The good neighbour @travisgoodspeed was generous enough to offer free GoodFET boards to hackerspaces and the like. For the local OWASP chapter I asked if we could have some – the result can be inspected in a previous post. So now I had 12 GoodFET boards on my hands and it wasn’t what I expected at all. First of all I thought they were going to be fully populated, functional and ready to be used – these were only the PCBs. Secondly I thought we were going to get one board.
This presented me with two interesting problems, first of all I needed to acquire a lot of components and secondly I needed a crew that could put the GoodFETs to good use. The first problem was easy to overcome, me and som friends recently assembled a couple of Ubertooths so I knew how and where to place an order. The second problem had a pretty obvious solution as well; a OWASP hardware hacking introduction course, where the participants would build their own GoodFETs and learn how to solder SMBs. With three instructors, there was only 9 seats in the course and they were gone within 24 hrs. A video from the event is available at OWASP Göteborgs YouTube-channel.
Out of 12 kits, 1 was pre-built (one of the instructors got carried away) and 11 was to be built during the course. The result was pretty OK; 1 kit died early in the evening – that is what happens when you give a soldering iron to a PHP-developer and pentester. 7 kits were fully functional and the remaining three was in different states of “close, but not enough”. One of them is a mystery; I supervised the entire build and it was perfect – a lot better than my board. The participant was meticulous in his preparations and the soldering was outstanding. But the board just didn’t want to cooperate.
Anyway – we hade a great evening and learned a lot all thanks to Travis. We have two follow up sessions planned; another session with the same approach so that more people will be able to solder their own boards and then a session where we put the GoodFET to good use – I am a little interested in getting my hands on a fairly modern wireless home alarm. But that is probably a much to complex target for a training course. Probably it’s better to aim for a target where work has already been done and tools are available.