People should think about what Apple’s boundary conditions for the #CTF mean. If Apple is willing to hold off on charging a fee for three years, it probably means that most small development businesses on the AppStore don’t see a profit for three years. Apple knows how long it takes for devs to get from sign up to ship, and they know how long it takes to get from shipping to decent revenue. It’d be naive to think they don’t use that information. #DMA
Czasami jest tak, że to, co wydaje się celem, wcale celem nie jest. Łatwo to przeoczyć, szczególnie, jeśli mamy do czynienia z punktacją czy ogólnie gamifikacją.
Ale jak to? O co chodzi? Może łatwiej będzie na przykładzie. Weźmy konkurs, kto zbierze najwięcej śmieci podczas oczyszczania lasu. Czy zwycięstwo w tym konkursie jest najważniejsze? Czy bardziej liczy się sam fakt sprzątania, a miejsce w kon
#introduction Bonjour, I'm Marc (a.k.a. "T0K_"), a #phd student working on #privacy -preserving technologies. Outside the lab, I spend my time playing #videogames and losing #ctf challenges.
With this account, I'll promote some of my academic work . I might also engage in stupid and vibrant debates about random geeky stuffs .
I'm not entirely sure yet what I'll do with this Mastodon account, so I don't exclude the possibility of some cat pics or even some shitposting
Aha! You say you are privacy conscious, but with that photo of you in your banner, now I know what you look like! I would recognize that square head anywhere!
:) Just joking. Welcome to Mastodon!
+1 Privacy-preservation.
Try following @FediFollows for curated lists of whom you should follow.
Follow @lisamelton for an interesting and varied feed.
Do lots of searches for #hashtags.
I wanna use this account to talk and ask questions to the wider community. I may also share #iocs of ongoing campaigns from time to time. I also have a main account (@Nnubes256) for more general stuff; I'm just moving my #cybersecurity presence where the action is :D
I learned a lot and had quite some fun. Thanks for that 😃
But there is also some room for improvement (which caused quite some frustration)
Make the flags more liberal what is accepted. Eg. Ignore blank, especially around CSV lists. It took me and others quite some time to work out the correct format.
I found the hints quite often not helpful and rather confusing. Eg. the sole hint for finding a cleartext password was something like "Cracking the hash takes forever. So skip that".
This leads to 3.
Digital forensic isn't my daily business, neither are CTFs.
If your CTF target beginners provide more (up front) hints about the tooling. It is quite frustrating if you try to search for tooling for a problem, you might not even be able to state correctly. And the downloading tools and try to understand and use them only to fail. Never knowing if it is the wrong tool, or if it is you using the tool incorrectly.
It would have great to know up front which tools to install. Especially if they require a Windows VM (mimikatz, PECmd, ...)
I don't think tool hints would spoil too much of the fun.
Advanced participant will know them anyway (mostly) and installing and reading up on them a bit in advance saves time for the real fun 😃