1.3.6.1.4.1.61513Mar 4

I got all my ducks in a row (ok, ignore the state of the kitchen right now)... but the blog post ones of you have been waiting for - Strobecom traffic light control details!

Also a little video of it working in practice.

https://sprocketfox.io/xssfox/2026/03/04/strobecom-ii-reverse-engineering_-can-a-flipper-ze/

Strobecom II reverse engineering: Can a Flipper Zero control traffic lights? Can this blog post prove Betteridge's law of headlines wrong?

Reverse engineering the encoding of Strobecom II signals

xssfox
Show thread1.3.6.1.4.1.61513Mar 5

> After this post goes up I’m going to try to send some of these IDs to see if they trigger anything fun.

ha. it would be really funny if there was a code that always triggered preemption even not configured. a secret traffic light backdoor.

anyway, did you know my favourite number right now is 65015.

Show thread1.3.6.1.4.1.61513Mar 5
I wonder if this is wrapping around the eeprom and causing it to read somewhere else in memory that happens to have the right config byte. I might rerun the test with i2c logic analyser connected
Show thread1.3.6.1.4.1.61513Mar 6
nope this can't be the case because it has to check the value range before looking up the eeprom anyway. the only thing showing up on the bus is the notification from the channel to the main controller to say what just got decoded + a log message to the eeprom. this very much looks like an intended to always decode code.
Show thread1.3.6.1.4.1.61513Mar 6
my other thought is its a special "end of preemption" message - but this doesn't make sense because its logs with the correct ID surely its not a backdoor..... but I dunno.
Show threadCatcrimes

@xssfox if it smells like a backdoor, looks like a backdoor, and opens like a backdoor...

...it's a development test that got left in *coughcough*

Mar 6 at 8:05amWeb