I’m finally back from Toorcon after some flight delays. I had a good time. Met some cool people and saw some good talks. One worth mentioning was Dan Kaminsky’s talk on DNSSEC. He brought up some good points on how DNSSEC could be the “answer” we have been searching for, for secure email. (and other things) Another awesome talk was about Session Hijacking. Although this isn’t a new topic, Eric Butler and Ian Gallagher did release a pretty badass tool called firesheep, which I will be talking about in my next post.
The Badge
Before Toorcon I was under the impression that the badge would be an electronic badge by the guys who made the Defcon Ninja Badge this year. (cstone and woz) After emailing them a couple days before, I was informed that due to some time constraints it wasn’t going to happen. They might possibly use it for another con in the future.
The actual badge was some laser cut acrylic (possibly from metrix?) in different colors for various types of attendees. They were shaped in the Toorcon gear logo.
They announced they would have a badge hacking contest and provided some parts to solder up cool stuff to the badge. I apparently didn’t get the memo they would be providing free (as in beer) stuff to do some hardware hacking on the badge. So I took a trip on the bus to the closest radio shack and bought some LEDs and stuff.
I really wanted to find/buy an ATmega (168 or 328) to put on the badge but I couldn’t get a hold of one. By that time I had already put in the LEDs, 9v bat, and LM7805 voltage reg. So I looked around the table and found an NE555 timer chip. My theory was to blink the LEDs on off in a sequence. After spending a ton of time trying to wire the thing up with the proper resistors and capacitor I ended up giving up and just wiring them up. Either the chip was bad or I messed up on the resistors/capacitor and the timing was just really fast so it looked like it was constantly on. Here are a few pics:
I had to leave a bit early to catch a flight home, so I didn’t get to a few talks I would have liked to see. (woz’s “Hardware will cut you.” And Joel’s “LANrev’s Multiple Vulnerabilities Come to Light”)
Oh, I did meet someone from “Square” which makes software (and a small device) for doing credit card transaction on your iPhone or iPad. He ended up giving me one.
I might trying playing with this a little bit when I have some spare time.