Video Review: AND!XOR DEF CON 26 Badge

The AND!XOR team have somehow managed to outdo themselves once again this year. Their newest unofficial hardware badge for DEF CON 26 just arrived. It’s a delightful creation in hardware, software, and the interactive challenges built into both.

They call this the “Wild West of IoT”, a name that draws from the aesthetic as well as the badge-to-badge communications features. Built on the ESP32-WROVER module which brings both WiFi and Bluetooth to the party, the badges are designed to form a wireless botnet at the conference. Anyone with a badge can work to advance their level and take more and more control of the botnet as they do.

Check out the video overview and then join me below for a deeper dive into all this badge has to offer.

Continue reading “Video Review: AND!XOR DEF CON 26 Badge”

Hackaday Links: June 24, 2018

What do you do if you’re laying out a PCB, and you need to jump over a trace, but don’t want to use a via? The usual trick is using a zero Ohm resistor to make a bridge over a PCB trace. Zero Ohm resistors — otherwise known as ‘wire’ — are a handy tool for PCB designers who have backed themselves into a corner and don’t mind putting another reel on the pick and place machine. Here’s a new product from Keystone that is basically wire on a tape and reel. It’s designed to jump traces on a PCB where SMD zero ohm resistors and through-hole jumpers aren’t possible. I suppose you could also use it as a test point. They’re designed for high current applications, but before we get to that, let’s consider how much power is dissipated into a zero ohm resistor.

By the way, as of this writing, Mouser is showing 1,595 for Keystone’s 5100TR PCB jumpers in stock. They come on a reel of 1,000, and a full reel will cost you $280. This is significantly more expensive than any SMD zero ohm resistor, and it means someone bought four hundred of them. The electronic components industry is weird and you will never understand it.

There’s a new product from ODROID, and you want it. The ODROID-GO is a Game Boy and Sega Master System emulator running on an ESP-32, has a fantastic injection molded case, and looks phenomenal.  You can buy it now for $32. Does this sound familiar? Yes, a few months ago, the PocketSprite was released. The PocketSprite is the tiniest Game Boy ever, and a project [Sprite_TM] introduced to the world at the 2016 Hackaday Superconference.

This week, the speaker schedules for two awesome cons were announced. The first is HOPE, at the Hotel Penn on July 20th. Highlights of this year? [Mitch Altman] is talking about DSP, [Chelsea Manning] will be on stage, someone is talking about HAARP (have fun with the conspiracy theorists), and someone is presenting an argument that [Snowden] is an ideological turd. The speaker schedule for DEF CON was also announced. The main takeaway: god bless the CFP board for reigning in all the blockchain talks, the Nintendo Switch was broken wide open this year, but there’s only a talk on the 3DS, and there’s more than enough talks on election hacking, even though that was a success of propaganda instead of balaclava-wearing hackers.

The C.H.I.P. is no more, or at least that’s the rumor we’re running with until we get some official confirmation. When it was introduced, the C.H.I.P. was a Linux system on a chip with complete register documentation. It appears the end of C.H.I.P. is upon us, but have no fear: there’s a community building the PocketC.H.I.P., or the C.H.I.PBeagle. It’s a single board computer based around the OSD3358 from Octavo, the same system found in the PocketBeagle. Source in KiCAD, and people are working on it. Thanks [smerrett79] for the tip.

Hackaday Links: May 6th 2018

Way back in the day, if you were exceptionally clever, you could just solder more RAM to your computer. You did this by taking a DIP, stacking it on top of an existing RAM chip, bending out the enable pin, and soldering everything down. Wire the enable pin to an address pin, and you have more RAM. [Eric] wanted to get a game running on a Tandy 1000A, but that computer just doesn’t have enough RAM. The solution was to stack the RAMs. It’s a human centipede of deadbugging skills.

We’ve mentioned this before, but I just received another copy of either the best or worst press release I’ve ever seen. Dateline George Town, Cayman Islands: Onstellar is a cryptocurrency-based social network focusing on the paranormal. Apparently, you can use a blockchain to talk about UFOs. It gets better, though: Onstellar will be exhibiting at the world’s largest UFO conference at the beginning of June, in the middle of the Mojave, where a bunch of Air Force and Navy planes are flying all the time. It seems like you would want to have a UFO conference where there’s a lower rate of false positives, right?

A Biohacker has died. Aaron Traywick was found dead in a sensory deprivation chamber in Washington DC this week. Traywick found fame as the CEO of Ascendance Biomedical and by skirting the FDA by self-medication; he recently injected himself with a ‘research compound’ that he said could cure herpes. He was planning CRISPR trials in Tijuana.

You’ve heard of Bad Obsession Motorsports, right? It’s a YouTube channel of two blokes in a shed stuffing a Celica into a Mini. It is the greatest fabrication channel on YouTube. They haven’t uploaded anything in six months, but don’t worry: the next episode is coming out on May 18th. Yes, this is newsworthy.

As further evidence that Apple hardware sucks, if you plug both ends of a USB-C PD cable into a MacBook, it charges itself.

Defcon China is this week. Let me set the scene for you. Last year, at the closing ceremonies for Defcon (the Vegas one), [DT] got up on stage and announced 2018 would see the first Defcon in China. The sound of four thousand raised eyebrows erupted. We’re interested to see how this one goes down. Here are the talks It’s a bit light, but then again this is only the first year.

The Swiss Guard is now 3D printing their helmets. The personal army of the Pope also wears funny hats, and they’re replacing their metal helmets with 3D printed ones. Of note: these helmets are printed in PVC. The use of PVC has been repeated in several high-profile publications, leading me to believe that yes, these actually are printed in PVC, or everyone is getting their information from an incorrect Vatican press release This is odd, because PVC will give everyone within a five mile radius cancer if used in a 3D printer, and you wouldn’t use PVC anyway if ABS and PLA are so readily available. If you’re wondering if injection molding makes sense, giving each new recruit their own helmet means producing about thirty per year; the economics probably don’t work.

Hackaday Links: April 22, 2018

Eagle 9 is out. Autodesk is really ramping up the updates to Eagle, so much so it’s becoming annoying. What are the cool bits this time? Busses have been improved, which is great because I’ve rarely seen anyone use busses in Eagle. There’s a new pin breakout thingy that automagically puts green lines on your pins. The smash command has been overhauled and now moving part names and values is somewhat automatic. While these sound like small updates, Autodesk is doing a lot of work here that should have been done a decade ago. It’s great.

Crypto! Bitcoin is climbing up to $9,000 again, so everyone is all-in on their crypto holdings. Here’s an Arduino bitcoin miner. Stats of note: 150 hashes/second for the assembly version, and at this rate you would need 10 billion AVRs to mine a dollar a day. This array of Arduinos would need 2 Gigawatts, and you would be running a loss of about $10 Million per day (minus that one dollar you made).

Are you going to be at Hamvention? Hamvention is the largest amateur radio meetup in the Americas, and this year is going to be no different. Unfortunately, I’ll be dodging cupcake cars that weekend, but there is something of note: a ‘major broadcaster’ is looking for vendors for a ‘vintage tech’ television series. This looks like a Canadian documentary, which adds a little bit of respectability to this bit of reality television (no, really, the film board of Canada is great). They’re looking for weird or wacky pieces of tech, and items that look unique, strange, or spark curiosity. Set your expectations low for this documentary, though; I think we’re all several orders of magnitude more nerd than what would be interesting to a production assistant. ‘Yeah, before there were pushbutton phones, they all had dials… No, they were all attached to the wall…”

The new hotness on Sparkfun is a blinky badge. What we have here is a PCB, coin cell holder, color changing LED, and a pin clasp. It’s really not that different from the Tindie Blinky LED Badge. There is, however, one remarkable difference: the PCB is multicolored. The flowing unicorn locks are brilliant shades of green, blue, yellow, pink, purple, and red. How did they do it? We know full-color PCBs are possible, but this doesn’t look like it’s using a UV printer. Pad printing is another option, but it doesn’t look like that, either. I have no idea how the unicorn is this colorful. Thoughts?

Defcon is canceled, but there’s still a call for demo labs. They’re looking for hackers to show off what they’ve been working on, and to coax attendees into giving feedback on their projects.

Hackaday Links: February 18, 2018

Hacker uses pineapple on unencrypted WiFi. The results are shocking! Film at 11.

Right on, we’ve got some 3D printing cons coming up. The first is MRRF, the Midwest RepRap Festival. It’s in Goshen, Indiana, March 23-25th. It’s a hoot. Just check out all the coverage we’ve done from MRRF over the years. Go to MRRF.

We got news this was going to happen last year, and now we finally have dates and a location. The East Coast RepRap Fest is happening June 22-24th in Bel Air, Maryland. What’s the East Coast RepRap Fest? Nobody knows; this is the first time it’s happening, and it’s not being produced by SeeMeCNC, the guys behind MRRF. There’s going to be a 3D printed Pinewood Derby, though, so that’s cool.

జ్ఞ‌ా. What the hell, Apple?

Defcon’s going to China. The CFP is open, and we have dates: May 11-13th in Beijing. Among the things that may be said: “Hello Chinese customs official. What is the purpose for my visit? Why, I’m here for a hacker convention. I’m a hacker.”

Intel hit with lawsuits over security flaws. Reuters reports Intel shareholders and customers had filed 32 class action lawsuits against the company because of Spectre and Meltdown bugs. Are we surprised by this? No, but here’s what’s interesting: the patches for Spectre and Meltdown cause a noticeable and quantifiable slowdown on systems. Electricity costs money, and companies (server farms, etc) can therefore put a precise dollar amount on what the Spectre and Meltdown patches cost them. Two of the lawsuits allege Intel and its officers violated securities laws by making statements or products that were false. There’s also the issue of Intel CEO Brian Krzanich selling shares after he knew about Meltdown, but before the details were made public. Luckily for Krzanich, the rule of law does not apply to the wealthy.

What does the Apollo Guidance Computer look like? If you think it has a bunch of glowey numbers and buttons, you’re wrong; that’s the DSKY — the user I/O device. The real AGC is basically just two 19″ racks. Still, the DSKY is very cool and a while back, we posted something about a DIY DSKY. Sure, it’s just 7-segment LEDs, but whatever. Now this project is a Kickstarter campaign. Seventy bucks gives you the STLs for the 3D printed parts, BOM, and a PCB. $250 is the base for the barebones kit.

We Are Now At DEFCON 2

If you had a working DEFCON meter that reported on real data, would it be cool or distressing?

Before we get ahead of ourselves: no, not that DEF CON. Instructables user [ArthurGuy] is a fan of the 1983 movie  War Games, and following a recent viewing –hacker senses a-tingling — he set to work building his own real-time display.

Making use of some spare wood, [ArthurGuy] glued and nailed together a 10x10x50cm box for the sign. Having been painted white already at some point, the paint brilliantly acted as a reflector for the lights inside each section. The five DEF CON level panels were cut from 3mm pieces of coloured acrylic with the numbers slapped on after a bit of work from a vinyl cutter.

Deviating from a proper, screen-accurate replica, [ArthurGuy] cheated a little and used WS2812 NeoPixel LED strips — 12 per level — and used a Particle Photon to control them. A quick bit of code polls the MI5 terrorism RSS feed and displays its current level — sadly, it’s currently at DEFCON 2.

Continue reading “We Are Now At DEFCON 2”

Smart Gun Beaten by Dumb Magnets

[Plore], a hacker with an interest in safe cracking, read a vehemently anti-smart-gun thread in 2015. With the words “Could you imagine what the guys at DEF CON could do with this?” [Plore] knew what he had to do: hack some smart guns. Watch the video below the break.

Armed with the Armatix IP1, [Plore] started with one of the oldest tricks in the book: an RF relay attack. The Armatix IP1 is designed to fire only when a corresponding watch is nearby, indicating that a trusted individual is the one holding the gun. However, by using a custom-built $20 amplifier to extend the range of the watch, [Plore] is able to fire the gun more than ten feet away, which is more than enough distance to be dangerous and certainly more than the few inches the manufacturers intended.

Not stopping there, [Plore] went to the other extreme, creating what he calls an “electromagnetic compatibility tester” (in other words, a jammer) that jams the signal from the watch, effectively preventing a legitimate gun owner from firing their gun at 10 to 20 feet!

Not one to call it quits, [Plore] realised that the gun prevented illicit firing with a simple metal pin which it moved out of the way once it sensed the watch nearby. However, this metal just happened to be ferrous, and you know what that means: [Plore], with the help of some strong magnets, was able to move the pin without any electrical trickery.

Now, we’ve already covered the many hurdles that smart guns face, and this specific investigation of the state of smart gun technology doesn’t make the picture look any brighter. We’re aware that hindsight is always 20/20, so let us know in the comments how you would fix the problems with the Armatix IP1.
Continue reading “Smart Gun Beaten by Dumb Magnets”