BCOS Monero Village - We Program Our Stinkin Badges
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Title of Series | ||
| Number of Parts | 322 | |
| Author | ||
| License | CC Attribution 3.0 Unported: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
| Identifiers | 10.5446/39799 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | |
| Genre |
DEF CON 26180 / 322
18
27
28
40
130
134
164
173
177
178
184
190
192
202
203
218
219
224
231
233
234
235
237
249
252
255
268
274
287
289
290
295
297
298
299
302
306
309
312
315
316
00:00
NumberSource codeDifferent (Kate Ryan album)NeuroinformatikSubsetConnected spaceComputer programmingCASE <Informatik>Connectivity (graph theory)Office suiteSimilarity (geometry)InternetworkingWeb pageOnline helpComputing platformGroup actionMultiplication signOrder (biology)BitRight angleHacker (term)Lecture/Conference
03:02
Source codeDebuggerExecution unitSoftware testingIntegrated development environmentDirected setComputing platformMicrocontrollerComputer programmingSoftwareComputing platformNeuroinformatikUtility softwareComputer programmingSoftwareDistribution (mathematics)Multiplication signMereology1 (number)Limit (category theory)Suite (music)2 (number)Computer animation
04:36
Computing platformSource codeIntegrated development environmentSoftware testingExecution unitDebuggerDirected setWindows RegistryDistribution (mathematics)Type theoryAxiom of choiceNeuroinformatikPlug-in (computing)Structural loadCodeRight angleConnectivity (graph theory)Source codeText editorProjective planeJust-in-Time-CompilerMicrocontrollerMicroprocessorWhiteboardWeb 2.0Generic programmingData storage deviceComputer configurationDifferent (Kate Ryan album)AreaProcedural programmingGroup actionComputing platformSurfaceIntegrated development environmentRoundness (object)Computer programmingRoutingExecution unitShape (magazine)Square numberChaos (cosmogony)CircleState of matterSet (mathematics)Game controllerCartesian coordinate systemFactory (trading post)Food energyCASE <Informatik>Arithmetic meanBitDrill commands2 (number)
09:58
Source codeIntegrated development environmentSoftware testingExecution unitDebuggerDirected setComputing platformCloud computingOrdinary differential equationTelecommunicationNeuroinformatikFactory (trading post)State of matterSoftwareWhiteboardType theoryRight angleComputer hardwareLaptopFirmwareComputer fileWeb browserComputing platform
12:10
Source codeComputing platformExecution unitSoftware testingIntegrated development environmentDebuggerDirected setMicrocontrollerComputer programmingSoftwareView (database)Computer fileStack (abstract data type)Lemma (mathematics)Type theoryTouchscreenError messageInstallation artComputing platformBitElectronic program guideHidden Markov modelMessage passingComputer animationProgram flowchart
14:31
View (database)Computing platformComputer fileOpen setInstallation artText editorComputing platformOpen setBasis <Mathematik>InformationArmData miningIntegrated development environmentWebsiteTouchscreenComputer architectureGroup actionInstallation artoutputRight angleCASE <Informatik>Source code
17:52
Drum memoryComputer hardwareNP-hardMusical ensembleComputer animationSource code
18:56
Open setComputer fileSoftware engineeringComputing platformSoftwareMicrocontrollerComputer programmingSource codeDebuggerExecution unitIntegrated development environmentSoftware testingDirected setIntelCNNMaizeProcess (computing)Web browserSystems engineeringError messageArithmetic meanLarge eddy simulationGamma functionOrdinary differential equationLink (knot theory)TouchscreenRight angleSource codeComputer animation
19:50
Source codeEncryptionComputer configurationIntelDirected setInformationFormal languageOvalComputer animation
21:08
Directed setSource codeEncryptionComputer configurationOrdinary differential equationComputer programmingSoftwareMicrocontrollerComputing platformOpen setComputer fileView (database)Installation artTouchscreenRight angleOpen setOnline helpBitoutputInstallation artType theoryComputing platformMenu (computing)Electronic program guideSet (mathematics)Computer animationSource codeJSON
22:30
Installation artOpen setComputing platformTime zoneMusical ensembleElectronic program guideComputing platformArmAreaMilitary baseSet (mathematics)1 (number)Integrated development environmentProgram flowchartSource code
23:59
Computer fileView (database)Computing platformOpen setDebuggerCartesian coordinate systemKey (cryptography)Right angleDigital electronicsFood energyPlastikkarteRadio-frequency identificationLogicPower (physics)CASE <Informatik>Radical (chemistry)Computing platformSource codeIntegrated development environmentLoop (music)Source code
24:59
Computing platformComputer fileInstallation artGreatest elementoutputTable (information)PlastikkarteRight angleWhiteboardModule (mathematics)Web page1 (number)Library (computing)Digital electronicsGame controllerMoment (mathematics)Exception handlingBitAnalogyType theoryMilitary baseData storage deviceDivisorComputer configurationComputing platformDigitizingInformationBasis <Mathematik>Source codeProgram flowchart
26:47
Computer fileView (database)Computing platformAreaPlastikkarteCountingDigital electronicsCASE <Informatik>Library (computing)Moment (mathematics)Connected spaceMultiplication signData storage deviceComputer configurationGreatest elementProgrammer (hardware)Computing platformBitSource code
27:38
Computing platformNumberComplex (psychology)Library (computing)Visualization (computer graphics)PlastikkarteInterface (computing)DistanceIntegrated development environmentComputing platformSpacetimeMultiplication signElectronic mailing listCartesian coordinate systemMetrePlug-in (computing)Connected spaceFilm editing1 (number)Address spaceRight anglePhysicalismFunctional (mathematics)Different (Kate Ryan album)Computer architectureSource codeProgram flowchart
28:35
Computing platformMIDIComputer fileWhiteboardSoftware testingOnline helpProjective planeoutputPlanningMultiplication signPersonal identification numberDirection (geometry)Computing platformBitFunction (mathematics)Parameter (computer programming)Data storage deviceBlock (periodic table)Source codePosition operatorConnected spaceLink (knot theory)32-bitAngleFilm editingConnectivity (graph theory)Data structureComputer programmingOrder (biology)MicrocontrollerComputer fileLoop (music)Software frameworkNumberInformationClosed setType theoryPatch (Unix)MereologyNeuroinformatikCASE <Informatik>Level (video gaming)Different (Kate Ryan album)MultiplicationContext awarenessTouchscreen1 (number)EmailSource code
34:39
Computer fileComputing platformView (database)Execution unitBitAsynchronous Transfer ModeUniform resource locatorLibrary (computing)Software testingProjective planeSoftware frameworkDefault (computer science)AreaMultiplication signBriefträgerproblemAdventure gameGoodness of fitLoop (music)Utility softwareComputer fileBuildingSource code
36:21
Computing platformComputer fileView (database)Source codeRight angleSoftware testingWhiteboardProgram flowchartSource code
37:18
View (database)Computer fileComputing platformComputer fileAsynchronous Transfer ModeProjective planeSystem callLetterpress printingRight angleSource codeComputer animation
38:11
Order (biology)Digital photographyWhiteboardCrash (computing)Physical systemCAN busProxy serverComputing platformComputer fileView (database)SoftwareMicrocontrollerComputer programmingElectronic data interchangeRight angleMusical ensembleProjective planeComputer animation
39:43
Computing platformComputer fileWindowDirectory serviceOrder (biology)VideoconferencingSoftwareMicrocontrollerComputer programmingFlagEmailOvalComputing platformProjective planeRight angleoutputSource codeComputer animation
40:39
Function (mathematics)Digital signalLoop (music)View (database)Computing platformComputer fileOpen setSoftware testingPrice indexElectronic mailing listOnline helpBuildingComputer fileConfiguration spaceIntegrated development environmentSource codeComputer architectureWhiteboardBinary codeRevision controlComputer clusterPersonal identification numberArithmetic meanEmailCompilerSource code
42:40
Function (mathematics)Digital signalTerm (mathematics)Data structureHash functionComputer fileFirmwareRevision controlASCIICache (computing)Flash memoryComputer clusterCommunications protocolFactory (trading post)Computer fileRight angleLogicProgrammer (hardware)OscillationComputer programmingHexagonInterface (computing)Connected spaceMicrocontrollerComputer hardwareError messageType theoryDreizehnBinary codeFirmwareComputer animation
45:27
Flash memoryCache (computing)Configuration spaceFirmwareRevision controlASCIIInternet service providerDependent and independent variablesWhiteboardNeuroinformatikSerial portBitProgrammer (hardware)Computer configurationPower (physics)Multiplication signGreatest elementMicrocontrollerDirection (geometry)Source codeComputer animation
47:28
Internet service providerConsistencyAsynchronous Transfer ModeSynchronizationDependent and independent variablesFirmwareFlash memoryComputer configurationElectronic signatureRead-only memoryoutputIntelReading (process)Computer fileWritingTerm (mathematics)Computer fileGreatest elementSource codeSource codeComputer animation
48:26
Computing platformMaxima and minimaLoop (music)MathematicsGreatest elementComputer programming
49:27
outputIntelFlash memoryFirmwareRead-only memoryComputer fileWritingReading (process)Computer programmingInterface (computing)Computer fileProgrammer (hardware)Computing platformComputer configurationDefault (computer science)WebsiteProjective planeNeuroinformatikComputer architectureProduct (business)Point (geometry)ResultantNumberRight angleBitSource codeComputer animation
52:21
Computer configurationIntelDirected setEncryptionSource codeRegular graphWhiteboardInterface (computing)Open sourceWhiteboardInterface (computing)WritingComputer programmingData storage deviceType theoryEmailPersonal identification numberProgrammer (hardware)Axiom of choiceGroup actionSpring (hydrology)Tracing (software)Connected spaceHypermediaMetreExterior algebraTap (transformer)Point (geometry)MereologyComputer animation
55:22
FirmwareoutputIntelFlash memoryCuboidHexagonoutputMereologyPay televisionGraph coloringBoss CorporationUltraviolet photoelectron spectroscopySource codeEndliche ModelltheorieSampling (statistics)WhiteboardMultiplication signOrder (biology)1 (number)NumberComputer fileComputing platformWebsiteWritingSource code
58:19
WhiteboardRegular graphInterface (computing)Macro (computer science)Source codeDirected setIntelComputing platformOrder (biology)Library (computing)NeuroinformatikTelecommunicationTable (information)NumberTouchscreenInformationDistanceDifferent (Kate Ryan album)MetreException handlingFood energyCASE <Informatik>Connected spacePhysicalismPlastikkarteInterface (computing)Source codeLoop (music)Data storage deviceRevision controlRadio-frequency identificationDigital electronicsCartesian coordinate systemGame controllerRight angleMicrocontrollerEPROMBitMoment (mathematics)Profil (magazine)Address spaceDivisorSequenceConnectivity (graph theory)LogicFilm editingMereologyPower (physics)SpacetimeGoodness of fitLimit (category theory)Computer animationSource code
01:05:34
Table (information)MicroelectronicsComputer programmingBitMultiplication signPlanningCASE <Informatik>Order (biology)Position operatorSource code
Transcript: English(auto-generated)
00:00
So there, yeah, a few things that I had planned to have devices for all of us, the programming devices didn't work out. The source code is not online yet either, so we have a few inadequacies to work around, but we are hackers, so we're excellent at producing workarounds when we need them. I think success is defined by we have a badge, we want to program
00:25
it, and we understand the workflow, right? We kind of understand what we have to do maybe in the office at home if we want to change the behavior of our badge and a number of other similar devices because it's a similar workflow. Now, there's going to be, I'm going
00:43
to show a few tools, and we don't have a full day, we have an hour, an hour and a half, so these, the tool set I'll show is a very small subset of what's possible. This is always the case where there's a lot of different tools. This is just the way I'm doing it, and please feel free to ask if you think there's a better way or a way you
01:05
prefer. I might know about that. I can help you out. Before we get started, it might help to distribute badges to the people. If you haven't purchased a badge and you would like to, in order to program it now, if there's a small group that wants to do that,
01:22
I think we can handle that quickly. Is there anybody who still wants to purchase a badge? Okay, so there's one or two people. That's fine. In the meantime, because this will take a few minutes, you may want to download, well, first of all, if you haven't
01:43
got an internet connection set up, it's, yeah, you'll need to download some things. You can quietly, passively observe as well if you prefer, or if you don't have your computer with you and you just have a phone, it's fine. You have fun with that as well,
02:01
but there will be a hands-on component to this workshop, and it's over an hour long, so we have enough time to do that. What we will be downloading, this is my preference at least, it's called Platform IO. I don't know if I can make this bigger. I'll try.
02:24
Yeah, that seems to work. Well, the title bar doesn't get bigger, but the URL is simply platform.org. So you want to maybe read through there a bit, and you want to learn how to download and install it. What it really involves is downloading Atom, but it's
02:47
all on the page there for installation. And while you do that, I think we'll just take care of the one badge that we still have, need to get set up, and I'll turn the microphone
03:00
off. Yeah, there's going to be two things that we, that if each of us want to individually program on our own computers, we'll need two things, two new things that you may not have yet. That's this Platform IO, and there's a command line utility, it's called avrdude.
03:27
So this is how I installed avrdude. I know I'm getting too far ahead, but for anybody who's quite advanced, I don't want to get you bored, and so, well, first of all,
03:41
let's do a search. If you're on a DPKG style distribution, then you use APT or something. Obviously the RPM ones are yum, zyper, and so on. AbdK, so we can search for avrdude.
04:03
So it's kind of running off the end, but I think it's clear enough. This is the other, so this is not Platform IO, this is the second software, piece of software that I'm talking about, which is part of our suite or our workflow. So we will need Platform
04:21
IO, and we will need avrdude. And both of these two pieces have alternatives, but with a limited amount of time, it's going to be kind of a demonstration using the tools that I've been using before. So having said that, a short explanation of what programming
04:41
means and how a badge starts out. So imagine, in fact, you can see that three of these badges, there's four, three of them are lit up. That's because there's a microcontroller controlling the LEDs and doing things with them, turning them off and turning them on
05:00
in succession to create this animation. That's a program that's running on the MCU, just like a program could run on an MPU, a microprocessor unit. This is a microcontroller unit, and one of the big differences is that the storage of a microcontroller unit is
05:23
directly in size, embedded inside the plastic housing of the chip. So this is what some people refer to as on-chip debugging or on-chip programming. It's a very different procedure as what we have with MPUs. Question?
05:51
Right. So Adam is what you'll probably choose. Adam is a generic web editor, which I think
06:01
what is it? JitHub uses or what? Is that right? JitHub kind of develops Adam for general use to, yeah, it's an editor, and the beauty of Adam is that you can load plug-ins, components on top of that to make it a full-fledged IDE, for example, which platform IDE is. That's
06:21
what they're using for it. Now, I assume that if it gives you a second option, VS code or whatever, that you can try that as well. It sounds like a more Microsoft-style type of thing if you want to experiment with that. If you have a Microsoft distribution
06:40
running on your computer, maybe it's a better choice. I'll try to help, but I don't have any experience with Microsoft. In any case, so back to what these microcontrollers are doing with the lights, so they're controlling the lights in a very simple way, turning on, turning off. That's what a microcontroller does. When I receive them from the factory,
07:02
I receive them on a reel like this, and there are a thousand or a thousand five hundred microcontrollers on there, on these little chips, right? Then I place them on these boards, solder them so that they are, yeah, soldered onto the board. As soon as I flip the switch and turn it on with a battery or an energy source, basically nothing
07:24
happens because the factory does not know if I'm controlling lights or if I'm detecting a door that opens or if I'm measuring voltage or measuring temperature. They just have no idea what my application is, so they arrive in an empty state. That's kind of
07:40
what would happen if I turned it on. This one here is not lit up. It simply wouldn't light up because there's no program inside, and that's what this workshop is about, to find a way to get our own programs inside the MCU so that when you turn them on, it does what you want. Question? Yeah, it's not relevant, but I like the question.
08:14
It's not. So the question is, how do I, I think it's kind of personal, how do I start to design a new badge? This, okay, well, I'll give you a very practical answer. I'm designing
08:27
badges for a quite well-known cryptocurrency conference in Europe, which will take place in October. I don't know if they want me to announce this because their badges will control entrance, and it's quite expensive, so they probably don't want people to know how to knock off the badges.
08:46
And so this is a full set of requirements that they're giving me. They're asking me questions about are they able to change the shape, can there be circles, can there be route-outs, can there be squares, and these are all questions I have to answer. I won't get too far into it,
09:02
but for example, the route-outs need to have round edges because what they're doing is sinking a drill a bit into the PCB and then going around and removing surface area. So there's always going to be a round area. These are the kind of things you talk to customers or groups or co-workers, colleagues, project people, and that's kind of how I get
09:28
started. And then usually there's a lot of chaos involved. And then how cheap can I get the LEDs? Oh, they're only green, but I don't like that, but then, you know, trade-offs, okay, cheapness, wrong color, whatever. You know, I don't have any better answer than that.
09:45
Yeah, so we'll see. There's going to be plenty of other badges involved in it. So, right. That's what happens when I get these MCUs on a big reel from the factory.
10:02
They're empty. I put them on the board, solder them, and then I need to program them. That's what everybody needs to do. And not everybody is producing hardware, but this is relevant for anybody here if you want to change the behavior of the MCU, because they're not locked down or anything. You can just erase them so that they're factory state again or overwrite
10:23
them with your own firmware. This is not called software. Software would be if you connected a USB cable to this, and there was USB communication to your computer, and then you opened up a web browser or something and then had some type of software,
10:41
host software running. A lot of people believe they're running software on the badge or the wallet or something else when it's really only running on the notebook, and that's software. What's running inside the MCU, this little chip in the corner, that's firmware. It's
11:01
important to know that distinction, right? Okay, so I don't see too many computers, but that's fine. We'll get started with a quick demonstration, and then I think whoever is following along and trying to do hands-on, we'll slow it down then, and I'll pay some individual attention to try to get things working. Does that sound okay? There's kind
11:24
of one or two. I think there's two computers in the room. All right, that's fine. Okay, so the first thing is a demonstration. I'm going to show how to change the behavior of, let's say, I don't know, I'll take this corner one down here. So I will change
11:46
that. What we have so far, okay, so let me just, let me create a new file. I have already downloaded Node Platform IO and installed it. So when I, can we see this? Right. So
12:13
when I type Adam, you can't see that on that screen. If, okay, so if I did this,
12:34
then I would be presented with Adam's screen. This is kind of the first thing I always
12:43
see, an error message. That's how it looks when you've installed Platform IO. Now, I'm a bit concerned. I think I have two copies of Adam running. I'll try to get rid of one of them so I'm not using unnecessary. Yeah, there's two there. All right, so now
13:12
we have one only. I think you have Adam as well. Have you found a way to install
13:22
Platform IO on your Adam? Okay, but it's working. No questions about it yet? Okay,
13:41
it's a package that you need to search for, I believe. I believe it's, let's see, there is something up here, packages. This is Adam and how to, not sure, I myself have
14:15
forgotten how this works to install more packages. Welcome guide, I think that's it,
14:33
yeah. So once you do see the first screen, you can install a package here. Open installer,
14:43
search packages, Platform IO. The first step is this Platform IO IDE and all this does
15:21
is allow us to edit a new program and compile it. Right, we compile it to the correct architecture, which is not Intel or AMD or ARM. In this case, we're doing Atmel AVR 8-bit. So that's the first thing that we're trying to do, that's what we're using
15:42
Platform IO for. Right, and so once you have the Adam editor installed, what I just did helps you find the Platform IO packages and that's how you can install it. Mine just says uninstall because I already have it. I think there are two here to install,
16:02
but that's all in the information of that Platform IO website where it explains how to install it. Did you get so far? Have you had any problems? Tomorrow, yeah. It's the other
16:26
way around, Adam is the basis. Exactly. What's the question? What? I don't think so.
16:46
No, no, no, you don't have to register anything. I know that Platform IO, they optionally, I think there is some method to register, but I've never done it. So I don't think it's needed. Did you try the searching for packages inside the Adam
17:04
editor the way that I did this? That may be the distinction. There may be many ways to use Platform IO and I know that it's a very small group. I know the guy doing
17:21
that. No, he's in Europe. He wasn't invited to the village, but he couldn't make it.
18:58
Okay, we're back there. I'm just trying to find this link. This is interesting.
19:18
There we go. Okay. Oh, here, that's my screen there. Okay. All right. Okay.
21:33
So I already have my Platform IO set up. I'm just going to do this as a demonstration while they're still getting set up so that everyone knows a bit about how this is supposed to work.
21:46
I searched from the help menu has a welcome guide and in the welcome guide there is on the right, at least for me, there is install a package and under that there's open installer.
22:10
Yeah, and at the top of that you can search for platforms. Just be careful to type return after your text because otherwise it doesn't search automatically. All right. So I'll remove
22:26
the settings and the welcome. I don't need the welcome guide. Okay. So Platform IO. What I'm
22:46
interested in is making sure I can compile for the Atmel AVR 8-bit ISA, the instruction set, which is what we're using with these MCUs because these MCUs are not ARM based.
23:03
They're not made by Texas Instruments. They're not Intel, et cetera. They are from Atmel and they use AVR 8-bit instruction sets. So I'm going to look for platforms, I think is the correct area here. And for whatever reason, the first one that comes up is Atmel
23:26
AVR because it starts with A, I believe. It's maybe alphabetical. And just to show you if you're curious what else is available, there are expressive, there's I think these are all the ones I have installed. So there's not many, but it's okay. Yeah, I think there's
23:48
two that you need is a platform IO dash IDE and platform IO. Let me just show you the ones that I have. So I have platform IO dash IDE and it's possible that by simply
24:23
installing platform IO dash IDE, it will install the dependencies as well. If that doesn't happen and you suspect that something is not behaving correctly, then you will see that I also have platform IO dash IDE dash terminal. Yeah. I'm not sure if it's
24:44
needed or not. You can test and try on your own. I just have those two. Right. So what I was doing just a minute ago is, okay, I'll give you a short one minute tour.
25:00
If I click on boards here, it's probably going to show things like Arduino, like booster pack, like, well, let's see, it's got bitsy. There's quite a lot here. Our adafruit, whatever blue fruit micro, there's 96 boards and there's just quite a lot of things. I mean,
25:24
15 to a page. We can do a thousand though. Let's do a hundred to a page. And alphabetical again. So there's lots of adafruit. Arduino must be the next one. Exactly. So there's Arduino do it, blah, blah, blah. There's lots of boards. You get the idea what a
25:42
board is defined as in the platform IO world. And at the bottom, there's a BBC micro bit, for example. I think some of you know what that is. As far as libraries go, if I click on that in platform IO, it's going to give me options to load libraries to control serial
26:01
buses like I squared C or maybe temperature modules which work on digital basis or analog. These are all the libraries. So we have sensor libraries, control libraries, et cetera.
26:21
Let me just see the ones I have installed to give you an idea. What, I have none? That's impossible. What's built in? So Esplora, ethernet, GSM, these are the type of libraries.
26:44
So we've taken a look at boards, libraries, devices at the very bottom. Oh, devices is simply what platform IO has detected is connected to your computer. So if you have a USB connection, serial, or I don't know what the other options are, I guess over ethernet,
27:04
those are the devices that it tells you you have connected. Possibly if I connect my programmer, it will detect that. Let's just see if that's the case. Refresh. I
27:23
didn't work. Okay. Well, I'm not going to spend time with that anyway. The very last of all of these areas which make any sense, I mean, we've seen the home already. And the count, I don't have an account. It's not needed. The very last that I've shown
27:41
is now the platforms. And as I mentioned, there's a few here, Tine, Teensy, Espressif. These are the ones that I have installed. There are quite a lot of others. And Admiral AVR is the one that we need to use to program these badges because that's the architecture and instruction set. So I hope that's clear enough. So this
28:06
is kind of very complex IDE that gives you a lot of features and functionality. It's definitely more than the Arduino IDE, although you could use it as well. We don't have enough time to do every IDE in the world in Visual Studio and whatever else. You can
28:22
probably find a plug-in for that as well. But we're going to stick to Platform.io. I like it. And so here there will usually be maybe some, let's see what it gives us. Sometimes we get examples and things, AVR8 and 32-bit MCUs. Here, examples, for example.
28:49
And under Boards, it tells you what boards are using the AVR8-bit and 32-bit instruction set. What I like to do is go right to Examples. You see that here? It's kind of hard to
29:02
see at an angle for all of you. But if you take a look at Examples, you have a few different ones, like Arduino Blink is this one. You can choose that, but you can choose a lot of others as well. Arduino Blink is good enough for us. And you can kind of see the style of the things you need to do. This is not so interesting, the INI
29:26
file. Let's see all the files we have. This one may be good. So this is kind of, this is all there is. So that makes it a great first-case example. That's all you need
29:40
to program and type. And just like all Atmel or at least Arduino framework programs, you have a setup block and then a loop block. The setup just does things one time, and the loop will obviously loop. This is kind of the way microcontrollers are made to work.
30:04
And if you look at the source code there, it's kind of small, but I think you can see it well enough. It's very simple. It does a delay so that your blinks are separated by a delay of some amount. And the digital write is simply setting a voltage on a GPIO
30:21
pin, which in this case is the LED built-in pin somewhere in a header file that's defined, I think, as pin number 13 or something. And you set it as high, and okay. So that's really very clear and easy. And that's similar to what we're doing here on a very basic level. There is a couple problems. This is not so intuitive, but if
30:48
you take a close look at the badge, you count the number of contacts on the MCU. There are eight. Now, two of those are immediately used for the ground plane and the voltage
31:03
pin. So you have six left. Because there is a button connected to that, a tactile switch, that will take up one more, and you have five possible inputs and outputs, GPIO, general purpose input in or out. So with five contacts, you're trying to drive 16 LEDs. And if
31:25
you look at the structure of a program, you apply a voltage to one pin, and it turns it on through the high parameter, or it turns it off through the low. So you do that to five different LEDs. And all the other 11 LEDs, you wouldn't be able to touch them.
31:42
There would be no direct connection to the five contacts on the MCU. So it's been a long time since this problem has been solved. And basically, it's a multiplexing problem where you want to have more than one input or output for one contact on the MCU.
32:03
And it's called charlieplexing. I can't remember why. Maybe the person who solved the problem for the first time is named Charlie. I don't know. Does anybody know? Anyway, so that's what we're doing here. We're doing charlieplexing. So we're connecting multiple of LEDs with a resistor in between. And it's a bit complicated and not worth
32:25
mentioning in detail. But this is what we're doing. We're just doing it in a more complex manner so that we can control more LEDs with the small amount of contacts we have from the MCU. So what should we do? We could compile this. And if we're really lucky, this LED, which
32:49
is defined as LED built in, would map to one of the LEDs which I've chosen. I'm actually quite curious because I haven't tried this. I mean, it's a 50-50 chance. It's a less
33:03
than 50-50 chance, but let's try it. So to compile this, how do we do that? Somewhere there must be, I've kind of forgotten from the examples, how to compile. How do we do that? So I'm just going to cut and
33:28
paste, I think. That's too much text. Let's just imagine that for the first time we're
33:45
getting exposed to a new platform. We don't know how it works. So I'm just going to create a new project. I've totally forgotten how. Okay, let's go back home. New project
34:09
here from the home screen project name. Def contest board. And we will do, what is the
34:32
correct board name here? I'm going to cheat here because there is, the board is called
34:42
AT Tiny. We're still in demonstration mode, so this may go a bit too fast. AT Tiny and it's 13A, there it is. And framework that we want is Arduino location, use the default
35:05
location, finish. So this is now creating a new project called Def contest. And I have on the left here now, Def contest. And libraries, everything is set up the way I need to, so it did a bunch of work for me. I even have a main.cpp area with a loop and
35:27
a setup. So I'm just going to erase this because I have copied the example from before. See that? So this is what I copied before. And it's the blink example for the Arduino.
35:41
Because it is a VR 8-bit, it can possibly work. I'm just concerned about this here. This might not work. But because I'm an adventurous person, I'm just going to try and compile it. Up here there is a build. Save and build. Fail. This file has been moved to
36:11
utility delay H. It's been moved to utility delay H. No. All right. So that was a good try, but I'm going to quit while we're still on time. Instead of doing that, I'm going
36:31
to take source code from what I know is good. Let's get rid of this here. You mean
36:51
that there? Target, target. What do you mean build target? What do you want me to
37:10
use? An example from a different board? This was kind of an exotic test that I wanted to try. So I'm going to erase the text that I just copied there. And we're still
37:24
in demonstration mode. So I'm going to copy this file, which I know is good. It's not the one that's running on the badges exactly, because that's not uploaded yet. But I'm quite sure that it will work. And we'll need one more file. This looks okay.
37:48
And we need one more file. We need this one. Yeah, this is C. So I will create
38:00
a new file in this project and put that inside there. And it's untitled. We'll call it main.H. I hope that's the right place. All right. It's not in the right place, so let
38:40
me just put it there now. Yeah, that's it. And over here, so we'll move it to
39:28
where it should be, namely Def Con. Where did it go? So now I need to find the place
39:43
where this new project is stored. Documents, platform IO, projects. All right. Sorry about this. MyO, projects. Def contest, projects. So that must be correct now, but it's still
40:26
not. No. Okay. So that looks okay. Our main.H is in the correct place. Main.CPP looks
40:42
okay as well. Oh, I haven't saved it. So I'll just save all the files now. Save all. And I have the home here. I have the CPP here. And I have the home here.
41:03
And there is a main.H as well. Let's cross our fingers. I saw a lot of red there. I'm not sure. Oh, no configuration. Ah, okay. That's why. So tiny. And it's saying no configuration.
41:28
Now it works. Okay. Okay. Success. So what I just did was I cut and pasted a bunch of source code, which I know works for this architecture, and the pin assignments are
41:44
similar to what I used for the LEDs soldered onto the board. So this is not exactly what's running on these boards, because that source code I'm too disorganized right now. I haven't uploaded it yet. But this does work. And I have copied it into this file. And there's
42:06
a main.H file as well, a header, which is not very long. And so I just built it. I can build again to show you. It goes pretty fast. So build, and then down here it basically says what it's doing, and it succeeded. What it did really is used a GCC.AVR version
42:27
of the compiling environment. This is not Intel, but it did a lot of tricks because it understands what architecture it's building for. And I should be able to find the binary
42:42
now. If I just go back one, let me put this at the top. I think it's called, yeah, it's in here, an ATtiny13. And there it is. There's the firmware. Let's show both of
43:07
them. So now, let's see, avrdude command. I've kind of forgotten how it is, but I can
43:21
find it quickly. All right. Here it is. So the next thing we need to do here is
43:42
avrdude takes a binary. It does other things as well, but it takes a binary like the one we just produced, and it programs a chip like this one over a USB connection. So we don't have USB logic in this hardware. We'll need some kind of middleman that understands
44:03
the USB commands and everything coming from avrdude and then transfers it in a protocol that can handle, which is SPI, the serial peripheral interface. So that's what I'll demonstrate now. Firmware.hex, I think that's the name of the file. We're going to flash
44:23
that and write. This is a command. I'm going to change the fuses. I think we need to ignore. The fuses is basically every microcontroller has usually an internal clock. You can tell it to reduce the clock speed. You can sometimes change a fuse so that it's no longer programmable.
44:46
There's internal fuses, either the type of things that avrdude can manipulate. And here I'm telling it to release the halving of an internal oscillator. When you get
45:02
an internal oscillator, it's very slow. And if we did that, then all of this animation would just be very slow. It wouldn't be nice. So I always release this fuse, the 3A fuse. And this is the programmer that I have, which is the C command. And if I do nothing
45:23
at all, because it's not connected to anything, it will give me some errors. The command failed because it's not connected to anything. But if I do it again after I connect the programmer,
45:40
which looks like this, I'll try to raise this up a bit. I mean it's going to be hard to see. I apologize. But you can understand that my computer is this. And I've got a couple of cables for power and so on. And this white thing here is an atmel, it's called
46:01
the ICE, I'm not sure what that stands for. It's a serial programmer. So this is necessary because there's no way to connect a serial or a, I'm sorry, a USB cable directly to this board. If you have a board like a Raspberry Pi or something where you can directly connect
46:22
a USB cable to it, then you can program directly. And this is kind of a bad example because a Raspberry Pi has no microcontroller. But because we don't have that, we need a serial programmer like this. Okay. So now I'm going to connect that to this orange
46:43
board at the bottom. When I turn this on for the first time, that's the animation that begins. It's a fast animation. When I click, it moves, it goes to a slow animation. And the third option is kind of a strange Cylon thing there. Okay. So I think that,
47:09
so I'm going to connect and program the new thing on there. If I can just, there we go. So this should work now. Whoops. That happens sometimes. Oh, I didn't have
47:35
it on. Okay. I think we're still okay. So these are the files and now I'm going
47:43
to turn it on. Okay. Now that's working. You can see it's writing at the bottom. If you look at the badge, it's lighting up a lot of the LEDs. So now it's no longer
48:02
beginning with the fast animation. It's a bad example. I should have done something more pronounced. It's starting with a slow animation. The next one is a fast animation. The third one, yeah, I did almost the same thing. Okay. To make this more pronounced,
48:21
I'm going to change the source code and that will be the end of the demonstration and I'll walk around and try to get people started on doing other things. We can change things, I think, close to the bottom here. So here's the loop. We'll start with, we'll start with A, we'll start with 5. We'll just do 5, 0, 2, 3 and that
49:07
means that our maximum, I think it's at the top, 3 is the max. Was it, yes, 3, so this should be correct. So I'll go back, build, success and connect, connect and program.
49:43
Take a look at the badge if you can see it. While I'm programming, it's going to light up. It's interrupting all of the, exactly. Okay. So now I turn it off, turn it on and you can see it has a new program on there. The very first animation is different
50:02
if I switch to the next animation, it's a different one, switch to the third and there is no fourth I believe or maybe, okay, the fourth is the default end of animation, animation and the first one comes back on. So I think that kind of demonstrated how this
50:20
workflow works, right. There are lots of options. Instead of platform IO, you can use Arduino, you can use AVRGCC and make files, there are different things to achieve the same results. I think we still have a half hour or so, so at this point I'll take some questions and then walk around and try to help those with computers do what
50:44
they're trying to do. Any questions? Right. Well, the one that I have which I can tell works pretty well for Atmel architectures is called the Atmel ICE. They have different
51:00
versions of that I think. A few years ago they started with one, I'm not sure which one I have. Maybe it says a number, I don't know. It just says Atmel-ICE on there and then there's a serial number and a date. So that will work just fine. They're a bit expensive though. I think they're $80, $90 or something like that and they're not worth
51:24
it. Why do I say that? Because an Arduino will work just fine. Almost anything. There's all kinds of hacky projects. If you look at Hackster IO or a lot of online sites, you can download your own PCB from OSH Park, populate it and create a programmer
51:45
on your own. Obviously the easiest answer for you if you're trying to get started easily and quickly is to do the same exact thing that I did and then copy that model number down and just pay the money and get it and it will work just fine. The other
52:00
thing that I might say is that there are two interfaces. That's where you can plug things in onto these badges because I know some people, well, people have different preferences. They both have six contacts so they're very easy to identify. In fact, going to the badge website, which you maybe didn't know there was a website, it's
52:26
this here. This is what I'm talking about. These little interfaces there with six contacts. One of them, there are six holes and then the other one here, there's six contacts
52:41
as well but they're not holes through the board. Either one of those work to program the boards. The one that the hand is pointing at now, it's called a tag connect interface and the other one above, this is the traditional, actually it's just 2.54 millimeter pitch
53:04
header pins. It's not really a name but it's a traditional Arduino programming interface. Some programmers come with cables for one or another or even there are many other
53:23
types. Question. There's only one MCU and the other two chips are non-programmable. They simply are storage like USB media stores things. Right, so you don't have to worry
53:44
about those as far as programming goes and that's why there are no interface plugs or connectors there. The connector really is just a wireless connectors on the back of the antenna. That's how you access those and that's the interface. The interface
54:01
for the next portion, that's what we're talking about now and depending on what you like best. What I like best is this tag connect interface because of the way that I can very quickly program. I push down, it has the tag connect cables have kind of a spring action pogo pin assembly on there so I can very quickly go from one to the next board
54:27
and there's no attaching a cable. But I must say that most people are more comfortable with the header pins and the traditional Arduino plugs. It works just as well and
54:41
they're more available, they're cheaper so that's why I put both of those on there. If I wanted to go crazy I could probably do three or four other alternatives. All I would do is put traces on there. It would be really easy but it would be more confusing as well and I would be populating more parts anyway. It's not important. So you have
55:03
two choices on where to plug in. When I just plugged in myself, it's too small to show you, but I connected to this here. I can't get it, there it is to that. That is when you saw all of this writing and verifying happen. Avrdude is what programmed the badge.
55:31
Any other questions? Yeah, well there are two people. There's AGS and there's me.
55:42
We're selling the badges. AGS has packages of badges for anyone who bought over his website. It was a pre-sale that happened a couple weeks ago I guess and a lot of people bought badges and he has their order numbers so you need your order number if you did that. If you didn't buy it during that time then I have badges as well for sale. In fact,
56:07
I have all three now. The problem yesterday I wasn't sure how many I had of all three and I had orders to fill so I was telling people we were sold out. It wasn't. I thought we were, but I was being honest, but we're not sold out. I think I have a couple
56:22
handful left of the high value premium badges and I have a couple boxes of the regular ones. Any other questions? Was that halfway clear, the workflow where we started with platform IO, we typed, we edited, we developed and coded, we built and compiled and then we
56:41
had a firmware file which ends with .hex and then we used Avrdude to program that over a USB device onto the board. What does it do without any modifications? I can't show
57:00
it anymore because I over wrote mine, but all of the badges that I sell, that I've produced are the same. Let me rephrase that. There are three different models. There
57:20
is the regular, there is the alien, nice blue color and then there is the boss badge with the two tone colors and kind of the authoritative animation. Whichever you choose, your animation will match every other person that has chosen that badge. I don't know
57:53
what I'm doing here. I'm trying to figure out what I'm doing here. I'm trying to figure out what I'm doing here. The first animation appears just like everyone else. You can change that by clicking on the switch. You need to hold it down because it only
58:02
samples at the end of the animation, so sometimes you click too quickly and it won't register it, but if you click at just the right time or if you hold it down long enough then it will register. It goes to the next animation, which is part of the source code,
58:22
which I just modified in order to change the sequence. That's all that you can do with one button. You see, it's quite a limited device. This is not measuring temperature or you don't have a screen to get menus and things like that. Does that
58:41
answer your question? Yes. Okay, so the question is, does it have NFC features? The answer is yes. It's difficult to answer because, okay, first of all, I call this a split-brained badge
59:04
because there are two sides to it and that's why I wrote lights on one side and radio on the other. There is no communication between the two sides. What would be very nice and what would work for the, I think, the batteries running out. Does anybody have batteries for the microphone? What we'll be working on for the next
59:24
version of badges for the next conference in Europe is that once we place the badge onto an NFC device, the microcontroller understands that and lights things up. It's going to be a bit different. It's good. But that
59:44
will require that there's communication from the NFC radio side to the MCU-powered lights side. And our situation here at DEF CON, this is a split-brain. There is no communication between the two sides. So if you lay this on
01:00:00
to NFC reader writer an active NFC device which can supply power like a phone then your radio logic your radio circuits will work but the MCU won't have any idea about it you can even have the badge turned off you can turn take the battery out and the radio circuit still works the way to use
01:00:25
that so there are two two buttons over there as well I'm trying to imagine a NFC tag you know a library card or whatever has an NFC antenna loop inside I'm not I'm not feeling too creative after so much lack of sleep but if you can
01:00:44
imagine an NFC application maybe in your school or whatever door access control sometimes sometimes it's a RFID device but it's very similar in any case there's a connected antenna and there's no energy source for one of the
01:01:01
two sides for the passive side anyway so this is the same thing with one exception instead of simply lying it on the reader and the reader automatically recognizing picking up and taking the information which could lead to opportunistic data theft and for example if you if you are for example embed a antenna on a table that would be great at DEFCON right you're
01:01:24
stealing people's data left and right their wallets going on the table and you're reading their library card information whatever what we decided is to block or defend against that by putting switches on here so if you lay your badges on a table that was manipulated by an attacker they will not
01:01:42
be able to get your data it doesn't mean you should store critical data on here I recommend against that but it does mean that you have a bit of protection because you must use your finger and push on one of those two tactile switches and at that moment a reader or a writer can accept the NFC
01:02:00
circuit only then you take your finger off and you're safe again or marginally safe safer than usual right does that make sense so if you have your library card and you go to what a coffee shop and they have sometimes embedded chargers on the table and you might have your telephone there and
01:02:22
your like your card here they can take your data easy enough I mean if you own the coffee shop and you embed an antenna on there there's going to be one customer who puts their wallet on the table and then you have their data but if they're that customer had a blocking factor something like a
01:02:42
tactical switch tactile switch like these here then they would be then they would need to first push that to complete the circuit with the antenna and only at that moment can data be read out of this or written to it and and that I can talk a bit about how to use an NFC tag in general but
01:03:02
this is kind of a this is there's probably if you search online you know NFC tag this is it's very basic I don't have examples but a lot of a lot of what library cards for example have RFID or NFC embedded inside the
01:03:23
plastic you don't really see it unless sometimes you can with a very bright light that's a radio circuit and an extremely small chip inside as well which basically stores a very small amount of data so it's it's it stores a number for you and anonymized numbers so your library customer five six eight
01:03:47
five four zero or whatever you lay down your cut your library card on the reader and then you can check out books books that way and if you don't return the your books then they match your number to your name and address and
01:04:00
send you a bill right so that's one of about 50 million applications for contactless radio application contactless just means you're not plugging cables in and creating copper or physical connections it's going over up to one and a half millimeters of distance of space it's a wireless
01:04:22
interface so that's what you have in these badges as well all three of the badges which I sell have this feature the only difference is that the less expensive I like I like to keep price as low as you imagine you can see you can see what prices are at DEFCON I like this because it's kind of Democrat democratizes badges it's hard to find cheap hatches at DEFCON I like
01:04:45
that you know anybody regardless of how much money they have can have a badge but that means that I have to put less high rated components on here so the tactile switches are a bit clumsier they're not as nice they're not low profile they click a lot and the NFC EPROMs don't store very much
01:05:05
information they can just store two kilobits of data and the others can store 64 kilobits so yeah people are always asking what the differences are those are a few of the differences any other questions you're welcome
01:05:22
oh this the screen is off I was kind of I was kind of hoping to get a bit further with hands-on well which isn't so relevant if we just have one or two people with computers in the whole room but I think in other parts of the world maybe again at DEFCON next year we'll have similar situations
01:05:43
where instead we'll be better prepared and we'll have one programming device for each of us at each table position for example that was my plan I just didn't get to it but I did do the demonstration and I think that kind of
01:06:01
clarified a bit of what must happen after one of these chips comes from manufacturer ST Microelectronics or no in this case I'm sorry this is a Atmel itself comes to the producer that's me and then they solder that on and it's empty what has to happen then in order for anything like lights to
01:06:23
appear right you need to develop compile and then program that's kind of the workflow just in a nutshell yeah so there is there's little to this still you know ten minutes but I think most questions have been answered and we
01:06:41
don't really have much time left so I think we'll end it early if it's okay with you one last question yeah that's fine should I come over to you I'll wrap up here and then or is it a question that I can answer like this
01:07:03
yeah okay that's what we'll do next