This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
Content-Type: TEXT/PLAIN; charset=UTF-8
By Doug Mohney
05 August 2006
ORGANISING contests has become the latest thing for US government
projects, judging from the last information pouring out from Las Vegas
at BlackHat and DEFCON.
BlackHat is described as a "security conference", and seems to be
qualified as such because people register under their own identities
and typically use a credit card or purchase order to pay large sums of
money for a couple of days of training. DEFCON is a "hacker's event"
where people aren't required to do anything other than shell out $100
and not light the aging conference venue (The Riviera Hotel) on fire
with some stupid stunt.
At BlackHat, the Department of Defense Cyber Crime Institute had a
tabletop display pumping the DC3 Digital Forensics Challenge, here .
The challenge invites the digital forensics community to "pioneer new
investigative tools, techniques and methodologies." Each participant
or team will receive several challenges dealing with the extraction or
recovery of data, including such fun sports as steganography, password
cracking, image analysis, media repair and recovery, data carving, and
Participants must be US citizens, living within the continental US to
participate, a fact that will likely annoy anyone in Alaska or Hawaii.
Teams may consist of no more than four members and individuals may
only participate on one team. Scoring of the challenges will be based
on the number of challenges completed and the time taken to complete
the challenge(s). The winning team will be awarded an all-expense-paid
trip to the 2007 Defense Cyber crime Conference in St. Louis Missouri
and a plaque and a pat on the back at the conference. It's a bit of a
cheap award considering they've got a reward of $25 million on info
leading to Bin Laden.
Over at DEFCON, results for the National Collegiate Cyber Defense
Competition (CCDC) were being reported. Five colleges participated,
including Millersville University, Southern Illinois University,
University of North Carolina - Charlotte, and University of Texas, San
Antonio, plus a team from one of the U.S. military academies.
UNC-Charlotte won the contest, which consisted of a team "inheriting"
an operational small LAN with lots of business applications. Teams had
to keep the network running while finding the "holes" in it and
patching them before a private industry "Red Team" takes them down. To
keep things interesting, various "business injects" - that is what the
boss wants done yesterday - such as password/user ID updates and new
applications are also thrown into the mix. Since the sponsoring
organisation, the San Antonio-based Center for Information Assurance
and Security (CIAS), is a grant-based organisation, it receives some
support from the Department of Homeland Security. Like most
grant-based organisations, that's barely enough to pay the bills, so
further support for the CCDC had to come from private industry in the
form of hardware, software, or cash. Among the non-geek sponsors were
Pepsi, Kentucky Fried Chicken and Taco Bell. =C2=B5
Content-Type: text/plain; charset="us-ascii"
Visit the InfoSec News store!