by Nines on Sun May 24, 2009 9:17 pm
([msg=24320]see Re: Logic Missions[/msg])
The only missions that should be on this site (out of the current categories) are Basic, Realisic, Application and Programming.
I'm the reason the logic missions are disabled (finally!) as I was the one who posted the entire list of answers on IRC. I felt this needed to be done as when I was actually staff here, nobody would listen when I said they had no function beyond a little puzzle-solving (although most of them were just old riddles, a couple of which were modified so that they made little or no sense or were just downright pointless) and so shouldn't be part of HackThisSite (maybe SolveThisPuzzle!) The worst part being that I actually wrote two of them, so I felt I was partly to blame. I figured the only way to get them removed from the site was to just post the answers. That way they were bound to get the axe.
Steganography has little to do with hacking, especially the challenges on this site. If I wanted to encode something in an image, I'd use an extremely complicated algorithm and heavy encryption. Even then the odds are that you wouldn't know that something was encoded in the image unless you were told about it. The stego challenges (while a couple were fun) are more puzzle-based and shouldn't be on the site.
Javascript missions should be scrapped, since most of them are just basic obfuscation or "follow the code" tasks. It doesn't reflect any real-life situation at all. I do appreciate that Javascript plays an increasingly integral part of modern websites in the form of AJAX, so it would make more sense to have REALISTIC missions that incorporate this, rather than a specific category for a language.
The Extended Basic missions are horrible, as many of them use a "win string" or a weak regex. The idea of just analysing code could be incorporated into REALISTIC missions (as it already has been) rather than having a section of just "find the vulnerability and fix it in the way we have". Calling them extended basic missions kinda defeats the point, since you're expected to understand vulnerabilities that you may not have come across yet, so rather than research them in context, people are more than likely going to google part of the code and find a similar piece of code with the answer to the challenge right next to it, rather than see it in context and understand why a particular vulnerability is there.
The IRC missions are actually a nice addition.
The logic missions would be better renamed and repackaged as part of the forum, where if you wanted to solve each others challenges, you could, without bringing the rest of the missions into disrepute. I say this because there are a couple of very well thought out missions here, designed by very talented programmers/hackers. html's prog3 is a prime example of this and it's just a shame she isn't here to write more like it.
On a side note to those against it. I believe that the points/rankings system is a POSITIVE aspect of this site. It encourages competition which I feel as a society we don't do enough of anymore. People will cheat whether there are points up for grabs or not. You know when someone doesn't know what they are talking about. It's more embarrassing to get called on something that you don't know when you've already professed to do so, so anyone cheating in the rankings will see their profile littered with comments about that person not knowing what they are talking about, since the top ranked users get the most hits. The points system don't devalue the missions. Shitty missions devalue the point system.
What needs to happen:
Remove the Logic, Stego, eBasic, Javascript missions. If there were any useful aspects of the missions to be removed, incorporate them into realistic missions, since I think that most users prefer them anyway.
Rewrite the application missions to include a new set of passwords.
Make the basic missions more comprehensive, with possibly a well-written tutorial to accompany each one and explain it afterward in a review-style system. I don't like that Basic1 is called the 'idiot test' when someone totally new to the scene wouldn't think to view the page source.
Remove Prog missions after prog 8. I know this seems a little extreme, but the programs you're asked to write in the latter few are pretty arbitrary. If future missions were going to be written, they should maybe have some sort of realistic applicationlike the earlier ones, rather than just "parse this string". 1 = Anagram solver, 3 = Encryption, 5 = Bruteforce-fixing a corrupted file, 6 = OCR, etc.. Kinda 'useful' stuff to know?
Add some new, relevant categories: Encryption, Rooting, etc.
Finally, and this is absolutely essential. Remove everyone's basic and app missions once the missions have been re-written. Then you'd see who cheated and who didn't and we'd all be on a more level playing field? I mean how hard is it just to re-complete something you already understand?
I know what I've said may seem a bit heavy, but the people who actually know anything about real hacking on this site (and unfortunately that's becoming fewer and fewer) will totally agree about removing the pointless missions that degrade the decent challenges here.
Anyway, this has gone on long enough already, tl;dr and all that crap.