from the You-put-on-your-robe-and-wizard-hat dept.
Submitted via IRC for Fnord666
Nearly 30,000 people came to Las Vegas last week for the 26th edition of DEF CON, the iconic security conference. And no small amount of the mental energy of that vast crowd was spent on one particular thing: the conference badge.
This year's badges, designed by Tymkrs, were elevated works of printed circuit board art with a collection of LED-lit features, including red and green human figures and a color-shifting DEF CON logo. But it quickly becomes apparent that there was a lot more going on here than just blinking lights.
DEF CON alternates year to year between electronic, hackable badges and non-electronic ones; last year's badges were a throwback design intended to celebrate the conference's 25th anniversary. But every year, the badges include some sort of clue to a cryptographic challenge—three years ago, the badge was an actual vinyl record that required attendees to find a turntable to hear the puzzle clue.
DEF CON's theme this year was "1983," and the Tymkrs badge itself is, among other things, a gaming platform that evokes 1980s text-based adventures and handheld button-mashers. It's also a hardware hacking challenge.
[...] By plugging a USB-C cable into the badge and connecting it to a computer, attendees were able to access a game screen in a character-based terminal—either by using a terminal application such as PuTTY on Windows or using Linux or MacOS command line tools such as screen. The DEF CON logo at the bottom of the badge doubles as a directional controller, and the "26" on the badge is action controls.
Source: Ars Technica
(Score: 2, Insightful) by Anonymous Coward on Friday August 17 2018, @06:13PM (3 children)
I don't get it. I've never been to DEF CON , but from everything I've heard - attaching a computer to ANYTHING found there sounds like an incredibly bad idea. So who would randomly plug a USB C cable into a badge from there? Or is there some kind of protocol wherein you know that the badges are off-limits to everyone (and a way exists to know that the badge hasn't been tampered with by someone who doesn't live by that honor code?)
(Score: 1, Interesting) by Anonymous Coward on Friday August 17 2018, @07:15PM
Yes. A variation of honour among thieves.
(Score: 0) by Anonymous Coward on Friday August 17 2018, @08:36PM
Especially considering its founder is on the Council on Foreign Relations and the Atlantic Council.
(Score: 5, Informative) by D2 on Friday August 17 2018, @11:11PM
Defcon is a hacker's conference. If things can be broken, people try to break 'em. If things can be secured, people try to do so, then watch to see what they missed. You're misinterpreting the goals and mindset if you think of it as dark or malicious.
So, it's less 'honor among thieves' than the badge designer's awareness that 'ten seconds after the badge is deemed malware, we'll lose trust'. ToyMakerz (TYMKRZ) instead focused on building an 8-circuit puzzlebox, layered with hackerly challenges. The text games across multiple badge types. Visual cues and contact-sensitive pads as buttons. A connector so badges can interconnect, and game elements tied to acquiring the good/bad karma of the badges touched. A chip that unlocks things when desoldered and reversed. Headers to add content. 4xAA batteries so that'd keep the unit alive from Thurs to Sunday, roughly.
Personally, I think the breadth of interaction, ties into real-world, ease of getting it to talk to any term client (heck, my first glimpse was an off-the-cuff cat < /dev/ttyS3 ), and puzzles makes TYMKRZ's badge one of the best official Defcon badges yet.
Let me keep trying to convey the vibe:
- Defcon wifi has 2 flavors: One with strong certificates, one wide open and insecure. The former, I trust my own gear on. The latter, when we connect it's with proper device-level security and software/tools and a high degree of preparedness and mindfulness.
- It has a half-dozen CTF competitions, and people trundling in a hundred different unaltered products to see which ones can be hacked (and improved).
- There are parties, hundreds of speakers, overpriced food and booze, and 'villages' for every hacking subculture from Autos to UV desoldering/rework stations (for lack of an immediate XYZ coming to mind).
- There are also vendors of all stripes, including far better locks than Home Depot carries, hacking tools, HackerBoxes (I bought two), and NoStarch selling all their books at sweet discount.
If you're a hacker, go. If everything I've just described sounds in any way unpleasant... meh, not for you. Cheers.
(Score: 2) by Freeman on Friday August 17 2018, @06:29PM
"Okay. I have thrown the paper aeroplane. ...." --Humbug. Never did finish that game. Was an interesting game that did get me hooked on a MUD (Multi-User Dungeon, Text Game), though.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"