Newsworthy
IITB Trust Lab Capture The Flag National Edition 2025
As part of Trust Summit, on 13 December, Trust Lab hosted the finale of the national edition of our Capture The Flag (CTF) cybersecurity competition. This event brought together some of India’s most promising young cybersecurity minds for a grueling full-day challenge designed to mirror real-world digital threat scenarios.
The journey to the finale began in November with a rigorous preliminary online round, which saw an overwhelming response from 480 teams — participating either individually or in groups of two — representing top engineering institutes from across the country. Following a fierce qualifying stage, the top 50 teams were shortlisted for the campus finale at IIT Bombay.
In a CTF, participants must solve complex puzzles to uncover “flags”—unique strings that serve as proof of a successful hack. This CTF featured a diverse range of challenges across Cryptography, Web Exploitation, and Reverse Engineering.
As for the winners, first place was secured by Team ‘Gingers’, followed by Team ‘ChatpataVada Paav’ in the second place and Team ‘Daalbaatichurma’ in the third place, with all three teams representing IIT Roorkee. The fourth place was awarded to Team ‘fl4g0rD13’ from IIT Madras, while the fifth place went to Team ‘Deathwing’ from Vishwakarma Institute of Technology, Pune.
Spotlight
Our heartiest congratulations to Prof. Devashish Gosain for having the following papers accepted for publication in various leading conferences and symposiums on network security! Over the next few editions, we will be diving deeper into some of the topics here.
- There is No War in Ba Sing Se: A Global Analysis of Content Moderation in Large Language Models, accepted for publication in the proceedings of Network and Distributed Security Symposium (NDSS)
Authors: Friedemann Lipphardt, Moonis Ali, Martin Banzer, Anja Feldmann, Devashish Gosain
- Is Misinformation More Open? A Study of robots.txt Gatekeeping on the Web, accepted for publication in the proceedings of The ACM Web Conference (WWW).
Authors: Nicolas Steinacker-Olsztyn, Devashish Gosain, Ha Dao
- “Nobody should control the end user”: Exploring Privacy Perspectives of Indian Internet Users in Light of DPDPA, accepted for publication in the proceedings of Computer and Communications Security (AsiaCCS).
Authors: Sana Athar, Devashish Gosain, Anja Feldmann, Mannat Kaur, Ha Dao
- Dual Standards: Examining Content Moderation Disparities Between API and WebUI Interfaces in Large Language Models, accepted for publication in the Proceedings of Free and Open Communications over the Internet (FOCI) co-located with PoPETS.
Authors: Friedemann Lipphardt, Moonis Ali, Martin Banzer, Anja Feldmann, Devashish Gosain
- Clicking into Exposure: Uncovering Privacy Risks of Google Click Identifier in YouTube Ads, accepted for publication in proceedings of Privacy Enhancing Technologies (PoPETS).
Authors: Ha Dao, Abhishek Shinde, Sana Athar, Devashish Gosain
- Can You Hear Me? A First Study of VoIP Censorship Techniques in Saudi Arabia and the UAE, published in the proceedings of IEEE European Symposium on Security and Privacy (EuroS&P).
Authors: Friedemann Lipphardt, Anja Feldmann, Devashish Gosain
- Intractable Cookie Crumbs: Unveiling the Nexus of Stateful Banner Inter- action and Tracking Cookies, in proceedings of Privacy Enhancing Technologies (PoPETS).
Authors: Ali Rasaii, Ha Dao, Anja Feldmann, M Javid, Oliver Gasser, Devashish Gosain
