Wednesday, January 7, 2009

Daemon Challenge 1: We have a Winner!

Thanks to everyone who participated in Daemon Challenge 1!

And the winner is...

I'm pleased to announce that Michael Bryant is the winner of the first challenge, clocking in with the correct answer at about 7 minutes past noon!

Congratulations to Michael. I'm shipping a copy of Daemon to the UK for Michael ;-)

I would also like to recognize the following participants who correctly solved the first challenge (in order of correct submission):
  1. Michael Bryant
  2. Greg Auger
  3. Adam Greig
  4. David Futcher
  5. Thomas Thrainer
  6. Vincent Bakker
  7. Kay Bieri
  8. Flávio Martins
  9. Ted Smith
  10. Martijn Cielen
  11. Alexander Gabriel
  12. James Tait
  13. Eric Hammond
  14. Jeremy S
  15. Pedro Silva
  16. Michele (Macno) Azzolari
  17. José Luis "Artir" Ricón
  18. Dave Walker
  19. David Langton
The Solution...

I've said several times that Daemon is a great book, and I'm happy to host this contest to support Daniel's first book. In running the contest, I'm also hoping to make more people aware of Ubuntu, security, and specifically our open source encrypted filesystem, eCryptfs.

This first challenge, "Is there anybody out there...", was mostly about generating some interest in the book and the contest, and hopefully getting a few new people using Ubuntu Intrepid Ibex's Encrypted Private Directory feature, which I've spent quite a bit of time developing.

The solution to the first challenge is quite simple... Once you've followed the Encrypted Private Directory setup instructions, and mounted your private directory by logging out and back in, you can obtain your mount options and remove your signature as I described with:


$ x=`grep "$USER.*Private.*ecryptfs" /proc/mounts | awk '{print $4}' | sed 's/sig=[0-9a-f]*,/sig=xxx,/'`
$ echo $x
rw,ecryptfs_sig=xxx,ecryptfs_cipher=aes,ecryptfs_key_bytes=16
Then, you can obtain the md5 message digest of $x with:
$ echo $x | md5sum
da9ae8f980ec845914220cfe727a8b16 -
The value, da9ae8f980ec845914220cfe727a8b16, is then used as the symmetric key to decrypt the challenge text file:
  • $ gpg challenge_1.txt.gpg
Once this text file is decrypted, you could see a very simple riddle:
Challenge 1:
--------------------------------------
Leinad_Zeraus : Daniel^Suarez
::
Nitsud_Dnalkrik : ???????????????
--------------------------------------
Daniel Suarez originally published Daemon under the pseudonym, Leinad Zeraus, which, of course, is his name spelled backwards.

Unfortunately, my backwards-name isn't nearly so cool ... 'Nitsud Dnalkrik' sounds more like a scrubbing agent used aboard Russian spacecraft ;-)

The Next Contest

I hope there's even more participation in the second challenge, due to be published next Tuesday.

It should be more difficult, will likely involve Ubuntu, eCryptfs, gpg, and actually cracking passwords/passphrases, as well as a more difficult embedded riddle.


Cheers,
:-Dustin

No comments:

Post a Comment

Please do not use blog comments for support requests! Blog comments do not scale well to this effect.

Instead, please use Launchpad for Bugs and StackExchange for Questions.
* bugs.launchpad.net
* stackexchange.com

Thanks,
:-Dustin