The AND!XOR team have somehow managed to outdo themselves once again this year. Their newest unofficial hardware badge for DEF CON 26 just arrived. It’s a delightful creation in hardware, software, and the interactive challenges built into both.
They call this the “Wild West of IoT”, a name that draws from the aesthetic as well as the badge-to-badge communications features. Built on the ESP32-WROVER module which brings both WiFi and Bluetooth to the party, the badges are designed to form a wireless botnet at the conference. Anyone with a badge can work to advance their level and take more and more control of the botnet as they do.
Check out the video overview and then join me below for a deeper dive into all this badge has to offer.
I’ve been following the development of this badge for many months. The team launched a Kickstarter which successfully raised $47,000 to build the badges, almost four times that of the previous year. I’m happy to see that those backers are now getting the badges in the mail with two weeks to spare before the con.
When looking at the design online it seemed huge, but with one in hand it’s actually a very reasonable size. The board is much narrower than last year’s badge — check out my review of that one — and moves down from three AA batteries to just two so it’s also much lighter. The solder mask is white with black silks screen that uses hatching for additional detail. Where the 2017 Bender used matte black finish, this one is glossy and it looks great. The gold plated copper accents are eye-catching in a good way. I think the use of the gold is a real improvement over last year’s design where it was not quite as obvious.
The electronic components used this design are very interesting. The badge’s Hackaday.io project page doesn’t yet have a Bill of Materials, so I had to do some guessing. There is a tiny accelerometer whose part number I simply cannot read but I think I’ve figured out the rest.
The main processors is an ESP32-WROVER module. Modules are becoming the defacto standard for small-run wireless devices since they’ve previously passed FCC so your product won’t need to. Under that shielding is a 32-bit dual-core process that takes care of both WiFi and BLE while the antenna is build intot the black part of the module protruding beyond the can. GPIO handling for this module is made a lot easier by two of the other chip choices the team made.
A GreenPAK NVM handles the buttons. It’s a programmable device whose operation is akin to an FPGA or CPLD. It has been tasked with debouncing the buttons. When a debounced button press is detected, it throws an interrupt to a pin monitored by the ESP32 and makes the state information available via i2c. Another cool choice is the IS31FL3736 LED driver by ISSI that services the 31 RGB LEDs and the single red LED that is the eye of Bender. This chip scans a 12×8 matrix, and communicates with the processor via i2c as well. Rounding out the peripheral chips is a Silicon Labs CP2102N which provides the USB connectivity to the badge.
Log In, Walk South
I stayed up waaaay too late at last year’s DC trying to get root and solve some of the puzzles on the Bender on a Bender badge. This year’s puzzles seem even better. The badge has an “unlocks” screen that acts a scoreboard for the things you’ve discovered on the badge. The most likely avenue is through the serial port. Where last year there was a Bluetooth terminal, this year it’s USB which I think is more user friendly, plus it powers the badge rather than burning the batteries.
In the video I play around with the terminal for a few seconds so check that out. In addition to the commands you’d expect in a *nix shell, there is support for a text-based adventure game (think Zork). Playing this in a terminal window on my computer and seeing the ASCII art come up has a really interesting effect on me. Having this all running from a custom electronics badge (and not telnet over the Internet) has a nostalgic feel of the days of dial-up BBS games.
The botnet is something I didn’t explore much in previous years. The basics of it involve the badges forming a mesh network and providing mechanisms for you to take over other badges. I know that some people reverse engineered the protocols and wrote code to command badges in ways not originally intended by the design. We’d love to hear any stories you have of the botnets of years past so please leave a comment below!
It’s an Amazing Time for Custom Hardware
Now is the part of the review where I psychoanalyze the badge makers. It’s hilarious that you can trace an arc of the badge art from the innocent, unadulterated Bender of DC24, to the Hunter S. Thompson art of Bender on a Bender, and now this year he’s looking worse for wear as Wild West of IoT. I know from reading the project logs that this is West World inspired, but I can’t help but compare this to the evolution of AND!XOR as a group of people.
The time and creativity poured into the last three years is epic. With the first badge they didn’t know the full extent of what they were getting into. Now, the traps along the way are expected, but they still push themselves to take on new and interesting challenges, and to churn out a huge number of badges. I sure hope they choose to keep this up, because what we’re seeing from AND!XOR is a spectacle of the custom hardware universe that comes along far too rarely.