 Welcome to DEF CON, I'm the Dark Tangent, and this is DEF CON 18. We've been in many hotels that have been demolished or blown up or kicked out of, but this is the first one that's gone bankrupt. Not because of us. So yeah, that was a little bit of an excitement about a month ago when that all started breaking. And then also, I'll just go over a couple brief things before we really get into the technical stuff. This year, how many of you people have gotten onto the wireless network? There's like one dude back there. There's like, okay, there's two. Hey, so we spent a lot of energy, and Locke and the network team spent a lot of energy to try to roll out this WPA2 encrypted network. And the way it's architected, the two networks don't touch until it goes out the gateway to the internet and all of that. So the goal was, you know, how many people here think the AT&T network is saturated and sucks? Like everybody. So, I mean, if you're trying to take a picture, send it to a friend, you're trying to blog, whatever, you just can't. I think last year I was trying to stream a 30-second clip and it took me two hours. So that was, you know, useless. So this year, we wanted to do WPA2 so you can get it in your phone, your laptop, whatever, and it's all encrypted, and at least you feel safe about streaming or doing whatever you want. And because of that, hoping that you guys would take advantage of the extra bandwidth and this capacity, we bump-band with the 75 megabits full duplex, which is like by far the fastest we've ever had. I think last year we were about 20 megabits. So we got a lot of speed this year. And maybe next year, if we use it this year, I'll bump it to 100 next year, which would be pretty sweet. So try to take advantage of the encrypted network. The instructions on how to do it and install the certificate are in your program. And so that's one big change this year. The other big change is like, where did everybody come from? There's like, there's a lot more of you this year than last year. And Joe's got some funny stories about the problems that's caused. Personal problems. A lot of them. So we rearranged the floor plan this year to do better flow, wider hallway, and we thought that this was going to work out really well. We bought a thousand extra badges than we did last year. We thought we had this down. And so many extra people showed up. I don't think the wider hallway really makes a difference. It's like that worked for like the first 50 people. Yeah, so we're aware of these problems and have contingency plans. So new floor plan, putting all the content down here. We're putting a lot of the action up there so that people aren't hopefully walking back and forth across everybody. We've got the new network. We have a crap ton of new contests. And so as we say, DEF CON is what you make of it. There's a lot of new contests, a lot of new blood out there. And so if you get the time, stop by, check out some of the contests. I'm doing one I've wanted to do for three years. And every year I procrastinate and I get sucked into the vortex of con planning. I'd never do my contests. So finally I'm doing it. It's this tamper evident contest. You get these boxes. You have to get past the seals on the outside. You have to get through the seals inside. You have to tamper with the contents of some information inside. You have to seal it all back up and make it look like it was never opened or messed with. And because it's kind of like lock picking and it's kind of like some other physical security stuff. And I thought it would just be really cool because you see these seals and you're thinking to yourself, there's no way that can be secure. You know, that little symbol on your power meter. Does that little lead grommet with a wire really? Does that really work? I don't know. But you guys are going to find out for me. And then you're going to get points for scoring and teaching everybody how you did it. It's going to be an educational event so we can all learn how this works. I think that would be really cool. And a lot of other people are doing interesting contests. So take some time out. Just drift through there. Maybe get involved in something. That would be really cool. What else do we want to say before we start revealing the innards of the badge? How many people checked out Thursday night? Sort of the soft roll yesterday? Was that okay? Not okay? Give you guys something to do? Yeah, I kind of like that idea of soft start to socialize and hang out where it's not a lot of stuff happening. We think we're going to keep that in the future. What else is there? I don't know. I think that's pretty much it. It's the biggest con ever. So back at the Lexus Park at the height of the dot com boom, like the year before the bubble burst and everything crashed and everybody disappeared, we had about 7,000 people there, 7,200 people. And I talked to registration and we just surpassed that. So we're now back where we were right before the bubble burst. But in a hotel like twice the size or three times the size or something, and not on fire outside getting heat stroke. So that was really cool. So we've really come back. And the difference now is people aren't coming here because they saw the movie Hackers or something and they're not on rollerblades and, you know, I think the people here actually are really into it. So that's really cool. And I want to thank you all for coming here and hanging out and checking out this session. This is longer than usual because Joe really wanted to get into more of the hardware hacking side. So the first half you'll only hear the story and some of the stuff that's going on. But the second part, if you're really into kind of more of the details, right, you're going to get down more into the nitty gritty. And the thing that's interesting is when we first started doing hardware hacking badges the very first year, it was just to do something different. Nobody had really done it. We wanted to be different. And if you look at the progression of our badges, every year they've gotten a little bit more and a little bit more crazy. And while that was happening, the hardware hacking village was growing. More people were getting into hardware. Now like every con has a hardware hacking badge. So many more people are hacking hardware. It's sort of like we've incubated that a bit and we've got people thinking about it. And that's super cool because that was the intent, right? We shifted some people's focus to start looking at hardware and software. And like it's four or five years later and it's really caught on. So anyway, we're pretty proud about that. We really like the idea of incubating ideas and getting it out there. So it would maybe be safe to say that there might be things different next year, right? Where should we shift attention? And that's something we've been thinking a lot about. Because we think the hardware stuff is really taken on a life of its own. And that's great. So maybe now we need to shine the light somewhere else, get something else going. So Joe and I have been, we've been talking about that for quite a while. So we could always use your feedback. What do you think's not gotten enough attention? RFID. RFID. As if Chris Padgett hasn't spent his life thinking about that and major malfunction and stuff. But I don't know if you want to walk around with a big block of aero gel. You know, around your neck. Or maybe a CNC milling machine or something around your neck. And I hear mass spectrometers have come way down in size. And so, and that's the funny thing is just as a side note, I have a friend whose wife bought one of these new miniature mass spectrometers. They're actually getting pretty inexpensive. And so what do you do with it? Well, you fuck around with it. And she's like, yeah, Fiji water, not so much Fiji. She's like, how come my red wine has sugar water in it? You know? And so, I mean, that's really cool. She's just running everything through the spectrometer and finding completely opposite results than what you're supposed to find in your food stuffs. So that's pretty cool. And next year, I'm probably going to have a tamper, a data destruction contest. I've been accumulating ways to destroy data, but that's not involving the badge. Yeah. And I would like to announce a contest right now related to the badge. And that is we have passed badges dating back to DEF CON like three. We have a whole bunch of weird badges, the metal badges. Remember those? They were like cast metal and weighed like five pounds and the black stuff came off your neck. And well, I've got a tub of that in a way is like 500 pounds. And I want to get rid of some of these badges because they're just filling the DEF CON office and they're really hard to move. So I'm going to try to find a way to donate past badges to artists who can do something with them. So if you can think of a project you can do with hundreds of old DEF CON badges. I'll ship them to you. The deal is you've got to bring it here and put it on display. So if you've got something in mind, I'd love to help you out and I'd love to have a cool display of all the various years of badges. So with that said, yeah, it's going to be pretty cool. Well, it kind of reminded me of what you did when you had all the broken ones and you did that art project in San Francisco. That was pretty cool. Okay, so with that said, I want to pass it off to Joe Smooth, aka Kingpin. And we're going to get this party started. So let me pass it off to Kingpin. Thanks a lot, guys. See you around. Yo, yo, yo. I'm going to wait for my slides because they're good pictures on there. Oh, yeah. The slides look better than I do anyway. All right. Here we are again for the fifth year in a row behind the scenes of the DEF CON badge. Let's go. So in case you don't know, my name is Joe Grand, aka Kingpin. And when I don't have to go out in public, I usually look like that, but I shave my mustache off and got a haircut to look a little better. I'm going to let you engineer by trade and by hobby and by lifestyle. It's what I do. I hack hardware. I break hardware and I design stuff. And let's see. So how many of you guys were at DEF CON 14? Yeah. That was actually more than I thought it would be. Is that the limited edition goal? Yeah. Oh, yeah. So I'm going to do a little retrospective. And each year I want to see how many people are coming. Because I realized when I started designing this year's badge and started writing the article and stuff and putting together the documentation, I was like, you know, a lot of these people probably haven't even seen the past ones. So they're just coming into this with the end without seeing the progression. So, yeah, this is the limited edition gold solder mask that we just made a few of to test it out. Paint it red. Paint it red. Yeah. Well, the gold one, we always try to do something new. So what was the deal with that year? It was gold was the new thing, right? Yeah. I'd never seen gold solder mask before. And the factor was like, we have this tub of something that says gold sand. And we're like, yeah, let's try it and see what it looks like. So I don't know if anyone else has seen circuit boards that look like that. But, you know, every year we're trying to do something different. What about Defcon 15? Yeah. Yeah. The numbers are growing. Yeah, they are. With a trippy optical wave thing. Yeah. So this was the scrolling text message with the capacitive touch sensing buttons. And you could set your own messages and do all sorts of stuff, persistence of vision. People hacked it and like wrote games for it. It was cool. And there's like a lot of swear words going across it. That's the year it really took off, I think. Yeah. So this year it was sort of like, oh, cool, electronic badge. Awesome. But then when people started expecting it, it was sort of like, hmm, now we should do something cool. Oh, actually, yeah. This one also had like a bunch of 802.15.4 slash ZigBee wireless support that was unpopulated and accelerometer support that we gave out a lot of components for people to hack on. But no one ever did anything with it. I think one guy put in the ZigBee. Yeah. Yeah. Defcon 16. Is that more or less? I can't tell. That's more or less people came to Defcon 16. I think it was about more, like by two. Yeah. So this one was the infrared. Wow, that's a great picture up there. This was the invisible badge. Well, no, you need the... You need the... Yeah, this one's stuck in customs. That was the first year we had customs problems. Is there a way to adjust the... Picture? Because I have a lot of pictures and if they all look like that, this is going to be a really shitty presentation. We jump forward one and see if it's just a slider. Yeah. Now go back. Okay, we got to best with the... Brightness, contrast. Yeah. Well, theoretically, we've got some goon room proctors that can tweak the projectors. So if we have goon room proctors, it can tweak the projectors. Yeah, someone asked it. Doesn't someone have a remote control and they can just mess with the projector? Enhance. Enhance. Yeah. So anyway, you just have to use your imagination here. But this was a really gigantic badge. And we had an infrared receiver and transmitter and SD card support, secure digital card support. So you could put files on an SD card and then transmit wares to your friends. And it worked sometimes. There was a lot of challenges with this one. It was hard because you have to support all the different SD card types because you never know what someone's going to bring. So we had this gigantic battery on there and people were complaining that their neck was getting sore. Oh, and then all the people that put the battery in backwards. Which is kind of funny at a hacker conference because they come to me with burned fingers. And they're like, your badge doesn't work. I said, look on the battery holder. It shows you where the positive side is. So yeah, that was fun. What else? We had a TV be gone mode in that one. So if you didn't have an SD card, the thing would just turn off TVs so you could hold it up and it would turn off TVs in North America. What about last year? Yeah. So this is the year we got really crazy because Dark Tangent was always like, we've got to do a puzzle. We've got to do a puzzle. And I'm like, no, let's not do a puzzle. But then this year, I didn't have an excuse. So we're like, let's do a puzzle. So we did a puzzle. And there are seven different badges that all connect to each other like a puzzle. Yeah. And Neil did the background art. Yeah. And when you put it all together, you kind of got the reveal of the art. And this was the first time that I'm aware of that anybody was using multiple layers of silkscreen and solder mass to get completely non-standard circuit board colors. And the factory E-Tech Net in China went out to actually find the colors because we gave them like a Photoshop drawing that Neil did with those colors. And they actually went and matched those colors and found the right silkscreen, which is totally cool. Well, yeah. So talk a little bit about that manufacturing process. You show up at one of these fabs and you're like, hey, we want to do this. And they're like, WT. Yeah. Most times like circuit boards usually are green and square. And they're getting a little bit better in general. Like factories are starting to become aware that people want to do different solder mask and some art and stuff. But to do something like this where each badge and individual cut out and with all these different layers and colors and stuff that luckily we've been working with the same factory for a while. So they're like, oh, great. It's time for DEF CON. And they put people on it. But it was cool. And the badges actually... Well, look how closely the badges align. I mean, the tolerance is amazing. What are they? Waterjet cut that? No, they're just milled. Yeah, milled with a really small bit. And so the badges not only like physically fit next to each other, but you could also connect them together. And they were individually addressable. You could use the human badge as the master and control the lights on the other one and stuff. The master slave sort of thing. Yeah, yeah. One group did that last year for the badge hacking contest. Smitty and his minions. And his minions. Yeah. And I've had a surface mount microphone too. And it wasn't a bug, but you probably could have turned it into one. Yeah. Oh, and then until we talked about it, we had some secret modes in that one. Oh, yeah. Oh, yeah. So every year, right, this is actually good. Every year we put in all sorts of secret stuff. And every year, no one finds it. So this year we put in a lot of secret stuff and we actually told everybody that we put in secret stuff. And there's a lot of it. So chances are you'll find at least one thing. So what was the one last year? Since we had a microphone. Oh, yeah. We were trying to figure out, well, what do you do with the microphone? We had some different ideas. And we're like, well, people are going to be at the black and white ball. And it's, you know, DJ2 fucking loud is going to be playing. And it's going to be really loud. So why don't we detect the pressure level, the sound. And if they're in a loud environment for too long, the badge will go like SOS, help me, help me. In Morse code. I'm losing my, yeah. And so we went into SOS like Morse code mode. But nobody noticed. Yeah, no one noticed that. But they were probably too drunk. But I think so, so we did that one. And we set the time limit to be like 30 minutes or something. Yeah. So, you know, if you're rocking out and partying for 30 minutes, then it would go off. And you know, like at every closing ceremonies, we want to do something cool. And for people who are like DEF CON 14 and 15, you know, the lights were off and like awesome streams of light and everything, at least from up here, it looked really cool. So we did that for last year too. And that was sort of, for me, it was kind of anticlimactic because we forgot that we set the limit for 30 minutes. So we start playing that, you guys were here, right? And everyone's like, what the hell? Why are the lights off? The music's so loud. So we're playing the music. Everyone's holding their badges in this blinking. And it looks cool. But we're waiting for this Morse code. Yeah, waiting for everything to switch into like help me, help me mode. Like, oh, not 30 seconds. Yeah, not 30 seconds, 30 minutes. And then so I go back and look at the source later and I'm like, oh, Jeff, that's why it didn't work. So I don't know what we're going to do this year, but it's always fun to do something. What was the year you had an exploit against our badge? Remember one year there was like a bug track posting on an exploit in the... Yeah, wasn't that... I think that was the infrared one. If you... Well, one year we had you could load the SD memory card. Yeah, that was the infrared one. And then you could transmit data back and forth. Yeah. If you put an SD card in. And the idea was that people would pass around anonymous data and you'd show up back at your room at the end of the night and you'd pull out your SD card and you'd look at all this cool shit you got, just wandering around, transmitting it. But it didn't quite work out that way, because yeah, people didn't just stay there and hold the badges up to each other. And it didn't... It took too long to sync. Even if we were, what, a hundred and something thousand bod? It was slow. I wrote the routine myself, so that tells you something. It was probably like three of a bother. Yeah, you know how that goes. All right, so that's the retrospective. And now we're going to start the actual badge this year. Oh, wait. Tell them about the drama with the leakage of the info last year and why we... Yeah, was that last year or two years ago? Well, with wired. It started two years ago. So we always wanted to leak a little bit of the information out there so you guys could get your kits ready if you were going to use any decompilers or any hardware hacking stuff or whatever. You'd know enough about it in advance to maybe grab some tools and head out here. Because the first year we tried it, we really didn't say anything and it was kind of hard. So we figured we'd start leaking stuff, but how do you leak it without giving it all away? So we would do like two-part press interviews. Like, here's sort of the overview and then the con would start and we'd dump everything so people would have a place to refer to. And it didn't quite work out. No, there was a misunderstanding and all the info got out on like Tuesday or something. So we like to have it sort of secret because then it's more of a surprise for people and it's like, cool, if you're at home and you haven't even come to DEF CON and you already know what stuff looks like, that sort of lame. This year we were a little more careful, I guess, but then we were doing a little bit of tweeting. Yeah, now we've got the Twitterverse. But sometimes people have been sending some misdirection out there. I think somebody was like, yeah, somebody asked me, yeah, so which SIM card do I bring? I'm like, I'm not sure if it's AT&T or Verizon. Someone asked me if the FCC had released our badges yet. Because they were in for radio testing. So we do give you a little misdirection. Yeah, that's always fun. All right, so you guys remember this? Badges by Christmas? Badges by Christmas. No? You guys run in the closing ceremonies? When everyone's like, yeah, badges by Christmas and you all yelled it? I have a video, you all yelled it. And I believe we said, hmm. Yeah, and I was saying something like if I got Jeff's credit card then I would do it. I just couldn't get in touch with them until February. So here's the timeline. I'm going to go through the timeline and some details and sort of the process and all sorts of stuff. There's a lot of details I want to go into. Because previous talks I sort of skipped stuff and then later I'm like, oh, I really should have mentioned that. So now there's all sorts of stuff that you're probably saying, damn, I wish I was going to stop talking. So timeline, fall 2009, after DEF CON, after we sort of recovered, it was actually before Christmas. We started initial brainstorming, just trying to figure out what we could do. Because every year it's like, how are we going to top that? What are we going to, you know, we've used... Well then also it's like, Joe will be like, oh, a new technology is coming along. Maybe we can use that. Let me get samples. Oh, nope, that sucks. Okay, let's try another technology. Too expensive. Yeah, too expensive, not enough parts, too slow to manufacture. And so we're going through ideas and then you start to investigate it like three weeks later, you're like, that's not going to work. Right, yeah. And you know, there's a lot of constraints that I'll go into. So we started brainstorming and then January is when we actually had a pretty decent idea. I found these displays and I'll talk about those later, but I found this cool display and then we decided to go with like an aluminum circuit board because aluminum is awesome and metal is like, yeah. I'm wearing my metal badge. So that was cool. And it's doing stuff. Yeah, and it's doing stuff. It's got electrons. Yeah, so that was pretty cool. What would you say in your little speech in the program? It's like metal eliteness or something. It's pretty elite. So we started doing prototype design, hardware design in January. Basically, I set my milestones to the different Black Hat conferences. So at Black Hat DC, I tried to have the prototype hardware done so I could go when I went to see him. I could like physically show him because we don't live anywhere near each other and we don't often Skype. And so let's see. Then we did, once we approved the hardware, then finished writing the firmware. At least the low level stuff made sure all the hardware worked and then we could at least kick off the board order while we finished up the firmware. And that way we could try to avoid some of like the problems that we encountered last year. Then we ordered parts and it's like pretty much trouble free. There's a few little hiccups that we'll go into, but the badges ended up arriving on time. So do you guys like that? Are you happy with that? Okay. Well, and the funny thing was is, well, you'll tell the story, but it's the wrong country's customs held it up. Yeah, yeah. Yeah. Well, at least you enjoy not standing in, well, I guess you have to stand in long lines anyway. So I don't know. I guess it was worth the effort to get them here on time. But it was good. So here's some more pictures. That's the Octo Squidley bag. Yeah. This is what happens when an electrical engineer uses a pen. And I'm like, we could do like an octopus. I'm like, hey, Joe, that's a great idea. Yeah. Neil, Neil, we need some help. Yeah, yeah. Here, Neil. Yeah. So this is the original sketch. Actually, this was sort of my proposal to Jeff and Ping about even using the LCD. Because it's sort of like, how are we going to mount it? It's not really designed to be in a badge. And I was like, no, we can do it like this. We can have it on the front and have a slit and put it through and do laser stuff. And yeah, they sort of went with it. Yeah. It turned out that the squid form factor didn't quite work. Yeah. That got thrown out. So here's the next step. So basically, we knew what we were going to do. And I wanted to put together a paper mockup to figure out how I could align the LCD and the battery and everything. Because the pin out of the LCD was in such a way that I could only do it the way that you see. So pin one's on the left and pin 30's on the right. So I couldn't move it any lower because all the other electronic stuff was in the way. So I had to do a bunch of mockup stuff. And then I built the prototype. So this is before the art. Oh, motherfucker. That's why someone called my cell phone. Call the hotline. Dead battery. Hate the badge. Need advice. Buttons stopped working. Make a suggestion. Wrong color. Badge problems. Call my cell phone. I expect that the goons will find out who did that and come tell me. And if you do decide to call me, you can go fuck yourself. Or I'll find you and do it for you. I like the one wrong color. No, no, you got the color you're supposed to get. Sorry, we don't have anymore spare red or black badges for you. But seriously, someone called me last night and I'm like, who the fuck is that? And they're like, yeah, I really want to hack the badge, but there aren't any left. So maybe you can give me one that would be cool. Give me a call back, thanks. Oh, no, they're also like, if you're not too wasted, give me a call back. So the guy obviously didn't know me. Yeah, so that was a little weird. So you'll just turn off your phone and just do text message, right? Yeah, right. Text message support. Yeah. So, damn. I'm not changing my phone number either. I like that one. So let's see. Yeah, prototype badge, put the parts on. And this was the first time that I had everything together because it's hard to prototype with that 30-pin flex connector without making an actual circuit board. So this was the first one. Before we had the artwork, we knew we wanted the general size to be this iPhone type of thing because everyone loves the iPhones. We're like, well, let's make a badge that is the same size and everyone's going to love that, too. Like, you know, huge. Yeah, like other years, right. Flavor-slave style or anything. Not that that isn't cool. I have an idea for a badge next year, Joe. Big clocks? Yeah. And the Uber ones can have just huge gold chains. We're going to start working on that right after this talk. So let's see. Prototype came in, did some hardware testing, low-level routines that I'll talk about writing the drivers. Basically getting everything working on this prototype board and that's what I went to go show Jeff and everything at Black Hat Barcelona in Spain. Right before VolcanoCon when we all got trapped because of the volcano. Yeah, that was nice. That was a good time. So everything worked. We knew the hardware worked so we could at least start spinning that and finish working on all the firmware. So the firmware was done all over the place. I don't know if you guys have read the little thing I wrote in the program, but like the firmware development for badges in the past had been done like on my honeymoon and in buses and airplanes and everywhere. And this time was no different except I didn't have another honeymoon. This was in like the airport in Frankfurt and so all different airplanes and airports. People are riding airplanes never really like what I'm doing Dev because I pull out the board and usually the prototype has extra wires on it and the battery and the cable and the USB tap and stuff is spread out everywhere and I usually get stares but people have actually asked they're like what is that thing? You like to sit on the aisle right so the big people on the inside are like excuse me I've got to go to the bathroom and you're like don't touch that. You're going to have to wait. I'm single stepping so this could take a while. Yeah. So yeah those are some pictures. What about laser engraving? Well we looked at a bunch of stuff we wanted to acid it. So we knew we were going to use an aluminum substrate board because aluminum was just cool right? Everyone else uses fiberglass and the challenge of aluminum substrate is we needed to have everything on the single side of the board so we'd have the front side clean so we're like alright now we have the front side clean what are we going to do? We've already done solder mask colors we've already done different silk screen artwork cutouts so it's like what can we do and what works great on aluminum and it ended up being laser engraving we looked at like sandblasting and actually etching instead of engraving it. We did acid etching but then you have to submerge the whole board right? There's a problem where you couldn't protect the electronics. Yeah so this gets into the area that we've never tried something new and didn't know what it would turn out to be like but we didn't want to completely sabotage the entire thing. So we decided to do laser engraving and Neil of course did all of the crazy insane artwork. Yeah it turns out you have to invert the art. Yeah you have to invert the art and I think I might have a picture of that but the real challenge was finding a vendor that wanted to do it because every vendor is like yeah we'll laser engrave your coffee mug or your keychain but it's like can you laser engrave our circuit board? And they're like what's a circuit board? And then they get all scared and everything. So it was really hard and eTechNet actually ended up finding a facility in China that would do it. Well at one point we were going to Guatemala. Yeah or Guadalajara. I might even have slides on that but basically they the factory in China would do it but they jacked up the price because they didn't know how it was going to turn out and they would probably have to spin more and then eTechNet jacked up the price in case they had to go and support it and everything and it was like $6 to laser engrave it after doing the fab of the board. So we're like oh that's a lot. So we reached out to like some places in Guadalajara which is some factories that FreeScale uses and since we have the connections of FreeScale through the microcontroller we reached out to just all our contacts like Ping reached out to all the people that used to do DEFCON badge manufacturing and everything and it was like really nerve wracking and actually I was in South Africa and you were somewhere and Ping was somewhere and ended up getting a slightly lesser price from the laser engraver in China it ended up being like $3 but we figured it was safer to at least do that instead of having to ship badges to all different places to have them like... We had problems with Chinese customs I don't know a thing about Guadalajara Guadalajara yeah at least it's Mexico you can like drive there and just smuggle stuff back and like throw a few people in there as well You can pay somebody to smuggle it Yeah right exactly I'm sure he won't mind So we started off with like this pencil sketch and pen sketch I was trying to say we want to have this whole portrayal of like a whole hacking scene of all these different things going on and when you combine all the badges you get a large piece of artwork This is his first draft where he was like finally understood what I was trying to get at and he kind of pulled this together so it was a good thing we got a picture of that before it disappeared This was a huge labor intensive project For him to do the artwork it was like weeks Well the aspect ratio of it all and then this is how it finally came out in a form that could be lasered And do you guys notice on your DEF CON are the Riviera hotel keys that they match the image yeah So if you can social engineer the people at the front desk you can get all seven and you get the whole yeah So the artwork is totally cool So then we had to work with the laser engraver to actually like get it done And what's funny is the laser engraver a lot of them still use Corel draw like on windows like one I think it was 3.1 or something Yeah really really old old equipment So poor Neil like you know he sent me Adobe Illustrator CS with the latest and we send that to the factory and they're like what's the Adobe Illustrator So there's a lot of back and forth to try to get into the format that they wanted and they ended up doing it right So the white part is where it's been lasered and the dark part is where there's no laser but we had it reversed so the first set we got back was inverted and we're like this looks really shitty So we tried it again and it looked alright and it's a little like sort of hologram looking So yes they do have all different images on them you just have to look really carefully And they bill you for how long the laser dwells right So how far down do you want a laser Well you're renting time and everything and we're like can we make it more contrasty and it was just too risky It looks awesome and no one's done that and that's what we like to do Alright so some functionality Early block diagram This is a little more of my style because they're just squares and arrows We have the 56F8006 which is the free scale part and we have the display USB to serial adapter a bunch of interfaces and test points and some other things so let's see This is the same part we used last year Do you guys remember that story Most of these parts were stuck in customs going to the factory and we had to order more to try to get those through and those also got stuck in customs So now we had like 50% more than we needed Almost 100% more parts stuck in customs 14,000 parts at one point stuck in customs and then half of those got released and came to you guys on the badges and then the other half like 3 months later got sent back to my house So we had all of these badges not after they're programmed and everything and they've been sitting in customs So we had these parts and it's a great part and I thought it would actually be cool to use it again because you guys who are hacking the badge are like familiar with it now and you can do some really cool stuff So there were some things we wanted to do We actually were talking about doing some wireless functionality and some other things but this part in particular just isn't suited for that So like alright what's it suited for and we sort of chose a design based on that Data sheets are on the CD but they're also linked up there For those that don't know it's a pretty sweet part It's a 16 bit essentially a digital signal processor It's called a digital signal controller It can do all sorts of cool like math functions and hardware based accelerated stuff 16K of internal flash The PWM channel is what we used last year ITUC, everything you could want in a cool little chip We're powering it from 3 volts and there's a block diagram So that one you should be familiar with It's just a nice general purpose part This is the cool thing I wanted to use a display for a really long time but the prices haven't been right and we never knew how we were going to mount the display So this is a display from Kent Displays Did you guys notice when you got your badges like you could sometimes see the DEF CON logo on there Because these things are super cool It's like this Colasteric LCD and the liquid crystals twisted in a way that you don't need to refresh it You can basically write to it and you don't have to refresh it or apply any power to the display once you write to it, sort of like a Kindle or whatever So you can write your image and then it draws no battery power at all unless you update it again So during the test procedure I had them put up the DEF CON logo and then it would come to you But you notice like sometimes it was fading and stuff because if you push on the display it will fade because you're not actually refreshing it untwisting the crystals or doing something so then you have to hit a button or put power back on and it will refresh It's just a really, really sweet little thing In the battery life, in the past we had these huge batteries and you're like walking around with this big thing around your neck and now this thing, what was the power consumption the last I have a power consumption chart that I'll show you guys but previously it's always been a challenge because we want the badges to last the whole time and the LEDs not die and everything so I'll show you the chart later but the battery ends up lasting like two weeks and it could be more but there was a few little things that we put in so you couldn't actually end up physically damaging the flash device if you're trying to reprogram it but there's some other modes that we could have done to make it last like a year or something but two weeks is good because you'll be home by then hopefully So yeah, a bunch of different specs So this was another one of those companies where I saw their thing online I had seen them a bunch of different conferences and I called them up and I'm like hey I'd love to use this cool display you have for this DEF CON conference and they're like DEF CON what's that and I explained the whole thing and they're like cool and most companies, like most big companies when you tell them what DEF CON is they don't go cool they hang up on you and then they don't call you back so these guys were totally into it and it turns out that the sales guy was talking to is this old school ham radio operator and everything and he gets it so they gave us huge discounts essentially they gave us 100,000 quantity pricing for almost 8,000 pieces and it still costs $3.50 each because these things are like a brand new technology and everything but it's just super cool and it took a little bit of convincing because it costs so much but the interesting thing is what was this originally designed for? So actually it was not used in the first moon landing for those who remember that I guess nobody it's like a totally different audience one person's like yeah I remember that dumbass it wasn't 1968 or 42 or whatever so yeah this wasn't used in the moon landing but it was originally designed for the verbatim insight usb hard drives which you guys have probably seen but they're for sale right now and this display is used to show the remaining hard drive space and it's usually designed to be inside of a bezel and protected so we were the first ones to actually use it in this exposed environment so we ran into some interesting things and we actually just discovered a problem with their display with the power down modes because it was something that verbatim had not needed and then we start using our battery powered device and we wanted to do all sorts of stuff in the sleep modes and we totally discovered this bug and I was like holy shit because we had like four days to get the firmware done so they ended up sending us a revised version that they happened to have and just hadn't released yet and it was good so those guys are great to work with and you notice like it's pretty slow to update the screen so it's like 1.7 seconds and that's kind of just the nature of the technology the Kindle seems to flip faster you have Kent displays and you have e-ink are the two companies that I'm aware of that do this stuff technology slightly different but these guys were excited about it so we went with them yeah, yeah, I think I have a slide on the adhesive so the internals for this thing is cool it takes a serial interface and there's a bunch of external capacitors and components to set up the drive voltages and then it's just a standard serial interface so it's very very easy to use and there's a bunch of sample code that they gave me and basically like a few hours a few hours in the display came right up and it was like yeah, it was pretty cool made me feel good so here's the schematic and I'll step through a few of the different functions in more detail there's a seamless power switch between the battery and the USB connector because we figured if you're going to plug this thing into your computer and do all sorts of stuff with it why drain battery power? so you can leave the battery plugged in and then plug in your mini USB to your computer and now it's switching from the battery to the computer which is cool the hardest part to design hardware wise even though it's just a MOSFET and a diode but I learned a lot about diodes during that time and a lot about MOSFETs so there's all sorts of debug and boot loader and some other things that I'll get into bill of materials I always show this $14 per badge that's not the only reason the price of DEF CON went up I remember the first DEF CON badge was like $1.20 but that's a big jump and this actually doesn't include the cost of the free scale processor because we already had those or your labor it doesn't include your labor in there my time then the badge would have been like $35 a badge or something $50 and the big ticket items were the LCD and the laser engraving was $384 but we wanted to try something new and it's Jeff's money so I figured we might as well just spend it so here's the assembly drawing all of these things are also in the CD so when you do want to start hacking it you'll notice there's no part designators on the actual board these are the part designators and some of you guys might have actually like the last 40 badges were short a diode and possibly short a capacitor or maybe short a display so now you can go to the hardware hacking village and put them back on yourself yeah yeah I don't know just if you're right at the end like the last 40 people or something but we expect you to see you in the hardware hacking village and we're actually with Jeff's permission we brought all of the leftover components from previous badge builds so you have reels of components and other things you can come up and grab some of the RGB LEDs from last year like the microphones and put them into whatever you're hacking on this year for the contest so free hardware here's the back side of your two switches on the left side your FTDI 232 USB to serial adapter JTAG port which the footprints are there but I actually have about 100 connectors to give out and I'm going to get into all of that so this year I actually decided to talk about what the badge really does and I think previous years sometimes I forgot so there's a few core modes and then there's all this other secret stuff that you guys are just going to have to figure out so the glyph selection this is like our social experiment where we tried to do the social experiment with the infrared so it's like hi my name is Joe do you want my data which sort of worked but I think this might work better so then we decided how can we help people be more social with the badges and we've got a display something needs to go on the display and Neil is like that means I have to draw art doesn't it so we decided to put up basically different glyphs and you could choose what glyphs you like or gaming or whatever I like the one that's like booze I'm just here to drink and then you can take the emoticons and stick them on your badge and sort of show off to other people of things you're into and that way you don't have to talk to anybody first you can just look around and be like oh cool I'm into gaming too hey you know it's less awkward well once you see the icons you're like hmm except I don't know which is more awkward I'm looking at that and it's like forget it so there's some instructions on how to do it you can figure it out but you basically use the buttons here are 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 yeah so all 11 of them so if you're into drinking, gambling sex which one is sex love or looking for love that's right and then music typical you could either be a rockstar or you could be a total geek we had to blend the two lifestyles or in that case you'd have the floppy disk in the heart or something I guess there were any of them in the heart and then you can potentially build your own yes you can build your own you can do all sorts of stuff what we decided to do this year too is since we had the USB port and we're using the USB port primarily for the serial bootloader that I'll talk about so you can hack the badge and load your own firmware blah blah blah what could we do with the USB port in just regular user mode so I decided to create this little API that would let you control the LCD through the serial port so in case you're not like a hardware guy and you don't want to do all sorts of hardware stuff but you still want to hack the badge and do something for the contest or show off or load your name or change whatever you can do it using scripts or something which is really cool it said hello and I was very proud of that that the API actually worked so you can do all sorts of stuff so hopefully you guys take advantage of that just to expand what can be done and what people can do a lot of this kind of came from Jeff because he wanted to make it easier for more of you guys to hack on the badge whereas I wanted to actually make it harder and more challenging for software guys there's a lot of software guys out there how many people use software a lot of people so you can even use whatever to send stuff to a com port what operating system doesn't matter you can use an Arduino if you're into Arduino so here's a little description of it you plug the USB in it's going to detect an FTDI USB to serial adapter you probably don't need any drivers USB to serial adapter before if you do you can just click yes download drivers they're there it should be easy and seamless the badge is going to give you a welcome string and then here are the commands you can clear the frame buffer which is in RAM on the device you can load different bytes into the frame buffer and then you can update the display that will give you your update and then you hit X to exit it or you just take the battery out and you get an act after each command now the tricky part is that the commands are actually in ASCII but then for loading the byte you have this load byte VV into frame buffer location AA so you have to look at this next page which is the memory map for the actual display which isn't your typical matrix like that so maybe somebody wants to write a little wrapper to handle that but I couldn't figure it out so you have to load you have to look at the memory map with the LCD in hex bytes so you have your non printable ASCII so you have your ASCII character and then the three non printable ASCII hex bytes so that's the only tricky thing so you can't really only be in hyper terminal the whole time so check out the datasheet which is also on the CD and here's the memory map so those are like the only two core functions we wanted to keep it really simple like there's previous years badges I felt like we provided so much stuff to figure out like what they wanted to hack on and everything and sort of force feed you features so then this year we tried to go the other way like force feed you capability and then you guys can figure out what to do with it so there's all sorts of secret modes we had in March we did this call for integration and we're basically like what can we do to involve people more and not keep it just like you know Joe locked in his office talking to Jeff once in a while yeah so the idea here was that everybody's we want to try to make the badge more central there's a lot of memory on it and it's something everybody's basically going to unfortunately not everybody but basically the majority of everybody will have so if we're going to put a secret on there or a clue or a certificate or we're going to do something why not besides us having cool stuff on there why not let everybody else that we trust in the contests put clues on there are other areas and try to make it more central to a lot of different things you're going to do and just max out the RAM so there's a lot of stuff on there that is we just had people say put this chunk of data or hide this string or do this or do that so I'd work it into where it would seem relevant to do and a few people have found things but there's a lot there and you know you can get the benefits of different contests the best was at Space Rogue oh yeah is Space Rogue here I guess he wouldn't admit it anyway so we took all these all these submissions from people and we decided which ones were cool that people would really enjoy so Space Rogue from Hacker News Network was like yeah I want to give away a free t-shirt we're like alright you're cool we go way back from the loft and everything so we wanted to keep it all secret we figured people would hide data and not tell anybody so as soon as I was like yeah we'll put your data in he sends out a tweet and his HNN all over the place it's like Defconn's going to hide data and we're like you totally just blew it and the whole story and told him that Jeff was really pissed and that we were going to take it out and everything and he's like profusely apologized that's funny because I never heard from him he's just like sorry dude but yeah so we tried to keep everything secret and actually I'm going to tell a story that might embarrass two people here I don't think I've ever met them in person so that's why I'm going to say it so one of the things was this guy that was like yeah man you know I'm going to actually propose to my girlfriend and I want to do it through the badge and I'm like yeah I'm like a sensitive kind of guy you know I'm like I got goosebumps and tears and you're Joe smooth I'm known to be pretty suave with the ladies so I was like that's cool that's a good way to propose and he couldn't get the airplane with the streamer because you can't see it from inside of the river so we were going to integrate this secret message of some sort for the person to find and he would propose and you know probably would have made like a big production out of it and he probably would have come up here and stuff so we had him on the list and then as I started integrating stuff I emailed him I'm like alright man what should we do and he's like actually there's a little problem I'm not getting we broke up and then I got an email from his ex-girlfriend that had said you know something basically the same thing it's like sorry or whatever I don't even know how she knew what she was going to propose to her unless she was like reading his mail or something it was really it was actually really strange I was like oh that totally sucks and he's like well maybe you can write you know maybe you can put in this poem or something I'm like no it was like a love poem because like wedding proposal is okay for DEF CON but like groveling love poems not okay so that didn't make it in it's unfortunate okay so some other bad stuff these are things sometimes I forget to say so other stuff you might want to know if you don't want to know it you can leave I won't feel bad because there's other talks going on soon and actually we're going to end up with a lot of extra time anyway so you won't miss your next talk really we're actually going to be able to have questions and answers here too okay so the development environment is the exact same as last year it's the freestyle code warrior for 56-8000 special edition is free for up to 64k a flash and we only have 16k so totally free like beer and it's not open source which people always complain about to me but you know the part was chosen for a reason and the tool kind of follows along with it and free scale was nice enough at least to make it free as opposed to charging us money and it is windows only works fine in VM all the tools are on the DEF CON CD so you don't have to go to the interweb or anything to download the tools the one main part that's really cool is processor expert and I mentioned this last year it's all about configuring the peripherals and everyone loves GUIs and no one loves configuring peripherals so it's like a perfect match basically it takes care of doing all of the low level drivers and interface functions for timers and serial port and PWM and everything so you don't have to actually do a lot of the setup you can just select your bean which is what each module is called configure your bean and then drop it into the code you generate code and it will generate it so if you're a level embedded guy you can still develop stuff and I use the beans I use processor expert so if you load up the source code that's on the CD you'll be able to see how everything's configured who's planning on hacking their batch for the batch hacking contest three people seriously are there more five, six, seven, eight, nine, ten that's good we're going up in numbers so this might interest you the serial static bootloader for the last year except this year it's easier to use because last year we just had test points you to wire up a bunch of stuff this year we have the mini USB port right there for your use and all you need is the USB port and a terminal program and you're good to go, you can load your code right up on the batch to enable the mode hold SW1 and SW2 on power up what I like to do since you need to have your computer plugged in remove the battery and then make sure it's off just plug the device into the computer and that way the battery the unit's going to come up no batteries there, you don't have that switch over problem of maybe the batch still being on and you're not able to get into the bootloader so just hold down SW1 and SW2 on power up both LEDs are going to come on virtual comports are going to appear and you're good to go it's waiting for the bootloader so use your dev tools from Code Warrior modify your stuff there's a few caveats with that though you have to make sure that you change the reset in the COP vectors to point to the bootloader, which are the first two in the vector table, otherwise when you reflash your code and you go to run it, it's going to jump right to your user code but if for some reason you brick something or you want to reload something again you can't because it's never going to get back to the bootloader so make sure you change that and if you end up bricking it, there's a way to do it but read the details in cpu.c and for those who did it last year, you're familiar with it already it's 9600 BOD use your elf.s it takes like 90 seconds to load but it's cool because you don't need any hardware at all, like any external hardware and that was the real key, is trying to do something like we can't make it much easier than that but in case you totally screw up and brick your badge and forget to change the vector tables or just do something and completely clobber it there is the JTAG interface on there as well and that's where that 7x2 row footprint is I have about 100 of the connectors that I'm carrying around with me and if I don't get it costed on the way to the hardware hacking village giving them out I'll leave the remainder of them up there and you can just solder them on and use the USB tap hardware which is also what we used last year there will be a few of those up in the hardware hacking village and you can just completely load the flash back on, which is the DC-18 dash width dash boot which is the bootloader so it's cool, so there's two ways to do it and it's just very very simple alright so say you want to create your own graphics and like put porn on the badge or something which if you do you might score very highly in the badge hacking contest if I have anything to say about it so you can load your own graphics basically it uses the at least this is how I did it, if you are into software and stuff you could probably do it a different way but I use the Kent display tool which comes on the CD which was designed for 132 by 64 their older display but basically what you do is you convert the bitmap to an array and you cut off a bunch of the bytes that aren't used to get to your 128 by 32 pixel size so you convert the image and then you use your tool and then you erase the unused bytes and then you copy the data into the array so you said older badge, is the newer one have more pixels? no, so this was the one of their actually I shouldn't even say older display just for a different display, that's bigger that wouldn't fit on the badge, it was like way too big so this part is so new the 128 by 32 that we are using on this badge is so new that they don't even have the right development tools set up yet so we are making use of the old ones and actually I think they are coming out soon but it might be too late for DEF CON to use them but this way is totally fine so here I even made a little step by step graphic, I had a lot of time on an airplane when I made these slides so choose your source file which is going to be your image and it has to be 132 by 64 otherwise if it's not 132 by 64 it's going to give you an error then you just generate the C array and it says C array generated and then if you compare what one should look like on the left to one that you get from the output on the right you have those 4X or bytes at 4 different locations so you just cut those out, they are all FFs and then it looks like that and then you just load that code in and you are good to go so here is the power consumption stuff this is sort of a battery of choice for badges because it's small, it's thin, it's cheap DEF CON 14 we used 1 DEF CON 15 we used 2 DEF CON 16 we used that gigantic photo battery and then last year we used the CR2032 but the problem is it doesn't like high current consumption and it's only really good for things that are very very low standby current and things that maybe have a little pulse for like a second but so that's the challenge is trying to get the power consumption down to a point where the badge would be good and useful for at least the time of DEF CON and this time we finally exceeded it so in idle mode when you're not doing anything it draws about 700 microamps 0.7 milliamps the only power consumption at that point is the microprocessor and it's in a sleep mode but it's not in the lowest sleep mode because it turns out if you put it into the lowest sleep mode you are reducing the clock to like 180 kHz or something like that and you try to debug without bringing the device back into its normal clock and you try to write to flash at 180 kHz you could completely screw the flash like physically damage the flash which we ended up doing a few times along the way and luckily John Winner is one of the guys from FreeScaler who helped design the chip came to DEF CON last year and he's an old school MIT hacker and everything and one of the few people that actually also does work on like Memorial Day weekend and holidays and stuff like that when I encountered this problem I'm like wait the sleep mode isn't working and I can't reprogram my badge or anything and I call him up and he's like hey you know he just happened to be home and we spent the weekend like troubleshooting this whole thing and debugging stuff and getting it working but that was you know who knew that you could physically damage flash using a debugger I had no idea so in idle state which normally is always in idle it's just sitting there sleeping in active mode once you hit a button and it goes back down to 3 milliamps for less than a second so it is a little bit of a peak and then it goes back down and settles and it goes to sleep so really even if you're like continually changing screens and stuff it's not really drawing that much current if you're transmitting through a serial port I'm not going to tell you how that's done it's 6.7 milliamps and you're not going to tell him because because it's a secret you guys writing that down? yeah secret and you maybe will figure it out I'll tell you what closing ceremony is what it's for so you can use this thing for 2 weeks which is cool and I'm really happy with how it turned out say you have typical daily use of an hour active which means an hour of the display updating constantly which you're probably not going to sit there and update it for an hour but even if you do it's still going to last 9 days here's a little power consumption chart for a single LCD refresh you can see it just sort of peaks then comes down really quickly multiple mode changes when you turn it around and selecting your glyphs you see a little more peaks and the serial port is like this steady power consumption so for those that are into graphs I thought that was kind of neat this is something I'm really proud of because I'm not really an analog guy I'm just a digital guy I designed embedded systems and having to take out and use a MOSFET and a diode was like cool I'm a real engineer now so the seamless power switching was something I mentioned was really important but why run it on the battery all the time if you're going to plug it into your computer but what's also cool is say you plug it into your computer then you want to take out the battery you can do that and the system's not going to crash or say you have it plugged into your computer and then you want to go mobile you can plug in your battery and then take out the USB and you're still going to be up with no glitching so the way I have it set up here is there's a god I hope I remember this this was a long time ago when I did this I have a p-channel MOSFET that's on by default because I have R4 pulling it down meaning that V-BAT is going to connect to VCC and then VCC is the system power that goes everywhere else when the USB is plugged in then the 3V3 out which is from the FT232 which is a 3.3 volt low dropout regulator output that's used it's like a 25 milliamp current source so you can power some things with it when you plug into the USB port so that line goes high and turns off the MOSFET and then the battery is isolated from the circuit and then you have the D5 now passing current the other way from 3V3 to VCC and there is a little bit of leakage from the body diode of the MOSFET so there is some leakage coming back into the battery but it's really really small like nanoamps and that's okay to back power a lithium battery at nanoamp range but if it's something larger and say you put in a different MOSFET for some reason you could like plug it into the battery and then the one other interesting thing is the voltage drop across D5 causes VCC to be lower so we're not actually seeing 3.3 we're seeing like 2.6 when we're running it off the USB port and there's all sorts of problems that I ran into with diodes because you always think of a diode as being this ideal device it's like you let current flow one way and it blocks the other way but it's not really like that in the real world current will flow one way the voltage drop across the diode so basically the higher the voltage drop the less leakage the less reverse leakage you have but then the higher voltage drop you lose that voltage so I was going with a really low voltage drop device because we were on 3.3 volts and I was like I don't want to drop it too low but then I was actually powering the device through I was powering the FTDI part the USB to serial adapter through the battery so it shouldn't be on so it was this whole problem when I switched out the diode to just a more general purpose one and it worked fine and here are some other pretty pictures so this is switching from battery to USB god you can barely see that but VBAT is at the top and then you can see 3.3 out is low and then when you plug in USB it goes high there's a tiny little like 50 microsecond glitch at VCC when it drops from battery voltage down to the USB voltage but it totally works and here's the other way of USB to battery so say you have it plugged in and then you pull it out and it goes back to battery you see a little like half volt droop but that doesn't affect the system operation and you can see the battery or 3.3 out sort of drain and then the battery stays level so all sorts of neat stuff badge types here are the different quantities so 7,000 human sorry it should have been like 10,000 but live and learn I guess correctly estimate it and people are always like well why don't you just order more badges but those badges cost money and it's hard to get stock and then we don't want to end up with like 2,000 left over and then this year there just were no more parts yeah so that was the other thing we originally actually were going to do 6,000 human badges and after I'd ordered all of the parts and got everything sent over to the factory Jeff was like can we order more we should probably order more and I'm like alright so we ordered 1,000 more and it turns out that I called up free scale I called up all the distributors trying to get 1,000 more of the 56F8,006 semiconductor there was only like 1,000 left in stock in the world because all the factories now are on what's called on allocation and they're so backlogged it's ridiculous like parts now anywhere you look most parts have like a 17 to 26 week lead time so we could get parts for next DEFCON but not for this DEFCON and that's anywhere you look so we could only end up buying 1,000 anyway so it's luckily that we only did that yeah just really wild so let's see Uber there's 30 so you want to get one of those actually yeah so what I didn't mention in these slides is you guys remember like all the customs issues we had right from the 2 years ago and last year where parts were getting stuck in Chinese customs going to the factory so they couldn't even start manufacturing badges until like the Monday or Tuesday of Black Hat before DEFCON and then of course that was the year of $30,000 of overnight FedEx charges which brought the cost up of the badge a lot $30,000 of FedEx loved us that year so getting stuck in Chinese customs just was not an option anymore we just couldn't take it like I couldn't come up here again and say sorry guys the parts are stuck in customs so as luck would have it eTechNet has had a lot of problems with customs going into China so they ended up setting up an office in Macau which is a special region and has different customs rules than the rest of mainland China so we could send stuff to some person at some law office somewhere which is just some one room in a gigantic building somewhere we could send all the parts to Macau and then somehow they smuggled them into China into mainland China I didn't ask how but it worked great so all the parts got through totally fine we did have a few problems coming back into the US when all of the badges were built because of some documentation problems we were shipping it to the Black Hat warehouse care of Caesars Palace care of some other warehouse with Joe Grant and there's all these addresses and customs I guess is getting really strict trying to bring stuff into the US now and I heard they hold stuff all the time so there's a documentation issue that Ping took care of and the good thing is at least they spoke English so it was easy to deal with that and the next day the parts came through a little hiccup here's the little time chart that I always show this was interesting because it's like half the time was on firmware and half the time was on hardware and let's see research meetings we didn't really have a lot of meetings and administrative stuff compared to last year so it was 150 hours total last year was I can't add that up so quickly a little more I think it was like 160 in the year before it was 180 so we're getting more efficient the less time we're stuck in customs yeah less time waiting okay so batch hacking contest once again Jeff is going to help me judge so you guys don't don't think that I'm playing favorites because I don't play favorites anyway but Jeff's going to help me because last year there were so many submissions and there were so many good ones we're like oh my god what are we going to do and I call him like freaking out trying to get some help so we're going to be judging the entries and you actually get to win a black badge if you win the contest and I've all sorts of prizes I cleaned out my lab and cleaned out my closet and stuff so there's all sorts of cool things that you really want free scale has actually given a bunch of dev tools and stuff to give away yeah so it's definitely going to be worth going to be worth doing and we're awarding the top three previous entries if you want to read all about the contest and stuff just go to my website and check out like the DEF CON 14 badge or whatever all you need to know is at 2pm on Sunday in the Hardware Hacking Village is when we're going to start taking submissions so I'll be there Jeff probably won't be there but I'll give him the run down when we start deliberating the results and I'll take pictures and video it and everything and you have like a few minutes to show your stuff so I hope to see you guys there and we're looking forward to what you can do especially if you're not in the hardware if you're a little bit nervous about the hardware you can still use the USB serial port I think that's a different category there's people who do all hardware and people who do software yeah we haven't exactly decided how we're going to judge stuff and who's going to win but maybe there'll be multiple winners software only or hardware only but we're not going to tell you that because we don't want to limit you you just do what you do and make your project and hack your badge and then we'll decide what to do about it so that's actually it and we have some time for questions for the first time ever people can ask questions in the room you have to use a microphone and do we have microphones? yeah and I guess before people come up just to reiterate what Jeff said we've been doing the electronic badges for a long time the fifth year and I feel like we've sort of if we haven't solely set the trend we've kind of helped push that and conferences and parties are doing electronic badges everywhere which is awesome everybody has their own constraints and it's cool to see what people are doing but I think it's safe to say that we might do something different in the future if I'm involved and we'll see what happens but it's been a fun ride so far and thanks for coming and stay if you have questions any questions? No?