- #1
- 28,974
- 4,277
Some of the older forum regulars can remember my strange questions asked over two years ago about ways of stopping NTPD, freshmen may remember my questions about ways of expressing some things in English. As strange as it may sound all these questions were related to the same project. I got to the point where I can share the details.
So, what it is about? It is a forensic challenge - you are given a USB stick and you have to find out who the owner was and reconstruct their story. It requires some reading, some thinking, some common logic and some computer skills. A bit nerdy, but designed to be in range of a reasonably savvy computer user, no need for PhD in hacking.
I had plenty of fun designing whole thing and working around some of the unexpected obstacles. The idea was to make the stick look like if it was used for many years to transfer random files between computers. When the files are added, copied, removed, it all leaves invisible traces in the FAT and the directory structure - and to be convincing the stick needs to have all these traces intact. For example: files can have up to three dates - creation, last modification, last use. All these have to reflect the story and look convincing, and it is not trivial to do so, as OS tries to use real time and tries to get this real time from the net using NTP, so I had to ether somehow block the clock and NTPD, or use a computer that was isolated form the outside world. And that's only a simple example of problems I had to solve, I learned more about some intricacies of different OS-es and structures of different types of files than ever before. Actually I am not 100% sure I haven't missed something, although so far nobody told me about any inconsistencies.
If I had plenty of fun making it, judging from the reaction to the Polish version people have plenty of fun looking for answers.
Fell free to add the add the TUSFitG to your Steam wishlist if you have one, after all that's why I am posting about it Yes, Greg knows.
So, what it is about? It is a forensic challenge - you are given a USB stick and you have to find out who the owner was and reconstruct their story. It requires some reading, some thinking, some common logic and some computer skills. A bit nerdy, but designed to be in range of a reasonably savvy computer user, no need for PhD in hacking.
I had plenty of fun designing whole thing and working around some of the unexpected obstacles. The idea was to make the stick look like if it was used for many years to transfer random files between computers. When the files are added, copied, removed, it all leaves invisible traces in the FAT and the directory structure - and to be convincing the stick needs to have all these traces intact. For example: files can have up to three dates - creation, last modification, last use. All these have to reflect the story and look convincing, and it is not trivial to do so, as OS tries to use real time and tries to get this real time from the net using NTP, so I had to ether somehow block the clock and NTPD, or use a computer that was isolated form the outside world. And that's only a simple example of problems I had to solve, I learned more about some intricacies of different OS-es and structures of different types of files than ever before. Actually I am not 100% sure I haven't missed something, although so far nobody told me about any inconsistencies.
If I had plenty of fun making it, judging from the reaction to the Polish version people have plenty of fun looking for answers.
Fell free to add the add the TUSFitG to your Steam wishlist if you have one, after all that's why I am posting about it Yes, Greg knows.