[cp-global] The Cryptogeddon Game

Moritz moritz at headstrong.de
Tue Sep 10 10:14:05 GMT 2013

-------- Original Message --------
Subject: Re: [liberationtech] Cryptogeddon
Date: Tue, 10 Sep 2013 11:51:02 +0200
From: Dan O'Huiginn <daniel at ohuiginn.net>
Reply-To: liberationtech <liberationtech at lists.stanford.edu>
To: liberationtech <liberationtech at lists.stanford.edu>

I like this concept. I'd particularly love a more basic version of this,
perhaps using openbadges to reward people who make it through a
game-cum-course that lets them use security-related tools.

A perennial problem in security education is getting people enough
practical experience. That's particularly true of communication tools --
you need to pair people up to practice communication, which can be hard
to arrange outside of face-to-face meetings.

A game would be a great way of dealing with this. I'm thinking of
something aimed at the fundamentals -- such as:

 - talk with this bot using OTR
 - read a clue that has been GPG encrypted with your public key
 - get some info out of a truecrypt volume
 - access a tor hidden service
 - send some text via a signed, encrypted mail

[I'll add this to my list of "projects for a rainy weekend", and
meanwhile wait to see whether Cryptogeddon is anything close to it]


On 10/09/13 02:37, Scott Elcomb wrote:
> Just stumbled across this post and thought it might be of interest to
> some on the list.
> "In a nutshell, Cryptogeddon is an online cyber security war game. The
> game consists of various missions, each of which challenges the
> participant to apply infosec tools to solve technology puzzles – an
> online scavenger hunt, if you will. Each mission comes with a solution
> that teaches the participant which tools to use and how to apply the
> tools to solve the mission."
> Further on the article describes the tools one may need to use,
> including but not limited to:
> * TrueCrypt
> * Metasploit & Kali
> * Nessus
> * Amazon Web Services
> * w3af
> * Linux, Windows, OS X
> * Apache, IIS
> * GitHub
> * VirtualBox
> * Sysinternals
> <http://www.softwarehamilton.com/2013/09/06/cryptogeddon-coming-soon/>

Dan O'Huiginn
Organized Crime and Corruption Reporting Project

daniel at ohuiginn.net
http://ohuiginn.net @danohu
phone: +387 33 560 066.
Liberationtech is a public list whose archives are searchable on Google.
Violations of list guidelines will get you moderated:
Unsubscribe, change to digest, or change password by emailing moderator
at companys at stanford.edu.

More information about the global mailing list