This Summer, some of the ‘Swarmers’ have been busy working on an exciting new project. We have developed a brand new hackable web application called #HackTheHive. It’s a challenge for any keen developers to have a go at cracking! The fictional site imitates an internal communication platform for Swarm – with made up team updates and project notifications. The application contains hackable exploits and hidden codes that are up to the keen eye of a developer to discover! Each stage that you hack unveils the next vulnerability to crack. This continues until you reveal the final code and The Hive is successfully ‘hacked’! Those who successfully hack their way through the site tweet their unique code @SwarmOnline and this will enter them into a prize draw.
The engagement around #HackTheHive at the ScotlandJS conference in Edinburgh this July was fantastic. Loads of people attempted the challenge and developers of all abilities were getting involved and joining the conversation on Twitter. We drew a winner from those that were successful and were lucky enough to be able to meet the winner and present him with his prize in person. You can watch our interview with the winner here.
The Return of #HackTheHive for ScotSoft 2018
We are delighted to be running our #HackTheHive competition again in partnership with ScotlandIS for their Conference at #ScotSoft2018. Don’t worry, there are plenty new hidden vulnerabilities and codes for you to hack. So while the concept is the same – watching the solution from last time won’t help you!
Designing and building this challenge has been great fun for the team here at Swarm. We’re buzzing to watch as people have another go at trying to ‘hack the hive’, however there are some deeper motives behind building the challenge…
Building a secure website
As developers, it’s all too easy to focus on specific features without considering the unintentional functionality we might be introducing. Put yourself in the place of a malicious user and remember that breaking things is easy – in other words, no matter how good the rest of your code may be, you only need to leave a single flaw in your website for it to be exploited!
Education and Experience
Things are only hard when you don’t know the answer. All of the ‘exploits’ in our #HackTheHive challenge, whilst exaggerated, are based on actual flaws in real-world websites. Once we reveal how to exploit them, the reaction from many people will be “Of course! Why didn’t I think of that?!”
But this is the benefit of experience. All developers have horror stories of that time we accidentally deleted the production database when we thought it was test. But we learn from them and – hopefully – don’t do it again.
We are using #HackTheHive to highlight the sort of flaws that are all too easy to introduce to an application. More importantly, we are sharing our experience of them in the hope that those just starting out in their software development careers may benefit by not having to learn the hard way!
We talk about generating a “buzz” (pun very much intended), but the value of getting like-minded people together and solving a shared common problem is incredibly valuable. The interaction, discussion and debate invariably leads to everyone learning something of value.
The challenge was launched for the first time at ScotlandJS in Edinburgh. It is now being relaunched in partnership with ScotlandIS for their Developers Conference at ScotSoft 2018. However we invite anyone who thinks they’re up for the challenge to #HackTheHive! By creating #HackTheHive we hope to engage and connect with enthusiastic developers across the technology community. The challenge may be a little tricky to hack for those just starting out on their journey in software development. However, it will showcase the sorts of projects that could be to come in their future. It might also encourage young aspiring software developers and engineers to pursue their career in the industry. Perhaps even here at SwarmOnline! Indeed, we will be very interested in chatting to the successful ‘hackers’ about the positions we are recruiting for at the moment!
If you’re attending ScotSoft 2018, make sure you come along to hear our very own Jacob Cordran, Technical Director, deliver his presentation, “#HackTheHive: Break It ‘Til You Make It”. Jake will be telling you a bit more about the logic behind building a ‘hackable’ web application and why it’s so important that developers learn to think like hackers.