Hack-a-Sat Call for Participation
Greetings all!
I've put out the call for participation for the Hack-a-Sat competition in the past, and would like to bring you all up to date on the developments and opportunities that have developed since.
The website is here: https://www.hackasat.com/
Hack-a-Sat is an activity that was scheduled to happen at the in-person DEFCON event.
As of today, yes, it's true. DEFCON has been cancelled.
Those of you that have volunteered at Ham Radio Village in the past are familiar with the event. For those of you that are not, it's a long-running hacking and cybersecurity event that has enthusiastically adopted everything RF and amateur radio.
The United States Air Force, in conjunction with the Defense Digital Service, organized this year’s Space Security Challenge, called Hack-A-Sat. This challenge asks hackers from around the world to focus their skills and creativity on solving cybersecurity challenges on space systems. This competition is going to be held! It's now a virtual event.
Security in the amateur radio sense of the word is fundamentally different from commercial and military applications. We have an advantage here, mainly due to the enormous leverage we have due to our context being completely different from what the Air Force and commercial interests assume. This is, essentially, a diversity advantage.
If you want to participate on an experienced Capture The Flag (CTF) team, then I am here to extend an invitation. Anyone that reads through the rules and can afford to spend some time during the event is invited to apply to join Vaporsec. This is a team that has a majority of information security professionals. There are some satellite industry people, some amateur involvement, and I'd like to make sure that anyone interested in competing from AMSAT-BB gets a chance to join a competitive team.
The benefits to amateur radio are primarily technical, with policy and security a close second. The Air Force has some agendas here in terms of improving satellite security. Exposure to the challenges alone is a an excellent opportunity to learn more about modern satellite technology... and what a significant player in space wants to find out more about. Don't assume that that the challenges in the competition are going to be "too hard". What is trivial for one viewpoint is unsolvable for another.
I'll be writing about the event and what we learned when it is over, so this sort of knowledge will not be secret. However, there is no replacement for participation, and you could very well have the practical knowledge, gained from operating real satellites, that wins the competition. As you can see from the website, there is some real money involved and opportunities for technical writing.
Let me know at w5nyv@arrl.net if you would like to talk more about joining a CTF team for this really neat and unique event.
Know someone that you think should participate? Please forward to them.
-Michelle W5NYV
Thank you for the interest! We have 14 on the team and rising.
The one question that has come up is whether federal contractors can participate. There is a FAQ at the Hack-a-Sat website that addresses this.
Q: Can my business team include contractors (not "Federal entities", not "Federal employees", not "Federal Government Military or Civilian employee") who support federal contracts?
A: Yes.
If this happens to be holding you back from participating, then know that it should not. I understand that there are a complex variety of definitions involved, but the FAQ was written to address a common case that isn't disqualified from this particular event, organized through the Air Force.
-Michelle W5NYV
On Fri, May 8, 2020 at 12:26 PM Michelle Thompson < mountain.michelle@gmail.com> wrote:
Greetings all!
I've put out the call for participation for the Hack-a-Sat competition in the past, and would like to bring you all up to date on the developments and opportunities that have developed since.
The website is here: https://www.hackasat.com/
Hack-a-Sat is an activity that was scheduled to happen at the in-person DEFCON event.
As of today, yes, it's true. DEFCON has been cancelled.
Those of you that have volunteered at Ham Radio Village in the past are familiar with the event. For those of you that are not, it's a long-running hacking and cybersecurity event that has enthusiastically adopted everything RF and amateur radio.
The United States Air Force, in conjunction with the Defense Digital Service, organized this year’s Space Security Challenge, called Hack-A-Sat. This challenge asks hackers from around the world to focus their skills and creativity on solving cybersecurity challenges on space systems. This competition is going to be held! It's now a virtual event.
Security in the amateur radio sense of the word is fundamentally different from commercial and military applications. We have an advantage here, mainly due to the enormous leverage we have due to our context being completely different from what the Air Force and commercial interests assume. This is, essentially, a diversity advantage.
If you want to participate on an experienced Capture The Flag (CTF) team, then I am here to extend an invitation. Anyone that reads through the rules and can afford to spend some time during the event is invited to apply to join Vaporsec. This is a team that has a majority of information security professionals. There are some satellite industry people, some amateur involvement, and I'd like to make sure that anyone interested in competing from AMSAT-BB gets a chance to join a competitive team.
The benefits to amateur radio are primarily technical, with policy and security a close second. The Air Force has some agendas here in terms of improving satellite security. Exposure to the challenges alone is a an excellent opportunity to learn more about modern satellite technology... and what a significant player in space wants to find out more about. Don't assume that that the challenges in the competition are going to be "too hard". What is trivial for one viewpoint is unsolvable for another.
I'll be writing about the event and what we learned when it is over, so this sort of knowledge will not be secret. However, there is no replacement for participation, and you could very well have the practical knowledge, gained from operating real satellites, that wins the competition. As you can see from the website, there is some real money involved and opportunities for technical writing.
Let me know at w5nyv@arrl.net if you would like to talk more about joining a CTF team for this really neat and unique event.
Know someone that you think should participate? Please forward to them.
-Michelle W5NYV
Thank you to the amateur satellite community for the response!
The Vaporsec CTF team, specifically open to amateur radio operators, has seen the largest turnout for a Capture the Flag competition in team history, for this satellite-themed event. We have over 20 signed up for the qualifications event this coming weekend. We believe that based on the diversity, quality, and positive can-do spirit, that we have a chance at being competitive and moving on to the final round in late summer.
We had a successful team organizational meeting last night are are looking forward to a Friday 5pm Pacific start time. I'm looking forward to being able to share how amateur radio operators and practical experience carried the day!
Rules and link to the Hack-a-Sat website are up-thread. The point of the competition seems to be the Air Force wanting to see what the current level of competence is out there with respect to satellite operations and security. Hints have included backgrounders on ADAC, Satellite IoT platform security, protocols, ground control, and more.
Something that we noticed is that an unsolved challenge in last weekend's DEFCON CTF qualifier round was from the same team that is putting on Hack-a-Sat CTF.
So! If you are wondering what kind of challenges are posed to participants in a CTF, here is that satellite-themed challenge. We expect this sort of thing to be the starting point for an entire weekend of satellite reverse engineering, puzzle solving, and rogue-craft-wrangling.
There are two files related to the challenge. The challenge text and the two files can be found at:
https://github.com/phase4space/research-papers/tree/master/interrupted_DEFCO...
See you on the other side of the CTF! We will have a write-up of the event and share any and everything we learn along the way.
-Michelle W5NYV
On Tue, May 12, 2020 at 1:17 PM Michelle Thompson < mountain.michelle@gmail.com> wrote:
Thank you for the interest! We have 14 on the team and rising.
The one question that has come up is whether federal contractors can participate. There is a FAQ at the Hack-a-Sat website that addresses this.
Q: Can my business team include contractors (not "Federal entities", not "Federal employees", not "Federal Government Military or Civilian employee") who support federal contracts?
A: Yes.
If this happens to be holding you back from participating, then know that it should not. I understand that there are a complex variety of definitions involved, but the FAQ was written to address a common case that isn't disqualified from this particular event, organized through the Air Force.
-Michelle W5NYV
On Fri, May 8, 2020 at 12:26 PM Michelle Thompson < mountain.michelle@gmail.com> wrote:
Greetings all!
I've put out the call for participation for the Hack-a-Sat competition in the past, and would like to bring you all up to date on the developments and opportunities that have developed since.
The website is here: https://www.hackasat.com/
Hack-a-Sat is an activity that was scheduled to happen at the in-person DEFCON event.
As of today, yes, it's true. DEFCON has been cancelled.
Those of you that have volunteered at Ham Radio Village in the past are familiar with the event. For those of you that are not, it's a long-running hacking and cybersecurity event that has enthusiastically adopted everything RF and amateur radio.
The United States Air Force, in conjunction with the Defense Digital Service, organized this year’s Space Security Challenge, called Hack-A-Sat. This challenge asks hackers from around the world to focus their skills and creativity on solving cybersecurity challenges on space systems. This competition is going to be held! It's now a virtual event.
Security in the amateur radio sense of the word is fundamentally different from commercial and military applications. We have an advantage here, mainly due to the enormous leverage we have due to our context being completely different from what the Air Force and commercial interests assume. This is, essentially, a diversity advantage.
If you want to participate on an experienced Capture The Flag (CTF) team, then I am here to extend an invitation. Anyone that reads through the rules and can afford to spend some time during the event is invited to apply to join Vaporsec. This is a team that has a majority of information security professionals. There are some satellite industry people, some amateur involvement, and I'd like to make sure that anyone interested in competing from AMSAT-BB gets a chance to join a competitive team.
The benefits to amateur radio are primarily technical, with policy and security a close second. The Air Force has some agendas here in terms of improving satellite security. Exposure to the challenges alone is a an excellent opportunity to learn more about modern satellite technology... and what a significant player in space wants to find out more about. Don't assume that that the challenges in the competition are going to be "too hard". What is trivial for one viewpoint is unsolvable for another.
I'll be writing about the event and what we learned when it is over, so this sort of knowledge will not be secret. However, there is no replacement for participation, and you could very well have the practical knowledge, gained from operating real satellites, that wins the competition. As you can see from the website, there is some real money involved and opportunities for technical writing.
Let me know at w5nyv@arrl.net if you would like to talk more about joining a CTF team for this really neat and unique event.
Know someone that you think should participate? Please forward to them.
-Michelle W5NYV
Greetings all!
1500+ teams registered for the event. 1283 teams scored at least a point. Our team (Vaporsec) finished 20th.
The interdisciplinary nature of the team served extremely well! Amateur radio satellite service operators made fundamental and significant contributions to the final score, everyone learned a lot, and we all had fun.
The challenges ranged from mastering Apollo-era assembly code, to reverse engineering IQ files received from space, to controlling ADAC systems, to correctly configuring star trackers, to understanding what's required to precisely observe the Earth from orbit - and plenty more. The range and breadth of the challenges was daunting, but our diverse and positive team carried the day.
The finals are 7-9 August 2020. This is a virtual event held during the weekend of DEFCON. All of the challenges from the qualification round will be up until the final event at https://www.hackasat.com/
Even better news? A lot of us from the amateur radio satellite service community will be participating in the finals with teams that made the top ten and recruited us to add to their roster.
I can't wait to share what we learn and how we do in the finals. I'll be with ADDVulcan.
Contests and competitions have a long and storied history in amateur radio. The active and thriving Capture the Flag (CTF) scene should be familiar to any amateur radio contester, because there are so many similarities. The incorporation of advanced digital, computing, RF, and networking technology into contesting, at events like Hack-a-Sat, is very exciting and it will definitely test your skills. Being involved with a team that welcomes people willing to learn is an especially enjoyable privilege! Some teams are closed to newcomers and approach competitions more like a professional sports team. Some teams are composed only of people that work at a particular company, or know each other well.
Hack-a-Sat offered a very broad opportunity this year, so teams that were open to newcomers were plentiful. We owe a debt to the organizers at the Department of Defense (Thank you Air Force) for the high-quality outreach, accessibility, and challenging and engaging content.
If you want to get involved with competitions like this, please write me and I will help you. Hack-a-Sat was very difficult, but there are contests at every level almost every weekend and a growing number incorporate amateur radio.
Want to be involved with creating a real live CTF? I'm chairing the GNU Radio Conference CTF this year (will be held in September, website is https://www.gnuradio.org/grcon/grcon20/), and amateur radio has traditionally been a very large part of this event in every way. Your ideas for amateur radio satellite themed challenges are welcome and I look forward to working with you.
Wouldn't it be great to see AMSAT host a satellite themed CTF? Especially if the solutions of the challenges could directly support engineering efforts. Many hands make light work!
-Michelle W5NYV
Director of AMSAT Chair of GNU Radio Conference CEO of Open Research Institute, Inc.
On Wed, May 20, 2020 at 3:03 PM Michelle Thompson < mountain.michelle@gmail.com> wrote:
Thank you to the amateur satellite community for the response!
The Vaporsec CTF team, specifically open to amateur radio operators, has seen the largest turnout for a Capture the Flag competition in team history, for this satellite-themed event. We have over 20 signed up for the qualifications event this coming weekend. We believe that based on the diversity, quality, and positive can-do spirit, that we have a chance at being competitive and moving on to the final round in late summer.
We had a successful team organizational meeting last night are are looking forward to a Friday 5pm Pacific start time. I'm looking forward to being able to share how amateur radio operators and practical experience carried the day!
Rules and link to the Hack-a-Sat website are up-thread. The point of the competition seems to be the Air Force wanting to see what the current level of competence is out there with respect to satellite operations and security. Hints have included backgrounders on ADAC, Satellite IoT platform security, protocols, ground control, and more.
Something that we noticed is that an unsolved challenge in last weekend's DEFCON CTF qualifier round was from the same team that is putting on Hack-a-Sat CTF.
So! If you are wondering what kind of challenges are posed to participants in a CTF, here is that satellite-themed challenge. We expect this sort of thing to be the starting point for an entire weekend of satellite reverse engineering, puzzle solving, and rogue-craft-wrangling.
There are two files related to the challenge. The challenge text and the two files can be found at:
https://github.com/phase4space/research-papers/tree/master/interrupted_DEFCO...
See you on the other side of the CTF! We will have a write-up of the event and share any and everything we learn along the way.
-Michelle W5NYV
On Tue, May 12, 2020 at 1:17 PM Michelle Thompson < mountain.michelle@gmail.com> wrote:
Thank you for the interest! We have 14 on the team and rising.
The one question that has come up is whether federal contractors can participate. There is a FAQ at the Hack-a-Sat website that addresses this.
Q: Can my business team include contractors (not "Federal entities", not "Federal employees", not "Federal Government Military or Civilian employee") who support federal contracts?
A: Yes.
If this happens to be holding you back from participating, then know that it should not. I understand that there are a complex variety of definitions involved, but the FAQ was written to address a common case that isn't disqualified from this particular event, organized through the Air Force.
-Michelle W5NYV
On Fri, May 8, 2020 at 12:26 PM Michelle Thompson < mountain.michelle@gmail.com> wrote:
Greetings all!
I've put out the call for participation for the Hack-a-Sat competition in the past, and would like to bring you all up to date on the developments and opportunities that have developed since.
The website is here: https://www.hackasat.com/
Hack-a-Sat is an activity that was scheduled to happen at the in-person DEFCON event.
As of today, yes, it's true. DEFCON has been cancelled.
Those of you that have volunteered at Ham Radio Village in the past are familiar with the event. For those of you that are not, it's a long-running hacking and cybersecurity event that has enthusiastically adopted everything RF and amateur radio.
The United States Air Force, in conjunction with the Defense Digital Service, organized this year’s Space Security Challenge, called Hack-A-Sat. This challenge asks hackers from around the world to focus their skills and creativity on solving cybersecurity challenges on space systems. This competition is going to be held! It's now a virtual event.
Security in the amateur radio sense of the word is fundamentally different from commercial and military applications. We have an advantage here, mainly due to the enormous leverage we have due to our context being completely different from what the Air Force and commercial interests assume. This is, essentially, a diversity advantage.
If you want to participate on an experienced Capture The Flag (CTF) team, then I am here to extend an invitation. Anyone that reads through the rules and can afford to spend some time during the event is invited to apply to join Vaporsec. This is a team that has a majority of information security professionals. There are some satellite industry people, some amateur involvement, and I'd like to make sure that anyone interested in competing from AMSAT-BB gets a chance to join a competitive team.
The benefits to amateur radio are primarily technical, with policy and security a close second. The Air Force has some agendas here in terms of improving satellite security. Exposure to the challenges alone is a an excellent opportunity to learn more about modern satellite technology... and what a significant player in space wants to find out more about. Don't assume that that the challenges in the competition are going to be "too hard". What is trivial for one viewpoint is unsolvable for another.
I'll be writing about the event and what we learned when it is over, so this sort of knowledge will not be secret. However, there is no replacement for participation, and you could very well have the practical knowledge, gained from operating real satellites, that wins the competition. As you can see from the website, there is some real money involved and opportunities for technical writing.
Let me know at w5nyv@arrl.net if you would like to talk more about joining a CTF team for this really neat and unique event.
Know someone that you think should participate? Please forward to them.
-Michelle W5NYV
participants (1)
-
Michelle Thompson