OpenIDEO is an open innovation platform. Join our global community to solve big challenges for social good. Sign Up / Login or Learn more

CVE Cat Public Service Announcements

CVE (Common Vulnerabilities and Exposures) Cat is a cartoon character designed to help make software developers aware of exploitable bugs.

Photo of Spin Universe
4 0

Written by

Sketch 1 (1,500 characters)

CVE Cat is envisioned to be spooky but not scary. A useful warning for the possible but not an irrational fear of the future. This PSA describes common exploitation technique of buffer overflow where a programmer creates an unbounded memory buffer which can be overwritten with a string that's larger than what is allocated.

Sketch 2 (1,500 characters)

This PSA describes XSS (Cross-Site Scripting) where an attacker can inject code into a URL string (a web address location) and start causing trouble.

What have you learned through this sketching process? (1,000 characters)

This competition is useful because it encouraged me to start looking at different cyber exploits and the problems they can cause. Being aware is the first step. I'm also surprised by how common some of these vulnerabilities are and how often they're exploited. Software development education appears to be lacking in awareness of these problems.

Tell us more about you. (1,000 characters)

I like to dabble in art. I like creating art that strikes the imagination. I've developed software before and this contest gave me an excuse to work on my art skills while learning about software security which I wasn't familiar with.

Why are you participating in this Challenge? (750 characters)

This contest seems like an interesting opportunity to educate the broader public (and software developers) at large about security problems. I can even envision these PSA posters in elementary and high schools as the general public will need to be more tech savvy in the future. Any resources I can create that enlighten the public will help.

What is your experience with the field of cybersecurity?

  • I have minimal experience and/or knowledge in the cybersecurity field.

What best describes you?

  • I’m a visual creator by hobby.

How did you hear about this OpenIDEO Challenge?

  • OpenIDEO email / social media

Location: City

Grand Rapids

Location: State / District

Michigan

Location: Country

  • United States of America

4 comments

Join the conversation:

Comment
Photo of Dima Boulad

Hello Spin Universe  Happy to see your contribution to the Cybersecurity challenge. How would you consider pushing this idea further? We've had a large number of very interesting creations, have you had a chance to browse other submissions? There's a very interesting conversation around cybersecurity going on!

Photo of Spin Universe

Hi Dima, My original plan for CVE Cat was to create images to cover all the general types of security bugs (i.e. SANS institute Top 20). I was thinking in terms of educational posters that educate/entertain, convey the information well, and are easy to understand. Moving forward, I'd rename this information campaign to MeowSec and emphasize awareness of the most common security bugs for software devs as a preventive measure (rather than trying to cover the ever-expanding list of actual CVEs which grows daily at a staggering rate).
For the general public, since software is eating the world, if people see these memorable ghostly cat pictures everywhere in their lives they'll be more likely to remember and be aware of the software that affects their daily lives.
If these posters appeared in schools, they could also serve as inspiration to kids to join services such as hackerone or otherwise get involved in software development/security.
Thanks, Spin

View all comments