If you were part of the hacker scene in the 1980's or 90's (or you played a certain tradition in Mage: The Ascension around that time) you undoubtedly have come across the weird, wonderful, bewildering, and occasionally insightful antics of The Cult of the Dead Cow, a crew of hackers originally based out of Texas who were well known for their periodic text file releases. What isn't well known until very recently is that many cDc alumni have gone on to do great things, from starting one of the first security companies to ascending to C-level status at some well known megacorps to overseeing government security initiatives. Earlier this year one Joseph Menn (nice guy, by the bye) wrote a book about them which is extensively researched and fun to read in general. Menn's book tour happened to bring him to the Internet Archive along with some cDc alumni.
My notes from Thotcon 0x0a:
Hacking Con Badges for Fun and Profit
- Given by an EE
- Badge hacking started with DC23, HHV.
- Turned his DC23 record-badge into an analog clock.
- AND!XOR's DC24 independent badge.
- Maple Mini STM32.
- Live spectrum analysis of 20-20KHz as an add-on.
- Mic, pre-amp, FFT running on the uc.
- Wired into the badge, rock-and-roll.
- Inspiration and OSINT - look at the badge when it's announced, think about it
- Get ideas
- PoC - if you don't have this, you're not going to have anything
- dev & debug
- DC25 - NRF52 - 503.party
- Blow up any images you can and start thinking.
- BMD-300 module
- OxVox - synthesizer and firmware for the badge.
- Thotcon 0x09 badge - Thotcoin miner
- Arduino to toggle the pin to mine as many coins as possible
- Spoiler alert: 0 coins
- ESP8266, similar to the Sparkfun devkit. Picaxe x4.
- Rewrote the firmware in the EPROM that holds the coin count and changed the value. :)
- Added a speaker and amp, built a CW repeater for morse code.
- It's not a badge, it's a development board. Changes how you think about it.
- Addons - badges for your badges.
- DC26 shitty add-on connector, four-pin I2C interface, VCC is marked. Male pins. 0.1" pin pitch.
- Master badges have female headers.
- SAO Genie, based on TPM Genie, PoC for I2C sniffing.
- Badge -> SAO Genie -> Addon to monitor traffic, serial interface to hook to a computer.
- Destination address, packet contents. Passthrough, inject, modify, block packets.
- DCZIA badge - 4x4 keyboard
- Crappy audio processing unit to make a sequencer or a synth.
UPDATE: 20191230 - Uploaded much better video footage to my Peertube account, linked appropriately.
My preparations leading up to HOPE 9 were something of a last minute scramble; at HacDC the night before we left for New York my trusty cellphone of four years decided to give up the ghost. This meant that I had to get to a Sprint store early on Thursday morning, pick out a new phone (a Samsung Galaxy S-2, which appears to be a later model of Lyssa's phone) and set about migrating all of my data in the little time there was before I had to hit the bricks. This meant that I fiddled with my new phone with one hand while eating lunch with the other and spending scant time with Lyssa before trying to head out the door. I then thought better of a two mile walk in ninety degree weather to the Metro station with a suitcase full of equipment dragging behind me. Sometimes, common sense is the better part of valor and so I hailed a cab to the Metro station. From there it was a short ride to Union Station downtown, where I killed a couple of hours looking for Sitwon and Haxwithaxe, drinking coffee, and hunting for functional power outlets. They are surprisingly scarce in Union Station and once we found one it was a stroke of luck that I happened to have a power strip in my luggage so we could top up our devices.
Unusually, we didn't take an Amtrak train to New York City, opting instead for a Boltbus, which many of us have heard about in the DC metroplex. This was actually not a particularly good choice of transportation I'm sorry to report. First off, the Boltbuses are double-decker vehicles, and while it's swell to sit up top and all the way in the back the swelling goes down rapidly. Most of the Boltbus seats on the upper level are cramped and make for an uncomfortable trip. Also, the power was dodgy the whole time and we couldn't be sure that anything we had on us could be recharged. The wireless on the bus was similarly lousy if not practically worthless (the local router/default gateway kept cutting in and out so no packets were going anywhere). I cursed the lack of time to root my phone to enable tethering strongly... but at least cellular service was working becausee we were getting Twitter updates from colleagues who'd gone on ahead and warned us about getting stuck in traffic the likes of which I'd not seen since the double-wide semi overturned on the Beltway a few years ago.