Not too long ago, the fine folks at SAINTCON - a great network security conference in Utah - gave us a free badge for their event. We made the decision to give it away to one of our customers who would be able to make it on short notice. When we posted about it on Twitter, SparkFun customer Josh Datko jumped at the opportunity to go. Josh was nice enough to write about his experiences at the conference, so today we want to share those with you! Here's what Josh had to say:
SparkFun Electronics gave me a free pass to SAINTCON, a networking security conference in Odgen, Utah. How did I receive this? Well, social media addiction has its rare benefits and I was the first to respond to a tweet.
Who wants to go to SaintCon Oct 20-23 in Ogden, UT? We’ve got a free badge ($250 value) for the first person to reply!— SparkFun Electronics (@sparkfun) October 2, 2014
SAINTCON hosted a Hardware Hacking Village (HHV) this year and as the recipient of a SparkFun-sponsored ticket, I felt I should check out the HHV immediately. I sat down, soldered my badge, and then proceeded to complete all five hardware challenges; I was the first to complete hack the badge. That’s what happens when a SparkFun social-media-addict goes to a conference.
Prior to SparkFun’s tweet, I had never heard of SAINTCON. At the conference (con), I asked around and it seems that this was the second public year. Apparently, it had been hosted for several years prior, but was somehow restricted. The con is more then just talks. Although there were plenty on the schedule, there are also numerous side events. The HHV is the place to solder and tinker with electronics. The Lock Picking Village is where you can learn how to let yourself into your own house when you forget your key. Tangential to the talks and the villages was the Hacker’s Challenge, a series of puzzles, in various topics, with one global scoreboard for SAINTCON participants.
For regulars of Information Security conferences, like DEFCON, this conference format will feel familiar. The challenges have become so popular at DEFCON that attendees blow off most of the talks just to hack the challenges.
There were some interesting talks. I went to the EFF’s talk on Privacy Badger, which I highly recommend you install, and a talk on RFID hacking. It turns out, there is a device that can read RFID tags from up to 3 feet away. Once read, it can then spoof said tag. Needless to say, if you are only using RFID as a means as access control, you probably want to re-think you program.
In your faithful correspondent’s humble opinion, the best thing going on at SAINTCON was the HHV.
Luke Jenkins and Matt Lorimer were the two main organizers of the HHV, although there were a few other volunteers staffing the village, whose names I unfortunately missed. The small conference room was lined with soldering iron stations around the outside and on a center table. From open-to-close each day of the conference, the HHV was packed with a queue of participants waiting to enter. Running a HHV is an operation. With 35 soldering irons, set between 650 and 750 degrees, in the hands of novices, the HHV staff are constantly engaged.
Primarily they are there to make sure you don’t injure yourself or others. After that, they are there to make sure you have fun and learn. As I assembled my badge, I was surrounded by people who looked at electronics as a kind of black magic. I watched them and occasionally offered some tips as they completed the kit, to which there were no instructions. The only hint was the silk-screen of the printed circuit board they wore on their neck.
What was everybody soldering? They were assembling a badge that was designed by Luke Jenkins and Klint Holmes. Every SAINTCON participant received a badge and a bag of components on registration. The badge is essentially an Arduino clone, inspired by SparkFun’s RedBoard. If you are experienced with electronics or the Arduino community, then you would instantly recognize the design. But imagine finding a person off-the-street, handing them a kit, and saying, “go build this.” Building this badge, for a complete beginner, is a significant accomplishment — one that people were proud to wear around their necks.
This is not a DEFCON badge. LosT, the creator of the DEFCON badges designs some wicked challenges where people blow-off the con just to hack the badge. The DEFCON badge is on a completely different level. I mean, the DEFCON 22 badge can act as a Bitcoin miner. The SAINTCON badge was designed to be approachable, teachable, and hackable for beginners.
For the rest of Josh's story from SAINTCON, please visit his blog. Thanks to Josh for doing such an awesome writeup and glad to hear the conference was a blast!