This Summer, some of the ‘Swarmers’ have been busy working on an exciting new project that we launched in time for the ScotlandJS conference kicking off in Edinburgh in July. We have developed a brand new hackable web application called #HackTheHive – a challenge for any keen developers to have a go at cracking! It is a fictional site that imitates an internal communication platform for Swarm – with made up team updates and project notifications. The application has a series of hackable exploits and hidden codes that will be up to the keen eye of a developer to discover! Each stage that’s hacked unveils the next vulnerability to crack, this continues until the final code is revealed and The Hive will have been successfully ‘hacked’! Those who successfully hack their way through the site will tweet their unique code @SwarmOnline and this will enter them into a prize draw.
The engagement around #HackTheHive at the ScotlandJS conference was fantastic, loads of people attempted to ‘hack’ the hive and people of all ages/levels of ability were getting involved and joining the conversation on Twitter – it was great. We drew a winner from those that were successful and were lucky enough to be able to meet the winner and present him with his prize in person. You can watch our interview with the winner here.
The Return of #HackTheHive for ScotSoft 2018
We are delighted to be running our #HackTheHive competition again in partnership with ScotlandIS for their Developers Conference at #ScotSoft2018. Don’t worry, we’ve made sure there are plenty new hidden vulnerabilities and codes to hack, so while the concept is the same – watching the solution from last time won’t help you!
While designing and building this challenge has been great fun for the team here at Swarm and we’re buzzing to watch as people have another go at trying to ‘hack the hive’, there are some deeper motives behind building the challenge…
Building a secure website
As developers, it’s all too easy to focus on specific features without considering the unintentional functionality we might be introducing. Put yourself in the place of a malicious user and remember that breaking things is easy – in other words, no matter how good the rest of your code may be, you only need to leave a single flaw in your website for it to be exploited!
Education and Experience
Things are only hard when you don’t know the answer. All of the ‘exploits’ in our #HackTheHive challenge, whilst exaggerated, are based on actual flaws in real-world websites. Once we reveal how to exploit them, the reaction from many people will be “Of course! Why didn’t I think of that?!”
But this is the benefit of experience. All developers have horror stories of that time we accidentally deleted the production database when we thought it was test. But we learn from them and – hopefully – don’t do it again.
We are using #HackTheHive to highlight the sort of flaws that are all too easy to introduce to an application. More importantly, we are sharing our experience of them in the hope that those just starting out in their software development careers may benefit from them without having to learn the hard way!
We talk about generating a “buzz” (pun very much intended), but the value of getting like-minded people together and solving a shared common problem is incredibly valuable. The interaction, discussion and debate invariably leads to everyone learning something of value.
We hope that by creating #HackTheHive we will engage and connect with enthusiastic developers across the technology community… The challenge was launched for the first time at ScotlandJS in Edinburgh and is now being relaunched in partnership with ScotlandIS for their Developers Conference at ScotSoft 2018. However we invite anyone who thinks they’re up for the challenge to #HackTheHive! While the challenge may be a little bit tricky to hack for those just starting out on their journey in software development, it will showcase the sorts of projects that could be to come in their future and will encourage young aspiring software developers and engineers to pursue their career in the industry – perhaps even here at SwarmOnline! We will be very interested in chatting to any of the successful Hive hackers about some of the positions we are recruiting for at the moment, so bear that in mind too!
If you’re attending ScotSoft 2018, make sure you come along to hear our very own Jacob Cordran, Technical Director, deliver his presentation, “#HackTheHive: Break It ‘Til You Make It”. Jake will be telling you a bit more about the logic behind building a ‘hackable’ web application and why it’s so important that developers learn to think like hackers.