Photo Credits: KatieJean97 @ Flickr http://www.flickr.com/photos/katiejean97/

Next week, NUS Greyhats‘ Amon and Kai Yuan (@amon and @thngkaiyuan on Slack) will cover Web
Exploitation 101 as part of the Greyhats Mission Control session. As
the basic foundation, they will be covering the application specific
standard attacks that are common to many web applications (but not
limited solely to web applications):

  1.  SQL Injection
  2. Command Injection
  3. XSS
  4. CSRF
  5. Open Redirects

In addition, Greyhats may also delve into more exotic
platform-specific attacks, that are applicable to PHP, Rails, Python,
Java.

Ready?  Here are the documents for MC #3: http://bit.ly/orbital16-offwebsec

You might also be interested in this links: http://qxcg.net/how-websites-are-broken-resources.html.

Screen Shot 2016-05-23 at 12.49.51 AMEver wanted to try your hand at creating a game?  Now’s your chance!    http://bit.ly/orbital16-gamedev

To those coming for the Mission Control, do try to get SFML set up and working before (directions in the bit.ly document). If you can compile this, all is good.

https://gist.githubusercontent.com/Ohohcakester/293d22f5968c008a596677c4db3f048c/raw/a3fc62a9707b7cbe476acfd83b57c6be5713bb79/sample_game.cpp

The two videos of the session are here:


Other media from the event!
IMG_5511

IMG_5512

IMG_5513

Courtesy Wikimedia.

We made it in record time!  We are now at almost full capacity for applications to Orbital – we have currently 300 students who’ve filled a registration of interest.  Our staff will be going through all of the applications to Orbital and promoting those registrations of interest into official registrations for the upcoming summer term soon.

Again, all teams who have a least one student who is from SoC (either in a SoC degree programme or minoring in an SoC area (e.g., Computer Science) are automatically eligible for Orbital.

Once we fill the cohort to max capacity (around 350) we will be closing registration to Orbital, due to logistic constraints of the venue (we use I3 Auditorium for Liftoff, and there’s a maximum capacity of about 350 there).

Thank you for your support so far, and we are really excited to see what cool ideas you are going to build from idea to reality in 100 days of summer 2016!

Remember, you can do any type of project related to computing as you wish, but it must result in a product.  These can include relevant projects out of your own interest, something to help you get a better understanding of your programme of study (i.e., merging public datasets from data.gov.sg and analysing them for business analytics; securing an existing software project for information security), preparation for a hackathon entry, and also mentor-proposed projects.

Those of you who have yet to find a partner, no worries!  We’ll be conducting an optional meet-up for individual Orbitee registrations in April (we know it’s busy but it will be helpful for you) so that you can meet each other and jointly find a useful project that you might want to do together.

As you will have noticed, Orbital 2015 is using Slack for communications.  Slack is like a chat client and organized into channels (something like old style IRC, if you are from that era).

We have seeded a few channels in our team for groups who want to meet like-minded groups to share ideas.  Join as many or as few as you like.  Advisors, Mentors and Tutors will be joining in channels that also meet their expertise or interests. Feel free to start your own channel using the #sig- prefix convention.

  • Sig-NUS – For teams working on NUS related projects (IVLE, NUSmods).
  • Sig-Cloud – For teams interested or using cloud computing components inclusive of IDEs, PaaS, SaaS (e.g., Cloud9, Nitro.us, Heroku, Amazon EC2, EngineYard)
  • Sig-Game – For teams interested in developing games (Unity, PyGame, HTML5 Canvas, PhaserIO)
  • Sig-HW – For teams (and other interested parties) whose projects might include a hardware component (e.g., quadcopters, smartwatch, arduino, raspberry pi, Lego Mindstorms)
  • Sig-Mobile – For teams interested in mobile app development (on iOS, Droid, etc.)
  • Sig-Web – For teams doing web development of sorts (any stack and any language; Py/GAE, Ruby on Rails, Node.js, Py/Flask. PHP/CodeIgniter).

P.S. Finally, if you find Slack useful, you might want to use Slack to create your own team (n.b., not channel) for your own Orbital project, and invite your advisor to be a part.  Some of your seniors have found this platform useful for syncing up with project mates and it seems not to be blocked by certain authorities, specially helpful for teammates that are geographically spread out.

Winston Teo of Jolly Good Code, who presented the Agile Methodology session during Liftoff has graciously decided to let a lucky in-SG team from Orbital win a pair of RedDotRuby tickets (a S$200 value even at student pricing).

Teams that are interested in winning this pair of tickets will need to use the Ruby language in their project and need to write a short essay (one entry per team) on why they should be awarded the tickets and how they will benefit from it.

The winning team is obligated to attend the full two day conference (on 26-27 June) and give a 15 to 30 minute presentation about their attendance at the RedDotRuby conference and what interesting talks or techniques they learned about at the conference to all Orbitees during Orbital’s final presentation workshop, Splashdown.

The contest opens today and is open to all levels of achievement.  Attendance to RedDotRuby can count towards the 130-hour requirement for Orbital for the winning team.  Contest closes at the day’s end on 6 Jun 2014.

 

A key foundation of Orbital is intense involvement of student groups to help mentor prospective student teams.

Any student group helping to train on students on skills related to the program will be entitled to the workshop incentive scheme as communicated to your groups. If you feel that you can hold a training event that would be allied to the Orbital programme cause, please get in touch with the Orbital staff or nine undergraduate office for details.

Such training events can include using external websites, videos or exercises to train students.