Editing DEF CON (section)

==== Capture the Flag History ====
In 1996, the first DEF CON CTF was organized, with a couple of [[Server (computing)|servers]] for participants to hack, and judges to decide if a machine has been hacked, and award points accordingly.<ref>{{Cite web |last=Riley |first=Eller |date=2004 |title=Capture the Flag Games |url=https://www.blackhat.com/presentations/bh-asia-04/bh-jp-04-pdfs/bh-jp-04-eller/bh-jp-04-eller.pdf }}</ref>

In 2002, the company [[Immunix]] took part in the game under the moniker "immunex",<ref>{{Cite web |date=2001-07-09 |title=Defcon 9 - Capture The Flag Contest Network |url=https://defcon.org/html/defcon-9/defcon-9-events.html#Capture%20The%20Flag}}</ref> to benchmark the security of their Linux-based operating system, with modifications including [[Stackguard|StackGuard]], [[Format string attack|FormatGuard]], [[Openwall Project|OpenWall]]'s [[Stack buffer overflow|non-executable stack]], SubDomain (the ancestor of [[AppArmor]]), ...<ref>{{Cite web |title=4/23/ Immunix & Defcon: Defending Vulnerable Code From Intense Attack Crispin Cowan, Ph.D Seth Arnold, Steve Beattie, Chris Wright WireX and John. - ppt download |url=https://slideplayer.com/slide/8044490/ |access-date=2023-12-21 |website=slideplayer.com}}</ref>  Confident in their defense capabilities, they even opened access to their servers to other teams, and even spent some time taunting them. The team got the second place, and all their services deployed on their Immunix stack were never compromised.<ref>{{Cite journal |last=Crispin |first=Cowan |date=May 2003 |title=Defcon Capture the Flag: defending vulnerable code from intense attack |url=https://www.researchgate.net/publication/4012201 |journal=DARPA Information Survivability Conference and Exposition |volume=2 |issue=2003}}</ref> It was also the first year the contest had an organiser-provided services infrastructure connected to a real-time scoreboard.<ref>{{Cite web |last=Ghettohackers |title=Defcon 10 - Capture the Flag (CTF) contest |url=https://defcon.org/html/defcon-10/dc-10-post/defcon-10-ctf-rules.html}}</ref>

In 2003, the game had become so popular that a qualification round was introduced, with the previous winner automatically qualified.<ref>{{Cite web |last=The Ghetto Hackers |date=June 29, 2003 |title=Announcing Capture the Flag - Root Fu - Vegas 2003 @ DefCon 11 |url=https://defcon.org/html/defcon-11/events/dc-11-ctf-teams.html}}</ref>

In 2008, the Sk3wl of Root team took advantage of a [[Bug (computer)|bug]] in the game ([[Privileges-drop|privilege dropping]] and [[Process fork|forking]] were inverted), allowing them to have such a massive lead that they spent most of the CTF playing [[Guitar Hero]].<ref>{{Citation |last=Jordan |title=A Brief History of CTF |date=2021-04-06 |url=https://github.com/psifertex/a-brief-history-of-ctf |access-date=2023-12-20}}</ref><ref>{{Cite youtube |url=https://www.youtube.com/watch?v=ywxCWLFej_M |title=A Brief History of CTF - Jordan Wiens |date=2018-03-28 |time=35:41}}</ref>

In 2009, it was announced<ref>{{Cite web |date=2011-05-14 |title=Diutinus Defense Techonologies Corp. / Home |url=http://ddtek.biz/about.html |access-date=2023-12-21 |archive-url=https://web.archive.org/web/20110514105932/http://ddtek.biz/about.html |archive-date=2011-05-14 }}</ref> that "Diutinus Defense Technology Corp" (DDTEK) would be the new organisers, but nobody knew who they were. It was revealed at the end of the game that the team playing as sk3wl0fr00t was the organizer.<ref name=":0" /> "Hacking the top hacker contest seemed like a fun way to introduce ourselves to CTF organization. The yells of "bullshit" from CTF teams during the DEF CON 17 awards ceremony were very gratifying." said vulc@n, a member of DDTEK, on the topic.<ref name=":0" />

In 2011, the team "lollerskaters dropping from roflcopters" used a [[0day]] in [[FreeBSD]] (namely CVE-2011-4062<ref>{{Cite web |last=The FreeBSD Project |date=2011-09-28 |title=Buffer overflow in handling of UNIX socket addresses |url=https://www.freebsd.org/security/advisories/FreeBSD-SA-11:05.unix.asc }}</ref>) to escape [[FreeBSD jail|jails]], causing havoc in the game's infrastructure.<ref>{{Cite web |last=routardz |title=Defcon 19 CTF - CTF Inside |url=https://www.routards.org/2011/08/defcon-19-ctf-ctf-inside.html |access-date=2023-12-20}}</ref>

In 2016, the 15th edition of the CTF was done in partnership with the [[DARPA]], as part of its [[2016 Cyber Grand Challenge|Cyber Grand Challenge]] program, where teams wrote autonomous systems to play the game without any human interaction.<ref>{{Cite web |title=Cyber Grand Challenge (CGC) (Archived) |url=https://www.darpa.mil/program/cyber-grand-challenge |access-date=2023-12-20 |website=www.darpa.mil}}</ref>

In 2017, the Legitimate Business Syndicate came up with their very own CPU architecture called cLEMENCy: a [[middle-endian]] with 9 bits bytes [[Central processing unit|CPU]]. With its specifications released only 24 hours before the beginning of the CTF, it was designed with the explicit goals of both surprising the teams, and leveling the playing field by breaking all their tools.<ref>{{Cite web |last=Unknown |title=cLEMENCy - Showing Mercy |url=http://blog.legitbs.net/2017/10/clemency-showing-mercy.html |access-date=2023-12-20 |language=en}}</ref>