Last week, fourth-year computer science majors Dane Pitkin, Nathan Crandall and Justin Rushing took third place at a global hacking competition in Singapore called Hardcode.

The secure coding competition — a collaborative effort between Google and a programming company called SyScan — was held as part of a conference on web security. The conference began with a month of coding, in which over 100 teams comprised of middle school, high school and college students were given a list of requirements and asked to create a “mini Craigslist,” in which students could connect with other students to trade textbooks and other school-related items.

According to Pitkin, the object of the competition was to emphasize the importance of secure web development, an issue that is oftentimes overlooked.

“Computer security is a huge issue nowadays, with most people not fully understanding the concept and how easy it is to compromise,” Pitkin said. “Even in academia it’s not really promoted as much as it should be.”

Pitkin said Google plans to display the winning application to serve as an example of how to make a website using its Google App Engine platform, a relatively new development that allows people to create websites without having to worry about managing their own servers.

According to Crandall, the UCSB team, named CeciliaSec after the Computer Science Instructional Lab, had never used the platform before and thus devoted the first week to simply learning how to use the technology. After a month of coding, however, CeciliaSec was one of five teams and the only team from the U.S. to make it to the finals.

From April 23 to 25, the teams worked together to integrate their applications. Pitkin said this inter-website communication was one of the most intriguing aspects of the competition, noting that items from all five websites could be viewed from the front page of any one of them. Afterwards, Pitkin said, the teams also had to eradicate security bugs.

“We were able to test other apps for security bugs and we ended up finding some pretty bad vulnerabilities,” Pitkin said. “We were able to redirect them to viruses or cause people to delete their accounts without their knowledge.”

While CeciliaSec placed first in the final round, scores averaged from the two rounds caused the team to place third overall and return home with $10,000 Singapore dollars — about $8,000 U.S. dollars. Other finalists included a 17-year-old from India, two fourth-year undergraduates from India, two 20-year-old Austrians and a 23-year-old from Hong Kong.

“Everyone in the competition really held their own,” Pitkin said. “It was a bunch of smart people. I was kind of taken aback by that.”

Naomi Caputi, a fourth-year anthropology major and friend to Pitkin, Crandall and Rushing, said she is excited to see students representing UCSB on a global level.

“They’re all full-time students with jobs and everything,” Caputi said. “The fact that they took the initiative to represent what they learned there — I thought that was pretty awesome.”

Crandall said the competition served as a useful supplement to his regular curriculum, and he was grateful for the opportunity to travel to Singapore.

“It was a really good experience,” Crandall said. “We got to meet some really interesting people from Google, visit the Google headquarters in Singapore, which was really cool, and work with different people from different countries. I’m glad I got to go.”

 

Hacker

 

PHOTO COURTESY OF Dane Pitkin
CeceliaSec members (left to right) Rushing, Crandall and Pitkin code in competition. The objective was to highlight secure web development.
A version of this article appeared on page 1 of the May 1st, 2013’s print edition of the Nexus
Print