At even vaguely infosec-related conferences, CTFs are a staple. For KernelCon 2021, [Tyler Rosonke] resolved to create a challenge breaking the traditions, entertaining and teaching people in a different way, while satisfying the constraints of that year’s remote participation plans. His imagination went wild in all the right places, and a beautifully executed multi-step hardware challenge was built – only in two copies!
Story behind the challenge? Your broken spaceship has to be repaired so that you can escape the planet you’re stuck on. The idea was to get a skilled, seasoned hacker solving challenges for our learning and amusement – and that turned out to be none other than [Joe “Kingpin” Grand]!
The modules themselves are what caught our attention. Designed to cover a wide array of hardware hacker skills, they cover soldering, signal sniffing, logic gates, EEPROM dumping and more – and you have to apply all of these successfully for liftoff. If you thought “there’s gotta be a 555 involved”, you weren’t wrong, either, there’s a module where you have to reconfigure a circuit with one!
KernelCon is a volunteer-driven infosec conference in Omaha, and its 2022 installment starts in a month – we can’t wait to see what it brings! Anyone doing hardware CTFs will have something to learn from their stories, it seems. The hacking session, from start to finish, was recorded for our viewing pleasure; linked below as an hour and a half video, it should be a great background for your own evening of reverse-engineering for leisure!
This isn’t the first time we’ve covered [Tyler]’s handiwork, either. In 2020, he programmed a batch of KernelCon badges while employing clothespins as ISP clips. Security conferences have most certainly learned just how much fun you can have with hardware, and if you ever need a case study for that, our review of 2019 CypherCon won’t leave you hanging.
Continue reading “Spaceship Repair CTF Covers Hardware Hacker Essentials”
Through the weekend Twitter has been a-titter with news coming out of Saintcon, the annual security conference in Provo, Utah. Now that the weekend is over we can finally get our hands on full hardware and software sources for the curvy, LED-covered badge we’ve been salivating over and a write up by its creators [compukidmike] and [bashNinja]. Let’s dive in and see what’s waiting!
This year’s badge is designed to represent a single tooth on a single rotor of an Enigma machine. The full function of an Enigma machine is quite complex, but an individual device has three rotors with 26 teeth each (one for each letter) as well as a keypad for input and a character display to show each enciphered letter. For reference, the back of the badge has a handy diagram of a badge’s place in the Enigma system.
Reminiscent of the WWII device which the badge design recalls, each unit includes a full QWERTZ keyboard (with labeled keys!) and RGB “lampboard” for individual character output, but unlike the original there’s also a curved 16 x 64 RGB LED display made from those beguiling little ~1mm x 1mm LEDs. All in, the device includes 1051 LEDs! Combined with the unusually non-rectilinear shape of the badge and the Enigma-style Saintcon logo it makes for an attractive, cohesive look.
Continue reading “Saintcon Badge Is An Enigma No More”
Dutch security conference! It’s called hardwear.io, it’ll be in The Hague during the last week of September, and they have the CTO of Silent Circle/Blackphone giving the keynote.
Baltimore’s awesome despite what the majority of the population says, and they have a few hackerspaces. One of them has an Indiegogo going right now to save the space. Want a tour of the space? Here you go.
[Fran Blanche] made it on to the Amp Hour. Included in this episode are discussions about the boutique guitar pedal market and the realities of discarded technology that took us to the moon.
Speaking of electronics podcasts, SolderSmoke is 10 years old now.
TARDIS-shaped guitars are nothing new, but [Gary] from the LVL1 hackerspace in Louisville, KY is making an acoustic one. The neck is, of course, taken from another guitar but the entire TARDIS-shaped body is custom-made. Now do resonance calculations on something that’s bigger on the inside.
Think German-made means German quality? [AvE], [Chris], or whatever we call him did a teardown of a Festool Track Saw. It’s a thousand dollar tool that will start to stink in a few years and has bearings that don’t make any sense.
Love 8-bit? There’s a Kickstarter from 8-bit generation for a documentary about the love, loss, resurrection and continuation of old computers. Dozens of very interesting interviews including one from our own [Bil Herd]