[Josh] attended his first SAINTCON this weekend before last and had a great time participating in the badge hacking challenge.
The 2014 SAINTCON is only the second time that the conference has been open to the public. They give out conference badges which are just an unpopulated circuit board. This makes a lot of sense if you figure the number of people who actually hack their badges at conferences is fairly low. So he headed off to the hardware hacking village to solder on the components by hand — it’s an Arduino clone.
This is merely the start of the puzzle. We really like that the published badge resources include a crash course on how to read a schematic. The faq also attests that the staff won’t solder it for you and to get your microcontroller you have to trade in your security screw (nice touch). Once up and running you need to pull up the terminal on the chip and solve the puzzles in the firmware’s menu system. This continues with added hardware for each round: an IR receiver, thermistor, EEPROM, great stuff if you’re new to microcontrollers.
[Josh] mentions that this is nothing compared to the DEFCON badge. Badge hacking at DEFCON is **HARD**; and that’s good. It’s in the top-tier of security conferences and people who start the badge-solving journey expect the challenge. But if you’re not ready for that level of puzzle, DEFCON does have other activities like Darknet. That is somewhere in the same ballpark as the SAINTCON badge — much more friendly to those just beginning to developing their crypto and hardware hacking prowess. After all, everyone’s a beginner at some point. If that’s you quit making excuses and dig into something fun like this!
Looks great! And challenging
I like how the participant “earns” extra functionality and sensors.
Which leaves me wondering, for this and other “hackable badges”.
An attendee could spend so much time hacking their badge, how many of the talks, poster sessions, and booths will they miss at the conference/convention?
That’s why our DC23 badge won’t really have much for hardware hackability directly on it; we will instead have some add-on hacker boards with a few different microcontroller types, 0.1″ proto area and SPI breakout for comms to the main MCU. But honestly there just isn’t enough time and people are busy with official DC stuff or booze so I doubt even that will be used.
I still like the idea of this type of hackerbadge for smaller events though.
I glanced through the “How to Read a Schematic”, and realised for the first time how much like gibberish it would be to someone totally new to electronics. Sometimes it truly is amazing what we take totally for granted after a few years.
i’m venturing out to say i spy a sparkfun board, just from looking at the picture.
Somebody want to share with the class what a ‘security screw’ is?
Hexagonal, or triagular grove, sometimes with a stud in the middle. Their only emotion is hatred.
Wow! 3 references to different definitions of “screw” in one sentence! +1
I wondered the same thing, then it became painfully obvious. Strange how obscure that wording is. Think triwing for nintendo, pentalobe for apple, or just a regular torx security for most mounting brackets.
Ahh, I figured it was exactly what it sounded like, I just wasn’t sure if it was intended to prevent the MCU from being inserted or what it’s role(aside from achievement token) was.
Oh… I get it. They’re supposed to figure out how to remove the thing on their own in order to get the MCU…..
I wonder how many BIC pens died at that convention :P