Who better to help defend the University of Florida’s information resources from hackers than award-winning security professionals?
Two members of the UF IT Security Team won the prestigious electronic Capture the Flag competition Aug. 4-6 at DEFCON 2006, the world’s largest annual hacker conference. DEFCON, commonly known as a hackers only conference, is also attended by geeks, security professionals, law enforcement and groupies.
UF Security Engineers Jordan Wiens and John Sawyer were part of the elite, eight-member team that won the DEFCON competition. The team, named 1@stPlace, which can be read as both first- and last-place in “geek speak,” was made up of various programmers and security experts from the United States who all shared a common passion for IT security.
“It was a lot of fun working with a great group of guys most of whom I’d never met before, but really coming together to act as a team,” said Wiens. “That was really the key to winning the competition — working together efficiently to take care of the many tasks that had to be done.”
In June, hundreds of teams attempted to qualify for this competition, but only eight succeeded. In a pre-announcement, Kenshoto, the group which hosts the CTF competition, said, “This year’s CTF will be a knock-down-drag-out-cyberninja war, the likes of which the world has never seen (except maybe last year).”
To win, groups had to detect vulnerabilities in software, defend a server, and exploit all vulnerabilities they found. Wiens explained that there’s really no one single flag in the CTF competition, but rather, thousands and thousands. Stealing and overwriting flags, or secret keys consisting of 32 digits hidden throughout files on a server, earned points to win the competition.
Taking advantage of skills he gained while working with the UF IT Security Team, Wiens was in charge of defense of the server by securing services through patching the vulnerabilities or protecting them in other ways.
Sawyer said participating in CTF was almost like performing on stage. “We were located in a large room with music and videos being projected on the walls while DEFCON attendees walked by and pointed at what we were doing,” said Sawyer.
Other than being recognized with the highest honor, winners of the team received a black badge that will get them into all future DEFCONs and a leather jacket which sports the event’s logo.
Wiens said Kenshoto is truly amazing. “It feels good to have won, but it’s also humbling to see the level of skill of the guys who run the competition,” he said.
This is the 14th DEFCON since the first in June 1993, and though the hotel location has changed, it has always been hosted in Las Vegas. Some of the more serious speaking topics this year included: Hardware Hacking, Fighting Organized Cyber Crime, Hacking Malware: Offense is the new Defense, and Rebuilding HARD DRIVES for Data Recovery: Anatomy of a Hard Drive. Livelier topic names included: Googling: I’m Feeling (un)Lucky and A Hacker’s Guide to RFID Spoofing and Jamming.
1@stPlace plans to return next year to defend its title.
NASA and the Air Force have formed an aeronautics research partnership that builds upon and expands on the longstanding relationship between the two organizations.
NASA Administrator Michael Griffin and Secretary of the Air Force Michael W. Wynne signed a memorandum of understanding Aug. 7 during a Pentagon ceremony.
On Friday evening, August 11, Arianespace placed two satellites into geostationary transfer orbit: the JCSAT-10 communications satellite for Japanese operator JSAT Corporation, and the Syracuse 3B military communications satellite for the French Ministry of Defense.
Ariane 5 is the only commercial launcher in service capable of simultaneously launching two payloads.
An electronic nose, the cybernose, will be developed following a $4 million collaboration, announced today.
The collaboration will see researchers from Monash University, the Australian National University and CSIRO's Food Futures National Research Flagship trying to understand how simple animals such as worms and insects make sense of smells.
Commercial vendors and individual consumers can now look forward to being able to legally create certain types of protected DVDs, the DVD Copy Control Association (DVD CCA) announced. Under rule changes now in the works, commercial vendors could create protected DVDs on kiosks and in small custom runs. Individual consumers could legally record a variety of selected content. Both would require special blank DVD discs that will use the Content Scramble System (CSS) for encryption and will be compatible with the millions of existing DVD players in the marketplace today.
IBM UNIX-based systems are expected to double the current capacity of one of the nation's most innovative grid initiatives, uniting resources from 27 institutions in fifteen states, to increase dramatically its research capabilities -- from modeling coastal storm surges to advanced genome sequencing. The SURAgrid initiative is actively advancing collaborative work in grid computing to support research opportunities across the southeastern U.S.