║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
╟┐ ┌╢▐
║ For the first time ever, the Hardware hacking Village (HHV) ║▐
║ Capture the Flag (CTF) competition was an official DEF CON ║▐
║ contest for DEF CON 31. The competition was a Jeopardy ║▐
║ style CTF, taking place over two days (Friday and ║▐
║ Saturday), 8 hours each day. Given that our CTF would be ║▐
║ announced around DEF CON, we weren't sure what to expect, ║▐
║ but we wanted to be prepared with content and support, so ║▐
║ our team grew by a few members, and we accepted a few ║▐
║ community challenges to be featured in the event. ║▐
║ ║▐
║ The competition featured a main challenge track, and it ║▐
║ continued the previous year's theme by adding to the lore ║▐
║ that HHV technologies (a fictional organization) had ║▐
║ released a new 'custom' microcontroller, the HHVDC31 (a ║▐
║ Raspberry Pi Pico development board hidden by a 3D printed ║▐
║ cover with orientation marker, partnumber, and date code) ║▐
║ specifically for driving electronic conference badges. As ║▐
║ outlined in the HHVDC31's datasheet, the controller ║▐
║ supports add-ons and now includes the Badgiimo protocol. ║▐
║ Badgiimos are add-ons for badge add-ons that can unlock new ║▐
║ functionality for a badge when plugged in. As hinted by the ║▐
║ name, the Badgiimos take inspiration from Nintendo's Amiibo ║▐
║ figurines, toy characters that unlock new abilities and ║▐
║ in-game items for select Nintendo WiiU, Switch, and 3DS ║▐
║ games. ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ A new custom CTF electronic conference badge was created ║▐
║ for the competition to host the Badgiimo challenges (and ║▐
║ other hidden challenges). Three Badgiimos were designed for ║▐
║ the competition, the Call Badgiimo, the Party Badgiimo, and ║▐
║ the Game Badgiimo. The Call Badgiimo changed the CTF badge ║▐
║ into a pseudo phone, participants can use the keypad ║▐
║ interface to make (fake) calls. The Party Badgiimo makes ║▐
║ the badge LEDs start blinking in a fast party pattern. The ║▐
║ Game Badgiimo, was available as another data point in the ║▐
║ competition, but didn't change functionality beyond ║▐
║ changing the 14-segment displays to show 'GAME'. ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ The Badgiimos had challenges associated with the ║▐
║ functionality they unlocked, but the greater challenge was ║▐
║ breaking the Badgiimo protocol to create a custom add-on ║▐
║ that triggered the functionality of the unreleased Uber ║▐
║ Badgiimo. Once plugged in, an add-on that authenticated as ║▐
║ the Uber Badgiimo would display a high-point flag for the ║▐
║ competition. ║▐
║ ║▐
║ Continuing the tradition of having a takeaway soldering ║▐
║ challenge, participants were given parts to build an add-on ║▐
║ for the bottom of the electronic badge to re-add features ║▐
║ that had been "accidentally" severed prior to the CTF ║▐
║ starting. Building this add-on was necessary for solving ║▐
║ the Call and Party Badgiimo challenges since they required ║▐
║ the use of the buttons and LEDs. ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ Lastly, the CTF badge contained a handful of interface ║▐
║ discovery/communication challenges. Hints were given in the ║▐
║ datasheet to point participants towards these challenges. ║▐
║ ║▐
║ I received humbling feedback from multiple contestants that ║▐
║ they had spent their entire DEF CON competing in the HHV ║▐
║ CTF (and did not regret it). While we've had relatively ║▐
║ large numbers of participants compete in our CTF over the ║▐
║ past few years, never has anyone spent their entire time ║▐
║ working on our challenges. We also saw an astonishing 60% ║▐
║ growth in participation. Every challenge was solved at ║▐
║ least once, except for one, so it felt like challenge ║▐
║ quantity and difficulty levels were appropriate. ║▐
║ ║▐
║ We had eight badges available for participants to interface ║▐
║ with, and that seemed to be too few. Often someone would ║▐
║ want to work on challenges, but there weren't any available ║▐
║ badges to hack on (all badges were set up as ║▐
║ first-come-first-served). It's expensive to produce the ║▐
║ hardware for the competition, especially since we don't ║▐
║ necessarily have sponsors, and that leads to limited ║▐
║ numbers of hardware we can provide. I hope to find a way to ║▐
║ relieve the bottleneck that physically-based hardware ║▐
║ hacking challenges imposes for next years' CTF. ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ More details about the DC31 HHV CTF can be found on the DC ║▐
║ HHV challenge website! ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
║ ║▐
╟┐ ┌╢▐
╟┐ ┌╢▐
║ Part hardware hacker, part creative technologist, and part ║▐
║ human-centered designer thriving at the cross-section of ║▐
║ engineering and design. ║▐
║ ║▐
║ Led to engineering through my love for music, art, and ║▐
║ math, I hold degrees in electrical, computer, and music ║▐
║ engineering. Following a stint in academia, I joined IDEO ║▐
║ as a senior electrical engineer where I contributed ║▐
║ creative problem solving and prototyping fluency to a ║▐
║ breadth of projects ranging from vehicles of the future, to ║▐
║ life-changing medical equipment, to innovative children's ║▐
║ toys. Most recently, I was at Delve and now Sundberg-Ferar, ║▐
║ diving deeper into engineering for production, and working ║▐
║ on bringing ideas and prototypes to reality. ║▐
║ ║▐
║ Outside of work, I enjoy creating rotoscopes and ║▐
║ illustrations, reverse engineering electronic toys, and ║▐
║ taking a break from screens by running, biking, and camping ║▐
║ in the great outdoors. ║▐
╟┐ ┌╢▐
║ -=≡≡≡≡≡≡≡≡ MS in Electrical and Computer Engineering ≡≡≡≡≡≡≡≡=- ║▐
║ School .... University of Delaware, Newark, DE ║▐
║ Grad year . 2012 ║▐
║ ║▐
║ -=≡≡≡≡≡≡≡≡≡≡≡≡≡≡ BEE in Electrical Engineering ≡≡≡≡≡≡≡≡≡≡≡≡≡≡=- ║▐
║ School .... University of Delaware, Newark, DE ║▐
║ Grad year . 2011 ║▐
╟┐ ┌╢▐
║ -=≡≡≡≡≡≡≡≡≡≡≡≡≡≡ Senior II Electrical Engineer ≡≡≡≡≡≡≡≡≡≡≡≡≡≡=- ║▐
║ Company ... Bresslergroup / Delve, Philadelphia, PA ║▐
║ Key roles . Developed embedded hardware for diagnostic devices ║▐
║ . Developed embedded firmware with precision-timing ║▐
║ . Designed for manufacturing ║▐
║ Years ..... Nov '20 - Apr '22 ║▐
║ ║▐
║ -=≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡ Senior Electrical Engineer ≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡=- ║▐
║ Company ... IDEO, Chicago, IL ║▐
║ Key roles . Specialized in rapid hardware prototyping ║▐
║ . Developed embedded and front-end software ║▐
║ . Designed human-centered solutions for clients ║▐
║ Years ..... Sep '14 - Oct '20 ║▐
║ ║▐
║ -=≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡ User Experience Intern ≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡=- ║▐
║ Company ... Shure, Niles, IL ║▐
║ Years ..... Summer '13 & Summer '14 ║▐
║ ║▐
║ -=≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡ Graduate Research Assistant ≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡=- ║▐
║ Company ... Univ. of Miami, Music Eng Dept, Miami, FL ║▐
║ Years ..... Aug '12 - May '14 ║▐
║ ║▐
║ -=≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡ Co-Founder and Shop Manager ≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡=- ║▐
║ Company ... Newark Bike Project, Newark, DE ║▐
║ Years ..... Oct '11 - Aug '12 ║▐
║ ║▐
║ -=≡≡≡≡≡≡≡≡≡≡≡≡ Undergrad/Grad Research Assistant ≡≡≡≡≡≡≡≡≡≡≡≡=- ║▐
║ Company ... Univ. of Delaware, Elec/Comp Eng Dept, Newark, DE ║▐
║ Years ..... Feb '09 & Aug '12 ║▐
╟┐ ┌╢▐
║ -=≡≡≡≡≡≡≡≡ Languages ≡≡≡≡≡≡≡≡=- ║▐
║ C, C++, Obj-C HTML, CSS Spanish (int) ║▐
║ Basic Assembly Javascript Japanese (beg) ║▐
║ Matlab Python ║▐
║ ║▐
║ -=≡≡≡≡≡≡≡≡ Software ≡≡≡≡≡≡≡≡≡=- ║▐
║ Adobe CC Autodesk Fusion Microsoft 365 ║▐
║ ║▐
║ -=≡≡≡≡≡≡≡≡≡≡ Other ≡≡≡≡≡≡≡≡≡≡=- ║▐
║ Screen Printing Bike Mechanic Furby Technician ║▐
║ Sketching Illustrating ║▐
╟┐ ┌╢▐
╟┐ ┌╢▐
╟┐ ┌╢▐
