In the early 2000s, growing up in a third-world country with limited resources meant computers and operating systems were constantly breaking. That scarcity pushed me to tinker and experiment, I learned to troubleshoot hardware, reinstall OSes, and reverse-engineer odd behaviors. I even experimented with keyloggers out of curiosity. That practical, trial-and-error schooling is where a lot of the so called “common sense” about security comes from. It is less theory, more failing, fixing, and learning what actually keeps one safe online.

I think it all stemmed from curiosity to learn and tinker. I wonder if gamifying it is enough but it’s a step.

I don't think you can recreate this in any top-down manner no matter how well-intentioned.

It has to matter to them, and what's more, it gives you extra boost if you aren't supposed to do it and no parent or teacher pats you on the shoulder, but rather your friends or people in online forums like it, or simply you like it for yourself, seeing that the computer does what you want.

I learned computers by making a website for my school class, where we would put pictures from events and excursions, hosted a chat and a phpbb, designed the graphical elements in cracked warez Photoshop etc. This forced me to naturally pick up the skills. HTML, JS, burning ISO to CD, downloading things etc. Also warez games, learning about the Program Files difectory at like age 8 and how to copy the cracked exe there. Or setting up port forwarding for multi-player gaming.

Or when I modded GTA (3/VC/SA) with new car models that I built in 3D modeling software based on hunting down the orthographic projection blueprints of our family car, or adding the police vehicles from my country in GTA, messing with textures etc.

Or translating games from English, reverse engineering the binary file that contained the strings, I figures out that the length of each string was also there and I had to modify that too, learn about big endian and little endian, learn to work with a hex editor, understand what hex is. It was super exciting. If I had a lecture from some teacher about hex representation with some exercises at the end of the chapter for homework, I likely would have found it boring. But here I had context, I had a goal, and I had no idea what I was looking at when I opened the hex editor, I just saw that people used similar tools for translating other games and so I tried on less popular games where nobody had a specialized tool yet, it felt like making discoveries, going deep into the jungle and prevailing.

Now to contradict myself, I did have a lot of fun also while solving PythonChallenge.com, even though it's artificial tasks. But at least I found it myself online and wasn't handed to me and nobody knew or cared that I was working on it.

So I think this is just really hard to externally motivate if the kids don't have any desires or drive to see some effect caused by them. And maybe even I wouldn't do it in the current software and phone environment.

But we also have to remember that a generation ago it was also not many people who were really into computers.

Game for kids, where you dedicate a third of the screen to a locked hint list and a very prominent "Buy Hint Tokens" button? Hard pass.

https://www.hacktivate.app/img/framed-ipad-3.png

The game industry needs to move away from milking vulnerable people with pay-to-win schemes.

Such a great idea and product!

Thanks for all the hard work.

However, please get rid of micro-transactions...

I'm fine paying full price of the product for my kid, but not micro-transactions.

Nice.. But Damn.. Apple only : (

Neat... Brings memories of the national cybersecurity courses you were talking about.

I never figured out how to do that "cat flag" terminal privilege escalation.

>how to do SQL injection, how to use rainbow tables to figure out hashes, how to use steganography to hide data in images, and more.

I feel like there are more practical and timeless topics that will still be relevant in 2040. Frameworks (abstraction) have largely solved SQL injection and bad cryptography.

Personally I would avoid a cybersecurity focused corriculum and just focus on regular software engineering. Being able to think like who you are attacking and knowing the common pitfalls is most of the battle.