"Learning should always go hand-in-hand with doing" - interview with Philipp Sieber, the creator of Hacky Easter!

Hello folks!

I hope that you had a chance to participate in an amazing competition that is Hacky Easter! If not, that you totally should visit their website. If you want to know more about Hacky Easter than meet Philipp Sieber, the creator of entire event! He told us where this idea come from and how the challenges are made. You will learn about Hacky community and group challenges! 

Join Hacky Easter competition and become the greatest hacker of all time!

[Hakin9 Magazine]: Hello Philipp! Thank you for agreeing to the interview! How have you been doing? Can you tell us something about yourself?

[Philipp Sieber]: I've been busy the last couple of days – launching Hacky Easter is always a big thing!

I've been a software and security engineer for more than 16 years, responsible for designing and implementing online banking solutions. Half a year ago, I changed my job. I'm a "programming CEO" now, in a Swiss IT security company named "Compass Security Cyber Defense AG". Besides many other tasks, I am responsible for the Hacking-Lab platform.

[H9]: What is a Hacking Lab? Can you tell us more about it?

[PS]: Hacking-Lab is our online platform for IT security training. It is a place where hacking can be legally trained. Many companies, universities and public users are using it. It went online back in 2007, and has more than 35'000 registered users. The platform is also used for international competitions like the European Cyber Security Challenge.

[H9]: So where do the most users come from? Is it Europe? And what is European Cyber Security Challenge?

[PS]: We do have users from all over the world. The top three nations, with almost 5'000 users each, are the US, Germany and Switzerland. Further in the Top 10 are India, Austria, UK, Brazil, the Netherlands, France and Spain.

The European Cyber Security Challenge is an international hacking competition for young cyber talents. The best people from each country meet and compete against each other. Hacking-Lab's CTF system provides a dynamic "attack-defense" environment for the competition. The countries' team members have to protect their own applications and, at the same time, attack the applications from the other teams.

[H9]: You founded and implemented the Hacky Easter competition. What is it and why did you decide to create it?

[PS]: As a fan of Hacking-Lab, I always wanted to give something back by implementing challenges for Hacking-Lab. Then I saw HACKvent. That's a similar competition in Hacking-Lab, which takes place in advent time and consists of 24 small challenges. I took the idea of HACKvent, combined it with mobile apps and QR codes and – voilà! - Hacky Easter was born!

[H9]: This is the third edition of Hacky Easter, did you add any changes, improvements?  

[PS]: Yes, there's always some evolution from year to year. The most important improvement this year was to add user authentication to the web page. In the first two events, users could only authenticate in the mobile app. Authentication in the web page allows users to submit solutions in the web page directly. That's important for users without the mobile app, and for those having problems scanning the Easter eggs. Besides that, I also added the "buddies" feature. People playing Hacky Easter in a group, can create their own high-score now, for just their team.

[H9]: Sounds great for networking! Are they interested in meeting new people, creating groups or do they prefer to work alone?

[PS]: I'd say that most participants are solving the challenges alone. But many are communicating with other users. Some people in the same office, or school, are competing against each other.

[H9]: How do you prepare the challenges for Hacky Easter? Do you have a special team for it?

[PS]: I have been creating and implementing the challenges myself so far. I am permanently collecting new ideas, and implement a challenge every couple of weeks. For the future, I am looking for volunteers which would like to provide challenges.

[H9]: Could you describe a perfect volunteer? What kinds of people should consider joining you?

[PS]: A perfect volunteer is someone who is not only consuming, but also willing to give something back to the community. Hacking-Lab would not be such a success without volunteers. Hacky Easter is a great opportunity for volunteers. The challenges used by the competition are not very big and complex. I'm sure many people have implemented small puzzles, scripts, programs, or whatever, which would be perfect for a Hacky Easter challenge.

[H9]: Hacky Easter has a big community, do you receive a lot of feedback from people? Do their comments and suggestions influence the Hacky Easter competition?

[PS]: Yes, I receive a lot of positive feedback from participants, by either e-mail or in person. I get ideas for new challenges, and for new features. The "buddies" feature I mentioned was suggested by a participant, for example.

[H9]: Does your community show any initiative of its own? Have you had any projects emerge organically from your platform?

[PS]: Not directly. But there's always an exchange of ideas and features, between HACKvent and Hacky Easter.  Who knows, with enough support by volunteers, one day a new challenge might join the family of Hacky Easter and HACKvent.

[H9]:  Do you think that there should be more events like yours, to encourage people in cyber security field to learn more and never give up?

[PS]: Definitely! I think such events help in finding and motivating talented, young people for the IT security field. The key is to include the gamification element. That's why I implemented the mobile apps and Easter eggs with QR codes.

[H9]: Does the idea of gamification come from you being a gamer or is it based totally on HACKvent? Where do you get your ideas for the competition from?

[PS]: The idea of gamification is a result of multiple things: my joy of solving hacking challenges, the creation of mobile apps, and other things. HACKvent is certainly an important factor, too. Ideas for new challenges emerge almost automatically during my everyday work. Some ideas are provided by colleagues and users.

[H9]: Any plans for the future? Are you preparing another competition?

[PS]: I am already collecting ideas for Hacky Easter 2017! In addition, I plan to set up a new event which is re-using the challenges from previous Hacky Easter events. Hacky Easter runs for a couple of months each year. After that, the challenges are not online anymore, which is sort of a pity. The new event is supposed to be permanently running.

[H9]: Does it mean that you would like to turn Hacky Easter into a real event/conference?

[PS]: No, that's the task of Hacking-Lab, which is already used in many events and conferences nowadays. What I plan with the existing Hacky Easter challenges, is a new competition, which is not related to the Easter topic, and running permanently.

[H9]: Do you have any thoughts or experiences you would like to share with our audience? Any good advice?

[PS]: For people in charge of IT security training, I have two recommendations: First, learning should always go hand-in-hand with doing. Second, gamification should always be part of the training. That's our credo for Hacking-Lab.  

Thanks for the interview!

FURTHER INFORMATION / LINKS

• Web page http://hackyeaster.hacking-lab.com/

---

• Android app http://bit.ly/1pdqFKv

---

• iOS app http://apple.co/1i3AxAO

---

• Twitter @HackyEaster

---

• Youtube http://bit.ly/1nDrCKR

---

• E-Mail [email protected]

---