Press Release

Cryptogeddon officially launches at SecTor 2013

By Todd Dow
October 8, 2013

Toronto, ON – Infosec enthusiasts have a new game to play. Today marks the official launch of Cryptogeddon, an online information security war game developed by Todd Dow. Todd is marking the official launch of Cryptogeddon in concert with SecTor, Canada’s Premier IT Security Conference. Todd will be speaking at SecTor, where he will be sharing a special free Cryptogeddon Mission Pack entitled, “Cryptogeddon – Sector 2013 Edition: The Rogue CSEC Agent”.

About Cryptogeddon

Cryptogeddon offers a creative, unique and challenging game that is perfect for gaming enthusiasts with an interest in information security concepts. Referred to as an online scavenger hunt using hacker tools, Cryptogeddon aims to supplement an already popular capture the flag market where hackers pit themselves against the clock and fellow competitors to solve technology puzzles and find digital assets, called flags, for prizes, bragging rights and validation within the hacker community.

Cryptogeddon sells Mission Packs, each of which offers a self contained infosec scenario that the participant plays. Mission Packs utilize the latest information security tools including Kali, TrueCrypt, md5, SSH, openssl, Nessus, Metasploit and more. And, Cryptogeddon Mission Packs are built using current platforms including Linux, Windows, Apache, IIS, Amazon Web Services, Android, iOS, WordPress, Facebook, Google+, Twitter and more. Each Mission Pack comes complete with a scenario description, a starting point and a list of tools required to complete the mission. And, each Mission Pack also comes with a complete solution so that participants can feel comfortable that if they get stuck, they will be able to rely on the solution to help guide them through to the end of the scenario.

“I want to create the most realistic infosec scenarios possible to challenge and entertain the largest number of IT enthusiasts”, says Todd Dow, the founder and creative force behind Cryptogeddon. “Infosec is a huge passion of mine and I am creating the game that I would like to play. This is an exciting time to be an infosec practitioner and Cryptogeddon offers the perfect balance of creative, diverse and challenging scenarios, while also including a complete solution as a backup in case you get stuck. And, the solution guide also makes a great training guide for students and classroom environments.”

Cryptogeddon in Education

Todd has already received interest from College and University programs looking to include Cryptogeddon’s Mission Packs in existing Computer Science programs. “I love that students can learn while having fun in a safe, non-threatening environment. Seeing others learn is a key aspect of Cryptogeddon”, says Todd. Cryptogeddon can also be applied in corporate settings as a training tool for novice and expert infosec professionals.

Todd will be speaking at SecTor on Wednesday October 9 2013.

Mission Packs are available for purchase at


For more information about Cryptogeddon, please contact:

Todd Dow, Founder, Cryptogeddon
4418 Dennis Avenue
Beamsville, Ontario
L0R 1B5
@toddhdow @cryptogeddon


news Press Release

Interview with Cryptogeddon creator Todd Dow

cryptogeddon-logo1I recently talked to Kevin Browne of Software Hamilton about Cryptogeddon. That discussion turned into this Q & A Interview on the Software Hamilton website. I’m reblogging the interview here as well. And, I’ll be speaking at Software Hamilton’s DemoCamp 13 at Mohawk College tomorrow night (Tues Sep 24 2013). You should come! There’ll be lots of great speakers. Come check it out.

And now, on to the interview:

Cryptogeddon (@Cryptogeddon) is one of the most original concepts for a game that I’ve heard of in recent memory. The first Cryptogeddon mission pack is now available for purchase for $0.99. Cryptogeddon creator Todd Dow (@toddhdow) works as Senior Digital Specialist at Postmedia here in Hamilton, and he will be showing off the game at DemoCampHamilton13 on September 24th. Check out the interview with Todd below:

Tell me about yourself.

todd-head-2012-largeI work full time at Postmedia as a Senior Digital Specialist. In my spare time, I like to write. And, I am an avid fundraiser for Cystic Fibrosis Canada. My 6 year old daughter has CF and our family is desperate to find a cure for this terrible, fatal disease. My wife, my kids, faith, baseball, infosec & devops are a few of my favourite things.

What drives your passion for infosec?

I enjoy the puzzle aspect of information security. Keeping and uncovering secrets results in a constant game of cat & mouse between those trying to protect information and those trying to uncover information. This results in constantly evolving and improving technology. I really enjoy the excitement and interesting developments that this entails.

And, infosec has a long and storied past – it is intimately entwined in many of modern history’s greatest conflicts: World War I & II codebreakers, cold war spies and current NSA revelations via wikileaks and Edward Snowden are just a few examples. These all make for great stories of how technology has helped shape history.

What is Cryptogeddon about?

Cryptogeddon combines two words: Crypto is short for cryptography, which is the practice and study of hiding information. Geddon is short for armageddon, which infers end times in some way. Cryptogeddon suggests the end of secrets and what that might entail.

Cryptogeddon provides various missions, each of which challenges the participant to apply infosec tools to solve technology puzzles – an online scavenger hunt, if you will. The missions span a variety of targets, tools, techniques and scenarios. At first glance, the missions may seem discrete and unconnected. But over time, I suspect that a common theme and storyline will emerge.

Ultimately, I am trying to create something that will highlight the boundaries of privacy and to reinforce the fact that very little can be kept secret anymore.

Who are your target users for Cryptogeddon?

People that are naturally drawn to puzzles will enjoy Cryptogeddon. Obviously, people that have an interest in infosec, cryptography and computers will be target users for Cryptogeddon. The challenges presented by each mission will keep these people engaged. People looking to learn more about these topics will also benefit, as each mission provides a complete solution including step by step instructions, screenshots, and links to additional resources.

What can we expect in the first Cryptogeddon mission packs?

toolsYou can expect a good overview of the infosec landscape. You’ll see a few common types of scenarios:

• Recovery of stolen data;
• Identification of system vulnerabilities;
• Identification of organized crime members and the location of stolen property;
• Assess the security of business systems;

You’ll get to analyze a few common platforms, including:

• Linux & Windows
• Apache, IIS
• Amazon Web Services
• Android & iOS
• WordPress
• Various social media platforms including Twitter, Google+ & Facebook

And you’ll learn how to apply various infosec tools, including:

• TrueCrypt
• md5
• openssl
• Metasploit & Kali
• Nessus

How frequently do you plan on releasing mission packs?

I plan on releasing at least two mission packs each month.


What tools did you use to develop Cryptogeddon?

todddesktopI use a variety of tools to build each mission. The main deliverables consist of mission packs (ebook) and solution assets (virtual machines, photographs, text files, etc.).

Each mission varies, but in general, I use the following tools and services to build and deliver the solution assets:

• Amazon Web Services: EC2 & S3 primarily
• TrueCrypt
• md5
• openSSL
• Metasploit & Kali
• Nessus
• And a variety of editors depending on the task, including TextEdit, vi & Coda 2

Additional tools and services will be used in upcoming mission packs.

And I use the following tools to build the ebooks and deliver them to customers:

• Google Docs (for writing)
• Photoshop & Illustrator
• Shopify & Amazon Kindle Direct Publishing Service (for sales and fulfillment)

Do you have any beta testers?  Or would you be interested in any?

I do not currently have any beta testers, but I would love to have a sanity check before launching each mission out into the wild. If anyone’s interested, please send a tweet to @cryptogeddon with the subject line: “#BetaTester for Cryptogeddon.”

Why did you decide to make Cryptogeddon?

After attending Sector in 2012 (Sector is one of Canada’s largest annual IT Security Conferences), I commented to a friend of mine that I would love to see a presentation where the presenter walked the audience through a complete infosec scenario, starting with a plausible story, including characters, places and events. From there, the presenter would walk the audience through setting up the environment, selecting and installing basic tools, conducting initial scans, testing and identifying weaknesses, gathering evidence, etc.

I think this is a gap in the current infosec marketplace. You can read books that teach you how to use specific tools. You can read books that tell you stories about real or imagined infosec missions. But there are various few books that creatively mix a storyline with a technical challenge that the reader can directly interact with.

And similarly, there are a few capture the flag type events out there, but they happen infrequently and very seldom are there opportunities to have “on demand” scenarios that you can play anytime, anywhere.

Right after Sector in 2012, I said that we should try and build such a product to share at Sector 2013. My friend and I talked off and on about the idea for a few months, before I finally decided to give it some serious attention. My friend had other commitments, so unfortunately, he was unable to dedicate any time to this project. So, I decided to go it alone.

Did you run into any particular challenges making the first mission packs?

missioncoverThere are two particular challenges that come to mind:

First, building & sharing of server images: I was originally going to build the images using VirtualBox and then distribute the images using Dropbox, Amazon S3 or something similar. But, the VirtualBox images I was working with tended to be 1 GB or more in size, even for a small image file. I wanted to avoid the risk of high bandwidth charges and I didn’t like the idea of abusing Dropbox by opening multiple accounts to hold multiple images, so I decided to use Amazon EC2 instead. There is more effort required by participants to sign up for and learn how to use Amazon Web Services (AWS), but I think the extra effort is worth it in terms of educating Cryptogeddon participants on how to use the AWS platform.

Second, Deciding not to build a leaderboard: Early concepts of Cryptogeddon involved the concept of building a leaderboard to track progress and reward success. I think this is a great idea, but it would require a bunch of additional time and effort to incorporate a leaderboard into Cryptogeddon. I have been very focused on keeping the delivery of each mission as simple as possible. And, I wasn’t sure how much value a leaderboard would provide compared to the cost of building, implementing and maintaining it. So, for the time being, I’ve decided to skip the leaderboard.

What are you most proud of about Cryptogeddon?

cryptogeddon-square-smallBringing the product to market. Seriously. You always hear how tough it is to be an entrepreneur. Not only do you have to build the technical product, but there are a million other things to take care of as well: choosing a business name, logo, design, prototypes, testing, marketing, decide upon pricing, sales and fulfillment mechanisms, finance & accounting, and more. And all of those items need to be done APART from developing the actual product! Building the missions has been a great deal of fun. So has all of the other stuff. But I’d say that for every hour I spend building missions, I’ve spent 10 hours on the other stuff.

A quote from a recent article from Fast Company really resonated with me:

Successful entrepreneurs distinguish themselves from wannabe entrepreneurs simply by swallowing their fear and getting started. Jake Bronstein, founder of Flint and Tinder, purveyor of high-end made-in-America men’s underwear, says waiting too long ultimately results in paralysis.

“Start right now, and don’t talk to experts until you have started. If everyone knew all of the trouble, all of the problems, all of the pitfalls that lay ahead of you (as the experts in the field already do) nothing would get done, certainly nothing new,” he says. “You don’t need a business plan, you just need a plan.”

It reminded me to keep working through the numerous barriers and challenges and reach that end goal of delivering a fun, educational and rewarding experience to infosec practitioners.

So yeah… I’m most proud of having the perseverance to actually get to market.

How can the community help you make Cryptogeddon succeed?

Two things: feedback and help spread the word. I’d love to hear what people like and dislike about Cryptogeddon. Both positive and negative feedback are helpful and will help to improve the missions over time. And spread the word – tell your friends about and share Cryptogeddon (@cryptogeddon & on Facebook, Twitter, Google+, etc. The more people talk about and share Cryptogeddon, the better.

news Press Release

Introducing Cryptogeddon

Hi ,

I want to take this opportunity to formally welcome you to the Cryptogeddon mailing list. Thanks for subscribing.

First, I’d like to let you know that is now live and the first mission pack is available for purchase. And, I’d like to share a recent blog post that I wrote introducing Cryptogeddon. The piece is available to read at and on

And, I have a couple of pieces of exciting news to share with you:

Introducing “Cryptogeddon Mission Pack 1: Detect the Mole”:

SpaceWay Aeronautics believes they have been hacked. They suspect that foreign competitors have access to the blueprints for their next generation space vehicle.

You need to verify their suspicions by finding the files, the method of transmission and the employee(s) responsible for doing this. SpaceWay suspects that one of their servers was compromised due to suspicious activity. They have provided an image of the server for you to analyze.

Your assignment is the analyze the machine and confirm SpaceWay’s suspicions. Assuming you find evidence of compromise, you are to identify the files that have been transmitted, identify the person(s) responsible for this breach and identify the destination of the files.

  • Cryptogeddon Mission Pack 1 is a downloadable pdf document. It is 22 pages in length and provides all of the information you need to participate in this exciting infosec challenge.
  • This mission requires the use of Amazon Web Services (AWS) EC2 and this mission is compatible with Amazon Web Services’ Free Tier.
  • For a limited time, you can get special pricing for Mission Pack 1 – just $0.99! Click here to buy now!

Early Adopter Feedback Survey:
As an early subscriber to the Cryptogeddon mailing list, I’d like to share a unique opportunity with you to help shape the long term success of Cryptogeddon: I’m looking for some feedback from my early adopters to help make the product better. I’d like to know your thoughts on usability, design, layout, navigation, etc. as you’re interacting with Cryptogeddon.

  • I would appreciate if you could take the time to complete this survey: Cryptogeddon Early Adopter Feedback Survey
  • Please be honest and share your thoughts as I will be using this feedback to improve Cryptogeddon to make it better for you.

Thank you for allowing me into your inbox. I really appreciate the opportunity to reach out to you directly. I have a real passion for infosec and I hope that you’ll like Cryptogeddon as much as I do. Thanks again for your interest and talk soon!