Full Disclosure mailing list archives
Re: Amongst data breaches and misc 'leakage', not necessarily digital, DEFCON CTF continues at DEFCON XX
From: Roman Medina-Heigl Hernandez <roman () rs-labs com>
Date: Fri, 13 Apr 2012 12:47:28 +0200
Since years, I'm actively participating in CTFs (mostly playing but also organizing some of them) and I'm member of a well-known CTF team... So let me throw some constructive words about CTFs in general and Defcon's in particular. Inline response/comments following: Vulcan DDtek escribió:
DT asked DDT to grow the CTF. So we have. We are pre-qualifying winners of other CTFs around the globe to bring a smackdown of epic proportions this August. As always, last year's champion, the Euopean Nopsled Team, is granted automatic entry. There are so many CTFs on the circuit these days, we seek to incorporate only the best of the best.
If so, why are you running quals almost exactly when Phdays CTF final is being held? Many teams will be flying back home on Sunday (Jun, 3th). Impossible to join Defcon quals (apart from the fact that two consecutives CTFs is too much time-consuming and effort). Summarizing, you're going to miss really good teams like: http://www.phdays.com/participants.asp
Last year the iCTF and Codegate winners demonstrated that winners of these CTFs were worthy of returning, additionally we invite victors from NCCDC, HitB, PhDays, nuit du hack, ruCTF, and Defcon 19 oCTF.
Again, if you're considering PhDays as a good CTF event, it makes no sense to "intersect" with them.
While DEFCON refuses to sell-out to corporate sponsorship, DT is personally covering two rooms per team at the majestic RIO hotel Thursday-Sunday for each team.
It's better than nothing but not enough (IMHO). Please, learn from other "big" CTF events like Codegate. Only the flight for a non-US citizen could be 1000 EUR. If "the player" must cover flight, accomodation and even Defcon entrance (omg, this is hilarious!), then what are the benefits/pros of competing at Defcon CTF? Only "fame", I guess (because there are no prizes either). A very expensive fame, I'd add (again, IMHO) :)
In honor of DC XX we're upping the number of tables in Vegas to 20 total. Yes, when the dust clears the _20_ best will be invited to
It's going to be the Jungle :) Hope there's no network or scoring problems like other years... Btw, IMHO, scores should be up and visible for all (public) during *all* the game in order to have some minimal guarantee of fair game. Another point: is it fair some teams have literally a troop of players "helping" from their room/internet, etc at Defcon final? I agree it's difficult to limit cheating but at least some basic rules should try to guard against it. I wish luck for all of you (organizers and players) :) PS: Sorry for the rant, my intention was/is to be constructive and that CTFs become better (not only Defcon's; learning from others' errors is good/desirable so if you -CTF organizer in general- understood this email, I'm sure you'll know how to improve your CTF organization). PS2: I also got no response from Ddtek when trying to deal with some of these issues. I suppose they're quite busy designing this year's VM to be rooted again (recursive issue? :)) }:-) Cheers, -Roman _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Amongst data breaches and misc 'leakage', not necessarily digital, DEFCON CTF continues at DEFCON XX Vulcan DDtek (Apr 01)
- Re: Amongst data breaches and misc 'leakage', not necessarily digital, DEFCON CTF continues at DEFCON XX Roman Medina-Heigl Hernandez (Apr 13)