In the past few years, some of us have had the opportunity to participate in some security challenges organized by different teams in different events. It has always been an experience where we have had a lot of fun and where we have learned a very useful knowledge. The way the sponsor have created the challenges it is always different and this point of view make you acquire another perspective. Also, the way that other participants or people in your team approach a problem is also extremely interesting and didactic. When the challenge finishes you always have this feeling of a very good job by everyone, and a very rich experience in the technical and personal area.
Other times, we have been in charge of designing and prepare one or more security challenges in the context of a particular event. In this case, it is also a very interesting experience, because preparing a challenge makes your kwnowledge go deeper and wider. You also have a lot of fun trying to guess how the participant will behave when he is in front of the problems you are creating for him and, after that, you have the opportunity to check whether you were right or wrong, watching the participants make their way to the solution. Also, participants usually provide solutions that are different from those that you designed.
For all these reasons we always encourage any person that likes computer security to participate in such activities.
At present, we are involved in a security challenge of the second flavour: Movistar Mexico, sponsor of Campus Party Mexico 2011, has asked us to prepare a set of security challenges in the context of the event. The challenge has been named "Retos Movistar - Security Geek" and this is the official website.
We have designed seven security challenges, grouped into two main categories:
- offline challenges, accessible by everyone that can be solved using only your own PC
- online challenges, that are online accessible through internet if you have registered into the challenge
The tests that we have prepared cover different areas of security: from malware analysis to web security, from forensics to pen testing, and more... Tests are absolutely independent, so that participants can solve one test without even starting other.
The challenge has just started and will last until Saturday 23th of July. We hope that the experience will be fun and motivating for all participants. All the information can be found in the web page of the challenge and news and notifications can be followed through the official twitter account @SecurityGeekCP3 (hashtag #secgeekcpmx3)