Feb 092009
 

SHMOO!

ShmooCon is an information security conference held in Washington DC, this past weekend. About 1300 people attended talks ranging from DIY UAV design to disk recovery methodology. It was an intensely fun time. HACDC the local DC hackerspace and close friends of NYCResistor hosted a pretty amazing party inside of a church down there. I remember grabbing rubens with Nick Farr and company at around 6 am the following morning, and thinking… goddamn I am glad I came. However, as of Friday around 1 pm I had still not left NYC. I was working and being a generally busy person. But I got a call from an unnamed person whom we will for the sake of time refer to as “Deep Throat”. Several hackerspace members had arrived at Shmoo to discover that this year’s badges were in fact made of acryllic.

Thanks to a collaborative effort among NYCResistor members and other hackerspace members on the ground, by the time I was ready to leave at 7:30 pm, we had reproduced an exact replica of the shmoo badge.
We were provided images and scaling of the badges by Far McKon, and Nick Farr. However, we didn’t stop there… No, thanks to Bre and Eric skiff we had a massive bubble gum pink flava flav badge, 6 black badges ( turns out these were legitimate badge colors for Shmoo staff – oops! ) and, one regular sized bubble gum pink badge, with a unicorn in place of the moose logo ( my unicorn is now on it’s way to canadia to fight real moose for supremacy with the hacklab.to folks ). I’ve included some photos of the making of the massive pink badge. I believe the badge was ultimately sold at auction for a good cause. But before that, we managed to enter through security with both the massive flava flav badge and the unicorn badge. All black badges due to the dangerous nature of their deployment were kept in the hands of trustworthy and responsible individuals who would never do anything that would even remotely be considered morally dubious. In short, not me.

Anyways, that’s how we hacked ShmooCon. And, while it was all in good fun, shmoo organizers did admit that next year they’d be making sure to use at least 2 different fabrication systems for the badges so as to increase the complexity of this sort of attack.

Thanks to all involved in this hack, ShmooCon, and last but not least HACDC for their hospitality.

 Posted by at 1:05 am
  • http://www.0x1.net/~cjp cjp

    epic win, better than any scheduled “hacking contest” :)

  • Kat Veach

    I was so glad to find this article. I am now the proud owner of the massive, bubble gum pink badge that you created. Mine was the winning bid at Johnny Long’s silent auction for “i hack charities”.

    The coolness factor of my pretty pink acquisition has just risen exponentially!

  • http://glitchnyc.com Eric Skiff

    My favorite was the unicorn badge, but the giant “flava flav” one was pretty remarkable as well. Wish I could have been there to see people’s reactions!

  • http://absentelements.blogspot.com nicolle

    those were awesome. i didn’t see the black badges [or, at least, didn't see them closely enough to discern them from normal staff badges], but the flavor flav one and the unicorn one were both badass.

    i bid on the huge one, but got mercilessly outbid. :( sigh.

  • SkyDog

    Drat! I got outbid on the flava badge, and it went to over a hundred bucks. Ironically, Far took pics of my staff badge friday morning, and I wondered if they would be used to hack it. He said that he was getting the barcode/morse off it, but I knew something was up when he put a dollar bill next to it. :)

  • http://robvincent.net Rob T Firefly

    Flav wishes he were pimpin’ as much as you.

  • Kat Veach

    Don’t worry. I’ve given the Flava badge a good home.
    ;-)

  • http://TheHacktory.org FarMcKon

    Yeah SkyDog, I was 1/2 expecting you to take you badge back when I started shooting pictures of it.

    I had to borrow a non-minion (generic attendee) badge, because those were clear, and the clear badges didn’t show up very well.

  • Pingback: Rob’s blog of posts » New Shmoo Revue

  • http://www.i-hacked.com surbo

    Nice work guys it reminds me of um Defcon 14?? Getting old cant recall but here is the link
    http://www.i-hacked.com/content/view/233/2/

  • Pingback: | How We Hacked Shmoocon / Or……

  • Pingback: Radiant Machines » Blog Archive » Counterfeit Your Neighborcon Badge