Recently, I had the privilege of working with my dear comrade Gabor (@gszathmari) to put together the platypuslovescrypto.party Metadata CTF:
During this event, participants were asked to sift through a collection of metadata, in order to identify a “whistleblower”. Technically, the challenges were built such that no special tool was required – the entire CTF could reasonably be completed using a web browser (JavaScript made some challenges easier).
The intent of this event was to draw attention to, and provoke thought about, the current Australian metadata retention laws. Those of us, particularly from technical backgrounds may find it difficult to care, preferring to sift through the latest round of ~interesting leaks~ without any real regard to why, and how this fits in the greater context of what’s happening around us.
As much as I love what we do on a fine-grained technical scale, and there’s no other place I’d rather be at 4am on a weeknight than concocting overly complex solutions to simple CTF problems (more on this later – I haven’t been able to write this because the CTF in question is in progress), this stuff is worth thinking about. Here’s some late-night reading for the curious, of varying quality:
- http://www.gizmodo.com.au/2015/10/everything-youve-been-told-about-data-retention-is-wrong/
- https://www.legislation.gov.au/Details/C2015A00039
- https://www.sbs.com.au/news/explainer/what-metadata-and-how-do-you-maintain-your-privacy
- https://theconversation.com/au/topics/data-retention-9898
And some more reading, courtesy of our dear friends at CryptoParty:
- https://privacyforjournalists.org.au/useful-links#previous-coverage
- https://platypuslovescrypto.party/links#metadata
On a related note, I had the privilege of giving out our very first production run Platypus Initiative plushie to the winner of tonight’s event (congratulations team 1337), and two free tickets to PlatypusCon (congratulations team Metamagic):
In the haze of day-to-day business excellence, it easy to lose sight of what’s really important – like doing awesome stuff because we can, and because we care. Like getting fifty of these little (actually they’re fucking huge IRL) plushies made because fuck you, ~why not~.
Thanks everyone who makes this kind of thing possible. Never stop being ~awesome~.
Special thanks to @gszathmari, idont, iy and snail for making this possible.
The challenge will keep running for a little while afterwards, it’s accessible at platypuslovescrypto.party and ctf.platypuslovescrypto.party… for now.