SUCSS AGM 2022

Date: 2022-04-27

Difficulty: N/A

Delivered By: All

Overview

You can nominate yourself now at https://nominate.sucss.org/! The deadline for nominations is 5pm on April 27th, 2022.

This is your chance to run for a position on the 2022-2023 committee! All roles except Member without Portfolio are up for election: a brief description for each role can be found below.

The AGM will be taking place on the 27th April. Candidates will have the opportunity to present their manifestos, with members being able to ask any questions after their presentations.

Voting will open for 20 minutes after the presentations have taken place, during which we'll give out the usual free pizza! Finally, we're going to head down to The Hobbit afterwards to celebrate the new committee being appointed. Prizes for the winners of the Member-Made CTFs 2022 competition will also be given out at the start of the event.

Roles

  • President: The president is the figurehead of the society, responsible for delegating tasks between the other committee members, ensuring the society is running smoothly, and managing relations with the wider University and Students' Union.
  • Vice-President: The vice-president assists the president with running and managing the society, as well as being the main point of contact for industry relations.
  • Secretary: The secretary is responsible for the administration of the society. Specifically, this includes arranging meetings, taking minutes and organising the society's documents (aside from financial documents which are the responsibility of the treasurer).
  • Treasurer: The treasurer handles the financing of the group, including applying for grants, sourcing income, signing off expenditure claims and budgeting.
  • Webmaster: The webmaster is primarily responsible for maintaining and developing the SUCSS website, but may also assist the technical officer with any other technical matters.
  • Technical Officer: The technical officer is resposible for any technical aspects of the society, including managing the VM, developing technical infrastructure for sessions where needed, and coordinating with the webmaster when needed.
  • Social Secretary: The social secretary is responsible for arranging both drinking and non-drinking events. They should come up with ideas for socials, promote the social events, and book venues where needed.

All members are responsible for creating weekly sessions, however the Technical Officer is expected to assist in creating any infrastructure needed to host said sessions. Responsibility for the welfare of members falls equally on all committee members.

Results

President

  • Chris Taperell (plaaosert) (also spint) (elected after receiving 23 votes):

I'm Chris. Cybersecurity is a thing I quite like, just a little bit. Over the last few years, I've gained a lot of experience especially in the CTF sphere, starting with Cyberstart (Elite), then moving on to take the SANS SEC504 course and gain the GIAC GCIH certification as well as membership of the GCIH Advisory Board. I then muddled around for a few years and found myself as one of the main challenge authors for X-MAS CTF in 2021, which was the largest CTF by team number in Europe in 2019, while participating in a few other assorted CTFs over that time and finally making a few more challenges for the SUCSS Member-Made CTF. So, with my experience, I can be absolutely certain in one thing: Cybersecurity could do with a much better learning curve. Impostor syndrome and huge skill gaps dominate especially the medium skill level areas of the field, making it reasonably difficult for many people to be confident in their skills - me included. In SUCSS, I would love to try and help the society continue its goal of educating everyone, but especially newcomers and those at the mid-level improve their skills and learn more. The member-made CTF event was a perfect step in this direction. Allowing members to contribute their own challenges and knowledge allows for the society to feel a lot more like an inclusive space in which everyone stands equally, able to both teach and learn. I would, of course, love to get the society even more involved in running CTFs for all skill levels (so that I can do them too, of course...) - maybe also expanding the flag tracker to include more external learning resources such as HackTheBox flags, picoCTF Gym flags and others. It could also be possible to have a more long-running event similar to the member-made CTFs, in which members could submit challenges at any time and have their flags added to the flag tracker. Hosting solutions for this are... interesting... but probably not impossible. Also, due to my crippling addiction to Active Directory security, you can be assured a vote for me is a vote for learning how to break Windows systems in a thousand different ways. If you're into that.

0 votes to re-open nominations (RON)

Vice-President

  • William "Bill Mays" Pearman (elected after receiving 23 votes):

I've been working on my Cyber Security skills for 6 years and have since had it as my career goal. I've attended CyberFirst Elite, completed a large amount of OverTheWire and a variety of boxes on HackTheBox. In Semester 1, I ranked first place on the society leaderboard. I was the primary admin and secondary developer of a Minecraft server called Kinetic Earth with a player count exceeding 200 and member count exceeding 5000 at its peak for 5 months during 2021.

What will I do?

Society discord bot that gives details on and manages CTF teams + society scoreboard integration. More sessions on what people want. Create more static challenges which can be completed whenever to stretch general security skills. Promote more participation in CTFs, creating teams for public CTFs alongside more internal society-made CTFs and member-made competitions.

  • [Invalid Nomination]

0 votes to re-open nominations (RON)

Secretary

  • George Rennie (elected after receiving 23 votes):

I have a year’s experience as secretary where I helped with various bits of organisation like room booking, risk assessments, organising socials, helping members during the sessions etc. I also contributed challenges for the Christmas CTF and MMCTF. I will push for more events like MMCTF - It was a success! My main interest is in hardware security so I will finish and run my hardware hacking session - This has been stalled by the chip shortage and lack of spare time. I have a guest speaker from Arm lined up but was unable to find a date that worked for us and them in 2021-22 by the time I found a willing speaker, so I will book in a date for next year early. I would also like to run a session on formal verification (not Event-B…) or microarchitectural vulnerabilities if there is interest? I competed with SUCSS members in a few CTFs this year and placed 6th in X-MAS CTF and 2nd in the Imperial CTF qualifiers. I want to continue to encourage society members to take part in CTFs. In particular I would like for us to put forward a really strong effort for HTB Uni CTF this year as I think with the right organisation we can be up there with the top UK academic teams.

0 votes to re-open nominations (RON)

Treasurer

  • Daniel Ledger (elected after receiving 23 votes)r:

Hi, I'm Dan the Webmaster aka the one that gets yelled at, and I'm running for treasurer. Here's why you should vote for me: - I already have experience with being on the committee, which included working within the constraints of our budget. - I'm a careful person, so I'm not going to spend funds on completely unnecessary things. - However, I will work closely with the new committee to ensure suitable prizes and pizza are available for events. - If possible, I will sell my soul to that marketing company (or a similar one) to get more Pepsi Max for when we need it.

0 votes to re-open nominations (RON)

Webmaster

  • Bilaal Rashid (elected after receiving 23 votes):

Hi, I’m Bilaal and I would like to be elected as SUCSS’s Webmaster for next year. As a person with a keen interest in cyber security, it's been an honour to serve the society this year as Treasurer and to have run the OSINT, Metasploit and macOS sessions this year, in addition to sourcing the free Pepsi that you hopefully all enjoyed throughout the year (and which hopefully I will be able to help source again next year). I would love to continue in my role to work with my colleagues on the committee to support the operation of the society, the creation of sessions and the running of socials. Having (unsuccessfully) fought for funding for the society from SUSU and ensured fiscal responsibility within the society and protected the financial longevity of the society this year, I would like to ensure take on the responsibility of maintaining the website, social media and to work with the Technical Officer on the virtual machine, and to continue Dan's excellent work implementing HTTPS. I have extensive experience of building websites for several community groups and commercial clients, including the first version of the current SUCSS website. I have extensive proficiency in many languages, technologies and frameworks, including React.js/Next.js, Flask and Nginx, which SUCSS uses a lot. I have also gained a lot of experience (and significant financial loss) in faffing around with domains and DNS with my personal collection and ownership of 40 domains. If elected as Webmaster, I look forward to serving our new and existing members for the next year to ensure that the society continues to be a communal and intellectually stimulating environment where like-minded individuals can explore their passion for cyber security.

  • Chris Taperell (plaaosert) (also spint) (received 0 votes):

I'm back. Those among you who were here last year will remember me. Since I also applied for President (and I hope that one comes up first...), I'll just reiterate my points. A few years ago, I was awarded the GIAC GCIH certification (from the SANS course, SEC504). A few years later, I found myself as a main challenge author of X-MAS CTF 2021. You may know me now as the author of "that stupid maths challenge" in the member-made CTFs. The biggest problem in cybersecurity, in my opinion, is the learning curve. Beginner resources are helpful, but the moment you leave the land of Base64, XOR or CyberChef-level AES being considered "hard", everything gets a little strange. Difficulties become skewed, HackTheBox machines are all marked "easy" and you can't do any of them... it all gets a little bit overwhelming. I want to change this. On the committee, whether Webmaster or President, encouraging more events like the member-made CTF a month or so ago would be a primary goal. Events that help people overcome anxiety to show their knowledge help the society become much more like an even group rather than a group of lecturers and students. Having mostly written web challenges for CTFs, I know my way around web services pretty well already, but I'm sure I would learn much more in the position. I also have a site which I quite like; https://plaao.net/

0 votes to re-open nominations (RON)

Technical Officer

  • Skyler Mansfield (elected after receiving 20 votes):

Hi everyone, I'm Skyler, some of you may know me already from the MMCTF, and I'd like to be your technical officer for the next year!

As Technical officer, I will be ensuring that all of the resources set up by the society such as VMs, Challenges etc, are run smoothly for everyone to play with! I've had lots of experience over the years managing VMs and virtualization servers, web-servers and more! I've also competed in a good number of CTFs and other competitions, so I like to think that my actual Cyber skills aren't lacking.

As technical officer, I would also like to introduce some more hardware related security to the society! It's something that I haven't seen much of, but given the world of IOT it is becoming more relevant since Physical access trumps all!

Some of you may remember my challenges from the MMCTF, which barely scratched the surface of hardware security!! I would love to have the opportunity to show more people the intricacies of hardware security and secure development! I've been a part of this society for the best part of 3 years now, and would love to help keep the society going for many more!

  • Rishabh Arora (received 3 votes):

About me:

1 - Have knowledge about Linux, Networking, MySQL, HTML, Python, Java and other similar topics.

2 - Already have knowledge in the field of Cyber Security.

3 - Really interested in any Cyber related topics (More than the boring topics taught in the lectures).

Things I can do:

1 - Maintain and Develop the technical Infrastructure.

2 - Managing the VMs (Whenever needed).

3 - Help other people on the committee whenever they need my help :) It has been a while since I have been learning cyber-related stuff and not properly implementing then in the correct direction, But now it's my chance to give back to society and actually use my knowledge and dedication in a correct way.

  • William "Bill Mays" Pearman (received 0 votes):

I've been working on my Cyber Security skills for 6 years and have since had it as my career goal. I've attended CyberFirst Elite, completed a large amount of OverTheWire and a variety of boxes on HackTheBox. In Semester 1, I ranked first place on the society leaderboard. I was the primary admin and secondary developer of a Minecraft server called Kinetic Earth with a player count exceeding 200 and member count exceeding 5000 at its peak for 5 months during 2021.

What will I do?

Society discord bot that gives details on and manages CTF teams + society scoreboard integration. More sessions on what people want. Create more static challenges which can be completed whenever to stretch general security skills. Promote more participation in CTFs, creating teams for public CTFs alongside more internal society-made CTFs and member-made competitions.

0 votes to re-open nominations (RON)

Social Secretary

  • [Invalid Nomination]