NoNameBadge 2020: monitors air quality around you
8 August 2020
Our last year’s badge for NoNameCon received surprisingly positive feedback from conference visitors. A whole fan community emerged around it that has since created numerous projects using badge hardware. Now that we have a certain level of expectations set let’s dive deep into implementation 😎
This year, the concept of the badge has changed a bit. We decided not to use ready-made dev boards, but to develop the entire board from scratch.
This increased the cost of the badge by about 50 percent. On the other hand, after receiving the batch from the Chinese PCB warehouse, the only thing we need to do is flash the firmware. Say goodbye to heroic volunteer suffering and hurting fingers from soldering for numerous hours.
Red & black
The development was done in two iterations. There’s nothing special to be described: slightly simplified the battery supply scheme, added power protection, and a killswitch. Everything else turned out to be working in both versions.
The badge was designed for a specific functionality - air quality monitoring, which includes temperature, humidity, pressure, and indoor air quality indicator (IAQ), which use volatile organic compounds (VOCs) measurements as well.
VOCs are organic chemicals that have a high vapor pressure under normal conditions - this allows them to be present in the air in significant concentrations. VOCs include a wide range of organic compounds such as hydrocarbons, aldehydes, alcohols, ketones, terpenoids, and others.
This functionality is optional, available only to those who have purchased NoNameBadge Supporter Ticket. Everybody else will be able to buy additional components (available in numerous hardware stores) and solder them by themselves.
What does NoNameBadge Supporter Ticket include?
- BME680 environmental sensor
- 2 OLED screens
- 2 joysticks
- 18650 battery holder and power switch
- USB Type-C cable for connecting the badge to the power supply or computer
- our gratitude for the development support (a tiny surprise)
- keyring with logo from the badge visor
Kidding :) We’ll keep the logo keyrings.
Badge firmware automatically detects the presence of sensors and displays. The display will show Temperature (C), Humidity (%), Pressure (hPa), and IAR (index). LEDs on the badge work in a “traffic lights” style to give an understanding of whether everything is good, not so much, or very bad :)
Do you see yellow? - ventilate the room 😝 Do you see red? - time to take out the garbage 😁
Optionally, you can take our firmware and modify it to work with your own server via HTTP or MQTT.
⚠️⚡ The 18650 battery terminals together with the metal lid of your laptop can relatively easily create an unforgettable experience of observing the electric welding process. ⚡⚠️
⚠️⚡ CAUTION! DO NOT SHORT CIRCUIT THE BATTERY! ⚡⚠️
Or do that, film it, get burnt and earn millions of views on social networks ¯\(ツ)/¯
The basic version contains touchpads for RGB LEDs control, a couple of regular LEDs, and a minimal set of components for power and programming ESP32 via USB Type-C. The firmware contains CTF tasks that start after establishing a connection to the badge via minicom / miniterm / putty / screen or similar serial terminal utilities.
For further firmware modifications and badge upgrades, we provide the source code of the public part of the firmware (without CTF) and the schematic of the badge hardware.
Bonus: there’s a footprint for soldering CAN bus module and a terminal block. We have an internal joke that whatever we do turns into CAN bus reverse engineering 🤨
Capture the Flag
This section will be updated after the start of the conference. So far it is known that there will be 6-7 tasks related to cybersecurity of embedded systems. Some of the tasks are re-done due to COVID-19 epidemic, social distancing rules, and the absence of the offline part of the conference.
It is well known that all tasks are based on real vulnerabilities that we have encountered during our research and product development. Among them were industrial machines, network equipment, elements of the “smart home”, and some automotive products.
Last year we saw interesting approaches and problem-solving techniques. We hope that someone will be able to complete the 2020 set of tasks in the given time. The tasks are difficult but possible to solve. Some solutions have been tested for 3-4 months :) This is a period of time over which you forget the details and write the exploit from scratch rather than remember the nuances of implementation.
Special thanks to those who agreed to test the complexity of the tasks, sacrificing the pleasure of surprise and the spirit of competition!
Here we will post links to additional materials: diagrams, code, instructions, etc.
These are the guys you wanna punch in case your badge is faulty: