About 30,000 people came to Las Vegas last week for the 26thTh edition of DEF CON, the iconic security conference. And no small amount of the brainpower of that great crowd was spent on one particular thing: the conference badge.
This year’s Badge, design by Tymkrs, are high-end works of printed circuit board art with a collection of LED lighting elements, including red and green human figures and a color-changing DEF CON logo. But it quickly became clear that there was a lot more going on here than just flashing lights.
DEF CON rotates year to year between electronic, hackable badges and non-electronic; Last year’s badges were a throwback design intended to celebrate the 25th anniversaryTh anniversary But every year, the badges include some sort of reference to the cryptographic challenge—three years ago, the badge was actually a vinyl record that required participants to find a turntable to hear the puzzle clue.
This year’s DEF CON theme is “1983,” and the Tymkrs badge itself is, among other things, a game platform that draws adventures based on the word 1980s and handheld buttons. It is also a hardware hacking challenge. And as is common with these types of things, it’s also an extension with additional equipment—I’ve picked up a cheap cosmetic supplement near the Village Hack Packet made by KL34N of the DC801 crew (“Sh*ttty add ons for $5! Get your sh*ttty ad-ons!”) on the outside Wall of Sheep‘s Packet Hacking Village.
One of the cleverest aspects of this year’s badge is that it forces those willing to solve the puzzle to connect—literally. The only way to unlock parts of the badge code is to carry at least one of the eight badge types offered, each with its own theme: “Human” (general summoner), “Goon” (volunteer), speaker , press , Competition Officer, Artist, Vendor, and Call for Committees.
Then there is the game that is inside the badge. By inserting a USB-C cable into the badge and connecting it to a computer, participants are able to access a game screen in a character-based terminal—either by using a terminal tool like PuTTY on Windows or using Linux or online command MacOS tool like screen. The DEF CON logo on the bottom of the badge doubles as an instruction manual, and the “26” on the badge are operational controls.
Each badge version has its own story line, based on the badge’s theme. The Human badge has a garage theme, for example, and the Goon badge has a prison theme. My speaker badge game took place in a theater complex, while the press badges were in a transport station scheme. But all the games include hexadecimal code pointers and they are based on the same hardware. First, on my speaker badge:
The belly of the branch. You can feel the beat as the group works. *wub wub* Sing!
0x2BFC8E2B3561C04FBBC73FA43D5D96540D0AA008B30924CE47DA0EC67530D3
It was too dark to see anything. Lots of exercises on the walls here though!
Completing the game requires more than just button mashing. Some pointers in the mini-game hint at hardware hacks needed, including rotating a component on the board. Badge hackers will be redirected to Reddit’s DEF CON subreddit and a “hackthebadge” Slack channel, distributed hardware hacking discoveries. All the sentences from the game have been share and share withwith details on some of the components—one of which is a magnetic switch that opens access to an area within the game.
At the end of DEF CON, it didn’t appear that anyone had solved the badge puzzle. A bug firmware late requires re-lighting the firmware to complete the match has something to do with that. But thanks to him badge emulator The project Posted on GitHub-which can provide the docking codes from all badges issued-and others continue the work about badge hackers, the game will continue well after everyone’s Las Vegas hangovers have faded. Additional clues are revealed about Tymkrs in a Reddit AMA on badgeswhich was launched yesterday.