Introducing the new bPod

we have our next talk for today a really great talk if you've been seeing this uh this badge around everyone's neck this is the guy that's done it Peter Ranken introducing the new B pod let's welcome him to the [Applause] stage okay this is a day that I've been looking forward to for 15 years because I had this idea when I finished up at Uni every once in a while a revolutionary conference badge gets released and bides Cambra has been fortunate enough to release a few of these into the wild in 2016 we released our first Electronics badge with the screen and buttons it also supported Wi-Fi and a live Twitter stream it showed what a conference badge

could be in 2018 we introduced the bus side and it didn't just change the way that we repurpose conference badges it changed the entire way the entire purpose of a conference badge in 2019 we went all out with Nostalgia trying to engage the hackers In This Very Room this also was the first badge that we incorporated a QR code scheme as a means of Network and interactivity and then our most recent one in 2022 we had our most advanced electronics badge that we've ever done and it showed how far you can go with a conference badge from an e in display some Wi-Fi capabilities buttons everything well today I'm pleased to announce that I get to introduce three

new products in this class the first a color screen badge with touch

controls the second a revolutionary hardware and learning [Applause] device and for the third a breakthrough hacking and CTF [Applause] challenge so what do we have we have a badge a tool and a CTF a badge a tool a CTF a badge a tool a CTF are you getting where I'm going with this these aren't three separate pieces of Swag that you get at this conference the this is one device one badge and we're calling it The B pod today bsid camra reinvents the badge and here it is this was actually the first prototype I did back in late 2021 this is the actual one that you have around your neck so before we get into the story of this badge let's talk

about a category of things called smart badges so when you go to conferences they'll have some LEDs maybe a screen a microcontroller some challenges and you know they might even have some utilities like some Wi-Fi scanning and things like that and the problem is is that sometime they're not so Advanced and they're not so easy to hack and let me sort of break this down in a business school 101 graph so we have the how easy it is for you to hack it and modify it and how many Advanced features it has on it and so most conference badges will sort of sit around about here where they have some LEDs and a battery but they don't

necessarily have a USB port or necessarily easy to program but then if you look at some of the previous badges that we've done they do have quite a few features and color screens and things like that but again they're not so easy for you to modify and hack they may not have the right USB ports may require custom programmers or tools or software well we don't want to do either of these things here what we want to do is we want to create a Leap Frog badge that goes all the way so that something that's easy for you to hack and modify but also has some Advanced features for you to use while you're here and that's

exactly where we want the B pod to land so how are we going to get here well let's break this down the first part part that we're going to need is a revolutionary user interface for you to be able to interact why do we need this and this comes from years of watching you hackers use our conference badges let's take a look all these badges they arrived at our attendees and they worked for the most part but the issue with these badges is actually in this part because when we order a large number of screens or mic controllers we hit issues we hit issues with Supply with the same screen having different internal Hardware drivers we have microcontrollers which

you can't use all the pins as gpos in fact on your B pod this year one of the LEDs doesn't actually turn on because there's an undocumented feature where you can't use pin 46 as an output the other thing is that if we do it without a screen and buttons and just do a console not everyone brings a laptop to a conference and so if you have to wait to get home to make use of it it's going to end up in a drawer or a cupboard and not see the light of day and we don't want that there is a single point of failure here where there's a chance that you won't be able to use

your badge as it was intended so how are we going to solve this problem well we already have it's called redundancy why don't we create something where we have both the onboard input output controls a screen and buttons but also have the console interface so if we can't get you a screen or the buttons don't work you can still use and interact with the device and so we take the concept of our previous Badges and we mix it together and we come up with this your B pod when it's hooked up to a computer and a Serial terminal the entire user interface and I mean the entire user interface down to the games is rep replicated in real time on the

console and this provides some very interesting use cases you can play the games on the B pod screen using the keyboard and mouse on your laptop likewise you can navigate the console window using our touch wheel it works flawlessly like magic so how do we get here well it starts with design and if you talk to the conference organizers the most important part is doing it on a budget because believe it or not if it's too expensive we just can't do it because we want the conference to run or maybe we do limited supplies where only some attendees get one we don't want that we want a controlled budget so that we can get this stuff into every single

person's hands at this conference so how do we do this we keep it simple a two- layer PCB with copper tracks just on the front and the back not like your GPU or motherboards at home that have 16 layers of copper in the PCB if you look at your badge all the surface mount components are just on one side this is so that as it goes through a machine it only has to go through once and that saves a manufacturing costs the screen itself is the only exception but that has to be Hand solded by the manufacturer anyway way we use Kad to design the badges and we're running a workshop in the hardware hacking Village on how to use kicad to

design your own pcbs and if we kick stick to the standard copper track widths and the standard hole sizes that bring the copper to the other side that also saves on manufacturing costs these badges are produced on what's called panels and they'll have multiple badges that then get cut out of it post assembly and if you have a standard small shape that also helps and the most critical thing about this year's conference is how to work around the Silicon shortage and for this we came up with dual microcontrol Footprints what do I mean if you look at the back of your badge we have the esp32 microcontroller this one and there's actually multiple variants of this exact

same microcontroller and the difference is how much internal flash if any is on there and how much RAM is on that chip and so we can already shift and pivot if these chips become unavailable or too expensive but we didn't want to risk it just on one chip so we implemented a cam footprint where you can put this PCB which has an esp32 in it as well but it means that we've got this away that we can get twice as many chips if we have a shortage or a supply issue this is all so that we can guarantee you a badge at this conference most important change this year we introduce our first badge with

USBC why did we do this because it is easy it takes two resistors and the connector to make it work with USB 2.0 speeds which is the same you get on the iPhone 15 base model and what does this give you well you can power your B pod off your phone or laptop charger that you brought with you to this conference laptops have USBC ports on it so you can power from there as well as easily get to the USB to serial console interface that I was talking about earlier and most importantly we're going to use the battery pack that you already have your phone the B pod can be powered with with the USBC to USBC cable

directly from your phone saving on E-Waste and cost for this conference most importantly as of a few weeks ago Apple users can also make use of this feature which brings us to a controversial topic we didn't just removed the headphone jack we removed the battery and the case and while there are many reasons for making these decisions environmental and so likewise we like to think of one major reason why we do this courage so we've got our design down pack pack Pat Let's uh have a look at the hardware how do we go from this idea of these drawings to a prototype something you can hold in your hands and so in Kad when you're starting a PCB you design a

schematic and you can get access to this through the bod update URL which has this image on it complicated but let's break it down we have a small section for the USB which provides data and power to the badge USB provides 5 volts the microcontroller the screen The Flash all require 3 volts so we need a chip to make that conversion from 5 volts to 3 volts we have a voltage in header on the board that you can use to attach an external battery pack that you can acquire from jar just a three triaa battery one or you can repurpose from your 2016 2017 badges a boot and reset button because it makes it easier for you to reflash

and recover your badge as you're experimenting with it it puts it into bootloader mode and it's the same way for an ESP Dev board as well we want people to learn and interact with the hardware if you go to the bod update URL you can see the link to download Arduino and the configuration for uino to be able to program your own software for the badge and we provide these LEDs for those who are just getting started being able to toggle your LED on and off with your own code is the first step we use only four gpios for that capacitive touch wheel that has the rotation and the clicks and we do this using some very clever software that as

you turn it on and use it for the first time it will self-calibrate for your finger which is why there's a slight delay and this means that it works perfectly regardless of how fat your fingers are and how you hold the

device we've chosen a safer route we've reused the screens that we used in 2016 and 2017 because we knew how they work and we knew that we could sort it out but we added in a backlight circuit and this is to protect the microcontroller supplying current directly to the backlight which can burn the chip so we have a little circuit here where a little bit of current coming out of the microcontroller through the transistor controls a large amount of current going through the backlight and then we have all expansion headers the shitty add-on header Sao for those badge addons that you might be sitting flowing floating around the conference the utility header that's for all the tools and if you want to do

expansion might also be interesting for those who are doing the CTF challenge we have the program header for the esp32 but I should note that the whole badge can be reprogrammed through the USB port and so you don't actually need to use this and JTAG provides debugging capabilities but I must point out that JTAG is not required to complete compete in the CTF but you can use it we have external flash and external RAM and this is because we chose the cheapest variant of the esp32 S2 which doesn't actually have flash on board so we have a separate part here for external flash to keep the cost down when you use these chips they often

require an external clock signal and this is what ticks the microcontroller on to do operations now while it's easy to find a 40 MHz Crystal on the supply websites it is difficult to figure out what capacitive values to use to calibrate it and so a big shout out to my friend Josh up in the hardware Village who helped me uh come up with these formulas that we provide to you so if you ever have to do this you've got a starting point and coming back to the point that we have dual microcontrollers for redundance to protect us against supply issues and cost and so after we've done that we have a schematic and in kicad we then

move on to PCB design the workshop that we're running in the hardware hacking Village will take you through these steps in kayad to design your own pcbs and it's not black magic it's not reserved for the elite it's just a matter of trial and error and making your own pcbs making mistakes and learning and it's perfectly fine and I still do it and we believe in the right to repair as well on the afternoon of Saturday after the CTF are finished we will be making all the Kad files available the schematic the PCB files the ordering files we will be making the source code fully available so that you can order build change reprogram repurpose your

Hardware the way that you see fit as has right to repair intends it to be and then we get to software and for me this is the most important part because without great software these devices are going to end up in the drawers and cupboards of hackers everywhere and we want to help people use and repurpose what they own for their own intentions so how do we get from Hardware to hacker engagement your badge comes with a Wi-Fi chip oh sorry Wi-Fi built into the es32 but we actually don't utilize it for this conference but you are welcome to reprogram your badge to do so and the reason is that putting Wi-Fi in the hands of 3,000 hackers is not the

greatest idea on the planet so instead we opt to use things like QR codes to help people use the internet connection they already have on their phones and on software looking at the utilities that we give you each of your badges is a full USB to serial device and this is important because you can use your bod badge to interact with your old router your old fridge your old camera all these iot devices will have some kind of Serial header in it and you can cck open in the back and find it you can then use your B pod to interact with that serial port and potentially get a root console on the hardware that you

already paid for we provide tools for working with i2c and i2c is a multi slave bus protocol and so i2c detect helps you discover the addresses of those random chips flash chips screens that you have lying around from other conferences so you can then use them in your own project projects and we provide sniffing tools for ITC and SPI we have a limited very limited number of gpro expanders in the hardware Village that you can actually use the badge to interact with and so you can actually work through the process of wiring up i2c and SPI and learning more about it all the information that you need to do this is actually in the tool

section of your B pod and if you don't get around to it you can go online and buy these parts they're like less than $5 each and then you can experiment and start doing it an i2c and SPI is the backbone of PCB Communications it's what helps a microcontroller or processor talk to flash angle sensors Gyros screens SD cards support SPI communication and then for the CTF we have the usual candidates and so already we've seen a lot of people compromise the security of our products and that makes us very happy I should note that in order to be the successful winner at the end of the day you will need to show the badge and

the serial number as you get called up to the stage but then also we have embedded and worked closely with the cybers to give you a revolutionary CTF experience and I will tell you more about this except I don't want to give too much away most importantly we actively choose not to do code signing or bootloader locking on your badges because while this would make for an exceptionally great CTF challenge that would only be fun to do for the first two days of the conference and then it's harder for everyone to repurpose their devices and if you want to lock your uh bod down and Implement code signing esp32s websites have got heaps of information and documentation

about how to implement code signing and so because of this your device is now hackable we also provide the ability to update your B pod for the first time and so if you go into the settings menu and you look at the QR code it has a python script a single file that can be used on Windows and Linux maybe Mac that can be used to reflash and recover your badge so you can feel free to experiment with Arduino and put your own firmware on it it'll also give you the latest schedule that URL also has the schematics where to download Kad where to download Arduino and how to program the badge so all the information for you

to get started on your Hardware hacking Adventure is right there and then how do we get to production where it's in the hands of all of you fine people here from a few to 3,000 we go through prototypes and the first prototype that you see there in blue is literally us just dumping all the parts onto a PCB and finding out what doesn't work and how to make use of the new things that we want to put on there and hence why there are lines running across because there are lots of mistakes made at this stage as you will make when you first start ordering your pcbs our second prototype the one in black here this is where it's good

enough to start developing the source code the software the hacker engagement that we want but we still have made mistakes you can see the header on the side is sort of buried behind the screen and the chips that we chose for this became too expensive and unavailable and so we had to Pivot and then finally we have this final prototype in purple and at this stage We'll order about 40 or 50 of these devices to check two things one we as Hardware designers did we make mistakes and two PCB way the company that we go through have they been able to reproduce our design that is functional on multiple Parts because the last thing we

want to do is hit the button and pay the money for 3,000 badges that don't work on arrival and so we get to this ordering uh phase and my good friend Josh up in the hardware hacking Village put together this flashing jig that we were going to send to PCB way so that they could manually Flash the badges but we didn't need to do that and I'll get to that in just a second to order from any PCB manufacturing website you need to provide them with Gerber and drill files this tells them where the copper tracks are going to be and how the PCB is going to cut out and that is sufficient to get

a board made for you without components on it it and Kad can export these and there's tutorials and instructions on pcb's website on how to do this if you want assembly like we do CU we don't want a hand solder uh Parts the size of 1 mm across you supply them with a bill of materials which tells them what parts you want them to get for you so you don't have to ship it to PCB way they can Source the parts for you and a pick in place which is just a coordinate file so their machines know where to go on the PCB and drop and solder the parts onto and for this conference if you

don't want to burn out your volunteers having them flash 3,000 pieces of Hardware which by the way I've done the past which took 30 hours of my life from me you supply them with a firmare image we sent our manufacturer PCB way a 2 megabyte image of exactly how the flash would be laid out out and then they sent that to their flash chip supplier who pre flashed the bod firmware onto chips before they even arrived to be sold it on and at this stage we should be good we've got the parts we put our order in for 3,000 and they're just shipping to us we're done right no we are so not done there are delays in shipping and

not just delays in shipping the manufacturer can have lead times on Parts where if some companies decide to release a smart light bulb and buy up all the chips that they need for that all of a sudden you can be hit with a six-month lead time because the chip is unavailable Customs they can confiscate the 3,000 badges that arrive at the border and then ask us to pay money and if you don't believe me on this in 2019 when we did the NAIA badge Echo who developed the hardware did such a good job of that PCB that customers believed that it was a legitimate mobile phone motherboard and they charged us accordingly and finally if we overcome

all these hurdles there is just one more we've had boards that arrive at us that are missing solder where the manufacturer hasn't put the screen on correctly or aligned it properly and we've had to go through as volunteers and fix up each and every one of them and then we pack them and they arrive in your hands and I'm so grateful to see that everyone has got one and that they are working because this was the Inception that we have for this conference every single year and if I could just say one more thing if you want to know more try and hit me up during the conference you can also contact me on these are contact

points I guess um and yes on that gitlab we will make the badge firmware and all the files available at the end of the conference thank you very much for your time and please enjoy the [Applause] conference yeah yeah do we have any questions for Pete uh wave your hands vigorously in the air if you want to ask a question we've got a question over on the this left side at the back of the front just over there wave your hands and go over there thank

you hello hello um how much was the cost of the Prototype board you put together are they more expensive than the uh uh final product the prototypes that we make are definitely more expensive because they're in low volume and so because we don't have the economy of numbers at that stage and this is the same so if you're doing your own pcbs and assembly you'll probably get them in quantities of five and for that they will charge more for the parts and the assembly but then once you get to scale at 3,000 then you get access to more affordable options there any other questions at the front or at the

back thank you look I think that'll be it let's thank Pete one more time for an amazing

badge