Eric Brown: 0:05

You're listening to the Audit presented by IT Audit Labs. Dennis, thanks for coming back. Welcome back to the Audit by IT Audit Labs Today joining us. We've got Nick Mellem and Scott Risdahl. Hey, all Today we're talking with Dennis Pelton about some hardware hacking. And, dennis, you and I ran into each other at Wild West Hacking Fest over the summer and you were giving a presentation on wireless for noobs, if I recall, and you did a previous episode with us on that. We thought we were going to cover both those things in one episode, but we had a great conversation there and I ran out of time, so we thought let's dedicate the whole episode to hardware hacking. And you've got a business card. Unlike anybody else, you've got, from what I understand, an encrypted version of your resume on this chip on the card. Yeah, yeah, how cool is that.

Dennis Pelton: 1:21

So I mean, did you follow the? Because there's a QR code on the back Did you follow that?

Eric Brown: 1:24

or anything. I did not. I mean, did you follow the, because there's a QR code on the back? Did you follow that, or anything? I did not.

Dennis Pelton: 1:27

I should, though, so I mean it basically explains kind of what you were just talking about. That on the card is a chip, that on the chip is an encrypted copy of my resume, and so it's kind of a series of challenges really, and challenge number one is get the data off the chip. There's a number of different ways you can go about it. I've heard stories from other people of how they were able to get it off, and it's like each person tells me something new, even ways I hadn't even thought of in the past, where I'm like, oh, actually that's a rad way to do it. I never thought about that. But once you get the data off, it's encrypted. So you have to determine what kind of encryption was used and how you can break that encryption. And if you take the time to do all that, there's my resume, but there's also kind of a cover letter with a you know, congratulations for solving this.

Dennis Pelton: 2:17

You are exactly the type of person that I want to work with, the type of person who kind of has the drive and motivation to do all of this just for the sheer fun of it. You know, there's no reward, it's just you're just doing it because you want to learn new things, and so I thought that was kind of a fun way to, you know, kind of get that message out there of like, look, I'm looking to work someplace fun, I want to work someplace. That's cool. That really has people that just want to do these things, just to learn. And so that was kind of the inspiration for me on making these was I thought you know what's something kind of fun that I could give out to people, because most business cards you get it and you go okay, cool, maybe you bring it home, but then it ends up in the garbage. Can? Yeah, something like this. I figured that's probably not going to end up in a garbage, can you know, maybe some of them will.

Eric Brown: 2:58

I don't know, but I tell you, dennis, I, since I I met you, uh, black Hills, I've had this in my bag and I can't tell you how many vendor cards have gone in the bag and gone right out of the bag, but this is stuck around. It's cool. I've showed this to a few different people.

Dennis Pelton: 3:23

And yeah, it certainly is a neat concept. Yeah, thanks. Honestly, they were a lot of fun to build. I probably should do another revision of it or something these days, but when you're building it.

Nick Mellem: 3:30

How many? How many are you building at a time? Do you have 20, 50, 5?

Dennis Pelton: 3:36

I think I originally bought 30. And then I think I actually built like 10 of them for the first conference I went to. I ended up passing them all out, went home and built the other 20. And then now, anytime I go to a conference, I'll usually reflash the chip with a new, updated version of my resume. So I have to, kind of it's. The one unfortunate thing about the card is I have to kind of keep updating it as time goes on. But you know, I figure by the time people solve it my resume might change anyway. But whatever, they can find me on LinkedIn or something like that. For the most recent, I don't know.

Eric Brown: 4:11

So what's the process that you go through to build these? Was this the first iteration or did you have a few prototypes before it?

Dennis Pelton: 4:19

So this was actually the very first one I did, but I had built kind of other you know puzzle-y type things in the past. Oh man, yeah, this is old school right here. This was like the very first revision that I did, where it was just like a little keychain and you know it just said rot13labscom and it had the little chip on there and the chip had some puzzles on it and it wasn't quite the same thing, but you know it was similar on there and the chip had some puzzles on it and it wasn't quite the same thing, but you know it was similar. And then, uh, then I ended up switching up the keychain and doing a little differently than that, but kind of similar. And then, uh, I think that's about when I did that one and then for defcon last year I did, I did these keychains that looked like little sticks of RAM.

Dennis Pelton: 5:04

Oh nice, that's awesome. And so it's got the four chips on there and these on the back. It looks kind of similar to the business card On these ones. It was something where the first chip was unencrypted but the rest of the chips were encrypted and so you'd have to solve the puzzles on the first one to get the decryption key for the second one, and then solving those puzzles would get you the decryption keys for the third and the fourth and so on. So it's kind of like you had to progress through the, you know, through the key chain. So I don't know, I always try to make some fun stuff like that to pass out at DEF CON, because I feel like you know, if you meet someone for the first time at DEF CON and you're able to just like, oh here, here's something cool for you to play with later, it's like you know, you've already met a friend right there.

Nick Mellem: 5:52

They're going to like you and they're going to they're going to chat with you and you know it leads to more work. I would assume Right In that sense.

Dennis Pelton: 6:00

Yeah, it could lead to work, but more often than not it just leads to meeting a new friend, kind of thing. There you go. This is good, yeah, I feel like I think these ones, I think I made a couple hundred of them, and that's the same with the other keychains I did. This was kind of the final product of that keychain where it has a little LED up there at the top. So when you make a successful connection to that chip, the LED would light up.

Dennis Pelton: 6:24

Oh, neat top so when you make a successful connection to that chip, the led would light up.

Nick Mellem: 6:25

Oh neat, but uh well, I think for me, the mo, the question that keeps hitting me in the head is how did you decide to do this? Or do you have like insomnia at night and you just are like why should I be able to? The coolest business card ever, or or what's the thought process behind that?

Dennis Pelton: 6:40

so it's uh, it was actually. Let me think here, it was the DEF CON the year that COVID hit and it was all from home, yep, and it's something where that year I was like, well, I can't go to DEF CON this year, and DEF CON was really where I go to kind of learn new things and stuff like that. And so I was like, well, I'm going to do something for myself, that I'm just going to take those days off of work and I'm going to do something for myself, that I'm just going to take those days off of work and I'm going to learn something nerdy on my own. And I don't even remember what kind of originally inspired it. But I said, you know, I'm going to learn how to make hardware, that's going to be my thing.

Dennis Pelton: 7:18

And so I just started studying like crazy. I started downloading like the programs to actually start building boards. And you know, I just started kind of ordering things and being like, well, either this is going to work or it isn't, and either way I'm going to learn something out of the deal. So it's like each one I've built after that it started getting a little more complex and, like you know, building out a little further. And you know there's plenty of boards where I ordered it, waited the two weeks or whatever it came and it totally didn't work. And it's like, well, okay, well, okay, what did I do wrong? Well, start going over everything and I don't know it. Learned a little bit more from each one.

Nick Mellem: 7:50

Yeah, no, that's really fun, that's awesome.

Eric Brown: 7:52

Yeah, do you do any of the badge challenges at DEF CON? You mean?

Dennis Pelton: 7:58

like building badges, or you mean like the actual yeah, with the actual DEF CON badge.

Eric Brown: 8:03

you know, do you try to go through the puzzles? Yeah, I do, yeah.

Dennis Pelton: 8:08

So I've got a thing over there with all my DEF CON puzzles and all the different badges, and I usually end up buying a lot of the aftermarket badges too, like the ones the makers make. And then actually you probably remember this one I made these for Wild West Hackenfest.

Eric Brown: 8:22

Oh cool.

Dennis Pelton: 8:23

Yep. So with this one I know I brought a battery over here somewhere. So this one, when it lights up the LEDs on the front, they're actually not wired up to LED pins, they're actually tapping into the GPIO of gpio on there. That's meant for outputs, so it's just spinning out kind of random output which sets the leds to random colors and it kind of shifts them every so often. But then on the back is one of those esp8266 chips that does like wi-fi and stuff and so it's broadcasting out a Wi-Fi network. You can actually log into the badge and do a lot of the hacks that I talked about during that. You know the Wi-Fi hacking for noobs. You can do those attacks from the badge. How cool is that?

Dennis Pelton: 9:19

Yeah, so I thought that was a really fitting kind of thing to bring to that conference.

Eric Brown: 9:24

Did you have a hard time getting those chips coming out of the pandemic?

Dennis Pelton: 9:29

You know it's funny, those ones I haven't really had much of a problem getting and granted the main brand that makes those I think they're called AI Thinker. Those ones I don't see them very often, but I'm kind of like. You know, I haven't been burned by the knockoffs yet, so I just buy the knockoff ones, but you can seem to find them pretty much everywhere and the pricing really hasn't gotten too absurd on them yet. But I don't know, maybe that'll change as more people learn.

Eric Brown: 9:59

What do you have that makes the form like the form of that sheriff's star that you have on that, uh, wild west badge yeah, so I use, uh, it's called easy eda and it's actually a like an eda program developed by jlc pcb.

Dennis Pelton: 10:19

So they're kind of tightly linked in that way. But, um, you can still export as gerber and like buy them from elsewhere if you want. But if you buy them through jlc pcb, uh, they do something where, like if you built it in easy eda once a month you get like an eight dollar off coupon or something like that. So basically it covers a prototype batch for free. You still have to pay shipping usually, but it's like I get prototypes for free every month. Like sure, I'll keep using this. But uh, yeah, so I just build everything through them and you know there's I know there's better programs out there, but I've gotten so good and so fast with easy eda. I just kind of stick with it. I know I need to learn something else, but I don't know.

Eric Brown: 11:03

I feel like it's hard to change once you've learned it so well in your uh, in your free time do you do puzzle rooms, escape rooms, things like that?

Dennis Pelton: 11:13

I've never actually done one like I want, because I'm like that's it sounds right up my alley, like I feel like I need to be doing these, but I I never have and uh, I've only done those. Uh, what do they call like the hunt killer or something like that, where it's like the board games that there's a, there's a killer and you look through all the evidence. I did one of those like once and it was a blast. I had a great time. But yeah, I don't know, I just I I need to like get out more.

Eric Brown: 11:39

I think I I saw they had at one of the hotels at Wild West last year. They did have an escape room but it was like only open on Saturday afternoon or something like that. So we might be able to get a group together this year and do just kind of a couple private rooms, just kind of a couple private rooms, and I think they had an escape room, put on by the conference as well, up on the third floor that you just had to sign up for in advance?

Dennis Pelton: 12:11

Yeah, Huh, okay, I may need to look in that for next year.

Eric Brown: 12:16

Yeah, are you definitely going this year? That's the plan.

Dennis Pelton: 12:20

Yeah, I mean, I had a blast there. Unless there is some major reason why I can't go, I will definitely be there.

Dennis Pelton: 12:27

What other conferences will you do so? I did SHMU already this year. I'm doing B-Sides Tampa, which, yeah, I've got something to show you for that one too. Let's see here. So I'm on the wait list for tickets to ThoughtCon, but it's Chicago. Yeah, it's getting closer and I haven't heard back. So I'm kind of like, eh, maybe that one's not going to happen. Yeah, I mean really, defcon and Wild West are kind of the two main ones that I'm really gunning for.

Eric Brown: 12:58

Yeah, I think we were trying to get to ThoughtCon as well, and I know I'm on the wait list too. And, scott, I think you were trying to get a ticket too. I don't know if you got one yet or not, but yeah, it seems that one. I saw it a couple months ago. I was like I need to get that ticket and then a couple months later's like I need to to get that ticket, and then a couple months later they were all gone.

Dennis Pelton: 13:18

Yes, that's exactly what happened to me is I kept being like, oh, I need to, I need to figure that out. And then all of a sudden it was just they were gone and I'm like, oh well, okay, so I don't know, we'll see. Oh yeah, so for b-sides, nick and I were talking earlier and he was saying this is probably going to be aired after b-sides actually happens, which is in April 1st. So, yeah, no one's supposed to know about this yet, but I figure, if it's going to be aired afterwards, it's okay. Yeah, absolutely.

Dennis Pelton: 13:45

So I'm making the main badge for them, like the attendee badge, speaker badge, all that kind of stuff, and it's really just a PCB art. So it doesn't actually do anything. There's no electronics on it, it's just the art badge for now. Next year we're going to try to do an electronic badge, but for now it's just the art. But for winners of the badge challenge and for a couple of, like select staff members and things like that, I made these right here, which is the called the Egru Vash. Oh cool, that's cool. And then when you turn it on, it's got blue eyes to initialize and then it will go to kind of barely see it there, but the eyes turn different colors and it will slowly shift through colors as time goes on. But if there's a Deoth attack that happens, the eyes will turn red and they'll kind of slowly pulse red while the Deoth attack is going on as soon as it attacks it stops.

Dennis Pelton: 14:38

Then it goes back to the just kind of cycling through that is so yeah, so it's kind of a similar design to those other ones where it uses that esb8266 and stuff like that, and there's um, yeah, so there's different uh, flash and reset badge buttons on here so that you can actually like hack the badge and put whatever else you want on here. Have it do something else if you wanted to.

Eric Brown: 15:00

And then it looks like you've got the sponsors on the back too, there.

Dennis Pelton: 15:04

Yeah, so there's a whole lot of sponsors. It was difficult to fit them all on here.

Nick Mellem: 15:11

These badges are really turning into being like an Olympic medal. If you win that, how cool is it to try to win something and get that like put it on your wall right? That's awesome to have, exactly, yeah, a medal of honor badge of honor yeah, so I'm doing those.

Dennis Pelton: 15:28

And then, um, right now, sadly the boards don't actually come for a few more days, but I've got kind of a little prototype that I've been building out over here. Um, have you guys ever heard of like a ham radio fox hunt? I don't think so no.

Dennis Pelton: 15:44

So what they do is they'll take a transmitter that will play a little like usually like a 15 second tune, and then it kind of identifies itself as a fox and it will just transmit that every you know 15 to 30 seconds and you hide it somewhere in the city and then people use directional antennas and like attenuators and things like that to locate the fox based on the signal that it's broadcasting sure so I've made a handful of foxes that are little pcbs that are actually shaped like foxes, which I thought was kind of funny, and I'm planning on hiding those around B-sides and just telling people if you find it, you get to keep it, and I figure that's kind of a fun little twist on it, because usually foxes are, you know, like 100 bucks or something like that usually, and it's like you know it's

Dennis Pelton: 16:32

kind of a fun little thing to just hack and play with. Oh, that's cool, yeah. Yeah, I thought it was kind of a fun little idea, have you?

Eric Brown: 16:40

participated in those before, so I've never actually done one.

Dennis Pelton: 16:48

I'm like so intrigued by them and I don't know where any of them are happening. So I'm like if I just start like throwing fox hunts, I'm sure I will meet people who like them and be able to do one myself. But for now I've just been like doing tons of research and being like am I doing this right? I hope so. We'll find out what a neat concept.

Eric Brown: 17:02

Yeah, yeah, yeah so that should be fun.

Nick Mellem: 17:06

I don't know that might be cool for that.

Dennis Pelton: 17:10

Well, so that's the plan. Is that defcon? This is kind of my trial run For Defcon. I've contacted a couple of artists who work in InfoSec and the idea is to get a couple of different artists to make like special limited edition, like art ones. So I'm trying to get some art from them on, like Fox. The idea that I had was to, you know, like, maybe one that was space-themed and we could call it Star Fox One that's like fire fox, stupid stuff. Maybe one that was space themed and we could call it Star Fox One that's like fire fox, stupid stuff, like that. That was funny. 64.

Dennis Pelton: 17:41

Yeah you know, and I figured, if we do a couple of those and make these really like limited ones and then just hide them all over Vegas, like you know, I'm sure people would go nuts finding those.

Eric Brown: 17:52

That does sound cool, yeah, yeah.

Dennis Pelton: 17:55

So there's that. And then, I don't know why, but at defcon I always see, like I always see kids and they always seem so bored, like you know these kids are. You know some of them. I'm sure they're having a great time, but they always just look so bored whenever I see them there. So I thought of an idea where I wanted to make these badges of like an esp8266, but gigantic, to make it easier for like small hands to experiment with and play with. And it actually works. So you know, these are all wired up to these various pins with kind of the little pull-ups and pull-downs on the back, and so I'm going to try to make a ton of these and anytime I see a kid at DEF CON, I'm just going to go up and hand it to him Like here, this is for you, play with it, learn it. That is cool, you know, just for something kind of fun, I don't know.

Dennis Pelton: 18:48

So I brought a handful of those to Shmoo just to get like some feedback on them, and I think I was charging like $20 for them and just told people like look, I'm just, I'm constantly like coming up with all these new ideas and I'm like when do I have time to do all this?

Eric Brown: 19:01

So I don't know, is it getting faster for you now to make the badge once you've come up with the idea?

Dennis Pelton: 19:09

Yes, definitely. So once I had this Fox circuit done, like once, I kind of figured it all out as far as what pins needed to go where, and really the firmware was what took the most time. I'm one of those people where, like, if you show me code I can modify it to do what I want very easily. But writing from scratch I'm not great with, so I had to kind of search around, find some projects doing something close to what I wanted and I was able to easily kind of modify it from there and get to work. But once I had that done, building out the Fox shaped PCB with all the parts where I needed them to go and all the routing on there, I think that took a few hours and that was it.

Dennis Pelton: 19:47

And it's not too bad.

Eric Brown: 19:49

Are you in the Tampa area yourself?

Dennis Pelton: 19:51

I'm a little further north. I'm up in Gainesville, oh, yeah, yeah north I'm up in gainesville oh yeah, now we're drawing.

Eric Brown: 19:56

You have the concept of the maker spaces there where, um you know, people come in and they collaborate on kind of a shared use set of equipment yeah.

Dennis Pelton: 20:07

So we do have one here, but sadly it's like on the far other side of town for me, like I'm kind of on the town and it's really on the other side, so I never actually make it there. Like I'm really sad that I don't. I wish I could get there more often, but yeah, I never end up going.

Eric Brown: 20:24

So here in the Twin Cities they've got, I think, a couple of those maker spaces, but one in particular hosts the open Locksport group where the Locksport people come in and I think it's like the first Thursday of the month, something like that, and if you're experienced or inexperienced, it doesn't matter. Experience or inexperience, it doesn't matter. They've got a pretty good group of people there that will give you the picks if you want them or if you have your own, they can show you some more complex things. But I bring it up because that space sometimes does some interesting things, and a badge making workshop would be an awesome idea for a space like that, where people could come in and maybe learn the basics of how to make one of these.

Dennis Pelton: 21:10

Yeah, honestly, I've had a couple people ask me about doing a demonstration at DEF CON or something like that. So I would like to. It's one of those, if I can find the time to make a short presentation on my process, because I know everybody does it a little differently, but that is definitely a goal of mine to to go out and do something like that. And then at b-sides, that's another thing that we had kind of talked about, but I I kind of got in touch with them a little too late for this year, but they would like to do a kind of hardware hacking village at b-sides.

Dennis Pelton: 21:47

Yeah. So we've talked about kind of you know what that might entail and things like that, and I've got a bunch of uh like little bad usb kits to build your own bad usb. I've got probably probably about 100 of them. So just sitting around and I'm like, hey, you know, I'm happy to donate these to the conference and you know we can have people build these if they want to. But it's just kind of like getting it all organized is really going to take some time.

Dennis Pelton: 22:11

So we figured, okay, maybe for next year we'll have kind of all that in place to do it.

Eric Brown: 22:16

And maybe Wild West, too, would be a good place for that.

Dennis Pelton: 22:19

That's actually true. That probably wouldn't be a bad idea either. Yeah, yeah, I've got probably about 100 or so of the kits to build your own. Yeah, like, probably about 100 or so of the kits to build your own, and then I think I've got about 60 or so of like still packaged ones that just are pre-made. So we had talked about kind of what to do with those two. Like a buddy of mine and I. We were talking about, you know, maybe buying a bunch of rubber ducks, like little mini rubber ducks, in bulk on Amazon and kind of installing them in there. So it's a little rubber ducky that has the USB coming out of him and then just like hiding them around DEF CON for people to find and see if they plug them in. I don't know. It's all this hardware that I've built and I'm just like I don't really know what to do with this now. I should probably sell it, but I don't know.

Nick Mellem: 23:06

I find it hard to believe that people at DEF CON would pick up a rubber ducky and actually plug it into their machine.

Dennis Pelton: 23:12

Well, so that was the idea was like, if we need the code on it, just execute something that hits a website so we can get a counter of how many people actually plugged it Exactly.

Nick Mellem: 23:21

Because I don't know if you've seen the pictures online or wherever. But people put like a little USB like in the wall right, Like in a brick wall, and they like cement around it. You're supposed to just go up with your computer and just like kind of stand there, like who would actually plug into?

Dennis Pelton: 23:40

this thing, but it's cool idea, I guess. Yeah, oh yeah, I know I remember at airports you see those tables where it's just like a row of usbs for people to plug their laptops into charge, and every time I see it I kind of go look at it and I'm like man, it would be so easy to convert that to be a rubber ducky. But it's like guys, please don't do this. So I don't know. It's the stuff that you learn as you learn how easy it is to make all this stuff.

Eric Brown: 24:08

Did you go to the car hacking village or look at any of that sort of hardware hacking stuff at DEF CON?

Dennis Pelton: 24:15

Yeah, honestly, a lot of my time is usually spent in the hardware hacking village, but the car hacking has a lot of fun stuff there. I feel like I haven't done. I barely scratched the surface basically of the stuff they have there. I feel like they do some really cool stuff there. I'm always done. Even I barely scratched the surface basically of the stuff they have there. But uh, yeah, I don't know. I feel like they do some really cool stuff there. I'm always interested to like stick around and learn a little bit more the voting machine village was pretty cool too.

Eric Brown: 24:38

Where they had the voting machines torn open, you could see the insides.

Dennis Pelton: 24:41

That was neat yeah, yeah, I know it. Every time I see those there, I kind of think to myself I'm like man. I wonder if I can get my hands on one of these, like not from them but, like you know, find one on ebay like they do or whatever

Dennis Pelton: 24:54

it's like I don't want to mess with theirs, but I would love to take one of those apart and be able to actually, you know, really go to town on it, and you know I'd probably break it, but it's like the stuff I'd learn in the in betweenbetween time would be amazing. I bet Absolutely, yeah, like I've heard horror stories about how those things are built and maintained.

Eric Brown: 25:15

Yeah, yeah, I can imagine.

Dennis Pelton: 25:19

But yeah, I'm trying to think if there's any other. Yeah, I don't know. I've got so many projects going on. I recently picked up I recently picked up, it's everything that you need for building a Wi-Fi adapter. So there's, you know, you can possibly see it on there. It's so small but it accepts, you know, basically just the USB inputs. So you know power, ground, and then data in, data out, and then it gives you a antenna port and that's essentially it. So I've been looking into the idea of, like building my own, you know, wireless adapters lately, see if that was something I could do and I got one working. But the problem I've hit now is that a lot of these chips that they make in that type of format are for Windows only and it's like if I'm going to make something, I want it to be usable by anybody. You know, even if it was just like Windows and Linux, that would be better than nothing. But I use Mac at home. So I'm like I want something I can use too.

Eric Brown: 26:22

What frequency is it?

Dennis Pelton: 26:23

on. Let's see here. So they're BGN, I believe, is what they support. Okay, yeah, but like I said, yeah, this one here is the Realtek 8188 chip, but I ordered a couple different chips of them to test them out. Like I said, you know, I got it working, but it's like if it only works for Windows. So actually I think this was one of my yeah, so I made it in the shape of dick, but because it just seemed kind of like a funny thing to do, yeah, so on the back here you can see like I had to kind of Like right now it's got two different capacitors on there going into it, but it seems like it's still just not quite getting enough power at for the boot up on it, sure?

Dennis Pelton: 27:09

so I had to take an external power supply and kind of touch it to it to get it started, and then, once the chip comes on, it's able to run. So I'm like, okay, well, now I've got to figure out how to get this thing a little extra. I'm sorry, how are we going to start? Yeah, so it's kind of one of those situations where I'm like, well, okay, you know someone. So it's kind of one of those situations where I'm like, well, okay, you know someone has solved this problem. I'm sure it's easy to solve. I just need to figure out what it is that I need for it. But I don't know. I feel like I need to find a better chip first. It's more universal for different, for Mac and stuff like that.

Eric Brown: 27:40

Have you done much with the Ponegachis or doing any sort of E-ink screen?

Dennis Pelton: 27:47

So not the Ponegachis, those I would love to play with. That one is definitely on my list of something, and I haven't done the e-ink screens, but I just recently started messing with screens more. So I made that Hackbutt badge last year for DEF CON. It was a bad USB, so I had this idea. I was like it'd be kind of funny to make a hack, but again this year, but for Wi-Fi. So I've got a little screen on this guy here.

Dennis Pelton: 28:13

Oh, he does basically yeah, yeah he does essentially all the same stuff as that Wild West Hackenfest badge. But now you don't have to log into the badge to do it. You still can if you want to. But it's got kind of like various. You know, there's like a packet monitor on here and things like that.

Dennis Pelton: 28:29

It's all the SpaceHoon's ESP8266 deauthor package, oh yeah, and then I added a couple little modifications onto it and so I've just started kind of messing with screens a little bit. I've been working with Blue Team Village. I might be doing their badge this year Sweet, doing their badge this year, sweet. So if I end up doing theirs, um, the idea that I have if I can make it work is going to be kind of a dual screen type thing. So again, it's all like if I can make it happen, especially like within the time limit and stuff like that. But uh yeah, I haven't done the inc ones yet. I've got a couple friends who work with them and they absolutely love them but yeah so we're gonna have to come find you this year at defcon.

Eric Brown: 29:12

Get one of those badges.

Dennis Pelton: 29:13

That's cool, yeah yeah, I should have a number of different things there at defcon, so I should be pretty easy to find.

Eric Brown: 29:20

I don't know, I guess, what's your like? What?

Dennis Pelton: 29:23

is it 30 000 people?

Eric Brown: 29:26

there. What's your price range on those around 100?

Dennis Pelton: 29:30

you know, I don't even know yet if we do these ones, I mean, it'll definitely be less than 100, but um, I always try to price my badges pretty much as low as I can get them like to reasonably be. So something like this I think the uh, I think the total bomb on this was around like 25 bucks, so it'll probably be like 40 oh sure I don't know um. Yeah, it's very reasonable yeah, you know, for me it's, it's like I don't have any too reasonable.

Dennis Pelton: 29:56

yeah, well, and that's why I'm like you know, what can I reasonably do? Because I I don't usually make a lot of money off the badges I do. In fact, a lot of the badges that I make I usually just end up giving away for free anyway, because for me it's more of the, the hobby, the fun of it, and it's like so the ones I do charge for they pretty much just cover the cost of all the ones I give away. Like I would love to make a business out of it someday, but that's kind of out in the future, I guess.

Eric Brown: 30:23

Do people have a way of reordering the badge from you?

Dennis Pelton: 30:28

So last year I didn't do anything like that because I really wanted to be able to actually meet the people and chat with them and things like that. But last year a lot of my DEF CON was just spent delivering badges and chatting with people about badges and I didn't get to do much. So this year I would really like to do that. I haven't set up anything for it yet. It'll probably be on tindy. Um, I've got a buddy who's trying to start up a kind of a badge life shop specifically for, like defcon badges and things like that. So if he ends up getting that up in time, I'll definitely be selling one there. But I need to kind of figure that side of it out.

Eric Brown: 31:07

Sure, that's cool. Do we have anything else? We were going to ask Dennis Nick.

Nick Mellem: 31:12

Well, I think that pretty much covers it, unless Dennis. Is there anything else cool that you, anything that's interesting to you, anything you'd like to jump into?

Dennis Pelton: 31:21

I don't know. I'm trying to think if there's any other badges I'm working on right now or weird electronics I'm trying to build.

Eric Brown: 31:31

Or are you a coffee guy, a bourbon guy like do you have any vices like that, oh man both.

Dennis Pelton: 31:38

Honestly, like beer is usually my big thing. I've got a huge collection of like stouts and stuff down here. Oh, mate, age for you know, as long as I can before I finally give up and say it's time to crack it open.

Nick Mellem: 31:51

You don't brew on your own at all. I take it.

Dennis Pelton: 31:53

No, I tried it for a bit and I realized you know, these other people make them so much better and it would take years to get to that level and I'm like I just it's not Let them do it. Yeah, you know.

Nick Mellem: 32:07

That's how we feel. With your badges, we're already doing it, so good, let's let him do it.

Dennis Pelton: 32:13

It's a fun hobby though.

Eric Brown: 32:14

It's worth getting into. Where's your favorite place to go for beer? Have you been to a particular part of the country that you think is pretty good?

Dennis Pelton: 32:24

Man, that's a tough question, I mean. So we've got actually there's a local beer shop here called tipples and they, uh, their selection is just constantly changing and it's amazing. So, like for me, I usually just go down there and hang out with them for a bit and they know my tastes at this point still, you know, yeah, they're right. Yeah, so you know, like my wife calls it. Uh, everyone knows you in there everyone knows your names.

Nick Mellem: 32:51

You're like norm, yeah, yeah, exactly. Oh, there's a bunch of us. Yeah, that's fun, but yeah, yeah, I don't. There's nothing else from me, scott, I don't know if you have anything, but uh, I had a list of things and we already breezed through it.

Eric Brown: 33:07

Awesome well, dennis, we'll look for you at uh defcon. I guess we'll be first before wild west, but wild west uh as well and uh definitely want to meet up and have a beer at defcon oh, hell, yeah, I'd love to dennis, if you can let all the listeners know where they can find you?

Nick Mellem: 33:27

Is there a Twitter? Is your where you hang out or LinkedIn?

Dennis Pelton: 33:32

Yeah, so I'm on Twitter and I'm on Mastodon.

Nick Mellem: 33:36

Okay.

Dennis Pelton: 33:37

It's cold brew on both of them, but it's C0LDBRU and I'm on InfoSec Exchange for Mastodon.

Eric Brown: 33:49

Well, Dennis, thanks a lot for your time today Always cool hanging out with you.

Dennis Pelton: 33:53

Learned a lot of things, thanks for having me.

Eric Brown: 33:54

Jim Want security leadership without the headcount. As an extension of the team, it Audit Labs will provide the experts to guide and counsel your company. We will start by creating a custom security program that caters to your industry while providing transparency and remediation to improve cyber posture while reducing risk. Contact IT Autolabs to find out more.