Speaker: Sven Oliver ('SvOlli') Moll Going more retro than the Commodore C=64: The Atari 2600 VCS was the breakthrough for video games in your own living room. This lecture will cover a bit of the history on how it came to live, describes the hardware used and shows how to write your own code for it.
Speaker: Tomaž Šolc Galaksija was to be in Yugoslavia what Commodore and Sinclair were in the west. Whether it succeeded or not, its deceptively simple design can still teach us a lot of interesting tricks on how to make a usable computer and operating system with as few transistors and bits as possible.
Speaker: Tim Pritlove Welcome to the 30th Chaos Communication Congress Introductory event to say hello to everybody, give a brief overview of the event's features and look into history and future alike
Speaker: lizvlx Art Practice under the Regime of Anti-Terror Legislation This lecture shall give a first person account of how circumstances have dramatically changed for actionist art practice over the last 15 years. I will use examples from my own art practice to show the impossibility to engange in digital and real-life actionism as they are considered criminal under anti-terrorist laws.
Speaker: Stefan Widmann Techniques - Tools - Tricks This talk gives an introduction to firmware analysis: It starts with how to retrieve the binary, e.g. get a plain file from manufacturer, extract it from an executable or memory device, or even sniff it out of an update process or internal CPU memory, which can be really tricky. After that it introduces the necessary tools, gives tips on how to detect the processor architecture, and explains some more advanced analysis techniques, including how to figure out the offsets where the firmware is loaded to, and how to start the investigation.
Speakers: *m, Jeff Mann, frank, Diani Barreto The Making of… Auf dem 30C3 wird es, neben der bisher gewohnten digitalen Infrastruktur mit Netz, Telefon etc. dieses Jahr auch erstmalig ein Rohrpost-System mit dem schönen Namen Seidenstraße geben. Als Inspiration dient die auf geschlossenen Drainagerohren und Staubsaugern basierende Installation OCTO der Künstlergruppe Telekommunisten, die einigen von der letzten transmediale bekannt sein dürfte.
Speaker: Andreas Lehner Dieser Vortrag beschreibt Konzept und Idee des tiefen Staates anhand der Geschichte der BRD.
Speaker: josch How to do things with words Der Vortrag stellt fortgeschrittene linguistische Methoden des politisch motivierten Internetmonitorings vor. Er gibt keine Anleitung, wie man sich der Überwachung wirkungsvoll entziehen kann, denn das ist ohnehin zwecklos.
Speakers: Martin Haase/maha, khamacherDie Diskussion um NSA, PRISM, Tempora sprachlich und logisch aufgearbeitet Die Enthüllungen Edward Snowdens haben die deutsche Politik für kurze Zeit in Aufregung gebracht. Für eine Beruhigung reichte es bereits aus, die Enthüllungen in sprachlich-logisch cleverer Weise zu verarbeiten, sie teilweise in ein anderen Kontext zu stellen und so schließlich Entwarnung geben zu können: Die Bundesregierung hat „keine Anhaltspunkte für flächendeckende Überwachung“. Bei diesem Vorgehen handelt sich um ein Paradebeispiel dafür, wie mit einfachen sprachlich-rhetorischen Tricks die politisch Verantwortlichen die Öffentlichkeit und sich selbst so weit täuschten, dass es ihnen nicht mehr nötig erschien, sich mit den eigentlichen Problemen auseinanderzusetzen, und so das leidige Thema aus dem Wahlkampf herausgehalten werden konnte. Neben den mittlerweile zum Standard gehörenden „Basta“-Floskeln spielte das Phänomen der Modalisierung eine besondere Rolle, wie die genauere Analyse zeigt. Auch logische Fehler wie Zirkelschlüssel und (zu) strikte Einschränkung des thematischen Bezugs erlaubten diese „Flucht-nach-vorne“-Strategie. Die Häufung sprachlicher Tricks und des logisch-inhaltlichen Ausweichens legen eine Inszenierung nahe.
Speaker: Jan Schejbal It hurts. We reverse-engineered one implementation of the non-public CHIASMUS cipher designed by the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, short BSI). This did not only give us some insight on the cipher, but also uncovered serious implementation issues in GSTOOL which allow attackers to crack files encrypted with the GSTOOL encryption function with very little effort.
Speaker: nbd How OpenWrt evolved from a WRT54G firmware to an universal Embedded Linux OS A review of the 10 year history of the OpenWrt project, current events, and upcoming developments.
Speaker: gannimo Deep program analysis without the headache Symbolic Execution (SE) is a powerful way to analyze programs. Instead of using concrete data values SE uses symbolic values to evaluate a large set of parallel program paths at once. A drawback of many systems is that they need source code access and only scale to few lines of code. This talk explains how SE and binary analysis can be used to (i) reverse-engineer components of binary only applications and (ii) construct specific concrete input that triggers a given condition deep inside the application (think of defining an error condition and the SE engine constructs the input to the application that triggers the error).
Speaker:Alexa O'Brien Reporting on the secret trial of Chelsea Manning At Fort George "Orwell" Meade, home of the NSA and the US Defense Information School, managing the message of Chelsea Manning's trial was facilitated by a lack of public access to most of the court filings and rulings until 18 months into her legal proceeding.
Speakers: tw, sb Stealing Money from ATMs with Malware This talk will discuss a case in which criminals compromised and robbed an ATM by infecting it with specially crafted malware. The successful compromise of an ATM can easily result in the loss of several hundred thousand dollars.
Speaker: mel/ Agnes Meyder Introduction to Heterogeneous Parallel Programming This talks introduces programming concepts and languages for parallel programming on accelerator cards.
Speaker: Stefan Wehrmeyer Erkenntnisse aus Informationsfreiheitsanfragen - Hacks, Bugs, Workarounds Mit Informationsfreiheitsgesetz (IFG) und FragDenStaat.de kann man als Bürger den Staat einfach zurücküberwachen. Was erfährt man, wenn man fragt? Wo sind die Probleme, was sind die Workarounds? Ein Blick zurück auf 2013, nach vorn auf 2014 und ein Aufruf das IFG zu nutzen.
Speaker: anja more than just pew pew! This talk will give an introduction on lasers and space and it will show the huge diversity of applications for lasers in space.
Speakers: Karsten Nohl, Luca Melette Mobile networks should protect users on several fronts: Calls need to be encrypted, customer data protected, and SIM cards shielded from malware. Many networks are still reluctant to implement appropriate protection measures in legacy systems. But even those who add mitigations often fail to fully capture attacks: They target symptoms instead of solving the core issue.
Speaker: ruedi Was tun nach der mittelmäßigen Kryptographie-Apokalypse? Die Verwendung von mittelmäßiger Kryptographie scheint gegen Angreifer mit Milliarden-Etat komplett versagt zu haben. Namentlich RC4, MD5 und SHA1 scheinen praxisrelevant brechbar.
Speaker: Clemens Hopfer introduction to software radio principles The aim of this talk is to give an understandable insight into wireless communication, using existing systems as examples on why there are different communication systems for different uses.
Speaker: MaTu Velocipedes and Face Recognition This talk considers the use of new technology to police large crowds in the Romantic period. We examine ethical aspects of modern surveillance technologies by looking at debates around crowd control and face recognition in the age that first imagined, and reflected on, the surveillance state.
Speaker: Andreas Bogk Applying science to eliminate 100% of buffer overflows Violation of memory safety is still a major source of vulnerabilities in everyday systems. This talk presents the state of the art in compiler instrumentation to completely eliminate such vulnerabilities in C/C++ software.
Speaker: Peter Stuge Clean boot every boot - rejecting persistence of malicious software and tripping up the evil maid A commodity laptop is analyzed to identify exposed attack surfaces and is then secured on both the hardware and the firmware level against permanent modifications by malicious software as well as quick drive-by hardware attacks by evil maids, ensuring that the machine always powers up to a known good state and significantly raising the bar for an attacker who wants to use the machine against its owner.
Speaker: C B Concepts and components for intercontinal communication with single photons. This talk should introduce the general 30c3 participant with several components of long distance quantum communication.
Speaker: Andrew Reiter (arr,awr) Software-Defined Radio (SDR) has increased in popularity in recent years due to the decrease in hardware costs and increase in processing power. One example of such a class of devices is the RTL-SDR USB dongles based on the Realtek RTL2832U demodulator. This talk will discuss my experience in building a distributed RF scanner array for monitoring and spectrum mapping using such cheap SDR devices. The goal is to help the audience understand the what, why, and how of building their own RF monitoring array so that they will be able to do it themselves. In this era of increasingly being ``watched'', we must be prepared to do our own ``watching''.
Speakers: Glenn Greenwald, frank
Speakers: Jacob, arma We're living in interesting times Roger Dingledine and Jacob Appelbaum will discuss contemporary Tor Network issues related to censorship, security, privacy and anonymity online.
Speaker: sven, marcan, Nicholas Allegra (comex) WiiU About a year ago Nintendo released their latest video gaming console, the Wii U. Since 2006, the Wii has led to one of the most active homebrew scenes after its security system was completely bypassed. This talk will discuss the improvements made in Wii U's architecture and explain how it was broken in less than 31 days. The talk is targeted at those who hack (or design) embedded system security, but gamers might also find it interesting.
Speaker: Joe Davis Vortrag: Forbidden Fruit Various dietary restrictions are historically associated with human culture and civilization. In addition, millions suffer from eating disorders that have both pathological and cultural origins.
Speaker: Kai Activity Recognition for the Mind The talk gives an overview about our work of quantifying knowledge acquisition tasks in real-life environments, focusing on reading. We combine several pervasive sensing approaches (computer vision, motion-based activity recognition etc.) to tackle the problem of recognizing and classifying knowledge acquisition tasks with a special focus on reading. We discuss which sensing modalities can be used for digital and offline reading recognition, as well as how to combine them dynamically.
Speaker: RPW, esizkur Hexagon challenges Exploitation of baseband vulnerabilities has become significantly harder on average. With Qualcomm having grabbed 97% of the market share of shipped LTE chipsets in 1Q2013, you see their chipset in every single top-of-the-line smartphone, whether it is an Android, an iPhone, a Windows Phone or a Blackberry.
Speaker: Markus Beckedahl, Thomas Lohninger Wer kontrolliert das Netz? Seit Jahren nur in Fachzirkeln diskutiert gab es 2013 den Durchbruch für die Debatte um Netzneutralität. Mit der Ankündigung der Deutschen Telekom im Frühjahr, zukünftig auf Volumentarife umzusteigen und Partnerdienste priorisiert durchzulassen, wurde Netzneutralität eines der meistdiskutierten netzpolitischen Debatten des Jahres. Auf nationaler Ebene startete das Bundeswirtschaftsminsiterium eine Diskussion über eine Verordnung und auf EU-Ebene legte die Kommission einen Verordnungsvorschlag vor.
Speaker: Anja Drephal Stalin's best men, armed with paper and pen The use of encryption to secure sensitive data from unauthorized eyes is as old as human communication itself. Before the relatively new method of computerized encryption software converting data into a format unintelligible to anyone lacking the necessary key for its decryption, for a long time there was pen and paper and the human brain doing quite a bit of work. Up until the 20th century encryption had to be done literally by hand, to then be transmitted in paper form, via telegraphy or radio. In this context, encryption of data has always been of special importance during times of political conflict and war; subsequently, it saw its major developments during those times in history. This talk will examine and explain common hand encryption methods still employed today using the example of one very successful Soviet espionage group operating in Japan in the 1930s and 1940s: the spy ring centered around Richard Sorge, codenamed “Ramsay”.
Speaker: grothoff A Decentralized PKI For Social Movements DNS, DNSSEC and the X.509 CA system leak private information about users to server operators and fail to provide adequate security against modern adversaries. The fully decentralized GNU Name System provides a privacy-enhancing and censorship-resistant alternative.
Speakers: Quinn Norton, Eleanor Saitta The news of the past few years is one small ripple in what is a great wave of culture and history, a generational clash of civilizations. If you want to understand why governments are acting and reacting the way they are, and as importantly, how to shift their course, you need to understand what they're reacting to, how they see and fail to see the world, and how power, money, and idea of rule of law actually interact.
Speaker: Martin Herfurt OMG - my Smart TV got pr0wn3d 10789556_m HbbTV (Hybrid broadband broadcast TV) is an emerging standard that is implemented in a growing number of smart TV devices. The idea is to bundle broadcast media content with online content which can be retrieved by the TV set through an Internet connection. Mechanisms that allow the online content to be accessed by the TV set can be attacked and might put the TV user’s privacy at stake. The presentation highlights possible attack vectors of HbbTV-capable TV sets and introduces possible mitigations.
Speaker: Michael Büker On the Awesomeness of Particle Accelerators and Colliders A light-hearted presentation about many aspects of particle accelerators like the LHC and their particle collision experiments. Aimed at technically interested non-scientists and physics buffs alike.
Speaker: angcui Embedded Security Using Binary Autotomy We present a collection of techniques which aim to automagically remove significant (and unnecessary) portions of firmware binaries from common embedded devices to drastically reduce the attack surface of these devices. We present a brief theoretical explanation of Firmware Fat Camp, a collection of "before" and "after" photos of graduates of FFC, along with a set of live demonstrations of FFC in action on common embedded devices. Modern embedded systems such as VoIP phones, network printers and routers typically ship with all available features compiled into its firmware image. A small subset of these features is activated at any given time on individual devices based on its specific configuration. An even smaller subset of features is actually used, as some unused and insecure features cannot are typically enabled by default and cannot be disabled. However, all embedded devices still contain a large amount of code and data that should never be executed or read according to its current configuration. This unnecessary binary is not simply a waste of memory; it contains vulnerable code and data that can be used by an attacker to exploit the system. This “dead code” provides an ideal attack surface. Automated minimization of this attack surface will significantly improve the security of the device without any impact to the device’s functionality.
Speakers: Sec, Ray Number guessing for geeks The Hacker Jeopardy is a quiz show.
Speaker: Karl Heinz Jeron A singing and dancing robot build to take part in casting shows Sim Gishel is a multimedia robot. He sings and dances on request. He will try hard to take part in casting shows to become a popstar.
Speaker: Jaap-Henk Hoepman Attribute Based Credentials in Practice Attribute Based Credentials (ABC) allow users to prove certain properties about themselves (e.g. age, race, license, etc.) without revealing their full identity. ABC are therefore important to protect the privacy of the user. The IRMA (I Reveal My Attributes) project of the Radboud University Nijmegen has created the first full and efficient implementation of this technology on smart cards. This allows ABC technology to be used in practice both on the Internet as well as in the physical world. We will discuss ABCs in general, the IRMA system, it's advantages and pitfalls, and future work.
Speaker: Aram Bartholl How to make art after Snowden? USB DeadDrops, IRL map marker in public, FUCK 3D glasses or How to vacuum form a guy fawkes mask. I will present an extensive overview of my art projects from over the last 10 years including the Fake Google car by F.A.T. and moar!! It all started here at the CCC congress! :))
Speaker: Nicolas Pouillard Security notions, proofs and attacks using dependently typed functional programming Software engineering is in a unsustainable state: software is mainly developed in a trial and error fashion, which always leads to vulnerable systems. Several decades ago the correspondence between logics and programming (Curry-Howard) was found. This correspondence is now being used in modern programming languages using dependent types, such as Agda, Coq, and Idris. In this talk I show our development of attacks and security notions within Agda, using the recent BREACH exploit as an example. Our development is a constructive step towards verified software and bridges a gap between theory and practice. I will explain the details about the Curry-Howard correspondence. The target audience are interested people with some programming experience.
Speaker: Drahflow A case for expansionistic space policy An abundant number of existential risks threatens humanity. Many of those planetary by nature. Current science already enables us to colonize nearby space, yet nobody bothers to supply the modest financial resources. Hence this call to action.
Speaker Stephen Balaban Fun and frightening uses of always-on camera enabled wearable computers A one hour technical lecture that covers everything from machine learning and AI to hardware design and manufacture. Includes demonstrations of applications enabled by an always-on image capturing wearable computer. You'll leave with a clear understanding of the field's status quo, how we got here, and insight into what's around the corner.
Speaker: J. Alex Halderman Internet-wide network scanning has powerful security applications, including exposing new vulnerabilities, tracking their mitigation, and exposing hidden services. Unfortunately, probing the entire public address space with standard tools like Nmap requires either months of time or large clusters of machines. In this talk, I'll demonstrate ZMap, an open-source network scanner developed by my research group that is designed from the ground up to perform Internet-wide scans efficiently. We've used ZMap with a gigabit Ethernet uplink to survey the entire IPv4 address space in under 45 minutes from a single machine, more than 1300 times faster than Nmap. I'll explain how ZMap's architecture enables such high performance. We'll then work through a series of practical examples that explore the security applications of very fast Internet-scale scanning, both offensive and defensive. I'll talk about results and experiences from conducting more than 300 Internet-wide scans over the past 18 months, including new revelations about the state of the HTTPS CA ecosystem. I'll discuss the reactions our scans have generated--on one occasion we were mistaken for an Iranian attack against U.S. banks and we received a visit from the FBI--and I'll suggest guidelines and best practices for good Internet citizenship while scanning.
Speaker: David Side-Channel (and other) Attacks in Practice Side-channel analysis (SCA) and related methods exploit physical characteristics of a (cryptographic) implementations to bypass security mechanisms and extract secret keys. Yet, SCA is often considered a purely academic exercise with no impact on real systems. In this talk, we show that this is not the case: Using the example of several wide-spread real-world devices, we demonstrate that even seemingly secure systems can be attacked by means of SCA with limited effort.
Speaker: Travis Goodspeed Repurposing an Inmarsat Dish Satellites in Low Earth Orbit have tons of nifty signals, but they move quickly though the sky and are difficult to track with fine accuracy. This lecture describes a remotely operable satellite tracking system that the author built from a Navy-surplus Inmarsat dish in Southern Appalachia.
Speaker: Jan Philipp Albrecht Jan Phillip Albrecht is rapporteur of the European Parliament for the EU's General Data Protection Regulation as well as for the EU-US data protection framework agreement.
Speaker: Michael Zöller Free Software on Your Camera We present Magic Lantern, a free open software add-on for Canon DSLR cameras, that offers increased functionality aimed mainly at DSLR pro and power users. It runs alongside Canon's own firmware and introduces to consumer-grade DSLRs features usually only found in professional high-end digital (cinema) cameras.
Speaker: Josef Foschepoth Historische Grundlagen und notwendige Konsequenzen Seit Monaten hält uns die NS-Affäre in Atem. Immer neue Abhörmaßnahmen und geheimdienstliche Praktiken werden enthüllt. Ein gigantisches Ausmaß an Überwachung durch die Vereinigten Staaten von Amerika tut sich auf, weltweit. In Europa ist die Bundesrepublik Deutschland das am meisten überwachte Land.
Speaker: Felix "tmbinc" Domke Using existing hardware platforms to integrate python into your dashboard Almost all higher-end cars come with very beefy in-car entertainment hardware. In this talk, I'll describe how to take advantage of an existing hands-free kit to connect your car to the internet and script your dashboard in python.
Speaker: Oona Räisänen How I discovered mysterious hidden signals on a public radio channel and eventually found out their meaning through hardware hacking, reverse engineering and little cryptanalysis.
Speaker: Robert M Ochshorn Twisting time and space to explore the unknown Using case studies of documentary film, Freedom of Information Law document dumps, soundbanks, and a hacker conference, I will demonstrate experiments and results of several years developing open source tools to reorient the idea of documentary around its documents. This is in opposition to a tendancy towards textual and machine-readable metadata, which unduly constrain our wonder, perception, and ability to navigate ambiguous and unknown material.
Speakers: Nicolas Maigret, Brendan Howell Creating mash-up movies by hidden activity and geography of Peer-to-Peer file sharing "The Pirate Cinema" reveals Peer-to-Peer information flows. It is a composition generated by the activity on file sharing networks. "The Pirate Cinema" immerses the viewer in network flows.
Speaker: Stephen A. Ridley In this talk (which in part was delivered at Infiltrate 2013 and NoSuchCon 2013) we will discuss our recent research that is being rolled into our Practical ARM Exploitation course (sold out at Blackhat this year and last) on Linux and Android (for embedded applications and mobile devices). We will also demonstrate these techniques and discuss how we were able to discover them using several ARM hardware development platforms that we custom built. Where relevant we will also discuss ARM exploitation as it related to Android as we wrote about in the "Android Hackers Handbook" which we co-authored and will be released in October 2013.
Speaker: Karsten Becker Making awesome stuff with FPGAs In this talk I want to show you around in the mysterious world of Field Programmable Gate Arrays, or short FPGAs. The aim is to enable you to get a rough understanding on what FPGAs are good at and how they can be used in areas where conventional CPUs and Microcontrollers are failing upon us. FPGAs open up the world of high-speed serial interconnects, nano-second event reactions and hardware fuzzing.
Speaker: olia lialina What can be done to protect the term, the notion and the existence of the Users? With the disappearance of the computer, something else is silently becoming invisible as well — the User. Users are disappearing as both phenomena and term, and this development is either unnoticed or accepted as progress — an evolutionary step. Though the Invisible User is more of an issue than an Invisible Computer.
Speaker: Frantisek Algoldor Apfelbeck call for participation in project and product development This is a call for participation in a project aimed to build up an open source based experimental incubator which can be used for variety of food, beverage and bio hacking projects allowing for easy control and monitoring of internal condition like temperature and humidity. Working groups will be established to develop prototypes which can be easily and relatively cheaply assembled. Securing funding and establishing a portal to effectively share the news and knowledge within the groups and wider community will be major part of the first phase.
Speaker: Nadia Heninger, djb, Tanja Lange This was a busy year for crypto. TLS was broken. And then broken again. Discrete logs were computed. And then computed again. Is the cryptopocalypse nigh? Has the NSA backdoored everything in sight? Also, answers to last year's exercises will be given.
Speakers: Talke Blase, Asta Nechajute, Felix Höfner ,Mona Mucke Wer ist eigentlich dieser "Verfassungsschutz", was tut er und brauchen wir ihn überhaupt? Laut Angaben des Verfassungsschutzes beantworten drei Viertel der deutschen Bundesbürger diese Frage mit "Ja.". Das nö-theater Köln stellt diesem jedoch ein klares "NÖ!" entgegen. Auf Basis intensiver Interviews, Beobachtungen und Recherchen entwickelten sie das politische Satirestück "V wie Verfassungsschutz". Es werden die Verstrickungen des deutschen Inlandsgeheimdienstes mit der NSU beleuchtet, die "fünf peinlichsten Fälle für den Verfassungsschutz" neben den Pannen mit prostitutionsähnlichen V-Mann-Praktiken inszeniert. Dazwischen tanzt fröhlich Leo Lupix, das Maskottchen des Verfassungsschutzes. Die Kölner Theatertruppe hebt für uns den Zeigefinger und sagt: V wie... Vertuschung, V wie... Verzweiflung - V wie... Versagen.
Speaker: byterazor This lecture gives an introduction to processor design. It is mostly interesting for people new to processor design and does not cover high performance pipelined structures. Small knowledge on VHDL programming would be great but is not essential. A very small processor core will described here. Demo: Create a backdoor in the VHDL Code of a processor core. Exploit this backdoor to get a root shell in the linux operating system.
Speaker: !Mediengruppe Bitnik !Mediengruppe Bitnik about their recent works !Mediengruppe Bitnik are contemporary artists. In their talk they will show two examples of their work, illustrating the translation of hacking from the computer field into an artistic practice. Bitnik will show how to hack the opera in ten easy steps and what happens when you send a parcel with a hidden live webcam to Julian Assange at the Ecuadorian Embassy in London. Using the strategies of hacking, !Mediengrupppe Bitnik intervenes into settings with the aim of opening them up to re-evaluation and new perspectives.
Speaker: Peter Laackmann, Marcus Janke Von der Historie zur Zukunft Eine unterhaltsame, spannende und lehrreiche Reise durch 25 Jahre Chipkarten-Angriffe mit tiefen Einblicken in Amateur- und Profi-Hackerlabore, inklusive eines Ausblicks in neueste Methoden und zukünftige Ansätze.
Speakers: sergeybratus, Julian Bangert, bx Ken Thompson's classic "Reflections on Trusting Trust" examined the impacts of planted build chain bugs, from an example of a compiler Trojan to a hypothetical "well-placed microcode bug". Once theoretical & remote, such scenarios have lately been revealed as a stark reality.
Speaker: Linus Neumann So hosten Sie Ihre De-Mail, E-Mail und Cloud direkt beim BND! Die technischen Probleme der De-Mail ließen sich juristisch lösen, und auch bei der E-Mail setzen deutsche Provider bald Sicherheitsstandards der Neunziger Jahre um. Auch für "die Cloud" hat das BSI einen feinen Standard parat – natürlich ohne Verschlüsselung. Wofür bräuchten wir die auch im Schlandnet?
Speaker: atdotde A farewell to a bold proposal? Supersymmetry has been particle theorists' favorite toy for several decades. It predicts a yet unobserved symmetry of nature and implies that to each known type of elementary particle there exists a partner particle none of which has been detected up to today. I will explain why it is an attractive idea nevertheless and what is the current situation after the large hadron collider (LHC) at CERN has looked at many places where supersymmetric partners were expected and did not find them. Is it time to give up hope that susy is a property of nature?
Speaker: nedos The future of IC analysis In the chain of trust of most secure schemes is an electronic chip that holds secret information. These schemes often employ cryptographically secure protocols. The weakest link of such a scheme is the chip itself. By attacking the chip directly an attacker can gain access to the secret data in its unencrypted form. In this presentation we demonstrate the attack class of the future, backside attacks. This class of attacks mitigate all device countermeasures and can access all signals of the device. As opposed to the attacks of today, these attacks can also be applied to complex systems such as the ARM SoCs of modern smartphones.
Speaker: Julian Oliver In this lecture Julian will introduce projects and interventions made by himself and others that foreground Engineering, rather than Art, in the creative and critical frame, offering highly public insights into the hidden mechanisms and power struggles within our technical environment. Projects such as the Transparency Grenade, Packetbruecke and Newstweek will be covered in detail.
Speaker: Karsten Becker Let's create the Arduino for FPGAs Learning to program an FPGA is time consuming. Not just do you need to download and install 20 GB of vendor tools, but you also need to wrap your brain around the strange ideas of hardware description languages like VHDL. PSHDL aims to ease the learning curve significantly and provide more people with the ability to program FPGAs.
Speaker: wsa Companies are often blamed for not working upstream. Surprisingly, the situation is not per se better with community projects. To change the latter for the better, Wolfram will show some examples regarding the Linux Kernel and present ideas to create win-win-win situations.
Speaker: mrv, bbuegler Food replicating Robots from Open Source Technologies Did you ever feel the need to be in charge of your environment? We did . A detailed story of our experience playing with 220VAC and water to build an automated, digitally controlled ecosystem. A place, where you can be the climate-change. Double the temperature, triple the floods, let it storm or rain. A Tamagotchi that generates food from electricity. All done with Arduino, raspberry Pi and Node.js.
Speaker: Trevor Paglen Although people around the world are becoming increasingly aware of the United States' global geography of surveillance, covert action, and other secret programs, much of this landscape is invisible in our everyday lives.
Speakers: Gleb Gritsai, Sergey Gordeychik We already know SCADA StrangeLove team will present their research on ICS systems for the second time on CCC. Last year we showed current situation with security of industrial world and disclosed a big number of vulnerabilities found in Siemens ICS solutions. Part of vulnerabilities, we can say most notable one, wasn’t disclosed due to Responsible Disclosure. This time we already know. We will speak about several industrial protocols and their weaknesses. During this year we played with new industrial hardware and software – this patitially brings new “We don’t know yet” vulnerability details. Moreover, we’ll mention creepiest bugs undisclosed from last year, tell you about new ones and build attack vectors from them. At last, we will share our experience in pentesting ICS enviroments.
Speaker: Nate Cardozo Pragmatic Advice for Security Researchers This talk will focus on responsible disclosure best and worst practices from both legal and practical perspectives. I'll also focus on usable advice, both positive and negative, and answer any questions the audience has on best practices.
Speaker: rysiek How technology is used to subvert and circumvent anti-monopoly laws We all know monopolies are bad. We even have laws against them that sometimes get enforced. However, today we have new kinds of monopolies that affect us without us even noticing them for what they truly are. And technology plays a central role.
Speakers: Constanze Kurz, frank, Linus Neumann Auch das Jahr 2013 geht irgendwann vorbei. Deshalb werfen wir einen Blick zurück auf die für uns besonders relevanten Themen und versuchen abzuschätzen, was im Jahr 2014 auf uns zukommen könnte.
Speaker: Jöran Muuß-Merholz, Gestatten, it4n6 2013er Edition Der durchschnittliche User nutzt nur fünf Prozent seines Googlevermögens. Mit dem Googlequiz lässt sich das ausbauen. Eine gewisse Konkurrenzsituation und Kaltgetränke können hilfreich sein.
Speaker: artelse On Freedom of Facial Expression The facial hacking research presented in this lecture/ performance exploits a well known vulnerability of the human nervous system that it can be easily accessed and controlled by electrodes mounted on the bodies exterior. External digital facial control allows for an unprecedented exploration of human facial expressiveness and has unveiled an unknown expressive potential of the human facial hardware.
Speaker: Nadya Peek rapid prototyping of digital fabrication and instrumentation machines Making a new control system for a machine is often a slow and tedious task. Maybe you already have a 3 axis stage, and you already know how to move it around. But what if you want to add a camera and use it for position feedback? You'd have to redesign the whole hardware layer. I'll talk about some ways I've built modularity into control systems for machines so that you can quickly iterate on different kinds of machine systems without getting stuck in hardware land forever. This includes connecting synchronized nodes across a network and importing legacy nodes for things like, say, an old pressure box you found in the trash and has rs232 in. Down with gcode! Long live machine control.
Speaker: Christoph Engemann Talk introducing NSTIC and COM 238, i.e. the current digital identity policy proposals in the USA and European discussing their similarities, differences and possible conflicts.
Speaker: Maria Xynou India is currently implementing some of the scariest surveillance schemes in the world. This lecture will shed light on India's surveillance industry, its UID scheme which aims at the collection of all biometric data and on various controversial surveillance schemes, such as the Central Monitoring System (CMS).
Speaker: taziden Building and running an ISP is not that difficult. It's hard to say how many people are connected to the Internet by such weird structures, but we know that they are more and more each day. What is at stake is taking back the control of the Internet infrastructure and showing that a neutral Internet access is natural.
Speakers: bughardy, Eagle1753 NFC technology is becoming more and more relevant in our lives. One of its major uses is in ticketing solutions. However, most of companies use bad implementations of NFC technology. By this talk we will explain a complete solution, analyzing security challenges and outlining the best practices and implementation choices.
Speaker: Piotr Esden-Tempski Autonomous flying vehicles, where are we and where are we going? During the last 10 years the technology that was formerly only available to the military, reached the hands of thousands. Researchers, hackers, enthusiasts and hobbyists helped drive the technology further and higher than anyone had imagined just a few years ago. We will recap what the civilian airborne robot community has achieved in the last decade and what the next frontiers are that need to be addressed.
Speaker: Kate Krauss In China Your ID Card Knows Everything Imagine getting pulled over for running a stop sign and learning for the first time – from the cop – that you are HIV-positive. People in China are required to carry electronic, swipeable ID cards that hold their political views, their HIV status, their mental health situation, and much more.
Speakers: Bram de Vries, Morris Winkler experiences from the “i3 Berlin” 3D printer project with Blender and Github Every successful open hardware project needs a solid organization structure at some point in time, especially when plan to produce and sell your project. In our “i3 Berlin” 3d printer project, we took some elements of the PLM (Product Lifecycle Management) concept and implemented it with open source tools like Github and Blender.
Speaker: Kenneth Newwood Passwortgenerierung mit Arduino [Generating passwords with Arduino] Bei calc.pw handelt es sich um DIY Hardware, mit deren Hilfe man Passwörter aus einem Masterpasswort und einfach merkbaren Informationen (z. B. "ebay", "amazon", etc.) generieren kann. Im Vortrag soll es um die Probleme vorhandener Passwortverfahren (Passwortschemen, Passwortdatenbanken) gehen. Es soll die Theorie hinter der Passwortberechnung erläutert und eine praktische Implementierung dieser Berechnung vorgestellt werden.
Speakers: bunnie, Xobs All “managed FLASH” devices, such as SD, microSD, and SSD, contain an embedded controller to assist with the complex tasks necessary to create an abstraction of reliable, contiguous storage out of FLASH silicon that is fundamentally unreliable and unpredictably fragmented. This controller is an attack surface of interest. First, the ability to modify the block allocation and erasure algorithms introduces the opportunity to perform various MITM attacks in a virtually undetectable fashion. Second, the controller itself is typically powerful, with performance around 50MIPS, yet with a cost of mere pennies, making it an interesting and possibly useful development target for other non-storage related purposes. Finally, understanding the inner workings of the controller enables opportunities for data recovery in cards that are thought to have been erased, or have been partially damaged. This talk demonstrates a method for reverse engineering and loading code into the microcontroller within a SD memory card.
Speaker: Adrian Dabrowski Hacking City-Wide Access Control Systems In this lecture, we present a black-box analysis of an electronic contact-less system that has been steadily replacing a conventional mechanical key on multi-party houses in a big European city. So far, there are est. 10.000 installations of the electronic system. The mechanical key has been introduced about 40 years ago to allow mail delivery services to access multi-party houses but has since then aggregated many additional users, such as garbage collection, police, fire brigade and other emergency services. Over 92% of residential buildings in this city are equipped with such a solution.
Speaker: gratefulfrog An Arduino Powered Electric Guitar The ArduGuitar is an electric guitar with no physical controls, i.e. no buttons or knobs to adjust volume, tone or to select the pickups. All of these functions are performed remotely via a bluetooth device such as an Android phone, or via a dedicated Arduino powered blutetooth footpedal. The musician still plucks the strings, of course! This talk will give an overview of the technology and particularly the voyage that took me from nearly no knowledge about anything electronic to enough know-how to make it all work.I will explain what I learned by collaborating on forums, with Hackerspaces and with component providers: "How to ask the right questions." The guitar with its Arduino powered circuit and an Android tablet will be available for demo; the code is all available on the github arduguitar repo with the associated Arduino footpedal libraries.
Speaker: Collin Mulliner Dynamic Dalvik Instrumentation of Android Applications and the Android Framework As application security becomes more important on Android we need better tools to analyze and understand them. Android applications are written in Java and a run in the Dalvik VM. Until now most analysis is done via disassembling and monitored execution in an emulator. This talk presents a new technique to instrument Android applications executed in the DVM. The talk will introduce the new technique in great detail including many small examples and a whole attack based on it. We will go step by step to show you what can be achieved using this technique.
Speaker: Joscha Artificial Intelligence Reloaded A foray into the present, future and ideas of Artificial Intelligence. Are we going to build (beyond) human-level artificial intelligence one day? Very likely. When? Nobody knows, because the specs are not fully done yet. But let me give you some of those we already know, just to get you started.
Speaker: Elizabeth Stark The movement against SOPA in the US was the largest protest in online history, and as one of the core organizers, we learned a lot of lessons on how to build a grassroots movement for internet freedom.
Speakers: Dominic, Anne The brain can be understood as a highly specialized information processing device. Because computers basically do the same thing, it's not too absurd to try to link these two together. The result is a brain-computer-interface. This talk explains the core functionality of our brain and how to access the stored data from the outside. Software and hardware have already reached a somewhat hacker-friendly state, and we want to show you how we got there. We're also here to answer all your questions about the brain.
Speaker: Friedrich Lindenberg Spending a year coding in a newsroom Knight-Mozilla OpenNews sends coders into news organisations on a ten-month fellowship to make new tools for reporting and measuring the news. We believe that to remain relevant, journalism has to smarten up about tech and data. As a global community, we develop tools to datamine public data, news apps to make information accessible, and visualisations to break down complex stories. In my talk, I want to present the lessons about tech that I've learned in a newsroom and the things that still need to be built.
Speaker: Natalie Silvanovich You might remember Tamagotchi virtual pets from the 1990's. These toys are still around and just as demanding as ever! At 29C3, I talked about my attempts to reverse engineer the latest Tamagotchis, and this presentation covers my progress since then. It includes methods for executing code on and dumping code from a Tamagotchi, an analysis of the Tamagotchi code dump and a demonstration of Tamagotchi development tools that make use of these capabilities.
Speaker: Dmitry Khovratovich Survey The goal of white-box cryptography is to protect cryptographic keys in a public implementation of encryption algorithms, primarily in the context of Pay-TV and tamper-resistant software. I present an overview of the white-box cryptography concept along with the most common applications and proposed designs. I discuss the subtle difference between white-box cryptography, public-key cryptography, and obfuscation.
Speaker: Leonhard Dobusch Wir leben in einem Zeitalter des Remix. Kreativität und Kultur bauten schon immer auf bereits Bestehendem auf. Internet und digitale Technologien ermöglichen aber die kreative Nutzung existierender Werke in völlig neuen Dimensionen: Nie zuvor war es so vielen möglich, Werke auf so unterschiedliche Arten zu verändern und so einfach anderen zugänglich zu machen. In dem Maße, in dem die kreative Kopie Teil des kommunikativen Alltags breiter Bevölkerungsschichten wird, ist ein Recht auf Remix eine grundlegende Voraussetzung für die Kunst- und Meinungsfreiheit einer Gesellschaft. Die Gegenwart ist jedoch geprägt von restriktivem Rechtemanagement und entgrenzter Rechtsdurchsetzung. Die Initiative "Recht auf Remix" möchte das ändern.
Speaker: Patrick Using random sampling, entity resolution, communications metadata, and statistical modeling to assist prosecutions for disappearance and genocide in Guatemala For over thirty years, human rights groups in Guatemala have carefully documented the killing and disappearance of many people in the early 1980s. There are tens of thousands of records in many databases, and over 80 million paper pages of police records available in the Archives of the National Police. Most of the prosecutions of the former military and police officials who committed the atrocities depends on eyewitnesses, specific documents, and forensic anthropologists' examination of exhumed bones. However, data analysis helps to see the big patterns in the violence.
Speakers: m.eik, bruder 30C3S SCE mbH: GEMA-Konkurrenz für Fortgeschrittene Auf dem 29C3 stellten wir euch die Cultural Commons Collecting Society (C3S) als Initiative zur Gründung einer GEMA-Alternative vor. Seit dem ist sehr viel passiert: Unter anderem ist mittlerweile eine Europäische Genossenschaft gegründet, die mit sechsstelligem Kapital aus einer Crowdfunding-Kampagne in das Jahr 2014 geht. Auf Seiten der GEMA sind angesichts der entstehenden Konkurrentin bereits erste Anzeichen für eine Kursänderung wahrnehmbar.
Speaker: Ilja van Sprundel It's worse than it looks For the past year, I've been looking at the implementation of X.org code. both client and server. During this presentation, I'll give an overview of the good, the bad and the ugly.
Speaker: Patrick Stewin In this work we present a stealthy malware that exploits dedicated hardware on the target system and remains persistant across boot cycles. The malware is capable of gathering valuable information such as passwords. Because the infected hardware can perform arbitrary main memory accesses, the malware can modify kernel data structures and escalate privileges of processes executed on the system. The malware itself is a DMA malware implementation referred to as DAGGER. DAGGER exploits Intel’s Manageability Engine (ME), that executes firmware code such as Intel’s Active Management Technology (iAMT), as well as its OOB network channel. We have recently improved DAGGER’s capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code.
Speaker: acracia Building a space for grassroots sustainable technology development near Barcelona Calafou – the Ecoindustrial Postcapitalist Colony – is a settlement of around three dozen people in the Catalonian countryside. Concrete pylons standing 20 meters high hold a highway passing above the wild forest valley, where hall after dilapidated hall of industrial ruins stretch along the banks of a contaminated stream nurturing a twisted yet lively ecosystem. Echoes of unseen, passing cars blend into the organic static of wildlife, punctuated by beats booming from the hacklab speakers.
Speaker: aluburka How is it possible to participate in a social event anonymously? How can we hide from surveillance in public space? How can we communicate anonymously in real life? How can we be private in public? This talk will give an overview about existing hacks and techniques that allow to be private in public, and compare privacy technologies from the web to anonymity techniques that can be used in real life.
Speaker: Annie Machon Terror, whistleblowers, drugs, internet Based on her own experiences as an Intelligence Officer for MI5 (the UK domestic security service) and a whistleblower, Annie Machon will talk about the relationships between the wars on 'terror', drugs, whistleblowers, and the internet, and suggest some ideas about what we can do.
Speaker: evacide Creating Internet Privacy and Security Resources That Don't Suck As Internet privacy/security professionals and amateur enthusiasts, we are often asked to give advice about best practices in this field. Sometimes this takes the form of one-on-one advice to our friends, sometimes it's training a room full of people, and sometimes you may be asked to write a blog post or a brief guide or an entire curriculum. This talk will survey the current Internet privacy guide landscape and discuss the perils and pitfalls of creating this type of resource, using the Electronic Frontier Foundation's Surveillance Self Defense project as a case study.
Speaker: delroth, shuffle2 A year ago in November 2012, Nintendo released their latest home video game console: the Wii U. While most video game consoles use controllers that are very basic, the Wii U took the opposite route with a very featureful gamepad: wireless with a fairly high range, touch screen, speakers, accelerometer, video camera, and even NFC are supported by the Wii U gamepad. However, as of today, this interesting piece of hardware can only be used in conjunction with a Wii U: wireless communications are encrypted and obfuscated, and there is no documentation about the protocols used for data exchange between the console and its controller. Around december 2012, I started working with two other hackers in order to reverse engineer, document and implement the Wii U gamepad communication protocols on a PC. This talk will present our findings and show the current state of our reverse engineering efforts.
Speaker: gannimo what is the winning move? Memory corruption has been around forever but is still one of the most exploited problems on current systems. This talk looks at the past 30 years of memory corruption and systematizes the different existing exploit and defense techniques in a streamlined way. We evaluate (i) how the different attacks evolved, (ii) how researchers came up with defense mechanisms as an answer to new threats, and (iii) what we will have to expect in the future.
Speakers: Claudio Guarnieri, Morgan Marquis-Boire The militarization of the Internet 2013 will be remembered as the year that the Internet lost its innocence for nearly everyone as light was shed on the widespread use of dragnet surveillance by the NSA and intelligence agencies globally. With the uprisings of the Arab Spring where people raided the offices of their regimes to bring evidence to light, we've seen a tremendous phenomenon: a large numbers of whistleblowers have taken action to inform the public about important details. The WikiLeaks SpyFiles series also shows us important details to corroborate these claims. There is ample evidence about the use and abuses of a multi-billion dollar industry that have now come to light. This evidence includes increasing use of targeted attacks to establish even more invasive control over corporate, government or other so-called legitimate targets.
Speaker: Julia Aksënova Eine Einführung in die Wirkungsweise psychedelischer Substanzen Substanzen wie MDMA, Psilocybin, LSD und Ketamin besitzen erhebliches therapeutisches Potential, und die Erforschung ihrer Wirkmechanismen erlaubt Einblicke in die Funktionsweise der menschlichen Psyche. Der trotz Illegalität relativ einfachen Verfügbarkeit steht ein Mangel an Aufklärung über Risiken, Effekte und Pharmakologie gegenüber, dem mit dieser Einführung begegnet werden soll.
Speaker: Christopher Soghoian Backdoors, Government Hacking and The Next Crypto Wars Law enforcement agencies claim they are "going dark". Encryption technologies have finally been deployed by software companies, and critically, enabled by default, such that emails are flowing over HTTPS, and disk encryption is now frequently used. Friendly telcos, who were once a one-stop-shop for surveillance can no longer meet the needs of our government. What are the FBI and other law enforcement agencies doing to preserve their spying capabilities?
Speaker: Gal Diskin Errata FTW This talk will demonstrate why it is virtually impossible to secure virtual machines implementations properly. In the talk I will try to give an overview of the basics of hardware virtualization technology, the existing attack techniques against virtualization and also explain why it is such a complex problem to create a secure hypervisor. The talk will focus on the low level interfaces and how it affects all aspects of computer platform security. I will also try to review a few interesting Erratas at the end of the talk.
Speaker: Pavol "stick" Rusnak TREZOR is a hardware wallet for Bitcoin. We identified security of the end users' computer as one of the main problems that block Bitcoin mass adoption.
Speakers: Julian Assange, Jacob a call to resistance Finally, the world is aware of the threat of mass surveillance and control, but we still have a fight on our hands, and that fight is both technical and political. Global democracy is not going to protect itself. There has never been a higher demand for a politically-engaged hackerdom. Jacob Appelbaum and Julian Assange discuss what needs to be done if we are going to win.
Speaker: qbi Ein Streifzug durch die Fehler in der Kryptografie »Lange Schlüssel sind sicherer als kurze.« »RSA und/oder AES sind einfach zu implementieren.« »Für Zufallszahlen reicht es, java.util.Random zu nehmen.« Solche oder ähnliche Aussagen hört man immer mal wieder. Doch was ist da dran? Welche Fehler werden bei der Benutzung und Implementierung von Kryptografie gern gemacht?
Speaker: Norbert Schepers Kriegsführung der Zukunft? Die Drohnenkriege sind Ausdruck einer rasanten Entwicklung: vom „Krieg gegen den Terror“ nach 9/11 zur Kriegsführung der Zukunft. Einer Zukunft, die gelegentlich der Science Fiction der späten Achtziger zu entstammen scheint, in der Roboter die schmutzigen Kriege der Menschen kämpfen und sich schließlich gegen ihre Schöpfer erheben. Letzteres liegt noch längst nicht im Bereich des Möglichen, aber Wege zur Erschaffung autonomer Kampfroboter werden bereits beschritten. Der Vortrag will das Phänomen des Drohnenkrieges politisch einordnen und einen Ausblick versuchen.
Speaker: RFguy Spaß mit mechanischer Anzeige Inbetriebnahme alter Flip-Dot-Anzeigemodule eines Autobahn-Parkleitsystems zu einer interaktiven Anzeige. Reverse Engineering des Protokolls und Entwicklung einer Steuerplatine auf Basis des Raspberry Pi.
Speaker: FX Lawful Interception Lawful Interception is a monitoring access for law enforcement agencies, but also one of the primary data sources of many surveillance programs. (Almost?) every Internet service provider needs to provide LI functionality in its routers. However, LI exposes a larger attack surface to the one being surveilled than any router should. Could this be a mistake?
Speakers: frank, Fefe Der schonungslose Realitätsabgleich mit Birzarrometer-Rekalibrierung Im Format einer lockeren Abendshow werden wir die Highlights des Jahres präsentieren, die Meldungen zwischen den Meldungen, die subtilen Sensationen hinter den Schlagzeilen. Kommen Sie, hören Sie, sehen Sie! Lassen Sie sich mitreißen!
Speaker: Klaus Maeck DECODER is a legendary German film from 1984, based on the themes of William S. Burroughs. Burroughs himself acts in a key scene in the film, along with F.M. Einheit, Christiane F., Genesis P. Orridge a.o.
Speaker: Ztohoven A parliamentary drama of 223 actors Moralni_reforma1-462x349 The Czech art collective Ztohoven' project “Moral Reform” was accomplished in collaboration with web security experts. Together they created the unique art concept of a mobile phone mass-hack.
Speaker: Jacob The militarization of the Internet
Speaker: Michael Brennan Few hackers will disagree that users are not given enough consideration when building Internet Freedom Tools designed to circumvent censorship and surveillance. But how do we do it? This talk will outline a framework for a user-focused approach to the Development and Impact of Internet Freedom Tools through using ethnography, human-centered design, and the practice of research-based product definition. This talk is intended for developers, researchers, and journalists who seek to understand how better tools can be developed to protect anonymity and provide unfettered access to the Internet.
Speaker: Sophie Hiltner How to decipher the messages of your body The average movement habits of a clichè hacker are legendary. Cowering for days in front of unergonomic hardware setups, stoic ignorance of hardly decodeable signs of the body like hunger, eye- and backpains. Probably due to a general disinterest in non-digitally engineered systems. Shouldn’t a true hacker know at least bits and pieces about the codes and signs of the body? We all know bits and pieces.. but are they the correct and helpful ones? We will discuss some technical and biological details of slipped discs, posture disservice and pain. I will show fundamental “red flags” which have to be serviced by a medical geek. But not all medical geeks have a good idea about the body's code, therefore I will also suggest some helpful therapies for the most common cases. Bottom line: how to code your body to prevent pain without relying on smattering.
Speakers: Eric Michaud, Ryan Lackey Physically Unclonable Functions for Hardware Tamper Detection Increasingly, users and their computing hardware are exposed a range of software and hardware attacks, ranging from disk imaging to hardware keylogger installation and beyond. Existing methods are inadequate to fully protect users, particularly from covert physical hardware modifications in the "evil maid" scenario, and yet are very inconvenient. Victims include governments and corporations traveling internationally (e.g. China), anti-government activists in places like Syria, and anyone who is a target of a motivated attacker who can gain physical access. Physically Unclonable Functions, combined with a trusted mobile device and a network service, can be used to mitigate these risks. We present a novel open-source mobile client and network service which can protect arbitrary hardware from many forms of covert modification and attack, and which when integrated with software, firmware, and policy defenses, can provide greater protection to users and limit potential attack surface. We'll also be showing video of an unreleased tool to the public utilized by surveillance teams.
Speaker: Jöran Muuß-Merholz Fünf Desillusionen Der digitale Wandel hat uns grandiose Chancen für selbstbestimmtes, kreatives, kollaboratives, kritisches und demokratisches Lernen gebracht. Wir haben sie nicht genutzt.
Speaker: groente Contemplations on the essence of hacking and its implications on hacker ethics Modern society's use of technology as an instrument for domination is deeply problematic. Are instrumentality and domination inherent to the essence of technology? Can hacking provide an alternative approach to technology which can overcome this? How do art and beauty fit into this approach?
Speaker: Seb "A New Hope" or "The Empire Strikes Back"? This talk aims to shed some light on recent human rights violations in the context of the use of digital information and communications technology, particularly considering the latest disclosures about the surveillance programmes of Western intelligence services. At the same time, it shall provide information about Amnesty International's positions and activities in this field and invite anybody interested in our work to get involved.
Speaker: Kurt Opsahl Everything we know about NSA spying From Stellar Wind to PRISM, Boundless Informant to EvilOlive, the NSA spying programs are shrouded in secrecy and rubber-stamped by secret opinions from a court that meets in a faraday cage. The Electronic Frontier Foundation's Kurt Opsahl explains the known facts about how the programs operate and the laws and regulations the U.S. government asserts allows the NSA to spy on you.
Speaker: Kaustubh Srikanth 23rd of December 2008 was a sad day in India for civil liberties. On this day, The Indian Parliament passed the "The Information Technology (Amendment) Act" with no debate in the House, which effectively means is that the government of India now has the power to monitor all digital communications in the country without a court order or a warrant. The "world's largest democracy" strongly leaning towards becoming a surveillance state raises many questions and poses severe challenges for free speech and economic justice in India and globally. This talk will map and review the current political, socio-cultural and legal landscape of mass-surveillance, data protection and censorship in India and analyse how it ties in to the global landscape of surveillance and censorship. It will also aim to create a discussion space to investigate the deeper effects of these so called "welfare" projects and how citizen-led movements can drive the state towards stronger data protection and privacy laws.
Speakers: kay, Peter Stuge, florolf, Sebastian, *m, Andi Presentation of MOC/NOC/VOC/SOC/*OC
Speaker: Peter Schaar In dem Vortrag beschäftigt sich der Ex-Bundesdatenschützer mit der Rolle der Datenschutzbeauftragten: Welche Durchsetzungsmöglichkeiten haben sie? Wie ist ihr Verhältnis zur Zivilgesellschaft? Welchen Einfluss können sie auf europäischer und internationaler Ebene ausüben?
Speaker: andy getting out of surveillance state mode After studying the various levels of activities that come together in BuggedPlanet and realizing the scope and level of implementation of NSA´s SIGINT theatre, it´s propably time to step back, summarize the big picture and ask how we handle it properly.
Speaker: sathya, Malli HomeMatic is a good working, inexpensive and quickly spreading home automation system supporting wired as well as (partly AES handshake protected) wireless communication. The first part of our talk deals with security issues of HomeMatic devices and their wireless communication protocol called BidCoS (Bidirectional Communication Standard). In the second part we introduce Homegear, our own interface software to control HomeMatic devices. In the past few years wireless home automation systems have become increasingly available as a good alternative to wired systems. Since wireless devices are installable without ripping open walls, it is now possible to easily integrate them into an existing building infrastructure. We chose to work with HomeMatic, because we think that through its affordable prices, its good quality and its fast growing portfolio it will become the most widely spread wireless home automation system in Germany. In this live hacking presentation we will introduce different mechanisms to attack a HomeMatic system. We will show how to sniff BidCoS packets, how to send arbitrary packets in order to emulate a device (e. g. a HomeMatic central) and to control devices. Some devices use an AES handshake to verify the sender of a command. But not all devices support the handshake and for many devices it is disabled by default. We will demonstrate several attacks making use of this security issue. After the live hacking part we will give a short introduction into Homegear. Homegear is an interface software, which directly communicates with BidCoS devices and is controllable through XML RPC (XML Remote Procedure Call). It is possible to fully control most HomeMatic devices. We developed it to add features which are not integrated into the official system like controlling valve drives directly to implement custom room temperature control algorithms.
Speaker: Sebastian Jekutsch Auf dem Weg zu fairer Elektronik am Beispiel der Elkos Die alarmierenden Zustände beim Abbau der Rohstoffe, die in den Bauteilen (z. B. dem Tantal-Elektrolytkondensator) eines Computers stecken, rufen Menschenrechtler auf den Plan. In den U.S.A. ist es 2010 gelungen, ein umstrittenes Gesetz umzusetzen, das die Finanzierung von Kriegsparteien durch Erzhandel regulieren soll. In der EU soll nun ähnliches geschehen. Der Vortrag klärt über die Geschichte auf, nennt Konsequenzen und formuliert Forderungen.
Speakers: frank, Ron Damit Sie auch morgen schlecht von Ihrem Computer träumen. Was hat sich im letzten Jahr im Bereich IT-Sicherheit getan? Welche neuen Entwicklungen haben sich ergeben? Welche neuen Buzzwords und Trends waren zu sehen?
Speaker: ths
Speakers: erdgeist, Geraldine de Bastion
Speaker: alecempire
Speaker: Martin Haase/maha Im Sommer 2014 wurde die sogenannte Digitale „Agenda“ vorgestellt, die als „netzpolitisches Regierungsprogramm“ bezeichnet wurde. Aus texttypologischer Sicht handelt es sich aber eher um einen PR-Text, der so aussieht, als sei er ein Auszug aus einer Wahlkampfbroschüre. Der Vortrag analysiert den Text zunächst inhaltlich, um zu zeigen, worum es im Einzelnen geht und wo Widersprüche auftauchen, dann aus textkritischer und aus linguistischer Perspektive. Insbesondere werden bestimmte Interessen der Bundesregierung und anderer Akteure deutlich, die weniger offen thematisiert werden, aber doch sprachlich zu Tage treten.
Speaker: hannes, David Kaloper We present Mirage OS, a modular library operating system developed from scratch in the functional programming language OCaml. Each service, called unikernel, is an OCaml application using libraries such as a TCP/IP stack, DNS. It is either compiled to a Xen virtual machine image or to a Unix binary (for development). State in 2014 is that it runs on x86 and arm, we implemented a clean-slate TLS (1.0, 1.1, 1.2), X.509, ASN.1 stack, crypto primitives, Off-the-record. We also have TCP/IP, HTTP, a persistent branchable store (similar to git) - all implemented in OCaml. A virtual machine serving data via https is roughly 2MB in size - no libc inside :)
Speaker: Julia Longtin We use microwaves to cast aluminum from 3D printed objects. This gives us the ability to cast high quality 6040 aluminum pieces using a 3D printer and commercially available consumer microwaves. We manufacture microwave safe kilns for melting aluminum. We create microwave transparent molds that allow us to burn out plastic without heating the mold itself therefor creating a quicker method of accomplishing the lost PLA process.
Speaker: Silvia In the post-NSA world it is important to understand the magnitude of our online activities in order to take informative decisions on our ubiquitous shared lives. Personal Tracking Devices is the result of a two years long study on tracking technologies and the inherent nature of the web and telecommunication networks in general. The study, conducted as part of Ph.D. research in privacy and security at UPC Barcelona Tech, collected a large amount of metadata to raise awareness on the footprints left by users on the web and through mobile apps.
Speakers: Sergey Gordeychik, Aleksandr Timorin For two years SCADA StrangeLove speaks about Industrial Control Systems and nuclear plants. This year we want to discuss Green Energy. Our hackers' vision of Green Energy, SmartGrids and Cloud IoT technology. We will also speak about the security problems of traditional "heavy" industrial solutions, about the things that Zurich Airport and Large Hadron Collider have in common On top of it you will learn about our new releases, some funny and not so funny stories about discovery and fixing of vulnerabilities and the latest news from the front struggling for the Purity of Essence.
Speakers: Stefan Pelzer, Philipp Ruch Ein Mahnmal gegen die Vereinten Nationen, 25.000 Euro Kopfgeld auf eine deutsche Waffenhändlerfamilie, eine falsche Kampagne für das Familienministerium oder die Flucht der "Mauerkreuze" vom Reichstagsufer an die EU-Außengrenzen: wenn das Zentrum für Politische Schönheit (ZPS) das Kriegsbeil ausgräbt, ist eine kontroverse Debatte garantiert.
Software build reproducibility is the ability to use independent build machines to compile bit-identical binaries from program source code. In this talk, we will discuss the motivation for and the technical details behind software build reproducibility. We will describe the technical mechanisms used by the Tor Project to produce reproducible builds of the Tor Browser, and also introduce the early efforts of both F-Droid and Debian to achieve these same build integrity properties on a more wide-scale basis.
Speaker: Hong Phuc Dang The talk is about our project to develop software and hardware tools for a fair and environment friendly garment and textile production and how we break down the locks that exists on every level in the industry from design, to software, machines and distribution.
Speaker: Andrea Barisani This talks follows our previous EMV research uncovering new findings as well as a detailed analysis of Chip & PIN fraud markers in order to benefit cardholders, as well as issuing banks, in preventing wrongful liability for fraudulent charges.
Speaker: Sebastian Schinzel We present four new Bleichenbacher side channels, and three successful Bleichenbacher attacks against the Java Secure Socket Extension (JSSE) SSL/TLS implementation and against hardware security appliances using the Cavium NITROX SSL accelerator chip.
At 28C3 we introduced the very first steps of the osmo-gmr projects. During this talk, we will present the various advances that have been made in this project on various aspects (voice codec, crypto algorithm, ...) GMR-1 (GEO Mobile Radio) is a satellite phone protocol derived from GSM. The main operator using this protocol is Thuraya and is mainly active in the middle east and asia. osmo-gmr is a project of the osmocom family whose goal is to implement the various levels of a GMR stacks, starting from SDR signal acquisition up to the actual voice layer. At 28C3 we gave and introductory talk to the project which was pretty new at the time. On this talk, we will quickly summarize what was presented last time and then move on to the new stuff. The two main obstacles to implement a practical monitoring software for GMR-1 were the secret crypto algorithm and the unknown voice codec. Both obstacles have now been lifted and we will present the details of how that happened. We will also look toward the next steps and other aspects of the system that we're planning to dig into.
Speaker: Andreas Bihlmaier An introduction to the Robot Operating System (ROS) for the home/hackerspace roboticist (if it physically interacts with the world through code, call it robot).
Speaker: Tobias Engel Companies are now selling the ability to track your phone number whereever you go. With a precision of up to 50 meters, detailed movement profiles can be compiled by somebody from the other side of the world without you ever knowing about it. But that is just the tip of the iceberg.
Despite claims of its obsolescence, electrical glitching can be a viable attack vector against some ICs. This presentation chronicles a quest to learn what types of electrical transients can be introduced into an integrated circuit to cause a variety of circuit faults advantageous to an reverser. Several hardware platforms were constructed during the quest to aid in research, including old-skool & solderless breadboards, photo-etched & professional PCBs, FPGAs, and cheap & dirty homemade logic analyzers. The strengths and weaknesses of the various approaches will be discussed.
Speakers: josch, arche3000 Der Vortrag bietet eine sprachwissenschaftlich informierte Perspektive auf den Informationskrieg mit Fokus auf operative Kommunikation in sozialen Medien. Am Beispiel eines selbst entwickelten Bots werden wir linguistische Prozeduren zur Manipulation von Kommunikation mit dem Ziel der Beeinflussung von Wissen, Werten, Gefühlen und Handlungsdispositionen vorstellen.
Speakers: Norbert Braun, darthrake The talk is on the eXperimental Robot Project (XRP), a project to develop an open-hardware humanoid robot. More precisely, we are focusing on the distinguishing feature of a humanoid robot - the ability to walk on two legs.
Speaker: Karsten Nohl We know that mobile networks can — and do — attack us on many fronts. As this talk will show, even 3G is attackable. It’s high time that we upgrade from complaining to self-defense.
Speaker: David Madlener Three years have elapsed since the call for a "Hacker Space Program" during the Chaos Communication Camp 2011. In this lecture we will review the basics of space flight, discuss common problems and pitfalls encountered by a practitioner on the way to orbit, and report on the state of our sounding rocket program.
Speakers: Thomas Skowron, ubahnverleih Seit nun über 10 Jahren gibt es OpenStreetMap. Besonders in den letzten drei Jahren war die Entwicklung überwältigend, sowohl was die Datenlage als auch das gesamte Ökosystem anbelangt. Wir wollen zeigen, was möglich ist und was in der Zukunft (hoffentlich) passieren wird.
Speakers: Fiona Krakenbürger, Maria Reimer, Philipp Kalweit, Max Nagy, Lukas, Nico Im September 2014 fand die Veranstaltung Jugend hackt statt: Ein Wochenende Hacken, Basteln und Programmieren mit 120 computerbegeisterten Jugendlichen. Wir als Organisatorinnen und Teilnehmer wollen von dem Event erzählen und unsere Erfahrungen teilen. Der Talk richtet sich gleichermaßen an Jugendliche, die sich für's Hacken begeistern, als auch an alle, die sich für Code Literacy, Medienpädagogik oder den IT-Nachwuchs interessieren.
Speaker: starbug Bei der Passworteingabe über die Schultern schauen? Die Mateflasche klauen, um an Fingerabdrücke zu kommen? Alles Technik von gestern. Der Vortrag zeigt, wie man heutzutage an Daten kommt, um Authentifizierungsmethoden zu überwinden.
Speakers: Karsten Becker, Robert At the 26C3 we first presented our vision of sending a rover to the moon. We're still in the pursuit of doing this and are closer than ever. Many things have happened in the past 5 years and we want to share our story with you. But this talk is not just about us, it is also about you! You will have the possibility to contribute to our mission, just tune in to get all the details :)
Speaker: gannimo Programs are full of bugs, leading to vulnerabilities. We'll discuss power and limitations of code-pointer integrity (CPI), a strong but practical security policy that enforces memory safety for all code pointers, protecting against any form of control-flow hijack attack (e. g., ROP or JOP).
The Novena open source laptop contains a FPGA, but free software support for FPGAs is lacking and requires root access to the hardware. Our work is on providing a framework and a demonstration application for general purpose accelerator cores for Novena's FPGA.
Speakers: djb, Tanja Lange This talk will explain how to work with elliptic curves constructively to obtain secure and efficient implementations, and will highlight pitfalls that must be avoided when implementing elliptic-curve crypto (ECC). The talk will also explain what all the buzz in curve choices for TLS is about. This talk does not require any prior exposure to ECC.
Speaker: Rudolf Marek You definitely should care. The aim of this talk is to provide insight to the security, architecture and yes you guessed it, vulnerability of the AMD System Management Unit (SMU) firmware found in modern AMD x86 processors.
Speaker: Caspar Bowden In 2011 I started trying to warn EU institutions about what we now call PRISM, after working it out from open sources. Civil society, privacy regulators, and the Commission all did nothing. This is the story of exactly how they did nothing, and why, and what is happening now.
Speakers: ericfiliol, Paul Irolla This talk presents a deep analysis of banking mobile apps available in the world. Based on static and dynamic analysis as well as on the analysis of the final source code we show that a vast majority of them are not respecting users' privacy and users' data protection. Worse a few of them contains critical bugs.
Speakers: Nadia Heninger, Julia Angwin, Laura Poitras and Jack Gillum Julia Angwin, Jack Gillum, and Laura Poitras will tell us stories about how they use crypto and privacy-enhancing technologies as high-profile journalists, and rant in an entertaining way about how these tools have failed or are horribly inadequate for their needs. They will also talk about their rare crypto successes.
Speaker: tw, gadi Rocket Kitten is an advanced APT set of campaigns, with a twist - off-the-shelf malware that won’t shame a nation state. The talk will combine an assessment of the threat group’s modus operandi with a technical deep dive. Prepare for some hex dumps. This talk will uncover a set of high profile espionage campaigns from 2014 that involve a commercial attack framework – a highly specialized tool that has not been publicly documented and remained undetected in multiple operations. We will discuss the framework's technical design and review its features and capabilities that make it a premium instrument for stealth intrusions. We will further discuss how the tool was delivered to victims and how the compromise was carried out.
Speaker: Friederike Maxwell's equations are four differential equations which form the foundation of classical electrodynamics, classical optics, and electric circuits. This talk will take a look at the connection between these equations, wave propagation and antenna arrays.
Speakers: Laurent Ghigonis and Alexandre De Oliveira SS7 has been shown repeatedly as an insecure protocol: spoofing, faking, crash through fuzzing, fraud. The main question of our study is to determine how this insecurity is mitigated by network operator’s action to prevent compromise on both network exposure of infrastructure and privacy compromise of subscribers. It's why we wanted to come out with SS7map.
_______________________________ Opt-out! No stream/recording available! _______________________________ "Citizenfour" is Laura Poitras' documentary and a closeup view about blowing the whistle on the spooks at the NSA. A portrait of Edward Snowden in the weeks he chooses to change our understanding of what governments know about us.
Speaker: Joscha How can the physical universe give rise to a mind? I suggest to replace this confusing question by another one: what kind of information processing system is the mind, and how is the mind computed? As we will see, even our ideas of the physical universe turn out to be computational. Let us explore some fascinating scenery of the philosophy underlying Artificial Intelligence.
Speaker: Eireann Leverett This talk will introduce you to Industrial Ethernet Switches and their vulnerabilities. These are switches used in industrial environments, like substations, factories, refineries, ports, or other other homes of industrial automation. In other words: DCS, PCS, ICS & SCADA switches. It is a very good companion talk to Damn Vulnerable Chemical Process? Own your own critical infrastructures today!
Speaker: Peter Laackmann, Marcus Janke An entertaining, thrilling and educational journey through the world of chip preparation. Deep insight into amateur- as well as professional methods and equipment is given, for the first, most important steps for analysis and attacks on dedicated hardware.
Speaker: Arne Padmos GPG has been correctly described as "damn near unusable". Why is this so? What does research into usable security tell us? This talk covers the history, methods, and findings of the research field, as well as proposed solutions and open questions.
Speaker: gedsic Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick!
Speaker: saper Ever wondered what the cryptic QNY27R on your airline reservaton means? This talk explores typical computing environment as seen in the air transport industry. Discover ancient software, old communication protocols and cryptic systems. What data are stored and how they are exchanged to keep the air transport industry running.
Speakers: Elektra, Andrea Behrendt - read & delete Die radikalen philosophischen Texte von Elektra W. haben das Ziel - seien wir offen und direkt - einen Headcrash des Ich-Erlebens herbeizuführen, das sich im Laufe unserer Enkulturation und Erziehung im Vorderlappen des Großhirns breit gemacht hat.
Speaker: James Bamford For nearly one hundred years, the NSA and its predecessors have been engaging in secret, illegal deals with the American telecom industry, with both virtually immune from prosecution.
Speaker: Joseph Tartaro, Matthew Halchyshak Reverse engineering is not all binaries and byte-code. The black art also extends to networks and unobtainable game servers. In this talk we go into the gruesome details of how we dug through the graveyards of console binaries and mausoleums of forgotten network protocols in order to stitch together the pieces necessary to bring our favorite game Metal Gear Online back to life. We will be examining the process of reverse engineering the games custom network protocols in all angles from packet logs to low level disassembly of client code.
Speaker: raichoo Idris is a relatively young research programming languages that attempts to bring dependent types to general purpose programming. In this talk I will introduce the concept of dependent types and the Curry-Howard isomorphism and how these can be applied to prove properties about software and eradicate whole classes of bugs and security issues.
Speaker: J. Alex Halderman Estonia is the only country in the world that relies on Internet voting in a significant way for legally-binding national elections — up to 30% of all voters cast their ballots online. This makes the security of Estonia's Internet voting system of interest to technologists and citizens the world over. Over the past year, I helped lead the first rigorous, independent security evaluation of the system, based on election observation, code review, and laboratory testing. The findings are alarming: there are staggering gaps in Estonia's procedural and operational security, and the architecture of the system leaves it open to cyberattacks from foreign powers. Our investigation confirmed the viability of these attacks in the lab, but the Estonian government has chosen to downplay them. We urgently recommend that Estonia discontinue use of the system before the country suffers a major attack.
Speaker: Lothar Hotz Im Vortrag wird die technische Umsetzung des Transparenzportals Hamburg vorgestellt.
Speaker: Felix Mütze Im Grunde sind GIFs Schnee von gestern. Es gibt zahlreiche Alternativen, die das, was ein GIF kann, besser können. Und trotzdem haben sich GIFs als Kulturtechnik durchgesetzt. Oder war es nur ein letzter Hype vor dem Tod? Wie kommt es, dass ein Medium, das schon in den 90ern veraltet war, sich noch zwei Jahrzehnte später bester Beliebtheit erfreut? Und was können wir daraus über die Diskrepanz zwischen aktueller technischer Entwicklung einerseits und der tatsächlichen Nutzung von Technologie andererseits lernen?
Speaker: Sarah How to play with lasers without injuring Yourself and others and how to design the safety circuits of a laser system.
Speakers: Jimmy Schulz, Dr. Rüdiger Hanig We report about a LOAD e. V. study regarding data collection of cars, future developments of this technology field, how this data is accessed and secured and what the stakeholders (car manufacturers, car owners and users) positions are on this data gathering. In a summary we outline necessary consequences.
Speaker: Ben H. Using the same stream cipher key twice is known to be a Very Bad Idea, but keystream-resuse vulnerabilities are still very much a thing of the present - both in legitimate software and in the malware landscape. We describe a heuristic algorithm which can detect vulnerabilities of this kind. We explain the inner workings of the algorithm and demonstrate a proof-of-concept attack on sevreral examples of vulnerable data, including files encrypted by the DirCrypt malware and encrypted traffic generated by malware such as variants of Zeus and Ramnit.
Speakers: Sec, schneider The chronicles of reversing the Iridium pager system.
Speaker: ruedi (K)ein kleiner Rant über Elliptische Kurven, Quantencomputer, Bitcoins und die NSA et al.
Speaker: Sacha van Geffen Referring to the seminal talk Dymaxion gave at the closing of the NoisySquare at OHM in 2013. This talk will explore what has happened and what has not in the mean time on the "battle ground". An overview will be presented on the technical, legal, political and social battles going on and will provide pointers to further tactics. Finally we will look at how to make sure we keep ourselves safe and sane.
Speaker: Andrea Barisani The presentation will cover the journey that we have taken to develop the USB armory board from scratch, explaining the lessons learned and its prospected applications.
Speaker: Jeroen van der Ham Ethics in Computer Science is now finally gaining some well deserved attention. At the University of Amsterdam, we have started an ethical committee for the System and Network Engineering Master. In this talk we describe how and why we started this committee, and also look back at our first results.
Speaker: Anita Gohdes Simple access to social media and cell phone has widely been accepted as a positive tool for citizens to voice dissatisfaction with their government and coordinate protest. But why would rulers permit these tools if they merely pose a threat to their own survival? This talk will investigate how a government’s ability to censor and limit the flow of information feeds into its choice of violent responses to protest. I will talk about the conditions under which a government is likely to benefit more from surveilling the free flow of information, and under which conditions it is more likely to benefit from censorship.
Speakers: Teja Philipp, Philipp Engel Mr Beam was started as a hobby project aiming to get more experience in 3D printing. For fun we put it on Kickstarter and ended up in kind of a roller coaster.
Speaker: MeTaMiNd EvoLuTioN leading hackers and researchers from the worldwide hackerspace, universitiy, and DIY artist community, explain current technological possibilites in BCI, and show ways to use open source hardware and software for hackers, makers, artists, personal development, citizen science, providing a framework for alternative culture and free expression balancing the soon coming commercial expansion in "Neurogaming", "Neuromarketing" and "eHealth" talk will illustrate the mutually beneficial relationship between "hacking" and science, with the example of hacking BCIs, as well as an overview into the new field of "BCI Mind-Hacking", such as exploiting remote consumer Neuroheadsets, and Data-Mining the human-brain for sensitive data during casual use.
Speaker: Michael Carbone An update to our Reports from the Frontlines talk at OHM 2013, we will provide the latest stories and figures from Access' digital security helpline that provides security incident response and technical support to civil society groups and human rights defenders around the world.
Speaker: Reuben Binns The internet may be the nervous system of the 21st century, but its main business purpose is helping marketers work out how to make people buy stuff. This talk maps out a possible alternative, where consumers co-ordinate online, pooling their data and resources to match demand with supply.
Speaker: ruedi Im Vortrag sollen technische und gesellschaftliche Konsequenzen der von Microsoft kontrollierten Windows-8-Secure-Boot-Architektur und mögliche Gegenmaßnahmen diskutiert werden.
Speakers: Anonymous member of Tarnac Solidarity Committee, tarnac nine “There will be people who resist adopting and using technology, people who want nothing to do with virtual profiles, online data systems or smart phones. Yet a government might suspect that people who opt out completely have something to hide and thus are more likely to break laws, and as a counterterrorism measure, that government will build the kind of ‘hidden people’ registry we described earlier. If you don’t have any registered social-networking profiles or mobile subscriptions, and on-line references to you are unusually hard to find, you might be considered a candidate for such a registry. You might also be subjected to a strict set of new regulations that includes rigorous airport screening or even travel restrictions.”
Speaker: Aram Bartholl In general data is stored on technically sensitive systems and can easily be lost. At the same time files today appear often as indestructible once uploaded to the Internet.
Speaker: tbsprs A toilet is a toilet is a toilet ... was a toilet. Nowadays hackers discover a larger interest in doing more with toilets then just what they were designed for in the first place. Within the "Internet of things" scene the sanitarian sphere claims a place of its own. This talk will present current projects, technologies used and research published.
Speakers: Rafal Wojtczuk, Corey Kallenberg On modern Intel based computers there exists two powerful and protected code regions: the UEFI firmware and System Management Mode (SMM). UEFI is the replacement for conventional BIOS and has the responsibility of initializing the platform. SMM is a powerful mode of execution on Intel CPUs that is even more privileged than a hypervisor. Because of their powerful positions, SMM and UEFI are protected by a variety of hardware mechanisms. In this talk, Rafal Wojtczuk and Corey Kallenberg team up to disclose several prevalent vulnerabilities that result in SMM runtime breakin as well as arbitrary reflash of the UEFI firmware.
Speaker: fabs While graph databases are primarily known as the backbone of the modern dating world, this nerd has found a much more interesting application for them: program analysis. This talk aims to demonstrate that graph databases and the typical program representations developed in compiler construction are a match made in heaven, allowing large code bases to be mined for vulnerabilities using complex bug descriptions encoded in simple, and not so simple graph database queries.
Speaker: Ange Albertini Old-school arcade games were so protected that hacking is the only way to preserve them before all boards are dead, and the games are lost.
Speakers: Jacob and Laura Poitras Surveillance, cryptography, terrorism, malware, economic espionage, assassination, interventions, intelligence services, political prisoners, policing, transparency, justice and you.
Speakers: bunnie, Xobs We introduce Fernvale, a reverse-engineered, open hardware and software platform based upon Mediatek's MT6260 value phone SoC. The MT6260 is the chip that powers many of the $10 GSM feature phones produced by the Shanzhai. Fernvale is made available as open-licensed schematics, board layouts, and an RTOS based upon the BSD-licensed NuttX, as well as a suite of open tools for code development and firmware upload. We discuss our technical reverse engineering efforts, as well as our methodology to lawfully import IP from the Shanzhai ecosystem into the Maker ecosystem. We hope to establish a repeatable, if not labor-intensive, model for opening up previously closed IP of interest, thereby outlining a path to leveling the playing field for lawful Makers.
Speaker: Bill Scannell Of all the NSA's Cold War listening posts, their intelligence facility on top of Berlin's Teufelsberg was their most secretive.
Speakers: Rejo Zenger, Thomas Lohninger Our talk will highlight the current debates surrounding net neutrality in Europe, the United States and other parts of the world. We will look at the results of the SaveTheInternet.eu campaign which was lunched a year ago on 30c3. We will discuss various legal protections for net neutrality, look closer at the experience of the Netherlands and we will give an overview of all important open ends of the debate.
Speakers: Lior Oppenheim, Shahar Tal TL;DR We unravel the story of a bug that would become one of the most important vulnerabilities released this year. Also, we have free cookies. The findings we published earlier this year demystified the voodoo that is TR-069, demonstrated how mass pwnage can be achieved via server-side attacks, and proved the landscape is ripe for harvesting. We will continue where we left off to explore TR-069 client-side vulnerabilities; we analyze client implementations, pour some insight into mysterious results from our internet-wide scans, and follow to mass pwnage through remote code execution on millions of online devices. again.
Speakers: Sarah Harrison, gracefire Whistleblowing is becoming a progressively popular topic and ways to technically support anonymous submissions by journalistic sources are being increasingly discussed and developed. However, there is much more to protecting sources than the technical side. There is currently little discussion about the surrounding ethics, operational security and public protections of sources. Two women that have expertise in all areas of source protection; from submission, to publication, to after-care explain and discuss what source protection really means, issues that have arisen in recent years, often causing disastrous consequences, as well as the important lessons to learn from these and successful cases.
Speaker: Ben Dalton This talk asks how we might plan for the continuation of a privacy sustaining internet in light of growing trends in enforced identity checking and demonisation of everyday anonymity. It presents a 'free phonebox' project, which was tested at the FutureEverything art and technology festival in 2014, as an example of a social-technical system that promotes identity ambiguity in communication through the sharing of 'free' mobile phone minutes between strangers.
Speaker: David Kriesel Kopierer, die spontan Zahlen im Dokument verändern: Im August 2013 kam heraus, dass so gut wie alle Xerox-Scankopierer beim Scannen Zahlen und Buchstaben einfach so durch andere ersetzen. Da man solche Fehler als Benutzer so gut wie nicht sehen kann, ist der Bug extrem gefährlich und blieb lange unentdeckt: Er existiert über acht Jahre in freier Wildbahn.
Speaker: Zakir Durumeric The Heartbleed vulnerability took the Internet by surprise in April of this year. The vulnerability was one of the most consequential in the history of the Internet, since it allowed attackers to potentially steal login credentials, cryptographic keys, and other private data from up to half of all popular HTTPS sites. In this talk, we take a detailed look at Heartbleed and its aftermath, based on comprehensive measurements and analysis that our research team performed over the past six months. We began tracking Heartbleed's impact within hours of its disclosure using massive ZMap scans and large network telescopes. This allowed us to track which sites remained vulnerable, observe certificate revocations, and monitor for large scale attacks in close to real time. Based on this data, we also conducted one of the largest ever mass vulnerability notifications, informing the network administrators for all devices still susceptible to Heartbleed across the entire IPv4 address space. Finally, we investigated the question of whether attackers knew about and exploited Heartbleed prior to its public disclosure---and we will present new details about this question in the talk. We hope that by learning from the Heartbleed security disaster, our community can prepare to respond more effectively to such events in the future.
Speaker: Nick Sullivan Two weeks after the Heartbleed bug was announced, CloudFlare patched the Heartbleed bug, created a challenge to prove the bug could be used to find private keys (uncovering a second bug in OpenSSL) and turned its entire network into a giant honeypot. This session will discuss the specific steps taken to prevent early disclosure, creating and scaling the first public vulnerability test, how the CloudFlare Heartbleed challenge showed that you can reveal private SSL keys (how a second bug in OpenSSL made this possible) the incredible impact of revoking over 100,000 certificates in a single day, and the results of our honeypot revealing the proportion of attack traffic versus research traffic.
Speakers: frank, Fefe Im Format einer lockeren Abendshow werden wir die Nachrichten-Highlights des Jahres präsentieren, die Meldungen zwischen den Meldungen, die subtilen Sensationen hinter den Schlagzeilen.
Speaker: Richard Stallman For freedom in your own computer, the software must be free. For freedom on the internet, we must organize against surveillance, censorship, SaaSS and the war against sharing.
Speaker: Erich Moechel - Station VIENNA in der US-Botschaft 1090 Wien - VIENNA ANNEX beim UNO-Sitz in Wien 1220 - Legacy Standort „NSA-Villa“ Wien 1180 - Relaystation Exelberg,Breitbandnetz von NSA/SCS über Wien - Equipment und Funktion der FORNSAT-Station Königswarte.
Speakers: Eric Wustrow, Hovav Shacham Full-body scanners, also known as "naked scanners", are used in airports and other government facilities to detect metallic and nonmetallic objects hidden beneath people's clothes. In many countries, they play a critical part in airline security, but they have also been criticized for being unsafe, ineffective, and an invasion of privacy. To shed scientific lights on these questions, we conducted the first rigorous, independent security evaluation of such a system. We bought a government-surplus Rapiscan Secure 1000 full-body scanner on eBay and extensively tested it in our lab. We found that it's possible to conceal knives, guns, and explosives from detection by exploiting properties of the device's backscatter X-ray technology. We also investigated computer security threats: malicious software and hardware that can compromise the effectiveness, safety, and privacy of the machine. In this talk, we'll explain how full-body scanners work, describe the results of our experiments, and draw lessons to inform transportation security, embedded systems security, and the public debate over secretive and privacy invasive government technologies.
Speaker: Alexis We from EveryCook are building an open source computerized cooking device. At 29c3 I presented the idea of digital cooking and people gave me an awesome feedback. Now, 2 years later the industry giants have realised that connecting computers and kitchen devices can do awesome things. But do they create open standards? Of course not! They create little black boxes speaking strange languages that you can't integrate in an ecosystem that wasn't designed by the manufacturers themselves. We still want an open ecosystem for free exchange of information about food and recipes. We came closer to our goal. Let me tell you...
Speaker: Frank Rieger, erdgeist, Linus Neumann, heckpiet, Constanze Kurz Auch das Jahr 2014 geht irgendwann vorbei. Deshalb werfen wir einen Blick zurück auf die für uns besonders relevanten Themen und versuchen abzuschätzen, was im Jahr 2015 auf uns zukommen könnte.
Speaker: Andreas Dewes I will explain why quantum computing is interesting, how it works and what you actually need to build a working quantum computer. I will use the superconducting two-qubit quantum processor I built during my PhD as an example to explain its basic building blocks. I will show how we used this processor to achieve so-called quantum speed-up for a search algorithm that we ran on it. Finally, I will give a short overview of the current state of superconducting quantum computing and Google's recently announced effort to build a working quantum computer in cooperation with one of the leading research groups in this field.
Speaker: Theresa Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick!
Speaker: Marmusha So you want to author a next Stuxnet (or even cooler than that). Here is the success recipe: forget what you have known about cyber security. When an attack transitions from control of a digital system to control of a physical process, physics and time become controlling factors instead of the digital rules encoded into your microcontroller. The holly CIA trinity is meaningless in the physical world. The uncontrollable but still running process is not really available; process dynamics does not stop simply because the controlling equipment is DoSed; electronically segregated components can still communicate over physical media (the process) and a physical phenomenon can be measured terribly wrongly (so that the wrong measurement will be proudly delivered to the digital application in a totally secure way). Where physics plays a governing role, IT security concepts are rendered useless. Please welcome a new arrival in the "damn"-frameworks series - Damn Vulnerable Chemical Process. Come to the lecture and learn what it takes to exploit a physical process: how to find vulnerabilities and how to exploit them with minimal cost and maximum impact. Get astonished about the gazillion of uncertainties you will have to face on your way to disruptive goal and realize that the TIME is ONLY what matters while designing your attack . Make sure to visit local library and refresh your knowledge on physics, chemistry, mechanics, control theory, signal processing and algorithms. The lecture will teach you how to apply this knowledge in the exciting world of cyber-physical exploitation.
Speaker: Julia Reda After years of debate, EU copyright law is finally being revisited. The Commission will present a proposal for reform within 4 months of 31c3. And it's high time: There has never been a bigger discrepancy between the technical feasibility to share information and knowledge across all physical borders and the legal restrictions to actually do so. This talk outlines the unique opportunity and the challenge to bring copyright into the 21st century that lies in front of us. Hackers ensured that people were heard during last winter's public consultation. Can they now also ensure a progressive outcome of the reform process?
Speaker: Ange Albertini Binary tricks to evade identification, detection, to exploit encryption and hash collisions.
Speaker: Katharina Nocun Die Kritik am Freihandelsabkommen TTIP und CETA auf die Chlorhühnchen zu beschränken, greift viel zu kurz. Denn bei den beiden Abkommen zwischen der EU und den USA und der EU und Kanada steht noch viel mehr auf dem Spiel. Egal ob Datenschutz, Demokratie oder Urheberrecht – Abkommen, an denen Konzerne unter Ausschluss der Öffentlichkeit mitschreiben können, sind selten eine gute Idee. Sitzungsdokumente mit “unverbindlichen” Lobby-Vorschlägen und Leaks der Vertragstexte lassen wenig Gutes erwarten. Datenschutzstandards laufen Gefahr zu Handelshemmnissen erklärt zu werden. Konzerne pochen darauf, Staaten vor außerstaatlichen Schiedsgerichten auf Schadensersatz verklagen zu können. Was die Bürger wollen, wurde im ganzen Verhandlungsprozess der beiden Freihandelsabkommen nicht einmal gefragt. Doch “Klicktivismus” war gestern – neue Strategien und Tools halfen dabei, eine Welle des dezentralen Protests loszutreten.
Speaker: René Freingruber EMET (Enhanced Mitigation Experience Toolkit) is an application which can be used to further harden a Windows system by adding additional security protections to running processes. These protections include several ROP (Return-Oriented-Programming) checks, shellcode detection mechansims, heap-spray mitigations and many more. The talk covers techniques to bypass EMET 5.1 (the current version) and shows the audience how hard/easy it is for an attacker to accomplish this.
Speakers: Philipp Jovanovic, aumasson "Nearly all of the symmetric encryption modes you learned about in school, textbooks, and Wikipedia are (potentially) insecure." -- Matthew Green In recent history, we saw time and again (to some extent catastrophic) failures of cryptographic constructions for authenticated encryption (AE) due to bad design choices, implementation errors and a lack of reliable standards. After an introduction providing some background information on these topics, we present CAESAR, a new cryptographic competition which aims to find solutions to the problems mentioned above. In the second part of the talk, we introduce NORX, a new and next-generation AE scheme and our candidate for CAESAR.
Speaker: olia lialina Since 10 years I write about Vernacular Web and Digital Folklore, about early days of the web and web design before it became a profession. It is not that easy to find pages that were made in 93-97 and are still online or look the same. Things changed in 2009, when Yahoo announced that they are closing Geocities, number one free hosting service of the last century, "myspace of the 90es", first home for many web users and a jest for "professional web" In half a year yahoo gave its users to copy their data, Archive Team managed to partly rescue the pages and release one terabyte torrent of it. In 2010 my partner Dragan Espenschied and I started to download the files. In the middle of 2011 Dragan restored the archive and we started to go through the profiles: collecting, tagging, comparing, analyzing. One Terabyte of Kilobyte Age project started. We don't only collect and restore but bring this culture of the 90es back to the web, using contemporary infrastructure. It is http://oneterabyteofkilobyteage.tumblr.com/ that posts a screenshot of a page every 20 minutes since February 2013. Or my channel on Vine, that allows to see those pages animated and with sound. And of course the blog http://contemporary-home-computing.org/1tb/ where we describe the findings. In my HIGHLY ILLUSTRATED talk I'd like to introduce to the audience pearls of the early web culture, going much deeper than usual Under Construction signs and animated GIFs nostalgia. Will show what did it mean to make a web page technically, philosophically and ideologically. Will also talk about our unique technical setting for emulating the pages and what digital preservation really means. And last but not least will talk about newer cases of deleted social networks and social services.
Speakers: Ian Goldberg, George Danezis and Nikita Borisov In the wake of the Snowden revelations and the explicit targetting of address book and buddy list information, social service providers may wish to actively avoid learning which of its users are friends. In this talk, we will introduce the workings of a surprising technology called private information retrieval, or PIR. Then, we will describe its use in DP5, a new suite of privacy-preserving presence protocols that allow people to determine when their friends are online (and to establish secure communications with them), without a centralized provider ever learning who is friends with whom.
Speaker: Michael Büker An overview of 70 years of nuclear weapons, focusing on some of the underlying physics, the international politics that surround the topic, modern technology for nuclear weapons detection and monitoring, and what everyone can do to help nuclear disarmament.
Speakers: Aylin, greenie, Rebekah Overdorf Stylometry is the study of linguistic style found in text. Stylometry existed long before computers but now the field is dominated by artificial intelligence techniques. Writing style is a marker of identity that can be found in a document through linguistic information to perform authorship recognition. Authorship recognition is a threat to anonymity but knowing ways to identify authors provides methods for anonymizing authors as well. Even basic stylometry systems reach high accuracy in classifying authors correctly. Stylometry can also be used in source code to identify the author of a program. In this talk, we investigate methods to de-anonymize source code authors of C++ and authors across different domains. Source code authorship attribution could provide proof of authorship in court, automate the process of finding a cyber criminal from the source code left in an infected system, or aid in resolving copyright, copyleft and plagiarism issues in the programming fields. Programmers can obfuscate their variable or function names, but not the structures they subconsciously prefer to use or their favorite increment operators. Following this intuition, we create a new feature set that reflects coding style from properties derived from abstract syntax trees. We reach 99% accuracy in attributing 36 authors each with ten files. We experiment with many different sized datasets leading to high true positive rates. Such a unique representation of coding style has not been used as a machine learning feature to attribute authors and therefore this is a valuable contribution to the field. We also examine the need for cross-domain stylometry, where the documents of known authorship and the documents in question are written in different contexts. Specifically, we look at blogs, Twitter feeds, and Reddit comments. While traditional methods in stylometry that work well within one domain fail to identify authors across domains, we are
Speaker: Mareike Foecking Im Rahmen meiner Forschungsarbeit "Das Bild im digitalen Wandel" beschätige ich mich mit der Veränderung der Bilder im Rahmen der Veränderung der medialen Anwendung und Vermittlung von Bildern. Darüber würde ich gerne sprechen.
Speaker: Trammell Hudson In this presentation we demonstrate Thunderstrike, a vulnerability that allows the installation of persistent firmware modifications into the EFI boot ROM of Apple's popular MacBooks. The bootkit can be easily installed by an evil-maid via the externally accessible Thunderbolt ports and can survive reinstallation of OSX as well as hard drive replacements. Once installed, it can prevent software attempts to remove it and could spread virally across air-gaps by infecting additional Thunderbolt devices.
Speaker: Natalia Lukaszewicz The Maker movement and patent law are like two planets moving on the orbit of innovations. Occasionally, they collide … because the Maker planet moves too fast. But, back on the Earth. Encounters with patent law can be of many reasons, e.g. filing a patent application or being blocked in making by a patent (or much worse, being accused of a patent infringement). The latter motivated the question of the permissible uses of patented inventions. The talk explains which activities on patents are lawful and keep Makers safe in their making.
Speakers: cyphunk, nathan fain 3 theater projects that illustrate the false "California Ideology" and ask us to look at our slip into neoliberalism through the backdoor of technology and to consider the ethics in the protocol.
Speakers: Robert Verch, Eva Olivin Eine Mietwohnung ist seit circa 20 Jahren verlassen, ihr Bewohner nicht auffindbar. Unveränderte Möblierung, Ausstattung und persönliche Hinterlassenschaften sind jedoch noch vorhanden und unberührt.
Speaker: Stefan Wehrmeyer Die interessantesten IFG-Geschichten des Jahres mit Anfragen und Ablehnungen, Klagen und Kampagnen. Außerdem: wie wir mit Hilfe des Journalismus der Informationsfreiheit neuen Antrieb geben werden!
Speaker: Anja Drephal During World War I, homing pigeons were used to carry messages and take photographs over enemy territory. Today, experiments are being conducted to remote-control insects for similar purposes. This talk intends to give an overview of 100 years of living drones, speculate on future developments in the field, and question the ethical implications of the practice.
Speaker: Johannes Taelman Axoloti is an integrated platform for digital audio: its graphical editor is an easy-to-use toolbox for creating sound synthesis or processing algorithms. The audio processing runs on a microcontroller board, and runs standalone after editing.
Speaker: Richard Marggraf Turley What do the arts and literature have to contribute to urgent debates about the technization of food production? What can a play from 1605 tell us about fairer distribution of natural resources today? Equally, how might a cyber thriller from 2011 help us debate contentious issues such as gene-based technologies and utopian visions of knowledge-led society? This talk considers agri-tech and food security across a wide sweep of social and political terrain, from the Arab Spring to the European horsemeat scandal, from Shakespeare to Daniel Suarez. It argues that the arts and sciences need to cooperate to deepen understanding about, and define actions on, the big challenges facing a needy world. Finally, it suggests ways in which the arts and technology can assist us in arriving at a model of society in which resources are distributed not only more efficiently, but also more equitably.
Speaker: Leslie Dunton-Downer June 5, 2014 marked one year since leaks by NSA whistleblower Edward Snowden began to be introduced to a worldwide public. On this date, transmediale teamed up with N.K. Projekt and Leslie Dunton-Downer, 2014 fellow at The American Academy in Berlin, for the Magical Secrecy Tour, a bus journey exploring Berlin as the global capital of informed response to mass surveillance. This inside look at the project features first-ever screening of footage shot by filmmaker Simon Klose (TPB AFK) for his documentary about the tour.
Speaker: Will Scott This talk will reflect on teaching Computer Science in Pyongyang over the last two years, and look at how technology has been integrated into civilian life in the DPRK. Remaining an extremely isolated country, many people would be surprised to hear that cellphones have become commonplace within the capitol, let alone that the country invests in custom hardware and software. I'll talk through the current state of desktop and mobile technology in pyongyang, and what's changing.
Speaker: Kai Kunze The talk gives an overview about the emerging field of smart glasses and how they can be used to augment our mind (e.g. how to improve our brain with technology). The talk will focus mostly on how to quantify cognitive tasks in real world environments. I also present a first application scenarios on how to use smart eyewear (e.g. google glass or JINS MEME) for short term memory augmentation and cognitive activity recognition.
Das c-atre collectivdrama präsentiert THE TIME IS RIGHT, ein Science-Fiction-Theaterstück nach einer Idee von yetzt. „Es geht um das große Ganze! Die Bewahrung von freiem Wissen, freier Kultur – ohne Copyright-Mafiosi, die jeden Pups, der dir entfleucht, lizenzieren wollen!“ (Jo) Als die Aktivisten Mo und Jo bei einer ihrer geheim-gefährlichen Widerstandsaktionen gegen die drohende Allmacht der Verwertungsgesellschaften von dieser sonderbaren jungen Frau, die wie aus dem Nichts erscheint, überrascht werden, ahnt noch niemand, welche weitreichenden Folgen diese Begegnung im Kampf für die Kunst der Zukunft gehabt haben wird. THE TIME IS RIGHT Schauspieler/innen: Carolin Meyer Gero Nagel Jens Ohlig Josefine Matthey Martine „authmillenon“ Lenders Mirko „macro“ Fichtner Pierre Pronchery Sebastian „epunc“ Marg Sigi Oepke Merle von Wittich Elisabeth Krüger Carolina Rocha Schauspielerische Leitung: Josefine Matthey Dramaturgie: Carolin Meyer Text: das c-atre in Zusammenarbeit mit yetzt Musik/Sound/Komposition: Dirk Geier Bühnenbild: Peter Stoltz Sebastian Marg Kostüm: das c-atre Maske: Vivien Pöltl Technik: Sven Wagner UA: 03. Juli 2014, c-base Berlin
Speaker: Netanel Rubin tl;dr EXPLOIT ALL THE PERL. We chained several of Perl’s ridiculous syntax quirks in order to create a surprisingly powerful attack, bringing down some of the most popular Perl-based projects in the world to their knees. Brace yourselves, RCE exploits are coming.
Speakers: Maria Xynou, Claudio, vecna Have you ever wondered who is watching while you are reading your favourite media online? Whether we are reading the Guardian, the New York Times, the Hindu or any other news website, third party trackers are collecting data about our online behaviour. This lecture will present Tactical Tech's new project, Trackography, which shows that we are all part of a global tracking business.
Speakers: timobaumann, Arne Köhn Transcribing a talk comes relatively easy to fast typists, whereas turning a transcript into time-aligned subtitles for a video requires a much larger human effort. In contrast, speech recognition performance (especially for open-source-based solutions), is still poor on open-domain topics, but speech technology is able to align a given text to the corresponding speech with high accuracy. Let's join forces to generate superior subtitling with little effort, and to improve future open-source-based speech recognizers, at the same time!
Speaker: Kévin Redon How do garage gate remotes work? It turns out the ones from MegaCode simply send a individual fixed code. And with little efforts if was possibly to clone them, send arbitrary codes, and record them all.
Speaker: BeAnotherLab The Machine To Be Another is an open-source interactive system designed to explore the relationship between identity and empathy through interdisciplinary performance-experiments drawing from neuroscience, VR, storytelling and art. Through research collaborations we have been developing applications in contexts of conflict resolution, the arts and healthcare.
Speaker: Tonimir Kisasondi This talk will show a new method for password cracking called UNHash. UNHash as a tool uses rulefiles that are something in between of a DSL (Domain specific language) and a python script to describe the password cracking process. This talk will show how to mix web service abuse, knowledge of human nature and data mining to enable far better attacks against passwords. We will be focusing on a few features: cracking default passwords on network systems with minimal effort, testing for embedded backdoors and offline attacks by data mining and modeling about 33 million user account to gain insight in how users choose their passwords and how can we use that knowledge to speed up password cracking for 20% more gain for non pseudorandom passwords.
Speaker: Magnus Extending the common 3-space-to-2-space projections to 4D and higher and how certain types of fractals can be presented using these expansions. After that we‘ll have a closer look at Fractal Flames as used in Electric Sheep.
Speaker: Walter van Holst This speech about how the hacker scene is failing its own ideals and what questions must be addressed to make a real difference.
Speakers: Matthias Herz, Michael Johann „Vertrauen ist gut - Kontrolle ist besser.“ Dieses Idiom gilt mehr denn je, sofern man die Aktivitäten von Geheimdiensten bewerten mag. Wie seit einiger Zeit bekannt ist, ist die Mär der massenhaften Überwachung des Einzelnen Realität. Ob und inwieweit dies Auswirkungen auf die Realität des Einzelnen hat, steht im Fokus der vorliegenden Studie.
_______________________________ Opt-out! No stream/recording available! _______________________________ Speakers: Jöran Muuß-Merholz, Ralf Appelt, Blanche Fabri, it4n6, Martin Krönke Beim Googlequiz spielen max. 7 Teams mit je max. 7 Spielern gegeneinander. Sie dürfen dabei nicht Google benutzen. Es ist eine recht spaßorientierte Angelegenheit, so dass auch Zuschauer willkommen sind. Beim Googlequiz werden Aufgaben gestellt, für die man im Kopf bzw. im Team Lösungen sucht. Google oder überhaupt das Internet darf dafür nicht genutzt werden. Vorkenntnisse braucht man nicht. Das Googlequiz war 2014 schon ziemlich gut. Für 2015 bauen wir eine komplette Neuauflage. Die Vorbilder, von denen die 2015er Edition inspiriert ist, heißen: Der Preis ist heiß, Glücksrad, Eins-Zwei-oder-Drei, Familienduell, Ruck-Zuck, Wikipedia. Die Dinge, die beim #30c3 neu und gut waren, werden ausgebaut: laute, irritierende Musik sowie laute, irritierende Luftballons.
_______________________________ Opt-out! No stream/recording available! _______________________________ Speaker: Tim Pritlove The Podlove Project wants to lift podcast publishing on a new level by producing software, standards and specifications. Tim Pritlove introduces using Podlove Publisher, the Podlove Web Player, the Podlove Subscribe Button and other parts of the Podlove Infrastructure.
Speaker: Alexa O'Brien A discussion with U.S. Army private Chelsea Manning's attorneys Nanny Hollander, Ahmed Ghappour, and Chase Strangio. Moderated by journalist Alexa O'Brien.
Speaker: Tor E. Bjørstad In the parliamentary elections of September 2013, more than 250 000 Norwegians in selected municipalities were able to vote from home. They were taking part in a national trial of Internet voting, building on an advanced cryptographic protocol.
Speaker: breakthesystem Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick!
Speaker: Jonas Öberg Re-using works licensed under Creative Commons seems pretty simple, but it can often be quite time consuming. One image might be okay, but keeping track of the license and attribution of a thousand images in your mashup, or when quoting from massively crowdsourced data sets such as Wikipedia? Whoah! Don’t we have computers to do that for us!? We do – but there’s no widespread support for including licensing or author information when sharing or reusing digital works. This session will discuss how this should work in the open knowledge environment.
Speaker: Nicolas Wöhrl The next revolution in data processing is Quantum computing. This talk is an entertaining “tour de force” starting with a brief introduction to the fascinating yet strange theories of quantum physics, the concepts of using these in quantum computing and the latest results on qubits in devices made out of real diamonds. If you want to learn about the machines that decrypt your passwords in the coming years and how you can actually grow diamonds in your microwave oven (and who wouldn’t?) this talk is for you!
Speaker: Peter Sewell Computers have become ubiquitous and essential, but they remain massively error-prone and insecure - as if we were back in the early days of the industrial revolution, with steam engines exploding left, right, and centre. Why is this, and can we do better? Is it science, engineering, craft, or bodgery? I'll talk about attempts to mix better engineering methods from a cocktail of empiricism and logic, with examples from network protocols, programming languages, and (especially) the concurrency behaviour of programming languages and multiprocessors (from the ARMs in your phone to x86 and IBM Power servers), together with dealings with architects and language standards groups.
Speaker: Seth Schoen As we've called for widespread use of HTTPS, the cost and complexity of the certificate system has been an obstacle.
Speakers: Jacob, arma The current state of the Tor network and community, covering important updates, discussions of the ecosystem of software, and include a longer Q&A than previous CCC talks!
Speaker: Leon 31C3 Infrastructure Review
Speakers: Ryan Lackey, Andres Erbsen, Jurre van Bergen, Ladar Levison, equinox When the Internet was designed, it was thought to be meadows full of daisies. As we now know, it's a dark place, where communication is monitored and subverted. This session presents both developments in known solutions, as well as novel suggestions, to liberally apply crypto to improve the foundations of Internet communications.
Speakers: the_no, absolem We are the PayPal 14. For the last several years we've been restricted in what we could or couldn't say about our court case. Our sentencing is on December 4th, ending the legal restrictions on what we can share about our story.
Speakers: Tamas K Lengyel, Thomas Kittel New methods and approaches for securing cloud environments are becoming increasingly more critical as traditional host security strategies are not well integrated into virtual environments. For example, antivirus scans are a critical component of layered defense-in-depth, but in the cloud they rapidly exhaust available CPU and memory. The cloud environment nevertheless offers a unique opportunity: the ability to peer into a running operating system from an outside perspective, known as virtual machine introspection (VMI). More interestingly, it is also possible to alter the behavior of the virtualized components to help protect virtual systems in real-time. In this talk we will explore the open-source LibVMI library which over the last year, as part of the DARPA Cyber Fast Track program, has been significantly extended to ease the process of developing cloud security solutions.
Speaker: Madonius In this talk an introduction to amateur telescope making (ATM) will be provided. Starting from grinding the mirror, testing it and building the telescope around it.
Speaker: Dr Gareth Owen This talk presents the results from what we believe to be one of the largest studies into Tor Hidden Services (The Darknet) to date.
Speaker: Tim Pritlove, Holger Klein Überraschung! Nach einem halben Jahr der Sendeabstinenz, haben wir uns anlässlich des 31. Chaos Communication Congress in Hamburg wieder zu einer einzelnen neuen Sendung zusammengefunden: der 31C3 Late Night. In hoffnungslos übermüdeten und betrunkenem Zustand veranstalten wir einen wilden Ritt durch den Wahn der Zeit
Speakers: tomate, dodger 31C3 Closing Event
Speakers: Carina Haupt, Linus Neumann
Speaker: Fatuma Musa Afrah
Speaker: greenstadt What does the fact that Tor users can’t edit wikipedia mean for the quality of the ``encyclopedia that anyone can edit?’’ How do captchas and blocking of anonymity services affect the experiences of Tor users when they are trying to contribute content? This talk will discuss the increasing limitations of active participation in the anonymous Internet and the findings of our interview study of Tor users and wikipedia editors concerning these issues. We believe that by understanding the contributions Tor users make—and that people denied access to anonymity tools don't make—we can help make the case for the value of anonymity online. The belief that a free and open Internet enables people to accomplish great things together is at the core of projects like Wikipedia, open source software, and online political activism. The term “peer production” has been used for years to describe a new kind of collaborative project-—one that is facilitated by the Internet and in which people self-organize to create things they value, whether that’s software, encyclopedias, news, maps, or just about anything else. But research about these projects and how they work generally doesn't take into account the value of anonymous participation. Moderating user-generated or peer-produced content has challenges and many services (Yelp, Google, Wikipedia, Cloudflare, etc) have turned to third party blacklists, real-name policies, and banning users of anonymity networks like Tor to handle real and perceived abuse issues. The result of such decisions in aggregate means that the Internet offers uneven opportunities for participation and engagement. It’s easy to imagine anonymous participants as only jerks and trolls, but much harder to quantify the contributions that don’t happen when anonymity is banned or made more difficult. We interviewed Tor users about their participation in peer production projects and Wikipedia editors about their priv
Speakers: nelles-al-badri Eine zweite Büste der ägyptischen Königin sei gefunden worden, meldete Ägyptens größte Zeitung. Der Fund war jedoch Teil einer Kunstaktion, die Museen und Kunstmarkt für deren Umgang mit Antiken kritisiert. Nelles und Al-Badri haben mit einem portablen Scanner die Daten der Nofretete aus dem Neuen Museum in Berlin geraubt und den daraufhin angefertigten 3D Druck in Kairo ausgestellt. Mit ihrer multimedialen Intervention „The Other Nefertiti“ stellen sie Fragen nach Original und Kopie, nach dem Monopol auf Digitalisate und fordern die neokolonialen Strukturen von Museen heraus. Auf dem Kongress werden sie über notwendige Lügen sprechen und Kunst als oppositionelle Strategie, alternative Erzählungen und wie Deutsche den Terror von Daesh finanzieren.
Speaker: Holger Krekel FOSS and hacker culture meeting the EU buereaucracy. What can possibly come out of that? We'll discuss what is involved for FOSS projects and other interested parties to get $$$ funding by the European Union. Hackers deal with rule systems and their execution. And the European Union issues a lot of rules which are executed by the "commission" and its employees. Within the Horizon2020 framework programme 80.000.000.000 Euros will be distributed towards research projects across Europe between 2014-2020. Shouldn't some of that money go to purposes deemed useful by 32c3 attendants? No surprise, the formal rules a project has to live by just for an application proposal is somewhat amazing. FOSS hackers, on the other hand, are used to communicate and adapt to a multitude of programs and systems. Looking from the right angle, it can be interesting to understand how an EU funded project is supposed to work. Even if you don't usually find arbitrary rule systems and their execution interesting you may learn some interesting bits and pieces about how (not) to interact with the EU - should you decide that your project is ready or desperate enough to go that way. Some of these "bits and pieces" can take weeks to research and be summarized in 3 minutes. We'll specifically look and discuss how it played out for the NEXTLEAP project which aims to research decentralized crypto protocols and communities. Discussed in the hallways of 31c3 well after midnight it managed to receive 2 Million Euro in funding.
Speaker: Anna Im März 2014 wurde der NSA-Untersuchungsausschuss im Bundestag eingesetzt, der die Verwicklungen um die deutschen Geheimdienste aufklären soll. Ein Rück- und Ausblick: Was wissen wir heute, was erwartet uns noch? Immer wieder stößt der Ausschuss, der die (Zusammen-)Arbeit der deutschen Geheimdienste und der Five Eyes untersuchen soll, auf Schwierigkeiten. Die Abgeordneten und ihre Mitarbeiter müssen unter widrigen Bedingungen mit Unmengen an eingestuften Papierakten arbeiten und bekommen wichtige Informationen vorenthalten. Die Gedächtnislücken vieler Zeugen sind bemerkenswert, ebenso wie die eigenartigen Rechtsauffassungen der Spione, die zu Tage treten. Die Theorie, dass Grundrechte nicht im Weltraum gelten, ist nur ein Beispiel von vielen. Die Szenerie gleicht nicht selten absurdem Theater und doch wissen wir mittlerweile mehr als am Anfang. Der Vortrag wird einen Überblick über das geben, was wir seit Beginn des Ausschusses erfahren haben und einen Ausblick auf das bieten, was uns noch erwartet. Nicht zuletzt soll überlegt werden, welche Schlussfolgerungen wir aus den Erkenntnissen ziehen und was sie uns über die Unmöglichkeit der Geheimdienstkontrolle offenbart haben.
Speaker: Joanna Rutkowska Can we build trustworthy client systems on x86 hardware? What are the main challenges? What can we do about them, realistically? Is there anything we can? In the first part we will take a look at the security problems we encounter on modern Intel-based x86 systems, specifically on laptops. In the second part we will discuss how most (all?) of these problems could be addressed, with just minimal hardware modifications realizable by laptop OEMs.
Speakers: Kirst3nF, Walter van Holst In recent years, NGOs have been struggling to defend civil rights in Brussels. As human rights defenders, it is part of our job to detect failures in the EU’s digital policy-making. But we rarely have the opportunity to explore the underlying reasons and to debug Europe’s kernel package. In this talk, we want to analyse the EU’s biggest fails and explore the following questions: Where and why is the European Union failing? Can the EU learn from its failures? Where and what is the European digital rights movement? How do we make our advocacy more successful? In recent months, these fails have received a great deal of attention in the press – Oettinger’s Taliban attacks, Schroedinger’s net neutrality, the cybercybercyber war and the repeated repackaging of ACTA. It is reasonable to say that in a complex system like the European Union, system failure is a perpetual risk. However, for the defence of human rights and, indeed, many other policy issues, limiting those risks is absolutely essential. This is why we want to explore how we can gain insights and use valuable information from recent fails to fix the EU’s vulnerabilities. Most importantly, if we wish to prevent the more serious failures in the future, we need to examine how and where our advocacy fails. Access and European Digital Rights fight for digital rights at the EU level. Although we’re detecting and fighting a large number of failures that the European Union produces with regard to digital policy-making, we’re still very far from preventing the big fails. For instance, instead of proposing real solutions to the migration crisis, the EU’s shortsighted vision focuses on border surveillance. Instead of an urgently needed reform of Europe’s privacy rules, its governments water down the protections for their citizens. Instead of safeguarding the open and neutral internet, the EU paves the way for discrimination by the big telcos. Inst
Speakers: panic, sev The REXUS/BEXUS programme allows students from universities and higher education colleges across Europe to carry out scientific and technological experiments on research rockets and balloons. Each year, two rockets and two balloons are launched, carrying up to 20 experiments designed and built by student teams. By reference of two experiments we were involved in, we will explain the way from the experiment idea to the launch and test of it. Bringing an experiment into space aboard a sounding rocket or into the higher atmosphere aboard a balloon is not as hard as one might think. Students from Europe can simply write a proposal and apply for the REXUS/BEXUS programme, which is realised by an agreement between the German and Swedish space agencies, DLR (German: Deutsches Zentrum für Luft- und Raumfahrt) and SNSB (Swedish National Space Board, Swedish: Rymdstyrelsen). The Swedish share is furthermore accessible to teams from other European countries through ESA. For REXUS, two sounding rockets are launched from northern Sweden every year, each one capable of carrying up to 5 experiments (max. experiment payload mass approx. 40kg) to an altitude of 80-90km. The experiments have to be engineered to withstand at least 20g of acceleration during ascent and descent, and experience milli-gravity when close to the apogee. In addition, the space specific thermal and vacuum environment need to be considered. Since the altitude is too low for reaching an orbit, the rocket motor and payload falls back to ground and is recovered by helicopters. The experiments are then returned to the student teams and the data from the 10min flight can be analysed, for instance, atmospheric measurements or technology demonstrators. Similarly for BEXUS, two balloons per year are launched from the same location in Sweden and allow for carrying up to 12 experiments (max. 100kg). The balloon lifts the gondola with inside experiments to an altitude between 25-30km.
Speakers: Daniel Lange (DLange), Felix "tmbinc" Domke Analysis of the emission scandal shaking the German automotive industry from a procedural, organizational and technical level. Includes insight into cheating for advanced managers and code extraction from ECUs from Ebay. And from Volkswagen. Initially. The exhaust emission scandal has visibly shaken the confidence auto buyers put into the German automotive industry. The details are – half a year after Volkswagen managers confessed to fraud – scarce, very scare. Both around the procedural and the technical details of the betrayal. Daniel will show how engineering a Electronic Control Unit (ECU) works, and how many people are involved. And he will take a look at the revealing communication from the affected parties. That try to share nothing with many words but still reveal a few interesting details. Felix takes the other approach and looks at body of evidence that 8+ million people have access to but too few took a closer look. He will share the tricks to extract the firmware from the affected engine control units and share the findings he made along the way and when he looked at the plain and honest truth in code.
Speakers: Sec, Schneider News about the rad1o half a year later – cool stuff that happened, and why you need an SDR. The rad1o was the badge for the Camp 2015. This talk will be a bit about what went into a project of this size, what went well and what not so much. The main part is about what we (and lots of other volunteers) have done with it – both standalone and with a computer, and why y’all need to play more with SDR.
Speaker: Evan Roth In Internet Landscapes, Evan Roth will discuss his work as it relates to visualizing, archiving and understanding the Internet and its effects on culture with a focus on the misuse of communication technologies. Roth will trace his personal and creative history within an Internet landscape that has changed significantly in the last 16 years. The presentation will include a range of work culminating in his more recent pilgrimages to the beaches of the UK, New Zealand and Sweden, where submarine Internet fiber optic cables reach the land. Armed with an array of paranormal technologies, Roth will recount his personal quest to visualize and reconnect with a changing Internet landscape.
Speakers: Maik Brüggemann, Ralf Spenneberg Unser Vortrag demonstriert einen PLC-only Wurm. Der PLC-Wurm kann selbstständig ein Netzwerk nach Siemens Simatic S7-1200 Geräten in den Versionen 1 bis 3 durchsuchen und diese befallen. Hierzu ist keine Unterstützung durch PCs oder Server erforderlich. Der Wurm „lebt“ ausschließlich in den PLCs. PLCs der Baureihe Siemens Simatic werden über einen proprietäres Protokoll verwaltet. Mit diesem Protokoll kann ein PLC gestartet und gestoppt werden. Es können Diagnoseinformationen gelesen und der Upload/Download von Benutzerprogrammen durchgeführt werden. Für die S7-300/400 existieren bereits OpenSource-Lösungen die das Siemens Protokoll unterstützen. Mit der Einführung der neuen Produktreihe S7-1200 wurde das alte Protokoll von Siemens abgelöst und durch ein neues Protokoll ersetzt. Zu diesem neuen Protokoll steht weder eine offizielle Dokumentation zur Verfügung noch existieren veröffentlichte Untersuchungen. Wir haben dieses Protokoll basierend auf der S7-1200v3 analysiert und können beliebig Benutzerprogramme mit diesem Protokoll auf einer PLC installieren bzw. auslesen. Hierauf aufbauend haben wir einen PLC-Wurm entwickelt, der selbstständig ein beliebiges Netzwerk nach S7-1200v3 Geräten durchsucht und diese befällt wenn die Schutzmechanismen ausgeschaltet sind. Der Wurm ist ausschließlich in der Programmiersprache SCL programmiert und benötigt keine weitere externe Unterstützung. Für die Fernsteuerung der infizierten PLCs haben wir einen Command&Control Server implementiert. Infizierte Geräte können sich automatisch mit diesem Server verbinden. Über diese Schnittstelle können wir aus der Ferne beliebige Steuerausgänge verändern. Eine Proxy-Funktionalität erlaubt es uns über einen Tunnel auf weitere Systeme in dem Netzwerk zuzugreifen. Schließlich kann über den Steuerungsserver auch der Defect-Modus ausgelöst werden. Hierdurch stellt die PLC ihre Arbeit ein. In diesem Modus is
Speaker: Clifford Yosys (Yosys Open Synthesis Suite) is an Open Source Verilog synthesis and verification tool. Project IceStorm aims at reverse engineering and documenting the bit-stream format of Lattice iCE40 FPGAs and providing simple tools for analyzing and creating bit-stream files, including a tool that converts iCE40 bit-stream files into behavioral Verilog. Currently the bitstream format for iCE40 HX1K and HX8K is fully documented and supported by the tools. Arachne-PNR is an Open Source place&route tool for iCE40 FPGAs based on the databases provided by Project IceStorm. It converts BLIF files into an ASCII file format that can be turned into a bit-stream by IceStorm tools. This three projects together implement a complete open source tool-chain for iCE40 FPGAs. It is available now and it is feature complete (with the exception of timing analysis, which is work in progress).
Speakers: Peter Laackmann, Marcus Janke Dr. Peter Laackmann und Marcus Janke zeigen mit einem tiefen Einblick in die Welt der Hardware-Trojaner, auf welchem Wege „Institutionen“ versuchen können, sich versteckten Zugang zu Sicherheits-Hardware zu verschaffen. Wer bzw. was kann Hersteller dazu bringen, den Einsatz von „Backdoors“ zu akzeptieren, zu billigen, zu unterstützen oder sogar selbst zu initiieren? Wann ist es Mutwilligkeit, wann Ignoranz, wann Dummheit? Versteckte Zugänge zu Sicherheitschips, auch als „Backdoors“ bekannt, stellen eine erhebliche Bedrohung für die Sicherheit persönlicher Daten in vielen heutigen Anwendungen dar. Die Referenten zeigen detailliert, auf welchem Wege „Institutionen“ versuchen können, sich versteckten Zugang zu Sicherheits-Hardware zu verschaffen. Die Beispiele reichen von der einfachen Firmware-Änderung über Schaltungsmodifikationen in Herstellungsmasken, bis hin zu Sondertechnologien, deren Nutzung als „Backdoors“ auch in der Zertifizierung nahezu undetektierbar ist. Gleichzeitig wird gezeigt, auf welchen Wegen jeder Beteiligte in Entwicklung, Produktion und Anwendung helfen kann, „Backdoors“ schon im Ansatz zu verhindern. Besonderes Augenmerk liegt auf der Erkennung bestimmter als vermeintliche „Sicherheitsfeatures“ angepriesener Technologien, die jedoch ihren Einsatz als Hardware-Trojaner stark begünstigen und somit geradezu herausfordern. Auch der moralisch-ethische Aspekt soll beleuchtet werden: Wer bzw. was kann Hersteller dazu bringen, den Einsatz von „Backdoors“ zu akzeptieren, zu billigen, zu unterstützen oder sogar selbst zu initiieren? Wann ist es Mutwilligkeit, wann Ignoranz, wann Dummheit? Der Vortrag zeigt, was man gegen diese Bedrohung schon präventiv auf jeder Ebene unternehmen kann und wie sich die Abwesenheit von „Backdoors“ wirksam kontrollieren läßt. Die Autoren blicken auf über 25 Jahre private und fast 20 Jahre berufliche Erfahrung im Ber
Speaker: vimja, ari, Patrick Stählin, Hakuna MaMate 2015 und 2016 sind wichtige Jahre für die Netzpolitik in der Schweiz, denn die Parlamente entscheiden sowohl die Revision des BÜPF (Bundesgesetz betreffend die Überwachung des Post- und Fernmeldeverkehrs) als auch das NDG (Nachrichtendienstgesetz). Die beiden Gesetze würden den entsprechenden Bundesbehörden deutlich mehr Handlungsfreiheiten einräumen, wenn es um das Sammeln von Daten auf Vorrat und das Überwachen der Telekommunikation geht. Im Vortrag geben wir eine Übersicht über die beiden Gesetze und sprechen darüber, welche Auswirkungen sie unserer Meinung nach haben werden und was wir dagegen unternehmen und bereits unternommen haben. Einige der am stärksten kritisierten Punkte der Gesetze sind: Dem Nachrichtendienst wird der Einsatz von Staatstrojanern gestattet, Dem Nachrichtendienst wird exzessiver Zugriff auf den Internetverkehr in der Schweiz gestattet (Kabelaufklärung), Die Vorratsdatenspeicherung in der Schweiz wird weiter ausgebaut. Wir gehören zum CCC-CH und zur Digitalen Gesellschaft (Schweiz). In der Schweiz haben die Stimmberechtigten die Möglichkeit, das Referendum zu ergreifen. Gelingt es, innerhalb von einhundert Tagen nach in Kraft treten der Referendumsfrist 50'000 Unterschriften zu sammeln, so kommt der Gesetzesentwurf vor das Stimmvolk, welches das letzte Wort hat. Doch 50'000 Unterschriften wollen erst mal gesammelt werden… Leider werden die Gesetze zeitlich versetzt verabschiedet, so dass die Referendumsfristen nicht, wie ursprünglich erhofft, zusammenfallen. Es ist durchaus denkbar, dass es sich dabei um ein politisches Manöver handelt, da das BÜPF doch deutlich mehr Gegner hat als das NDG. Im Falle des NDG hat die Digitale Gesellschaft, zusammen mit der Piratenpartei Schweiz, grundrechte.ch und dem CCC-CH, unter nachrichtendienstgesetz.ch eine Plattform erstellt, um die Unterschriftensammlung zu koordinieren. Zum Zeitpunkt des 32C3 wird die
Speakers: Florian Grunow, Niklaus Schiess Angae means "Fog" in Korean. The term is widely used in parts of custom code used by the Red Star OS. We will lift the fog on the internals of North Korea's operating system. Our talk will provide information about how privacy is invaded for all users of Red Star OS and how an operating system designed by a totalitarian dictatorship works. In 2014 the version 3 of North Korea's Red Star operating system was leaked. It is based on Linux and has the look and feel of a Mac. There is also a server version available. We will start the presentation by giving a general overview and presenting findings that already hit the net during the last year, like research on Red Star’s custom browser and its configuration. The focus of the presentation is to explain in depth how the architecture of the components is made up and to give a detailed overview of the privacy invading custom code implemented into the OS. The system is designed to defend and protect itself from changes made from user space. We will analyze the interaction of the components and the protection mechanisms and provide information on how to deactivate some of the malicious functionality of Red Star OS. North Korea abuses the principals of free software to provide an operating system that suppresses free speech. Therefore we think it is necessary to disclose this information to the public and present the audience on how to get around the limitations introduced by North Korea. Investigating functionality that can be used to invade the privacy of users was our primary goal. We found that the features implemented in Red Star OS are the wet dream of a surveillance state dictator. It provides a set of surveillance features like the capabilities to watermark different types of files that can be used to track the distribution of documents and multi-media files. We will have an in depth look on how some of these features built the foundation for a suppressive s
Speaker: Philipp Winter Several years ago, the Great Firewall of China was silently upgraded to find and block circumvention servers that employ encryption to defeat deep packet inspection. The system is now used to block protocols such as Tor, SoftEther, and SSH. In this talk, we will give an overview of how this system works, and how it can be circumvented. The GFW's reactive probing system scans egress network traffic for circumvention protocol signatures, and then launches short-lived probes to verify if the suspected server is, in fact, speaking the circumvention protocol. If that is the case, the GFW adds the IP address and port of the server to a country-wide blacklist, preventing people in China from connecting to it. We recently finished a multi-month research project in which we looked at the system from different angles to answer several open questions. In particular, we will talk about: How the reactive probing system makes use of thousands of unique IP addresses to launch its probes. We discuss our hypotheses on the physical design of the reactive probing system. Our evidence shows that all these IP addresses are either hijacked, or that the GFW operates a large, geographically distributed network of proxies. We show patterns in the IP, TCP, and TLS headers that suggest that the thousands of reactive probing IP addresses we harvested are controlled by few centralized systems. How the system seems to flush its blacklist regularly, providing a short window for circumvention. The effectiveness of the system, i.e., how good is it at blocking servers and how well does it scale? How the GFW seems to treat science and education networks different from consumer networks. Ways to troll the Great Firewall of China.
Speaker: Ilja van Sprundel This presentation covers windows kernel driver security issues. It'll discuss some background, and then give an overview of the most common issues seen in drivers, covering both finding and fixing issues. In this presentation I intent to cover a rapid fire set of issues that commonly occur in windows drivers. From the trivial (ioctl, probing) to the obscure and subtle. The presentation will discuss these issues, illustrate them with examples, and offer developer guidance on how to avoid and mitigate these issues. Whether you're a security researcher, a developer looking for some security guidance when writing these drivers, or just generally curious about driver internals, there's something here for all.
Speaker: Yaniv Balmas Key-Loggers are cool, really cool. It seems, however, that every conceivable aspect of key-logging has already been covered: from physical devices to hooking techniques. What possible innovation could be left in this field? Well, that’s what we used to think too. That is until we noticed that little grey box sitting there underneath a monitor, next to yesterday’s dirty coffee cup. The little grey box that is most commonly known as ‚KVM‘. The talk will tell the tale of our long journey to transform an innocent KVM into a raging key-logging monster. We will safely guide you through the embedded wastelands, past unknown IC’s, to explore uncharted serial protocols and unravel monstrous obfuscation techniques. Walking along the misty firmware woods of 8051 assembly we will challenge ambiguous functions, and confront undebuggable environments. Finally, we will present a live demo of our POC code and show you that air-gapped networks might not be as segregated as you imagined. You will witness that malware code could actually reside outside your computer, persisting through reboots, wipes, formats, and even hardware replacements. You might laugh, you might cry, but one thing is certain – you will never look at your KVM the same as before Our presentation will guide the audience trough an entire research project process: from the choice of a research subject, the learning stage, trough the many failures along the way, and until a complete success is finally achieved. Our research process provides useful insights for both entry-level and experienced researchers in the hardware hacking area. This research sheds light on a brand new field that has yet to be uncovered by the security community. We believe that CCC, as one of the world’s largest security convention, will provide the most suitable stage to share our research story and its implications. And finally, this talk is the product of a long research project
Speaker: Marcell Mars Public Library is the synergy of two efforts. First, it makes the case for the institution of public library and its principle of universal access to knowledge. Second, it is an exploration and development of distributed internet infrastructure for amateur librarians. If Public Library is a proposal/RFC Memory of the World is its proof of concept and reference implementation. In the catalog of History the institution of public library is listed in the category of phenomena of which we humans are most proud. Along with free public education, public healthcare, the scientific method, Universal Declaration of Human Rights, Wikipedia, free software… It’s one of those almost invisible infrastructures that we start to notice only once they go extinct. A place where all people can get access to all knowledge that can be collected seemed for a long time a dream beyond reach – until the egalitarian impetus of social revolutions, the Enlightment idea of universality of knowledge, and the expcetional suspension of the comercial barriers of copyright made it possible. The Internet has, as in many other situations, completely changed our expectations and imagination about what is possible. The dream of a catalogue of the world – a universal access to all available knowledge for every member of society – became realizable. A question merely of the meeting of curves on a graph: the point at which the line of global distribution of personal computers meets that of the critical mass of people with access to the Internet. Today nobody lacks the imagination necessary to see public libraries as part of a global infrastructure of universal access to knowledge for literally every member of society. However, the emergence and development of the Internet is taking place precisely at the point at which an institutional crisis — one with traumatic and inconceivable consequences — has also begun. The reactionary forces of the »old regime« are
Speaker: Sergey Gordeychik, Aleksandr Timorin, repdet For years SCADA StrangeLove team speaks about vulnerabilities in Industrial Control Systems. Now we want to show by example of railway the link between information security and industrial safety and demonstrate how a root access gained in a few minutes can bring to naught all the years of efforts that were devoted to the improvement of fail-safety and reliability of the ICS system. Railroads is a complex systems and process automation is used in different areas: to control power, switches, signals and locomotives. At this talk we will analyze threats and vulnerabilities of fundamental rail-road automation systems such as computer based interlocking, automatic train control and automatic train protection. No vendor names and vulnerabilities details will be released, for obvious reasons. By the way, all research based on hands-on security exercises and most of issues are confirmed and processed by vendors.
Speaker: Alexander Graf Did you ever want to have access to a few hundred thousand network end points? Or a few hundred thousand phone numbers? A short look behind the curtains of how not to do network security. Have you ever wondered why cable modem providers don’t allow you to swap out your modems with your own? Once you look at the network your modem (and thus you once you gain access to it) has access to, a whole new world of security mess-up lies ahead. Join me in exploring how DOCSIS (the standard behind cable modems) works, how it’s used today in a real life example setup, how you could potentially make it secure and what implications this has to you as an end user. I will also show you what happens if you don't look out for security on the DOCSIS network and how that can lead to compromising other people's modems, private networks and telephone access.
Speaker: Simon In the past years there has been a lot of discussion on the topic of state sponsored surveillance. But hardly any material can be accessed to support the general debate due to vaguely declared security concerns. So we are debating Big Brother with little knowledge about what he actually sees, while he is watching. Over the course of three years, I was able to research the archives left by East Germany's Stasi to look for visual memories of this notorious surveillance system and more recently I was invited to spend some weeks looking at the archive by the Czechoslovak StB. Illustrating with images I have found during my research, I would like to address the question why this material is still relevant – even 25 years after the fall of the Iron Curtain.
Speaker: rahra The Amiga was one of the most powerful and wide srpead computers in the late 80's. This talk explains its hardware design and programming. The Amiga 1000 appeared in 1985 and was followed by the Amiga 500 a few years later, which had the same design concept but was a little bit more powerful. The hardware design was highly sophisticated and powerful and was years ahead to other computers at the time then. Equipped with the Motorola 68000 Microprocessor as the CPU which was internally a full 32 bit processor and several additional co-processors for various complex DMA tasks it was perfect for graphics-intensive software. This talk explains the hardware in detail, how all those processors interacted and how it was programmed.
Speaker: Trammell Hudson Last year at 31c3 we disclosed Thunderstrike, the first firmware attacks against Macbooks. This year we’ve ported old UEFI vulnerabilities to the Mac and will demo Thunderstrike 2, an extension to the attack that no longer requires physical access and can replicate via shared Thunderbolt devices.
Speaker: LaForge Seven years after presenting „running your own GSM network“, we are back presenting about how to do the same for 3G (UMTS/HSPA) networks. Seven years ago, the now famous „running your own GSM network“ talk was held at 25C3, paving the way for a first step into the then-new field of applied research (aka hacking) into mobile communications research. The result of that talk is what is known as OpenBSC. Together with its sister-projects OsmoBTS, OsmoPCU, OsmoNITB, OsmoSGSN and OpenGGSN are commonly used to run GSM/GPRS networks as a means to perform security research, offensive as well as defensive. Now, the team behind those projects has finally started work on supporting 3G base station hardware, extending the scope from 2G/2.5G/2.75G technologies towards UMTS, HSDPA and HSUPA. The talk will cover * what was/is required to implement in terms of the protocol stacks, * the current status of this work, * how it integrates into the Osmo* world, * how it is envisioned to be usd in mobile security research. Like at 25C3, there will also be a demo, of course..
Speaker: Ryan Lackey Datahavens have long been discussed as a solution to user security and privacy needs. Instinctively, the idea of physical locations where servers for communications, financial privacy, and other services can work is easily understood and seems appealing. As a founder of the HavenCo datahaven on Sealand in 2000, I saw firsthand the potential and the pitfalls of this approach. Datahavens have long been discussed as a solution to user security and privacy needs. Instinctively, the idea of physical locations where servers for communications, financial privacy, and other services can work is easily understood and seems appealing. As a founder of the HavenCo datahaven on Sealand in 2000, I saw firsthand the potential and the pitfalls of this approach. We will discuss the concept behind datahavens, some specific examples, the legal and technical challenges they face, and how specifically HavenCo failed. While projects to date have largely failed, there is hope for the future, both in the physical datahaven approach and in technical measures, so there is good reason to be optimistic.
Speaker: INCO CubeSat are small standardized satellites typically flown as secondary and containerized payloads piggybacking on the launches of larger satellites. Their low entrance cost have been a revolution in opening access to space for a broad range of institutions. In this talk the basics of CubeSat standards, technology and development are going to be presented. The goal is to proliferate the knowledge of what it takes to successfully build, launch and operate a CubeSat within and beyond the hacker community. It has been 12 years since the first CubeSat was launched. Invented as a standard for university student satellite projects, the advantages of the CubeSat standard made it outgrow the educational field. The (relatively) low entrance hurdle in terms of cost and regulations has inspired many to pursue their own satellite project. But why do about 50% of all first-time CubeSats fail early? This talk is aiming at spreading the knowledge of how to tackle the task of conducting a CubeSat mission. What are the special requirements for CubeSats? How is the space environment different from what we came to expect for earth-based projects? What kind of components are available? What (FOSS) tools are available for the design and verification process?
Speaker: David Kaplan Software design and testing is hard, but what happens when each bug fix can cost months of delay and millions of dollars? In this talk we’ll take a behind-the-scenes look at the challenges in the design of a very complex, yet critical piece of hardware: the modern x86 CPU. All hardware design and testing is complex, but x86 CPUs are designs that must work correctly basically 100% of the time. They are critical not only for running your applications, but for enforcing the security of the entire system. In this talk, we’ll explore what modern x86 CPU hardware looks like, describe some of the methodology around CPU testing, and discuss real-world hardware design. So does that all make flawless hardware? Of course not! CPU bugs do happen, and when dealing with hardware bugs, it’s rarely as simple as “download this patch”. This talk will additionally look at some of the various capabilities used with modern chips to address late-breaking issues, from special configuration bits to microcode to even focused ion beams. The goal of this talk is to not only provide the listener with a glimpse into the world of complex hardware design, but to hopefully inspire software engineers with new ideas on how to test equally critical software that must “just work”.
Speakers: Karsten Nohl, Fabian Bräunlein, dexter Payment systems are old and have – unlike card protocols – seen little scrutiny so far. This talk enumerates design and implementation flaws in payment processing systems, which can defraud consumers and merchants. Like most embedded devices, payment system elements are potentially vulnerable to a range of attacks. This has not changed in years. What did change, though, is the exposure of these vulnerabilities: Serial interfaces are now exposed via ethernet; proprietary backend protocols are reachable over the Internet TCP, and flaws in real time operating systems are widely known. This talk provides an overview of design issues and implementation vulnerabilities in current payment processing systems, including un-authenticated protocols and insecure hardware implementations, which enable fraud vectors against merchants who operate payment terminals and consumers who use them. Some of them remote and pre-auth ...
Speakers: gannimo, npc@berkeley.edu Memory corruption is an ongoing problem and in past years we have both developed a set of defense mechanisms and novel attacks against those defense mechanisms. Novel defense mechanisms like Control-Flow Integrity (CFI) and Code-Pointer Integrity (CPI) promise to stop control-flow hijack attacks. We show that, while they make attacks harder, attacks often remain possible. Introducing novel attack mechanisms, like Control-Flow Bending (CFB), we discuss limitations of the current approaches. CFB is a generalization of data-only attacks that allows an attacker to execute code even if a defense mechanism significantly constrains execution. Memory corruption plagues systems not just since Aleph1's article on stack smashing but since the dawn of computing. With the rise of defense techniques like stack cookies, ASLR, and DEP, attacks have grown more sophisticated but control-flow hijack attacks are still prevalent. Attackers can still launch code reuse attacks, often using some form of information disclosure. Stronger defense mechanisms have been proposed but none have seen wide deployment so far due to the time it takes to deploy a security mechanism, incompatibility with specific features, and most severely due to performance overhead. Control-Flow Integrity (CFI) and Code-Pointer Integrity (CPI) are two of the hottest upcoming defense mechanisms. After quickly introducing them, we will discuss differences and advantages/disadvantages of both approaches, especially the security benefits they give under novel memory corruption attacks. CFI guarantees that the dynamic control flow follows the statically determined control-flow of the compiled program but an attacker may reuse any of the statically valid transitions at any control flow transfer. CPI on the other hand is a dynamic property that enforces memory safety guarantees like bounds checks for code pointers by separating code pointers from regular data. Data-only attacks a
Speaker: Peter Buschkamp Light of astronomical objects gets distorted as it passes earth’s atmosphere. Adaptive optics can correct this distortion and create images that are as sharp as those taken in space. The correction needs a bright reference star. If there is no such star nearby, an artificial Laser Guide Star can be created in the upper atmosphere. A lot of clever real time software, hardware and feedback loops steer a deformable mirror to straighten the distorted wavefront. The talk looks at the technologies of this fascinating technique and will also cover the question how to become a laser-rocket-scientist. Also, there will be star-wars like laser pew pew pictures & videos. In the first part I will talk about the background of adaptive optics and how it enables ground-based observations which people though to be impossible only two decades ago. We will look at the building blocks of such a system and how they are combined to work together nicely. The second part will look at a real Laser-AO system, the project I have worked with, ARGOS at the LARGE Binocular Telescope in Arizona. I will present the system in detail and talk about the little things in all the black boxes. Mechanics, electronics, Optics and Software. We will have images and videos of the system at work and look at first test results showing the potential of this system. ARGOS feeds one of three near-infrared multi-object spectrometers that exists on this planet (Instruments name: LUCI). LUCI is used to record light from the universe 11 billion years ago to to answer the question where galaxies came from and how they developed. In the last (somewhat shorter) part I want to briefly talk about what it takes to get into this kind of work, how to become a „laser rocket scientist“. I get this question a lot in Q&A sessions and therefore want to address it right away. There are misconceptions about his type of work and quite a number of people leave the field again – mainly
Speakers: djb, Tanja Lange Last year your friend Karen joined the alternative music scene and sent you a sound track. The government is recording everything, and this year announced that alternative music is a gateway drug to terrorism (see http://www.theguardian.com/australia-news/2015/sep/25/radicalisation-kit-links-activism-and-alternative-music-scene-to-extremism). Fortunately, Karen encrypted the email. Fast forward to 2035. Stasi 2.0 has risen to power and has decided that, to protect society, anyone who has ever been exposed to alternative music will be sent to a „better place“. They still have a copy of Karen’s ciphertext. And here’s the really bad news: They’ve just finished building a billion-qubit quantum computer. Back in 2015, large general-purpose quantum computers haven’t been built yet, but the consensus is that they will be built, and that they will allow well-funded attackers to retroactively break practically all of today's deployed public-key cryptography. RSA will be dead. ECC will be dead. DSA will be dead. „Perfect forward secrecy“, despite its name, won’t help. Fortunately, there are replacement public-key cryptosystems that have held up very well against analysis of possible attacks, including future quantum attacks. This talk will take a hands-on look at the two examples with the longest track records: namely, hash-based signatures (Merkle trees) and code-based encryption (McEliece).
Speakers: Inbar Raz, Gadi Evron With the advancement of defensive security and the constant release of research papers into their toolsets, advanced threat actors have had to adapt with new operational security practices, as well as with new technology. With the advancement of defensive security and the constant release of research papers into their toolsets, advanced threat actors have has to adapt with new operational security practices, as well as with new technology. Examples of this are how long it takes for a threat actor to take its operation offline once a public report of it's tools is getting released, or the technology it may be using to cope when its expensive code base that has taken years of development suddenly becomes public property. Two quick examples are the geographical distribution of attacks, which are often (mis)used in attribution, and the use of cryptography for reuse of now public code bases.
Speakers: plutoo, derrek, smea In 2011 the Nintendo 3DS was released. Today it is the most popular current-gen handheld console, having sold more than 50 million units worldwide. The 3DS features a completely redesigned architecture from its predecessors the DS and the DSi. This talk will focus on the security features of the 3DS, and how we got around them. We start by presenting a summary of the security system of the 3DS from the ground up. After the introduction, we proceed to elaborately exploit each layer of the 3DS operating system, starting with userspace, kernelspace, and finally gain code-execution in the security processor. We also present how we figured out a hardware secret built into the console, and an early break in the chain of trust. Basic knowledge of embedded systems and CPU architectures is recommended, although we aim to also make it enjoyable for non-technical audiences.
Speaker: Gianteye In this talk Matthew Borgatti, Lead Scientist at Super-Releaser, will take you through the process of turning a puddle of goo into a working soft robot. He will take you through the different mechanisms that can be created, simple processes for fabricating soft robots, and methods for joining elements together into sophisticated assemblies. Soft robots are slowly trickling out of universities and labs into everyday life. Amazon is experimenting with installing soft grippers on robotic arms to pick any product off a warehouse shelf. DARPA just funded an extensive program to build soft exoskeletons for soldiers to enhance how much they can lift and how long they can march. My lab, Super-Releaser, is developing robotic spacesuit components for NASA as a subcontractor on a SBIR grant. On paper they might seem too complex to whip up at home, but if you’re the kind of person who loved Creepy Crawlers and have access to a 3d printer you can make your very own soft robots. Let’s take a step back to explain what a soft robot is and what they're good for. Most robots out there are made from hard parts like steel gears and plastic housings with the occasional rubber wheel or timing belt thrown in. When they respond to their environment it’s usually by reading sensors and using a processor to change their behavior accordingly. This responsiveness is called compliance. There’s another way to get compliance out of an engineered object, though: make the object soft. Everything from goat hooves to octopus tentacles, starfish suckers to human muscles, use softness and springiness to their advantage. When your robot responds to the environment by bending, say around the thing you’re trying to grip, getting a specific output, like putting that thing in a box to get packed up and shipped off, becomes a lot simpler on the computation side of things. Adding compliant mechanisms to your engineering toolbox can add huge problem solving power to any robo
Speakers: Bühne für Menschenrechte THIS EVENT IS NOT GOING TO BE RECORDED! Die ASYL-DIALOGE erzählen von Begegnungen, die Menschen verändern, von gemeinsamen Kämpfen in unerwarteten Momenten – eine dieser Geschichten spielt in Osnabrück, wo seit März 2014 ein breites Bündnis solidarischer Menschen bereits 37 Abschiebungen verhindern konnte und somit für viele bundesweit zum Vorbild wurde... The Asylum Dialogues Documentary Theatre - Actors for Human Rights Germany in German, with English, French and Arabic subtitles The ASYLUM DIALOGUES speak about encounters which change people, about joint fights in unexpected moments - one of the stories takes place in Osnabrück, where - since March2014 - a coaltion of solidary people could prevent until today 37 deportations and became a role model nationwide.
Speakers: frank, Linus Neumann, erdgeist, Constanze Kurz, Falk Garbsch Wir werden einen Überblick über die Themen geben, die den Chaos Computer Club 2015 beschäftigt haben. Neben der Zusammenfassung und der Rückschau auf das vergangene Jahr wollen wir aber auch über zukünftige Projekte reden.
Speakers: Will Scott, andz@torproject.org The techniques to control access to the Internet, and the ability to bring transparency to those processes are both continuing to evolve. We’ll give an update on the landscape of online information controls, and our ability to measure them. The talk will give an update on current country-level practices, the techniques in use to measure them, and an overview of major tools in use. Over the past couple years, restrictions on Internet access have grown even more ubiquitous. Many take the form of URL or Domain blacklists implemented by western countries, along with increased levels of self censorship on social platforms with user generated content. The measurement community continues to play a catch-up game. Through a mixture of watching legislature, an increased understanding of what we need to build to keep track of internet controls, and discoveries of side channels that let us externally measure connectivity, we’re making progress!
Speaker: Julia Maria Mönig In my talk I am 1) discussing philosophical concepts of privacy, especially Hannah Arendt's philosophy. I am 2) explaining why in a liberal-democratic system we need to protect our privacy and 3) what we can morally do to prevent catastrophes such as a totalitarian system from happening again. With Hannah Arendt's arguments and her analysis of totalitarian systems in mind, I am referring to three examples from today's privacy discussions: cybermobbing, Behavioral Advertising and secret services. That our privacy is at stake is not just a problem since the 2013 revelations of Edward Snowden. The 20th century philosopher Hannah Arendt is an important source to understand what `privacy' means and why we need to protect it. In my talk I am going to explain what Arendt understood as `private' throughout her work, and how her reasons to claim the protection of the private realm were connected with her analysis of the totalitarian systems in the 20th Century. In my contribution I am first discussing philosophical concepts of privacy, with a focus on Hannah Arendt's philosophy. Second, I am arguing why in a liberal-democratic system we need to protect our privacy. The third step will be to reason what we can morally do to prevent catastrophes such as a totalitarian system from happening again. Being a philosopher, I am going to make the philosophical — and in part legal — claims and preconditions understandable for a larger public. To prevent "what never ought have happened" from happening again we should, following Arendt, never refuse to judge about what is happening around us. I apply Arendt's framework of moral judging by examples to three cases from today's privacy discussions, Cybermobbing, Behavioral Advertising and secret services.
Speaker: Miguel Chaves There are two lines of research in the world about decreasing poverty in low-income communities: (1) to create solutions and share them with people living in low-income areas or (2) build the capacity of people from low-income areas to create their own solutions. Maker Spaces to BoP have showed great results to the strategy two. The lecture has the goal to expose all the experience we have learnt in the last three years to project, implement and manage a Maker Space in a favela in São Paulo - Brazil called Innovation Center Vila Nova Esperança (ICVNE). The terms “social innovation” and “social innovators” have become commonplace expressions in technology and development fields. More people have created new kinds of businesses and solutions to create positive impact in the society instead of just bringing interests to the partners of the company. However, in the last two decades, most resources available to build solutions for international development challenges were provided to institutions in richer countries. Most of the solutions, therefore, were coming from outside the local context or community. There are very few examples that show low-income people as responsible designers for good solutions. Several reasons try to explain why this has happened, but one essential reasoning is the belief that well educated people have more capacity to reach a good solution for any context, even if these people do not belong to the local culture or context. However, the main results of this methodology are anything but understanding and positive. The four main results are: dependence, lack of user needs understanding, (and, as such) little or no sense of ownership, and lack of maintenance. In order to address these four problems, different approaches to social innovation have started to be tested. One model that tries to explain these different approaches are called Design For, Design With, Design By. If this model is studied deeper, it
Speaker: Thomas Lohninger After two years the fight for net neutrality in Europe about the Telecom Single Market Regulation has come to a close. In this talk we will analyse the new net neutrality law and it's consequences and we give you the lessons learned from two years of EU campaigning. On 30c3 we launched the SaveTheInternet.eu campaign. Since then activists from all around Europe fought for net neutrality and the freedom of the open internet. At 32c3 the the legislative process in Europe will have come to a close and the campaign will be mostly over. In this talk we will look back and try to learn from past mistakes and successes. What has worked and what didn't? What will the new net neutrality law in Europe actually mean in practice? We assess the repercussions for the European internet and also for the global fight for net neutrality, particularly in the global south.
Speakers: gedsic, bigalex Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick! To get involved and learn more about what is happening please visit the Lightning Talks Wikipage.
Speaker: Ed Schouten CloudABI is an alternative runtime environment for UNIX-like operating systems that is purely based on the principle of capability-based security. This makes it possible to create applications that are strongly sandboxed, easier to test and easier to maintain. UNIX-like operating systems don't seem to make it easy to sandbox programs to harden them against exploits. They also don't allow you to run untrusted executables directly without compromising security, which is the reason why we require technology like virtual machines and containers to secure our systems. I am going to talk about a system I am developing called CloudABI. CloudABI is a simplified POSIX-like runtime environment that is inspired by FreeBSD's Capsicum. It allows you to create exectables that can solely interact with the environment through file descriptors (capabilities). This not only makes CloudABI more secure than the traditional POSIX runtime, it also makes it easier to test programs through dependency injection. This makes CloudABI a perfect environment for developing microservices. In my presentation I am going to focus on how CloudABI works, how you can develop software for it and how it works in practice.
Speaker: Fredy Kuenzler Buffering sucks! Why we see regular buffering when watching online video. What internet service providers could do to reduce buffering and why big players refuse to act. An attempt of calculating the economic cost of buffering. It’s all about Net Neutrality. Buffering is the visible effect which makes millions of broadband customers suffer.
Speakers: Walter van Holst, Nate Cardozo, mlp, Richard Tynan Transposition of the Wassenaar Arrangement, which now also covers export controls on exploits and surveillance technology, into European law is upon us. This panel discusses this, both on process and substance. The big issue is that this may stifle security research while at the same time we want to stop the Hacking Teams of this world. This is a panel discussing the various good or least bad ways to deal with this. Participants come from civil society and security research.
Speakers: Jugend hackt Auch in 2015 entstanden wieder zahlreiche Projekte bei Jugend hackt, die mit Code die Welt verbessern. Im Talk möchten die jugendlichen HackerInnen Einblick in ihre Ideen und Projekte geben, und ihre Perspektive auf die Welt vermitteln.
Speakers: Iga Bałos, Benjamin Henrion (zoobab) Ten years after the rejection of the European software patent directive by the European Parliament, the software patent problem still is not over. Political action is required. For further information, please refer to the attached document. It contains a one page summary of highlights, and five pages of a more detailed narrative. Finally, it includes the bio's of the three speakers.
Speaker: Markus Beckedahl Im Sommer kam heraus, dass der Generalbundesanwalt Ermittlungen gegen zwei Journalisten von netzpolitik.org in Gang gesetzt hatte. Das geschah, weil sich das Bundesamt für Verfassungsschutz dadurch auf den Schlips getreten fühlte, dass Auszüge aus ihren Haushaltsplänen der allgemeinen Bevölkerung bei netzpolitik.org zugänglich gemacht wurden. Zehn Tage lang gab es in der Sommerpause einen medialen Aufschrei, die Ermittlungen wurden gestoppt. Aber noch immer sind viele Fragen ungeklärt. Warum kam es überhaupt dazu, wer hat politischen Druck ausgelöst und sind die Regeln für die Pressefreiheit im Zeitalter des Internets noch zeitgemäß oder sollten sie dringend an digitale Realitäten angepasst werden? Der Vortrag will einerseits zurückblicken, aber auch die Learnings vorstellen, inklusive einer dringend notwendigen Debatte, wie wir ein Update der Pressefreiheit in Deutschland hinbekommen könnten.
Speakers: Ralf Spenneberg, Hendrik Schwartke, Oguzhan Cicek Der Hitag S Transponder wird in verschiedensten Applikationen eingesetzt. Während Angriffe für den Hitag 2 bereits bekannt sind, gilt der Hitag S in der Literatur noch nicht als gebrochen. Wir haben die beschriebenen Angriffe auf den Hitag S übertragen. Wir sind in der Lage den Schlüssel zu brechen und Informationen wie das Kennwort zu ermitteln, obwohl diese zusätzlich vor Lesezugriff geschützt sind. In Abhängigkeit des gewählten Angriffs benötigen wir für das Brechen des Schlüssels zwischen mehreren hundert Tagen und 5 Minuten. Wir haben einen Emulator gebaut, der jeden Hitag S Transponder nachbilden kann. Wird der Transponder in einem Schließsystem eingesetzt, können wir so eine Schlüsselkopie erstellen. Basierend auf unseren Ergebnissen und den Erfahrungen mit anderen Transpondern aus dem 125kHz Bereich können wir nur vor dem Einsatz in sicherheitskritischen Bereichen warnen. Die Hitag Transponderfamilie besteht aus mehreren unterschiedlichen Transpondern, zu denen auch der Hitag S gehört. Der Hitag S Transponder wird von dem Hersteller NXP in erster Linie für die folgenden Zwecke empfohlen: Wäscherei-Automation, Logistik, Lagerverwaltung und die Überwachung und Verwaltung von Tierherden. In der Realität werden Sie aber auch in Zutrittskontrollsystemen wie dem blueSmart-System der Firma Winkhaus eingesetzt. Der Hitag S Transponder bietet zwei Modi: Plain und Authentication. Im Authentication Mode ist der Zugriff auf den Speicher des Transponders erst nach einer erfolgreichen Authentifizierung möglich. Grundlage der Authentifizierung ist ein 48Bit Pre-Shared-Key. Für dieses Verfahren ist laut Hersteller leserseitig ein Krypto-Coprozessor erforderlich. In diesem Vortrag erläutern wir die unterschiedlichen, bei dem Hitag S, erfolgreich durchgeführten Angriffe zur Überwindung der Authentifizierung bzw. dem Brechen des verwendeten Schlüssels. Hierbei berücksichtigen w
Speaker: fractalfox This talk is a brief recap into EEG / BCI for hackers, makers, researchers, and artists. It will give an overview of current consumer devices and their flaws, and subquently present fully open-source, high-quality hardware and software. Finally implications for the future of modern society are outlined, especially how commercial EEG consumer devices or services may be exploited by corporations to cloudsource market research, or spy on health conditions, brain states or even leak private information. Strategies to circumvent these risks and secure brain wave experience are being discussed. In the recent years, affordable Brain-Computer Interfaces are becoming more accessible for consumers. Applications range from controlling computers / machines, biofeedback and Quantified Self. At first sight, the current generation of commercial devices seem to be decent in their functionality, and various use cases are suggested. However, neurophysiological signal quality, as well as limitations of software and hardware hackability are among the greatest issues and hurdles towards advancement in user experience. This talk is a brief recap into EEG / BCI for hackers, makers, researchers, and artists. It will give an overview of current consumer devices and their flaws, and subquently present fully open-source, high-quality hardware and software. Finally implications for the future of modern society are outlined, especially how commercial EEG consumer devices or services may be exploited by corporations to cloudsource market research, or spy on health conditions, brain states or even leak private information. Strategies to circumvent these risks and secure brain wave experience are being discussed. This talk can be seen as a sequel to last year's talk by MeTaMiNd EvoLuTioN and will also deal with further proceedings in open-source neurotech.
Speaker: Jeff Deutch This talk will focus on the potential ability of data disaggregated by race and ethnicity to reduce discriminatory policing in Germany. In the UK, data has been collected during police procedures, allowing for a monitoring and evaluation of discriminatory policing practices. Unfortunately, such an empirically driven policy approach is not currently possible in Germany. This talk will argue that, as a first step, a policy based off the UK approach towards data collection be implemented in Germany to incorporate, rather than ignore, Germany’s diverse identities, and to allow for empirically driven and more effective policing. As social exclusion and racial discrimination are highly tied to policing practices, it is essential that a reduction of discriminatory policing be part of the larger discussion on addressing social inequalities in developed nations. In Germany, the lack of data disaggregated by race and ethnicity means that there are no figures on the extent of racially or ethnically based discrimination. Germany presents a unique case for examining the collection of disaggregated data due largely to the term race, or Rasse, having negative connotations due to the misuse of such data during the Nazi era. This talk will focus on the potential ability of data disaggregated by race and ethnicity to reduce discriminatory policing in Germany, with a particular focus on ‘stop and search.’ Stop and search is a crime-prevention practice existing in both Germany and the UK which allows police officers to stop individuals they suspect of committing a crime, carrying a weapon, possessing stolen property, or carrying drugs. In Germany, federal police have the added power to stop a person suspected of committing an immigration violation. In the UK – due to pressure from civil society organisations, academics, and government officials – data has been collected during police procedures, allowing for a monitoring and evaluation of disc
Speaker: Vincent Haupert Neue App-basierte TAN-Verfahren sollen die etablierten Verfahren ablösen und Onlinebanking komfortabler machen. Die Notwendigkeit von dedizierter Hardware entfällt und Transaktionen können mit nur einem mobilen Endgerät durchgeführt werden. Was von den Kreditinstituten als Feature beworben wird, erweist sich in unserer Untersuchung als fatal. In einem Proof-of-Concept-Angriff demonstrieren wir die Manipulation von Transaktionsdaten und zeigen die konzeptionelle Schwäche von App-basierten TAN-Verfahren. Die deutschen Kreditinstitute wenden sich zunehmend von den alten TAN-Verfahren ab. Als Motiv zur Erschließung neuer Techniken abseits der indizierten TAN-Liste, mTAN und chipTAN wird neben der Sicherheit auch der fehlende Komfort durch die Notwendigkeit dedizierter Hardware angeführt. Neue App-basierte TAN-Verfahren erlauben es dem Nutzer, eine Transaktion mit seinem mobilen Endgerät (Android oder iOS) auszulösen und auf dem selben Gerät zu bestätigen -- und das bei vermeintlich höherer Sicherheit als bei den etablierten Verfahren. Wir haben die Sicherheit solcher App-basierten TAN-Verfahren am Beispiel des pushTAN-Verfahrens der Sparkassen ausgewertet und attestieren dem Verfahren gravierende konzeptionelle Schwächen. Der bewusste Verzicht auf eigenständige Hardware zur Transaktionsauslösung und -bestätigung macht das Verfahren für Schadsoftware zu einer leichten Beute. Zur Demonstration dieser Schwächen haben wir einen Angriff entwickelt, der vom Nutzer Transaktionen abfängt und vor ihrer Bestätigung nach Belieben manipulieren kann.
Speaker: Peter Löwenstein Initiative Freifunk, ein Projekt des Chaos Darmstadt e.V. - Wie kamen wir mit den Verwaltungen, den Verbänden und Parteien ins Gespräch, um freifunk für refugees umzusetzen? Zeitstrahl Entwicklung von Freifunk Initiative Darmstadt 03/15 bis 12/15 Was hat sich in den 10 Monaten geändert – und warum? Welche Parteien haben das Thema Freifunk in kommunale Parlamente Südhessens getragen – und mit welcher Begründung? Wie reagierten Regierungspräsidium, Bürgermeister und Kreistage als Betreiber der Unterkünfte auf die Freifunk Initiative? Welche Apps passen zu Freifunk für Flüchtlinge – und warum? Was habe ich gelernt? Warum Bündnisse eingehen besser ist als auf nur eine Partei zu vertrauen Erkenne die Chancen auf Veränderungen, wenn die ganze Verwaltung chaotisch geworden zu sein scheint – nur woran? Telekom, Vodafone oder unitymedia sind keine Gegner: Vier Argumente für Freifunk, mit der sich trotz den ganz Großen die Rathaustüren für freifunk weit öffnen Wie Flüchtlinge das Internet nutzen – und wofür nicht. Chancen und Risiken Freifunk 2016: Was ich erkennen kann – Ernüchterung, Burnout und Professionalisierung.
Speaker: Matthias Tarasiewicz (parasew) AXIOM is the first professional, extendable, affordable and modular cinema camera platform based on Free ("libre") Software, Open Design, Open Hardware, transparent development processes and extensive documentation. The community project establishes an ecosystem that offers a sustainable basis for a broad spectrum of imaging applications and empowers enthusiasts, videographers as well as developers in the technology and creative industry sectors. Since 2006 the apertus° community has been developing open tools to tackle demands of professionals working in contemporary video and film production. The community extends from renowned Directors of Photography in prominent Hollywood studios to emerging independent filmmakers, developers, artists and researchers all working from different locations around the world. AXIOM is a very ambitious project, using principles of FLOSS, extended on the whole design, production and software of a professional, modular cinema camera. With AXIOM, our ambition is to free film makers of the artificial limitations introduced through the “closed” products being available.
Speakers: Vera Tollmann, Boaz Levin During this lecture presentation, Boaz Levin and Vera Tollmann, co-founders of the Research Center for Proxy Politics, will develop the proxy as a figure of thought by spinning and testing it in different contexts. The Research Center for Proxy Politics aims to explore and reflect upon the nature of networks and their actors, that is, machines and things as well as humans. The proxy, a decoy or surrogate, is today often used to designate a computer server acting as an intermediary for requests from clients. Originating in the Latin procurator, an agent representing others in a court of law, proxies are now emblematic of a post-representational political age, one increasingly populated by bot militias, puppet states, ghostwriters, and communication relays. During the period of the project (September 2014 to August 2017) the center hosts a series of workshops at the Universität der Künste, Berlin, revolving around a wide range of relevant topics including the politics of digital networks, the political economy of crypto-currencies, the genealogy of networked thought, the mediality of physical landscapes and strategies of opacity. The center also conducts material, experimental, investigations into the conception and construction of alternative networks, or alternets.
Speakers: taziden, Adrienne Charmet Earlier this year, following the tragic events of early January in Paris, the French governement pushed a bill to put a legal framework around Intelligence Services activities. Far from protecting civil liberties, this bill seem to be the translation of Snowden's revelations into law. Despite the fact this law was in the making for many years, its content seem to be inspired by Snowden's revelations. French intelligent services, willing to become more independent from US ones were certainly waiting for this bill for a long time, giving them uncompared power on every one (IMSI Catchers, algorithmic black boxes in ISP networks, etc etc) A patch to the law has been voted, legalizing international cable wiretapping for the DGSE (French NSA), providing them legal protection for what existed since at least 2008 as a NouvelObs journalist revealed some weeks ago. In this talk, we'll also give an overview over the legal actions taken by several NGO's to defeat this laws. Following the November 2015 Paris attacks and the declaration of a state of emergency, we'll extend the initial scope of the talk to give an overview of the latest securitarian/autharitarian developments in France.
Speaker: Paul Fuxjaeger "Signal level is high but throughput is low" is a common experience in WLAN networks without central management. That causes a lot of frustration, mainly because there is no easy way for users to OBSERVE the presence of interference at all. In order to improve this situation we developed a patch for OpenWRT which makes interference from other sources visible and is able to display the current utilization-ratio (channel load). No additional hardware is required and no interruption of normal operation is necessary - because recent chipsets maintain internal counters for channel load tracking. We all love WLAN/IEEE802.11 networks. It's wonderful what we do with a few slices of free spectrum without the need for any central coordination. The Problem is: demand for these few radio resources is increasing faster than additional free spectrum gets allocated. A potential tragedy of the commons situation is approaching. Additionally, there is a heavy new user on the block: mobile operators want to start utilizing those free 5GHz bands. Protocols labelled License-Assisted-Access (LAA) or LTE-Unlicensed (LTE-U) have been put into silicon and large scale rollout can be expected to start during 2016. This talk presents a modification to OpenWRT that will help coping with increased interference load over the next years. We think this feature is necessary to avoid a tragedy-of-the-commons situation in license-exempt bands (2.4/5GHz) due to ever increasing demands and node densities. The same way as we would be frustrated when we are unable to measure the general noise level in a room prior to deciding to use it to have a verbal conversation in it. We started testing this feature (modifications to the mac80211 sublayer and to luci) at this years BattleMeshV8 in Maribor, Slovenia. Public release is planned for November 2015.
Speaker: Cornelius Diekmann We develop a tool to verify Linux netfilter/iptables firewalls rulesets. Then, we verify the verification tool itself. Warning: involves math! This talk is also an introduction to interactive theorem proving and programming in Isabelle/HOL. We strongly suggest that audience members have some familiarity with functional programming. A strong mathematical background is NOT required. TL;DR: Math is cool again, we now have the tools for "executable math". Also: iptables! We all know that writing large firewall rulesets can be hard. One huge problem. Let's write a tool to statically verify some properties of our rulesets! Now we have three huge problems: (1) writing flawless firewall rulesets. (2) making sure that our verification tool does the right thing. (3) making sure that the internal firewall model of our tool corresponds to the real world. In this talk, we will solve these problems from front to back. We focus on problems (2) and (3). Warning: this talk involves math! First, we need to specify the behavior of the Linux netfilter/iptables firewall. In order to be convincing, this model must be small and simple. It should fit on one slide. However, firewalls can be quite complex and the model must cope with this. For example, looking at `man iptables-extensions`, we see numerous match conditions. But nobody required that our model must be executable code; we will specify the model mathematically. For example, this allows to define arbitrary match conditions. Technically speaking, we define the filtering behavior of iptables in terms of bigstep semantics. Mathematical specifications can be very powerful, in particular when we get to the point where the specification is not directly "executable". Enough math, let's write some executable code to do something with our ruleset. For example, unfolding the jumps to user-defined chains, checking that some packets will be certainly blocked, or checking that we got th
Speaker: Alvar Freude Das Nonplusultra für hauptamtliche Jugendschützer sind Filterprogramme, auch „Jugendschutzprogramme“ genannt. Doch was machen die Programme, welche Wirkungen und vor allem Nebenwirkungen haben sie? Und was macht eigentlich der Zombie JMStV? Die Bundesländer wollen in einem neuen Anlauf den Jugendmedienschutzvertrag (JMStV) verschärfen. Ein Kernpunkt ist: Möglichst viele (oder alle) Webseiten sollen maschinenlesbare Alterskennzeichen tragen. Filterprogramme sollen diese auslesen und (vermeintlich oder tatsächlich) jugendgefährdende Webseiten blockieren. Der Traum so mancher Jugendschützer sind dabei Filter direkt beim Provider, am besten standardmäßig aktiviert und nur auf Wunsch auf die Stufe „ab 18“ änderbar. Die „Kommission für Jugendmedienschutz“ (KJM) hat bereits mehrere Filterprogramme offiziell anerkannt, also quasi zugelassen. Doch welche Nebenwirkungen haben diese Filter? Wie funktionieren die Programme, und was machen sie? Der Vortrag zeigt anhand einer genauen Analyse, dass die Qualität der offiziellen „Jugendschutzprogramme“ unter aller Sau ist und sie noch einige weitere, bisher nicht bekannte Nebenwirkungen haben. Daneben zeigt der Vortrag noch den aktuellen Stand der Diskussion über den Jugendmedienschutzstaatsvertrag und was uns in dem Bereich noch alles blüht.
Speakers: Clémentine Maurice, Daniel Gruss "Insanity: doing the same thing over and over again and expecting different results." Albert Einstein - Who did not live long enough to see Rowhammer Recent studies have found that repeated accesses to DRAM rows can cause random bit flips, resulting in the so called Rowhammer vulnerability. We present Rowhammer.js, the first remote software-induced hardware-fault attack, from JavaScript. We also extend our presentation with an overview of cache side-channel attacks, that use the same technique to evict data from the cache. Last year, studies demonstrated Rowhammer, a fault attack that can cause random bit flips by repeatedly accessing DRAM rows. This vulnerability has already been exploited to gain root privileges and to evade a sandbox, showing the severity of faulting single bits for security. However, these exploits are written in native code and use special instructions that flush data from the cache. In this talk we present Rowhammer.js [1], a JavaScript-based implementation of the Rowhammer attack. After presenting the native attack, we underline the challenges we faced to trigger the vulnerability from JavaScript, without any special instruction. Beyond DRAM, this attack also requires a very fine understanding of CPU cache internals, that are largely undocumented. We detail our findings on these undocumented parts, and the different steps that led to the attack from JavaScript. We also give an outlook on possible exploits, including gaining root privileges from JavaScript and performing fault attacks on cryptography. In the last part, we extend our presentation with an overview of cache attacks, bridging the gap between hardware-fault attacks and side channels. In side-channel attacks, the attacker doesn't rely on a direct software compromise, but rather on passive observation of hardware characteristics when a victim process runs. In common with Rowhammer.js, these attacks use techniques to evict d
Speaker: Gregor Ruttner „Never ever say no, act your first thought and learn to love mistakes“ – these are the basic rules of improv theatre. I will show how this can be adopted for everyday life. Improvisational theatre (short „improv theatre“) has a long history but still follows the same basic framework: be open minded and not afraid of yourself and others. Keith Johnstone, the godfather of this genre, once said: „Good improvisers seem telepathic; everything looks pre-arranged. This is because they accept all offers made – which is something no ‘normal’ person would do.“ They can do so by learning that any mistake can be the origin of something great. This can also be seen as a hack of the traditional arts form theatre: Create something awesome out of something awful. The mantra behind is „if you fail, fail smartly“ or as we say in Austria G’scheitern. There will also be a workshop for those who want to try out some improv theatre methods.
Speakers: Trammell Hudson, Adelle Lin In this talk I'll show how to build an open source vector gaming system with MAME, a microcontroller and an XY monitor or oscilloscope. Relive the joys of playing vector video games from 1979 and enjoy some of the retro-styled vector games of 2015.
Speaker: Mahsa As Internet users increasingly connect to the Internet through smartphones, this has transformed Iran’s Internet ecology towards an increasing reliance and production in apps. In Iran, a country that practises some of the most stringent censorship and surveillance techniques in the world has seen this transformation reshape the way the government implements information controls online. While applications with popular usage on browsers such as Facebook and Twitter remain blocked through their mobile applications, platforms that predominantly exist in app form such as WhatsApp, Viber, and Instagram remain unblocked in the country. This talk will look at how the government is counteracting these policies through various means, including local imitation apps, and new programs such as ‘intelligent filtering’, and the Revolutionary Guards' “Spider” program. Additionally, a discussion of how Iranian Internet users use these platforms, especially in reference to digital security awareness and practices will be included.
Speaker: Roland Bracewell Shoemaker Let's Encrypt is a new free and automated certificate authority, that entered closed beta in October and has already issued a large number of valid certificates. This talk will provide a short overview of how the Let's Encrypt client and server software work, and explore statistics gathered during our closed beta and launch period. Let's Encrypt is a new certificate authority that is being launched by a collaboration between EFF, Mozilla, Cisco, Akamai, IdenTrust, and a team at the University of Michigan. It will issue certificates for free, using a new automated protocol called ACME for verification of domain control and issuance. This talk will describe the features of the CA and available clients at launch; discuss ongoing feature development in both the official server and client; and share statistics on the closed beta and launch periods, as well as looking at our place within the CA ecosystem post launch.
Speakers: Pedro Noel, Bethany Horne The Ecuadorian government received international visibility when in 2012 it agreed to grant Wikileaks founder Julian Assange political asylum and host him in Ecuador's London embassy. Ecuador has since been widely praised for standing up to the United States to defend the freedom of the press and freedom of expression. However, the reality is not consistent with this image Ecuador seeks to project. Journalists inside the country face oppressive laws, huge fines and lawsuits for reporting on government corruption. Digital and physical surveillance of journalists and activists is in fact getting worse. We will analyze some of the existing leaks that prove such activities. We will also give a first-hand account from someone who had to literally run away from Ecuador for publishing leaked materials proving illegal espionage against journalists and citizens. Is Ecuador really interested in free speech? We don't think so and we will tell you why. The talk will be divided as the following: 1. The lie: Wikileaks and free speech advocacy Analysis of current situation and recent past in an international scope. 2. The truth: Surveillance, oppressive laws and huge fees Analysis of recent cases of freedom of speech suppression in the country (lawsuits, fines, political pressure, surveillance). Analysis of already published leaks proving attacks on freedom of speech, expression and personal privacy. Analysis of government public discourse to legitimate such actions. 3. A new leak A new leak will be published during the talk: a secret document providing strong evidence that the government of Ecuador is not interested in free speech at all - or even freedom itself. Speakers: Bethany Horne grew up in Ecuador. She worked there for the state newspaper, El Telégrafo, and later for the Free/Libre Open Knowledge Society, a research group operating out of a state university to develop policy for the Ecuadori
Speaker: Nicolas Pouillard In this presentation I will present the experimental language Ling. We shall get an intuitive understanding of the language through familiar concepts from imperative programming. We shall cover how Ling enables a modular and precise control on memory allocation, through a general optimization called fusion. This optimization, fusion is a cost-free abstraction mechanism which brings high level programming to system programming. The design of Ling is the result of my researches in collaboration with Daniel Gustafsson and Nicolas Guenot at the IT-University of Copenhagen and also from the language Limestone by Jean-Philippe Bernardy and Víctor López Juan at the University of Chalmers. These two lines of research stand upon the longstanding research topics of process calculi (such as the π-calculus), term calculi (such as λ-calculus), Linear Logic, and dependent Type Theory (such as used in Coq and Agda to write proofs and programs). The research on the λ-calculus and Type Theory gave rise to a powerful family of languages including but not limited to: Haskell, OCaml, Coq, Idris, and Agda. The research on the π-calculus gave rise to a vast family of calculi for concurrency. However type systems for these languages took much longer to emerge and progress. For instance the main concurrent programming language in use today is still dynamically typed. This is changing as we understand better how to the use the formulae of Linear Logic as behavior types (or session types) for concurrent processes. Still the aim of this experimental language is to program systems precisely and modularly. The need for precision comes from the resource constraints such as memory, file handles and the need for modularity comes the desire to reduce programming mistakes by solving problems at the right abstraction level. Functional programming offers a pretty good framework for modularity. This modularity comes at a cost which is rather difficult to pre
Speaker: Netanel Rubin tl;dr EXPLOIT ALL THE PERL. AGAIN. After last year’s Perl crackdown, I decided I have to take the Perl abuse to the next level. This time I focused on Perl’s core, or more specifically, the referencing mechanism, and shattered the security of most Perl CGI projects in the world. With more WATs, more broken concepts, and more wildly popular 0-days, we will finally prove the Perl language is a broken concept, one that stood tall for way too many years. Presenting „The Perl Jam: Exploiting a 20 Year-old Vulnerability“ at 31c3 opened a Pandora’s Box full of Perl debates and controversies. Many of these debates originated from the Perl community itself, with unforgiving arguments such as „vulnerabilities are the developer’s fault“, „RTFM“ and „I really hate the Camel abuse in the presentation“ that were mostly directed at me. This is why I’m proud to say that this year I finally got the message: Finding vulnerabilities in core modules is not enough. I need to prove there are problems in the most fundamental aspects of the Perl language, or the Perl community will keep ignoring the language many issues. So I did, and we are going to analyze it in a presentation filled with lolz, WATs, and 0-days, so maybe this time something will change. Join me for a journey in which we will delve into more 0-days in Bugzilla, an RCE on everyone who follows CGI.pm documentation, and precious WTF moments with basically any other CGI module in the world, including (but not limited to) Mojolicious, Catalyst and PSGI, affecting almost every Perl based CGI application in existence. I hope this talk will finally prove that developers are NOT the fault here, it’s the LANGUAGE, and its anti-intuitive, fail-prone ‚TMTOWTDI‘ syntax. btw, maybe it’s time to check your $$references ;)
Speaker: Christian Schaffner I will entertain the audience with a science talk about quantum cryptography, covering both some classics (Quantum Key Distribution) and the latest developments (position-based quantum cryptography) in this fascinating research field. [No previous knowledge of quantum mechanics is required to follow the talk.] The most well-known application of quantum cryptography is Quantum Key Distribution (QKD) which was invented in 1984 by Bennett and Brassard. QKD allows two players Alice and Bob to securely communicate over an insecure line which is overheard by an eavesdropper Eve. Security can be proven in an information-theoretic sense against an unrestricted Eve. Such a high level of security is impossible to achieve with classical communication. In the first part of the talk, I will introduce some basic concepts of quantum information theory in order to understand and appreciate the security of QKD. However, quantum cryptography offers a wide range of other applications that go beyond the task of key distribution. For instance, the goal of “position-based cryptography” is to use a player’s physical position as cryptographic credential. The combination of relativistic constraints (assuring that information cannot travel faster than the speed of light) and quantum mechanical effects (such as the impossibility to perfectly copy a quantum state) enables entirely new cryptographic applications like sending a message in such a way that it can only be read at a particular geographic position. In the second part, I will introduce you to this intriguing new branch of quantum cryptography.
Speakers: agonarch, @fraufeli Kommentierendes im Internet ist neuerdings bedroht. Der unflätige Kommentierer hat den Pedonazi als Schrecken des Netzes abgelöst, als Strohmann für mehr Kontrolle über das Netz kann er auf breitere Gefolgschaft rechnen. Es “muss etwas geschehen” gegen den “Hass im Netz”, “Putintrolle” und Wutnetzbürger. Twitter, Mark Zuckerberg, Politiker, alle sollen mehr tun - aber was denn eigentlich, mehr Zensur und Moderation, andere Ausgestaltungen von Kommentarsystemen? “The commenters don’t read the article, the writers don’t read the comments, and no one clicks on the ads.”, @ftrain 20 April 2012 Viele klassische Zeitungen geben auf, schränken ihre Kommentarbereiche online wieder ein oder schließen sie ganz. Die Süddeutsche beschränkt Kommentare auf drei Themen/Tag, Spiegel Online und FAZ fahren Kommentarmöglichkeiten zurück. Woher kommt die Schlacke im einst so ersehnten "Rückkanal"? Fördern die Artikel selbst eine Tendenz zu Ressentiments? Selbst bei Watchbloggern klassischer Medien wie Niggemeier ist der Ton im Kommentarbereich sauer geworden. Spreeblick färbt neuerdings Unerwünschtes weiß. Kommentarverdrossene Medienschaffende, Blogger und Fernsehjournalisten richten offene Briefe und Videobotschaften an ihr Publikum. Politische Verantwortungsträger fordern unisono Schritte gegen “die Hetze” und “den Hass” im Neuland des Internets und bei Facebook, gemeint sind fast immer Online-Kommentare im eristischen Geiste. Was hat sich in den letzten Jahren verändert? Werden wir wirklich soeben vom Hass überrollt? Welche Rolle spielt die technische Realisierung von Kommentarsystemen? Warum klaffen Moderationspraxis und “Community Guidelines” auseinander? @fraufeli hat jahrelange Erfahrungen als Social Media Gärtnerin in den Kommentarspalten von Nachrichtenportalen und kennt sich mit Krauts und Unkrauts aus. Sie versteigt sich zu der These, dass es eigentlich keine Kommunikation mehr im
Speakers: Yann.A, Julien MOINARD, Gwénolé Audic It is clear that something is needed to help the security community to evaluate, audit and control the security level of hardware products. Hardsploit is a complete tool box (hardware & software), a framework which aims to: - Facilitate the audit of electronic systems for industry 'security' workers (consultants, auditors, pentesters, product designers, etc.) - Increase the level of security (and trust !) of new products designed by the industry Hardsploit is an all-in-one hardware pentesting tool with software and electronic aspects. It's a technical and modular platform (using FPGA) to perform security tests by using electronic communication bus. The main hardware security audit functions are: - Sniffer - Interact - Dump Hardsploit's modules will let users intercept, replay and / or send data via each type of electronic bus used by the target. The level of interaction that pentesters will have depends on the targeted bus features. Hardsploit's modules also enable you to analyze electronic bus (serial and parallel types) like JTAG, SPI, I2C's, parallel addresses and more will come ! We also provide a graphical interface to manage your components and their commands. A wiring helper module is available too. It will help you connect easily your target to Hardsploit. Our ambition is to provide a tool equivalent to those offered by the company Qualys or the Metasploit Framework but in the domain of embedded systems/electronics.
Speakers: J. Alex Halderman, Nadia Heninger Earlier this year, we discovered that Diffie-Hellman key exchange – cornerstone of modern cryptography – is less secure in practice than the security community believed. In this talk, we’ll explain how the NSA is likely exploiting this weakness to allow it to decrypt connections to at least 20% of HTTPS websites, 25% of SSH servers, and 66% of IPsec VPNs. Unlike the NSA, most of us don’t have a billion-dollar budget, but thanks to 1990s-era U.S. crypto backdoors, even attackers with much more modest resources can break the crypto for a sizable fraction of web sites. We’ll explain these flaws and how to defend yourself, and we’ll demonstrate how you too can experiment with Diffie-Hellman cryptanalysis from the comfort of your local hacker space. Diffie-Hellman key exchange lets two parties negotiate a shared secret key in the presence of an eavesdropper who can see every message they exchange. This bit of cryptographic magic underlies the security of the Internet, from TLS to SSH, IPsec, Tor, OTR, and beyond. Diffie-Hellman is widely believed to offer „perfect forward secrecy“ – after you’re done communicating, you can „forget" your secret key and not even the NSA can later reconstruct it. In recent years, this property led to the security community (us included!) promoting Diffie-Hellman over other crypto techniques as a defense against mass surveillance. We were wrong. We’re really sorry. In this talk, we’ll explain how a confluence of number theory, lazy implementations, and aging protocols has created a world where anyone willing to spend a few hundred million dollars is likely able to passively decrypt a huge fraction of Internet traffic. We’ll then go back for a close reading of the Snowden documents that were published at 31C3 and show how such a cryptanalytic exploit lines up exactly with several of the NSA’s most powerful known decryption capabili
Speakers: Dongkwan, Hongil Kim Newly adopted VoLTE requires changes in all associated parties, such as 3GPP standard, device, operating system, and cellular core networks. Therefore, it is not too surprising that it has security problems. However, it turns out that it has way too many problems. In this talk, we introduce how you can freely send data in the cellular network, and how an attacker can perform caller spoofing and denial of service attacks on calls to disable the target’s calling. Furthermore, we explain how small implementation glitch on VoLTE may lead to break the whole cellular network down. Voice-over-LTE (VoLTE) is a newly adopted voice technology in the LTE network, whose functionality is similar to VoIP. Even though VoLTE works similar to VoIP, implementing it on the cellular network is not an easy problem because it needs many changes at each component of LTE. If these changes are not securely considered, this may lead to several security problems. In the legacy 3G network, as data and voice are separate, the accounting policies are also different: data is charged based on byte usage, and voice, on time usage. However, in VoLTE, even though voice is delivered as a packet, it is still charged by time usage. Therefore, this strange accounting policy might open free data channels. Another point is that voice signaling for VoLTE is not handled as in the legacy 3G network. Basically, a phone has two processors: an application processor (AP) which runs mobile OSes such as Android and a communication processor (CP) which manages digital signal processing and radio access. In 3G, voice signaling is handled in CP which makes an attacker hard to manipulate it. However, in VoLTE, because voice signaling is handled in AP, an attacker can easily analyze or modify the call flow. Furthermore, this new change can cause problems to the mobile OS. To scrutinize these two points, we analyzed 5 operators, two in the U.S and three in South Korea. As
Speaker: Rink Springer When an online game no longer captivates interest, what do you do? Grind on the network protocol, of course! How does it work, is it secure - and, how can you still get away while doing this? Online games are hardly new, but their inner workings are rarely (if ever) documented. This needs to change: if it runs on my computer and uses my network I want to know what's going on! This talk starts by analysing the network protocol of the Runes of Magic game, and continues by introducing specific tools to aid this process and the steps taken to come up with such tools. Continuing with a demonstration to whet your appetite: we will show how much fun it is to do this kind of work, and finally some advice on the legal side of things. All custom tools and methods described are not specific to a game per se, however using custom tools will greatly improve your reversing experience. They aren't even specific to games, the same techniques can be used to analyse about any network protocol.
Speaker: Steini Unsere Welt ist nach allem was wir heute wissen im kleinsten Massstab völlig bizarr aufgebaut und im grössten also im kosmologischen Massstab besteht sie ziemlich genau aus nichts. Wie hängt das zusammen und was hat das mit dunkler Materie und dunkler Energie zu tun und was zum Geier ist eigentlich die "spukhafte Fernwirkung" von der Einstein damals sprach und warum hat bis heute keiner so recht verstanden wie das alles zusammenpasst? Hast du schon mal davon gehört, dass die Quantenphysik irgendwie schräg ist, hast dich da aber noch nicht ran getraut, obwohl du das gerne besser verstehen wollen würdest? Denkst du manchmal drüber nach, wie zum Geier das komplette Universum mit allen Sternen und Planeten ganz früher mal in einen Tischtennisball oder sogar noch was kleineres gepasst haben soll? Hast du schon mal davon gehört, dass ein Proton angeblich aus drei Quarks besteht und denkst, "jaja, ihr könnt mir viel erzählen". Und klinkt sich dein Vorstellungsvermögen aus, wenn du versuchst dir so was wie ein "schwarzes Loch" vorzustellen, das unendlich klein sein soll und dabei unendlich schwer? Dann bist du hier genau richtig. Ich will dir ohne wesentliche Vorkenntnisse vorauszusetzen im Grossen und Ganzen den Zusammenhang näher bringen, deine Faszination für das Thema wecken oder füttern und dir Mut machen, dich weiter damit zu beschäftigen. Du darfst hier Fragen stellen, dich wundern, zweifeln und irritiert sein. Wenn du an Quantenheilung, Vortex Atome und holistische Quanten-Kinesiologie glaubst, dann bist du herzlich willkommen um zu lernen, dass das mit Quantenphysik nichts, aber auch wirklich gar nichts zu tun hat, aber sei bitte nicht enttäuscht, wenn ich auf diese Themen nicht eingehe. Eine Stunde ist viel zu Kurz um zusätzlich eine Einführung in die Prinzipien der Wissenschaft zu halten. Wenn du aber schon mal die Schrödingergleichung hergeleitet hast oder gerne über die Vorteile der M-Theorie gegenüber der Super-St
Speakers: Sec, schneider Listening to satellites and decoding is fun. We show interesting stuff we found, and how you can get into it. The Iridium satellite system provides voice and data coverage to satellite phones, pagers and integrated transceivers over Earth's entire surface. It was built by Motorola over 15 years ago, and parts of it remain unchanged to this day. Last year we showed how to decode the unidirectional pager messages. Since then we can share our better understanding of some of the protocol but also show listening to the SMS-like bidirectional SBD communication channel.
Speaker: Nick Sullivan Legend has it, the first iteration of the Secure Sockets Layer (SSL) protocol was broken in ten minutes by Phillip Hallam-Baker and Alan Schiffman during a presentation by Marc Andreesen at MIT in 1994. In the following two decades the protocol has been improved and the implementations have been strengthened, but not without a steady stream of implementation vulnerabilities and protocol design errors. From the ciphersuite rollback attack to LogJam, SSL/TLS has seen a diverse set of problems. In this talk we’ll discuss the pitfalls in designing and implementing a cryptographic protocol and lessons learned from TLS up to version 1.2. Legend has it, the first iteration of the Secure Sockets Layer (SSL) protocol was broken in ten minutes by Phillip Hallam-Baker and Alan Schiffman during a presentation by Marc Andreesen at MIT in 1994. In the following two decades the protocol has been improved and the implementations have been strengthened, but not without a steady stream of implementation vulnerabilities and protocol design errors. From the ciphersuite rollback attack to LogJam, SSL/TLS has seen a diverse set of problems. From the HMAC-then-Encrypt vs Encrypt-then-HMAC debate to the preference for Cipher Block Chaining (CBC) modes, the 90s was an innocent time in secure protocol design. Daniel Bleichenbacher had not yet started his assault on RSA and the types of side-channel attacks that enabled BEAST and POODLE had not yet been discovered. Over the next two decades, not only were weaknesses revealed in the protocol, but implementation flaws were found in even the most widely deployed SSL/TLS libraries. By following the security-relevant changes in SSL/TLS over the years we can paint a picture of the hard lessons learned by the cryptographic community over the history of this protocol all and how we can prevent ourselves from repeating the mistakes of the past.
Speakers: Marie Moe, Eireann Leverett Gradually we are all becoming more and more dependent on machines, we will be able to live longer with an increased quality of life due to machines integrated into our body. However, our dependence on technology grows faster than our ability to secure it, and a security failure of a medical device can have fatal consequences. This talk is about Marie's personal experience with being the host of a vulnerable medical implant, and how this has forced her to become a human part of the "Internet-of-Things". Marie's life depends on the functioning of a medical device, a pacemaker that generates each and every beat of her heart. This computer inside of her may fail due to hardware and software issues, due to misconfigurations or network-connectivity. Yes, you read that correctly. The pacemaker has a wireless interface for remote monitoring forcing the patient to become a human part of the Internet-of-Things. As a security-professional Marie is worried about her heart's attack surface. How can she trust the machine inside her body, when it is running on proprietary code and there is no transparency? This is why she went shopping on eBay to acquire medical devices that can communicate with her pacemaker, and started a hacking project together with her friend Éireann. This talk will be focused on the problem that we have these life critical devices with vulnerabilities that can't easily be patched without performing surgery on patients, Marie's personal experience with being the host of such a device, and how the hacker community can proceed to work with the vendors to secure the devices.
Speaker: Jasper Bongertz Sanitizing and anonymizing PCAP or PCAPng files is often necessary to be able to share information about attack vectors, security problems or incidents in general. While it may seem simple to replace IP addresses or ports there are still quite a number of network packet details that are hard to replace. This technical talk will shed a light on where those troublemakers are encountered and how to get around them. When sanitizing/anonymizing PCAPs (or the newer, better, but also much more complex PCAPng network capture file format) there are a ton of problems to run into: Replacement need to be consistent, Checksums need to be recalculated sometimes but now always, and IPv6 has dependencies to MAC addresses that need to be considered as well. Additionally, protocols may be stacked on top of each other, tunneling IPv4 over IPv4 or IPv6 over IPv4, adding complexity to the replacement process. And finally, sanitizing TCP payloads is a certifiable nightmare because you never quite know what you're looking at, and the data segments may require reassembly/unpacking before you can do anything. It's easy to break sequence numbers, unless every replacement is exactly the same size as the original value. This talk will take a closer look at some of the typical problems that come up when sanitizing/anonymizing network packet captures, and at tools that can help with getting reasonable results.
Speakers: Fefe, frank Wir helfen euch, die Fnords zu sehen, wenn nach einem klaren Fall von Selbstmord der Zensor pinkeln war und die Stahlbälle den maximalen Realitätsabstand eingenommen haben. Ein munterer Rückblick auf das Jahr mit Würdigung der groteskesten Geschehnisse zwecks Neukalibrierung des Bizarrometers.
Speakers: Nicolas Wöhrl, @ReinhardRemfort Nicolas Wöhrl und Reinhard Remfort sprechen über interessante aktuelle Forschung, Experimente und ihren wissenschaftlichen Alltag an einer deutschen Hochschule. Fachübergreifend, abwechslungsreich, unstrukturiert, hoffnungslos subjektiv und immer garantiert methodisch inkorrekt. Eigentlich ein Podcast der alle 14 Tage erscheint. Nach dem großen Erfolg auf dem Kongress im letzten Jahr wird diesmal eine noch größere Show abgezogen: Experimente die mal interessant, mal fragwürdig sind. Wissenschaftler die mal belehrend und mal unzurechnungsfähig sind. Wissenschaftliche Studien die mal nobelpreisverdächtig und mal zweifelhaft sind. Wissenschaft auf der Showbühne. It works, bitches!
Speaker: Martin Haase/maha, Kai Biermann In der politischen Rede sind immer wieder Floskeln zu beobachten, zum Teil gibt es Moden, wie im Zusammenhang mit dem so genannten No-Spy-Abkommen, wo Handlungen wiederholt mit „bestem Wissen und Gewissen“ gerechtfertigt wurden. Auch das „volle/vollste Vertrauen“ der Kanzlerin ist auffällig. Der Vortrag vertritt die Hypothese, dass solche Phrasen nicht zufällig sind, dass sie eine Funktion besitzen. Es wird erläutert, was mit ihnen erreicht werden soll. Es wird außerdem der Frage nachgegangen, wie Floskeln sich durch häufigen Gebrauch in ihrer Bedeutung verändern bzw. verselbständigen und gegen den Sprecher wenden können. In diesem Vortrag werden eine Reihe von Floskeln untersucht, die in politischer Rede vorkommen und sich in jüngerer Zeit besonderer Beliebtheit erfreuen. Es wird erörtert, was die Floskeln eigentlich bedeuten, wie und zu welchem Zweck sie verwendet werden und welche besondere Dynamik bei häufigem Gebrauch entstehen kann, insbesondere wenn sich die Floskeln verselbständigen. Es werden eine Reihe von Politikerzitaten zu aktuellen Themen analysiert: selbstverständlich geht es um die Vorratsdatenspeicherung und ihre auch sprachlich zweifelhaften Begründungen, um den "Kampf gegen den Terror" und um die Landesverratsaffäre.
Speaker: Matthew Garrett In 2011, Joanna Rutkowska unveiled an easy-to-use tool for mitigating many attacks on system boot chains by using the TPM - the Anti Evil Maid. Unfortunately the implementation was difficult to incorporate into normal system boot in a secure manner - anybody able to observe a user could recreate the secret. This presentation describes a method to allow systems to prove their identity to the user without making it trivial for attackers to mimic a secure boot and extract secrets from the user, and why the state of modern hardware means this may still not be enough. A correctly implemented Trusted Boot solution makes it possible for systems to prove to other systems that they have booted with the expected boot chain. The Anti Evil Maid technique took advantage of this to encrypt a secret with the TPM in such a way that a system whose firmware or bootloader had been compromised would no longer be able to decrypt that secret. Unfortunately, the use of a static secret makes it easier for an attacker to mimic a good boot - as a result, a sufficiently motivated attacker could circumvent Anti Evil Maid and convince the user that a compromised system was in a good state. This presentation describes the use of shared trust between the system and another device, making it significantly more difficult for an attacker to mimic a trusted boot. It includes a description of the implementation of Trusted Boot support in Free operating systems on modern UEFI systems, how this can be tied into sharing trust between multiple devices and the limitations that may still permit state-level actors to compromise these techniques.
Speaker: Andrei Costin Embedded systems are omnipresent in our everyday life and are becoming increasingly present in many computing and networked environments. For example, they are at the core of various Common-Off-The-Shelf (COTS) devices such as printers, video surveillance systems, home routers and virtually anything we informally call electronics. The emerging phenomenon of the Internet-of-Things (IoT) will make them even more widespread and interconnected. Cisco famously predicted that there will be 50 billion connected embedded devices by 2020. Given those estimations, the heterogeneity of technology and application fields, and the current threat landscape, the security of all those devices becomes of paramount importance. In addition to this, manual security analysis does not scale. Therefore, novel, scalable and automated approaches are needed. In this talk, we present several methods that make *the large scale security analyses of embedded devices* a feasible task. We implemented those techniques in a scalable framework that we tested on real world data. First, we collected a large number of firmware images from Internet repositories and then performed simple static analysis. Second, since embedded devices often expose web interfaces for remote administration, therefore we developed techniques for large scale static and dynamic analysis of such interfaces. Finally, identifying and classifying the firmware files, as well as fingerprinting and identifying embedded devices is difficult, especially at large scale. Using these techniques, we were able to discover a large number of new vulnerabilities in dozens of firmware packages, affecting a great variety of vendors and device classes. We were also able to achieve high accuracy in fingerprinting and classification of both firmware images and live devices. This material is both important and innovative because it addresses the
Speaker: obelix How can be 3d printing a dual use technology? Print more things, produce less waste, save money! Each day 3D printers become cheaper and the internet gets filled with 3d files to print. With every 3d printer running the need for plastics and therefore the amount of waste produced (either through failed prints or normal end of life of the print) will grow. Even if there are things you won't need to buy anymore and the additional waste is compensated here, the reality shows that failed prints can't be ignored, 3d printers are used to print a lot of nonsense things (e.g. internet memes) and the lifetime of these prints is often below commercial grade products. In this talk i'll present the difficulties in recycling plastic as well as the progresses or fails i've made. How easy is it to recycle 3d prints or other wast in order print it again? How often can this process be repeated? Does it save money? Do the new prints look good? As a special feature i'll try to collect some waste from the audience at the beginning of the talk and recycle it live on stage! About me: i'm 25 years old and use 3d printers since several years and run 9 3d printers at this time. With so many printers, the amount of waste gets at a point where it feels like i would waste a lot of money and increase the negative environmental impact if i don't recycle the fails and unused prints. I brought several printers to events like 30-31C3, GPN13-14-15 or the CCCamp15 (you may remeber me as obelix, the guy with the tent full of 3d printers).
Speakers: Roger, David Goulet, asn We'll update you on what's going on with Tor onion services, aka Tor hidden services. In the past, onion services were mostly run by people who wanted to set up a website that somebody else wanted to shut down. Increasingly, people are recognizing that onion services are much more broadly useful: they are about providing more security to users, not hiding websites. Over the last year or so, Facebook set up an onion service to let their users reach Facebook more securely, the IETF officially designated '.onion' as a reserved domain, we've been talking to the "Let's Encrypt" folks about giving an onion address to every website, some neat new apps are coming out that use onion services (like decentralized chat), and more. We also have some actual stats on hidden services: https://blog.torproject.org/blog/some-statistics-about-onions At the same time, we've been working on next-generation onion services. We'll explain why they greatly improve both security and scalability.
Speaker: Joscha Computational theories of the mind seem to be ideally suited to explain rationality. But how can computations be subverted by meaning, emotion and love? Minds are computational systems that are realized by causal functionality provided by their computational substrate (such as nervous systems). Their primary purpose is the discovery and exploitation of structure in an entropic environment, but they are capable to something much more sinister, too: they give rise to meaning. Minds are the solution to a control problem: in our case, this problem amounts to navigating a social primate through a complex open environment in an attempt to stave off entropy long enough to serve evolutionary imperatives. Minds are capable of second-order control: they create representational structures that serve as a model of their environment. And minds are capable or rationality: they can learn how to build models that are entirely independent of their subjective benefit for the individual. Because we are the product of an evolutionary process, our minds are constrained by powerful safeguards against becoming fully rational in the way we construct these models: our motivational system can not only support our thinking and decision making to optimize individual rewards, but censor and distort our understanding to make us conform to social and evolutionary rewards. This opens a security hole for mind-viruses: statebuilding systems of beliefs that manage to copy themselves across populations and create causal preconditions to serve neither individuals nor societies, but primarily themselves. I will introduce a computational model of belief attractors that can help us to explain how our minds can become colonized and governed by irrational beliefs that co-evolve with social institutions. This talk is part of a series of insights on how to use the epistemology of Artificial Intelligence to understand the nature of our minds.
Speakers: gedsic, bigalex Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick! To get involved and learn more about what is happening please visit the Lightning Talks Wikipage.
Speaker: Christoph Engemann The military use of Drones has profoundly changed warfare and is a central aspect of the globalized war on terror. The public debate including the respective talks at prior CCCs is dominated by questions of the ethical and juridical aspects of Drone use. This talk tries to shift the focus towards the enabling dimensions of Drone warfare. Using source material from public documents of academia, the US-military as well as from the Snowden publications I will show that Social Graphs and graph-analysis are central for the War on Terror. In this context Drones have at least two functions: 1. they act as data-gatheres, collecting visual and SIGINT (phone) data necessary for graph-generation and -updates. 2. they are deployed to shape Social Graphs: that is destroy particular nodes with kinetic means where the kill decision are made on the basis of graph analysis. I will show that there is a rich academic literature on graph analysis of terror networks revealing an ongoing debate about algorithms able to inform such decisions. On this basis I will argue that in the War on Terror Drones and Social-Graphs need to be understood as interdependent systems and that the debate needs to be informed by a deeper understanding of the history and current state of graph-analysis. The talk will conclude with questions regarding the strategic and geopolitical role of Social Graphs.
Speakers: Roger, Jacob, Mike Perry, Shari Steele, Alison Macrina Major changes are underway in the Tor Project, the Tor Network, and the Tor community. We want to tell you details and introduce the growing Tor community to the larger world. The State of the Onion covers technical, social, economic, political, and cultural issues pertaining to anonymity, the Tor Project, and the ecosystem surrounding our communities. Important topics include the following issues: - Our new mission statement and code of conduct - An introduction to our „Vegas Plan“ - Introducing a huge set of developers and users working on enabling your anonymity - An overview of the kinds of projects and groups involved with Tor - A summary and fact checking of important media coverage - A history lesson about the Tor network
Speaker: Zakir Durumeric Is your email being sent in the clear? While PGP and S/MIME provide end-to-end encrypted mail, most users have yet to adopt these practices, and for users who have, these tools leave metadata, such as the subject, sender, and recipient, visible everywhere along a message’s path. SMTP—the ubiquitous mail transport protocol—has evolved over the years to add encryption and authentication, both of which take place behind the scenes and help guard against surveillance and spam. While these features are being increasingly deployed, our research shows that they are almost always configured in vulnerable ways—the details of which are hidden from the users sending and receiving mail. Even more disturbingly, these vulnerabilities are being widely exploited in the wild: in seven countries, more than 20% of inbound Gmail messages are downgraded to cleartext by network-based attacks. In the most severe case, 96% of messages sent from Tunisia to Gmail are downgraded to cleartext. In this talk, I’ll introduce the commonly used SMTP security extensions—including STARTTLS, SPF, DKIM, and DMARC—and describe the current state of mail security on the Internet. I'll describe several commonly occurring attacks our recent research has found and discuss how mail operators can configure their servers to secure email transport. Finally, I'll discuss several weaknesses in the protocols we're using and recent proposals for helping secure email transport. Email carries some of our most sensitive communication, including private correspondence, financial details, and password recovery confirmations. We expect that messages are private and, in many cases, unforgeable. However, SMTP—the protocol responsible for relaying messages between mail servers—did not originally authenticate senders or encrypt mail in transit. Instead, servers support these features through SMTP extensions. Adopting these features is entirely voluntary and they have only bee
Speakers: leomagnet, Markus Zimmermann The Fluxus movement came about in the early 1960ies and the talk will discuss its strenghts, dead-ends and promises for the creation of works and community in our digital environment. International, transdisciplinary, non-institutional, anti-art and playful. After several years of research and new art productions, Leo Findeisen and Markus Zimmermann will present their findings. Historical points of interest will deal with Erik Satie, Marcel Duchamp and John Cage and their pioneering works of easy listening, the new instrumentalisation of taste and boredom as well as the enhancement of the notion of art via the application of musical scores to daily actions. These lines are followed up in classical Fluxus works and the audience will get to see pieces by Nam Jun Paik, Alison Knowles, Robert Filliou, Ay O, Something Else Press a.o. Later influences in Germany are presented in anecdotes of Wau Holland & Joseph Beuys, foebud or thing.net. The vital Fluxus scenes of the 1970ies behind the Iron Curtain are hardly known and will also be presented using recent books. Contemporary candidates include Mediengruppe Bitnik!, speed-shows of Aram Bartholl, the Balcony manifesto by Constant Dullaart a.o., the "Internet Black-Out" by LaQuadrature.net; some "Scores" (Handlungsanleitungen) will be tried out live and their function "The 12 Ideas of Fluxus" (2002) will be discussed. In applying methods of cultural anthropology and Actor-Network-Theory, we will also compare Fluxus ideas and Fluxus ideals with the tools, methods and goals of online-Communities and the OpenSource-approach in general. The poster attached (2011) has been our research manifesto, it features visuals of and explanations about the Icelandic Modern Media Initiative, XKCD, Yoko Ono, Joseph Beuys, the Google Custom Placemark, Nam Jun Paiks "TV-Chello" and who is playing it as well as George Maciunas, the "impressario" of Fluxus. "Fluxus cannot save the world."
Speaker: Andreas Dewes Algorithms and „big data“ penetrate many aspects of our lives today. In the future, data collection and analysis will be even more ubiquitous and permeate our lives from morning to night. Many people (well, mostly business people) welcome this new era of data analysis and the associated vision of an „intelligent planet“. Not so many people seem to be concerned about the other side of the coin though, which is an ever-growing influence of algorithms on our personal life and the accompanying shift of decision power from humans to machines. In as little as 10 years, algorithms might decide if you get a new job – or if you get fired from your current one –, how much you will pay for your health insurance, whether you will be allowed to travel to a given country and who you will marry. So it’s time to say hi to your new boss: the algorithm. Often people talk either about the consequences of a data-driven society, or about the technological aspects of it, but rarely about the two together. With my talk I want to change that by discussing concrete technologies and algorithms that are used in data analysis today, together with their societal and political implications. I will show how algorithms can be trained to be racist, misogynic and plenty of other things, and that this actually happens in practice if no care is taken to avoid it. Finally, I will discuss various approaches to solve this dilemma, both technological and political. Outline: * Introduction to „big data“ and data analysis, * Parts of our lives that are already under algorithmic control, * Parts of our lives that soon will be under algorithmic control, * Example use case of algorithms in data science, * How machine learning can discriminate against certain groups of people, * Example algorithm: Classifying people in good and bad customers, * How the bias comes about: Algorithm-based discrimination, * How we can fix these problems. * Outl
Speaker: Fefe After defensive programming techniques and before attack method mitigations, the least privilege principle is our strongest weapon against exploitation. Much of the focus has been on how the admin can sandbox processes away. A recent development is the idea that the process itself can „sandbox itself away“. This talk explores how that works in practice and is aimed at interested programmers. This talk will mostly focus on seccomp-filter and namespaces on Linux, but it will also talk about capsicum (FreeBSD) and tame (OpenBSD), and old-school methods like ptrace and chroot, and cover capabilities. Also maybe a bit about systrace/selinux style approaches where the admin sets the profile from the outside, and why I chose to focus on letting the app sandbox itself instead.
Speaker: Bernd Lehmann This talk is about Vehicle2Vehicle (V2V) communication in Europe and in the U.S. Next to the introduction of some requirements for V2V communication, the basic approaches of V2V communication based on IEEE 802.11p are presented. This includes an introduction to communication stack, concepts of message dissemination, message contents, privacy & security issues and an outlook to further developments. Modern vehicles have several advanced driver assistant systems (ADASs). This is the beginning of the full automation of the driving task. Vehicle manufacturers already showed first fully automated prototypes but a lot of challenges have to be addressed until such systems will be commercially available. One challenge is to provide the necessary information for the self-driving vehicle to make the right driving decisions. V2V communication is one possible technology to provide this information. The proposed talk is an introduction to the state of the art of V2V communication based on IEEE 802.11p. This talk is a technical introduction to Vehicle2Vehicle communication. It will introduce the basic concepts of V2V technology and provides references to documents of the standardization. The talk will consist of the following parts: Motivation: The talk starts by describing the scope and possible applications of V2V communication focusing on the use-case of the “Electronic Emergency Break Light”. What is more, V2V communication will be compared to traditional on-board sensors like Lidar or Radar. Basic concepts: The state of the art concepts of V2V communication based on IEEE 802.11p and its differences compared to consumer WiFi will be discussed in this section. Furthermore, the existing concepts and standards developed in both Europe and the U.S. will be compared, with a special focus on the differences between the two approaches. In summary, the following questions will be addressed: • What are the approaches for V2V communicat
Speaker: Ben H. DGAs (Domain Generation Algorithms) have become a trusty fallback mechanism for malware that’s a headache to deal with, but they have one big drawback – they draw a lot of attention to themselves with their many DNS request for gibberish domains. When basic entropy-based Machine Learning methods rose to the challenge of automatically detecting DGAs, DGAs responded by subtly changing their output to be /just/ plausible enough to fool those methods. In this talk we’ll harness the might of the English dictionary, cut corners to achieve sane running times for insane computations, and use fancy Machine Learning® methods – all in order to build a classifier with a higher standard for gibberish plausibility. In recent years, there has been a rising trend in malware’s use of Domain Generation Algorithms (DGAs) as a fallback mechanism in case the campaign is shut down at the DNS level. DGAs are a headache to deal with, but they have one big drawback – they make a lot of noise. To be more precise, they generate a very large amount of DNS requests for domains, and the domains are often complete gibberish. This situation looks ripe to be exploited with your favorite Cyber™ Machine Learning® Big Data© solution; and indeed, advances were made by basic language processing methods that could detect and stop the outright complete gibberish. These worked well, until DGAs mutated, and started producing more reasonable gibberish. A milestone in this regard was the introduction of KWYJIBO, a DGA that generates gibberish where every other letter is a vowel (e. g. „garolimoja“), which stumps the old methods completely. How do you thwart KWYJIBO and other DGAs of its sophistication? How do you look for meaninglessness in string-space? In this talk we’ll harness the might of the English dictionary; cheat mathematics to cut running times from impossible to reasonable; and demonstrate a fancy Cyber™ Machine Learning® Big Data© tool bas
Speaker: Max Schrems Introduction and consequences of the CJEU's "Safe Harbor" ruling, to invalidate the EU-US data sharing deal in the light of the revelations over US surveillance by Edward Snowden. In a landmark ruling the Court of Justice of the European Union (CJEU) has declared the "Safe Harbor" data sharing system between the EU and the US invalid over NSA surveillance, disclosed by Edward Snowden. The CJEU has for the first time ruled that "mass surveillance" as in the US violated the "essence" of Art 7 and 47 of the EU Charter of Fundamental Rights. The ruling has major implications for global data flows as more than 4.000 US companies used "Safe Harbor" as their legal basis for EU-US data transfers - including large providers like Google, Apple, Microsoft, Facebook or Yahoo. In addition the ruling could also be relevant case law for similar forms of "mass surveillance" by EU member states. In addition to explaining the legal situation [and a couple of insiders], the following questions should be answered: - What are possible legal solutions for global services? - What are possible technical solutions for global services? - What are ways forward to enforce fundamental rights in the digital sphere?
Speakers: CAGE, Cerie Bullivant CAGE exists to highlight abuses of the War on Terror. It has uncovered many secrets of governments that they would like to remain secret, and is now one of the most targeted organisations in the UK. Hear how the state attempts to suppress dissent, and yet we manage to speak out. The War on Terror is the primary justification used to invest ever-increasing powers to the security state. It is the reason why states have been able to amass the powers to conduct mass surveillance of millions of law-abiding citizens. The surveillance state continues to expand. CAGE was formed to highlight the abuses of the War on Terror after the creation of Guantanamo Bay prison. It has uncovered the existence of secret detention sites across the globe, revealed the involvement of Western intelligence agencies in rendition and torture and has campaigned courageously on behalf of prisoners that have been tortured and held without detention and trial for years. Our work has been underpinned by an unshakable commitment to the principles of due process and the rule of law. Today, CAGE is leading the charge against one of the most draconian and intrusive Government policies that has ever been devised – PREVENT. We are representatives of the ‘suspect community’ of our times. As a result of our challenging yet rational, evidence-based and measured contributions, our organisation has become one of the most targeted in the UK. Our bank accounts have been frozen, one of our directors has been arrested, our funders have been pressured, our homes & vehicles have been bugged... We’re constantly attempting to secure our communications and environments just to continue our work. From new encryption methods to Faraday bags. The Security State is trying to marginalise each of us. But we are taking on the security state together and citizens are being empowered. There are many that agree with us and recognise what is to come...
Speaker: Aylin Last year I presented research showing how to de-anonymize programmers based on their coding style. This is of immediate concern to open source software developers who would like to remain anonymous. On the other hand, being able to de-anonymize programmers can help in forensic investigations, or in resolving plagiarism claims or copyright disputes. I will report on our new research findings in the past year. We were able to increase the scale and accuracy of our methods dramatically and can now handle 1,600 programmers, reaching 94% de-anonymization accuracy. In ongoing research, we are tackling the much harder problem of de-anonymizing programmers from binaries of compiled code. This can help identify the author of a suspicious executable file and can potentially aid malware forensics. We demonstrate the efficacy of our techniques using a dataset collected from GitHub. It is possible to identify individuals by de-anonymizing different types of large datasets. Once individuals are de-anonymized, different types of personal details can be detected from data that belong to them. Furthermore, their identities across different platforms can be linked. This is possible through utilizing machine learning methods that represent human data with a numeric vector that consists of features. Then a classifier is used to learn the patterns of each individual, to classify a previously unseen feature vector. Tor users, social networks, underground cyber forums, the Netflix dataset have been de-anonymized in the past five years. Advances in machine learning and the improvements in computational power, such as cloud computing services, make these large scale de-anonymization tasks possible in a feasible amount of time. As data aggregators are collecting vast amounts of data from all possible digital media channels and as computing power is becoming cheaper, de-anonymization threatens privacy on a daily basis. Last year, we showed how we can de-anony
Speakers: Antonio Bianchi, Jacopo Corbetta, Andrew Dutcher How we built an automatic exploitation system and qualified for the DARPA Cyber Grand Challenge. From a rag-tag hackademic group to getting money from DARPA for auto-exploiting and auto-patching. A tale of surfing, CTF-playing, and releasing an angry binary-analysis framework as open source :) Beside introducing Shellphish, we will explain how we qualified to the final round of the DARPA Cyber Grand Challenge. The CGC is a security competition played by programs. Yep, you read it right, your code must automatically exploit and patch binaries, without any human intervention! In particular, we will show how our open source binary analysis framework (angr) can help you find vulnerabilities in binaries. Shellphish is a group of security enthusiasts born in the University of California, Santa Barbara (UCSB) in 2004. Since then Shellphish played countless Capture the Flag (CTF) security competitions, winning the DEFCON CTF finals in 2005. In 2015, Shellphish enrolled in the DARPA Cyber Grand Challenge (CGC). Differently from others security competitions, in which humans have to solve security challenges (such as exploiting binaries or web services), during the CGC participants have to build an automatic system that plays for them! In particular, teams have to build a system that is able to automatically find vulnerabilities in binaries, exploit them, and patch them, without any human intervention. In this talk we will present the system we developed to participate in the CGC, our almost-million dollar baby :) Our system was able to score among the top 7 teams during the qualification event of the CGC, qualifying us for the final event (in August 2016 at Las Vegas), in which participants will compete against each other to win a first-place prize of 2 million dollars (and eternal bragging rights). Part of the system we developed is based on angr, the open source binary ana
Speakers: rop, frank The talk „We Lost The War“ was presented at Congress ten years ago, causing quite a stir. It was a prediction of a dark future that did not sit well with many people, but unfortunately many predictions have come true meanwhile. This talk will try to address what comes next, as well as what the hacker community can do to make things better. It’s a broad-spectrum talk that covers analysis of past and current events and possible futures in specific fields such as surveillance and digital rights, as well as a broader analysis of where the speakers think the world might be in 5-10 more years.
Speaker: Jennifer Helsby Mass quantities of data are being incorporated into predictive systems in an ever-broadening set of fields. In many cases, these algorithms operate in the dark and their use has implications both intentional and unintentional. This talk will cover some of the fairness and accountability issues involved in controlling algorithms for media, policy, and policing. Decision making is increasingly being performed by intelligent algorithms in areas from search engine rankings to public policy. Algorithmic decision making includes applications as important as who is flagged as a potential terrorist as in the United States’ no-fly list to deciding how police officers will be allocated as in predictive policing. These systems are getting smarter as we develop better algorithms, as well as more expansive as they integrate more data. Government agencies and corporations are determining how to best convert the mass quantities of data that have been collected on their citizens and customers into meaningful inferences and decisions through data mining and predictive systems. However, many of these systems consist of algorithms whose operation is closed to the public - constituting a new form of secrecy maintained by powerful entities. The intentional or unintentional impact of some of these systems can have profound consequences. This talk will cover some of the emerging issues with the widespread use of these systems in terms of transparency and fairness. We need to have some mechanism for verifying how these systems operate. Are these algorithms discriminatory? Are they fair with respect to protected groups? What role can auditing and reverse engineering play? I'll discuss these questions, the current status of this field, and some paths forward.
Speaker: Dia Kayyali Street level surveillance technology, such as surveillance cameras and iris scanners, is now a pervasive part of the daily lives of city dwellers, with disastrous consequences for freedom of expression. This talk will cover what kind of street level technology we’re seeing, how it’s spreading, and who’s making money off of it. We’ll also talk about some of the security flaws hackers have exposed on these technologies, and put out a call to action to CCC. Surveillance was on the street before it was online, and that hasn’t changed. What has changed is that cities around the world are now bristling with street level surveillance technology, like GPS tracking devices, IMSI catchers, biometrics, drones, and cameras of all kinds. Much like the business of selling malware to repressive regimes, big multi-national corporations like General Electric and Morpho have made huge profits off the spread of this technology, and have helped it spread like wildfire. Even in places like the United States, where, in the last 20 years, crime rates have steadily and significantly declined, the use of this incredibly invasive technology is excused by “public safety" or "crime prevention needs.” Justifications range from warnings about terrorism (often thinly-veiled jabs at activists like the Black Lives Matter movement or anti-austerity activists in Greece) to conflating “national security” with disaster preparedness. Similarly, In Latin American, government authorities have used surveillance measures to discredit and stigmatize social movements involved in protests. Street level surveillance is also often part of preparation for major events. The technology left behind becomes integrated in to everyday policing. The 2012 Olympics in London was accompanied by a host of new technology, including iris scanners, biometric ID cards, automated license plate readers, and facial-recognition CCTV systems. In preparation for the 2014 World Cup
Speaker: Karsten Becker 3D printers are almost everywhere, but not on the moon yet. We want to change that and this talk gives you a little insight into the how and whys of 3D printing on the moon. Having a printer in space is a great idea, it allows you to produce things in space, without having to actually launch it with a rocket. Some want to mine asteroids for that, we want to use lunar regolith. This would make it possible to build structures on the moon that are essential for build a permanent outpost there. Even further down the line one might build the first interplanetary refuelling outpost in space for rockets and go even deeper into space. We want to show you how this dream could become reality, what techniques are of interest, and how it could be implemented.
Speaker: Henryk Plötz QR codes have rapidly overtaken rival 2D bar code symbologies and are becoming quite ubiquitous. Most uses are rather pedestrian though, and even the more non-standard modifications to pure QR codes lack a certain technical finesse, opting to just overpaint part of the code and let error correction handle that instead. Let's see how we can do better. The simple visual appearance of a QR code belies a very complex multi-step encoding process: Text is encoded using one or multiple character sets and encoding modes (allowing, for example, for a more efficient representation of strings of numbers), the resultant data is grouped into code words in segments with delimiters, error correction information is added, the augmented data is placed on the 2D matrix, structure obfuscation with a masking pattern is applied and version and format meta-data is added. each of these steps grants some degree of freedom to the encoder that will result in visually distinct but semantically identical codes. Previous approaches to play with QR code appearance have usually stuck to modifying either end of this pipeline: Overwriting some parts of the finished code, or adding additional encoded data so that the finished code will have certain features embedded in it. The downside of these approaches is that you either rely on error correction to remove all the disturbances you've added, limiting the amount of modification possible, or become very limited in which pixels you can control. By constructing an encoder and decoder that allows access to each step of the encoding/decoding process, I will allow you to go further and take control of the QR code as a whole. Changing all parameters of the encoding process will make the resulting code appear almost like you want it without relying on the error correcting capabilities, which then allows you to add further manipulations by abusing the error correction capabilities. All code will be released under a free
Speaker: Jethro Beekman This talk will be an overview of how to reverse-engineer Unified Extensible Firmware Interface (UEFI) firmware, the replacement for BIOS. Various useful tools will be discussed, including those written by the presenter and those written by others. One of the highlights will be a tool that enables running parts of the firmware in userspace on a standard Operating System. The Unified Extensible Firmware Interface (UEFI) is a programming environment quite different from regular Operating Systems models, and as such reverse engineering UEFI software is quite different from reversing standard software. This talk will consits of three parts. First, an overview of UEFI and what makes it different will be presented. Then, existing and new tools that aid in reversing UEFI are discussed, including a demonstration of the efiperun tool that enables running UEFI modules in userspace. The talk will conclude with the recounting of a succesful reverse engineering project to uncover the Lenovo hard drive password hashing algorithm. Jethro Beekman is a security researcher and Ph.D. student at the University of California, Berkeley. He has a broad range of interests in technology, ranging from electronics to cryptography. Recent work has focused on various topics such as side-channels, remote attestation, Heartbleed and the Rust programming language.
Speaker: Darsha 20 OSCILLATORS IN 20 MINUTES is an experimental music performance/technical challenge/standup comedy act where I attempt to build twenty sound generating square wave oscillators in twenty minutes. This involves fabricating small electronic circuits with wires, chips, small components and nine-volt batteries under the pressure of limited time and expectation. This is a test of my technical abilities and an experiment in working with live troubleshooting as a method of musical improvisation.
Speakers: Arne Hintz, Lina Dencik How have the media reported the Snowden revelations? Does the public care about surveillance, and how do people react? Do we need a ‚data justice‘ movement? This talk will present results from the research project „Digital Citizenship and Surveillance Society: State-Media-Citizen Relations After the Snowden Leaks“. We will discuss why media coverage has been biased and investigate public knowledge of, as well as public reactions to, surveillance. We will show that people are concerned about surveillance but feel disempowered to resist it, and explore why many social/political/environmental activists have been reluctant to change their communication practices after Snowden. And we will suggest a ‚data justice‘ framework to form part of broader social and economic justice agenda in order to resonate with a broader public. The project „Digital Citizenship and Surveillance Society“ is hosted at Cardiff University and includes researchers from Cardiff, the Oxford Internet Institute and the Technical University of Delft. It investigates the responses to the Snowden revelations for policy, technology, civil society and the news media. In this talk, two of the investigators will present findings from research that included content analysis of the British press and broadcast news, interviews with journalists and activists, and focus groups with a wide range of the British public. They will uncover widespread worries about surveillance amongst both activists and wider population but, at the same time, a lack of knowledge and confidence to address it socially, politically and technologically. The research provides insights for digital rights campaigners, crypto developers, and everyone interested in the Snowden leaks.
Speaker: Gloria Spindle – Peng! Collective Giant billboard vans, drone-operated leaflet drops over an NSA building and calls to secret service agents, Intelexit explores all routes to reach out to secret service agents and convince them to follow their conscience and quit their jobs. We will take a look at the highlights of the campaign from 2015 and what's around the corner for 2016. When we talk about government surveillance, we most often talk about it as a dark and menacing threat. But there are humans working day in and day out at secret service offices around the world, following orders, keeping secrets. How many of them feel ethically conflicted about their role in upholding these structures? How many of them might consider leaving and pursuing another career, if nudged in the right direction? Intelexit, an initiative produced by the Peng! Collective, reaches out to these people and offers them a friendly nudge and connects them with the right kinds of support if they wish to leave. Treading the line between art and activism, between spectacle and reality, Peng set up Intelexit to draw attention to the women and men working in the shadows, and to reach out to them. Intelexit was an experiment at first but it turned out to be very popular and needed, so it will continue into 2016 and it needs your help!
Speaker: Filippo Valsorda Entropy, the randomness used in many critical cryptography processes including key generation, is as important as it is misunderstood. Many myths are fueled by misleading documentation. This presentation aims to provide simple and actionable information while explaining the core technical details and real world implementations. Randomness is as simple as critical. An application wants some bytes which an attacker can't predict. The clearest example is generating a cryptographic key, but a wide array of functions depend on randomness. Any time a key is generated, any time a DSA signature is made, any time the memory layout is randomized, applications rely on being able to create strings of bytes impossible to predict. If that comes short everything fails: cryptographic keys are compromised, exploits protections are ineffective. Entropy, the unpredictable raw material, is usually collected by the Operating System and exposed to the applications that need it. Once enough bits of entropy have been collected, it becomes impossible to predict the output of the CSPRNG (cryptographically secure pseudo-random number generator), a stirrer of sorts that expands a seed into unlimited whitened random bytes, often based on stream ciphers or hashes. Real risks include trying to use a CSPRNG early on in the boot process, when not enough random events have been collected, or using a userspace CSPRNG instead of the kernel one and forgetting to seed it. Or using a non-CS PRNG. That's just about it. However, there is a lot of misunderstanding on "decreasing entropy". It's a widespread myth that using random bytes decreases the "amount" of entropy. Reality is, to an attacker who's basically trying to predict the CSPRNG output there's no decrease in difficulty no matter how much output is drawn, so developers can avoid introducing additional complexity because of this. This is all backed up by showing a simple toy CSPRNG design, and reasonin
Speaker: Tarek Loubani Free software and hardware are essential to sovereignty among developing nations, and can be used to secure infrastructure and information against sophisticated adversaries. Underdeveloped nations are leveraging Free software for these purposes, including Gaza and the Palestinian territories. This lecture discusses the Palestinian use of Free software and hardware to claim a kind of sovereignty, focusing on the health sector as one example where speaker Dr. Tarek Loubani has experienced and participated in efforts to incorporate Free culture. Free software and hardware are essential to ensure cultural, economic and military sovereignty among developing nations. Software such as GNU/Linux and GPG are potent weapons used by state and quasi-state actors to secure infrastructure or information against sophisticated adversaries. Several Latin American countries have effectively utilized Free software tools over the past two decades to advance their sovereignty. Today, another wave of underdeveloped nations is similarly leveraging Free software, including the Gaza Strip and Palestinian Authority. The Palestinian Territories - and particularly the Gaza Strip - exist in a state of nearly-complete technological, economic, political and military domination. This lecture discusses the Palestinian use of Free software and hardware to claim a kind of sovereignty, focusing on the health sector as one example where speaker Dr. Tarek Loubani has experienced and participated in efforts to incorporate Free culture.
Speakers: Andreas Zingerle, Linda Kronman The lecture outlines strategies by the "Artist against 419" online community that uses open source intelligence to gather data and file reports about fraudulent websites. The lecture presents the artistic installation "Megacorp." (created by KairUs) that tries to visualize the global phenomenon of fake business websites. “Megacorp.” is a corporate conglomerate inspired by its equally powerful counterparts in science fiction. The artwork is based on a collection of fake websites scraped from internet by the artist duo KairUs. These companies exist only virtually and are used by cyber criminals for phishing attacks or to support scam stories. The “Megacorp.” exists therefore as an umbrella company for subsidiary companies that are 100% dummy cooperations. “Megacorp.” operates on a global scale and is constantly growing with firms represented in almost every branch of industry. The strategic objectives according to the “Megacorp.” Mission statement is to: “offer complete services from one source which can serve the entire market”. Accordingly the subsidiary companies cover domestic and international export, real estate agents, insurance companies, law firms, security companies, banks, educational institutions, hospitals, online commerce, economic communities and ministries.The functions of “Megacorp.” are presented in the form of an interim report and company visuals. The archieved websites are locally available in the gallery allowing visitors to explore the current fake website repository. By examining the fake websites the artwork reflects both the imaginary and the real world ‘megacorps’, questioning centralization of power.
Speaker: Arne Semsrott Die Landesverrat-Affäre um netzpolitik.org hat gezeigt, wie wichtig es ist, nicht nur aus staatlichen Dokumenten zu zitieren, sondern sie im Original zu veröffentlichen. Ideales Werkzeug dafür ist das Informationsfreiheitsgesetz (IFG). Wir geben einen Überblick über die Entwicklungen dieses Jahr rund um das IFG. Die Landesverrat-Affäre um netzpolitik.org hat gezeigt, wie wichtig es ist, nicht nur aus staatlichen Dokumenten zu zitieren, sondern sie im Original zu veröffentlichen. Ideales Werkzeug dafür ist das Informationsfreiheitsgesetz (IFG), das aber weiterhin noch viel zu selten genutzt wird - weder von Aktivistinnen noch von Journalistinnen. Wir zeigen, welche politischen Entwicklungen, Gerichtsurteile und Veröffentlichungen 2015 wichtig waren für die Informationsfreiheit in Deutschland - und auch in anderen Ländern wie England, wo der Freedom of Information Act von der Cameron-Regierung vermutlich bald eingestampft wird. FragDenStaat haben wir unterdessen weiterentwickelt zu einer Plattform, auf der Behörden auch dann angefragt werden können, wenn für sie das IFG nicht gilt. Und haben dabei erlebt, dass der bisher größte internationale Medienhype um die Plattform nicht auf seriöse Arbeit zurückzuführen ist, sondern auf einen 17-Jährigen, der über FragDenStaat seine Abiturklausuren vor dem Klausurtermin einsehen wollte.
Speakers: taziden, kload Two years after the invitation to build your own iSP at 30C3, I'd like to invite everyone to take part in building a better Internet with the Internet Cube project. At the crossroads of DIY Internet Access, Open Source Hardware and Self-Hosting Free Software, "Internet Cube" is the living proof everyone can regain control on their data. Using a public and static VPN endpoint provided by a neutral and privacy-friendly ISP, the Cube enables the user to have her services accessible from everywhere simply by plugging it to the Internet. Assorted with a wireless antenna, the Cube operates as an ambulant cleaning gateway to the Internet, getting rid of whatever stupid thing a commercial ISP would be doing on the network like port blocking or service prioritization. There are many other use cases enabled by already existing Y U NO HOST applications like turning the Cube into a PirateBox or a Tor gateway. When the first prototype came to life, someone said "Well, congratulations guys, you've just built an actual working FreedomBox" and I believe that what we built is more than that.
Speaker: Susann Wagenknecht Hacking receives growing attention among social scientists during the last five years. Researchers particularly in the fields of Human-Computer Interaction (HCI) and Computer-Supported Collaborative Work (CSCW) but also in the social sciences generally have begun to study hacking empirically—investigating hacking as a practice and as cultural phenomenon. The talk offers a glimpse of the spectrum of research about hacking in HCI, CSCW, and adjacent fields. Researchers in these fields portray hacking very differently. The spectrum ranges from “transgressive craft” to “innovative leisure practice,” from skilled craftsmanship to ad hoc kludging, from an individualist pursuit to a community mission, from an expression of liberalism to an exclusive practice of cultural distinction. Some researchers see hacking as an illustration of how to defy technological determinism, i.e., the conviction that the technological determines the social, a position that social scientists typically fight ferociously. Other researchers see it as the future of “end-user innovation.” This talks discusses these notions and describes the value---economic, pedagogical, cultural, conceptual---that different research perspectives perceive in hacking. Hacking receives growing attention among social scientists during the last five years. Researchers particularly in the fields of Human-Computer Interaction (HCI) and Computer-Supported Collaborative Work (CSCW) but also in the social sciences generally have begun to study hacking empirically—investigating hacking as a practice and as cultural phenomenon. However, Fefe, an influential blogger of the German hacking community, warned against collaborating with researchers: „In letzter Zeit gibt es eine auffällige Häufung von Befragungen und wissenschaftlichen Studien zu Hackern und Piraten, wie die Szene funktioniert und so weiter, auch bei Hackerspaces und insbesondere auch bei Gruppen wie Occup
Speaker: constantdull Using follower bombing as art performances, the artists Constant Dullaart continues the research into attention and identity as a commodity on social networks, and has recently created a large sum of custom created artificial Facebook identities. Many websites offer an option to login in with Facebook credentials due to the strict controle of the service on the reliability and verification of the social medium. In a time where the open borders in Europe are under pressure, and Syrian identities are sold to people that long for a better future, virtual identity systems, and their reliability become a topical analogy. Due to the large financial incentive through advertisement revenue, there is a large industry creating Facebook accounts that can be used for commercial purposes only, and controlled en masse by dedicated software. With a press of a button hundreds of artificial accounts can like a certain Facebook post, group, political party, celebrity, brand or artist. Influencing advertisement revenue and cost, elections, or feigning consumer interest. These profiles are not representative of actual human entities, and are only created to pass for people through Facebook’s detection algorithms. Somewhat similar to how a social registration number creates a physical legal identity. With generated names and interests, with downloaded images, these accounts have verified email addresses, and the most valuable profiles are Phone Verified Accounts, so called PVAs. PVAs generated with United States based phone numbers are most valuable since they are checked less by Facebook, than profiles verified with Pakistani, Bangladeshi or Filipino for example. The last countries playing a big part in the artificial virtual identity industry. Although this industry has been active for many years, commodifying our idea’s of what shapes an online identity, many journalists, political parties, institutions, and consumers still believe that t
Speaker: jiska This talk gives an overview on state-of-the-art wireless security concepts: How can we analyze wireless protocols? How can we build mechanisms that are secure even when the attacker has unlimited computational power? Can we exploit wireless transmission for more? Typically, wireless security is realized by implementing encryption on upper layers and replacing the wire with some wireless modulation schemes. Yet, there is more! For example, it is possible to build "NSA proof" systems or to use legacy WiFi frames as radar. First, there will be a brief introduction on how to hack things with your rad1o badge and other cheap software defined radios. This is your chance to understand how radio waves look like and how to capture and process them :) Second, the concept of wireless physical layer security is introduced. Based on this, information-theoretic secure systems for confidential communication and key exchange can be built. Third, wireless transmissions contain a lot of additional information, since they get disturbed depending on the environment. Hence, we can extract positions of humans and even loudspeaker movements through walls.
Speakers: Thomas Lohninger, Werner Reiter Im April 2015 hat die österreichische Bundesregierung einen Entwurf für ein "Polizeiliches Staatsschutzgesetz" vorgelegt. Damit soll ein neuer Inlandsgeheimdienst mit weitreichenden Überwachungsbefugnissen geschaffen werden. Unabhängige Kontrolle durch Gerichte und das Parlament ist nicht vorgesehen. Bereits in der Begutachtungsphase wurde das Gesetz massiv kritisiert. Der AKVorrat gab mit einer umfassenden Stellungnahme die wichtigsten Argumente vor. Der Widerstand gegen das Gesetz und die Kampagne des AKVorrat haben zwar zu mehrfacher Verschiebung der Beschlussfassung geführt, aber die Geheimdienstpläne der Regierung sind trotz mehr als 22.000 Unterzeichnerinnen und Unterzeichnern der Petition auf www.staatsschutz.at nach wie vor nicht vom Tisch. Der Talk bietet Einblicke, wie Geheimdienste in der Post-Snowden-Ära öffentlich und nicht öffentlich diskutiert werden. Wir zeigen die Geschichte von Österreich als Drehscheibe von internationalen Geheimdienstaktivitäten. Die aktuellen Pläne der Regierung zur Schaffung eines Inlandsgeheimdienstes sind in diesem Kontext zu sehen. Der aktuelle Gesetzesvorschlag stattet Polizeibehörden mit Geheimdienstbefugnissen aus, die einer unabhängigen Kontrolle weitestgehend entzogen sind. In unserer Analyse stellen wir unsere Kritikpunkte in einen größeren Kontext, der der Idee einer Überwachungsgesamtrechnung folgt. Wir stellen unsere Kampagne vor, die auf zwei Säulen steht: Aktivismus und politisches Lobbying. Der Spagat zwischen beiden Polen ist nicht immer einfach, aber unbedingt nötig, um die Breite des Widerstandes gegen das Gesetz darzustellen. Der reicht von der Bischofskonferenz, über Amnesty International bis zu Arbeitnehmervertretungen. Die juristische Expertise des AKVorrat macht uns auch zu ernstzunehmenden Gesprächspartnern von Politikerinnen und Politikern. Thomas Lohninger und Werner Reiter vom AKVorrat Österreich zeichnen das Bild eines ereign
Speaker: Gunnar Thöle Landauf landab entstehen zur Zeit tausende öffentlicher Stromtankstellen. Diese neue Infrastruktur bietet viel Potential für kreative Nutzungen und hat eine Reihe an Nutzungs-, Sicherheits- und Datenschutzproblemen, für die bislang Lösungen fehlen. Dies ist eine erste minimale Einführung in die Technik und ein Hilferuf und soll die Türen zu neuem Spaß am Gerät öffnen. Der Vortrag wird in zwei Teilen folgende Informationen geben: Teil 1 – Selber nutzen •Einführung: Wofür braucht man Stromtankstellen? Darstellung der üblichen elektrischen Parameter von Fahrzeugen und Batteriesystemen, •die drei etablierten Systeme für Gleich- und Wechselstrom zur Fahrzeugladung werden vorgestellt, •Telefonakku leer in der Stadt? Es wird gezeigt, wie man für beliebige Nutzungen Wechselstrom beziehen kann, •zwei Open-Source-Projekte für Ladestationen im Eigenbau werden kurz angerissen. Teil 2 – Der Ruf nach Hilfe. Wo besteht Bedarf an Sicherheits- und Hardware-Erforschungen? Es geht um folgende Themenbereiche: •Steckerkonstruktion: Die Stecker sind viel zu teuer, wenn überhaupt erhältlich. •Datenkommunikation der Gleichstromladesysteme CHAdeMO und CCS: Insbesondere bei CCS ist das Kommunikationsprotokoll nicht öffentlich bekannt, so dass Adapterlösungen oder die Nutzung zur Aufladung von Eigenbaufahrzeugen nicht möglich ist. Außerdem ist Gleichstrom-Ladehardware völlig überteuert und ohne Protokollkenntnis nicht zu verbessern. •Proprietäre Mitspieler: Tesla hat einen genormten Steckertyp proprietär ergänzt, und niemand weiß, was an Tesla-Superchargern genau passiert. •Authentifizierung und Abrechnung: Ein Wildwuchs an Abrechnungssystemen auf Basis von Apps und RFID-Karten wartet darauf, auf Sicherheitslücken überprüft zu werden. Wo bleibt die Stromtankstelle, die Bitcoins akzeptiert? •Datenschutz: Die anonyme Nutzung von Benzintankstellen ist üblich, von Stromtankst
Speaker: Stefan Wehrmeyer Journalists, while structurally and economically under threat, are bringing computer science into their newsrooms. Their tools and techniques benefit from computer science in areas such as databases, graph analysis and machine learning and allow journalists to tackle new kinds of stories. This lecture will be about how journalists use computer science to find the story needles in their data haystacks. CS knowledge comes in handy when scraping government websites, searching giant troves of documents and analysing social graphs. Recently popularised techniques like machine learning and other techniques can be used to explore and uncover hidden truths in datasets. New research areas such as algorithmic accountability (e. g. how can you find the cheating algorithm in the VW cars) become more important and lead to stories that require a journalistic mind to discover them but need reverse engineering skills to fully understand. I will give a roundup of how stories are told with the help of computers in newsrooms around the world. As a software engineer by trade working in an investigative newsroom I’m also applying the stuff I learn to help my reporter colleagues find and tell new kinds of stories.
Speaker: lilafisch This talk will have a look at maritime related robots and projects. It is not all that difficult and expensive - and there are truly still dragons to find! With this talk I want to expand the attention from air and land vehicles to maritime robotics and other maritime projects. Surface and underwater vehicles are challenging: Waterproofing is vital, communication is restricted and doesn't work the way we are used to, and weight is a factor that needs more consideration than usually (either to avoid sinking or to achieve it...). Still discovering this area myself, I'm planning to cover interesting challenges, surprising solutions, the differences in sensing and actuation, exciting projects, and the responsibility that comes with building robots for the sea.
Speaker: Peter Stuge In 2010 I was asked by the second maintainer in a row to take over as new maintainer of the libusb project. The first time I had declined. The second time I accepted, and sadly failed. Eventually a hostile fork emerged, with the explicit goal to take over the original project. I will tell you my story, which mistakes I made and what I learned - about independent and corporate contributors in open source projects, about package maintainers in downstream OS distributions, about trolls on the internet, about GitHub Inc. and about myself. The hostile fork? It wasn't merged.
Speaker: Nicolai Pogadl This lecture will give an overview on how technology can help and is helping to prevent or mitigate mass atrocity crimes. It focuses on the work and research of the Digital Mass Atrocity Prevention Lab (DMAP Lab) but will discuss other major projects as well. The goal is to inform the audience about ongoing efforts and spark their interest to help work at the intersection of technology and human rights. The lecture will span a wide arc over current efforts made in how to use technology in peacekeeping, mass atrocity prevention and mass atrocity documentation. It also will give a brief introduction on why this work is important using current (e.g. South Sudan, Syria) and past (e.g. Rwanda) cases. The projects described in the talk can be found in the link section but will have to be fleshed out in more detail until the CCC event. In short: it will be a "tour de force" through various human rights/technology projects to give the audience a wide perspective with which they can (hopefully!) find ways for future collaboration. The talk will also touch briefly on challenges and risks using technology in mass atrocity prevention - because we all know: technology has no morality and can be used for both good and evil.
Speaker: Kaustubh Srikanth On 17th December 2014, the Government of India's Ministry of Communications and Information Technology issued an order to all licensed Internet Service Providers (ISPs) in the country to block access to 32 websites, effective immediately. The basis of this was a claim that the targeted web services were being used for "Jihadi Propaganda" by "Anti-National groups". As a response to this, a few technologists in Berlin got together and thought it would be a good idea to do some research using free and accessible tools and to look at how censorship has been implemented, as well as the various techniques that could be used to circumvent this censorship. This talk will discuss our findings and make recommendations about how ISPs can handle such censorship requests better, while being fair and transparent to their customers. On 17th December 2014, the Government of India's Ministry of Communications and Information Technology issued an order to all licensed Internet Service Providers (ISPs) in the country to block access to 32 websites, effective immediately. Not only did the ban affect access to popular cultural sites such as archive.org, vimeo.com, dailymotion.com, but the order also blocked access to sites like github.com, pastebin.com, which are useful for all sorts of people but are especially popular with software developers. The Ministry's order was issued following a request from the Mumbai police's Anti-Terrorism Squad on 15th November 2014. The police request argued that the targeted web services were being used for "Jihadi Propaganda" by "Anti-National groups", and were encouraging youth in the country to join organisations like the Islamic State (ISIS/ISIL). As a response to this, a few technologists in Berlin got together and thought it would be a good idea to do some research using free and accessible tools to look at how censorship has been implemented, as well as the various techniques that could be used to circumvent
Speakers: Sec, ray The Hacker Jeopardy is a quiz show. The well known reversed quiz format, but of course hacker style. It once was entitled „number guessing for geeks“ by a German publisher, which of course is an unfair simplification. It’s also guessing of letters and special characters. ;) Three initial rounds will be played, the winners will compete with each other in the final. The event will be in German, we hope to have live translation again.
Speakers: anna, Constanze Kurz, cbass, Felix Betzin In den nunmehr Hunderte A4-Seiten füllenden Live-Protokollen des NSA-BND-Untersuchungsausschusses, die bei netzpolitik.org nachzulesen sind, verbergen sich interessante Antworten auf Fragen, die niemand gestellt hat, vorher unbekannte juristische „Theorien“ des BND und Perlen verlogener Rabulistik. Das schreit förmlich danach, Teile der Live-Protokolle aufzuarbeiten und vorzulesen. Genau das werden wir tun.
Speaker: Leonie Maria Tanczer News reports and political speeches are currently replete with references to hacking and hacktivism, i.e., politically motivated hacking. They often portray hackers and hacktivists negatively and put them onto the same level with, for example, terrorists. This talk is based on a PhD research project examining the perception of self-identified hackers and hacktivists on these (in)securitising developments. It investigates how hackers and hacktivists understand themselves and their activities, explores how they articulate the effects of this (in)securitisation, and outlines the ways they resist these processes. Within the public discourse, terms such as hacking and hacktivism are controversial. They are frequently equated with malicious activities and associated with the likes of cybercrime or cyberwarfare. Besides, both the activities and the actors standing behind these concepts are increasingly becoming subject to a threat construction. This process is understood as “(in)securitisation” which builds upon the idea that security issues do not necessarily reflect the objective, material circumstances of the world. Instead, what is considered as a “security threat” depends on the design of such a menace by a multitude of actors, e.g., politics, industry, or the media. The talk uses this understanding to examine the perspective of hackers and hacktivists who have been subjected to this (in)securitisation. It is based on a sub-study which is part of a broader PhD project within the social sciences. It exhibits qualitative findings that are derived from interview data collected over the course of a Research Fellowship at the Alexander von Humboldt Institute for Internet and Society, Berlin. A sample of N = 35 (female: n = 6; male: n = 29) self-identified hackers and hacktivists were therefore interviewed in German or English. The data was analysed using the method of thematic analysis. This talk explains the theoretical ba
Speaker: Eric Wustrow Physical keys and locks are one of the oldest security mechanisms still employed today. In this talk, we will discuss how 3D printing keys enable attacks against many modern lock systems. We will describe projects researchers and hobbyists have done involving 3D printed keys, and present our own research on automating several of these attacks in order to demonstrate how easy they are to do. Ultimately, we hope to describe the current state of 3D printed keys, and their impact on the physical security systems we most often take for granted. Physical keys and locks are one of the oldest security mechanisms still employed today. Despite their long-standing history, many still suffer from known attacks including bumping, impressioning, teleduplication, and rights amplification. To mitigate these attacks, many lock systems rely on restricted keyways and use blanks that are not sold to the general public, making it harder for attackers to obtain them. Often the key blank designs themselves are patented, further discouraging distribution or manufacture by even skilled machinists. In this talk, we will investigate how rapid prototyping and 3D printing tools can be used to attack modern lock systems. Even when manufactured on commodity machines, 3D printed keys are now good enough to be used in a variety of attacks. We demonstrate this by showing several example attacks against popular locks, from 3D printing the TSA master key, to our own attacks against restricted key systems. To test the strength of modern 3D printed keys, we present results from our paper of a controlled analysis on a range of printed materials from plastic to metal, and show that it is possible to cheaply make or purchase 3D printed keys that are practically as strong as real keys. We also present a tool that can automatically create a CAD model of a key blank, given only a single picture of the front of the corresponding lock. This tool makes th
Speakers: Tobias Mueller, Christian Forler In the last couple of years, cloud and web services have become more and more popular. Since Snowden we know for sure that intelligence agencies have access to the data storage of an service provider, either by (forced) cooperation, or espionage. Thus, to protect our privacy we have to encrypted our data before hand it over to our service provider (data holder). But this approach contradicts the very idea of a web service where the data holder have to process our data in one way or an other. Therefore, we need new cryptographic techniques to enable the data holder to perform operation on encrypted data. One of the most important operations for cloud storage or database based web/cloud services is the search operation. In this talk we focus on the very familiar cloud storage scenario. Because in this scenario, It is obvious, that the user (data owner) do not want to perform the search by himself. This should be a service offered by the data holder. We will present different practical approaches to achieve searchable ciphertext, namely one with an index and one with cleverly encrypted words. Note that no PhD is required to attend this talk ;-) We found that many people cannot believe that it is possible to execute operations on ciphertext. We want to rectify this by educating hackers of the magic of searchable encryption schemes. Intro "The Cloud" has undoubtedly become very popular over the last decade. Many people like the convenience of virtually unlimited storage and computing power at their fingertips. However, people tend to dislike to disclose their data to third parties. A simple solution would be encrypt the data before uploading it to a third party, but you may very well want to perform certain operations on the encrypted data such as a search. Entering Searchable Encryption This conflict of encryption and the ability to execute computations on data seems to be inherent. However, clever encryption s
Speaker: Sebastian Jünemann Ob diktatorischer Despot, der seiner Bevölkerung die Kommuninaktionsrechte einschränkt, oder ein Erdbeben, das die Kommunikationsinfrastruktur zerstört: Auch 2015 sind die Lösungsansätze noch nicht wesentlich über Zettel und Stift hinaus. „CADUS – redefine global solidarity“ über den Ist-Zustand in Katastrophengebieten und Lösungsideen. Kommunikation und Organisation sind unverzichtbar für große Menschengruppen, egal ob Oppositionsbewegung in Diktaturen oder für Volunteers nach großen Naturkatastrophen. Im Süden der Türkei, in Nordkurdistan, sieht man grade einmal wieder, dass die erste Maßnahme von repressiven Regierungen die Beschneidung des Rechts auf Kommunikation ist. Wenige hundert Kilometer weiter, im Nordirak, erlebt man auch 2015 noch, wie das UN-OCHA (Office for the Coordination of Humanitarian Affairs) Hilfsorganisationen offline über Meetings und "„Zettel und Stift“-Kultur zu organisieren versucht. „CADUS – redefine global solidarity“ ist u. a. in der Region aktiv. In dem Vortrag wird eine kritische Beleuchtung des Ist-Zustandes von Recht (und Möglichkeit) auf Kommunikation im Nahen und Mittleren Osten gegeben. Weiterhin werden Lösungsansätze und Ideen vorgestellt, was ITK-Lösungen für sowohl Bevölkerung als auch Organisationen bieten könnte.
Speaker: Kurt Opsahl Governments around the world are seeking to put a stop to secure end-to-end encryption, from the UK’s Data Retention and Investigatory Powers Act, to Australia’s Defence Trade Controls Act, to India’s draft proposal to require plain text copies of all secure messages, to the United States’ Federal Bureau of Investigation’s public pressure on global companies like Apple and Google to weaken their security and provide law enforcement access to plain text content. Yet it is impossible to give these governments what they want without creating vulnerabilities that could be exploited by bad actors. Moreover any attempt to prevent people from writing and publishing strong encryption without backdoors conflicts with the right to freedom of expression enshrined in Article 19 of the Universal Declaration of Human Rights. This presentation will address the history of crypto wars, update the audience with the latest information on government proposals from around the world, and discuss how we can fight for a future that will allow for secure communications for everyone. The discussion will also include information about EFF’s effort to protect and promote strong encryption, including the Secure Messaging Scorecard, Encrypt the Web report and the Who Has Your Back reports. The presentation will explain how the unintended consequence of these efforts to provide law enforcement unfettered access to communications for users’ privacy and the security of the Internet far exceeds the benefits that would be gained. The proposals are often made in the name of protecting national security, but are likely to have severe economic, political and social consequences for these nations and their citizens, while doing little to protect their security. Contrary to these government proposals, encryption has a critical role to play in national security by protecting citizens against malicious threats. The harm to the public that can be presented by la
Speaker: BoB Marvan What do you want? Did you build your web/app for humans or NSA robots? Let's make it usable for human beings. I'd like to show you some basic design mistakes and how to avoid them to improve usability of your web or app. Why? Because it's worth it and I'm good in it. "Under the candlestick is dark." Back to the roots. Everybody is talking about User Experience (UX), Human Centered Design (HCD) end-to-end flows, holistic approach but the devil is hidden in the details. I'd like to show you some of the most frequent mistakes in user interfaces and how to avoid them. From misplaced lines to microcopy worth millions. From broken flows to broken hierarchy. If you fix your UI troubles you can gain much bigger reach than ever before. The main question remains up to you: Dou you like to improve usability of your service or stay in the darkness of misunderstanding. With my tips will be your app/web for people as clear and bright as Czech crystal: No more confusions or misunderstanding. BTW: I'm the UX designer from AVG.com (the online security company) from the Czech republic.
Speakers: gedsic, bigalex Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick! To get involved and learn more about what is happening please visit the Lightning Talks Wikipage.
Speaker: Katharina Nocun The leading social networks are the powerful new gatekeepers of the digital age. Proprietary de facto standards of the dominant companies have lead to the emergence of virtual “information silos” that can barely communicate with one another. Has Diaspora really lost the war? Or is there still a chance to succeed? The Internet today is a giant web, a hilarious copy machine, interlaced into more and more aspects of our lives. What started as a network of equal nodes, has since transformed the layer above the open, decentralized hypertext protocol, and begun to move it towards greater centralization and power in the hands of few large platforms. Social networks are an important benchmark for this trend. Social networks are an important tool for private, commercial and political use. Technological sovereignty can be decisive for political struggles, regardless of whether we talk about elections or revolutions. Privacy gains importance when the Internet becomes interconnected with more and more parts of our lives. The launch of Diaspora in 2010, a crowdfunded free-to-use social network based on free software, was clearly born from these debates. While the appeal of a federated system of social contacts is same in centralized and decentralized networks, they are worlds apart regarding their technical infrastructure, their power structures and their options for business models. Much scientific work has been carried out on the technical challenges that decentralized social networks face. But the underlying economic mechanisms that drive the market towards concentration, promote the dominance of few actors and build high barriers for market entry, have so far been rarely addressed in the context of social networks. The dominance of one network is deeply rooted in the code of the market structure troubled with network effects, lock-in and proprietary de facto standards. Furthermore, privacy restraints through the operator derive from t
Speaker: dalmoz For the past 3 years I have been delivering a custom-tailored DDoS attacks for organizations that wanted to test out their DDoS defense systems. The client did give their logs after the attack so we can analyze together the impact and rewind the attack in slow-motion for us to consider a proper recommendation and not just something the vendor is expecting us to believe. Many rhetorical advice from vendors regarding defense know-how was found wrong or insufficient and many times even contributed to the EPIC FAIL of the entire defense system. During the presentation I will be bring to light 10 such cases of FAILs in hopes that future defenses will be battered and, of course, for some lolz. I have been researching DDoS attacks and mitigation techniques for the past three years and worked with industry leaders on testing their systems, providing them with cutting edge, and even never-seen-before attacks. I was amazed (actually still am) to find out that those big corporations, investing much work into their architecture of defense came to FAIL and sometimes the sole reason for a successful attack was a mitigation configuration or architecture FAIL. My research is done by utilizing smart grids of computers, mimicking vast botnets from all over the world, writing and perfecting scripted attacks and even involve social engineering attempts within those attacks (for mitigation that involve manual intervention) In the presentation there will be a showcase of 10 such FAILs, detailed technically as for a step-by-step close follow on the attack strategy and its mitigation failing, and of course – how delving into a recommended setup for a proper mitigation technique that will not inflict such a direct damage as presented.
Speaker: Caroline Sinders „Social Media Break Up Coordinator“ is a performance art piece and lecture performed by Caroline Sinders. Inspired by Facebook’s memories algorithms faux pas, such as parents being reminded of their child’s death, or of events with an ex. There’s a lot of emotion involved with social media with posts, images, and songs; all of those events have a context and that’s a context algorithms can’t understand. However, humans can. A Social Media Break Up Coordinator goes through a clients social media accounts with the client, and helps block, unfriend, untag, and help ‚mute‘ old relationships and bad memories. „Social Media Break Up Coordinator“ will be presented as lecture over my performance which is debuting at Babycastles on Nov 21st, and 22nd. I am a user researcher and UX designer at IBM Watson. I work in conversational analytics and I help design systems and software layout for chat bots. I spend a lot of time thinking about the way systems and AIs ‚think‘ about and relate to words, context of conversations, and emotions. The way our social media systems are structured, there’s a fair amount of outlining and ‚work‘ users have to do when it comes to reporting online harassment, changing privacy settings, etc. But in that same vein, there's a lot the systems do for us- from suggesting users, suggesting content, to display of content, messaging, images, and events. All of those ‚things‘ are coming from content created by users, and are treated as data. But what is the context of it all? Facebook can see if a user removes a relationship status, but there isn’t a button or an algorithm for break ups. How do you a tell a system your child died or your heart was broken? That’s where the Social Media Break Up Coordinator comes in. I will perform a series of paid events for my customers, who will also sign a legally binding. These services range from untagging the user and the ex or chosen person i
Speaker: mclien What to do if you are neither a hardware- nor a software expert and want to contribute in effords of openess neverseless? A short overview about what I have done so far, shown on 3 exaples: The Mooltipass, a offline password save. The Pandora/Pyra, a mini handheld, full Linux PC and its successor. Senoko, the Novena battery board. From "just" crowdfunding to producing, why it's worth to go through all the ups and downs and encourage others to do the same. My very subjective views to the following projects I got myself more or less involved The Mooltipass is a offline passwordstorage with 2 factor authentification, which is a open hardware development initiat around the hackaday community. Here I did simply crwodfunding, which is surely the easiest way to support open hardware. Untill it looks like the campagin is missing the goal and what you can do about it and what are good ways to set up perks. The Openpandor and its successor the Pyra are chamshell designe mini handhelds mainly aimed for (retro)gaming, but also have the power to run as full Linux desktop PC. Here I give a view from what the whole community and the maker learned, including surviving the near death of the whole project and how you should/should not tread the community. Endurance will earn awsomeness. The Senoko is the Novena Battery Board, which is easily producable, because it's open hardware, right? Why it is and is not somehow at the same time, why I started it alltogether and how to make it happen inspite of strange standardisation, customs and confusing notifications on your account statement. And my peronal dos and don'ts that derivate from this expierence.
Speakers: DeanSysman, Gadi Evron, Itamar Sher We will detect, bypass, and abuse honeypot technologies and solutions, turning them against the defender. We will also release a global map of honeypot deployments, honeypot detection vulnerabilities, and supporting code. The concept of a honeypot is strong, but the way honeypots are implemented is inherently weak, enabling an attacker to easily detect and bypass them, as well as make use of them for his own purposes. Our methods are analyzing the network protocol completeness and operating system software implementation completeness, and vulnerable code. As a case study, we will concentrate on platforms deployed in real organizational networks, mapping them globally, and demonstrating how it is possible to both bypass and use these honeypots to the attacker's advantage.
Speakers: Salton Arthur Massally, Harold Valentine Mac-Saidu, Francis Banguara, Emerson In the dark days of October 2014 an unprecedented Ebola epidemic wrecked havoc across Sierra Leone, Liberia and Guinea. In Sierra Leone, the health system was only weeks away from total collapse due to an inability to manage or pay health workers across the country and the world braced for the unchecked spread of the disease throughout west Africa. In the face of apocalyptic scenario, a company made up of local hackers took on the unprecedented challenge of building, implementing and running a huge Management Information System and Mobile payments system to keep the health system from collapsing. This talk will show how this was achieved with Open Source Software, second hand laptops, hacked voter registration machines, second hand smartphones and some very smart and determined young people used to achieving great things with none of the resources we take for granted. We salute them.
Speaker: Mathias Dalheimer Der steigende Anteil der Erneuerbaren Energien an der Stromerzeugung und der zunehmende Handel mit Strom erhöht die Belastung der Stromnetze. Welche Auswirkungen hat das auf die Netzstabilität? Wann kommen die Stromnetze an ihre Leistungsgrenze? Wie kann ein gezielter Angriff auf das Europäische Verbundnetz aussehen? Was müsste man tun, um einen Blackout zu verursachen? Und: Wie können wir unsere Stromnetze umbauen, damit das nicht passiert? Gegenwärtig wird die (N-1)-Sicherheit als Kriterium für die Netzstabilitätsplanung herangezogen: Fällt ein beliebiges Betriebsmittel aus, so muss das Stromnetz weiterhin funktionsfähig bleiben. Dieses Kriterium setzt jedoch voraus, dass Betriebsmittel immer unabhängig voneinander ausfallen. Durch den Stromhandel, aber auch durch die vermehrte Einbindung regelbarer Lasten gibt es in Zukunft externe Ereignisse, welche die Ausfallwahrscheinlichkeiten mehrerer Betriebsmittel gleichzeitig beeinflussen. Dies kann vermehrt sowohl zu großflächigen (d. h. Bundesland aufwärts) als auch zu kleineren Ausfällen führen. Die Netzfrequenzmessdaten der Schnellabschaltung des Kernkraftwerks Gundremmingen liefert die Grundlage für ein Modell, mit dem das notwendige Lastungleichgewicht zur Destabilisierung des Verbundstromnetzes abgeschätzt werden kann. Der Vortrag diskutiert verschiedene Szenarien, wie eine solche Lastschwankung verursacht werden könnten: durch gezielte Smart-Meter-Manipulation? Durch Fehler in Stromleitungen oder Umspannwerken? Durch den Angriff von Großkraftwerken? Oder durch Marktmanipulationen an der Strombörse? Auch im kleinen Maßstab kann natürlich die Stromversorgung ausfallen: zum Beispiel bei einem kleinen Stadtnetzbetreiber. Eine Statistik der Bundesnetzagentur über Netzausfälle in Deutschland wird ausgewertet, um z. B. den Einfluß der Energiewende auf die Zuverlässigkeit der Stromversorgung zu bewerten. Der Realitätsgehalt der offiziellen Daten muss jedo
Speaker: Michelle Proksell Since my move to China in 2012 I have actively engaged in the local art scenes of Beijing and Shanghai, focusing on collaborating with artists interested in technology and the internet. My own personal independent research of the Chinese internet and the popular Chinese social app, WeChat 微信, has contributed to an ongoing massive archive I began in 2014 called The Chinternet Archive. To date, I have over 15,000 pieces of content (and growing) documenting localized trends, memes, vernacular photography, online personas, .gif animations, videos, selfies, propaganda, retail, family/work life, and other such digital artifacts of online Chinese culture. This archive directly influenced my artistic and curatorial practice, resulting in an online art collection called Netize.net, or its Chinese name of 网友网 [wǎngyǒuwǎng] “Internet Friend Network”, which collaborates with emerging Chinese and international artists who are exploring or deconstructing East/West dichotomies, engaging in Sino-centric Web aesthetics, or investigating the East online. The goal of this talk is to explore through my Chinternet Archive and Netize.net collections, forms of creativity found in China in relationship to it’s early internet history, interactions with technology, localized networks and restrictions. Michelle Lee Proksell 媚潇 (b. 1985, Dhahran, Saudi Arabia) was born a Third Culture Kid (TCK) to ex-patriate American parents and experienced extreme forms of censorship and governmental monitoring in Saudi Arabia during her formative years. This influenced and shaped her interest and direction in exploring transcultural experiences online in relationship to localized access and dissemination of information, via forms of censorship or self-censorship. Her childhood exploring Asia and years working in new media and internet-related galleries and projects led to her eventual fascination with the unique history of the Chinese Internet. Since 2
Speaker: Whitney Merrill Yearly, the world is inundated with news about government data collection programs. In addition to these programs, governments collect data from third party sources to gather information about individuals. This data in conjunction with machine learning aids governments in determining where crime will be committed and who has committed a crime. Could this data serve as a method by which governments predict whether or not the individual will commit a crime? This talk will examine the use of big data in the context of predictive policing. Specifically, how does the data collected inform suspicion about a particular individual? In the context of U.S. law, can big data alone establish reasonable suspicion or should it just factor into the totality of the circumstances? How do we mitigate the biases that might exist in large data sets? This talk will examine the current big data programs utilized by governments and police departments around the world and discuss how they factor into individualized suspicion of persons. Can big data sets with the proper algorithm effectively predict who will commit a crime? What are the appropriate margins of error (if any at all)? I will discuss the use of algorithms on big data sets to predict both where crime will occur and who might commit it. Additionally, I will discuss the types of data that exists in these databases and compare several different ways in which computer algorithms are used on big data sets to predict something about a particular individual. Should predictive policing algorithms more closely resemble those used to predict disease from DNA samples or those used in the clearance process? Should they be used at all?
Speakers: Matthew Stender, Jillian C. York Technology companies now hold an unprecedented ability to shape the world around us by limiting our ability to access certain content and by crafting proprietary algorithm that bring us our daily streams of content. The great waves of change across the epochs have traditionally required a recalibration of society's moral compass. We see the theological and ideological underpinnings of the post-Enlightenment paradigm set out by the Protestant Reformation and the US Civil Rights Movement, we have come to see self determination as a bedrock of civilization. The reach of social media companies has created a class of corporations that are able to influence – if not curate – the world outlook of over a billion people on certain days. This unprecedented capacity gives Facebook power to shape discourse approaching the degree of religious institutions and the state – two of the traditional institutions that we have long relied on for shaping our society-wide morality and values. By compelling users to comply with the arbitrary content standards laid out in their ToS, Facebook is essentially laying out a new global standard for what people can and can not see. This standard, however, is not derived from the same moralistic traditions of previous moral paradigms, but is a calculated business decision crafted in the boardrooms of Silicon Valley. Risk averse, Facebook has created a global content standard that is in place not to contextualize the world for their users, but to meet perceived expectations of acceptable speech in a diverse range of nations. Our project, OnlineCensorship.org, seeks to capture instances of censorship across social media platforms. We will present OnlineCensorship.org and demonstrate how you can help us push companies toward a more open practice.
Speaker: ruedi Nachdem viele Jahre vor den Angriffen auf die Wahlfreiheit von Windows-Nutzern gewarnt wurde, schalte Microsoft mit Windows 10 das Botnetz scharf. Botnetze sind gemäß einer gängigen Definition Computernetze, bei denen ein Angreifer von außen beliebigen Code ausführen kann. Und genau dies kann man aus den aktuellen Microsoft-Lizenzen unschwer herauslesen. Noch gruseliger gestaltet sich die digitale Selbstaufgabe bei der Lektüre der Beta-Test-Bedingungen. Aber vielleicht ist die ganze Sache auch gar nicht so schlimm, sondern viel schlimmer. Auch Intel hat sich weiter unten mit ME einen verschlüsselten Zugang gesichert, für das Betriebssystem und dort laufenden Virenscanner unsichtbar. Aber das gilt ja beunruhigenderweise auch für die bereits gesichteten Angriffsprogramme im UEFI-Bereich. In einem derartigen Sicherheitsumfeld unter dem Stichwort „Industrie 4.0“ Dienste, die für das friedliche gesellschaftliche Zusammenleben relevant sind, Angriffen aus dem Netz auszusetzen, kann nicht als akzeptable Herangehensweise charakterisiert werden.
Speaker: Matthias Koch Wie lassen sich Konstantenfaltung und ein Registerallokator für einen Forth-Compiler implementieren, der in einem Mikrocontroller läuft ? Wer gern mit Elektronik und Mikrocontrollern bastelt, kennt sicherlich die aufwändige Fehlersuche mit vielen kleinen Testprogrammen. Doch es ist auch möglich, einen Forth-Compiler direkt im Microcontroller zu installieren, mit dem über ein Terminal kommuniziert werden kann und welcher es erlaubt, "von innen heraus" auf die Hardware zuzugreifen sowie jede neu geschriebene Routine sofort von Hand auszuprobieren. Forth ist ein alter Hut - wer jetzt jedoch an langsam denkt, mag überrascht sein: Ein optimierender Forth-Compiler mit Konstantenfaltung und Registerallokator passt mit 20 kb Größe sogar in den LPC1114FN28 ! Wie die Optimierungen "an Bord" funktionieren, soll in diesem Vortrag erläutert werden. Assemblerkenntnisse für MSP430 und ARM Cortex M sind von Vorteil. Wer Forth genauer kennenlernen möchte, kann gern auch zur Assembly der Forth-Gesellschaft kommen.
Speakers: Ron, frank Was hat sich im letzten Jahr im Bereich IT-Sicherheit getan? Welche neuen Entwicklungen haben sich ergeben? Welche neuen Buzzwords und Trends waren zu sehen? Wie immer wagen wir den IT-Security-Alptraum-Ausblick auf das Jahr 2016 und darüber hinaus. Denn was wir wirklich wissen wollen, ist ja schließlich: Was kriecht, krabbelt und fliegt in Zukunft auf uns zu und in unseren digitalen Implants herum? Im Zuge von noch mehr Transparenz, Kritik & Selbstkritik und kontinuierlicher nachhaltiger Optimierung aller Prozesse werden wir außerdem frühere Voraussagen hinsichtlich des Eintreffens unserer Weissagungen prüfen.
Speaker: M. C. McGrath Governments post reports and data about their operations. Journalists publish documents from whistleblowers. But there is a third type of open data that is often overlooked- the information people and companies post about themselves. People need jobs. Companies need to hire people. Secret prisons do not build themselves. By making it feasible for anyone to collect public data online in bulk and exploring ways to effectively use this data for concrete objectives, we can build an independent, distributed system of accountability. Intelligence analysts regularly use Open Source Intelligence (OSINT) in their work. With ICWatch, we showed that it's possible to use open data online to watch the intelligence community too. Now, Transparency Toolkit has built free software anyone can use to collect OSINT without coding. This talk discusses techniques for collecting OSINT on surveillance and human rights issues. It also explores pathways for using this data in journalism, litigation, and policy change.
Speaker: Felix Fietkau A review/rant about the progress that free software wireless drivers (especially on Linux) have made over the recent years, as well as the current challenges that driver developers (and users) are facing. Many users of free software have realized that 802.11 wireless chipsets can be used in more ways than simply making their laptop connect to their home AP or hotspot. Many people are replacing their router firmware with OpenWrt to have a better AP with free software drivers. Mesh network communities like Freifunk are building decentralized network infrastructure, which is also used to provide internet access to refugees in Germany. There are countless other examples of useful and innovative projects that are enabled by having free software wireless drivers. However, the sad reality is that the hardware choices for these kinds of innovative projects are very limited, not because of limitations in the actual hardware, but because of the lack of datasheets, information, reference source code, developer time, etc. In this talk, I will show how we got the state of Linux wireless support to the point where it is now, and I will rant viciously about what's holding us back. I have been working on wireless drivers for a few years now, and as a contractor for chipset manufacturers, I was given a glimpse into the maze of insanities that is holding back progress significantly. But no matter how much bureaucracy, lame excuses, NDA crap and other weird things vendors (and now also the FCC) throw at us, there is still hope for a better future...
Speaker: Leon The traditional review event with presentations from various teams at congress. Learn how the 32C3 got Internet, video streaming, power and maybe more!
Speakers: Carina Haupt, Linus Neumann
Speakers: Takt , Barbarossa , ThomasDOTwtf Lars The Backbone team from AS201701 (Freifunk Rheinland e.V.) gives an update about peering, future planning for 2016 and a summary about things going on in 2015.
Speakers: anna, elisa
Speaker: Cian Westmoreland As they say in the Air Force, ‚No comms no bombs‘, – A technician’s insight into the invisible networks governing military drones and the quest for accountability Cian has spent a great deal of time thinking about the issues of responsibility in, and how communications technology has been used to distance people from the act of killing. Rising superpowers around the world are working day and night to build the next stealth drone that can penetrate air defense systems. The automation of target selection processes, navigation and control are incentivized by the vulnerability posed by the signals drones rely upon to operate. A drone is merely a networked platform that moves across a grid, much like a mouse. It’s „mind“ is distributed among dozens of individuals located around the globe, controlling separate parts of the the overall mission using data derived from surveillance, and processed using algorithms that may or may not reflect the reality on the ground. Cian challenges the common notion that drones are the most effective tool for combatting terrorism and seeks to explain why this is so, as well as how mistakes happen. The automation of these processes will further take the responsibility out of the hands of individuals and disperse them further. This calls for a new level of ethical considerations and accountability mechanisms to be developed.
Speaker: Daniel Estévez Outernet is a company whose goal is to ease worldwide access to internet contents by broadcasting files through geostationary satellites. Most of the software used for Outernet is open source, but the key parts of their receiver are closed source and the protocols and specifications of the signal used are secret. I have been able to reverse engineer most of the protocols, and a functional open source receiver is now available. Outernet is a company whose goal is to ease worldwide access to internet contents by broadcasting files through geostationary satellites. Currently, they broadcast an L-band signal from 3 Inmarsat satellites, giving them almost worldwide coverage. The bitrate of the signal is 2kbps (or 20MB of content per day), and they use the signal to broadcast Wikipedia pages, weather information and other information of public interest. Most of the software used for Outernet is open source, but the key parts of their receiver are closed source and the protocols and specifications of the signal used are secret. I think this is contrary to the goal of providing free worldwide access to internet contents. Therefore, I have worked to reverse engineer the protocols and build an open source receiver. I have been able to reverse engineer most of the protocols, and a functional open source receiver is now available. In this talk, I'll explain which modulation, coding and framing is used for the Outernet L-band signal, what are the ad-hoc network and transport layer used, how the file broadcasting system works, and some of the tools and techniques I have used to do reverse engineering.
Speakers: Clémentine Maurice, Moritz Lipp Hardware is often considered as an abstract layer that behaves correctly, just executing instructions and outputting a result. However, the internal state of the hardware leaks information about the programs that are executing. In this talk, we focus on how to extract information from the execution of simple x86 instructions that do not require any privileges. Beyond classical cache-based side-channel attacks, we demonstrate how to perform cache attacks without a single memory access, as well as how to bypass kernel ASLR. This talk does not require any knowledge about assembly. We promise. When hunting for bugs, the focus is mostly on the software layer. On the other hand, hardware is often considered as an abstract layer that behaves correctly, just executing instructions and outputing a result. However, the internal state of the hardware leaks information about the programs that are running. Unlike software bugs, these bugs are not easy to patch on current hardware, and manufacturers are also reluctant to fix them in future generations, as they are tightly tied with performance optimizations. In this talk, we focus on how to extract information from the execution of simple x86 instructions that do not require any privileges. The most studied microarchitectural attacks are beyond doubt cache attacks. Indeed, the timing of a memory access depends heavily on the state of the CPU cache. But beyond memory accesses that are the base of classical cache-based side-channel attacks, other x86 instructions leak information about the internal state of the hardware, and thus about running programs. First, we present side channels caused by the "clflush" instruction, that flushes all content of the cache. We will explain how it can be used to perform side-channel attacks that are faster and stealthier than their classical counterpart, without performing so much as a single memory access [1]. Second, we present side channels ca
Speaker: Martin Schmiedecker Certificate transparency - what is it, and what can be done with it? Certificate Transparency is the new kid on the block of TLS. Specified as RFC6962 it is designed to prevent fraudulently issued TLS certificates, and detect wrongdoing from Certificate Authorities. This talk will present Certificate Transparency in full details. Beginning from the attacks it prevents, key players and threat models, we will dive into the public data that is readily available and present ideas how to enhance its ecosystem as a whole.
Speaker: Kurt Opsahl Both strong end-to-end communications encryption and device encryption are legal in most jurisdictions today, and remain widely available. Yet software programmers and hardware producers are increasingly under pressure from law enforcement and policy makers around the world to include so-called backdoors in encryption products. In this lecture, I will provide the state of the law as we moving into 2017, detailing what happened in the fight between Apple and the FBI in San Bernardino and the current proposals to weaken or ban encryption, covering proposed and recently enacted laws. I will also discuss the extra-legal pressures placed upon companies, and the rise of government hacking and state-sponsored malware as an alternative or addition to weakening software. Finally, the presentation will discuss possible realistic outcomes, and give my predictions on what the state of the law will be as we head into 2017, and discuss how we can fight for a future that will allow for secure communications for everyone. The discussion will include: - The law and policy issues in the FBI v. Apple iPhone case, - The FBI’s purchase of 0day access to the iPhone 5c, and Apple’s technical response, - The rise in use of government malware to access encrypted device - Proposed and enacted crypto laws in the United States, Australia, India, Russia, and the UK, - Legal pressures on companies, like Brazil’s arrest of Facebook executives to pressure WhatsApp, - Q&A with the audience.
Speaker: Chris Gerlinsky Follow the steps taken to crack a conditional access and scrambling system used in millions of TV set-top-boxes across North America. From circuit board to chemical decapsulation, optical ROM extraction, glitching, and reverse engineering custom hardware cryptographic features. This talk describes the techniques used to breach the security of satellite and cable TV systems that have remained secure after 15+ years in use. Analysis of, and low-cost attack techniques against, a conditional access and scrambling system used in tens of millions of TV set-top-boxes in North America. A case study of the low-cost techniques used by an individual hacker to successfully crack a major pay TV system. Topics include: chemical decapsulation and delayering of ICs in acids, microphotography and optical bit extraction of ROM, binary analysis using IDA and homebrew CPU simulators, datalogging and injection of SPI and serial TS data, designing and using a voltage glitcher, extracting secret keys from RAM of a battery-backed IC, analyzing hardware-based crypto customizations, studying undocumented hardware peripherals, MPEG transport streams and non-DVB-standards, QPSK demodulation, interleaving, randomization, FEC of OOB (out-of-band) cable data. The result is knowledge of the transport stream scrambling modes and knowledge of the conditional access system used to deliver keys. Strong and weak points are identified, advanced security features implemented nearly 20 years ago are compared to modern security designs. A softcam is designed and tested using free software, working for cable and satellite TV.
Speakers: Alexander Chemeris, Sergey Kostanbaev Software Defined Radios (SDRs) became a mainstream tool for wireless engineers and security researches and there are plenty of them available on the market. Most if not all SDRs in the affordable price range are using USB2/USB3 as a transport, because of implementation simplicity. While being so popular, USB has limited bandwidth, high latency and is not really suitable for embedded applications. PCIe/miniPCIe is the only widespread bus which is embedded friendly, low latency and high bandwidth at the same time. But implementing PCIe/miniPCIe is not for the faint of heart - you have to write your own FPGA code, write your own Linux kernel driver and ensure compatibility with different chipsets, each with its own quirks. In this talk we will look at the requirements for a high performance SDR like XTRX, how this leads to certain design decisions and share pitfalls and gotchas we encountered (and solved). We've been working with SDRs since 2008 and building own SDRs since 2011, focusing on embedded systems and mobile base stations. We created ClockTamer configurable clock source and UmTRX SDR and built a complete base station (UmSITE) to run OpenBTS and later Osmocom GSM stacks. This year we've started working on a new tiny high-performance SDR called XTRX which fits into the miniPCIe form-factor and using PCIe for the I/Q samples transfer. We will talk about when to use PCIe and when not to use PCIe and why did we choose it for XTRX; FPGA implementation of PCIe with optimization for low latency and high throughput; Linux kernel driver for this PCIe device; integration with various SDR platforms; all the various issues we encountered and how you can avoid them.
Speaker: Yannay Livneh PHP-7 is a new version of the most prevalent server-side language in use today. Like previous version, this version is also vulnerable to memory corruptions. However, the language has gone through extensive changes and none of previous exploitation techniques are relevant. In this talk, we explore the new memory internals of the language from exploiters and vulnerability researchers point of view. We will explain newly found vulnerabilities in the 'unserialize' mechanism of the language and present re-usable primitives for remote exploitation of these vulnerabilities. PHP is the most prominent web server-side language used today. Although secure coding practices are used when developing in PHP, they can’t mitigate vulnerabilities in the language itself. Since PHP is written in C, it is exposed to vulnerabilities found in projects written in a low-level language, such as memory-corruption vulnerabilities, which are common when manipulating data formats. PHP-7 is a new implementation of the language, and while memory corruption bugs exist in this version as well, none of the exploitation primitives from the previous version are working (e.g. @i0n1c presentation from BH2010). In this talk, I will discuss the memory internals of PHP7 from exploiter and vulnerability researcher's perspective, explain newly found vulnerabilities in the unserialize mechanism and demonstrate how to exploit this class of bugs in PHP-7 presenting re-usable primitives. The internals of the language implementation changed quite dramatically, and now it’s harder to find and exploit memory corruption bugs. The new zval system prefers embedding over pointing to members and the allocation mechanism has gone through a complete re-write, removing metadata. The overall result is less primitives and less control over crafted data. unserialize is a data manipulation and object instantiation mechanism in PHP which is prone to memory corruption vulnerabilities. For
Speaker: Trammell Hudson Heads is an open source custom firmware and OS configuration for laptops and servers that aims to provide slightly better physical security and protection for data on the system. Unlike Tails, which aims to be a stateless OS that leaves no trace on the computer of its presence, Heads is intended for the case where you need to store data and state on the computer. It targets specific models of commodity hardware and takes advantage of lessons learned from several years of vulnerability research. This talk provides a high level overview of Heads, a demo of installing it on a Thinkpad and a tour of some of the attacks that it protects against. Heads builds on several years of firmware security research focused on firmware vulnerabilities ("Thunderstrike: EFI bootkits for Apple Macbooks" and "Thunderstrike 2") as well as many other CCC talks ("Hardening hardware and choosing a #goodBIOS", "Beyond anti evil maid", "Towards (reasonably) trustworthy x86 laptops", etc.) and combines these ideas into a single system. It is not just another Linux distribution - it combines physical hardening and flash security features with custom Coreboot firmware and a Linux boot loader in ROM. This moves the root of trust into the write-protected ROM and prevents further modifications to the bootup code. Controlling the first instruction the CPU executes allows Heads to measure every step of the boot process into the TPM, which makes it possible to attest to the user or a remote system that the firmware has not been tampered with. While modern Intel CPUs require binary blobs to boot, these non-Free components are included in the measurements and are at least guaranteed to be unchanging. Once the system is in a known good state, the TPM is used as a hardware key storage to decrypt the drive. Additionally, the hypervisor, kernel and initrd images are signed by keys controlled by the user, and the OS uses a signed, immutable root filesystem so that any sof
Speaker: Sebastian Schinzel We present DROWN, a novel cross-protocol attack on TLS that uses a server supporting SSLv2 as an oracle to decrypt modern TLS connections. Using Internet-wide scans, we find that 33% of all HTTPS servers are vulnerable to this protocol-level attack. We present DROWN, a novel cross-protocol attack on TLS that uses a server supporting SSLv2 as an oracle to decrypt modern TLS connections. We introduce two versions of the attack. The more general form exploits multiple unnoticed protocol flaws in SSLv2 to develop a new and stronger variant of the Bleichenbacher RSA padding-oracle attack. The victim client never initiates SSLv2 connections. We implemented the attack and can decrypt a TLS 1.2 handshake using 2048-bit RSA in under 8 hours, at a cost of $440 on Amazon EC2. Using Internet-wide scans, we find that 33% of all HTTPS servers and 22% of those with browser-trusted certificates are vulnerable to this protocol-level attack due to widespread key and certificate reuse. For an even cheaper attack, we apply our new techniques together with a newly discovered vulnerability in OpenSSL that was present in releases from 1998 to early 2015. Given an unpatched SSLv2 server to use as an oracle, we can decrypt a TLS ciphertext in one minute on a single CPU—fast enough to enable man-in-the-middle attacks against modern browsers. We find that 26% of HTTPS servers are vulnerable to this attack. This talk gives an overview on the DROWN vulnerability for the hacker community with some background information that didn’t make it to the paper.
Speaker: benni, Dorina Die Lebenswelt von Kindern und Jugendlichen sowie die der Schulen könnte in Bezug auf die Digitalisierung kaum gegensätzlicher sein: Schülerinnen und Schüler leben und entfalten sich begeistert in der digitalen Welt, aber die Schule ist kaum in der Lage, Schülern ihre drängenden Fragen rund um die komplexe digitale Welt zu beantworten. In unserem Talk möchten wir anhand unserer Erfahrungen aus dem Projekt "Chaos macht Schule" u.a. diskutieren, wie man die heranwachsende Generation u. a. für Themen wie Datenschutz und Überwachung sensibilisieren und gleichzeitig Technikbegeisterung bei jungen Menschen fördern kann. Die Lebenswelt von Kindern und Jugendlichen sowie die der Schulen könnte in Bezug auf die Digitalisierung kaum gegensätzlicher sein. Schülerinnen und Schüler leben und entfalten sich begeistert in der digitalen Welt, während am Großteil der Schulen weder die Technik vorhanden ist noch die Lehrkräften dafür ausgebildet wurden bzw. die Lehrpläne genügend Raum lassen, Schülern ihre drängenden Fragen rund um die komplexe digitale Welt zu beantworten. Als Bundesbildungsministerin Johanna Wanka im Oktober ihren Plan äußerte, 2017 fünf Milliarden Euro für die digitale Ausstattung an Schulen bereitstellen zu wollen, folgte direkt laute Kritik vom Präsidenten des Lehrerverbandes Josef Kraus. Vor diesem Hintergrund verwundert es kaum, wenn Frank Rieger und Rop Gonggrijp vor elf Jahren in ihrem vielbeachteten Talk "We lost the war“ beklagten, dass es uns nicht gelungen sei, unsere Themen in der Gesellschaft zu verankern. Auch heute noch gibt es nur vereinzelte Ansätze, Jugendliche an Themen der Medienkompetenz, Technikgestaltung und gesellschaftlichen Relevanz heranzuführen. Im Rahmen des Projektes "Chaos macht Schule" besuchen Mitglieder des CCCs seit mittlerweile ca. 10 Jahren Bildungseinrichtungen für Workshops zu technischen Themen (z.B. Programmierung, Löten etc.) als auch zu gesellschaftlichen
Speaker: Mathy Vanhoef Mathy Vanhoef is a postdoctoral researcher at KU Leuven (Belgium). He finished his PhD on the security of WPA-TKIP, TLS, and RC4, in July 2016. His research interest is in computer security with a focus on wireless security (Wi-Fi), network protocols in general, the RC4 stream cipher, and software security (discovering and exploiting vulnerabilities). Currently he is researching how to automatically detect logical flaws in network protocol implementations. Mathy Vanhoef is a postdoctoral researcher at KU Leuven, where he performs research on streamciphers, discovered a new attack on RC4 that made it possible to exploit RC4 as used in TLS in practice (the RC4 NOMORE attack), and found the HEIST attack against TLS. He also focuses on wireless security, where he turns commodity wifi cards into state-of-the art jammers, defeats MAC address randomization, and breaks protocols like WPA-TKIP. He also did research on information flow security to assure cookies don't fall in the hands of malicious individuals. Currently he is researching how to automatically fuzz network protocols, and detect *logical* flaws in implementations (e.g. downgrade attacks). Apart from research, he also knows a thing or two about low-level security, reverse engineering, and binary exploitation. He regularly participates in CTFs with KU Leuven's Hacknamstyle CTF team.
Speaker: Joseph Cox In early 2015, the Federal Bureau of Investigation hacked computers in Austria, Denmark, Chile, Colombia, Greece, and likely the United Kingdom and Turkey too. In all, the agency used a Tor Browser exploit to target over 4000 computers spread across the world based on a single, arguably illegal warrant. But this is only one case in the growing trend of law enforcement agencies reaching outside of their own country and hacking criminals suspects abroad, bringing up urgent questions of legality, jurisdiction, and proportionately in the digital age. For the past year, I have investigated law enforcement’s international use of hacking tools. As well as finding which countries the FBI remotely searched computers in, I uncovered another operation led by a local Australian police department, which targeted individuals in the United States – clearly outside of the agency’s jurisdiction. Because many criminals suspects have moved onto the so-called dark web, law enforcement have no idea where the computers they are hacking are actually located. This worrying shoot-malware-ask-questions later approach has seen only minimal attention from policy makers and legal experts, and is likely to become more widespread.
Speaker: RA Ulrich Kerner Polizeibehörden und Geheimdienste sammeln Daten der Bürger – mehr als je zuvor. Der Bestand an unterschiedlichen Datenbanken ist enorm gewachsen und geradezu unübersichtlich geworden. Aufgrund datenschutzrechtlicher Regelungen gibt es für etliche dieser Datenbanken einen gesetzlichen Auskunftsanspruch des Bürgers. Gesetzlich geregelt sind auch die Fristen für die Löschung dieser Daten. Die Praxis zeigt aber, dass die Daten häufig erst gelöscht werden, wenn der betroffene Bürger eine Datenauskunft beantragt – Grund genug also, um dies massenhaft zu tun. Der Tonfall bei der Verkehrskontrolle ist zunächst freundlich. Nachdem aber die Personalien über das Polizeisystem überprüft wurden, sind die vorher freundlichen Beamten plötzlich ganz schön ruppig, der Kofferraum wird durchsucht, die Kontrolle dauert ohne erkennbaren Grund noch eine ganze Weile länger. Da muss es wohl noch eine alte Eintragung im Polizeicomputer geben, Widerstand gegen Vollstreckungsbeamte, Drogendelikte oder einfach den Personenbezogenen Hinweis (PHW) Straftäter linksmotiviert? Wer würde da nicht gerne wissen, was die Polizei und andere Behörden über ihn gespeichert haben? Das kann man wissen – mit einem Antrag auf Auskunft über die im POLIKS, POLAS, INPOL, Schengener Informationsystem (SIS) oder Mehrländer-Staatsanwaltschafts-Automation (MESTA) – um nur einige Datenbanken zu nennen – gespeicherten Daten. Hierzu braucht man jedoch einen Überblick, welche Behörde welche Daten erhebt, wo und wie die Anfrage gestellt werden muss und welche Besonderheiten es dabei jeweils zu beachten gilt. Da die Behörden genug personelle Kapazitäten einsetzen, um zu speichern, nicht aber, um nach Ablauf der Speicherfrist die gesetzlichen Löschungsvorschriften einzuhalten, wird häufig eine Löschung erst vorgenommen, wenn ein Antrag auf Datenauskunft gestellt wird. Der mündige Bürger sollte daher die über ihn gespeicherten Daten in den un
Speaker: Ulf Treger What are the politics and aesthetics of mapping? An introduction how cartography shapes cities and landscapes, creates borders and determines the perception of our environment. How an evolving mix of high-resolution satellite imagery, algorithm-based mappings and the huge amount of data of digitized cities will enhance these effects? And in contrast, how can maps be designed, that question the “objectivity” and “correctness” of conventional cartography? While digital communication gets ubiquitous, maps play an important role in the formation and mediation of physical space. A view back to earlier stages of development from the Da Vinci maps in the 15th century, the world-exploring and world-conquering by cartographic techniques in the area of colonialism in the late 19th, the emergence of photorealistic mapping (aerial and satellite photography) in the 20th century will provide some ideas of the power of maps and its impacts on society. With the Aspen Movie Map and its widespread successor Google Street View there is a decisive change of perspective going on (from bird‘s eye view to street level) that will lead to new, more intense forms of immersion by the use of maps. Maps shapeshift into navigational screens, we are using digital maps while our devices map our movements in the same time. With a view ahead, I‘ll try to find out which mapping algorithms are developed, which kind of images latest satellites with high-resolution 3D capabilities will create and what maps the researchers of Silicon Valley and the automotive industry want to fabricate – and thus new aesthetics and politics of mappings. In contrast to this I will follow the question how other views can be created by antagonistic maps, that question the brutal “objectivity” and shiny “correctness” of computer-generated maps and that tell different stories from the perspective of the inhabitants living in those mapped cities and landscapes.
Speaker: ctrapp The NibbleTronic is a MIDI wind controller that features a novel user interface resulting in a unique tonal range. The standard configuration allows to precisely play a bit more than four full octaves including semitones with only one hand. In my talk I want to describe the individual stages of development from a barely usable electronic recorder to a useful and unique instrument that could come as a kit. The interface that puts four octaves at the fingertips of a single hand will be the second core topic.
Speaker: Vincent Haupert FinTechs increasingly cut the ground from under long-established banks’ feet. With a "Mobile First" strategy, many set their sights on bringing all financial tasks—checking the account balance, making transactions, arranging investments, and ordering an overdraft—on your smartphone. In a business area that was once entirely committed to security, Fintechs make a hip design and outstanding user experience their one and only priority. Even though this strategy is rewarded by rapidly increasing customer numbers, it also reveals a flawed understanding of security. With the example of the pan-European banking startup N26 (formerly Number26), we succeeded independently from the used device to leak customer data, manipulate transactions, and to entirely take over accounts to ultimately issue arbitrary transactions—even without credit. Over the last few years, smartphones have become an omnipresent device that almost everybody owns and carries around all the time. Although financial institutions usually react conservatively to new technologies and trends, most established banks today offer their customers banking apps and app-based second-factor authentication methods. Fintechs, technology startups in the financial sector, pressure the tried and trusted structure of established banks, as they highlight the customer’s smartphone as the hub of their financial life. This business model is especially appealing to younger customers. FinTechs, however, also play an important role in the advancing downfall of important conceptual security measures. While the latter can be understood as the next step in the decay process of second-factor authentication, which was started with the introduction of app-based legitimization methods, FinTechs also reveal limited insights into conceptual and technical security. We have encountered severe vulnerabilities at the Berlin-based FinTech N26, which offers their smartphone-only bank account to many countrie
Speaker: Aylin Caliskan Artificial intelligence and machine learning are in a period of astounding growth. However, there are concerns that these technologies may be used, either with or without intention, to perpetuate the prejudice and unfairness that unfortunately characterizes many human institutions. We show for the first time that human-like semantic biases result from the application of standard machine learning to ordinary language—the same sort of language humans are exposed to every day. We replicate a spectrum of standard human biases as exposed by the Implicit Association Test and other well-known psychological studies. We replicate these using a widely used, purely statistical machine-learning model—namely, the GloVe word embedding—trained on a corpus of text from the Web. Our results indicate that language itself contains recoverable and accurate imprints of our historic biases, whether these are morally neutral as towards insects or flowers, problematic as towards race or gender, or even simply veridical, reflecting the status quo for the distribution of gender with respect to careers or first names. These regularities are captured by machine learning along with the rest of semantics. In addition to our empirical findings concerning language, we also contribute new methods for evaluating bias in text, the Word Embedding Association Test (WEAT) and the Word Embedding Factual Association Test (WEFAT). Our results have implications not only for AI and machine learning, but also for the fields of psychology, sociology, and human ethics, since they raise the possibility that mere exposure to everyday language can account for the biases we replicate here. There is no Alice and Bob in this talk. This talk is intended for an audience that genuinely cares for humanity and believes in equality while supporting fairness and acts against discrimination. This talk might not be interesting for folks who promote exclusion while discouraging diversity. Many
Speakers: Beata Hubrig, erdgeist Im Spannungsfeld zwischen der Vorderfront der Computertechnik und einem Spezialbereich des Urheberrechts hat sich eine Industrie eine Nische geschaffen, in der sie durch Hochspezialisierung und Automatisierung ein einträgliches Geschäft aufgezogen haben. Dabei nehmen sie als Kollateralschaden in Kauf, dass Unschuldige durch die Drohkulisse zum Zahlen bewegt und zum Schließen ihres offenen Netzwerks gebracht werden. Wir beschreiben, was man dagegen tun kann und was wir dagegen schon getan haben. Probleme: • Die Abmahnungen sind fein austariert, um das Kostenrisiko für eigene Auslagen für fast jeden Schritt beim Abgemahnten zu belassen. • Die Anschreiben sind technisch und juristisch komplex und der einzig “überschaubare” Pfad ist der Überweisungsträger, zudem ist die Frist auf Einschüchterung angelegt. • Die Abmahner können beliebig bis kurz vor Verjährung warten, um den Fall am Leben zu halten, es gibt bis zur Feststellung keine Sicherheit. • Die Abmahner können sich auf bewährte Textbausteine, fachlich überforderte Richter und (bis zuletzt) den fliegenden Gerichtsstand mit dem Anliegen wohl gesonnenen Richtern stützen. • Dazu kommt verunsichernde Rechtssprechung beim BGH, was Störerhaftung betrifft. • Die Abmahner können sich darauf verlassen, dass eine Solidarität unter den Abgemahnten faktisch nicht besteht und Fälle mit Aussicht auf ungünstige Präzedenzen noch außergerichtlich beilegen. Quasi kein normaler Abgemahnter hat Lust, das Verfahren durch eine negative Feststellungsklage abschließend zu klären. • Aber erst durch das Risiko, die Auslagen für eine große Zahl von Fällen selber tragen zu müssen, in denen sich die Abgemahnten mit potentiell kostspieligen Strategien wehren, kann dem industriell betriebenen Abmahnen Grenzen aufzeigen. • Problem ist dabei, dass bei einer Abmahnung grundsätzlich “jeder trägt seins” gilt, was für den normal nicht Rechtsschut
Speaker: Nika Dubrovsky I would like to present my project called Anthropology for kids and a specific book, that I am working on in the larger framework of this project. This book will look like an ordinary school notebook in which a teacher checks a student if the lesson had been learnt. But it is actually not! I gathered this collection of historical and anthropological notes, so that together with school kids we can think about how the very idea of privacy was developed in different countries and in different historical epochs. In ancient Babylon wealthy women were allowed to cover their faces and their bodies, but the poor ones were not. In the Soviet Union during Stalin times it was dangerous to tell a political joke even in the group of close friends. One of them may report a joke to the authorities. Punishment for a political joke could be a prison sentence. Today more or less all our online communication is watched or recorded by authorities. How does our present relate to other times in history, how is the western notion of privacy related to the ideas in other cultures. About the speaker: Her practice evolved from visual arts, journalism, internet culture and publishing. After an artistic career in Israel in the early Nineties, Dubrovsky was among the pioneers in Russia's new media start-up scene and specialized in social media and open source culture. Moving to New York in 2001 she became a significant voice in Russian blogging. Her critical position on educational regimes led to the development and publishing of doodle books for children. Her current project Anthropology For Kids aims at creating a publication series with a participatory approach. Reframing crucial aspects of human life – family, money, health, beauty, and alike – Anthropology For Kids seeks to deconstruct conditioned notions of how we (should) live, demonstrating the diversity of perspectives and possibilities that exist in different cultures.
Speaker: Max Bazaliy This talk will take an in-depth look at the technical capabilities and vulnerabilities used by Pegasus. We will focus on Pegasus’s features and the exploit chain Pegasus used called Trident. Attendees will learn about Pegasus’s use of 0-days, obfuscation, encryption, function hooking, and its ability to go unnoticed. We will present our detailed technical analysis that covers each payload stage of Pegasus including its exploit chain and the various 0-day vulnerabilities that the toolkit was using to jailbreak a device. After this talk attendees will have learned all of the technical details about Pegasus and Trident and how the vulnerabilities we found were patched. Presentation Outline: 1. Introduction Introduction to the talk and the background of the speaker 2. Technical Analysis In the technical analysis section we will cover in-depth the three stages of this attack including the exploits and the payloads used at each stage. We will detail the obfuscation and encryption techniques the developers used to hide the payloads. We will also examine the 0-day vulnerabilities, called Trident, that we found, which allow for a remote jailbreak on the latest versions of iOS (up to 9.3.4) via Safari. * 0-days (responsibly disclosed to Apple) * Malware techniques * Obfuscation and encryption techniques The technical analysis will continue and detail the software that gets installed including what it was designed to collect, which includes texts, emails, chats, calendars, and voice calls from apps including Viber, WhatsApp, Skype, SMS, iMessage, Facebook, WeChat, Viber, WhatsApp, Telegram, Vkontakte, Odnoklassniki, Line, Mail.Ru Agent, Tango, Pegasus, Kakao Talk, and more. * Application Hooking * Use of SIP for exfiltration * Historical Analysis of jailbreaks We will detail how the jailbreak techniques used by this software have changed and adapted to the changing security mechanisms added to iOS over the years. 4. Summary
Speaker: Erik This talk presents the results of the technical analysis for the German Parliamentary Committee investigating the NSA spying scandal on geolocation methods in mobile networks. Which data are required to localize a mobile device? Which methods can be applied to accurately assess the geolocation? How can a single drone with a flight altitude of a few kilometers determine the position of a mobile device? Which role have mobile network operators in geolocation? In my talk I will provide solid answers to these and related questions.
Speaker: Max Mehl Nach drei Jahren wurde endlich die nutzerunfreundliche Praxis des Routerzwangs („Compulsory Routers“) gesetzlich für unzulässig erklärt, und aktuell treibt uns die EU-Funkabschottung („Radio Lockdown Directive“) um. Um was geht es dabei? Und was können wir daraus für andere Fälle lernen? Im Vortrag wird klar werden, warum politischer Aktivismus so wichtig ist und dass er eigentlich gar nicht so schwer ist, wenn man ein paar Dinge beachtet. Es hat drei Jahre gebraucht, um die nutzerunfreundliche Praxis des Routerzwangs endlich gesetzlich für ungültig zu erklären. Diese ermöglicht es Internetanbietern, ihren Kunden ein Endgerät aufzuzwingen, auf das sie nur geringen Einfluss nehmen können. Schlimmer noch: Will man einen eigenen Router anschließen, etwa weil man bestimmte technische Dienste benötigt, Geräte auf Basis Freier Software bevorzugt oder ein stromsparenderes Modell einsetzen möchte, ist dies bei vielen Anbietern entweder gar nicht möglich oder man wird bei Support-Anfragen diskriminiert. Dieses Verhalten von Providern ist in vielerlei Hinsicht höchst problematisch, da es hohe Sicherheitsrisiken für Nutzer birgt, fairen Wettbewerb verzerrt und den technologischen Fortschritt hemmt. Und seit einigen Monaten steht die EU-Richtlinie für Funkabschottung auf unserer Agenda, die möglicherweise schon bald die Nutzung und Entwicklung von Freier Software auf allen Geräten, die in irgendeiner Art Funkwellen verwenden, enorm einschränkt. Die Free Software Foundation Europe, für die der Referent Max Mehl arbeitet, hat schon seit den ersten Debatten vor über drei Jahren gegen den Routerzwang angekämpft und dabei viele Erfahrungen gesammelt. In Zusammenarbeit mit Freie-Software-Entwicklern, Organisationen wie dem Chaos Computer Club oder Digitalcourage sowie mit Endgeräteherstellern, Verbänden und Politik ist es gelungen, den Routerzwang gesetzlich offiziell ab Sommer 2016 zu beenden. Ein wesentlicher Grund für
Speakers: Fritz Herzrasen, Lisa Tschorn Die Dynamik der globalen Agrarmärkte hat sich in den letzten Jahren verstärkt und birgt neue Herausforderungen für die Landwirte. Hoffnungsträger sind ähnlich wie in anderen Branchen auch Sensor- & Datenverarbeitungstechnik sowie das Internet: Produktionsprozesse steuern sich selbst, Anhänger werden halbautomatisch mittels Bilderkennung beladen, Maschinen kommunizieren mittels Maschinen und Fahrzeuge steuern sich weitestgehend schon jetzt autonom. Die Dynamik der globalen Agrarmärkte hat sich in den letzten Jahren verstärkt und birgt neue Herausforderungen für die Landwirte. Ebenso ändert sich das vielfach verbreitete Berufsbild des Landwirts oder des Bauers zunehmend hin zu einem landwirtschaftlichen Unternehmer, der das komplette Spektrum des aktuellen Standes des Technik einzusetzen vermag. Themen wie Ressourcenknappheit, Veränderungen im Klima sowie die weltweit steigende Nachfrage nach Nahrungsmitteln und nachwachsenden Rohstoffen zwingen dabei auch in Deutschland die Bauern bzw. landwirtschaftlichen Unternehmer über neue Strategien und Arbeitstechniken nachzudenken um Produktivität und Effizienz zu steigern. Die rasante Entwicklung in der Sensor- & Datenverarbeitungstechnik in Verbindung mit dem Internet ist dabei einer der Schlüssel der helfen kann den aktuellen Herausforderungen der Landwirtschaft zu begegnen. Dabei sind – ohne dass ein Großteil der Bevölkerung dies vermuten würde – gerade in der Landwirtschaft und dem landwirtschaftlichen kommunalen Dienstleistungssektor große Fortschritte in Arbeitsabläufen und Arbeitserledigungen vollzogen worden. Es darf dabei – gänzlich modern & smart von Landwirtschaft 4.0 gesprochen werden: Produktionsprozesse steuern sich selbst, Anhänger werden halbautomatisch mittels Bilderkennung beladen, Maschinen kommunizieren mittels Maschinen und Fahrzeuge steuern sich weitestgehend schon jetzt autonom.
Speaker: Bernd Sieker Legend has it that most airline pilots will at one time have uttered the sentence "What's it Doing now?", whenever the autopilot or one of its related systems did something unexpected. I will be exploring some high-profile accidents in which wrong expectations of automation behaviour contributed to the outcome. "Pilot Error" is often publicly reported as "the cause" of an accident whenever a member of the flight crew did something which had consequences for the chain of events. We maintain that there is never a single cause, and every mistake a pilot may make has causes, and other factors contributing to it. We use the notion of a "necessary causal factor" to investigate the causes of accidents, and almost invariable there is a combination of both technical and human causal factors. I will look in some detail at accidents in which a combination of a technical problem, misleading or missing indications, and inappropriate (but often understandable) crew actions contributed to an accident, and also some in which unprecedented actions of the human crew turned a problem with potentially fatal consequences into a survivable accident. Automation in modern airliners has become so reliable and useful that it may be argued that it leads to a deterioration of hand-flying skills and, perhaps more importantly, of decision-making skills. Sample accident cases will include Asiana Flight 214, Spanair Flight 5022, Turkish Flight 1951, TAM Flight 3054 and others. I will also briefly touch on technical and ethical problems with self-driving vehicles highlighted by the recent Tesla crash as well as increasing automation in General Aviation and its consequences. In conclusion I will look at ways to improve safety and maintain the very high standard currently achieved in commercial aviation.
Speakers: Thomas Lohninger, Christopher Talib After three years the EU has for the first time new Net Neutrality rules. What do they mean in practice? Which commercial practices by ISPs are allowed and which have to be punished by the telecom regulator. We give an overview about three years of campaign and where we go from here. As part of the Savetheinternet.eu coalition, we fought hard over three years in all stages of the legislative and regulatory process to make the new Net Neutrality protections as strong as possible. We explain our tactics and goals for this campaign of 32 NGOs from 14 countries that managed to submit half a million comments to the European Regulators, BEREC. This talk focusess on the pracitcal implications of the new rules and which types of potential network discrimination are prohibited, disputed or allowed. We explain how enforcement is working in different countries and what you can do to put these new rules into practice and extinguish Net Neutrality violations by your ISP. A core component in this fight is the platform RespectMyNet.eu. Users can submit Net Neutrality violations on this website and thereby give them visibility and allow others to confirm, discuss and act upon them. As BEREC guidelines will be regurlaly reviewed this tool is of utmost importance to track the implementation of Net Neutrality rules as well as commercial practices by ISPs and mobile operators. RespectMyNet lived different lives, one of our current tasks is to make the tool and the submissions fit the new BEREC Guidelines in order to provide an easy to use and efficient tool for net neutrality activists in Europe. Let's protect the Internet as an open, free and neutral platform with the new rules the EU has given us.
Speaker: jaseg It is a sad fact of reality that we can no longer trust our CPUs to only run the things we want and to not have exploitable flaws. I will provide an proposal for a system to restore (some) trust in communication secrecy and system security even in this day and age without compromising too much the benefits in usability and speed modern systems provide. CPUs have not only massively grown in complexity in the last years, they have unfortunately also spawned a slew of proprietary vendor subsystems that execute unauditable code beyond our control (TrustZone, Intel ME etc.). There are some projects attempting to mitigate this issue somewhat by running less unauditable code (Coreboot, Novena etc.), but in the long run even using those we are still at the whims of some very large corporations which can decide whether or not we still have control over the systems we own. In this talk, I propose an alternative approach to regain privacy and security on our systems. Instead of trying to fix our CPUs by reverse-engineering large amounts of proprietary blobbiness, I propose we move as much sensitive data as possible out of these compromised systems. In practice, the architecture I propose places a trusted interposer into the compromised system's display bus (LVDS, (e)DP or HDMI) that receives in-band control data containing intact ciphertext (read: PGP/OTR encoded into specially formatted RGB pixel data) and that transparently decrypts, verifies and renders the decrypted data into the pixel data stream. The resulting system looks almost identical from a user-interface perspective, but guarantees plaintext message data is never handled on the compromised host CPU while all the juicy computational power and fancy visual effects that one provides remain intact. I will outline the implementation problem areas of this approach and some possible solutions for them. I will also provide an analysis of this system from a privacy and security perspective.
Speaker: Lisa Charlotte Rost tl;dr: Mother Teresa said "If I look at the mass I will never act. If I look at the one, I will." I'll present ways that make us act when looking at the mass. Remember when we thought that data would solve all our problems? Ah, the good old days. We thought we finally found all the important problems. And all the right answers. We just forgot one important thing: The audience of data is very often....people. Irrational people. People who didn't care if Trump lied or not in the Election Year of 2016. People who know that "millions of people starve in Africa", but who want to donate for that one hungry child in Norway they saw in a TV documentary. People who read about a portfolio company and then think the whole night about becoming a farmer in Chile, like the main character of their favourite book. Stories stick, but data doesn't. Stories stick because they make us feel something; and we remember situations in which we felt intense feelings. Stories make us act; they change our beliefs. Stories make us feel warm and empathic and alive. Data doesn't make us feel anything on it’s own. Data is cold. And still, I love data, and I love to work with it. Can we create feelings with data? Away from the beaten paths of company dashboards, scientific plots and newspaper graphics? I believe it's possible. In my talk, I will showcase some ways to present data so that it sticks and makes you feel things. We'll talk about the status quo of data presentation and where we still need to go. If you like data and want to look at more of it, you should come by.
Speaker: Daniel Lange (DLange) At 32C3 we gave an overview on the organizational and technical aspects of Dieselgate that had just broken public three months before. In the last year we have learned a lot and spoken to hundreds of people. Daniel gives an update on what is known and what is still to be revealed. As predicted at 32C3 the last year showed basically every car manufacturer has been cheating with NOx emissions. The whole regulatory scene is a chaotic and over-complex mess of copy-and-paste legislation.The legal battle reveals more of the methods and organizations involved. The political scene tries to look busy and drive clientele agendas. Daniel reports from the EU parliament, why Mayo fries VW layers in Ireland and how the Michigan Attorney General does the Braunschweig AGO’s job.
Speakers: fraulutz, NoAverageRobot Auf der Hoaxmap werden seit vergangenem Februar Gerüchte über Geflüchtete und deren Widerlegungen gesammelt, sortiert und in Kartenform präsentiert. Die Themen sind dabei so vielfältig wie die Erzählformen. Nach einem knappen Jahr Arbeit an der Karte wollen wir ein Zwischenfazit ziehen und einen Blick auf die Gerüchte, ihre Verbreiter*innen und deren Vorgehen werfen. Seit im Sommer des letzten Jahres die Zahl der Geflüchteten in der Bundesrepublik anstieg, sind vermehrt Gerüchte und auch Falschmeldungen über Asylbewerber*innen und Migrant*innen im Umlauf. Die Hoaxmap hat sich des Phänomens angenommen und stellt gesammelte Gerüchte und ihre Widerlegungen auf einer Karte dar. Und deren Spannbreite ist groß. Die Themen umfassen angebliche Kriminalität ebenso wie vermeintliche Sozialleistungen. Und auch ihre Form beschränkt sich nicht auf Facebook-Posts und klassische Stammtischgespräche, wie ein Blick auf die gesammelten Daten zeigt. Im Talk wollen wir außerdem der Frage nachgehen, wer die Akteure sind, die Gerüchte verbreiten oder gar erst in die Welt setzen. An Beispielen werden wir betrachten, welche politische Wirkung Gerüchte entfalten können und womöglich auch sollen. Wir möchten aber auch zeigen, wie einfach es zumindest auf technischer Ebene ist, mit Werkzeugen, die das Netz zur Verfügung stellt, gegen rassistische Zerrbilder vorzugehen.
Speaker: raquel meyers Keys Of Fury is a brutalist storytelling about technology and keystrokes where text is used unadorned and roughcast, like concrete. I define my practice as KYBDslöjd (drawing by Type In) who uses the Commodore 64 computer, Teletext technologies and Typewriter. Brutalism has an unfortunate reputation of evoking a raw dystopia and KYBDslöjd evokes an “object of nostalgia”. But nostalgic, retro, obsolete or limited are rhetoric qualities earn by constant repetition. We live in a time where hardware and software become obsolete before most of the users have learned how to use them or disappear into pure functionality. The obedience to standards who made us passive observers and consumers. Keys Of Fury is a brutalist storytelling about technology and keystrokes where text is used unadorned and roughcast, like concrete. I define my practice as KYBDslöjd (drawing by Type In) who uses the Commodore 64 computer, Teletext technologies and Typewriter. Brutalism has an unfortunate reputation of evoking a raw dystopia and KYBDslöjd evokes an “object of nostalgia”. But nostalgic, retro, obsolete or limited are rhetoric qualities earn by constant repetition. We live in a time where hardware and software become obsolete before most of the users have learned how to use them or disappear into pure functionality. The obedience to standards who made us passive observers and consumers. KYBDslöjd is heavy, flat, brutal, and there is no CTRL-Z. You cannot make corrections, so any unintended strikes force you to start all over again. The screen is the canvas, use as rectilinear grid on which one keystroke at a time build a character by character animation. The remote control triggers the ghost on the television screen hiding in the vertical blanking interval (VBI) lines like REM (rapid eye movement) sleep intervals. A door to unlock the Imagination. The joy of Text-mode. KYBDslöjd is not “dead media” of the past
Speaker: Felix „tmbinc“ Domke A technical talk on how to reverse-engineer electronic control units in order to document what was left apparently intentionally undocumented by the vendor – including how Volkswagen tweaked their cycle detection code while already being investigated by the EPA, how different the Volkswagen approach is really to the rest of the industry, and of course some trivia on how the „acoustic function“ got its name. A year ago, I showed how I pinpointed the cycle detection technique in the ECU software of a Volkswagen car. This talk will focus on the technical part of what has happened since then – how to reverse engineer an ECU, what other vendors do, what their reaction was, and putting the „isolated findings of a hacker“ into perspective. I’ll talk about data collection over CAN, understanding EGR/SCR control strategies (and how to characterize them), and how to find the needle in a 17000-element haystack (and how to understand whether it’s indeed a needle and or just a thin, cylindrical object with a sharp point at the end which legally does not represent a needle).
Speakers: derrek, nedwill, naehrwert This talk will give a unique insight of what happens when consoles have been hacked already, but not all secrets are busted yet. This time we will not only focus on the Nintendo 3DS but also on the Wii U, talking about our experiences wrapping up the end of an era. We will show how we managed to exploit them in novel ways and discuss why we think that Nintendo has lost the game. As Nintendo's latest game consoles, the 3DS and Wii U were built with security in mind. While both have since been the targets of many successful attacks, certain aspects have so far remained uncompromised, including critical hardware secrets. During this talk, we will present our latest research, which includes exploits for achieving persistent code execution capabilities and the extraction of secrets from both Wii U and 3DS. Basic knowledge of embedded systems, CPU architectures and cryptography is recommended, though we will do our best to make this talk accessible and enjoyable to all. We also recommend watching the recording of last year's C3 talk called "Console Hacking - Breaking the 3DS".
Speaker: Hendrik Lüth Mit steigendem Datenaufkommen und einer immer größer werdenden Zahl von Geräten muss auch das WLAN wachsen. Nach "ur WiFi sucks!!1!" ist dieser Talk eine kleine Einführung in die Neuerungen, welche mit dem 802.11ac-Standard gekommen sind und gibt eine Erklärung, wie sie funktionieren. Seit 2013 der 802.11ac-Standard veröffentlicht wurde, haben die Hersteller schon viele Geräte hergestellt, welche das neue "Gigabit"-WLAN unterstützen. Aber was ist das eigentlich? Warum ist es so viel schneller? Was ist eigentlich dieses "MultiUser-MIMO" und wie funktioniert eigentlich dieses Beamforming? In diesem Talk werden alle Fragen behandelt und ein Grundverständnis über die Funktionalität und den Aufbau des Standards vermittelt. Zusätzlich schauen wir auf die praktischen Vorteile, die sich für eine WLAN-Installation bieten und was man als Hersteller bei der Entwicklung der AccessPoints falsch machen kann.
Speaker: Hakuna MaMate Ein Überblick zur netzpolitischen Situation in der Schweiz. Wir geben einen umfassenden Rückblick auf das ereignissreiche Jahr 2016, in dem die Schweizer Bevölkerung über gleich zwei Massenüberwachungsgesetze entschieden hat. Die netzpolitischen Gruppierungen haben mit viel Einsatz gegen die Gesetze gekämpft . Wir berichten darüber, wie wir das angengangen sind, wie es ausgegangen ist und was wir dabei gelernt haben. Zudem machen wir einen Ausblick auf kommende netzpolitische Herausforderungen. In Sachen Netzpolitik hat sich im Jahr 2016, seit unserem letzten Vortrag zu dem Thema, viel getan. Gleich zu Beginn 2016 kam die Nachricht, dass das Referendum zum NDG erfolgreich war. Damit hat das Schweizer Stimmvolk die Chance erhalten, über das Geheimdienstgesetz (NDG) abzustimmen. Mit dem Zustandekommen des Referendums war aber erst die halbe Arbeit getan. Es galt nun der in Gang gesetzten staatlichen Propagandamaschinerie sowie einigen, insbesondere bürgerlichen, Parteien entgegenzuwirken. Die netzpolitischen Gruppierungen waren also gefragt, sich aktiv, parteipolitisch unabhängig und mit technischen Fakten in den Abstimmungskampf einzubringen. Am 25. September 2016 hat dann das Schweizer Stimmvolk über das neue Nachrichtendienstgesetz entschieden: 65% der Bevölkerung hat das gesetz angenommen, nur gerade 35 % teilten unsere Meinung. Im Frühling hat das Parlament gleich das nächste fragwürdige Gesetz verabschiedet - das revidierte Bundesgesetz betreffend die Überwachung des Post- und Fernmeldeverkehrs (BÜPF). Auch gegen dieses Gesetz hat die Schweizer Netzgemeinde, unterstützt von einer ganzen Reihe Jungparteien, umgehend das Referendum ergriffen. Das Sammeln der Unterschriften wurde diesmal aus den Räumen des CCC Zürich (CCCZH) koordiniert, da es sich abgesehen von der stark netzpolitisch verankerten Pirtatenpartei, nicht um eine parteipolitische Initiative handelte. Auch wenn das Referendum gegen das BÜPF leider n
Speaker: Ray "Smart" devices using BTLE, a mobile phone and the Internet are becoming more and more popular. We will be using mechanical and electronic hardware attacks, TLS MitM, BTLE sniffing and App decompilation to show why those devices and their manufacturers aren't always that smart after all. And that even AES128 on top of the BTLE layer doesn't have to mean "unbreakable". Our main target will be electronic locks, but the methods shown apply to many other smart devices as well... This talk will hand you all the tools you need to go deeply into hacking smart devices. And you should! The only reason a huge bunch of these products doesn't even implement the most basic security mechanisms, might be that we don't hack them enough! We start by looking at the hardware layer, dissecting PCBs and showing which chips are usually used for building those devices. Even if the firmware is read protected they still can be used as nice devboards with unusual pheripherals - if you can't flash it, you don't own it! But you don't always have to get out your JTAG interfaces. The most simple part is intercepting an Apps communication with its servers. We show an easy Man-in-the-middle setup, which on the fly breaks the TLS encryption and lets you read and manipulate the data flowing through. This was enough to completely defeat the restrictions on a locks "share to a friend" feature and of course helps you recover your password... Understanding the API also is the best way to actually OWN your device - giving you the option to replace the vendors cloud service with an own backend. We show how this can be for example used to continue using your bike lock when the kickstarter you got it from goes bankrupt after a presentation about it's bad crypto. Just kidding, they are already notified and working on a patch. Also going for the wireless interface and sniffing BTLE isn't as difficult as it might sound. Turning a cheap 10 EUR devboard into a sniffer we show how to use Wir
Speakers: Filippo Valsorda, Nick Sullivan Transport Layer Security (TLS) 1.3 is almost here. The protocol that protects most of the Internet secure connections is getting the biggest ever revamp, and is losing a round-trip. We will explore differences between TLS 1.3 and previous versions in detail, focusing on the security improvements of the new protocol as well as some of the challenges we face around securely implementing new features such as 0-RTT resumption. At Cloudflare we will be the first to deploy TLS 1.3 on a wide scale, and we’ll be able to discuss the insights we gained while implementing and deploying this protocol. Version 1.3 is the latest Transport Layer Security (TLS) protocol, which allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery. TLS is the S in HTTPS. A lot has changed between 1.2 (2008) and 1.3. At the a high level, 1.3 saves a round-trip, making most connections much faster to establish. We'll see how the 1.2 handshake worked, and what had to change to enable 1-RTT handshakes. But even more importantly, the 1.3 design shifted towards putting robustness first. Anything that is not strictly necessary to the main function of TLS was removed (compression, renegotiation); choices of suboptimal security aren't offered at all (static RSA, CBC, RC4, SHA1, MD5); secure, easy to implement designs are introduced or privileged (RSA-PSS, AEAD implicit nonces, full handshake signatures, Curve25519, resumption forward secrecy). We will go into the why and how of all of these. But two major trade-offs had to be made: first, 1-RTT handshakes inherently prevent the introduction of encrypted domain names (SNI). We'll see why and what can replace them to provide similar privacy. Most interestingly, 1.3 comes with 0-RTT resumption. The catch there is that the protocol itself provides no complete protection against replay attacks. We'll unpack the proble
Speakers: Karsten Nohl, Nemanja Nikodijevic Travel booking systems are among the oldest global IT infrastructures, and have changed surprisingly little since the 80s. The personal information contained in these systems is hence not well secured by today's standards. This talk shows real-world hacking risks from tracking travelers to stealing flights. Airline reservation systems grew from mainframes with green-screen terminals to modern-looking XML/SOAP APIs to access those same mainframes. The systems lack central concepts of IT security, in particular good authentication and proper access control. We show how these weaknesses translate into disclosure of traveler's personal information and would allow several forms of fraud and theft, if left unfixed.
Speakers: Thomas Lohninger, Alexander Czadilek Die Netzpolitik der österreichischen Bundesregierung hat sich im Jahr 2016 nicht besser dargestellt als die Jahre davor: Neue Überwachungsgesetze, (bislang erfolgreich verhinderte) Versuche eine staatliche Spionagesoftware (Bundestrojaner) einzuführen, der ewige Kampf um ein Transparenzgesetz, eine scheinheilige Simulation demokratischer Partizipation und das totglaubte E-Voting sind brennende Themen und bedürfen einer breiten gesellschaftlichen Diskussion. Der AKVorrat zeigt in einem netzpolitischen Jahresrückblick, was wir dagegen tun können und zeigt, dass Zivilgesellschaft wirkt. Polizeiliches Staatsschutzgesetz beschlossen, Gesetzesvorlage für die Legalisierung einer Überwachungssoftware (Bundestrojaner) eingebracht, weitreichende Überwachungsmaßnahmen neuerdings schon bei Verwaltungsübertretungen möglich etc. – die Liste der datenschutzrechtlichen und netzpolitischen Problemfälle in Österreich ist lang. Das Arbeitspensum für Aktivistinnen und Aktivisten in Österreich steigt. Auch für zivilgesellschaftliche Initiativen gilt, dass Politik das Bohren harter Bretter bedeutet. Mit einer wohldosierten Mischung aus juristischer und technischer Expertise sowie Aktionismus konnten 2016 ein paar sehr tiefe Löcher in die offizielle unausgewogene Netzpolitik Österreichs gebohrt werden. Herzstück der Aktivitäten des abgelaufenen Jahres war HEAT, das Handbuch zur Evaluation der Anti-Terror-Gesetze in Österreich. Das Ausmaß der staatlichen Eingriffe in unsere Privatsphäre und in die informationelle Selbstbestimmung lässt sich nur durch die Betrachtung der Summe aller Eingriffe richtig erfassen. Diese wichtige Erkenntnis der Notwendigkeit einer „Überwachungs-Gesamtrechnung“ wurde erstmals vom deutschen Bundesverfassungsgericht im Urteil zur Aufhebung der deutschen Vorratsdatenspeicherung im März 2010 formuliert. HEAT listet alle Überwachungsgesetze Österreichs auf, kombiniert dies mit
Speaker: marcan Last year, we demonstrated Linux running on the PS4 in a lightning talk - presented on the PS4 itself. But how did we do it? In a departure from previous Console Hacking talks focusing on security, this year we're going to focus on the PS4 hardware, what makes it different from a PC, and how we reverse engineered it enough to get a full-blown Linux distro running on it, complete with 3D acceleration. So you have an exploit. You have code execution. Great! But what do you do now? In the past, console homebrew usually focused on bringing up a development environment similar to the one used for commercial games. However, with the increasing complexity of console hardware, it's becoming impractical for a small team of hackers to create a full blown development SDK. Using leaked official SDKs is illegal. What can we do? Well, there's Linux. The PS4 is particularly great for Linux, because it is based on a modified x86 platform and a modified Radeon GPU. That means that once the basic OS port is complete, it can run existing games - even Steam games and other commercial software. But just how similar is the PS4 to a PC? Can you just throw GRUB on it and boot an Ubuntu kernel? Not quite. In this talk we'll cover the PS4 hardware and part of its software environment, and how we reverse engineered enough of it to write Linux drivers and kernel patches. We'll go over how we went from basic code execution to building a 'kexec' function that can boot into Linux from the PS4's FreeBSD-based kernel. We'll reverse engineer the PS4's special hardware, from special PCI interrupt management to the HDMI encoder. We'll dive deep into the Radeon-based GPU architecture, and we'll share some previously unreleased research and tools of interest to AMD Radeon driver developers and hackers. If you're interested in the strange world of x86 hardware that isn't quite a PC, then this talk is for you.
Speaker: Tobias Fiebig In this talk we will explore and present various IPv6 scanning techniques that allow attackers to peek into IPv6 networks. With the already known difference between IPv4 and IPv6 firewalling (the latter is worse... ) we then demonstrate how these techniques can be combined and used to obtain a large-scale view on the state of IPv6 in infrastructures and data centers. To give the whole issue a somewhat more fun dimension, we will also look at some (security) sensitive applications of this technique. Complimentary code-snippets will be provided. Scanning networks is a basic tool for security researchers. Software misconfiguration like with unprotected key-value stores and software bugs like heartbleed are analyzed and investigated in the wild using scanning of networks. At least since the rise of zMap, scanning the I---Pv4---nternet has become a rather simple endeavour. When one happens to be at a conference that tends to supply 1gE or 10gE ports on the access layer, scanning the Internet can be done in 60-10 Minutes. Scanning the 2^32 possible addresses (with certain limitations) of IPv4 has become cheap. However, the small searchspace of IPv4 that makes it so scannable is also what renders it increasingly obsolete. To overcome this issue, IPv6 was designed. Along with IPv6 we receive a theoretical maximum of 2^128 different addresses. Scanning this larger space is a challenge that---so far---has been mostly approached by researchers. Specifically, not security but network measurement researchers. Their works usually focus on having access to large datasets of IPv6 addresses, the most famous ones using the access logs of a large CDN. With the average nerd lacking a small enterprise scale CDN in the basement, we set out to utilize other techniques for enumerating IPv6 that only utilizes public data sources. Following RFC7707, we found various interesting candidate techniques. Especially probing the PTR sets of IPv6 networks sounded promi
Speakers: Florian Grunow, Niklaus Schiess, Manuel Lubetzki
Speaker: Jessy Campos Sednit, a.k.a Fancy Bear/APT28/Sofacy, is a group of attackers operating since at least 2004 and whose main objective is to steal confidential information from specific targets. Over the past two years, this group's activity increased significantly, in particular with numerous attacks against foreign affairs ministries and embassies all over the world. They are supposedly behind the DNC hack, and the WADA hack, which happened earlier this year. This talk presents the results of a two-year hunt after Sednit, during which we dug up and analyzed many of their software. Technically speaking, Sednit is probably one of the best espionage group out there. Not only have they created a complex software ecosystem -- composed of tens of different components --, but they also regularly come out with 0-day exploits. Also remarkable is their ability to very quickly integrate newly published techniques in their toolkit. In particular, we will explain how they tend to operate and we will dive into technical details of their most impressive components: - DOWNDELPH, a mysterious downloader deployed in very rare cases and with advanced persistence methods. In particular, we found a Windows bootkit dropping this component, and also a Windows rootkit, both never documented. - XTUNNEL, a network proxy tool able to transform an infected machine into a pivot to contact computers normally unreachable from the Internet. Heavily obfuscated, and based on a custom encrypted protocol, XTUNNEL is a major asset in Sednit post-infection toolkit. - XAGENT, the flagship Sednit backdoor, for which Windows, Linux and iOS versions have been developed. Built as a modular framework around a so-called "kernel", it allows to build flexible backdoors with, for example, the ability to switch between various network protocols. - SEDKIT, a full-fledged exploit-kit, which depending on the target's configuration may drop 0-day exploits or revamped exploits. And also, during
Ein Geheimdienst als Zeuge. Szenen aus dem NSA-Untersuchungsausschuss. Speakers: anna, Kai Biermann, Felix Betzin, Elisabeth Pleß, Johannes Wolf, vieuxrenard Der NSA-Untersuchungsausschuss im Bundestag soll aufklären, was die NSA in Deutschland tut und wie deutsche Geheimdienste in diese Aktivitäten verwickelt sind. Fast wie in einer Gerichtsverhandlung – doch es gibt eine Besonderheit: Der Zeuge ist der BND, ein Geheimdienst. Und der tut alles dafür, nichts zu verraten. Die Inszenierung enthält originale Szenen und Zitate aus dem Ausschuss, die zeigen, wie mühsam es ist, einen Geheimdienst zu vernehmen, wie schwer er es dem Parlament macht, ihn zu kontrollieren. Doch sie belegen auch, dass demokratische Aufklärung nicht umsonst ist, auch wenn sie manchmal nur aus Versehen passiert. Oder wenn den Aufklärern statt einer verschiedene Wahrheiten zu einem Thema präsentiert werden.
Speaker: André Lampe Jeder weiß ungefähr was ein Mikroskop ist und vielleicht hat man auch mal davon gehört das da immernoch dran geforscht wird – Stichwort Hochauflösungsmikroskopie (Nobelpreis 2014 in Chemie). Es gibt deutlich mehr Mikroskope in der professionellen Forschung als es Teleskope gibt, deutlich mehr – und da könnte man sich jetzt fragen: "Warum sehe ich so viele Bilder von Sterne, aber kaum Mikroskopiebilder von öffentlichen Einrichtungen und Stellen?". Um diese Frage zu beantworten will ich kurz in die Welt der Hochauflösungsmikroskopie einführen und die Techniken erklären. Ein bisschen über die Community erzählen und versuchen klar zu machen, warum es hier mit der Offenheit noch etwas hapert. UND: Es soll auch mikroskopiert werden. Ich habe die letzten 6 Jahre ein Mikroskop gebaut. Eins, dass mit Licht Dinge sehen kann unterhalb der Beugungsgrenze von Licht, in mehreren Farben, in 3D. Das Ding ist fertig – so fertig wie etwas sein kann, das man als Doktorarbeitsprojekt bezeichnet. Ich will das niemandem verkaufen, die Forschung ist Veröffentlicht, unsere Software dazu ist open source. Für mich war die Arbeit daran Eintrittskarte in eine andere Welt. Ich will erzählen was Hochauflösungsmikroskopie ist, die drei verschiedenen Ansätze dazu (PALM/STORM, STED, SIM), wie sie sich ergänzen und wie die technologische Entwicklung des 21. Jahrhunderts das erst möglich gemacht hat. Wie Techniken basierend auf Laserphysik (STED), stochastischem Blinken von Molekülen (PALM/STORM) oder schneller Fouriertransformation (SIM) uns ermöglichen tiefer in Zellen hinein zu schauen – und man sich plötzlich Gedanken darüber machen muss wie man etwas in einem Bild darstellt, dass eigentlich gar kein richtiges Bild ist, sondern ein vielschichtiges Messergebnis. Aber auch die Community in diesem Feld ist interessant. Langsam aber sicher verbreitet sich der open science Gedanke, immer mehr Software ist Quelloffen, es gibt sogar einen Jährlich
Speakers: maxigas, mel The proper relationship of technology and politics have been the subject of an evergreen debate on the floor of the Chaos Communication Congress. Rather than taking a position in this debate, we are asking how the two have been co-articulated in practice so far by CCC participants? The proper relationship of technology and politics and thereby the percentage each covers in the Congress schedule have been the subject of an evergreen debate at the floor and in the corridors of the Chaos Communication Congress. Rather than taking a position in this debate, we are asking how the two have been co-articulated in talks so far by CCC participants? In order to answer this question, we are analysing the available titles and abstracts of Congress talks from 1984 until now. This ongoing research seeks to identify changing trends, significant outliers, apparent patterns and common threads throughout the years. We also wonder if it is possible to identify turning points in the narrative. The empirical data is contextualised by reflections on the shifting ground of technology, politics and society in the world during the long history of the CCC, as well as by qualitative reflections of attendants. We are inviting the audience to help us with the latter by joining in a follow-up discussion after the presentation.
Speakers: Roland Schilling, Frieder Steinmetz Most of us use mobile messaging every day. We use certain apps that we chose for a number of factors, like our friends using it, good press, privacy promises, or simply their feature sets. This talk aims to enable more of us to reason about the privacy and security of messaging apps. We will try to present simple analogies translating abstract security and privacy expectations into concrete feature sets. We will illustrate these features using the the popular messaging app Threema. Our analysis of its protocol is based on our own reverse-engineering efforts and a re-implementation of the Threema protocol that we will release during the talk. Despite its ubiquitous application and widespread acceptance, mobile instant messaging remains a complex matter and is often not understood by its users. Easy-to-use apps and security assurances by their developers suggest users a safe and private environment for conversation. At the same time, more and more apps flood the market and it is becoming increasingly difficult, even for technically-educated users, to keep track of both technological development and their own security and privacy requirements. We want to present a talk that sheds some light into technical aspects of mobile instant messaging and presents an overview of techniques and design decisions by different mobile instant messaging app developers. We aim at both technically-educated and casual users alike, trying to present simple analogies and break down complex details into understandable components. After an introduction to the mobile instant messaging world, we will dissect one of the most popular mobile instant messaging apps in Germany: Threema. It is closed-source and only superficially documented, yet widely used. We picked it for a particular design decision in its protocol, the lack of which we consider the most important flaw in competitor protocols like Signal: the use of discardable IDs in favor of pho
Speaker: taxman The Common Reporting Standard is a multinational agreement signed by more than 80 nations, including all EU member states. The signatories promised to exchange bank account information on foreigners. Paypal, a Luxembourg company, is expected to report millions of accounts to German, French, Spanish etc. tax auditors. This lecture will give an overview of the technical and legal aspects of the exchange. The Common Reporting Standard (CRS) and FATCA obligate banks to collect information from their customers and forward this information to the national tax authorities. The national tax authorities in turn forward this information to whatever country it is designated for. It is estimated that Paypal Luxembourg will report 60 million accounts in Europe. These reports will land on the desk of tax auditors which then will start asking questions to taxpayers. This talk will give an overview who is affected, what type of information will be exchanged, and what you can do about it.
Speaker: Axel Physicists are not computer scientists. But at CERN and worldwide, they need to analyze petabytes of data, efficiently. Since more than 20 years now, ROOT helps them with interactive development of analysis algorithms (in the context of the experiments' multi-gigabyte software libraries), serialization of virtually any C++ object, fast statistical and general math tools, and high quality graphics for publications. I.e. ROOT helps physicists transform data into knowledge. The presentation will introduce the life of data, the role of computing for physicists and how physicists analyze data with ROOT. It will sketch out how some of us foresee the development of data analysis given that the rest of the world all of a sudden also has big data tools: where they fit, where they don't, and what's missing.
Speakers: Jeff Deutch, Hadi Al-Khatib Journalists and human rights groups need to find and use verified visual evidence in order to accurately report about what’s happening in conflict zones. In the case of Syria, there are more hours of online footage online than there have been hours of conflict. There is currently no tool that supports finding, collecting, preserving and collaboratively verifying and curating visual evidence from social media platforms: The Syrian Archive is the first to do so. In this talk, members of the Syrian Archive team will give an overview of the Syrian Archive project, explore the technical components and verification procedures, and review investigations completed using open source methodologies. Journalists and human rights groups need to find and use verified visual evidence in order to accurately report about what’s happening in conflict zones. We have currently developed an open source tool in alpha stage in collaboration with developers from Tactical Tech which collects and preserves video evidence from Youtube. We have additionally developed a unique workflow in order to verify video documentation and to conduct our investigations. By aggregating, preserving, cataloging and securing digital documentation relating to human rights violations in Syria, the Syrian Archive project helps Syrian civil society, human rights activists, media offices, journalists and lawyers increase their capacity to respond to human rights violations thorough using documentation and investigations that adhere to international standards, and using better tools to demand accountability against perpetrators of those violations. Findings from investigations have been used by Human Rights Watch, the United Nations Security Council and the Organisation for the Prevention of Chemical Weapons in their work investigating the Syrian conflict. Further, research has been cross-published by Bellingcat, an award-winning open source investigation platform an
Speaker: Saud Al-Zaid This talk discusses the representation of Arab males in video games and the adverse effect it has on the collective political imagination. Anonymous military-aged Arab men become increasingly the exception to the laws of human rights, and become default targets for conventional and unmanned drone attacks. This devolution is seen through the lens of the changing nature of conflict through digitalization, the collapse of the nation state in Iraq and Syria, and the future of war. In the popular video game series "Call of Duty: Modern Warfare", Arab men are consistently depicted as the mindless throngs of the indestinguishable enemy. The First Person Shooter (FPS) genre lends itself to killing enemies, usually many in the same round, but the evolution of the target went from Nazi's in Wolfenstein 3D in 1992, to targets that become increasingly comparable to Arabs and Muslims in the following years. So besides historically oriented games that focus on the combatants of World War II, most games since the 1990's begin to shift their focus to another kind of enemy--one that suspiciously looks Arab or Islamic. Even Sci-Fi epics like the Halo series, which take place may hundreds of years in the future, the enemies start taking on an exotified look and feel, and follow an obviously religious ideology that is inimical to universal peace. The smallest insignificant alien becomes a strategic risk as they become "suicide bombers" blowing themselves up before they die, expressing a sigh of cowardice before they die. In "Modern Warfare 2", something suprising happens. The Arab characters are given a little more depth and backstory, and the Arabic dialogue is the most realistic of any of the other games. It also becomes the version of the game that is most modified by users (in so-called "mods"). Hacked and converted to other versions, there is significantly a version used by Al-Qaeda for recruitment purposes. The production company responsible, Infinity
Speaker: Claudio "nex" Guarnieri In this lecture I wish to reflect on the maturation of the security and hacking communities and their role in larger societal and political participation. We'll reflect on the predominant role that technology has been growing into our lives, and the responsibilities we have in nurturing it. After having spent the last years in researching, exposing, and preventing the electronic targeting of dissidents and journalists, I hope to synthesize my experience and suggest how to reconsider our tactics, the successes, and the failures, and hopefully draw some inspiration for a brighter future. Computer systems were destined for a global cultural and economic revolution that the hacker community anticipated. We saw the potential, we saw it coming. And while we enjoyed the little time of reckless banditism, playing cowboys of the early interconnected age, we also soon welcomed the public realization that we were right all along, that information technology was going to change everything, and that information security was critical. Now, the Internet governs our lives. Success always comes with strings attached. The Internet morphed with us. Once an unexplored space we were wandering in solitude, now it has become a marketplace for goods, *the* vehicle for communication, as well as an instrument for control, and a field for battle. We learned the many ways it was abused and broken. We learned the stories of those who were victims of the shortcomings of computer and network systems, and we realized how often and brutally they were turned into means of persecution against those who struggle for free speech and democracy around the world. In this lecture I wish to reflect on the maturation of the security and hacking communities and their role in larger societal and political participation. We'll reflect on the predominant role that technology has been growing into our lives, and the responsibilities we have in nurturing it. After having s
Speaker: KaLeiMai The Anthropocene is widely understood to mean the current "period of Earth's history during which humans have a decisive influence on the state, dynamics and future" of this planet. For several years, scientists in the Working Group on the 'Anthropocene' (AWG) have worked (and voted!) on defining the beginning of the Anthropocene in geochemical terms. The mid-20th century provides an obvious geochemical 'timestamp': fallout from nuclear weapons detonations. Which other chemicals and timestamps are being considered for marking the Anthropocene's start? How is 'define-by-committee' even working out for geological epochs? This talk boils the scientific background of the Anthropocene debate down for non-stratigraphers. Stratigraphers are geologists, who focus on sediment, rock or ice layers, etc. These 'strata' form by deposition of organic or inorganic material (such as microorganisms or volcanic ash) and provide a records of the history of our planet's surface. Because gas bubbles, isotopes, etc. are captured in the strata, scientists can analyse the geochemistry of the past, date certain events, and more. That kind of data ultimately underlies xkcd's recent 'Earth Temperature Timeline'. Direct measurements of geochemical signals such as atmospheric CO2 concentration and ocean pH started only in the mid-20th century. Besides the Intergovernmental Panel on Climate Change, the AWG is possibly the most diverse scientific committee with most public attention currently. Therefore, defining the Anthropocene is a multi-disciplinary, collaborative scientific effort, as well as an inherently political statement. This talk will explain why.
Speakers: Maxim Goryachy, Mark Ermolov Engaging universally available deep debug functionality of modern Intel cores, with zero software or hardware modifications required on the target side. Our research team at Positive Technologies has discovered a way to engage the advanced debug machinery on modern Intel cores. This advanced machinery can be employed to exercise deep control of the running system across all execution modes using merely a USB port connection, with zero software or hardware modifications required on the target side. It goes without saying that such functionality carries profound security implications.
Speaker: Rich Jones More and more businesses are moving away from monolithic servers and turning to event-driven microservices powered by cloud function providers like AWS Lambda. So, how do we hack in to a server that only exists for 60 milliseconds? This talk will show novel attack vectors using cloud event sources, exploitabilities in common server-less patterns and frameworks, abuse of undocumented features in AWS Lambda for persistent malware injection, identifying valuable targets for pilfering, and, of course, how to exfiltrate juicy data out of a secure Virtual Private Cloud. This talk will be the first public anatomy of an attack on a server-less application deployed to AWS Lambda and AWS API Gateway. It'll be useful for any application developer looking to build a server-less application, and for any hacker who's come up against this interesting new class of application. First, we'll take a look at the current state of server-less architectures and show some common deployment patterns and how they're used in production, comparing the advantages and trade offs against traditional monolithic servers. Next, we'll explore the attack surface of a server-less application, showing that where Satan closes a door, he opens a window. Using exploitables in common server-less patterns, we'll use cloud event sources as a vector for delivering our obfuscated payload. Then, we'll use some undocumented features in AWS Lambda to persist our malware, explore the Lambda environment looking for secret keys and other buried treasures, and pillage a remote database. Finally, we'll use a few more tricks to sneak out of the VPC with our precious data in tow! And, of course, we'll tidy up after ourselves leaving the DevOps team none-the-wiser.
Speaker: hanno Applied IT security is largely a science-free field. The IT-Security industry is selling a range of products with often very questionable and sometimes outright ridiculous claims. Yet it's widely accepted practice among users and companies that protection with security appliances, antivirus products and firewalls is a necessity. There are no rigorous scientific studies that try to evaluate the effectiveness of most security products or strategies. Evidence-based IT security could provide a way out of the security nihilism that's often dominating the debate – however it doesn't exist yet. From Next-Generation APT-Defense to Machine Learning and Artificial Intelligence: The promises of IT security product vendors are often bold. Some marketing promises are simply impossible, because they violate a fundamental theorem of computer science, the halting problem. Many IT security professionals are skeptical of security appliances, antivirus software and other IT security products and call them snake oil. Furthermore security products often have security vulnerabilities themselves, which has lately been shown by the impressive work done by Tavis Ormandy from Google's Project Zero. When there's disagreement about the effectiveness of an approach then rational people should ask for scientific evidence. However, surprisingly this evidence largely doesn't exist. While there obviously is a lot of scientific research in IT security it rarely tries to answer practical questions most relevant to users. Decisions are made in an ad-hoc way and are usually based on opinions rather than rigorous scientific evidence. It is quite ironic that given the medical analogies this field likes to use (viruses, infections etc.), nobody is looking how medicine solves these problems. The gold standard of scientific evidence in medicine (and many other fields) is to do randomized controlled trials (RCTs) and meta-analyses of those trials. An RCT divides patients in groups and
Speakers: Jos Wetzels, Ali Abbasi Secure random number generators play a crucial role in the wider security ecosystem. In the absence of a dedicated hardware True Random Number Generator (TRNG), computer systems have to resort to a software (cryptographically secure) Pseudo-Random Number Generator (CSPRNG). Since the (secure) design of a CSPRNG is an involved and complicated effort and since randomness is such a security-critical resource, many operating systems provide a CSPRNG as a core system service and many popular security software products assume their presence. The constraints imposed by the embedded world, however, pose a variety of unique challenges to proper OS (CS)PRNG design and implementation which have historically resulted in security failures. In this talk we will discuss these challenges, how they affect the quality of (CS)PRNGs in embedded operating systems and illustrate our arguments by means of the first public analysis of the OS random number generators of several popular embedded operating systems. Randomness is a fundamental, security-critical resource in the wider security ecosystem utilized by everything from cryptographic software (eg. key and nonce generation) to exploit mitigations (eg. ASLR and stack canary generation). Ideally secure random number generation is done using a dedicated hardware True Random Number Generator (TRNG) collecting entropy from physical processes such as radioactive decay or shot noise. TRNGs, however, are both relatively slow in their provision of random data and often too expensive to integrate in a system which means computer systems have to resort to a software (cryptographically secure) Pseudo-Random Number Generator (CSPRNG). Such a CSPRNG is seeded (both initially and continuously) from a variety of sources of 'true' entropy which are effectively stretched into additional pseudo-random data using cryptographic methods. Since the design and implementation of such CSPRNGs is a complicated and involved
Speakers: Matt Bernhard, J. Alex Halderman The 2016 U.S. presidential election was preceded by unprecedented cyberattacks and produced a result that surprised many people in the U.S. and abroad. Was it hacked? To find out, we teamed up with scientists and lawyers from around the country—and a presidential candidate—to initiate the first presidential election recounts motivated primarily by e-voting security concerns. In this talk, we will explain how the recounts took place, what we learned about the integrity of the election, and what needs to change to ensure that future U.S. elections are secure.
Speaker: RA Ulrich Kerner Der neue Straftatbestand der Datenhehlerei gem. § 202d StGB kriminalisiert Whistleblower und droht mit Haftstrafe bis zu drei Jahren oder Geldstrafe. Das schwächt die Zivilgesellschaft und verhindert wichtige demokratische Aufklärungsprozesse. Im Dezember 2015 hat der Bundestag mit dem Gesetz zur Vorratsdatenspeicherung auch von der Öffentlichkeit zunächst unbemerkt die „Datenhehlerei“ unter Strafe gestellt und den § 202d StGB erlassen. Der Straftatbestand soll nach Ansicht des Gesetzgebers eine Lücke im Bereich der Cyber-Kriminalität schließen und den Verkauf von rechtswidrig erlangen Daten erfassen, mit denen typischerweise von den Käufern Straftaten begangen werden. Hier geht es z. B. um den illegalen Handel mit Kreditkartendaten, Bankverbindungen und Log-In-Daten für Onlineshops. Das ist zunächst mal durchaus akzeptabel. Die Strafbarkeit beschränkt sich jedoch nicht auf diese Fälle. Denn auch Whistleblower sind von der neuen Regelung betroffen. Strafbar macht sich nämlich durchaus auch, wer rechtswidrig erlangte Daten weitergibt, an deren Veröffentlichung die Allgemeinheit ein überaus großes Interesse hat. Das aber schadet dem demokratischen Gemeinwesen und verhindert die Aufklärung von gesellschaftlichen Missständen.
Speaker: Michaela Vieser Aus ihrem Buch „Von Kaffeeriechern, Abtrittanbietern und Fischbeinreißern – Berufe aus vergangenen Zeiten“: es geht darin um Berufe, die einfach verschwunden sind, deren Bezeichnung bereits in Bedeutungslosigkeit versunken sind. Aber was machte z.B. ein Kaffeeriecher? Er war kein Hipster-Barista, sondern ein Auswuchs der Politik von Friedrich II.: durch den Schmuggel von Kaffeebohnen sah sich Friedrich II genötigt, ausgediente Kriegsveteranen durch Berlin zu schicken. Sie durften in die Häuser der Bürger eindringen, um unversteuerten Kaffee aufzufinden. Sie verletzten dabei die Privatsphäre und schnüffelten buchstäblich nach einem Vergehen. Anders als die Überwachung im Netz heute waren sie laut und derb und nicht unsichtbar. Den Bürgern waren sie so verhasst, dass sie sich gegen sie aufbäumten. Nach nur acht Jahre war der Spuk vorbei, die Kaffeeriecher wurden durch Protest des Volkes ausrangiert. Wäre es heute nur so einfach. Akribisch nach Fakten, Formen und Verbindungen suchend, entstand auch die Auftragsarbeit „Altes Handwerk“ , für die Stiftung Preußischer Kulturbesitz: ein Jahr lang wühlte Michaela Vieser in den Archiven des BPK: zum Teil lagen die Bilder in einer alten Kegelbahn in einem Offizierskasino in Charlottenburg. Die Fotografien stammen aus einer Zeit, als der Fotograf selbst noch Handwerker war. Anhand der Bilder lassen sich Ästhetik und Funktionalität des neuen Berufes klar erkennen. Das Buch wurde gemeinsam in einem Interview mit dem Bundesarbeitsminister im Radio vorgestellt, es war über zwei Jahre lang das wichtigste Buch des Verlags Braun editions. Im Folgewerk „Das Zeitalter der Maschinen – Von der Industrialisierung des Lebens“ geht es um den Übergang in die Industrielle Revolution: „Die Zeit“ schreibt: „Seit der Industrialisierung bestimmen Maschinen unseren Alltag – damals waren sie aus Eisen und Stahl, und manche überlebensgroß. Heute denken wir über die winzigen
Speaker: Martin Haase/maha Mit dem Erstarken der Rechtspopulisten (nicht nur in Deutschland) werden populistische Positionen immer häufiger hingenommen, obwohl es sich dabei um vermeintliche "Gewissenheiten" handelt, die bei näherer Betrachtung inakzeptabel sind. Solche Positionen beruhen nicht auf einer nachvollziehbaren Argumentation, sondern auf sprachlich-rhetorischen Tricks, die im Grunde leicht zu durchschauen sind, denen jedoch immer mehr Menschen auf den Leim gehen. Dieser Vortrag soll zeigen, welche Tricks das sind und wie Populisten demaskiert werden können. Dabei wird deutlich werden, dass nicht nur eine Partei für populistische Parolen anfällig ist. Populismus besteht darin, einfache politische "Gewissheiten" zu vertreten, die leicht Anhänger finden (also populär sind). Statt diese Positionen argumentativ zu untermauern, was oft gar nicht möglich oder zumindest wenig überzeugend ist, wird oft mit Stereotypisierungen und Scheinargumenten gearbeitet. Oft verweisen Populisten auf das "Recht des Stärkeren" (der Mehrheit) und stellen das als "demokratisch" dar, obwohl der Minderheitenschutz ein wesentliches Merkmal demokratischer Systeme ist. Gleichzeitig wird eine Minderheit zum Sündenbock gemacht. Eine populistische Forderung wird sprachlich oft auf eine einfache Formel gebracht ("Obergrenze", "Kinder statt Inder", "Flüchtlingswelle", "Leistung muss sich wieder lohnen" usw.), wobei oft mit bestimmten Tricks gearbeitet wird, z.B. mit Unterstellungen (genauer: Präsuppositionen bzw. Implikaturen) und framing (Einordnung in einen größeren, möglicherweise unpassenden Zusammenhang). Sich auf populistische Scheinargumentationen einzulassen, ist gefährlich, weil damit oft unbewusst unhaltbare Positionen, auf denen die Argumentation beruht (z.B. ein bestimmtes framing), hingenommen und nicht mehr hinterfragt werden.
Speaker: Julia Reda EU copyright reform plans threaten freedom of expression: Commissioner Günther Oettinger wants to make sharing even the tiniest snippets of news content subject to costly licensing, and obligate internet platforms to monitor all user uploads. We can still stop these proposals – if you join the fight now. Two years ago, I laid out the urgent need for EU copyright reform at 31c3. Now the reform proposal is finally on the table – but Commissioner Oettinger has let big business interests hijack it. Instead of updating copyright law to better fit the digital age, he wants to try to use it to make the internet fit the established business models of analogue industry giants: • The link is under attack: Extra copyright for news sites would make most ways of sharing even 20-year-old news articles illegal without a license. Website owners, news aggregators, social networks, curation/bookmarking apps, „read later“ services, etc. would need to pay news sites for linking to with even the shortest of teaser snippets. • Internet platforms would be obligated to scan all user uploads for copyright infringements – a huge burden on community projects like Wikipedia as well as EU startups. Because robots are bad at evaluating when copyright exceptions apply, lots of legal works would be taken down. • The new copyright exception for text and data mining would restrict the freedom to do so to public institutions. Hackers and amateur scientists would be left out in the cold. • The proposals leave discriminatory geoblocking and restrictions on the freedom of panorama here to stay. We must stop these proposals from harming the internet. I’ll lay out how you can help.
Speaker: Xobs How to get USB running on an ARM microcontroller that has no built in USB hardware. We'll cover electrical requirements, pin assignments, and microcontroller considerations, then move all the way up the stack to creating a bidirectional USB HID communications layer entirely in software. USB is amazing. It's hot-pluggable, auto-negotiating, and reasonably fast. It's robust, capable of supplying power, and works cross-platform. It lives up to the “Universal” claim: your PC definitely has USB, but it may not have TTL Serial, I2C, or SPI available. Hardware USB support is available in all manner of embedded microcontrollers. However it's not available on all microcontrollers, and integrating a hardware USB PHY can double the cost of a low-end microcontroller. This problem is particularly acute in the sub-$1 microcontrollers: a companion USB PHY chip would typically cost more than the microcontroller (example: the MAX3420E USB-to-SPI adapter costs around $5), so your only option for USB is to get your hands dirty and bit bang the missing protocol. This talk describes the implementation of a new bitbanged USB stack, starting with a primer on the USB PHY layer and continuing up the stack, concluding with "Palawan", a feature-complete open-source bitbanged USB Low Speed stack available for use on microcontrollers priced for under a dollar. We'll go over requirements for getting USB to work, as well as talking about USB timing, packet order, and how to integrate everything together. Unlike other bitbang USB implementations such as V-USB and LemcUSB, Palawan makes fewer assumptions about GPIO layout. With Palawan, USB's D+ and D- signals can be on different GPIO banks, and need not be consecutive. By doing so, more pins are available to the user, making it easier to use with devices that have special restrictions on what pins can do what. The only requirements are that both GPIO pins can be both inputs and push-pull outputs, and that at least one pin c
Speaker: Kate Genevieve Inspired by a long history of bold reality hacks this talk considers the kinds of potentials opening up through emerging Virtual Reality (VR) and Mixed Reality technologies. In this current moment of climate crisis and structural metamorphosis how can we work with powerful immersive technologies to understand our own perceptual systems, to radically communicate and to innovate new ways of being together? Our physical body and the spaces we inhabit seem very real, but what is this sense of reality – of presence in the world – and is it simply a story told to us by our brain, a neural fiction? Just over a decade ago, neuroscientists at Princeton discovered the ‘rubber hand illusion’, a way of persuading the brain to incorporate a fake hand into its internal body image, so that the fake hand became a felt part of the body. Since then, scientists and virtual reality experts have developed ‘full body’ illusions showing how our attachment to our whole body is somehow provisional and flexible. The talk will consider these strange findings and what potentials are emerging through creative VR projects. I will discuss my own work with Virtual Reality, which investigates how immersive audio, visual, touch and haptic environments enable us to "slip our moorings" and experience transformed relationships to our environment, to other people and to our own bodies. I’ll describe the interdisciplinary experimentation undertaken in the Sackler Centre's Labs and the development of visual technologies and multi-sensory techniques that invite audiences to investigate the architecture of their own subjective experience for themselves. Our understanding of what it is to be human is undergoing a dramatic seachange: a biological, embodied, emotional and fundamentally social understanding of human subjectivity is emerging across disciplines. These powerful immersive technologies and techniques for hacking the human sensory system have uses beyond
Speakers: anna, Andre Meister Germany has a good reputation for strong data protection. It also features the only parliamentary inquiry committee investigating the Snowden revelations. But what are actual results of parliamentary, journalistic and public engagement? What did we learn from 3 years of debate on secret service surveillance? What did the the inquiry committee find out? What are political consequences? Is Germany really a desirable role model in the anti-surveillance movement? Or at least efficiently controlling its own secret services? We’ll provide answers. They might change your perception of how Germany deals with the fundamental right to privacy. The speakers work for netzpolitik.org, the leading news outlet on digital rights in Germany. They have published many classified documents on surveillance, dodged treason-charges, and live-transcribe every hearing of the parliamentary inquiry committee on mass surveillance, totaling over 3.000 pages of text.
Speaker: vimja Blockchain ist die Technologie welche moderne Kryptowährungen ermöglicht. In dem Vortrag wird die Funktionsweise von Blockchains ganz allgemein erklärt. Anhand der Bitcoin Blockchain wird ausserdem gezeigt, wie diese Funktionen in einem echten System umgesetzt werden können. Blockchain ist die Technologie hinter Bitcoin. Sie macht Kryptowährungen überhaupt erst möglich und die meisten Vorgänge moderner Kryptowährungen können anhand der jeweiligen Blockchain aufgezeigt und erklärt werden. Der Vortrag gibt eine Einführung zu Blockchains. Es wird gezeigt, was Blockchains bezwecken sollen und wie sie das erreichen. Die Grundlegenden Eigenschaften werden anhand eines abstrakten Modells erklärt: Wie wird ein Konsens etabliert Wie schützen Blockchains vor doublespending Wie schützen Blockchains vor Angriffen auf einzelne Teilnehmer des P2P Netzwerkes Was ist ein Proof of work und welche Rolle spielt er für die Sicherheit Wie kann der Zustand effizient an alle Teilnehmer verteilt werden Anhand der Bitcoin Blockchain soll ausserdem gezeigt werden, wie diese Funktionen in einem echten System umgesetzt werden können. Ausserdem wird die Funktionsweise von Light-clients behandelt. Dabei spielen insbesondere der Aufbau der Bitcoin Blöcke und der Schutz der Transaktionen mittels eines Merkle Baumes eine wichtige Rolle. Der Vortrag fokussiert auf die Blockchain-Technologie. Funktionen und Implementationsdetails von Bitcoin, die mit der Blockchain nicht in direktem Zusammenhang stehen, werden nicht behandelt. Es werden die Eigenschaften öffentlicher, POW basierter, Blockchains behandelt, private Blockchains, wie sie in von Finanzinstituten entwickelt werden, werden nicht behandelt.
Speakers: Steini, Ruben Neugebauer, benthor Refugees are dying in the Mediterranean Sea. Thousands of them. We are building fixed wing drones, autonomously searching for refugee-vessels in a radius of 50km around a base-ship. The association "Seawatch e.V." has bought two well equipped Ships to help and rescue those people. But to help them we first have to find them. CCC-Berlin and "Sea Watch e.V." are working together to use high tech for humanitarian projects. In this talk we will explain the situation in the Mediterranean Sea and show possibilities to help refugees in mortal danger with high tech. We will present a smartphone app for organising the multidimensional chaos in the Mediterranean Sea and we explain in depth, how the development of the drones is proceeding, what already works and which challenges are still waiting. After some deliberation, we reluctantly decided to give this talk in German since we have a lot to show and talk about within a constrained time window. However, live translation services should be available via streaming (or DECT) so our international guests can participate. Of course, questions asked in English are welcome as well.
Speaker: Clifford Yosys is a free and open source Verilog synthesis tool and more. It gained prominence last year because of its role as synthesis tool in the Project IceStorm FOSS Verilog-to-bitstream flow for iCE40 FPGAs. This presentation however dives into the Yosys-SMTBMC formal verification flow that can be used for verifying formal properties using bounded model checks and/or temporal induction. Yosys is a free and open source Verilog synthesis tool and more. It gained prominence last year because of its role as synthesis tool in the Project IceStorm FOSS Verilog-to-bitstream flow for iCE40 FPGAs. This presentation however dives into the Yosys-SMTBMC formal verification flow that can be used for verifying formal properties using bounded model checks and/or temporal induction. Unlike FPGA synthesis, there are no free-to-use formal verification tools available and licenses for commercial tools cost far more than most hobbyists or even small design companies can afford. While IceStorm was the first complete free-as-in-free-speech synthesis tool-chain, Yosys-SMTBMC is the first free Verilog verification flow for any definition of the word "free". Because of the prohibiting pricing of commercial tools it can be expected that most audience members never had a chance to work with formal verification tools. Therefore a large portion of the presentation is dedicated to introducing basic concepts related to formal verification of digital designs and discussing small code examples.
Speaker: Christopher Soghoian We didn’t win the second crypto wars. Governments merely made a strategic retreat and they’ll be back. Although they will likely give up on trying to regulate or prohibit encryption, we should expect that malware and law enforcement hacking will play a starring role in the next battle in the crypto wars. In a world where encryption is increasingly the norm, the cops aren’t going to give up and go home. No, they’ll target our scarily insecure mobile devices and computers. How did we get here, what's going on, and what can we do to stop it? Come to this talk to find out. For more than fifteen years, the FBI has had a dedicated hacking team. Until recently, this team’s hacking operations were shrouded in near-complete secrecy. That is slowly starting to change. And while we still don’t know a lot, what we have learned is alarming. For example, in order to deliver malware, the FBI has impersonated journalists and engaged in bulk-hacking operations that targeted users of legitimate communications services (TorMail). As the next crypto wars unfold in Washington, London and Brussels, we should expect to see law enforcement hacking play a central role in the debate. With the mass, default adoption of full disk encryption storage and end-to-end encryption for communications, law enforcement agencies will no doubt struggle to acquire data that has traditionally been easy for them to get. This will likely result in two significant policy shifts – first, it will force law enforcement hacking out of the shadows, and second, it will cause hacking tools to trickle down from elite, well-resourced federal law enforcement units to regional and local cops, who are most impacted by encryption, the least technically sophisticated and the most likely to abuse hacking tools. If a world in which the FBI hacks is scary, just wait until local police departments are doing it too. We must stop the spread of hacking as a law enforcement tool,
Speakers: Lena Rohrbach, Sönke Iwersen, Robert Tibbo On June 9, 2013, Edward Snowden revealed massive civil rights abuses by the NSA. On June 10, Snowden didn’t know where to hide. Snowden’s revelations had started the greatest intelligence man hunt in history. The entire US secret service apparatus was looking for the American Whistleblower. Every policeman in Hong Kong was on the lookout. And hundreds of journalists were flooding the city to find the man who shocked the world. No one could find him. On June 23, Snowden boarded a plane to Moscow. In the two weeks before that, he had simply been invisible. For three years, these two weeks have been unexplained. Then, investigative journalist Sönke Iwersen from the German newspaper Handelsblatt filled in the gaps. Today, Sönke will present the people who kept Snowden alive: rights lawyer Robert Tibbo, who is coming from Hong Kong to Hamburg to join us on stage. Ajith, a former soldier from Sri Lanka. Vanessa, a domestic helper from the Philippines. And Nadeeka and Supun, a refugee couple in Hong Kong. Without any preparations, these five men and women were given an almost impossible task: Hide the most wanted man alive. This hour at 33c3 will tell how they succeeded. You will learn about Snowden’s days in hiding, the human rights situation for refugees in Hong Kong, and how you can help both Snowden and the refugees who saved his life. Also, you will hear the latest news on Edward Snowden himself. Lena Rohrbach from Amnesty International will tell you about the Pardon Snowden Campaign and how you can participate. Time is running out!
Speakers: Guido Schmitz (gtrs), dfett Many web sites allow users to log in with their Facebook or Google account. This so-called Web single sign-on (SSO) often uses the standard protocols OAuth and OpenID Connect. How secure are these protocols? What can go wrong? OAuth and OpenID Connect do not protect your privacy at all, i.e., your identity provider (e.g., Facebook or Google) can always track, where you log in. Mozilla tried to create an authentication protocol that aimed to prevent tracking: BrowserID (a.k.a. Persona). Did their proposition really solve the privacy issue? What are the lessons learned and can we do better? Most ordinary web users have accounts at (at least) one of the big players in the web: Facebook, Google, Microsoft (Hotmail, Live), or even Yahoo. Also, many of these users are always logged in at some web sites of these companies. For web sites by other parties, it seems convenient to just re-use this already established authentication: They do not need to annoy the user with registration and login, and these web sites also do not need to maintain and protect an authentication database on their own. This is where SSO protocols come into play -- most times OAuth 2.0 or OpenID Connect. Both protocols have in common that they even require that the identity providers track where users log in. The only attempt so far, that tried to do better to protect the user's privacy, is Mozilla's BrowserID (a.k.a. Persona). We have analyzed these SSO protocols and discovered various critical attacks that break the security of all three protocols and also break the privacy promise of BrowserID. In our research, however, we aim to get positive security proofs for such SSO systems: We will discuss fixes and redesigns and whether it is possible to create a secure and privacy-respecting SSO. Contents of the talk: How do OAuth, OpenID Connect, and BrowserID protocols work? Attacks on these protocols! Can we make SSO great again?
Speaker: Mark van Cuijk Instant money transfer, globally without borders and 24/7. That’s one of the promises of Bitcoin. But how does national and international money transfer work in the world of banks? I moved from the world of Bitcoin and blockchain to the world of domestic and international payments at banks. I had a lot of questions and managed to get my job moving in the place where I can learn how those things work and to get answers. In this presentation, I’m going to share what I’ve learned and I’ll help you understand something about the current payment systems that exist in the world. The topics I’ll bring are going to present some answers to the following questions: How do banks communicate? Why does a payment between two banks take longer than a payment within a single bank? Where is the money when it’s debited from my account, but not yet in the beneficiary account? Why are international payment so expensive? We can do instant payments with credit cards, how come normal bank transfer aren’t instant?
!!! This event is not going to be recorded !!! Der Kampf der Hinterbliebenen um die Wahrheit --- Geride kalanların gerçekler için savaşı Fünf Jahre nach Bekanntwerden des "Nationalsozialistischen Untergrunds" erzählen die NSU-Monologe von den jahrelangen Kämpfen dreier Familien der Opfer des NSU - von Elif Kubaşık, Adile Şimşek und İsmail Yozgat: von ihrem Mut, in der 1. Reihe eines Trauermarschs zu stehen, von der Willensstärke, die Umbenennung einer Straße einzufordern und vom Versuch, die eigene Erinnerung an den geliebten Menschen gegen die vermeintliche Wahrheit der Behörden zu verteidigen. --- “Nasyonal sosyalist yeraltı” oluşumundan tam beş yıl sonra NSU-monologları NSU kurbanları olan üç ailenin savaşını anlatıyor - Elif Kubaşık, Adile Şimşek ve İsmail Yozgat: onların cesaretini, cenaze töreninde ilk sırada durmayı, irade gücünü, bir sokağın tekrar isim değiştirme talebini ve son olmayacak şekile, sevdiği kişinin hatıralarını sözde doğruları konuşan araştırmacı karşısında savunma yapmalarını anlatıyor. --- Veranstaltung auf Deutsch mit Türkischen und Englischen Übertiteln --- Publikumsgespräch im Anschluss mit: Nissar Gardi, Referentin des Projekts "Empower. Beratungsstelle für Betroffene rechter, antisemitischer und rassistischer Gewalt" & Andreas Kienzle, Nebenklageanwalt der Familie Yozgat.
Speakers: Andreas Dewes, @sveckert When thinking about surveillance, everyone worries about government agencies like the NSA and big corporations like Google and Facebook. But actually there are hundreds of companies that have also discovered data collection as a revenue source. We decided to do an experiment: Using simple social engineering techniques, we tried to get the most personal you may have in your procession. When thinking about surveillance, everyone worries about government agencies like the NSA and big corporations like Google and Facebook. But actually there are hundreds of companies that have also discovered data collection as a revenue source. Companies which are quite big, with thousands of employees but names you maybe never heard of. They all try to get their hands on your personal data, often with illegal methods. Most of them keep their data to themselves, some exchange it, but a few sell it to anyone who's willing to pay. We decided to do an experiment: Using simple social engineering techniques, we tried to get the most personal you may have in your procession. Your “click-stream data”, every URL you have been visiting while browsing the web. After a couple of weeks and some phone calls we were able to acquire the personal data of millions of German Internet users - from banking, over communication with insurance companies to porn. Including several public figures from politics, media and society. In the talk, we'll explain how we got our hands on this data, what can be found inside and what this could mean for your own privacy and safety now and in the future. * Introduction & background * Who collects data and for which purposes * How we got our hands on a large data sample * What's in it? Detailed analysis of the data set * How does it work? Analysis of the collection methods * Outlook: Can we still save our privacy?
Speakers: Will Scott, Philipp Winter 2016 has been marked by major shifts in political policy towards the Internet in Turkey and Thailand, a renegotiation of the responsibilities of content platforms in the west, and a continued struggle for control over the Internet around the world. Turbulent times, indeed. In this session, we'll survey what's changed in Internet surveillance and censorship in the last year, and provide context for the major changes affecting the net today. The good news is the community ability to monitor and act as a watchdog on policy changes is continuing to develop. The Open Observatory effort has set its sights on monitoring country policy, the US Department of State has called for proposals in the area infusing additional money, and groups like Access Now and Great Fire are working on regular measurement of services and access technologies. As we move from an Internet regulated by DPI and technical controls to one dominated by mobile applications and legal regulations on companies, our ability to argue for policy change from an accurate factual basis is critical for advocacy and our continued right to expression. This session will arm you with an updated set of facts for your discussions in the coming year.
Speaker: tihmstar This talk is about the iOS secure boot chain and how it changed throughout different iOS versions, while focusing on downgrading despite countermesures. It will explain basics like what SHSH blobs and APTickets are and how IMG3 and IMG4 file format works. Also a new technique called "prometheus" will be introduced which allows for the first time downgrading 64bit devices. This talk shows how Apple's secure boot chain works and what changes where made with new software and hardware updates. It explains how the boot/restore process works, what SHSH blobs and APTickets are and how they are structured. Each time a new feature is introduced to improve the secure boot chain, a technique is shown how it can be bypassed in order to downgrade. This talk recaps how it was possible to downgrade with TinyUmbrella and limera1n back in the old days and presents a new approach by showing how a technique called odysseus is able to downgrade newer 32bit devices. It is pointed out why Basebands are such a pain when trying to downgrade, as well as why odysseusOTA is able to downgrade Basebands anyways. Components new to 64bit devices like IMG4 file format and SEPOS are introduced and embedded into the context of downgrading. At the end a new technique called "prometheus" is presented, which is the first one to be able to downgrade 64bit device and also the first method since the introduction of APTickets which *can* work without a Jailbreak or Bootrom/iBoot exploits.
Speaker: David Kriesel Seit Mitte 2014 hat David fast 100.000 Artikel von Spiegel-Online systematisch gespeichert. Diese Datenmasse wird er in einem bunten Vortrag vorstellen und erforschen. Der Vortrag gibt tiefe und überraschende Einblicke in das Verhalten des vielleicht größten Meinungsmachers Deutschlands. Ihr werdet Spiegel-Online danach mit anderen Augen lesen. Dazu gibt er einen allgemeinverständlichen Überblick, was mit der heutigen Daten-Auswerterei alles geht. Ihr werdet also vielleicht auch mehr aufpassen, was für Daten von euch ihr ins Internet lasst. Der Vortrag hat drei rote Fäden: 1) Wir reverse engineeren Spiegel-Online. Wir nehmen den Datensatz so richtig auseinander und betrachten Spiegel-Online aus vielen völlig neuen Blickwinkeln. Das Ganze wird bunt, unterhaltsam und anschaulich passieren, so dass es für Techies und Nicht-Techies eingängig ist. Warum sind manche Artikel lang, manche kurz? Kann man Artikeln ansehen, ob die Redakteure wirklich dahinter stehen oder nicht? Welche Redakteure sind enger miteinander verbandelt als andere? Welche Inhalte hält der Spiegel selbst für politisch inkorrekt? Kann man sowas wirklich einfach so von außen messen? Glaubt’s mal – man kann. Bei einigen der Auswertungen wird vielleicht „nur“ das rauskommen, was ihr euch schon vorher denken konntet. Bei anderen werden wir überraschende Ergebnisse erhalten. Und manchmal entdeckt man auch Systematiken da, wo man überhaupt keine erwartet hat. Kurz: Wir werden kreativ sein. Wir werden etwas lernen und Spiegel-Online auch. 2) Ein Überblick über „Data Science“. Wir betrachten nicht nur die Vorgehensweise, sondern auch die Möglichkeiten und gesellschaftlichen Gefahren der Datensammelwut und Auswerterei. Über den Vortrag hinweg wird David – locker und unmathematisch – verschiedene Methoden des Datenauswertens anhand des Spiegel-Online-Datensatzes anschaulich machen. Nicht mit Formeln, sondern mit bunten Grafiken. Nach dem Vortrag
Speaker: Sebastien Dudek To break into a building, several methods have already been discussed, such as trying to find the code paths of a digicode, clone RFID cards, use some social engineering attacks, or the use of archaic methods like lockpicking a door lock or breaking a window. New methods are now possible with recent intercoms. Indeed, these intercoms are used to call the tenants to access the building. But little study has been performed on how these boxes communicate to request and grant access to the building. In the past, they were connected with wires directly to apartments. Now, these are more practical and allow residents to open doors not only from their classic door phone, but to forward calls to their home or mobile phone. Private houses are now equipped with these new devices and its common to find these “connected” intercoms on recent and renovated buildings. In this short paper we introduce the Intercoms and focus on one particular device that is commonly installed in buildings today. Then we present our analysis on an interesting attack vector, which already has its own history. After this analysis, we present our environment to test the intercoms, and show some practical attacks that could be performed on these devices. During this talks, the evolution of our mobile lab and some advances on the 3G intercoms, and M2M intercoms attacks will be also presented.
Speaker: Dolu1990 Since too long we use VHDL and Verilog to describe hardware. SpinalHDL is an alternative language which does its best to prove that it is time to do a paradigm shift in hardware description. SpinalHDL is a Scala library which allow to describe RTL by using object oriented programming and functional programming. This talk will present basics of SpinalHDL and then show by which way this alternative approach offers a huge benefit in code clarity, genericity and reusability.
Speaker: Friedrich Burschel Seit einigen Jahren formieren sich am rechten Rand der Gesellschaft explosionsartig neue rassistische, völkisch-nationalistische und offen nazistische Strömungen, Gruppen und Parteien. Einen erschreckenden Verstärker findet das neue braune Getöse in den sozialen Medien und sein Resonanzraum reicht inzwischen bis weit in die Mitte der Gesellschaft. Teil des Problems sind institutioneller Rassismus in den Behörden und unkontrollierbare Geheimdienste, die den Mob gewähren lassen: Dafür bietet der NSU-Komplex ein erschütterndes Beispiel. Vor dem neuen, sehr lauten, in der Tendenz aber auch gewalttätigen und terroristischen Phänomen rechter Formierung stehen Linke und bürgerliche Mitte ziemlich verdattert und hilflos. Jetzt kommt es darauf an, diese Hilflosigkeit zu überwinden, das Geschehen zu analysieren und sich Gegenstrategien einfallen zu lassen. Das ist „unser“ Job. Wann hat es begonnen? Wann hat sich der rechte Erdrutsch in Bewegung gesetzt? War es Ende der Nuller Jahre mit Eva Hermann? War es Thilo Sarrazins Bestseller „Deutschland schafft sich ab“? Seither ging es Schlag auf Schlag und spätestens seit der Ankunft Hundertausender Geflüchteter aus globalen Krisengebieten gibt es eine Dauerpräsenz rassistischer Proteste wie Pegida auf den Straßen und eine alarmierende Welle offener Gewalt gegen Geflüchtete, Migrant_innen und Linke. Laut Bundesinnenministerium haben sich seit 2014 bis Mitte 2016 rund 2500 Angriffe und Anschläge auf zum Teil bewohnte Geflüchtetenunterkünfte ereignet; im Frühjahr 2016 hat selbst das Bundeskriminalamt vor der Entstehung neuer rechter Terrorgruppen á la NSU gewarnt, die sich von rassistischen Protesten zum Handeln ermuntert fühlen. Als hätten Zehntausende nur auf das Stichwort gewartet, entlädt sich derzeit in sozialen Netzwerken blanker Hass gegen das Establishment, gegen „links-versiffte Gutmenschen“, gegen „Nicht-Deutsche“ und Geflüchtete, progressive p
Speaker: hunz This talk will explore the hard- and software of the Amazon Dash button. While the old hardware-revision of the button has already been analyzed and can be repurposed easily, the new hardware-revision is locked more tightly to prevent tinkering. In this talk a detailed teardown of the dash button hardware will be given. The talk will also have a closer look at the software running on the device and how communication with the server works. Although the new hardware-revision of the button makes use of the controller lockbits to prevent the user from reprogramming the device, a method for running custom code on the device and extracting stored secret keys will be presented.
Speakers: Olga Kochetova, Alexey Osipov How to stop the ATMs fraud? How to protect ATMs from attacks such as black box jackpotting? How to prevent network hijacking such as rogue processing center or MiTM? Some of these issues can be fixed by configuration means, some fixed by compensation measures, but many only by vendor. We will tell you about what bank can do now and what we as a community of security specialists should force to vendors. Guys with malicious intentions never sleep, but make their bad deal all days, all nights. When you have your five-o-clock beer, they open service zone of ATM and connect "magic box" that make ATM empty. Alternatively, sometimes banks security guys may watch video surveillance footage with man-in-the-hoody, who make something in the nearby corner of ATM. Surely, ATM is empty again! On the other hand, banks may not have any video monitoring so they cannot imagine how ATM became empty without any forensics evidence. We have collected huge number of cases on how ATMs could be hacked during our researches, incidents responses and security assessments. A lot of malware infects ATM through the network or locally. There are black boxes, which connect to communications port of devices directly. There are also network attacks, such as rogue processing center or MiTM. Before we spoke about vulnerabilities and fraud methods used by criminals. Now we would like to combine our expertise to help financial and security society with more direct advices how to implement security measures or approaches to make ATMs more secure.
Speaker: miaoski The talk is about the paging system, an old technology in the 90's, used in healthcare, ICS and government, a systematic review of security impacts that it brought to us in the age of SDR, covering the United States, Canada, England and Japan. By sniffing known pager frequencies in the general vicinity of hospitals, factories and public facilities with a $20 DVB-T, we discovered that not only is pager technology alive and kicking, but much of the traffic is not encrypted, resulting in violation of privacy laws and more importantly, leaks of sensitive information. The talk is not about the protocol nor the hardware device. Pager was once very popular in the 90's. It did not disappear from the world as cellular technology phased in, but found a niche market in hospitals, industry control systems, public services and defense industries where low transmitting power or uni-directional transmission are mandatory. Just like other old technologies, systematic risk can emerge as new technology, for example SDR, becomes affordable. It is well known that one can decode POCSAG and FLEX messages with SDR as early as in 2013. After four months of observation, prudent metadata collection and data analysis, however, the researchers believe that the extensive use of email-to-pager and SMS-to-pager gateways, along with the unencrypted nature of paging system, makes it a huge security impact to the users and companies. Workflow software integrated with pagers can cause a huge leak of personal information. We can fix it only after people are fully aware of the status quo. The talk is a summary of data analysis and a demonstration of how far passive intelligence using pagers can go, scenarios including, Workflow systems in hospitals Patient tracking Pharmacy and prescription Nuclear plants Power stations ICS and HVAC in chemical and semiconductor companies Automation and intelligence in defense sector SNMP
Speakers: Joachim Schautenbach, Pia Fortunata Der Vortrag gibt einen Abriss über die Geschichte der Parlamentsschlägerei, ordnet diese politisch und geografisch ein - um dann die verschiedenen Typen und Formen anhand von Videomaterial zu zeigen und gemeinsam zu analysieren. Die beiden Vortragenden betreiben seit 2010 gemeinsam das weltweit einzige Fachblog für Parlamentsschlägereien. Du findest Parlamentsdebatten todlangweilig? Bei Phoenix TV schläfst du ein? Politischer Kampf klingt für dich nur nach Geschichtsbuch? Unsympathische Abgeordnete in Parlamenten wecken bei Dir Gewaltphantasien? Wir haben die Lösung für all diese Probleme: Internationale Parlaments-Schlägereien! Die beiden Vortragenden betreiben mit großer Freude ein Fachblog für diese Form der handfesten parlamentarischen Auseinandersetzung. In sieben Jahren haben sie über 100 Videos gesammelt, wie Abgeordnete raufen, schlagen, treten - und so manches Inventar zur Waffe umfunktionieren. Im kurzweiligen Abend-Vortrag geben sie einen kleinen Abriss über die Geschichte der Parlamentsschlägerei, zeigen verschiedene Typen und Formen, vergeben Preise für außergewöhnliche Leistungen - und stellen sogar die neuesten wissenschaftlichen Erkentnisse zum Thema vor. Aber keine Angst: Es bleibt unterhaltsam.
Speakers: Fefe, frank Wenn mal wieder der Zensor pinkeln war, wenn DAMIT ja wohl NIEMAND rechnen konnte, wenn es um demokratisch legitimiertes Baumanagement oder um Stahlbälle geht, dann ist es wieder an der Zeit für eine lockere Abendshow mit den High- und Lowlights des Jahres. Lehnen Sie sich zurück, bringen Sie die Poppfolie in Stellung, tragen Sie die Schwielencreme gegen Facepalm-Blutergüsse auf der Stirn auf, brechen Sie das Popcorn an und genießen Sie die lockere Abendrevue zum Jahr 2016!
Speakers: Bill Marczak, John Scott-Railton In August 2016, Apple issued updates to iOS and macOS that patched three zero-day vulnerabilities that were being exploited in the wild to remotely install persistent malcode on a target’s device if they tapped on a specially crafted link. We linked the vulnerabilities and malcode to US-owned, Israel-based NSO Group, a government-exclusive surveillance vendor described by one of its founders as “a complete ghost”. Apple’s updates were the latest chapter in a yearlong investigation by Citizen Lab into a UAE-based threat actor targeting critics of the UAE at home and around the world. In this talk, we will explain how Citizen Lab discovered and tracked this threat actor, and uncovered the first publicly-reported iOS remote jailbreak used in the wild for mobile espionage. Using the NSO case, we will detail some of the tools and techniques we use to track these groups, and how they try to avoid detection and scrutiny. This investigation is Citizen Lab’s latest expose into the abuse of commercial “lawful intercept” malcode. We will begin the presentation with our discovery and investigation of a UAE-based threat actor we call Stealth Falcon, and explain how a small error in the operators’ operational security led us to a mobile attack infrastructure consisting of hundreds of servers, which we determined was associated with NSO’s Pegasus product. We will detail the Internet scanning we undertook to enumerate this infrastructure, and some techniques we used to try and find “live” exploit links. It was through these techniques that we identified suspicious links sent via SMS to UAE human rights defender Ahmed Mansoor. We will describe how we caused the exploit server to “fire”, and how we determined that it served us a one-click zero-day iPhone remote jailbreak to deliver NSO’s Pegasus, a powerful and sophisticated piece of government-exclusive malcode. We will outline the functionality of the ex
Speakers: pancake radare is a libre framework and a set of tools to ease several tasks related to reverse engineering, exploiting, forensics, binary patching, .. this year, the project gets 10 year old. In the process, the design evolved and several new functionalities has appeared, defining better development rules, improving code reviews and introducing RDD and fuzzing as part of the development process. Constant refactoring, writing usage examples and documentation and giving talks, to enlarge the community has been key elements to reach the great user base and health the project lives nowadays. This year, in order to celebrate the 10th anniversary, the author organized the first r2con, a congress around the tool that aims to be an excuse for sharing knowledge, tools, scripts about what different parties and people is doing with it. The congress was pretty successful and allowed to meet developers, users and other interested parties for learning more about the future of the tool and understanding its capabilities. This talk will show the evolution and structure of the project, its roots, some of the most notorious capabilities, showing several usage examples to let the attendees the power in functionalities and extensibility the tool provides. The target for this talk is everyone, from beginners to experts, from curious to skeptics.
Pseudo-random number generators (PRNGs) are critical pieces of security infrastructure. Yet, PRNGs are surprisingly difficult to design, implement, and debug. The PRNG vulnerability that we recently found in GnuPG/Libgcrypt (CVE-2016-6313) survived 18 years of service and several expert audits. In this presentation, we not only describe the details of the flaw but, based on our research, explain why the current state of PRNG implementation and quality assurance downright provokes incidents. We also present a PRNG analysis method that we developed and give specific recommendations to implementors of software producing or consuming pseudo-random numbers to ensure correctness.
Speakers: frank, Linus Neumann, Constanze Kurz, nexus Wir werden einen Überblick über die Themen geben, die den Chaos Computer Club 2016 beschäftigt haben. Neben der Zusammenfassung und der Rückschau auf das vergangene Jahr wollen wir einen Blick in die Zukunft wagen.
Speaker: Netanel Rubin Smart City is an abstract concept everyone talks about but no one knows what it actually means. No one, except Energy utilities. In this talk we will explore the vast world of Smart Energy, and see how energy providers used the "Smart City" concept to get better control over our energy consumption, all while almost completely ignoring security aspects along the way. Join me and see how Smart Energy is making our lives a little bit better, but also dangerously insecure. While "Smart Cities" are starting to pop all over the world, no city has ever standardized what that term actually means. Smart Energy, on the other hand, has been standardized both by governments and by large private utilities. This positive regulation made the Smart Energy market one of the largest IoT industries today, with over 100,000,000 smart devices currently implemented at consumer premises by utilities all over the world. In this talk We will dive into the Smart Grid, exploring security issues both in the utility infrastructure and the Smart Meters present at consumers. We will explore the magical world called ZigBee, the confusing world of incomplete RFCs, and the hazardous world of insecure wireless devices that control your electricity grid. You will leave this talk with a much better understanding at what's going on in your city, your energy provider, and, surprisingly, your home; And trust me, it won't make you feel any better.
Speakers: Ben Gras, Kaveh Razavi, brainsmoke, Antonio Barresi We are 4 security researchers who have collectively worked on 3 different attack techniques that all (ab)use memory deduplication in one way or another. There is a cross-vm data leak attack, a cross-vm data write attack, and an in-sandbox (MS Edge) Javascript data leak + full memory read/write attack based in MS Edge. In this talk we detail how memory deduplication works and the many different ways it is exploited in our attacks. Memory deduplication is a widely applied technique to reduce memory consumption in servers, VM hosts, desktop systems and even mobile devices. Deduplication maps multiple identical copies of a physical page onto a single shared copy with copy-on-write semantics. As a result, a write to such a shared page triggers a page fault and is thus measurably slower than a write to a unshared page. Prior work has shown that an attacker able to craft pages on the target system can use this timing difference as a simple single-bit side channel to discover that certain pages exist in the system. In this talk, we show that the security implications of using memory deduplication are much more severe than initially assumed. We show that by maliciously programming memory deduplication, an attacker can build primitives to read arbitrary data from memory and even write to memory in a limited but powerful way. We exemplify these primitives using three attacks that we have recently developed. The first attack, CAIN, uses memory deduplication to brute-force ASLR’s entropy bits from a co-hosted victim VM. The second attack, Dedup Est Machina, extends CAIN in order to leak arbitrary data such as ASLR heap/code pointers and password hashes in a victim’s browser from JavaScript. Using the leaked pointers, Dedup Est Machina uses a Rowhammer exploit to own Microsoft Edge without relying on a single software vulnerability. The third attack, Flip Feng Shui, uses memory deduplication to control the p
Speakers: LaForge, holger Let's have a detailed look at some modern 3G/4G cellular modems and see what we can find out about their internals using undocumented debug interfaces and software or hardware based hacking techniques. Cellular modems are not only present in smartphones, tablets and laptops, but these days also in many M2M and internet-of-toilets (IoT) applications. Long gone are the days where those modules were GSM/GPRS/EDGE only with ancient ARM7TMDI or ARM926EJS cores and a relatively small-sized firmware in the range of kilobytes to very few megabytes, like on the famous OsmocomBB supported phones. Modern cellular modems re-use the cellular chipsets of smartphones one or two generations ago, like the MDM9615 used in the iPhone 5. As those chipsets contain plenty of processors and are quite sophisticated SoCs on their own, one can even find (undocumented) Linux or Android in some modems, which of course makes them a very attractive target for further exploration or running your own code inside the modem. We will give a short overview about the current market of cellular modems, the major chipset suppliers and chipset families and then pick one or two examples and show the methods used for reverse engineering them to a point where they can be used for much more than the AT command or QMI interface officially documented/supported by the manufacturer. This includes the execution of custom code inside modems, as well as protocol tracing of the air-interface. We'll also look at the FOTA (Firmware Update Over The Air) features, and perform a security analysis of our findings. This talk understands itself following the tradition of various baseband processor related talks at many CCC events of the past decade, including 25C3: Anatomy of smartphone hardware and 28C3: Reverse-engineering a Qualcomm baseband. Both speakers (Harald Welte and Holger Freyther) have been working on Free Software related to cellular telephony for more than a decade, including
Speakers: Agnes, Christopher Talib France is under a state of emergency since November 2015. Several laws and a more intrusive surveillance framework, infringing rights and freedoms, have been adopted these recent years in the name of the fight against terrorism. Privacy, freedom of expression… these words could soon disappear from French vocabulary as the number of measures increases as the same time than their intensity. We will show how it happened and what are our actions to try to defend the rights of all to privacy and freedom of speech. The next French presidential elections will take place in spring 2017 under the state of emergency while all laws recently adopted are making our national motto „liberté, égalité, fraternité“ out of date. Furthermore, the increasing surveillance drifts are undermining Privacy whereas this is a fundamental right and a sine qua non condition for freedom. We are looking back on the three years span of law adopted on surveillance in France as well as the more than one-year old state of emegency. What does that mean for our rights ? What is at stake ? In which society model are we heading? What can we learn form the French experience? Let’s find out.
Speaker: bunnie The participation of women in computer education is low; undergraduate classrooms in Germany were only 10% female in 2000[1]. The picture at the primary school level is fuzzier, as students do not declare majors at that level, but evidence indicates the trend starts from a young age. Can we make computer education more gender-inclusive? Presenting technology in familiar, non-threatening contexts can lead to more balanced gender participation. For example, Chibitronics uses the context of papercraft to present electronics to beginners; the familiarity of papercraft improves the participation of women of all ages in the creation of electronics. Based on these learnings, we have devised the “Love to Code” platform, an open source hardware-to-cloud stack which combines the familiarity of paper craft with a web-based, driver-free embedded firmware development environment based on FSK audio provisioning via a headphone jack. In this talk, we will dive into the novel open source technical contributions of this platform, which includes the audio-based provisioning protocol and the unique rigid-flex design of the circuitry enabling papercraft integration, as well as the multi-threaded client OS and cloud infrastructure required to complete the picture. This combination of new technology with familiar interfaces aims to lower the barrier to computer education, thus making coding a more accessible and inclusive activity. Computer technology tends to be a male-dominated field. One study from 2002 placed female participation in undergraduate computer education classrooms around 10% for Germany, and 26% for the US[1]. The picture is fuzzier at the primary school level, because students do not declare majors at such a young age, but evidence indicates that this strong gender bias has roots extending to primary school. Can we make computer education more inclusive? There is evidence that presenting technology in familiar, non-threatening contexts can lead to
Speaker: Joscha Artificial Intelligence provides a conceptual framework to understand mind and universe in new ways, clearing the obstacles that hindered the progress of philosophy and psychology. Let us see how AI can help us to understand how our minds create the experience of a universe. Unlike the machine learning systems of the past, minds are not just classifiers or policy optimizers. Minds are not accumulators of knowledge about the world. Minds are generative systems: they actively produce the world that we subjectively experience. Ordinary day-time experiences are in fact dreams constrained by sensory data. This simple insight of contemporary cognitive science turns realist notions of embodiment on their head. The idea of the brain as a dreaming machine opens a way to understand the nature of our experiences. This is the proposed fourth installment of a series of presentations about using AI perspectives to understand minds and their relationship to the universe. "How to build a mind" (30c3) suggested specifications for an architecture of cognition; "From computation to consciousness" (31c3) explored the mind's computational foundations; "Computational metapsychology" (32c3) discussed the individual and social construction of meaning. "Machine dreams" sketches how the computational machinery of our brains leads to our experience a subjective world. We will look at the conductor theory of consciousness, some of the mental structures contributing to our models of self and world, and the unreasonable effectiveness of neural processes in modeling physics.
Speaker: jab How to build a pinball machine? We introduce you to all basics and explain the different options for hardware and software. As an example, we show images of our own custom pinball machine. This talk gives an overview over all the components in a pinball machine which includes software and a lot of hardware. Afterwards, we go over all the steps when designing and building a pinball machine. We start with basic design rules, physical limits and best practices. Then, we focus on the mechanical and electronic components. After that, we talk about software and display (DMD vs LCD) options. At the end, we explain how to build or manufacture certain parts for your machine. For the hardware, we talk about: - EM, WPC and modern machines - Coils and Switches - Sources for mechanical elements - Gi/Lamps - RGB LEDs - Display option (DMDs, LED-DMDs, LCDs) and how to control them Electronics: - Open Pinball Project (Open Hardware) - Multimorphic P-Roc and P3-Roc - FAST Pinball Boards - Full custom options - Fadecandy/Openpixel - I2C and ServoControllers Software options: - Mission Pinball Framework (Disclaimer: I'm one of the authors) - pypinprocgame/pypinprocgameHD Building/Manufacturing Parts: - Playfields (including printing) - Cabinet - Metal ramps - Wire ramps - Plastic ramps - Plastics/Decals - Inserts - Mechanics
Speakers: Ali Abbasi, Majid Input/Output is the mechanisms through which embedded systems interact and control the outside world. Particularly when employed in mission critical systems, the I/O of embedded systems has to be both reliable and secure. Embedded system’s I/O is controlled by a pin based approach. In this work, we investigate the security implications of embedded system’s pin control. In particular, we show how an attacker can tamper with the integrity and availability of an embedded system’s I/O by exploiting cerain pin control operations and the lack of hardware interrupts associated to them. Embedded systems are widely used today in a variety of applications, such as consumer, industrial, automotive, medical, commercial and military. As such, they are often employed in mission critical systems that have to be both reliable and secure. In particular, it is important that their I/O (Input/Output) be stable and secure, as this is the way they interact with the outside world. Digging into their architecture, we know that the I/O interfaces of embedded systems (e.g., GPIO, SCI, USB, etc.), are usually controlled by a so-called System on a Chip (SoC), an integrated circuit that combines multiple I/O interfaces. In turn, the pins in a SoC are managed by a pin controller, a subsystem of SoC, through which one can configure pin multiplexing or the input or output mode of pins. One of the most peculiar aspects of a pin controller is that its behavior is determined by a set of registers: by altering these registers one can change the behavior of the chip in a dramatic way. This feature is exploitable by attackers, who can tamper with the integrity or the availability of legitimate I/O operations, factually changing how an embedded system interacts with the outside world. Based on these observations, in this research, we introduce a novel attack technique against embedded systems, which we call pin control attack. As we will demonstrate in the work,
Speaker: Tim 'mithro' Ansell Ever wondered what is actually happening when a speaker can't get their laptop to project? While developing the FPGA-based HDMI2USB.tv open hardware for recording conferences, we discovered just how convoluted the HDMI protocol can be. Come hear all the horrible details! The TimVideos.us group aims to make it easy for anyone to create high quality recordings of conferences and user groups. To achieve this goal we have developed the HDMI2USB.tv project, an FPGA based, fully open (hardware and firmware) solution for capturing HDMI video signals. The solution has been in use since late 2015 and used at numerous conferences such as Linux.conf.au, DebConf and many PyCon conferences around the world. To be truly FOSS has however meant developing code for doing HDMI receiving and sending. Come hear about all the issues we have run into and the nitty gritty details about how it works (or doesn't!). By the end of the talk you will know more than you ever wanted to about the HDMI protocol! This talk will cover: The HDMI video standard, including An overview of the many protocols and standards required. A high level description of the low speed protocols needed such as DCD (EDID) and CEC. A indepth dive into the high speed TMDS protocol and encoding. How to build a HDMI receiver and transmission to run on an FPGA. War stories from trying to use the HDMI2USB capture device for recording FOSS conference, including; Why your HDMI cable can actually matter. Some of the reasons why plugging in a screen doesn't always "just work". Doing error correction on a protocol which doesn't have any.
Speakers: ruedi, vgrass, Prof. Stefan Lucks ''Technologien für und wider Digitale Souveränität'' Die weltweite Vernetzung ist die tiefgreifendste Veränderung seit der industriellen Revolution. In einer Zeit der maßlose Massenüberwachung scheint die Digitale Souveränität den Einsatz privatsphärenfreundlicher Technologien als ein unverzichtbarer Bestandteil von gesellschaftlichen Lösungsversuchen zwingend zu erfordern. In unserem Beitrag möchten wir hackerrelvante Teilaspekte und Verfahren aus einer Studie für das Bundesministerium für Justiz und Verbraucherschutz vorstellen. Unter anderem sind hier kryptographische Protokolle (z. B. Blinde Signaturen, Zero-Knowlege Protokolle) und Methoden zur statistischen Auswertung von vertraulichen Daten (z.B. K-Anonymität, Differentielle Vertraulichkeit) zu nennen.
Speaker: James Bridle James Bridle is a British writer and artist living in Greece. His work explores the impact of technology on society, law, geography, politics, and culture. His Drone Shadow installations have appeared on city streets worldwide, he has mapped deportation centres with CGI, designed new kinds of citizenship based on online behaviour. and used neural networks and satellite images to predict election results. A New Dark Age is an exploration of what we can no longer know about the world, and what we can do about it. The history of computation and the history of the weather are deeply intertwined. The possibilities of mathematical prediction have driven a belief in our ability to model and control the world. Today, the pervasive metaphor of "the Cloud" shapes how we think about the world - but not always in useful or democratic ways. James Bridle's Cloud Index explored this history and sets out a new model for thinking about the world with the cloud at its heart: a nebulous, ever-changing set of possibilities, founded on unknowing. The Cloud Index (http://cloudindx.com, 2016) is an online artwork using neural networks to generate new weather patterns corresponding to differing electoral outcomes. The work challenges our ability to predict and thus control the future, and questions our intentions and ethics when it comes to the things we build. Using the Cloud Index as a starting point, Bridle's lecture explores the military and political histories of computation, networking, and weather control. As the processes of computational thinking - the belief that the gathering of ever-increasing volumes of data and the application of vast engines of computing power - fail to produce coherence or agency in the world, Bridle suggests that we should take the Cloud at its word. Cloud thinking is the acknowledgement that we cannot know or predict everything, and our technology is trying to teach us a different way of seeing and understanding the world.
Speakers: Vasilios Mavroudis, Federico Maggi In the last two years, the marketing industry started to show a fast increasing interest in technologies for user cross-device tracking, proximity tracking, and their derivative monetization schemes. To meet these demands, a new ultrasound-based technology has recently emerged and is already utilized in a number of different real-world applications. Ultrasound tracking comes with a number of desirable features (e.g., easy to deploy, inaudible to humans), but alarmingly until now no comprehensive security analysis of the technology has been conducted. In this talk, we will publish the results of our security analysis of the ultrasound tracking ecosystem, and demonstrate the practical security and privacy risks that arise with its adoption. Subsequently, we will introduce some immediately deployable defense mechanisms for practitioners, researchers, and everyday users. Finally, we will initiate the discussion for the standardization of ultrasound beacons, and outline our proposed OS-level API that enables both secure and effortless deployment for ultrasound-enabled applications. This talk will present the outcomes of the first comprehensive security study on the ultrasound tracking ecosystem. This ecosystem remained almost unknown to the general public until recently, when a newly-founded company faced the nemesis of the security community and the regulators (e.g., the Federal Trade Commission) for its controversial tracking techniques. However, there are many more “traditional players” using ultrasound tracking techniques for various purposes, raising a number of levels of security and privacy issues with different security and privacy models. In general, the main advantage of the ultrasound technology compared to already existing solutions is that it does not require any specialized equipment (unlike wifi and bluetooth), while it remains inaudible to humans. For this reason, the technology is already utili
Speakers: Jake Davis, Lauri Love, Mustafa Al-Bassam Lauri Love has never set foot in the United States, yet he is facing a potential century in jail if extradited for his alleged involvement in #OpLastResort, an Anonymous-related protest action that occurred in response to the death of Aaron Swartz. The case against Love, a Finnish and UK citizen, has profound implications for United States claims of global jurisdiction over the internet, for the treatment of neurodivergent individuals under the law, and for privacy rights in the UK and beyond. Lauri has been involved in two important legal cases this year. In May, Lauri scored a rare victory for digital rights in the UK, ensuring the National Crime Agency did not establish a dangerous new precedent to compel the decryption of stored data. Then this summer, during his extradition hearings, a significant portion of defense testimony related to Love’s diagnosis with Aspergers syndrome, his depression and long-term health symptoms for which he is under medical observation. Expert testimony reinforced the inadequacy, violence and injustice of the U.S. prison system for dealing with these concerns. This September, a judge agreed that Lauri was at serious risk of self-harm, yet she approved his extradition nonetheless, reopening a debate in the UK over how to protect vulnerable individuals that was ostensibly resolved after Gary McKinnon’s extradition was blocked by Theresa May in 2012. Ex-Lulzsec member Jake Davis – who was indicted in the United States but prosecuted in the UK, will give his take on Lauri’s case and its broader ramifications. Lauri himself will also participate via video link. How does the possibility of Lauri’s extradition change the threat landscape for digital activists? Is there any way to prevent extradition being used as a tool of US global jurisdiction over the internet? Where has the law on both sides of the Atlantic failed Lauri, and what are the changes we
Speaker: Markus Landgraf Why is it so hard to go to the Moon? The curse of Newtonian Mechanics and Tsiolkovsky's Rocket Equation force us to build huge rockets to achieve any meaningful activity on the Moon. There are two strategies to hack the laws of celestial mechanics: making fuel on the Moon and using cables to climb out of the gravity well. Here we focus on the latter, which is the Moon version of the famous space elevator. The difference to an Earth elevator is - anelevator to the Moon's surface is realistic with today's materials. In the talk an introduction to the general problem is given and a starting point for a discussion is given that can easily lead to a sustainable access to the Moon if there is demand to do so.
Speakers: Michael Weiner, RFguy Die Verfügbarkeit preiswerter Maschinentechnik und Open Source CAD-Software hat den Aufwand des Herstellens eigener mechanischer Schlüssel signifikant abgesenkt, die wir noch vor zehn Jahren als „sicher“ bezeichnet haben. Klassische Zylinderschlösser sind in der Vergangenheit bereits ausführlich analysiert worden, doch wie sieht die Situation bei anspruchsvolleren mechanischen Schließsystemen aus? Wir zeigen, wie man den Generalschlüssel einer hoch präzisen, hochpreisigen Schließanlage ermittelt. Weiterhin präsentieren wir unseren Workflow der Software und Mechanik, mit dem man Rohlinge und Schlüssel eines Hochsicherheitssystem mit einer „Low Cost“ CNC-Fräse herstellen kann. Im Gegensatz zum 3D-Drucken bietet uns dies eine deutlich höhere Präzision und mechanische Stabilität - und das für unter 2 Euro pro Schlüssel. Die Verfügbarkeit preiswerter Maschinentechnik und Open Source CAD-Software hat den Aufwand des Herstellens eigener mechanischer Schlüssel signifikant abgesenkt, die wir noch vor zehn Jahren als „sicher“ bezeichnet haben. Beispielsweise sind CAD-Daten von TSA-Schlüsseln veröffentlicht und mit 3D-Druckern nachgedruckt worden; auf dem 32C3 wurden Tools zur automatisierten Erstellung von Schlüsselrohlingen gezeigt. Klassische Zylinderschlösser sind in der Vergangenheit bereits ausführlich analysiert worden, ebenso die Decodierung einer Schließanlage bis zum 3D-Drucken von geschützten Schlüsselrohlingen anhand eines einfachen Fotos. Doch wie kann dieses Wissen adaptiert und erweitert werden, um es auch bei anspruchsvolleren Systemen anwenden zu können? Wir zeigen, wie man den Generalschlüssel einer komplexen Schließanlage bestimmt. Als Beispiele dienen EVVA 3KS und KESO. Wir erklären, wie man Schlüssel und Schlösser als Informationsquelle nutzt. Weiterhin präsentieren wir unseren Workflow der Software und Mechanik, mit dem man Rohlinge und Schlüssel eines Hochsicherheitss
Speaker: Matt Knight LoRa is an emerging Low Power Wide Area Network, a new class of wireless technology designed to connect everything from streetlights to intelligent mousetraps. I will discuss the design and security implications of LPWANs, dive deep into the LoRa PHY, and demonstrate sniffing and injection with an open source LoRa transceiver built on commodity Software Defined Radio tools. This talk will demonstrate techniques for decoding the LoRa PHY layer and will introduce gr-lora, an open source implementation of the protocol. LoRa is a Low Power Wide Area Network (LPWAN), an emerging class of wireless technology optimized for embedded and Internet of Things focused applications. LoRa is unique because it uses a chirp spread spectrum modulation that encodes data into RF features more commonly encountered in RADAR systems. LoRa is also designed to operate in unlicensed ISM frequency bands, both avoiding costly spectrum licensing requirements and democratizing long-range network infrastructure to consumers and new commercial operators alike. After briefly introducing the audience to LPWANs, I will walk through the SDR and DSP techniques required to demodulate and decode LoRa packets. In addition I will discuss gr-lora, an open-source implementation of the PHY that can be leveraged to design LoRa security test tools and drive future research.
Speaker: Jan Wörner Since the early successes of moon missions in the Sixtie, mankind has moved on to the earth orbit and other deep space missions. But interest in the moon as a target has intensified recently as the strategies for future missions are evolving.
Speaker: Anja Drephal Used in cell phone technology, bluetooth devices, and WiFi, Frequency Hopping Spread Spectrum (FHSS) is often said to have been invented in the early 1940s by none other than Hollywood actress and sex symbol Hedy Lamarr. This talk will present the undeniably entertaining history of a well-known actress moonlighting as a military inventor as well as give an overview of the 100-year-old history of frequency hopping and its past and present uses. Imagine no WiFi, no cell phones, no bluetooth. (Everything’s better with bluetooth!) It is often said that we owe the convenience of all these modern technologies to Hollywood actress Hedy Lamarr and her invention of Frequency Hopping Spread Spectrum (FHSS) in the early 1940s. Do we? Born Hedwig Eva Maria Kiesler on November 9, 1914, the daughter of an affluent Viennese family became famous at age 18 for starring naked and faking the first onscreen orgasm in history in the Czech-Austrian film “Ekstase” – fame which led to a successful Hollywood career after Hedwig Kiesler emigrated to the USA and renamed herself Hedy Lamarr. “The most beautiful woman in the world”, as director Max Reinhardt called her, starred in more than two dozen Hollywood movies over the course of twenty years, all the while being bored by the intellectual limitations her job offered. On the subject of what it takes to be a Hollywood sex symbol, she is quoted to have said “Any girl can look glamorous. All you have to do is stand still and look stupid.” Lamarr had always been interested in science and technology and wanted to help the United States' war effort during World War II by doing more than just using her fame and physical beauty to sell war bonds and entertaining the troops at the Hollywood Canteen. In her spare time, she thought about torpedoes: powerful, yet hard to control weapons which might hit their targets more precisely when guided by radio signals. Lamarr knew that the problem with radio signal
Speaker: Karl Urban Wer all unsere Daten der Gegenwart mit selbstlernenden Algorithmen auswertet, wird die nahe Zukunft grob vorhersagen können. Die Instrumente dafür sind so weit, viele seriöse Forscher arbeiten an Teilbruchstücken. Die Folgen für die Gesellschaft scheinen fatal zu sein. Orwell naht gewaltig. Vorhersagen hatten lange einen zweifelhaften Ruf: von den antiken Orakeln mit ihrer eigenen Agenda bis zu den Meinungsumfragen der Gegenwart. Die Gesellschaft galt seriösen Forschern seit jeher als zu komplex, um die Zukunft seriös vorausberechnen zu können. Aber das ändert sich heute: Selbstlernende Algorithmen finden in den exponentiell wachsende Datenbergen immer mehr über uns alle heraus. Kollektives Verhalten vieler Menschen wird, im kleinen zeitlichen Rahmen, vorhersehbar. Die Facebook- und Twitterdaten vom arabischen Frühling waren ein ausgezeichneter Lerndatensatz. Dieser Vortrag beginnt mit den Zutaten, die für einen echten Weltsimulator nötig sind. Und er endet mit der Frage, was demokratische und weniger demokratische Machthaber damit anfangen könnten. Wenn sie derartige Instrumente nicht längst nutzen.
Speakers: Maria Reimer, Daniel Seitz, Paula Glaser, Robert Alisch Wie würdigen verschiedene Tech-Communities das ehrenamtliche Engagement ihrer Mitglieder? Wie lassen sich gewünschte Lernprozesse verstärken? Was sind unsere Erfahrungen bei Jugend hackt? Und was haben Badges damit zu tun? Wir wollen verschiedene Möglichkeiten von Anerkennung ehrenamtlicher Arbeit beleuchten und unsere eigenen Erfahrungen mit Jugend hackt, einer vier Jahre jungen Tech-Community von Jugendlichen und deren MentorInnen, teilen. Das Ziel des Talks ist, euch dabei zu helfen, Lernprozesse um Motivationsfaktoren in euren eigenen Tech-/FOSS-Communities besser zu unterstützen, verschiedenste Erfahrungen zusammenzutragen und existierende Ideen weiterzuentwickeln. Communities, insbesondere im FOSS-Bereich, können ohne ehrenamtliches Engagement kaum überleben. Doch die Anerkennung und Wertschätzung dieses Engagements kommt häufig zu kurz. Gleichzeitig kommen immer wieder Open-Source-Projekte, auf denen unsere technische und zivilgesellschaftliche Infrastruktur aufbaut, zum Erliegen. Doch was ist, wenn sich das Problem nicht mit Geld lösen lässt? Wir gehen in unserem Talk der These nach, dass Anerkennungskultur nicht nur durch vorrangig technische Lösungen (wie z. B. Geld oder auch meritokratische Herangehensweisen), sondern auch durch soziale Lösungen entsteht. Bei Jugend hackt haben wir seit vier Jahren die Möglichkeiten, verschiedenste Formen von Anerkennungskultur und Wertschätzung zu erproben. Wir möchten diese Erfahrungen mit euch teilen und mit Anerkennungsformen anderer Communities vergleichen und dabei Erfolgsfaktoren und Hinderungsgründe sichtbar machen. Außerdem werden wir folgende Fragen beantworten: Wie weit reicht intrinsische Motivation? Welche Würdigungen gibt es außer Geld? Wie funktioniert Lernen und gegenseitige Motivation in solchen Communities? Und was haben (Open) Badges damit zu tun?
Speakers: Liz George, Peter Buschkamp The long term survival of the human species requires that we become an interplanetary species. But we must answer two big questions: where are we going, and how do we get there? We explore what scientists know (and don’t know) about humanity’s potential future homes both inside and outside the solar system, and then we’ll dive into the technological challenges of (and potential solutions for) getting humans to and colonizing a new planet. Long the realm of science fiction, interplanetary colonization is now taken more and more seriously by scientists and space agencies alike as technologies come within reach. We will evaluate obstacles and solutions by looking at two topics: Where to go? and How to get there? Part 1 explores the options that humans have in expanding to new planets. There are now 3,439 exoplanets in 2,569 planetary systems confirmed. We’ll discuss how astronomers find planets, and how they learn about the conditions there. How do we pick a colonization target based on the data we can gather when there is no way of sending probes there and getting information back in reasonable time like we do in our solar system? Part 2 gives an overview of technologies currently available to get humans to other planets, and what that means in terms of humanity’s expansion. We'll also talk about the technology advancements necessary for truly interstellar colonization.
Speakers: Arne Semsrott Dieses Jahr feiert das Informationsfreiheitsgesetz (IFG) seinen zehnten Geburtstag – und niemand feiert mit. Zeit für eine Abrechnung. FOIA frei! Zehn Jahre ist es her, seit das Informationsfreiheitsgesetz (IFG) in Kraft getreten ist und das erste Mal beim Congress vorgestellt wurde. In den USA wird der Freedom of Information Act (FOIA) dieses Jahr 50, in Schweden sogar 250 Jahre alt. Trotzdem ist das Gesetz auf Bundesebene in den letzten Jahren nicht besser geworden, sondern nur schlechter. Zeit für uns, die Verbesserung selbst in die Hand zu nehmen: Mit unserer Kampagne „FragDenBundestag“ haben wir dieses Jahr den Wissenschaftlichen Dienst des Bundestags gezwungen, tausende Gutachten herauszugeben. Auf wen richten wir das dazugehörige Kampagnen-Tool als nächstes? Außerdem haben wir neben einigen Klagen auch eine Verfassungsbeschwerde eingereicht. Wir zeigen, wie wir die Klage massentauglich machen wollen. FOIA frei!
Speaker: Benjamin Rupert Describing the science behind new high tech vegan foods which will replace animal agriculture. I will also discuss the potential impact to lessen the severity of climate change and give an update on the Real Vegan Cheese biohacker project. Climate change is the most pressing issues ever faced by humans. While many people are aware of the need for renewable energy, electric vehicles and more efficient homes and manufacturing, fewer people are aware that animal agriculture is a major issue which must be addressed. In fact animal agriculture is one of the highest impact human activities, producing greenhouse gas emissions and environmental damage on par with worldwide transportation and industrial manufacturing. Rather than convincing people to give up animal products, some groups (academic, industrial and biohackers) are using science to produce near-identical, or in some cases identical, replacements for these products. Replacing animal products will greatly reduce the environmental impact of our diets, without making people give up the food they desire. I will discuss various approaches including plant protein databases used for engineering realistic animal product replacement, production of proteins in genetically modified microorganisms, and culturing of animal cells without the growing of a whole animal. The science behind these approaches, potential impact, and progress by various players in these fields will be presented. Finally I give a progress update on the Real Vegan Cheese project, which is run out of biohacker spaces in the SF bay area and aims to produce real cheese from engineered yeast.
Speaker: Ingrid Burrington Early digital computers were the size of rooms. While the devices have gotten smaller, because of the increasingly networked nature of technology the room has gotten bigger--it's ceased having walls and started to cover the ocean floor and ascend into low earth orbit. While Neal Stephenson may have cornered this living-inside-a-computer narrative in 1996 with "Mother Earth, Mother Board", in the past twenty years the seams of the network have become even more opaque, subsumed into The Cloud and other problematic abstractions. This talk will mostly be about different approaches to documenting, comprehending, and thinking about network infrastructure and the ways that the visual vernacular of technologies shape their history and politics.
Speaker: Peter Buschkamp At 32C3 we shot lasers into space... now it's lasers in space! We look at space- and airborne laser platforms and what practical uses people have come up with (hint: mostly more or less secret communication and military use). We'll also recap the basic physics and boundaries and check if 'pew pew pew' is really gonna cut it (hint: mostly no). To close, we'll have a look at laser based propulsion for space travel and other speculative applications off the beaten path. Today lasers are routinely flown on space and airborne platforms for scientific, military and telecommunication applications. While they make nice special effects in action and sci-fi movies, there are physical boundaries that guide the use of lasers in space and in surface to air/space scenarios. 'SDI' might not be straight forward, but intercepting airborne vehicles or laser based communication to submerged submarines is no longer science fiction. But can we use it for space travel? Lets see.
Speaker: Sascha Friesike For the past three years we studied the world’s largest 3D printing community “Thingiverse”. We explored the remix-relationships—accessible due the community’s use of open licenses—of more than 200.000 individual designs, tracked an entire week’s new designs for half a year, interviewed more than 80 creators and surveyed over 200 more. This allowed us to develop a deep understanding of the creative processes that take place on the platform. In this talk we would like to present our findings. This is of interest to people who care about 3D printing as we can give sort of a behind the scenes view on how ideas come to life here. But it is also interesting to people that care about creativity in general. As what we have found has merit outside of 3D printing, too. In this talk we would like to cover the following: (1) Introduce our research setting and explain why it is useful to study this, (2) provide a consolidated overview on our most interesting findings, and (3) give real life examples for how these findings are transferable to other settings. We have presented primary results of the studies at various academic conferences and have a comprehensive paper on the project currently under revision at the Journal of Information Technology (see attached file). We are a group of three university professors and a Ph.D. student. We work on the intersection of information systems, innovation management, product development, and creativity. We believe that many of the people we studied either attend 33C3 or watch talks online and we therefore think that our results would be of interest to this community. Further, we feel that a well structured talk is better and more entertaining than mailing around our academic journal publications to those who are interested. And lastly, we are eager to receive feedback from a more hands-on audience (than what we deal with at academic conferences). It would be especially useful for us to hear of
Speakers: DI, JO Joan Heemskerk and Dirk Paesmans, collectively known as JODI, are rightfully venerated for their countless contributions to art and technology, working as an artistic duo since the mid-90’s. Generally referred to as pioneers of “net.art,” that oft-misunderstood “movement” combining the efforts of artists using the internet as a medium circa 1994, JODI is revered not only for their artistic meditations on the increasing presence of new technology in our daily lives, but also for their fuck-if-I-care attitude toward both the establishments of the technology and art worlds. JODI’s famous five-word “acceptance” speech—if you could call it that—for their 1999 Webby Award in art, simply read, “Ugly commercial sons of bitches.”
Speaker: Ezi Talk presents findings from sociological investigation on hacking collectives. I will try to answer the question whether hacking collectives are laboratories, as seen by sociology of science. I will also show some peculiar traits of hacking collective, beneficial both for sciences and societies. Perhaps academia needs hackers more than it’s willing to admit? Someone said: “Give me the laboratory and I will raise the world!” and sociologists of science are still easier found in laboratories than in libraries. Laboratories discover or co-create almost every part of modern lives: starting from material issues, through health, energy and computers. First part of the talk will review some findings from studies of laboratories conducted by sociologists. We will see how certain elements of hacking ethos could be reprised in CERN or energy lab. I will also show some findings about well recognized effects in science, which are also valid in the open-source communities. Perhaps actual details of science resembles hacking more than hackers suspect? Second part will focus on comparisons between knowledge about laboratories and results from my study of hacking communities. I will try to compare hacking and scientific roles of fact, error and humour. We will see how sociology uses term “black box” and how social history of sexual diseases might help us to untangle some discussions in IT security. Third part wil briefly focus on the possible futures of formal laboratories, hacking collectives and other social institutions. I will discuss how ethical stances on hacking knowledge might rescue academic knowledge from itself.I will show how hacking collectives fit into some frameworks shaping near future of science. How hackers are necessary in coming data revolution? Why do we need instabilities?
Speaker: Simon Barke Imagine, there is this huge data center but your user privileges allow you to access only 5% of the data. That is the exact same situation physicists face when trying to study the cosmos. 95% of our universe is made out of something that cannot be seen or touched. We generally call this unknown substance "dark matter" / "dark energy". The recent discovery of gravitational waves gives us a handle on the dark cosmos. We can now listen to invisible events in our universe. But there may also be other methods to shed light on the dark side. There is (much) more than meets the eye: 95% of everything there is in the universe does not interact with normal matter. It is completely transparent. Does not emit light. Reflects no light waves. Can be neither seen nor touched. The only reason we know it exists is the fact that this unknown substance curves spacetime: it interacts gravitationally. Hence gravitational wave astronomy can target the entire universe while conventional telescopes are fundamentally limited to only 5% of the cosmos. After the initial direct detection of gravitational waves by the Laser Interferometer Gravitational-Wave Observatory (LIGO) last year, many more observatories on ground and in space are under construction that will create a wideband gravitational wave detector network. We will be able to listen to stars falling into black holes, colliding galaxies, maybe even artificial sources of gravitational waves, and will find as yet completely unknown objects in the universe. But gravitational waves are not the only handle we have on the dark side of the cosmos. Many other research teams aim to directly detect dark matter. The Any Light Particle Search (ALPS) even tries to artificially generate dark matter particles in a controlled laboratory environment. It is under construction at the German Electron Synchrotron (DESY) in Hamburg, Germany. First results are expected as early as 2019. This lecture will give you a brief and fu
Speaker: Pol Van Aubel A physically unclonable function, or PUF, is some physical structure with properties that are easy to verify, hard to predict, and practically impossible to clone. Ideally, this means it's a device-unique unchanging identifier, which can be used for improving security. However, it can be at odds with privacy and anonymity. This talk will give you an overview of the thirty years of history behind PUFs, and will include the most recent advances in research. The functions, structure, and design will be discussed, as well as devices and materials that have properties to base PUFs on. What do CPU registers, sticks of RAM, shared memory in GPUs, and paper have in common? They all have unique properties that are impossible[1] to reproduce, even when using the same manufacturing process. These properties can be turned into physically unclonable functions, or PUFs for short, yielding an object-bound unique identifier. This makes you trackable, but since you're being tracked anyway, you might as well put some of this to good use. The idea of PUFs is not new, and can be traced back several decades to anti-counterfeiting measures in currency. Since then, several formalizations have been proposed, new types of PUFs have been invented, implemented, attacked, and scrutinized. PUFs can be used to identify and authenticate devices. They can be used to secure your boot process. Some PUF constructions can be used to enhance your random number generation. You might be using devices right now that have properties that can be turned into PUFs, provided you have the tools and want to do some programming. This talk will take you on a brief tour of the history of PUFs. Along the way, it will show you how a PUF is constructed, what its properties should be, what it can be used for, what materials and devices are known to be suitable for building one, and how you might go about searching for them in your own devices. [1] For certain definitions of impossible.
Speaker: Kari Love As a soft roboticist I am constantly searching for inspiration for novel soft actuators, and as a home cook and artist I consider eating an object to be a high-level form of interactivity. Having noted the similarities between cast silicone and gummi candies it was natural to combine these interests. I will share my experiments in assessing different candies for their engineering potential, and show my work-in-progress for sweet soft robots. As a soft roboticist I am constantly searching for inspiration for novel soft actuators, and as a home cook and artist I consider eating an object to be a high-level form of interactivity. Having noted the similarities between cast silicone and gummi candies it was natural to combine these interests. Part of this analysis is developing testing metrics for candy recipes for performance characteristics, and looking to an ever-increasing set of candy-making techniques to potentially use to design and iterate/innovate. I will share my experiments in assessing different candies for their engineering potential, and show my work-in-progress for sweet soft robots. I will also share a few ideas for future design plans.
Speaker: Jonas Lund In *The 12 Networking Truths* Swedish artist Jonas Lund will discuss how he has attempted to subvert the contemporary art world system by using different types of exploits to gain an upper hand against the competition. From designing an algorithm for art production to data mining art world personalities, the artist will describe how he has incorporated a classic programming mindset in an otherwise logic-free environment. The 12 Networking Truths refers to RFC 1925 - The Twelve Networking Truths, a memo posted on the 1st of April 1996, positioned as revealing the fundamental truths underlying all network protocol designs. The truths include statements such as ‘It Has To Work.’ and ‘Good, Fast, Cheap: Pick any two (you can’t have all three).’. This memo will be the underlying story line throughout the talk, as each truths has a corresponding position within the artist’s artistic practice. ome of the works that will be addressed and talked about in this talk: The Fear Of Missing Out http://jonaslund.biz/works/the-fear-of-missing-out/ Showroom MAMA presents The Fear Of Missing Out, the latest exhibition by Swedish artist Jonas Lund (SE, 1984). The title derives from a social network induced anxiety condition. One brought on by trying to keep up with a rapidly moving world. A fear of constantly being one-step behind, in the wrong place, and missing out on the most exciting events. The Fear Of Missing Out proposes that it is possible to be one step ahead of the art world by using well-crafted algorithms and computational logic. The works in the show are the result of a computer algorithm written by Lund. By analysing and categorizing a wide range of artworks, by the most successful contemporary artists, a set of instructions were generated explaining, step by step, how to make the most successful works of art. The artist then simply made the work following the instructions. In The Fear of Missing Out, important categories from
Speaker: Michael Büker Astronomers struggle to accurately measure distances in the vastness of the known universe. Get an insight into the sophisticated techniques and dirty tricks of today's astrophysics and cosmology. No physics background required, featuring lots of pretty space pictures. On Earth, distances are commonly given in meters and kilometers, and can be measured comfortably with measuring sticks, odometers or optical instruments. But how does that work in space, where machines take years to arrive at other bodies, and distant stars are utterly out of reach? From precise calculations to daring guesstimates, many different techniques and approaches are combined to form what's called the "cosmic distance ladder", giving more or less reasonable estimates of the distances between planets, stars and galaxies. Climb the distance ladder and get to know our place in Space from kilometers to Astronomical Units and light years, all the way to gigaparsecs and the reaches of the known universe.
Speaker: pesco Zcash is the third iteration of an extension to the Bitcoin protocol that provides true untraceability, i.e. fully anonymous transactions. It is arguably the first serious attempt to establish this extension, in the form of its own blockchain, beyond the form of an academic proposal. The talk provides an introduction to the magic that makes it work. Despite everything, the Bitcoin cryptocurrency has not imploded or destroyed itself; it might be here to stay after all. That would presently include, however, its biggest flaw: The utter lack of anonymity. In fact, the famed Bitcoin blockchain is the world's most robust, transparent, and public financial accounting system ever. The above means that Bitcoin's potential widespread adoption is nothing short of a privacy horror scenario straight out of Orwell. Every toilet paper purchase publicly recorded, verified, stamped, and approved. This should not be news to anyone. In 2013, a few reputable cryptographers came up with some mathematical magic that would, if integrated into Bitcoin, enable anonymous transactions. This proposal has been described in an academic paper under the name Zerocoin and a year later improved in another paper under the name Zerocash. The plan had then shifted to establishing the system as an anonymous altcoin rather than to push for integration into Bitcoin itself. Zcash is the name of a company formed by the authors of Zerocash to develop and launch this altcoin; launch occured as planned on 28 October 2016. This talk will introduce the audience to the mathematical and technical background of Zcash, and report on the state of the currency two months after its launch. A degree in mathematics is not required. Note: The presenter is not affiliated with the Zcash company.
Speaker: Konfusius Join with your derpy bot to fight your nemesis! Push it off the table or knock the enemy over. No weapons. No advanced controllers. No tears. Don't take it serious. Hebocon is a robot sumo-wrestling competition for those who are not technically gifted. It is a competition where crappy robots that can just barely move gather and somehow manage to engage in odd, awkward battles. This kind of robot battles was invented to enable people to participate without much knowledge and financial resources. Robots should be built to be able to move (sometimes they don't), must be lighter than 1kg and smaller than 50x50 cm. The battlefield will be 100x50 cm. Don't use weapons, advanced self build controls or autonomous mechanisms. Winners will be determined by knockout, points and audience.
Speaker: mayameme This talk presents the idea that ethics as logic that can be programmed into machines doesn’t seem to work; perhaps, ethics is something else. This talk is about what that something else may be – power. (This talk is not about the Trolley Problem! But it will mention why it shouldn’t apply to the driverless car.) No one is quite sure what ethics in big data really means, so it’s important that we have conversations about what is it and is not. Ethics is thought of as something that can be programmed into machines because our notions of ethics are often based on logical reasoning. (What if ethics were about natural language processing?) Based on ongoing research about the development of artifical intelligence in the driverless car, this talk describes how „ethics“ is being deployed to shape the idea of accountability in the context of the law and insurance; it is presented as a problem to be solved by software; it is an imagined space of „cybernetic success“; and it is a proxy vocabulary for the relationship between humans and machines working together. This talk is about how the emergence of this new technology is reshaping what ethics means in a data society.
Speakers: Nicolas Wöhrl, @ReinhardRemfort Wer hat diese Jungs wieder reingelassen?! Nicolas Wöhrl und Reinhard Remfort sind eine Gefahr für Leib und Leben. Unter dem Deckmantel der Wissenschaftskommunikation machen sie auf der Bühne alles das, was sie an der Uni nie gewagt hätten. Dazu sprechen sie über aktuelle wissenschaftliche Themen. Laaaangweilig! Wer will denn sowas sehen? Unstrukturiert, abschweifend, hoffnungslos subjektiv und immer garantiert methodisch inkorrekt. Eigentlich ein Podcast der alle 14 Tage erscheint. Nach dem großen Erfolg auf dem Congress im letzten Jahr wird diesmal eine noch größere Show abgezogen: Experimente, die mal interessant, mal fragwürdig sind. Wissenschaftler, die mal belehrend und mal unzurechnungsfähig sind. Wissenschaftliche Studien, die mal nobelpreisverdächtig und mal zweifelhaft sind. Wissenschaft auf der Showbühne. It works, bitches!
Speaker: Toni Internet censorship today is widespread, both by governments and by private entities. Much of the discussion so far has focused on political and social effects of this censorship. However, censorship also has a clear effect on the economic structure of society that has not been explored. When censorship increases the cost of information, it also increases the cost of doing business as a whole. At the same time, however, censorship can also serve as protectionism. How large and pervasive the impact on an economic system is, is difficult to gauge. Even more so, getting reliable information about censorship and its economic effects is a real challenge. This talk seeking to establish a link between censorship and economic performance and is based on my PhD project in Economics at the University of Duisburg-Essen. Censorship is “the control of the information and ideas circulated within a society”. Governments have tried to control information for as long as they have existed, but new technologies have changed censorship significantly. Internet censorship today is widespread. Governments and companies differ in both the extent of their censorship and the technical implementation. I conceptualize censorship as falling on a continuum between the theoretical ideal state of “no censorship”, most closely approximated by Iceland (Freedom on the Net 2014) and pervasive censorship and isolation, like in North Korea. In the series of papers I am currently writing as part of my PhD in Economics, I focus on both theoretical arguments on the possible costs (and benefits?) of censorship for economies, and try to construct a reliable estimate. Having a background in China was a main motivation for this project, as censorship is so wide-spread there. The US has recently dubbed “The Great Firewall” protectionism, but did not further elucidate what is meant by this. The economic effects of internet censorship have not been studied comprehensively yet.
Speaker: Mitch Mitch Altman (born December 22, 1956) is a San Francisco-based hacker and inventor, best known for inventing TV-B-Gone, as featured speaker at hacker conferences, as international expert on the hackerspace movement, and for teaching introductory electronics workshops. He is also Chief Scientist and CEO of Cornfield Electronics.
Speaker: catchthewhistle The High Priests of the Digital Age Are Working Behind Your Back to Make You Confess, and Repent. Just as 18th century priests enforced total surveillance measures on masturbators, the new priests of the digital age are listening to your confessions and forcing you into puritanical repentance. Who doesn’t have a relative, a friend, a colleague, who broke up because of an iMessage showing up on the wrong device, fooled by the iCloud, by a suspicious Facebook like, or a Pokemon caught in the wrong neighborhood? I want to make the claim that a new system of surveillance, organized by the new priests of our digital age, are slyly acting behind our back to make us conform to a new form of puritan morality. At the beginning of the 18th century, masturbation suddenly became a topic of intense reflection. In the Enlightenment Encyclopedia it is described as the new disease of a wounded conscience and a heinous sin. Surprisingly, the Christian Church was not responsible. It had, until then, never regarded masturbation as anything other than a marginal problem for adult men (and especially monks). The people responsible for making masturbation a sin were economists, who worried about the consequences of masturbation for productivity in an economy that depended on the endless desire for more. The condemnation of masturbation spread, and in no time, doctors were making scientific claims to prove the dangers of masturbation, while priests made it their new obsession. In the confessional, the sinners had to avow everything, not only their reprehensible actions, but their reprehensible dreams, the languorous images that crossed their consciousness, the birth of desire in their troubled mind. The priests demanded to know it all, the most inner thoughts of the masturbators. The sinner was meant to keep his own mind under surveillance. Today, we believe that we have overcome this obscure period. Masturbation is widely accepted as a healthy sexu
Speaker: Kai Kunze With recent development in capture technology, preserving one's’ daily experiences and one's’ knowledge becomes richer and more comprehensive. Furthermore, new recording technologies beyond simple audio/video recordings become available: 360° videos, tactile recorders and even odor recorders are becoming available. . The new recording technology and the massive amounts of data require new means for selecting, displaying and sharing experiences. Sharing experiences and knowledge have always been essential for human development. They enable skill transfers and empathy. Over history, mankind developed from oral traditions to cultures of writing. With the ongoing digital revolution, the hurdles to share knowledge and experiences vanish. Already today it is, for example, technically feasible to take and store 24/7 video recordings of one's’ life. While this example creates massive collections of data, it makes it even more challenging to share experiences and knowledge with others in meaningful ways. A recurring theme in science fiction literature is the download of the abilities of another human to one's mind. Although current cognitive science and neuroscience strongly suggest that this is impossible, as our minds are embodied; we believe that skill transfer and effective learning will accelerate tremendously given recent technological trends; just to name a few of the enabling technologies, human augmentation using virtual/augmented reality, new sensing modalities (e.g. affective computing) and actuation (e.g. haptics), advances in immersive storytelling (increasing empathy, immersion, communication) etc. The talk starts with sensing and actuation technology, giving an overview about them and discussing how they can be used. I’m discussing several novel upcoming sensing modalities for VR and AR, first of all eye movement analysis for interaction and activity recognition, introducing the pupil eye tracker (open source eye tracker fr
Speaker: _Adora_Belle_ The genome – the final frontier – or just a complex mess of letters? Somewhere in there, our eye or skin color is hidden. But also, diseases can be diagnosed or predicted by analyzing the genome. More and more research is committed to finding clues for diseases in our genes. The opportunity is clear: If I know about a disease I might get ahead of time, I could possibly intervene before it starts. Yet: How accurate are these predictions and how meaningful are they? And more importantly: What happens to my genetic data once it has been decoded? Genetic data is quite valuable, but not just for researchers, but also for health insurances, other insurers, law enforcement and employers. However, that genomic data can always be re-identified, since it is a unique pattern. Therefore, genomic data needs to be secured. In my talk, I would like to point out the possibilities which have arisen by whole genome sequencing, that is the complete decoding and analysis of one person’s genome. This milestone of biological research is important for medical advances such as personalized medicine. But it is also subject to commercialization. For ever more decreasing prices, one person can easily sequence their own genome and get access to information on heritage and possible risks of genetic diseases. This means that private companies are accumulating massive amounts of whole genome data. Additionally, third parties could send in probes of other people, which they can get quite easily. But how do we interpret the data? Even though people tend to believe that the genome holds many answers to diseases and risks, this has been a misconception. For most diseases, the environment, lifestyle and maybe even just bad luck play a much more important role. Still, many researchers are trying to analyze more and more genomes, especially in cancer research. Genetic predispositions for cancer are usually quite small probabilities, so a large sample size is needed t
Speaker: Adam Harvey From geo-magnetic tracking for smartphones to facial recognition for email marketing, from physical shopping cart fingerprinting to computer vision algorithms that use your clothing as metadata, this talk will explore the emerging landscape of hyper-competitive retail surveillance. Instead of dramatizing these technologies which can lead to calcification and normalization, the aim of this talk is to energize discourse around building creative solutions to counter, adapt to, or rethink emerging surveillance technologies. Retail surveillance technologies are often overshadowed by more threatening government surveillance technologies, but retail surveillance presents a different kind of threat. It forms the foundation for bottom-up surveillance of personal data that would otherwise be too difficult for a government surveillance program to collect. Data including your most personal photos, messages, and movements are routinely collected and sold by commercial services. Retail surveillance also poses risks for data breaches and leaks and enables new forms of psychological and behavioral monitoring that aim to influence and control the behaviors of "consumers". The biggest concern today, said Phil Zimmerman (2015), is not software backdoors, but the petabytes of information being hoarded by the likes of Google and Facebook. Silent Circle co-founder Mike Janke has also voiced concern over this type of surveillance and data collection warning that "the data companies of the world have more data on you than GCHQ does, absolutely." This talk will survey current and emerging trends and technologies used in retail surveillance with the goal of enabling others to create a more informed retail-surveillance threat model, countersurveillance workarounds, and knowledge for protest/democratic participation.
Speaker: derPUPE Ziel des Vortrages ist es, einen Überblick über die neuen aus der Datenschutzgrundverordnung entstehenden Rechte von Betroffenen (also Du mein*e junge*r Jedi) zu geben und dabei aufzuzeigen, an welchen Stellen Musik für uns drin sein kann. Die Ausgangslage ist: Im Mai 2018 wird die Datenschutzgrundverordnung in Kraft treten und bis zu diesem Zeitpunkt sind entsprechende Umsetzungen in Institutionen und Firmen zu implementieren. Die DSGVO bringt für uns alle einige neue bzw. erweiterte Rechte gegenüber Institutionen/Organisationen mit, welche es aktiv zu nutzen gilt. Unter der These, daß es durch die signifikante Erhöhung von Straf-/Bußgeldsanktionen bei Datenschutzverstößen zu einer Erhöhung der „Datenschutz-Compliance-Bereitschaft“ in Firmen kommen wird, ergeben sich spannende Möglichkeiten für Aktivisten auf dem Spielfeld, mit dem Schwert der Transparenz positiv auf das Bruttosozial-Datenschutzniveau einzuwirken, indem Druck durch Erhöhung des Penalty-Risikos aufgebaut wird. Die DSGVO soll die in die Jahre gekommene Datenschutzrichtlinie 95/46/EG nicht nur ersetzen, sondern endlich für die lange angestrebte Vollharmonisierung sorgen. Hierzu setzt sie unmittelbar für alle Mitgliedsstaaten anwendbares Recht. Am 14. April 2016 ist die von Kommission, Rat und Parlament erarbeitete Kompromissfassung der bisherigen Entwurfstexte verabschiedet worden. Zu den wesentlichen Neuerungen gehören demnach umfassende Transparenzpflichten, das Recht auf Vergessenwerden, das Recht auf Datenportabilität, eine Niederlegung der Grundsätze von Datenschutz „by design“ und „by default“ sowie ein ausgesprochen drastisches Sanktionsregime. Betroffenenrechte sind Ansprüche und Gestaltungsmöglichkeiten, die den Berechtigten aufgrund ihrer Betroffeneneigenschaft zukommen und einen hinreichend konkreten, idealerweise vollstreckungsfähigen Inhalt besitzen. Die beabsichtigte Stärkung der Betroffenenrechte erschöpft sich nicht allein
Speaker: renataavila Cities are emerging as a space for local action and local change but also as dangerous spaces where social engineering, exclusion by design and privatised policing take place rapidly, without adequate frames to catch up and assure fundamental rights. Is the city the answer to a new digital ecosystem, with effective mechanisms to enforce it, in the local government powers? Sophisticated surveillance systems are approved by, funded by and deployed by local authorities, Cities are emerging as the spaces where everything is controlled by invisible technology, almost imperceptible in daily life. Those surveillance cameras now visible on street corners are replaced by systems of constant monitoring integrated in the landscape. Cities of sensors collecting our data all day long, where each movement is registered and stored, where decisions are automated and dehumanised. Monetised to optimise consumption, predict behaviour. Control people and the local and micro local level. But cities are also the spaces where a different form of politics is emerging, from Rome to Barcelona, from Madrid to Paris, citizens are taking back the domestic infrastructure. Is there the answer for digital sovereignty? Today, cities of sensors collecting our data all day long, where each movement is registered and stored, where decisions are automated and dehumanised. Monetised to optimise consumption, predict behaviour. Control people. The benefits of not knowing who decides and why, stand to be gained by the same conglomerate who bets on this vision. A few companies developing software, hardware and capacities in countries that can be counted on one hand. A market of US$8 billion, which is expected to grow tenfold by the year 2020. Although discourses keep feeding the imaginary, descriptions of cameras detecting pickpockets, this is something radically different. Matrices that combine lots of data in real-time. This vision for the city of the future, promoted by a sm
Speaker: Xavier Flory How does a pluralist society – a society built to accommodate our irreconcilable differences – make a choice about the technological future of mankind? How can a liberal state dedicated to upholding individual liberty interfere in technological progress, and why should it? Do we really want to leave our technological futures in the hands of the major AI researchers – Google, Facebook, and the US Defense Department? I argue that our political system is designed not to deal with the questions raised by the transhumanist movement, and that without a major overhaul of political liberalism, technological progress will escape democratic oversight. For the first time in history we have the ability to choose what it means to be human, and yet our liberal pluralist societies preclude substantive debate about our collective future. Modern liberal states are based upon the assumption that there is no single best way to live, and that for the state to endorse a substantive vision of the good life is to open the door to totalitarianism. On matters of personal conviction – human nature, our place in the cosmos, and our ultimate goals – liberal states want us to agree to disagree. However, we cannot simply agree to disagree about transhumanism because our individual choices will affect the entire species. If you decide to upload your brain onto a computer and abandon your biological body, you are choosing what is essential to humanity: you are defining human nature. If, on the other hand, the government bans technological enhancement, it is also imposing a vision of humanity. Thus, only once liberalism abandons the pretense of neutrality can we start imagining alternative technological futures and debating the underlying vision of the good life that will orient our choice. I’m a political theory researcher at Sciences Po, and this talk draws on modern political theories of liberalism, the latest transhumanist literature, and ancient Gre
Speaker: Klaus Landefeld Der Vortrag stellt die in Deutschland zulässigen Überwachungsmaßnahmen des Internetverkehrs aus rechtlicher und operativer Sicht dar und versucht, die sich aus den Erkenntnissen des NSA-Untersuchungsausschusses ergebenden Fragen auf die gelebte Praxis anzuwenden. Der Vortrag beleuchtet die Hintergründe der Klage des DE-CIX gegen die heute verwendeten G10-Anordnungen und die sich durch das neue Gesetz zur Ausland-Ausland-Fernmeldeaufklärung ergebenden Änderungen zur Überwachung im Inland. Die Probleme des Grundrechtsschutzes in einem „Bulk Collection“-Umfeld werden ebenso erörtert wie die technischen Möglichkeiten einer Filterung und des sich hieraus ergebenden Zahlen- und Mengengerüsts zur Überwachung.
Speaker: Markus Beckedahl 2016 drehte der Anti-Terror-Kampf in der EU auf. Nicht nur im Rahmen der Anti-Terror-Richtlinie wurde über neue Wege diskutiert, wie man das Netz verstärkt unter Kontrolle bringen kann. Im Forum Internet treffen sich seit einem Jahr EU-Vertreter mit Vertretern der großen US-Plattformen, um über freiwillige Kooperationen zu verhandeln. Damit soll der Rechtsstaat umgangen und die Terrorbekämpfung ohne notwendige demokratische Kontrolle teilweise privatisiert werden. Die Vorgehensweise ist dabei aus der Urheberrechtsdurchsetzung und gescheiterten Handelsabkommen wie ACTA bekannt. Und mit der Hate-Speech-Debatte haben Regierungsvertreter zugleich das richtige Erpressungswerkzeug, um die Plattformen zur Kooperation zu bewegen: Wenn sie nicht mitmachen, haften sie einfach. Der Vortrag möchte über die aktuellen Entwicklungen aufklären und die Parallelen zwischen Anti-Terror-Kampf, Urheberrechtsdurchsetzung und Hate-Speech-Debatte berichten.
Speaker: Hendrik Obelöer The ‚Investigative Powers Bill‘ is about to become law in the UK. Its provisions, from looking up Internet connection records without a warrant to forcing communication service providers to assist with interception and decryption of data, have caused an outcry in the Western world. But how and why did British politics get here? And, most importantly of all: How could we fight back? Roughly a year ago then home secretary Theresa May presented the ‚Investigative Powers Bill‘ or the so-called Snooper’s Charter. Law enforcement and intelligence agencies will enjoy new powers like bulk hacking while having reinforced their existing rights of mass surveillance. At the same time, a proper form of oversight is all but missing. Other countries such as China have even defended their own terrorism bills pointing at this very piece of legislation. Amid loud privacy and civil right concerns, the Bill has already passed the House of Commons where only 5 % of casted votes opposed it. But, does this reflect the will of the electorate? Is this the lesson from the Snowden revelations that we are going to see more not less infringements on civil rights? The talk will also answer the question how the bill’s provisions compare to other initiatives like the new BND law in Germany or the Patriot Act in the USA.
Speaker: Michael Steil The 8-bit Game Boy was sold between 1989 and 2003, but its architecture more closely resembles machines from the early 1980s, like the Commodore 64 or the NES. This talk attempts to communicate "everything about the Game Boy" to the listener, including its internals and quirks, as well as the tricks that have been used by games and modern demos, reviving once more the spirit of times when programmers counted clock cycles and hardware limitations were seen as a challenge. The Nintendo Game Boy was an 8-bit handheld gaming console that competed with the SEGA Game Gear and the Atari Lynx. Compared to its competition, it had very little RAM (8 KB) and no color support (4 shades of gray at 160x144). It was succeeded by the Game Boy Color, which fixed this main shortcoming, but shared the same architecture. During the 14 year life span of the 8 bit Game Boy platform, game programmers kept understanding the hardware better and better, and continued finding new tricks for better graphics effects, such as sprite multiplexing, parallax and palette effects. This talk explains all the hardware details of the Game Boy: The programming model of the 8080/Z80-like LR35902 CPU, the system's sound, timer and I/O functionality, and programming details as well as common tricks involving the graphics processor ("PPU"), which was specifically designed for LCD output. The listener will get a good understanding of 8 bit programming and creative programming on extremely limited hardware, as well as common tricks that can be generalized to other systems.
Speaker: Leon NOC, POC, VOC and QOC show interesting facts and figures as an excuse to present all the mischief they’ve been up to this year.
Speaker: Gerd Hoffmann Over the last two years secure boot support for virtual machines was added to qemu, kvm (linux kernel) and ovmf (edk2/tianocore). This talk covers the implementation details and the issues we had to deal with along the way. Well, to be exact ovmf (open virtual machine firmware, part of tianocore) has support for the secure boot interfaces for a long time already. But it used to not provide any actual security, the guest os could easily tamper with the secure boot variable storage by simply writing to the (virtual) firmware flash. This is no longer the case now. Making secure boot actually secure was a bigger effort than we initially expected and it required changes in three software projects: kvm got smm emulation support. qemu got smm emulation support, and the q35 chipset emulation needed some fixes and improvements too. ovmf makes use of the smm lockbox now as tamper-resitant storage for secure boot variables (and some other bits).
Speakers: frank, Ron Was hat sich im letzten Jahr im Bereich IT-Sicherheit getan? Welche neuen Entwicklungen haben sich ergeben? Welche neuen Buzzwords und Trends waren zu sehen? Wie immer wagen wir den IT-Security-Alptraum-Ausblick auf das Jahr 2017 und darüber hinaus. Denn was wir wirklich wissen wollen, ist ja schließlich: Was kriecht, krabbelt und fliegt in Zukunft auf uns zu und in unseren digitalen Implants herum? Im Zuge von noch mehr Transparenz, Kritik & Selbstkritik und kontinuierlicher nachhaltiger Optimierung aller Prozesse werden wir außerdem frühere Voraussagen hinsichtlich des Eintreffens unserer Weissagungen prüfen.
Speaker: mare In the last years, technology-savvy artists and technologists have taken over the art world with works addressing current societal and political issues. Their works are located at the intersection between art, technology and activism and are dealing with a variety of problems like free speech, freedom of movement, military and governmental power, corporate and governmental surveillance to name just a few. This talk will present relevant works in this field and will draw connections between critical art and regulatory power, warfare, surveillance, electronic waste, electronic self-defense and the re-appropriation of architectural and technological artifacts in militant ways. In the first part of this presentation, I will talk about critical technological art in general and its connections to (defensive) architecture, electronic and physical warfare and international power relations, with a special focus on surveillance, borders, and international contracts. In the latter part I am going to exemplify these concepts by showing important works in their fields, like artistic counter-survellance installations, passive reconnaissance walks through metropolitan cities, forensic analysis of HDDs discarded as electronic waste and so on. I will also show some of my personal works in this field, ranging from passive radio antenna stations towards universal modems to transform existing conductive architecture into a computer network. As a hybrid between computer scientist and media artist, I am creating works at the intersection of engineering, sculpture and formal aesthetics, which investigate power relations between citizens and technology, and often also the relations between citizens and the state. In my latest works, I am pondering how technology can be capable of re-democratizing public space, and how the issues surrounding the creation of private spaces through technological means can be artistically addressed. As a computer scientist, I have worked i
Speaker: Wolfie Christl Today virtually everything we do is monitored in some way. The collection, analysis and utilization of digital information about our clicks, swipes, likes, purchases, movements, behaviors and interests have become part of everyday life. While individuals become increasingly transparent, companies take control of the recorded data. In his talk, Wolfie Christl will outline how today’s online platforms, data brokers, credit reporting agencies, insurers, mobile app developers and tech companies are collecting, analyzing, sharing and making use of vast amounts of data about our everyday lives – across platforms, devices and life contexts. In October 2016, his book „Networks of Control“ was published, a comprehensive report about privacy in times of corporate surveillance, digital tracking and big data. The report was co-authored by Sarah Spiekermann, a renowned privacy scholar, and not only exposes the full degree and scale of today’s personal data industry, but also shows how algorithmic decisions on people lead to discrimination, exclusion and other harms. Based on many examples, Wolfie Christl will give an overview of his research: Who are the players in today's surveillance economy? How do networks of online platforms, tech companies and data brokers really collect, analyze, trade and make use of personal data? What can be inferred from our purchases, web searches and likes? How is analytics based on personal information already used in fields such as insurance, finance, healthcare and employment to treat people differently? And, what are the societal implications and risks of ubiquitous corporate surveillance?
Speakers: Nicolas Wöhrl, @ReinhardRemfort
Speaker: Tim Pritlove Daß sich mit Kleinkomputern trotzalledem sinnvolle Sachen machen lassen, die keine zentralisierten Großorganisationen erfordern, glauben wir. Daß die innere Sicherheit erst durch Komputereinsatz möglich wird, glauben die Mächtigen heute alle. Daß Komputer nicht streiken, setzt sich als Erkenntnis langsam auch bei mittleren Unternehmen durch. Daß durch Komputereinsatz das Telefon noch schöner wird, glaubt die Post heute mit ihrem Bildschirmtextsystem in “Feldversuchen” beweisen zu müssen. Daß der “personal computer” nun in Deutschland dem videogesättigten BMW Fahrer angedreht werden soll, wird durch die nun einsetzenden Anzeigenkampagnen klar. Daß sich mit Kleinkomputern trotzalledem sinnvolle Sachen machen lassen, die keine zentralisierten Großorganisationen erfordern, glauben wir. Damit wir als Komputerfrieks nicht länger unkoordiniert vor uns hinwuseln, tun wir wat und treffen uns am 27.12.17 in Leipzig, Seehausener Allee 1 (TAZ-Hauptgebäude) ab 11:00 Uhr. Wir reden über internationale Netzwerke – Kommunikationsrecht – Datenrecht (Wem gehören meine Daten?) – Copyright – Informations- u. Lernsysteme – Datenbanken – Encryption – Komputerspiele – Programmiersprachen – processcontrol – Hardware – und was auch immer.
Speaker: Charles Stross In this talk, author Charles Stross will give a rambling, discursive, and angry tour of what went wrong with the 21st century, why we didn't see it coming, where we can expect it to go next, and a few suggestions for what to do about it if we don't like it.
Speaker: Sebastian Jünemann mit Krisenintervention den Kapitalismus hacken
Speaker: Ingo Dachwitz Die EU hat die Wahl: Schutz von Menschen oder von Geschäftsmodellen?
Speaker: Eyal Weizman Forensic Architecture is an independent research agency that undertakes historical and theoretical examinations of the history and present in articulating notions of public truth.
Speaker: Mathias Dalheimer Wir retten das Klima mit Elektroautos — und bauen die Ladeinfrastruktur massiv aus. Leider werden dabei auch Schwachstellen auf allen Ebenen sichtbar: Von fehlender Manipulationssicherheit der Ladesäulen bis hin zu inhärent unsicheren Zahlungsprotokollen und kopierbaren Zahlkarten. Ladesäulenhersteller und Ladenetzbetreiber lassen ihre Kunden im Regen stehen — geht das schnelle Wachstum des Marktanteils zu Lasten der Kundensicherheit?
Speaker: Paul Emmerich Things you always wanted to know about NIC drivers.
Speaker: Clifford Wolf Formal hardware verification (hardware model checking) can prove that a design has a specified property. Historically only very simple properties in simple designs have been provable this way, but improvements in model checkers over the last decade enable us to prove very complex design properties nowadays. riscv-formal is a framework for formally verifying RISC-V processors directly against a formal ISA specification. In this presentation I will discuss how the complex task of verifying a processor against the ISA specification is broken down into smaller verification problems, and other techniques that I employed to successfully implement riscv-formal.
Speaker: oranav A journey on how to fix broken proprietary hardware by gaining code execution on it.
Speaker: Mustafa Al-Bassam The Joint Threat Research Intelligence Group (JTRIG), a unit in one of Britain’s intelligence agencies, is tasked with creating sockpuppet accounts and fake content on social media, in order to use "dirty tricks" to "destroy, deny, degrade [and] disrupt" enemies by "discrediting" them. In this talk, we reveal some of that content, in relation to infiltrating activists groups around the world, including during the Arab spring and Iranian revolution.
Speaker: Saud Al-Zaid My talk explores the interconnected nature of war and culture. It does so through the context of technology and political discourse in contemporary art. With a view from the battle fields of the Middle East, both real and imagined, I attempt to dissect how the political discourse of academia and the art world trickles down to everyday discussions. A simple word such as "assassination" becomes rife with racism when its etymology can be linked to anti-Muslim propaganda that originated during the Crusades. And today assassination is the primary political tool of the West to negotiate with Muslim radicals, even violating their own rules of citizenship, constitutional, and human rights protections in the process. With this backdrop, we see how the artistic works of such diverse artists such as Chris Marker, Chris Burden, Haroun Farouki, Anish Kapoor, and Banksy have evolved to reflect the political discourse of the moment. The digital advancements of the war zone, I argue, are reflected in the diametrically opposed peaceful spaces of the gallery, museum, or art house cinema. As the digital defeats analogue, the act of killing becomes disconnected from the killer, with democracies spreading thei blame over systemic failures rather than facing the reality of death.
Speaker: Katika Kühnreich In 2014 China’s government announced the implementation of big data based social credit systems (SCS). The SCS will rate online and offline behavior to create a score for each user. One of them is planned to become mandatory in 2020. This lecture will review the current state of governmental and private SCS and different aspects of these systems.
Speaker: Markus Beckedahl Deutschland hat gewählt, man weiß nur noch nicht, wer regieren wird. Bis Weihnachten könnte ein Koalitionsvertrag verhandelt worden sein, vielleicht auch später. Was sind die zu erwartenden großen Debatten der neuen Legislaturperiode?
Speakers: Agnes, Okhin France is part of the top countries trying to destroy encryption, especially through backdoor obligations, global interceptions, and effort to get access to master keys. French law already criminalises the use of encryption, imposing heavier penalties on people using it or regarding them as general suspects. How can we oppose this trend? What political role for developers?
Speaker: Filippo Valsorda The Go implementation of the P-256 elliptic curve had a small bug due to a misplaced carry bit affecting less than 0.00000003% of field subtraction operations. We show how to build a full practical key recovery attack on top of it, capable of targeting JSON Web Encryption.
Speaker: Alastair Reid Formal verification of software has finally started to become viable: we have examples of formally verified microkernels, realistic compilers, hypervisors etc. These are huge achievements and we can expect to see even more impressive results in the future but the correctness proofs depend on a number of assumptions about the Trusted Computing Base that the software depends on. Two key questions to ask are: Are the specifications of the Trusted Computing Base correct? And do the implementations match the specifications? I will explore the philosophical challenges and practical steps you can take in answering that question for one of the major dependencies: the hardware your software runs on. I will describe the combination of formal verification and testing that ARM uses to verify the processor specification and I will talk about our current challenge: getting the specification down to zero bugs while the architecture continues to evolve.
Speaker: hanno We're supposed to trust evidence-based information in all areas of life. However disconcerting news from several areas of science must make us ask how much we can trust scientific evidence.
Speakers: Tim Carstens, Parker Thompson Software vendors like to claim that their software is secure, but the effort and techniques applied to this end vary significantly across the industry. From an end-user's perspective, how do you identify those vendors who are effective at securing their software? From a vendor's perspective, how do you identify those techniques which are effective at improving security? Presenting joint work with Sarah Zatko, mudge, Patrick Stach, and Parker Thompson.
Speakers: Dennis Giese, DanielAW Did you ever want to run your own IoT cloud on your IoT devices? Or did you ever wonder what data your vacuum cleaning robot is transmitting to the vendor? Why a vacuum cleaning robot needs tcpdump? Nowadays IoT devices are getting more and more powerful and contain a lot of sensors. As most devices are connected directly to the vendor and transmit all data encrypted to the cloud, this may result in privacy issues. An IoT device with no internet connection lacks numerous features or is even unusable. We want to change that.
Speakers: J. Hartstein, Teresa Isigkeit, Franziska Sörgel Quantitative science evaluation, such as university rankings, rely on man-made algorithms and man-made databases. The modelling decisions underlying this data-driven algorithmic science evaluation are, among other things, the outcome of a specific power structure in the science system. Power relations are especially visible, when negotiated during processes of boundary work. Therefore, we use the discourse on 'citation cartels', to shed light on a specific perception of fairness in the scientific system, as well as on the actors who are in charge. While doing so, we draw analogies to the discourse on search engine optimization.
Speaker: LaForge This talk explains how individuals were able to communicate globally in the 1990ies using self-organized networks of BBSsin networks like FIDO and Z-Netz, before individual access to the Internet was possible. It also covers the efforts of non-profit organizations to provide individual access to Internet Mail+News via UUCP and later via IP during that period.
Speakers: Hans-Christian Ströbele, Constanze Kurz Der NSA-BND-Untersuchungsausschuss des Deutschen Bundestags ist zu Ende. Da bietet es sich an, nun auf die gesammelten Geheimdienstskandale und die Reaktionen auf die Enthüllungen zurückzublicken.
Speaker: Artem Kondratenko Positive Technologies researchers Maxim Goryachy and Mark Ermolov have discovered a vulnerability that allows running unsigned code. The vulnerability can be used to activate JTAG debugging for the Intel Management Engine processor core. When combined with DCI, this allows debugging ME via USB
Speaker: Artem Kondratenko Year 2017 was rich in vulnerabilities discovered for Cisco networking devices. At least 3 vulnerabilities leading to a remote code execution were disclosed. This talk will give an insight on exploit development process for Cisco IOS for two of the mentioned critical vulnerabilities. Both lead to a full takeover of the target device. Both PowerPC and MIPS architectures will be covered. The presentation will feature an SNMP server exploitation demo.
Speaker: Mahsa Alimardani How do Iranians experience the Internet? Various hurdles and risks exist for Iranians and including outside actors like American technology companies. This talk will assess the state of the Internet in Iran, discuss things like the threats of hacking from the Iranian cyber army; how the government are arresting Iranians for their online activities; the most recent policies and laws for censorship, surveillance and encryption; and the policies and relationships of foreign technology companies like Apple, Twitter and Telegram with Iran, and the ways they are affecting the everyday lives of Iranians. This talk will effectively map out how the Internet continues to be a tight and controlled space in Iran, and what efforts are being done and can be done to make the Iranian Internet a more accessible and secure space.
Speaker: Marc-Uwe Kling Willkommen in QualityLand, in einer nicht allzu fernen Zukunft: Alles läuft rund - Arbeit, Freizeit und Beziehungen sind von Algorithmen optimiert.
Speakers: benni, dorina, steffen An unseren Schulen besteht ein großes Defizit hinsichtlich der Vermittlung digitaler Mündigkeit. Da mittlerweile weitgehender Konsens besteht, dass an Schulen bezüglich digitaler Technologien mehr passieren muss, reagiert die Bildungspolitik und integriert neue Medien in die Bildungspläne. Auf Basis unserer Erfahrungen, die wir im Rahmen vom Chaos Macht Schule gesammelt haben, diskutieren wir die aktuellen bildungspolitischen Entwicklungen.
Speaker: argp This talk presents the technical details and the process of reverse engineering and re-implementation of the evasi0n7 jailbreak's main kernel exploit. This work was done in late 2013, early 2014 (hence the "archaeology" in the title), however, it will provide insight into the kernel debugging setup for iOS devices (iDevices), the encountered difficulties and how they were overcome, all of which can be useful for current iOS kernel vulnerability research.
Speakers: Tim Blazytko, Moritz Contag Do you want to learn how modern binary code obfuscation and deobfuscation works? Did you ever encounter road-blocks where well-known deobfuscation techniques do not work? Do you want to see a novel deobfuscation method that learns the code's behavior without analyzing the code itself? Then come to our talk and we give you a step-by-step guide.
Speakers: Linus Neumann, Martin Tschirsich, Thorsten Schröder Hacker des Chaos Computer Clubs (CCC) haben eine in mehreren Bundesländern zur Erfassung und Auswertung der kommenden Bundestagswahl verwendete Software auf Angriffsmöglichkeiten untersucht. Die Analyse ergab eine Vielzahl von Schwachstellen und mehrere praktikable Angriffsszenarien. Diese erlauben die Manipulation von Wahlergebnissen auch über die Grenzen von Wahlkreisen und Bundesländern hinweg. Die untersuchte Software „PC-Wahl“ wird seit mehreren Jahrzehnten für die Erfassung, Auswertung und Präsentation von Wahlen auf Bundes-, Landes- und Kommunalebene eingesetzt.
Speaker: alebey The German election in September 2017 brought a tectonic shift to the layout of German politics. With the AfD in parliament far-right illiberalism has reached the mainstream. We investigate the communicative developments underlying this rise. Using web-scraping and automated content analysis, we collected over 10.000 articles from mainstream-news and far-right blogs, along with over 90GBs of Tweets and thousands of Facebook-Posts. This allows us a deep insight into how public discourse works in 2017 Germany.
Speaker: manuel For a few decades by now, satellites offer us the tools to observe the whole Earth with a wide variety of sensors. The vast amount of data these Earth observations systems collect enters the public discourse reduced to a few numbers, numbers like 3 or even 300. So, how do we know the amount of ice melting in the arctic or how much rain is falling in the Amazon? Are groundwater aquifers stable or are they are being depleted? Are these regular seasonal changes or is there a trend? How can we even measure these phenomena on a global scale? This talk will provide one possible answer: gravity.
Speaker: Nadja Buttendorf Cyborgs und Body Enhancement sind typisch männlich dominierte Thematiken (Terminator etc). Im Gegensatz dazu ist zB die weiblich konotierte Beautybranche auch hochtechnisiert. Körper und Technologie sind auf verschiedenen Ebenen hier schon eng verzahnt. Diese beiden Bereiche zusammenzubringen ist FUN. Stehen Computer eigentlich auf rosa?
Speaker: Jean Rintoul An open source biomedical imaging project using electrical impedance tomography. Imagine a world where medical imaging is cheap and accessible for everyone! We'll discuss this current project, how it works, and future directions in medical physics.
Speakers: !Mediengruppe Bitnik Shipped from Germany for 0.1412554 Bitcoins Artists !Mediengruppe Bitnik talk about recent works around bots and the online ecosystems that has been forming around them. Through the lens of their recent works around algorithms and bots, !Mediengruppe Bitnik offer a look into some of the technologies shaping our day-to-day.
Speakers: Thomas Lohninger, Werner Reiter, Angelika Adensamer So intensiv wie 2017 wurde der Themenkomplex rund um Sicherheit und Überwachung in Österreich noch nie diskutiert. Das Thema ist in Hauptabendnachrichten und Leitartikeln angekommen. Die Diskussion rund um die geplante Einführung eines Sicherheitspakets, das sich bei näherer Betrachtung als ein reines Überwachungspaket entpuppt, bietet jede Menge Analysematerial: Öffentlich ausgetauschte (Schein-)Argumente, falsche Analogien und unpassende Sprachbilder haben die Debatte geprägt. In diesem Talk werden die Sprache der so genannten Sicherheitspolitiker (es sind in der Tat nur Männer) analysiert und ihre Argumente auf den Prüfstand gestellt.
Speaker: Sebastian Eschweiler In this presentation we will outline our findings about (Not)Petya's crypto flaws and how we were able to exploit them to decrypt infected computers.
Speaker: Steini Raum, Zeit, Licht und Gravitation, wie hängt das zusammen? Jeder kennt sie, kaum jemand versteht sie wirklich, die vielleicht berühmteste Gleichung der Welt: E=mc^2 Was hat es damit auf sich, was ist die spezielle- und was die allgemeine Relativitätstheorie? Wie kann man sicher sein, dass das wirklich stimmt? Bleibt die Zeit stehen, wenn man sich mit Lichtgeschwindigkeit bewegt? Was ist das Zwillings-Paradoxon und dehnt sich das Universum aus, oder werden wir einfach nur immer kleiner?
Speaker: Tijmen Schep What does it mean to be free in a world where surveillance is the dominant business model? Behind the scenes databrokers are turning our data into thousands of scores. This digital reputation is increasingly influencing our chances to find a job, a loan or even a date. Researchers are pointing out that, as people become aware of this reputation economy, it is generating a culture where self-censorship and risk aversion are the new normal.
Speaker: Vincent Haupert Bisher wurden Angriffe gegen App-basierte TAN-Verfahren und Mobilebanking von betroffenen Banken eher als akademische Kapriole abgetan. Sie seien, wenn überhaupt, nur unter Laborbedingungen und dazu unter wiederkehrend hohem manuellen Aufwand zu realisieren. Um diese Sichtweise zu korrigieren, haben wir das Programm Nomorp entwickelt, das in der Lage ist, zentrale Sicherungs- und Härtungsmaßnahmen in weltweit 31 Apps vollautomatisch zu deaktivieren und somit Schadsoftware Tür und Tor öffnet. Unter den Betroffenen stellen deutsche Unternehmen mit 20 Finanz-Apps die größte Fraktion.
Speaker: Keegan Ryan Trusted Execution Environments (TEEs), like those based on ARM TrustZone or Intel SGX, intend to provide a secure way to run code beyond the typical reach of a computer’s operating system. However, when trusted and untrusted code runs on shared hardware, it opens the door to the same microarchitectural attacks that have been exploited for years. This talk provides an overview of these attacks as they have been applied to TEEs, and it additionally demonstrates how to mount these attacks on common TrustZone implementations. Finally, we identify new techniques which allow us to peer within TrustZone TEEs with greater resolution than ever before.
Speaker: Noujoum Activists in Saudi Arabia have been able to celebrate important victories like the recent lifting of the ban on women driving in September 2017 but have to fight on a lot of other front lines at the same time. Websites are blocked on a large scale and many activists are sent to jail on the grounds of a loosely used cybercrime law. This talk will give some insight into the current social and political strife happening on the Saudi Internet from a first-hand-perspective using some of the data collected in a collaboration with the OONI project.
Speaker: Audrey Dutcher In our paper we present a novel tool called BootStomp able to identify security vulnerabilities in Android bootloaders (such as memory corruptions) as well as unlocking vulnerabilities. During its evaluation, BootStomp discovered 6 previously unknown vulnerabilities across 4 different bootloaders. Finally BootStomp has been open-sourced to help the security community.
Speakers: Will Scott, Gabe Edwards The DPRK has largely succeeded at hiding its consumer technology. While versions of the desktop operating system, Red Star, have leaked, the mobile equivalent hasn't, and there remains little knowledge of the content available on the intranet. Let's fix that!
Speakers: jiska, DanielAW Firmware modifications faking you fitter tSecurity architectures for wearables are challenging. We take a deeper look into the widely-used Fitbit fitness trackers. The Fitbit ecosystem is interesting to analyze, because Fitbit employs security measures such as end-to-end encryption and authentication to protect user data (and the Fitbit business model). Even though this goes beyond security mechanisms offered by other fitness tracker vendors, reverse-engineering the trackers enables us to launch practical attacks against Fitbit. In our talk, we demonstrate new attacks including wireless malware flashing on trackers as well as “unlocking” the trackers to work independent from the Fitbit cloud.
Speaker: Caleb James DeLisle How the internet self-governs without international law. When bad actors can simply move servers from country to country, why does the internet remain reasonably civil ? How does one get on, or get kicked off, of the internet ? Why do fraud and child abuse websites regularly get shut down but thepiratebay remains living ? I will explain BGP, the protocol that knits the internet together, also covering the world of last resort hosting, bulletproof hosting and high profile cases of servers that were taken offline and servers which could not be taken offline despite significant effort.
Speaker: Mathy Vanhoef We introduce key reinstallation attacks (KRACKs). These attacks abuse features of a protocol to reinstall an already in-use key, thereby resetting nonces and/or replay counters associated to this key. We show that our novel attack technique breaks several handshakes that are used in a WPA2-protected network.
Speakers: Michael Steil, Christian Hessmann The Apollo Guidance Computer ("AGC") was used onboard the Apollo spacecraft to support the Apollo moon landings between 1969 and 1972. This talk explains "everything about the AGC", including its quirky but clever hardware design, its revolutionary OS, and how its software allowed humans to reach and explore the moon.
Speakers: David Stainton, jeffburdges Strong metadata protection for asynchronous messaging We shall explain the renewed interest in mix networks. Like Tor, mix networks protect metadata by using layered encryption and routing packets between a series of independent nodes. Mix networks resist vastly more powerful adversary models than Tor though, including global passive adversaries. In so doing, mix networks add both latency and cover traffic. We shall outline the basic components of a mix network, touch on their roles in resisting active and passive attacks, and discuss how the latency impacts reliability, application design, and user experience.
Speaker: Rainer Rehak Die Informatik löst formale (mathematisch modellierte) Probleme ganz vorzüglich – doch nun soll sie alle anderen Probleme auch noch lösen / Computer science nicely solves formally modelled problems – now it is believed to solve everything else too. Die Informatik ist scheinbar das neue Göttliche, das den Klimawandel, die Kriminalität, unser fehlendes Wissen über das Gehirn, den globalen Terror, dichter werdenden Stadtverkehr, die Energieprobleme und die Armut der Welt lösen kann; und zwar mit der Blockchain, mit künstlicher Intelligenz, mit der Cloud und mit Big-Data. Doch inwiefern ist die Informatik überhaupt in der Lage, derartige Probleme hoher gesellschaftlicher Relevanz anzugehen? In diesem Vortrag soll versucht werden, Teile der riesigen Wunschliste an die Informatik mit ihren tatsächlichen aktuellen Möglichkeiten in Einklang zu bringen sowie die ökonomischen Motivationen und Rahmenbedingungen einzubeziehen.
Speaker: Sandra Trostel work in progress beta preview of the documentary !!! This event is not going to be recorded !!! ALL CREATURES WELCOME is a documentary film about the communities of the digital age. It shows the possibilities of new paths and new perspectives for society by using hacking as a mind-set.
Speaker: Dr. Silke Holtmanns Many mobile network operators rush to upgrade their networks to 4G/LTE from 2G and 3G, not only to improve the service, but also the security. The Diameter protocol - the successor of SS7 in Long Term Evolution (LTE) networks is believed to offer more protection to the network itself and to the end-users. However, also Diameter offers a rich functionality set, which can be also exploited and misused, if the network is not properly protected. We will show in this lecture, how data interception (MiM) can be done via the diameter based interconnection link.
Speaker: Michael Kreil Therapiestunde mit einem Datenjournalisten und vielen bunten Visualisierungen „Angriff der Meinungsroboter“ und „Gefangen in der Filterblase“ titelten die deutschen Medien. Doch was ist wirklich daran?
Speaker: Sarah Grant Approaches to working with sound and network data transmissions as a sculptural medium. This talk considers the visceral relationship one can have towards intangible media, notably sound and network data transmissions. Sarah presents a selection of her work demonstrating these synesthetic relationships, ranging from experiments in bio and fiber arts to interface design and educational tools for demystifying computer networking technology.
Speakers: Daniel Wessolek, Isabelle Dechamps Over the past year, we have been developing open source wheelchair add-ons through user research, ideation, design, prototyping and testing. We present the outcome and insights from the process.
Speakers: Hendrik Heuer, KRN Über die Banalität der Beeinflussung und das Leben mit Algorithmen. Eine wissenschaftliche Perspektive auf die achtlose Anwendung der Algorithmen des maschinellen Lernens und der künstlichen Intelligenz, z.B. in personalisierten Nachrichtenempfehlungssystemen oder Risikosoftware im US-Justizsystem.
Speaker: Daan Sprenkels Shamir secret sharing: How it works and how to implement it
Speaker: Katja Bach „5.-Klässlerinnen, die über die Millisekunden für einen delay()-Aufruf diskutieren! Gibt es nicht? Doch, gibt es!“ Ein Modellprojekt mit sieben Schulen in Aachen hat diese Frage untersucht – wir haben die Schülerinnen und Schüler begleitet und würden gerne darüber berichten, denn wir wissen jetzt: Programmieren macht ihnen Spaß!
Speaker: Katharine Jarmul Tools for Fooling the "Black Box" In the past decade, machine learning researchers and theorists have created deep learning architectures which seem to learn complex topics with little intervention. Newer research in adversarial learning questions just how much “learning" these networks are doing. Several theories have arisen regarding neural network “blind spots” which can be exploited to fool the network. For example, by changing a series of pixels which are imperceptible to the human eye, you can render an image recognition model useless. This talk will review the current state of adversarial learning research and showcase some open-source tools to trick the "black box."
Speaker: Marloes de Valk ...and dehumanize ourselves in the process? A talk on waiting for the technological rapture in the church of big data. The paralysing effect of hiding the human hand in software through anthropomorphising computers and dehumanising ourselves.
Speaker: MathiasL Dissecting FPGAs from bottom up, extracting schematics and documenting bitstream formats In this talk I describe the basic makeup of FPGAs and how I reverse engineered the Xilinx 7 Series and Lattice iCE40 Series together with the implications.
Speakers: AKO, Hanna Wüller On the obstacles to think of emergent technologies in the field of nursing science In German nursing science the dominant position on emergent technologies demands the removal of machines from caring environments („Entmaschinisierung“). In contrast to this, European research policy heavily focus on developing new health and social technologies to solve societal issues like a skill shortage in nursing. Thinking about technology in nursing science cannot but be conflicted. In this talk we first expose requirements for particularly conceptualizing the application of technological systems in care work settings. Further we will give an overview on main arguments against digital technologies in care with an example of a current research project in the field of Augmented Reality in care work.
Speakers: Hendrik, Kathrin How search and rescue in the mediterranean was criminalized The ship „Iuventa“ of the organization „Jugend Rettet“ was seized on August 2nd 2017 by the Italian authorities. The accusations: facilitating illegal immigration, organized crime and possession of weapons. What followed was a smear campaign that had seldomly been seen before. Against „Jugend Rettet“ and all the other NGOs that do search and rescue (SAR) in the mediterranean sea.
Speaker: raichoo Systems are getting increasingly complex and it's getting harder to understand what they are actually doing. Even though they are built by human individuals they often surprise us with seemingly bizarre behavior. DTrace lights a candle in the darkness that is a running production system giving us unprecedented insight into the system helping us to understand what is actually going on. We are going implement `strace`-like functionality, trace every function call in the kernel, watch the scheduler to its thing, observer how FreeBSD manages resources and even peek into runtime systems of high level programming languages. If you ever wondered what software is doing when you are not looking, this talk is for you.
Speakers: frank, Constanze Kurz, nexus, Linus Neumann Staatstrojaner, Vorratsdaten, automatisierte Biometriesammlungen, PC-Wahl – wir geben einen Überblick über die Themen, die den Chaos Computer Club 2017 beschäftigt haben.
Speakers: Veronica Valeros, Sebastian Garcia In 2015, artist Ai Weiwei was bugged in his home, presumably by government actors. This situation raised our awareness on the lack of research in our community about operating and detecting spying microphones. Our biggest concern was that most of the knowledge came from fictional movies. Therefore, we performed a deep study on the state-of-the-art of microphone bugs, their characteristics, features and pitfalls. It included real life experiments trying to bug ourselves and trying to detect the hidden mics. Given the lack of open detection tools, we developed a free software SDR-based program, called Salamandra, to detect and locate hidden microphones in a room. After more than 120 experiments we concluded that placing mics correctly and listening is not an easy task, but it has a huge payoff when it works. Also, most mics can be detected easily with the correct tools (with some exceptions on GSM mics). In our experiments the average time to locate the mics in a room was 15 minutes. Locating mics is the novel feature of Salamandra, which is released to the public with this work. We hope that our study raises awareness on the possibility of being bugged by a powerful actor and the countermeasure tools available for our protection.
Speakers: @EMHacktivity, José Lopes Esteves Ways to Chaos in Digital and Analogue Electronics For non specialists, Electromagnetic Pulse weapons (EMP) are fantasy weapons in science fiction movies. Interestingly, the susceptibility of electronic devices to electromagnetic interference has been advertised since the 90’s. Regarding the high integration of sensors and digital systems to control power-grids, telecom networks and automation infrastructures (e.g. Smart-grids, Industrial Control Systems), the intrinsic vulnerability of electronic devices to electromagnetic interference is of fundamental interest. In the context of IT Security, few studies have been carried out to understand how the effects may be a significant issue especially in the far-field region (distance between the transmitter’s antenna and the target with regard to the wavelength/central frequency). Most studies in Emanation Security (EMSEC) are related to near-field probing for side-channel and fault injection attacks assuming a close physical access to the targeted devices. In this paper, we propose a methodology to detect, classify and correlate the effect induced during the intentional exposure of analogue and digital systems to electromagnetic interference. Applying this methodology, the implication of the effects for the IT security world will be discussed with regards to the attacker profile needed to set-up a given scenario.
Speakers: Kire, Patrick Stählin, Hakuna MaMate Die aktuellen Auseinandersetzungen über digitale Freiheitsrechte Gleich in drei Gesetzen drohen Netzsperren. Staatstrojaner und Massenüberwachung bis ins WLAN sind mit der Einführung der Überwachungsgesetze BÜPF und NDG vorgesehen. E-Voting soll auf Biegen und Brechen durchgesetzt werden. Nur garantierte Netzneutralität lässt weiter auf sich warten. Im Vortrag versuchen wir, Einsichten in die netzpolitischen Auseinandersetzungen in der Schweiz zu geben und Handlungsmöglichkeiten aufzuzeigen.
Speaker: Barbara Wimmer Expect current examples of IoT fails that I collected during my work as a journalist in regards of privacy and security. What do such fails mean for society? What are possible solutions and what can customers do?
Speakers: overflo, muzy How to make a community project fly The Blinkenrocket is a DIY SMD Soldering Kit that was designed to teach different manufacturing and soldering skills. A lot of work on both Hardware and Software was done in CCC erfas namely shackspace, chaosdorf and metalab. The kit is used in workshops since 1.5 years at the chaos macht schule events and is very successful in its purpose. Creating this project was plenty of work and there is so much to show and tell around it, it will blow your mind.
Speaker: Thorsten ...or why we need 17 billion Volts to make a picture. Wouldn’t it be awesome to have a microscope which allows scientists to map atomic details of viruses, film chemical reactions, or study the processes in the interior of planets? Well, we’ve just built one in Hamburg. It’s not table-top, though: 1 billion Euro and a 3km long tunnel is needed for such a ‘free electron laser’, also called 4th generation synchrotron light source. I will talk about the basic physics and astonishing facts and figures of the operation and application of these types of particle accelerators.
Speakers: Benjamin Kollenda, Philipp Koppe An introduction into reverse-engineering x86 microcode and writing it yourself Microcode is an abstraction layer on top of the physical components of a CPU and present in most general-purpose CPUs today. While it is well-known that CPUs feature a microcode update mechanism, very little is known about its inner workings given that microcode and the update mechanism itself are proprietary and have not been throughly analyzed yet. We close this gap by both analyzing microcode and writing our own programs for it. This talk will give an insight into our results and how we achieved them, including live demos of what we can do and technical details.
Speakers: Robert Tibbo, Edward Snowden A Rapidly Emerging Police State and Imminent Deportation to Sri Lanka and Philippines. The Snowden Refugees’ actions to protect the world’s most significant whistle blower of the 21st Century, amounts to an expression of Political Opinion. Since September 2016, the Snowden Refugees have been systematically targeted and persecuted by the Hong Kong government based on that political opinion.
Speaker: Collin Mulliner SafetyNet Attestation is the primary platform security service on Android. Until recently you had to use third party tools or implemented your own app integrity checks and device rooting checks. Today you can use Android's SafetyNet Attestation infrastructure to ensure the integrity of your application and the user's device. Unfortunately, SafetyNet Attestation is not well documented by Google. This talk is split into three parts. Part one provides a deep dive into SafetyNet Attestation how it works. Part two is a guide on how to implement and use it for real world applications. This is based on the lessons learned from implementing SafetyNet Attestation for an app with a large install base. The talk will provide you with everything you need to know about Android’s SafetyNet Attestation and will help you to implement and use it in your app. Part three presents attacks and bypasses against SafetyNet Attestation. The attack method targets not only SafetyNet but other similar approaches. New tools and techniques will be released at this talk.
Speakers: Guillaume Heilles, P1kachu (without your mom yelling at you) Lots of research are arising from the fairly unexplored world of automative communications. Cars are no longer becoming computers, they are fully connected networks where every ECU exchanges and operates the vehicles at some point. Here is an introduction of my immersion and discussions with my car, and how I finally managed to drift (a bit) with my mom's FWD Fiat 500c.
Speakers: plutoo, derrek, naehrwert Homebrew on the Horizon. Nintendo has a new console, and it's more secure than ever.
Speakers: Jos Wetzels, Ali Abbasi Analyzing & Breaking Exploit Mitigations and Secure Random Number Generators on QNX 6.6 and 7.0 In this talk we will present a deep-dive analysis of the anatomy of QNX: a proprietary, real-time operating system aimed at the embedded market used in many sensitive and critical systems, particularly within the automotive industry. We will present the first reverse-engineering and analysis of the exploit mitigations, secure random number generators and memory management internals of QNX versions up to and including 6.6 and the brand new 64-bit QNX 7.0 (released in March 2017) and uncover a variety of design issues and vulnerabilities.
Speakers: Jasmin Klofta, Tom Wills Exposing the global banking watchlist Faced with new responsibilities to prevent terrorism and money laundering, banks have built a huge surveillance infrastructure sweeping up millions of innocent people. Investigative journalists Jasmin Klofta and Tom Wills explain how, as part of an international collaboration, they exposed World-Check, the privately-run watchlist at the heart of the system.
Speaker: Sebastian Schmieg Will You Be My Plugin? While technology is often described as an extension of our bodies, this talk will explore a reversed relationship: Bodies and minds of digital laborers (you and me and basically everybody else) as software extensions that can be easily plugged in, rewired, and discarded. I will approach this topic from an artist's point of view.
Speaker: Inke Arns Afrofuturism, Telling tales of speculative futures Inke Arns will present speculative projections of the future and current developments in the field of digital technologies by artists and inventors from different countries in Africa, the African diaspora and many other actors in the USA and Europe.
Speakers: Igor Skochinsky, Nicola Corna Many claims were made recently about purpose and capabilities of the Intel ME but with all the buzz it is not always clear what are facts and what is just speculation. We'll try to clear the fog of misunderstanding with research based on investigations of ME firmware and practical experiments on ME-equipped hardware.
Speaker: Peter Schaar Wie steht es um die Sicherheitsversprechen, die mit dem Einsatz von neuen Überwachungsinstrumenten abgegeben werden? Welche Unterminierung der Sicherheit kann durch Überwachung eigentlich entstehen?
Speaker: Ari You are surrounded by ICs. Yet you probably don't know much about how such a chip is made. This talk is an introduction to the world of chip fabrication from photolithography over ion implantation to vapor deposition of the connections.
Speaker: Trevor Perrin The Noise Protocol Framework is a toolkit for 2-party secure-channel protocols. Noise is used by WhatsApp for client-server communication, by the WireGuard VPN protocol, and by the Lightning Network. In this talk I'll describe the rationale behind such a framework, and how you can use it to build simple, efficient, and customized secure-channel protocols.
Speakers: Charles Hubain, Cédric Tessier This talk will go over our efforts to implement a new open source DBI framework based on LLVM. We'll explain what DBI is used for, how it works, the implementation challenges we faced and compare a few of the existing frameworks with our own implementation.
Speakers: djb, Tanja Lange, Nadia Heninger Fun with lattices in cryptography and cryptanalysis. Lattices are an extremely useful mathematical tool for cryptography. This talk will explain the basics of lattices in cryptography and cryptanalysis.
Speakers: ktemkin, dominicgs 'Liberating' Firmware from Closed Devices with Open Source Hardware. Systems that hide their firmware-- often deep in readout-protected flash or hidden in encrypted ROM chips-- have long stymied reverse engineers, who often have to resort to inventive methods to understand closed systems. To help reduce the effort needed to get a foothold into a new system, we present GlitchKit-- an open source hardware and firmware solution that significantly simplifies the process of fault-injecting your way into a new system -- and of fault-injecting firmware secrets out! This talk presents the development completed thus far, demonstrates the use of GlitchKit in simple attacks, and invites participation in the development of our open-source tools.
Speaker: brainsmoke Practical cache attacks on the MMU. Address Space Layout Randomization (ASLR) is fundamentally broken on modern hardware due to a side-channel attack on the Memory management unit, allowing memory addresses to be leaked from JavaScript. This talk will show how.
Speaker: Mike Sperber From Hacker Culture to the Software of the Future. Hacker culture overcomes limitations in computer systems through creativity and tinkering. At the same time, hacker culture has shaped the practice of software development to this day. This is problematic - techniques effective for breaking (into) a computer systems are not necessarily suitable for developing resilient and secure systems. It does not have to be this way: We can approach software development as a methodical, systematic activity rather than tinkering, and teach it accordingly. I'll review my experience teaching these methods for the past 18 years and give some suggestions on what *you* may do.
Speaker: Kristin Pietrzyk Zum Verbot von Indymedia linksunten. Im August 2017 wurde Indymedia linksunten vom Bundesinnenminister verboten. Rechtsanwältin Kristin Pietrzyk berichtet von den Razzien, von der Zusammenarbeit zwischen Polizei und Geheimdiensten und gibt Einblick in das juristische Vorgehen gegen Verbot und Zensur.
Speaker: lolnerd Theory and practice of moonshining and legal distilling. This talk covers the theory, legality and economics of home distilling. We present the theoretical background of mashing, fermenting and distilling alcohol as well as the legal framework for home distilling in Germany from 2018 on.
Speakers: Markus Muellner, Markus Kammerstetter An AES encrypted radio system. Hoermann BiSecur is a bi-directional wireless access control system “for the convenient and secure operation of garage and entrance gate operators, door operators, lights […]” and smart home devices. The radio signal is AES-128 encrypted and the system is marketed to be “as secure as online banking”. In comparison to conventional and often trivial to break wireless access control systems, the system should thus make it practically infeasible to clone a genuine transmitter so that attackers can get unauthorized access. We used the low-cost CCC rad1o software defined radio (SDR) platform to intercept and analyze the wireless radio signal. We took apart several Hoermann BiSecur hand transmitters and subsequently utilized a vulnerability in the microcontroller to successfully extract the firmware. In order to conduct a security audit, the extracted firmware was disassembled and analyzed so that the encryption mechanism, the key material, the cryptographic operations as well as the RF interface could be reverse engineered. Our security analysis shows that the overall security design is sound, but the manufacturer failed to properly initialize the random seed of the transmitters. As a result, an attacker can intercept an arbitrary radio frame and trivially compute the utilized encryption key within less than a second. Once the key is known to the attacker, a genuine transmitter can be cloned with an SDR platform such as the CCC rad1o. In addition to unauthorized operation of gates and doors, there is a likely (although currently untested) impact on Smart Home appliances that use the BiSecur system. We tested a total of 7 hand transmitters from 3 different model series and with manufacturing dates between 2015 and 2017. All analyzed hand transmitters shared the same static random seed and were found to be vulnerable to our attack. The vulnerability can easily be fixed so that fut
Speakers: Nero Lapislucis, sir wombat from apple to schnaps -- a complete diy-toolchain. This talk covers the theory, the required tools and how to make them, and the process of turning apples into juice, ferment them, and enrich the alcohol content of the product.
Speakers: jacob remin, goto80 The Robots Play Our Music and What Do We Do? Once full automation hits, we will have a lot of free time on our hands. This project demonstrates early explorations in computer generated music via robot hands, old computers and generative algorithms. While the robot performs, we sit next to it and invite people for a conversation about robots being “creative” and “stealing our jobs”.
Speakers: Sec, Ray Zahlenraten für Geeks. The Hacker Jeopardy is a quiz show.
Speakers: Nicolas Wöhrl, @ReinhardRemfort Die Wissenschaftsgala vom 34C3. Der IgNobelpreis ist eine Auszeichnung, um wissenschaftliche Leistungen zu ehren, die „Menschen zuerst zum Lachen, dann zum Nachdenken bringen“ („to honor achievements that first make people laugh, and then make them think“). Wir erklären die Preisträger 2017 in gewohnter Minkorrekt-Manier.
Speaker: vavoida Taxation, the most "boring" #34c3 talk, but hey it's the economy stupid, and you pay for it! We will a provide a quick overview of the international taxation system. Explaining what a Double Irish Sandwich is. Why international corporations like Google only pays 2.4% taxes. And how your favourite tech companies (Google, Amazon, Apple, Microsoft, ... ) evaded billions in taxes. This tax-dodging costs the European Union more than $50 billion. Annually. We bring this numbers into perspective. And why you pay more. And how you should discuss that topic, since it defines how our society will be.
Speaker: Friedemann Reinhard Can we see the stray radiation of wireless devices? And what would the world look like if we could?
Speaker: Trammell Hudson The NERF and Heads projects bring Linux back to the cloud servers' boot ROMs by replacing nearly all of the vendor firmware with a reproducible built Linux runtime that acts as a fast, flexible, and measured boot loader. It has been years since any modern servers have supported Free Firmware options like LinuxBIOS or coreboot, and as a result server and cloud security has been dependent on unreviewable, closed source, proprietary vendor firmware of questionable quality. With Heads on NERF, we are making it possible to take back control of our systems with Open Source Software from very early in the boot process, helping build a more trustworthy and secure cloud.
Speaker: Adam Chlipala Most working engineers view machine-checked mathematical proofs as an academic curiosity, if they have ever heard of the concept at all. In contrast, activities like testing, debugging, and code review are accepted as essential. They are woven into the lives of nearly all developers. In this talk, I will explain how I see machine-checked proofs enabling new everyday activities for developers of computer software and hardware. These activities have the potential to lower development effort dramatically, at the same time as they increase our assurance that systems behave correctly and securely. I will give a cosmological overview of this field, answering the FAQs that seem to stand in the way of practicality; and I will illustrate the principles with examples from projects that you can clone from GitHub today, covering the computing stack from digital hardware design to cryptographic software and applications.
Speaker: Kaspar Is designing circuits with code instead of CAD the future of electronic design automation? Mod An overview and history of various tools and languages that allow you to use code rather than CAD software to design circuits.
Speaker: Anja Dahlmann The time travelling android isn’t even our biggest problem Event large Depending on the definition, autonomous weapon systems do not and might never exist, so why should we care about killer robots? It is the decline of human control as an ongoing trend in military systems and the incapacity of computing systems to „understand“ human beings and the nature of war that is worrisome.
Speakers: Johannes Valbjorn, Emmerik Freetown Christiania´s digitally controlled/surveyed heating system. 350 users Project “Nabovarme” (meaning “neighbour heating”) has transformed private heating necessity into a social experiment build on OpenSource software/hardware and social empowerment by transforming heat consumers into Nabovarme Users and letting them take ownership to infrastructure and consumption.
Speaker: Molly de Blanc From tractors to Web standards Digital Restrictions Management (DRM) is found everywhere from music to cars and, most recently, World Wide Web Consortium recommendations. How did we get here and where are we going with DRM? Who really owns not just your tools, but your experiences when someone (or something) else is controlling access to the data and access around them? We'll attempt to answer these questions, and more, in a historical overview, contemporary analysis, and look towards the future.
Speakers: Eva Blum--Dumontet, Millie Wood What does policing look like in the age of data exploitation? This is the question we at Privacy International have been exploring for the past two years. Our research has focused on the UK where the population has been used as guinea pigs for ever more invasive modern approaches to policing. In this talk we will discuss our findings with you and avenues for change.
Speaker: Fefe Eine Geschichte voller Missverständnisse. Anhand von Anekdoten aus 20 Jahren Softwareentwicklung versucht der Vortrag herauszuarbeiten, was in der Praxis zu scheiternden Projekten führt.
Speaker: Arturo Filastò (hellais) The Open Observatory of Network Interference. How can we take a stand against the increasing shadow of Internet censorship? With OONI Probe you can join us in uncovering evidence of network interference!
Speaker: Thomas Lohninger After four years of advocacy and lobbying to enshrine net neutrality principles in law in Europe, we can now examine the first full year of enforcement of the new rules. We will compare the enforcment of net neutrality in the individual EU member states, showcase a few of the more creative net neutrality violations and demonstrate what civil society can do to keep the Internet neutral. Enforcing net neutrality also requires network measurement tools that can detect discrimination; we will discuss what progress Europe has made in this regard.
Speakers: Moritz, ALX Eliminating nuclear weapons will require trusted measurement systems to confirm authenticity of nuclear warheads prior to their dismantlement. A new idea for such an inspection system is to use vintage hardware (Apple IIe/6502) instead of modern microprocessors, reducing the attack surface through simplicity. In the talk, we present and demo a custom open hardware measurement system based on gamma spectroscopy.
Speakers: anja, sjunk ... or is it just PEWPEW?! Space Solar Power station, such as SPS Alpha, could overcome some issues that renewable energy plants on Earth suffer of structural basis when challenges such as energy transfer from orbit to Earth are solved. But will this solve the Earth's problems in a peaceful way?
Speaker: maggic From molecular colonization to molecular collaboration. Collaborative and interdisciplinary research, Open Source Estrogen combines biohacking and artistic intervention to demonstrate the entrenched ways in which estrogen is a biomolecule with institutional biopower. It is a form of biotechnical civil disobedience, seeking to subvert dominant biopolitical agents of hormonal management, knowledge production, and anthropogenic toxicity. Thus, the project initiates a cultural dialogue through the generation of DIY/DIWO (do-it-yourself/do-it-with-others) for the detection and extraction of estrogen, and contextualized as kitchen performance and queer body worship.
Speaker: Matthias Overview of how the state censored and how it got circumvented. On October 1st the Catalan society held a referendum to decide if they wanted to stay part of the Spanish state or create an independent state. This talk will explain the internet censorship which took place in the weeks before the referendum, on the very same day as well as in the timer after the referendum.
Speaker: Christoph Airborne wind energy is the attempt to bring the digital revolution to the production of energy. It means that we convert the power of high-altitude winds into electricity by autonomously controlled aircraft which are connected to the ground via a tether. This technology can be a key element to finally power the world by clean energy only. In this talk we will explain the physical foundations, give an overview of the current status and show you how to build an experimental system by yourself: it involves hacking an off-the-shelf model aircraft and its autopilot based on the open and free Ardupilot framework.
Speaker: Zooko Bitcoin arrived eight years ago, and has now spawned a dazzling array of follow-on technologies, including smart contracts, censorship-resistant computation, trustless databases (“blockchains”) and more. This talk attempts to highlight a few of the most significant developments in both technology and in society's response to it, including some nation-state governments banning cryptocurrencies and/or launching their own cryptocurrencies.
Speaker: iamkat Artistic interventions in climate change. This talk will report on my current research in bringing to bear multiple knowledges on problem spaces around the environment and digital culture, and in so doing questioning both the prevailing knowledge hierarchy and the institutionalisation of knowledge production. To connect with the environment, for instance, do we need to connect with how it feels? This talk draws on works exploring both the marine environment and food, using knowledge from science, art, culture, instinct and history to create happenings and instances that break out the border of "me" and "my environment" to create an empathic response linking what we traditionally consider to be inside and outside. This will be demonstrated in the context of two artistic works - The Coral Empathy Device and Vital | Flows.
Speaker: Pierros Papadeas Going to space the libre way. During 2016 Libre Space Foundation a non-profit organization developing open source technologies for space, designed, built and delivered UPSat, the first open source software and hardware satellite.
Speaker: nsr Towards an open source binary firmware analysis framework. Avatar² is an open source framework for dynamic instrumentation and analysis of binary firmware, which was released in June 2017. This talk does not only introduce avatar², but also focuses on the motivation and challenges for such a tool.
Speaker: Nikos Roussos Satellite Open Ground Station Network. An overview of the SatNOGS project, a network of satellite ground station around the world, optimized for modularity, built from readily available and affordable tools and resources.
Speakers: Kurt Opsahl, William Budington Traveling with Digital Devices in the Golden Age of Surveillance. Our lives are on our laptops – family photos, medical documents, banking information, details about what websites we visit, and so much more. Digital searches at national borders can reach our personal correspondence, health information, and financial records, allowing an affront to privacy and dignity which is inconsistent with the values of a free society. While privacy and security is important for any traveler, this has become a critical issue for international conferences and their attendees, who shouldn’t need to trade off an invasive search for participating in important conversations. This talk will discuss the both the legal and policy issues with border searches, as well as technological measures people can use in an effort to protect their data.
Speakers: seyru, Sven Willner, Robert Gieseke An introduction to the basics of climate research and what we can do about climate change. Climate change has long ceased to be news to many people, but it is increasingly shaping humanity's reality. This talk sheds light on the changes in the climate system and their consequences. We introduce the basics and discuss possible actions in response.
Speakers:Felix Höfner, Lucia, Marek, Janosch, Slim !!! This event is not going to be recorded !!! Herbst 2017. Irgendwo in Deutschland. Die führenden Köpfe der AfD träumen von der parlamentarischen Machtübernahme und dem schleichenden Sieg im Kampf um die Deutungshoheit von Begrifflichkeiten. Doch dann kommt alles ganz anders.
Speakers: ruedi, cforler Die Sicherheitsdesaster bei der Schlüsselgenerierung in TPM Chips und bei der Minix 3 basierten Intel ME Implementierung zeigen, dass das Vertrauen in hardwaregestützte Coputersicherheit grundlegend hinterfragt werden muss. Die Robustness in feindlicher Umgebung kann mit anspruchsvolleren kryptographische Verfahren mathematisch abgesichert erhöht werden.
Speaker: Ilja van Sprundel A survey of BSD kernel vulnerabilities. In this presentation I start off asking the question „How come there are only a handful of BSD security kernel bugs advisories released every year?“ and then proceed to try and look at some data from several sources.
Speaker: David Leutwyler The representation of thunderstorms (deep convection) and rain showers in climate models represents a major challenge, as this process is usually approximated with semi-empirical parameterizations due to the lack of appropriate computational resolution. Climate simulations using kilometer-scale horizontal resolution allow explicitly resolving deep convection and thus allow for an improved representation of the water cycle. We present a set of such simulations covering Europe and global computational domains. Finally, we discuss challenges and prospects climate modelers face on heterogeneous supercomputers architectures.
Speaker: Wam (P.J.H.F.) Kat Das erste computer netzwerk in Krieg (Jugoslavia 1992-1997) Die Geschichte des ZAMIR Transnational Network und meines Zagreb-Diary (http://www.wamkat.de/diaries1/zagreb-diary) zwischen 1991 und 1995 im früheren Jugoslawien. Es war das erste Computernetzwerk in einer Kriegsregion, das alle Friedens-, Frauen-, Menschenrechts- und humanitäre Aktivisten und alle anderen Menschen in dem Kriegsgebiet miteinander und der Außenwelt verbunden hat.
Speakers: Stefan Pelzer, Philipp Ruch, Morius Enden Neues vom Zentrum für Politische Schönheit. Flüchtlingsfressende Tiger in Berlin, zum Diktatorensturz aufrufende Flugblätter in Istanbul und ein Mahnmal das den Rechtsextremisten Björn Höcker in seinem Thüringer Dorf heimsucht: Viel ist geschehen, seit das Zentrum für Politische Schönheit vor 3 Jahren auf dem Kongress gesprochen hat.
Speaker: Benjamin Leon Bodirsky Cybernetic models analyze scenarios of interactions between future global food consumption, agriculture, landuse, and the biogeochemical cycles of water, nitrogen and carbon. How can we feed a growing world population within a resilient Earth System? This session will present results from our cybernetic computer models that simulate how future trends in population growth, diets, technology and policy may change the global land cover, freshwater usage, the nitrogen cycle and the climate system, and how more sustainable pathways can be reached. We want to discuss how our computer models and our data can be made accessible and usable by a broader community, and which new ways exist to visualize key insights and provide decision support to our society. We will also showcase some interactive physical installations that have been developed jointly with a group of art students to visualize future scenarios.
Speakers: Vadim Yanitskiy, ptrkrysik SDR PHY for OsmocomBB Since SDR (Software Defined Radio) becomes more popular and more available for everyone, there is a lot of projects based on this technology. Looking from the mobile telecommunications side, at the moment it's possible to run your own GSM or UMTS network using a transmit capable SDR device and free software like OsmoBTS or OpenBTS. There is also the srsLTE project, which provides open source implementation of LTE base station (eNodeB) and moreover the client side stack (srsUE) for SDR. Our talk is about the R&D process of porting the existing GSM mobile side stack (OsmocomBB) to the SDR based hardware, and about the results we have achieved.
Speakers: Tobias Mueller, Erik, Matthias Survey of Network Anonymisation Techniques. There exists no such thing as a perfect anonymity network with low latency, low bandwith consumption which provides strong anonymity. Popular anonymisation networks rightfully focus on Web browsing, because that is the most popular application on todays Internet. The most popular anonymisation network is, rightfully so, Tor. You might, however, not have the requirements that mandate the use of the Tor network and thus are looking for alternatives. In this talk, we present alternatives to the popular Tor anonymisation network and examine what they achieve and how they differ.
Speaker: Jonathan Donges International commitment to the appropriately ambitious Paris climate agreement and the United Nations Sustainable Development Goals in 2015 has pulled into the limelight the urgent need for major scientific progress in understanding and modelling the Anthropocene, the tightly intertwined social-techno-ecological planetary system that humanity now inhabits. The Anthropocene qualitatively differs from previous eras in Earth’s history in three key characteristics: (1) There is planetary-scale human agency. (2) There are social and economic networks of teleconnections spanning the globe. (3) It is dominated by planetary-scale social-ecological feedbacks. Bolting together old concepts and methodologies cannot be an adequate approach to describing this new geological era. Instead, we need a new paradigm in Earth System science that is founded equally on a deep understanding of the physical and biological Earth System – and of the economic, technological, social and cultural forces that are now an intrinsic part of it. It is time to close the loop and bring socially mediated dynamics and the technosphere explicitly into theory, analysis and computer models that let us study the whole Earth System.
Speakers: Denisa Kera, yair reshef, Zohar Messeca-Fara Open Source Hardware for Smart Candies. Electroedibles is an experiment with “edible” hardware that explores the limits of interaction between our tongue and circuits to mock the present fantasies of Internet of (Every)thing. This project initiated by the hardware lab at Shenkar College of Arts and Tel Aviv Makerspace consists from series of workshops, in which participants combine simple circuits (lickometer with LED, vibration motor or piezo) with recipes for candy making (hard candy based on syrups or gummy or corn starch molds). The circuits are casted in candy “molds” to serve different ideas defined by the participants: extreme hardware fetishist lollipops, philosophical props into sensory perception, post-colonial critique of the sugar cane addiction and slavery, scientific interest in triggering taste buds etc. This probe into the edible hardware is also a celebration of the DIY culture of sharing behind cooking, but also Open Source Hardware that bridges the divisions between the kitchen, the hardware studio and the science lab. Instead of applying science and technology to cooking and tasting (typical for molecular gastronomy & haute cuisine), the electroedibles use the experiences of candy cooking and to engage with different science and technology issues in enjoyable and funny ways.
Speaker: Simon Eumes An Exploration of NFC Transactions and Explanation How Apple Pay and Android Pay work. This talk will dive into the techniques and protocols that drive contactless card payments at the Point of Sale. We will explore how Apple Pay works on a technical level and why you are able to 'clone' your credit card onto your phone. Building upon previous C3 talks on the topics of EMV and ICC payments, we will learn about different NFC payment options, why legacy will never die and how the individual card brands have specified their payment workflows.
Speaker: dcwalk How do we keep important environmental and climate data accessible amidst political instability and risk? What even counts as an “accessible” dataset? Could we imagine better infrastructures for vital data? By describing the rapid data preservation efforts of U.S. environmental data that started in the wake of the recent election, I’ll address these questions and the new and existing issues that preservation surfaced about the vulnerability of data infrastructures. I'll focusing on specific projects, including the work of EDGI, that is trying to address these challenges by creating alternate forms of access and infrastructure!
Speaker: _Adora_Belle_ Political pressure for DNA-based facial composites. In 2017, the federal states of Baden-Wurttemberg and Bavaria suggested the extension of the law on the analysis of forensic DNA. Up to now, DNA fingerprinting in forensic settings may, in addition to non-coding features of DNA, only analyze the chromosomal sex of the person, but not any other openly visible feature. Bavaria and Baden-Wurttemberg, under the leadership of CSU and the Green party, are pushing forward to analyze DNA found at crime scenes regarding hair color, eye color, skin color and in the case of Bavaria even geographical ethnicity. Extended DNA analysis, or “DNA facial composite” is seen as an impartial witness to the crime and, in the eyes of the states’ government, would help solve crimes. But would it?
Speakers: Daniel Möring (TINT Kollektiv), h01ger, nuriye@thereisnotime.net, maren@nadir.org, Oliver Gemballa Von Technik, Kollaborationen und Erreichtem zum G20-Gipfel 2017. Erfahrungen und Details zu den zwei kritischen Medienprojekten FC/MC (alternatives Medienzentrum im Herzen der Stadt) und THERE IS NO TIME (Live-Talks am Rande des Sperrgebiets und über die Stadt verteilte Video-Empfangsstationen) und ihrer Kollaboration mit dem VOC zum G20 Gipfel in Hamburg.
Speaker: André Lampe was alles geht und wie man anfängt, mit Mikroskopen. Jeder weiß ungefähr was man mit einem Mikroskop tun kann: Kleine Dinge ansehen. Aber wie geht das genau, was braucht man dafür und gibt es da nicht eine Möglichkeit, dass da digitale Bilder rauspurzeln? Das hier soll eine Einführung sein, und zwar in die Grundlagen von Mikroskopen, wo der Unterschied zu anderen Optiken (Fotografie, Teleskope) ist und wie man zu Hause mit einfachen Mitteln schöne Bilder machen kann. Was kann man sinnvolles an den Nachwuchs verschenken, was taugen Anstreck-Dinger für das Smartphone oder USB-Mikroskope, wie fange ich zu Hause mit Mikroskopie an und was kann man überhaupt so alles betrachten? Quasi Micsorcopy 101.
Speaker: Lisa Analysing the terminology of the UK’s Snooper’s Charter. In November 2016 the UK has passed the Investigatory Powers Act (aka Snooper’s Charter). This act unprecedentedly extends surveillance powers of the state – p.e. legalising the hacking of devices or forcing Internet Service Providers to collect web browsing histories – one does not even need to be suspected of a crime. This talk investigates the choice of words of the parliamentary debates and reveals how euphemistic and understating terminology discloses the extent of surveillance and justifies the causeless intrusion into everyone’s privacy.
Speaker: Darsha Hewitt Obsolete Technologies + Critical Material Studies in Media Art. Darsha Hewitt is a Canadian artist working in new media and sound. She is known for her examinations of communication technology in the domestic sphere and her use of DIY aesthetics and practices as an artistic method. She makes electromechanical sound installations, drawings, audio-visual works, how-to videos and experimental performances with handmade electronics. Through deconstruction and experimentation with failed and obsolete technology, her work demystifies hidden systems within machines as a way to trace-out structures of economy, power and control embedded throughout capitalist culture.
Speaker: Gunnar Thöle Wieviel CO2 macht <...>? Ungefähr? Alles was wir jeden Tag tun erzeugt Treibhausgase. Für eine vernünftige/moralische/ökologische Entscheidung, um mit anderen Handlungsoptionen brauchbar vergleichen zu können, muss man wissen - wieviel? Ungefähr zumindest? Für Einsteiger. Keine Formeln, wenig Mathematik/Physik.
Speaker: Ulf Frisk Most thought Direct Memory Access (DMA) attacks were a thing of the past after CPU vendors introduced IOMMUs and OS vendors blocked Firewire DMA. At least until the PCILeech direct memory access attack toolkit was presented a year ago and quickly became popular amongst red teamers and governments alike.
Speakers: Rainer Rehak, Benks Die geekige Wort- & Bilderrätselspielshau ist zuЯück. Zwei Teams mit rauchenden Köpfen und ein johlendes Publikum raten sich durch unsere dritte Wortspielhölle der IT, Informatik und digitalen Gesellschaft. Wer bei vielschichtigen (Anm. d. R.: „haarsträubenden“!) Assoziazionsbilderrätseln freudiges Synapsenfunkeln und feuchte Augen bekommt oder aber bei Gehirnschmerz und Um-die-Ecke-Denk-Beulen trotzdem feiert, ist bei uns zu Hause.
Speaker: Anita Hopes Wie man ein Haus kaufen kann ohne es zu besitzen. Das Mietshäusersyndikat ist eine nicht-kommerzielle Kooperative mit dem Ziel, Bereiche von selbstorganisiertem Wohnen zu schaffen, ohne selbst Vermieter zu werden.
Speaker: Leander Seige Neue Standards wie IIIF (http://iiif.io) ermöglichen es, digitalisiertes Kulturgut (Gemälde, Bücher, Handschriften, Fotografien, Karten u.s.w.) interoperabel und maschinenlesbar verfügbar zu machen. Darauf aufsetzend können nicht nur ansehnliche Präsentationen erstellt werden, insbesondere ermöglicht IIIF es, institutionsübergreifend Daten verknüpfbar zu machen und virtuelle Arbeitsoberflächen einrichtungsunabhängig zu realisieren. Dem Linked Data Prinzip folgend, sind alle Daten standardisiert identifizierbar und nutzbar. Es existieren bereits viele leistungsfähige Open Source Anwendungen für IIIF. Der Talk führt in IIIF ein und zeigt viele anschauliche Beispiele, die bedeutende Werke aus namhaften Einrichtungen weltweit enthalten.
Speaker: Mindy Preston reject the default reality^W abstractions and substitute your own. Traditional models of application development involve talking to an underlying operating system through abstractions of its choosing. These abstractions may or may not be a good fit for your language or application, but you have no choice but to use them - you can only layer more abstractions on top of them, to try to lessen the pain of a bad match. Library operating systems let you write applications that use better abstractions in your own language - either someone else's abstractions, or your own.
Speaker: Arne Semsrott Informationsfreiheit trotz CSU. Wie umgehen mit politischer Ohnmacht? Das Informationsfreiheitsgesetz bietet einige Ansätze: Es macht es auch für juristische Laien möglich, gegen Behörden vorzugehen, die das Recht brechen. Wir kämpfen gegen die Ohnmacht: Dieses Jahr haben wir alle Gesetzentwürfe aller Bundesministerien und Lobby-Stellungnahmen dazu befreit. Wir haben uns mit der Berliner Partypolizei angelegt - prost! - und 13 Behörden verklagt, darunter die Polizei Köln, das Innenministerium und das Verteidigungsministerium. Und wir haben einen Weg gefunden, zwei Behörden zu verklagen, die eigentlich sonst keine Auskunft geben ...
Speaker: friederb Walter Höllerer bei WikiPedia. Vorstellung der Dissertation "WHWP - Walter Höllerer bei WikiPedia". Es wurde ein einzelner Artikel in der deutschen WikiPedia untersucht. Es wird dargestellt, welchen Einfluss die beteiligten Autoren auf die Qualität des WikiPedia-Artikels über Walter Höllerer hatten und weiterhin haben. Dafür wurden 113 Veränderungen durch 89 Autoren einzeln untersucht und bezüglich ihrer Relevanz bewertet. Es wurden auch die Entwicklungen berücksichtigt, die seit der französischen Encyclopédie zur Online-Enzyklopädie WikiPedia geführt haben. Daraus ist eine bisher einzigartige Arbeit über die Produktion von Wissen und Wissenssammlungen entstanden.
Speaker: prometheas A decentralized Public Key Infrastructure that supports privacy-friendly social verification. ClaimChain is a Public Key Infrastructure unique in that it can operate in fully decentralized settings with no trusted parties. A vouching mechanism among users, similar to the Web of Trust, assists with social authentication but without revealing the users' social graph. High-integrity data structures prevent equivocation and help detect compromises; the protocol can support generic claims (conventional PGP, modern OTR/Signal etc.); and a prototype evaluation indicates that ClaimChain can scale.
Speaker: Pascal Cotret Hijacking debug components for embedded security Blare big This talk deals with embedded systems security and ARM processors architecture. Most of us know that we can perform security with the ARM TrustZone framework. I will show that most ARM processors include debug components (aka CoreSight components) that can be used to create efficient security mechanisms.
Speaker: Matteo Michel is there no such thing as open hardware? How does developing future processors with yesterdays capabilities work out today? CPU development is something out of focus these days. In this lecture I would like to show the state-of-the-art processor development flow of POWER processors from the first initial ideas to post-silicon testing. Apart from x86 Intel products there have been initiatives across the hardware industry to form some alternative business model. I would like to show if and how this compares to real open principals.
Speaker: boter Research on Monitoring Italian Government Surveillance Capabilities by means of Transparency tools. This project aims to take advantage of the availability of public procurement data sets, required by anticorruption transparency laws, to discover government surveillance capabilities in Italy.
Speaker: Fritz - Dietrich Burghardt Was die Sensor & Automatisierungstechnik in der Landwirtschaft heute schon leisten kann – Ein Einblick. Die Dynamik der globalen Agrarmärkte hat sich in den letzten Jahren verstärkt und birgt neue Herausforderungen für die Landwirte. Hoffnungsträger sind ähnlich wie in anderen Branchen auch Sensor- & Datenverarbeitungstechnik sowie das Internet: Produktionsprozesse steuern sich selbst, Anhänger werden halbautomatisch mittels Bilderkennung beladen, Maschinen kommunizieren mittels Maschinen und Fahrzeuge steuern sich weitestgehend schon jetzt autonom.
Speaker: Torsten Grote Resilient P2P Messaging for Everyone. Briar is a peer-to-peer messaging app that is resistant to censorship and works even without internet access. The app encrypts all data end-to-end and also hides metadata by utilizing Tor onion services.
Speaker: Rosa Menkman Rosa Menkman investigates video compression, feedback, and glitches. The institutions of Resolution Disputes [iRD] call attention to media resolutions. While a ’resolution’ generally simply refers to a standard (measurement) embedded in the technological domain, the iRD reflect on the fact that a resolution is indeed a settlement (solution), but at the same time a space of compromise between different actors (objects, materialities and protocols) who dispute their stakes (framerate, number of pixels etc.) within the growing digital territories.
Speaker: niinja Forcing the Netherlands to publicly debate privacy and the intelligence agencies. Dutch intelligence agencies will soon be allowed to analyse bulk data of civilians on a massive scale, by intercepting internet traffic and through real-time access to all kinds of databases. They will also start hacking third-parties. My friends and I want to stop this. We started an action to enforce a referendum on the law. Surprisingly, it worked! How do we get most out of this opportunity?
Speaker: Max Schrems In 2015 the Court of Justice of the European Union (CJEU) has overturned the EU-US data sharing system called „Safe Harbor“ over US mass surveillance, as disclosed by Edward Snowden. Only months later the European Commission agreed with the US government to replace it with the so-called “Privacy Shield”, despite the existence of PRISM and Upstream surveillance. Why the new deal is nothing but the old “Safe Harbor”, what we can learn for the documents exchanged between the EU and the US and why it will very likely be overturned as soon as it reached the CJEU again.
Speaker: mo What kind of organisational structures exist for free software projects? What funding sources? How can you avoid pitfalls with funding, support volunteers, and stay a happy family?
Speaker: gronke This talk will discuss practical solutions for both technical and social challenges of collaboration.
Speakers: Will Scott, kopek Get a unique tour of some of the world’s most unusual networks, led by a Cuban hacker. Internet access in Cuba is notoriously restrictive. ETECSA, the government-run teleco, offers 60 wireless hotspots in parks and hotels, allowing foreigners and citizens alike to "visit" the Internet for only $1/hour… That’s what most tourists know about the Internet in Cuba, but of course, that can't be the whole story! In this talk, we'll take a deeper look at what life is like for Cuban hackers, and we’ll get to tour a vibrant set of community-driven networks that typical tourists never see. The story that emerges is an inspiring view of what communities can (and can’t) accomplish in the face of adversity.
Speaker: Leon How does the CCC run a conference? In this traditional lecture, various teams provide an inside look at how this Congress‘ infrastructure was planned and built. You’ll learn what worked and what went wrong, and some of the talks may even contain facts! Also, the NOC promises to try and not have the network fail in the middle of the NOC presentation this time.
Speaker: Allison McDonald How Undocumented Immigrants in the US Navigate Technology. Over 11 million undocumented immigrants live in the United States today. Immediately after taking office, the Trump administration issued two executive orders pumping resources into border and immigration enforcement agencies, heightening fears of deportation, harassment, and family separation among immigrant communities. In the following months reports emerged of increased immigration enforcement activity and hints about the deployment of new high-tech methods by the immigration enforcement agency. I will discuss the current state of immigration enforcement in the US and associated surveillance capabilities, the results of a study with undocumented immigrants about their technology practices, and the takeaways for the technology and privacy community in supporting communities of heightened risk.
Speakers: Christoph Engemann, Anton.schlesinger@studio-singer.de A critical look on a new audio Format. Master Quality Authenticated (MQA) is a new audio format promising studio sound at home and no DRM. We take a critical look both at the sound-quality aspects as well as on the DRM story of MQA.
Speaker: Hasan Elahi Hasan Elahi is an interdisciplinary artist working with issues in surveillance, privacy, migration, citizenship, technology, and the challenges of borders. An erroneous tip called into law enforcement authorities in 2002 subjected Elahi to an intensive investigation by the FBI and after undergoing months of interrogations, he was finally cleared of suspicions. After this harrowing experience, Elahi conceived “Tracking Transience” and opened just about every aspect of his life to the public. Predating the NSA’s PRISM surveillance program by half a decade, the project questions the consequences of living under constant surveillance and continuously generates databases of imag- ery that tracks the artist and his points of transit in real-time. Although initially created for his FBI agent, the public can also monitor the artist’s communication records, banking transactions, and transportation logs along with various intelligence and government agencies who have been confirmed visiting his website.
Speaker: gannimo Type confusion, often combined with use-after-free, is the main attack vector to compromise modern C++ software like browsers or virtual machines. Typecasting is a core principle that enables modularity in C++. For performance, most typecasts are only checked statically, i.e., the check only tests if a cast is allowed for the given type hierarchy, ignoring the actual runtime type of the object. Using an object of an incompatible base type instead of a derived type results in type confusion. Attackers have been abusing such type confusion issues to compromise popular software products including Adobe Flash, PHP, Google Chrome, or Firefox, raising critical security concerns. We discuss the details of this vulnerability type and how such vulnerabilities relate to memory corruption. Based on an LLVM-based sanitizer that we developed, we will show how to discover such vulnerabilities in large software through fuzzing and how to protect yourself against this class of bugs.
Speaker: Thomas Roth Hacking industrial control gateways. Small gateways connect all kinds of fieldbusses to IP systems. This talk will look at the (in)security of those gateways, starting with simple vulnerabilities, and then deep diving into reverse-engineering the firmware and breaking the encryption of firmware upgrades. The found vulnerabilities will then be demonstrated live on a portable SCADA system.
Speaker: sva #tuwat DE: Damit wir als Komputerfrieks nicht länger unkoordiniert vor uns hinwuseln, tun wir wat und treffen uns! EN: To keep us computer freaks from puttering about aimlessly any longer, we’re doin’ somethin’ and will meet!
Hier geht es los.
The combination of the ongoing technological revolution, globalisation and what are usually called 'neo-liberal' economic policies has generated a global system of rentier capitalism in which property rights have supplanted free market principles and in which a new global class structure has taken shape. The 20th century income distribution system has broken down irretrievably, and a new mass class, the precariat has been growing dramatically fast in every part of the world. What are the deeper reasons for these developments? How does an ecologically sustainable strategy look like? Is it possible to restore a balanced market economy in which inequalities and insecurities will lessen and in which the drift to populist and even neo-fascist politics will be reversed? This talk will try to provide answers.
Since a few months we have a new version of TLS, the most important encryption protocol on the Internet. From the vulnerabilities that created the need of a new TLS version to the challenges of deploying it due to broken devices this talk will give an overview of the new TLS 1.3. In August the new version 1.3 of the Transport Layer Security (TLS) protocol was released. It‘s the result of a process that started over four years ago when it became increasingly clear that previous TLS versions suffered from some major weaknesses. In many ways TLS 1.3 is the biggest step ever done in the history of TLS and its predecessor SSL. While previous TLS versions always tried to retain compatibility and not change too many things, the new version radically removes problematic and insecure constructions like static RSA key exchanges, fragile CBC/HMAC constructions and broken hash functions like MD5 and SHA1. As a bonus TLS 1.3 comes with a reworked handshake that reduces the number of round-trips and thus provides not just more security, but also better performance. If that sounds too good to be true: An optional, even faster mode of TLS 1.3 – the zero round trip or 0RTT mode – makes some security researchers worried, because they fear it introduces new security risks due to replay attacks. Though the road to TLS 1.3 was complicated. The Internet is a buggy place and particularly Enterprise devices of all kinds – middleboxes, TLS-terminating servers and TLS-interception devices – slowed down the deployment and finalization of the new encryption protocol. Also some banks thought that TLS 1.3 is too secure for them. The talk will give an overview of the developments that led to TLS 1.3, the major changes it brings, the challenges it had to face and some practical advice for deployment.
Restricting access to knowledge and science is not beneficial for society. So why are scientific results still locked up behind paywalls? Even though the answer to this question is enlightening, the story is quickly told. Much more important is the knowledge on how to change this. Politics, research funders, libraries and scientists have to join forces and to push forward to flip scholarly communication from closed to open access. What has happened so far? What are the current developments? What can each of these parties contribute to the transformation of scholarly communication? Open access guidelines, repositories and the hashtag #ICanHazPDF are just a few examples of approaches that jointly undermine the paywalls. One that has been recognized even beyond the scientific community is Project DEAL which aims to achieve open access for scientific publications from German scientists with major academic publishers. Things are currently progressing very fast and a lot can happen in the weeks between now and the congress. The talk will start with a brief introduction to the most common way of scholarly communication, where science is still mainly locked up behind paywalls. In line with the most recent developments, the talk will then focus on different approaches to open up science and their political and practical consequences. Whatever happens, the transformation of scholarly communication is well underway and it will affect not only the scientific community but society as a whole. So let’s join forces!
When a electrical device needs to be a piece of art or used as a mechanical component, a printed circuit board is more than a piece of fiberglass with wires embedded in it. In chemical engineering applications internal holes which allow fluids to be transported through the PCB need to be placed in complex precise patterns. As art, holes can be used to create positive and negative space, allowing you to see a charlieplexed LED display as a snowflake. Creating complex shapes in PCB design software is difficult to impossible. However, it is easy in CAD software. In this talk I will present the project workflow I use to design and manufacture my PCBs. Additionally, I will discuss the problems I have run into during manufacturing and how these problems were resolved. Making electrical-artistic and electrical-mechanical PCBs adds steps and complications to the usual PCB fabrication process. In this talk I will go over my project workflow and discuss how and why I do each step. I will also discuss problems I have run into during both the design and the manufacturing process.
Neutrinos are “ghost-like” elementary particles that can literally go through walls. They can bring information from places that are impossible to observe through other means. This talk provides a glimpse behind the scenes of a next-generation neutrino detector called Hyper-Kamiokande – a cylindrical water tank the size of a high-rise building. I will describe some of the problems you encounter when planning a subterranean detector of this size, and explain how this detector helps us figure out why the sun shines and how giant stars explode. Neutrinos are tiny elementary particles that do not interact through the electromagnetic force. Almost like ghosts, they can literally go through walls and escape places that are inaccessible by other means, giving us a unique way of observing the interior of stars or nuclear reactors. Hyper-Kamiokande – a cylindrical water tank that is 62 m high and 76 m in diameter – is a next-generation neutrino detector, which will be built inside a mountain 250 km northwest of Tokyo starting in 2020. The talk will give an overview on the process of designing and building a subterranean detector of this size, starting from preparations for cavern construction and ending with the design of photodetectors, electronics and data analysis. In addition, the talk will cover selected areas of the physics programme of this detector. It will be explained how detecting neutrinos from our sun lets us figure out why the sun shines and how we can measure the temperature at its core to a precision of about 1%. Finally, I will explain how such a neutrino detector can help us watch, millisecond by millisecond, how giant stars explode in a supernova, creating many of the chemical elements that are necessary for life and computers to exist.
Die AfD-Bundestagsfraktion wird in der Öffentlichkeit vor allem mit ihren rassistischen Positionen wahrgenommen – mit ihren netzpolitischen Aktivitäten bleibt sie zumeist unter dem Radar. Dieser Talk zeigt, wie die AfD-Fraktion die Netzpolitik dennoch als vermeintlich neutrales Thema nutzt, um für ihre rechtsextreme Partei eine parlamentarische und gesellschaftliche Normalisierung herzustellen. Als Mitarbeiterin einer Bundestagsabgeordneten von den Grünen verfolge ich täglich das Verhalten der AfD in netzpolitischen Debatten im Bundestag: Im Plenarsaal, im Ausschuss Digitale Agenda, in der Enquête-Kommission Künstliche Intelligenz und bei Veranstaltungen und Diskussionen mit außerparlamentarischen Organisationen. Dabei ist mir aufgefallen, dass die netzpolitischen AfD-Abgeordneten in ihrem Verhalten eher einem kooperationsorientierten statt einem krawallorientierten Parlamentariertyp innerhalb ihrer Fraktion zuzuordnen sind. Die inhaltliche Positionierung der AfD wiederum folgt bei verschiedenen netzpolitischen Debatten zumeist einer von drei verschiedenen Strategien: Konsensorientiert, anti-europäisch oder Opfermythos-betonend. Diese Beobachtungen werden mit einer Reihe von Beispielen illustriert. Bei den netzpolitischen Diskussionen im Bundestag finden die zentralen Auseinandersetzungen zwischen der Großen Koalition und den demokratischen Oppositionsparteien statt. Was die AfD-Fraktion dazu sagt, wird häufig kaum wahrgenommen. Dieser Talk zeigt, wie die AfD-Fraktion die Netzpolitik dennoch als vermeintlich neutrales Thema nutzt, um für ihre rechtsextreme Partei eine parlamentarische und gesellschaftliche Normalisierung herzustellen. Er belegt dies anhand zahlreicher Beispiele aus dem parlamentarischen Alltag und zeigt auf, wo diese Strategie bereits aufgeht und wo nicht. Deswegen soll es auch darum gehen, wie zivilgesellschaftliche Organisationen und Akteure damit umgehen können, wenn AfD-Abgeordnete in der netzpolitischen Szene auftauch
Recent attacks against elections in the U.S. and Europe demonstrate that nation-state attackers are becoming more aggressive, even as campaigning and voting are becoming increasingly reliant on computers. How much has changed since 2016, when the U.S. experienced unprecedented attacks on its election infrastructure? What has to happen to ensure that the 2020 presidential election is secure? In this talk, I'll give a progress report on election security in the U.S. and around the world, informed by results from my own research and my work with legislators and election officials over the past two years. I'll also hold a mock election with a current U.S. voting machine to demonstrate how cyberattacks on election infrastructure could potentially change the results of national elections. Finally, I'll explain what everyone can do to get involved and help safeguard the foundations of democracy. Strengthening election cybersecurity is essential for safeguarding democracy. For over 15 years, I and other computer scientists have been warning about the vulnerable state of election security, but attacks against recent elections in the U.S. and Europe demonstrate that sophisticated attackers are becoming more aggressive, even as campaigning and voting become increasingly reliant on computers. Since 2016, I’ve been working with election officials and members of congress to strengthen election cybersecurity. In this talk, I’ll give a progress report about what’s happened since then and what still needs to happen to secure future elections. While many U.S. states have made progress at securing some aspects of their election infrastructure, and Congress provided $380M in new funding to the strengthen elections, significant vulnerabilities remain that put the integrity of future elections at risk. To demonstrate the ongoing threat, I’ll hold a mock election on stage with a real U.S. voting machine still used in 18 states, and show how remote attacks could potentially
The Chinese Social Credit System (SCS) has been discussed a lot in Western media. However, we do not know currently how the system that is supposed to take nationwide effect by 2020 will look like, as there are more than 70 pilot projects currently undertaken. These pilots rank from commercial royalty and rewards programs (Sesame Credit) to an Orwellian system, where each action has a predetermined associated score (Rongcheng). In-between, there’s nebulous algorithmic systems that basically act as a Black Box (Honesty Shanghai). This talk, therefore, looks at some of these pilots and their implementation details, and through an agent-based modeling framework, discusses the likely effects of different implementations. In doing so, it shows that most of the systems currently being tested are prone to manipulation by leaders from all levels of government, and that the ostensible goal of allocating scarce resources more efficiently is unlikely to be served by the new system(s). The author, Antonia Hmaidi, is a PhD candidate in East Asian Economics with a focus on China. She presented a talk on the impact of internet censorship at the 33C3. This talk’s goal is to provide those interested with a technically-grounded understanding of “the” Chinese social credit system and its possible impact on Chinese society and economy. In doing so, it seeks to provide a more nuanced picture than is usually presented in either Chinese or Western media. Working on data science and machine learning in her free time allows the author to better understand the algorithms comprising “the” social credit system.
While a lot of projects are currently developing their own processors, mostly as open source in Verilog, VHDL or even Chisel, we miss the free process that actually manufactures these chips. So we're developing the "Libre Silicon" project, a portable semiconductor manufacturing process and technology, using only free and open source tools: We would like to introduce the project, who we are, what we are doing and where we are now. The manufacturing is proprietary and has vendor lock-ins with triple NDAs – one for the process development kit (PDK), the technology itself; – one for the Standard Cell Library you can use to synthesize your RTL; – and even another one for the details of all purchase commitments. Our purpose is a free and open, community based silicon manufacturing process (GitHub link) without any NDAs, a Standard Cell Library (GitHub link) not only for that process as well as a suitable, refurbished, new-written open source tool chain QtFlow (GitHub link). During the last couple of months we already developed the first free 1µm process and are now close to manufacturing a first test wafer (GitHub link). Even though 1µm does not sounds very ambitious, this process node is still quite well documented in text books, robust and 5 Volt-tolerant. Once we get a hang on this, the machinery park in the clean room allows us to shrink down to 500nm and less.
UEFI rootkits have been researched and discussed heavily in the past few years, but sparse evidence has been presented of real campaigns actively trying to compromise systems at this level. Our talk will reveal such a campaign successfully executed by the Sednit group. We will detail the full infection chain showing how Sednit was able to install their custom UEFI module on key targets' computers. Additionally, we will provide an in-depth analysis of their UEFI module and the associated trojanized LoJack agent. UEFI rootkits have been researched and discussed heavily in the past few years, but sparse evidence has been presented of real campaigns actively trying to compromise systems at this level. Our talk will reveal such a campaign successfully executed by the Sednit group. This APT group, also known as Fancy Bear, Sofacy and APT28, has been linked to numerous high profile cyberattacks such as the 2016 Democratic National Committee email leak scandal. Earlier this year, there was a public report stating that the infamous Sednit/Sofacy/APT28 APT group successfully trojanized a userland LoJack agent and used it against their targets. LoJack, an embedded anti-theft application, was scrutinized by security researchers in the past because of its unusual persistence method: a module preinstalled in many computers' UEFI/BIOS software. Over the years, several security risks have been found in this product, but no significant in-the-wild activity was ever reported until the discovery of the Sednit group leveraging some of the vulnerabilities affecting the userland agent. However, through our research, we now know that Sednit did not stop there: they also tried to, and succeeded, in installing a custom UEFI module directly into a system's SPI flash memory. In this talk, we will detail the full infection chain showing how Sednit was able to install their custom UEFI module on key targets' computers. Additionally, we will provide an in-depth analysis of their UEFI mo
Die EU-Grenzagentur Frontex nimmt eine Reihe neuer Überwachungsmethoden im Mittelmeer in Betrieb. Die Fähigkeiten zur Beobachtung des sogenannten Grenzvorbereichs gehören zum Grenzüberwachungssystem EUROSUR, das die Europäische Union vor fünf Jahren gestartet hat. EUROSUR vernetzt die Zentrale von Frontex in Warschau mit den Grenzbehörden der 28 Mitgliedstaaten. Über deren nationale Koordinierungszentren wird Frontex über alle wichtigen Vorkommnisse an den Außengrenzen der Europäischen Union unterrichtet. Kern des EUROSUR-Systems ist die Satellitenaufklärung, über die Frontex auch selbst an den Grenzen beobachten kann. Die Bilder stammen von kommerziellen Satellitendiensten sowie von optischen und radarbasierten Satelliten des EU-Erdbeobachtungsprogramms „Copernicus“. Sie werden vom Satellitenzentrum der Europäischen Union (SatCen) erhoben, aufbereitet und an Frontex übermittelt. Zu den Bildlieferanten gehört der Rüstungskonzern Airbus, der Bilder seiner Radarsatelliten „TerraSar-X“ und „TanDEM-X“ mit einer Auflösung von 24 cm verkauft. Für die schnelle Kommunikation mit den Satelliten nutzt „Copernicus“ als erster Kunde die „Weltraumdatenautobahn“ des Airbus-Konzerns. Die Nutzung der Daten für die einzelnen AnwenderInnen wurde erst kürzlich mithilfe einer App vereinfacht, die ein Mitarbeiter der Abteilung „Informationshoheit“ als eine Art Instagram für Sicherheitsanwendungen beschreibt. Nun werden auch die technischen Fähigkeiten von „Copernicus“ ausgebaut. Das System soll „Unregelmäßigkeiten im Schiffsverhalten“ erkennen und melden. Dabei werden Informationen zum Standort, der Schiffsbezeichnung und zum abweichenden Verhalten übermittelt. Als verdächtig kann etwa gelten, wenn ein Schiff keine gewöhnlichen Routen fährt oder die Geschwindigkeit verlangsamt. Frontex hat im vergangenen Jahr einen „Mehrzweck-Flugdienst“ gestartet. Von Flugzeugen über dem Mittelmeer aufgenommene Videos werden in Echt
We rely on mainstream computer engineering every day, but it's insanely complex, poorly understood, unreliable, and, as CCC reminds us every year, chronically insecure. This talk will explain some ways that we can do better: taming parts of this this chaos with precise understanding - illustrated with disturbing facts and clean models for current architectures and the C language, from the REMS project, and principled but pragmatic new alternatives, that build in more hardware and software security protection,as developed in the CHERI project. Computing has been massively successful, and we routinely trust computer systems with our personal, financial, medical, commercial, and governmental information. But at the same time, these systems are pervasively prone to security flaws and subject to malicious attacks. We have to trust them, but they are not *trustworthy*. There are two root causes. First, the pan-industry computing infrastructure, of processors, programming languages, and operating systems, is based on designs from a more forgiving time, with simpler systems and little incentive to design-in strong security protection. Second, the conventional engineering techniques we use (prose specifications, manually written tests, and test-and-debug development) are good enough to make systems work in common cases, but cannot exclude all errors - and a single coding error can lead to a devastating exploit. Are we doomed? Perhaps not. This talk will highlight the sorry state of the art and then draw on cutting-edge research, from the University of Cambridge, SRI International, ARM, and other partners, to show some ways we can do better. First, we'll show how it's become possible to build and use rigorous models for key existing interfaces to improve engineering: for the ARMv8-A and RISC-V architectures, and the C language, in the REMS project. Then we'll describe a principled but pragmatic path to build in more hardware and software security protection to future
Six years ago the idea behind CensoredPlanet started, that is now launched at censoredplanet.org. We had a simple (yet essential) guiding principle: measurements that may be politically sensitive should be done without volunteer participation. In this talk, besides a detailed scientific overview of the techniques and the current state of CensoredPlanet, I plan to talk about my experience in developing the project from the ground up. Despite the pervasive nature of Internet censorship and the continuous evolution of how and where censorship is applied, measurements of censorship remain comparatively sparse. Current censorship projects, including OONI, depend on participants within countries to help them collect measurements. While these projects are valuable, we have empirically seen that there are issues relating to continuity in terms of measurement, coverage of the geographical area, and ethical dilemmas when user participation is a requirement. Censored Planet use tens of thousands of *remote infrastructural and organizational vantage points* from over 170 countries to conduct it’s measurements, thereby removing the need for user participation. This allows us to regularly measure Internet disruptions over a longer period of time in significantly more countries in a safer way. The research we conduct at Censored Planet provides unique insights and data points on Internet disruptions. This information is extremely valuable to researchers in diverse fields from political science to computer science as well as to activists and journalists living and operating in countries where Internet disruptions are prevalent. By making our data easily accessible to the public, we aim to encourage future research in the field. Link to our data: https://censoredplanet.org/data/raw.
Der Datenschutz ist als erst relativ frisch erkämpftes Abwehrrecht von Bürgern gegen Firmen und Staat ein wichtiges, aber häufig missverstandenes Rechtsgebiet. Zuletzt ist es durch die Grundverordnung auf europäischer Ebene in den Blick der Netzöffentlichkeit geraten. Dieser Vortrag soll einen niedrigschwelligen Einstieg in den Datenschutz geben und aus Perspektive einer Datenschützerin mit zehnjähriger Erfahrung im Gebiet die aufregenden Aspekte und Herausforderungen aufzeigen, dem Bürgerrecht Leben einzuhauchen.
Als Organisation für Menschenrechtsbeobachtungen geben wir Euch einen Überblick der aktuellen Entwicklungen an der EU-Außengrenze auf dem Mittelmeer. Mare Liberum betreibt ein Schiff auf dem Mittelmeer, um Menschenrechtsverletzungen zu dokumentieren. Dabei arbeiten wir zur Zeit in der Ägäis, der Seegrenze zwischen der Türkei und Griechenland. Hier flüchten noch immer tausende Menschen auf der Suche nach Schutz und Würde. Seit den Vorträgen von Sea-Watch und der Iuventa-Crew ist viel Zeit vergangen. Die zivilen Seenotrettungsorganisationen fahren nicht mehr raus – sind alle gerettet? Wie hat sich die Situation für die Flüchtenden und Helfer verändert? Wie werden Euch einen Überblick der aktuellen Entwicklungen an der EU-Außengrenze auf dem Mittelmeer geben. Warum schaffen es die europäischen Staaten nach fünf Jahren Katastrophe im Mittelmeer nicht, das Sterben zu beenden? Was ist eigentlich deren Agenda? Warum wollen alle ständig eine neue Flagge? Wie gut funktionert eigentlich der EU-Türkei-Deal? Welche staatlichen Akteure gibt es auf dem Wasser und was machen sie? Warum ist die Rolle der Menschenrechtsbeobachter, selbst in Europa, so wichtig?
Meet SiliVaccine – North Korea's national Anti-Virus solution. SiliVaccine is deployed widely and exclusively in the DPRK, and has been continuously in development by dedicated government teams for over fifteen years. When we heard of this strange software, we were immediately driven to investigate it: it's not every day that you can catch a glimpse of the malware landscape inside the closed garden of the DPRK's intranet. In this talk, we will describe how we were able to obtain a rare copy of SiliVaccine; how we reverse-engineered it, despite the hair-tearing obstacles; and what surprising discoveries we made about its program architecture – all the way down to the file scanning engine, the system level drivers, the user mode utilities, and the most bizarre and puzzling implementation details. As it turns out, there is plenty going on behind the scenes of this product, away from the public eye. How was SiliVaccine created? Who created it? What was the game plan? We will try to shed light on these questions, and on the sheer effort that must have gone into developing this product. If there is anything we learned from this research, it's that DPRK state-sponsored software is a secretive industry underlied by incredibly shady practices, and that if Kim Jong-Un sends you a free trial of his latest security solution, the correct answer is "thank you but no thank you". Disclaimer: No significant knowledge in reverse engineering is required to understand the talk. We break down our thought process and methodology to its very basics, so that this talk can relate to both technical and non-technical audiences. Another Disclaimer: We guarantee an entertaining talk. :)
Sigfox is an emerging low-power wide-area network (LP-WAN) technology for IoT devices, comparable to LoRa. This talk recounts my analysis of Sigfox's radio protocol and presents an open reference implementation of an alternative Sigfox protocol stack. It confirms that while Sigfox ensures authenticity and integrity, transmitted payloads are not confidential. This presentation is targeted at a technical audience with some basic knowledge of cryptography (security goals, AES), but no knowledge in RF technology (modulation, scrambling, error correction) is required. Sigfox can be compared to a cellular network, but for mostly battery-powered IoT devices that don't need to transmit much data. While some sparse details on Sigfox's architecture and its security have been published and some basic reverse engineering has been carried out, most of the protocol specifications remain proprietary and closed, so by now, no independent security audit was performed. Advertised use cases of Sigfox include air quality monitoring, weather stations, utilities metering and tracking farm animals. In this talk, I illustrate why these applications are fine, but why one might not want to track a money transporter with Sigfox or base a home alarm system on it. The Sigfox network is very atypical, with uplink and downlink based on different physical layers. After a short introduction, I begin the presentation by taking a deep dive into Sigfox's radio protocol with a focus on its Security. Basics of radio technology (SDRs, ultra-narrow band (UNB) modulation, SRD bands) and techniques for analyzing protocols are briefly summarized and the uplink's and downlink's frame structures are presented. Subsequently, I show how a radio sniffer that has captured Sigfox messages can extract the uplink's and downlink's contents. While the uplink's payload is already contained in plaintext, the downlink is scrambled, but I indicate how the downlink's pseudorandom whitening sequence used
This Foundations talk explains the systems and protocols that make up the Internet, starting from a laptop with a Wi-Fi connection. No particular technical knowledge required. Many consider "the Internet" a utility similar to electricity - and that's a great attitude! - but for most, "the Internet" only means access to a few centralized services offered by mega-corporations "for free", around which people build their entire social and professional lives. Come along for a look behind the scenes of all those fancy websites, let's go through what the Internet actually is! Knowing the difference between the network and services reachable through the network is perhaps more important than ever, because if we implicitly give service providers all the power by never asking for a public, utility-like network then that's the end of the Internet as we know it. Key word: Net neutrality. So in this talk we will discover the network. In simple terms and without too much technical detail we'll start out with the "atom" of networks the packet, then cover the fundamental Internet Protocol (IPv4-only for simplicity), we'll try to answer what is a network? - not obvious it turns out, we'll look at where do IP addresses come from? and then we'll move on to the Internet cornerstone that is routing. We'll approach routing from the perhaps most well-known router - the wireless home router - and then look at how similar or dissimilar routers on the Internet are to that home router, leading us to a look at the routing protocol which constantly determines how our packets flow throughout the world. Those are the basic building blocks of the Internet. Now for some delicious alphabet soup! We'll take a step toward applications and compare UDP, TCP and SCTP, which are all used together with IP for most if not all end-user Internet communication. Finally, we'll arrive at the most common applications, looking into how DNS (domain names), SMTP (sending email) and HTTP (web) wo
After launching a spacecraft into orbit the actual work for mission control starts. Besides taking care of the position and speed of the spacecraft this includes e.g. detailed modeling of the power usage, planning of ground station contacts, payload operations and dealing with unexpected anomalies. In this talk we will see many examples of problems particular to space crafts and how they influence the way space craft mission operations works. Suppose you built your own satellite and somehow managed to launch it into space, what are you going to do next? Can you just ssh into your onboard computer and try out a couple of things to take a picture of earth and download the file? Did you just lose contact with your satellite due to an empty battery, because it heated up too much or because it rotated in the wrong direction? What are other issues you might forget to account for? After understanding why in spacecraft operations nothing works the way one expects we will have some answers to these questions. Also we will see how these problems are nowadays tackled by mission control centers all over the world, what happens in emergencies, what FDS, GDS, LEOP and TTC stand for and why spacecraft operators worry so much about weird particularities of time systems. Everything will be illustrated by real-life examples. The only prerequisite for this talk is that you know that earth is not flat!
Von unerwünschten Nachrichten über Bedrohungen bis hin zum Intimizid. Allein im Jahr 2017 wurden rund 18.483 Fälle von Stalking polizeilich erfasst, die Dunkelziffer wird auf 600.000-800.000 Betroffene geschätzt. Unter dem Begriff Stalking wird allgemein das „wiederholte, widerrechtliche Verfolgen und Belästigen eines Menschen, so dass dessen Sicherheit bedroht und er/sie in seiner/ihrer Lebensgestaltung schwerwiegend beeinträchtig wird“ verstanden. Die Ausführungsformen und Intensität des Stalkings oder Cyberstalkings sind sehr heterogen, sodass sich oft die Frage nach der Grenze zur Strafbarkeit stellt. Neben einer kurzen Einführung in den Phänomenbereich werden die Ursachen und Typologien des Stalkings skizziert, sowie Internventionsmöglichkeiten präsentiert: Welche psychotherapeutischen Unterstützungsmaßnahmen gibt es für Betroffene und Ausführende? Welche juristischen Möglichkeiten gibt es? Da rund jeder zwölfte Mensch in Deutschland in seinem Leben von Stalking betroffen ist und der/die Ausführende zumeist aus dem Nahbereich der/des Betroffenen stammt, kann sich auch im eigenen Freundeskreis die Frage stellen: Wie kann ich einer/m Stalking-Betroffen/m unterstützen und helfen? Oder wie spreche ich eine/n vermutlichen Stalking-Ausführende/n auf sein/ihr Verhalten an?
In this talk @zelf invites to the world of Scuttlebutt, the decentralized P2P gossiping protocol, and how it can be transformative for society through decentralization of data and enabling local community development. Scuttlebutt is a fast growing decentralized social network. As an alternative to the large corporate social networks it enables autonomy for the users and a free zone from big data harvesting. It’s based on a protocol (referred to as SSB) which connects the users via a blockchain styled base with each user functioning as a node. Since the information is collected via a 2 or 3 step social connection it’s completely usable while offline and syncs when connected to a local network, a friend or wifi. Scuttlebutt has a large community of users who together develop the protocol and platforms. Completely open-source there are many initiatives of projects, maintenance and explorations as part of the Scuttlebutt ecosystem. Some of these projects range from local community on-boarding by @luandro in Quilombola - Brazil, git-ssb by @cel, and even a chess interface! As the Scuttlebutt interface is interchangeable, with the one most widely used being Patchwork, there is a possibility to utilize the same network with multiple applications. Perfect for local communities in rural areas or for environments which require offline workability or simply for user with integrity, the potentials are grand. As of today the estimate is that the user base is beyond 8000 individuals, yet there's no way to surely know. We will explore the Scuttleverse and beyond. What is Scuttlebutt now, and and importantly, what can it enable society to become?
This talk will teach you the fundamentals of machine learning and give you a sneak peek into the internals of the mystical black box. You'll see how crazy powerful neural networks can be and understand why they sometimes fail horribly. Computers that are able to learn on their own. It might have sounded like science-fiction just a decade ago, but we're getting closer and closer with recent advancements in Deep Learning. Or are we? In this talk, I'll explain the fundamentals of machine-learning in an understandable and entertaining way. I'll also introduce the basic concepts of deep learning. With the current hype of deep learning and giant tech companies spending billions on research, understanding how those methods works, knowing the challenges and limitations is key to seeing the facts behind the often exaggerated headlines. One of the most common applications of deep learning is the interpretation of images, a field that has been transformed significantly in recent years. Applying neural networks to image data helps visualising and understanding many of the faults as well as advantages of machine learning in general. As a research scientist in the field of automated analysis of bio-medical image data, I can give you some insights into these as well as some real-world applications.
Digitale Formen von Gewalt gegen Frauen sind keine eigenständigen Phänomene, sondern in der Regel Weiterführungen oder Ergänzungen von anderen Gewaltformen. Stalking, Kontrolle, Bedrohung, Erpressung, Beleidigung, Überwachung sind altbekannte Aspekte häuslicher Gewalt. Für alle diese Phänomene gibt es digitale Entsprechungen, allerdings ist wenig darüber bekannt, wie oft sie ausgeübt werden, wann und von wem. Das macht es für die Betroffenen schwer, sich zu wehren, auch weil Politik und Justiz hier genauso verständnislos reagieren wie bei anderen digitalen Entwicklungen. Warum ist Kinderpornographie ein Kernthema der deutschen und europäischen Innenpolitik, aber kaum jemand redet über Revenge-Porn? In diesem Talk geht es um die verschiedenen Formen digitaler Gewalt und darum, wie oft sie vorkommen und wer davon betroffen ist. Es gibt kaum aussagekräftige Zahlen und wenig Hilfe für Betroffene. Warum wissen wir sowenig und was gibt es für Möglichkeiten, sich gegen die verschiedenen Formen digitaler Gewalt zu wehren?
How to apply Shannon's information theory to biology. Cells, from bacteria to human cells, constantly take up, store, retrieve, communicate and make decisions based on information. How they realise all this computation using very unreliable components is still largely an open question. Instead of transistors they have to employ proteins, but proteins constantly degenerate and are re-built making their numbers fluctuate. If cellular signalling is impaired severe diseases can be the result, for instance cancer or epilepsy. As cellular communication is so pervasive and essential, researchers start to look into this information flow in biological systems in more detail. My research group at the BioQuant centre, Heidelberg University, is also active in this area, an area which I would call Information Biology — the study of how biological systems deal with information. I will show you how you can apply Shannon's information theory to biological systems. For this we need three ingredients, namely dynamic models of biological pathways, stochastic simulation algorithms (that take into account intrinsic fluctuations in molecular numbers), and, of course, Shannon's theory of information. I will give brief and user-friendly introductions to these three ingredients. After that I am going to talk about a number of use cases, such as: How much memory does a bacterium have? And how long can it remember things? How many bits per second can a liver cell process via its calcium signalling pathway? How must signalling pathways be constructed, structurally and dynamically, for certain stimuli to be decoded? and others… I will also give links to (open source) software that is being developed in my group, which you can use to simulate and play around with biochemical pathways, and also to estimate information flows and do information biology. FYI: The research I am talking about here is part of a research area which is called Computational Systems Bi
In this presentation we will take a look at how to break the most popular cryptocurrency hardware wallets. We will uncover architectural, physical, hardware, software and firmware vulnerabilities we found including issues that could allow a malicious attacker to gain access to the funds of the wallet. The attacks that we perform against the hardware wallets range from breaking the proprietary bootloader protection, to breaking the web interfaces used to interact with wallets, up to physical attacks including glitching to bypass the security implemented in the IC of the wallet. Our broad look into several wallets demonstrates systemic and recurring issues. We provide some insight into what needs to change to build more resilient hardware wallets. Hardware wallets are becoming increasingly popular and are used to store a significant percentage of the world’s cryptocurrency. Many traders, hedge funds, ICOs and blockchain projects store the entirety of their cryptocurrency on one or very few wallets. This means that users of hardware wallets store tens of millions of euros of cryptocurrency on small USB peripherals that costs only a few euros to manufacture. Moreover, many users that trade and speculate in cryptocurrency interact, update, and generate transactions using their hardware wallets on a daily basis. In this talk we look at the good, the bad and the ugly of hardware wallet security: We will walk through the different architectures of the wallets, look at the different attack vectors and talk about the challenges of building secure hardware before diving in deep finding vulnerabilities in the different wallets. The vulnerabilities we will present range from vulnerabilities that can be fixed in a firmware upgrade, to bugs that will require a new hardware revision, up to attacks on the microcontrollers themselves, requiring new silicon to be fixed. Some of the (most entertaining) vulnerabilities will be demonstrated live on stage. Classes of Vuln
Encoding or decoding random radio-waveforms doesn't need incredible expensive hardware anymore which offers new possibilities for building up over-the-air communication systems. There are Software Defined Radios providing affordable cellular radio to remote villages, Community Radios are using SDR to build up digital radio networks and other cool stuff. Some basic knowledge what is going on in SDR Hard/Software as the influence of the samplerate, I/Q-data of the math behind the waterfall-diagram is helpful to have fun with SDR. Some theory on modulation techniques helps you to decode or encode your waveforms. With a cheap DVB-T USB receiver used with some SDR-Software you can already have a look whats going on in the airwaves around you at certain frequencies. But what happens between the antenna and your computer display showing or decoding the signal? The talk should give basic information and background about SDR and some modulation theory. There will probably be a SDR Challenge at the Congress to practice you new skills.
Die Hackerethik ist die Grundlage für den Umgang mit den diversen ethischen Problemen, die sich beim schöpferisch-kritischen Umgang mit Technologie (auch "hacking" genannt) stellen. Die Hackerethik ist die Grundlage für den Umgang mit den diversen ethischen Problemen, die sich beim schöpferisch-kritischen Umgang mit Technologie (auch "hacking" genannt) stellen. Sie bietet Anhaltspunkte für die alltäglichen Fragestellungen und Probleme, die aufkommen, wenn man Technologie anders benutzt, als der Hersteller es sich gedacht hat, wenn man Lücken in Systemen findet und ausnutzt oder über Berge von persönlichen Daten stolpert. Dieser Talk gibt eine Einführung in die verschiedenen Aspekte der Hackerethik und regt zum Nachdenken über die ethischen Fragen an, die sich Menschen mit speziellen Fähigkeiten und Fertigkeiten stellen, wenn sie ihren Neigungen nachgehen.
Voicemail systems can be compromised by leveraging old weaknesses and top of current technology. The impact goes way beyond having your messages exposed. Voicemail systems have been with us since the 80s. They played a big role in the earlier hacking scene and re-reading those zines, articles and tutorials paints an interesting picture. Not much has changed. Not in the technology nor in some of the attack vectors. Can we leverage the last 30 years innovations to compromise voicemail systems? And what is the real impact today of pwning these? In this talk I will cover voicemail systems, it's security and how we can use oldskool techniques and new ones on top of current technology to compromise them. I will discuss the impact of gaining unauthorized access to voicemail systems and introduce a new tool that automates the process
Let's think "Beyond Slavery": Afroroutes is a one-of-a-kind VR experience conceived as a journey through 3 displaced African heritages, immersing users in Rituals and Ceremonies to experience that well-conserved memory form, but also to feel the power of Music as a strong anthropological tool. Connecting Afro-diasporic narratives: alterity and heritage transcendence within the digital era, Afroroutes is a trigger to open a crucial debate about diasporic identity. Afroroutes is a VR experience taking you to some burning key destinations where African culture has been displaced through slavery and then, rooted again. From Salvador to Bahia to Gujarat through Tangier, there is a common history. Based on this VR Experience, the debate should be extended around "Beyond Slavery". What happened with the millions of displaced African men and women? Where are their descendants living today? Did their original culture and language disappear? How did their heritage contribute to building their new countries? How did the assimilation or rejection process go? How has this memory subsisted, and how is it lived and celebrated today? But also, how to assimilate that chapter of history and transform it into a real global narrative - is there what we call a "diasporic identity"? And if it is the case, how to build this identity within a global, disrupted world? How can digital tools push this storytelling process? The medium "Virtual Reality" takes all its sense in this project, allowing an immersive and almost physical experience of those paths of slavery. This experience is triggered by music and sounds. Music is much more than a simple way of being together: it is the oral legacy of our intertwined culture. Music is such a powerful tool to explain and tackle the cultural dynamics of displaced heritage, but also as a most trustful narrative connector.
Sieben Jahre lang musste den Behörden jedes Stück der versprochenen Aufklärung des NSU-Komplexes abgerungen werden. Das Urteil im ersten NSU-Prozess zeigt: Deutschland ist nur sehr eingeschränkt bereit, rechtem Terror entgegenzutreten und ihn aufzuarbeiten, den Betroffenen, Geschädigten und Überlebenden zuzuhören und ihnen Schutz zu garantieren. Das zu leisten ist unsere Aufgabe: die Aufgabe der Gesellschaft, die Aufgabe einer antifaschistischen und antirassistischen Linken. Am 4. November 2011 enttarnte sich der „Nationalsozialistische Untergrund“ (NSU) selbst. Fast sieben Jahre später, am 10. Juli 2018, wurde das Urteil im ersten NSU-Prozess gesprochen. Heute, fünf Monate nach der von Neonazis bejubelten mündlichen Urteilsverkündung, müssen wir mit einem Urteil umgehen, in dem sich viele gebrochene Aufklärungsversprechen zuspitzen. Das Gericht geht von der These aus, der NSU sei ein weitgehend isoliertes „Trio“ ohne Netzwerk und ohne Verstrickung der Behörden gewesen. Nach allem, was in den letzten Jahren – teilweise mühsam – über den NSU-Komplex ans Licht gezerrt werden konnte, ist die „Trio“-These aber nicht haltbar. Zum NSU-Komplex gehören ein Neonazinetzwerk, der gesamtgesellschaftliche Rassismus und das Handeln der Polizei sowie des Verfassungsschutzes. Gleichzeitig stellen sich die Angehörigen der vom NSU Ermordeten und die Überlebenden der Anschläge immer noch die gleichen Fragen wie 2011: Wer hat die Tatorte ausgewählt? Warum wurde gerade ihr Vater, Ehemann, Sohn, ihre Tochter ermordet? Wer ist Teil des Unterstützungsnetzwerks des NSU? Was wusste der Verfassungsschutz und was machte er warum mit seinem Wissen (nicht)? Klar ist: Die gesellschaftlichen Verhältnisse, die den NSU hervorgebracht haben, müssen abgeschafft werden. Das Urteil im ersten NSU-Prozess hat noch einmal unterstrichen: Deutschland ist nur in sehr eingeschränktem Maße bereit, rechtem Terror entgegenzutreten und ihn aufzuarbeiten, den Betroff
Technology is the solution: What is the problem? This seems to be the motto. Algorithms may be about to control our free speech while tracking technologies could control our bodies and communications. Will we react or stay quiet? Technology is the solution: What is the problem? This seems to be the motto. Whether it is about preventing the dissemination of terrorist content or to prevent copyright infringements the solution from the legislator is upload filters. While content is controlled by algorithms, devices need to be under scrutiny. That is why confidentiality of communications needs to be secured now too. We have little time to stop these threats from becoming a reality, but we have most citizens on our side and the EU elections near. We still can and have to win this battle. Otherwise, once filters are put for copyright or terrorist content, they will be used for anything else. And if software and hardware does not defend our privacy by design and by default, 24/7 surveillance will be the new "normal".
Die Venenerkennung ist eine der letzten Bastionen biometrischer Systeme, die sich bisher der Eroberung durch Hacker widersetzt hat. Dabei ist sie ein lohnendes Ziel, schützt sie doch Bankautomaten und Hochsicherheitsbereiche. In diesem Talk machen wir die Verteidigungsanlagen dem Erdboden gleich. Seit Jahrzehnten vor allem im asiatischen Raum eingesetzt sind bisher keine ernsthaften Versuche bekannt Venenerkennungssysteme zu üeberwinden. Neben dem Mythos der Hochsicherheit sind vor allem die, unsichtbar im Körper gelegenen Merkmale dafür verantwortlich. In diesem Talk werden wir zeigen, mit welch geringem Aufwand man an die "versteckten" Venenbilder gelangen kann und wie, auf Grundlage dieser, Attrappen gebaut werden können, welche die Systeme der beider grosser Hersteller überwinden.
TCP/IP is the most widely used protocol on the Internet for transmitting data. But how does it work in detail? This talk will explain the TCP protocol, from handshake over established to teardown in detail - and elaborate a bit on protocol adjustments over time and congestion control. I will briefly explain how computers talk to each other via the Internet Protocol (IP), and explain the transport protocols UDP and TCP, and their interaction with ICMP (for error and control messages). UDP is the user datagram protocol, an unreliable packet-oriented protocol. TCP provides a reliable stream of data, and includes connection establishment, feature negotiation, window management, and teardown. Over the last years at University of Cambridge I contributed to a formal model of TCP/IP and the Unix sockets API, developed in HOL4. We validated our HOL4 model with the FreeBSD-12 stack using Dtrace (packets, system calls, internal TCP state). In this research, we formalised a more exact TCP state machine than in initial RFCs or common literature (Stevens).
This lecture tells the story of Internet infrastructure transformations in Crimea, the peninsula disputed between Russia and Ukraine between 2014 and 2018. It is based on an extensive year-long study involving network measurements and interviews with key players. Crimea has become a "laboratory" where we can observe, in just 4 years, a rapid and profound transition of infrastructure, that deeply impacted the Internet Service Provider market, routing trajectories, Internet censorship practices in the region. Annexation has transformed the way Crimea is plugged to the "outer world" - in terms of peering and transit relations between various autonomous systems, creating a much more centralized infrastructure and monopolized market. This, in its turn, had an important impact for Crimean end-users - in terms of quality, speed, price of Internet service, as well as in terms of Internet censorship and various traffic anomalies that they experience. Moreover, server-side geoblocking by online payment platforms, Google Play, Apple and other important services, is imposed on Crimean users, because of international sanctions that have a controversial impact, including a risk of overblocking, further isolation of Crimean civil society and reinforcing a more general trend towards "balkanization" of the Internet(s). [1] This talk is based on a one-year long research conducted at Citizen Lab [2], using a mixed methods approach. On the one hand, we conducted network measurements with OONI probe [3], testing a set of URLs from Crimean vantage points, and comparing results with mainland Russia and Ukraine. We have done an analysis of BGP routing history, and AS neighbouring history, using data from RIPE and CAIDA in collaboration with researchers behind the "Internet Health Report" initiative [4] using the recently deployed methodology of "AS Hegemony Index" [5]. On the other hand, we conducted an extensive qualitative study, including interviews with Crimean ISPs, Ukrainian and R
Der Vortrag behandelt die Klage des Internetknotens DE-CIX gegen die strategische Fernmeldeüberwachung des BND vor dem Bundesverwaltungsgericht in Leipzig, was wir aus dem Urteil über den Rechtsschutz der Bürger lernen können und wieso der Fall nun das Bundesverfassungsgericht in Karlsruhe beschäftigt.
We all know what FAX is, and for some strange reason most of us need to use it from time to time. Hard to believe its 2018, right? But can FAX be something more than a bureaucratic burden? Can it actually be a catastrophic security hole that may be used to compromise your entire network? Come watch our talk and find out … Unless you've been living under a rock for the past 30 years or so, you probably know what a fax machine is. For decades, fax machines were used worldwide as the main way of electronic document delivery. But this happened in the 1980s. Humanity has since developed far more advanced ways to send digital content, and fax machines are all in the past, right? After all, they should now be nothing more than a glorified museum item. Who on earth is still using fax machines? The answer, to our great horror, is EVERYONE. State authorities, banks, service providers and many others are still using fax machines, despite their debatable quality and almost non-existent security. In fact, using fax machines is often mandatory and considered a solid and trustworthy method of delivering information. What the Fax?! We embarked on a journey with the singular goal of disrupting this insane state of affairs. We went to work, determined to show that the common fax machine could be compromised via mere access to its fully exposed and unprotected telephone line – thus completely bypassing all perimeter security protections and shattering to pieces all modern-day security concepts. Join us as we take you through the strange world of embedded operating systems, 30-year-old protocols, museum grade compression algorithms, weird extensions and undebuggable environments. See for yourself first-hand as we give a live demonstration of the first ever full fax exploitation, leading to complete control over the entire device as well as the network, using nothing but a standard telephone line. This talk is intended to be the canary in the coal mine. The tech
Seit Juli 2016 darf ich – nominiert unter anderem vom CCC – den Bereich "Internet" im Fernsehrat des ZDF vertreten. Nach gut zwei Jahren ist es Zeit für eine Zwischenbilanz: Was macht ein Fernsehrat, was machen öffentlich-rechtliche Angebote im Netz, und was sollten sie eigentlich tun? Der Fernsehrat vertritt die Interessen der Allgemeinheit gegenüber dem ZDF. Deshalb ist er kein Expertengremium, sondern so vielfältig wie die Gesellschaft selbst. Seine Mitglieder werden von unterschiedlichen gesellschaftlichen Gruppen entsandt. Der Fernsehrat tagt öffentlich. Sowohl die Tagesordnung als auch die Zusammenfassungen der wesentlichen Ergebnisse der Sitzungen werden im Internet veröffentlicht. So beschreibt sich der ZDF-Fernsehrat auf seiner Webseite selbst. Nach einem Urteil des Bundesverfassungsgerichts im Jahr 2014 mussten die Länder den ZDF-Staatsvertrag neu formulieren, der Fernsehrat ist deshalb seit Juli 2016 neu zusammengesetzt. Nur noch maximal 20 von 60 Mitgliedern dürfen aktive Politiker sein, der Rest soll verschiedene gesellschaftliche Gruppen repräsentieren. Neu hinzu kamen im Zuge der Neuordnung Vertreter, die von den Ländern – in der Regel auf Vorschlag von Vereinen oder Verbänden – für Bereiche wie Minderheiten, Menschen mit Behinderung, Digitales oder LGBTQI nominiert werden. Während Bayern das Nominierungsrecht für den Bereich "Digitales" an den Branchenverband der Telekommunikationsindustrie BITKOM delegiert hat, wurde ich vom Land Berlin auf gemeinsamen Vorschlag der vier Vereine Chaos Computer Club (CCC), D64 – Zentrum für Digitalen Fortschritt e. V., eco – Verband der Internetwirtschaft und media.net berlinbrandenburg e. V. für den Bereich "Internet" nominiert. Nach etwas mehr als der Hälfte meiner vierjährigen Periode möchte ich im Rahmen des 35C3 von meinen Aktivitäten als und im Fernsehrat berichten – zumindest soweit das übertriebene Verschwiegenheitsklauseln zulassen – und skizzieren, welche (neue
This talk is about new challenges in exploiting kernel memory corruptions on brand new Microsoft Windows RedStone 5. Each new version of Windows OS Microsoft enhances security by adding security mitigation mechanisms - Kernel land vulnerabilities are getting more and more valuable these days. For example, the easy way to escape from a sandbox is by using a kernel vulnerability. That's why Microsoft struggles to enhance security of Windows kernel. Kernel pool allocator plays a significant role in security of whole kernel. Since Windows 7, Microsoft started to enhance the security of the Windows kernel pool allocator. In Windows 8, Microsoft has eliminated almost all reliable (previously published) techniques of exploiting kernel pool corruptions. Then Microsoft eliminated "0xBAD0B0B0" technique in Windows 8.1, and there was no easy technique to exploit Pool Overflows on Windows 8.1 Then DKOM/DKOHM technique was present that gave really nice primitives(arbitrary read/write/execute) for kernel exploitation. Following up Microsoft obfuscated TypeIndex in an object header leaving DKOM/DKOHM technique useless. But Microsoft left unprotected optional headers that gave born to DKOOHM technique. Sadly enough, Microsoft introduced brand new Kernel Memory Allocator on Windows 10 RS5 leaving current pool memory manipulation techniques useless. This talk presents new techniques of exploiting kernel memory corruptions on Windows 10 RS5.
Performance lecture by Cornelia Sollfrank that makes a (techno-)feminist comment on the entanglements of gender, technology and information politics exemplified by the case of Julian Assange and Wikileaks. The artist takes us in her text assemblage on an adventurous trip into the realm of zeros and ones, of data and pure information, of ciphers, signifiers and figures. On the other side of reality we encounter suspected heroes, leaks and phreaks, engineers of escape who control our secret desires. Rape can be performed in many ways. In a state of total transparency: what shall we eat, when society feeds upon the repressed? Knowing yourself means knowing what to look for. The performance is a technofeminist comment on the wikileaks case, in particular the fact that Julian Assange has spent more than five years in confinement following a rape accusation. Instead of making a moral judgement, however, the performance uses and combines sources from information science, psychoanalysis, cultural studies, feminist studies and activism to embed the case is a wide cultural landscape in which gendered structures becomes more than obvious. The performance is divided into 9 chapters with headers such as Information, Organisation, Zeroes&Ones, Binary Worlds, Pure Difference, Cyberfeminism, Gender&Technology, Naked Information and Transparency, and creates a captivating atmosphere by the use of sound and visuals.
CRISPR/Cas hat die Genforschung revolutioniert und könnte bald in großem Stil gentechnisch eingesetzt werden. Aber was ist CRISPR und wie funktioniert es? Kurz gesagt: Teile des adaptiven Immunsystems von Bakterien werden genutzt, um Gene zu verändern. Und das funktioniert präziser als mit jedem anderen Werkzeug zuvor und offenbar in allen Tier- und Pflanzenarten. Damit ist CRISPR anders als die herkömmlichen Methoden der Gentechnik. Es ist einfach anzuwenden, preiswert, schnell, extrem vielseitig und damit in jedem Biologielabor erhältlich. Bio-Hacker haben sogar begonnen, CRISPR zu Hause zu nutzen. CRISPR wird bereits eingesetzt, um mehr über Genfunktionen und -dysfunktionen zu erfahren. So könnte es realistischerweise zur Behandlung einiger Krankheiten eingesetzt werden. Aber welche Hürden gibt es noch und welche ethischen Fragen würden sie mit sich bringen? Wie kann (oder sollte?) CRISPR in der Landwirtschaft eingesetzt werden, wenn der Klimawandel die Erträge verringert und die Biodiversität gefährdet? Unser Vortrag gibt einen Überblick darüber, was mit dem CRISPR/Cas-System möglich ist. Wir möchten genügend Informationen liefern, um zwischen Pseudowissenschaften und dem, was tatsächlich möglich ist, unterscheiden zu können. André ist Physiker, Biochemiker und Wissenschaftskommunikator. Katrin studierte Biochemie, verpodcastete Wissenschaftsnachrichten und berät wissenschaftliche Softwareprojekte. Anna ist Biologin und hat während ihrer Doktorarbeit teilweise mit CRISPR gearbeitet. Obwohl wir aus verschiedenen Bereichen der Wissenschaft kommen, haben wir eine gemeinsame Leidenschaft: Themen aus der Wissenschaft verständlich darzustellen. Eine der vielversprechendsten neuen Technologien ist CRISPR/Cas. Dabei handelt es sich um eine Gentechnikmethode, die ein großes Potenzial für Mensch und Umwelt hat. Aber wie jedes Werkzeug kann CRISPR sowohl für Gutes als auch für Böses eingesetzt werden - und es ist nicht immer einfach
Plötzlich geht alles ganz schnell: Online-Behandlungen und elektronische Gesundheitsakten sind dieses Jahr für Millionen Krankenversicherte Wirklichkeit geworden. Zu einem hohen Preis: Bereits einfache Angriffe lassen das Sicherheitskonzept der Apps und Plattformen zusammenbrechen. Warum das so ist, welche kritischen Fehler Vivy & Co. gemacht haben und wie das möglicherweise verhindert werden kann, das soll dieser Vortrag zeigen - denn in spätestens drei Jahren sollen auch die Gesundheitsdaten aller übrigen Versicherten zentral gespeichert und online abrufbar sein. Die elektronische Gesundheitskarte ist gescheitert. Stattdessen kommt jetzt die elektronische Patientenakte: In spätestens drei Jahren sollen die Befunde, Diagnosen, Röntgenbilder und Rezepte aller gesetzlich Krankenversicherten online und zentral gespeichert verfügbar sein. Schon heute können Millionen Versicherte eine solche Lösung nutzen und, wie Gesundheitsminister Jens Spahn fordert, "auch auf Tablets und Smartphones auf ihre elektronische Patientenakte zugreifen". Zeitgleich zur elektronischen Patientenakte steht die Onlinebehandlung vor der Tür: Das Fernbehandlungsverbot wurde vor wenigen Monaten gekippt, und schon heute können sich Millionen Versicherte ausschließlich online behandeln lassen. Nach Jahren des Wartens geht dabei alles ganz schnell. "Diese Maßnahmen dulden keinen Aufschub", sagt Spahn. Und macht uns alle damit zu Beta-Testern in Sachen Gesundheit. Mit fatalen Folgen: Unsere streng vertraulichen Gesundheitsdaten liegen für alle sichtbar im Netz. In diesem Vortrag zeige ich an fünf konkreten Beispielen, welche fahrlässigen Entscheidungen die Online-Plattformen und Apps der Anbieter aus dem Bereich Gesundheitsakte und Telemedizin so angreifbar machen und demonstriere, wie einfach der massenhafte Zugriff auf unsere vertraulichen Gesundheitsdaten gelang. Zur Debatte steht, was angesichts dieser neuen alten Erkenntnisse zu tun ist - und was wir besser bleiben lass
An (almost) self-contained introduction to the basic ideas of quantum mechanics. The theory and important experimental results will be discussed. Quantum mechanics is one of the two paradigm-changing physical theories of the early twentieth century (the other being special and general relativity). Suddenly, one of the most fundamental physical theories was no longer deterministic: Measurement is a probabilistic process in quantum mechanics. This caused a controversy on how to interpret this and whether quantum mechanics is a complete theory that continues until today. This talk tries to counter a trend: Most people know the fundamentals of special relativity, while few know quantum mechanics beyond the Bohr model of hydrogen. On reason is that the presentation of quantum mechanics in schoolbooks is often dated, inaccurate and incomplete, and, as a consequence, quantum mechanical concepts are often used as a magical component in fringe science and esoteric theories. The talk will shortly discuss some of the experimental results that have lead to the formulation of quantum mechanics and then formulate the theory. The parts of quantum mechanics that often show up in quack theories will be examined and dissected. Allergy advice: This talk may contain mathematics. Some prior knowledge of linear algebra will help to understand this talk.
Open Source firmware ist ein Begriff seit 1999 wo LinuxBIOS (coreboot) und u-boot als Projekt starteten. Heute nach fast 20 Jahren ist endlich Open Source firmware bei den Herstellern von Hardware angekommen: Google Chromebooks - coreboot Facebook Open Compute Hardware - coreboot / LinuxBoot Purism Laptops - coreboot Microsoft Olympus - TianoCore Microsoft Surface - TianoCore IBM Power 9 - Hostboot / Skiboot ARM Hardware - ARM Trusted Firmware Intel Minnowboard - TianoCore, coreboot A lot embedded hardware - u-boot In diesem Vortrag werden wir uns den Weg der Open Source firmware Entwicklung von der Vergangeheit bis in die Gegenwart anschauen. Dabei werden wir ein Schwerpunkt auf neue Technologien in der Firmware Entwicklung und eine Einführung in bestehende Konzepte legen. Teil des Vortrags werden auch Sicherheitstechnologien und Konzepte der Firmware sein. Zum Schluss werden wir einen Ausblick auf die Zukunft und damit verbundenen Ideen uns anschauen. Dies ist ein Einsteiger Vortrag der dazu dienen soll mehr Menschen von der Open Source Firmware Entwicklung zu begeistern.
During her talk “Tactical Embodiment,” artist and activist Angela Washko will present several different strategies for performing, participating in and transforming online environments that are especially hostile toward women. She will introduce her long-term performative intervention “The Council on Gender Sensitivity and Behavioral Awareness in World of Warcraft” alongside several interventions, interviews, performances, written works and video games works she has created with the manosphere and online men’s seduction communities. In addition to walking the audience through her research, Washko will screen excerpts from her interview with a seduction coach who has been dubbed “The Web’s Most Infamous Misogynist” and highlight instructional DVDs, books, and hidden-camera videos created by a community of pick-up artists who teach men how to interact with and seduce women. The talk will close with an audience-participation based performative play-through of her most recent project “The Game: The Game,” a dating simulator video game presenting the practices of several infamous pick-up artists. During her talk “Tactical Embodiment,” artist and activist Angela Washko will present several different strategies for performing, participating in and transforming online environments that are especially hostile toward women. She will introduce her long-term performative intervention “The Council on Gender Sensitivity and Behavioral Awareness in World of Warcraft” alongside several interventions, interviews, performances, written works and video games works she has created with the manosphere and online men’s seduction communities. In addition to walking the audience through her research, Washko will screen excerpts from her interview with a seduction coach who has been dubbed “The Web’s Most Infamous Misogynist” and highlight instructional DVDs, books, and hidden-camera videos created by a community of pick-up artists who teach men how
Hardware implants and supply chain attacks have been in the news recently, but how feasible are they and what can we do about them? In this talk we'll examine the design of a proof of concept SPI bus hardware implant that has similar capabilities to those described in the Bloomberg/Supermicro article as well as some countermeasures that we can use to try to detect these "modchips" and increase our trust in our systems. We don't know how much of the Bloomberg story about hardware implants installed in Supermicro servers shipped to Apple and Amazon is true, nor do we know the story behind the story and the reasons for the vehement denials by all the parties involved. However, a technical assessment of details of the describe implants reveals that a supply chain attack on the hardware is definitely possible, that the capabilities of the BMC can be used to bypass OS protections, and that there are means to access the BMC that would not necessarily generate readily identified network traffic. In this talk we'll examine the design of a proof of concept SPI bus hardware implant that has similar capabilities to those described in the Bloomberg/Supermicro article as well as some countermeasures that we can use to try to detect these "modchips" and increase our trust in our systems.
Heimatminister Horst Seehofer und seine Amtskollegen in den Ländern erweitern die Rechte der Polizeien und planen ein „Musterpolizeigesetz“. Damit handelten sie sich die größten Proteste gegen Überwachungsvorhaben seit Jahren ein. Wir geben nicht nur einen Überblick über die zahlreichen Neuregelungen der Polizeigesetze in den Bundesländern, sondern berichten auch aus den Anhörungen in den Landtagen und von den Stellungnahmen. Wir erklären, was in den neuen Gesetzen steht und welche rechtlichen und technischen Grenzüberschreitungen wir zu kritisieren haben. Und wir haben ein paar Forderungen.
This talk will discuss all about the Five Eyes, the espionage alliance between Australia, Canada, New Zealand, the United Kingdom and the United States. It is one of the largest intelligence operations in the world, which monitors billions of communications around the globe in the name of security. Yet the Five Eyes propose to weaken security, privacy and eroded the possibility of secure systems. This talk will go into details about the Five Eyes (FVEY), covering its origins in the aftermath of World War II, its expansion in the cold war, ECHELON, and further expansion in the the era of counter-terrorism, through today, where the Five Eyes have set their sights on enabling mass surveillance and stopping strong encryption. The discussion will include: - The history and background of the Five Eyes Origins Cold War (ECHELON) Terrorism - How the FVEY spying and intelligence sharing works - Malware - Backdoors - Routers - Internet exchanges - Domestic sharing: when one member spies on another’s citizens, and shares the information back to get around prohibitions on domestic surveillance. - More Eyes, More Problems. Proposals to expand the number of eyes, including many within the EU - Whistleblowers: What the documents shared by Edward Snowden revealed about the Five Eyes - The Five Eyes latest fight: Against strong encryption. FVEY member claim to aim to "thwart the encryption of terrorist messaging,” and the UK and Australia have taken steps through legislation to weaken security. - Why this matters - the legal and policy framework for communications surveillance and the application of human rights principles for surveillance.
As humans have a large negative impact on ecosystems all around the globe, we are approaching a major extinction event in which around 70% of all species will go extinct. This talk will give an introduction to a data-driven and system-based view of ecology. Since life emerged on this planet around 3 billion years ago, five global extinction events took place, that are characterized by over 60% of all species disappearing within a geologically short time interval. The last decades of environmental research, however, made it evidently clear that anthropogenic impacts on the global ecology could lead to a sixth global extinction. Being caused by the destabilization of ecosystems due to climate change, poaching, fragmenting of habitats, species invasions, pollution and other human activities, this extinction event would be the first induced by a species and not by natural catastrophes. Two general paths of action seem available to mitigate this threat or at least limit the damage: One consists of radically limiting anthropogenic influence on nature by restricting human habitats (to, as argued by E. O. Wilson among others, half of the earths surface), which, however, seems politically infeasible. A second strategy aims to effectively re-stabilize ecosystems by selective and specific intervention, but this would require a much deeper knowledge of ecosystem processes and how to modulate them. In this talk, I will provide an overview of the declining quality of ecosystems worldwide and argue that data-driven approaches as well as a hacker mindset will be essential to tackle open questions. I will support this argument by examples from my own research, in which I aim to identify important interactions between microbes in lake ecosystems. Finally, I will try to start a discussion on how to create citizen science projects that will help us understand our natural environment.
The software defined wide-area network is technology based on SDN approach applied to branch office connections in Enterprises. According to Gartner's predictions, more than 50% of routers will be replaced with SD-WAN Solutions by 2020. The SD-WAN can have firewalls and other perimeter security features on board which makes them attractive targets for attackers. Vendors promise "on-the-fly agility, security" and many other benefits. But what does "security" really mean from a hand-on perspective? Most of SD-WAN solutions are distributed as Linux-based Virtual Appliances or a Cloud-centric service which can make them low-hanging fruit even for script kiddie. Complexity of SDN creates additional security issues and cybersecurity pro should address it before an attack occurs. This presentation will introduce practical analysis of different SD-WAN solutions from the attacker perspective. Attack surface, threat model and real-world vulnerabilities in SD-WAN solutions will be presented.
Microcode runs in most modern CPUs and translates the outer instruction set (e.g. x86) into a simpler form (usually a RISC architecture). It is updatable to fix bugs in the silicon (see Meltdown/Spectre), but these updates are encrypted and signed, so no one knows how microcode works on conventional CPUs. We successfully reverse engineered part of the microde semantics of AMD CPUs and are able to write our own programs. We also recovered the mapping between the physical readout (electron microscope) and the "virtual" addresses used by microcode itself. In this talk we present background on microcode, our findings, our open source framework to write custom microcode and our custom defensive measures implemented in microcode. We build on our results presented on 34C3 to provide more insight into how microcode works and more details of the microcode ROM itself. tl;dr diff to last talk: - Mapped physical readout to virtual addresses, we can now read the microcode implementation of specfic instructions - More microcode semantics known, more stable programs - Opensource framework for creating, diassembling and testing microcode on AMD CPUs - Simple hardware setup to develop microcode programs - More practical examples of what you can do with microcode, focused on defense instead of offense this time Since 34C3 we worked on recovering the microcode ROM completely and used that knowledge to implement constructive microcode programs that add to or enhance functionality of the CPU. We also worked on our now open source framework to create and diassemble microcode for AMD CPUs up to 2013. We will give a short intro into how to use it to create custom microcode programs and test them on real hardware. We also provide guidelines on how to construct the test setup we used, which is essentially any old AMD mainboard (native serial port required), a RaspberryPi with a serial adapter and some wiring including a few basic electronic components. Using this you can r
Nico Semsrott hat in Zeiten des globalen Rechtsrucks den überflüssigsten Job der Welt: Er ist Demotivationstrainer. Mit Powerpointpräsentationen und viel Pessimismus schafft er es, komplexe Themen zu vereinfachen, ohne dabei auf alternative Fakten zurückgreifen zu müssen. Politisch gesehen ist zwar alles aussichtslos. Aber wenn man schon aufgibt, kann man man genauso gut auch das Resignieren aufgeben. Deswegen kandidiert Nico auf Platz 2 der Europaliste der Partei Die PARTEI. Um dann in Brüssel als Kommissionspräsident die Demokratie in Europa einzuführen. Notfalls gegen den Willen der Bürgerinnen und Bürger.
This talk investigates fake science factories; international twilight companies whose sole purpose is to give studies an air of scientific credibility while cashing in on millions of dollars in the process. We present the findings, outcomes and methodology from a team of investigative journalists, hackers and data scientists who delved into the parallel universe of fraudulent pseudo-academic conferences and journals. The story was published in Germany (ARD and Süddeutsche Zeitung Magazin) in mid of July and then went around the world. How did it begin? What did we learn in the process? And: What happened since the story got published? Until recently, fake science factories have remained relatively under the radar, with few outside of academia aware of their presence; but the highly profitable industry has been growing significantly in the last five years and with it, so are the implications. To the public, fake science is often indistinguishable from legitimate science, which is facing similar accusations itself. We expose the scale and value of two fake science operations: Well-known institutions and professors who abuse this route of publication for personal gain and the deadly consequences when the public believe in fake cures or weird discoveries that seem scientific at a very first glance. Beyond the pressure to publish, we find varying motivations from paid vacations and promotions to obtaining stipends and research grants. Our findings highlight the prevalence of the pseudo-academic conferences, journals and publications and the damage they can and are doing to society. For 35C3 we did some extra analytics and will publish new numbers, how pseudo-academic publishing has dropped since the story got out in several countries in July 2018.
Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick! Did you think that the thrill of sharing your ideas in front of a huge audience at a C3 was something you'd never experience? Do you work on a cool project and want to get the word out? Was your talk one of the hundreds that got rejected? Did you come up with an awesome hack that you need to share? Go ahead and enter your Lightning Talk now! The 35C3 Lightning Talks consist of three fast paced sessions which are perfect for pitching new software or hardware projects, exploits, creative pranks or strange ideas you need to get out to a global audience. Even if you don't have an awesome idea or project to share, a Lightning Talk is perfect for pitching your Assembly, your workshop or even a longer talk you'll give as a self-organized session. Your five minutes of fame!
Telephone networks form the oldest large scale network that has grown to touch over 7 billion people. Telephony is now merging many complex technologies (PSTN, cellular and IP networks) and enabling numerous services that can be easily monetized. However, security challenges for telephony are often neither well understood, nor well addressed. As a result, telephone networks attract a lot of fraud. In this talk, we will systematically explore the fraud in telephone networks, focusing on voice telephony. We will present a taxonomy of fraud, and analyze two prevalent fraud schemes in more detail: looking into the ecosystem of International Revenue Share Fraud (IRSF), and discussing a new countermeasure to the well-known problem of voice spam. This talk aims to improve the understanding of the fraud ecosystem in telephony networks. We first provide a clear taxonomy that differentiates between the root causes, the vulnerabilities, the exploitation techniques, the fraud types and finally the way fraud benefits fraudsters. As concrete examples, we first look into International Revenue Share Fraud (IRSF), where phone calls to certain destinations are hijacked by fraudulent operators and diverted to the so-called ‘international premium rate services’. This fraud often involves multiple parties who collect and share the call revenue, and is usually combined with other techniques (such as voice scam, mobile malware, PBX hacking) to generate call traffic without payment. We will further explore the IRSF ecosystem by analyzing more than 1 million `premium rate' phone numbers that we collected from several online service providers over the past 3 years. In the second part, we will look into voice spam, a prevalent fraud in many countries. After giving an overview of various types of unwanted phone calls, we will focus on a recent countermeasure which involves connecting the phone spammer with a phone bot (“robocallee”) that mimic
A major part of software development is maintenance, i.e. tinkering with software that should already be completed but still somehow does not work as it should. Software developed by tinkering is the antithesis to resilient technology, and a growing threat to our profession and our lives. Working on this kind of software crushes the soul. Yet this is exactly how most IoT devices (and computers in general) are programmed these days. We need to replace the dead technology-oriented objects of the past with supple models enriching our domains and our souls. This talk shows how it is done. So how do we gain autonomy over the software of the future, which is currently spiralling out of control? Not with object-oriented programming, as it turns out: Mutable state, the absence of uniform abstraction mechanisms and the complexity introduced by inheritance make it hard for humans to develop correct and robust software. While "agile" has given developers autonomy over the soul-crushing processes of the past, the prevalent technology - object-orientation - is a fundamental part of the problem, not of the solution. It is time to say goodbye; we must start to teach the principles of systematic construction of correct software instead. At the core of this revolution is the consistent application of functional programming, i.e. of immutable data structures, systematic abstraction and data modelling. The talk illustrates the problems of the programming techniques of the past, and shows how to build robust models that lead to useful software.
From Cyberfeminism to XenoFeminism - a short history of radical appropriations of media. This discussion will question how media is made (for whom and for what) and how meaning is produced through different contexts. it will feature media hacks and productions spanning a century and three continents. Sci-Hub, film excerpts, Red Planet and more will be referenced. It will also address how and where media matter, comparing different technologies, commenting on CCC projects and what is more/less relevant in different African and European contexts. We will also explore how media and technical developments are informed by their social, economic and political environments.
Biometrische Videoüberwachung, Hausdurchsuchungen, Polizeiaufgabengesetze, Staatstrojaner und ganz viel Cyber: Wir geben einen Überblick über die Themen, die den Chaos Computer Club 2018 beschäftigt haben. Neben der Zusammenfassung und der Rückschau auf das vergangene Jahr wollen wir aber auch über zukünftige Projekte und anstehende Diskussionen reden.
The SymbiFlow project aims to be the "GCC of FPGAs" - a fully open source toolchain supporting, multiple FPGAs from different vendors. Allowing compilation from Verilog to bitstream without touching vendor provided tools, it includes support for large modern FPGAs like the Lattice ECP5 and Xilinx 7 series. These FPGAs can be used for things previously out of reach of FOSS tools, things like high resolution video and many gigabit networking. We have also documented the FPGA bitstreams to allow other new tools and a process for replicating this effort on new types of FPGAs!
In this talk we will go through the different mitigations in Windows 10 and see how they affect modern userspace exploitation. We will explain the primary ones and the different ways to bypass them. Finally, we will demo a cool exploit that achieves code execution.
This talk will engage the practises and protocols of hacking in the context of Hong Kong, drawing parallels from the stigmergic responses of the city (consensus network organisation) and the peer-production (or attempt) of the hackerspace, Dim Sum Labs. Perspectives on this will also draw from the publication, The Field Guide to Hacking (_TFGTH), a collection of (project and essay) snapshots generated from the hackerspace and its surrounding community.
Over the summer Facebook, Google, and Twitter have started making transparent United States political ads shown on their platforms. We have been collecting and analyzing these political ads to understand how candidates, elected officials, PACs, non-profits, for-profit companies, and individual citizens are disseminating U.S. political content using these advertising platforms.
Project IceStorm provides the first end-to-end open source FPGA toolchain, was originally presented at 32c3, and only targetted Lattice iCE40 FPGAs. nextpnr is the next big step for open source FPGA tools, providing a retargetable open source FPGA place-and-route tool that will enable open source flows for many different FPGAs from many different vendors.
Learn to see the world without your eyes. Wonder what it's like to navigate while blind? Want to learn to use your everyday senses in ways you don't know you don't know? In this talk, I hack you with permanently enhanced sensory perceptions. This is very participatory, not just "sit and listen", and workshops are even more hands-on (blindfolded w/ cane in hand).
This talk will share the experience of a leading African extended reality lab - Imisi 3D. It will highlight this African journey to adopt augmented and virtual reality, the challenges and lessons learned and will then focus on some of the arts and culture use cases that have emerged so far. In particular we will explore the collaboration with the IAF Basel festival (organisers of the Contemporary Africa Photography prize) that resulted in Reality Check, a simultaneous virtual reality tour of Lagos and Basel.
An update on the circumstances of the Snowden Refugees will be provided at the 35C3 event and venue in December 2018. There have been many significant events and incidents during 2018, and some of these will be disclosed at the talk. Updates will provided on the Snowden Refugees appeals in Hong Kong and their refugee claims with Canada. There will also be disclosures on continued surveillance and harassment by the Hong Kong authorities.
Es ist 6 Uhr und ein Trupp uniformierter Polizisten steht vor deiner Wohnungstür. Was solltest du bis dahin getan haben und was solltest du jetzt tun?
Men with osteoporosis or depression, women with heart attacks - these are examples of diseases where medicine still shows a gender bias. Assuming that men and women have the same bodies, except when it comes to the reproductive organs still causes maltreatment up to death. In the past few years sex- and gender-sensitive medicine has discovered that the assumption of the same body has lead to the unnecessary death of patients and needs to be challenged. This is a brief introduction into the paradigm shifting realm of sex- and gender-sensitive medicine showing how and where the sexes differ, that there are actually more than two sexes and that your gender also plays a role in how you are being treated by medical professionals.
Seit 2010 ist die Sehnsucht des Schauspiel Dortmund, ein gegenwärtiges und wagemutiges Schauspiel für ein Publikum des 21. Jahrhunderts zu schaffen, ein Volkstheater für die Digitale Moderne. Intendant Kay Voges, Videokünstler Mario Simon und Engineer Lucas Pleß berichten über Dortmunder Theaterarbeiten zum Menschsein im Digitalen Zeitalter, speziell über die Stückentwicklung "Die Parallelwelt", die im September 2018 am Berliner Ensemble und am Schauspiel Dortmund gleichzeitig Premiere hatte, sowie über die "Akademie für Digitalität und Theater", die 2020 in Dortmund gegründet werden soll.
The internet has become essential services, and offline methods of sharing data are rapidly disappearing. Other possible networks are often better suited when connectivity is not available or affordable. Radios, sensors, and computing are available in the cheapest of smartphones and routers. Wind is integrating nearby/offline data exchange with the internet services that we all rely on.
More than 10,000 different device manufacturers from all over the world use the basic platform (WIFI module, cloud, app) of a single company to technically implement their smart home products. The analysis of this base shows considerable security deficiencies, also of a conceptual nature, and thus various points of attack, which affects millions of smart devices. The lecture will present the functionality of smart devices in relation with the above-mentioned basic platform, show the extent of the security gaps using various attack scenarios and offer the community a solution for the secure use of the affected devices.
Teaching beginners how to program is often hard. We love building programs, and seeing our loved ones struggle with this is painful. Showing them how to copy-paste a few example programs and change a few parameters is easy, but bridging from there to building substantial programs is a different game entirely. This talk is about how to teach programming successfully, through comprehensible design recipes, which anyone can follow, using languages and tools designed for beginners. This approach is probably different from how you learned how to program, or how you're used to teaching. It is more effective, however, as it teaches more material successfully to a broader spectrum of people. It is also more enjoyable.
What's been good, exciting, spooky and challenging in art and science/technology over this past year. With a short incursion into the ugly because even artists have the right to be awful.
Never Forgetti is a didactic live gaming lecture about the deaths of female video game characters and how their normative framing prevents them from developing agency to avert their fatal destiny. The performance investigates on power relationships between lecturer and audience to reflect on how models of subjugation are established in media and our current social realities. Taking on the persona of Jenny Vorfahrt, a mysterious character that exists both outside and inside the gaming realm, I provide attendees with showcase of gameplay and theoretical knowledge about life and death of popular heroines, as well as the symbolism of classical game design. In reality, however, Jenny is pursuing her own secretive agenda...
Um das Entwickeln von eigenen Laufrobotern zu erleichtern, brauchen wir offene Alternativen zu bestehenden Plattformen. Am Beispiel unseres Projektes "Hannah" stellen wir euch Möglichkeiten vor, wie Open Source in Robotik-Hardware praktisch eingesetzt werden kann.
A variety of initiatives aims at encouraging female engagement in the hacker and maker scene. We present there some promising approaches and key learnings in a joint panel discussion.
The Enemy brings you face-to-face with combatants from three conflict zones: with the Maras in Salvador, in the Democratic Republic of the Congo, and in Israel and Palestine. Their testimonies and confessions about their lives, experiences, and perspectives on war will allow you to better understand their motivations… and their humanity.
Welchen Dialekt spricht eine Geflüchtete aus Syrien? Was verrät das Handy eines Asylsuchenden aus dem Irak darüber, wo er herkommt? Und ist der Name Wasef eigentlich typisch für Afghanistan? Über diese Fragen entscheiden im Bundesamt für Migration und Flüchtlinge (BAMF) zunehmend Computer. Sie spucken Wahrscheinlichkeiten für Herkunftsländer aus, die entscheidend dafür sind, ob Geflüchtete Asyl bekommen - oder nicht. Kurz: Menschliche Schicksale hängen von Maschinen ab. Diese Maschinen wissen nichts darüber, ob einem Menschen in seiner alten Heimat Verfolgung, Folter und Tod drohen. Mitarbeiter des BAMF verlassen sich auf diese Ergebnisse, auch wenn sie falsch sein können. Recherchen und bisher unveröffentlichte Dokumente zeigen, warum das schiefgehen muss und welche schweren Folgen für Schutzsuchende das haben kann.
Facebook monopoly is an issue, but looking for replacements it is not enough. We want to develop critical judgment on algorithms, on why data politics matter and educate, raise awareness for a broad audience. With our tool, we enable an individual to collect evidence and see how Facebook's algorithm truly shares their data. Not data about themselves, but the bias of facebook treats data, re-shares certain content over other content. Collectively we can analyze the algorithm, understand Facebooks agendas and show how little agency users have.
Beim Datenschutz geht es mitnichten um Privatsphäre, um das eigene Schlafzimmer oder um das Teilen privater Daten bei Facebook. Es geht gleichermaßen um den Erhalt einer demokratischen Gesellschaftsordnung wie um den Erhalt individueller Handlungsalternativen im digitalen Zeitalter. Wir dürfen also nicht so sehr über Einzelpersonen und ihre höchst subjektiven Privatheitswünsche sprechen, sondern viel mehr von Machtasymmetrien, Durchsetzungsmacht, sowie „starken“ und „schwachen“ Akteuren.
In this talk, I’ll present several attacks that leak the plaintext of OpenPGP or S/MIME encrypted emails to an attacker. Some of the attacks are technically interesting, i.e. the two different efail attacks, some are somewhat silly, yet effective. Some abuse HTML emails, some also work with plain ASCII emails. Furthermore, I’ll discuss our lessons learned and describe the efail-related changes to mail clients and the OpenPGP and S/MIME standards.
This talk will present a historical narrative of the background behind how the NeTV + Milkymist inspire the HDMI2USB then helped the NeTV2 projects and how they all became interlinked through events like Congress! From the study of this history, we will attempt to distill a few core lessons learned that can hopefully be applied to other open hardware projects.
With the beginning of last year, two major security vulnerabilities have been disclosed: Meltdown and Spectre. While mitigations in software and hardware have been rolled out right away, new variants have been continuously released in the following months. With all those confusing names, how can you possibly still have a clear overview of all those vulnerabilities (SpectreV1, SpectreV2, Meltdown, Spectre-NG, SpectreRSB, L1TF, Foreshadow, ...)? With this talk, we present a novel classification that will ease the naming complexity of the current jungle of variants. Along with all different attacks, we will give an overview of all proposed mitigations and show how an attacker still can mount an attack despite the presence of implemented countermeasures. Furthermore, we will present new variants of the Meltdown attack, exploiting different parts of the CPU.
This talk aims to give a general overview of iOS Jailbreaking by starting at what jailbreaking was back in the days and how it evolved up until today, while also taking a quick look at how it might evolve in future. Therefore the following topics are covered: - Jailbreaking goals (technical) - Types of jailbreak and it's origins (tethered, untethered, semi-tethered, semi-untethered) - Exploit mitigations (ASLR, iBoot-level AES, KPP, KTRR, PAC) - Kernel patches (h3lix) - Kppless jailbreaks The goal is to give an insight into the jailbreak terminology, exploit mitigations and how these are dealt with in past and modern jailbreaks.
Datenreichtum, E-Voting, Massenüberwachung und andere netzpolitische Schauplätze in der Schweiz Der Kampf um die Freiheit im digitalen Raum wird auch in der Schweiz intensiver. Wir blicken auf das netzpolitische Jahr 2018 in der Schweiz zwischen Bodensee und Matterhorn zurück. Wir behandeln jene Themen, die relevant waren und relevant bleiben. Weiter zeigen wir, was von der Digitalen Gesellschaft in der Schweiz im neuen Jahr zu erwarten ist.
There are multiple different ways to store cryptocurrency secret keys. This talk will investigate advantages and disadvantages of different methods with regards to cryptographic backdoors known as kleptograms.
Artificial Intelligence gives us a uniquely fascinating and clear perspective at the nature of our minds and our relationship to reality. We will discuss perception, mental representation, agency, consciousness, selfhood, and how they can arise in a computational system, like our brain.
There's a certain allure to zero-day exploits. At the apex of the security industry, these elusive technologies are engineered by a persistent few to open doors of software systems that were never meant to exist. We go behind-the-scenes to provide an inside look at the zero-day development lifecycle, breaking common misconceptions regarding this increasingly difficult tradecraft.
Der nationale Höchstleistungsrechner SuperMUC-NG unterstützt die öffentliche Wissenschaft in Deutschland. Wie ist er aufgebaut, was kann man damit tun, und wo steht er im Vergleich mit den schnellsten Supercomputern der Welt?
In this talk I want to present the computational undertakings in the field of cosmological structure formation and galaxy formation. Here, sometimes gigantic simulations help us to unravel the processes that led to the Universe that we can see today. I will give a short overview of our current understanding of the evolution of the Universe, the history and techniques of the simulations and their current state and future.
Through the hacking of surveillance techniques, machine learning, and big-data analytics, DISNOVATION.ORG’s trilogy of internet bots is uncovering and repurposing some of the influential and opaque operating systems of our online environment.
It is now 27 years since MS-DOS 5.0 was released. During its day there was the threat of viruses breaking your system or making it act in unpredictable ways. Due to its age and near total lack of consumer use it is safe to assume that all of the viruses for MS-DOS have been written. Using community archives and modern analysis methods we can uncover how they worked and reflect on how things have changed.
The last years, we all have felt the impact of applying technologies like machine learning, social networks and data-driven decision making on a massive scale to our societies. Yet all that technology has been developed by engineers like us. It's become clear that we have to do more than chase the ever evolving technological challenges and start to assume responsibility for our creations - or we too will wake up one day to the realization that technology we helped develop has done more harm than good. We want to present practical, every day guidelines and principles that can help engineers and organizations to build technology that not only serves the application and business purpose, but also minimizes negative long-term effects on society and the people that use it.
The world is finally catching on to the urgency of deploying post-quantum cryptography: cryptography designed to survive attacks by quantum computers. NIST's post-quantum competition is in full swing, and network protocols are exploring post-quantum extensions. This talk will take the audience on a journey through selected recent highlights from the post-quantum world.
"Mondnacht" von Stanislav Lem. Das berühmte SF Rundfunk-Hörspiel als Lesung mit analogen und digitalen Mitteln.
Ein kurzer Grundlagenabriss über die Institution der Europäischen Union, insbesondere zur Funktionsweise und Zusammenarbeit
This event is not going to be recorded Bei der Europawahl 2014 wurde ich als Spitzenkandidat der Partei für Arbeit, Rechtsstaat, Tierschutz, Elitenförderung und basisdemokratische Initiative in das Europäische Parlament gewählt.
"All Creatures Welcome sketches a utopian image of society in the digital era. Accompanied by the appeal to “use hacking as a mindset,” the viewers immerse themselves, together with the filmmaker, in a documentary adventure game and explore the world of digital communities at the events held by the Chaos Computer Club; a real-world reflection of the virtual spectrum." – after the rough cut screening at the 34c3 we will show now the final version. Join us and be part of the moment when we put the movie online and make it freely available under a creative commons license at the beginning of the screening!
Kann man empirischen Studien trauen oder nicht? Wie kann ich gute Studien von schlechten unterscheiden? Und was mache ich, wenn es zu einem Thema Studien mit gegensätzlichen Befunden gibt? Der Vortrag soll helfen, Antworten auf diese Fragen zu finden und empirische Studien besser zu verstehen.
In this talk I will share my story of how in a little over a year, a high school student with almost zero knowledge in security research found his first RCE in Edge.
Modern cryptography is based on security-proofs. We will demonstrate how these work, why they are desirable and what their limitations are.
Net neutrality, a big buzzword in the last years. It is not only a buzzword? There are economic reasons why it is a stake. This talk tries to give an overview and explain how money is made in the "internet" and how it is related to net neutrality.
Der Vortrag beleuchtet die Einflüsse auf den geheimnisvollen Teil des Mobilfunks – Störquellen im Uplink und deren Auswirkungen auf die Mobilfunk-Kommunikation sowie Praktiken zum Aufspüren von HF-Störquellen. Die Feldstärke-Balkenanzeige eines Smartphones (die Downlink-Empfangsfeldstärke) ist nur die Hälfte der Wahrheit zur Bewertung einer Mobilfunkversorgung. Die andere Hälfte ist der weithin unsichtbare aber gegen Störeinflüsse hochempfindliche Uplink, die Richtung vom Endgerät zu den Basisstationen. In diesem Vortrag werden Uplink-Störquellen, deren Auswirkungen sowie Mess- und Analysemöglichkeiten erläutert.
Vor 5.7 Milliarden Jahren emittierte der Blazar TXS0506+056 eine große Menge schwach wechselwirkender Neutrinos. Von dem durch ein supermassives schwarzes Loch im Zentrum seiner Galaxie angetriebenen kosmischen Teilchenbeschleuniger fand eines dieser Teilchen seinen Weg zur Erde und interagierte mit Wassermolekülen im antarktischen Eis. Durch einen glücklichen Zufall konnte das IceCube Neutrino Observatory, ein Kubikkilometer großer Detektor aus instrumentiertem Eis, am 22. September 2017 eine Lichtspur aufzeichnen, die direkt zur Quelle zurück zeigte. Damit konnte erstmals ein bekanntes astrophysikalisches Objekt mit dem Ursprung eines kosmischen Neutrinos assoziert werden und das Ereignis IceCube-170922A schrieb Geschichte. Ein näherer Blick auf die während 2014-2015 gesammelten Daten zeigte, dass die Neutrino-Emission von TXS0506+056 phasenweise erhöht ist. Dies unterstützt die These, dass das Ereignis von 2017 tatsächlich dem Blazar zugeordnet werden kann und die Entdeckung wurde zu einem großer Erfolg für die Multi-Messenger Astrophysik.
Drivers are usually written in C for historical reasons, this can be bad if you want your driver to be safe and secure. We show that it is possible to write low-level drivers for PCIe devices in modern high-level languages. We are working on super-fast user space network drivers for the Intel 82599ES (ixgbe) 10 Gbit/s NICs in different high-level languages. We've got fully working implementations in Rust, C#, go, OCaml, Haskell, and Swift. All of them are written from scratch and require no kernel code.
The meeting point of art and science as a place of inspiration, exchange of knowledge and creation is the main focal point of the talk. Together with Prof. Oliver Deussen, the PhD candidate Marvin Guelzow, and Liat Grayver we will discuss both the technical challenges and innovation aspects in the development of the e-David robot, alongside the the social and artistic practice its offers. Topics as such “paradigms of creativity” under the title “New Materialism / Anthropocentrism / Posthumanism” will be presented with the goal to position and understand machine-assisted creative interfaces within the broader field of media art and painting traditions.
Was für die Breitbandversorgung in Deutschland gilt, gilt auch für Transparenz: Überall Demokratie-Funklöcher, die man stopfen muss, am besten mit Klagen. Wir erzählen, was das Informationsfreiheitsgesetz in diesem Jahr für die Demokratie-Infrastruktur getan hat, welche Rolle dabei Klagen gespielt haben und was die IFG-Meisterschaften damit zu tun haben.
Critical Thinking + Making = Critical Making. Around the world, academics and grassroots communities alike are engaging in critical making. With roots in critical design and critical engineering, etc., the point is to re-politicise making, help people understand that it needs to be more than printing cheap plastic knickknacks and can be used for activism and social innovation to improve peoples' lives.
MicroPython is a lean and efficient implementation of the Python 3 programming language that includes a small subset of the Python standard library and is optimised to run on microcontrollers and in constrained environments. This talk will give an overview about the MicroPython hard- and software and introduces the community.
We have analyzed the hardware full-disk encryption implementation of several Self-Encrypting Drives (SEDs) from Samsung and Crucial (Micron) by reverse engineering their firmwares. The vendors combined cover a majority of the market share of SEDs sold today.
The death rate at Europes seaborder reached a historical record: One out of five trying for Europe drowned this September: Main reason is the crackdown on sea rescue by European authorithies who barely pass any information on distress cases to competent rescue workers. The hope of those trying to escape torture, slavery hunger and other forms of violence therefore soleyly lies on the efforts of the civil rescue fleet. In the future, a civil society run maritime rescue coordination center could help to significantly reduce the death rate at sea. This talk will focus on the software and hardware components used on the aerial and nautical assets of the civil rescue fleet. We´ll talk about the difficulties installing sat com on a moving ship or even an aircraft, how the camera system of the Sea-Watch 3 recorded the evidence that is now challenging the Italian state at the European Court of human rights, how important data is secured if the state challenges you as in the case of the LIFELINE and about a software that will help to join forces in the near future to coordinate rescues in an efficient way. Help is still needed to tear down Europes wall.
Jeder Nutzer hat das Recht bei seinen Dienstanbietern eine Kopie seiner Daten anzufordern. Doch wer macht das schon? Wir haben genau das getan. Das Ergebnis war nicht nur eine intensive und emotionale Brieffreundschaften mit der Datenschutz-Abteilung von Amazon. Das Ganze hat auch sehr viel Datenmüll zu Tage befördert.
Since its release in 2012, the PlayStation Vita has remained one of the most secure consumer devices on the market. We will describe the defenses and mitigations that it got right as well as insights into how we finally defeated it. The talk will be broken into two segments: software and hardware. First, we will give some background on the proprietary security co-processor we deem F00D, how it works, and what we had to do to reverse an architecture with minimal public information. Next, we will talk about hardware attacks on a real world secure hardware and detail the setup process and the attacks we were able to carry out. This talk assumes no prior knowledge in hardware and a basic background in system software. Focus will be on the methods and techniques we've developed along the way.
The classic spy movie hacking sequence: The spy inserts a magic smart card provided by the agency technicians into the enemy's computer, … the screen unlocks … What we all laughed about is possible!
Matrix is an open standard for communication over the Internet. I will talk about the matrix standard, both the technical implementation and the reasons for its creation. We will focus on the changes and progress that has been made in the previous year, particularly getting the specification out of beta, and the growth of the ecosystem. Finally, the Matrix environment continues to develop, and we’ll look at the roadmap for the future.
We are presenting an innovative technology, which allows verifying the authenticity, integrity and/or the physical state of an item by employing the propagation behaviour of electromagnetic waves. In particular, it enables to check for any tamper attempts for larger structures, such as off-the-shelf computers and their periphery. The technology extends existing tamper proof approaches from the chip/PCB to a system level and is easily retrofittable. In this presentation, we are demonstrating exemplary tamper proofing in order to protect secret information without an attack-detection or data-deletion circuit (!), which is a known difficult problem and an imperfect undertaking. Therefore, we demonstrate the simplicity and effectiveness using a very cheap self-made testbed (using alumium foil) to protect standard hardware against invasive attacks, such as needle probing through the case.
Pursuit of “good customers’ experience“ not only leads to new customers, but also attract criminals of all sorts. Presentation will give overview of current security situation of ATMs with different auxiliary devices allowing cardless transactions. Cardless is new sexy for criminals.
Whenever you enter a name into your computer, it resolves it to a numerical IP address. This resolution uses the Domain Name System (DNS), which is a hierarchical decentralised naming system used on the Internet. DNS is organised in a way that top-level domain (e.g. .com, .org) are delegated to registrars, which delegate subdomains (e.g. foo.com). This delegation is done as well via the DNS protocol via nameserver (NS) records. Since different types of data are kept in DNS, it can as well be seen as a distributed (and cached!) key-value store - which is fault-tolerant. I will explain the basic usage of DNS, including stub and recursive resolver, server, various protocol extensions (zone transfer, dynamic updates, authentication, notifications, ...), privacy extensions (query path minimisation, DNS-over-TLS), provisioning let's encrypt certificates. I will talk about attacks (poisoning, amplification, ...) and implementation pitfalls (not get stuck in the recursive resolver). I implemented DNS with above mentioned extensions as minimized MirageOS unikernels over past years.
Wir wenden uns gegen Gentrifizierung, Luxussanierung und Spekulation mit Häusern. Das Mietshäuser Syndikat ist ein bundesweiter Verbund linker, selbstverwalteter Hausprojekte mit dem Ziel der Initiierung und dauerhaften Erhaltung von gemeinschaftlich genutztem und bezahlbarem Wohn- und Gewerberaum. Der Grundgedanke: Gemeineigentum wird geschaffen und dauerhaft dem Markt entzogen. Die Mieter*innen sind zugleich Besitzer*innen ohne private Gewinnerzielungsabsichten, sie transferieren Knowhow und oft auch Direktkredite an andere Hausprojekte.
This presentation will start off with a simple problem (how do you clear memory that holds sensitive content). It explores numerous possible solutions, and presents real live facts and figures. bugs in common applications will be shown.
Highly compartmentalized network segmentation is a long-held goal of most blue teams, but it's notoriously hard to deploy once a system has already been built. We leveraged an existing service discovery framework to deploy a large-scale TLS-based segmentation model that enforces access control while automatically learning authorization rules and staying out of the way of developers. We also did it without scheduling downtime or putting a halt to development. This talk covers how we engineered this, and shares lessons learned throughout the process.
It's time to highlight facts and epic fails that were observed on the wire during attempts to block Telegram in Russia.
A cryptojacking website abuses the computing resources of its visitors to covertly mine for cryptocurrencies in the browser. In this talk, we explore this phenomenon and answer, amongst others, the following questions: How does the mining script work under the hood? How common is this attack? How much money do the attackers earn? And how can I defend myself against such attacks?
Reverse Engineering zum Aufspüren von Schwachstellen ist gängige Praxis. Umso überraschender kam für 2 Forschungsteams die Abmahnung durch Rechtsanwälte eines Herstellers. Sie hatten Schwachstellen aufgedeckt und damit, so der Hersteller, seine Rechte verletzt. Vorwurf? Vom Verstoß gegen das Urheberrecht bis zum Verrat von Geschäftsgeheimnissen war alles dabei. Nach hunderten Seiten an Schriftsätzen, einem zurückgehaltenen Paper sowie 7 Stunden Marathon-Prozess konnte ein Vergleich geschlossen werden, bei dem wir mit einer Verpflichtung zum Responsible Disclosure davon kamen - die Kernfragen bleiben jedoch offen: Welche Teile des Reverse Engineering sind rechtswidrig? Verstößt Reversing auch zum Zwecke der IT-Sicherheitsforschung gegen das Urheberrechtsgesetz? Was schützt in Zukunft Sicherheitsforscher vor rechtlichen Schritten des Herstellers? Wie können sich Unternehmen verhalten und welche Abwägungen müssen vor der Veröffentlichung getroffen werden? Wir berichten vom Ablauf eines solchen Prozesses inklusive Anekdoten, weisen auf die Unklarheiten in geltendem Recht hin und schaffen ein Bewusstsein für die Problematik.
Der Talk gibt einen Überblick über die Arbeit der Gesellschaft für Freiheitsrechte (GFF): Wir klagen, um Grund- und Menschenrechte vor Gesetzgebern und Behörden zu schützen.
In this talk, I discuss how to reliably find bugs in the Chrome IPC system with the goal of escaping the sandbox. I show how to enumerate the attack surface, how to identify the weak areas, and how to fuzz those areas efficiently to consistently produce bugs.
Mars Rover Curiosity is one of the most sophisticated pieces of hardware ever launched into space. Because of the communication delay from Earth to Mars, it needs to accomplish most of its tasks completely autonomously: landing, navigation, exploration and singing birthday songs to itself. To do all this, it only has one central onboard computer. Let's look at that computer and the software it runs in detail.
This is a foundations talk about modeling and simulation as tools for development, testing and debugging systems. It requires very little previous knowledge to address all makers and hobbyists interested in creating or modifying hardware that physically interacts with its environment (e.g. robots, drones, etc.). It explains the purpose of modeling and simulation, basic principles, and tips and tricks on a practical level.
Where is the blockchain, how long is it, and what does it have to do with cryptography? And is it really something completely new? I spent a lot of time in pubs explaining to people what this blockchain hype is all about. It turns out that the best way to do that is to use images - literally. The idea behind this talk is to give you a rough understanding of the scientific background behind the Blockchain technology.
Schon Wladimir Wladimirowitsch Putin wusste: "Hacker, das sind freie Menschen, so wie Künstler." Wie wollen dafür sorgen, dass es so bleibt.
We are going to outline the ingredients necessary to perform measurements at the LHC, starting from an ordinary bottle of hydrogen. Let us take you on a journey following the path of the protons from this bottle to being ready for collisions in one of the detectors. Once the collisions are recorded we show the approaches and tools on how to extract the metaphorical needle in the haystack.
Moderne Medizintechnik ist teuer und wenn sie kaputt geht, dann kann man sie normalerweise nur durch Servicetechnikerinnen austauschen lassen. Designkriterien orientieren sich an den Gesundheitsversorgung reicher Länder. Wir stellen ein System zur Messung der wichtigsten Vitalparameter vor, das nicht nur open source und frei, sondern auch für den off-road Einsatz ausgelegt ist, wenn die Servicehotline nicht erreichbar ist.
Ich möchte euch zeigen, wie ich mir aus einem Raspberry PI ein Smartphone baue. Auf welche Probleme und Schwierigkeiten ich dabei gestoßen bin und welche Lösungen ich gefunden habe. Das Projekt ist noch nicht abgeschlossen, es fehlen noch ein paar Kleinigkeiten. Trotzdem will ich euch schon mal mein Smartphone in der praktischen Butterbrotdose zeigen und euch erzählen wie es entstanden ist.
A Web Page in Three Acts is a live coding performance which combines principles of choreography within the formal structures of coding. An assemblage of semi-improvised visuals and composition experiments in web environments. The screen becomes an open stage for the hybrid code which links choreography and web programming as well as body and language.
OTRv4 is the newest version of the Off-The-Record protocol. It is a protocol where the newest academic research intertwines with real-world implementations. It is also one of the first protocols that comes from the global south which makes the political discussion around protocols an urgency. This newest versions also asks us to revisit our definitions around deniability (online and offline) and how important is it to the world. In this talk we will try to start a discussion around the importance of protocols, its political/moral foundations, the real-world implementation of academic ideas, the importance of securely implementing them, the definition of deniability in the current world and the design of OTRv4.
The human microbiome is a diverse community of bacteria that lives inside us. Their contribution towards our personal well-being or sickness is controversially discussed within the scientific world and, likewise, in our society. First attempts to rationally (reverse-)engineer the human microbiome are hyped in medicine and within the DIY biohacking scene. The implications of these endeavours potentially concern several aspects of our life: eating habits, fitness state, susceptibility for infections, aging, and cancer. But what about ethical aspects of hacking the human microbiome? How can biosafety be maintained? Are there any data security issues? I will seriously discuss the state-of-the-art and future directions of the research to show whether actual hacking of the human microbiome is rather science or fiction.
Visual culture dominates our societies, every day encouraging and rewarding corporations and their users to create more visual content to populate their digital spaces and build their digital lives. But what if there was an unseen method of disruption to these powers? What can we learn from the blind and their increased awareness of sound and vibration to disrupt and circumvent these powers without detection?
The lecture will give an introduction into the "EC Proposal for a Regulation on European Production and Preservation Orders for Electronic Evidence in Criminal Matters (COM (2018) 225 final)" and . the impact to civil liberties of the users as well as the challenges for service providers of the diverse range of services covered by the proposal. Urgent action is required now by diverse groups to fight the existing proposal and prevent it from becoming binding law throughout the EU..
Polizei und Geheimdienste sammeln per "Funkzellenabfrage" Tag für Tag Millionen von Standort-Daten. Netzbetreiber liefern den Behörden regelmäßig Datensätze aller Mobilfunknummern, die zu einem bestimmten Zeitpunkt in bestimmten Funkzellen waren. Entgegen den gesetzlichen Bestimmungen erfahren Betroffene nicht davon.
With great pleasure comes great responsibility. A responsibility, which is not taken enough into consideration by the smart sex toy manufacturers as they should, while handling extremely sensitive data. As long as there is no serious breach, there is no problem, right? This was the basis for a research project (Master Thesis) called “Internet of Dildos, a long way to a vibrant future”, dealing with the assessment of smart sex toys and identification of vulnerabilities in those products, including mobile apps, backends and the actual hardware. After the assessment of a selection of multiple smart sex toys an abyss of vulnerabilities was revealed. The identified vulnerabilities range from technically interesting vulnerabilities to vulnerabilities which affect the privacy of the users in extreme and explicit ways.
Video identification is the process of establishing the identity of a person via video chat. The person to be identified has to show his face as well as her official ID card to the camera. This lecture gives a step-by-step tutorial on how such video streams can be augmented with computer-generated official ID cards, including all visible watermarks.
When you're fighting for a cause, you need tools that reflect your values. While venture capital-backed tools are seductive, especially at the beginning of your movement, they can be harmful in the long-term. This session shows how co-operatively owned, non-hierarchically built Free and Open Source Software (FOSS) provides a more sustainable, and equitable, solution.
Für Journalisten bieten soziale Netzwerke eine Vielzahl von Quellen und Informationen, in einem Ausmaß, das vor Jahren unvorstellbar war. Doch damit steigt auch das Risiko immer weiter, auf Manipulationen und „Fake News“ hereinzufallen. In Zeiten von „Lügenpresse“-Rufen stellt das Journalisten vor neue Herausforderungen. Der Vortrag zeigt, wie die Verifizierung von Bildmaterial bei großen Medienhäusern abläuft – und warum auch normale Nutzer diese Möglichkeiten kennen und benutzen sollten.
Im Mai 2018 initiierte Reclaim Club Culture (RCC) in Berlin einen Protest gegen einen Aufmarsch der AfD und die AFDsierung der Gesellschaft. Zusammen mit mehr als 170 Techno Clubs, Festivals und Veranstalter*innen organisierten wir innerhalb von zwei Wochen drei Demozüge, auf denen sich mehr als 60.000 Demonstrant*innen versammelten. Dies ereignete sich in einem politischen Klima, in dem die Linke von den Erfolgen der Faschist*innen wie gelähmt schien und ein großer Teil der Gesellschaft immer weiter nach rechts abdriftete. Ausgehend von einer selbstkritischen Praxis werden wir der Frage nachgehen, wie und warum dies (scheinbar) plötzlich gelang.
In this talk, we’re looking at third party tracking on Android. We’ve captured and decrypted data in transit between our own devices and Facebook servers. It turns out that some apps routinely send Facebook information about your device and usage patterns - the second the app is opened. We’ll walk you through the technical part of our analysis and end with a call to action: We believe that both Facebook and developers can do more to avoid oversharing, profiling and damaging the privacy of their users.
In Österreich regiert seit einem Jahr eine Koalition aus der rechtskonservativen ÖVP und der rechtsextremen FPÖ. Eine ihrer ersten Maßnahmen war eine vollkommen überzogene Verschärfung von Überwachungsbefugnissen: Bundestrojaner, Anlassdatenspeicherung, verstärkte Videoüberwachung, Straßenüberwachung. Registrierungspflicht für SIM-Karten, etc. Zugleich wurde versucht, die Datenschutzgrundverordnung (DSGVO) zu untergraben. Betroffenenrechte wurden ausgeschlossen, weite Ausnahmen geschaffen und Strafen sollen am besten gleich gar nicht angewendet werden. In diesem Talk geben wir ein Update über die netzpolitische Lage in Österreich.
Die Repaircafé-Bewegung rollt über unser Land herein. Wie können wir uns daran beteiligen und Synergien nutzen?
We let the technically ungifted build robots and to fight each other for the laughs.
Chaos meets Poetry Slam. Der humoristische Dichterwettstreit mit Informatikhintergrund. Mitmachen ausdrücklich erwünscht.
Every year since 2011 on the 28C3 we organize a Capture the Flag contest for people on the Congress and from all over the world. This year we want to give you an overview about what a CTF is, the challenges, the players, the community and how much fun it is to play (not only our) CTF.
We mostly see with the mind, and the mind is flexible. For the four hundred million people with amblyopia (lazy eye), their brain encountered an installation error when linking both eyes as babies. As a "Plan B", their brain switched one eye off. I'll talk a bit about how the visual system works, and how our open-source virtual reality software (backed by social impact lab Leipzig and the prototypefund.de) can hack through that suppression and provide a chance to "re-install" full sight with two eyes.
Why do navigation systems have feminine voices? We know Tay, Eliza, Siri not only as female names, but also as chatbots and software, which directly interact with humans. Although computer programs are per se genderless, gender seems not to be cancelled out in human-machine interaction, but why?
Radical Digital Painting groups and presents several ideas and artifacts related to contemporary painting and contextualizes its connection to historical processes and digital technology. It is inspired by and is a continuation of Radical Computer Music.
Die Möglichkeiten des Microtargetings, aber auch der Desinformation mit Hilfe von Werbeplattformen wie Facebook sind vielfältiger, als man vor dem Cambridge-Analytica-Skandal vielleicht vermutet hätte. Darauf wollen wir auch angesichts der anstehenden Wahlen in Europa einen Blick werfen.
Private Unternehmen müssen nicht so transparent sein wie Behörden - selbst wenn sie sich wie Behörden benehmen. Welche Mittel können wir nutzen, um trotzdem Lichts ins Dunkel der Konzerne zu bringen? Wir stellen zwei Projekte mit unterschiedlichen Herangehensweise vor: Zum einen OpenSchufa, das das Scoring-Verfahren der Schufa rekonstruieren soll und erste Ergebnisse vorstellen kann. Zum anderen OffeneGesetze, das alle Bundesgesetzblätter seit 1949 erstmals kostenfrei und zur freien Weiterverwendung bereitstellt und jetzt dafür möglicherweise verklagt wird.
Spaß und ein kleines Bisschen Wissenschaft mit 3D-gedruckten Orgelteilen
Have you ever wanted to trace all syscalls or dump all IPC traffic across a Linux system? Until recently, doing so may have required some significant setup involving a half-baked tracing kernel module, a custom kernel module, or even using a kernel debugger. This talk will introduce the eBPF functionality of the Linux kernel and cover practical uses of the technology beyond mere code profiling. We will show how eBPF can be used both defensively and offensively to protect, or compromise, a system.
Das Jahr 2018 bietete wieder zahlreiche Beispiele für einen netzpolitischen Wetterbericht. Die Große Koalition lief sich mit der Bundesregierung warm und am Ende des Jahres droht man den Überblick über zahlreiche Kommissionen und Arbeitsgruppen zur Digitalisierung zu verlieren. Die gute Nachricht ist: Netzpolitik ist angekommen und geht nicht mehr so schnell weg. Die schlechte Nachricht ist: Beispiele für eine bessere Netzpolitik, Wert auf den Schutz und Ausbau von Grund- und Verbraucherrechte legt, gibt es leider eher weniger.
There is four times more dark matter and over fifteen times more dark energy than regular matter in the universe. And we have absolutely no idea what these invisible dark substances might be. This talk will show how we know that dark energy and dark matter exist, although we cannot see them directly. This kind of reverse enigneering of the universe already revealed some interesting features of the dark parts. However, the true nature of dark matter and dark energy are literally in the dark.
The deepening of global Internet infrastructure comes accompanied with an invigorated capacity and intent by adversaries to control the information that flows across it. Inextricably, political motivations and embedded power structures underlie the networks through which we interpret and understand our societies and our world - censorship threatens the integrity of the public sphere itself. The increasing technical sophistication of information controls deployed by censors in adversarial network environments around the world can be uniquely viewed and researched by circumvention tool providers, whose work continues to preserve access to the open Internet for all communities. Through this presentation, we endeavour to share insights gained from the front lines of this technical contest.
There has been a lot of talk about Virtual Reality (VR), but still there are very little applications to enhance our everyday lives outside of entertainment. Augmented Reality (AR), the less known sibling of VR, has the power to have a more profound impact on our lives than VR ever could. Instead of replacing the real world with a virtual one, AR enhances the reality with virtual content. Therefore, AR can be a gateway for people in accessing and understanding todays technology and could provide vast possibilities to support our everyday lives, e.g., for navigation, traveling, or education. This talk will give an overview on AR in general and explain its possible benefits and use cases, as well as the issues that may arise, e.g., regarding privacy, data security, as well as psychological and sociological challenges. The talk requires no special knowledge and is suited for people with little exposure to AR and mixed reality, but it will also give insights into current relevant research and development.
Broadcom's Bluetooth firmware on popular devices – such as Nexus 5, Nexus 6P, Raspberry Pi 3, and Raspberry Pi 3+ – shares the same firmware update mechanisms, which allows for local firmware modifications. With InternalBlue we published a framework to change lower Bluetooth layers. In this talk we go even further and demonstrate a remote exploit in the Broadcom firmware.
Laut Mythos wurde der CCC nur zu einem Verein, weil als einzige andere Rechtsform nur noch die kriminelle Vereinigung zur Alternative stand. Damit es bei euch nicht soweit kommt zeigen wir euch wie ihr bequem aus eurem Interessensverband, der Brettspielgruppe oder dem Nerdstammtisch einen guten deutschen e.V. macht. Alles mit einer Prise Humor aus unserem eigenen Versagen und einer Gemeinnützigkeit als Kirsche obendrauf.
Was hat sich im letzten Jahr im Bereich IT-Sicherheit getan? Welche neuen Entwicklungen haben sich ergeben? Welche neuen Buzzwords und Trends waren zu sehen?
35C3 is run by teams of volunteers. In this event, they will provide some insight into the challenges they faced while building the GSM, DECT and IP networks, running video streams, or organizing ticket sales. All graphs will be pointing up and to the right.
Hier hört es auf.
(Security Track Keynote) The impact of scale in our field has been enormous and it has transformed the tools, the jobs and the face of the Infosec community. In this talk we discuss some of the ways in which defense has benefitted from scale, how the industry might be transitioning to a new phase of its growth and how the community will have to evolve to stay relevant.
Nowadays, Windows is still the most popular OS used in the world. It's very important for red teams / attackers to maintain the authority after they get into the OS by penetration test. So they need a vulnerability to hide in windows to escalate their account to system privilege. In this presentation, we will share the methodology about how we started this work to analyze Windows internals. We will explain the inner workings of this technique and how we analyzed ALPC and Component Object Model(COM) in Windows OS. By analyzing historical bugs, we are able to extract their features from multiple vulnerabilities. We will develop an IDA plugin to analyze the execution path of target interfaces. Through this way we could find out the interface that called the specified sensitive operation. In fact, we found a large number of vulnerable modules in the ALPC and COM object, which allows the attacker to cross the security boundary and directly access the system.
(How Betrusted Aims to Close the Hardware TOCTOU Gap) While open source is necessary for trustable hardware, it is far from sufficient. This is because “hashing” hardware – verifying its construction down to the transistor level – is typically a destructive process, so trust in hardware is a massive time-of-check/time-of-use (TOCTOU) problem. This talk helps us understand the nature of the TOCTOU problem by providing a brief overview of the supply chain security problem and various classes of hardware implants. We then shift gears to talk about ways to potentially close the TOCTOU gap, concluding with a curated set of verifiable components that we are sharing as an open source mobile communications platform – a kind of combination hardware and software distribution – that we hope can be useful for developing and deploying all manner of open platforms that require a higher level of trust and security.
(Reducing carbon footprint of network services with MirageOS unikernels) Is the way we run services these days sustainable? The trusted computing base -- the lines of code where, if a flaw is discovered, jeopardizes the security and integrity of the entire service -- is enormous. Using orchestration systems that contain millions of lines of code, and that execute shell code, does not decrease this.
It is easier to chat online securely today than it ever has been. Widespread adoption of signal, wire, and the private mode of WhatsApp have led a broader recognition of the importance of end-to-end encryption. There's still plenty of work to be done in finding new designs that balance privacy and usability in online communication.
(Humanitäre Hilfe zwischen Propaganda, Information und Spendenwerbung) Katastrophen, Krisen & Kriege lassen sich heute live mitverfolgen. Wir erleben eine kaum überblickbare Quellendiversität in den sozialen Medien – jeder wird zur Quelle. Welchen Einfluss hat das darauf, wie ein Konflikt wahrgenommen wird, wie setzen Konfliktparteien aber auch Helfende die sozialen Medien ein und was bedeutet das für Diejenigen, die vor Ort humanitäre Hilfe leisten. Wir diskutieren dies anhand des türkischen Überfalls auf Rojava.
(Einblicke in die Forschung und Ausblick in die Umweltzertifizierung! ) Im Vortrag wollen Marina Köhn (Umweltbundesamt) und Dr. Eva Kern (Umwelt-Campus Birkenfeld) die Messergebnisse aus dem Labor der Forschung präsentieren und die entwickelte Methode des Forschungsprojektes erläutern. Weiterhin möchten wir die Inhalte des geplanten Umweltzeichens für Software vorstellen.
(Everything about the Archimedes computer (with zero 'Eureka!' jokes)) This talk will cover everything about the Acorn Archimedes, a British computer first released in 1987 and (slightly) famous for being the genesis of the original ARM processor.
(Spoiler: Apple is bad at patching) This talk is about running unsigned code at boot on iOS 11. I will demonstrate how you can start out with a daemon config file and end up with kernel code execution.
So called “0-click” exploits, in which no user interaction is required to compromise a mobile device, have become a highly interesting topic for security researchers, and not just because Apple announced a one million dollar bug bounty for such exploits against the iPhone this year. This talk will go into the details of how a single memory corruption vulnerability in iMessage was remotely exploited to compromise an iPhone. The insights gained from the exploitation process will hopefully help defend against such attacks in the future.
(Gesellschaftlicher Wandel in den Reden im Bundestag) Ein von Zeit Online entwickeltes Tool macht es möglich, die Plenarprotokolle des Bundestags grafisch und inhaltlich auszuwerten, und zwar seit seiner ersten Sitzung 1949 bis heute. In den 200 Millionen Wörtern zeigen sich historische Zäsuren, sie machen gesellschaftliche und sprachliche Entwicklungen sichtbar: Wie ernst nahm der Bundestag in den vergangenen Jahren den Klimawandel? Wie häufig redeten die Abgeordneten über Datenschutz, über Arbeitslosigkeit, über Rechtsextremismus, über Geflüchtete? Es wird sichtbar und vergleichbar, zu welchem Zeitpunkt welche Themen debattiert wurden, wie sich die politische Aufmerksamkeit über die Jahre verändert hat. Und die Daten belegen, wie die Sprache selbst sich verändert, nicht nur weil neue Themen aufkommen, sondern auch weil sich der Sprachgebrauch wandelt. Am Ende kann das Publikum selbst Wörter vorschlagen und versuchen, die entsprechenden Graphiken zu interpretieren.
(Wohin eigentlich mit all der erneuerbaren Energie?) Wir verlassen uns in unserem Alltag permanent auf die Verfügbarkeit von elektrischer Energie. Aber wenn wir vom dauerhaften Betrieb von Kraftwerke, die fossile Energieträger verbrennen, wie stellen wir die Versorgung sicher, wenn nachts kein Wind weht? Elektrolyse oder Pumpspeicherkraftwerk? Superkondensatoren oder mechanische Speicher? Was geht heute überhaupt schon? Ähnlich unklar ist die Zukunft der Mobilität, wenn Verbrennungsmotoren von unseren Straßen verschwinden sollen. Batteriefahrzeug oder Wasserstoffauto? Und bekommt man sein Fahrzeug überhaupt so schnell vollgetankt wie heute mit Benzin?
(Exploring a new attack surface on the 3DS) The 3DS is reaching end of life but has not revealed all its weaknesses yet. This talk will go through the process of reverse engineering an undocumented communication protocol and show how assessing hard-to-reach features yields dangerous results, including remote code execution exploits!
(An open source project for education, research and tinkering) Modern smartphones offer a whole range of sensors like magnetometers, accelerometers or gyroscopes. The open source app "phyphox", developed at the RWTH Aachen University, repurposes these sensors as measuring instruments in physics education.
Herzstück der digitalen Gesundheitsversorgung für 73 Millionen Versicherte ist die hochsichere, kritische Telematik-Infrastruktur mit bereits 115.000 angeschlossenen Arztpraxen. Nur berechtigte Teilnehmer haben über dieses geschlossene Netz Zugang zu unseren medizinischen Daten. Ein "Höchstmaß an Schutz" also, wie es das Gesundheitsministerium behauptet? Bewaffnet mit 10.000 Seiten Spezifikation und einem Faxgerät lassen wir Illusionen platzen und stellen fest: Technik allein ist auch keine Lösung. Braucht es einen Neuanfang?
(Breaking PDF Encryption and PDF Signatures) PDF is the most widely used standard for office documents. Supported by many desktop applications, email gateways and web services solutions, are used in all sectors, including government, business and private fields. For protecting sensitive information, PDFs can be encrypted and digitally signed. Assumed to be secure for 15 years, our talk reveals how to break PDF Encryption and how to break PDF Signatures. We elaborated novel attacks leading to critical vulnerabilities in all PDF viewers, most notably in Adobe, Foxit, and Okular. As a result, an attacker can retrieve the plaintext of encrypted PDFs without knowing the password and manipulate the content of digitally signed PDFs arbitrarily while a victim is unable to detect this.
The Large Hadron Collider (LHC) is the biggest particle accelerator on Earth. It was built to study matter in more detail than ever before and prove physical theories like the Standard Model of Particle Physics. This talk will focus on the engineering aspects of LHC. How was it built? What makes it tick? Which technologies are needed to create a such powerful machine? This talk will take you on a journey to explore how the most complex machine ever built by humans works.
(Pleiten, Pech und Pannen in der Zahlungsdiensteregulierung) Seit dem 14. November ist die letzte Schonfrist zur Umsetzung der Europäischen Richtline 2015/2366 über Zahlungsdienste im Binnenmarkt (neudeutsch PSD2) verstrichen. Das hat erst vielen Banken viel Arbeit gemacht, und macht jetzt vielen Kunden viel Ärger. Warum eigentlich?
A deep dive investigation into Siemens S7 PLCs bootloader and ADONIS Operating System.
We present the next step after Rowhammer, a new software-based fault attack primitive: Plundervolt (CVE-2019-11157). Many processors (including the widespread Intel Core series) expose privileged software interfaces to dynamically regulate processor frequency and operating voltage. We show that these privileged interfaces can be reliably exploited to undermine the system's security. In multiple case studies, we show how the induced faults in enclave computations can be leveraged in real-world attacks to recover keys from cryptographic algorithms (including the AES-NI instruction set extension) or to induce memory safety vulnerabilities into bug-free enclave code.
One apparent paradox of the digitisation of work is that while productivity in manufacturing is skyrocketing, productivity in caring professions (health, education) is actually declining - sparking a global wave of labour struggle. Existing economic paradigms blind us to understanding how economies have come to be organised. We meed an entirely new discipline, based on a different set of values.
In this talk Julian will outline his work as sysadmin, systems and security architect for the climate and environmental defense movement Extinction Rebellion. Responsible for 30 server deployments in 11 months, including a community hub spanning dozens of national teams (some of which operate in extremely hostile conditions), he will show why community-owned free and open source infrastructure is mission-critical for the growth, success and safety of global civil disobedience movements.
(The Science Behind Climate Reports) When climate activists say you should listen to the science they usually refer to reports by the Intergovernmental Panel on Climate Change (IPCC). The IPCC is an Intergovernmental organization (IGO) providing an objective summary of scienctific results regarding climate change, its impacts and its reasons. The simulation of future climate is one fundamental pillar within climate research. But what is behind it? How does the science sector look like? How do we gain these insights, what does it mean?
(Fables from building a startup in Silicon Valley) Over the past 2 years we've been building delivery robots - at first thought to be autonomous. We slowly came to the realization that it's not something we could easily do; but only after a few accidents, fires and pr disasters.
Der Europäische Menschenrechtsgerichtshof beschäftigt sich nun schon seit Jahren mit der Frage, ob die durch Edward Snowden öffentlich bekanntgewordene geheimdienstliche Massenüberwachung mit der Europäischen Menschenrechtskonvention kompatibel ist. Wie ist der Stand der Dinge?
(Understanding the ME at the OS and hardware level) Reverse engineering a system on a chip from sparse documentation and binaries, developing an emulator from it and gathering the knowledge needed to develop a replacement for one of the more controversial binary blobs in the modern PC.
(A review of the best art & tech projects from 2019. With a focus on e-waste) Once you start looking at electronic trash you see it everywhere: in laptops of course but also increasingly in cars, fridges, even inside the bodies of humans and other animals. The talk will look at how artists have been exploring the e-junk invasion.
Making climate predictions is extremely difficult because climate models cannot simulate every cloud particle in the atmosphere and every wave in the ocean, and the model has no idea what humans will do in the future. I will discuss how we are using the Julia programming language and GPUs in our attempt to build a fast and user-friendly climate model, and improve the accuracy of climate predictions by learning the small-scale physics from observations.
There are countless post-quantum buzzwords to list: lattices, codes, multivariate polynomial systems, supersingular elliptic curve isogenies. We cannot possibly explain in one hour what each of those mean, but we will do our best to give the audience an idea about why elliptic curves and isogenies are awesome for building strong cryptosystems.
(From Unanimity to Anonymity) The people of Hong Kong have been using unique tactics, novel uses of technology, and a constantly adapting toolset in their fight to maintain their distinctiveness from China since early June. Numerous anonymous interviews with protesters from front liners to middle class supporters and left wing activists reveal a movement that has been unfairly simplified in international reporting. The groundbreaking reality is less visible because it must be - obfuscation and anonymity are key security measures in the face of jail sentences up to ten years.
(Breaking Out of a Sandboxed Virtual Machine) VMware ESXi is an enterprise-class, bare-metal hypervisor developed by VMware for deploying and serving virtual computers. As the hypervisor of VMware vSphere, which is the world's most prevailing, state-of-the-art private-cloud software, ESXi plays a core role in the enterprise's cloud infrastructure. Bugs in ESXi could violate the security boundary between guest and host, resulting in virtual machine escape. While a few previous attempts to escape virtual machines have targeted on VMware workstation, there has been no public VMware ESXi escape until our successful demonstration at GeekPwn 2018. This is mainly due to the sandbox mechanism that ESXi has adopted, using its customized filesystem and kernel. In this talk, we will share our study on those security enhancements in ESXi, and describe how we discover and chain multiple bugs to break out of the sandboxed guest machine.
(Von Handyauswertung, intelligenten Grenzen und Datentöpfen) Die sogenannten digitalen Assistenzsysteme des BAMF, „intelligente Grenzen“ in der EU und immer größer werdende Datenbanken: Wer ins Land kommt und bleiben darf, wird immer mehr von IT-Systemen bestimmt. Davon profitiert die Überwachungsindustrie, während Menschen von automatisierten Entscheidungen abhängig werden.
(What we can and need to change to keep climate change low - the scientist view) This talk is to show the current state of the discussion on climate change and the necessary and possible changes from a scientific perpesctive. It is to give some typical relevant answers and to foster the resiliance against climate sceptic questioning. This is one of the main tasks the scientist for future are trying to tackle.
(show + tell) We make Standard Cells for LibreSilicon available, which are open source and feasible. And we like to talk and demonstrate what we are doing.
Our research shows that network-based cache side-channel attacks are a realistic threat. Cache attacks have been traditionally used to leak sensitive data on a local setting (e.g., from an attacker-controlled virtual machine to a victim virtual machine that share the CPU cache on a cloud platform). With our attack called NetCAT, we show this threat extends to untrusted clients over the network, which can now leak sensitive data such as keystrokes in a SSH session from remote servers with no local access. The root cause of the vulnerability is a recent Intel feature called DDIO, which grants network devices and other peripherals access to the CPU cache. Originally, intended as a performance optimization in fast networks, we show DDIO has severe security implications, exposing servers in local untrusted networks to remote side-channel attacks.
The AMD Platform Security Processor (PSP) is a dedicated ARM CPU inside your AMD processor and runs undocumented, proprietary firmware provided by AMD. It is a processor inside your processor that you don't control. It is essential for system startup. In fact, in runs before the main processor is even started and is responsible for bootstrapping all other components. This talk presents our efforts investigating the PSP internals and functionality and how you can better understand it.
(Looking back at the perhaps most dramatic instance of hacking of the 1980s and the role it had in shaping the public image of the CCC) This spring marked the 30th anniversary of the public uncovering of the so-called KGB Hack, bringing with it a number of new articles remembering the event and forging bridges to the present.
(Was müssen Medizinproduktehersteller einhalten (und was nicht)?) Es soll grundlegend erklärt werden, nach welchen Kriterien Medizinprodukte entwickelt werden. Dazu werden die wichtigsten Regularien (Gesetze, Normen, ...) vorgestellt die von den Medizinprodukteherstellern eingehalten werden müssen. Diese regeln, was die Hersteller umsetzen müssen (und was nicht). Hier wird auch die Frage beantwortet, warum beispielsweise die Apple-Watch (oder genauer gesagt nur zwei Apps) ein Medizinprodukt sind aber die card10 nicht.
(Ein nicht nuklearer Blick auf das Ende der Welt) Einführung in das Forschungsfeld der Kritikalitätsanalysen. Anhand der Rohstoffe Tantal, Wolfram, Zinn und Gold werden exemplarisch die quantitativen und qualitativen Indikatoren für eine Versorgungsengpassanalyse vorgestellt.
Billions of subscribers use SIM cards in their phones. Yet, outside a relatively small circle, information about SIM card technology is not widely known. This talk aims to be an in-depth technical overview.
(How thousands of Facebook, You Tube and Instagram pages benefited from purchased likes and how we reverse engineered facebooks user IDs) This talk investigates the business of fake likes and fake accounts: In a world, where the number of followers, likes, shares and views are worth money, the temptation and the will to cheat is high. With some luck, programming knowledge and persistence we obtained thousands of fanpages, You Tube and Instagram account, where likes have been bought from a Likes seller. We were also able to meet people working behind the scenes and we will prove, that Facebook is a big bubble, with a very high percentage of dead or at least zombie accounts. The talk presents the methodology, findings and outcomes from a team of scientists and investigative journalists, who delved into the parallel universe of Fake Like Factories.
(Wie die radikale Rechte (ihre) Politik gamifiziert) Manche Spiele will man gewinnen, andere will man einfach nur spielen. Bei vielen Spielen will man beides. Spielen macht Spaß. Gewinnen auch. Warum also nicht immer und überall spielen? Warum nicht Politik spielen wie einen Multiplayer-Shooter? Mit motivierten Kameraden und ahnungslosen Gegnern? Mit zerstörbarer Umgebung, erfolgreichen Missionen und zu erobernden Flaggen? Teile der radikalen Rechten tun das mit Erfolg. Der Vortrag schaut sich einige Beispiele aus Deutschland und den USA näher an.
(--Gaining code execution using a malicious SQLite database) SQLite is one of the most deployed software in the world. However, from a security perspective, it has only been examined through the narrow lens of WebSQL and browser exploitation. We believe that this is just the tip of the iceberg. In our long term research, we experimented with the exploitation of memory corruption issues within SQLite without relying on any environment other than the SQL language. Using our innovative techniques of Query Hijacking and Query Oriented Programming, we proved it is possible to reliably exploit memory corruptions issues in the SQLite engine. We demonstrate these techniques a couple of real-world scenarios: pwning a password stealer backend server, and achieving iOS persistency with higher privileges.
(Decoding The Cultures of Hacking One Video at a Time) Hacking and hackers can be hard to visualize. In the popular imagination, the figure alternates between a menacing, hooded figure or some sort of drugged-out and depressed juvenile hero (or perhaps a state-sponsored hacker). To counter such images, a group of us have spearheaded a new digitally-based video project, Hack_Curio that features hacker-related videos, culled from a range of sources, documentary film, newscasts, hacker conference talks, advertising, and popular film. In this talk, the Hack-Curio creators and builders will briefly discuss the purpose and parameters of Hack_Curio and spend most of the talk featuring our funniest, most compelling videos around hacking from around the world. We will use these to reflect on some of the more obscure or less commented on cultural and political features of hacking--features that will address regional and international dimensions of the craft and its impacts around the world.
(Zahlenraten für Geeks) The Hacker Jeopardy is a quiz show.
(Die Luftschnittstelle und das Core im Wandel der Zahlen) Mit 4G wurde gegenüber früheren Mobilfunktechnologien das Air-Interface komplett neu gestaltet. Mit 5G wird dieses nun auf mögliche Zukunftstechnologien erweitert. Wir stellen die Neuerungen und die Möglichkeiten auf dem 5G-Air-Interface und im Core-Netz gegenüber 4G vor.
There's a variety of places - on Earth and beyond - that pose challenging conditions to the ever-shrinking digital circuits of today. Making those tiny transistors work reliably when bombarded with charged particles in the vacuum of space, in the underground tunnels of CERN or in your local hospital's X-ray machine is not an easy feat. This talk is going to shed some light on what can be done to keep particles from messing up your ones and zeroes, how errors in digital circuits can be detected and corrected, and how you may even re-purpose those flipped bits in your RAM as a particle
(A security study of turbine control systems in power generation) A deep dive into power generation process, industrial solutions and their security implications. Flavoured with vulnerabilities, penetration testing (security assessment) methodology and available remediation approaches.
(Wie gründe ich einen Betriebsrat, bevor die Kacke dampft?) Aktiv werden zur rechten Zeit - Stand up for Your Right! Betriebsrat - klingt für viele IT-ler*innen doch nach letztem Jahrtausend. Dabei ist dies ein hart erkämpftes und wichtiges Instrument, um der Stimme der Beschäftigten bei der Geschäftsleitung Ausdruck zu verleihen. Wir schildern anhand eines konkreten Beispiels, wie ein Betriebsrat gegründet wird, ohne dass die Chefetage zwischendurch schon den Stecker zieht.
(Signal overshadowing attack on LTE and its applications) As Long-Term Evolution (LTE) communication is based on over-the-air signaling, a legitimate signal can potentially be counterfeited by a malicious signal. Although most LTE signaling messages are protected from modification using cryptographic primitives, broadcast messages and some of the unicast messages are unprotected. In this talk, we would like to introduce a signal injection attack that exploits the fundamental weakness of unprotected messages in LTE and modifies a transmitted signal over the air.
(How to understand the environmental impact of the digital products you build, and take measurable steps to “green your stack”) In this talk, you'll learn about the environmental impact of the digital products and services you build, why this matters. You’ll be introduced to a mental model, known as Platform, Packets, Process, for measuring and identifying emissions hotspots in digital products, and the steps you can take to reduce them.
(Reducing the attack surface with pure embedded Go.) TamaGo is an Open Source operating environment framework which aims to allow deployment of firmware for embedded ARM devices by using 0% C and 100% Go code. The goal is to dramatically reduce the attack surface posed by complex OSes while allowing unencumbered Go applications.
(Featuring the shortest movies and the largest lasers) Did you ever wonder what happens in the time period it takes light to cross the diameter of your hair? This is the femtosecond, a millionth of a billionth of a second. It is the time scale of electron and nuclear motion, and therefore the most fundamental processes in atomic and molecular physics, chemistry and biology start here. In order to take movies with femtosecond time resolution, we need ultrafast cameras – flashes of light that act faster than any camera shutter ever could. And imaging ultrafast motion is only the first step: We aim to control dynamics on the femtosecond time scale, ultimately driving chemical reactions with light.
(Wie lange kann es so weitergehen?) Deep Learning ist von einem Dead End zur ultimativen Lösung aller Machine Learning Probleme geworden - und einiger anderer auch. Aber wie gut ist dieser Trend wirklich? Und wie nachhaltig? Wir setzen uns mit wissenschaftlicher Nachhaltigkeit, sozialen Auswirkungen, und den Folgen für unsere Ressourcen, unseren Energieverbrauch, und damit unseren Planeten auseinander.
(Können wir Software bauen, die nützlich /und/ unbedenklich ist?) Eine Software ist unbedenklich, wenn man sie auf ungefilterte Daten aus einem Webformular aufrufen kann, ohne prüfen zu müssen, ob dann etwas schlimmes passieren kann. In der Praxis lässt sich ein Kontinuum zwischen Nützlichkeit und Unbedenklichkeit als Kontrahenten beobachten. Software fängt häufig eher unbedenklich an, und wird dann immer bedenklicher, je mächtiger sie wird. Dieser Vortrag will a) diese Beobachtung beschreiben und b) fragen, wie man die Unbedenklichkeit beibehalten kann. Gibt es da Abstufungen? Metriken? Kriterien, die bei einer konkreten Entscheidung helfen können?
(Attacks against privacy-preserving systems) Data is core to the digital economy. Scandals such as Cambridge Analytica, however, serve as a reminder that large-scale collection and use of data raise serious privacy concerns. In this talk, I will discuss past and current research in data anonymization and anonymous use of data. More specifically, I will describe how historical statistical disclosure control methods fail to protect people's privacy in a world of big data and discuss the potential and challenges of modern security-based approaches to data privacy.
(Hardware attacks on the latest generation of ARM Cortex-M processors.) Most modern embedded devices have something to protect: Whether it's cryptographic keys for your bitcoins, the password to your WiFi, or the integrity of the engine-control unit code for your car. To protect these devices, vendors often utilise the latest processors with the newest security features: From read-out protections, crypto storage, secure-boot up to TrustZone-M on the latest ARM processors. In this talk, we break these features: We show how it is possible to bypass the security features of modern IoT/embedded processors using fault-injection attacks, including breaking TrustZone-M on the new ARMv8-M processors. We are also releasing and open-sourcing our entire soft- and hardware toolchain for doing so, making it possible to integrate fault-injection testing into the secure development lifecycle.
(E-ID, E-Voting, Netzsperren und andere netzpolitische Schauplätze) Die Intensität des Kampfes um die Freiheit im digitalen Raum lässt auch in der Schweiz nicht nach. Wir blicken auf das netzpolitische Jahr 2019 zwischen Bodensee und Matterhorn zurück. Wir behandeln jene Themen, die relevant waren und relevant bleiben. Weiter zeigen wir, was von der Digitalen Gesellschaft in der Schweiz im neuen Jahr zu erwarten ist.
(Challenges for distributed and decentralized technology from the perspective of Signal development) Considerations for distributed and decentralized technologies from the perspective of a product that many would like to see decentralize.
(Psychedelic Therapy as a fundamentally new approach to mental health issues) Psychedelic research constitutes a challenge to the current paradigm of mental healthcare. But what makes it so different? And will it be able to meet the high expectations it is facing? This talk will provide a concise answer.
(Schule schwänzen für das Klima) Der Diskurs hat sich von Klimaschutz als Aufgabe von Individuen hinzu einer strukturellen, systemischen Frage verschoben. Welche Veränderungen brauchen wir und warum lohnt es gemeinsam und aktivistisch gegen fossile Energieträgern und Co. vorzugehen. Viele Bereiche der Digitalsierung heizen die Klimakrise momentan an. Ich möchte eine aktivistische Perspektive darauf geben, welche Rolle Digitalisierung beim Ende des Ressourcenraubbaus spielen kann. Eine Energieversorgung ausschließlich aus erneuerbaren Energien ist ohne Digitalisierung nicht möglich. Digitale Kommunikation ist entscheidend bei der Organisation von Fridays For Future, wie sie aktuell gestaltet wird verbrennt sie viele persönliche Ressourcen.
Für Sinti*zze und Roma*nja gehören Anfeindungen zum Alltag. Auch bei Ermittlungsbehörden stehen sie unter Generalverdacht: Es steht zu befürchten, dass die Polizei in unterschiedlichen Bundesländern rechtswidrig Daten zu ethnischer Herkunft erhebt und veröffentlicht. Warum ist es so gefährlich, ethnische Herkunft in Polizeidatenbanken zu erfassen? Und was für Konsequenzen hat es, sie in Berichterstattung zu erwähnen? Wann darf die Polizei überhaupt Daten zu ethnischer Herkunft erheben? Und wann und mit welchen Methoden tut sie es vielleicht trotz Verbots?
Low-power, single-purpose embedded devices (e.g., routers and IoT devices) have become ubiquitous. While they automate and simplify many aspects of our lives, recent large-scale attacks have shown that their sheer number poses a severe threat to the Internet infrastructure, which led to the development of an IoT-specific cybercrime underground. Unfortunately, the software on these systems is hardware-dependent, and typically executes in unique, minimal environments with non-standard configurations, making security analysis particularly challenging. Moreover, most of the existing devices implement their functionality through the use of multiple binaries. This multi-binary service implementation renders current static and dynamic analysis techniques either ineffective or inefficient, as they are unable to identify and adequately model the communication between the various executables.
Wireless connectivity is an integral part of almost any modern device. These technologies include LTE, Wi-Fi, Bluetooth, and NFC. Attackers in wireless range can send arbitrary signals, which are then processed by the chips and operating systems of these devices. Wireless specifications and standards for those technologies are thousands of pages long, and thus pose a large attack surface.
(Cybercrime-Ermittlungen: Vorsicht vor der Polizei! Oder: Nicht im falschen Forum posten) Der Hackerparagraph § 202c StGB ist seit August 2007 in Kraft. Das Bundesverfassungsgericht nahm eine dagegen gerichtete Verfassungsbeschwerde nicht an, wies aber darauf hin, dass er verfassungskonform auszulegen sei. Wie ist also die Rechtslage? Und wie sieht die Realität der Strafverfolgung aus? Reality Check!
(Jahresrückblick 2019) Extinction Rebellion (XR) ist eine global agierende, schnell wachsende, klimaaktivistische Graswurzel-Bewegung, die mit gewaltfreien Aktionen zivilen Ungehorsams auf die drohende Klimakatastrophe hinweist und Regierungen zum Handeln bewegen will. Die Ortsgruppe Berlin präsentiert in einer Art Jahresrückblick eine Auswahl an aktuellen Aktionen und stellt vor, wo wir als Bewegung gerade stehen, was wir bislang erreicht haben und was weiterhin gebraucht wird, um ein dringend notwendiges politisches Umsteuern einzuleiten. Let's act now.
In Brüssel wird über eine Verordnung verhandelt, die es allen EU-Staaten ermöglichen soll, Provider zur Herausgabe von Inhalten oder Metadaten zu verpflichten – egal wo die Daten gespeichert sind, egal ob die Tat, um die es geht, dort eine Straftat ist. Werden CLOUD-Act, e-Evidence und ähnliche Kodifikationen bald dafür sorgen, dass Strafverfolgungsbehörden aller Länder Daten von Providern weltweit abgreifen können?
Browsers are the ones who handle our sensitive information. We entirely rely on them to protect our privacy, that’s something blindly trusting on a piece of software to protect us. Almost every one of us uses browser extensions on daily life, for example, ad-block plus, Grammarly, LastPass, etc.
(Taking a look at a covert CIA virtual fencing solution) In this talk we will take a look at the 'Vault 7' Protego documents, which have received very little attention so far, and challenge the assertion that Protego was a 'suspected assassination module for [a] GPS guided missile system ... used on-board Pratt & Whitney aircraft' based on system block diagrams, build instructions and a few interesting news items. In addition, we will discuss hypothetical weaknesses in systems like it.
(The environmental costs of digital industry and pathways to sustainability) A lecture on the environmental impacts of digital industry today and how to think about and design digital tools with limited energy and resources.
Der Talk soll die Geschichte der senseBox von Beginn bis jetzt wiedergeben. Dabei möchte ich vor allem auf unsere Arbeit im Bereich Open Source, Open Data, Open Hardware und Open Educational Resources eingehen. Die Motivation von Teilnehmern des senseBox Projekts möchte ich basierend auf einer Nutzerstudie kurz wiedergeben. Außerdem möchte ich auf aktuelle Probleme sowie technische Hürden und die Genauigkeit der Daten eingehen. Zu guter Letzt gebe ich einen kurzen Ausblick in die Zukunft des Projekts.
(How an agency implements Fortress Europe by degrading Non-Europeans to second-rate people) Robots, Satellites and biometrical traps - more than a Billion Euro will be spent in 2021 for what they call "Border Security." The European Border and Coastguard, formerly Frontex, dreams of a fully automomus border surveillance system.
What sort of tools and methodologies should you use to write software for a car that will go on sale in 2023, if you have to support security patches and safety upgrades till 2043?
(Break Isolation and Sandbox in the Instant Apps) With the rapid development of mobile internet, apps become more and more complex. However, their most used functions are limited to a few pages. Enters instant app. It has many advantages over normal apps, such as click-to-play and concise design, and it's becoming more and more popular. There is some form of instant app framework in many popular apps, such as Google Play, TikTok, etc. In addition, many phone vendors have also embedded instant app frameworks in their pre-installed applications. However, there is barely any public research on attacking instant apps.
Individuals conducting reverse engineering for research purposes face several legal issues arising from IP and competition law. The legislation has reacted by introducing a new law on trade secrets specifically allowing reverse engineering. While the new law is certainly an improvement, many questions still remain as to conflicts with opposing domestic laws as well as other possibilities to waive the permission. In this talk, we provide guidance through the jungle of the current legal situation from a techno-legal perspective.
‘Listening Back’ is an add-on for the Chrome and Firefox browsers that sonifies internet cookies in real time as one browses online. By translating internet cookies into sound, the ‘Listening Back’ browser add-on provides an audible presence for hidden infrastructures that collect personal and identifying data by storing a file on one’s computer. Addressing the proliferation of ubiquitous online surveillance and the methods by which our information flows are intercepted by mechanisms of automated data collection, ‘Listening Back’ functions to expose real-time digital surveillance and consequently the ways in which our everyday relationships to being surveilled have become normalised. This lecture performance will examine Internet cookies as a significant case study for online surveillance with their invention in 1994 being historically situated at the origins of automated data collection, and the commercialisation of the World Wide Web. I will integrate online browsing to demonstrate the ‘Listening Back’ add-on and explore it’s potential to reveal algorithmic data capture processes that underlie our Web experience.
Development-fused iPhones with hardware debugging features like JTAG are out of reach for many security researchers. This talk takes you along my journey to create a similar capability using off-the-shelf iPhones. We'll look at a way to break KTRR, a custom hardware mitigation Apple developed to prevent kernel patches, and use this capability to load a kernel extension that enables full-featured, single-step kernel debugging with LLDB on production iPhones.
(Military warheads as a source of nuclear fuel) Can nuclear warheads be used as energy sources instead of exhausting resources? And if, how does this even work? Concerns during the cold war era mainly focused on the diversion of Uranium intended for commercial nuclear power towards usage in weapons. During the 1990s, these concerns gave way to a focus on the role of military Uranium as a major source of fuel for commercial nuclear power.
(How to understand this historic challenge and what we can do to defend ourselves) The unprecedented charges against Julian Assange and WikiLeaks constitute the most significant threat to the First Amendment in the 21st century and a clear and present danger to investigative journalism worldwide. But they also pose significant dangers to the technical community. This panel will explain the legal and political issues we all need to understand in order to respond to this historic challenge.
(Mediterranean Migration Monologues) Von Menschen, die den riskanten Weg übers Mittelmeer auf sich nehmen, in der Hoffnung, in Europa Sicherheit zu finden. Nach 700 Aufführungen der Asyl-Monologe, Asyl-Dialoge und NSU-Monologe das neue Theaterstück von Autor und Regisseur Michael Ruf. Die Mittelmeer-Monologe erzählen von Menschen, die den riskanten Weg über das Mittelmeer auf sich nehmen, in der Hoffnung, in Europa in Sicherheit leben zu können – von libyschen Küstenwachen, italienischen Seenotrettungsstellen und deutschen Behörden, die dies verhindern und von Aktivist*innen, die dem Sterben auf dem Mittelmeer etwas entgegen setzen.
Seit Anfang 2019 hat David jeden einzelnen Halt jeder einzelnen Zugfahrt auf jedem einzelnen Fernbahnhof in ganz Deutschland systematisch gespeichert. Inklusive Verspätungen und allem drum und dran. Und die werden wir in einem bunten Vortrag erforschen und endlich mal wieder ein bisschen Spaß mit Daten haben. Rechtlicher Hinweis: Es liegt eine schriftliche Genehmigung der Bahn vor, von ihr abgerufene Rohdaten aggregieren und für Vorträge nutzen zu dürfen. Inhaltliche Absprachen oder gar Auflagen existieren nicht.
Xbox 360 video game console had a number of widely known hacks for firmware of its optical disc drives. However, it was never the case with Blu-ray disc drives of Sony PlayStation video game consoles. In fact, up until recently there was no much information available on this subject publicly.
(Be prepared for the coming Digital Winter. And play Impossible Mission.) Civil society depends on the continuing ability of citizens to communicate with one another, without fear of interference, deprivation or eavesdropping. As the international political climate changes alongside that of our physical climatic environment, we must find ways to create mobile communications systems that are truly resilient and sustainable in the face of such shocks. We have therefore identified a number of freedoms that are required for resilient mobile phones: Energy, Communications, Security, Innovation, Maintenance and Scale-Dependency. These can be summarised as making it possible for people to create, maintain and develop mobile communications solutions, without requiring the capital and resources of a large company to do so. In this lecture I will explain why each of these is necessary, as well as describing how we are incorporating these principles into the MEGAphone open, resilient and secure smart-phone project.
(A rough guide to over-regulating free speech with anti-terrorist measures) We will examine the European Commission’s proposal for a regulation on preventing the dissemination of terrorist content from as a radical form of censorship. Looking at the rationale and arguments of policy-makers in Brussels, we will discuss normalisation of a “do something doctrine” and “policy-based evidence”. How can citizens and activists influence that legislative process? And what does it mean if they won’t?
(Leaking Your Recent Memory Operations on Intel CPUs) The ZombieLoad attack exploits a vulnerability of most Intel CPUs, which allows leaking data currently processed by other programs. ZombieLoad is extremely powerful, as it leaks data from user-processes, the kernel, secure enclaves, and even across virtual machines. Moreover, ZombieLoad also works on CPUs where Meltdown is fixed in software or hardware.
(Uncovering and assessing a second authentication mechanism in modern vehicle immobilization systems) Modern road vehicles are fitted with an electronic immobilization system, which prevents the vehicle from starting unless an authorized transponder is present. It is common knowledge that the security transponder embedded in the key fob should be secure, and quite some work has been published on the (in)security of such transponders. However, we identify another crucial part of the immobilizer system, that has not yet received any academic attention. We investigated three vehicles, and found that the security transponder does not communicate with the ECM (Engine Control Module) but with the BCM (Body Control Module). After succesful authentication of the key, the BCM will then authenticate towards the ECM, after which immobilization is deactivated and the vehicle may start. If either the security transponder or this ECM-BCM authentication protocol is weak, vehicles may be started without presence of a valid security transponder.
Das Jahr 2018 stand ganz im Zeichen der bundesweiten Proteste gegen die Polizeigesetze. Und 2019? Es ist leiser geworden um noPAG, noPolGNRW & Co. Aber das Biest lebt!
(3 different RCE vulnerabilities on Ruckus Wireless access points devices.) Ruckus Networks is a company selling wired and wireless networking equipment and software. This talk presents vulnerability research conducted on Ruckus access points and WiFi controllers, which resulted in 3 different pre-authentication remote code execution. Exploitation used various vulnerabilities such as information leak, authentication bypass, command injection, path traversal, stack overflow, and arbitrary file read/write. Throughout the research, 33 different access points firmware examined, and all of them were found vulnerable. This talk also introduces and shares the framework used in this research. That includes a Ghidra script and a dockerized QEMU full system emulation for easy cross-architecture research setup. Here's a fun fact: BlackHat USA 2019 used Ruckus Networks access points.
(Lesung des öffentlichen Sourcecodes) ---This event is not going to be recorded--- Kommet zusammen Ihr Jüngerinnen der Bits und Bytes und hörtet die frohe Kunde des offenen Sourcecodes. Halleluhjaz!
Chaos meets Poetry Slam. Der humoristische Dichterwettstreit mit Informatikhintergrund. Mitmachen ausdrücklich erwünscht.
Before media art has emerged, traditional art and dance are already applying algorithms to make sophisticated patterns in their textures or movements. Hieda is researching the use of algorithm through creation of media installations and dialog with artists, dancers, choreographers and musicians. He also presents his current interest in machine learning and art which potentially exclude (or already excluding) some populations due to the dataset and modality.
Seit Jahren wird über den Einfluss des Internets auf die Gesellschaft diskutiert. Desinformationskampagnen in den sozialen Medien, russische Bots und Empfehlungs-Algorithmen hätten die Gesellschaft gespalten. Doch viele Unterstellungen lassen sich einfach widerlegen. Dieser Vortrag gibt einen Überblick und schlägt Ansätze vor, wie sich die Phänomene des Rechtsrucks zu einem konsistenten Bild zusammenfügen lassen.
OpenBSD markets itself as a secure operating system, but doesn't provide much evidences to back this claim. The goal of this talk is to evaluate how effective OpenBSD's security mitigation are, in a systematic, rational and comprehensive way.
(Von E-Bikes in der Connected Mobility zur Entstehung eines nachhaltigen Open-Source-E-Bike-Projekts) Was haben E-Bikes mit Connected Mobility zu tun? Und ist so was wie LineageOS auch für Bike Computer möglich? Außerdem: wie lassen sich Cradle to Cradle Prinzipien auf E-Bikes anwenden? Der Vortrag gibt einen Einblick in die Rolle von E-Bikes in der Connected Mobility und umreißt ihren Stand der Technik. Zudem berichtet er von den Herausforderungen, ein nachhaltiges Open-Source-E-Bike zu entwickeln. Last but not least möchte er die Idee eines Open-E-Bike-Wiki vorstellen.
(Conservation Genomics between Taxonomy, Big Data, Statistics and IT-Security) Conservation genomic approaches are crucial for establishing long-term sustainable conservation and management strategies for the protection of biodiversity and natural ecosystems. In this talk, the diverse and disparate fields of expertise and activism are presented, which are involved in building effective conservation genomic reference datasets and their infrastructures, analytical inference/prediction environments and operational tools for practical application.
(Eine erste Bilanz) Sie sollen den Staat schützen, sind aber selbst eine Gefahr: Soldaten und Polizisten, die sich in Chat-Gruppen organisieren und auf den „Tag X“ vorbereiten. Mit aufwändigen Recherchen hat ein Team der taz ein bundesweites konspiratives Netzwerk aus Preppern und Staatsbediensteten aufgedeckt. Kopf war „Hannibal“, Elitesoldat beim Kommando Spezialkräfte – und Auskunftsperson für den Militärischen Abschirmdienst. Hier geben die ReporterInnen Einblick in die Recherche und zeigen, was aus ihren Berichten folgte. Oder auch nicht.
Quantum technologies are often only over-hyped showed as threat for cybersecurity … But they also offer some opportunities to enhance the cybersecurity landscape . As an example, you may know that a quantum computer will be able to break RSA keys but Quantum communication technologies can also provide a new way to exchange securely a cipher key. More, with Quantum networking technologies, communication eavesdropping are , by design, detectable and thus this could lead to some good opportunities to use them to enhance cybersecurity. Some even begins to build a Quantum internet ! We may also solve main security issues face by cloud computation (privacy, confidentiality etc) via the use of "Blind quantum computation" in the cloud.
(Evolve your hack into robust software!) How do we write software that works - or rather, how do we ensure it's correct once it's written? We can just try it out and run it, and see if it works on a few examples. If the program was correct to begin with, that's great - but if it's not, we're going to miss bugs. Bugs that might crash our computer, make it vulnerable to attacks, stop the factory, endanger lives, or "just" leave us unsatisfied. This talk is about techniques every programmer can use to avoid large classes of bugs. You think about general properties of the things in your code, verify them through automatically generated tests, and (when it's particularly critical) proofs. This is a surprisingly fun and satisfying experience, and any programmer can do it. You need just a bit of high school math (which we'll refresh in the talk) to get started.
(where artifacts come from, and how constructive math may help) Cryptographic hash functions are everywhere, yet modeling the characteristics of their real-world occurrences is surprisingly complicated when trying to prove security. We argue how seemingly convenient features of doing classical math may make it actually harder to model them correctly.
(Warum wir zivilen Ungehorsam und Subversion mehr brauchen denn je) Ein lustiger Rückblick über die Aktionen des Peng Kollektivs.
(An introduction without maths) This talk will explain the basic building blocks of cryptography in a manner that will (hopefully) be understandable by everyone. The talk will not require any understanding of maths or computer science. In particular, the talk will explain encryption, what it is and what it does, what it is not and what it doesn't do, and what other tools cryptography can offer.
(When SPF is not enough) Forget look-alike domains, typosquatting and homograph attacks. In this talk we will discuss ways of forging perfect email counterfeits that (as far as recipients can tell) appear to be coming from well-known domain and successfully pass all checks on their way. Prime focus of this talk will be modern anti-spoofing strategies and the ways around them. Join us as we try to figure out answers to questions such as "Isn't SPF enough?", "Do I *really* need DMARC?" and "Does ticking all three (SPF, DKIM, DMARC) provide the best protection possible?" (answers to these questions are "no", "yes", "no" by the way).
(How to convert standard wifi dongles into digital broadcast transmitters) This talk is about modifying cheap wifi dongles to realize true unidirectional broadcast transmissions that can transport digital data like HD drone video with guaranteed latency over a range of tens of kilometers. The talk will show the necessary changes to the firmware and kernel of the wifi dongle, the forward error correction and software diversity (fuse several receivers in software) that is added to improve reliability and the most prominent use case: Flying a remote controlled drone at a distance of tens of kilometers.
(Open Soil Research)
(Rechtsbrüche beim Export von Überwachungssoftware) Die GFF hat gemeinsam mit Reporter ohne Grenzen (ROG), dem European Center for Constitutional and Human Rights (ECCHR) und netzpolitik.org Strafanzeige gegen die Geschäftsführer der Unternehmen FinFisher GmbH, FinFisher Labs GmbH und Elaman GmbH erstattet.
(An introduction to quantum computing and a review of the progress we made in the last 5 years.) Five years ago I spoke about my work in quantum computing, building and running a tiny two qubit processor. A few weeks ago, Google announced a potentially groundbreaking result achieved with a 53 qubit quantum processor. I will therefore review the state of experimental quantum computing and discuss the progress we made in the last 5 years. I will explain quantum supremacy, surface code architecture and superconducting quantum processors and show which challenges we still have to overcome to build large scale quantum computers.
Modern grey-box fuzzers are the most effective way of finding bugs in complex code bases, and instrumentation is fundamental to their effectiveness. Existing instrumentation techniques either require source code (e.g., afl-gcc, ASan) or have a high runtime performance cost (roughly 10x slowdown for e.g., afl-qemu). We introduce Retrowrite, a binary rewriting framework that enables direct static instrumentation for both user-mode binaries and Linux kernel modules. Unlike dynamic translation and trampolining, rewriting code with Retrowrite does not introduce a performance penalty. We show the effectiveness of Retrowrite for fuzzing by implementing binary-only coverage tracking and ASan instrumentation passes. Our binary instrumentation achieves performance similar to compiler-based instrumentation.
(Mit künstlicher Intelligenz zu neuer Kunst zum kybernetischen Verstand) Kann künstliche Intelligenz Kunst erzeugen? Können Menschen von künstlich intelligenten Systemen erzeugte Kunst verstehen? Ist Kunst ein Weg zu neuen Stufen eines kybernetischen Verstandes? Der Stand der KI-Kunst ist keine Kunst oder keine KI. Aber wir werden mit unserer menschlichen Eitelkeit konfrontiert werden, nicht die Einzigen zu sein, die schöpferisch und auch künstlerische Relevanz in Betrachtern auslösen. Dies liegt mitunter an unseren bisherigen Kunstbegriffen und -verständnissen, die oftmals mit Intentionalität assoziiert sind. Eliza: Warum? Simon Hegelich widmen sich diesen Fragen und zeigt eigene (?) Werke (Videos, Bilder, Gedichte), die mit KI erzeugt wurden, wobei er seine großen Leidenschaften;- Kunst, maschinelles Lernen, Hegelsche Dialektik, Science Fiction, Kybernetik und Transhumanismus- der Erweiterung durch Diskurs unterzieht.
Der Diskurs um die "Digitalisierung" kann vor allem eines: Verheißen. Roboter befreien uns von mühsamer Arbeit, Effizienzsteigerungen sorgen von ganz allein für den Schutz von Umwelt und Ressourcen und Algorithmen erleichtern uns den Alltag. Dass diese Verheißungen vor allem Tech-Konzernen in die Tasche spielen und wir dank der datenraff(inier)enden Geschäftsmodelle des digitalen Kapitalismus auf ökologische und soziale Katastrophen zusteuern, soll in dem Vortrag gezeigt werden. Kann die Wirtschaft dank effizienterer Technologien weiter wachsen ohne dabei Ressourcen zu verbrauchen? Oder merken wir bei unseren immer voller werdenden Leben gar nicht, dass uns in Wahrheit die Rohstoffe ausgehen? Wenn wir schon sehr bald kein Material mehr haben, um Technik zu bauen, die alle Verheißungen erfüllt - was machen wir dann? Ist die Antwort dann reparieren, selber machen, vielleicht sogar kreativ werden?
(Whistleblowers and the Cases of The Snowden Refugees and Edward Snowden) An update on the circumstances of Mr Snowden and the Snowden Refugees will be provided at the 36C3 event and venue in December 2019. There have been many significant events and incidents during 2019.
Software bugs and timing leaks have destroyed the security of every Chromebook ECDSA "built-in security key" before June 2019, ECDSA keys from several popular crypto libraries, the Dilithium post-quantum software, the Falcon post-quantum software, and more. Will we ever have trustworthy implementations of the cryptographic tools at the heart of our security systems?
In this talk we will see how chaos can be used to find very peculiar trajectories for space crafts within the Solar System. To understand this, we will also have a short look at the basics of orbital mechanics as well as three-body problems.
(DECT is korrekt.) Seit 2018 betreibt Eventphone ein neues Telefonsystem auf den chaosnahen Events. Natürlich wird neue Soft- und Hardware sofort zum Forschungsgegenstand. Schnell gab es die üblichen Fragen: Wie funktioniert das genau? Ist das alles an Features? Kann man das updaten? Kann man nicht kompatible Geräte vielleicht kompatibel machen? Was kann man noch verbessern? Ist das sicher?
In this talk I will report on Databox, the focus of a UK-based research collaboration between the University of Cambridge, the University of Nottingham, and Imperial College, with support from industrial partners including the BBC. Databox is an open-source software platform that seeks to embody the principles of Human-Data Interaction by enabling individuals to see and exercise dynamic control over what is done with their personal data. The research project has melded computer systems design with ethnomethodological approaches to Human-Computer Interaction to explore how such a platform can make use of personal data accountable to individuals.
(Underestimating the dangers of designing a protection system) Everybody knows about the Boeing 737 MAX crashes and the type's continued grounding. I will try to give some technical background information on the causes of the crash, technical, sociological and organisational, covering pilot proficiency, botched maintenance, system design and risk assessment, as well as a deeply flawed certification processes.
(Auditing Boot Loaders by Example) The Achilles heel of [your secure device] is the secure boot chain. In this presentation we will show our results from auditing commonly used boot loaders and walk through the attack surface you open yourself up to. You would be surprised at how much attack surface exists when hardening and defense in depth is ignored. From remote attack surface via network protocol parsers to local filesystems and various BUS parsing, we will walk through the common mistakes we've seen by example and showcase how realistic it is for your product's secure boot chain to be compromised.
(The Not-So Secret Data Sharing Practices Of Menstruation Apps) In September 2019, Privacy International released exclusive research on the data-sharing practices of menstruation apps. Using traffic analysis, we shed lights on the shady practices of companies that shared your most intimate data with Facebook and other third parties.
(How simulations help us understand the Universe) This year the Nobel prize in physics was awarded to three astronomers changing the understanding of the Universe and finding the first exoplanet. This is a good reason to dive into astronomy, numerics, and programming and to learn how modern astronomy creates the pictures and models of the reality we observe in the night sky. Let’s find out together how we can simulate the Universe and grow new planets – computationally!
(Social, artistic & theoretical experiments with decentralized festivals) Festivals and events are organized by a small group of deciders. But what would Eris do? (chaos!) We will look at some of our experiences with decentralised festivals where every participant can truly participate, reflect on how they influence our way of discussing and producing art and technology and discuss p2panda, an idea of a p2p protocol for (self-)organising resources, places and events, which is based on the SSB protocol.
Checkm8 is an unfixable vulnerability present in hundreds of millions of iPhones' SecureROM. This is a critical component in Apple's Secure Boot model and allows security researchers and jailbreakers alike to take full control over the application processor's execution.
(War alles schon mal besser) IT-Sicherheitsgesetz 2.0, Staatstrojaner für den Verfassungsschutz, Uploadfilter und Leistungsschutzrecht, Plattformregulierung und Terrorpropaganda-Verordnung, dazu die Suche nach der künstlichen Intelligenz in der Blockchain – 2019 war ein ereignisreiches Jahr in der Netzpolitik.
(Warum unser Web nachhaltiger werden muss und wie wir das anstellen!) Wo beginnt unsere Verantwortung bei der Gestaltung und Entwicklung einer Website und wo endet sie? Wusstest Du, dass die durch das Internet hervorgerufenen CO2-Emissionen die der Flugindustrie überschritten haben? Beim Design einer Website oder Web-App denken die wenigsten an CO2-Emissionen. So ist auch dieser Fakt weitgehend unbekannt. Warum wir uns dringend über ein nachhaltigeres Web Gedanken machen sollten und wie wir das in unserem Alltag umsetzen können, erfahrt Ihr in diesem Vortrag.
(Human agreements, comunication infrastructures, services in Campi Aperti, Bologna, Italy) We will analyze the approach to tecnology (decisional method, mesh network and cloud) of a farming community near Bologna: Campi Aperti. Speaking about: human organization, connectivity, managing of a server, resources and incidents handler, femminism, maintaining and growing in a non-gerarchical organization. Technologies involved: humans, antennas, orchestrator of containers.
(Eine Gemeinschaftsproduktion der Haecksen, der tuwat-Gruppe Bildung und Chaos Siegen) In diesem Beitrag stellen wir die von der tuwat Gruppe Bildung erarbeiteten "Welcome Pattern" zum Empfang und Integration von Neuankömmlingen und ihre Anwendung in Siegens Hackspace "HaSi" vor.
(Menschliche Faktoren der IT-Sicherheit) Die überwältigende Mehrheit der erfolgreichen Hacks in freier Wildbahn setzen auf menschliche Faktoren. Wie können wir Systeme und Interfaces gestalten, um diese Schwachstellen zu mindern?
(Früher war mehr Schnee) 'In meiner Jugend war mehr Schnee!' oder 'Früher war es auch schon heiß!' könnte man so glauben, je nach Vehemenz des Ausrufs, oder man schaut halt nach.
(Don't ask what you can do for TPMs, Ask what TPMs can do for you) Trusted Platform Modules (TPMs) are nowadays included in all consumer-grade devices. Whilst "the Trusted Platform Modules available for PCs are not dangerous, and there is no reason not to include one in a computer or support it in system software" (Richard Stallman, GNU) they have yet to gain wide-ranged adoption, especially for the daily needs of your average nerd. This talk will introduce OpenSource software and use cases that are already supported and how your everyday nerd can benefit from those by security your personal credentials, securing your system credentials, encrypting your storage and detecting BIOS manipulations. This talk is based on the https://tpm2-software.github.io contributions. It will also give a quick rundown to debunk some myths and call for participation in the OpenSource efforts for supporting more use cases via TPMs.
(Egypt's Civil Society Under Attack) What happens when we come across a surveillance operation targeting Egypt’s civil society? And what happens when the attackers expose all of their backend code by mistake? This is The Eye on the Nile.
(Graffiti in the ruins of the feed and the party-info-capital is emigrating) There is graffiti in the ruins of the feed and the event-info-capital is emigrating.
(Die Realität beim Arztbesuch nach 15 Jahren Entwicklung einer medizinischen Digitalstrategie) Seit spätestens 2005 wird in Deutschland an der Einführung der Telematik Infrastruktur, kurz die TI, gearbeitet. Diese soll nicht weniger als die komplette Digitalisierung der deutschen Medizinbranche bedeuten. Vom Arzt, Krankenhaus, Psychotherapeut bis hin zum Apotheker sollen alle Heilberufler miteinander vernetzt werden. Der Patient soll dabei die Datenhoheit behalten, und seine Daten mittels elektronischer Gesundheitskarte, sowie alternativ per mobiler Smartphone App steuern.
(8 Mikrokosmen, 8 Expert*innen, je 8 Minuten zu Digitalisierung und Nachhaltigkeit) So wie Farnpflanzen ihre Sporen aus der Kapsel mit bis zu 10m/s heraus in die Welt katapultieren, auf dass sie dort auf fruchtbaren Boden fallen, werden unsere 8 Expert*innen ihr Nerd- und Fach-Wissen weitergeben – spektakulär, wirkungsvoll und unterhaltsam. So bunt wie die besten Slams, so dicht wie die besten Lightning Talks: 8 Antworten auf die Frage, warum Techies und Ökos zusammengehören.
(EU plans to swipe our freedom of expression under the carpet) The quest towards a “cleaner” internet continues – with “censorship machines” included in the EU Copyright Directive, upload filters proposed in the Terrorist Content Regulation, and numerous other initiatives to push dominant platforms to police online content. This talk will present the next big battles for free speech online at the European level.
3D-gedruckte Kleidungsstücke finden sich mittlerweile auf immer mehr Laufstegen in der Modebranche. Der Herstellungsprozess erlaubt gänzlich neue Abläufe und die Chance, durch mehrfache Materialverwendung und Abfallreduzierung nachhaltiger zu produzieren. Aber wie alltagstauglich und bequem sind diese Teile eigentlich? Wann ist ein Kleidungsstück überhaupt bequem? Welche Funktionen können 3D-gedruckte textile Flächen übernehmen – und welche nicht?
(Strategies and tactics to ‘hack’ public spaces and social conventions) Louise Ashcroft will talk through strategies and tactics she uses to ‘hack’ public spaces and social conventions in order to suggest new ways of living which challenge rules and hierarchies.
Der Vortrag gibt auf der Basis umfangreicher korpuslinguistischer Analysen einen Überblick über den Fundus herabwürdigender und ausgrenzender Ausdrücke, die in rechten und rechtsextremen Onlinediskursen geprägt wurden. In den tiefensemantischen Strukturen des invektiven Wortschatzes der neuen Rechten wird ein stark schematisiertes Weltbild sichtbar, das von der grundlegenden Verachtung nicht nur des Fremden, sondern auch des eigenen Landes, seiner Institutionen, seiner Werte und seiner Bevölkerung geprägt ist.
(Status of the Net Neutrality Reform in Europe) Three and a half years after Europe enshrined net neutrality in law, the protections for the open internet are being renegotiated. Europe finds itself in the middle of an immense lobbying battle about the legality of internet blocking, zero-rating and the internet as a common carrier for everyone. All this while the EU is also the first world region trying to fit the next mobile network standard 5G into the net neutrality framework as we currently know it. This talk will give a brief summary about the past years of regulatory enforcement, how the internet has developed in Europe and what to expect from the ongoing reform.
Want to run Linux on open hardware? This talk will explore Open Source Hardware projects capable of that task, and explore how RISC-V and free software FPGA projects can be leveraged to create libre systems.
(The sumo robot fight for the technically ungifted) Let's build funny robots and let them fight each other as long as we are superior to them :) Please let's dishonor high tech and celebrate everything made out of stuff we usually throw away (and blinks).
(A dive into the foundations of hardware reverse engineering and our netlist analysis framework HAL) Since the Snowden revelations the fear of stealthy hardware manipulations is no longer regarded as far fetched. This fear is also reflected in the massive discussions sparked by last year's Bloomberg allegations on a supposed hardware spy implant on Supermicro serverboards or the recent USA ban on Huawei telecommunication equipment. Hardware reverse engineering (HRE) is a promising method to detect such manipulations or hidden backdoors. However, HRE is a highly complex and cumbersome task. It takes months of work as well as expensive equipment to even obtain the netlist of a chip, the equivalent to the binary in software reverse engineering (SRE). In contrast to SRE where various paid or open-source tools for binary analysis exist, e.g., IDA Pro or Ghidra, in HRE simply no tool for netlist analysis were available - neither commercial, nor free. To close this gap, researchers from the Ruhr University Bochum developed HAL, the first open-source netlist analysis framework. In this talk, we start with a basic introduction into the challenges of HRE. Then, we demonstrate the capabilities of HAL before giving a brief overview on our current research with HAL.
(A Tool for Analyzing the Fairness of Electronic Devices) Electronic gadgets come not just with an ecological footprint, but also a human cost of bad working conditions and human rights violations. To support hardware makers who want to design fairer devices, we are building a software tool to easily discover social risk hotspots and identify measures for improvement.
(Makroökonomische Auswirkungen der Digitalisierung auf den Globalen Süden) In den gegenwärtigen Debatten um die Digitalisierung werden systemische und strukturelle Auswirkungen der Digitalisierung auf Entwicklungs- und Schwellenländer und damit verbundene potentielle Risiken und Herausforderungen bislang kaum betrachtet und diskutiert. Ein schwerwiegendes Versäumnis, hatte doch bereits die Weltbank, einer der größten Förderer von IKT in den Ländern des Globalen Südens, in ihrem Weltentwicklungsbericht ‚Digital Dividende‘ (2016) selbstkritische eingeräumt, der digitale Wandel bleibe nicht nur hintern, sondern verschärfe die soziale Ungleichheit. Der Vortrag setzt sich mit der Frage auseinander, inwiefern die Digitalisierung zur Überwindung von Armut und sozialer Ungleichheit in den Ländern des Südens beitragen können. Erweitern sie die Chancen auf gesellschaftliche und ökonomische Teilhabe von benachteiligten Menschen oder verengen sie diese? Schwerpunkt der Analyse bildet die Auseinandersetzung mit dem digitalen Handel. Fast unbemerkt hat sich in der Handelspolitik eine neue Dynamik entwickelt. Führende Tech-Konzerne, allen voran die aus dem Silicon Valley, instrumentalisieren zunehmend das Handelsrecht für ihre Interessen. Dabei geht es längst nicht mehr nur um die Reduzierung von Zöllen auf digitale Produkte wie Software oder einheitliche Standards für Telekommunikationsdienste. Patente auf Künstliche Intelligenz sowie die (Nicht)Regulierung von Datenflüssen sind inzwischen auch Bestandteil handelsrechtlicher Regelungen und Gegenstand kontroverser Debatten in der Welthandelsorganisation WTO. Für die Länder des Globalen Südens – aber nicht nur für sie – steht dabei viel auf dem Spiel, einschließlich der Gefahr eines neuen, digitalen Kolonialismus. Im Vortrag zeigt zudem erste Ansätze zum Aufbau einer fairen und menschenwürdigen Digitalisierung auf.
(Introduction to IC reverse engineering for non-chip-reverse-engineers.) Reverse Engineering of integrated circuits is often seen as something only companies can do, as the equipment to image the chip is expensive, and the HR costs to hire enough reverse engineers to then understand the chip even more so. This talk gives a short introduction on the motivation behind understanding your own or someone else’s chip (as a chip manufacturing company), and why it might be important for the rest of us (not a chip manufacturing company). The focus is on understanding what millions of logical gates represent, rather than the physical aspect (delayering, imaging, image processing…), because everyone can do this at home. I will introduce some proposed countermeasures (like logic encryption) and explain if, how and why they fail.
(How to Stop the Dubious Use of Passenger Name Records by Law Enforcement) The talk will address how passenger name records (PNR) of flight passengers are currently used by law enforcement throughout the European Union to track and identify suspects of a variety of crimes, how this is likely to be only a first step by the security state to surveil our every movement. Two NGOs have joined forces to stop this new form of indiscriminate mass surveillance in the courts and build safeguards against future infringements of our fundamental right to privacy.
(Resilient. Trustworthy. Sustainably Open.)
(In welcher digitalen Welt werden wir leben?) Wir müssen jetzt entscheiden, in welcher digitalen Welt wir leben wollen.
Der Talk wird eine wilde Fahrt, vorbei an umfallenden Rollern, etwas Kunst mit Sharing-Daten, einer Shoppingtour aus Recherchegründen auf asiatischen Großhandelsplattformen, Sicherheitslücken in Fahrradschlössern, welche einen deutschen Bikesharer dazu bringen, seine 6000 Räder weltweit wieder einzusammeln, der Analyse von risikokapitalgetriebenen Sharingsystemen bis hin zum Gegenentwurf: Wie angewandte Lobbyarbeit für mehr offene Mobilitätsdaten aussieht. Und wie man es selbst in die Hand nehmen kann.
(A media-art project which automates the search for flats in Berlin and challenges automation narratives) At the center of Clemens Schöll's latest art project is the "Wohnungsbot" (flat-bot), which automates flat searching in Berlin. But it doesn't only try to search flats for everybody, it fundamentally questions power-relationships in (flat-searching) online platforms. Where are the utopias about public automation? Who should be able to automate what, and how?
In diesem Vortrag nehmen wir euch mit auf eine Reise durch das Haecksenjahr 2019.
(Governments around the world are implementing digital identity programs that don't work) Aadhaar is India's national biometric identity database, with over one billion records comprising fingerprints, iris scans and basic demographic information. It is presented as identity technology, allowing an individual to identify themselves, but also as an identification technology, allowing the state to see an individual, identify fraudulent welfare beneficiaries, and thus realise savings. These claims are not complementary. They are in fact contradictory, compromising each other. If one must be true, the other must somehow be false, and this is the reality of Aadhaar.
I will explore the ways in which music is influenced by making and hacking, including a whistle-stop tour of some key points in music hacking history.
Ausgehend von den behördlichen Messnetz für Stickoxide soll der Aufbau einer preisgünstigen Open Source Messstation für Stickstoffdioxid, inklusive Kalibrierung und der behandlung von Störenden einflüssen behandelt werden. Zusätzlich soll eine Webanwendung vorgestellt werden welche die Daten aus einem Messnetz der NO2-Messstationen sammelt, auf Karten visualisiert und somit dem Citizen Science Ansatz Rechnung trägt.
(Best of Informationsfreiheit) Mit immer neuen Gesetzen gewinnt die Exekutive in Deutschland an Macht und Ressourcen. Die öffentliche Kontrolle von Ministerien und Geheimdienste gerät ins Hintertreffen. Wir sprechen darüber, warum dank Anfragen und Klagen nach dem Informationsfreiheitsfreiheitsgesetz in diesem Jahr der Kampf noch nicht verloren ist, wie wir gegen den BND vor Gericht gewonnen haben und wann das Zensurheberrecht endlich abgeschafft wird. Plus: Das Beste aus 100.000 Anfragen über FragDenStaat in diesem Jahr.
(Eine industrielle Perspektive für die Lausitz?) Weltweit verlaufen die Entwicklungstrends des Markthochlaufs der Elektromobilität und die Weiterentwicklung relevanter Batteriefertigungs- und Recyclingtechnologien hoch dynamisch. Maßgebliche Faktoren für die Entstehung eines industriellen Batterierecycling-Marktes nehmen dabei erst langsam Gestalt an, der regulatorische Rahmen ist noch modellierbar. Zugleich ist der Technologiepfad Elektromobilität als eingeschlagen zu begreifen - die Notwendigkeit einer Verkehrswende zur Reduzierung des CO2-Ausstoßes begründet Umbrüche in der Automobilbranche, die mittelfristig zu steigenden Verkehrsanteilen von Fahrzeugen mit rein elektrischem oder hybridem Antrieb an den PKW-Neuzulassungen führen werden. Damit steigt der Bedarf an geeigneten Traktionsbatterien und die Nachfrage nach den zu ihrer Herstellung erforderlichen, endlichen Rohstoffen. Im Energiesektor stellt der Beschluss zum Kohleausstieg 2038 eine Zäsur dar: Mit der Zielstellung, die Lausitz – bislang Braunkohlerevier - als Energieregion zu erhalten und die Angleichung der Lebensverhältnisse in der strukturschwachen Region zu schaffen, gehen wir der Frage nach, ob durch die Errichtung einer Recyclingstrecke für Traktionsbatterien der Elektro-Mobilität ein Beitrag zur Gestaltung einer „Energieregion der Zukunft“ geleistet werden kann. Dies einerseits im Hinblick auf die Schaffung von Beschäftigung, um die im Kontext des Braunkohleausstiegs drohenden Verluste von Industriearbeitsplätzen zu kompensieren. Andererseits unter Maßgabe der Etablierung einer nachhaltigen, regional verankerten Kreislaufwirtschaft.
(Was Sie schon immer nicht über darüber wissen wollten wer Ihre Geräte wirklich kontrolliert.) Was hat sich im letzten Jahr im Bereich IT-Sicherheit getan? Was werden die nächsten Buzzwords sein und welche neuen Trends sind schon heute absehbar?
36C3 is run by teams of volunteers. In this event, they will provide some insight into the challenges they faced while building the GSM, DECT and IP networks, running video streams, or organizing ticket sales. All graphs will be pointing up and to the right.
In diesem Talk wird es um die Grundlagen von Ansible gehen, warum es für den Vortragenden das beste Werkzeug ist und welche alternativen es noch gibt. Vom ersten Host Inventory im YAML Format über die kleine Rollen (NTP/Fail2Ban) und Playbooks bis hin zum ersten kompletten Einrichten des Rasberry Pi oder Servers mit eigenen Dotfiles und den Basic Paketen die man so braucht. Auch wird drauf eingegangen, wie und warum reproduzierbare Infrastruktur Builds das Leben eines Admins erleichtern können und im Alltag der händischen Arbeit vorzuziehen sind. Abschließen wird der Talk mit dem Thema "Ansible Playbooks aus dem Internet herunterladen oder selbst machen?" und worauf man achten sollte, wenn man Playbooks für mehrere unterschiedliche Linux Distributionen baut.
Mitmachspass mit Autocomplete: Entdecke KI-Seele deines Smartphones Ein Spiel mit dem Publikum: Menschen nutzen die Autocomplete/Predict-Funktion ihres Mobilgerätes, um basierend auf einem (wechselnden) vorgegebenen ersten Wort Sätze zu bilden, also immer nur das nächste vorgeschlagene Wort zu bestätigen. Die Ergebnisse werden mehr oder minder live und total willkürlich ausgewählt verlesen. Auch wenn's erstmal sinnlos erscheint: Und auch wenn den Absendenden Anonymität zugesichert wird und im Gegensatz Schummeln verboten ist: Die Art der Sätze, die die trainierte/konditionierte Maschine dabei hervorbringt offenbaren mindestens einen eigenen Charakter oder sagen zumindest etwas über die bevorzugte Nutzung des Gerätes.
Ein howto für Dummis, Freifunk Infrastruktur selber zu betreiben. Es ist gut, wenn viele Menschen Freifunk Router einrichten können. Doch es ist besser, wenn auch Leute selber einen Super Node betreiben können. Es gibt viele Wege, dies umzusetzen. Ich möchte zeigen, wie ich in letzter Zeit es umgesetzt habe mit mittleren Kenntnissen. Und es wird gezeigt, wie man Provider werden kann.
In this talk I will outline my journey implementing my X11 window manager `hikari` and the corresponding Wayland compositor shortly after. `hikari` is a stacking window manager/compositor with some tiling capabilities. It is still more or less work in progress and currently targets FreeBSD only but will be ported to Linux and other operating systems supporting Wayland once it has reached some degree of stability and feature completeness. This talk covers: * a brief explanation regarding differences between X and Wayland * some of `hikari`'s design goals and motivation * choice of programming language * an overview of libraries that were used * tools for ensuring code quality and robustness * obstacles * resources that helped me to implement the whole thing
Speakers: Martin Fischer, Martin Haase, Constanze Kurz
Speakers: Holgi, Doktor Toby von Adoby Doktor Toby von Adoby und ich haben uns auf dem 31C3 auf die Bühne des Sendezentrums gesetzt und versucht, unsere Realitäten abzugleichen. Toby ist im Laufe der Sendung ein wenig betrunken geworden, während ich schon trunken auf die Bühne getreten bin und im Laufe der Sendung nur noch betrunkener wurde. Wir wurden dabei gefilmt.
Speakers: m.eik, Christoph, Bruder Jahresupdate zur GEMA-Alternative C3S
Speaker: Tim Pritlove, Holger Klein Nach gerade mal einer Studiosendung lockt uns schon wieder eine Chaos-Veranstaltung auf die Bühne: auf dem 32. Chaos Communication Congress finden wir uns auf der Bühne des Sendezentrums vor einem Live-Publikum wieder.
Speakers: Tim Pritlove, Denis Ahrens, hukl, roddi Es war Congress und wir waren dabei. Auf der Bühne des Sendezentrums gab es am 2. Tag eine unterhaltsame Zusammenkunft mit unseren Hörern vor Ort. Wie nicht anders zu erwarten werdet ihr weder eine umfangreiche Congress-Zusammenfassung noch andere sinnvolle Sätze zu hören bekommen, aber wir hoffen, ihr habt trotzdem Spaß damit.
Speakers: Holgi, Toby Baier Es begab sich zu jener Zeit, dass der Toby und der Holgi sich auf dem 32c3 zusammensetzten, um ihre Realitäten miteinander abzugleichen. Die Themen, über die wir zwangsweise geredet haben, wurden über das Hauseigene Rohrpostsystem eingeliefert.
Speakers: Martin Fischer, Ulrike Kretzmer, Tim Pritlove Zum Warmmachen vor der ersten Bühnensession und der ersten Aufnahme am Podcastingtisch, möchten wir mit euch zusammenkommen und euch im Sendezentrum auf dem 33C3 willkommen heißen. Wir möchten euch "Hallo" sagen und in einer schnellen, intensiven aber herzlichen Vorstellungsrunde herausbekommen, wer alles auf dem CCCongress unterwegs sein wird und ein Herz für das Podcasting hat. Ihr bekommt auch eine Übersicht über die Möglichkeiten, die euch im Sendezentrum auf dem 33C3 erwarten. Wir freuen uns auf euch!
Speakers: tinowa, Daniel Meßner Laberpodcast, Interviewpodcast, Magazin oder Feature: Was für Podcast-Formate gibt es eigentlich? Die Podcastpat_innen nehmen Euch mit zu einer Rundreise durch die deutschsprachige Podcastlandschaft. Am Anfang gibt es immer ein Problem: Welches Thema, welches Format, welche Software, welcher Veröffentlichungsort? Die Podcastpat_innen sind ein selbstorganisiertes Communityprojekt und wollen Anfänger_innen beim Start ihres eigenen Podcasts unterstützen. Auf der Bühne stellen Daniel Meßner und Tine Nowak das Podcastpat_innen-Projekt kurz vor und starten dann mit einem Überblick zu den verschiedenen Podcastformaten in einer speziellen 33C3-Edition.
Speakers: fernsehmuell, Diodenschein MIDI Räuspertasten kann man sehr günstig mit einem Arduino und geeigneter mechanischer Hardware selber Bauen. Ob Türklingelknopf oder Fußtaster. Jeder kann seine Wunsch-MIDI-Fernbedienung für Ultraschall selber bauen. Robert Nixdorf und Udo Sauer "forschen" seit längerem auf dem Gebiet MIDI-Controller und stellen einige einfache und ein paar komplexere Möglichkeiten vor, Ultraschall fernzusteuern.
Speaker: MacSnider Die Quizshow deren Name ein Anagram des Originals ist! In dieser Show geht es um die Lösung hinter Fragen wie was ist ein Alarmstuhl, was ist Spritzgeld oder warum haben Züge aus Deutschland nach Frankreich Knallerbsen an Board! Ein Team aus vier Kandidaten versucht diese Rätsel möglichst schnell zu lösen, hat einer der Vier die Lösung gefunden gewinnt er fünf Euro. Alle anderen, samt Moderator, müssen sich ein Kurzen trinken. Wird die Lösung nicht gefunden gehen fünf Euro als Spende ans Sendezentrum. Pro Rätsel sind circa 10 Minuten eingeplant.
Speakers: Nicolas Wöhrl, Daniel Meßner, Martin Rützler Wir werden auf der Sendezentrums-Bühne interessante Gäste aus dem Bereich des Wissenschaftspodcasting aber auch der Wissenschaftskommunikation haben, mit ihnen über Wissenschaftskommunikation diskutieren und gemeinsam mit dem Publikum ein Jeopardy-Quiz veranstalten. Dabei gilt es mit Hilfe von Audioauschnitten aus Wissen{schaft}spodcasts die dort behandelten Themen zu erraten. Wissen{schaft}spodcasts sind Podcasts, deren primäres Ziel die Wissensvermittlung ist. Wir sind davon überzeugt, dass Podcasts ein geeignetes didaktisches Medium zur nachhaltigen Wissensvermittlung sind und haben daher das kuratierte Wisspod Verzeichnis http://wissenschaftspodcasts.de erstellt. Darüber hinaus sind Wissen{schaft}spodcasts aber noch etwas: Lehrreiche Unterhaltung. Sie zählen darum aus gutem Grund zu den beliebtesten Podcastangeboten. Darum glauben wir, dass speziell diese Podcasts auf die Showbühne gehören. Ganz nebenbei wird dabei das vielfältige Angebot der kuratierten Wisspod-Webseite vorgestellt. Wir möchten die Bandbreite dieser Formate durch den Showcharakter sichtbar machen und dafür sensibilisieren, dass Podcasts ein noch unterschätztes Potenzial bergen. Durch die Show führen einige Mitglieder der Wisspod-Redaktion, die so auch sichtbarer werden und anschließend zur Diskussion zur Verfügung stehen.
Speakers: Matthias, sjekutsch, sjordan, alorenzen In der ersten Folge des neuen Podcasts Salon Faire Elektronik erläutern wir im Expertengespräch den aktuellen Stand der Dinge. Wir finden heraus, was zu tun ist, um an Hardware zu kommen bei deren Entstehung niemand zu Schaden kommt und alle korrekt bezahlt werden.
Speakers: Jan, mailonator Hör doch mal zu ist ein relative neuer Labberpodcast, und der einzige mit doppel B. Wir wollen auf der Bühne einen persönlichen politischen Jahresrückblick machen und würden uns freuen, wenn wir das auch machen können. Unter anderem wollen mit Hilfe eines Brennpunktraten auf das Jahr zurückblicken und das Publikum ist eingeladen, sich zu beteiligen. Auch Fragen zu Autismus sind möglich... Wir sind Jan und Frank und machen den Podcast “Hör doch mal zu”. Jan wurde 1988 in Berlin (Ost) geboren und arbeitet in der IT. Außerdem ist Jan Autist. Frank ist 1953 in Berlin(West) geboren und lebe noch immer (gerne) in der Stadt. Er arbeite seit erfolgreich abgebrochenem E-Technik Studium an der TU Berlin in der IT, Schwerpunkt “Mail” und ‘n bischen System-Administration und Netz. Durch den Altersunterschied ergibt sich bei uns immer eine gewisse Spannung, die wir auch gerne auf die Bühne des Sendezentrums auf dem 33c3 bringen wollen.
Speakers: Marcus Richter, Patricia Cammarata, Malik, Frau Kirsche Drei Staffeln lang haben wir über unsere Probleme besprochen. Jetzt lösen wir Eure. Der Weisheit ist ein einstündiges Radiomagazin mit Malik Aziz, Marcus Richter, Patricia Cammarata und Frau Kirsche. Gesprochen wird über Alltägliches, Tiefschürfendes und Albernes, also das, was uns gerade bewegt. Jetzt ist es soweit: Frau Kirsche, Patricia, Malik und Marcus kehren auf den Congress zurück und retten die Welt. Eure Welt. Nachdem wir auf dem 32C3 eure Fragen beantwortet haben, wollen wir jetzt Eure Probleme lösen. Ihr wollt die Antwort auf das Trolley-Problem? Der Schwippschwager eurer Schwester hat dem Hund des Friseurs eurer Tante ein Ohr abgebissen und ihr wisst nicht wie ihr euch verhalten wollt? Ihr braucht eine Quote, aber wisst nicht wie viele? Kommt zur Bühne im Sendezentrum und all eure Fragen sollen für immer beantwortet werden. In einer Stunde. Nicht mehr und nicht weniger. PS: Falls ihr euch nicht traut die Fragen live auf der Bühne zu stellen, könnt ihr sie auch vorher an fragen@derweisheit.de schicken.
Speakers: Julia Offe, Reinhold Remscheid, Michael Büker, Ines Gütt
Speakers: Malik, teenagersexjohnny Wir legen den Senderzetrum in Schud und assche. für gelt. aber nix den sagen ok Unseren unterhaltsamen und tiergerechten Lifestylepodcast werden im Jahr von über 1,2 Millionen Zuschauern gelesen, darunter auch von viele Prominenten. Bundespräsident Dr. Ronan Keating, der Bayerische Ministerpräsident Dr. Angela Merkels, das Bayerische Kabinett oder Außenminister a.D. Oppa Güntrich sind gerngesehene Gäste vor ihren Podcatchern. Auch viele Schauspieler und Popstars (Michael Jackson, Bon Jovi, die Kelly-Familie, also vermuten wir) zählen zu unseren "Fans", ebenso wie Holger Pritlove und Marcus Stockmann. Anläßlich des 33c3 Gastspiels 2016 in Hamburch besuchen die Box-Champions Vitali und Vladimir Klitschko die Vorstellung. Bundesarbeitsminister a.D. Nikolaus Grill war zu Gast in seinem Wahlkreis Südstraße und schwang bei einem Kurzauftritt in der Manege die berühmte Pita-Peitsche. In Österreich kam der "bekennende" Blindseefan Alexander Tavor mit Familie gleich zweimal und zollte Malik und Johnny bei einem Pausenempfang seine Hochachtung für ihr Lebenswerk.
Speakers: die_horst, @FischaelaMeer, @FiLiS, Reinhold Remscheid Die erste Folge "Horst - die Podcast" live vom 33C3. Meine Gäste sind: Michaela Lehr, Philip Jocks und Reinhold Remscheid. Michaela ist Entwicklerin und Frau. Eine Kombination die manchmal für Verwirrung sorgt. In welchen Bereichen Michaela arbeitet und welcher Umgang mitunter gepflegt wird sind 2 Themen die ich gerne mit Michaela besprechen möchte. Philip Jocks ist derjenige, der Das Kongressmotto "works for me" zwischen Tür und Angel raus gehauen hat.Ein kurzer Einblick in das Seelenleben eines Mottogebers. Reinhold Remscheid. Wer ist dieser Mensch hinter der Kunstfigur Reinhard Remford? Was treibt ihn an und wer ist für die absurden Drehbücher verantwortlich? Das klärt der Schauspieler Reinhold Remscheid excklusiv auf.
Speakers: Toby Baier, Holgi The show where Holger Klein and Toby Baier talk about their realities (and sometimes sell stuff they bought but don't need). Diese Sendung in der Holger Klein und Toby Baier ihre Realitäten abgleichen (und Kram verkaufen, den sie mal gekauft haben aber nicht brauchen).
Speakers: heckpiet, maha Der Genusscast LIVE auf dem @33c3 - maha und heckpiet. Probieren $dinge auf der Bühne und lassen das Publikum teilhaben.
Speakers: Ingo Ebel, madmas, makefoo Binärgewitter ist ein Live Podcast der sich Schwerpunktmäßig mit Linux, Open Source, IT Sicherheit und dem Web beschäftigt. Neben dem Üblichen wie finden wir den 33C3 und was ist in den letzten Wochen passiert werden wir versuchen versuchen Live OS/2 Warp, ReactOS, CoreOS, NixOS, Haiku, Hannah Montana Linux (aka obskure Betriebssysteme) zu installieren und unsere Eindrücke zu schildern. Am Ende wird per Applaus entschieden....
Speakers: Johannes (ohneQ), schaarsen, Toby Baier, Jan Gießmann Eine Kandidat:in aus dem Publikum kämpft live um ihr überleben. Dazu muss Sie knifflige Rätsel lösen. Motto: Sterben oder eine coole Sau sein! Das grimme-nominierte Live-Rollenspiel Puerto Patida sucht sich eine Kandidat:in aus dem Publikum, die in einer spannenden Geschichte auf kuriose Charaktere treffen wird. Dabei versucht sie mehrere Rätsel zu lösen um nicht von einer übergroßen Spinne oder einem Gourmet-Kannibalen gefressen zu werden, um von einer verrückten Insel wieder fliehen zu können.
Speakers: Tim Pritlove, hukl,roddi, Denis Ahrens Freak Show ist ein Podcast, der sich mit dem Leben mit Technik im 21. Jahrhundert auseinandersetzt und dabei eine Vielzahl von Themen anschneidet. Es ist kein Geheimnis, dass das Team sich viel und gerne mit Apple und seinen Produkten, Programmierung, Bitcoin, Gitarren, Podcasting und anderen Lastern herumschlägt. Aber wir reden auch über was anderes.
Speakers: Martin Fischer, Ulrike Kretzmer, Tim Pritlove Das war's – das Sendezentrum verabschiedet sich vom 33c3 Wir zeigen Euch noch mal, was alles an den vier Tagen bei uns los war und was ihr vielleicht alles verpasst habt. Und wir bedanken uns bei allen Beteiligten. Es wird sehr emotional und traurig. Kommt alle!
Speakers: Marcus Richter, Dr. Thomas Schwenke Wer zahlt, wenn Bots in einen Kaufrausch geraten oder autonom fahrende Autos sich nicht an die Verkehrsregeln halten? Entwickler, Nutzer oder etwa die KI selbst? Die Rechtsbelehrung ist ein Podcast, der über rechtliche Phänomene, die entstehen, wenn die Meatwelt mit dem digitalen Raum verschmilzt. Auf dem Congress - wahrscheinlich der letzten Veranstaltung, auf der es außer Menschen keine weiteren vernunftbegabten Entitäten geben wird - wollen sich Thomas Schwenke und Marcus Richter einer der ältesten Fragen der Menschheit zuwenden: Wer ist schuld? Wer zahlt, wenn Bots in einen Kaufrausch geraten oder autonom fahrende Autos sich nicht an die Verkehrsregeln halten? Entwickler, Nutzer oder etwa die KI selbst? Wenn autonome Systeme unabhängig agieren und sich selbst definieren, sollten sie dann nicht auch rechtlich autonom werden? Wird es neben den natürlichen Personen (aka Menschen) und juristischen Personen (aka Firmen) auch eine "E-Person" geben? Die beiden Menschen der Rechtsbelehrung bringen viele Ideen, Grundlagen sowie Fragen mit und werden sich gemeinsam mit dem Publikum auf die Suche nach den Antworten begeben.
Speakers: Marcus Richter, Maria Reimer, Martin Haase, Holgi, Daniel Lange, Linus Neumann Bislang war der Chaos Communication Congress immer der Grund, das Chaosradio im Dezember zu pausieren. Bis jetzt. Denn am Freitag den 30.12. hat Marcus Richter das Studio gegen die Bühne des Sendezentrums auf dem 33c3 getauscht, um euch Highlights und Congressfeeling in euren Podcatcher zu bringen und interessante Gäste zu empfangen: Maria Reimer von Jugend hackt, Martin Haase, der auf dem Congress über die Sprache der Populisten gesprochen hat sowie Daniel Lange, der eine Übersicht zu Dieselgate gibt. Zum Abschluss lassen wir mit Linus Neumann den Congress Revue passieren. Die Musik stammt aus den Chillhop Essentials Winter 2016.
Speakers: Jonas Schönfelder, Felix Betzin, Daniel Lücking, Anna Biselli, Cbass, Stella Schiffczyk Wir blicken auf die Ereignisse rund um den Geheimdienst-Untersuchungsausschuss im Jahr 2016 zurück und veranstalten ein Quiz für die HörerInnen. Seit über zwei Jahren ermittelt der Geheimdienst-Untersuchungsausschuss des Bundestages zur globalen Überwachungsaffäre. Allein in diesem Jahr fanden 21 öffentliche Sitzungen statt. In den Massenmedien ist der Ausschuss allerdings kaum noch ein Thema und zwischendurch wurde auch noch das neue BND-Gesetz beschlossen, das viele bisher illegale Praktiken des Auslandsnachrichtendienstes legalisiert. Wir blicken zurück auf das Jahr 2016 und sprechen über unsere Eindrücke aus dem #NSAUA. Am Ende gibt es ein Quiz, bei dem die aufmerksamsten HörerInnen ihr Wissen unter Beweis stellen können.
(Die Podcast Quizshow deren Name ein Anagram des Originals ist!) In dieser Show geht es um die Lösung hinter Fragen wie was ist ein Alarmstuhl, was ist Spritzgeld oder warum haben Züge aus Deutschland nach Frankreich Knallerbsen an Board! Für die ZuschauerInnen gibt es Spaß, für das Rate Team (bestehend aus: Philipp, Tom, Christiane Attig und Holger Klein) gibt es süßen Alkohol und für jede richtig beantwortete Frage eine güldene CYBER Card! Mehr Infos auf: GalaBeNeedInn.de Twitter: @GalaBeNeedInn
Ein gemütlicher Schnack unter Ingenieuren warum die Elektromobilität nicht ins Rollen kommt und warum Wasserstoff noch nicht so richtig in Deutschland explodiert ist. Wir werden aus unseren Erfahrungen mit Elektromobilität, der Freude der Wartezeit auf ein Auto und anderen Problemchen schnacken. Sollten wir nicht von einem E-Roller oder Sofa überfahren worden sein vorher ^^ Wer auch ein E Auto hat oder sich über ERoller aufregen will darf gerne dazukommen.
Im Podcast UA Pod Berlin fassen wir das Sitzungsgeschehen im Untersuchungsausschuss zum Terroranschlag am Breitscheidplatz zusammen. Tagesaktuell binden wir Abgeordneten-Statements zum Geschehen mit ein. Die Kanzlerin versprach den Hinterbliebenen und Opfern Aufklärung. Wir zeigen im Podcast wie weit wir davon entfernt sind.
In diesem Talk werden erstmalig Ergebnisse einer Online-Studie mit 653 Podcastproduzierenden vorgestellt.
Der Einmischen Podcast ist für ein paar Rant und sich eher Aufregen bekannt unser Politiklehrer Thomas ist da eher der zynische Pol der Podcastszene. Beide versuchen in dem kleinen Jahresrückblick mal die Aufreger auf ein Minimum zu senken. Unterhaltung garantiert.
Von antifeministischen Hasskampagnen bis zu Mental Load, von unangemessenen Preisvergaben bis zu intersektionalen Fragezeichen, von Megan Rapinoe bis zu Greta Thunberg – es gibt viel zu besprechen. Zeit für einen empowernden feministischen Jahresrückblick!
Geheime Einschätzungen des Verfassungsschutzes zur AfD, ungünstiges Framing bei der ARD, intransparente Moderation bei Tiktok: In diesem Jahr haben wir mit so mancher Recherche Schlagzeilen gemacht. Hier wollen wir auf einige interessante Geschichten aus 2019 schauen und einen Blick hinter die Kulissen von netzpolitik.org geben.
Nach vielen Jahren Politikunterricht wird Holger und das Publikum nun von Thomas zu den grundlegenden Inhalten geprüft.
NSU-Watch: Aufklären & Einmischen. Der Podcast über den NSU-Komplex, rechten Terror und Rassismus https://www.nsu-watch.info/podcast/
Jenny Günther, Moritz Klenk, Nicolas Wöhrl und Stefan Schulz laden alle anwesenden Podcaster und Podcasthörer zum 2. Podcast-Selbstkritiktreffen ein.
Das Wissenschaftskommunikations-Assembly trifft sich auf dem 36c3 um über Wissenschaftskommunikation zu sprechen. Und über andere Themen die ihnen am Herzen liegen.
Auf dem 36c3 macht das Chaosradio endlich das Byte voll! Marcus Richter redet mit Leuten, die auf diesem Congress interessante Dinge berichtet, zerforscht oder aufgefahren haben.
Deutschlands bester Asienpodcast präsentiert einen Überblick über sechs Monate Protest in Hongkong mit Fokus auf die strategische Nutzung von digitalen Tools und Memes.
