some well reasoned design input.

This is a massive step up in terms of design functionality — showing a significant development effort as a result of all the crowdfunding success!

This wide-band switching is nothing I've ever seen paired with the CC1101 in a hobby-maker level design, and I will be speaking to Flipper to see if they want to talk us through the design rationale and process for this crafty RF switched path matching network niftiness in the near future!

That is, once they've passed radio certifications, completed the pre-release production run, and fulfilled the almost unbelievable amount of orders received for this pen testing product already!

What else is new in Flipper?

Well, we're starting to see all the proposed features coming together at last, and it looks awesome! From modular expansion, using the module header ports — such as hooking up a ultrasonic distance sensor, seen below...

To the backdoor-enabling BadUSB mode, which probably going to always find a hole in at least one overlooked system in a wider organization...

We can't wait to see this Flipper flying off the production lines.

The amount of progress we've seen from the Flipper Team is nothing short of incredible — from continued product design, to the more than polished press pack — this is a pretty good picture of how to push a product to the people!