DC18 Badge Virus - STDin. Badge hacking contest entry for Defcon 18 by Team Redacted.
The LCD output is a "Post-Contest" mod.
We got 2nd with the previous version (1.04 RC1 or so, which didn't have LCD working properly).
The judging video by Joe Grand: http://www.youtube.com/watch?v=HS31gsd3a9M
More info on the badge and contest: http://www.grandideastudio.com/portfolio/defcon-18-badge/
This is the virus running on a the actual badge, showing the generation data ("Infection ID") used for the Social Networking part of the entry.
Prototypes
========
1.01alpha demo - http://www.youtube.com/watch?v=9d-TwTy_JDg
1.02alpha demo - http://www.youtube.com/watch?v=8C-fCPAq8pg
=============================
Social Network Analysis: the concept
=============================
The "Infection ID" is a unique identifier which shows the "family tree" of who infected this badge.
Looking at the badges potentially allows identification of social networks, because the virus requires physical contact to spread.
The current number "66" is the first version, copied directly from the computer. (66 is the version identifier - the ASCII code for 'B'. )
The first child of "66" would be "66.1", the 2nd child would be "66.2", the third would be "66.3".
If "66.3" infected 2 other badges, the offspring would be "66.3.1" and "66.3.2".
From this number you can make a tree structure, with each node is connected to its mother, up to the root.
Badges "66.3.2.4" and "66.3.2.5" both know* the badge named "66.3.2". They may know each other, especially as the last digit is similar.
Badges "66.3.2.4.1" and "66.3.2.5.2" have the same "grandmother badge", but different "mother badges". Both people know someone that knows "66.3.2".
Clusters of people with all digits the same except for the last one probably know each other. Sequential numbers will tend to show temporal proximity to others with the same mother.
The glitchy snow pattern is from the LFSR** based PRNG***.
===============
Partial back-story
===============
The virus code was working on the demo-boards well before we went to Las Vegas.
We were confident (based on previous years) that we could steal code for whatever output method Joe Grand implemented for this years badges.
It even looked like our code would work on last years badges.
But things started falling apart when we saw the actual 2010 Defcon 18 badges.
Our original concept was to infect a lot of people early on, and perform the analysis we described above.
Due to a couple of issues, this was not to be:
(1) Surface mounted JTAG? Where are the holes we had planned for?! We had to redesign the header!
(2) Apparently devices running on battery don't have a common reference voltage like devices powered by one laptop's USB ports. Thank you emergency E.E. major!
Issue (1) meant falling back to a previous design we rejected as too complicated. More on that later.
The beginners error in (2) lost us most of 2 days trying to work it out. When we resolved it, due to drinking, eating, and hangovers, we only had about 2 hours to get the LCD code working before judging. The judges saw horizontal lines, and vague shapes resembling bar graphs of infection data.
This video shows what they would have seen if we had added an extra wire 5 hours earlier (i.e. before going to bed the night before). If we had even 2 more hours, I'm confident we would have got the bar graph style output working. (So Joe's code _did_ end up making the LCDs relatively easy to use.)
---------------
*By _badge "X" knows badge "Y"_, I mean _the person with the badge named "X" has met the person with the badge named "Y"_. I'm not saying the badges have some kind of AI. Not yet, anyway
**LFSR = Linear feedback shift register. You take a number, and you change bits of it as you shift it along. (That was both the technical and non-technical description at the same time.)
***PRNG = Pseudo-Random Number Generator. A way to make numbers that look close enough to random, even though they really aren't random.
Loading...
1:40
STDin 1.01alpha - DC18 Badge Virusby zenithparsec144 views
Link to this comment:
All Comments (0)