I got a great seat on the main floor for the first big DEFCON 22 talk which is a welcome to the con and discussion of the badge hardware. [LosT], the creator of this year’s badge, started the discussion with a teaser about the badge… there’s a phone number hidden as part of the challenge. [LosT] took a call from someone chasing the puzzles. The guy was in the audience which was pretty fun.
The process of building a puzzle that can be solved at DEFCON is really tough. How do you make it just hard enough that it won’t get pwned right away but easy enough that a large number of attendees will be able to figure it out during the weekend? The answer is to build a secure system and introduce strategic flaws which will be the attack vectors for the attendees solving the badge challenge.
Of course the badge can be used as a development platform. The populated electronics on the board all have these nice little footprints which can be cut to disconnect them from the chip. The breakout headers on either side of the board allow you to connect headers for your own uses. Great idea!
The back of the lanyards have special characters on them too. This encourages community at the conference. To solve the puzzle you need to find others with different lanyards. Compare the glyphs and crack the code (so far I have no clue!!).
Know what I’m doing wrong? Have suggestions on where to go from here? I’ll be checking the comments!
Perhaps the LEDs make a POV thingy. You should post a video of the badge doing it’s thing so those of who aren’t there can see it. Please.
There are bold white chinese numbers on each lanyard. You have 9, 10, and 5 there. The other bold white symbols look Korean but I am not sure. Perhaps the glyphs connect together in an unsual topology, like the blueprint cubes in Contact the movie
The Korean says “vertical” (on the one with the Chinese character “shi” (10) that looks like a plus sign) and “Horizontal” on the one with the chinese character “jiu” (9).
Weave them together…
The lanyard says “1” “4”, separately, in Chinese.
We have two in a hotel room here. One has been flashing leds left to right most of the day, and intercepting in the middle, and is now flashing a series of two on one side then two on the other side, with the two in the middle alternating.
No firmware dumps or USB connections attempted here yet.
Also, the character in the upper right corner on the back of the badge differs between badges as do the number sequences.
yeah maybe it’s three dimentional
The gylphs certainly contain the same shape with various lines removed. You could start with the base shape and then figure out what removing the lines means. Draw one on a napkin with all the lines combined from one color lanyard. The black lanyards are in one orientation. The blue one is perpendicular to the black ones.
Those aren’t jumper blocks that you can cut. They’re part of the code. Why would you series jumper blocks? and if you look carefully the vias at the top don’t connect to them.
Look closer, the vias do connect.
There might also be a pattern to the series of glyphs, if you’re talking about the lanyard. I’ve had a couple drinks and am just bouncing ideas around here.
Follow them from left to right, you end up with two rectangles and a single updward line, with an underscore. It looks kind of like a horizontal key.
Just noticed that they were giving out another set of glyphs and Chinese characters on the lanyards Saturday morning. Can’t post a pic from here, but the ones I’m looking at are not the same. I receieved mine on 08/09
http://www.reddit.com/r/Defcon/comments/2cwgnr/badge_hacking/
http://www.davidaking.org/Ciphers.htm
there are a few different sets of fonts that spell ‘human’. The pads connecting the LEDs are silkscreened differently between badges, and the gpio breakout has square or round pads in a different patterns depending the badge. On top of that there’s a different Korean character at the top right of the back of the badge.
I also noticed the different ‘human’ writing. My first guess is that badges were made at different times and/or by different manufacturers. My point is: it might not mean anything.
I spent an unnecessary amount of time trying to find hidden clues in the phrases the badge randomly transmits:
DO NOT QUESTION AUTHORITY
NO IMAGINATION
SUBMIT
OBEY
CONFORM
BUY
NO INDEPENDENT THOUGHT
STAY ASLEEP
WATCH TV
MARRY AND REPRODUCE
CONSUME
EAT
WORK EIGHT HOURS
Here’s some crappy perl I wrote to try and find numeric hints: http://pastebin.com/FVz1xPvZ
I found only random distributions of phrases and spaces.
The phrases all come from this movie, btw: http://www.imdb.com/title/tt0096256/
I doubt they would make the font so different if there was nothing about it. Maybe they were different just to make it easier to nice all the other differences (like each font corresponds to one korean character). Someone solved the badge challenge, so I hope the winner publishes a writeup.
There is a purpose/reason to all of the little changes in things I do…
-1o57
If you are still interested in the Lanyards, here is the methodology to solve that part of the Badge puzzle: http://dc22badge.wikia.com/wiki/Lanyard_Information
-d4e5v8
Compiled some of our findings so far: https://docs.google.com/document/d/1i_IzirY2fsMHSnP5PKfV_zaWZzfER1UUQSK1m10cC3Q/edit?usp=sharing