If I'm understanding correctly, you're proposing to setup a system, at it's hardened state, and upon arrival all attendees are made aware of the access particulars and details of said system, and then encouraged to assail it? If so, this sounds great... kind of like "CommunityCrowdSourcing", for fun.
I'll note, the one thing that makes the CTF at DEFCON enjoyable for most observers, is the graphical displays. It's noticeably gotten more and more video game-ish over the years and seems to draw in the non-technical; as they can now follow play easier. How would you propose having something of this same nature? -Ed On 11/19/2018 06:29 AM, Dave Aitel wrote: So at CSAW a couple weeks ago there was a CTF, and like most conferences, it worked out well. I mean part of it is Vector35 doing their magic and a set of players who had both skills and focus. (Vector35 will be back with a bigger class at INFILTRATE this year!) Anyways, I both love and hate CTFs and security conferences. At DEFCON I find they're the only thing I really watch. But for most conferences I feel like the people who should MOST be watching the talks and "networking" are instead playing a CTF, which frankly they could do anywhere over the internet? I mean, the GRIMM CTF at INFILTRATE (which is ICS focused) has lights and action happening, which is cool. Anyways, one thing that's different about INFILTRATE is most people do not bring laptops of any kind. So when we do the NOP test or when we have CTFs available, then we supply a burner laptop. My idea of the weekend was not to have a CTF, but to just have a THING which people banged on collectively. Patched up Solaris 8, maybe, or a metal detector. Something a bit less formal, perhaps. What do you think? -dave _______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
