Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×

Comment resources (Score 5, Informative) 102

by numatrix (#48109497) Attached to: Ask Slashdot: Capture the Flag Training

(for some reason the first time I loaded this page there were no comments, so some of this is duplicate)

Excellent! Very glad to hear it. There are a /ton/ of helpful resources out there for you. Here's a brain-dump of some of the most popular:

* CTFTime : http://ctftime.org/ : Website that tracks team scores, upcoming events, and writeups for previous events.
* CapTF : http://captf.com/ : My CTF dump-site that includes a calendar, links to "practice" sites (aka Wargames), and many years worth of CTF events archived
* Field Guide : http://trailofbits.github.io/c... : Specifically covering the skills / approaches, the field guide is a good read for anyone getting into this world.
* Guide for Running a CTF : https://github.com/pwning/docs... : Written by PPP (CMU's ever-dominant CTF team) along with feedback from the broader CTF community, this guide is more relevant when making a CTF, but can aid in understanding how the good CTFs are designed.
* PicoCTF : https://picoctf.com/ : PicoCTF is designed for high school students, but had an awesome difficulty curve, getting up to some relatively advanced challenges by the end of it. It's also extremely well designed, runs for a longer period of time and is a
* CSAW : https://ctf.isis.poly.edu/ : One of the best events targeted specifically at College students, unfortunately the qualifier round just finished, and the participants already selected for the final round, but you can always check out the archives of previous challenges to get a feel for the difficulty. Note that the qualifier event is typically intended to be much easier than the in-person finals to better encourage new students to get into the sport.
* IRC : irc.freenode.net#pwning : There's a lively and active community in #pwning on freenode that would be happy to help you with questions/advice related to CTFs.
* YouTube : There's a couple of different presentations/talks on CTFs over the years. If your'e interested in learning more about attack-defense CTFs and in-particular DEF CON CTF, I gave an old talk that's mostly still relevant (https://www.youtube.com/watch?v=okPWY0FeUoU), though I'd recommend you not focus on A/D at first, but just get into the regular challenge based or jeopardy boards as they're sometimes called.

The best way to prepare for CTF is by... playing CTFs. There's no real magic formula, just go out there and start working on challenges. Old CTFs are great as learning exercises since you can usually cheat and read a writeup, but avoid the temptation as much as possible. If stuck, go off and try another problem first, and only if you're /really/ stuck should you check out a writeup.

Comment Re:"What were you thinking?" (Score 5, Informative) 628

by mattbelcher (#39770111) Attached to: University of Florida Eliminates Computer Science Department
This might have been true in the past but it isn't true of the current CS department. Since UF was designated a "Research 1" university, the CISE department has made huge strides to increase its research competitiveness. They have won 12 NSF CAREER awards for young faculty, received 11 best paper awards at major conferences in the last 5 years, and have quintupled their external research grant funding.

Submission + - University of Florida Eliminates Computer Science Department (forbes.com) 2

Submitted by DustyShadow
DustyShadow writes: The University of Florida announced this past week that it was dropping its computer science department, which will allow it to save about $1.7 million. The school is eliminating all funding for teaching assistants in computer science, cutting the graduate and research programs entirely, and moving the tattered remnants into other departments. Students at UF have already organized protests, and have created a website dedicated to saving the CS department. Several distinguished computer scientists have written to the president of UF to express their concerns, in very blunt terms. Prof. Zvi Galil, Dean of Computing at Georgia Tech, is “amazed, shocked, and angered.” Prof. S.N. Maheshwari, former Dean of Engineering at IIT Delhi, calls this move “outrageously wrong.” Computer scientist Carl de Boor, a member of the National Academy of Sciences and winner of the 2003 National Medal of Science, asked the UF president “What were you thinking?”
Privacy

Facebook's New Terms of Service 426

Posted by CmdrTaco from the are-we-really-worried-about-this dept.
An anonymous reader writes "Chris Walters writes about Facebook's new terms of service. 'Facebook's terms of service (TOS) used to say that when you closed an account on their network, any rights they claimed to the original content you uploaded would expire. Not anymore. Now, anything you upload to Facebook can be used by Facebook in any way they deem fit, forever, no matter what you do later. Want to close your account? Good for you, but Facebook still has the right to do whatever it wants with your old content. They can even sublicense it if they want.'" Oh no! Now they'll be able to license your super flair goblin poke 25 tag history!
Security

Confessed Botnet Master Is a Security Professional 278

Posted by CmdrTaco from the he-should-know-better dept.
An anonymous reader writes "John Schiefer, the Los Angeles security consultant who in last 2007 admitted wielding a 250,000-node botnet to steal bank passwords, sometimes from work, says he's spent the past 15 months working as a professional in the security scene while awaiting sentencing. Prosecutors are pushing for a five-year sentence, noting the exceptional threat he represented to society."
The Internet

Wikipedia's New Definition of Truth 428

Posted by kdawson from the beware-the-man-with-the-lantern dept.
Hugh Pickens writes "Simson Garfinkel has an interesting essay on MIT Technology Review in which he examines the way that Wikipedia has redefined the commonly accepted use of the word 'truth.' While many academic experts have argued that Wikipedia's articles can't be trusted because they are written and edited by volunteers who have never been vetted, studies have found that the articles are remarkably accurate. 'But wikitruth isn't based on principles such as consistency or observability. It's not even based on common sense or firsthand experience,' says Garfinkel. What makes a fact or statement fit for inclusion is verifiability — that it appeared in some other publication, but there is a problem with appealing to the authority of other people's written words: many publications don't do any fact checking at all, and many of those that do simply call up the subject of the article and ask if the writer got the facts wrong or right. Wikipedia's policy of 'No Original Research' also leads to situations like Jaron Lanier's frustrated attempts to correct his own Wikipedia entry based on firsthand knowledge of his own career. So what is Wikipedia's truth? 'Since Wikipedia is the most widely read online reference on the planet, it's the standard of truth that most people are implicitly using when they type a search term into Google or Yahoo. On Wikipedia, truth is received truth: the consensus view of a subject.'"

Comment notebook? papers? (Score 4, Interesting) 505

by theRhinoceros (#22175858) Attached to: The iPhone Meets the Fourth Amendment
Well, can the police read, say, my notebook, kept in my backpack in the car? Can they look at my wallet full of business cards and contacts? What if these papers and information are protected by attorney or medical privilege? What if these are my (HIPAA-protected) health records? These seem to be the closest analogues to what's on my iPhone, apart from the actual phone itself.
Space

Palau May Get Satellite Power In the Next Decade 177

Posted by kdawson from the working-on-the-tan dept.
davidwr writes "The island nation of Palau is looking into creating a satellite-to-ground power transmission system. The system would use low-orbit satellites to transmit power to a receiver in bursts, unlike some other plans which rely on geostationary satellites. The initial 1-megawatt project is supposed to go online 'as early as' 2012 for a cost of $0.8 billion. Time will tell if this can be made cost-effective compared to traditional solar or other sources of power."
Music

Hidden Music Claimed In Da Vinci Painting 220

Posted by kdawson from the tinfoil-palletes dept.
snib sends us to CNN for coverage of an Italian musician and computer technician who claims to have uncovered a hidden musical score in Leonardo Da Vinci's "Last Supper." Giovanni Maria Pala published this and other findings about the 'Last Supper' painting in his book The Hidden Music, released in Italy Friday. "[This raises] the possibility that the Renaissance genius might have left behind a somber composition to accompany the scene depicted in the 15th-century wall painting. 'It sounds like a requiem,' Giovanni Maria Pala said. 'It's like a soundtrack that emphasizes the passion of Jesus.'"

Comment Re:It seems to me... (Score 1) 183

by numatrix (#20625279) Attached to: Wii Uses Elliptic Curve Cryptography For Saves
This is an important point. I'm no really sure what the GP means. In fact, long ago when I actually understood a very tiny bit about how these things worked I asked a similar question on sci.crypt and got the following responses:

http://groups.google.com/group/sci.crypt/browse_thread/thread/d096e5e93192f176/6e0e62f174f8a9e3

Slashdot Top Deals

Some people manage by the book, even though they don't know who wrote the book or even what book.

Close