Hyr0n of the AND!XOR group joins the podcast this week to discuss the DEFCON 30 Hacker Smart Watch and what we can look forward to next year.
Right to Repair is going global and Stephen might have solved his injection molded component's void by tweaking the mold design.
What separates good documentation from bad and which kind of application notes do you like? Also, Ancient Chinese Semiconductor 7-segment drivers!
Figure 1: Zapp riding some kind of mechanical beast.
Figure 2: Hyr0n showing off the new badge!
Figure 3: New DF25 badges being made.
Parker is an Electrical Engineer with backgrounds in Embedded System Design and Digital Signal Processing. He got his start in 2005 by hacking Nintendo consoles into portable gaming units. The following year he designed and produced an Atari 2600 video mod to allow the Atari to display a crisp, RF fuzz free picture on newer TVs. Over a thousand Atari video mods where produced by Parker from 2006 to 2011 and the mod is still made by other enthusiasts in the Atari community.
In 2006, Parker enrolled at The University of Texas at Austin as a Petroleum Engineer. After realizing electronics was his passion he switched majors in 2007 to Electrical and Computer Engineering. Following his previous background in making the Atari 2600 video mod, Parker decided to take more board layout classes and circuit design classes. Other areas of study include robotics, microcontroller theory and design, FPGA development with VHDL and Verilog, and image and signal processing with DSPs. In 2010, Parker won a Ti sponsored Launchpad programming and design contest that was held by the IEEE CS chapter at the University. Parker graduated with a BS in Electrical and Computer Engineering in the Spring of 2012.
In the Summer of 2012, Parker was hired on as an Electrical Engineer at Dynamic Perception to design and prototype new electronic products. Here, Parker learned about full product development cycles and honed his board layout skills. Seeing the difficulties in managing operations and FCC/CE compliance testing, Parker thought there had to be a better way for small electronic companies to get their product out in customer's hands.
Parker also runs the blog, longhornengineer.com, where he posts his personal projects, technical guides, and appnotes about board layout design and components.
Stephen Kraig began his electronics career by building musical oriented circuits in 2003. Stephen is an avid guitar player and, in his down time, manufactures audio electronics including guitar amplifiers, pedals, and pro audio gear. Stephen graduated with a BS in Electrical Engineering from Texas A&M University.
Special thanks to whixr over at Tymkrs for the intro and outro!
All right, welcome to the macro fab engineering podcast. We
are guests tire, and zap.
And we're your hosts Parker, Dolman
and Steven Craig. This is episode number 69.
If you enjoyed the map, please let others know about us. Tell your co workers, your friends, your family, your loved ones, share it on social media at macro fab or follow us on Facebook, and our Instagram is at macro fab Inc. At some point during the show, we're going to announce a secret code word. If you email us the code word and your address we'll send you some cool macro fad swag. The email address is podcast at macro fab.com. Now we don't even know what the secret code word is yet figured out sometime during the podcast. Neither our guests which this week is Hiren and zap have an not x or Hi, Ron. Hi, Ron is a mathematician, computer scientist and systems engineer making the world a better place with homebrew booze, and electronic bullying. And zap has been writing software since age eight, eventually making a career in developing for Java systems. He has since been promoted away from the keyboard. And his life is now Now Ms. Office and meetings which is how he wrote it. But I don't think he actually is the MS Office Suite.
Thanks for coming on, guys.
No problem. Thank you. Hey, thanks.
So um, I think this is the first like incognito podcasts we've ever done. Where no one knows your real names.
Dun dun dun.
You're speaking of Hi, Ron and zap. How did y'all come up with your online handles?
Oh, well. Mine's not too exciting. And I really got into a lot of PC games, and ASX on the PC way back in early 2000s, one of my favorite and there's a side quest, and they're called the higher end project where there's like a bunch of quantum computers that are slaved to humans, it's managed by the Illuminati, it's, it's just like an RPG game, but I like the handle. So I continue to use it over whatever, 1617 years now,
has there ever been anyone that's like, I know that reference.
I barely I've had it a couple of times. It's like a secret nod handshake, where you're like, what's up? You know, the old PC game that no one played, but has tons of respect.
You know what was great. So since we're doing a remote podcast here, we sometimes have a little bit of latency issues. And right when you said humans, it kind of it kind of skipped just a little bit. So it was like, it was pretty. It's pretty great.
It's the Illuminati jumping in controlling the podcast.
Oh, right. Yeah, yeah. No, they're censoring from from far away.
And zap. So y'all make a bender board. Is that brand again? With us today?
Yeah. So I I'm a big fan of the Futurama series. I really, really wish that the show would come back. But I love the ZAP quotes. Not really the way I treat my wife or anything but I do love I do love the character. And actually for the the macro fab YouTube video we did. I was like, I need a handle. Because I don't wanna use my real name with this. So I was like, that sounds like a good one. So I just adopted it. So nothing schools hiring.
You know, you know how the for like, family guy that did the Cleveland Show and stuff. What if they made that brand again? Show? That'd be amazing.
That would be awesome.
So yeah, okay. And then what about and not XOR? Gates, but.
So yeah, it's gates. It's literally something I created while walking through the halls of DEF CON at DEF CON 20. I made a Twitter handle that meant nothing. It means nothing. The original idea was let's figure out a way to troll all the DEF CON attendees. Everyone was crazy about going to parties, let's come up with a fake party, tell people to meet us at a place we weren't. And we'll give them tickets to this party that doesn't exist. So I Sorry, not sorry. But you know, that's how it started.
That's awesome.
And we fell for social engineering that's on them.
Yeah. Yeah. So we got about 100 followers out of that. And it just became the label for the group of three and now we're up to five people. And now we actually make real things and we don't troll people anymore. No, not too much.
Yeah, I bought say you seen the Kickstarter?
This year's badge.
Speaking of the badge, when you go to the end, not EXOR Twitter page, what's badge life? Hashtag badge life? What's that all about?
So it's, um, it's a lifestyle, right? So I have a full time job, I ran the other three guys, they have full time jobs as well. So it's pretty much every hour, we have a free time is going to developing this badge. Certainly not making a profit off of this if you're spending all your time working on it. So it's more of an endeavor to learn new things, try new things you've never done before. And just put some cool hardware into a bunch of hackers hands.
And these are badges that you actually were at DEF CON right?
at DEF CON with all the other badges you can collect. It's kind of like Pokemon.
So yeah, that's, um, because DEF CON has their own official badge, correct?
Correct. They have about every other year it's electronic. And there's usually a very deep puzzle in it that that loss creates. And then there are a variety of other groups probably about 12 to 15, maybe 20 groups that also make their own electronic badges that they fund their various villages and parties with ours. We just make for fun because we can.
So when When did making badges for like DEF CON and stuff start?
Ooh, that's like a trivia I. I mean, they've always had them but I think electronic badges didn't pick up till what? DC 1617?
Yeah, I think 16 had a TV be gone badge. And DEF CON is a history of very creative badges. They had one those filled with goo. They have a black badge that has a radioactive material and and others that are other black badges or mechanical. So it's kind of part of the culture.
So does it kind of become like this, this big ordeal that people spend a lot of time on? Or is this something that you guys are a little bit unique in that way?
We are certainly unique. And that's probably part of the badge life, right? We spend a lot of our time working on this. A lot of people spend time trying to collect them, and try to hack their contests around hacking these badges from a variety of groups. DEF CON hacking, the DEF CON badge is certainly the biggest contest out there.
So the you said there's a lot of different groups that build different badges. Is there like a community around that or forums IRC channel? Or is that like secret? Because you don't hear about it, because you see badges all the time on Hackaday. But there's like, you don't see like the behind the scenes, I guess about it.
So a lot of the ones that Hackaday we learned about the first time on there, but there there are some back channel type of communications between a lot of the DEF CON groups, and then some other besides in small, smaller conference groups out there, where we share experiences and lessons learned horror stories with vendors, whatever. And so we try to help each other out try to encourage each other. And overall, that's really upped our game, especially this year, where we've we've got much better products, and I've gotten some previews of some of the badges coming this year. And they're amazing.
Yeah, I was reading some of the information about your badge. And because why bring it up is about the community stuff is because y'all mentioned being able to hack other badges. And that that's it's like, is there like some? I guess a, like, a badge protocol. Yeah, I guess. So. I guess you put it that way.
Um, I can't talk about that yet. I'm gonna confirm or deny anything into existence. Okay.
I would say like, you know, how are you making badges hackable? I think it's also one of the design challenges, because when people make a normal piece of electronic or software, usually want to lock it down and make it solid, and don't let people you know, exploited or take advantage of it. But everyone that's making these badges, we're trying to leave backdoors in and we're trying to put hints on there. And, you know, we're trying to make it a game. So people can find little ways to break into it, change it, do do unexpected things to it. So it's kind of a project in a game, not just something you wear around your neck.
So is that kind of expected, in a way? Like if you if you see one of these badges, you can expect that there's more to it than maybe what you see.
I would say so. Yeah.
That's clear. There's a lot more to our badge and what you see. There are ways to hack between badges and some other techniques. That will reveal later, but there's some really cool things we built and we spent a lot of time on it. And if you look at some of the write ups on past badges, such as a cipher con 2.0 badge, they built in ways for you You could hack one badge and then pivot over to other badges that are nearby, and pivot and pivot and pivot and so on. So there's a lot of really creative stuff that goes on with these things.
Yeah. Or if you look at, we can talk about last year's badge more, if you look at the DC 24 vendor badge. I mean, you could plug it into a USB ports fire up putty, and there was a complete maintenance terminal with different unlocks and games where every time you would unlock something a different LED would light up, and you would get certain blinking or certain modes or games unlocked. If you got a certain score in a game, you would unlock something else if you set your name to something or if you tried to make the name overflow happen a certain way you could you could make something unlock a different way. So
we kind of decided to punt on layers to this. Yes, like Taco
town. Like
they shared this SNL skit with us before the podcast called Tucker town. I guess we'll have to put that link in the podcast description now.
So I'm thinking here, why not just make a badge? That's just an enormous EMP pulse. And it just blast and destroys all the other badges. And you're like, I hacked them all. I won.
I'm gonna write that down in our spreadsheet for next year. Okay, there we go.
Don't call you next year Steven and say, How can we make an EMP pulse that will fit in a briefcase so we can actually bring it?
Yeah. Well, if I could do that, then I don't know the government would take me away or something like I would
be. I would be more scared of those that run the north end of Vegas and Caesars Palace.
Yeah. Yeah.
Can you imagine if he took out like all the slot machines?
Yeah, you wouldn't be a lot back at Vegas.
So yeah, so Las Vegas DEF CON, right. I guess I don't know all too much about DEF CON, because I've never been, I've actually never been super interested in it. Because always sounds like it's a software event because you know, it's hacking. But with all this bad stuff, it's more piqued my interest in terms of because you know, I'm a hardware guy. So if someone goes to DEF CON, what should they expect? I know, it's a big question. But
no, it's a good thing.
It is. So it's a very eccentric group. And it's a very broad range of interests. You mentioned software, and hacking, right? So software is just one aspect. They hack everything from cryptography to cars. This year, they've added voting machines. Wi Fi, Bluetooth. Wait,
did you say voting machines?
Voting Machine? Yeah. I just learned this week is new to Def Con this year. That
legit hacky, not like, life hack crap, which is like using a household item for a slightly different purpose.
Yes, there's a whole village on how to eat bananas upside down.
I killed a cockroach by hitting it with a cast iron skillet. I've had my cast iron skillet, right. Yeah, exactly.
And, and the reason they do some of that is, I think they kind of look at it, like, you know, the power of many is better than a few. And if you pick a security conference, like DEF CON and bring your voting machines there, you have somewhere in an audience of 20 to 30,000 people that can have free rein at your equipment, and you can figure out what's wrong. And then in the way the community is happy that they're contributing to make things better. You know, it's sure I mean, and not just like he said, not just software and as AP was mentioning, like, like said cars and voting machines. There's, there's lockpicking villages. I mean, last year, I started getting more interested in picking locks. And it's, it's kind of a fun thing. You just get some clear locks and a tool set. And it's a good therapeutic way to watch TV, even, you know, helped me get interested in like this macro fab podcast kit that showed up and the combo was off. So I looked at it, I'm like, Oh, it's a three wheel combo. I'm got my little eyepiece out, looked at the side found the white knotch and the plastic and I didn't even know the combo actually crack that and got it back open. But you know, you can go there and say, Yeah, I'll send that to you guys didn't have the right combo, but I got it open about 30 seconds. But you can go there and learn to pick locks if you want. They everyone will sit down and teach you if you are willing to learn and it doesn't have to be software. It can be computer hardware, cars, voting machines, locks. Social engineering is a big village there. So you know. Yeah.
You mentioned villages. So what are those?
Like? They're much bigger than booths. They're full conference areas. They've expanded quite a bit. I think they're up to a couple 1000 square feet apiece. But they have entire talk tracks of their own. They a lot of villages have their own badges that will help fund themselves. They will they'll have demonstrations and hands on events. It just depends on the village. There's an IoT village, which I know Steven, you'll be interested in.
Oh, that would be great. I would I was have a field day in that is there.
Is there an IoT toilet that you could use? I guaranteed?
But it's pretty much can
you hear me? All right? Not us.
Yeah, yeah, it's pretty much break all of our IoT stuff, right? Its own it. Sure. So there's depending on what you're interested in, there's usually something there for you. It's not just about hacking in the traditional like CNN, sort of perspective, the guy in the black hoodie, with, you know, asking to keep I was
thinking more of Kung Fury hacker man style. They're the Commodore 64 and Power Glove.
Okay. How, how long does DEF CON go up for?
It's about three days. It's things start to get going on Thursday. But it's mostly Friday, Saturday and Sunday. And Friday and Saturday are all day talks in the evenings. It's villages and contests. And then oh, can
you repeat that
night? It's so in the evenings, it's villages and contests and then late night parties till you know, three, four or five in the morning. So it's just nonstop.
You rooms sleep?
Is that sounds a lot like a pinball fest because those what I generally go to and I actually was thinking like I should build a badge for like Midwest gaming classic.
Yes, you should
a pinball badge. A
pinball? Well, like the the best would be it's like troll people and get a pinball machine and attach it to a lanyard and like drag it or like flavor flavor with the clock. That's a pinball machine instead.
It's a 700 pound badge hanging off of
just put on casters, so be cool. Yeah, there
we go. Actually, that would be
making electronic pinball badge. Make the LEDs the track and the ball bounce around? Yeah, that'd be cool.
That would be really cool.
Okay, putting that in our spreadsheet? Yep.
Like what you said 20,000.
That's a $10,000 idea right there.
In 2000 hours of work. Yes, exactly.
So you can't just buy a Raspberry Pi and it'll work be done.
If you just poke it with a stick wire, how
many emails I get that are like that? Yeah. Did y'all hack my my email? Um, so yeah, back DEF CON. So I know I cuz I know some people that go to Burning Man. And there's a lot of like, unwritten rules about Burning Man. So usually, when you go for the first time you go with a friend. And so because they know the rules, is that is DEF CON like that? Or is it more accessible to like a newbie like Steven and I.
So the only thing I'd say about it as being a newbie, you honestly have to go with a friend, I actually went by myself the first time. Do not bring a phone or don't bring a phone you care about. Turn off your wireless and your Bluetooth and don't take pictures of anybody. Other than that, just have fun and go pick things that you are interested in and go learn.
So what's with the pictures?
Well, hackers, you know, if you go to DEF CON, they only take cash because they don't, they don't want anybody saying them a subpoena and getting who their attendee list is. Okay. So there, there's kind of a culture there that you're concerned about the Feds coming in and, you know, figure out who they are or arresting people, because DEF CON has a history that over the last 20 years or so. I mean, so pictures are definitely off limits.
So no one was Google Glass should go.
Well, don't take Yeah, Google Glass. I've seen people Google Glass. They're certainly it's weird.
Yeah. I mean, if you think about it, it's their 25th anniversary. It hasn't been that long, I'd say even less than the past 10 years, last five years, where you see people advertising jobs for security professionals, like, like people are now taking security seriously, with all the break ins and everything happening in you can be a hacker and make it a real, I don't want to say respectable profession. But you know what I mean, one that's acknowledged, because 1520 years ago, if you're like, Hey, I'm good at hacking computers, you were treated like a criminal. You know, it was it was seen as something that oh, that there's no good that can come from that. And now companies and everyone's realizing like, oh, yeah, the guys who understand security can actually you know, make our software and our computers and our door locks and everything better. So, I still think you know, that's kind of a holdover And just in that main sense of respecting people's privacy, and some are uncomfortable about having their names known, or their faces, taking pictures and whatnot,
totally. So actually questioned, because y'all had to do a Kickstarter for your badge, that you actually had to punch in your real names into Kickstarter. Perhaps. I've never well, we'll move on today.
We did this year versus last year, we did go legit. So we do have a we do have a legal entity and LLC that we're running a lot of us under. So that helps us quite a bit to shield us from that kind of scrutiny. Sure, gotcha. It also is a good way to run, you know, the money and things like that since our project is a lot bigger this year than it was last year. Keeps everything a lot cleaner.
Delaware, right.
California, of all places. Ah, okay, so, yep.
Okay, so the badge, which is why you all are here. specifications. So what? What does the badge look like? I guess it's not just a lanyard with a clear plastic thing with a piece of paper in it.
No, no, that's too boring. What's
your name on it?
So last year, we did the the Bender from Futurama, which everyone knows the bender badge. Turns out that was what everyone liked about it. So we couldn't throw that away. But what's more Las Vegas than Fear and Loathing in Las Vegas? So we we took that theme looked at there's a Hunter S Thompson artwork based off of the the movie and merge it with bender. So basically, it's Bender with the floppy hat. And the sunglasses kind of merged together into into a PCB. And then we dropped all of our hardware on that.
And he's got his little sitting holder, and we had to put a little LED at the tip of that cigarette. Yep.
And his whole grill, I guess, teeth, his
his whole. Yes, this whole grill is a four by three LED matrix. So we can make that light up and do all sorts of interesting patterns. Each is an LED and then as well as the cigar.
So I guess, I guess we're going for more visuals, we exposed the underlying mask to that make the little stencil for the sunglasses. So you have this nice copper exposed sunglass RAM around the eyes as well.
Yeah, if you if you look at the in the right light, you get the nice the the sunglasses actually kind of shine pretty, pretty nicely on the rims. As far as the specs, we have an ARM Cortex M four F, it's based on the Nordic NRF 52. And we're using the BMD 300, module, small company based out of Salem, Oregon, that helps us out with that. And then yeah, that 128 Go ahead, that
guy's got a built in Wi Fi.
Built in ble 4.2. Okay. Yeah, it also supports ant and NFC. We didn't support either one of those. We're just doing the BLE this time around. Interesting story about that company. So I cold emailed them out of the blue asking for samples. And within a day, I got a response back directly from the CEO, who is traveling in China with an out of office reply, saying to his entire staff hook these guys up, give them a real for this nice price. And send them a bunch of samples. Because we love DEF CON. Turns out that the co founders of that company are both DEF CON black hat or DEF CON Black Badge Holders. Ah, so we we struck a chord there with these guys in riguardo. And so that's what we ended up picking this year because they hooked us. So did
they know or did the CEO CEO know about the bender badge? Or Did y'all just say, Hey, we're building a badge for DEF CON.
We just said, Hey, we're building a better DEF CON. And it helps a lot helps a lot when you have past work. So he sent the Hackaday article on last year's badge, we sent a lot of the media and things like that. And so this is what we did last year, this what we're planning to do next year. What what sort of samples do you have? And they just hooked us up? It was it was great.
Yeah, we'll totally pimp them on the blog. That sounds really cool to them.
Yeah. And again, they're a small company out of Oregon. So we'd like to support them in any way we can.
So that so the badge. More my questions I want to ask is because when you read like the Kickstarter page and stuff, it talks about a lot of like, blinking and blinking LEDs. Now is there is there a way is there too many blinking LEDs that you can put on a board? Never Never.
Your hopes and spirits never, never, never. I mean, there's so many GPIO
Yeah, well, you can always you know, matrix them or Totally flexing to get more, and you're using the WS 2012. So you can well I think the datasheet says like, it can be infinitely chained but
they think they can be, although in practicality that doesn't work very well,
I think you max out like 500 or so. Yeah,
in one of the issues we have this year is the WS 2012 B's, they require very precise timing as everyone knows, I really don't like these things, but we had to fall back to them this year. So in order to get the timing, we had to DMA the data over over spy to them. And with the Nordic DMA that limited us to 20 LEDs. Fortunately, we only have 15. So we're okay for this year, but it's a bit of a hack. But that's what we're doing there. And with bling. It turns out hackers like bling. It's one of the big selling points with badges is does it flash and does it have a screen? I'll buy it.
Hackers are it's like this kind of stereotype I guess. But it's like black T shirt, blue jeans, blinking LEDs. Is that like, is that like what you should wear when you go to DEF CON?
Exactly. Or a blinking shirt? There are some shirts that have el displays on them that you know have spectrum analyzers or something on them. But yeah, anything with lights, black shirts and cargo shorts. You're okay.
Oh, man, I haven't worked cargo shorts and like since high school.
They have to be hiring only wears cargo shorts. They're utilitarian. That lots of stuff. Yes.
Got a carrier pineapple somewhere.
You can ask my wife, she's upset that I only own cargo shorts. And she tells me I need to grow up.
So, um, what's kind of software you're running on this badge? I mean, stuff that you've written. But
yeah, so I've done most of this. Go ahead. Oh, I
was just gonna say
windows 95
No, I'm kidding. I'd be really impressed if that was true.
We wanted to we really wanted to run Doom on this and we we couldn't make it work it would have used up all the flash and would have been pretty much all of our time to run one simple game.
You always got to have a goal for next year. If you
have a fear and loathing Bender that please do me hanging from your chest. Oh, you would crash Hackaday Yeah, no, it did. Wait. They just shut down the website because they don't need to post anything
else. Sorry. Hackaday is closed in the last post we just posted. Yeah.
Now I'm disappointed in Crash Hackaday Darn it.
Because usually it's the other way around your website crashes because the Hackaday
what was it a poker you sent me a comic the other day where it was like, aliens landed on Earth or something like that. And they dropped some like super futuristic computer and scientists were looking at it. And then hackers just ended up putting Doom on this like super futuristic. Oh, no,
it was like the difference between a computer scientist or computer engineer and a computer. Scientists computer scientists is like, this alien computer is so complex. They'll never understand its architecture and the computer engineers like he pops out of it and goes dooms running on it. Perfect. So So yeah, so next year, right guys doom.
Next year Doom, and why not multiplayer Doom while we're at it since we're coming up with a big idea
if everyone at DEF CON automatically linked together and was in like a giant Doom deathmatch? Yeah, there you go. There's next year.
I don't think Well, that's a few years processing. You can get that to work.
Yeah. What is this blast processing other than what Sega Genesis their? Their code word for speeding up their processor, temporarily.
Oh, yeah. So of course, we had to put some walls on the page. But yeah, Sega had some BS advertising. And I think a lot of people thought it was the processor. It refers to the DMA. Yep, they get they get to the memory faster. So they could just grab the data and shove it into the video processor. And I think it helped you get your colors, I think up to 256 256 per line. I'd have to look it up. I can't remember but in comparison to what the Sega could do, I think it like seven megahertz or whatnot. Our riguardo exceeds that. So we met our goal for satisfying blast processing for DMA.
So you run that you run those LEDs faster. Oh, no, you have a screen on it, don't you? So you're running the screen, right?
Yeah, it's a it's 120 by 128. Display. It's 24 bit native. We run it 16 bit And we're pushing from the SD card at about 5.9 megabits per second.
Are you running? Spy off the SD card? Or actually four bit?
No actually spy? Okay, it's we have different spy buses, we're just DMing just straight across
YOLO Yeah, that's
actually because, um, because I helped design a Pinball Controller. And, you know, the do four bit off an SD card, you have to have like, proprietary, you know, crap, and pay a licensing fee, so we just spy out of it. Interesting, cheap and
easy. A spy was pretty Yeah, Nordic just came, they came with a driver for that they actually released the driver, right when I was starting to use the SD card. So it was perfect timing for me. So I just hooked up the spy and then basically dump the data into a buffer and then throw it on to the DMA for the screen. And because we're using the 565, big endian format for all the images, we don't have to do any processing. It's just a straight through. So if you look at our Hackaday posts on this, you can see that we're reading and writing reading from the SD and then writing to the display at the same time. And getting about 22 frames per second with that.
And the the screen is that they is it spy interface. If you haven't it is what was that?
Yes. Okay. Yeah, so
that's normally two fps for a spy screen is actually pretty good.
Excuse me. Yeah, it's,
it's 33k per frame. So we're pushing quite a bit of data across, you're
ripping it, what the what's the speed on that?
5.9 megabits, or greater to that to the screen. And it's an eight megahertz spy bus. Cool. So we still have some, I guess some overhead that we can tease out of it. But I'm not really going to go after that. Which 22 is more than enough for this project? Yeah.
Well, the human eye can only see 30 Right.
Yeah. And actually, when you when you look at it in person on the on the badge, it looks it looks nice and seamless. So it's good enough for us.
Alright, so last thing about the badge, secret components. Can you all say what that is?
So we can reveal one thing. There are some things we're not ready yet. They're not quite done. But we have a thing we call it ticklish. So it's a tickle interpreter and we call it ish because it's it's like tickle. It won't run your favorite tickle scripts if you have any. But it will let you put these. Let you put these tickle scripts on the SD card. You can read IO you can write IO you can change the LEDs draw to the screen, do a lot of different things in the badge that we do in the native C code.
So you're not bullshitting us ticklish is actually a language
that will tickle is a language. Then we put a tickle interpreter on there. And we call it ticklish because we there are about seven different commands that came with the interpreter we put on there. And we added another 34 unique badge things hacking things.
You know what, Parker? I think we found our code word what's code word? ticklish. ticklish. ticklish is the is the secret code word for this. But
I actually was going think about tickle interpreter.
Yeah, let's just keep it one word. So yeah, email that into podcast at macro fab.com along with your address, and we'll send you some sweet gear. Yeah.
As TCL is H O.
There's a there's a specific way to spell it. Yeah.
So yeah, I think one thing we didn't mention, though, for for DEF CON 25. Their theme is is kind of a throwback. Like if you look at the images and what they're trying to go for. It's it's supposed to be like this retro back 25 years theme. So we tried to make sure all of our features kind of have this throwback theme. Like we purposely picked tickle, because it's it's one of the older languages. We got some older games on there like ski free and and we made our own flappy we wrote a chip eight emulator to pull more games on their chip eight being older, older cosmic fib system.
So in ski free does the Abominable Snowman run after you and eat you
know, but ManBearPig
amazing. That's incredible.
And you can make work on a 128 by 128 screen.
Yeah, it's not too hard to the sprites are about 12 by 12, I think. And the ManBearPig only comes out when you crash. So it's not chasing down the hill like in the old ski free. But it's pretty good still awesome.
So you were talking earlier about why y'all build badges badge life, and it's about learning right? Or doing something that's different than your day to day job. So how long have y'all been designing hardware for? Because your descriptions? That's not what y'all do?
Nope. So I spent about 10 years doing Java, and I feel so bad for you. He should, I don't do anymore. I do office and I do meetings and travel. But when I was hands on the keyboard, it was worrying about how many gigabytes of RAM Should I give my Java virtual machine? So switching over to hardware and especially embedded like this, it's worrying about, you know, how many kilobytes of RAM Am I using by this particular function? Or even how many hundreds of bytes my using so it's, it's a very different world than what I'm used to. For me personally, but hiring but I've only been doing this for about 18 months before DEF CON 23. I didn't know how to solder. And so watching you know, one member of our group, build the crypto and privacy village badge for DEF CON 23. I was like that's really something I'd like to do. That forced me to you know, learn Arduino, learn how to solder and then you'll learn how to make my own PCB. So
Gino was your entry, that gateway drug it was
it was my gateway drug. Literally a week after DEF CON 23. I went home on Amazon and bought an Arduino kit and went through all 15 projects in a couple of days. And learned every single bit of them why they worked, learned all their code, and then moved on to my own thing with the 555 timer made my own PCBs for your ornaments for friends and family and and then that eventually became vendor
in in less than two years, right.
That vendor badge was less than a year it was 12 best it was
a vendor v one.
Yeah. Bender has a 555 timer as a brain, or is it a 65026? Yeah. I remember.
There's an episode where it shows that
yeah, it's fries got the X ray, like flashlight. Oh yeah, he shines it at benders head and it's got six fiber to it. That's up.
Yeah, that's really impressive to come from not really being in the game and producing what you have.
Personally, I love it. This is what I do in my free time now. Mostly because it balances out the office life and the cubicle life. In nicely metal hardware is you build everything from the ground up, everything is deterministic. I know everything about everything in this badge, and the sense of power, there's really, really kind of unique, so I enjoy it. I enjoy every minute of it.
So Hi, Ron, same question.
Yeah, so I got involved in hardware growing up mostly from like a do it yourself Radio Shack kits, I would just go buy things make them and not really understand why they work the way they did. You just you know, you follow schematic drop stuff in solder it and it kind of tailored off when I just got into coding. And the closest thing I got to hardware for a while is I would do a lot of C and assembly programming in college actually worked on a lot of emulators, like Nintendo Entertainment System and Gameboy Advanced emulators. But then I just moved on to other software projects and more higher level stuff, web programming, doing security on Red Hat servers. But I ended up you know, meeting up with Zap and then last year and kind of the same thing getting the bug going, You know what I'm going to revisit, you know, look at some of the Arduino stuff, get familiar with it again and really learn how to control hardware with the software and you know, get into building that and learning how things work the way they do. I can't say that I'm being a software person. I'm a fan of the Arduino IDE but I think it's a great platform to to learn off of and branch out into more difficult problems.
Yeah, I think that's that's the I would agree there. That's that's what I have a problem with Arduino is people will, that's a great way to start. You should branch out after you mastered that. There's a great huge world out there and hardware that all it takes is just you know that one more step.
So I agree with you 100% there so this year has been all about getting off of Arduino. I was all Arduino last year even the vendor badge was Arduino and getting to something that was pure see something that was off of that in Eclipse and GCC in May? and all that. That learning curve is pretty steep, to be honest. But it's very rewarding. And I have a lot more control over the hardware now than I do, which we know
we're able to, you wouldn't be able to do the graphics driver and everything we've done on that small ship if we were doing what we were doing with those kind of limitations definitely worked out. And we got some programming some chip a the assembly to wrap it in our C to wrap it on there. Like a taco town game.
Assembly is fun, isn't it? Oh, yeah.
Especially for some obsolete piece of hardware that you don't know exist anymore.
That's actually exactly I was on the hardware track for electrical engineering in college. And that's you learn assembly first. And then they kind of teach you see, and they pretend to teach you like an object oriented programming software, like Java, they pretend to. So no, I yeah,
my first I was computer science. My first day was here's Java, Go learn it write a HashMap be done in three days. And half the class dropped.
That that was my solid state class. Here's how electrons flow in, in in, you know, semiconductor, if you dope it with arsenic. Oh, man. Awesome. That was when half the class dropped out.
Not ours had a weird branch like we we went to like, you know, Intro to Computer and then we did C. And before we went to C++, they want us to take assembly. And then they had these special one off classes. And I think at the time, they didn't want to get in trouble for what they were doing. Because after we learned assembly, we went and they said, Okay, we're really going to teach you how to do a Nintendo emulator. And we're going to teach you about hardware registers and memory registers that don't exist and how to map them over and deal with op codes and everything. And it. So it's kind of nice to look at it from a software perspective, trying to emulate that hardware. But it's, it's it's not as satisfying as getting your hands on the actual chips.
Oh, yeah. Actually, you know, messing with registers. That's the juicy stuff.
Oh, yeah. So guys, how can people get a hold of the badge? Besides, I guess, going to DEF CON and trading you a badge? So what is DEF CON 25.
So DEF CON 25 is July 27. To 30th. It's in Las Vegas, the best way to get one of this point is to be at the right place at the right.
Two months. Design a badge. Find these guys and trade them one.
Though, actually, that would be the perfect way to do it. I am obsessed with badges. So if you have one, I will trade you. If I don't already have it, or just find us the right time. We haven't decided on how much we need to sell these four to make back our our costs. But we'll be announcing on Twitter, probably two or three different sales on Thursday and Friday.
So yeah, if y'all find the and X or group at DEF CON 25. and trade them a badge, or I bet you if you bought them beer, lots of beer, you can might get a badge for them, right.
So beer only got you on the list to maybe move in front of the line. So last year, it was a lot more popular than we thought it would be a lot more popular and this year, I think might be the same. But what we did was we use Twitter to tweet out our location. Hey, we're out by the pool or on the ninth floor of Paris. And it was first come first serve. When we did the ninth floor of Paris, we got mobbed by about 600 people. Just the elevators all opened at once. And it was just people everywhere
like a zombie apocalypse of hackers and slightly smelly people. Yeah.
Was Thursday night so people had showered on Wednesday. They don't shower on Sunday by Sunday. But Wednesday they'll smell or Thursdays they'll smell pretty good. So we
were the initial wave.
A wave so that's why we sell on Thursdays to the mob smell bed.
And it was kind of nice. We were coming through Reddit and we found people talking about how they socially engineered people and set up decoys to lead groups in the opposite direction. So they're hacking I guess, I guess that encourages us to really mess with people. Yeah,
I was talking to a group in line they said I was I was with a friend of the bar and you guys tweeted night for Paris. I got up and ran. Like he just left your friend at the bar with a tab to go find one of these badges. Like that's crazy. So sounds Yeah, it sounds legit. We'll probably do something similar this year. I think part of the experiences you know being Right Place Right Time. Hey, you know, I was I was the guy I was right there I happen to get it. I think that people will remember that I know when when I was looking for like the ninja badges at DEF CON 20. And, you know, DEF CON 2122 type of thing. That's what I really enjoyed. And that's the type of thing I remembered. So I think giving people that same experiences is worthwhile, because we'll probably try to do something similar this year.
And I'd say the best way is follow and not XOR on Twitter, when you're at the Con and
unfollow when the cons over.
No, no, keep following.
Maybe you'll trust us, maybe you won't, we'll see what happens.
So so my phone runs the main Twitter account, and no kidding in my pocket the entire weekend. It was nonstop buzzing and beeping and everything from Twitter. It was crazy. That's cool. But I actually I'm an introvert but I really enjoyed that a lot. I enjoyed a lot of the conversations I had with people I enjoyed just getting to nerd out about all the specs in the badge, not just as blinky lights. But here's some of the cool things we put into it. And a lot of the thought that I spent the last year on. So that was my favorite part.
And I was actually really impressed at the your hackaday.io page. Oh, yeah. It has all the specs has like, basically almost everything about the about the the vendor badge.
Yeah. And last year, we put the entire bomb on there. We'll probably do the same this year, once. It's final. Now it's just matter of finding time to put it up there. But we'll put the bomb up there.
Yeah, that's actually I was gonna ask is, is it going to be open source.
At least most of the software will be open source, the Gerber's will be open source so you can make your own. We're not quite sure on a couple of the features if we want to release them because we may reuse them in future years. And so putting those in the public domain may not be beneficial. So we sought to decide that as a group, we have to have a board meeting around a lot of beer to decide that.
It should be if no one breaks, like a certain feature or hacks it don't open source that part. So you can sounds like a lot more
work.
You'll have to figure out who actually breaks certain things. But there are some things I think we'll be able to tell if they've broken it.
phones home IOT badges?
I'm not gonna say anything. These are m badges. These are IoT, but I'm not gonna say anything.
Be careful connected to this with your phone, guys. Yes. One last question. Yo, we're talking about drinking. What is your favorite beer? And beer or choice or drink of choice at DEF CON.
So the beer that you bring because Vegas does not import good beer. Sorry.
Yeah. So if you want to know a good way to hack DEF CON with beer is to bring your own bottled Corona. The reason is all the Caesar properties that's what they sell at the conferences, so you don't spend the $9 A bottle?
Ah, yeah, really? It's Yes.
backpack with some ice. That's a good way to do it. As far as my favorite beer I live in San Diego. So we have a lot of really good beer around here. My personal favorite is the Mother Earth Kelly creamin. If you can find it on Nitro. It is amazing. Highly recommended if you're in San Diego, it's a small brewery.
Do they do they sell in stores? Or is it brewery only?
It it comes in the stores it comes in 20 twos, as well as in cans so you can drink in the pool. I've done that a few times. And at the brewery as well and growlers and such but it tends to only be in the San Diego County area.
Let's see mine is a toss up between the local and the next county over I think the favorite that I have and I'm going to be bringing there is the county line right by surf brewery in Ventura County. And my follow up would be Hoppy, Poppy IPA from Figaro mountain brewing, I'll probably bring a few growlers and a funnel so I can refill containers. Sure,
that's what you can use the funnel for.
Refill Corona bottle.
No, it's actually really I never actually thought about doing it that way. Because we at pinball fest, we kind of just bring your own beer and because we have a booth, and so we just fill the cooler up with beer and just have the cooler behind it. And eventually you get in trouble. Because it's like you're drinking beer like that's from Wisconsin and Texas, and stuff like that. So yeah, that's that's a good way to hack it.
So I've gotten into Trouble. Appropriate use of
hack to term hacks?
Yeah. case that one actually.
It's it's counterfeiting.
Yeah, that's actually more like, yeah, counterfeiting
customizing.
So I've gotten in trouble from from Paris because I bought a beer at one of their stores and brought into a conference area. So I don't really feel bad. They're very particular about conference versus Casino. Hmm. So I don't, yeah, we bring our own our own Coronas. And if we want to blend in, or we just bring in our own Ballast Point or something else.
Um, one last thing I do want to start doing like yawn do like a a bottle swap for a beer.
That was delicious. That lady amazing.
Because we got some pretty good Texas beer here in Houston and Austin,
and I think UPS stole some of the beer when I open up the podcast. I saw the little soda holders and they were empty. Oh, no,
they don't have that. We didn't put beer in them. I'm sorry.
What if there were cans of something put in there when it was mailed back? That be
delectable. They go I have I have a Vienna lager and a Munich dunkel fermenting in my laundry room right now. And when those are done, I can potentially can those up and shoot them off to you or not? Can bottle them up? Yeah, you actually talked
to to homebrewers over here too. Yeah, that's, you know, we didn't
go off on that. We're homebrewers as well. Oh, have you guys ever looked at Proflow dynamics?
I don't believe so. Never heard. They have
three stainless steel 304 and 316. If you're concerned about corrosion, but really good quality cam locks. We removed all our barbed attachments off our homebrew rigs and went full cam locks that you can assemble and disassemble the thing really nicely, but they have really really good connectors and adapters.
Fans I'm gonna have to look at that. I so I have an entire my whole rig is SS brewtech right now. Okay. And I am using barbs but my next movement with the brew rig is to go cam lock.
I'm I'm putting a link in our chat right now. Awesome.
And yeah, if y'all are ever in Houston, you know, checking out the FAB, we need to brew.
Yeah, that sounds great.
I would love to do that. I'm totally down.
Awesome. And I guess with that, y'all want to sign us out?
Yeah, so that was a macro fab engineering podcast. We were guests zap. And I'm hiring.
And we were your host, Steven Craig and Parker Dolman. Next week. We have our monthly meetup here in Houston on Wednesday, the 31st of may. You can check the podcast notes for more information.
See you later guys. Take it easy.
Hyr0n of the AND!XOR group joins the podcast this week to discuss the DEFCON 30 Hacker Smart Watch and what we can look forward to next year.
What separates good documentation from bad and which kind of application notes do you like? Also, Ancient Chinese Semiconductor 7-segment drivers!
Right to Repair is going global and Stephen might have solved his injection molded component's void by tweaking the mold design.