Close

How I Created The Mr. Robot Badge

A project log for Mr Robot Badge

Creating hardware, and 'gonzo trade journalism'

BenchoffBenchoff 08/02/2017 at 03:535 Comments

This is it. It's over. It's done. I'm writing this on August 1st, right after getting home from Def Con. All badges were deployed, I'm not getting sued by the creators of Mr. Robot, and everyone loved my work. I'm going to use this project log entry as a single wrap-up post, and also go over the issues that cropped up in the final days.

But first, a badass pic:


The official Def Con badges have been electronic works of art for more than a decade now, but only in the past few years have independent hives of hackers built their own electronic badges. This is Badgelife, a lifestyle that revolves around developing custom hardware for an entire year and having a lot of fun for one weekend. This year is the biggest year yet for Badgelife. There are dozens of groups designing, building, and deploying completely custom electronic badges this year at Def Con.

For the last few months, I’ve been working on a very special project. I released this project this weekend at Defcon. Yes, I’m the guy behind the MrRobotBadge. If you’re reading this now, it means it’s finally time to end the MrRobotBadge ARG. I am MrRobotBadge. Right off the bat, I’m going to call this ‘gonzo trade journalism’. That’s not because this entire endeavor involved a trip to Vegas and electronic debauchery. It’s just that I can’t think of a better phrase to describe how I injected myself into a subculture built around electronic conference badges simply to write about electronic conference badges.

The question I’m sure is on everyone’s minds right now is why I spent thousands of dollars and hundreds of hours to create a custom, unofficial badge for Defcon. Was it to promote the TV show Mr. Robot? Certainly not. Was this project sponsored in any way? No; everything here — including my trip to Vegas, ostensibly as a Hackaday journo — was done on my own dime. Was it to use conference badges as an attack vector and make WiFi completely unusable on the Vegas strip? That was the initial plan, but no. This was simply an experiment in gonzo trade journalism; an investigation into the inner workings of what it takes to build custom hardware on a very tight timeline.

---------- more ----------


The Beginnings of an Idea

The inspiration for this idea came from last year’s Defcon, and AND!XOR’s incredible Bender Badge. This was an extremely popular badge, despite having absolutely nothing to do with official Defcon puzzles, parties, or challenges.

There’s only one way to describe how popular last year’s Bender Badge was. During last year’s Defcon, on Friday night, a few people I was hanging out with looked down at their phones and noticed a Tweet from the AND!XOR crew. Minutes later, I was on the 9th floor of Paris, in a queue one hundred people deep. Everyone had a fist full of twenties, and everyone wanted a Bender Badge. I had to get in on this.

The killer feature of this badge is the multicolor PCB, and the inspiration for this comes from the incredible advances in PCB art I’ve seen over the past few months. I have literally been turned into art using the standard solder mask and silkscreen colors from OSH Park. [Trammell Hudson] is making masterpieces in copper and gold. I can’t even wrap my head around what Boldport is doing. If you’d like an overview of PCB art, I would highly recommend checking out [Star Simpson]’s talk from last year’s Hackaday Superconference. Basically, the only place to go from here is with custom color solder masks and multiple colors of silkscreen. Fortunately, borrowing some Mr. Robot iconography affords me a relatively simple design: it only uses two colors of silk screen (white and black, which every board house can do) and a skin tone soldermask.


The idea of a skin tone soldermask was actually borrowed from last year’s Queercon badge. This squid/cuttlefish badge used black fiberglass, white silk, and a clear soldermask. Clean matte copper, as it turns out, is an excellent stand-in for skin tone.

I’m not one to believe in divine inspiration. I believe ascribing the creative process to a muse, chemical influence, or other totem leads people to disregard exactly how much actual work goes into doing anything creative. For this, though, I have to concede sudden flashes of inspiration indeed exist. Somewhere in my brain, a few neurons linked. Three ideas came together: a skin tone soldermask, the marketing for Mr. Robot at last year’s Def Con, and the idea of two silkscreens. The result was a multicolor Mr. Robot mask PCB. In a moment, I knew this badge could be built, and the only thing left was an unbelievable amount of work.


I guess an electronic badge needs electronics, right?


The electronic design for this badge began when I stumbled upon a very interesting LED driver. The ISSI IS31FL3731 is a LED driver that takes I2C commands in on one end, and spits out a charlieplexed 16×9 LED array on the other end. It’s a cheap part, and at the time I discovered it, there were already a few Adafruit libraries for this chip. This chip would be the core of the badge – it has all the blinky bling required of a Def Con badge, and the chip was cheap enough in quantity.

Wireless connectivity was a goal for the badge, although that, unfortunately, didn’t make it into the finished firmware. For most of the unofficial conference badges, wireless means either Bluetooth or WiFi, although I believe a few badges this year used weirder protocols such as LoRa. WiFi is good enough, and the ESP8266 is a fantastic module. I used the ESP-12F module for this badge. It’s a module with an ESP8266 core, and just enough GPIOs to get everything done.

In addition to the main chip and a LED driver, I needed a power supply. A switching regulator would be the best choice for a badge that had to run for three days on a set of batteries, and Microchip’s MCP1640 was up to the task. I will note that the inductor I used (and was recommended by the datasheet) was a bit too small, but PWMing the LEDs helped a bit.

With the schematic pretty much sorted, I whipped up a small prototype board in the middle of January:


With the prototype completed and sent off to the firmware dev, I was able to start work translating this prototype into what would become the finished MrRobotBadge. The design was done in KiCad and this was my first big project that wasn’t done in Eagle. The art for this board — not the electronics, this is just the soldermask and silkscreen layers — took about 20 hours in Illustrator, and another 20 hours turning that into KiCad cutouts, soldermasks, and silkscreens. Nevertheless, I figured out how to do exceptional art in KiCad.

For PCB fab, I went with Seeed Studio. I did this badge on a budget, after all, and this isn’t really a complex badge that requires 2 mil traces. Again, this badge wasn’t sponsored by anyone — everything you see is completely funded out of my own pocket. That said, I was very pleased with the work Seeed did with this project. This project wasn’t done through Seeed’s Fusion PCB service, though: I had to use a few contacts to get ahold of a real person at Seeed. However, one of the other badges I made for Def Con this year was done through the Fusion service and my experience for that badge was just as awesome.


An Augmented Reality Game

For the last few years, [L0sT has been in charge of badgecraft at Defcon, and with that comes amazing crypto puzzles. The lanyards for Defcon badges have codes on them, and not all the lanyards are the same. To solve these puzzles, you must collect images of badges from goons, press, speakers, and so forth, possibly look at the firmware, and dig into the gigantic decals on the floor of the conference. To get an idea of what goes into a Defcon crypto puzzle, take a look at this talk [L0sT] gave at one of hackaday's cons.

I can’t possibly create a puzzle that would compete with a [1057] puzzle, but I can make an attempt. This whole concept has a few things going for it: most of the IRL presence of this badge is on Twitter. Therefore, I can use Twitter to deliver clues. I have a small amount of available space left over on the badge, so I can hide some information there. I also have a website for this badge so I can make that another piece of the puzzle.

o deliver the first clue for the ARG, I scheduled over 100 tweets, each containing eight bytes in hexadecimal format. The first tweet simply read, ’50 4B 03 04 14 00 00 00′. Looking at that in a hex editor, that reads, ‘PK……”. Anyone with a vague familiarity of file formats should be able to tell you this is the first eight bytes of a Zip file. After about 100 tweets, someone trying to solve the problem will be able to assemble a small (~800 byte) Zip file. Enclosed in this archive is an image taken from Majora's Mask.


The ‘Dawn of the First Day’ image is saved as a bitmap, and thanks to the way bitmap and zip archive file formats are laid out, a zip archive can be appended to the end of a bitmap file. If someone trying to solve the badge were to look at the ‘dawn’ image in a hex editor, they would find a zip archive at the end with a text file that contains a link to this website. The only thing on this website is a memory address, and if you look at that memory address on the badge, you’ll find a bitmap of the ‘winning’ image that includes a link to this post.

While this puzzle is nowhere near the level of what [L0sT] created for this year’s badge (yes, that's accurate), it is a fun little experiment in user engagement. A lot of people at the con were looking for hints, and I’m told there were fevered discussions on IRC and the Discord server. This means I spent a significant amount of time trolling people on twitter with literal red herrings. In any event, the cost to implement this ARG was 1200 bytes of Flash space on the badge, and a few hours of my time. For any other independent badge creators, I would highly recommend creating an ARG to go along with the badge.


Lessons Learned:

For this badge, I was fortunate enough to know a guy with a really, really fast assembly line. The pick and place machines manufactured Blackberries in their former life, and the only way to find a bigger PCB assembly house it to visit Foxconn. This put me in a great position — I was able to place 100,000 components on the boards and send them through the oven in a single weekend. That gave me three weeks to depanelize the boards, populate and solder the battery holders, program the badges, and finally kit everything up in static bags.

I still can’t believe how long it took to depanelize, solder, and program all the badges. I was able to depanelize and solder battery holders at a rate of about one badge every two minutes. That’s sixteen hours of working with a pair of wire cutters. In the end, I had several blisters on my fingers and palms. Programming was equally tedious. I used nodemcu firmware flasher and a pogo pin FTDI adapter to program all the badges. Again, each badge took about two minutes on average, so that’s another sixteen hours.

This would have been easy if I had a team of people sitting around a table running a production line. In fact, that’s what the majority of the independent badges did this year. This was a solo effort, and I did not have this luxury.

So you want to build hardware on the cheap. Mouser and Digikey are great for when you want some parts now, but if you’re going to do small-scale production, there are some fantastic deals to be had on AliBaba and AliExpress.

Case in point. To the left is a AA battery holder manufactured by Keystone and available on Mouser for $0.65 in quantity 1000. This was exactly what we needed: two double As, with through hole mounting. I found the exact same battery holder on AliBaba for $0.15 in quantity 1000. As a bonus, the AliBaba holders had four solder pins, allowing me to make this a 1.5 or 3V supply, depending on how I routed the board.

How about LEDs? This project used a lot of LEDs – around 80,000. LEDs come in reels of 4000, so that’s twenty reels. I struggled to find LEDs for under $100 a reel on Mouser, but AliExpress netted me all the LEDs I needed for under $300. That’s one-tenth the price. Buttons, too: the Panasonic buttons suggested by the KiCad library would cost about $600 from the usual suppliers. I found similar buttons, though not as fancy, for $90.

Now, if you’re building something designed to last for more than 100 hours, you’ll want good parts. You’ll want parts that have datasheets and not just dimensions. You’ll want buttons that are rated for a specific number of presses. A Def Con badge doesn’t need this. It’s effectively disposable hardware, it’s designed to last for three days, and no one is going to be using it when September rolls around. Low cost is the name of the game, and reliability is a luxury.

This badge was designed to be ‘sticky’, and encourage user interaction. More people playing Tetris on a badge means more people see people playing with the badge, and the more popular the badge becomes. Something like that, at least.

The display for this badge is simply 144 SMD LEDs and a Charlieplexed LED driver. If you’re using an assembly house with a fast enough pick and place machine, the only hard part about this badge was getting the Charlieplexed layout right. It’s simple, but it’s also expensive. I bought enough parts for 520 badges, including $240 in LEDs and $640 in LED drivers. The displays, across all badges, cost $880, or $1.70 per badge.

Compare $1.70 per badge by what’s available on AliBaba. For $2, I can pick up a round AMOLED LCD designed for smartwatches. For a buck a piece, I can buy the ubiquitous SPI OLED displays found on other badges.


Community Reception

During the con, things only got better. The first public release of the MrRobotBadge was a small sale on Tuesday in the ‘Fun Dungeon’, the arcade in the basement of Excalibur. I announced a ‘Titanic’ sale would happen around 10 pm, which put enough people within walking distance of where I would be at that time. When 10 o’clock rolled around, I posted a few pictures. Everything went great, I was selling items in plastic bags out of a satchel under the nose of Excalibur security, and later that night I met up with [Kevin Mitnick]. Free Kevin badges, or something like that.

For the week of Black Hat and Def Con, the Badgelife crew continued to be absolutely fantastic. On Wednesday, I got a message from [Joe Fitz] telling me [Christian Slater], the titular character of Mr. Robot, would be at HP’s Black Hat booth. [Joe] was kind enough to donate a MrRobotBadge to the real Mr. Robot, ticking an item off the bucket list for this project.


It wouldn't be a Def Con without drama, and there was plenty of it. Sometime on the Wednesday before DefCon, I heard through the grapevine that Goons were looking for me. After about a day of trying to reach them, I eventually found my way to the SOC, and talked to the King Goon. Apparently NBCUniversal's lawyers had doxxed me. 

It's very doubtful I could be served with a Cease and Desist if I'm not home (how, exactly would anyone find me), so for the remainder of the con, there was an open question: would NBCUniversal, Comcast, or the creators of Mr. Robot tell me to take down my work, stop selling badges, and effectively end this whole project? I had to wait until I got home to answer that question. Now, it doesn't look like that'll happen. In any event, I've ceased and desisted. It's over, it's done, and this project is complete.

The last nine months or so have included some of the most rewarding experiences of my life. While my work can’t compare to the AND!XOR crew, or the rest of the Badgelife hive, or even L0sT, Joe Grand, or any of the other famous badge makers, I was amazed by the positive reception my work received. This is also the largest project I’ve done to date. The relationship between building one thing and building hundreds of things does not scale linearly, and I learned a lot of what goes into designing and producing a hardware product.

Am I going to do this again? Probably. There are three goals I’d like to see Badgelife tackle in the next few years. The first is full-color PCBs, and I think I know of a way to do that. The second is custom silicon — an ASIC or something. I won’t be tackling that project, but if I had to make a bet, I’d say #Badgelife will make this happen in two or three years. The third challenge is injection molding or something that brings industrial fabrication processes into conference badges. 

Should you take six to nine months out of your life to build an electronic conference badge? It’s not for everybody, and there’s an incredible investment in time and money. I’m sure I have a few more gray hairs from getting these badges together on time, and the MrRobotBadge didn’t live up to my expectations on the outset of the project. Nevertheless, this was simply one of the most rewarding experiences I’ve ever had, I’ve learned a lot, and I’ve met some really cool people. I’d highly recommend it to anybody.


Thanks

This project was not created in a vacuum, and I couldn't have done it without the inspiration and efforts of dozens of people. I'd like to make a special shoutout to Joe Grand, L0sT, and Def Con itself for years of awesome work for an awesome con and awesome badges. Special thanks go to the goon squad, with special mentions to CJ, Beamer, Chris, and Chris. Couldn't have done it without you.

Going further, I'd like to thank and!xor for the inspiration last year to create my own badge. I'd like to thank these five guys even though Hyr0n completely stole my precious intellectual property. The Queercon badge guys get a special shoutout for the the idea of a skin-tone soldermask with last year's squid badge.

The #badgelife crew -- all 80 or so of them -- deserve special mention. I'd like to thank Whitney specifically for being the #badgelife queen, Krux for that thing he did, and everyone else for being part of an awesome community. Next year is going to be fun. Big ups to  for the awesome, badass pic at the top of this post and the header image for this project.

Finally, I'd like to thank the other members of the team. The guy who did the firmware, you know who you are, and you're awesome. The guy who helped with the assembly, thumbs way up. I completely understand why you would not want to be publicly associated with me. Ivy at Seeed, you are awesome, and I'll get that thing to you when I see you.

Discussions

Michael wrote 03/06/2019 at 00:52 point

You write 'The first is full-color PCBs, and I think I know of a way to do that.'

Would you please explain how full-color PCBs is possible? Thank you.

  Are you sure? yes | no

AVR (lordKiCAD) wrote 03/08/2019 at 04:04 point

and give up that competitive edge? secret is silkscreening lolz

  Are you sure? yes | no

zakqwy wrote 08/04/2017 at 21:41 point

Great writeup and a neat project. Hope to see a few of these floating around at Supercon.

  Are you sure? yes | no

Daniel S. wrote 08/03/2017 at 23:52 point

Nice find on that led charlieplexer ic! btw, i'm doing a couple badges next year w/ wireless capability. we should talk.

  Are you sure? yes | no

Robot wrote 08/03/2017 at 18:46 point

This is a great writeup and an impressive undertaking which is a worthy source of personal and professional pride. There is plenty to respond to in this article but I'll satisfy myself with this; when it comes to prices offered by vendors, take them as suggestions. Get on the horn with DigiKey et al, develop a relationship with their sales people and you'll find that often you can get 10k unit pricing simply by asking.

Also, thanks for the inspiration :)

  Are you sure? yes | no