Hackers Plan Global Game of Capture the Flag
Results 1 to 4 of 4

Thread: Hackers Plan Global Game of Capture the Flag

  1. #1
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,024

    Hackers Plan Global Game of Capture the Flag

    Source: CNET

    LAS VEGAS--If everything goes as planned, for 72 hours next February hackers from all over the United States will hit targets across the Internet in the largest mass attack to date.

    But the affected systems won't be corporate Web servers or networks, they'll be computers set up and maintained by other hackers as part of a capture-the-flag game. When the digital dust clears, the team from either the East Coast or the West Coast will be named winner.

    "We have people take over someone's box and play the game from there," said "D.D.," a member of the Seattle-based security group Ghetto Hackers, which kicked off a smaller version of the game, Root Fu, at the Defcon hacking convention here on Friday. "In terms of our machines, we are pretty confident that we can contain it." The Ghetto Hackers have run the smaller capture-the-flag-type game, where eight teams hack each other on a closed network, for three years at the convention.

    Next year, the group of hacking hobbyists hopes to take the game global. Dubbed Mega Root Fu, the new game will be the first large-scale hacking contest played over the public Internet. The group is allowing teams throughout the United States to sign up at its Web site and hopes to have a thousand players come February.

    Getting the teams on board will likely be the easy part, especially with the group advertising the contest at the nation's largest hacking convention. Preventing the game from spilling over to the Internet may not be as simple. The Ghetto Hackers plan to create a network separate from, but running on, the Internet, using routing and encryption technology known as a virtual private network, or VPN.

    The prospect of mass attacks by hackers, surprisingly, does not worry security experts much at all.

    "It will pretty likely be contained," said Bruce Schneier, a well-known computer security expert and founder of network-monitoring service Counterpane Internet Security. "Sure, it's possible that some stuff will get out, but people are not going to be doing large-scale, uncontrollable attacks, like worms or viruses."

    In fact, the contest could help security experts learn more about online attackers' techniques and how to defend against them.

    Last year, the University of California at Berkeley teamed up with the Information Sciences Institute at the University of Southern California and the ISI's sister institute in Virginia to start work on a large, 1,000-node network that modeled the Internet. Called the Cyber Defense Technology Research (DETER) network, the initiative will let researchers study online attacks and defenses and reset the network to a clean state easily.

    "It's a pretty interesting experiment that they are trying," said Doug Tygar, professor of computer science and information management at the University of California at Berkeley and a principal researcher on the DETER Project. "I hope they are very careful about containment and being ethical."

    Tygar added that though the contest could be an interesting learning experience, it would likely not be very valuable to academicians.

    "We are interested in repeatable scientific experiments of what will happen on the Internet," he said. "What they are doing is interesting, but I'm not sure how controlled it will be."

    Legally, the contest will be in a gray area, said Jennifer Granick, clinical director of Stanford University's Center for Internet Law and Society. If a virulent attack escaped the virtual private network and caused damage, it could be grounds for a lawsuit.

    "Theoretically, it is possible that you would be legally negligent," Granick said.

    The pursuit of the larger project may mark the evolution of the Ghetto Hackers capture-the-flag contest away from Def Con. The current eight-team format does not allow more amateur hackers to play, said Jeff Moss, the conference's founder and organizer.

    "This is the longest that we have had one group do the capture-the-flag event," he said. "It used to be that any of the attendees could walk up and play."

    The contests have also garnered support from nonhackers, who see it as a good outlet and not as a threat.

    "I think it is very hard to shut this type of activity down, and I don't think that would be
    desirable at all," Berkeley's Tygar said.
    If they do it next year maybe AO should make a couple teams... That would be pretty cool. Anyone here ever been to Defcon? I know a couple guys who are there right now.
    [H]ard|OCP <--Best hardware/gaming news out there--|
    pwned.nl <--Gamers will love this one --|
    Light a man a fire and you\'ll keep him warm for a day, Light a man ON fire and you\'ll keep him warm the rest of his life.
    Share on Google+

  2. #2
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,840
    Share on Google+

  3. #3
    Senior Member
    Join Date
    Jun 2004
    Posts
    184
    Yea my best friend is there right now in vegas at Defcon... he has an AO account to he would certainly be interested!
    Share on Google+

  4. #4
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,024
    Damnit. I keep posting stuff that's already been posted. GRRR. *smacks self*
    [H]ard|OCP <--Best hardware/gaming news out there--|
    pwned.nl <--Gamers will love this one --|
    Light a man a fire and you\'ll keep him warm for a day, Light a man ON fire and you\'ll keep him warm the rest of his life.
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •