Search Mailing List Archives
Bernard Tyers - ei8fdb
ei8fdb at ei8fdb.org
Tue Sep 10 03:44:39 PDT 2013
This sounds a nice idea.
There was a similar idea (in its early stages) presented at SOUPS 2013 (Symposium on Usable Privacy and Security) earlier this year. 
It was called "Device Dash: An Educational Computer Security Game" presented by Era Vuksani. Unfortunately the Era's thesis is not available just yet (May 18th). 
The game was built around the player being a sysadmin in charge of a network. As the sysadmin managed the network, more devices (authorised and unauthorised) were added, and the admin had to react. As the user advanced s/he had access to better tools (firewalls, switches, IDS devices) to better manage the network.
It looked fun and educational.
All the best,
On 10 Sep 2013, at 10:51, Dan O'Huiginn <daniel at ohuiginn.net> wrote:
> I like this concept. I'd particularly love a more basic version of this,
> perhaps using openbadges to reward people who make it through a
> game-cum-course that lets them use security-related tools.
> A perennial problem in security education is getting people enough
> practical experience. That's particularly true of communication tools --
> you need to pair people up to practice communication, which can be hard
> to arrange outside of face-to-face meetings.
> A game would be a great way of dealing with this. I'm thinking of
> something aimed at the fundamentals -- such as:
> - talk with this bot using OTR
> - read a clue that has been GPG encrypted with your public key
> - get some info out of a truecrypt volume
> - access a tor hidden service
> - send some text via a signed, encrypted mail
> [I'll add this to my list of "projects for a rainy weekend", and
> meanwhile wait to see whether Cryptogeddon is anything close to it]
> On 10/09/13 02:37, Scott Elcomb wrote:
>> Just stumbled across this post and thought it might be of interest to
>> some on the list.
>> "In a nutshell, Cryptogeddon is an online cyber security war game. The
>> game consists of various missions, each of which challenges the
>> participant to apply infosec tools to solve technology puzzles – an
>> online scavenger hunt, if you will. Each mission comes with a solution
>> that teaches the participant which tools to use and how to apply the
>> tools to solve the mission."
>> Further on the article describes the tools one may need to use,
>> including but not limited to:
>> * TrueCrypt
>> * Metasploit & Kali
>> * Nessus
>> * Amazon Web Services
>> * w3af
>> * Linux, Windows, OS X
>> * Apache, IIS
>> * GitHub
>> * VirtualBox
>> * Sysinternals
> Dan O'Huiginn
> Organized Crime and Corruption Reporting Project
> daniel at ohuiginn.net
> http://ohuiginn.net @danohu
> phone: +387 33 560 066.
> Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.
Bernard / bluboxthief / ei8fdb
IO91XM / www.ei8fdb.org
More information about the liberationtech