A slack channel just for those working on their own DEF CON badges sprung up. This served as tech support, social hour, and feature brainstorming for all on the channel. In the past badges were developed without much info getting out during the design process. This year, there was a huge leap forward thanks to a unified badgelife API: the badge makers colluded with each on a unified communcations protocol. In the multitude of images below you frequently see Rigado modules used. These, and some others using different hardware, adopted a unified API for command and control, both through makers’ “god mode” badges, and for wireless gaming between participant badges.
I was able to get into the badge makers meetup on Thursday of DEF CON. What follows is the result of a frantic few hours trying to get through the sheer volume of badges and people to share with you all the custom hardware on display. One thing is for sure — there were literally thousands of custom badges built and sold/distributed during DEF CON. I can’t wait to see what the artisanal hardware industry will look like in five years time.
The MrRobot Badge
I knew that Brian Benchoff was working on a badge in his spare time. I had no idea the production he had undertaken. Brian’s Mr Robot Badge was one of the most popular of DC25. He had been working on it for months, ordering several PCB test runs to get the look just right. That’s not a custom solder mask color for the skin tone. Brian used a clear solder mask and two layers of silkscreen when he had Seeed Studio produce the PCBs. It’s driven by an ESP8266 and includes a 144 LED matrix driven by an IS31FL3731. Check out @MrRobotBadge to see the drumbeat of social media he built leading up to the con, and hear the entire story in Brian’s words on his recent project page update.
[Benchoff holding Mr Robot Badge photo by @catmurd0k]
DC DarkNet Badge
DarkNet has got to be the most popular contest at DEF CON. It starts off with a pre-conference online challenge called a casefile. Anyone who solved the casefile was able to purchase one of these badges two hours before they went on sale to the general conference-goers. The badge is necessary to solve the rest of the contest challenges
Our fried [Krux] is the mastermind behind the badge design. As you can see, it is laid out to resemble a rotary phone. Each of the numbers on the dial is a capacitive touch sensor, and the numerals/letters are open spots in the copper. These let back-mounted LEDs shine through. The badge comes as a kit so to use it you first must solder on those surface-mount LED as well as a connector for the screen and the LiPo on the back.
Who Doesn’t Love Blinky?
[Brian Benchoff] actually built three badges for DEF CON. The second was terrible, but the third was a solder kit of Ohm, the Tindie dog. [Jasmine Brackett] and [Shulie Tornel] were on hand talking to people about Tindie (a great place to sell extra hardware badges) and handing out the solder kit that includes two self-blinking LEDs, coin cell and holder, and a custom PCB.
[Sean McCabe] had a 3D badge. It’s the DEF CON 25 logo (note the 2 and 5 make up a skull with keys as the crossbones). There’s an RGB LED controlled by an ATtiny85 and coin-cell on a custom PCB. Grab the design files on his repo.
There was also a ‘punt’ badge. The SecKC folks built a badge (shown later in this article) but couldn’t produce enough in time so they showed up with edge-lit acrylic badges.
DC Zia 505
The DC Zia crew had about 10 people working on the badge this year. It’s their third year building badges for DEF CON and this one features four Cherry MX mechanical keyboard switches… clicky! The badge is a shield for an Arduino 101 (RIP). Last year they built a badge that was a shield for a Raspberry Pi and had a full-color video screen which they were showing off at the meetup. They are also joining in another trend, several badge groups (including MrRobotBadge) were giving away custom fidget spinners as swag.
AND!XOR God Badge
I’m not going to go too far into the AND!XOR badge since I did a full hands-on with the badge before the con. Here we can see the “God” badge that only the core team had. The Bender on a Bender was top three most popular badges at the con if not the most popular. They had a hugely successful Kickstarter and everyone was trying to get one at the con.
They shipped with the multiplayer features disabled until a code was input. This was Tweeted out at the beginning of the con and once people unlocked theirs the botnet game began. I was able to terminal into it and escalate my privileges to get root ([@Hyr0n] did help me out by suggesting which of his hint Tweets to revisit). I came across [Samy Kamkar] with on in the Chill Room. The code running on the ARM processor was read protect and [Samy] was using a Chip Whisperer to try to side-channel attack the badge. That’s pretty awesome!
Car Hacking Village Badge
Badgelife is often pushing right up against deadlines to get everything finished — this is an extracurricular activity after all. This is the un-populated Car Hacking Village badge. The assembly took longer than expected and the finished boards hadn’t arrived as of Thursday evening but did make it for sales in the village on Friday. 900 of these were for sale at $50.
You can see the full glory in this animated Tweet. An OLED display makes up the grill of the truck (which is a PCB itself) with amber blinkies all around. This is car hacking after all so the footprint on the left is for an ODB-II connector.
The Tribble Badge
The Tribble badge was a total surprise for me. [@emilyincarnate] built 58 of them and they were all hand-sewn and hand-soldered. The little balls of fluff were built around Adafruit Trinket boards, with addressable LED discs for eyes. I’m a sucker for the PCB badges with challenge games built into them, but I fell in love with this and it was my favorite to wear around the con. Perhaps I’m anthropomorphizing? I checked out the associated website and it seems there are some crypto challenges waiting to be solved over there. Get to work.
Look on the back of the DC801 Sheep badge and you’ll spot the familiar Rigado module that drives it and links it to the unified botnet game spanning many of the badges and Bluetooth greetings that talk back and forth. In addition, the firmware broadcasts username and then play a game of contagion.
[@rushan_ee] has been developing the board. The prototype boards carried by the core developers have “God” mode that can make clients go in and out of party mode. In total, they built 290 boards plus the 10 prototypes. Presales were coordinated through 801labs hackerspace in Salt Lake City. This is the second year Rushan has led the design and 5 years total for the hackerspace.
Octopus Badge for Bsides Vancouver
The Octopus badge was built for Bsides Vancouver a few months back. [Jake King] made a total of 120 for Bsides Vancouver. It is driven by an ATtiny85 with blue LEDs on four of the eight tentacles. There are two WS2812 modules for the eyes but [Jake] usually leaves them off because they drain the coin cell battery really quickly. You can get your hands on the design files on his blog.
Ides of DEF CON
I think the Ides of DEF CON badge was one of the other top three most popular badges. It was inherently a multiplayer badge, letting you discover and battle other badge owners wirelessly in a video role-playing game. You could walk around the con and see people sitting around glued to these badges like a Game Boy.
Thursday night was the first night everyone was getting together and when we ran into [Zapp] from the AND!XOR crew he was already topped out in level, and XP. The firmware wasn’t read protected (like the AND!XOR firmware) and so [Zapp] dump and disassembled it to artificially boost his player ranking. It’s an instant classic.
You can read about the dev process on the Ides of DEF CON project page. They had a very successful Kickstarter earlier in the summer.
Team Bazooka Badge
This badge was introduced to me as the only badge with a Vacuum Fluorescent Display on it. The VFD is an HD44780 addressable character display. Powering it is a 18650 cell in a battery holder. This is becoming an incredibly popular setup for badges and other custom hardware. You can check out the design, which is based around an ATmega382, on the Team Bazooka repo. This is an ultra-rare badge — so far there’s only one.
We also took a close look at the Hacker Warehouse badge before the con. It has an ESP8266 laid out right on the board rather than opting to solder on a castellated module. The badge is a built as a WiFi testing unit, leveraging the ESP chip’s flexibility in that realm to scan for AP, listen to packets, and even spew deauth packets. I don’t think there was too much mayhem cause on that front this year.
One of the really cool things that went along with the Hacker Warehouse badge is that they shared their space in the vendor area with other Badgelife folks. This provided an area for people who had acquired any of the badges shown off in this article a place and time to meet up with the badge creators themselves. Neat!
It’s worth noting that this was the first hardware endeavor for Hacker Warehouse which has focused on offensive security up to this point.
The DC503 throws503.party. Thank you to [Joe Fitz] for letting us crash it. The party is privately financed and supporting these badges is one way to get yourself into the party. [Joe] is behind this badge, as well as the bicycle design we saw at DC23.
One hundred of these badges were made through the effort of four team members and with the labor-saver of professional assembly. You can see the Rigado familiar rigado module on the back, and the coin cell that powers the badge. I really enjoyed seeing the lanyard, which is a USB-to-Serial cable. You are literally wear what you need to hack it around your neck. The badge hacking contest was judged in the suite at Caesar’s during the 503 party.
SecKC is the Kansas City infosec meetup. They wanted the badge to be a devboard and based it around an NRF module from Sparkfun. So far they’ve seen numerous hacks on the design, the best of which turned it into a cellphone with a rotary dial.
The crew had a preorder of 50 boards and ended up building 60. There was demand for more but they couldn’t get the boards fast enough so they made the acrylic badges we mentioned earlier in this article.
The puffy badge is another that we had an in-depth look at before the con. Shaped like a puffer fish, the badge is based on a router chipset module that was sourced from “some dude in China”. Searching for router chips that could run linux, 40 of the modules were ordered for the project. More details about the development process are available on the website.
Megabling and Derbycon Black Badge
Some people feel like they need to answer the question “How bright can a conference badge really be?”. [Blenster] answered this with a huge triangle badge powered by six 18650 Lithium cells. Look at the power regulation on the back of that thing!
Not to be outdone (by himself), [Blenster] was also sporting a DerbyCon 2016 Black badge which he designed and built himself. Those LEDs have a tiny pitch and he hand-placed and hand soldered with an iron — incredible.
The Dragonfly Badge was featured on Hackaday before the con. It’s primarily a blinky badge, but put more than one of them within sight of each other and they’ll sync up their flashing. One of the really nice touches is the aesthetic of the IR receiver on the tail.
106 of these were built but only 85 were fully functional on Thursday night. In true hacker fashion, the rest were being reworked in the hotel room. I saw a ton of these around the con so I suspect the rework effort was worth it!
Crypto and Privacy Village Badge
The Crypto and Privacy Village badge was one of the most gorgeous pieces of hardware on hand. The team went all out, even delivering the badge in beautiful matte black boxes with guilded lettering and a magnetic closure. The lanyardware have a cypher on them, the back of the badge has a cypher on it. There were PCB keys, ornately cut in interesting shapes. The badge is based on the WROOM32 (ESP32) moduel. It drives a backlit display with a rotary encoder on the front and a few capacitive touch sensors. The package included earbuds; the badge has a headphone jack and was set up to stream DEF CON radio all weekend. That’s a feature of a different color and quite fun!
Plugging into the badge you were greeted with MicroPython for you own badge hacking. On the wireless side, it finds other badges. I couldn’t get confirmation for sure but I heard that these were putting backdoors into the Bender on a Bender badge. Yes, it’s wireless badge warfare out there, friends. These boards were selling for $120 in the Crypto Village. When they sold out the team was trying to get the nonfunctional badges working but would sell to enterprising hardware hackers for $50 upon request.
Bsides San Francisco Badge / Life’s A Breach
[bon] and [redacted], the team behind the Bsides SF badge, came out with two badges this year. Their ‘official’ badge is being pitched as a ‘body camera badge’ for their conference in February. Their second badge is quite literally the best 3D printing work we’ve ever seen.
The Life’s A Breach / Tiki badge is more or less what you would expect from a conference badge — there are blinky bits, batteries, and some nice silkscreen art on a PCB. This gets dialed up to twelve when the 3D printed parts are added. The plastic parts on the Tiki badge are snap fit, with plastic bosses for holes on the badge, tiny ledges to clasp the PCB firmly, and a bit of vellum used as a diffusor for the eyes. We’ve been around the block with 3D printing, and we’ve never seen anything that marries milled PCBs and printed parts this well. We’re literally begging the Tiki crew for a write-up on how they managed to do their plastic parts.
The 1Bitsy 1UP badge should be an incredibly familiar form factor. It’s shaped just like a Game Boy, but with an extra set of right-hand buttons like on the old SNES controllers. With a beautiful color display and audio, this is the portable gaming experience you remember, but hanging around your neck as a conference badge.
The dev board on the front is the 1Bitsy. This was given out to all attendees at the Open Hardware Summit last October. Mine is still on my desk waiting for some love and this is the type of demo I needed to get really excited about it. At the con, [Piotr Esden-Tempski] was running a custom game he wrote for it and the thing is super fast. The pattern demonstration shown here is running at 80 FPS and this is without a framebuffer. It’s the STM32F4 banging 8 bits into the ILI9325 display using DMA that makes this possible. On the back you’ll find an 18650 for power, along with a battery minding circuit and an SD cards slot. We can’t wait to bump into [Piotr] at he next live event to see what’s been a added to the part of the board marked:
Here be dragons. Well, not at the very moment, but soon, I promise! Just wait for it. :D
The greatest year of electronic conference badges yet
Badgelife is truly amazing. Should you give it a try? Yes, but not for the money. This is an art and not a business endeavor. There is no badge competition between makers, there is only a willingness to celebrate the effort and ingenuity to that go into every badge, whether it be a blinking LED or a networked multiplayer game. This is what drives the developers and what makes the badges themselves such a hot commodity at the conference.
This was the greatest year of badgelife yet, and we can’t wait to see what everyone will come up with by next year.
[Featured image source of all badges taken by Cat Murdock. You should follow her on Twitter.]