DEF CON 27 has come and gone, and it was amazing to see folks get engaged with the badge, solving the challenges, having fun with the honeypots. We received lots of great feedback, and folks were very curious about the honeypot data. We had great conversations about what hacking actually happens at DEF CON, what kind of hacking can be expected, and we think there is enough evidence to at least partially answer that question. This post is going to serve as a bit of a wrap-up and post mortem. There were a few hidden Easter eggs thrown in during the development of the badge; those are explained below and, of course, a wrap-up of the on-badge challenges.
Note: For the initial post providing an overview of the features and functions of the DEF CON 27 Blue Team Village Badge overview, please visit Part 1 of 2
Continue reading
This post is part 1 of 2. Visit Part 2 of 2 for spoilers and behind the scenes info.
With the wave of low-cost PCBs and components, electronic conference badges are now pervasive. I decided to deviate a bit from our usual offensive security focus, have a little fun and build a mobile AP and honeypot which has now evolved to the DEF CON 27 Blue Team Village badge.
This is a short history and overview of the badge, which has been in the works for the better part of a year. The irony is not lost that while my focus most of this century has been on the offensive side of security, that this project has resulted in the official badge for the.. Blue Team Village. This page will be vague at times, as things are still in development and also to leave a few surprises for those who obtain a badge. However, it will be updated with additional information as we get closer to the conference.
Background
The idea for this badge started just before DEF CON 26, when I turned a small Linux based computer into a portable WIFI AP, with always-on VPN, network-wide ad blocking and an LCD screen for simple configuration. The goal was to serve as an AP that would provide VPN access to connected hosts while in a “hostile” (i.e. untrusted, hotel, airport, etc) environment. However, we were not very far away from adding honeypot functionality, so that was implemented on the plane ride on the way over to DEF CON 26, as is tradition. At this point, the devices had two modes, protected AP mode and honeypot mode. However, it wasn’t quite as portable as a wearable electronic conference badge. Thus, after a painstakingly large number of prototypes and revisions, the device slowly became more portable and evolved into a single PCB with screen, quite suitable for an electronic badge.
Continue reading
