2022 NSA Codebreaker Challenge(nsa-codebreaker.org)
nsa-codebreaker.org
2022 NSA Codebreaker Challenge
https://nsa-codebreaker.org/home
62 comments
> just do cryptopals
Soul read.
I did the first two "chapters", then I had to stop for personal reasons and never picked it up again. Perhaps I should put it on my github as a mark of dishonor.
Soul read.
I did the first two "chapters", then I had to stop for personal reasons and never picked it up again. Perhaps I should put it on my github as a mark of dishonor.
I wish they would expand the participation to anyone who’s interested in code breaking or working at the NSA. I’d love to take a crack at it myself.
Also, some of the best security researchers I know never went to college. So people with non-traditional academic backgrounds are excluded from this which is a bummer
Also, some of the best security researchers I know never went to college. So people with non-traditional academic backgrounds are excluded from this which is a bummer
The registration page just asks for an email address and a password. How are these people blocked from participating?
Apparently, that's the first challenge you must overcome to cracking the code...
Ah, other comments say that domain names are restricted. Missed that!
Winner's prize is a lifetime place on the federal cybersecurity watchlist I assume.
Typically the result is a job at the NSA. Though federal positions are criminally underpaid relative to their private counterparts so you have to really have a passion for the mission. Unsurprisingly the government is highly interested in finding talent cheaply. The winners will be responsible for taking a drug test and a polygraph though - which most people coming out of a CS program won't be able to pass ;D.
If you win a job at the NSA then it's almost certain you will be added to a bunch of federal watchlists - just maybe not the USA's.
403 Forbidden?
Is this the challenge or am I missing something?
Is this the challenge or am I missing something?
I believe the site is not accessible from outside of the US — I also see 403 Forbidden, but when connecting with US VPN I see no error
I can view from here in the UK… perhaps specific IP geo ranges blocked?
Works fine from France
How have previous challenges worked?
Are they like puzzle hunts where you don't know what you're looking for? Or are you only responsible for breaking cryptographic codes?
Are they like puzzle hunts where you don't know what you're looking for? Or are you only responsible for breaking cryptographic codes?
Take a look at the tasks from last year: https://github.com/luker983/nsa-codebreaker-2021
I think https://nsa-codebreaker.org/resources (about half-way down, in the "Technical Resources" section) might answer that?
I glanced at last year's, it looks like a pretty practical scavenger hunt with multiple steps and increasing difficulty. Pretty cool reading what goes into an exploit that would give someone a shell.
imagine something being such a national priority you limit your pool of possible candidates to people with email addresses from specific universities
42
> Sorry, that email domain is not recognized. -- An email address from a recognized U.S. school or university is required. If your school's domain is not recognized, please request it to be allowed by clicking HERE
edit: to add some comment: Too bad only this group can participate. Just wanted to have look what type of puzzles they are and recreationally have a stab at them.
edit: to add some comment: Too bad only this group can participate. Just wanted to have look what type of puzzles they are and recreationally have a stab at them.
You're not who they're looking for. They want young (and therefore cheap to employ), bright eyed kids who haven't yet developed a sense of ethics or learned of the atrocious things the NSA gets up to.
Gen Nakasone: "Cybersecurity is a critical priority for the nation."
You: You're disgusting and atrocious!
Seems like you're the one who has a problem.
You: You're disgusting and atrocious!
Seems like you're the one who has a problem.
Cybersecurity can be critical for the nation and the agency tasked with national cybersecurity can also do atrocious things. The two are not mutually exclusive.
What is the most atrocious thing that the NSA has done?
"Most" is tricky, but using things like sim card and IP tracking to approve drone strikes that end up killing scores of civilians is pretty atrocious.
Oh, or the false Gulf of Tonkin report probably led to millions of deaths.
Oh, or the false Gulf of Tonkin report probably led to millions of deaths.
> Oh, or the false Gulf of Tonkin report probably led to millions of deaths.
Please cite a reputable source that supports this conspiracy theory.
Please cite a reputable source that supports this conspiracy theory.
What? We passed this resolution that led to an increased US presence in southeast Asia in response to the Gulf of Tonkin incident that later evidence has shown never happened. https://en.wikipedia.org/wiki/Gulf_of_Tonkin_Resolution
The NSA itself later admitted they lied about the report, ignoring any sigint that contradicted what they believed happened.
The NSA itself later admitted they lied about the report, ignoring any sigint that contradicted what they believed happened.
> The National Security Agency (NSA) had broken North Vietnam's codes, and McNamara emphasized to Johnson that certain decrypts conveyed that North Vietnamese torpedo boats had been damaged by American destroyers, thus proving that the second incident happened. However, several intelligence analyses at the time accused McNamara of having either misinterpreted, either intentionally or by mistake, decrypts referring to the first incident of August 2 and presenting them as referring to the second alleged incident of August 4.
I don't understand why you think this quote is relevant, maybe you think that was the only part used so the entire thing was an honest mistake that still killed many?
Here's some others parts from https://en.wikipedia.org/wiki/Gulf_of_Tonkin_incident
>In the 2003 documentary The Fog of War, the former United States Secretary of Defense Robert S. McNamara admitted that an attack on the USS Maddox happened on August 2, but the August 4 attack, for which Washington authorized retaliation, never happened.
>As the evening progressed, further signals intelligence (SIGINT) did not support any such ambush, but the NSA personnel were apparently so convinced of an attack that they ignored the 90% of SIGINT that did not support that conclusion, and that was also excluded from any reports they produced for the consumption by the president.
McNamara admits of didn't happen, the NSA admits they intentionally doctored the report.
Here's some others parts from https://en.wikipedia.org/wiki/Gulf_of_Tonkin_incident
>In the 2003 documentary The Fog of War, the former United States Secretary of Defense Robert S. McNamara admitted that an attack on the USS Maddox happened on August 2, but the August 4 attack, for which Washington authorized retaliation, never happened.
>As the evening progressed, further signals intelligence (SIGINT) did not support any such ambush, but the NSA personnel were apparently so convinced of an attack that they ignored the 90% of SIGINT that did not support that conclusion, and that was also excluded from any reports they produced for the consumption by the president.
McNamara admits of didn't happen, the NSA admits they intentionally doctored the report.
What is the atrocity though? This spawned a whole subthread and my only point was that the word "atrocious" was a bit extreme.
First, ordering the attack of homes with no regard for civilians nearby and no concrete proof that someone "bad" is inside is fairly unequivocally atrocious. I think if your loved ones died because the NSA assumed a bad guy lived next door, you'd consider it an atrocity.
Second, I consider lying to spread more warfare and all the horrors that entails atrocious.
Second, I consider lying to spread more warfare and all the horrors that entails atrocious.
The Vietnam War.
Lying to Congress is up there, it means we don't know the real answer to your question.
What is the definition of atrocious or atrocity?
Neglected and even actively undermined the right to privacy is an act against the society. Some would consider that being an atrocity - contributing to a dystopia with oveareaching control of unchecked guardians ;)
Atrocity - an extremely wicked or cruel act, typically one involving physical violence or injury.
Undermining the right to privacy is wicked, especially when you consider incorporated methods.
Atracious: extremely wicked, brutal, or cruel - after Merriam-Webster. The key word here is "or".
Mind, that ovearreaching control has a great potential of abuse, including physical violence. Also notice, that the right to privacy is often recognized as a human right.
Atracious: extremely wicked, brutal, or cruel - after Merriam-Webster. The key word here is "or".
Mind, that ovearreaching control has a great potential of abuse, including physical violence. Also notice, that the right to privacy is often recognized as a human right.
That's classified and don't go looking too hard otherwise your smart-car might decide to uncontrollably accelerate into a tree one day
That's not an answer.
Your question is trolling and not worth answering.
How do you figure?
You asked a question,
people attempted to reply,
ALL of your responses was adversarial:
"Please cite a reputable source that supports this conspiracy theory. "
"That's not an answer."
"What is the definition of atrocious or atrocity? "
"Atrocity - an extremely wicked or cruel act, typically one involving physical violence or injury. "
"Please cite a reputable source that supports this conspiracy theory. "
"That's not an answer."
"What is the definition of atrocious or atrocity? "
"Atrocity - an extremely wicked or cruel act, typically one involving physical violence or injury. "
Made me want to watch the will hunting monologue again.
https://www.youtube.com/watch?v=mJHvSp9AKYg
https://www.youtube.com/watch?v=mJHvSp9AKYg
Great film, but right after that, Sean (Robin Williams's character) says:
"It's not about the job. I don't care if you work for the government. But you can do anything you want, you are bound by nothing. What are you passionate about. What do you want? I mean there are guys who work their entire lives laying brick so that their kids have a chance at the opportunities you have here."
So, instead of praising Will, Sean questions why Will seems determined to keep drifting while seeming clever. I always thought the implication was that it's better to define yourself as "for" something than "against" something, even if you sound smart in a wicked way by doing so.
"It's not about the job. I don't care if you work for the government. But you can do anything you want, you are bound by nothing. What are you passionate about. What do you want? I mean there are guys who work their entire lives laying brick so that their kids have a chance at the opportunities you have here."
So, instead of praising Will, Sean questions why Will seems determined to keep drifting while seeming clever. I always thought the implication was that it's better to define yourself as "for" something than "against" something, even if you sound smart in a wicked way by doing so.
gobvermen bad :(
Entirely unrelated, but I can never take the word “gubernatorial” seriously.
Everything has innocent potential if you don't look at what has been done.
Lol because working at Google or Facebook is so much better ethically? Give me a break.
Err, I don't work there.
[deleted]
That's the first part of the test.
If you can't easily break into a university IT system what sort of hacker are you? :)
If you can't easily break into a university IT system what sort of hacker are you? :)
It's just a CTF focusing on forensics and reverse engineering. Here are the writeups from the 2021 challenge: https://github.com/luker983/nsa-codebreaker-2021
No one should help the nsa or participate in anything they do.
sshd(1)
If nothing else has come out of the stream of scandals afflicting that agency, it's that they need better people. If you are eligible, do it, as you could be the change, and it appears the opportunity for improvement there is truly unlimited.