- There is a growing disconnection between people and the items they use. This is notable as the Generation Z cohort increasingly adapts to technology, despite a growing abstraction between the system and the user.
- Although there are many massive breaches, many of them are posed as foreign actors acting aggressively when often enough, the vulnerability is simple and committed by a sole individual.
- Hackathons are focused on building projects. As xkcd references, towards the deadline, code quality often gets thrown out the window. Lower code quality is simply prone to more vulnerabilities.
- Privacy is non-existent in this current surveillance state.
What it does
openSec is a non-profit platform that aims to bring quality cybersecurity education to students of all ages. openSec is track-based, and relies on a CTF/wargames style-manner in order to foster problem-solving and competition.
How we built it
Jonathan built the backend, and Alan worked on the front end and server for the CTF/wargame.
openSec's CTF platform is built with Python's Flask API, as well as responsive HTML/CSS. openSec is hosted on a physical server at the moment, running Ubuntu Server. The client and challenge manager is built with C and Linux bash, utilizing the power of nCurses API for text user interfaces.
Challenges we ran into
C is a very low level language and Alan faced a lot of problems in terms of memory. nCurses is also very undocumented, and became a problem when he attempted to build the CTF management system. We were not able to get AWS, so we had to rely on a local server to do the
Accomplishments that we're proud of
- Learning nCurses as an API for C in under 24 hours.
- Working with cybersecurity, and being content to see what it can actually do to help impact educational growth and progression.
- Growing our skills as programmers, and discovering a passion in entrepreneurship.
What we learned
- Never use nCurses again.
- NodeJS is cool, but Flask gives the Python developer a god complexity.
What's next for openSec
*Funding and grants (i.e. HackerFund).
- Migrating to a VPS or physical dedicated server
- Building a custom Linux operatings system for the CTF/wargame competition.
- Work on the CTF management system.