LCA 2008 Security Blogging Contest

I have decided to run a contest for security related blog posts that appear on Planet Linux Conf Au [1]. That Planet is for people who are attending Linux Conf Au [2], and the prize (or prizes) will be given out at the conference.

The aim will be posts on the topic of computer security from people who are not experts. Anyone who has been employed as a security consultant or developer of security software or who has spoken at a conference such as LCA on a topic related to security can enter but will only be eligible for an honourable mention. Any such expert who enters for an honourable mention MUST note on their entry that they are not eligible for a prize to avoid any possible confusion.

Only blog posts of a positive nature will be well regarded by the judges. Negative reviews are only acceptable if they have positive suggestions for improvement and/or bug reports linked from them.

You may submit a series of posts on a theme, and multiple posts on different security issues will help an entry – we will judge the contributions of the person not a single post.

The prize pool is currently $50, which I hope to expand – but such expansion depends in part on the quality and quantity of early entries, so if some good entries are submitted soon then there will be more and bigger prizes. Currently the prize pool comes from the pockets of me and Casey, commercial sponsorship will be accepted and may increase the prize pool significantly.

The duration of the contest is from this moment until at least lunch-time on Friday the 1st of February. We may extend the contest until Friday night and announce the winner(s) on Saturday – but at this time you should not count on such an extension and plan to have your entry or entries in by mid-day on Friday the 1st of Feb (Australian eastern daylight savings time).

So far of the people I have invited to join the judging panel only Casey Schaufler has accepted. Casey and I will consider offers to assist in judging from people who have a combination of security and blogging experience that is significant, but note that as of this time all prize money comes from the judges…

When you write a post that you wish to submit for the contest please comment on this post with the URL to make sure that the judges don’t miss it. Entries submitted on the last day may need some other form of notification, I will write a future post which clarifies this issue.

Some issues related to selecting the winners have yet to be determined, I will write future posts with more information. But please don’t hesitate to enter now, well written posts that have a positive tone are what you need. Also entering quickly will help increase the prize pool, more prizes means a greater chance that you will win one!

One thing I am considering is how to manage commercial sponsorship if it is offered. One possibility I am considering is allowing a sponsor to declare that half of the money they pay will be used as prizes for entries that relate to their product. That would give an extra incentive for people to blog about topics related to the sponsor but still give extra prize money for other topics. In that situation the relation between the sponsor’s product and the prize winning entry or entries would be liberal, so a post about standard Unix security features would be eligible for prize money from any commercial Linux distribution.

Finally you must have your own individual blog to enter the contest. Guest-posts on other people’s blogs or group efforts are not eligible for anything other than an honourable mention.

Update: The contest is over and was not a success. See this page for the details [3].

3 comments to LCA 2008 Security Blogging Contest