Our War Game

Capture the flag (CTF) is a competitive game in which players mimic the discovery and exploitation of vulnerabilities in information systems. As a kind of hacker eSport, CTF competitions are a distinct example of what Sonia Fizek and Anne Dipple describe as “laborious play” the rigorous application of knowledge-intensive labour in a game or game-like context, often distinctly serious in the real-world application of knowledge sometimes described as “serious play”. This chapter proves that the laborious play of CTF has a specific function, that the game’s design and play reflect a kind of knowledge transfer, in which hacker practice and knowledge informs the work of information security through participation in such a competition. In support of this argument and observations, it utilizes data collected from observation of three CTF competitions and 56 semi-structured interviews with CTF designers and players about their experiences with these games and its relationship to their work/studies in information security.