FLOSSHack for Organizers
FLOSSHack is designed as an event and competition that brings together aspiring "breakers" and open source software that could use a hand in securing their software.
Selecting a Target
An ideal target application for a FLOSSHack event has the following properties:
- Open source -- It is critical for newbies to have the source code available while trying to learn about flaws
- Is a "worthy" project -- Preferably a project that wouldn't otherwise be able to afford a security audit
- Is currently maintained -- It does little benefit to a project to find vulnerabilities that no one will fix
- Has a cooperative maintainer -- Support from a software maintainer in running the event can really help things run smoothly
- Is an "up and coming" project -- A relatively new project with a quickly growing user base; more likely to be immature code and will benefit the most people
It may be difficult to satisfy all of these properties, but hopefully this provides some guidance.