Greetings from the ANU in Canberra, where Bob "The Builder" Edwards is speaking on "Ruxcon 2015 Computer Security Conference: A Brief Report"
his attendance at the Ruxcon 2015 Security Conference in Melbourne. The conference is sponsored by the Australian Signals Directorate (ASD). As well as the usual presentations, the conference has a Black Bag Competition where delegated attempt to covertly access a computer in the conference hotel and Capture The Flag. Presenters discuss how to hack systems, so as to alert system owners to the problems and to better educate security professionals. One point was that computer systems are getting more complex, which opens up more security vulnerabilities.
The interesting question for me is how to have some of the fun and excitement of such events in an educational environment, in a way which is safe. One issue is to make sure that students understand the legal and ethical issues involved. Even when the intention is benign there is the problem of preventing educational experiments escaping and causing damage. One way to address this by having a "Cyber Range" which provides and isolated computer environment to test security. The new Australian SDN Test-Bed, is also intended for security research.
The PM announced a $30M "Cyber Security Growth Centre". It would be interesting to include some contests in this.