Orientation
Welcome to Wild West Hackin’ Fest 2024 bounty hunter! The purpose of this orientation is to ensure that you have the tools you need to successfully capture resistance outlaws.
Ident Card Details
The first thing you need to ensure is that you have your Ident Card with you at all times during the conference. An example Ident Card is shown below.
The Ident Card is required to collect bounties during the conference. It also serves as an asynchronous communication platform to allow the Wild West Hackin’ Fest staff to make announcements during the event.
Let’s go over the features of the Ident Card before we dive into the details of bounty hunter rules of engagement. On the lower edge of the device, you will find a USB-C port and a switch.
The USB-C port is used to charge the battery pack for the device. A full charge lasts roughly 12 hours. So, when you are not at the conference, make sure that you charge your Ident Card so that you don’t miss out on bounty announcements or critical communication from the staff.
The Switch is used to control power to the device. When you don’t need to use the Ident Card, the power can be switched off to extend battery life.
A Radio Frequency Identification (RFID) tag is affixed to the lower left corner of the Ident Card.
This tag is used to track your activity in the Alliance of Central Planets bounty hunter database. If the RFID tag is lost or damaged, you will be unable to accrue bounty credits. Please do not attempt to write to the tag, as it is likely to render it unreadable.
An Ident Card overall status LED is found on the lower right corner of the design.
The status LED identifies the status of the Ident Card services through the color of light emitted by the device. Similar information is displayed on the Ident Card display, as described below. The status information represented by the LED is as follows:
-
Disconnected - When the Ident Card is disconnected from its supporting network infrastructure, the LED will glow RED.
-
Wireless Connecting - When the Iden Card has detected the wireless network and is attempting to connect, the LED will glow BLUE.
-
Network Connecting - Once connected to the wirless network, the Ident Card will attempt to connect to the Badge Network supporting resources. While attempting to connect, the LED will glow WHITE.
-
Firmware Update - New features and updates may be pushed out during the conference using an Over The Air (OTA) update. When this occurs, the LED will glow PURPLE.
-
Broadcast - During the conference, important messages may be sent to attendees. When such a message is being received, the LED will glow TEAL
-
Connected - During normal operation, when none of the above conditions are observed, the LED will glow GREEN.
Bounty status LEDs are found on the upper left and right sides of the Ident Card. As you collect bounties during the conference, the LEDs will illuminate in accordance with your activity and status.
Keep an eye on the status LEDs, as they’ve been known to exhibit interesting behavior.
A Liquid Crystal Display (LCD) is mounted in the top center position of the Ident Card.
The LCD is used to display incoming messages from Alliance authorities, status of available bounties, and to allow you to monitor the status of your Ident Card hardware.
The image below shows the bounty status page identifying the number of bounties successfully captured in each category.
The detailed hardware status page displays information about critical aspects of the Ident Card. The output includes:
-
Bounty Hunter Name – This randomly generated pseudo identity is used, along with the RFID tag, to track credits collected using your Ident Card. We value the security of our bounty hunters, so there is no option to change your pseudo identity to something more specific.
-
Wireless Signal Strength – In order to receive messages from the Alliance authorities, your Ident Card must be connected for remote communication. We have deployed a purpose-built network to support bounty hunter operations.
-
Badge Network Status – Updates to the bounty status indicators on your Ident Card are propagated from the Alliance of Central Planets bounty hunter database. If you have no wireless or badge network connectivity, then updates to your local status will not be possible.
-
Battery Indicator – As previously mentioned, successful communication from the Alliance authorities relies on your Ident Card being powered on. Use the battery indicator to determine when your Ident Card should be charged for proper operation.
-
Firmware Version – The Ident Card is capable of performing Over-The-Air (OTA) firmware updates. If you believe that the device is malfunctioning, check for a firmware mismatch on the Bounty Leader Board page.
-
Hardware Address – This is the Layer 2 address used to communicate with the services associated with the Alliance network.
-
Bounty Count – This is a summary count of successfully collected bounties.
An example of the detailed status page is shown below.
Finally, two momentary push buttons can be found just above the RFID tag and status LED.
The push buttons are used to transition between the pages present on the LCD display.
Ident Card Categories
Ident Cards are not just issued to bounty hunters. The following Ident Card categories, organized by Ident Card color, will help you identify individuals that may be of specific interest during the conference.
-
BHIS Staff – Ident Cards associated with these individuals will be RED.
-
Vendors - Ident Cards associated with these individuals will be PURPLE.
-
Speakers - Ident Cards associated with these individuals will be GREEN.
-
Volunteers – Ident Cards associated with these individuals will be BLUE.
-
Attendees (Bounty Hunters) - Ident Cards associated with these individuals will be WHITE.
If at any time you need assistance during the conference, please look for anyone with a
BLUE or
RED Ident Card to get help.
Collecting Bounties
A finite number of bounties will be available during the conference. You must compete with your fellow bounty hunters to collect bounties and accrue Alliance credits. The individual with the most credits will be crowned the champion of the bounty competition.
Bounty modules are used to report successful collection of a bounty to the Alliance of Central Planets bounty hunter database. Collecting a bounty is as simple as presenting the RFID tag affixed to your Ident Card to the RFID reader on the bounty module.
The following bounty categories will apply during the conference:
-
Vendor (25 total bounties) – Bounty hunters should aspire to visit each of the vendor booths during the conference to collect the bounty associated with that specific vendor.
-
Staff (2 total bounties) – Black Hills Information Security (BHIS) staff members may be carrying bounty modules at times. Engage with the BHIS staff to attempt to collect the associated bounty credits.
-
Track (4 total bounties) – The conference has multiple tracks. At select times, the emcees for the individual tracks will be carrying bounty modules. Engage with those personnel (before or after the associated talk) to collect the associated bounty.
-
Event (5 total bounties) – The conference also includes many after-hours special events. Participate in the after-hours event to accrue bounty credits associated with the given event.
-
Badge (4 total bounties) – The Ident Card itself holds several secrets. Uncover those secrets to collect the bounty associated with the given challenge.
Adding up the bounties in each category yields a total of 40 available bounties during the conference. The different bounties are assigned varying credit values based on their perceived difficulty. As mentioned above, the bounty hunter with the greatest credit total wins. In the event of a tie, the bounty hunter to achieve the credit value first wins. All collected bounties are timestamped upon receipt.
Rules of Engagement
All Ident Card infrastructure is in-scope for analysis. However, certain attacks will most certainly cause disruption in system availability. As a result, please refrain from the following attacks:
-
Denial of service attacks against wireless infrastructure.
-
Resource exhaustion attacks against Ident Card infrastructure.
Good luck out there!!