DC540 Defcon Group

Seems like we’re all recovered from C19 now. Some of us went to BSidesNova yesterday. First batch of post-con Tarot badges about half sold & shipped, the rest will probably be ready later this week and stocked (some on Tindie for those still on the waitlist that haven’t found our site shop yet, and the rest on the site shop).

There seems to be momentum for an in-person meetup this week. The basement is in shambles right now with all surfaces taken up with badge parts, so I’m proposing a Social House meetup tomorrow evenings.

I will probably have both the LilyGo and PineTime watches with me to compare and contrast. The LilyGo is running the AND!XOR software under MicroPython. The PineTime is stock right now. Someone will likely have both of our badges if anyone needs to pair.

All are welcome. To quote Infinite Jest:

Obesity. Obesity with hypogonadism. Also morbid obesity. Nodular leprosy with leonine facies….

The acromegalic and hyperkeratosistic. The enuretic, this year of all years. The spasmodically torticollic….

Those with saddle-noses. Those with atrophic limbs. And yes chemists and pure-math majors also those with atrophic necks. Scleredema adultorum. Them that seep, the serodermatotic. Come one come all, this circular says. The hydrocephalic. The tabescent and chachetic and anorexic. The Brag’s-Diseased, in their heavy red rinds of flesh. The dermally wine-stained or carbuncular or steatocryptotic or God forbid all three. Marin-Amat Syndrome, you say? Come on down. The psoriatic. The exzematically shunned. And the scrofulodermic. Bell-shaped steatopygiacs, in your special slacks. Afflictees of Pityriasis Rosea. It says here Come all ye hateful. Blessed are the poor in body, for they….

The leukodermatic. The xanthodantic. The maxillofacially swollen. Those with distorted orbits of all kinds. Get out from under the sun’s cove-lighting is what this says. Come in from the spectral rain…. The basilisk-breathed and pyorrheic…. All ye peronic or teratoidal. The phrenologically malformed. The suppuratively lesioned. The endocrinologically malodorous of whatever ilk. Run don’t walk on down. The acervulus-nosed. The radically -ectomied. The morbidly diaphoretic with a hankie in every pocket. The chronically granulomatous. The ones it says here the ones the cruel call Two-Baggers—one bag for your head, one bag for the observer’s head in case your bag falls off. The hated and dateless and shunned, who keep to the shadows. Those who undress only in front of their pets. The quote aesthetically challenged. Leave your lazarettes and oubliettes, I’m reading this right here, your closets and cellars and TP Tableaux, find Nurturing and Support and the Inner Resources to face your own unblinking sight, is what this goes on to say, a bit overheatedly maybe. Is it our place to say. It says here Hugs Not Ughs. It says Come don the veil of the type and token. Come learn to love what’s hidden inside. To hold and cherish. The almost unbelievably thick-ankled. The kyphotic and lordotic. The irremediably cellulitic. It says Progress Not Perfection. It says Never Perfection. The fatally pulchritudinous: Welcome. The Actaeonizing, side by side with the Medusoid. The papuled, the macular, the albinic. Medusas and odalisques both: Come find common ground. All meeting rooms windowless. That’s in ital: all meeting rooms windowless….

Nor are excluded the utterly noseless, nor the hideously wall- and cross-eyed, nor either the ergotic of St Anthony, the leprous, the varicelliformally eruptive or even the sarcoma’d of Kaposi….

The multiple amputee. The prosthetically malmatched. The snaggle-toothed, wattled, weak-chinned, and walrus-cheeked. The palate-clefted. The really large pored. The excessively but not necessarily lycanthropically hirsute. The pin-headed. The convulsively Tourettic. The Parkinsonially tremulous. The stunted and gnarled. The teratoid of overall visage. The twisted and hunched and humped and halitotic. The in any way asymmetrical. The rodential- and saurian- and equine-looking….

The tri-nostrilled. The invaginate of mouth and eye. Those with those dark loose bags under their eyes that hang halfway down their faces. Those with Cushing’s disease. Those who look like they have Down Syndrome even though they don’t have Down Syndrome. You decide. You be the judge. It says You are welcome regardless of severity. Severity is in the eye of the sufferer, it says. Pain is pain. Crow’s feet. Birthmark. Rhinoplasty that didn’t take. Mole. Overbite. A bad-hair year.

So we got back, recovered from Covid, parts started arriving, and we started assembling and listing Tarot badges for after-con sales. The ones we listed were snapped up immediately.

There are a lot of folks still on the waitlist at Tindie. Well, Tindie flagged the sudden influx of orders as suspicious activity, and they held those orders up for a couple of days, suspended ordering and disbursements. Eventually they let the orders flow through, at which point they were packed into mailing boxes and prepared for shipment. But they still haven’t unlocked disbursements. Normally they release money for disbursement as soon as we provide tracking. Maybe they’re waiting for USPS to scan their arrival? (shrug).

In any case, we had been beta-testing our own e-commerce and shipping platform here at the website, and so far it’s much more pleasant to work with than Tindie — primarily because it supports shipping. Tindie has always been a hassle because of the manual process of getting the addresses from Tindie into the shipping software and the tracking numbers back into Tindie. The new shop here handles the whole process from start to finish. So if you haven’t gotten one yet, consider buying it here instead of Tindie. We will stock some on Tindie later this week for those on the waitlist that don’t get the memo.

Some notes on the badge:

• Touch and hold the Sun symbol, for longer than you’d expect to have to, to interrupt the demo and reach the main menu. Scroll the menu options using up/down, then select the Sun symbol again to choose the option.
• Yes, the front board has the outline for a SAO connector. No, don’t connect an SAO connector to it. The next batch will be fixed — the currently released batch has power and ground reversed and might fry your SAOs.
• Best practice, hole the board by the bottom half. Those headers that connect the front and back boards, the six pins on the left near the top, those carry the signals for the capacitive touch sensors. If your hand touches one of those, or some of the pico pads on the bottom of the board, it could interpret those touches as menu navigation and cause confusing results. If you hold it by the bottom half, it should avoid those situations.
• This is a new creation. If you notice anything that doesn’t seem to work right, let us know, and we’ll get our developer to look into it. We’ll probably release a couple more versions of the firmware.

Any questions? DM @dc540_nova on Twitter or join our Discord.

I got tired of Tindie’s lack of shipping integration, so I implemented an in-house shop. Then I put some of the new batch of Tarot badges in stock on both platforms. Tindie immediately suspended sales pending investigation of “suspicious activity,” which I guess, I don’t know, is the result of them announcing they’re back on social media, and then a sudden rush to purchase them. I mean, over 100 people on the waiting list, what did they think was going to happen? In any case, they’re also available here (click shop) — eventually the goal is to abandon Tindie as it’s far easier to fulfill shipping from this platform.

I took advantage of a spontaneous opportunity to get a NExT implant at summer camp. NExT = 125KHz T5577 RFID and 13.56MHz NFC NTAG combined into one bioglass cylinder.

I was able to put the DC540 website URL into the NFC tag and read and share it right away, but I had to wait until I got home to my RFID readers to test the T5577 in its natural habitat. I confirmed that the Proxmark 3 RDV4 was able to write to it as well as read it, but having a door reader read it is another thing.

I was a bit disappointed when my readers wouldn’t read it. I reached out on the forums and posited my theory, that inflammation from the implant might be blocking it, and that perhaps waiting would resolve it. A response immediately came back from another forum user agreeing that in some cases two weeks was a good amount of time to wait for internal swelling to go down and make it more readable.

And here I am at two weeks and three days from implant day, confirming that the T5577 side of the implant is actually working with a standard HID door reader (mine is connected to an Arduino Uno and an SSD1306 for this demo).

By the way, sample code and instructions for using an Arduino Uno with a reader like this can be found here: https://github.com/dc540/arduinohidprox

As usual, we came back from DefCon inspired, energized, and diseased. Yes, some of us came home with Covid this year. But we’re recovering, and it hasn’t stolen our Big STEM Energy.

We decided to take what we’ve learned over two years of designing and manufacturing badges, and offer a course. This takes us a step closer toward fulfilling our mission as a non-profit, and teaching strengthens everyone all around. Students learn something, and teachers become better teachers.

This class will be in two phases. The first half will be an intro to MicroPython using the Raspberry Pi Pico microcontroller with breadboards and some basic electronic circuit elements (LEDs, a display, buttons, etc). culminating in cobbling together your own MicroPython game!

The second half will be taking what you’ve learned from the first half and turning it into a standalone PCB (printed circuit board) project, using all the elements and code you’ve mastered in phase 1, culminating in sending it off to a fab house to be manufactured. You’ll end up with a permanent keepsake of what you’ve learned, and hey — it might even WORK!

We’re looking to start this in October. The class will be virtual, so don’t worry if you’re not local. We’re trying to avoid requiring soldering skills until the very end, so don’t worry if you’re not skilled. The class fee will be nominal, and supports a nonprofit doing good things. If you’re interested, make sure to follow us on twitter @dc540_nova and Join our Discord — an invite link should be in the right column of this website somewhere. We’re going to cap the class at around 25 or so. The class will likely be held in a moderated Discord voice channel. There will be a parts list published in the coming days — actually two parts lists — one for those who have soldering capabilities already, and one for those who don’t. Once you’re in the Discord, request in the main welcome channel to be added to the MicroPython PCB class list — that will get you into the discussion channel, where we’re planning and staging the class. Once the class begins, those who sign up for it will be added to another group and will be able to join us one evening a week for live classes. We may record the lessons as well for those who miss a lesson or can’t meet the consensus-decided class evening.

If you get lost in the code and can’t keep up, don’t worry, we’ll provide some basics at each stage to make sure you have something that works. One of the great things about microcontrollers is that once you prove all your circuit elements work, you can go ahead and build it, and worry about the software later. It’s easy to apply new code to a device that has working access to all of its components.

We created a dilemma for ourselves last year. If you saw our badge from last year, the Tree of Life badge, you’ll notice that we took a simplistic approach when mounting our OLED display. We used the version of the display with a backing PCB, and just mounted the PCB to the top board. It’s not innovative, it’s not beautiful, but it’s fully functional.

In #badgelife tradition, we wanted to do a little bit better this year. My goal was for the display to be flush with the top board, for a clean, flat appearance. At the very least, this would likely mean mounting the display on the bottom board. This creates a dilemma:

1. If mounted via header pins and therefore removable/replaceable, the backing PCB of the display ends up at the same height of the top board. This is undesirable, because the backing PCB is larger than the display and inelegant. The goal is to have just the display itself rise into a cutout in the top board.
2. I could certainly have soldered the display directly to the bottom board, but since I made the design decision of mounting the display overtop and perpendicular to the Raspberry Pi Pico, , this would prevent access to the Pico in case a solder joint needed to be corrected. It would also prevent easy replacement of a broken or faulty screen.

So we looked at the problem and found several options available to us. I think the ideal solution would have been low profile female headers on the bottom board for the screens. In practice, however, we found these to be akin to Unobtainium. The only place sizes were properly defined was on Mouser and DigiKey, and no, I’m not paying a dollar each for freaking headers. I did find a writeup by someone who had done the research and found some reasonable low profile headers in China, but we were on a time crunch, so those remain on the to-be-explored list.

The solution that found us was to remove the “pin carrier” from the display after the pins had been soldered. The pin carrier is the extra bit of plastic that holds the row of pins together. This allows the pin to sink a bit lower into the receptacle header. Then we noticed it was bottoming out and not ending up completely flush at the top, so we ended up trimming about 1-1.5mm from the end of the pins on the display.

This solution allows the display’s backing PCB to sit just below the front board, and the display itself to sit flush, while still able to be removed for troubleshooting or inspection.

Here’s a before and after of the display modification, hopefully it helps to visualize. Note that the “before” model is actually a different model because I’m all out of unmodified stock.

So the group is home. Some of us are recovering from winning the C19 CTF this year, so obviously this coming Monday’s meeting will be virtual. Please join the discord.

We hashed out some changes before and during Con. The Executive Committee met in secret at the Jersey Eats food truck at 3AM and made the following decisions, which you all will just have to live with until someone creates consensus for better ones.

1. BadgeDev meetings for any potential badge to be released in conjunction with DC31 will be separate from the regular group meetings. Very limited in scope at this time, we will bring others in as needed.
2. We will be launching a class for members who wish to learn to do PCB design. If this is you, join the PCB class channel in the Discord. We’ll plan a schedule and dates. The syllabus will come soon, and the objective of the class is for each attendee to send something off to be fabbed and have something useful and/or blinky to cherish, lament or scoff at forever.
3. We will also hold separate meetings outside the normal group meetings to deal with the administrative tasks of keeping this group functional. Some things will trickle out of these meetings into the general membership meetings. There are soft, unspecified growth goals that will emerge and define themselves better as we move forward.

I have a funny little story to share. A few of us were hanging in the Forum outdoor area. Some were smoking, some were accompanying smokers. We were shooting the shit. Dude rolls up with one of those big badges with the speakers, we got to chatting about that, and Display recognizes him as the Strange Parts guy. He acknowledges, gives us cards & trinkets, and we’re still shooting the shit I guess. At some point DeadAddict rolls up and participates in the shit-shooting. Someone asks how the con is going, and I give my usual, “you get out of it what you put into it,” and DA responds, “oh no” and we all laugh. Some of the folks around are less attuned to DefCon history and don’t recognize DA. I think he’s got one of the most recognizable faces at the con. That’s fine, I didn’t recognize the Strange Parts guy. And nobody recognizes me unless they’ve interacted with us about badges and shit.

I wanted to provide some follow-up on that. My first instinct was that it was an unsalvageable error, which lead to adding the anti-metal NFC sticker to make it “work” while bypassing the onboard circuit. Not that it matters, nobody at Defcon in their right mind is going to scan your NFC badge. “Sure, I’ll take your malware!”

I’ll dive into an explanation with lots of pictures, to make it easier for folks maybe newer to Kicad to see the issue.

Here is the back copper layer. You can see that there is the antenna, which is the tight loops in a rounded rectangle, and that there is a copper keepout zone defined inside the antenna. This side, we believe to be correct.

And for reference, here’s that same area with the silkscreen showing, so that you can see where the antenna lives on the backside.

With me so far?

Ok, here’s where my attention to detail failed me. Here’s the front side copper layer in the same area. I’ve left the back copper layer visible but dimmed, so you can see how they interact/compare.

You see what I did there? I was in such a hurry to do this that I didn’t think it through. I just copied the keepout zone from the back to the front, thinking they needed to be the same. They absolutely don’t need to be the same. The purpose of the keepout zone is to allow radio waves to travel THROUGH the antenna, energizing it. The back is correct, because you don’t want a keepout zone where you actually want copper (the antenna). The front side, well, the keepout zone should have extended just outside the antenna on the back. I hope that’s clear. The front copper fill (which isn’t even tied to a net, not even ground — it only exists for the unmasked areas to be shiny!) actually overlaps the antenna itself, preventing the thing this circuit needs to the most — radio waves flowing through the antenna.

So here’s a shot with all of it showing, so you can see what part of the copper would need to be removed for the circuit to work (hint: All of the copper on the FRONT side that covers up the antenna).

So I assumed it was a lost cause. That copper is INSIDE the board, or at least under layers of mask and silk. Surely that can’t be repaired, or isn’t WORTH being repaired.

But this is DefCon, of course, and Syntax, who I met in either LineCon or MohawkCon or both at my first DefCon in 2017, speculated that perhaps if one wet-sanded the silk, mask and copper out of that area blocking the antenna (basically the red area highlighted above — while being careful not to destroy the trace between the inside and outside of the antenna across the two vias) it could still work. It would look a little janky, but I might try it when I get home just for the experience. And then BradanLane suggested removing it with a laser and acid etch, which might be a little cleaner.

Idunno. I’m going to try it, because dammit, I really want to see my eye light up when I scan it. If any of you lunatics goes home and tries it as well, I’ll mail you the TSSOP-8 NFC chip if you don’t already have one, and you can install it yourself. It goes here:

Sorry I didn’t bring the NFC chips with to Defcon, but you would have lost them in your sticker bags anyway. I naively thought it was a lost cause, and I mean, it’s not like hackers enjoy the recovery of a lost cause by any means necessary, LOL. It’s not like a point of pride or something to overcome by applying brute force, stimulants, ADHD and procrastination on actual money-making projects, simply for the glory of having WON.