The VM used for the game has been posted. Included in the distribution are the PDFs handed out to players and a README which has the username and password needed to login. There is also a bug in the VM that we never got around to fixing that requires one command to be run to start up all the jails on the VM. Please seed the torrent if you can.
With the VM posted our work for this year is pretty much done. With nothing left to do for this year I've been thinking about the future of Hack. I really don't know how much further we can take the puzzle concept while still keeping the game fresh. One idea I had is to change the game completely - instead of one VM with people hacking on it we would give out one VM per team and we hack it while others defend it (an idea inspired by something done years ago at Defcon by the Ghetto Hackers). The idea is that they can't just drop all traffic to the VM. Our code would make sure it's the VM and then exploit it using custom exploits we come up with. The defenders have to either patch the vulnerability or manage to convince our code that the VM is there while it's actually a replacement. I'm not sure this will work since our goal has always been to provide a short (2 hour) burst of fun and easy entertainment before we go drinking. The kind of work I'm talking about would be fun but may be a bit much for the goals we have.
The other piece that has been discussed internally has been the scoreboard. This year we got slammed with attendance and getting scores recorded was more difficult than it should have been. There is talk of expanding the scoreboard to work on mobile phones so that we can easily update scores during the game.
Of course, this is all just talk at this point. We want to encourage people to give us new ideas so please mail me your ideas and I'll make sure they get out to our mailing list.
One last thing is that while I will remain on the HoH list (unless Chris removes me) I do not intend to participate beyond forwarding any mails I get. I'm going to take the couple of months leading up to next years conference and enjoy them by working on other projects. I'm not sure what this means for the future of the game but with this post I've made my ideas known and leave it up to the rest of the team to figure out where to go from here.
So Long, and Thanks for All the Fish.
-- WXS
Wednesday, February 18, 2009
Thursday, February 12, 2009
The Good, The Bad and The Ugly
I had a nice post written up that listed everyone individually and thanked them for all their hard work this year, but then my browser decided that crashing was a better thing to do than posting. I'll just say thank you to everyone who helped prepare/run the game this year. Thank you to anyone who played in it this year. In the upcoming week I hope that the VM will be cleaned up a bit and a torrent posted. When that happens I'll be sure to post a link here. I also plan on putting together a post which details my thoughts for the future of HoH and hopefully encourage some kind of discussion on it.
The Good:
This year we had some new things to the game. I think the wireless webcam (not sure if anyone actually cracked it) was a great touch, as was the phone and player attempts to social engineer their way into the building. A few hours before we went live with the game we decided to expand to allow everyone who signed up to play (the waitlist was 20+ people long). Besides some user error during the quick reconfiguration of the systems things went amazingly well with the last minute changes.
The Bad:
From my perspective I only noticed a few minor bugs. The entire "Binary Analysis" section was supposed to be on the www.evil.corp box. It ended up on ns1.evil.corp because that had a web server running on it a few weeks prior to the conference, and I had put the binaries there. When Fotios moved from ns1.evil.corp and set up www.evil.corp he moved everything over except my binaries (since he wasn't sure what they were). I didn't notice this until the game was started and I didn't feel like moving them during the game.
We had a minor problem with the link between the two switches going off-line for a few minutes while we tracked it down. This wasn't such a big deal.
Because we expanded the game to 40 people we had no way to fit that many people - plus team members in some cases - around a few tables. As such we just decided that sitting on chairs would be the best option. It turned out that we got absolutely slammed with people and we will have to reconsider how to configure the physical layout better for next year.
The only other bug I'm aware of was involved with the last row of the scoreboard not being saved properly. I believe Gentooooooo9er (he wrote the scoreboard entirely on his own and I liked it so much that we went with it during the game) has fixed this bug already.
The Ugly:
Jordan's Tequila Face
The Good:
This year we had some new things to the game. I think the wireless webcam (not sure if anyone actually cracked it) was a great touch, as was the phone and player attempts to social engineer their way into the building. A few hours before we went live with the game we decided to expand to allow everyone who signed up to play (the waitlist was 20+ people long). Besides some user error during the quick reconfiguration of the systems things went amazingly well with the last minute changes.
The Bad:
From my perspective I only noticed a few minor bugs. The entire "Binary Analysis" section was supposed to be on the www.evil.corp box. It ended up on ns1.evil.corp because that had a web server running on it a few weeks prior to the conference, and I had put the binaries there. When Fotios moved from ns1.evil.corp and set up www.evil.corp he moved everything over except my binaries (since he wasn't sure what they were). I didn't notice this until the game was started and I didn't feel like moving them during the game.
We had a minor problem with the link between the two switches going off-line for a few minutes while we tracked it down. This wasn't such a big deal.
Because we expanded the game to 40 people we had no way to fit that many people - plus team members in some cases - around a few tables. As such we just decided that sitting on chairs would be the best option. It turned out that we got absolutely slammed with people and we will have to reconsider how to configure the physical layout better for next year.
The only other bug I'm aware of was involved with the last row of the scoreboard not being saved properly. I believe Gentooooooo9er (he wrote the scoreboard entirely on his own and I liked it so much that we went with it during the game) has fixed this bug already.
The Ugly:
Jordan's Tequila Face
Subscribe to:
Posts (Atom)