From its humble beginnings as a small alternative to Black Hat Las Vegas, BSides Las Vegas (LV) has morphed into a very popular event for security professionals. Tracks at BSides LV this year include tracks for new speakers, breaking ground (for new material and bleeding edge work) and off the record. I met with Veracode security researcher Chris Lytle who is presenting this year at the event to find out more about his talk.
Q: What was the inspiration for your talk on competitive puzzles which you will be presenting at BSides this year?
Chris: This talk came out of two things – first, it’s hard to find a security conference that doesn’t have a CTF (capture the flag) and puzzle challenge at them. I noticed that while there have been a lot of talks and posts on how to compete in CTF competitions, there’s not much out there on competitive puzzle solving and how to use these as a learning experience.
Secondly, I gave a talk at BeaCON this year about a framework I’d written in Python to do pre-mechanical cryptography faster, and I noticed that a lot of folks at my presentation asked me questions around when and where these skills could be used and I kept going into the realm of competitive puzzles; this talk is the natural extension of that one.
Q: Can you summarize your BSides talk for us?
Chris: I’m planning to cover techniques and resources that I wish I had had years ago, and would have helped me break into doing more complex puzzles. I’ll be covering team composition and strategy, because you cannot do this on your own. You need to work as part of a team, and my talk will include strategies for finding team members and skill sets required within teams to compete effectively such as recreational mathematics, physical security, and classical cryptography. I’ll also be recommending resources to tap into to acquire or grow certain skills, and tool sets that people could use that can greatly shorten the time it takes to get to the next level in competitive puzzles.
There really are a large number of disparate disciplines are involved in puzzle contests, and that can be intimidating to newcomers. My talk is intended to make the competitive puzzles less daunting for folks new to this kind of thing, and connect them with some tools that make it easier to be involved.
Q: When did you first get interested in puzzles?
Chris: I’ve kind of always been interested in puzzles, I distinctly remember playing Myst when I was very young. Once I got started going to security conferences I started doing more of these in teams.
Q: What are your favorite puzzles?
Chris: Some of my favorites that are available to everyone are the Myst series and notPron, which is just so incredibly complicated in its simplicity. Probably my all time favorite one would have to be Lost’s Mystery Challenge at Defcon.
Chris will be presenting at the Artisan Boutique Hotel on Wednesday, July 25th at 4 P.M in the Breaking Ground track.