Thursday, October 25, 2012

General Update / Capture the Flag Competition

I have disappeared for a long time.
I hope to fix that by issuing... a series of short low quality posts! Or something.

I thought I'd briefly mention the MIT Lincoln Labs Capture the Flag competition.
image credit: the CTF people listed on the image; from the lec 1 slides
"In this version of a "Cyber" Capture The Flag competition, you will work in teams of three to both to defend your system and attack those of others. The target system is a Content Management System (CMS) Web Application with a plug-in architecture. New functionality will be introduced during the competition via plug-ins, so be prepared to adapt to novel situations quickly."
I'm in this with two hallmates, Pranjal and Cathy, and two dormmates. We're not super-serious about it, but I am excited!

Back in the day before -- actually who am I kidding, I'm still this way -- I thought that computer security was reserved for really cool people. Going into this, I have no idea what's going on, which means anything I do I'll learn a lot from (even if I don't contribute anything to the actual competition). Yay! (yes, this is my "well i'm not taking any CS classes, how will i feel good about my minimal progress in becoming an engineer if I don't try to pursue multiple topics, also everything is fascinating" syndrome kicking in).

Unfortunately, the lectures are all during 2.009 lab meetings, but they put the slides up (whoops, j/k, they took them down as of 10/25/12). But for me, while I'm learning a lot, I still have zero idea of how to actually do anything. That is, actual practice.

One way, I learned, is to check out previous Capture the Flag competitions. In particular Pranjal mentioned the Stripe one. There's actually detailed walkthroughs for it, so I'll be checking those out.

image credit:

Oh yes, I should rant about that sometime. The whole attitude that: you're completely lost but you should still try to do the lab because that's how you're supposed to learn things according to years of ... tradition. Maybe that's not the way I want to learn, maybe I want to not get frustrated and lost and not learn anything and have zero confidence in myself . Maybe I want to rush through things and then when I want to, on my own time, I'll go back and learn things in depth for reals and prove to myself that I do have critical thinking skills. -___-; For instance, I don't feel like I learned 2.007 in depth, but now I want to actually be a good UA, I'm going back and reviewing the material in preparation for next semester (and just to actually learn engineering / estimation instead of putting s* together and hoping it works). (although I have zero regrets about doing the PSTaHIW method first, since it's given me the confidence / continued interest in building things that keeps me going and and gives me the confidence to go back and read up on all the engineering).

Whoops, looks like I just ranted about it.


Additionally, I am tired of whining about myself on my blog. I do that enough in my own head. So f* hardcore engineering, I'll place faith that I'm on the road somewhere and have fun in the meantime.

To add to my list of things to blog about: 2.007x, post-graduation plans, cultures (MITERS) changing over time, confidence and asking questions correctly, miters seminars, the whole diy nanotech thing, parrots and swapfest, hair color, strobe lab (bullets!), how maker faire went (project packing optimization!), stepper motor position profiles, trash can washers and MIT facilities magic, things and youtube videos i've learned about china, emailing a jacob's ladder, NHK filming, one-day loft, nyanwallace, 18 MIT seniors working on washing trash cans XD || veggie co-ops, camping trips, slugtalks, ...

(Side note: I wonder if I built a caffeine pill vending machine, would I earn money on any reasonable sort of time scale? Dispensing pills would be an interesting problem to solve, even if some days I hate trying to replicate work which has already been done infinity times by the invisible engineers of the past/present).

I've decided to neglect The original idea was to have a blog that was presentable for job-like things, then I wanted to separate project and personal posts, and now I'm just going to try to blog, because I always find it worthwhile. Even now, I'm trying to dig up some of the files I made for MAS.863 How to Make Almost Anything, where I made a terrible site (required) and never put any of my files up, and I'm just sad. Sad. As in, there are five operating systems,  four computers, and a few USB sticks (some of which are no doubt lost), random emails in gmail, two dropbox accounts, and who the f* knows searchspace between me and my files. Sad. @___@