OK, Actually it will be Hybrid. We want to be inclusive to those who can’t make it out. We’ll be talking about badge planning, and I’ll give a demo of PCB design and how to build a badge in KiCad, from a blank slate to fabrication. You can put your filthy grubby hands on the early prototypes of the badge we hope to release at “summer camp” this year.
Weather looks good for a backyard meetup. I’ll see if I can bring a large-ish screen out to the table so everybody doesn’t have to crowd around my laptop. And I’ll stream the screen in the Discord so everyone can see it.
So here we are, it’s 2021, Def Con is hybrid this year, and we procrastinated long enough. We wanted to put together a badge for last year, but with the con being fully virtual, we lost motivation. There’s something about the idea of being in person for our first badge presentation that appeals to all of us.
Except Kevin, who hates crowds. And I get it.
So we were still on the fence until the org made the announcement and we decided to push forward. Then it became, “oh shit, do we have enough time to put a badge together?”
The answer became “fuck yeah.” Despite the fact that none of us has ever created a badge before. We’re just a bunch of nerds with a #badgelife fetish and some audacity.
The badge is based on the Raspberry Pi Pico. It will likely be released as a locked UF2 firmware compiled from MicroPython with some secrets and challenges in it. The artwork is shaping up to be sufficiently attractive to sit proudly in any #badgelife collection. And because the base is the Pico, it will be easy to update firmware, either with future releases from us or with your own cool ideas. I won’t spoil the artwork now, but certain subcultures might be very interested in the design functionality and I suspect some will find their own uses with their own code. I hope when this happens that they feed it back to us through our Github so that it can be shared with the community.
We currently have two needs for the badge:
(1) I would love for someone with #badgelife or other PCB design experience to help design a Lipo charging circuit for the badge. According to the datasheet, it should be able to charge through the existing USB port and power the badge accordingly. If we don’t get this reliably resolved, we’ll use battery holders and 2xAA batteries. Power usage is minimal on the Pico, even with neopixels and an SSD1306 OLED display. I just started testing powering the circuit by battery today, and at this moment I’m at nearly 7 hours of runtime, and that’s before we optimize power usage. For this test, the screen is always displaying or scrolling something, and 10 LEDs are cycling.
(2) Looking for someone with graphic design experience to come up with a lanyard design which fits the theme of the badge. Without spoiling the badge, there is a bit of an occult theme to the badge artwork, it would be great if that theme translates to the lanyard as well.
Sorry, no spoilers until the final boards arrive. First prototype should arrive this week.
So thanks to Kyle, I’ve got a 2019 SAINTCON Enigma Badge to play with for a while.
I’ve been mildly frustrated by the fact that I haven’t gotten anything to decrypt on it yet using the 2019 instructions, sample messages and code sheet. I had just gotten comfortable with that fact when the Hackers Challenge CTF came up during this year’s SAINTCON. I lost quite a bit of time to trying to solve an ENIGMA challenge, because I HAVE the badge right here in front of me but still had a knowledge block that was preventing decryption. Had I learned before the CTF, I would have gotten another 300 to 400 points.
So now, even though the challenge is over, I was even more determined to see this through.
Here are the 2019 instructions, with my commentary following:
Okay. Instruction 1 says “Apply the daily key from the code sheet to your Enigma machine.” This is a sample of what the Code Sheet looks like. While it is unclear from the instructions AND the Code Sheet, I assumed that “daily key” refers to the “ring settings” or Ringstelling.
What threw me was the plugboard. When I entered settings, there was a PLUGBOARD section on the badge that wouldn’t accept any input. Naively, I assumed that was an unimplemented feature. Boy was I wrong. I wasn’t at SAINTCON last year, so I missed a critical piece — the critical piece is that the plugboard is a PHYSICAL plugboard on the badge, just as it is on the real thing.
Once that Eureka moment came (thanks to atru5 and kfeuz for clueing me in), it was smooth sailing all the way to the finish line. God I want one of these of my own.
Here’s the sample message and the code sheet for that day, followed by the images of the message decoding after setting all the rotors, ringsettings and encrypted message key, and connecting the plugboard up properly with jumper wires:
If you want to play with the Enigma yourself, you can use the simulator on Cyberchef. For the SAINTCON simulations, you will need a custom rotor. When the code calls for rotor IX, use the following: BASHCOMPUKIDZERGYJWLQTFXVN
What an exciting time to be alive. The badge itself will be a really fun platform for collecting minibadges. A minibadge came with it, as well as a coupon for three copies of my own minibadge, which I designed today as part of the Hackers Challenge CTF that’s going on during the con. Strongly recommend y’all get one before they run out. Very affordable for the level of fun and creativity involved.
Just kidding. When I was lining up to buy this year’s SAINTCON badge, I saw they had the board/LED display available super cheap, so I bought one. If I can’t have the full ENIGMA badge, at least I can have a fun replica. Never mind that I have no earthly idea how to connect to it to light it up. All in good time, my friends.
[Update] — OK, I figured out where it connects. That was easy. Just almost too tiny for my poor old man eyes.
So one of the menu options on the DCZIA badge is a BLE scan. I ran it with all my badges lit up, and it recognized TWO DC26 badges. I suspect that one of those is the TransIonospheric badge, because that one reported seeing the DCZIA badge…
This one is the Phase 4 Ground Trans-Ionospheric Badge, and it’s got a ton of cute visualizations on the screen, games, customizations (name and call sign), and even some actual contact logging/QSO functionality. Another one where the maker decided to undercut the eBay upsellers by doing another run (or maybe there were just leftovers, who knows?). Maybe this trend will keep the badge-scalpers at bay, and keep the prices down to “moderately outrageous” for those of us who can’t seem to say no.
I wish I could tell you which was my favorite of all the badges out there, but I can’t compare function to form in an articulable manner.
