http://media.ccc.de/ Der Chaos Computer Club ist die größte europäische Hackervereinigung und seit über 25 Jahren Vermittler im Spannungsfeld technischer und sozialer Entwicklungen. en-us, de-de mostly cc-by-nc Wed, 16 May 2012 18:12:51 +0200 http://media.ccc.de/images/miro-banner.png http://media.ccc.de/ http://media.ccc.de//ftp/congress/2011/webm/28c3-4581-en-taking_control_over_the_tor_network.webm This talk deals with weaknesses identified in the TOR network protocol and cryptography implementation. We manage to take control over users using this network and to access all your information and data exchanged despite cryptography. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4581.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4581-en-taking_control_over_the_tor_network.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4581-en-taking_control_over_the_tor_network.webm 2011-12-29T00:00:00+01:00 Eric Filiol, Seun Omosowon No 28c3, Hacking This talk deals with weaknesses identified in the TOR network protocol and cryptography implementation. We manage to take control over users using this network and to access all your information and data exchanged despite cryptography. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4581.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4581-en-taking_control_over_the_tor_network.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4587-en-bup_git_for_backups.webm bup is short for "backup". bup uses the file format of the distributed version control system Git. It solves Git's problems with big files. Deduplication is used to make backups space efficent (about five times smaller than rsnapshot's backups). Data is deduplicated globally across files and backups. If a small part of a big file is changed only little additional space is needed. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4587.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4587-en-bup_git_for_backups.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4587-en-bup_git_for_backups.webm 2011-12-30T00:00:00+01:00 Zoran Zaric No 28c3, Hacking bup is short for "backup". bup uses the file format of the distributed version control system Git. It solves Git's problems with big files. Deduplication is used to make backups space efficent (about five times smaller than rsnapshot's backups). Data is deduplicated globally across files and backups. If a small part of a big file is changed only little additional space is needed. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4587.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4587-en-bup_git_for_backups.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4640-en-time_is_on_my_side.webm Timing side channel attacks are non-intrusive attacks that are still widely ignored in day-to-day penetration testing, although they allow attackers to breach the confidentiality of sensitive information. The reason for this is, that timing attacks are still widely considered to be theoretical. In this talk, I present a toolkit for performing practical timing side channel attacks and showcase several timing attacks against real-world systems. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4640.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4640-en-time_is_on_my_side.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4640-en-time_is_on_my_side.webm 2011-12-28T00:00:00+01:00 Sebastian Schinzel No 28c3, Hacking Exploiting Timing Side Channel Vulnerabilities on the Web Timing side channel attacks are non-intrusive attacks that are still widely ignored in day-to-day penetration testing, although they allow attackers to breach the confidentiality of sensitive information. The reason for this is, that timing attacks are still widely considered to be theoretical. In this talk, I present a toolkit for performing practical timing side channel attacks and showcase several timing attacks against real-world systems. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4640.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4640-en-time_is_on_my_side.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4648-en-quantum_of_science.webm Quantum systems can have very different properties from their classical analogues which allows them to have states that are not only correlated but entangled. This allows for quantum computers running algorithms more powerful than those on classical computers (represented by Turing machines) and for quantum cryptography whose safety is (in principle) guaranteed by the laws of nature. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4648.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4648-en-quantum_of_science.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4648-en-quantum_of_science.webm 2011-12-30T00:00:00+01:00 Robert Helling No 28c3, Science How quantum information differs from classical Quantum systems can have very different properties from their classical analogues which allows them to have states that are not only correlated but entangled. This allows for quantum computers running algorithms more powerful than those on classical computers (represented by Turing machines) and for quantum cryptography whose safety is (in principle) guaranteed by the laws of nature. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4648.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4648-en-quantum_of_science.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4652-en-data_mining_the_israeli_census.webm The entire Israeli civil registry database has been leaked to the internet several times over the past decade. In this talk, we examine interesting data that can be mined and extracted from such database. Additionally, we will review the implications of such data being publicly available in light of the upcoming biometric database. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4652.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4652-en-data_mining_the_israeli_census.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4652-en-data_mining_the_israeli_census.webm 2011-12-28T00:00:00+01:00 Yuval Adam No 28c3, Hacking Insights into a publicly available registry The entire Israeli civil registry database has been leaked to the internet several times over the past decade. In this talk, we examine interesting data that can be mined and extracted from such database. Additionally, we will review the implications of such data being publicly available in light of the upcoming biometric database. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4652.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4652-en-data_mining_the_israeli_census.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4656-en-ooops_i_hacked_my_pbx.webm This talk is cautionary tale about developers forgetting to remove debug interfaces from finished products and the need of repetitive system reviews. A midrange PBX systems (non web) configuration interface is used as an example of what flaws you can actually find in commercial systems. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4656.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4656-en-ooops_i_hacked_my_pbx.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4656-en-ooops_i_hacked_my_pbx.webm 2011-12-29T00:00:00+01:00 pt No 28c3, Hacking Why auditing proprietary protocols matters This talk is cautionary tale about developers forgetting to remove debug interfaces from finished products and the need of repetitive system reviews. A midrange PBX systems (non web) configuration interface is used as an example of what flaws you can actually find in commercial systems. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4656.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4656-en-ooops_i_hacked_my_pbx.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4660-en-post_memory_corruption_memory_analysis.webm Pmcma is a tool aimed at automating the most time consuming taskes of exploitation. It for instance determine why an application is triggering a segmentention fault, evaluate if the faulting instruction can be used to write to memory or execute arbitrary code, and list all the function pointers potentially called from a given point in time by an application. Pmcma is a totally new kind of debugger, which allows for easy experimentation with a process in memory by forcing it to fork. The exact replicas of the process created in memory can then be intrumented while keeping the properties (eg: state of variables, ASLR, permissions...) of the original process. Pmcma is an easily extensible framework available under the Apache 2.0 license from http://www.pmcma.org/ . about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4660.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4660-en-post_memory_corruption_memory_analysis.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4660-en-post_memory_corruption_memory_analysis.webm 2011-12-28T00:00:00+01:00 endrazine No 28c3, Hacking Automating exploitation of invalid memory writes Pmcma is a tool aimed at automating the most time consuming taskes of exploitation. It for instance determine why an application is triggering a segmentention fault, evaluate if the faulting instruction can be used to write to memory or execute arbitrary code, and list all the function pointers potentially called from a given point in time by an application. Pmcma is a totally new kind of debugger, which allows for easy experimentation with a process in memory by forcing it to fork. The exact replicas of the process created in memory can then be intrumented while keeping the properties (eg: state of variables, ASLR, permissions...) of the original process. Pmcma is an easily extensible framework available under the Apache 2.0 license from http://www.pmcma.org/ . about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4660.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4660-en-post_memory_corruption_memory_analysis.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4661-en-scade_and_plc_vulnerabilities_in_correctional_facilities.webm Many prisons and jails use SCADA systems with PLCs to open and close doors. Using original and publically available exploits along with evaluating vulnerabilities in electronic and physical security designs, Newman, Rad and Strauchs have discovered significant vulnerabilities in PLCs used in correctional facilities by being able to remotely flip the switches to “open” or “locked closed” on cell doors and gates. This talk will evaluate and demo SCADA systems and PLC vulnerabilities in correctional and government secured facilities while recommending solutions. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4661.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4661-en-scade_and_plc_vulnerabilities_in_correctional_facilities.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4661-en-scade_and_plc_vulnerabilities_in_correctional_facilities.webm 2011-12-27T00:00:00+01:00 Teague, Tiffany Rad No 28c3, Hacking Tiffany Rad, Teague Newman, John Strauchs Many prisons and jails use SCADA systems with PLCs to open and close doors. Using original and publically available exploits along with evaluating vulnerabilities in electronic and physical security designs, Newman, Rad and Strauchs have discovered significant vulnerabilities in PLCs used in correctional facilities by being able to remotely flip the switches to “open” or “locked closed” on cell doors and gates. This talk will evaluate and demo SCADA systems and PLC vulnerabilities in correctional and government secured facilities while recommending solutions. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4661.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4661-en-scade_and_plc_vulnerabilities_in_correctional_facilities.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4663-en-cellular_protocol_stacks_for_internet.webm Almost everyone uses the packet oriented transmission modes of cellular networks. However, unlike TCP/IP, Ethernet and Wifi, not many members of the hacker commnunity are familiar with the actual protocol stack for those services. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4663.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4663-en-cellular_protocol_stacks_for_internet.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4663-en-cellular_protocol_stacks_for_internet.webm 2011-12-29T00:00:00+01:00 Harald Welte No 28c3, Hacking GPRS, EDGE, UMTS, HSPA demystified Almost everyone uses the packet oriented transmission modes of cellular networks. However, unlike TCP/IP, Ethernet and Wifi, not many members of the hacker commnunity are familiar with the actual protocol stack for those services. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4663.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4663-en-cellular_protocol_stacks_for_internet.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4668-en-electronic_money.webm The proposed talk provides a definition of the problem of creating e-money and after a review of the state of the art points out possible solutions and proposes questions for discussion for the properties of electronic money system. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4668.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4668-en-electronic_money.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4668-en-electronic_money.webm 2011-12-29T00:00:00+01:00 peio No 28c3, Society and Politics How the e-money systems can be made better The proposed talk provides a definition of the problem of creating e-money and after a review of the state of the art points out possible solutions and proposes questions for discussion for the properties of electronic money system. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4668.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4668-en-electronic_money.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4669-en-bionic_ears.webm In many social situations being hearing impaired is a serious handicap, not only for elderly people. Today's hearing aids are tiny computers that do a decent job in signal processing. During the last years, the progress in this technology was significant, amongst other things by switching from analog to digital devices. Since this field becomes more and more related to computer technology, there is even more improvement to be expected. In particular, it turns into a more and more interesting playground for hackers. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4669.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4669-en-bionic_ears.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4669-en-bionic_ears.webm 2011-12-28T00:00:00+01:00 Helga Velroyen No 28c3, Hacking Introduction into State-of-the-Art Hearing Aid Technology In many social situations being hearing impaired is a serious handicap, not only for elderly people. Today's hearing aids are tiny computers that do a decent job in signal processing. During the last years, the progress in this technology was significant, amongst other things by switching from analog to digital devices. Since this field becomes more and more related to computer technology, there is even more improvement to be expected. In particular, it turns into a more and more interesting playground for hackers. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4669.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4669-en-bionic_ears.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4675-de-politik_neusprech_2011.webm Aktuelle politische Texte (Reden, Interviews) werden auf Leerformeln, Füllsel und Übertreibungen untersucht, die den Text entlarven, selbst wenn der Autor versucht, die Hörer bzw. Leser einzulullen, bestimmte sprachliche Mittel verraten, welche eigentlichen Meinungen sich im Text verstecken. Auf diese Weise wird in den Texten sichtbar, was Wilson und Shea als „Fnord“ bezeichnen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4675.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4675-de-politik_neusprech_2011.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4675-de-politik_neusprech_2011.webm 2011-12-28T00:00:00+01:00 maha/Martin Haase No 28c3, Society and Politics Sprachlicher Nebel in der Politik Aktuelle politische Texte (Reden, Interviews) werden auf Leerformeln, Füllsel und Übertreibungen untersucht, die den Text entlarven, selbst wenn der Autor versucht, die Hörer bzw. Leser einzulullen, bestimmte sprachliche Mittel verraten, welche eigentlichen Meinungen sich im Text verstecken. Auf diese Weise wird in den Texten sichtbar, was Wilson und Shea als „Fnord“ bezeichnen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4675.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4675-de-politik_neusprech_2011.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4676-en-apple_vs_google_client_platforms.webm We will discuss the two different approaches Apple and Google take for the client platforms iPad and Chromebook, how they are similar and how they are not. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4676.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4676-en-apple_vs_google_client_platforms.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4676-en-apple_vs_google_client_platforms.webm 2011-12-28T00:00:00+01:00 Bruhns, FX of Phenoelit, greg No 28c3, Hacking How you end up being the Victim. We will discuss the two different approaches Apple and Google take for the client platforms iPad and Chromebook, how they are similar and how they are not. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4676.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4676-en-apple_vs_google_client_platforms.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4680-en-effective_dos_attacks_against_web_application_platforms.webm This talk will show how a common flaw in the implementation of most of the popular web programming languages and platforms (including PHP, ASP.NET, Java, etc.) can be (ab)used to force web application servers to use 99% of CPU for several minutes to hours for a single HTTP request. This attack is mostly independent of the underlying web application and just relies on a common fact of how web application servers typically work. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4680.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4680-en-effective_dos_attacks_against_web_application_platforms.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4680-en-effective_dos_attacks_against_web_application_platforms.webm 2011-12-28T00:00:00+01:00 Alexander ‘alech’ Klink, Julian | zeri No 28c3, Hacking We are the 99% (CPU usage) This talk will show how a common flaw in the implementation of most of the popular web programming languages and platforms (including PHP, ASP.NET, Java, etc.) can be (ab)used to force web application servers to use 99% of CPU for several minutes to hours for a single HTTP request. This attack is mostly independent of the underlying web application and just relies on a common fact of how web application servers typically work. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4680.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4680-en-effective_dos_attacks_against_web_application_platforms.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4686-en-implementation_of_mitm_attack_on_hdcp_secured_links.webm A man-in-the-middle attack on HDCP-secured video links is demonstrated. The attack is implemented on an embedded Linux platform, with the help of a Spartan-6 FPGA, and is capable of operating real-time on HD video links. It utilizes the HDCP master key to derive the corresponding private keys of the video source and sink through observation and computation upon the exchanged public keys. The man-in-the-middle then genlocks its raster and cipher state to the incoming video stream, enabling it to do pixel by pixel swapping of encrypted data. Since the link does no CRC or hash verification of the data, one is able to forge video using this method. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4686.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4686-en-implementation_of_mitm_attack_on_hdcp_secured_links.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4686-en-implementation_of_mitm_attack_on_hdcp_secured_links.webm 2011-12-29T00:00:00+01:00 bunnie No 28c3, Hacking A non-copyright circumventing application of the HDCP master key A man-in-the-middle attack on HDCP-secured video links is demonstrated. The attack is implemented on an embedded Linux platform, with the help of a Spartan-6 FPGA, and is capable of operating real-time on HD video links. It utilizes the HDCP master key to derive the corresponding private keys of the video source and sink through observation and computation upon the exchanged public keys. The man-in-the-middle then genlocks its raster and cipher state to the incoming video stream, enabling it to do pixel by pixel swapping of encrypted data. Since the link does no CRC or hash verification of the data, one is able to forge video using this method. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4686.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4686-en-implementation_of_mitm_attack_on_hdcp_secured_links.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4688-en-introducing_osmo_gmr.webm The latest member of the Osmocom-family projects, osmo-gmr focuses on the GMR-1 (GEO Mobile Radio) air interface used in some satellite Phones. This talk will shortly present the GMR protocol, the Thuraya network that uses this protocol in the Eurasian/African and Australian continents and finally details how you can capture samples and process them for analysis using osmo-gmr. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4688.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4688-en-introducing_osmo_gmr.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4688-en-introducing_osmo_gmr.webm 2011-12-29T00:00:00+01:00 Sylvain Munaut No 28c3, Hacking Building a sniffer for the GMR satphones The latest member of the Osmocom-family projects, osmo-gmr focuses on the GMR-1 (GEO Mobile Radio) air interface used in some satellite Phones. This talk will shortly present the GMR protocol, the Thuraya network that uses this protocol in the Eurasian/African and Australian continents and finally details how you can capture samples and process them for analysis using osmo-gmr. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4688.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4688-en-introducing_osmo_gmr.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4699-en-building_a_distributed_satellite_ground_station_network.webm As proposed by Nick Farr et al at CCCamp11, we - the hacker community - are in desperate need for our own communication infrastructure. So here we are, answering the call for the Hacker Space Program with our proposal of a distributed satellite communications ground station network. An affordable way to bring satellite communications to a hackerspace near you. We're proposing a multi-step approach to work towards this goal by setting up a distributed network of ground stations which will ensure a 24/7 communication window - first tracking, then communicating with satellites. The current state of a proof of concept implementation will be presented. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4699.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4699-en-building_a_distributed_satellite_ground_station_network.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4699-en-building_a_distributed_satellite_ground_station_network.webm 2011-12-28T00:00:00+01:00 Andreas -horn- Hornig, hadez No 28c3, Hacking Hackers need satellites. Hackers need internet over satellites. Satellites require ground stations. Let's build them! As proposed by Nick Farr et al at CCCamp11, we - the hacker community - are in desperate need for our own communication infrastructure. So here we are, answering the call for the Hacker Space Program with our proposal of a distributed satellite communications ground station network. An affordable way to bring satellite communications to a hackerspace near you. We're proposing a multi-step approach to work towards this goal by setting up a distributed network of ground stations which will ensure a 24/7 communication window - first tracking, then communicating with satellites. The current state of a proof of concept implementation will be presented. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4699.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4699-en-building_a_distributed_satellite_ground_station_network.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4700-en-what_is_whiteit.webm This talk will be about the WhiteIT project, initiated by Mr Schünemann, German Minister of Interior in the state of Lower Saxony. The WhiteIT project is concerned with combating the online-distribution of child abuse material. WhiteIT tries to develop tools and processes to cooperatively suppress the disemination and (re-)distribution of said material. During the Talk the lecturer will try to encourage some open source intelligence. So please consider bringing a laptop, netbook or tablet with you to help gather and collect certain informations right away. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4700.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4700-en-what_is_whiteit.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4700-en-what_is_whiteit.webm 2011-12-27T00:00:00+01:00 Christian Bahls -- MOGiS e.V. - Eine Stimme der Vernunft No 28c3, Society and Politics Why you probably want to be concerned about it and similiar alliances. This talk will be about the WhiteIT project, initiated by Mr Schünemann, German Minister of Interior in the state of Lower Saxony. The WhiteIT project is concerned with combating the online-distribution of child abuse material. WhiteIT tries to develop tools and processes to cooperatively suppress the disemination and (re-)distribution of said material. During the Talk the lecturer will try to encourage some open source intelligence. So please consider bringing a laptop, netbook or tablet with you to help gather and collect certain informations right away. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4700.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4700-en-what_is_whiteit.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4706-en-power_gadgets_with_your_own_electricity.webm This talk, consisting of five distinct parts, is intended to show the audience how to get electricity without needing a grid connection. It will give information on * Which energy sources to use * What to power with them * What equipment to get * How to wire it up * And some wishful thinking Participants should be able to assemble their own small-scale energy-generating systems after listening. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4706.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4706-en-power_gadgets_with_your_own_electricity.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4706-en-power_gadgets_with_your_own_electricity.webm 2011-12-28T00:00:00+01:00 Gunnar Thöle, Jörg Dürre No 28c3, Hacking escape the basement and make the sun work for you This talk, consisting of five distinct parts, is intended to show the audience how to get electricity without needing a grid connection. It will give information on * Which energy sources to use * What to power with them * What equipment to get * How to wire it up * And some wishful thinking Participants should be able to assemble their own small-scale energy-generating systems after listening. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4706.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4706-en-power_gadgets_with_your_own_electricity.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4707-en-your_disaster_crisis_revolution_just_got_pwned.webm Software is becoming more and more important in organizing response to all kinds of crises, whether that means activists responding to an unjust government or aid workers helping with the aftermath of a disaster. Security often isn't the first thing people think about in these situations -- they have work to get done, just like the rest of us, and many of these tools are built in the heat of the moment. In a crisis, a lack of security can make a small disaster into a big one. In this talk, we'll look at real world experiences of the security and privacy problems in the field, and how to fix them, at both large and small levels. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4707.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4707-en-your_disaster_crisis_revolution_just_got_pwned.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4707-en-your_disaster_crisis_revolution_just_got_pwned.webm 2011-12-30T00:00:00+01:00 Herr Urbach, willowbl00 No 28c3, Hacking Telecomix and Geeks without Bounds on Security and Crisis Response Software is becoming more and more important in organizing response to all kinds of crises, whether that means activists responding to an unjust government or aid workers helping with the aftermath of a disaster. Security often isn't the first thing people think about in these situations -- they have work to get done, just like the rest of us, and many of these tools are built in the heat of the moment. In a crisis, a lack of security can make a small disaster into a big one. In this talk, we'll look at real world experiences of the security and privacy problems in the field, and how to fix them, at both large and small levels. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4707.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4707-en-your_disaster_crisis_revolution_just_got_pwned.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4710-en-the_future_of_cryptology.webm The lessons and best practices of the titanic will be extracted. Are we ready? This will be a co-presentation (Jean-Jacques Quisquater / David Samyde) and occasional friendly exchange, with point and counter-point of different contrasting views on the impact of solving integer factorization and some other difficult problem in cryptography. The idea is to perform a provocative comparison between the 'unbreakable' RSA algorithm and the unsinkable Titanic. Receiving his RSA Conference Lifetime Achievement Award, Rivest said that it has not been demonstrated mathematically that factorization into primes is difficult. So “Factoring could turn out to be easy,” and according to him “maybe someone here will find the method”. Since 1994 and Shor's algorithm, the danger of quantum computer is known: breaking RSA in polynomial time. Factoring large numbers is conjectured to be computationally infeasible on classic non quantum computers. No efficient algorithm is known and the research in the last 30 years did not show enormous progress. Iceberg existence is predicted but not shown yet. According to Rivest a variety of alternative schemes have been developed in the decades since RSA was published, and a new system could probably be adopted quickly. This relies on solving factorization only, but several other cases can be considered, in some of them the action to replace RSA with a new algorithm could require more work than initially planned (solution to discrete logarithm). Managing the risk and the threat of the resolution of any major problem used in cryptography is crucial. This presentation challenges the conventional thinking using lessons learned from history. RSA users are everywhere so what could be the consequences of a break in the real world? What were the errors made on the Titanic? Can the best practices used be improved or just translated into a new scheme? What would be the impact of solving the RSA assumption on cryptography? The outline is: History of factorization Titanic primes and RSA keys Complexity, classes of algorithms and practical costs Risk analysis and Threat management Probability estimation and proactive monitoring From best to worst case Best methods and lessons learned Multiple scenari (Im)possibility of accurate prediction What to expect and how to be ready Conclusion Andrew Grove, former CEO of Intel said "Only the paranoid survive". Forecasting the presence of a strategic inflection point is hard. What to expect at the time of the next major cryptanalysis breakthrough? What history teaches? What remains to be done? Are we ready? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4710.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4710-en-the_future_of_cryptology.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4710-en-the_future_of_cryptology.webm 2011-12-29T00:00:00+01:00 Jean-Jacques Quisquater , Renaud Devaliere No 28c3, Hacking RMS Olympic, RMS Titanic, HMHS Britannic vs Discrete Logarithm, Integer factorization, Conjectured hard problems The lessons and best practices of the titanic will be extracted. Are we ready? This will be a co-presentation (Jean-Jacques Quisquater / David Samyde) and occasional friendly exchange, with point and counter-point of different contrasting views on the impact of solving integer factorization and some other difficult problem in cryptography. The idea is to perform a provocative comparison between the 'unbreakable' RSA algorithm and the unsinkable Titanic. Receiving his RSA Conference Lifetime Achievement Award, Rivest said that it has not been demonstrated mathematically that factorization into primes is difficult. So “Factoring could turn out to be easy,” and according to him “maybe someone here will find the method”. Since 1994 and Shor's algorithm, the danger of quantum computer is known: breaking RSA in polynomial time. Factoring large numbers is conjectured to be computationally infeasible on classic non quantum computers. No efficient algorithm is known and the research in the last 30 years did not show enormous progress. Iceberg existence is predicted but not shown yet. According to Rivest a variety of alternative schemes have been developed in the decades since RSA was published, and a new system could probably be adopted quickly. This relies on solving factorization only, but several other cases can be considered, in some of them the action to replace RSA with a new algorithm could require more work than initially planned (solution to discrete logarithm). Managing the risk and the threat of the resolution of any major problem used in cryptography is crucial. This presentation challenges the conventional thinking using lessons learned from history. RSA users are everywhere so what could be the consequences of a break in the real world? What were the errors made on the Titanic? Can the best practices used be improved or just translated into a new scheme? What would be the impact of solving the RSA assumption on cryptography? The outline is: History of factorization Titanic primes and RSA keys Complexity, classes of algorithms and practical costs Risk analysis and Threat management Probability estimation and proactive monitoring From best to worst case Best methods and lessons learned Multiple scenari (Im)possibility of accurate prediction What to expect and how to be ready Conclusion Andrew Grove, former CEO of Intel said "Only the paranoid survive". Forecasting the presence of a strategic inflection point is hard. What to expect at the time of the next major cryptanalysis breakthrough? What history teaches? What remains to be done? Are we ready? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4710.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4710-en-the_future_of_cryptology.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4711-en-the_atari_2600_video_computer_system_the_ultimate_talk.webm Going more retro than the Commodore C=64: The Atari 2600 VCS was the breakthrough for video games in your own living room. This lecture will cover a bit of the history on how it came to live, describes the hardware used and shows how to write your own code for it. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4711.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4711-en-the_atari_2600_video_computer_system_the_ultimate_talk.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4711-en-the_atari_2600_video_computer_system_the_ultimate_talk.webm 2011-12-27T00:00:00+01:00 Sven Oliver ('SvOlli') Moll No 28c3, Hacking The history, the hardware and how to write programs Going more retro than the Commodore C=64: The Atari 2600 VCS was the breakthrough for video games in your own living room. This lecture will cover a bit of the history on how it came to live, describes the hardware used and shows how to write your own code for it. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4711.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4711-en-the_atari_2600_video_computer_system_the_ultimate_talk.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4712-en-mining_your_geotags.webm A practical discussion of how potentially revolutionary, yet ethically questionable data---such as that from facebook---is currently being handled in academia. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4712.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4712-en-mining_your_geotags.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4712-en-mining_your_geotags.webm 2011-12-28T00:00:00+01:00 Conrad Lee No 28c3, Society and Politics Academia, social media data, and privacy A practical discussion of how potentially revolutionary, yet ethically questionable data---such as that from facebook---is currently being handled in academia. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4712.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4712-en-mining_your_geotags.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4713-en-what_is_in_a_name.webm Starting with the history of birth-registration an overview on the historical regimes of naming and identifying people from the 15th to the 20th century is given. the talk will show examples of the different identity media through time and their standardization with the rise of the westphalian nation state and the subsequent developments after the french revolution and during the 20th century. the goal of the talk is to show the complexity of the phenomenon of personal names and their media and the need for an informed debate on who and how naming and identification in the digital age is achieved. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4713.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4713-en-what_is_in_a_name.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4713-en-what_is_in_a_name.webm 2011-12-27T00:00:00+01:00 Christoph Engemann No 28c3, Society and Politics Identity-Regimes from 1500 to the 2000s Starting with the history of birth-registration an overview on the historical regimes of naming and identifying people from the 15th to the 20th century is given. the talk will show examples of the different identity media through time and their standardization with the rise of the westphalian nation state and the subsequent developments after the french revolution and during the 20th century. the goal of the talk is to show the complexity of the phenomenon of personal names and their media and the need for an informed debate on who and how naming and identification in the digital age is achieved. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4713.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4713-en-what_is_in_a_name.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4721-en-pentanews_game_show_2k11.webm The Penta News Game Show rehashes a collection of absurd, day-to-day news items of 2011 to entertain the audience, let the Net participate, and make it's winners heroes. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4721.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4721-en-pentanews_game_show_2k11.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4721-en-pentanews_game_show_2k11.webm 2011-12-27T00:00:00+01:00 Alien8, _john, klobs No 28c3, Show 42 new questions, new jokers, same concept, more fun than last year! The Penta News Game Show rehashes a collection of absurd, day-to-day news items of 2011 to entertain the audience, let the Net participate, and make it's winners heroes. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4721.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4721-en-pentanews_game_show_2k11.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4722-de-dick_size_war_for_nerds.webm Hier geht es um die Gretchenfrage: „Welches Tool ist das beste?“ Dabei treten zwei Teams gegeneinander an und müssen live verschiedene $RANDOM\_NERD\_TASK auf ihren eigenen Rechnern lösen. Wer dabei zeigt, dass sein Tool das schnellere, schlankere, mächtigere, längere, größere^w^w^w^wist, gewinnt. Durch das Programm führen Jan „git-zsh-keynote-firefox“ Wulfes und Benjamin „bzr-fish-latexbeamer-chrome“ Kellermann. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4722.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4722-de-dick_size_war_for_nerds.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4722-de-dick_size_war_for_nerds.webm 2011-12-28T00:00:00+01:00 Benjamin Kellermann, klobs No 28c3, Show Mein Ruby ist besser als dein urxvt! Hier geht es um die Gretchenfrage: „Welches Tool ist das beste?“ Dabei treten zwei Teams gegeneinander an und müssen live verschiedene $RANDOM\_NERD\_TASK auf ihren eigenen Rechnern lösen. Wer dabei zeigt, dass sein Tool das schnellere, schlankere, mächtigere, längere, größere^w^w^w^wist, gewinnt. Durch das Programm führen Jan „git-zsh-keynote-firefox“ Wulfes und Benjamin „bzr-fish-latexbeamer-chrome“ Kellermann. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4722.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4722-de-dick_size_war_for_nerds.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4723-en-dc_plus_the_protocol.webm The idea of Dining Cryptographers-Networks (DC) offers a much better anonymity compared to MIX-Networks: Defined anonymity sets, no need to trust in a central service, no possible attack for data retention. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4723.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4723-en-dc_plus_the_protocol.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4723-en-dc_plus_the_protocol.webm 2011-12-30T00:00:00+01:00 klobs No 28c3, Hacking Technical defense against data retention law The idea of Dining Cryptographers-Networks (DC) offers a much better anonymity compared to MIX-Networks: Defined anonymity sets, no need to trust in a central service, no possible attack for data retention. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4723.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4723-en-dc_plus_the_protocol.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4730-en-crowdsourcing_genome_wide_association_studies.webm It was only a couple of years ago that generating genetic information about individuals was expensive and laborious work. Modern techniques have drastically cut cost and time needed to get an insight into one's genome and have ultimately led to the formation of personal genetics companies – like 23andMe, deCODEme and others – that now offer direct-to-customer genetic testing. With a price tag of those tests starting at about 100 €, the number of people that do such tests is on the rise. By now, 23andMe alone has over 100.000 paying customers, with over 60.000 of them willing to donate their genetic data and to actively participate in research projects by filling out surveys, e.g. on their medical histories. This has resulted in a high-quality dataset with genetic information of 60.000 individuals. The best part: The data has already been paid for by the participants in the research. Who would not love to get their hands on data like this? Unfortunately, the data sits locked away in corporate vaults, inaccessible to interested (citizen) scientists. But what if we could change this? We've created openSNP, a central, open source, free-to-use repository which lets customers of genotyping companies upload their genotyping data and annotate them with phenotypes. OpenSNP provides its users with the latest scientific research on their genotypes and lets scientists download annotated genotypes to make science more open. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4730.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4730-en-crowdsourcing_genome_wide_association_studies.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4730-en-crowdsourcing_genome_wide_association_studies.webm 2011-12-28T00:00:00+01:00 Bastian Greshake, Philipp Bayer No 28c3, Science Freeing Genetic Data from Corporate Vaults It was only a couple of years ago that generating genetic information about individuals was expensive and laborious work. Modern techniques have drastically cut cost and time needed to get an insight into one's genome and have ultimately led to the formation of personal genetics companies – like 23andMe, deCODEme and others – that now offer direct-to-customer genetic testing. With a price tag of those tests starting at about 100 €, the number of people that do such tests is on the rise. By now, 23andMe alone has over 100.000 paying customers, with over 60.000 of them willing to donate their genetic data and to actively participate in research projects by filling out surveys, e.g. on their medical histories. This has resulted in a high-quality dataset with genetic information of 60.000 individuals. The best part: The data has already been paid for by the participants in the research. Who would not love to get their hands on data like this? Unfortunately, the data sits locked away in corporate vaults, inaccessible to interested (citizen) scientists. But what if we could change this? We've created openSNP, a central, open source, free-to-use repository which lets customers of genotyping companies upload their genotyping data and annotate them with phenotypes. OpenSNP provides its users with the latest scientific research on their genotypes and lets scientists download annotated genotypes to make science more open. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4730.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4730-en-crowdsourcing_genome_wide_association_studies.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4732-en-datamining_for_hackers.webm This talk presents Traffic Mining (TM) particularly in regard to VoiP applications such as Skype. TM is a method to digest and understand large quantities of data. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4732.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4732-en-datamining_for_hackers.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4732-en-datamining_for_hackers.webm 2011-12-27T00:00:00+01:00 Stefan Burschka No 28c3, Hacking Encrypted Traffic Mining This talk presents Traffic Mining (TM) particularly in regard to VoiP applications such as Skype. TM is a method to digest and understand large quantities of data. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4732.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4732-en-datamining_for_hackers.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4735-en-reverse_engineering_a_qualcomm_baseband.webm Despite their wide presence in our lives, baseband chips are still nowadays poorly known and understood from a system point of view. Some presentations have hilighted vulnerabilities in GSM stacks across various models of basebands (cf. 27c3: _All your baseband are belong to us_ by R-P. Weinmann). However none of them actually focused on the details of how a baseband operating system really works. This is the focus of our presentation. From the study of a simple 3G USB stick equipped with a Qualcomm baseband, we will discuss how to dump the volatile memory, reverse-engineer the proprietary RTOS, and ultimately execute and debug code while trying to preserve the real-time system constraints. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4735.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4735-en-reverse_engineering_a_qualcomm_baseband.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4735-en-reverse_engineering_a_qualcomm_baseband.webm 2011-12-28T00:00:00+01:00 Guillaume Delugré No 28c3, Hacking Despite their wide presence in our lives, baseband chips are still nowadays poorly known and understood from a system point of view. Some presentations have hilighted vulnerabilities in GSM stacks across various models of basebands (cf. 27c3: _All your baseband are belong to us_ by R-P. Weinmann). However none of them actually focused on the details of how a baseband operating system really works. This is the focus of our presentation. From the study of a simple 3G USB stick equipped with a Qualcomm baseband, we will discuss how to dump the volatile memory, reverse-engineer the proprietary RTOS, and ultimately execute and debug code while trying to preserve the real-time system constraints. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4735.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4735-en-reverse_engineering_a_qualcomm_baseband.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4736-en-defending_mobile_phones.webm Cell phone users face an increasing frequency and depth of privacy intruding attacks. Defense knowledge has not scaled at the same speed as attack capabilities. This talk intends to revert this imbalance. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4736.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4736-en-defending_mobile_phones.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4736-en-defending_mobile_phones.webm 2011-12-27T00:00:00+01:00 Karsten Nohl, Luca Melette No 28c3, Hacking Cell phone users face an increasing frequency and depth of privacy intruding attacks. Defense knowledge has not scaled at the same speed as attack capabilities. This talk intends to revert this imbalance. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4736.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4736-en-defending_mobile_phones.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4738-de-echtes_netz.webm Anfang 2012 startet "Echtes Netz", die Kampagne für Netzneutralität, die vom Digitale Gesellschaft e.V. initiert und von der stiftung bridge gefördert wird. Die Kampagne macht sich zur Aufgabe, das Bewusstsein für den Wert eines echten Netzes zu steigern und mit Offline- und Onlineaktionen für eine gesetzliche Verankerung der Netzneutralität zu werben. Der Vortrag gibt einen Überblick auf die Debatte rund um die Netzneutralität in Deutschland und der EU und einen einen Ausblick auf die Kampagne. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4738.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4738-de-echtes_netz.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4738-de-echtes_netz.webm 2011-12-28T00:00:00+01:00 Falk Lüke, Markus Beckedahl No 28c3, Society and Politics Kampagne für Netzneutralität Anfang 2012 startet "Echtes Netz", die Kampagne für Netzneutralität, die vom Digitale Gesellschaft e.V. initiert und von der stiftung bridge gefördert wird. Die Kampagne macht sich zur Aufgabe, das Bewusstsein für den Wert eines echten Netzes zu steigern und mit Offline- und Onlineaktionen für eine gesetzliche Verankerung der Netzneutralität zu werben. Der Vortrag gibt einen Überblick auf die Debatte rund um die Netzneutralität in Deutschland und der EU und einen einen Ausblick auf die Kampagne. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4738.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4738-de-echtes_netz.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4740-de-frag_den_staat.webm FragDenStaat.de startete am 1. August 2011 als Plattform zum Stellen von Anfragen nach dem Informationsfreiheitsgesetz und veröffentlicht dort die Korrespondenz mit den Behörden nach dem Vorbild von whatdotheyknow.com and befreite-dokumente.de. Der Vortrag wird die Plattform vorstellen, zeigen wie die Seite Antragssteller bei ihrem Recht auf Akteneinsicht unterstützt und die interessantesten Vorfälle genauer beleuchten. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4740.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4740-de-frag_den_staat.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4740-de-frag_den_staat.webm 2011-12-29T00:00:00+01:00 Stefan Wehrmeyer No 28c3, Society and Politics Praktische Informationsfreiheit FragDenStaat.de startete am 1. August 2011 als Plattform zum Stellen von Anfragen nach dem Informationsfreiheitsgesetz und veröffentlicht dort die Korrespondenz mit den Behörden nach dem Vorbild von whatdotheyknow.com and befreite-dokumente.de. Der Vortrag wird die Plattform vorstellen, zeigen wie die Seite Antragssteller bei ihrem Recht auf Akteneinsicht unterstützt und die interessantesten Vorfälle genauer beleuchten. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4740.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4740-de-frag_den_staat.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4741-en-neo_feudalism_or_why_julian_assange_might_be_wrong_after_all.webm In his now (in)famous pamphlet "Conspiracy as Governance" Julian Assange (JA) argues about the need for leaking as an efficient way to destroy "unjust" groups as the neo-feudalistic ones - luring the conspiracy theory leaning hacker community into his belief system. Eventually, JA used a biologistic argument on the benefits and drawbacks that uncontrolled leaking might pose for "just" and "unjust" systems, arriving at the conclusion that "unjust" systems are hurt more and thus will be less viable, essentially being destroyed by more "just" systems. While an innovative proposal, the underlying assumptions on complexity, network theory, and especially the evolutionary perspectives were never critically assessed. Some blogs and media raised questions on details and potential threats to innocent bystanders. Still, fundamental problems with the philosophy were never addressed. This paper argues against the general validity of such theories. In particular, we will refute some of the biologistic arguments. Theoretical biology has long ago pointed out the hidden complexity in evolutionary processes and as such the envisioned "leaking revolution" might be a limited artifact: there might even arise situations where the leaking envisioned and encouraged by Wikileaks and the like can actually strengthen some "conspiracies". In this paper I will describe some research questions, that should be answered before given the “leaking philosophy” an unconditioned “thumbs-up”. Empirically, for example, a potential strengthening is illustrated by the rise of a 'neo-feudalistic economy', which is linked closely to the paradigm of "intellectual property" as it is to the security-financial-political complex. The players have effectively created a closed network or a "conspiracy" and might be resilient towards Wikileaks-like attacks. The paper concludes with an alternative to that proposal; in particular, a way to deal with the 'conspiracy' that might be coined the rise of the neo-feudalistic society (which in itself is a self-sustainable, self-amplifying feedback loop, not necessarily a conscious conspiracy). about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4741.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4741-en-neo_feudalism_or_why_julian_assange_might_be_wrong_after_all.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4741-en-neo_feudalism_or_why_julian_assange_might_be_wrong_after_all.webm 2011-12-30T00:00:00+01:00 Kay Hamacher No 28c3, Society and Politics In his now (in)famous pamphlet "Conspiracy as Governance" Julian Assange (JA) argues about the need for leaking as an efficient way to destroy "unjust" groups as the neo-feudalistic ones - luring the conspiracy theory leaning hacker community into his belief system. Eventually, JA used a biologistic argument on the benefits and drawbacks that uncontrolled leaking might pose for "just" and "unjust" systems, arriving at the conclusion that "unjust" systems are hurt more and thus will be less viable, essentially being destroyed by more "just" systems. While an innovative proposal, the underlying assumptions on complexity, network theory, and especially the evolutionary perspectives were never critically assessed. Some blogs and media raised questions on details and potential threats to innocent bystanders. Still, fundamental problems with the philosophy were never addressed. This paper argues against the general validity of such theories. In particular, we will refute some of the biologistic arguments. Theoretical biology has long ago pointed out the hidden complexity in evolutionary processes and as such the envisioned "leaking revolution" might be a limited artifact: there might even arise situations where the leaking envisioned and encouraged by Wikileaks and the like can actually strengthen some "conspiracies". In this paper I will describe some research questions, that should be answered before given the “leaking philosophy” an unconditioned “thumbs-up”. Empirically, for example, a potential strengthening is illustrated by the rise of a 'neo-feudalistic economy', which is linked closely to the paradigm of "intellectual property" as it is to the security-financial-political complex. The players have effectively created a closed network or a "conspiracy" and might be resilient towards Wikileaks-like attacks. The paper concludes with an alternative to that proposal; in particular, a way to deal with the 'conspiracy' that might be coined the rise of the neo-feudalistic society (which in itself is a self-sustainable, self-amplifying feedback loop, not necessarily a conscious conspiracy). about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4741.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4741-en-neo_feudalism_or_why_julian_assange_might_be_wrong_after_all.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4742-en-from_press_freedom_to_the_freedom_of_information.webm This talk is about: - Information freedom and the issues for the citizens - RWB ressources: a “human network” - RWB needs: Get involved! about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4742.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4742-en-from_press_freedom_to_the_freedom_of_information.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4742-en-from_press_freedom_to_the_freedom_of_information.webm 2011-12-30T00:00:00+01:00 Reporters Without Borders No 28c3, Society and Politics Why every citizen should be concerned This talk is about: - Information freedom and the issues for the citizens - RWB ressources: a “human network” - RWB needs: Get involved! about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4742.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4742-en-from_press_freedom_to_the_freedom_of_information.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4746-en-bitcoin_an_analysis.webm Bitcoin is the first distributed, digital currency. It received a lot of attention recently as it questions the state monopoly to issue legal tender. It relies on distributed proof-of-work concepts to ensure money-like characteristics. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4746.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4746-en-bitcoin_an_analysis.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4746-en-bitcoin_an_analysis.webm 2011-12-29T00:00:00+01:00 Kay Hamacher, Stefan Katzenbeisser No 28c3, Hacking Bitcoin is the first distributed, digital currency. It received a lot of attention recently as it questions the state monopoly to issue legal tender. It relies on distributed proof-of-work concepts to ensure money-like characteristics. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4746.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4746-en-bitcoin_an_analysis.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4748-en-the_best_of_the_oxcars.webm The Best of the oXcars! OXcars is fun. oXcars is empowering the people. Presentation and screening of the best of the oXcars 2011, 2010, 2009, 2008. Because their business is not our business. Every year, in Barcelona 1500 people gather for the biggest free/libre culture Show of all times ;-). Artists and performers from all areas of Spanish and international culture take part in a "Gala";-) in which artists say "Not in my name" to the commercialisation of culture, "Not in my name" to limiting the potential of digital media and to criminalization of the Internet. Civil society demands the 'lost profits' of all the knowledge that is being withheld and stolen from public use in the name of private profits. http://oxcars11.whois--x.net/en/ http://oxcars10.whois--x.net/en/ http://oxcars09.whois--x.net/en/ http://whois--x.net/proyectos/oxcars-08 about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4748.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4748-en-the_best_of_the_oxcars.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4748-en-the_best_of_the_oxcars.webm 2011-12-29T00:00:00+01:00 Simona Xnet No 28c3, Culture the greatest free/Libre culture show of all times The Best of the oXcars! OXcars is fun. oXcars is empowering the people. Presentation and screening of the best of the oXcars 2011, 2010, 2009, 2008. Because their business is not our business. Every year, in Barcelona 1500 people gather for the biggest free/libre culture Show of all times ;-). Artists and performers from all areas of Spanish and international culture take part in a "Gala";-) in which artists say "Not in my name" to the commercialisation of culture, "Not in my name" to limiting the potential of digital media and to criminalization of the Internet. Civil society demands the 'lost profits' of all the knowledge that is being withheld and stolen from public use in the name of private profits. http://oxcars11.whois--x.net/en/ http://oxcars10.whois--x.net/en/ http://oxcars09.whois--x.net/en/ http://whois--x.net/proyectos/oxcars-08 about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4748.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4748-en-the_best_of_the_oxcars.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4749-en-does_hacktivism_matter.webm Do you remember those days when hackers were “real men?” When hacking was not yet a crime and the cyberspace an undiscovered land? Just before anti-hacking laws were introduced in Germany? Back in these days, the famous founding father of the CCC made the Bundespost (Germany's Federal Mail Service) meet its Waterloo, when they hacked Bildschirmtext (Btx)—the epitome of both technological utopias and dystopias at that time. But soon, hackers suffered a setback: new laws criminalized hacking in the name of fighting white-collar crimes. Simultaneously to the laws, things were getting rougher in the media and the public opinion. While being seen as a weird vanguard of technology before, hackers soon became pranksters and outlaws. Apparently hacktivism, the portmanteau word for hacking activism, had failed to shape the policies in the dawning information society. However, there are evidences that hacktivism had an impact on the new computer crime legislation—not in terms of having more, but less restrictions implemented in the law. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4749.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4749-en-does_hacktivism_matter.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4749-en-does_hacktivism_matter.webm 2011-12-27T00:00:00+01:00 Kai Denker No 28c3, Society and Politics How the Btx hack changed computer law-making in Germany Do you remember those days when hackers were “real men?” When hacking was not yet a crime and the cyberspace an undiscovered land? Just before anti-hacking laws were introduced in Germany? Back in these days, the famous founding father of the CCC made the Bundespost (Germany's Federal Mail Service) meet its Waterloo, when they hacked Bildschirmtext (Btx)—the epitome of both technological utopias and dystopias at that time. But soon, hackers suffered a setback: new laws criminalized hacking in the name of fighting white-collar crimes. Simultaneously to the laws, things were getting rougher in the media and the public opinion. While being seen as a weird vanguard of technology before, hackers soon became pranksters and outlaws. Apparently hacktivism, the portmanteau word for hacking activism, had failed to shape the policies in the dawning information society. However, there are evidences that hacktivism had an impact on the new computer crime legislation—not in terms of having more, but less restrictions implemented in the law. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4749.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4749-en-does_hacktivism_matter.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4753-en-the_movement_against_state_controlled_internet_in_turkey.webm We are members of Alternatif Bilişim Derneği (Alternative Informatics Association)**, one of many organizations that oppose the ongoing efforts for state-controlled Internet in Turkey. We see that the problems with media control in Turkey and in Europe are increasingly becoming part of a global problem. The governments are working on their own view of a 'secure' Internet, and we have to articulate and suggest an alternative. In our talk we want to give an account of our anti-censorship movement and the challenges we face in Turkey. We will first provide an overview of the political events; sanctions, censorship regulations and attempts of resistance in the country. Then, we will point out the main problems we face in making use of laws and technology against state control. We would also like to use our presentation as an opportunity to meet people at the CCC with similar affinities and to learn from their experience. We see a great need to create global networks and communities to articulate an alternative message; the Internet as the peoples’ media. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4753.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4753-en-the_movement_against_state_controlled_internet_in_turkey.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4753-en-the_movement_against_state_controlled_internet_in_turkey.webm 2011-12-27T00:00:00+01:00 Barış, seda No 28c3, Society and Politics A short account of its history and future challenges We are members of Alternatif Bilişim Derneği (Alternative Informatics Association)**, one of many organizations that oppose the ongoing efforts for state-controlled Internet in Turkey. We see that the problems with media control in Turkey and in Europe are increasingly becoming part of a global problem. The governments are working on their own view of a 'secure' Internet, and we have to articulate and suggest an alternative. In our talk we want to give an account of our anti-censorship movement and the challenges we face in Turkey. We will first provide an overview of the political events; sanctions, censorship regulations and attempts of resistance in the country. Then, we will point out the main problems we face in making use of laws and technology against state control. We would also like to use our presentation as an opportunity to meet people at the CCC with similar affinities and to learn from their experience. We see a great need to create global networks and communities to articulate an alternative message; the Internet as the peoples’ media. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4753.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4753-en-the_movement_against_state_controlled_internet_in_turkey.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4754-en-smart_hacking_for_privacy.webm Advanced metering devices (aka smart meters) are nowadays being installed throughout electric networks in Germany, in other parts of Europe and in the United States. Due to a recent amendment especially in Germany they become more and more popular and are obligatory for new and refurbished buildings. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4754.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4754-en-smart_hacking_for_privacy.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4754-en-smart_hacking_for_privacy.webm 2011-12-30T00:00:00+01:00 Dario Carluccio, Stephan Brinkhaus No 28c3, Hacking Advanced metering devices (aka smart meters) are nowadays being installed throughout electric networks in Germany, in other parts of Europe and in the United States. Due to a recent amendment especially in Germany they become more and more popular and are obligatory for new and refurbished buildings. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4754.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4754-en-smart_hacking_for_privacy.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4755-en-counterlobbying_eu_institutions.webm Return of experience about opposing #censorship #ACTA #censilia #copywrong and promoting #openness and #netneutrality to the EU institutions. Strategic and tactical perspectives by two old and tired activists. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4755.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4755-en-counterlobbying_eu_institutions.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4755-en-counterlobbying_eu_institutions.webm 2011-12-28T00:00:00+01:00 Christian Bahls - MOGiS e.V., Jérémie Zimmermann No 28c3, Society and Politics How to attempt to counter the influence of industry lobbyists and political forces aiming towards increasing control over the Internet Return of experience about opposing #censorship #ACTA #censilia #copywrong and promoting #openness and #netneutrality to the EU institutions. Strategic and tactical perspectives by two old and tired activists. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4755.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4755-en-counterlobbying_eu_institutions.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4756-en-quantified_self_and_neurofeedback_mind_hacking.webm Hacking Mind and Body – self knowledge through numbers and mental reprogramming Since ancient times humans were trying to improve themselves. Today we have open-source computer technology that helps us. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4756.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4756-en-quantified_self_and_neurofeedback_mind_hacking.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4756-en-quantified_self_and_neurofeedback_mind_hacking.webm 2011-12-28T00:00:00+01:00 Christian Kleineidam, MetaMind Evolution No 28c3, Hacking Transhumanism, Self-Optimization and Neurofeedback for post-modern hackers Hacking Mind and Body – self knowledge through numbers and mental reprogramming Since ancient times humans were trying to improve themselves. Today we have open-source computer technology that helps us. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4756.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4756-en-quantified_self_and_neurofeedback_mind_hacking.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4758-de-ein_mittelsmannangriff_auf_ein_digitales_signiergeraet.webm In dieser Arbeit wird gezeigt, wie unter Ausnutzung einer ungesicherten Verbindung zwischen einer sicheren Signaturerstellungseinheit und einem Anwender-PC eine qualifizierte elektronische Signatur gefälscht werden kann. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4758.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4758-de-ein_mittelsmannangriff_auf_ein_digitales_signiergeraet.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4758-de-ein_mittelsmannangriff_auf_ein_digitales_signiergeraet.webm 2011-12-28T00:00:00+01:00 Alexander Koch No 28c3, Hacking Bachelorarbeit Informatik Uni Kiel SS 2011 In dieser Arbeit wird gezeigt, wie unter Ausnutzung einer ungesicherten Verbindung zwischen einer sicheren Signaturerstellungseinheit und einem Anwender-PC eine qualifizierte elektronische Signatur gefälscht werden kann. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4758.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4758-de-ein_mittelsmannangriff_auf_ein_digitales_signiergeraet.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4759-en-open_source_music_tracking_2_0.webm Tracking is so 1990s. Nowadays MP3 and other similar formats are overwhelmingly more popular. But is this really a step forward? A (very) brief history of computer music, where we are at now, and why I think people are headed in the wrong direction. And what we can do about it. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4759.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4759-en-open_source_music_tracking_2_0.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4759-en-open_source_music_tracking_2_0.webm 2011-12-29T00:00:00+01:00 Tom Hargreaves No 28c3, Hacking Tracking is so 1990s. Nowadays MP3 and other similar formats are overwhelmingly more popular. But is this really a step forward? A (very) brief history of computer music, where we are at now, and why I think people are headed in the wrong direction. And what we can do about it. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4759.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4759-en-open_source_music_tracking_2_0.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4760-en-chokepointproject.webm The object of the lecture is to present and discuss the chokepointproject. How it (will) attempt(s) to aggregate and visualize near-realtime global internetwork data and augment this visualisation with legislative, commercial(ownership) and circumvention information. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4760.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4760-en-chokepointproject.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4760-en-chokepointproject.webm 2011-12-30T00:00:00+01:00 Ruben Bloemgarten No 28c3, Hacking Aggregating and Visualizing (lack of) Transparancy Data in near-realtime The object of the lecture is to present and discuss the chokepointproject. How it (will) attempt(s) to aggregate and visualize near-realtime global internetwork data and augment this visualisation with legislative, commercial(ownership) and circumvention information. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4760.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4760-en-chokepointproject.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4761-en-new_ways_im_going_to_hack_your_web_app.webm Writing secure code is hard.  Even when people do it basically right there are sometimes edge cases that can be exploited. Most the time writing code that works isn’t even the hard part,  it’s keeping up with the changing attack techniques while still keeping an eye on all the old issues that can come back to bite you, straddling the ancient world of the 90’s RFCs and 2010’s HTML5 compatible browsers.  A lot like how Indiana Jones bridges the ancient and the modern...  Except for Indiana Jones 4. Let’s never talk about that again. Ever.   Take Facebook, Office 365, Wordpress, Exchange, and Live. These are applications that had decent mitigations to standard threats, but they all had edge cases. Using a mix of old and new ingredients, we’ll provide a sampler plate of clickjacking protection bypasses, CSRF mitigation bypasses, "non-exploitable" XSS attacks that are suddenly exploitable and XML attacks where you can actually get a shell; and we'll talk about how to defend against these attacks. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4761.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4761-en-new_ways_im_going_to_hack_your_web_app.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4761-en-new_ways_im_going_to_hack_your_web_app.webm 2011-12-29T00:00:00+01:00 Jesse Ou, Rich No 28c3, Hacking Writing secure code is hard.  Even when people do it basically right there are sometimes edge cases that can be exploited. Most the time writing code that works isn’t even the hard part,  it’s keeping up with the changing attack techniques while still keeping an eye on all the old issues that can come back to bite you, straddling the ancient world of the 90’s RFCs and 2010’s HTML5 compatible browsers.  A lot like how Indiana Jones bridges the ancient and the modern...  Except for Indiana Jones 4. Let’s never talk about that again. Ever.   Take Facebook, Office 365, Wordpress, Exchange, and Live. These are applications that had decent mitigations to standard threats, but they all had edge cases. Using a mix of old and new ingredients, we’ll provide a sampler plate of clickjacking protection bypasses, CSRF mitigation bypasses, "non-exploitable" XSS attacks that are suddenly exploitable and XML attacks where you can actually get a shell; and we'll talk about how to defend against these attacks. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4761.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4761-en-new_ways_im_going_to_hack_your_web_app.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4763-en-the_science_of_insecurity.webm Why is the overwhelming majority of common networked software still not secure, despite all effort to the contrary? Why is it almost certain to get exploited so long as attackers can craft its inputs? Why is it the case that no amount of effort seems to be enough to fix software that must speak certain protocols? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4763.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4763-en-the_science_of_insecurity.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4763-en-the_science_of_insecurity.webm 2011-12-28T00:00:00+01:00 Meredith L. Patterson, Sergey No 28c3, Hacking Why is the overwhelming majority of common networked software still not secure, despite all effort to the contrary? Why is it almost certain to get exploited so long as attackers can craft its inputs? Why is it the case that no amount of effort seems to be enough to fix software that must speak certain protocols? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4763.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4763-en-the_science_of_insecurity.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4764-en-automatic_algorithm_invention_with_a_gpu.webm You write software. You test software. You know how to tell if the software is working. Automate your software testing sufficiently and you can let the computer do the writing for you! "Genetic Programming", especially "Cartesian Genetic Programming" (CGP), is a powerful tool for creating software and designing physical objects. See how to do CGP as we invent image filters for the Part Time Scientists' 3D cameras. Danger: Actual code will be shown! about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4764.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4764-en-automatic_algorithm_invention_with_a_gpu.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4764-en-automatic_algorithm_invention_with_a_gpu.webm 2011-12-27T00:00:00+01:00 Wes Faler No 28c3, Hacking Hell Yeah, it's rocket science You write software. You test software. You know how to tell if the software is working. Automate your software testing sufficiently and you can let the computer do the writing for you! "Genetic Programming", especially "Cartesian Genetic Programming" (CGP), is a powerful tool for creating software and designing physical objects. See how to do CGP as we invent image filters for the Part Time Scientists' 3D cameras. Danger: Actual code will be shown! about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4764.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4764-en-automatic_algorithm_invention_with_a_gpu.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4766-en-802_11_packets_in_packets.webm New to 2011, Packet-in-Packet exploits allow for injection of raw radio frames into remote wireless networks. In these exploits, an attacker crafts a string that when transmitted over the air creates the symbols of a complete and valid radio packet. When radio interference damages the beginning of the outer packet, the receiver is tricked into seeing only the inner packet, allowing a frame to be remotely injected. The attacker requires no radio, and injection occurs without a software or hardware bug. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4766.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4766-en-802_11_packets_in_packets.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4766-en-802_11_packets_in_packets.webm 2011-12-27T00:00:00+01:00 Travis Goodspeed No 28c3, Hacking A Standard-Compliant Exploit of Layer 1 New to 2011, Packet-in-Packet exploits allow for injection of raw radio frames into remote wireless networks. In these exploits, an attacker crafts a string that when transmitted over the air creates the symbols of a complete and valid radio packet. When radio interference damages the beginning of the outer packet, the receiver is tricked into seeing only the inner packet, allowing a frame to be remotely injected. The attacker requires no radio, and injection occurs without a software or hardware bug. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4766.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4766-en-802_11_packets_in_packets.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4767-en-security_log_visualization_with_a_correlation_engine.webm This brief session focuses on the visualization of actual security incidents, network forensics and counter surveillance of covert criminal communications utilizing large data sets from various security logs and a very brief introduction to correlation engine logic. Visually displaying security or network issues can express the risk or urgency in a way a set of dry logs or other methods might not be able to. Additionally, many organizations rely on a more singular approach and react to security events, many times from a high false positive rate source such as isolated intrusion prevention or firewall alerts, or relying only on anti-virus alerts. Utilizing a correlation engine (especially open source) or similar applications could offer a method of discovering or in some cases proactively detecting issues. The research discussed involves analysis and interrogation of firewall, intrusion detection and prevention systems, web proxy logs and available security research. What does a compromised server infected with spam malware look like or cyber warfare? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4767.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4767-en-security_log_visualization_with_a_correlation_engine.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4767-en-security_log_visualization_with_a_correlation_engine.webm 2011-12-29T00:00:00+01:00 Chris Kubecka No 28c3, Hacking What's inside your network? This brief session focuses on the visualization of actual security incidents, network forensics and counter surveillance of covert criminal communications utilizing large data sets from various security logs and a very brief introduction to correlation engine logic. Visually displaying security or network issues can express the risk or urgency in a way a set of dry logs or other methods might not be able to. Additionally, many organizations rely on a more singular approach and react to security events, many times from a high false positive rate source such as isolated intrusion prevention or firewall alerts, or relying only on anti-virus alerts. Utilizing a correlation engine (especially open source) or similar applications could offer a method of discovering or in some cases proactively detecting issues. The research discussed involves analysis and interrogation of firewall, intrusion detection and prevention systems, web proxy logs and available security research. What does a compromised server infected with spam malware look like or cyber warfare? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4767.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4767-en-security_log_visualization_with_a_correlation_engine.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4768-en-eating_in_the_anthropocene.webm Over the last few years hackers have begun to take a larger interest in food, gastronomy and agriculture. For many in the community the ability to create DIY molecular gastronomy hardware and recipes is an obvious entry point. This talk extends some of these early investigations beyond the kitchen and the chemical properties of food by looking at specific cultivars, food technology organizations, and connections between food systems, ecosystems and planetary change. Part 1 of the talk explores some of the more bizarre and interesting biotechnologies and genomes that make up the human food system on planet earth, including Chinese Space Potatoes, Mutagenic Grapefruits and Glowing Sushi. Pat 2 of the talk presents ideas of food system redesign particularly relevant to hackers and food explorers: utopian cuisines, resilient biotechnologies and eaters as agents of selection. In Part 3 we provide access to resources and propose interesting projects for black hat food hackers, DIY BIO foodies, and prospective food security researchers, such as mining the IAEA's database of radiation breeding, eating things that weren't meant to be eaten and defending agricultural biodiversity. By introducing less known stories from the history of food and technology, and providing access to resources we hope to get more hackers curious about exploring, questioning and redesigning our human food systems. BIO: Zack Denfeld & Cathrine Kramer run the Center for Genomic Gastronomy an independent research institute that studies the genomes and biotechnologies that make up the human food systems on the planet. They are currently in residence at Art Science Bangalore and a curating a show on the future of food at the Science Gallery in Dublin Ireland. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4768.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4768-en-eating_in_the_anthropocene.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4768-en-eating_in_the_anthropocene.webm 2011-12-28T00:00:00+01:00 Cathrine Kramer, Zack Denfeld No 28c3, Culture Transgenic Fish, Mutagenic Grapefruits and Space Potatoes Over the last few years hackers have begun to take a larger interest in food, gastronomy and agriculture. For many in the community the ability to create DIY molecular gastronomy hardware and recipes is an obvious entry point. This talk extends some of these early investigations beyond the kitchen and the chemical properties of food by looking at specific cultivars, food technology organizations, and connections between food systems, ecosystems and planetary change. Part 1 of the talk explores some of the more bizarre and interesting biotechnologies and genomes that make up the human food system on planet earth, including Chinese Space Potatoes, Mutagenic Grapefruits and Glowing Sushi. Pat 2 of the talk presents ideas of food system redesign particularly relevant to hackers and food explorers: utopian cuisines, resilient biotechnologies and eaters as agents of selection. In Part 3 we provide access to resources and propose interesting projects for black hat food hackers, DIY BIO foodies, and prospective food security researchers, such as mining the IAEA's database of radiation breeding, eating things that weren't meant to be eaten and defending agricultural biodiversity. By introducing less known stories from the history of food and technology, and providing access to resources we hope to get more hackers curious about exploring, questioning and redesigning our human food systems. BIO: Zack Denfeld & Cathrine Kramer run the Center for Genomic Gastronomy an independent research institute that studies the genomes and biotechnologies that make up the human food systems on the planet. They are currently in residence at Art Science Bangalore and a curating a show on the future of food at the Science Gallery in Dublin Ireland. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4768.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4768-en-eating_in_the_anthropocene.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4770-en-dont_scan_just_ask.webm For years, we tried to identify vulnerable systems in company networks by getting all the companies netblocks / ip addresses and scanning them for vulnerable services. Then with the growing importance of web applications and of course search engines, a new way of identifying vulnerable systems was introduced: "Google hacking". However this approach of identifying and scanning companies ip addresses as well as doing some Google hacking for the (known) URLs of the company doesn't take all aspects into account and has some limitations. At first we just check the systems which are obvious, the ones that are in the companies netblocks, the IP addresses that were provided by the company and the URLs that are known or can be resolved using reverse DNS. However how about URLs and systems that aren't obvious? Systems maybe even the company in focus forgot? Second, the current techniques are pretty technical. They don't take the business view into account at any point. Therefore we developed a new technique as well as framework to identify companies’ web pages based on a scored keyword list. In other words: From zero to owning all of a company’s existing web pages, even the pages not hosted by the company itself, with just a scored keyword list as input. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4770.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4770-en-dont_scan_just_ask.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4770-en-dont_scan_just_ask.webm 2011-12-28T00:00:00+01:00 Fabian Mihailowitsch No 28c3, Hacking A new approach of identifying vulnerable web applications For years, we tried to identify vulnerable systems in company networks by getting all the companies netblocks / ip addresses and scanning them for vulnerable services. Then with the growing importance of web applications and of course search engines, a new way of identifying vulnerable systems was introduced: "Google hacking". However this approach of identifying and scanning companies ip addresses as well as doing some Google hacking for the (known) URLs of the company doesn't take all aspects into account and has some limitations. At first we just check the systems which are obvious, the ones that are in the companies netblocks, the IP addresses that were provided by the company and the URLs that are known or can be resolved using reverse DNS. However how about URLs and systems that aren't obvious? Systems maybe even the company in focus forgot? Second, the current techniques are pretty technical. They don't take the business view into account at any point. Therefore we developed a new technique as well as framework to identify companies’ web pages based on a scored keyword list. In other words: From zero to owning all of a company’s existing web pages, even the pages not hosted by the company itself, with just a scored keyword list as input. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4770.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4770-en-dont_scan_just_ask.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4775-de-hacker_jeopardy.webm The Hacker Jeopardy is a quiz show. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4775.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4775-de-hacker_jeopardy.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4775-de-hacker_jeopardy.webm 2011-12-28T00:00:00+01:00 Ray, Stefan 'Sec' Zehl No 28c3, Show Number guessing for geeks The Hacker Jeopardy is a quiz show. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4775.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4775-de-hacker_jeopardy.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4777-en-r0ket.webm Now you've got that r0ket thing. What to do with it? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4777.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4777-en-r0ket.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4777-en-r0ket.webm 2011-12-27T00:00:00+01:00 lilafisch, Stefan 'Sec' Zehl No 28c3, Hacking The CCC-Badge Now you've got that r0ket thing. What to do with it? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4777.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4777-en-r0ket.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4780-en-print_me_if_you_dare.webm Network printers are ubiquitous fixtures within the modern IT infrastructure. Residing within sensitive networks and lacking in security, these devices represent high-value targets that can theoretically be used not only to manipulate and exfiltrate the sensitive information such as network credentials and sensitive documents, but also as fully functional general-purpose bot-nodes which give attackers a stealthy, persistent foothold inside the victim network for further recognizance, exploitation and exfiltration. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4780.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4780-en-print_me_if_you_dare.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4780-en-print_me_if_you_dare.webm 2011-12-29T00:00:00+01:00 Ang Cui, Jonathan Voris No 28c3, Hacking Firmware Modification Attacks and the Rise of Printer Malware Network printers are ubiquitous fixtures within the modern IT infrastructure. Residing within sensitive networks and lacking in security, these devices represent high-value targets that can theoretically be used not only to manipulate and exfiltrate the sensitive information such as network credentials and sensitive documents, but also as fully functional general-purpose bot-nodes which give attackers a stealthy, persistent foothold inside the victim network for further recognizance, exploitation and exfiltration. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4780.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4780-en-print_me_if_you_dare.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4781-en-deceiving_authorship_detection.webm Stylometry is the art of detecting authorship of a document based on the linguistic style present in the text. As authorship recognition methods based on machine learning have improved, they have also presented a threat to privacy and anonymity. We have developed two open-source tools, Stylo and Anonymouth, which we will release at 28C3 and introduce in this talk. Anonymouth aids individuals in obfuscating documents to protect identity from authorship analysis. Stylo is a machine-learning based authorship detection research tool that provides the basis for Anonymouth's decision making. We will also review the problem of stylometry and the privacy implications and present new research related to detecting writing style deception, threats to anonymity in short message services like Twitter, examine the implications for languages other than English, and release a large adversarial stylometry corpus for linguistic and privacy research purposes. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4781.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4781-en-deceiving_authorship_detection.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4781-en-deceiving_authorship_detection.webm 2011-12-29T00:00:00+01:00 Michael Brennan, Rachel Greenstadt No 28c3, Hacking Tools to Maintain Anonymity Through Writing Style & Current Trends in Adversarial Stylometry Stylometry is the art of detecting authorship of a document based on the linguistic style present in the text. As authorship recognition methods based on machine learning have improved, they have also presented a threat to privacy and anonymity. We have developed two open-source tools, Stylo and Anonymouth, which we will release at 28C3 and introduce in this talk. Anonymouth aids individuals in obfuscating documents to protect identity from authorship analysis. Stylo is a machine-learning based authorship detection research tool that provides the basis for Anonymouth's decision making. We will also review the problem of stylometry and the privacy implications and present new research related to detecting writing style deception, threats to anonymity in short message services like Twitter, examine the implications for languages other than English, and release a large adversarial stylometry corpus for linguistic and privacy research purposes. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4781.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4781-en-deceiving_authorship_detection.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4788-de-datenvieh_oder_daten_fee.webm Eine nüchterne Untersuchung der Verfahren zum Nutzertracking und des wirtschaftlichen Wertes von Tracking- und Userdaten. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4788.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4788-de-datenvieh_oder_daten_fee.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4788-de-datenvieh_oder_daten_fee.webm 2011-12-29T00:00:00+01:00 Rene Meissner No 28c3, Hacking Welchen Wert haben Trackingdaten? Eine nüchterne Untersuchung der Verfahren zum Nutzertracking und des wirtschaftlichen Wertes von Tracking- und Userdaten. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4788.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4788-de-datenvieh_oder_daten_fee.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4798-en-sovereign_keys.webm This talk will describe the Sovereign Key system, an EFF proposal for improving the security of SSL/TLS connections against attacks that involve Certificate Authorities (CAs) or portions of the DNSSEC hierarchy. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4798.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4798-en-sovereign_keys.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4798-en-sovereign_keys.webm 2011-12-29T00:00:00+01:00 Peter Eckersley No 28c3, Hacking A proposal for fixing attacks on CAs and DNSSEC This talk will describe the Sovereign Key system, an EFF proposal for improving the security of SSL/TLS connections against attacks that involve Certificate Authorities (CAs) or portions of the DNSSEC hierarchy. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4798.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4798-en-sovereign_keys.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4799-de-can_trains_be_hacked.webm Warum sind Züge sicher unterwegs? Wie werden Zusammenstöße trotz der Gefahr eines menschlichen Fehlverhaltens vermieden? Und was hat das alles mit IT-Sicherheit zu tun? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4799.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4799-de-can_trains_be_hacked.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4799-de-can_trains_be_hacked.webm 2011-12-27T00:00:00+01:00 Stefan Katzenbeisser No 28c3, Hacking Die Technik der Eisenbahnsicherungsanlagen Warum sind Züge sicher unterwegs? Wie werden Zusammenstöße trotz der Gefahr eines menschlichen Fehlverhaltens vermieden? Und was hat das alles mit IT-Sicherheit zu tun? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4799.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4799-de-can_trains_be_hacked.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4800-en-how_governments_have_tried_to_block_tor.webm Iran blocked Tor handshakes using Deep Packet Inspection (DPI) in January 2011 and September 2011. Bluecoat tested out a Tor handshake filter in Syria in June 2011. China has been harvesting and blocking IP addresses for both public Tor relays and private Tor bridges for years. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4800.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4800-en-how_governments_have_tried_to_block_tor.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4800-en-how_governments_have_tried_to_block_tor.webm 2011-12-28T00:00:00+01:00 Jacob Appelbaum, Roger Dingledine No 28c3, Hacking Iran blocked Tor handshakes using Deep Packet Inspection (DPI) in January 2011 and September 2011. Bluecoat tested out a Tor handshake filter in Syria in June 2011. China has been harvesting and blocking IP addresses for both public Tor relays and private Tor bridges for years. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4800.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4800-en-how_governments_have_tried_to_block_tor.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4802-en-towards_a_single_secure_european_cyberspace.webm The "European Great Firewall" was the way that European civil rights organizations has addressed the proposal to create a "single European cyberspace". Surely other lectures will describe the technicalities of the proposal. This lecture will go beyond that, describing a vulnerability that the proposal reveals in the power structures of the European and world governance, that could be exploited by the hackerdom if the war is understood as a value to be avoided. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4802.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4802-en-towards_a_single_secure_european_cyberspace.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4802-en-towards_a_single_secure_european_cyberspace.webm 2011-12-29T00:00:00+01:00 Suso Baleato No 28c3, Society and Politics What the European Union wants. What the hackerdom can do.. The "European Great Firewall" was the way that European civil rights organizations has addressed the proposal to create a "single European cyberspace". Surely other lectures will describe the technicalities of the proposal. This lecture will go beyond that, describing a vulnerability that the proposal reveals in the power structures of the European and world governance, that could be exploited by the hackerdom if the war is understood as a value to be avoided. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4802.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4802-en-towards_a_single_secure_european_cyberspace.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4804-de-politik_hacken.webm Klassischer Protest, konventionelle Demos, Online-Petitionen und Bürgerinitiativen werden seit einiger Zeit durch neue Instrumente der politischen Partizipation ergänzt. Deren Stärke liegt in dezentraler Organisation, Kommunikationsguerilla-Aktionen, diskursiver Intervention und kollaborativer Spontaneität. Der Vortrag stellt anhand von Beispielen ein Toolset an Möglichkeiten des regelverletzenden und gewaltfreien Mitmischens und Einmischens in Politik vor. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4804.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4804-de-politik_hacken.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4804-de-politik_hacken.webm 2011-12-28T00:00:00+01:00 Alexander Müller, Bärwulf Kannitschreiber, Montserrat Graupenschläger No 28c3, Society and Politics Kleine Anleitung zur Nutzung von Sicherheitslücken gesellschaftlicher und politischer Kommunikation Klassischer Protest, konventionelle Demos, Online-Petitionen und Bürgerinitiativen werden seit einiger Zeit durch neue Instrumente der politischen Partizipation ergänzt. Deren Stärke liegt in dezentraler Organisation, Kommunikationsguerilla-Aktionen, diskursiver Intervention und kollaborativer Spontaneität. Der Vortrag stellt anhand von Beispielen ein Toolset an Möglichkeiten des regelverletzenden und gewaltfreien Mitmischens und Einmischens in Politik vor. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4804.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4804-de-politik_hacken.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4811-en-rootkits_in_your_web_application.webm XSS bugs are the most widely known and commonly occurring Web vulnerability, but their impact has often been limited to cookie theft and/or simple actions, such as setting malicious email filters, stealing some data, or self-propagation via an XSS worm. In this work, I discuss practical approaches for exploiting XSS and other client-side script injection attacks, and introduce novel techniques for maintaining and escalating access within the victim's browser. In particular, I introduce the concept of _resident XSS_ where attacker-supplied code is running in the context of an affected user's main application window and describe its consequences. I also draw analogies between such persistent Web threats and the traditional rootkit model, including similarities in the areas of embedding malicious code, maintaining access, stealthy communication with a C&C server, and the difficulty of detecting and removing attacker-supplied code. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4811.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4811-en-rootkits_in_your_web_application.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4811-en-rootkits_in_your_web_application.webm 2011-12-28T00:00:00+01:00 Artur Janc No 28c3, Hacking Achieving a permanent stealthy compromise of user accounts with XSS and JS injection attacks. XSS bugs are the most widely known and commonly occurring Web vulnerability, but their impact has often been limited to cookie theft and/or simple actions, such as setting malicious email filters, stealing some data, or self-propagation via an XSS worm. In this work, I discuss practical approaches for exploiting XSS and other client-side script injection attacks, and introduce novel techniques for maintaining and escalating access within the victim's browser. In particular, I introduce the concept of _resident XSS_ where attacker-supplied code is running in the context of an affected user's main application window and describe its consequences. I also draw analogies between such persistent Web threats and the traditional rootkit model, including similarities in the areas of embedding malicious code, maintaining access, stealthy communication with a C&C server, and the difficulty of detecting and removing attacker-supplied code. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4811.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4811-en-rootkits_in_your_web_application.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4813-en-macro_dragnets.webm As governments increase their data collection capabilities software developers are stepping up to both utilize and augment surveillance capabilities. DNA databases, facial recognition, behavioral patterning, and geographic profiling are all in use today. Police are crowdsourcing identification of suspects and citizens are willingly participating. This talk will cover real technologies in place today as well as educated speculation of what is coming next. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4813.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4813-en-macro_dragnets.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4813-en-macro_dragnets.webm 2011-12-27T00:00:00+01:00 Redbeard No 28c3, Hacking What happens when data collection goes awry in the 21st century As governments increase their data collection capabilities software developers are stepping up to both utilize and augment surveillance capabilities. DNA databases, facial recognition, behavioral patterning, and geographic profiling are all in use today. Police are crowdsourcing identification of suspects and citizens are willingly participating. This talk will cover real technologies in place today as well as educated speculation of what is coming next. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4813.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4813-en-macro_dragnets.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4814-en-behind_the_scenes_of_a_c64_demo.webm C64 "demos" were the root of the whole demo-scene-thing and they are still the main force keeping the C64 alive today. Audiovisual pleasure, still pushing hardware limits, still exploring different ways of expression. But what is typically happening inside the machine when you watch a demo? What effort is needed to entertain the audience? This talk will give you an inside look at the steps taken for the award winning demo "Error 23" given first hand by one of its main programmers. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4814.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4814-en-behind_the_scenes_of_a_c64_demo.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4814-en-behind_the_scenes_of_a_c64_demo.webm 2011-12-29T00:00:00+01:00 Ninja / The Dreams No 28c3, Hacking C64 "demos" were the root of the whole demo-scene-thing and they are still the main force keeping the C64 alive today. Audiovisual pleasure, still pushing hardware limits, still exploring different ways of expression. But what is typically happening inside the machine when you watch a demo? What effort is needed to entertain the audience? This talk will give you an inside look at the steps taken for the award winning demo "Error 23" given first hand by one of its main programmers. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4814.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4814-en-behind_the_scenes_of_a_c64_demo.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4816-en-7_years_400_podcasts_and_lots_of_frequent_flyer_miles.webm In 2004 I started a weekly podcast on international under-reported news based on a feeling that this was something I enjoy doing and I could be good at. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4816.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4816-en-7_years_400_podcasts_and_lots_of_frequent_flyer_miles.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4816-en-7_years_400_podcasts_and_lots_of_frequent_flyer_miles.webm 2011-12-28T00:00:00+01:00 Bicyclemark No 28c3, Community Lessons learned from producing a weekly independent podcast on international conflicts and concerns. In 2004 I started a weekly podcast on international under-reported news based on a feeling that this was something I enjoy doing and I could be good at. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4816.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4816-en-7_years_400_podcasts_and_lots_of_frequent_flyer_miles.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4817-en-string_oriented_programming.webm The protection landscape is changing and exploits are getting more and more sophisticated. Exploit generation toolkits can be used to construct exploits for specific applications using well-defined algorithms. We present such an algorithm for leveraging format strings and introduce string oriented programming. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4817.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4817-en-string_oriented_programming.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4817-en-string_oriented_programming.webm 2011-12-27T00:00:00+01:00 Mathias Payer No 28c3, Hacking Circumventing ASLR, DEP, and Other Guards The protection landscape is changing and exploits are getting more and more sophisticated. Exploit generation toolkits can be used to construct exploits for specific applications using well-defined algorithms. We present such an algorithm for leveraging format strings and introduce string oriented programming. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4817.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4817-en-string_oriented_programming.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4818-en-evolving_custom_communication_protocols.webm Even after years of committee review, communication protocols can certainly be hacked, sometimes highly entertainingly. What about creating a protocol the opposite way? Start with all the hacks that can be done and search for a protocol that gets around them all. Is it even possible? Part Time Scientists has used a GPU to help design our moon mission protocols and we'll show you the what and how. Danger: Real code will be shown! about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4818.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4818-en-evolving_custom_communication_protocols.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4818-en-evolving_custom_communication_protocols.webm 2011-12-30T00:00:00+01:00 Wes Faler No 28c3, Hacking Hell Yeah, it's rocket science Even after years of committee review, communication protocols can certainly be hacked, sometimes highly entertainingly. What about creating a protocol the opposite way? Start with all the hacks that can be done and search for a protocol that gets around them all. Is it even possible? Part Time Scientists has used a GPU to help design our moon mission protocols and we'll show you the what and how. Danger: Real code will be shown! about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4818.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4818-en-evolving_custom_communication_protocols.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4821-en-not_your_grandfathers_moon_landing.webm We got a new rover and it's much more awesome than last year! Ok, there's a bit more to it :-) The basics, we are team of part-time scientists and engineers who want to send a rover to the moon before the end of the year 2013. There is a lot to be done towards this first private moon landing and we want to take the chance to explore what we want to do and show what we already accomplished in the past 12 months. The talk will feature important technical milestone like our very first R3 rover prototype and great events like the CCCamp11. There is also be a live demonstration of the very first R3A rover right in the presentation. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4821.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4821-en-not_your_grandfathers_moon_landing.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4821-en-not_your_grandfathers_moon_landing.webm 2011-12-29T00:00:00+01:00 Karsten Becker, Robert Böhme No 28c3, Making Hell yeah, it's Rocket Science 3.1415926535897932384626! We got a new rover and it's much more awesome than last year! Ok, there's a bit more to it :-) The basics, we are team of part-time scientists and engineers who want to send a rover to the moon before the end of the year 2013. There is a lot to be done towards this first private moon landing and we want to take the chance to explore what we want to do and show what we already accomplished in the past 12 months. The talk will feature important technical milestone like our very first R3 rover prototype and great events like the CCCamp11. There is also be a live demonstration of the very first R3A rover right in the presentation. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4821.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4821-en-not_your_grandfathers_moon_landing.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4826-en-a_brief_history_of_plutocracy.webm This whistlestop re-telling of world economic history squeezes 12,000 years of history into 18 slides. Its focus is the changing nature of money and the rise of the monied class in US and Europe. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4826.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4826-en-a_brief_history_of_plutocracy.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4826-en-a_brief_history_of_plutocracy.webm 2011-12-28T00:00:00+01:00 Robin Upton No 28c3, Society and Politics This whistlestop re-telling of world economic history squeezes 12,000 years of history into 18 slides. Its focus is the changing nature of money and the rise of the monied class in US and Europe. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4826.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4826-en-a_brief_history_of_plutocracy.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4828-de-antiforensik.webm Antiforensik ist ein noch eher neues Thema und bekommt zunehmend mehr Bedeutung. IT-Forensik als Mittel zur Aufklärung von Sachverhalten kann vor Gericht aber auch in internen Ermittlungen maßgeblich für Freisprüche oder Schuldsprüche sorgen. Daher ist es besonders schlimm, wenn die dazu verwendeten Programme nicht korrekt arbeiten und sogar mit präparierten antiforensischen Aktionen angegriffen werden können. Der Vortrag zeigt eine bisher unbekannte und dennoch technisch einfache Sicherheitslücke in mindestens einer weltweit verwendeten Forensik-Suite und wie diese ausgenutzt werden kann: Hinzufügen von Ermittlungsergebnissen, Löschen/Verändern von Ermittlungsergebnissen, Infektion des Auswertesystems mit Malware. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4828.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4828-de-antiforensik.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4828-de-antiforensik.webm 2011-12-30T00:00:00+01:00 Martin Wundram No 28c3, Hacking Einführung in das Thema Antiforensik am Beispiel eines neuen Angriffsvektors Antiforensik ist ein noch eher neues Thema und bekommt zunehmend mehr Bedeutung. IT-Forensik als Mittel zur Aufklärung von Sachverhalten kann vor Gericht aber auch in internen Ermittlungen maßgeblich für Freisprüche oder Schuldsprüche sorgen. Daher ist es besonders schlimm, wenn die dazu verwendeten Programme nicht korrekt arbeiten und sogar mit präparierten antiforensischen Aktionen angegriffen werden können. Der Vortrag zeigt eine bisher unbekannte und dennoch technisch einfache Sicherheitslücke in mindestens einer weltweit verwendeten Forensik-Suite und wie diese ausgenutzt werden kann: Hinzufügen von Ermittlungsergebnissen, Löschen/Verändern von Ermittlungsergebnissen, Infektion des Auswertesystems mit Malware. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4828.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4828-de-antiforensik.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4832-de-neue_leichtigkeit.webm Despite the vast new possibilities new medias offer to artists, musicians and composers, regulation authorities and governments are trimming creative minds in their freedom, introducing new laws, filters and limitations. On the example of "Europa: Neue Leichtigkeit" the immanence of unconditional artistic freedom in creativity is brought to the audience. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4832.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4832-de-neue_leichtigkeit.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4832-de-neue_leichtigkeit.webm 2011-12-29T00:00:00+01:00 Alex Antener, Amelie Boehm, Andrin Uetz, Jonas Bischof, ruedi tobler, Samuel Weniger No 28c3, Show when unconditional artistic freedom happens Despite the vast new possibilities new medias offer to artists, musicians and composers, regulation authorities and governments are trimming creative minds in their freedom, introducing new laws, filters and limitations. On the example of "Europa: Neue Leichtigkeit" the immanence of unconditional artistic freedom in creativity is brought to the audience. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4832.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4832-de-neue_leichtigkeit.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4844-de-eu_datenschutz_internet_der_dinge.webm Derzeit arbeitet die EU-Kommission an der Modernisierung der Datenschutzrichtlinie. Dieser Beitrag informiert über den Stand der Dinge. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4844.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4844-de-eu_datenschutz_internet_der_dinge.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4844-de-eu_datenschutz_internet_der_dinge.webm 2011-12-27T00:00:00+01:00 Andreas Krisch No 28c3, Society and Politics Derzeit arbeitet die EU-Kommission an der Modernisierung der Datenschutzrichtlinie. Dieser Beitrag informiert über den Stand der Dinge. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4844.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4844-de-eu_datenschutz_internet_der_dinge.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4847-en-reverse_engineering_usb_devices.webm While USB devices often use standard device classes, some do not. This talk is about reverse engineering the protocols some of these devices use, how the underlying USB protocol gives us some help, and some interesting patterns to look for. I'll also detail the thought processes that went into reverse engineering the Kinect's audio protocol. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4847.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4847-en-reverse_engineering_usb_devices.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4847-en-reverse_engineering_usb_devices.webm 2011-12-28T00:00:00+01:00 Drew Fisher No 28c3, Hacking While USB devices often use standard device classes, some do not. This talk is about reverse engineering the protocols some of these devices use, how the underlying USB protocol gives us some help, and some interesting patterns to look for. I'll also detail the thought processes that went into reverse engineering the Kinect's audio protocol. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4847.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4847-en-reverse_engineering_usb_devices.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4848-en-the_coming_war_on_general_computation.webm The last 20 years of Internet policy have been dominated by the copyright war, but the war turns out only to have been a skirmish. The coming century will be dominated by war against the general purpose computer, and the stakes are the freedom, fortune and privacy of the entire human race. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4848.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4848-en-the_coming_war_on_general_computation.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4848-en-the_coming_war_on_general_computation.webm 2011-12-27T00:00:00+01:00 Cory Doctorow No 28c3, Society and Politics The copyright war was just the beginning The last 20 years of Internet policy have been dominated by the copyright war, but the war turns out only to have been a skirmish. The coming century will be dominated by war against the general purpose computer, and the stakes are the freedom, fortune and privacy of the entire human race. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4848.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4848-en-the_coming_war_on_general_computation.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4856-en-the_engineering_part_of_social_engineering.webm All the talks i saw about SE so far just showed which good SE's the speakers are. I try to do another approach, what if i get in and don't know what to do then. The talk is about the reconn. before the assessment, the different approaches of SE. Which techniques can one use, how to do a proper intel. and what is useful. How things work and more important why. Which skill set should one have before entering a engagement. And last but not least how do one counter a SE attack. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4856.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4856-en-the_engineering_part_of_social_engineering.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4856-en-the_engineering_part_of_social_engineering.webm 2011-12-30T00:00:00+01:00 Aluc No 28c3, Hacking Why just lying your way in won't get you anywhere All the talks i saw about SE so far just showed which good SE's the speakers are. I try to do another approach, what if i get in and don't know what to do then. The talk is about the reconn. before the assessment, the different approaches of SE. Which techniques can one use, how to do a proper intel. and what is useful. How things work and more important why. Which skill set should one have before entering a engagement. And last but not least how do one counter a SE attack. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4856.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4856-en-the_engineering_part_of_social_engineering.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4866-de-fnord_jahresrueckblick.webm Auch dieses Jahr werden wir euch wieder mit den Fnords des Jahres zu unterhalten suchen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4866.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4866-de-fnord_jahresrueckblick.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4866-de-fnord_jahresrueckblick.webm 2011-12-29T00:00:00+01:00 Felix von Leitner, Frank Rieger No 28c3, Community von Atomendlager bis Zensus Auch dieses Jahr werden wir euch wieder mit den Fnords des Jahres zu unterhalten suchen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4866.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4866-de-fnord_jahresrueckblick.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4869-de-tresor.webm Herkömmliche Festplattenverschlüsselungen legen notwendige Schlüssel im RAM ab. Dadurch sind sie schutzlos Angriffen wie Cold-Boot Attacken ausgeliefert, die auf den Arbeitsspeicher abzielen. TRESOR bietet Schutz gegen solche Angriffe. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4869.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4869-de-tresor.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4869-de-tresor.webm 2011-12-29T00:00:00+01:00 tilo No 28c3, Hacking Herkömmliche Festplattenverschlüsselungen legen notwendige Schlüssel im RAM ab. Dadurch sind sie schutzlos Angriffen wie Cold-Boot Attacken ausgeliefert, die auf den Arbeitsspeicher abzielen. TRESOR bietet Schutz gegen solche Angriffe. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4869.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4869-de-tresor.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4871-en-hacking_mfps.webm We have decided to continue our research onto PostScript realms - an old, very powerful and nicely designed programming language, where (as a coincidence or not, given it's numerous security flaws) Adobe owns most PostScript interpreters instances. This time we demonstrate that PostScript language, given it's power, elegance and Turing-completeness, can be used more than just for drawing dots, lines and circles - and to a certain extent it can be a hacker's sweet delight if fully mastered. We will be presenting a real-life implementation of unusual PostScript APIs (along with it's dissection and reconstructed documentation) that interact with various levels of OS and HW, implementation we have found in a TOP10 printer vendor product line. Also, we will investigate whether a PostScript-based (hence platform-independent) virus (18+ years after first proposals of such theory) can be acomplished, thus giving theoretical hints and few building blocks in this direction. We will also present some very constructive uses of the PostScript language in the creative (i.e. non-destructive) hacking direction. In the end, we will try to summarize our conclusions and possible solution for all parties involved (vendors, users, sysadmins, security experts). With this research we hope we can prove that entire printer industry (devices, printing software/drivers/subsystems, publishing and managed services) have to be rethought security-wise, so that it can withstand in the long run the current security landscape and threats. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4871.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4871-en-hacking_mfps.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4871-en-hacking_mfps.webm 2011-12-28T00:00:00+01:00 Andrei Costin No 28c3, Hacking Part2 - PostScript: Um, you've been hacked We have decided to continue our research onto PostScript realms - an old, very powerful and nicely designed programming language, where (as a coincidence or not, given it's numerous security flaws) Adobe owns most PostScript interpreters instances. This time we demonstrate that PostScript language, given it's power, elegance and Turing-completeness, can be used more than just for drawing dots, lines and circles - and to a certain extent it can be a hacker's sweet delight if fully mastered. We will be presenting a real-life implementation of unusual PostScript APIs (along with it's dissection and reconstructed documentation) that interact with various levels of OS and HW, implementation we have found in a TOP10 printer vendor product line. Also, we will investigate whether a PostScript-based (hence platform-independent) virus (18+ years after first proposals of such theory) can be acomplished, thus giving theoretical hints and few building blocks in this direction. We will also present some very constructive uses of the PostScript language in the creative (i.e. non-destructive) hacking direction. In the end, we will try to summarize our conclusions and possible solution for all parties involved (vendors, users, sysadmins, security experts). With this research we hope we can prove that entire printer industry (devices, printing software/drivers/subsystems, publishing and managed services) have to be rethought security-wise, so that it can withstand in the long run the current security landscape and threats. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4871.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4871-en-hacking_mfps.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4876-de-die_spinnen_die_sachsen.webm Die Meldungen aus Sachsen in diesem Jahr wirkten für alle, die nicht dort wohnen, ein bisschen, als kämen sie von einem sehr weit entfernten Stern. In regelmäßigen Abständen werden Dinge bekannt, die jeweils einzeln früher zum Rücktritt von Ministern geführt hätten. Funkzellenabfrage, §129-Verfahren, die Durchsuchung eines Pfarrers, Aberkennung der Immunität eines Fraktionsvorsitzenden wegen Rädelführerschaft: umfassende Kriminalisierung von Protesten gegen Nazis, und zwar weit bis in die "Mitte der Gesellschaft". Offline-Überwachung und -Drangsalierung sind in Sachsen Alltag. Der Talk gibt einen Überblick über den Stand der Dinge und warnt davor, sich (außerhalb Sachsens) gemütlich schaudernd zurückzulehnen. Denn: Wenn Sachsen damit durchkommt, setzt das Maßstäbe für andere Bundesländer. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4876.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4876-de-die_spinnen_die_sachsen.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4876-de-die_spinnen_die_sachsen.webm 2011-12-27T00:00:00+01:00 Anne Roth No 28c3, Society and Politics On- und Offline-Überwachung: Weil sie es können Die Meldungen aus Sachsen in diesem Jahr wirkten für alle, die nicht dort wohnen, ein bisschen, als kämen sie von einem sehr weit entfernten Stern. In regelmäßigen Abständen werden Dinge bekannt, die jeweils einzeln früher zum Rücktritt von Ministern geführt hätten. Funkzellenabfrage, §129-Verfahren, die Durchsuchung eines Pfarrers, Aberkennung der Immunität eines Fraktionsvorsitzenden wegen Rädelführerschaft: umfassende Kriminalisierung von Protesten gegen Nazis, und zwar weit bis in die "Mitte der Gesellschaft". Offline-Überwachung und -Drangsalierung sind in Sachsen Alltag. Der Talk gibt einen Überblick über den Stand der Dinge und warnt davor, sich (außerhalb Sachsens) gemütlich schaudernd zurückzulehnen. Denn: Wenn Sachsen damit durchkommt, setzt das Maßstäbe für andere Bundesländer. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4876.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4876-de-die_spinnen_die_sachsen.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4897-en-keynote.webm While it's old news that authoritarian regimes regularly rely on censorship and surveillance technology supplied to them by Western companies, 2011 was a year (thanks, in part, to the Arab Spring) when it became a hot issue in the public debate. While politicians on both sides of the Atlantic have recently committed to ban the sale of such technologies to dictators, it's not clear whether such measures would prove effective (or merely drive the sale of such technologies underground) or simply stimulate the growth of Chinese, Russian and Indian companies. More disturbingly, there is still very little awareness – at least among the general public – that many of the tools that are currently exported to authoritarian states have been designed to help fight "The Global War On Terror" and are thus inextricably linked to domestic policies of Western states. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4897.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4897-en-keynote.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4897-en-keynote.webm 2011-12-27T00:00:00+01:00 Evgeny Morozov No 28c3, Society and Politics While it's old news that authoritarian regimes regularly rely on censorship and surveillance technology supplied to them by Western companies, 2011 was a year (thanks, in part, to the Arab Spring) when it became a hot issue in the public debate. While politicians on both sides of the Atlantic have recently committed to ban the sale of such technologies to dictators, it's not clear whether such measures would prove effective (or merely drive the sale of such technologies underground) or simply stimulate the growth of Chinese, Russian and Indian companies. More disturbingly, there is still very little awareness – at least among the general public – that many of the tools that are currently exported to authoritarian states have been designed to help fight "The Global War On Terror" and are thus inextricably linked to domestic policies of Western states. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4897.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4897-en-keynote.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4898-de-security_nightmares.webm about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4898.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4898-de-security_nightmares.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4898-de-security_nightmares.webm 2011-12-30T00:00:00+01:00 Frank Rieger, Ron No 28c3, Hacking about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4898.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4898-de-security_nightmares.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4899-en-closing_event.webm about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4899.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4899-en-closing_event.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4899-en-closing_event.webm 2011-12-30T00:00:00+01:00 No 28c3, Community about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4899.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4899-en-closing_event.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4901-de-der_staatstrojaner_aus_sicht_der_technik.webm 0zapftis wird aus Sicht der Technik und unter juristischen Gesichtspunkten analysiert. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4901.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4901-de-der_staatstrojaner_aus_sicht_der_technik.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4901-de-der_staatstrojaner_aus_sicht_der_technik.webm 2011-12-27T00:00:00+01:00 0zapfths, Constanze Kurz, Frank Rieger, Ulf Buermeyer No 28c3, Hacking Vom braunen Briefumschlag bis zur Publikation 0zapftis wird aus Sicht der Technik und unter juristischen Gesichtspunkten analysiert. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4901.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4901-de-der_staatstrojaner_aus_sicht_der_technik.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4903-en-changing_techno_optimists_by_shaking_up_the_bureaucrats.webm Meet the Netherlands: a nation filled with techno-optimists protecting our freedom by puting in place restrictions on what you can do, reducing our privacy and have technology as a solution for anything and everything. When you make a trip we store your details for two years, your airplane meal selection from two years earlier is good data to test with and when migrating the government website we keep the old website running in an unmaintained state. If you have nothing to hide nothing can go wrong and there is nothing you can do. Well not quite. What would happen if you play the system? If you would take the train and hack the card? What if you were to pick up the resistance you face and use it in your advantage. No matter what the costs would carry on? If you would take some data and show the failures? Not just once but a full month long and call that month Leaktober. What if you would publicly call the failures with our personal data? Ultimately you make a difference. You change the law, you changes the rules of the game and you really can raise the question if storing all that data is really needed. Ultimately people really start to doubt if this is the right way to go. This is a strategic and tactical story on how you can regain some privacy and data protection. Even though for a journalist this should be normal work, thanks to some people these things become very personal. It ends in criminal prosecution, legal threats, insults, a successful counter hack and ultimately a lot of benefits. But standing up for a cause does work as long as you focus on the stories you want to bring. My story is about hacking the system from the inside, overcoming fear and showing bureaucrats that hackers are people too. The talk is a lessons learnt how a few people can change a nation with hacker beliefs if they really want to. A guideline on how to make a difference by hacking the system you want to change. Where you can even make huge mistakes, but with some luck you can win a world. How you can make your critical voice be heard. Zillions of lessons learnt. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4903.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4903-en-changing_techno_optimists_by_shaking_up_the_bureaucrats.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4903-en-changing_techno_optimists_by_shaking_up_the_bureaucrats.webm 2011-12-30T00:00:00+01:00 Brenno de Winter No 28c3, Society and Politics Meet the Netherlands: a nation filled with techno-optimists protecting our freedom by puting in place restrictions on what you can do, reducing our privacy and have technology as a solution for anything and everything. When you make a trip we store your details for two years, your airplane meal selection from two years earlier is good data to test with and when migrating the government website we keep the old website running in an unmaintained state. If you have nothing to hide nothing can go wrong and there is nothing you can do. Well not quite. What would happen if you play the system? If you would take the train and hack the card? What if you were to pick up the resistance you face and use it in your advantage. No matter what the costs would carry on? If you would take some data and show the failures? Not just once but a full month long and call that month Leaktober. What if you would publicly call the failures with our personal data? Ultimately you make a difference. You change the law, you changes the rules of the game and you really can raise the question if storing all that data is really needed. Ultimately people really start to doubt if this is the right way to go. This is a strategic and tactical story on how you can regain some privacy and data protection. Even though for a journalist this should be normal work, thanks to some people these things become very personal. It ends in criminal prosecution, legal threats, insults, a successful counter hack and ultimately a lot of benefits. But standing up for a cause does work as long as you focus on the stories you want to bring. My story is about hacking the system from the inside, overcoming fear and showing bureaucrats that hackers are people too. The talk is a lessons learnt how a few people can change a nation with hacker beliefs if they really want to. A guideline on how to make a difference by hacking the system you want to change. Where you can even make huge mistakes, but with some luck you can win a world. How you can make your critical voice be heard. Zillions of lessons learnt. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4903.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4903-en-changing_techno_optimists_by_shaking_up_the_bureaucrats.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4905-en-lightning_talks_day_2.webm about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4905.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4905-en-lightning_talks_day_2.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4905-en-lightning_talks_day_2.webm 2011-12-28T00:00:00+01:00 Nick Farr No 28c3, Community about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4905.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4905-en-lightning_talks_day_2.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4906-en-lightning_talks_day_3_pecha_kucha.webm about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4906.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4906-en-lightning_talks_day_3_pecha_kucha.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4906-en-lightning_talks_day_3_pecha_kucha.webm 2011-12-29T00:00:00+01:00 Nick Farr No 28c3, Community Pecha Kucha Round! about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4906.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4906-en-lightning_talks_day_3_pecha_kucha.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4907-en-lightning_talks_day_4.webm about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4907.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4907-en-lightning_talks_day_4.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4907-en-lightning_talks_day_4.webm 2011-12-30T00:00:00+01:00 Nick Farr No 28c3, Community about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4907.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4907-en-lightning_talks_day_4.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4908-de-jahresrueckblick_2011.webm Kaum hat es begonnen, da ist es auch schon wieder vorbei – das Jahr 2011. Also ist es wieder an der Zeit für den Rückblick auf Technikforschung und Nerd-Lobbyismus mit Hackerperspektive, der natürlich nie ohne Ausblick ist. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4908.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4908-de-jahresrueckblick_2011.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4908-de-jahresrueckblick_2011.webm 2011-12-29T00:00:00+01:00 Andreas Bogk, Constanze Kurz, Erdgeist, Frank Rieger No 28c3, Society and Politics Kaum hat es begonnen, da ist es auch schon wieder vorbei – das Jahr 2011. Also ist es wieder an der Zeit für den Rückblick auf Technikforschung und Nerd-Lobbyismus mit Hackerperspektive, der natürlich nie ohne Ausblick ist. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4908.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4908-de-jahresrueckblick_2011.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4910-de-demokratie_auf_saechsisch.webm Alles begann im Vorfeld des 13. Februar 2010. Nachdem sich der sogenannte rechte Trauermarsch am Jahrestag der Bombardierung Dresdens innerhalb weniger Jahre zum größten Naziaufmarsch Europas entwickelt hatte, gründete sich 2009 ein bundesweites Bündnis aus Antifa-Gruppen, Parteien und Zivilgesellschaft mit dem Ziel, diesen zu blockieren. Soviel Engagement gegen Rechts war den sächsischen Behörden jedoch von Anfang ein Dorn im Auge, so dass die Oberstaatsanwaltschaft Dresden bereits im Januar 2009 den Vorwurf des „Aufrufs zu Straftaten“ konstruierte, um Räumlichkeiten des Bündnisses zu durchsuchen, Plakate zu beschlagnahmen und so die Mobilisierung nach Dresden zu unterbinden. Die Taktik ging nicht auf: Am 13. Februar 2010 belagerten mehr als 10.000 Menschen den Aufmarschort, woraufhin der Naziaufmarsch nicht stattfand. Eine solche Schlappe wollten LKA und Staatsanwaltschaft nicht noch einmal hinnehmen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4910.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4910-de-demokratie_auf_saechsisch.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4910-de-demokratie_auf_saechsisch.webm 2011-12-27T00:00:00+01:00 Josephine Fischer, Tobias Naumann No 28c3, Society and Politics Alles begann im Vorfeld des 13. Februar 2010. Nachdem sich der sogenannte rechte Trauermarsch am Jahrestag der Bombardierung Dresdens innerhalb weniger Jahre zum größten Naziaufmarsch Europas entwickelt hatte, gründete sich 2009 ein bundesweites Bündnis aus Antifa-Gruppen, Parteien und Zivilgesellschaft mit dem Ziel, diesen zu blockieren. Soviel Engagement gegen Rechts war den sächsischen Behörden jedoch von Anfang ein Dorn im Auge, so dass die Oberstaatsanwaltschaft Dresden bereits im Januar 2009 den Vorwurf des „Aufrufs zu Straftaten“ konstruierte, um Räumlichkeiten des Bündnisses zu durchsuchen, Plakate zu beschlagnahmen und so die Mobilisierung nach Dresden zu unterbinden. Die Taktik ging nicht auf: Am 13. Februar 2010 belagerten mehr als 10.000 Menschen den Aufmarschort, woraufhin der Naziaufmarsch nicht stattfand. Eine solche Schlappe wollten LKA und Staatsanwaltschaft nicht noch einmal hinnehmen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4910.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4910-de-demokratie_auf_saechsisch.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4913-de-almighty_dna_and_beyond.webm Die Erstellung von Personenprofilen aus DNA und ihre Speicherung in polizeilichen Datenbanken erfreut sich allgemeiner Akzeptanz. Die Annahme ist weitverbreitet, es ginge dabei allein um die Aufklärung von Mord und Totschlag. Tatsächlich speichert das Bundeskriminalamt hier aber Datensätze auf Vorrat und zwar aus immer geringfügigeren Anlässen und in immer größerer Zahl. Zudem werden die DNA-Datenbanken der europäischen Polizeien derzeit miteinander vernetzt. Das ist umso beunruhigender, als wir alle beständig DNA hinterlassen, ob nun in Haaren, Hautabrieb oder Speichel. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4913.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4913-de-almighty_dna_and_beyond.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4913-de-almighty_dna_and_beyond.webm 2011-12-27T00:00:00+01:00 Susanne Schultz, Uta Wagenmann No 28c3, Society and Politics Was die Tatort-Wahrheitsmaschine mit Überwachung zu tun hat Die Erstellung von Personenprofilen aus DNA und ihre Speicherung in polizeilichen Datenbanken erfreut sich allgemeiner Akzeptanz. Die Annahme ist weitverbreitet, es ginge dabei allein um die Aufklärung von Mord und Totschlag. Tatsächlich speichert das Bundeskriminalamt hier aber Datensätze auf Vorrat und zwar aus immer geringfügigeren Anlässen und in immer größerer Zahl. Zudem werden die DNA-Datenbanken der europäischen Polizeien derzeit miteinander vernetzt. Das ist umso beunruhigender, als wir alle beständig DNA hinterlassen, ob nun in Haaren, Hautabrieb oder Speichel. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4913.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4913-de-almighty_dna_and_beyond.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4916-en-buggedplanet.webm BuggedPlanet.Info is a small Wiki that tries to list and track down the activities of the surveillance industry in the fields of "Lawful Interception", Signals Intelligence (SIGINT), Communications Intelligence (COMINT) and related fields to gain access to data from telecommunication systems. In this talk I want to explain the idea behind the project and also discuss some observations made between industrial activites and governmental actings. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4916.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4916-en-buggedplanet.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4916-en-buggedplanet.webm 2011-12-27T00:00:00+01:00 Andy Müller-Maguhn No 28c3, Society and Politics Surveillance Industry & Country's Actings BuggedPlanet.Info is a small Wiki that tries to list and track down the activities of the surveillance industry in the fields of "Lawful Interception", Signals Intelligence (SIGINT), Communications Intelligence (COMINT) and related fields to gain access to data from telecommunication systems. In this talk I want to explain the idea behind the project and also discuss some observations made between industrial activites and governmental actings. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4916.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4916-en-buggedplanet.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4927-en-noc_review_28c3_camp.webm A review about the camp and the congress network. Network layout, planning, setup, operation and finally the teardown. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4927.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4927-en-noc_review_28c3_camp.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4927-en-noc_review_28c3_camp.webm 2011-12-30T00:00:00+01:00 Kay, Will Hargrave No 28c3, Hacking NOC Review about the Camp 2011 and the 28C3 A review about the camp and the congress network. Network layout, planning, setup, operation and finally the teardown. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4927.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4927-en-noc_review_28c3_camp.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4928-en-kinectfusion.webm This project investigates techniques to track the 6DOF position of handheld depth sensing cameras, such as Kinect, as they move through space and perform high quality 3D surface reconstructions for interaction. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4928.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4928-en-kinectfusion.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4928-en-kinectfusion.webm 2011-12-29T00:00:00+01:00 David Kim No 28c3, Science Real-time 3D Reconstruction and Interaction Using a Moving Depth Camera This project investigates techniques to track the 6DOF position of handheld depth sensing cameras, such as Kinect, as they move through space and perform high quality 3D surface reconstructions for interaction. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4928.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4928-en-kinectfusion.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4930-en-black_ops_of_tcpip_2011.webm Black Ops of TCP/IP 2011, a cleanup of the BH USA talk. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4930.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4930-en-black_ops_of_tcpip_2011.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4930-en-black_ops_of_tcpip_2011.webm 2011-12-27T00:00:00+01:00 Dan Kaminsky No 28c3, Hacking Black Ops of TCP/IP 2011, a cleanup of the BH USA talk. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4930.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4930-en-black_ops_of_tcpip_2011.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4932-de-camp_review_2011.webm All of us who did attend are still dreaming. All of us who did not attend are still weeping. The CCCamp 2011. This film recapitulates all the great moments that took place during summer this year. All the great moments. Really. All of them. English and German with English subs (still improvable, though). about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4932.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4932-de-camp_review_2011.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4932-de-camp_review_2011.webm 2011-12-29T00:00:00+01:00 No 28c3, Culture Reviving a nice summer dream All of us who did attend are still dreaming. All of us who did not attend are still weeping. The CCCamp 2011. This film recapitulates all the great moments that took place during summer this year. All the great moments. Really. All of them. English and German with English subs (still improvable, though). about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4932.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4932-de-camp_review_2011.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4934-en-hacker_jeopardy_translation.webm about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4934.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4934-en-hacker_jeopardy_translation.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4934-en-hacker_jeopardy_translation.webm 2011-12-28T00:00:00+01:00 No 28c3, Show about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4934.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4934-en-hacker_jeopardy_translation.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4935-en-eu_datenschutz_internet_der_dinge.webm Derzeit arbeitet die EU-Kommission an der Modernisierung der Datenschutzrichtlinie. Dieser Beitrag informiert über den Stand der Dinge. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4935.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4935-en-eu_datenschutz_internet_der_dinge.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4935-en-eu_datenschutz_internet_der_dinge.webm 2011-12-27T00:00:00+01:00 Andreas Krisch No 28c3, Society and Politics Derzeit arbeitet die EU-Kommission an der Modernisierung der Datenschutzrichtlinie. Dieser Beitrag informiert über den Stand der Dinge. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4935.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4935-en-eu_datenschutz_internet_der_dinge.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4936-en-fnord_jahresrueckblick.webm Auch dieses Jahr werden wir euch wieder mit den Fnords des Jahres zu unterhalten suchen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4936.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4936-en-fnord_jahresrueckblick.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4936-en-fnord_jahresrueckblick.webm 2011-12-29T00:00:00+01:00 Felix von Leitner, Frank Rieger No 28c3, Community von Atomendlager bis Zensus Auch dieses Jahr werden wir euch wieder mit den Fnords des Jahres zu unterhalten suchen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4936.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4936-en-fnord_jahresrueckblick.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4937-en-security_nightmares.webm about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4937.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4937-en-security_nightmares.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4937-en-security_nightmares.webm 2011-12-30T00:00:00+01:00 Frank Rieger, Ron No 28c3, Hacking about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4937.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4937-en-security_nightmares.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-3957-en-ipv6_insecurities.mp4 New protocol features have been proposed and implemented in the last 5 years and ISPs are now slowly starting to deploy IPv6. This talk starts with a brief summary of the issues presented five years ago, and then expands on the new risks. Discovered implemention security issues in Windows 7/2008, Linux and Cisco will be shown too. Comes with a GPL'ed toolkit: thc-ipv6 about this event: http://events.ccc.de/congress/2010/Fahrplan/events/3957.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-3957-en-ipv6_insecurities.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-3957-en-ipv6_insecurities.mp4 2010-12-27T00:00:00+01:00 vanHauser No 27c3, Hacking New protocol features have been proposed and implemented in the last 5 years and ISPs are now slowly starting to deploy IPv6. This talk starts with a brief summary of the issues presented five years ago, and then expands on the new risks. Discovered implemention security issues in Windows 7/2008, Linux and Cisco will be shown too. Comes with a GPL'ed toolkit: thc-ipv6 about this event: http://events.ccc.de/congress/2010/Fahrplan/events/3957.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-3957-en-ipv6_insecurities.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4302-en-27c3_keynote_we_come_in_peace.mp4 nil about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4302.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4302-en-27c3_keynote_we_come_in_peace.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4302-en-27c3_keynote_we_come_in_peace.mp4 2010-12-27T00:00:00+01:00 Rop Gonggrijp No 27c3, Society We come in Peace nil about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4302.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4302-en-27c3_keynote_we_come_in_peace.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4339-en-openleaks.mp4 Due to popular demand, the talk will give an introduction to the OpenLeaks system and the idea behind it. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4339.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4339-en-openleaks.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4339-en-openleaks.mp4 2010-12-30T00:00:00+01:00 Daniel Domscheit-Berg No 27c3, Society Due to popular demand, the talk will give an introduction to the OpenLeaks system and the idea behind it. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4339.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4339-en-openleaks.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_10:00_-_open_source_chancen_und_risiken_fur_software_hersteller_-_lori_grosland_-_patric_boscolo_-_766.mp4 Mehr als 350.000 Open Source Applikationen laufen derzeit auf der Windows Plattform. Aber was tut Microsoft für Open Source? Wie sieht Microsofts Open Source Strategie aus? Von Port 25 über CodePlex bis hin zu den Kremien in denen Microsoft aktiv ist. Wir sprechen über den Einsatz der Microsoft Research Kernel und des CRK im Universitären Umfeld. Und zeigen wie im ALM Umfeld NuGet und Orchad die Verwendung von Open Source Projekte für Entwickler vereinfacht. about this event: http://programm.froscon.org/2011/events/766.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_10:00_-_open_source_chancen_und_risiken_fur_software_hersteller_-_lori_grosland_-_patric_boscolo_-_766.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_10:00_-_open_source_chancen_und_risiken_fur_software_hersteller_-_lori_grosland_-_patric_boscolo_-_766.mp4 2011-08-21T00:00:00+02:00 Lori Grosland, Patric Boscolo No froscon11, Other Mehr als 350.000 Open Source Applikationen laufen derzeit auf der Windows Plattform. Aber was tut Microsoft für Open Source? Wie sieht Microsofts Open Source Strategie aus? Von Port 25 über CodePlex bis hin zu den Kremien in denen Microsoft aktiv ist. Wir sprechen über den Einsatz der Microsoft Research Kernel und des CRK im Universitären Umfeld. Und zeigen wie im ALM Umfeld NuGet und Orchad die Verwendung von Open Source Projekte für Entwickler vereinfacht. about this event: http://programm.froscon.org/2011/events/766.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_10:00_-_open_source_chancen_und_risiken_fur_software_hersteller_-_lori_grosland_-_patric_boscolo_-_766.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_10:00_-_gnome_3_-_ein_blick_in_die_zukunft_-_hendrik_richter_-_681.mp4 Am 6. April wurde nach mehrjähriger Entwicklungsarbeit Version 3.0 der freien Arbeitsumgebung GNOME veröffentlicht. Dieser Vortrag zeigt, welche Überlegungen hinter den vielfältigen Änderungen stecken und gibt einen Überblick der geplanten Neuerungen für GNOME 3.2, das im Oktober erscheinen wird. Zu guter Letzt wird ein Blick in die Zukunft der 3.x-Reihe gewagt, der viele spannende Ideen aufzeigt. about this event: http://programm.froscon.org/2011/events/681.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_10:00_-_gnome_3_-_ein_blick_in_die_zukunft_-_hendrik_richter_-_681.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_10:00_-_gnome_3_-_ein_blick_in_die_zukunft_-_hendrik_richter_-_681.mp4 2011-08-20T00:00:00+02:00 Hendrik Richter No froscon11, Desktop Am 6. April wurde nach mehrjähriger Entwicklungsarbeit Version 3.0 der freien Arbeitsumgebung GNOME veröffentlicht. Dieser Vortrag zeigt, welche Überlegungen hinter den vielfältigen Änderungen stecken und gibt einen Überblick der geplanten Neuerungen für GNOME 3.2, das im Oktober erscheinen wird. Zu guter Letzt wird ein Blick in die Zukunft der 3.x-Reihe gewagt, der viele spannende Ideen aufzeigt. about this event: http://programm.froscon.org/2011/events/681.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_10:00_-_gnome_3_-_ein_blick_in_die_zukunft_-_hendrik_richter_-_681.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_11:15_-_from_zero_to_openstack_-_richard_richih_hartmann_-_685.mp4 Openstack is a very strong new-comer in the cloud computing space. Expect real-world experience and best practices setting it up. about this event: http://programm.froscon.org/2011/events/685.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_11:15_-_from_zero_to_openstack_-_richard_richih_hartmann_-_685.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_11:15_-_from_zero_to_openstack_-_richard_richih_hartmann_-_685.mp4 2011-08-20T00:00:00+02:00 Richard "RichiH" Hartmann No froscon11, System Administration Deploying Openstack for fun and profit Openstack is a very strong new-comer in the cloud computing space. Expect real-world experience and best practices setting it up. about this event: http://programm.froscon.org/2011/events/685.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_11:15_-_from_zero_to_openstack_-_richard_richih_hartmann_-_685.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_12:45_-_software_freedom_means_business_value_-_simon_phipps_-_830.mp4 As we enter the era of cloud computing and see distributed computing become a daily reality, it's important to realise that everything we value in using open source software arises from the principles of software freedom. In the light of this realisation, we need to re-interpret software freedom for the new era rather than forget it. about this event: http://programm.froscon.org/2011/events/830.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_12:45_-_software_freedom_means_business_value_-_simon_phipps_-_830.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_12:45_-_software_freedom_means_business_value_-_simon_phipps_-_830.mp4 2011-08-20T00:00:00+02:00 Simon Phipps No froscon11, Keynote As we enter the era of cloud computing and see distributed computing become a daily reality, it's important to realise that everything we value in using open source software arises from the principles of software freedom. In the light of this realisation, we need to re-interpret software freedom for the new era rather than forget it. about this event: http://programm.froscon.org/2011/events/830.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_12:45_-_software_freedom_means_business_value_-_simon_phipps_-_830.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_14:00_-_the_state_of_open_source_licensing_and_how_to_improve_it_-_martin_michlmayr_-_753.mp4 Love it or hate it, but correct licensing is an important component of every free software and open source project. This is especially true as an increasing number of corporations are adopting and distributing open source applications and code. This talk will therefore give an overview of the current state of open source licensing and will discuss efforts currently underway to improve the status quo. about this event: http://programm.froscon.org/2011/events/753.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_14:00_-_the_state_of_open_source_licensing_and_how_to_improve_it_-_martin_michlmayr_-_753.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_14:00_-_the_state_of_open_source_licensing_and_how_to_improve_it_-_martin_michlmayr_-_753.mp4 2011-08-20T00:00:00+02:00 Martin Michlmayr No froscon11, Legal Issues Love it or hate it, but correct licensing is an important component of every free software and open source project. This is especially true as an increasing number of corporations are adopting and distributing open source applications and code. This talk will therefore give an overview of the current state of open source licensing and will discuss efforts currently underway to improve the status quo. about this event: http://programm.froscon.org/2011/events/753.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_14:00_-_the_state_of_open_source_licensing_and_how_to_improve_it_-_martin_michlmayr_-_753.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_15:15_-_wrangling_git_-_scott_chacon_-_802.mp4 Many of us are familiar with the basics of Git and may use it on a daily basis, but there are some interesting gems of functionality hidden in the depths of Git obscurity. This talk will shed some light on these tools for you. about this event: http://programm.froscon.org/2011/events/802.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_15:15_-_wrangling_git_-_scott_chacon_-_802.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_15:15_-_wrangling_git_-_scott_chacon_-_802.mp4 2011-08-20T00:00:00+02:00 Scott Chacon No froscon11, Development Git power tips for the intermediate Git user Many of us are familiar with the basics of Git and may use it on a daily basis, but there are some interesting gems of functionality hidden in the depths of Git obscurity. This talk will shed some light on these tools for you. about this event: http://programm.froscon.org/2011/events/802.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_15:15_-_wrangling_git_-_scott_chacon_-_802.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_16:30_-_openmoko_5_years_after_what_s_left_behind_-_dr_michael_lauer_-_713.mp4 A brief look at the history of the Openmoko project, what lead to its (perceived) failure, and why even despite that it was very valuable for the free and open source community. We're then discussing at what's left behind and what the future holds. about this event: http://programm.froscon.org/2011/events/713.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_16:30_-_openmoko_5_years_after_what_s_left_behind_-_dr_michael_lauer_-_713.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_16:30_-_openmoko_5_years_after_what_s_left_behind_-_dr_michael_lauer_-_713.mp4 2011-08-20T00:00:00+02:00 Dr. Michael Lauer No froscon11, Mobile Free software and hardware projects for mobile communication A brief look at the history of the Openmoko project, what lead to its (perceived) failure, and why even despite that it was very valuable for the free and open source community. We're then discussing at what's left behind and what the future holds. about this event: http://programm.froscon.org/2011/events/713.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_16:30_-_openmoko_5_years_after_what_s_left_behind_-_dr_michael_lauer_-_713.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_17:45_-_the_state_of_the_union_-_michael_kleinhenz_-_oliver_zendel_-_737.mp4 Was war, was wird 2011 in Sachen Open Source und Freie Software? Welche Themen haben uns bewegt und werden uns bewegen? Ein Couchgespräch zwischen Oliver Zendel und Michael Kleinhenz. about this event: http://programm.froscon.org/2011/events/737.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_17:45_-_the_state_of_the_union_-_michael_kleinhenz_-_oliver_zendel_-_737.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_17:45_-_the_state_of_the_union_-_michael_kleinhenz_-_oliver_zendel_-_737.mp4 2011-08-20T00:00:00+02:00 Michael Kleinhenz, Oliver Zendel No froscon11, Other Das FOSS-Jahr 2011 Was war, was wird 2011 in Sachen Open Source und Freie Software? Welche Themen haben uns bewegt und werden uns bewegen? Ein Couchgespräch zwischen Oliver Zendel und Michael Kleinhenz. about this event: http://programm.froscon.org/2011/events/737.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_17:45_-_the_state_of_the_union_-_michael_kleinhenz_-_oliver_zendel_-_737.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_11:15_-_eight_rollouts_a_day_keeping_downtime_away_-_kristian_kohntopp_-_650.mp4 Booking.com violates best practice in every conceivable way, taking "agile" to the next level. The talk describes why and how we are doing it, and how we are getting away with it. about this event: http://programm.froscon.org/2011/events/650.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_11:15_-_eight_rollouts_a_day_keeping_downtime_away_-_kristian_kohntopp_-_650.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_11:15_-_eight_rollouts_a_day_keeping_downtime_away_-_kristian_kohntopp_-_650.mp4 2011-08-21T00:00:00+02:00 Kristian Köhntopp No froscon11, Devops The philosophy of shared space in a development environment Booking.com violates best practice in every conceivable way, taking "agile" to the next level. The talk describes why and how we are doing it, and how we are getting away with it. about this event: http://programm.froscon.org/2011/events/650.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_11:15_-_eight_rollouts_a_day_keeping_downtime_away_-_kristian_kohntopp_-_650.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_12:45_-_why_going_open_source_will_improve_your_product_-_michael_monty_widenius_-_857.mp4 In this keynote speech Monty will explain the impact of taking your product open source. From Licensing to Community building, much can be learned from those that have done it successfully before. about this event: http://programm.froscon.org/2011/events/857.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_12:45_-_why_going_open_source_will_improve_your_product_-_michael_monty_widenius_-_857.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_12:45_-_why_going_open_source_will_improve_your_product_-_michael_monty_widenius_-_857.mp4 2011-08-21T00:00:00+02:00 Michael "Monty" Widenius No froscon11, Keynote In this keynote speech Monty will explain the impact of taking your product open source. From Licensing to Community building, much can be learned from those that have done it successfully before. about this event: http://programm.froscon.org/2011/events/857.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_12:45_-_why_going_open_source_will_improve_your_product_-_michael_monty_widenius_-_857.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_14:00_-_driving_openstack_with_puppet_-_james_turnbull_-_648.mp4 Discover the power (and low cost!) of open source Cloud with OpenStack and discover how Puppet makes it easy to build and manage open source clouds. about this event: http://programm.froscon.org/2011/events/648.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_14:00_-_driving_openstack_with_puppet_-_james_turnbull_-_648.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_14:00_-_driving_openstack_with_puppet_-_james_turnbull_-_648.mp4 2011-08-21T00:00:00+02:00 James Turnbull No froscon11, Devops Discover the power (and low cost!) of open source Cloud with OpenStack and discover how Puppet makes it easy to build and manage open source clouds. about this event: http://programm.froscon.org/2011/events/648.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_14:00_-_driving_openstack_with_puppet_-_james_turnbull_-_648.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_15:15_-_automating_complex_infrastructures_-_kris_buytaert_-_669.mp4 This talk will bring you the story of automating a SipFoundry based voip (sipx) infrastructure with puppet, a popular configuration management framework. After a gentle introduction into using the world of Puppet, this talk will also tell you how we used both existing and fresh puppet modules to configure as much as possible, before running into the dreaded "manual intervention needed" problem. about this event: http://programm.froscon.org/2011/events/669.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_15:15_-_automating_complex_infrastructures_-_kris_buytaert_-_669.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_15:15_-_automating_complex_infrastructures_-_kris_buytaert_-_669.mp4 2011-08-21T00:00:00+02:00 Kris Buytaert No froscon11, Devops Pupetizing your infrastructure This talk will bring you the story of automating a SipFoundry based voip (sipx) infrastructure with puppet, a popular configuration management framework. After a gentle introduction into using the world of Puppet, this talk will also tell you how we used both existing and fresh puppet modules to configure as much as possible, before running into the dreaded "manual intervention needed" problem. about this event: http://programm.froscon.org/2011/events/669.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_15:15_-_automating_complex_infrastructures_-_kris_buytaert_-_669.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_16:30_-_google_summer_of_code_-_dirk_haun_-_661.mp4 Google Summer of Code ist ein Programm, bei dem Google Studenten dafür bezahlt, Open-Source-Software zu entwickeln. Dabei arbeiten die Studenten einen Sommer lang mit einem Open-Source-Projekt zusammen und werden dafür von Google bezahlt. about this event: http://programm.froscon.org/2011/events/661.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_16:30_-_google_summer_of_code_-_dirk_haun_-_661.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_16:30_-_google_summer_of_code_-_dirk_haun_-_661.mp4 2011-08-21T00:00:00+02:00 Dirk Haun No froscon11, Community Neue Mitstreiter mit Geld (und T-Shirts) gewinnen - klappt das? Google Summer of Code ist ein Programm, bei dem Google Studenten dafür bezahlt, Open-Source-Software zu entwickeln. Dabei arbeiten die Studenten einen Sommer lang mit einem Open-Source-Projekt zusammen und werden dafür von Google bezahlt. about this event: http://programm.froscon.org/2011/events/661.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_16:30_-_google_summer_of_code_-_dirk_haun_-_661.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_17:45_-_drupal_-_breaching_our_way_in_-_richard_japenga_-_873.mp4 In this talk I will take you through what Drupal exactly is, what it can do, and how we set up a quick working website. about this event: http://programm.froscon.org/2011/events/873.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_17:45_-_drupal_-_breaching_our_way_in_-_richard_japenga_-_873.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_17:45_-_drupal_-_breaching_our_way_in_-_richard_japenga_-_873.mp4 2011-08-21T00:00:00+02:00 Richard Japenga No froscon11, Web In this talk I will take you through what Drupal exactly is, what it can do, and how we set up a quick working website. about this event: http://programm.froscon.org/2011/events/873.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_17:45_-_drupal_-_breaching_our_way_in_-_richard_japenga_-_873.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_18:45_-_shutdown_-_lars_ehrhardt_-_david_roetzel_-_860.mp4 about this event: http://programm.froscon.org/2011/events/860.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_18:45_-_shutdown_-_lars_ehrhardt_-_david_roetzel_-_860.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_18:45_-_shutdown_-_lars_ehrhardt_-_david_roetzel_-_860.mp4 2011-08-21T00:00:00+02:00 Lars Ehrhardt, David Roetzel No froscon11, Other about this event: http://programm.froscon.org/2011/events/860.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_18:45_-_shutdown_-_lars_ehrhardt_-_david_roetzel_-_860.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_10:00_-_deduplication_-_joerg_c0t0d0s0_org_moellenkamp_-_711.mp4 Da wird zum 30igsten Male die ach so witzige Präsentation auf einem Server gespeichert, um sie noch einer Kollegin, einem Kollegen zu zeigen. 30 Windows VMs, in denen eigentlich das gleiche Windows ist. Eigentlich Platzverschwendung, wenn man die Doubletten beseitigen würde. Deduplication kann das? Aber wie funktioniert sie? Wie sehen die unterschiedlichen Implementationen aus? Wofür kann man sie nutzen? Wann sollte man die Finger davon lassen? Was kann man stattdessen machen? about this event: http://programm.froscon.org/2011/events/711.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_10:00_-_deduplication_-_joerg_c0t0d0s0_org_moellenkamp_-_711.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_10:00_-_deduplication_-_joerg_c0t0d0s0_org_moellenkamp_-_711.mp4 2011-08-20T00:00:00+02:00 Joerg "c0t0d0s0.org" Moellenkamp No froscon11, Operating Systems Wie funktioniert es? Wofür kann man es Nutzen? Wofür nicht? Da wird zum 30igsten Male die ach so witzige Präsentation auf einem Server gespeichert, um sie noch einer Kollegin, einem Kollegen zu zeigen. 30 Windows VMs, in denen eigentlich das gleiche Windows ist. Eigentlich Platzverschwendung, wenn man die Doubletten beseitigen würde. Deduplication kann das? Aber wie funktioniert sie? Wie sehen die unterschiedlichen Implementationen aus? Wofür kann man sie nutzen? Wann sollte man die Finger davon lassen? Was kann man stattdessen machen? about this event: http://programm.froscon.org/2011/events/711.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_10:00_-_deduplication_-_joerg_c0t0d0s0_org_moellenkamp_-_711.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_11:15_-_c_template_metaprogramming_considered_sexy_-_florian_sowade_-_765.mp4 This talk will prove the sexyness of C++ template metaprogramming (TMP), by showing real world use cases and simple ad hoc library solutions which use TMP. The given samples will cover a large field of problems, like domain-specific embedded languages, parser generators, lambda libraries and regular expression matching. These samples will show the wide range of applicationareas of TMP and how it allows the development of sexy and expressive C++ libraries. Don't be afraid, if you are no C++ expert. This talk starts with a short introduction into the basics of C++ and templates in general. This ensures everybody will get a solid insight into the topic. about this event: http://programm.froscon.org/2011/events/765.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_11:15_-_c_template_metaprogramming_considered_sexy_-_florian_sowade_-_765.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_11:15_-_c_template_metaprogramming_considered_sexy_-_florian_sowade_-_765.mp4 2011-08-20T00:00:00+02:00 Florian Sowade No froscon11, Development This talk will prove the sexyness of C++ template metaprogramming (TMP), by showing real world use cases and simple ad hoc library solutions which use TMP. The given samples will cover a large field of problems, like domain-specific embedded languages, parser generators, lambda libraries and regular expression matching. These samples will show the wide range of applicationareas of TMP and how it allows the development of sexy and expressive C++ libraries. Don't be afraid, if you are no C++ expert. This talk starts with a short introduction into the basics of C++ and templates in general. This ensures everybody will get a solid insight into the topic. about this event: http://programm.froscon.org/2011/events/765.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_11:15_-_c_template_metaprogramming_considered_sexy_-_florian_sowade_-_765.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_14:00_-_behaviour_driven_development_-_jan_ehrhardt_-_731.mp4 Wie schreibe ich eigentlich Tests? Mit welchen Tests fange ich an? Und überhaupt, wie nenne ich meine Tests? BDD gibt Antworten und mit den richtigen Frameworks lässt sich viel schöner Test getrieben arbeiten. about this event: http://programm.froscon.org/2011/events/731.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_14:00_-_behaviour_driven_development_-_jan_ehrhardt_-_731.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_14:00_-_behaviour_driven_development_-_jan_ehrhardt_-_731.mp4 2011-08-20T00:00:00+02:00 Jan Ehrhardt No froscon11, Development TDD richtig gemacht Wie schreibe ich eigentlich Tests? Mit welchen Tests fange ich an? Und überhaupt, wie nenne ich meine Tests? BDD gibt Antworten und mit den richtigen Frameworks lässt sich viel schöner Test getrieben arbeiten. about this event: http://programm.froscon.org/2011/events/731.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_14:00_-_behaviour_driven_development_-_jan_ehrhardt_-_731.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_15:15_-_openvpn_im_unternehmenseinsatz_-_dominik_fischer_-_oliver_dumschat-hotte_-_781.mp4 In diesem Vortrag wird eine Lösung für eine hochverfügbare VPN-Anbindung mit OpenVPN, Quagga/OSPF und einem selbstentwickelten Daemon für das HA-Signaling beschrieben. Zur Authentisierung werden auf den Clients Smartcards mit X509 Zertifikaten eingesetzt. about this event: http://programm.froscon.org/2011/events/781.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_15:15_-_openvpn_im_unternehmenseinsatz_-_dominik_fischer_-_oliver_dumschat-hotte_-_781.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_15:15_-_openvpn_im_unternehmenseinsatz_-_dominik_fischer_-_oliver_dumschat-hotte_-_781.mp4 2011-08-20T00:00:00+02:00 Dominik Fischer, Oliver Dumschat-Hötte No froscon11, Security Realisierung einer Hochverfügbarkeitslösung mit dynamischem Routing In diesem Vortrag wird eine Lösung für eine hochverfügbare VPN-Anbindung mit OpenVPN, Quagga/OSPF und einem selbstentwickelten Daemon für das HA-Signaling beschrieben. Zur Authentisierung werden auf den Clients Smartcards mit X509 Zertifikaten eingesetzt. about this event: http://programm.froscon.org/2011/events/781.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_15:15_-_openvpn_im_unternehmenseinsatz_-_dominik_fischer_-_oliver_dumschat-hotte_-_781.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_16:30_-_making_software_see_-_michael_maclean_-_663.mp4 Although creating graphics though software is easy, with many different libraries available to do so, interpreting images isn't so common. By using the OpenCV image processing library, it is possible to be able to detect features in images, such as people's faces and other objects, and process them further. This presentation will show how. about this event: http://programm.froscon.org/2011/events/663.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_16:30_-_making_software_see_-_michael_maclean_-_663.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_16:30_-_making_software_see_-_michael_maclean_-_663.mp4 2011-08-20T00:00:00+02:00 Michael Maclean No froscon11, Development Image processing using OpenCV Although creating graphics though software is easy, with many different libraries available to do so, interpreting images isn't so common. By using the OpenCV image processing library, it is possible to be able to detect features in images, such as people's faces and other objects, and process them further. This presentation will show how. about this event: http://programm.froscon.org/2011/events/663.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_16:30_-_making_software_see_-_michael_maclean_-_663.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_17:45_-_provenance_in_der_informatik_-_ein_softwaresystem_und_sein_einsatz_-_miriam_ney_-_744.mp4 Die Herkunft von Daten, die auch als Provenance bezeichnet wird, spielt eine große Rolle in der Wissenschaft. Informationen über die Nutzer, die die Daten bearbeitet haben, Software, die Daten berechnet haben und Instrumente, die Daten produziert haben, sind dabei besonders wichtig. Um die Herkunft genau rekonstruieren zu können, werden verschiedene Technologien eingesetzt. Ein wichtiger Bestandteil dieser Technologien ist ein System, welches die Provenance Informationen speichert. Dieser Vortrag stellt ein vom DLR entwickeltes Softwaresystem zur Speicherung von Provenance Informationen vor. Außerdem zeigt der Vortrag ein Beispiel für die Nutzung eines solchen Systems. esonders wichtig. Um die Provenance genau rekonstruieren zu können, werden verschiedene Technologien eingesetzt. Ein wichtiger Bestandteil dieser Technologien ist ein System, welches die Herkunftsinformationen speichert. Dieser Vortrag stellt ein vom DLR entwickeltes Softwaresystem zur Speicherung von Provenance Informationen vor. Außerdem zeigt der Vortrag ein Beispiel für die Nutzung eines solchen Systems. about this event: http://programm.froscon.org/2011/events/744.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_17:45_-_provenance_in_der_informatik_-_ein_softwaresystem_und_sein_einsatz_-_miriam_ney_-_744.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_17:45_-_provenance_in_der_informatik_-_ein_softwaresystem_und_sein_einsatz_-_miriam_ney_-_744.mp4 2011-08-20T00:00:00+02:00 Miriam Ney No froscon11, Development Eine Open Source Software zur wissenschaftlichen Dokumentation vom Deutschen Zentrums für Luft- und Raumfahrt e.V. Die Herkunft von Daten, die auch als Provenance bezeichnet wird, spielt eine große Rolle in der Wissenschaft. Informationen über die Nutzer, die die Daten bearbeitet haben, Software, die Daten berechnet haben und Instrumente, die Daten produziert haben, sind dabei besonders wichtig. Um die Herkunft genau rekonstruieren zu können, werden verschiedene Technologien eingesetzt. Ein wichtiger Bestandteil dieser Technologien ist ein System, welches die Provenance Informationen speichert. Dieser Vortrag stellt ein vom DLR entwickeltes Softwaresystem zur Speicherung von Provenance Informationen vor. Außerdem zeigt der Vortrag ein Beispiel für die Nutzung eines solchen Systems. esonders wichtig. Um die Provenance genau rekonstruieren zu können, werden verschiedene Technologien eingesetzt. Ein wichtiger Bestandteil dieser Technologien ist ein System, welches die Herkunftsinformationen speichert. Dieser Vortrag stellt ein vom DLR entwickeltes Softwaresystem zur Speicherung von Provenance Informationen vor. Außerdem zeigt der Vortrag ein Beispiel für die Nutzung eines solchen Systems. about this event: http://programm.froscon.org/2011/events/744.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_17:45_-_provenance_in_der_informatik_-_ein_softwaresystem_und_sein_einsatz_-_miriam_ney_-_744.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_10:00_-_mysql_performance_tuning_-_oli_sennhauser_-_658.mp4 MySQL Performance Tuning ist früher oder später ein Thema für jeden Admin. In diesem Vortrag zeigen wir die Vorgehensweise auf, wie wir bei FromDual dieses Problem angehen. about this event: http://programm.froscon.org/2011/events/658.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_10:00_-_mysql_performance_tuning_-_oli_sennhauser_-_658.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_10:00_-_mysql_performance_tuning_-_oli_sennhauser_-_658.mp4 2011-08-21T00:00:00+02:00 Oli Sennhauser No froscon11, Databases Wie gehe ich vor? MySQL Performance Tuning ist früher oder später ein Thema für jeden Admin. In diesem Vortrag zeigen wir die Vorgehensweise auf, wie wir bei FromDual dieses Problem angehen. about this event: http://programm.froscon.org/2011/events/658.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_10:00_-_mysql_performance_tuning_-_oli_sennhauser_-_658.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_14:00_-_mysql_and_its_forks_what_is_different_which_future_-_stephane_combaudon_-_693.mp4 MySQL forks like Percona Server, MariaDB and Drizzle are becoming popular. Which features have been added? Why leave standard MySQL for one of the fork? These will be the topics of this session. about this event: http://programm.froscon.org/2011/events/693.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_14:00_-_mysql_and_its_forks_what_is_different_which_future_-_stephane_combaudon_-_693.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_14:00_-_mysql_and_its_forks_what_is_different_which_future_-_stephane_combaudon_-_693.mp4 2011-08-21T00:00:00+02:00 Stephane Combaudon No froscon11, Databases MySQL forks like Percona Server, MariaDB and Drizzle are becoming popular. Which features have been added? Why leave standard MySQL for one of the fork? These will be the topics of this session. about this event: http://programm.froscon.org/2011/events/693.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_14:00_-_mysql_and_its_forks_what_is_different_which_future_-_stephane_combaudon_-_693.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_15:15_-_best_practices_for_creating_high_load_websites_-_fabrizio_manfredi_-_662.mp4 High performance for a Web server that receive a large numbers of requests is critical success factor for a web site, but in many cases the Web server is only "tip of the iceberg" of a very large heterogeneous systems, with lots of components and technologies. This talk present best practices to design an high availability and high performance web site. The presentation will cover load balancing, Web server acceleration, and efficient management of dynamic data, that can be adopted by any sites to improve performance and availability. We also describe common mistake implemented in the web application framework that create performance limitations and bottleneck. The presentation will describe how to define monitors metrics of the service , that are the "eyes" of operation departments, and the implementation of the "red button" about this event: http://programm.froscon.org/2011/events/662.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_15:15_-_best_practices_for_creating_high_load_websites_-_fabrizio_manfredi_-_662.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_15:15_-_best_practices_for_creating_high_load_websites_-_fabrizio_manfredi_-_662.mp4 2011-08-21T00:00:00+02:00 Fabrizio Manfredi No froscon11, Web High performance for a Web server that receive a large numbers of requests is critical success factor for a web site, but in many cases the Web server is only "tip of the iceberg" of a very large heterogeneous systems, with lots of components and technologies. This talk present best practices to design an high availability and high performance web site. The presentation will cover load balancing, Web server acceleration, and efficient management of dynamic data, that can be adopted by any sites to improve performance and availability. We also describe common mistake implemented in the web application framework that create performance limitations and bottleneck. The presentation will describe how to define monitors metrics of the service , that are the "eyes" of operation departments, and the implementation of the "red button" about this event: http://programm.froscon.org/2011/events/662.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_15:15_-_best_practices_for_creating_high_load_websites_-_fabrizio_manfredi_-_662.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_16:30_-_freie_software_-_wer_wie_was_wieso_weshalb_warum_-_guido_arnold_-_793.mp4 Der Vortrag erklärt den Entstehungsprozess von Software und unter welchen Lizenzmodellen Software allgemein vertrieben wird. Dabei werden Begriffe wie Open Source, Copyleft, Freeware, etc. kurz erläutert und häufige Missverständnisse angesprochen. Die Definition Freier Software (4 Freiheiten) wird anhand praktischer Beispiele erklärt. Darauf aufbauend wird auf die gesellschaftliche Bedeutung Freier Software hingewiesen. about this event: http://programm.froscon.org/2011/events/793.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_16:30_-_freie_software_-_wer_wie_was_wieso_weshalb_warum_-_guido_arnold_-_793.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_16:30_-_freie_software_-_wer_wie_was_wieso_weshalb_warum_-_guido_arnold_-_793.mp4 2011-08-21T00:00:00+02:00 Guido Arnold No froscon11, Frog Labs (Kids Track) Eine kurze Einführung Der Vortrag erklärt den Entstehungsprozess von Software und unter welchen Lizenzmodellen Software allgemein vertrieben wird. Dabei werden Begriffe wie Open Source, Copyleft, Freeware, etc. kurz erläutert und häufige Missverständnisse angesprochen. Die Definition Freier Software (4 Freiheiten) wird anhand praktischer Beispiele erklärt. Darauf aufbauend wird auf die gesellschaftliche Bedeutung Freier Software hingewiesen. about this event: http://programm.froscon.org/2011/events/793.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_16:30_-_freie_software_-_wer_wie_was_wieso_weshalb_warum_-_guido_arnold_-_793.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_17:45_-_test-driven_web_development_-_christoph_neuroth_-_676.mp4 An introduction to the automated testing process of modern web applications, aimed at making your job more fun and relieve your apps from the feeling of being treated like a 3-yr-old (let's face it: HTML, CSS and JavaScript are allowed to drink together in a German pub). about this event: http://programm.froscon.org/2011/events/676.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_17:45_-_test-driven_web_development_-_christoph_neuroth_-_676.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_17:45_-_test-driven_web_development_-_christoph_neuroth_-_676.mp4 2011-08-21T00:00:00+02:00 Christoph Neuroth No froscon11, Web Treating your web application like the grown-up it is An introduction to the automated testing process of modern web applications, aimed at making your job more fun and relieve your apps from the feeling of being treated like a 3-yr-old (let's face it: HTML, CSS and JavaScript are allowed to drink together in a German pub). about this event: http://programm.froscon.org/2011/events/676.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_17:45_-_test-driven_web_development_-_christoph_neuroth_-_676.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs4_-_2011-08-20_10:00_-_project_lancelot_mailing_list_management_done_right_-_anselm_lingnau_-_690.mp4 In a world of web forums, who needs mailing lists? We do! Mailing lists are convenient, simple and austerely beautiful. However, most mailing list management software sucks, too! We present Project Lancelot: A new(ish) mailing list manager combining simplicity, modularity and awesome power in a compelling package. Its flexible design makes it easy to go where no other mailing list software has gone before. about this event: http://programm.froscon.org/2011/events/690.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs4_-_2011-08-20_10:00_-_project_lancelot_mailing_list_management_done_right_-_anselm_lingnau_-_690.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs4_-_2011-08-20_10:00_-_project_lancelot_mailing_list_management_done_right_-_anselm_lingnau_-_690.mp4 2011-08-20T00:00:00+02:00 Anselm Lingnau No froscon11, System Administration In a world of web forums, who needs mailing lists? We do! Mailing lists are convenient, simple and austerely beautiful. However, most mailing list management software sucks, too! We present Project Lancelot: A new(ish) mailing list manager combining simplicity, modularity and awesome power in a compelling package. Its flexible design makes it easy to go where no other mailing list software has gone before. about this event: http://programm.froscon.org/2011/events/690.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs4_-_2011-08-20_10:00_-_project_lancelot_mailing_list_management_done_right_-_anselm_lingnau_-_690.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs4_-_2011-08-20_11:15_-_the_gnome3_desktop_and_you_-_guido_gunther_-_770.mp4 You want to port an application from GNOME2 to GNOME3, extend GNOME Shell, develop a new GNOME program from scratch or add a feature to an existing one? Never heard of GObject Introspection, GSettings, GDBus or resident notifications? This talk tries to give an overview on how to access the cool features of GNOME3 from C, Python or JavaScript and where to look for documentation and examples. about this event: http://programm.froscon.org/2011/events/770.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs4_-_2011-08-20_11:15_-_the_gnome3_desktop_and_you_-_guido_gunther_-_770.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs4_-_2011-08-20_11:15_-_the_gnome3_desktop_and_you_-_guido_gunther_-_770.mp4 2011-08-20T00:00:00+02:00 Guido Günther No froscon11, Desktop You want to port an application from GNOME2 to GNOME3, extend GNOME Shell, develop a new GNOME program from scratch or add a feature to an existing one? Never heard of GObject Introspection, GSettings, GDBus or resident notifications? This talk tries to give an overview on how to access the cool features of GNOME3 from C, Python or JavaScript and where to look for documentation and examples. about this event: http://programm.froscon.org/2011/events/770.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs4_-_2011-08-20_11:15_-_the_gnome3_desktop_and_you_-_guido_gunther_-_770.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs4_-_2011-08-20_14:00_-_linuxcontainer_-_erkan_yanar_-_694.mp4 LXC beschreibt die im Vanilla-Kernel integrierte Virtualisierungslösung. Bei weitem noch nicht so ausgereift wie OpenVZ und doch nicht unbrauchbar. Im Vortrag wird in diese Lösung eingeführt. about this event: http://programm.froscon.org/2011/events/694.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs4_-_2011-08-20_14:00_-_linuxcontainer_-_erkan_yanar_-_694.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs4_-_2011-08-20_14:00_-_linuxcontainer_-_erkan_yanar_-_694.mp4 2011-08-20T00:00:00+02:00 Erkan Yanar No froscon11, System Administration fast forward LXC beschreibt die im Vanilla-Kernel integrierte Virtualisierungslösung. Bei weitem noch nicht so ausgereift wie OpenVZ und doch nicht unbrauchbar. Im Vortrag wird in diese Lösung eingeführt. about this event: http://programm.froscon.org/2011/events/694.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs4_-_2011-08-20_14:00_-_linuxcontainer_-_erkan_yanar_-_694.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs6_-_2011-08-20_10:00_-_session_management_fur_skalierbare_web_projekte_-_martin_schonert_-_730.mp4 Vorstellung einer Open Source Standardlösung für Session Management inklusive der NODE.JS Integration. about this event: http://programm.froscon.org/2011/events/730.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs6_-_2011-08-20_10:00_-_session_management_fur_skalierbare_web_projekte_-_martin_schonert_-_730.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs6_-_2011-08-20_10:00_-_session_management_fur_skalierbare_web_projekte_-_martin_schonert_-_730.mp4 2011-08-20T00:00:00+02:00 Martin Schönert No froscon11, JavaScript Zentrales Session Management mit SessionVOC und node.js Vorstellung einer Open Source Standardlösung für Session Management inklusive der NODE.JS Integration. about this event: http://programm.froscon.org/2011/events/730.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs6_-_2011-08-20_10:00_-_session_management_fur_skalierbare_web_projekte_-_martin_schonert_-_730.html http://media.ccc.de/ftp/events/camp2011/trailer/camp2011_trailer.m4v about this event: http://ccc.de event on media: http://media.ccc.de/browse/conferences/camp2011/camp-2011-trailer.html Sat, 01 Jan 2011 00:00:00 +0100 http://media.ccc.de/ftp/events/camp2011/trailer/camp2011_trailer.m4v 2011-01-01T00:00:00+01:00 No camp2011 about this event: http://ccc.de event on media: http://media.ccc.de/browse/conferences/camp2011/camp-2011-trailer.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4399-runtine_reconfigurable_processors-en.mp4 The talk will give the audience an introduction to the world of runtime reconfigurable processors. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4399.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4399-runtine_reconfigurable_processors-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4399-runtine_reconfigurable_processors-en.mp4 2011-08-12T00:00:00+02:00 Dominik Meyer No camp2011, Science The talk will give the audience an introduction to the world of runtime reconfigurable processors. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4399.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4399-runtine_reconfigurable_processors-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4418-cyberpeace_and_datalove-en.mp4 Governments and corporations craft powerful memes to justify their repressive policies, it is time for us to provide with solid countermeasures. Will we get "cyberwar", censorship, and repression of sharing, or impose that Internet remains the instrument of (cyber)Peace, (data)Love and (hackers)Unity? about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4418.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4418-cyberpeace_and_datalove-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4418-cyberpeace_and_datalove-en.mp4 2011-08-10T00:00:00+02:00 Jérémie Zimmermann No camp2011, Society How do we counter the memes of control? Governments and corporations craft powerful memes to justify their repressive policies, it is time for us to provide with solid countermeasures. Will we get "cyberwar", censorship, and repression of sharing, or impose that Internet remains the instrument of (cyber)Peace, (data)Love and (hackers)Unity? about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4418.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4418-cyberpeace_and_datalove-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4427-the_blackbox_in_your_phone-en.mp4 This talk sheds some light on a cellphone-component, that's inevitable, virtually unclonable and as closed as it gets: the SIM. The SIM can do a lot more than just user-authentication nowadays: the SIM Application Toolkit gives it control over your phone about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4427.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4427-the_blackbox_in_your_phone-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4427-the_blackbox_in_your_phone-en.mp4 2011-08-10T00:00:00+02:00 hunz No camp2011, Hacking Some details about SIM cards This talk sheds some light on a cellphone-component, that's inevitable, virtually unclonable and as closed as it gets: the SIM. The SIM can do a lot more than just user-authentication nowadays: the SIM Application Toolkit gives it control over your phone about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4427.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4427-the_blackbox_in_your_phone-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4428-the_joy_of_intellectual_vampirism-en.mp4 What makes us gravitate towards other people? In Intellectual Vampires it is the craving for fresh ideas, and in Intellectual Fangbangers it is the joy of sharing them. A talk on the fine art of communication, channels, contexts, and language. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4428.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4428-the_joy_of_intellectual_vampirism-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4428-the_joy_of_intellectual_vampirism-en.mp4 2011-08-13T00:00:00+02:00 Christiane Ruetten No camp2011, Culture Mindfucking with Shared Information What makes us gravitate towards other people? In Intellectual Vampires it is the craving for fresh ideas, and in Intellectual Fangbangers it is the joy of sharing them. A talk on the fine art of communication, channels, contexts, and language. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4428.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4428-the_joy_of_intellectual_vampirism-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4439-maching_to_machine_security-en.mp4 Today, more and more real-world things and machines are equipped with some kind of connection back home to the vendor. Such machine-to-machine (M2M) communication is often poorly secured and some day, the shit will hit the fan! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4439.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4439-maching_to_machine_security-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4439-maching_to_machine_security-en.mp4 2011-08-13T00:00:00+02:00 hunz No camp2011, Hacking When physical security depends on IT security Today, more and more real-world things and machines are equipped with some kind of connection back home to the vendor. Such machine-to-machine (M2M) communication is often poorly secured and some day, the shit will hit the fan! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4439.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4439-maching_to_machine_security-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4447-hybrid_rocket_engines-en.mp4 about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4447.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4447-hybrid_rocket_engines-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4447-hybrid_rocket_engines-en.mp4 2011-08-12T00:00:00+02:00 No camp2011, Hacker Space Program Design and implementation of rocket engines with two-phase propellants about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4447.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4447-hybrid_rocket_engines-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4459-transition_telecom-en.mp4 We'll need to come to grips with the challenges that declining oil production and increasing temperatures present. This talk explores positive future scenarios for the world of networking and communications past the great global energy free-for-all. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4459.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4459-transition_telecom-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4459-transition_telecom-en.mp4 2011-08-10T00:00:00+02:00 Frank Rieger, Rop Gonggrijp No camp2011, Society Telecommunications and networking during energy descent We'll need to come to grips with the challenges that declining oil production and increasing temperatures present. This talk explores positive future scenarios for the world of networking and communications past the great global energy free-for-all. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4459.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4459-transition_telecom-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4467-design_and_implementation_of_flight_electronics-en.mp4 Flying hardware must perform its intended function under harsh environmental conditions while fulfilling strict requirements due to boundary conditions like weight, size, and power consumption. The design must exhibit redundancy and resilience against adversary conditions and special care has to be given to thermal management and energy sources. We will discuss design rules to cope with specific problems and present a prototype system based on the multicore chip P8X32A. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4467.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4467-design_and_implementation_of_flight_electronics-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4467-design_and_implementation_of_flight_electronics-en.mp4 2011-08-13T00:00:00+02:00 No camp2011, Hacker Space Program Design and implementation of flight electronics Flying hardware must perform its intended function under harsh environmental conditions while fulfilling strict requirements due to boundary conditions like weight, size, and power consumption. The design must exhibit redundancy and resilience against adversary conditions and special care has to be given to thermal management and energy sources. We will discuss design rules to cope with specific problems and present a prototype system based on the multicore chip P8X32A. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4467.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4467-design_and_implementation_of_flight_electronics-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4476-open_source_photovoltaics-en.mp4 Opensource-solar.org is working on open hardware power supplies for off-grid applications. The systems consist of self-build solar panels, charge controllers with microcontroller, and LiFePo4 rechargeable batteries. Green energy for your gadgets ! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4476.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4476-open_source_photovoltaics-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4476-open_source_photovoltaics-en.mp4 2011-08-13T00:00:00+02:00 Moritz von Buttlar No camp2011, Hacker Space Program power for off-grid devices Opensource-solar.org is working on open hardware power supplies for off-grid applications. The systems consist of self-build solar panels, charge controllers with microcontroller, and LiFePo4 rechargeable batteries. Green energy for your gadgets ! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4476.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4476-open_source_photovoltaics-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4487-she_hackers-en.mp4 In 2002, Ghosh et al released a study which found that in F/LOSS coder/hacker communities, only 1.5% of members were female. This participation-heavy session is about the challenges of immersive ethnographic research in a time of gender transformation. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4487.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4487-she_hackers-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4487-she_hackers-en.mp4 2011-08-12T00:00:00+02:00 Kat Braybrooke No camp2011, Society A Presentation of Research and Invitation for Debate In 2002, Ghosh et al released a study which found that in F/LOSS coder/hacker communities, only 1.5% of members were female. This participation-heavy session is about the challenges of immersive ethnographic research in a time of gender transformation. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4487.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4487-she_hackers-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4493-space_federation-en.mp4 Our mission is to provide financial and organizational support to open communities in shared physical spaces who use innovative methods and technology in hands-on education. We'll speak to the global community about the progress in America. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4493.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4493-space_federation-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4493-space_federation-en.mp4 2011-08-10T00:00:00+02:00 willowbl00 No camp2011, Community Linking and Launching Earth-Based Hackerspaces Our mission is to provide financial and organizational support to open communities in shared physical spaces who use innovative methods and technology in hands-on education. We'll speak to the global community about the progress in America. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4493.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4493-space_federation-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4496-applied_research_on_security_of_tetra_radio.mp4 The digital professional mobile radio system TETRA is used by a wide range of users in almost all continents of the world. The OsmocomTETRA project has created a software radio receiver for the TETRA air interface, similar to what airprobe has done for GSM. Using this receiver plus associated protocol analysis tools, we are able to investigate and research the security level of real-world TETRA networks. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4496.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4496-applied_research_on_security_of_tetra_radio.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4496-applied_research_on_security_of_tetra_radio.mp4 2011-08-12T00:00:00+02:00 Harald Welte No camp2011, Hacking digital radio technology beyond GSM The digital professional mobile radio system TETRA is used by a wide range of users in almost all continents of the world. The OsmocomTETRA project has created a software radio receiver for the TETRA air interface, similar to what airprobe has done for GSM. Using this receiver plus associated protocol analysis tools, we are able to investigate and research the security level of real-world TETRA networks. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4496.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4496-applied_research_on_security_of_tetra_radio.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4502-is_this_the_mobile_gadget_world_we_created-en.mp4 The most ubiquitous device on the planet is arguably the mobile phone. Tragically, it is also a device built under some of the worst living and working conditions in the world. This is the story of a mission - To build the world's first ethical phone. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4502.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4502-is_this_the_mobile_gadget_world_we_created-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4502-is_this_the_mobile_gadget_world_we_created-en.mp4 2011-08-10T00:00:00+02:00 Bicyclemark No camp2011, Society The story of the world's first socially responsible mobile phone. The most ubiquitous device on the planet is arguably the mobile phone. Tragically, it is also a device built under some of the worst living and working conditions in the world. This is the story of a mission - To build the world's first ethical phone. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4502.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4502-is_this_the_mobile_gadget_world_we_created-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4505-strahlung_im_weltall-de.mp4 Wer eine Mission zum Mond plant, muss sich über das, was die Umgebung dort bereithält, Gedanken machen. Neben Temperaturen von -180 bis +120° C ist Strahlung eine der größten Herausforderungen bei einer derartigen Mission. So genannte Single Event Upsets (SEU) können in einer Speicherzelle Datenbits flippen. Mit diesen umgekippten Bits muss man dann zurechtkommen. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4505.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4505-strahlung_im_weltall-de.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4505-strahlung_im_weltall-de.mp4 2011-08-10T00:00:00+02:00 Karsten Becker No camp2011, Hacker Space Program Hell yeah, it's radiation science! Wer eine Mission zum Mond plant, muss sich über das, was die Umgebung dort bereithält, Gedanken machen. Neben Temperaturen von -180 bis +120° C ist Strahlung eine der größten Herausforderungen bei einer derartigen Mission. So genannte Single Event Upsets (SEU) können in einer Speicherzelle Datenbits flippen. Mit diesen umgekippten Bits muss man dann zurechtkommen. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4505.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4505-strahlung_im_weltall-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4552-openleaks-en.mp4 This talk will introduce the next phase of the OpenLeaks project. We will present a more detailed insight into the project and take you on a tour around the different OL subprojects. We will also announce the activities we are planning for this years camp. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4552.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4552-openleaks-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4552-openleaks-en.mp4 2011-08-10T00:00:00+02:00 OpenLeaks No camp2011, Society where leaking meets engineering This talk will introduce the next phase of the OpenLeaks project. We will present a more detailed insight into the project and take you on a tour around the different OL subprojects. We will also announce the activities we are planning for this years camp. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4552.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4552-openleaks-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4561-hacker_jeopardy-en.mp4 The Hacker Jeopardy is a quiz show. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4561.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4561-hacker_jeopardy-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4561-hacker_jeopardy-en.mp4 2011-08-13T00:00:00+02:00 Ray, Stefan 'Sec' Zehl No camp2011, Misc Number guessing for geeks The Hacker Jeopardy is a quiz show. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4561.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4561-hacker_jeopardy-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4589-a_brief_history_of_european_internet_surveillance_policy_and_what_maybe_next-en.mp4 about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4589.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4589-a_brief_history_of_european_internet_surveillance_policy_and_what_maybe_next-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4589-a_brief_history_of_european_internet_surveillance_policy_and_what_maybe_next-en.mp4 2011-08-13T00:00:00+02:00 Caspar Bowden No camp2011 about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4589.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4589-a_brief_history_of_european_internet_surveillance_policy_and_what_maybe_next-en.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3739_en_closing_event.mp4 about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3739.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3739_en_closing_event.html Mon, 24 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3739_en_closing_event.mp4 2010-05-24T00:00:00+02:00 Jens Ohlig No sigint10, Sonstiges about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3739.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3739_en_closing_event.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3743_de_praktische_anti_zensur.mp4 Der Beitrag 'praktische AntiZensur' wir ein Vortrag über das Umgehen von Internet-Zensur kombiniert mit einem live Workshop zum mitmachen. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3743.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3743_de_praktische_anti_zensur.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3743_de_praktische_anti_zensur.mp4 2010-05-22T00:00:00+02:00 scusi No sigint10, Netzbewohner Wie man Zensurmaßnahmen im Internet umgeht Der Beitrag 'praktische AntiZensur' wir ein Vortrag über das Umgehen von Internet-Zensur kombiniert mit einem live Workshop zum mitmachen. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3743.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3743_de_praktische_anti_zensur.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3785_de_every_virtual_breath.mp4 Das Löschen der browsereigenen Cookies wird von vielen als geeignete Maßnahme angesehen, um die eigene Web-Browsing Anonymität sicherzustellen. Das ist aber nur die halbe Wahrheit: Flash LSO's, DOM Storage, HTTP Etag's und die Webseiten-Historie können missbraucht werden um eine Wiedererkennung von Webseitenbesuchern zu ermöglichen. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3785.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3785_de_every_virtual_breath.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3785_de_every_virtual_breath.mp4 2010-05-22T00:00:00+02:00 Juergen Pabel No sigint10, Netzbewohner Digitale Brotkrümel im Web Das Löschen der browsereigenen Cookies wird von vielen als geeignete Maßnahme angesehen, um die eigene Web-Browsing Anonymität sicherzustellen. Das ist aber nur die halbe Wahrheit: Flash LSO's, DOM Storage, HTTP Etag's und die Webseiten-Historie können missbraucht werden um eine Wiedererkennung von Webseitenbesuchern zu ermöglichen. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3785.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3785_de_every_virtual_breath.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3795_de_elena_verfassungsbeschwerde.mp4 Bei ELENA, dem elektronischen Entgeltnachweis, werden ab ab dem 1. Januar 2012 Einkommensnachweise elektronisch erbracht. Gesammelt werden die Daten - eine fast unüberschaubare Vielzahl - seit dem 1.1.10. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3795.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3795_de_elena_verfassungsbeschwerde.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3795_de_elena_verfassungsbeschwerde.mp4 2010-05-22T00:00:00+02:00 Dominik Boecker No sigint10, Aktivisten Bei ELENA, dem elektronischen Entgeltnachweis, werden ab ab dem 1. Januar 2012 Einkommensnachweise elektronisch erbracht. Gesammelt werden die Daten - eine fast unüberschaubare Vielzahl - seit dem 1.1.10. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3795.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3795_de_elena_verfassungsbeschwerde.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3808_de_eine_zensur_findet_statt.mp4 Der Vortrag stellt die Zensurmaßnahmen in ausgewählten Ländern der Welt vor. Ihr erfahrt, wo welche Inhalte zensiert werden und wie die Technik hierzu aussieht. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3808.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3808_de_eine_zensur_findet_statt.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3808_de_eine_zensur_findet_statt.mp4 2010-05-22T00:00:00+02:00 Jens Kubieziel No sigint10, Netzbewohner Eine Rundreise durch die Welt der Zensur Der Vortrag stellt die Zensurmaßnahmen in ausgewählten Ländern der Welt vor. Ihr erfahrt, wo welche Inhalte zensiert werden und wie die Technik hierzu aussieht. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3808.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3808_de_eine_zensur_findet_statt.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3828_en_living_in_a_police_state.mp4 When people discuss government measures taken to combat the “war on terror” in the wake of 9/11, they often use terms such as totalitarian regimes, police state, and surveillance society. But what exactly are we dealing with? about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3828.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3828_en_living_in_a_police_state.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3828_en_living_in_a_police_state.mp4 2010-05-23T00:00:00+02:00 Annie Machon No sigint10, Aktivisten Living in a police state When people discuss government measures taken to combat the “war on terror” in the wake of 9/11, they often use terms such as totalitarian regimes, police state, and surveillance society. But what exactly are we dealing with? about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3828.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3828_en_living_in_a_police_state.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3829_de_kirche_im_staat_lassen.mp4 Die (evangelische) Kirche hat ein eigenes Datenschutzrecht, das sich im Zustandekommen und vom Inhalt her vom Bundesdatenschutzgesetz unterscheidet. Dieses Referat gibt einen Überblick über den kirchlichen Datenschutz und gibt Kirchenfernen und -mitgliedern Tipps, worauf sie achten sollten. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3829.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3829_de_kirche_im_staat_lassen.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3829_de_kirche_im_staat_lassen.mp4 2010-05-23T00:00:00+02:00 Jochim Selzer No sigint10, Aktivisten Kirchlicher Datenschutz in Theorie und Praxis Die (evangelische) Kirche hat ein eigenes Datenschutzrecht, das sich im Zustandekommen und vom Inhalt her vom Bundesdatenschutzgesetz unterscheidet. Dieses Referat gibt einen Überblick über den kirchlichen Datenschutz und gibt Kirchenfernen und -mitgliedern Tipps, worauf sie achten sollten. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3829.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3829_de_kirche_im_staat_lassen.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3833_de_indect_fiff.mp4 INDECT ist ein EU Forschungsprojekt, mit dem Ziel, neue Überwachungstechnologien für effizientere Polizeiarbeit zu entwickeln. Semantische Suchmaschinen, Watermarking, automatische Erkennung abnormen Verhaltens, Abgleich von virtuellen und in Real World gewonnenen Daten sind nur einige der Inhalte. Die Ziele und Projektbeteiligten werden vorgestellt, kritisch analysiert und in den Kontext europäischer Sicherheitspolitik gestellt. Handlungsoptionen und ein Ausblick in die weitere Entwicklung sollen im Anschluss diskutiert werden. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3833.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3833_de_indect_fiff.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3833_de_indect_fiff.mp4 2010-05-23T00:00:00+02:00 KaiN, Sylvia Johngik No sigint10, Aktivisten EU surveillance project INDECT ist ein EU Forschungsprojekt, mit dem Ziel, neue Überwachungstechnologien für effizientere Polizeiarbeit zu entwickeln. Semantische Suchmaschinen, Watermarking, automatische Erkennung abnormen Verhaltens, Abgleich von virtuellen und in Real World gewonnenen Daten sind nur einige der Inhalte. Die Ziele und Projektbeteiligten werden vorgestellt, kritisch analysiert und in den Kontext europäischer Sicherheitspolitik gestellt. Handlungsoptionen und ein Ausblick in die weitere Entwicklung sollen im Anschluss diskutiert werden. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3833.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3833_de_indect_fiff.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3837_en_buying_privacy_in_digitized_cities.mp4 As new sensing technologies appear in our cities almost overnight, what does it mean to be visible or invisible? What happens when socioeconomic categories determine when, where, and how you're seen? The asymmetry in who is visible, and where, is a long-standing urban problem, but it is now being built into our technologies and our cities. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3837.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3837_en_buying_privacy_in_digitized_cities.html Mon, 24 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3837_en_buying_privacy_in_digitized_cities.mp4 2010-05-24T00:00:00+02:00 Eleanor Saitta No sigint10, Aktivisten As new sensing technologies appear in our cities almost overnight, what does it mean to be visible or invisible? What happens when socioeconomic categories determine when, where, and how you're seen? The asymmetry in who is visible, and where, is a long-standing urban problem, but it is now being built into our technologies and our cities. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3837.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3837_en_buying_privacy_in_digitized_cities.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3841_de_misstraue_autoritaeten.mp4 Wie können Macht und Raum zusammen gedacht werden? Die Philosophie hat (neben den Sozial- und Kulturwissenschaften) vor einigen Jahren den Raum für sich entdeckt und Werkzeuge entwickelt, um das Verhältnis von Macht und Raum zu untersuchen. Gleichwohl gibt es noch immer keine ausgereiften Theorien, Macht in virtuellen Räumen zu beschreiben. Eine gängige Kritik lautet, man nehme eher topographische denn topologische Untersuchungen vor, hänge also an einer kontingenten Materialität von Raum und könne damit nicht die allgemeinen Eigenschaften von Räumen in den Blick bekommen. Hierfür wird stattdessen ein unter dem Stichwort „Topologie“ firmierendes Werkzeug favorisiert, das jedoch noch in den Kinderschuhen steckt und seine Tauglichkeit für die virtuelle Welt erst noch erweisen muss. Ich stelle vor, wie Autorität und Dezentralisierung in den zeitgenössischen Debatten der Philosophie gedacht wird und untersuche, inwieweit sich die Topologie auf netzpolitische Themen wie Zensur oder Netzneutralität anwenden lässt. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3841.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3841_de_misstraue_autoritaeten.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3841_de_misstraue_autoritaeten.mp4 2010-05-22T00:00:00+02:00 Kai Denker No sigint10, Netzbewohner Macht und Raum in virtuellen Welten Wie können Macht und Raum zusammen gedacht werden? Die Philosophie hat (neben den Sozial- und Kulturwissenschaften) vor einigen Jahren den Raum für sich entdeckt und Werkzeuge entwickelt, um das Verhältnis von Macht und Raum zu untersuchen. Gleichwohl gibt es noch immer keine ausgereiften Theorien, Macht in virtuellen Räumen zu beschreiben. Eine gängige Kritik lautet, man nehme eher topographische denn topologische Untersuchungen vor, hänge also an einer kontingenten Materialität von Raum und könne damit nicht die allgemeinen Eigenschaften von Räumen in den Blick bekommen. Hierfür wird stattdessen ein unter dem Stichwort „Topologie“ firmierendes Werkzeug favorisiert, das jedoch noch in den Kinderschuhen steckt und seine Tauglichkeit für die virtuelle Welt erst noch erweisen muss. Ich stelle vor, wie Autorität und Dezentralisierung in den zeitgenössischen Debatten der Philosophie gedacht wird und untersuche, inwieweit sich die Topologie auf netzpolitische Themen wie Zensur oder Netzneutralität anwenden lässt. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3841.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3841_de_misstraue_autoritaeten.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3843_de_schoene_neue_kreative_welt.mp4 Die Debatte um das Urheberrecht in der Digitalen Welt reißt nicht ab. Die Akteure in der Debatte sind wohl bekannt; die Positionen verhärtet. Die Netzgemeinde und die Lobbyverbände der Medienindustrien sind fest im Thema und der politische Diskurs intensiviert sich, befeuert von der Debatte um Leistungsschutzrechte für Presseverleger. Wir wollen zur Versachlichung des Diskurses beitragen und dafür zunächst den aktuellen Stand der Debatte wiedergeben um anschließend mit euch zu diskutieren. Neben urheberrechtlichen Grundlagen zählen dabei auch #ACTA und #VDS zu den zu berücksichtigenden Entwicklungen. Anschließend wollen wir mit euch eine Diskussion zur technischen Machbarkeit eines datenschutzfreundlichen, manipulationsresistenten statistischen Messsystems für P2P-Pauschalenausschüttung führen about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3843.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3843_de_schoene_neue_kreative_welt.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3843_de_schoene_neue_kreative_welt.mp4 2010-05-22T00:00:00+02:00 Malte Spitz, Simon Edwin Dittrich No sigint10, Netzbewohner Massig Content und kein Geld – Anmerkungen zur Debatte um die Kulturflatrate Die Debatte um das Urheberrecht in der Digitalen Welt reißt nicht ab. Die Akteure in der Debatte sind wohl bekannt; die Positionen verhärtet. Die Netzgemeinde und die Lobbyverbände der Medienindustrien sind fest im Thema und der politische Diskurs intensiviert sich, befeuert von der Debatte um Leistungsschutzrechte für Presseverleger. Wir wollen zur Versachlichung des Diskurses beitragen und dafür zunächst den aktuellen Stand der Debatte wiedergeben um anschließend mit euch zu diskutieren. Neben urheberrechtlichen Grundlagen zählen dabei auch #ACTA und #VDS zu den zu berücksichtigenden Entwicklungen. Anschließend wollen wir mit euch eine Diskussion zur technischen Machbarkeit eines datenschutzfreundlichen, manipulationsresistenten statistischen Messsystems für P2P-Pauschalenausschüttung führen about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3843.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3843_de_schoene_neue_kreative_welt.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3844_de_identitaets_kriege.mp4 Menschliche Gesellschaften benötigen verlässliche Identitätszuordnungen. Das Internet unterläuft diese Verlässlichkeiten. Nicht nur werden die politischen und kulturellen Bindungen von Individuen instabil; Voraussetzungen wie selbst die Personen- oder Gruppenhaftigkeit sozialer Handlungsträger geraten durcheinander. Das stellt nicht nur konkrete politische Machtverteilungssysteme in Frage wie etwa die "Demokratie" (abhängig von Begriffen wie "Bürger"), sondern die Grundbegriffe von Politik an sich. Eine "Informationsgesellschaft" als Gesellschaft der Informationen hört auf, "Gesellschaft" im traditionellen Sinne zu sein. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3844.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3844_de_identitaets_kriege.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3844_de_identitaets_kriege.mp4 2010-05-22T00:00:00+02:00 Christian Heller / plomlompom No sigint10, Netzbewohner Wie das Netz die Identitäts-Zuordnungen zersetzt, von denen menschliches Gesellschaften abhängt. Menschliche Gesellschaften benötigen verlässliche Identitätszuordnungen. Das Internet unterläuft diese Verlässlichkeiten. Nicht nur werden die politischen und kulturellen Bindungen von Individuen instabil; Voraussetzungen wie selbst die Personen- oder Gruppenhaftigkeit sozialer Handlungsträger geraten durcheinander. Das stellt nicht nur konkrete politische Machtverteilungssysteme in Frage wie etwa die "Demokratie" (abhängig von Begriffen wie "Bürger"), sondern die Grundbegriffe von Politik an sich. Eine "Informationsgesellschaft" als Gesellschaft der Informationen hört auf, "Gesellschaft" im traditionellen Sinne zu sein. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3844.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3844_de_identitaets_kriege.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3847_en_attack_vectors_against_mobile_devices.mp4 What endangers mobile devices today? What can be done to mitigate threats? Why are mobile devices especially vulerable? about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3847.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3847_en_attack_vectors_against_mobile_devices.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3847_en_attack_vectors_against_mobile_devices.mp4 2010-05-22T00:00:00+02:00 tamhanna No sigint10, Hacker What endangers mobile devices today? What can be done to mitigate threats? Why are mobile devices especially vulerable? about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3847.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3847_en_attack_vectors_against_mobile_devices.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3856_de_hoist_the_colours_geschichte_der_piraten.mp4 Piraten sind nicht nur torrent-affine Medienkonsumenten mit steigendem politischen Engagement. Unter Pirat versteht man auch die Bezeichnung für einen maritim agierenden Vertreter der Verbrecherzunft. Wo früher in der Ostsee gegen die Hanse und in der Karibik gegen die West India Trading Company gekämpft wurde, überfallen die in den herkömmlichen Massenmedien heutzutage am meisten rezipierten Piraten Handelsschiffe am Horn von Afrika. Die Legenden und Euphemismen, die diesem Berufszweig angerechnet werden, gibt es solange wie man/frau Luv und Lee unterscheiden kann. Aber so falsch liegen die RomantikerInnen gar nicht, wenn sie von Freiheit, Gleichheit und Geschwisterlichkeit auf hoher See reden. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3856.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3856_de_hoist_the_colours_geschichte_der_piraten.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3856_de_hoist_the_colours_geschichte_der_piraten.mp4 2010-05-23T00:00:00+02:00 gratzer No sigint10, Netzbewohner Die Geschichte der Piraten Piraten sind nicht nur torrent-affine Medienkonsumenten mit steigendem politischen Engagement. Unter Pirat versteht man auch die Bezeichnung für einen maritim agierenden Vertreter der Verbrecherzunft. Wo früher in der Ostsee gegen die Hanse und in der Karibik gegen die West India Trading Company gekämpft wurde, überfallen die in den herkömmlichen Massenmedien heutzutage am meisten rezipierten Piraten Handelsschiffe am Horn von Afrika. Die Legenden und Euphemismen, die diesem Berufszweig angerechnet werden, gibt es solange wie man/frau Luv und Lee unterscheiden kann. Aber so falsch liegen die RomantikerInnen gar nicht, wenn sie von Freiheit, Gleichheit und Geschwisterlichkeit auf hoher See reden. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3856.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3856_de_hoist_the_colours_geschichte_der_piraten.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3878_de_datenbrief.mp4 Um etwas mehr Transparenz in den Datendschungel zu bringen, möchte der Chaos Computer Club einen "Datenbrief" einführen, eine Art Kontoauszug für persönliche Daten. Einmal jährlich sollen Firmen ihre Kunden und Behörden die Bürger über die gespeicherten Daten informieren. Und auch darüber, ob Daten weitergegeben worden sind und warum. Ein positiver Nebeneffekt wäre, dass die langfristige Speicherung von Daten damit zur Belastung wird und die Firmen vielleicht darüber nachdenken, ob man sie nicht einfach löschen kann. Dafür bringt der Datenbrief einige Bürokratie mit sich. Der betroffene Bürger würde endlich einen Überblick bekommen, wer was über ihn weiß. Dafür müssten sich die Firmen und Behörden ein gutes Stück weit in die Karten schauen lassen - schließlich soll der Datenbrief auch "berechnete" Daten wie Scoring-Werte enthalten. Der Vortrag gibt einen Überblick über das Konzept "Datenbrief", mögliche Probleme bei der praktischen Umsetzung und über die Gegenargumente aus Politik und Wirtschaft. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3878.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3878_de_datenbrief.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3878_de_datenbrief.mp4 2010-05-23T00:00:00+02:00 Frank Rosengart No sigint10, Aktivisten Um etwas mehr Transparenz in den Datendschungel zu bringen, möchte der Chaos Computer Club einen "Datenbrief" einführen, eine Art Kontoauszug für persönliche Daten. Einmal jährlich sollen Firmen ihre Kunden und Behörden die Bürger über die gespeicherten Daten informieren. Und auch darüber, ob Daten weitergegeben worden sind und warum. Ein positiver Nebeneffekt wäre, dass die langfristige Speicherung von Daten damit zur Belastung wird und die Firmen vielleicht darüber nachdenken, ob man sie nicht einfach löschen kann. Dafür bringt der Datenbrief einige Bürokratie mit sich. Der betroffene Bürger würde endlich einen Überblick bekommen, wer was über ihn weiß. Dafür müssten sich die Firmen und Behörden ein gutes Stück weit in die Karten schauen lassen - schließlich soll der Datenbrief auch "berechnete" Daten wie Scoring-Werte enthalten. Der Vortrag gibt einen Überblick über das Konzept "Datenbrief", mögliche Probleme bei der praktischen Umsetzung und über die Gegenargumente aus Politik und Wirtschaft. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3878.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3878_de_datenbrief.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3887_de_urheberrecht.mp4 Das Urheberrecht ist im Wandel begriffen; durch die "digitale Revolution" sind bisher gültige Paradigmen aufgebrochen worden und werden durch die mit dem www entstandene neue Kommunikationskultur zunehmend kritisch hinterfragt. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3887.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3887_de_urheberrecht.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3887_de_urheberrecht.mp4 2010-05-23T00:00:00+02:00 Felix Neumann, ghandy, Jens Seipenbusch, Joachim Losehand, Lukas Schneider, Patrick Wolf, Stefan Herwig No sigint10, Aktivisten ein lösungsorientiertes Panel von Joachim Losehand & Lars Sobiraj Das Urheberrecht ist im Wandel begriffen; durch die "digitale Revolution" sind bisher gültige Paradigmen aufgebrochen worden und werden durch die mit dem www entstandene neue Kommunikationskultur zunehmend kritisch hinterfragt. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3887.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3887_de_urheberrecht.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3899_en_keynote_day_3.mp4 about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3899.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3899_en_keynote_day_3.html Mon, 24 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3899_en_keynote_day_3.mp4 2010-05-24T00:00:00+02:00 Andreas Bogk No sigint10 about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3899.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3899_en_keynote_day_3.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3909_de_computer_spiele_politik.mp4 Podiumsdiskussion mit Bastian Dietz, Krystian Majewski und Ibrahim Mazari. Moderation: Max v. Malotki. Beim Thema Computerspiele scheiden sich die Geister. Während einige beim Gedanken an spielesüchtige arbeitslose männliche Soziopathen den Untergang des Abendlands proklamieren, sehen andere Computerspiele als das Normalste auf der Welt an, als Wirtschaftsfaktor und soziale Instanz, und sprechen jedem Spieler ein Höchstmaß an Mündigkeit zu. Beim Streit um das Kulturgut Computerspiel geht es aber um mehr, als nur um das Spiel oder den Spieler. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3909.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3909_de_computer_spiele_politik.html Mon, 24 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3909_de_computer_spiele_politik.mp4 2010-05-24T00:00:00+02:00 Bastian Dietz, Ibrahim Mazari, Krystian Majewski, Max von Malotki No sigint10, Netzbewohner Die Computerspieldebatte und wie man darin überlebt (Panel) Podiumsdiskussion mit Bastian Dietz, Krystian Majewski und Ibrahim Mazari. Moderation: Max v. Malotki. Beim Thema Computerspiele scheiden sich die Geister. Während einige beim Gedanken an spielesüchtige arbeitslose männliche Soziopathen den Untergang des Abendlands proklamieren, sehen andere Computerspiele als das Normalste auf der Welt an, als Wirtschaftsfaktor und soziale Instanz, und sprechen jedem Spieler ein Höchstmaß an Mündigkeit zu. Beim Streit um das Kulturgut Computerspiel geht es aber um mehr, als nur um das Spiel oder den Spieler. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3909.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3909_de_computer_spiele_politik.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3911_en_cognitive_cities.mp4 A talk about sustainable buildings, mobility systems as well as further new technologies to broaden opportunities and equity on cultural creativity. Some of its topics include locative media, real time & layered cities as well as its current state of smart cities. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3911.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3911_en_cognitive_cities.html Mon, 24 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3911_en_cognitive_cities.mp4 2010-05-24T00:00:00+02:00 Axel Quack, Igor Schwarzmann No sigint10, Netzbewohner A talk about sustainable buildings, mobility systems as well as further new technologies to broaden opportunities and equity on cultural creativity. Some of its topics include locative media, real time & layered cities as well as its current state of smart cities. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3911.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3911_en_cognitive_cities.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3914_de_der_bug.mp4 Lesung aus dem Roman "Der Bug" about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3914.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3914_de_der_bug.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3914_de_der_bug.mp4 2010-05-23T00:00:00+02:00 Constantin Gillies No sigint10, Sonstiges Lesung mit Constantin Gillies Lesung aus dem Roman "Der Bug" about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3914.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3914_de_der_bug.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4429-life_foods-en.mp4 The regular consumption of life foods was very important for healthy life style thousands years ago and the same applies for today. The use of today's scientific knowledge in combination with current technology will allow us to optimise these techniques. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4429.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4429-life_foods-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4429-life_foods-en.mp4 2011-08-11T00:00:00+02:00 No camp2011, Hacker Space Program Benefits of use of microbial fermentations in food and beverage preparations. The regular consumption of life foods was very important for healthy life style thousands years ago and the same applies for today. The use of today's scientific knowledge in combination with current technology will allow us to optimise these techniques. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4429.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4429-life_foods-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4435-windkraftanlagen-de.mp4 Windenergie ist momentan noch interessanter geworden, aber kaum jemand weiß über die eingesetzte Technik Bescheid. Daher soll sowohl der Aufbau als auch der Betrieb erklärt werden. Zusätzlich wird auf potentielle Probleme eingegangen. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4435.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4435-windkraftanlagen-de.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4435-windkraftanlagen-de.mp4 2011-08-12T00:00:00+02:00 luky No camp2011, Science Aufbau, Betrieb, Probleme Windenergie ist momentan noch interessanter geworden, aber kaum jemand weiß über die eingesetzte Technik Bescheid. Daher soll sowohl der Aufbau als auch der Betrieb erklärt werden. Zusätzlich wird auf potentielle Probleme eingegangen. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4435.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4435-windkraftanlagen-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4453-stuff_you_dont_see_every_day-en.mp4 Software Defined Radio defines a new approach to analyze signals with software. With the flexibility of software SDR literally opened a new spectrum of hacking. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4453.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4453-stuff_you_dont_see_every_day-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4453-stuff_you_dont_see_every_day-en.mp4 2011-08-10T00:00:00+02:00 Marius Ciepluch No camp2011, Science GNU Radio Internals - how to use the Framework Software Defined Radio defines a new approach to analyze signals with software. With the flexibility of software SDR literally opened a new spectrum of hacking. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4453.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4453-stuff_you_dont_see_every_day-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4466-rocket_telemetry-en.mp4 Retrieval of information is essential for every experiment, especially involving rockets. The use of electromagnetic waves is the natural choice for communication with a rocket and sometimes the only means to retrieve flight hardware afterwards. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4466.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4466-rocket_telemetry-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4466-rocket_telemetry-en.mp4 2011-08-13T00:00:00+02:00 No camp2011, Hacker Space Program Real-time communication during rocket flight Retrieval of information is essential for every experiment, especially involving rockets. The use of electromagnetic waves is the natural choice for communication with a rocket and sometimes the only means to retrieve flight hardware afterwards. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4466.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4466-rocket_telemetry-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4472-hacking_dna-en.mp4 Genetic modification is getting cheaper and biohackers are making it more accessible. This talk outlines the state of DIYbio and institutional synthetic biology; current challenges in biological programming and why you should be hacking biology. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4472.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4472-hacking_dna-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4472-hacking_dna-en.mp4 2011-08-11T00:00:00+02:00 Marc Juul No camp2011, Science Compiling code for living systems Genetic modification is getting cheaper and biohackers are making it more accessible. This talk outlines the state of DIYbio and institutional synthetic biology; current challenges in biological programming and why you should be hacking biology. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4472.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4472-hacking_dna-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4478-die_psychologischen_grundlagen_des_social_engineerings-de.mp4 Dieser Vortrag zeigt, wie Social-Engineering funktioniert und erklärt die zugrundeliegenden Tricks und Kniffe anhand sozialpsychologischer Studien und Experimente. Außerdem werden Beispiele, Warnsignale und Gegenmaßnahmen vorgestellt. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4478.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4478-die_psychologischen_grundlagen_des_social_engineerings-de.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4478-die_psychologischen_grundlagen_des_social_engineerings-de.mp4 2011-08-11T00:00:00+02:00 Stefan Schumacher No camp2011, Science Dieser Vortrag zeigt, wie Social-Engineering funktioniert und erklärt die zugrundeliegenden Tricks und Kniffe anhand sozialpsychologischer Studien und Experimente. Außerdem werden Beispiele, Warnsignale und Gegenmaßnahmen vorgestellt. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4478.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4478-die_psychologischen_grundlagen_des_social_engineerings-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4486-building_and_giving_away-en.mp4 What motivates people to create and freely distribute their works? This presentation will draw on personal experience, research literature, and existing communities of those who build and give away. Open source software, hardware, community building. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4486.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4486-building_and_giving_away-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4486-building_and_giving_away-en.mp4 2011-08-10T00:00:00+02:00 Greg Newby No camp2011, Culture What motivates people to create and freely distribute their works? This presentation will draw on personal experience, research literature, and existing communities of those who build and give away. Open source software, hardware, community building. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4486.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4486-building_and_giving_away-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4497-a_short_history_of_ipv4-en.mp4 A few short weeks ago, APNIC's supply of IPv4 address space reached depletion. ARIN and the RIPE NCC will follow soon, most likely somewhere this year. In this talk I will discuss the history of the internet as seen from the point of view of the RIRs. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4497.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4497-a_short_history_of_ipv4-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4497-a_short_history_of_ipv4-en.mp4 2011-08-13T00:00:00+02:00 Djinh No camp2011, Hacking A few short weeks ago, APNIC's supply of IPv4 address space reached depletion. ARIN and the RIPE NCC will follow soon, most likely somewhere this year. In this talk I will discuss the history of the internet as seen from the point of view of the RIRs. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4497.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4497-a_short_history_of_ipv4-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4500-reviving_smart_card_analysis-en.mp4 Smart cards chips – originally invented as a protection for cryptographic keys – are increasingly used to keep protocols secret. This talk challenges the chips' security measures to unlock the protocols for public analysis. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4500.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4500-reviving_smart_card_analysis-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4500-reviving_smart_card_analysis-en.mp4 2011-08-12T00:00:00+02:00 Karsten Nohl No camp2011, Hacking Smart cards chips – originally invented as a protection for cryptographic keys – are increasingly used to keep protocols secret. This talk challenges the chips' security measures to unlock the protocols for public analysis. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4500.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4500-reviving_smart_card_analysis-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4504-gprs_intercept-en.mp4 GPRS data networks provide the backbone for our mobile society. Just like their siblings, GSM networks, the GPRS infrastructure is often lacking an appropriate level of protection. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4504.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4504-gprs_intercept-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4504-gprs_intercept-en.mp4 2011-08-10T00:00:00+02:00 Karsten Nohl, Luca Melette No camp2011, Hacking Wardriving phone networks GPRS data networks provide the backbone for our mobile society. Just like their siblings, GSM networks, the GPRS infrastructure is often lacking an appropriate level of protection. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4504.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4504-gprs_intercept-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4438-mehrseitig_sichere_web_20_umfragen-de.mp4 In diesem Vortrag wird eine Web-2.0-Applikation vorgestellt, mit der Umfragen durchgeführt werden können. Im Gegensatz zu anderen Anwendungen muss bei dieser dem Serveradministrator nicht vertraut werden. Die notwendigen kryptographischen Protokolle, welche für die Vertrauensreduktion nötig sind, werden mit JavaScript durchgeführt, was keinerlei clientseitige Installation nötig macht (zero-footprint). about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4438.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4438-mehrseitig_sichere_web_20_umfragen-de.html Sun, 14 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4438-mehrseitig_sichere_web_20_umfragen-de.mp4 2011-08-14T00:00:00+02:00 Benjamin Kellermann No camp2011, Science Mehrseitig sichere Web 2.0-Umfragen In diesem Vortrag wird eine Web-2.0-Applikation vorgestellt, mit der Umfragen durchgeführt werden können. Im Gegensatz zu anderen Anwendungen muss bei dieser dem Serveradministrator nicht vertraut werden. Die notwendigen kryptographischen Protokolle, welche für die Vertrauensreduktion nötig sind, werden mit JavaScript durchgeführt, was keinerlei clientseitige Installation nötig macht (zero-footprint). about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4438.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4438-mehrseitig_sichere_web_20_umfragen-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4443-theres_gold_in_them_circuit_boards-en.mp4 Everything we do as technologists depends on the critical minerals from which our devices are made. Recycling junk electronics is no longer just the right thing to do, it's the smart thing to do. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4443.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4443-theres_gold_in_them_circuit_boards-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4443-theres_gold_in_them_circuit_boards-en.mp4 2011-08-13T00:00:00+02:00 Steph Alarcon No camp2011, Society Why E-Waste Recycling Is Smart and How To Make It Smarter Everything we do as technologists depends on the critical minerals from which our devices are made. Recycling junk electronics is no longer just the right thing to do, it's the smart thing to do. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4443.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4443-theres_gold_in_them_circuit_boards-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4445-data_mining_your_city-en.mp4 Philadelphia (USA) recently launched an initiative to open up tons of city records and municipal data. This talk will review some of the things people are using it for, and show how open city data is useful to many kinds of people. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4445.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4445-data_mining_your_city-en.html Sun, 14 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4445-data_mining_your_city-en.mp4 2011-08-14T00:00:00+02:00 Steph Alarcon No camp2011, Society Early lessons in open city data from Philadelphia, PA, USA Philadelphia (USA) recently launched an initiative to open up tons of city records and municipal data. This talk will review some of the things people are using it for, and show how open city data is useful to many kinds of people. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4445.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4445-data_mining_your_city-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4455-the-arguna-rocket-family-en.mp4 The "Arguna" rocket family consist of four one-stage sounding rockets that can reach altitudes up to 10km. We will present the designs of these rockets and discuss the performed flights and results from avionics experiments. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4455.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4455-the-arguna-rocket-family-en.html Sun, 14 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4455-the-arguna-rocket-family-en.mp4 2011-08-14T00:00:00+02:00 No camp2011, Hacker Space Program An overview of our recent sounding rocket campaigns The "Arguna" rocket family consist of four one-stage sounding rockets that can reach altitudes up to 10km. We will present the designs of these rockets and discuss the performed flights and results from avionics experiments. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4455.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4455-the-arguna-rocket-family-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4491-rethinking_online_news-en.mp4 Journalism needs hackers to survive. We present our project to revolutionize online news and encourage you to start your own. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4491.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4491-rethinking_online_news-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4491-rethinking_online_news-en.mp4 2011-08-13T00:00:00+02:00 Christopher Clay / c3o, fin No camp2011, Society Journalism needs hackers to survive Journalism needs hackers to survive. We present our project to revolutionize online news and encourage you to start your own. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4491.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4491-rethinking_online_news-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4494-laptop_and_electronics_searches_at_the_us_border-en.mp4 The Electronic Frontier Foundation will discuss the legal situation that international travelers face when entering or leaving the United States, as well as various ways that travelers can safeguard electronic devices and digital information at the border. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4494.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4494-laptop_and_electronics_searches_at_the_us_border-en.html Sun, 14 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4494-laptop_and_electronics_searches_at_the_us_border-en.mp4 2011-08-14T00:00:00+02:00 Seth Schoen No camp2011, Society A Privacy Guide for Travelers The Electronic Frontier Foundation will discuss the legal situation that international travelers face when entering or leaving the United States, as well as various ways that travelers can safeguard electronic devices and digital information at the border. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4494.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4494-laptop_and_electronics_searches_at_the_us_border-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4495-introduction_to_multicast_security-en.mp4 For scaling real time applications multicast transport is the enabling technology. This event will present solutions for multicast security, that can be used for group conferencing and scaling data distribution services as transport layer security. Keywords: SRTP, AES-CM, Keystream, Multimedia Internet KEYing about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4495.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4495-introduction_to_multicast_security-en.html Sun, 14 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4495-introduction_to_multicast_security-en.mp4 2011-08-14T00:00:00+02:00 frehberg No camp2011, Science Beyond SSL/TLS For scaling real time applications multicast transport is the enabling technology. This event will present solutions for multicast security, that can be used for group conferencing and scaling data distribution services as transport layer security. Keywords: SRTP, AES-CM, Keystream, Multimedia Internet KEYing about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4495.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4495-introduction_to_multicast_security-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4549-sport_fuer_nerds-en.mp4 Viele von uns sitzen länger vorm Rechner als es ihnen gut tut, irgendwann geht dann die Suche nach einer geeigneten Sportart los … about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4549.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4549-sport_fuer_nerds-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4549-sport_fuer_nerds-en.mp4 2011-08-12T00:00:00+02:00 Michael Schwab No camp2011, Community discover your body Viele von uns sitzen länger vorm Rechner als es ihnen gut tut, irgendwann geht dann die Suche nach einer geeigneten Sportart los … about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4549.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4549-sport_fuer_nerds-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4554-closing_event-en.mp4 about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4554.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4554-closing_event-en.html Sun, 14 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4554-closing_event-en.mp4 2011-08-14T00:00:00+02:00 No camp2011, Misc Good Bye and have a safe trip home! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4554.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4554-closing_event-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4575-mursat-en.mp4 In 2011, mur.at will have a nano satellite launched into a low earth orbit (310 km above the surface of our planet). The satellite itself is the evolved descendant of a TubeSat personal satellite kit from Interorbital Systems. mur.sat is a joint venture of mur.at, ESC im Labor and realraum. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4575.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4575-mursat-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4575-mursat-en.mp4 2011-08-13T00:00:00+02:00 Bernhard Tittelbach, equinox No camp2011, Hacker Space Program A (Hacker) Space Art Project In 2011, mur.at will have a nano satellite launched into a low earth orbit (310 km above the surface of our planet). The satellite itself is the evolved descendant of a TubeSat personal satellite kit from Interorbital Systems. mur.sat is a joint venture of mur.at, ESC im Labor and realraum. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4575.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4575-mursat-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4389-decentralized_clustering-en.mp4 In January 2011 the fear of all internauts became bitter truth. A whole country was kill-switched by the government. The flow of data was interrupted, communication laid waste. Not only the Internets was taken down, other means of communication were interrupted too. Cell Phone providers took down their services. So, there was no Internets in Egypt. Internauts had no chance to communicate what is happening, mothers and fathers could not send emails to theire relatives. No data was flowing. As the phone lines were working, this was the solutions: Modems. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4389.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4389-decentralized_clustering-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4389-decentralized_clustering-en.mp4 2011-08-12T00:00:00+02:00 Herr Urbach No camp2011, Society Making the net - even if your local dicators hate it! In January 2011 the fear of all internauts became bitter truth. A whole country was kill-switched by the government. The flow of data was interrupted, communication laid waste. Not only the Internets was taken down, other means of communication were interrupted too. Cell Phone providers took down their services. So, there was no Internets in Egypt. Internauts had no chance to communicate what is happening, mothers and fathers could not send emails to theire relatives. No data was flowing. As the phone lines were working, this was the solutions: Modems. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4389.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4389-decentralized_clustering-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4395-counselling_mischief_as_thought_crime-en.mp4 This presentation will show how the RCMP, CSIS, CSEC and other groups worked to "secure" the 2010 Olympics, G8 and G20 by criminalising dissent, and the use of "Open Source Surveillance" to attempt to crack down on all opposition to these mega-events. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4395.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4395-counselling_mischief_as_thought_crime-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4395-counselling_mischief_as_thought_crime-en.mp4 2011-08-12T00:00:00+02:00 Joe No camp2011, Society Social Networks, Free Speech and the Criminalization of Dissent in Canada This presentation will show how the RCMP, CSIS, CSEC and other groups worked to "secure" the 2010 Olympics, G8 and G20 by criminalising dissent, and the use of "Open Source Surveillance" to attempt to crack down on all opposition to these mega-events. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4395.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4395-counselling_mischief_as_thought_crime-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4424-poker_bots-en.mp4 For a few years I was part of a team that developed and ran autonomous poker playing robots on commercial Internet poker sites; playing poker with real money against real people in real time. The project failed... about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4424.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4424-poker_bots-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4424-poker_bots-en.mp4 2011-08-13T00:00:00+02:00 Torbjörn Lofterud No camp2011, Science Developing and running autonomous pokerbots at online casinos For a few years I was part of a team that developed and ran autonomous poker playing robots on commercial Internet poker sites; playing poker with real money against real people in real time. The project failed... about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4424.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4424-poker_bots-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4426-certified_programming_with_dependent_types-en.mp4 Dependent types expand the concept of types in programming languages by arbitrary predicates depending on the value of the type. This lecture will introduce the concept and show how it can be used to develop formally verified code. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4426.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4426-certified_programming_with_dependent_types-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4426-certified_programming_with_dependent_types-en.mp4 2011-08-12T00:00:00+02:00 Andreas Bogk No camp2011, Science Because the future of defense is liberal application of math Dependent types expand the concept of types in programming languages by arbitrary predicates depending on the value of the type. This lecture will introduce the concept and show how it can be used to develop formally verified code. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4426.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4426-certified_programming_with_dependent_types-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4442-introduction-to-satellite_communications-en.mp4 In this lecture, I'll cover some satellite communication basics like pros and cons of different orbits, the characteristics of a satellite communications link and the difficulties regarding noise and attenuation when handling high frequency satellite communication systems. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4442.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4442-introduction-to-satellite_communications-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4442-introduction-to-satellite_communications-en.mp4 2011-08-10T00:00:00+02:00 Irmi Meister No camp2011, Hacker Space Program the joy and challange of operating satellite communication systems; illustrated with postage stamps In this lecture, I'll cover some satellite communication basics like pros and cons of different orbits, the characteristics of a satellite communications link and the difficulties regarding noise and attenuation when handling high frequency satellite communication systems. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4442.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4442-introduction-to-satellite_communications-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4451-a_modern_manifest_of_cyberspace-en.mp4 The internet is increasingly falling under the control and restrictions of governments and multinational corporations. Internet connections are filtered and censored, not only in China but blatantly so in 'western' countries such as Australia and Canada. The content industry is clamping down on infringement on intellectual property and calls for ever more far-fetching and over-reaching laws to be put into effect. Meanwhile, telco's are making deals with content providers to decide how gets premium access and who gets degraded access to their networks. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4451.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4451-a_modern_manifest_of_cyberspace-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4451-a_modern_manifest_of_cyberspace-en.mp4 2011-08-12T00:00:00+02:00 gmc No camp2011, Hacker Space Program The internet is dead, long live the internet The internet is increasingly falling under the control and restrictions of governments and multinational corporations. Internet connections are filtered and censored, not only in China but blatantly so in 'western' countries such as Australia and Canada. The content industry is clamping down on infringement on intellectual property and calls for ever more far-fetching and over-reaching laws to be put into effect. Meanwhile, telco's are making deals with content providers to decide how gets premium access and who gets degraded access to their networks. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4451.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4451-a_modern_manifest_of_cyberspace-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4462-counter-lobbying_in_the_eu_parliament-en.mp4 The german access-blocking debate in 2009 only was a prelude to the EU-wide introduction of a blocking infrastructure in the Internet. Only delayed by the Lisbon Treaty compulsory, blocking by all EU-Memberstate has been discussed in the European Parliament since March 2010. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4462.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4462-counter-lobbying_in_the_eu_parliament-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4462-counter-lobbying_in_the_eu_parliament-en.mp4 2011-08-11T00:00:00+02:00 Christian Bahls MOGiS e.V., Jérémie Zimmermann No camp2011, Society How citizens can hack the legislative process to protect their freedoms online The german access-blocking debate in 2009 only was a prelude to the EU-wide introduction of a blocking infrastructure in the Internet. Only delayed by the Lisbon Treaty compulsory, blocking by all EU-Memberstate has been discussed in the European Parliament since March 2010. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4462.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4462-counter-lobbying_in_the_eu_parliament-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4471-who_is_snitching_my_milk-en.mp4 Nowadays many office environments offer small tea kitchens for their employees. From subjective experiences there seems to be a milk drain in these environments. However, fundamentel research is still missing. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4471.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4471-who_is_snitching_my_milk-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4471-who_is_snitching_my_milk-en.mp4 2011-08-11T00:00:00+02:00 André Franz No camp2011, Science Nonlinear dynamics/analysis of vanishing bovine products in an office environment. Nowadays many office environments offer small tea kitchens for their employees. From subjective experiences there seems to be a milk drain in these environments. However, fundamentel research is still missing. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4471.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4471-who_is_snitching_my_milk-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4492-die-strugazki-brueder-oder-das-homoeostatische-weltbild-de.mp4 Die atomar verstrahlten Ruinen eines ehemaligen Kernkraftwerkes sind Symbole für das bevorstehende Ende der Zivilisation, aber gleichzeitig die Wunschmaschine, die alle Sehnsüchte stillen kann. Dieser Ort ist nicht Fukushima und auch nicht Tschernobyl, sondern der Zielort der Protagonisten im Roman „Picknick am Wegesrand“ der russischen Autorenbrüder Arkadi und Boris Strugazki. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4492.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4492-die-strugazki-brueder-oder-das-homoeostatische-weltbild-de.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4492-die-strugazki-brueder-oder-das-homoeostatische-weltbild-de.mp4 2011-08-12T00:00:00+02:00 Agata Królikowski, Ina Kwasniewski, Jens-Martin Loebel, Kai Kittler, Marcus Mews, Marcus Richter No camp2011, Culture Ein audiovisuelles Live-Hörspiel Die atomar verstrahlten Ruinen eines ehemaligen Kernkraftwerkes sind Symbole für das bevorstehende Ende der Zivilisation, aber gleichzeitig die Wunschmaschine, die alle Sehnsüchte stillen kann. Dieser Ort ist nicht Fukushima und auch nicht Tschernobyl, sondern der Zielort der Protagonisten im Roman „Picknick am Wegesrand“ der russischen Autorenbrüder Arkadi und Boris Strugazki. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4492.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4492-die-strugazki-brueder-oder-das-homoeostatische-weltbild-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4506-wie_finanziere_ich_eine_mondmission-de.mp4 Jeder von uns kennt das Problem: Da hat man ein motiviertes Team an der Hand und einen fertigen Mondrover in der Garage stehen, aber wie immer fehlt das Geld für die Rakete, mit welcher der Rover auf den Mond befördert werden soll! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4506.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4506-wie_finanziere_ich_eine_mondmission-de.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4506-wie_finanziere_ich_eine_mondmission-de.mp4 2011-08-13T00:00:00+02:00 Robert Böhme No camp2011, Hacker Space Program Von Würstchen verkaufen bis Ballonflüge – ein Erfahrungsbericht. Jeder von uns kennt das Problem: Da hat man ein motiviertes Team an der Hand und einen fertigen Mondrover in der Garage stehen, aber wie immer fehlt das Geld für die Rakete, mit welcher der Rover auf den Mond befördert werden soll! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4506.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4506-wie_finanziere_ich_eine_mondmission-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4555-black_ops_of_tcpip_2011-en.mp4 Remember when networks represented interesting targets, when TCP/IP was itself a vector for messiness, when packet crafting was a required skill? about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4555.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4555-black_ops_of_tcpip_2011-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4555-black_ops_of_tcpip_2011-en.mp4 2011-08-12T00:00:00+02:00 Dan Kaminsky No camp2011, Hacking Remember when networks represented interesting targets, when TCP/IP was itself a vector for messiness, when packet crafting was a required skill? about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4555.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4555-black_ops_of_tcpip_2011-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4591-financing_the_revolution-en.mp4 Financing The Revolution is a discussion about digital currencies with a particular emphasis on Bitcoin, a new distributed peer-to-peer electronic currency. Digital cash and Bitcoin in particular have caused many new and interesting markets to appear, and these are examined as well as the link between economic freedom and the expression of other basic rights. Keywords: digital cash, cryptography, bitcoin, dgc, darknets, markets, civil liberties about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4591.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4591-financing_the_revolution-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4591-financing_the_revolution-en.mp4 2011-08-12T00:00:00+02:00 Jeffrey Paul (sneak) No camp2011, Society Secure, private value transactions using digital cash Financing The Revolution is a discussion about digital currencies with a particular emphasis on Bitcoin, a new distributed peer-to-peer electronic currency. Digital cash and Bitcoin in particular have caused many new and interesting markets to appear, and these are examined as well as the link between economic freedom and the expression of other basic rights. Keywords: digital cash, cryptography, bitcoin, dgc, darknets, markets, civil liberties about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4591.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4591-financing_the_revolution-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4594-from_oscar_1_to_mars_and_beyond-en.mp4 Radio amateurs have been building and operating satellites for almost fifty years now, and we are aiming for more. In this talk, I'll present who AMSAT is, what we have achieved in the last fifty years, and what we are working on now. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4594.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4594-from_oscar_1_to_mars_and_beyond-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4594-from_oscar_1_to_mars_and_beyond-en.mp4 2011-08-13T00:00:00+02:00 Mario Lorenz No camp2011, Hacker Space Program Amateur Space Exploration – The last 50 years, now, and the future Radio amateurs have been building and operating satellites for almost fifty years now, and we are aiming for more. In this talk, I'll present who AMSAT is, what we have achieved in the last fifty years, and what we are working on now. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4594.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4594-from_oscar_1_to_mars_and_beyond-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4597-moonbounce_radio_communication-en.mp4 Moon bounce, also known as EME (Earth-Moon-Earth), is a technique that allows two earth-based radio stations to communicate directly by using the moon as passive reflector. It is the longest path two stations on Earth can use to establish direct connection with each other. First developed the late 1940s by the United States Navy it was used as a revolutionary way to communicate without the uncertainties of shortwave radio propagation. The development of artificial satellites completely obsoleted this usecase only a few years later but the technique itself is still one of the most challenging tasks in radio communication. Today it's Amateur Radio stations that are practising the art of Moon bounce. We are here to tell and to show you how it is done. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4597.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4597-moonbounce_radio_communication-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4597-moonbounce_radio_communication-en.mp4 2011-08-13T00:00:00+02:00 Andreas Schreiner, Clemens Hopfer, Patrick Strasser No camp2011, Hacker Space Program To the Moon and back in two seconds. The joy of light speed information travel Moon bounce, also known as EME (Earth-Moon-Earth), is a technique that allows two earth-based radio stations to communicate directly by using the moon as passive reflector. It is the longest path two stations on Earth can use to establish direct connection with each other. First developed the late 1940s by the United States Navy it was used as a revolutionary way to communicate without the uncertainties of shortwave radio propagation. The development of artificial satellites completely obsoleted this usecase only a few years later but the technique itself is still one of the most challenging tasks in radio communication. Today it's Amateur Radio stations that are practising the art of Moon bounce. We are here to tell and to show you how it is done. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4597.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4597-moonbounce_radio_communication-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4406-giving_great_workshops-en.mp4 Mitch Altman has taught well over 10,000 people to solder and make cool things at workshops around the world. Drawing from his experiences, this lecture will show you how to create and give your own successful workshops about what you know. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4406.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4406-giving_great_workshops-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4406-giving_great_workshops-en.mp4 2011-08-11T00:00:00+02:00 Mitch No camp2011, Community You can create your own successful workshop Mitch Altman has taught well over 10,000 people to solder and make cool things at workshops around the world. Drawing from his experiences, this lecture will show you how to create and give your own successful workshops about what you know. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4406.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4406-giving_great_workshops-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4412-latest_developments_around_the_milkymist_system_on_chip-en.mp4 Milkymist develops a comprehensive solution for the live synthesis of interactive visual effects. It features one of the first open source system-on-chip designs. This talk gives a roundup of what has happened during the last 1.5 year in this project. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4412.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4412-latest_developments_around_the_milkymist_system_on_chip-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4412-latest_developments_around_the_milkymist_system_on_chip-en.mp4 2011-08-11T00:00:00+02:00 Sébastien Bourdeauducq No camp2011, Hacking A roundup of one the most advanced open hardware projects Milkymist develops a comprehensive solution for the live synthesis of interactive visual effects. It features one of the first open source system-on-chip designs. This talk gives a roundup of what has happened during the last 1.5 year in this project. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4412.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4412-latest_developments_around_the_milkymist_system_on_chip-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4421-strong_encryption_of_credit_card_information-en.mp4 The PCI DSS standard require strong cryptography or secure hashing as ways to protect cardholder information. But one important factor is missing; detailed instructions for how to correctly apply cryptography to credit card numbers. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4421.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4421-strong_encryption_of_credit_card_information-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4421-strong_encryption_of_credit_card_information-en.mp4 2011-08-10T00:00:00+02:00 Torbjörn Lofterud No camp2011, Hacking Attacks on common failures when encrypting credit card information The PCI DSS standard require strong cryptography or secure hashing as ways to protect cardholder information. But one important factor is missing; detailed instructions for how to correctly apply cryptography to credit card numbers. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4421.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4421-strong_encryption_of_credit_card_information-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4436-rocket_propulsion_basics-en.mp4 We will discuss the basic principles of thermochemical engines and their application for rocket propulsion. The three main types of chemical rocket engines, i.e. solid, liquid, and hybrid, will be presented and compared. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4436.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4436-rocket_propulsion_basics-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4436-rocket_propulsion_basics-en.mp4 2011-08-10T00:00:00+02:00 No camp2011, Hacker Space Program An introduction to rocket engines and their application for space travel We will discuss the basic principles of thermochemical engines and their application for rocket propulsion. The three main types of chemical rocket engines, i.e. solid, liquid, and hybrid, will be presented and compared. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4436.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4436-rocket_propulsion_basics-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4440-solid_rocket_engines-en.mp4 We will present the design and construction of a solid rocket motor and discuss results from recent test campaigns. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4440.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4440-solid_rocket_engines-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4440-solid_rocket_engines-en.mp4 2011-08-11T00:00:00+02:00 No camp2011, Hacker Space Program Design and implementation of engines with solid propellant We will present the design and construction of a solid rocket motor and discuss results from recent test campaigns. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4440.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4440-solid_rocket_engines-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4449-digitale_gesellschaft_ev-de.mp4 Im April 2011 wurde mit "Digitale Gesellschaft" ein neuer Verein zum Erhalt und Ausbau von digitalen Bürgerrechten präsentiert. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4449.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4449-digitale_gesellschaft_ev-de.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4449-digitale_gesellschaft_ev-de.mp4 2011-08-11T00:00:00+02:00 Markus Beckedahl No camp2011, Society Ein neuer Ansatz, um digitale Bürgerrechte zu erhalten Im April 2011 wurde mit "Digitale Gesellschaft" ein neuer Verein zum Erhalt und Ausbau von digitalen Bürgerrechten präsentiert. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4449.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4449-digitale_gesellschaft_ev-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4450-imagine_the_future_of_money-en.mp4 What comes after capitalism? We will give an overview on the development of complementary and alternative monetary systems: Which ones are there to stay, how they influence social development, how they can be improved and why hackers should really care. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4450.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4450-imagine_the_future_of_money-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4450-imagine_the_future_of_money-en.mp4 2011-08-11T00:00:00+02:00 Jaromil, radium No camp2011, Society Economic transformations, hacker culture and why we should be so lucky What comes after capitalism? We will give an overview on the development of complementary and alternative monetary systems: Which ones are there to stay, how they influence social development, how they can be improved and why hackers should really care. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4450.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4450-imagine_the_future_of_money-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4458-inertial_navigation-en.mp4 The motion of objects through space can be observed in everyday life and the analysis of their dynamics leads to a fundamental notion of theoretical mechanics, the rigid body. Inertial navigation is based on continuous measurement of acceleration and angular velocities and the inversion of the rigid body's equations of motion. Additionally, the modeling of noise and error propagation is essential to correctly estimate position and attitude. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4458.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4458-inertial_navigation-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4458-inertial_navigation-en.mp4 2011-08-11T00:00:00+02:00 No camp2011, Hacker Space Program Rigid body dynamics and its application to dead reckoning The motion of objects through space can be observed in everyday life and the analysis of their dynamics leads to a fundamental notion of theoretical mechanics, the rigid body. Inertial navigation is based on continuous measurement of acceleration and angular velocities and the inversion of the rigid body's equations of motion. Additionally, the modeling of noise and error propagation is essential to correctly estimate position and attitude. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4458.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4458-inertial_navigation-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4488-steal_everything_kill_everyone_cause_financial_ruin-en.mp4 This is not a presentation where I talk about how I would get in or the things I might be able to do. This is a talk where I am already in and I show you pictures from actual engagements that I have been on. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4488.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4488-steal_everything_kill_everyone_cause_financial_ruin-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4488-steal_everything_kill_everyone_cause_financial_ruin-en.mp4 2011-08-11T00:00:00+02:00 Jayson E. Street No camp2011, Hacking Or: How I walked in and misbehaved This is not a presentation where I talk about how I would get in or the things I might be able to do. This is a talk where I am already in and I show you pictures from actual engagements that I have been on. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4488.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4488-steal_everything_kill_everyone_cause_financial_ruin-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4490-ios_application_security-en.mp4 Over the last few years there has been a signifant amount of iPhone and iPad application development going on. Although based on Mac OSX, its development APIs are new and very specific to the iPhone and iPad. In this presentation, Ilja van Sprundel, Principal Security Consultant at IOActive, will discuss lessons learned from auditing iPhone and iPad applications over the last year. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4490.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4490-ios_application_security-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4490-ios_application_security-en.mp4 2011-08-11T00:00:00+02:00 Ilja van Sprundel No camp2011, Hacking A look at the security of 3rd party iOS applications Over the last few years there has been a signifant amount of iPhone and iPad application development going on. Although based on Mac OSX, its development APIs are new and very specific to the iPhone and iPad. In this presentation, Ilja van Sprundel, Principal Security Consultant at IOActive, will discuss lessons learned from auditing iPhone and iPad applications over the last year. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4490.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4490-ios_application_security-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4503-ich_und_23-de.mp4 Der Vortrag wird zunächst die Grundlagen des DNA-Fingerprinting auf unseren 23 Chromosomenpaaren zusammenfassen. Dabei wird besprochen, wie ein genetischer Fingerabdruck praktisch für die Verwendung in der Forensik entsteht und in welcher Form die Speicherung in einer Datenbank vorgenommen wird. Darauf aufbauend werden Stärken und Risiken der Technologie erörtert. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4503.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4503-ich_und_23-de.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4503-ich_und_23-de.mp4 2011-08-11T00:00:00+02:00 Mirko Swillus No camp2011, Science Fingerabdrücke der DNA Der Vortrag wird zunächst die Grundlagen des DNA-Fingerprinting auf unseren 23 Chromosomenpaaren zusammenfassen. Dabei wird besprochen, wie ein genetischer Fingerabdruck praktisch für die Verwendung in der Forensik entsteht und in welcher Form die Speicherung in einer Datenbank vorgenommen wird. Darauf aufbauend werden Stärken und Risiken der Technologie erörtert. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4503.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4503-ich_und_23-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4560-post_hacker_ethics_cyberwar-en.mp4 Several newly formed hacker groups were in the press, like Anonymous and lulzsec. We will analyze and discuss how these fit into the world, and how the different groups (politics, press, media, hackers) react to this new movement. Set sail for fail! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4560.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4560-post_hacker_ethics_cyberwar-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4560-post_hacker_ethics_cyberwar-en.mp4 2011-08-11T00:00:00+02:00 Hannes, Jens Ohlig No camp2011, Culture Applied loss of control to hacker-ethics? Several newly formed hacker groups were in the press, like Anonymous and lulzsec. We will analyze and discuss how these fit into the world, and how the different groups (politics, press, media, hackers) react to this new movement. Set sail for fail! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4560.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4560-post_hacker_ethics_cyberwar-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4564-r0ket-en.mp4 The r0ket is the badge for the Chaos Communication Camp 2011. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4564.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4564-r0ket-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4564-r0ket-en.mp4 2011-08-10T00:00:00+02:00 kiu, s, Stefan 'Sec' Zehl No camp2011, Hacking The CCC-Badge The r0ket is the badge for the Chaos Communication Camp 2011. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4564.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4564-r0ket-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4588-what_is_brewing_in_brussels-en.mp4 Right now the European Union is in a bit of a lawmaking frenzy on areas that are relevant to the internet in general. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4588.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4588-what_is_brewing_in_brussels-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4588-what_is_brewing_in_brussels-en.mp4 2011-08-11T00:00:00+02:00 Walter van Holst No camp2011, Society Right now the European Union is in a bit of a lawmaking frenzy on areas that are relevant to the internet in general. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4588.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4588-what_is_brewing_in_brussels-en.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_493_-_de_-_die_wunderbare_welt_der_regulaeren_ausdruecke_-_jakob_westhoff_thomas_weinert.mp4 Reguläre Ausdrücke sind häufig das Mittel der Wahl, wenn es um die Extraktion oder Erkennung von Mustern in Texten geht. Ein Muster kann hierbei so etwas einfaches wie ein sich wiederholender Buchstabe oder etwas komplexeres wie die Struktur einer Mailadresse sein. Diese Session gibt einen Überblick für Einsteiger und erklärt anschaulich die ersten Schritte in der Welt der Regulären Ausdrücke. Durch praxisnahe Beispiele werden auch kompliziertere Techniken einfach und effektiv vermittelt. about this event: http://programm.froscon.org/2010/events/493.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_493_-_de_-_die_wunderbare_welt_der_regulaeren_ausdruecke_-_jakob_westhoff_thomas_weinert.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_493_-_de_-_die_wunderbare_welt_der_regulaeren_ausdruecke_-_jakob_westhoff_thomas_weinert.mp4 2010-08-22T00:00:00+02:00 Jakob Westhoff, Thomas Weinert No froscon10, Development Reguläre Ausdrücke sind häufig das Mittel der Wahl, wenn es um die Extraktion oder Erkennung von Mustern in Texten geht. Ein Muster kann hierbei so etwas einfaches wie ein sich wiederholender Buchstabe oder etwas komplexeres wie die Struktur einer Mailadresse sein. Diese Session gibt einen Überblick für Einsteiger und erklärt anschaulich die ersten Schritte in der Welt der Regulären Ausdrücke. Durch praxisnahe Beispiele werden auch kompliziertere Techniken einfach und effektiv vermittelt. about this event: http://programm.froscon.org/2010/events/493.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_493_-_de_-_die_wunderbare_welt_der_regulaeren_ausdruecke_-_jakob_westhoff_thomas_weinert.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_646_-_en_-_1_qt_profit_-_daniel_molkentin.mp4 Since its initial release, the Nokia Qt SDK is bringing a state-of-the art developer experience to those who want to develop for the Nokia Symbian and Maemo platforms. Along with its release, Nokia also announced that Qt-based applications are now allowed into Ovi-Store. In this talk we will look at what is possible today by creating a typical mobile application and deploy it to an N900 as well as a Symbian touch device. Finally, we will look at brand new features of the Qt Creator IDE as well as the Qt Quick declarative UI, giving a sneak peak at where the technology is headed. about this event: http://programm.froscon.org/2010/events/646.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_646_-_en_-_1_qt_profit_-_daniel_molkentin.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_646_-_en_-_1_qt_profit_-_daniel_molkentin.mp4 2010-08-22T00:00:00+02:00 Daniel Molkentin No froscon10, Development How developing for Maemo and Symbian becomes fun and may even pay off Since its initial release, the Nokia Qt SDK is bringing a state-of-the art developer experience to those who want to develop for the Nokia Symbian and Maemo platforms. Along with its release, Nokia also announced that Qt-based applications are now allowed into Ovi-Store. In this talk we will look at what is possible today by creating a typical mobile application and deploy it to an N900 as well as a Symbian touch device. Finally, we will look at brand new features of the Qt Creator IDE as well as the Qt Quick declarative UI, giving a sneak peak at where the technology is headed. about this event: http://programm.froscon.org/2010/events/646.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_646_-_en_-_1_qt_profit_-_daniel_molkentin.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4011-en-embedded_reverse_engineering.mp4 Bring your target. Will release a slew of simple tools that explore attack surfaces and explain of how to use: jtag/serial scanners, parallel flash dumper, DePCB board routing analysis. So, crossover from software RE and start hacking/improving like its 1996 again. (full documentation and reference at: http://events.ccc.de/congress/2010/wiki/Embedded_Analysis) about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4011.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4011-en-embedded_reverse_engineering.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4011-en-embedded_reverse_engineering.mp4 2010-12-27T00:00:00+01:00 Nathan Fain, Vadik No 27c3, Hacking a dump of simple tools for embedded analysis at many layers Bring your target. Will release a slew of simple tools that explore attack surfaces and explain of how to use: jtag/serial scanners, parallel flash dumper, DePCB board routing analysis. So, crossover from software RE and start hacking/improving like its 1996 again. (full documentation and reference at: http://events.ccc.de/congress/2010/wiki/Embedded_Analysis) about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4011.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4011-en-embedded_reverse_engineering.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4089-de-ich_sehe_nicht_dass_wir_nicht_zustimmen_werden.mp4 Der Vortrag zeigt auf, wie sich Politiker rechtfertigen, wenn sie gegen ihre Argumentation und die Überzeugungen entscheiden oder handeln, für die sie stehen. Es ergibt sich dabei eine extreme Zwangslage, denn es ist oft nicht so einfach möglich, die zuvor vorgebrachten Argumente aufzugeben. Also muss auf Leerformeln, Nebelkerzen, Scheinargumente und spezielle grammatische Mittel zurückgegriffen werden, die die Regresspflicht mindern (Konjunktive, doppelte Verneinungen, Modalpartikeln usw.); dabei sind Kunstgriffe nötig, die über die inzwischen hinlänglich bekannte Leyen-Rhetorik hinausgehen. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4089.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4089-de-ich_sehe_nicht_dass_wir_nicht_zustimmen_werden.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4089-de-ich_sehe_nicht_dass_wir_nicht_zustimmen_werden.mp4 2010-12-30T00:00:00+01:00 maha/Martin Haase No 27c3, Society Die Sprache des politischen Verrats und seiner Rechtfertigung Der Vortrag zeigt auf, wie sich Politiker rechtfertigen, wenn sie gegen ihre Argumentation und die Überzeugungen entscheiden oder handeln, für die sie stehen. Es ergibt sich dabei eine extreme Zwangslage, denn es ist oft nicht so einfach möglich, die zuvor vorgebrachten Argumente aufzugeben. Also muss auf Leerformeln, Nebelkerzen, Scheinargumente und spezielle grammatische Mittel zurückgegriffen werden, die die Regresspflicht mindern (Konjunktive, doppelte Verneinungen, Modalpartikeln usw.); dabei sind Kunstgriffe nötig, die über die inzwischen hinlänglich bekannte Leyen-Rhetorik hinausgehen. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4089.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4089-de-ich_sehe_nicht_dass_wir_nicht_zustimmen_werden.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4114-en-analyzing_modern_cryptographic_rfid_stystem.mp4 Popular contactless systems for physical access control still rely on obscurity. As we have shown, time and time again, proprietary encryption systems are weak and easy to break. In a follow-up to last year's presentation we will now demonstrate attacks on systems with 'proper' cryptographic algorithms. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4114.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4114-en-analyzing_modern_cryptographic_rfid_stystem.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4114-en-analyzing_modern_cryptographic_rfid_stystem.mp4 2010-12-29T00:00:00+01:00 Henryk Plötz, Milosch Meriac No 27c3, Hacking HID iClass demystified Popular contactless systems for physical access control still rely on obscurity. As we have shown, time and time again, proprietary encryption systems are weak and easy to break. In a follow-up to last year's presentation we will now demonstrate attacks on systems with 'proper' cryptographic algorithms. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4114.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4114-en-analyzing_modern_cryptographic_rfid_stystem.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4185-de-whistleblowing_licht_ins_dunkel.mp4 Whistleblowing als universelles Konzept für mehr Transparenz – oder: über die Rückeroberung der Dunkelräume in Wirtschaft und Politik auch jenseits von Wikileaks. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4185.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4185-de-whistleblowing_licht_ins_dunkel.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4185-de-whistleblowing_licht_ins_dunkel.mp4 2010-12-27T00:00:00+01:00 Johannes Ludwig, Whistleblower-Netzwerk No 27c3, Society Licht ins Dunkel! Whistleblowing als universelles Konzept für mehr Transparenz – oder: über die Rückeroberung der Dunkelräume in Wirtschaft und Politik auch jenseits von Wikileaks. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4185.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4185-de-whistleblowing_licht_ins_dunkel.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4018-en-frozencache.mp4 Cold boot attacks are a major risk for the protection that Full-Disk-Encryption solutions provide. FrozenCache is a general-purpose solution to this attack for x86 based systems that employs a special CPU cache mode known as "Cache-as-RAM". Switching the CPU cache into a special mode forces data to held exclusively in the CPU cache and not to be written to the backing RAM locations, thus safeguarding data from being obtained from RAM by means of cold boot attacks. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4018.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4018-en-frozencache.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4018-en-frozencache.mp4 2010-12-29T00:00:00+01:00 Juergen Pabel No 27c3, Hacking Mitigating cold-boot attacks for Full-Disk-Encryption software Cold boot attacks are a major risk for the protection that Full-Disk-Encryption solutions provide. FrozenCache is a general-purpose solution to this attack for x86 based systems that employs a special CPU cache mode known as "Cache-as-RAM". Switching the CPU cache into a special mode forces data to held exclusively in the CPU cache and not to be written to the backing RAM locations, thus safeguarding data from being obtained from RAM by means of cold boot attacks. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4018.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4018-en-frozencache.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4057-en-adventures_in_mapping_afghanistan_elections.mp4 Monitoring and reporting about elections in a war zone is a complex and dangerous task. While crisis mapping carried out via sms and email proved highly successful with the use of Ushahidi in situations like post-election violence in Kenya, tracking crime in Atlanta, or earthquake recovery in Haiti, could it prove useful in such a complex situation as the Afghan political process? This year a team of people set out to do just that with three different Ushahidi mapping projects for national media, national election observers, and international observers. The following presentation is about the challenges we faced, successes we did or did not have, and the lessons learned for the future of crisis mapping. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4057.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4057-en-adventures_in_mapping_afghanistan_elections.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4057-en-adventures_in_mapping_afghanistan_elections.mp4 2010-12-28T00:00:00+01:00 Bicyclemark No 27c3, Society The story of 3 Ushahidi mapping and reporting projects. Monitoring and reporting about elections in a war zone is a complex and dangerous task. While crisis mapping carried out via sms and email proved highly successful with the use of Ushahidi in situations like post-election violence in Kenya, tracking crime in Atlanta, or earthquake recovery in Haiti, could it prove useful in such a complex situation as the Afghan political process? This year a team of people set out to do just that with three different Ushahidi mapping projects for national media, national election observers, and international observers. The following presentation is about the challenges we faced, successes we did or did not have, and the lessons learned for the future of crisis mapping. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4057.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4057-en-adventures_in_mapping_afghanistan_elections.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4067-en-data_analysis_in_terabit_ethernet_traffic.mp4 Network traffic grows faster than monitoring and analysis tools can handle. During the last two years a couple of appliances hit the market which help in finding the “bits of interest”. Recently installed strategies and solutions for carriers, banks or lawful interception organizations will be discussed as examples. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4067.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4067-en-data_analysis_in_terabit_ethernet_traffic.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4067-en-data_analysis_in_terabit_ethernet_traffic.mp4 2010-12-30T00:00:00+01:00 Lars Weiler No 27c3, Hacking Solutions for monitoring and lawful interception within a lot of bits Network traffic grows faster than monitoring and analysis tools can handle. During the last two years a couple of appliances hit the market which help in finding the “bits of interest”. Recently installed strategies and solutions for carriers, banks or lawful interception organizations will be discussed as examples. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4067.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4067-en-data_analysis_in_terabit_ethernet_traffic.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4082-en-sap_landscape.mp4 SAP systems are the heart of many enterprises. Most critical business functions run on SAP Applications and the complexity of these systems makes it very difficult to protect against attackers. Default setups, forgotten/unimplemented security configurations, weak password management and change processes that apply to one ‘unimportant’ system can result in complete compromise of the SAP landscape. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4082.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4082-en-sap_landscape.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4082-en-sap_landscape.mp4 2010-12-27T00:00:00+01:00 Ertunga Arsal No 27c3, Hacking SAP Security and the Enterprise SAP systems are the heart of many enterprises. Most critical business functions run on SAP Applications and the complexity of these systems makes it very difficult to protect against attackers. Default setups, forgotten/unimplemented security configurations, weak password management and change processes that apply to one ‘unimportant’ system can result in complete compromise of the SAP landscape. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4082.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4082-en-sap_landscape.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4097-de-identifizierung_von_netzwerkprotokollen.mp4 Der Vortrag soll Techniken aufzeigen, mit denen man Netzwerk-Protokolle identifizieren kann, die in Layer 7 des OSI-Modells angesiedelt sind. Alle Techniken - darunter auch die Deep Packet Inspection (DPI) - werden technisch erläutert und kritisch bewertet. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4097.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4097-de-identifizierung_von_netzwerkprotokollen.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4097-de-identifizierung_von_netzwerkprotokollen.mp4 2010-12-28T00:00:00+01:00 Florian Adamsky No 27c3, Science Der Vortrag soll Techniken aufzeigen, mit denen man Netzwerk-Protokolle identifizieren kann, die in Layer 7 des OSI-Modells angesiedelt sind. Alle Techniken - darunter auch die Deep Packet Inspection (DPI) - werden technisch erläutert und kritisch bewertet. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4097.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4097-de-identifizierung_von_netzwerkprotokollen.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4103-en-copyright_enforcement_versus_freedoms.mp4 ACTA, upcoming criminal enforcement directive, filtering of content... The entertainment industries go further and further into their crusade against sharing. They not only attack our fundamental freedoms, but also the very essence of the Internet. This session is a panorama of the current and upcoming battles, campaigns and actions. Everyone can help defeat the motherf#§$ers! about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4103.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4103-en-copyright_enforcement_versus_freedoms.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4103-en-copyright_enforcement_versus_freedoms.mp4 2010-12-27T00:00:00+01:00 Jérémie Zimmermann No 27c3, Society ACTA, IPRED3 and other upcoming battles of the crusade against sharing ACTA, upcoming criminal enforcement directive, filtering of content... The entertainment industries go further and further into their crusade against sharing. They not only attack our fundamental freedoms, but also the very essence of the Internet. This session is a panorama of the current and upcoming battles, campaigns and actions. Everyone can help defeat the motherf#§$ers! about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4103.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4103-en-copyright_enforcement_versus_freedoms.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4111-de-eins_zwei_drei_alle_sind_dabei.mp4 Neben einer kurzen Einführung in die Problematik des Zensus 2011, soll es in dem Vortrag auch über die CCC Stellungnahmen für mehrere Landetage gehen. Weiterhin geht es auch um die mittlerweile abgewiesene Verfassungsbeschwerde des AK Zensus sowie weitere Möglichkeiten "was zu machen". about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4111.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4111-de-eins_zwei_drei_alle_sind_dabei.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4111-de-eins_zwei_drei_alle_sind_dabei.mp4 2010-12-27T00:00:00+01:00 Oliver "Unicorn" Knapp No 27c3, Society Von der Volkszählung zum Bundesmelderegister Neben einer kurzen Einführung in die Problematik des Zensus 2011, soll es in dem Vortrag auch über die CCC Stellungnahmen für mehrere Landetage gehen. Weiterhin geht es auch um die mittlerweile abgewiesene Verfassungsbeschwerde des AK Zensus sowie weitere Möglichkeiten "was zu machen". about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4111.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4111-de-eins_zwei_drei_alle_sind_dabei.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4125-de-spinning_the_electronic_wheel.mp4 Dreieinhalb Jahre nach dem Talk '21st Century digital Bikes' auf dem Camp 2007 ist einiges in der Welt der elektrischen Fortbewegung passiert. Ende 2010 ist ein guter Zeitpunkt, den Stand der Dinge aufzurollen, die Neuigkeiten darzustellen und über eine mehr unschärfer als klarer werdende Zukunft der elektrischen Mobilität zu sprechen. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4125.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4125-de-spinning_the_electronic_wheel.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4125-de-spinning_the_electronic_wheel.mp4 2010-12-27T00:00:00+01:00 Betty, Gismo C. No 27c3, Making Still the bicycles for the 21th century Dreieinhalb Jahre nach dem Talk '21st Century digital Bikes' auf dem Camp 2007 ist einiges in der Welt der elektrischen Fortbewegung passiert. Ende 2010 ist ein guter Zeitpunkt, den Stand der Dinge aufzurollen, die Neuigkeiten darzustellen und über eine mehr unschärfer als klarer werdende Zukunft der elektrischen Mobilität zu sprechen. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4125.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4125-de-spinning_the_electronic_wheel.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4138-en-secure_communications_below_the_hearing_threshold.mp4 Auditive steganography allows for various usage scenarios. In our project we focused on hidden communications in VoIP and GSM in which voice data is typically compressed and transmitted in realtime. A framework has been developed to meet these requirements, providing interfaces for robust steganographic algorithms. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4138.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4138-en-secure_communications_below_the_hearing_threshold.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4138-en-secure_communications_below_the_hearing_threshold.mp4 2010-12-28T00:00:00+01:00 Marcus Nutzinger, Rainer Poisel No 27c3, Hacking Improved approaches for auditive steganography Auditive steganography allows for various usage scenarios. In our project we focused on hidden communications in VoIP and GSM in which voice data is typically compressed and transmitted in realtime. A framework has been developed to meet these requirements, providing interfaces for robust steganographic algorithms. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4138.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4138-en-secure_communications_below_the_hearing_threshold.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4140-en-contemporary_profiling_of_web_users.mp4 This talk will provide a summary of recently discovered methods which allow to break the Internet's privacy and anonymity. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4140.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4140-en-contemporary_profiling_of_web_users.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4140-en-contemporary_profiling_of_web_users.mp4 2010-12-27T00:00:00+01:00 Dominik Herrmann, lexi No 27c3, Hacking On Using Anonymizers and Still Get Fucked This talk will provide a summary of recently discovered methods which allow to break the Internet's privacy and anonymity. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4140.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4140-en-contemporary_profiling_of_web_users.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4151-en-android_geolocation_using_gsm_network.mp4 We introduce a new forensic technique that allows to collect users' past locations on most current Android phones, within a few seconds. It becomes possible to tell where the user was at a given time, or where a phone call took place over the last few hours or days. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4151.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4151-en-android_geolocation_using_gsm_network.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4151-en-android_geolocation_using_gsm_network.mp4 2010-12-29T00:00:00+01:00 Renaud Lifchitz No 27c3, Hacking "Where was Waldroid?" We introduce a new forensic technique that allows to collect users' past locations on most current Android phones, within a few seconds. It becomes possible to tell where the user was at a given time, or where a phone call took place over the last few hours or days. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4151.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4151-en-android_geolocation_using_gsm_network.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4159-en-reverse_engineering_mos_6502.mp4 The MOS 6502 CPU, which was designed in 1975 and powered systems like the Apple II, the Atari 2600, the Nintendo NES and the Commodore 64 for two decades, has always been subject to intense reverse engineering of its inner workings. Only recently, the Visual6502.org project has converted a hi-res die-shot of the 6502 into a polygon model suitable for visually simulating the original mask at the transistor level. This talk will present the way from a chip package to a digital representation, how to simulate transistors in software, and new insights gained form this research about 6502 internals, like "illegal" opcodes. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4159.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4159-en-reverse_engineering_mos_6502.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4159-en-reverse_engineering_mos_6502.mp4 2010-12-28T00:00:00+01:00 Michael Steil No 27c3, Hacking 3510 transistors in 60 minutes The MOS 6502 CPU, which was designed in 1975 and powered systems like the Apple II, the Atari 2600, the Nintendo NES and the Commodore 64 for two decades, has always been subject to intense reverse engineering of its inner workings. Only recently, the Visual6502.org project has converted a hi-res die-shot of the 6502 into a polygon model suitable for visually simulating the original mask at the transistor level. This talk will present the way from a chip package to a digital representation, how to simulate transistors in software, and new insights gained form this research about 6502 internals, like "illegal" opcodes. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4159.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4159-en-reverse_engineering_mos_6502.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4164-de-friede_sei_mit_euren_daten.mp4 Bundesdeutscher und kirchlicher Datenschutz führen eine Parallelexistenz. Während das Bundesdatenschutzgesetz von der Öffentlichkeit wahrgenommen und kritisch begleitet wird, ist den Wenigsten überhaupt klar, dass es auch einen vom BDSG losgelösten Datenschutz innerhalb der Kirchen gibt, der sich in einigen wichtigen Punkten vom staatlichen unterscheidet. Dieser Vortrag soll das Bewusstsein für ein Recht wecken, von dem sechzig Prozent der Deutschen betroffen sind – oft ohne es zu wissen. Praxisbeispiele und Tipps inbegriffen. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4164.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4164-de-friede_sei_mit_euren_daten.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4164-de-friede_sei_mit_euren_daten.mp4 2010-12-27T00:00:00+01:00 Jochim Selzer No 27c3, Society Ein datenschutzrechtlicher Ausflug in ein kirchliches Parelleluniversum Bundesdeutscher und kirchlicher Datenschutz führen eine Parallelexistenz. Während das Bundesdatenschutzgesetz von der Öffentlichkeit wahrgenommen und kritisch begleitet wird, ist den Wenigsten überhaupt klar, dass es auch einen vom BDSG losgelösten Datenschutz innerhalb der Kirchen gibt, der sich in einigen wichtigen Punkten vom staatlichen unterscheidet. Dieser Vortrag soll das Bewusstsein für ein Recht wecken, von dem sechzig Prozent der Deutschen betroffen sind – oft ohne es zu wissen. Praxisbeispiele und Tipps inbegriffen. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4164.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4164-de-friede_sei_mit_euren_daten.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4175-en-from_robot_to_robot.mp4 Today, hacking is reserved for the microscopic fraction of the population who manage to shake themselves free of the suppressive education regime. Student Robotics is the beginning of the solution. By fostering creativity through competition to solve engineering challenges, we provide the inspiration society desperately needs. We develop an open platform for robotics and provide it to schools to open students' minds to the world of hacking. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4175.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4175-en-from_robot_to_robot.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4175-en-from_robot_to_robot.mp4 2010-12-27T00:00:00+01:00 Robert Spanton No 27c3, Society Restoring creativity in school pupils using robotics Today, hacking is reserved for the microscopic fraction of the population who manage to shake themselves free of the suppressive education regime. Student Robotics is the beginning of the solution. By fostering creativity through competition to solve engineering challenges, we provide the inspiration society desperately needs. We develop an open platform for robotics and provide it to schools to open students' minds to the world of hacking. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4175.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4175-en-from_robot_to_robot.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4193-en-having_fun_with_rtp.mp4 A lot of people are interested and involved in voice over IP security. Most of the effort is concentrated on the security of the signalling protocols. This talk is focussing on the security of the voice part involved in todays voice over IP world. It is the result of the questions that I had to ask myself while i was debugging audio quality problems of customers and implementing a RTP stack from scratch. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4193.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4193-en-having_fun_with_rtp.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4193-en-having_fun_with_rtp.mp4 2010-12-30T00:00:00+01:00 kapejod No 27c3, Hacking „Who is speaking???“ A lot of people are interested and involved in voice over IP security. Most of the effort is concentrated on the security of the signalling protocols. This talk is focussing on the security of the voice part involved in todays voice over IP world. It is the result of the questions that I had to ask myself while i was debugging audio quality problems of customers and implementing a RTP stack from scratch. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4193.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4193-en-having_fun_with_rtp.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4201-en-the_concert_a_disconcerting_moment_for_free_culture.mp4 Corey Cerovsek and Julien Quentin, accomplished musicians known worldwide for their classical recital performances, present something that's not quite an ordinary concert, to draw attention to the importance of the public domain in centuries of classical music tradition. It's both more — and less — than what you might expect to see and hear at a classical concert. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4201.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4201-en-the_concert_a_disconcerting_moment_for_free_culture.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4201-en-the_concert_a_disconcerting_moment_for_free_culture.mp4 2010-12-28T00:00:00+01:00 Alex Antener, Corey Cerovsek, Julien Quentin No 27c3, Culture a disconcerting moment for free culture Corey Cerovsek and Julien Quentin, accomplished musicians known worldwide for their classical recital performances, present something that's not quite an ordinary concert, to draw attention to the importance of the public domain in centuries of classical music tradition. It's both more — and less — than what you might expect to see and hear at a classical concert. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4201.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4201-en-the_concert_a_disconcerting_moment_for_free_culture.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4206-en-immi_from_concept_to_reality.mp4 The talk will give an update on the status of the Icelandic Modern Media Initiative. If we put IMMI into the context of the bus Rop talked about in the keynote, then IMMI is the quality rubber for the tires that can ride that road safely. It is part of what our bus should look like, ride like, feel like. The talk will also try to define some more of that bus, and elaborate on what else we need apart from the best rubber we can get. The talk will hence deal with some of the latest developments in respect to freedom of speech, specifically that of the press, and political pressure being excersized on it, roles and responsibilities, and the role of responsibility. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4206.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4206-en-immi_from_concept_to_reality.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4206-en-immi_from_concept_to_reality.mp4 2010-12-29T00:00:00+01:00 Daniel Domscheit-Berg No 27c3, Society The Icelandic Modern Media Initiative and our need for a well-regulated flow of information The talk will give an update on the status of the Icelandic Modern Media Initiative. If we put IMMI into the context of the bus Rop talked about in the keynote, then IMMI is the quality rubber for the tires that can ride that road safely. It is part of what our bus should look like, ride like, feel like. The talk will also try to define some more of that bus, and elaborate on what else we need apart from the best rubber we can get. The talk will hence deal with some of the latest developments in respect to freedom of speech, specifically that of the press, and political pressure being excersized on it, roles and responsibilities, and the role of responsibility. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4206.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4206-en-immi_from_concept_to_reality.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4210-en-lying_to_the_neighbours.mp4 Distributed Hash Tables implement Routing and Addressability in large P2P networks. In the Kademlia adaption for Bittorrent a peer's address (NodeID) is to be generated randomly, or more appropriate: arbitrarily. Because randomness isn't verifiable, an implementation can advertise itself with popular NodeIDs or even change them on a per-packet basis. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4210.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4210-en-lying_to_the_neighbours.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4210-en-lying_to_the_neighbours.mp4 2010-12-28T00:00:00+01:00 Astro No 27c3, Hacking Nasty effects with tracker-less BitTorrent Distributed Hash Tables implement Routing and Addressability in large P2P networks. In the Kademlia adaption for Bittorrent a peer's address (NodeID) is to be generated randomly, or more appropriate: arbitrarily. Because randomness isn't verifiable, an implementation can advertise itself with popular NodeIDs or even change them on a per-packet basis. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4210.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4210-en-lying_to_the_neighbours.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4245-en-adventures_in_analyzing_stuxnet.mp4 There has been many publications on the topic of Stuxnet and its "sophistication" in the mainstream press. However, there is not a complete publication which explains all of the technical vulnerability details and how they were discovered. In this talk, you will get a first-hand account of the entire story. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4245.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4245-en-adventures_in_analyzing_stuxnet.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4245-en-adventures_in_analyzing_stuxnet.mp4 2010-12-27T00:00:00+01:00 Bruce Dang, Peter Ferrie No 27c3, Hacking There has been many publications on the topic of Stuxnet and its "sophistication" in the mainstream press. However, there is not a complete publication which explains all of the technical vulnerability details and how they were discovered. In this talk, you will get a first-hand account of the entire story. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4245.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4245-en-adventures_in_analyzing_stuxnet.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4261-en-key_recovery_attacks_rc4.mp4 In this paper, we present several weaknesses in the stream cipher RC4. First, we present a technique to automatically reveal linear correlations in the PRGA of RC4. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4261.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4261-en-key_recovery_attacks_rc4.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4261-en-key_recovery_attacks_rc4.mp4 2010-12-30T00:00:00+01:00 Martin Vuagnoux No 27c3, Hacking In this paper, we present several weaknesses in the stream cipher RC4. First, we present a technique to automatically reveal linear correlations in the PRGA of RC4. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4261.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4261-en-key_recovery_attacks_rc4.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4263-en-resisting_excessive_government_surveillance.mp4 My name is Nicholas Merrill and I was the plaintiff in a legal case in the US court system where I challenged the FBI’s policy of using a feature of the so-called USA PATRIOT act - what are called “National Security Letters” - to bypass the American Constitution's system of checks and balances and in violation of the United Nations Universal Declaration of Human Rights - in order to obtain protected personal information and to unmask anonymous Internet users. I spent over 6 years not able to speak to anyone (other than my lawyers) about my case - forced to lie to those closest to me due to an FBI gag order that carried a possible 10 year prison sentence for violating it. However the lawsuit resulted in the establishment of two key legal precedents and made changes that affect every Internet worker and Telephone worker in America. I would like to speak to the 27C3 audience in order to tell about my experience and to challenge (and offer my support and assistance to) those individuals who are in a position to challenge government surveillance requests to follow their consciences and do so. People who work at Internet Service Providers and Telephone companies as well as IT workers at Universities and private businesses are increasingly likely to encounter government attempts at surveillance. I would like to speak to the CCC regarding my experiences in resisting a National Security Letter and also a “Grand Jury Subpoena” as well as my experience of being gagged by the FBI for nearly 7 years - unable to speak on the subject or identify myself as the plaintiff in the NSL lawsuit. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4263.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4263-en-resisting_excessive_government_surveillance.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4263-en-resisting_excessive_government_surveillance.mp4 2010-12-28T00:00:00+01:00 Nicholas Merrill No 27c3, Society Join me in exposing and challenging the constant violations of our right to privacy My name is Nicholas Merrill and I was the plaintiff in a legal case in the US court system where I challenged the FBI’s policy of using a feature of the so-called USA PATRIOT act - what are called “National Security Letters” - to bypass the American Constitution's system of checks and balances and in violation of the United Nations Universal Declaration of Human Rights - in order to obtain protected personal information and to unmask anonymous Internet users. I spent over 6 years not able to speak to anyone (other than my lawyers) about my case - forced to lie to those closest to me due to an FBI gag order that carried a possible 10 year prison sentence for violating it. However the lawsuit resulted in the establishment of two key legal precedents and made changes that affect every Internet worker and Telephone worker in America. I would like to speak to the 27C3 audience in order to tell about my experience and to challenge (and offer my support and assistance to) those individuals who are in a position to challenge government surveillance requests to follow their consciences and do so. People who work at Internet Service Providers and Telephone companies as well as IT workers at Universities and private businesses are increasingly likely to encounter government attempts at surveillance. I would like to speak to the CCC regarding my experiences in resisting a National Security Letter and also a “Grand Jury Subpoena” as well as my experience of being gagged by the FBI for nearly 7 years - unable to speak on the subject or identify myself as the plaintiff in the NSL lawsuit. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4263.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4263-en-resisting_excessive_government_surveillance.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4276-en-cognitive_psychology_for_hackers.mp4 Experience firsthand some of the most interesting, surprising, and perspective-changing findings from cognitive and social neuropsychology. With perceptual illusions, priming, biases, heuristics, and unconscious influences, humans have tons of firmware "bugs". All have exploits; some even have patches. Learn how to improve your own thinking, use others' bugs to your advantage, and gain new perspective on the unconscious and often illusory processes involved in your perceptions. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4276.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4276-en-cognitive_psychology_for_hackers.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4276-en-cognitive_psychology_for_hackers.mp4 2010-12-29T00:00:00+01:00 Sai No 27c3, Science Bugs, exploits, and occasional patches Experience firsthand some of the most interesting, surprising, and perspective-changing findings from cognitive and social neuropsychology. With perceptual illusions, priming, biases, heuristics, and unconscious influences, humans have tons of firmware "bugs". All have exploits; some even have patches. Learn how to improve your own thinking, use others' bugs to your advantage, and gain new perspective on the unconscious and often illusory processes involved in your perceptions. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4276.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4276-en-cognitive_psychology_for_hackers.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4295-en-high_speed_high_security_cryptography.mp4 Are you writing a program that sends data through the Internet? Are you sending the data through HTTP, or SMTP, or simply TCP, leaving it vulnerable to espionage, corruption, and sabotage by anyone who owns a machine connected to the same network? You can use SSH and IPsec to protect communication with your own machines, but how do you talk to the rest of the Internet? You can use TCPcrypt to protect yourself against attackers too lazy to forge packets, but how do you protect yourself against serious attackers? You can use HTTPS for low-frequency communication, but how do you handle heavy network traffic, and how do you protect yourself against the security flaws in HTTPS? Today's Internet cryptography is slow, untrustworthy, hard to use, and remarkably unsuccessful as a competitor to good old unprotected TCP. This talk will present a different approach to high-security Internet cryptography. This approach is easy for users, easy for system administrators, and, perhaps most importantly, easy for programmers. The main reason that the approach has not been tried before is that it seems to involve very slow cryptographic operations; this talk will show that the approach is extremely fast when it is done right. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4295.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4295-en-high_speed_high_security_cryptography.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4295-en-high_speed_high_security_cryptography.mp4 2010-12-28T00:00:00+01:00 Daniel J. Bernstein No 27c3, Hacking Are you writing a program that sends data through the Internet? Are you sending the data through HTTP, or SMTP, or simply TCP, leaving it vulnerable to espionage, corruption, and sabotage by anyone who owns a machine connected to the same network? You can use SSH and IPsec to protect communication with your own machines, but how do you talk to the rest of the Internet? You can use TCPcrypt to protect yourself against attackers too lazy to forge packets, but how do you protect yourself against serious attackers? You can use HTTPS for low-frequency communication, but how do you handle heavy network traffic, and how do you protect yourself against the security flaws in HTTPS? Today's Internet cryptography is slow, untrustworthy, hard to use, and remarkably unsuccessful as a competitor to good old unprotected TCP. This talk will present a different approach to high-security Internet cryptography. This approach is easy for users, easy for system administrators, and, perhaps most importantly, easy for programmers. The main reason that the approach has not been tried before is that it seems to involve very slow cryptographic operations; this talk will show that the approach is extremely fast when it is done right. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4295.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4295-en-high_speed_high_security_cryptography.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4296-en-lightning_days_d2.mp4 4 minutes for every speaker. Learn about the good, the bad, and the ugly - in software, hardware, projects, and more. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4296.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4296-en-lightning_days_d2.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4296-en-lightning_days_d2.mp4 2010-12-28T00:00:00+01:00 Nick Farr No 27c3, Community 4 minutes of fame 4 minutes for every speaker. Learn about the good, the bad, and the ugly - in software, hardware, projects, and more. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4296.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4296-en-lightning_days_d2.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4300-en-lightning_talks_d4.mp4 4 minutes for every speaker. Learn about the good, the bad, and the ugly - in software, hardware, projects, and more. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4300.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4300-en-lightning_talks_d4.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4300-en-lightning_talks_d4.mp4 2010-12-30T00:00:00+01:00 Nick Farr No 27c3, Community where is my community? 4 minutes for every speaker. Learn about the good, the bad, and the ugly - in software, hardware, projects, and more. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4300.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4300-en-lightning_talks_d4.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4301-en-flow_analysis_of_internet_activities.mp4 On the Internet one tends to think that one is pretty much safe from poking eyes. Taps in most countries can only be established after a judge has issued a warrant, thus upto such a tap is succesfully deployed one might think one is pretty much in the clear. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4301.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4301-en-flow_analysis_of_internet_activities.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4301-en-flow_analysis_of_internet_activities.mp4 2010-12-30T00:00:00+01:00 Jeroen Massar No 27c3, Society demonstrating what activities most ISPs see you doing on the Internet On the Internet one tends to think that one is pretty much safe from poking eyes. Taps in most countries can only be established after a judge has issued a warrant, thus upto such a tap is succesfully deployed one might think one is pretty much in the clear. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4301.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4301-en-flow_analysis_of_internet_activities.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4144-en-short_political_history_of_acoustics.mp4 The birth of the modern science of acoustics was directly intertwined with the desires to surveill and communicate, either in secret or to everybody at once. Acoustics was not just about 'learning more about nature,' right from the start it was an applied science, driven by very clear notions of who has the right, and thus should have the possibility, of listening in on others, who needs to be able to converse in private, and who should be heard by everybody if he wishes to. How are these historical ideas related to those of today? about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4144.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4144-en-short_political_history_of_acoustics.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4144-en-short_political_history_of_acoustics.mp4 2010-12-28T00:00:00+01:00 Oona Leganovic No 27c3, Society For whom, and to do what, the science of sound was developed in the 17th century The birth of the modern science of acoustics was directly intertwined with the desires to surveill and communicate, either in secret or to everybody at once. Acoustics was not just about 'learning more about nature,' right from the start it was an applied science, driven by very clear notions of who has the right, and thus should have the possibility, of listening in on others, who needs to be able to converse in private, and who should be heard by everybody if he wishes to. How are these historical ideas related to those of today? about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4144.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4144-en-short_political_history_of_acoustics.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4145-en-spoilers_human_interfaces_airplanes.mp4 Getting the interfaces right to computers controlling complex and dangerous machines such as commercial airliners is crucial. I will present a successful accident analysis method and talk about interface design problems, ideas for solutions, methods for understanding causal control flow. There will be some spectacular aviation accident videos and stories of bad luck, bad design, bad decisions, and a hero that managed to turn a near-catastrophe into an accident without fatalities. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4145.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4145-en-spoilers_human_interfaces_airplanes.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4145-en-spoilers_human_interfaces_airplanes.mp4 2010-12-28T00:00:00+01:00 Bernd Sieker No 27c3, Science Thoughts on the Automation and its Human interfaces on Airplanes Getting the interfaces right to computers controlling complex and dangerous machines such as commercial airliners is crucial. I will present a successful accident analysis method and talk about interface design problems, ideas for solutions, methods for understanding causal control flow. There will be some spectacular aviation accident videos and stories of bad luck, bad design, bad decisions, and a hero that managed to turn a near-catastrophe into an accident without fatalities. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4145.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4145-en-spoilers_human_interfaces_airplanes.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4168-en-automated_architecture_independent_gadget_search.mp4 We demonstrate that automated, architecture-independent gadget search is possible. Gadgets are code fragments which can be used to build unintended programs from existing code in memory. Our contribution is a framework of algorithms capable of locating a Turing-complete gadget set. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4168.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4168-en-automated_architecture_independent_gadget_search.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4168-en-automated_architecture_independent_gadget_search.mp4 2010-12-30T00:00:00+01:00 kornau No 27c3, Hacking CCC edition We demonstrate that automated, architecture-independent gadget search is possible. Gadgets are code fragments which can be used to build unintended programs from existing code in memory. Our contribution is a framework of algorithms capable of locating a Turing-complete gadget set. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4168.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4168-en-automated_architecture_independent_gadget_search.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4174-en-the_hidden_nemesis.mp4 Want to persistently backdoor a laptop? Backdooring the BIOS is out of the question since your target can dump and diff it? Planting hardware is out of the question as well? Shhhhhhh.. I have something for you: about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4174.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4174-en-the_hidden_nemesis.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4174-en-the_hidden_nemesis.mp4 2010-12-28T00:00:00+01:00 Ralf-Philipp Weinmann No 27c3, Hacking Backdooring Embedded Controllers Want to persistently backdoor a laptop? Backdooring the BIOS is out of the question since your target can dump and diff it? Planting hardware is out of the question as well? Shhhhhhh.. I have something for you: about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4174.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4174-en-the_hidden_nemesis.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4176-de-hacking_ibuttons.mp4 iButtons sind insbesondere wegen ihrer vergleichsweise einfachen und kostengünstigen Ansteuerung weiter verbreitet, als es auf den ersten Blick scheint. Obwohl die Sicherheitsrisiken teilweise mehr als offensichtlich sind, finden sie ihren Einsatz in Anwendungen, die eigentlich einer kryptografisch abgesicherten Lösung bedürfen. Der erste Teil des Vortrags zeigt, welche allgemeinen Sicherheitsprobleme bestehen und wie sich diese auf die Sicherheit der jeweiligen Anwendungen auswirken. Betroffen sind hiervon Wächtersysteme, elektronsiche Türschließanlagen, Kassenschlüsselsysteme / POS Terminals, Fahrkartenautomaten uvm. Neben iButtons, die lediglich statische Seriennummern oder RO/RW-Speicher beinhalten, existieren auch noch verschiedene Crypto iButtons, z.B. mit SHA1 MAC und Challenge-Response-Verfahren. Diese finden vorzugsweise im Micropayment-Bereich Anwendung, wobei die Systeme darauf ausgelegt sind, dass der Geldbetrag nur auf dem iButton selbst gespeichert wird. Ein Beispiel für ein solches System ist Akbil in Istanbul mit mehr als 5 Mio. Teilnehmern. Des weiteren finden sie z.B. Anwendung auf RAID Controllern zwecks Soft Feature Management (z.B. Supermicro). Der Hersteller bedient sich der Security-by-Obscurity-Methode und hält die Datenblätter sowie alle anderen wichtigen Details zurück. Diese iButtons verfügen über mehrere Vorkehrungen, die die Extraktion der 64 Bit großen Schlüssel verhindern sollen. Wir haben mehrere Angriffe entwickelt, die die Extraktion der Schlüssel erlauben, von denen wir die besten Angriffe im Vortrag vorstellen werden. Der beste Angriff lässt sich mit minimalen finanziellen Mitteln in wenigen Minuten durchführen, wobei der eigentliche Berechnungsaufwand pro 64 Bit Schlüssel unter 10 Sekunden liegt. Folien und Kontaktinfos werden morgen verfügbar sein. Slides and contact details will be available tomorrow and I'll translate the slides into english. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4176.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4176-de-hacking_ibuttons.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4176-de-hacking_ibuttons.mp4 2010-12-27T00:00:00+01:00 Christian Brandt No 27c3, Hacking iButtons sind insbesondere wegen ihrer vergleichsweise einfachen und kostengünstigen Ansteuerung weiter verbreitet, als es auf den ersten Blick scheint. Obwohl die Sicherheitsrisiken teilweise mehr als offensichtlich sind, finden sie ihren Einsatz in Anwendungen, die eigentlich einer kryptografisch abgesicherten Lösung bedürfen. Der erste Teil des Vortrags zeigt, welche allgemeinen Sicherheitsprobleme bestehen und wie sich diese auf die Sicherheit der jeweiligen Anwendungen auswirken. Betroffen sind hiervon Wächtersysteme, elektronsiche Türschließanlagen, Kassenschlüsselsysteme / POS Terminals, Fahrkartenautomaten uvm. Neben iButtons, die lediglich statische Seriennummern oder RO/RW-Speicher beinhalten, existieren auch noch verschiedene Crypto iButtons, z.B. mit SHA1 MAC und Challenge-Response-Verfahren. Diese finden vorzugsweise im Micropayment-Bereich Anwendung, wobei die Systeme darauf ausgelegt sind, dass der Geldbetrag nur auf dem iButton selbst gespeichert wird. Ein Beispiel für ein solches System ist Akbil in Istanbul mit mehr als 5 Mio. Teilnehmern. Des weiteren finden sie z.B. Anwendung auf RAID Controllern zwecks Soft Feature Management (z.B. Supermicro). Der Hersteller bedient sich der Security-by-Obscurity-Methode und hält die Datenblätter sowie alle anderen wichtigen Details zurück. Diese iButtons verfügen über mehrere Vorkehrungen, die die Extraktion der 64 Bit großen Schlüssel verhindern sollen. Wir haben mehrere Angriffe entwickelt, die die Extraktion der Schlüssel erlauben, von denen wir die besten Angriffe im Vortrag vorstellen werden. Der beste Angriff lässt sich mit minimalen finanziellen Mitteln in wenigen Minuten durchführen, wobei der eigentliche Berechnungsaufwand pro 64 Bit Schlüssel unter 10 Sekunden liegt. Folien und Kontaktinfos werden morgen verfügbar sein. Slides and contact details will be available tomorrow and I'll translate the slides into english. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4176.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4176-de-hacking_ibuttons.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4183-en-safety_on_open_sea.mp4 In maritime shipping accurate positioning is vital to preserve damage to life, ship, and goods. Today, we might tend to think that this problem is sufficiently solved yet because of the existence of electronic positioning systems like, most notably, the Global Positioning System (GPS) or the Russian counterpart GLONASS. This is wrong. Positions in terms of latitude and longitude just make sense together with an accurate sea chart (and of course, together with a navigator that is able to translate charting data into reality). about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4183.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4183-en-safety_on_open_sea.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4183-en-safety_on_open_sea.mp4 2010-12-29T00:00:00+01:00 Bernhard Fischer No 27c3, Science Safe navigation with the aid of an open sea chart. In maritime shipping accurate positioning is vital to preserve damage to life, ship, and goods. Today, we might tend to think that this problem is sufficiently solved yet because of the existence of electronic positioning systems like, most notably, the Global Positioning System (GPS) or the Russian counterpart GLONASS. This is wrong. Positions in terms of latitude and longitude just make sense together with an accurate sea chart (and of course, together with a navigator that is able to translate charting data into reality). about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4183.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4183-en-safety_on_open_sea.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4203-en-distributed_fpga_number_crunching_for_the_masses.mp4 In 1998, the EFF built "Deep Crack", a machine designed to perform a walk over DES's 56-bit keyspace in nine days, for $250.000. With today's FPGA technology, a cost decrease of 25x can be achieved, as the copacobana project has shown. If that's still too much, two approaches should be considered: Recycling hardware and distributed computing. This talk will be about combining both approaches for the greater good. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4203.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4203-en-distributed_fpga_number_crunching_for_the_masses.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4203-en-distributed_fpga_number_crunching_for_the_masses.mp4 2010-12-28T00:00:00+01:00 Felix Domke No 27c3, Hacking How we obtained the equivalent power of a Deep Crack for a fistful of dollars - and how the community can benefit from this In 1998, the EFF built "Deep Crack", a machine designed to perform a walk over DES's 56-bit keyspace in nine days, for $250.000. With today's FPGA technology, a cost decrease of 25x can be achieved, as the copacobana project has shown. If that's still too much, two approaches should be considered: Recycling hardware and distributed computing. This talk will be about combining both approaches for the greater good. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4203.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4203-en-distributed_fpga_number_crunching_for_the_masses.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4298-de-ccc_jahresrueckblick_2010.mp4 Wir berichten über vergangene Veranstaltungen, Erfa-Aktivitäten, Demonstrationen, Hacks, Medienkontakte, Gerichtsverhandlungen, Lobbyarbeit sowie weiteres Erfreuliches und Ärgerliches des Jahres 2010 keinesfalls objektiv, sondern mit der gewohnten Hackerperspektive. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4298.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4298-de-ccc_jahresrueckblick_2010.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4298-de-ccc_jahresrueckblick_2010.mp4 2010-12-29T00:00:00+01:00 Andreas Bogk, Andy Müller-Maguhn, Constanze Kurz, Frank Rieger No 27c3, Community Wir berichten über vergangene Veranstaltungen, Erfa-Aktivitäten, Demonstrationen, Hacks, Medienkontakte, Gerichtsverhandlungen, Lobbyarbeit sowie weiteres Erfreuliches und Ärgerliches des Jahres 2010 keinesfalls objektiv, sondern mit der gewohnten Hackerperspektive. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4298.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4298-de-ccc_jahresrueckblick_2010.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4187-en-your_infrastructure_will_kill_you.mp4 The past century our infrastructure has seen both massive expansion and heavy centralization. When it fails, it fails big -- this is the reality of our modern interconnectedness. We live in a world of crumbling bridges and bankrupt states, and our infrastructure will kill us. The people we’re relying on to keep us safe are trying to accomplish long-term risk management with short-term thinking. So, what now? We can't opt out, but we can become more resilient, and we can start thinking about risk differently. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4187.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4187-en-your_infrastructure_will_kill_you.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4187-en-your_infrastructure_will_kill_you.mp4 2010-12-29T00:00:00+01:00 Eleanor Saitta No 27c3, Society The past century our infrastructure has seen both massive expansion and heavy centralization. When it fails, it fails big -- this is the reality of our modern interconnectedness. We live in a world of crumbling bridges and bankrupt states, and our infrastructure will kill us. The people we’re relying on to keep us safe are trying to accomplish long-term risk management with short-term thinking. So, what now? We can't opt out, but we can become more resilient, and we can start thinking about risk differently. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4187.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4187-en-your_infrastructure_will_kill_you.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4190-en-data_retention_in_the_eu.mp4 2011 will again be a crucial year in the battle against data retention and blanket surveillance. The EU Commission is planning to publish its review of the directive in December (right in time before 27C3), and the lobbying and PR battle has already begun. In six months from now, we will see the legislative proposal from the EU commission for the revision of data retention. The talk will give a full picture of the legal state of play, what is going on in Brussels, what is already being done and of course where you can help. The speakers are closely involved in the process on the European and national level. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4190.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4190-en-data_retention_in_the_eu.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4190-en-data_retention_in_the_eu.mp4 2010-12-27T00:00:00+01:00 axel, Katarzyna Szymielewicz, Patrick Breyer, Ralf Bendrath No 27c3, Society Why the time is now to get active 2011 will again be a crucial year in the battle against data retention and blanket surveillance. The EU Commission is planning to publish its review of the directive in December (right in time before 27C3), and the lobbying and PR battle has already begun. In six months from now, we will see the legislative proposal from the EU commission for the revision of data retention. The talk will give a full picture of the legal state of play, what is going on in Brussels, what is already being done and of course where you can help. The speakers are closely involved in the process on the European and national level. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4190.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4190-en-data_retention_in_the_eu.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4195-de-literarischer_abend.mp4 Ein literarischer Abend im Quartett. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4195.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4195-de-literarischer_abend.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4195-de-literarischer_abend.mp4 2010-12-28T00:00:00+01:00 Andreas Lehner, Lars No 27c3, Community Ein literarischer Abend im Quartett. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4195.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4195-de-literarischer_abend.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4208-en-wideband_gsm_sniffing.mp4 GSM is still the most widely used security technology in the world with a user base of 5 billion and a quickly growing number of critical applications. 26C3's rainbow table attack on GSM's A5/1 encryption convinced many users that GSM calls should be considered unprotected. The network operators, however, have not woken up to the threat yet. Perhaps the new capabilities to be unleashed this year – like wide-band sniffing and real-time signal processing – will wake them up. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4208.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4208-en-wideband_gsm_sniffing.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4208-en-wideband_gsm_sniffing.mp4 2010-12-28T00:00:00+01:00 Karsten Nohl, Sylvain Munaut No 27c3, Hacking GSM is still the most widely used security technology in the world with a user base of 5 billion and a quickly growing number of critical applications. 26C3's rainbow table attack on GSM's A5/1 encryption convinced many users that GSM calls should be considered unprotected. The network operators, however, have not woken up to the threat yet. Perhaps the new capabilities to be unleashed this year – like wide-band sniffing and real-time signal processing – will wake them up. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4208.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4208-en-wideband_gsm_sniffing.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4230-de-security_nightmares.mp4 Was hat sich im letzten Jahr im Bereich IT-Sicherheit getan? Welche neuen Entwicklungen haben sich ergeben? Welche neuen Buzzwords und Trends waren zu sehen? about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4230.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4230-de-security_nightmares.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4230-de-security_nightmares.mp4 2010-12-30T00:00:00+01:00 Frank Rieger, Ron No 27c3, Community Was hat sich im letzten Jahr im Bereich IT-Sicherheit getan? Welche neuen Entwicklungen haben sich ergeben? Welche neuen Buzzwords und Trends waren zu sehen? about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4230.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4230-de-security_nightmares.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4234-en-usb_and_libusb.mp4 Learn about the benefits and limitations of Universal Serial Bus, how communication works on the bus, how and why the right (and sometimes wrong?) driver can be loaded automatically by the operating system, and find out the easiest way to add USB to your washing machine, toaster, or other favorite appliance. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4234.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4234-en-usb_and_libusb.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4234-en-usb_and_libusb.mp4 2010-12-27T00:00:00+01:00 Peter Stuge No 27c3, Making So much more than a serial port with power Learn about the benefits and limitations of Universal Serial Bus, how communication works on the bus, how and why the right (and sometimes wrong?) driver can be loaded automatically by the operating system, and find out the easiest way to add USB to your washing machine, toaster, or other favorite appliance. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4234.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4234-en-usb_and_libusb.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4236-en-international_cyber_jurisdiction.mp4 Concepts of sovereignty, freedom, privacy and intellectual property become amorphous when discussing territories that only exists as far as the Internet connects. International cyber jurisdiction is supported by a complicated web of international law and treaties. Jurisdiction hopping, a technique that is becoming popular for controversial content, is one we have used for the U.S. 1st Amendment censorship-resistant and non-profit hosting company, Project DOD, by using PRQ's services in Sweden. This technique is used to place assets in a diverse, but accessible, web of countries in which that content may be legal in the hosting country, but may have legal complications in the country in which it is accessed. As ownership and protection of property becomes a concept that is difficult to maintain across boundaries that are not easily distinguishable, can the U.S. "kill-switch" parts of the Internet and under what authority can it be done? Similarly, the geographic challenges to international cyber criminal law – and the feasibility of new sovereign nations – will be analyzed. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4236.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4236-en-international_cyber_jurisdiction.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4236-en-international_cyber_jurisdiction.mp4 2010-12-30T00:00:00+01:00 TiffanyRad No 27c3, Society Kill Switching” Cyberspace, Cyber Criminal Prosecution & Jurisdiction Hopping Concepts of sovereignty, freedom, privacy and intellectual property become amorphous when discussing territories that only exists as far as the Internet connects. International cyber jurisdiction is supported by a complicated web of international law and treaties. Jurisdiction hopping, a technique that is becoming popular for controversial content, is one we have used for the U.S. 1st Amendment censorship-resistant and non-profit hosting company, Project DOD, by using PRQ's services in Sweden. This technique is used to place assets in a diverse, but accessible, web of countries in which that content may be legal in the hosting country, but may have legal complications in the country in which it is accessed. As ownership and protection of property becomes a concept that is difficult to maintain across boundaries that are not easily distinguishable, can the U.S. "kill-switch" parts of the Internet and under what authority can it be done? Similarly, the geographic challenges to international cyber criminal law – and the feasibility of new sovereign nations – will be analyzed. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4236.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4236-en-international_cyber_jurisdiction.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4239-en-lightning_talks_d3.mp4 4 minutes for every speaker. Learn about the good, the bad, and the ugly - in software, hardware, projects, and more. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4239.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4239-en-lightning_talks_d3.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4239-en-lightning_talks_d3.mp4 2010-12-29T00:00:00+01:00 Nick Farr No 27c3, Community where is my community? 4 minutes for every speaker. Learn about the good, the bad, and the ugly - in software, hardware, projects, and more. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4239.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4239-en-lightning_talks_d3.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4252-de-von_zensursula_ueber_censilia_zum_kindernet.mp4 Nach Zensursula kam Censilia und das Kindernet: 2010 brachte nach den hitzigen Diskussionen um Internet-Sperren und das Zugangserschwerungsgesetz einige neue Entwicklungen – und die Rundfunkkommission der Länder wollte mal wieder den Jugendschutz im Internet angehen. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4252.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4252-de-von_zensursula_ueber_censilia_zum_kindernet.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4252-de-von_zensursula_ueber_censilia_zum_kindernet.mp4 2010-12-27T00:00:00+01:00 Alvar C. H. Freude No 27c3, Society Jahresrückblick rund um Internet-Sperren, Sendezeitbegrenzungen im Internet und vermeintlichen Jugendschutz Nach Zensursula kam Censilia und das Kindernet: 2010 brachte nach den hitzigen Diskussionen um Internet-Sperren und das Zugangserschwerungsgesetz einige neue Entwicklungen – und die Rundfunkkommission der Länder wollte mal wieder den Jugendschutz im Internet angehen. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4252.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4252-de-von_zensursula_ueber_censilia_zum_kindernet.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4253-en-pentanews_game_show.mp4 Out of the news section of the [C3D2](http://www.c3d2.de "CCC Dresden") [radio programme](http://www.pentamedia.org/pentaradio Pentaradio24) we've compiled an entertaining game show, an Internet-based multiplayer "Who becomes millionaire?" challenge. The audience and folks on the peace missions are asked to help the players. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4253.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4253-en-pentanews_game_show.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4253-en-pentanews_game_show.mp4 2010-12-27T00:00:00+01:00 Alien8, Astro No 27c3, Community Your opponents will be riddled as well Out of the news section of the [C3D2](http://www.c3d2.de "CCC Dresden") [radio programme](http://www.pentamedia.org/pentaradio Pentaradio24) we've compiled an entertaining game show, an Internet-based multiplayer "Who becomes millionaire?" challenge. The audience and folks on the peace missions are asked to help the players. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4253.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4253-en-pentanews_game_show.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4265-en-hacking_smart_phones.mp4 There's been a fair bit written and presented about smartphone's, and yet, when it comes to the attack surface of the operating systems running on them, and the applications running on top of those, much still has to be explorer. This talk will dive a bit deeper into that attack surface. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4265.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4265-en-hacking_smart_phones.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4265-en-hacking_smart_phones.mp4 2010-12-27T00:00:00+01:00 Ilja van Sprundel No 27c3, Hacking expanding the attack surface and then some There's been a fair bit written and presented about smartphone's, and yet, when it comes to the attack surface of the operating systems running on them, and the applications running on top of those, much still has to be explorer. This talk will dive a bit deeper into that attack surface. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4265.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4265-en-hacking_smart_phones.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4299-en-closing_event.mp4 nil about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4299.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4299-en-closing_event.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4299-en-closing_event.mp4 2010-12-30T00:00:00+01:00 Frank Rieger No 27c3, Community nil about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4299.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4299-en-closing_event.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4338-de-wikileaks_und_mehr.mp4 Als kurzfristiger Ersatz für eine ausgefallenen Vortrag wurde die Entwicklung von Wikileaks kurz nachgezeichnet, bis hin zu den derzeit entstehenden weiteren Leaking-Plattformen. Im Mittelpunkt stand die Frage welchen Nutzen Wikileaks & Co. für Whistleblower bieten, welche Voraussetzungen für ihre anonyme Nutzung bestehen und wie die Entwicklung weitergehen wird. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4338.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4338-de-wikileaks_und_mehr.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4338-de-wikileaks_und_mehr.mp4 2010-12-28T00:00:00+01:00 Guido Strack No 27c3, Society Eine Whistleblowerperspektive auf Leaking-Plattformen Als kurzfristiger Ersatz für eine ausgefallenen Vortrag wurde die Entwicklung von Wikileaks kurz nachgezeichnet, bis hin zu den derzeit entstehenden weiteren Leaking-Plattformen. Im Mittelpunkt stand die Frage welchen Nutzen Wikileaks & Co. für Whistleblower bieten, welche Voraussetzungen für ihre anonyme Nutzung bestehen und wie die Entwicklung weitergehen wird. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4338.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4338-de-wikileaks_und_mehr.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4055-en-terrorists_win_exploiting_telecommunications_data.mp4 Telecommunications data retention (TDR) has become a reality in most Western countries. Protagonists claim that the collection of massive amounts of data on the communication behavior of all individuals within a country would enable law enforcement agencies to exploit patterns in the stored data to uncover connections between suspects. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4055.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4055-en-terrorists_win_exploiting_telecommunications_data.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4055-en-terrorists_win_exploiting_telecommunications_data.mp4 2010-12-29T00:00:00+01:00 Kay Hamacher, Stefan Katzenbeisser No 27c3, Science Telecommunications data retention (TDR) has become a reality in most Western countries. Protagonists claim that the collection of massive amounts of data on the communication behavior of all individuals within a country would enable law enforcement agencies to exploit patterns in the stored data to uncover connections between suspects. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4055.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4055-en-terrorists_win_exploiting_telecommunications_data.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4060-en-attacking_mobile_phones.mp4 Smart phones, everybody has a smart phone! No! Just about 16% of all mobile phones are smart phones! Feature phones are the most common type of mobile phone in the world. Some time ago we decided to investigate the security of feature phones. In this talk we show how we analyzed feature phones for SMS security issues. We show our results and the kind of attacks that are possible with our bugs. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4060.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4060-en-attacking_mobile_phones.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4060-en-attacking_mobile_phones.mp4 2010-12-27T00:00:00+01:00 Collin Mulliner, Nico Golde No 27c3, Hacking From analyzing to attacking mobile phones on a large scale. Smart phones, everybody has a smart phone! No! Just about 16% of all mobile phones are smart phones! Feature phones are the most common type of mobile phone in the world. Some time ago we decided to investigate the security of feature phones. In this talk we show how we analyzed feature phones for SMS security issues. We show our results and the kind of attacks that are possible with our bugs. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4060.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4060-en-attacking_mobile_phones.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4085-de-digitale_spaltung_per_gesetz.mp4 Hartz IV-Empfangende brauchen keine internetfähigen Computer, weil sie Fernseher haben. Dieser Ansicht sind deutsche Sozialgerichte und forcieren damit eine digitale Spaltung per Gesetz. Im Zeitalter der digitalen Informations- und Kommunikationsgesellschaft mutet dieser Umstand absurd an, aber eine breite öffentlichkeitswirksame Debatte steht bisher aus. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4085.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4085-de-digitale_spaltung_per_gesetz.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4085-de-digitale_spaltung_per_gesetz.mp4 2010-12-29T00:00:00+01:00 Betje Schwarz, Doris Gerbig, Kathrin Englert No 27c3, Society Das Internet und geschaffene soziale Ungleichheit im Alltag von Erwerbslosen Hartz IV-Empfangende brauchen keine internetfähigen Computer, weil sie Fernseher haben. Dieser Ansicht sind deutsche Sozialgerichte und forcieren damit eine digitale Spaltung per Gesetz. Im Zeitalter der digitalen Informations- und Kommunikationsgesellschaft mutet dieser Umstand absurd an, aber eine breite öffentlichkeitswirksame Debatte steht bisher aus. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4085.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4085-de-digitale_spaltung_per_gesetz.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4096-en-code_deobfuscation_by_optimization.mp4 Optimization algorithms present an effective way for removing most obfuscations that are used today. Much of the compiler theory can be applied in removing obfuscations and building fast and reliable deobfuscation systems. By understanding traditional optimization problems and techniques it is possible to develop and customize compiler optimization algorithms for usage in binary deobfuscation/analysis. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4096.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4096-en-code_deobfuscation_by_optimization.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4096-en-code_deobfuscation_by_optimization.mp4 2010-12-27T00:00:00+01:00 Branko Spasojevic No 27c3, Hacking Optimization algorithms present an effective way for removing most obfuscations that are used today. Much of the compiler theory can be applied in removing obfuscations and building fast and reliable deobfuscation systems. By understanding traditional optimization problems and techniques it is possible to develop and customize compiler optimization algorithms for usage in binary deobfuscation/analysis. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4096.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4096-en-code_deobfuscation_by_optimization.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4099-en-file_print_electronics.mp4 Are you ready to wake up from the cult of Arduino? Tired of plugging together black-box pre-built modules like a mindless drone, copying and pasting in code you found on Hackaday? You've soldered together your TV-Be-Gone, built your fifth Minty Boost, and your bench is awash with discarded Adafruit packaging and Make magazines. It's time to stop this passive consumption. It's time to create something that is truly yours. It's time, my friend, to design your first circuit board. And you'll need a machine to print it. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4099.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4099-en-file_print_electronics.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4099-en-file_print_electronics.mp4 2010-12-28T00:00:00+01:00 Jeff Gough No 27c3, Making A new circuit board printer will liberate you from the Arduino-Industrial Complex Are you ready to wake up from the cult of Arduino? Tired of plugging together black-box pre-built modules like a mindless drone, copying and pasting in code you found on Hackaday? You've soldered together your TV-Be-Gone, built your fifth Minty Boost, and your bench is awash with discarded Adafruit packaging and Make magazines. It's time to stop this passive consumption. It's time to create something that is truly yours. It's time, my friend, to design your first circuit board. And you'll need a machine to print it. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4099.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4099-en-file_print_electronics.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4121-en-is_the_ssliverse_a_safe_place.mp4 The EFF SSL Observatory has collected a dataset of all TLS/HTTPS certificates visible on the public web. We discuss this dataset - what we have learned from it, how you can use it, and how intend to offer a live, continually updated version of it. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4121.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4121-en-is_the_ssliverse_a_safe_place.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4121-en-is_the_ssliverse_a_safe_place.mp4 2010-12-28T00:00:00+01:00 Jesse, Peter Eckersley No 27c3, Community An update on EFF's SSL Observatory project The EFF SSL Observatory has collected a dataset of all TLS/HTTPS certificates visible on the public web. We discuss this dataset - what we have learned from it, how you can use it, and how intend to offer a live, continually updated version of it. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4121.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4121-en-is_the_ssliverse_a_safe_place.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4123-en-defense_is_not_dead.mp4 The security model of our current computer architectures - kernel in ring 0, processes in ring 3 - goes back to the early 70s. However, science hasn't stopped. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4123.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4123-en-defense_is_not_dead.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4123-en-defense_is_not_dead.mp4 2010-12-28T00:00:00+01:00 Andreas Bogk No 27c3, Hacking Why we will have more secure computers - tomorrow The security model of our current computer architectures - kernel in ring 0, processes in ring 3 - goes back to the early 70s. However, science hasn't stopped. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4123.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4123-en-defense_is_not_dead.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4124-en-three_jobs_that_journalists_will_do_in_2050.mp4 Print media are dying, but what is rising up to take their place? In this presentation, I'll answer that question by describing three new kinds of jobs for journalists that do not exist in mainstream print media. These jobs are: hacker journalist, data-mining reporter, and crowd engineer. I'll be describing what these jobs entail, and current examples of organizations already employing people to do them. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4124.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4124-en-three_jobs_that_journalists_will_do_in_2050.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4124-en-three_jobs_that_journalists_will_do_in_2050.mp4 2010-12-30T00:00:00+01:00 Annalee Newitz No 27c3, Society Why future media may be more powerful (and more subversive) than ever before Print media are dying, but what is rising up to take their place? In this presentation, I'll answer that question by describing three new kinds of jobs for journalists that do not exist in mainstream print media. These jobs are: hacker journalist, data-mining reporter, and crowd engineer. I'll be describing what these jobs entail, and current examples of organizations already employing people to do them. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4124.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4124-en-three_jobs_that_journalists_will_do_in_2050.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4142-en-nodejs_as_a_networking_tool.mp4 Node.js is a library that provides non-blocking I/O for Google's V8 JavaScript engine. This talk explores node's suitability for a diverse range of networking applications. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4142.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4142-en-nodejs_as_a_networking_tool.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4142-en-nodejs_as_a_networking_tool.mp4 2010-12-28T00:00:00+01:00 Felix Geisendörfer No 27c3, Hacking Node.js is a library that provides non-blocking I/O for Google's V8 JavaScript engine. This talk explores node's suitability for a diverse range of networking applications. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4142.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4142-en-nodejs_as_a_networking_tool.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4143-en-parttimescientists.mp4 The Part-Time Scientists is an international team of Scientists and Engineers participating in the first private race to the moon, the Google Lunar X-Prize. Our approach to win this competition is quite unique as everyone involved really is a part-time scientist. In our presentation we will present our latest lunar rover, lander, electronic and communications developments. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4143.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4143-en-parttimescientists.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4143-en-parttimescientists.mp4 2010-12-28T00:00:00+01:00 Karsten Becker, Robert Boehme No 27c3, Hacking One year of Rocket Science! The Part-Time Scientists is an international team of Scientists and Engineers participating in the first private race to the moon, the Google Lunar X-Prize. Our approach to win this competition is quite unique as everyone involved really is a part-time scientist. In our presentation we will present our latest lunar rover, lander, electronic and communications developments. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4143.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4143-en-parttimescientists.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4149-en-i_control_your_code.mp4 Unsafe languages and an arms race for new bugs calls for an additional line of defense in software systems. User-space virtualization uses dynamic instrumentation to detect different attack vectors and protects from the execution of malicious code. An additional advantage of these virtualization systems is that they can be used to analyze different exploits step by step and to extract the exploit code from a running program. This talk explains the concept of different attack vectors (stack buffer overflows, format string attacks, return to libc attacks, race attacks / TOCTTOU, integer overflows, heap buffer overflows, and code anomalies). For each of these attack vectors we show possible exploits and explain how the virtualization system is able to detect and prevent the exploit. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4149.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4149-en-i_control_your_code.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4149-en-i_control_your_code.mp4 2010-12-28T00:00:00+01:00 Mathias Payer No 27c3, Hacking Attack Vectors Through the Eyes of Software-based Fault Isolation Unsafe languages and an arms race for new bugs calls for an additional line of defense in software systems. User-space virtualization uses dynamic instrumentation to detect different attack vectors and protects from the execution of malicious code. An additional advantage of these virtualization systems is that they can be used to analyze different exploits step by step and to extract the exploit code from a running program. This talk explains the concept of different attack vectors (stack buffer overflows, format string attacks, return to libc attacks, race attacks / TOCTTOU, integer overflows, heap buffer overflows, and code anomalies). For each of these attack vectors we show possible exploits and explain how the virtualization system is able to detect and prevent the exploit. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4149.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4149-en-i_control_your_code.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4160-en-automatic_identification_cryptographic_primitives.mp4 In this talk I demonstrate our research and the implementation of methods to detect cryptographic algorithms and their parameters in software. Based on our observations on cryptographic code, I will point out several inherent characteristics to design signature-based and generic identification methods. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4160.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4160-en-automatic_identification_cryptographic_primitives.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4160-en-automatic_identification_cryptographic_primitives.mp4 2010-12-27T00:00:00+01:00 Felix Gröbert No 27c3, Hacking In this talk I demonstrate our research and the implementation of methods to detect cryptographic algorithms and their parameters in software. Based on our observations on cryptographic code, I will point out several inherent characteristics to design signature-based and generic identification methods. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4160.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4160-en-automatic_identification_cryptographic_primitives.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-3952-en-running_your_own_gsm_stack_on_a_phone_osmocombb.mp4 In recent years, we have seen several Free Software projects implementing the network side of the GSM protocol. In 2010, OsmocomBB was started to create a free software implementation of the telephone-side. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/3952.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-3952-en-running_your_own_gsm_stack_on_a_phone_osmocombb.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-3952-en-running_your_own_gsm_stack_on_a_phone_osmocombb.mp4 2010-12-29T00:00:00+01:00 Harald Welte, Steve Markgraf No 27c3, Hacking Introducing Project OsmocomBB In recent years, we have seen several Free Software projects implementing the network side of the GSM protocol. In 2010, OsmocomBB was started to create a free software implementation of the telephone-side. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/3952.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-3952-en-running_your_own_gsm_stack_on_a_phone_osmocombb.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-3983-en-hackers_and_computer_science.mp4 Although most academics and industry practitioners regard "hacking" as mostly ad-hoc, a loose collection of useful tricks essentially random in nature, I will argue that hacking has in fact become a "distinct research and engineering discipline" with deep underlying engineering ideas and insights. Although not yet formally defined as such, it are these ideas and insights that drive the great contributions that hacking has been making to our understanding of computing, including the challenges of handling complexity, composition, and security in complex systems. I will argue that hacking uncovers and helps to understand (and teach) fundamental issues that go to the heart of Computer Science as we know it, and will try to formulate several such fundamental principles which I have learned from hacker research. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/3983.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-3983-en-hackers_and_computer_science.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-3983-en-hackers_and_computer_science.mp4 2010-12-30T00:00:00+01:00 Sergey No 27c3, Hacking Although most academics and industry practitioners regard "hacking" as mostly ad-hoc, a loose collection of useful tricks essentially random in nature, I will argue that hacking has in fact become a "distinct research and engineering discipline" with deep underlying engineering ideas and insights. Although not yet formally defined as such, it are these ideas and insights that drive the great contributions that hacking has been making to our understanding of computing, including the challenges of handling complexity, composition, and security in complex systems. I will argue that hacking uncovers and helps to understand (and teach) fundamental issues that go to the heart of Computer Science as we know it, and will try to formulate several such fundamental principles which I have learned from hacker research. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/3983.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-3983-en-hackers_and_computer_science.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4003-en-cybernetics_for_the_masses.mp4 Lightning talk on biohacking, complete with cyborg speaker, implant demonstrations, and knowledge of how to hack your own perception of electromagnetic radiation for approximately thirty Euros. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4003.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4003-en-cybernetics_for_the_masses.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4003-en-cybernetics_for_the_masses.mp4 2010-12-30T00:00:00+01:00 Lepht Anonym No 27c3, Hacking implants, sensory extension and silicon - all for you! Lightning talk on biohacking, complete with cyborg speaker, implant demonstrations, and knowledge of how to hack your own perception of electromagnetic radiation for approximately thirty Euros. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4003.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4003-en-cybernetics_for_the_masses.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4006-en-diy_synthesizers_and_sound_generators.mp4 At least if you have used all the features of a synthesizer, you probably ask the questions: "How can I modify it? How can I build a synthesizer myself? What features do I personally need?" This talk covers this topic from a theoretical and technical point of view. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4006.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4006-en-diy_synthesizers_and_sound_generators.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4006-en-diy_synthesizers_and_sound_generators.mp4 2010-12-29T00:00:00+01:00 Sylwester No 27c3, Making Where does the sound come from? At least if you have used all the features of a synthesizer, you probably ask the questions: "How can I modify it? How can I build a synthesizer myself? What features do I personally need?" This talk covers this topic from a theoretical and technical point of view. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4006.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4006-en-diy_synthesizers_and_sound_generators.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4017-en-desktop_on_the_linux.mp4 Time to take a look back and under the hood of the current state of FOSS based desktops: The Good, The Bad and The Ugly – Bloat, strange APIs, too much complexity. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4017.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4017-en-desktop_on_the_linux.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4017-en-desktop_on_the_linux.mp4 2010-12-27T00:00:00+01:00 datenwolf No 27c3, Community you're doing it confused? weird? strange? wrong? Time to take a look back and under the hood of the current state of FOSS based desktops: The Good, The Bad and The Ugly – Bloat, strange APIs, too much complexity. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4017.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4017-en-desktop_on_the_linux.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4036-en-reverse_engineering_a_real_word_rfid_payment_system.mp4 How to reverse engineer the data format of a real-world RFID based debit card system. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4036.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4036-en-reverse_engineering_a_real_word_rfid_payment_system.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4036-en-reverse_engineering_a_real_word_rfid_payment_system.mp4 2010-12-29T00:00:00+01:00 Harald Welte No 27c3, Hacking Corporations enabling citizens to print digital money How to reverse engineer the data format of a real-world RFID based debit card system. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4036.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4036-en-reverse_engineering_a_real_word_rfid_payment_system.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4046-en-all_colours_are_beautiful.mp4 Starting in the beginning of August 2010 and lasting until the mid of November, the project AllColoursAreBeautiful by the Munich chapter of the Chaos Computer Club was serving as a platform for interested people on the world to illuminate, animate and interact with the front of a vacant department store in Munich. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4046.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4046-en-all_colours_are_beautiful.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4046-en-all_colours_are_beautiful.mp4 2010-12-27T00:00:00+01:00 Franz Pletz, lilafisch No 27c3, Community interactive light installation inspired by blinkenlights Starting in the beginning of August 2010 and lasting until the mid of November, the project AllColoursAreBeautiful by the Munich chapter of the Chaos Computer Club was serving as a platform for interested people on the world to illuminate, animate and interact with the front of a vacant department store in Munich. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4046.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4046-en-all_colours_are_beautiful.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4070-de-fnord_jahresrueckblick.mp4 Auch dieses Jahr werden wir uns wieder bemühen, Euch mit einem Rückblick auf die Fnords des Jahres zu unterhalten. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4070.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4070-de-fnord_jahresrueckblick.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4070-de-fnord_jahresrueckblick.mp4 2010-12-29T00:00:00+01:00 Felix von Leitner, Frank Rieger No 27c3, Society von Atomausstieg bis Zwangsintegration Auch dieses Jahr werden wir uns wieder bemühen, Euch mit einem Rückblick auf die Fnords des Jahres zu unterhalten. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4070.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4070-de-fnord_jahresrueckblick.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4073-de-logikschaltungen_ohne_elektronik.mp4 Ein kurzer Überblick über mechanische und strömungstechnische Logikschaltungen und Computer about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4073.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4073-de-logikschaltungen_ohne_elektronik.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4073-de-logikschaltungen_ohne_elektronik.mp4 2010-12-28T00:00:00+01:00 Äpex, xif No 27c3, Making logische Schaltungen mit Pneumatik Ein kurzer Überblick über mechanische und strömungstechnische Logikschaltungen und Computer about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4073.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4073-de-logikschaltungen_ohne_elektronik.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4081-de-netzmedienrecht_lobbyismus_korruption.mp4 Die Mediennutzung, aber auch ihre Verwaltung und Vergütung, also ihr Management, müssen an eine digitale Netzwelt angepasst werden. Wie ist der Stand der juristischen Auseinandersetzung um die Rechte von Urhebern, Verwertern und Nutzern von Medieninhalten? Wie und wo setzen sich starke Wirtschaftsinteressen mit Lobbygruppen durch? about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4081.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4081-de-netzmedienrecht_lobbyismus_korruption.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4081-de-netzmedienrecht_lobbyismus_korruption.mp4 2010-12-28T00:00:00+01:00 Thomas Barth No 27c3, Society Wie wirkt die Lobby von Medienkonzernen? Die Mediennutzung, aber auch ihre Verwaltung und Vergütung, also ihr Management, müssen an eine digitale Netzwelt angepasst werden. Wie ist der Stand der juristischen Auseinandersetzung um die Rechte von Urhebern, Verwertern und Nutzern von Medieninhalten? Wie und wo setzen sich starke Wirtschaftsinteressen mit Lobbygruppen durch? about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4081.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4081-de-netzmedienrecht_lobbyismus_korruption.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4084-en-ignorance_and_peace_narratives_in_cyberspace.mp4 This paper explores the challenges of being proactive with existing and future data mining possibilities when facing the realities of institutional expectations for assessment and when facing the fact that one’s own understanding of cyber capabilities is less than ideal. This paper discusses the current assessment cyber resources, trends, and pressures within USA academic institutions and the challenges of reactive/proactive labor in the midst of multiple levels of technological/informational literacies amongst administrators. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4084.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4084-en-ignorance_and_peace_narratives_in_cyberspace.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4084-en-ignorance_and_peace_narratives_in_cyberspace.mp4 2010-12-29T00:00:00+01:00 Angela Crow No 27c3, Society Cloud Computing, Assessment, and Fools like Me. This paper explores the challenges of being proactive with existing and future data mining possibilities when facing the realities of institutional expectations for assessment and when facing the fact that one’s own understanding of cyber capabilities is less than ideal. This paper discusses the current assessment cyber resources, trends, and pressures within USA academic institutions and the challenges of reactive/proactive labor in the midst of multiple levels of technological/informational literacies amongst administrators. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4084.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4084-en-ignorance_and_peace_narratives_in_cyberspace.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4087-en-console_hacking_2010.mp4 Over 70 million Wiis, over 40 million Xbox 360s and over 35 million Playstation 3s have been sold in the last few years. That makes over 145 million embedded devices out there and most of them are just used to play games. But what can you do with them if you don't like playing games? You hack them to make them run your own code of course! We're going to talk about the various hacks that you can use to gain control of your hardware and make it do what you want it to do. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4087.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4087-en-console_hacking_2010.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4087-en-console_hacking_2010.mp4 2010-12-29T00:00:00+01:00 bushing, marcan, sven No 27c3, Hacking PS3 Epic Fail Over 70 million Wiis, over 40 million Xbox 360s and over 35 million Playstation 3s have been sold in the last few years. That makes over 145 million embedded devices out there and most of them are just used to play games. But what can you do with them if you don't like playing games? You hack them to make them run your own code of course! We're going to talk about the various hacks that you can use to gain control of your hardware and make it do what you want it to do. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4087.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4087-en-console_hacking_2010.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4090-en-baseband_apocalypse.mp4 Attack scenarios against mobile phones have thus far concentrated on the application processor. The operating systems running on these processors are getting hardened by vendors as can be seen in the case of Apple's iOS -- the current release uses data execution prevention and code signing. In contrast, the GSM stack running on the baseband processor is neglected. The advent of open-source solutions such as OpenBSC and OpenBTS for running GSM base stations is a game-changer: Malicious base stations are not within the attack model assumed by the GSMA and ETSI. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4090.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4090-en-baseband_apocalypse.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4090-en-baseband_apocalypse.mp4 2010-12-28T00:00:00+01:00 Ralf-Philipp Weinmann No 27c3, Hacking all your baseband are belong to us Attack scenarios against mobile phones have thus far concentrated on the application processor. The operating systems running on these processors are getting hardened by vendors as can be seen in the case of Apple's iOS -- the current release uses data execution prevention and code signing. In contrast, the GSM stack running on the baseband processor is neglected. The advent of open-source solutions such as OpenBSC and OpenBTS for running GSM base stations is a game-changer: Malicious base stations are not within the attack model assumed by the GSMA and ETSI. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4090.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4090-en-baseband_apocalypse.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4094-de-netzneutralitaet_und_qos.mp4 Geht es mit der Netzneutralität zu Ende? Was haben wir den Lobbyisten und PR-Leuten der Telekommunikationsunternehmen argumentativ entgegenzusetzen? Was sind die Fakten, was gehört ins Reich der Mythen? about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4094.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4094-de-netzneutralitaet_und_qos.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4094-de-netzneutralitaet_und_qos.mp4 2010-12-27T00:00:00+01:00 Andreas Bogk, Falk Lüke, scusi, Uli Blumenthal No 27c3, Society Fakten auf den Tisch Geht es mit der Netzneutralität zu Ende? Was haben wir den Lobbyisten und PR-Leuten der Telekommunikationsunternehmen argumentativ entgegenzusetzen? Was sind die Fakten, was gehört ins Reich der Mythen? about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4094.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4094-de-netzneutralitaet_und_qos.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4098-en-tor_is_peace_software_freedom_is_slavery.mp4 The Internet began as state-sponsored anarchy, but it is now the tool of first resort for dissidents and propagandists alike. The poster-child project of the Free Software Movement runs on the authority of a single person; the rest clash over the very definition of the word 'free'. A company which pictured itself as smashing Big Brother is now seen as one of the perceived secretive and authoritarian in the industry; and for another, 'Don't Be Evil' is proving to be a challenging motto to live by. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4098.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4098-en-tor_is_peace_software_freedom_is_slavery.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4098-en-tor_is_peace_software_freedom_is_slavery.mp4 2010-12-30T00:00:00+01:00 Adam No 27c3, Society The political philosophy of the Internet The Internet began as state-sponsored anarchy, but it is now the tool of first resort for dissidents and propagandists alike. The poster-child project of the Free Software Movement runs on the authority of a single person; the rest clash over the very definition of the word 'free'. A company which pictured itself as smashing Big Brother is now seen as one of the perceived secretive and authoritarian in the industry; and for another, 'Don't Be Evil' is proving to be a challenging motto to live by. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4098.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4098-en-tor_is_peace_software_freedom_is_slavery.html http://koeln.media.ccc.de/media/congress/2010/27c3-4141-de-hacker_jeopardy_aac.mp4 The Hacker Jeopardy is a quiz show. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4141.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4141-de-hacker_jeopardy.html Wed, 29 Dec 2010 00:00:00 +0100 http://koeln.media.ccc.de/media/congress/2010/27c3-4141-de-hacker_jeopardy_aac.mp4 2010-12-29T00:00:00+01:00 Ray, Stefan 'Sec' Zehl No 27c3, Community Number guessing for geeks The Hacker Jeopardy is a quiz show. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4141.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4141-de-hacker_jeopardy.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4181-en-sip_home_gateways_under_fire.mp4 The SIP home gateway -- which combines a NAT router, a SIP proxy, and analogue phone adapters -- is the weakest link in a Voice over IP network. SIP's numerous source routing mechanisms share the well-known security weaknesses of IP source routing. The talk discusses possible exploits and countermeasures. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4181.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4181-en-sip_home_gateways_under_fire.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4181-en-sip_home_gateways_under_fire.mp4 2010-12-29T00:00:00+01:00 Wolfgang Beck No 27c3, Hacking Source routing attacks applied to SIP The SIP home gateway -- which combines a NAT router, a SIP proxy, and analogue phone adapters -- is the weakest link in a Voice over IP network. SIP's numerous source routing mechanisms share the well-known security weaknesses of IP source routing. The talk discusses possible exploits and countermeasures. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4181.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4181-en-sip_home_gateways_under_fire.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4209-en-zero_sized_heap_allocations_vulnerability_analysis.mp4 The dynamic memory allocator is a fundamental component of modern operating systems, and one of the most important sources of security vulnerabilities. In this presentation, we emphasize on a particular weakness of the heap management that has proven to be the root cause of many escalation of privilege bugs in the windows kernel and other critical remote vulnerabilities in user-land applications. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4209.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4209-en-zero_sized_heap_allocations_vulnerability_analysis.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4209-en-zero_sized_heap_allocations_vulnerability_analysis.mp4 2010-12-29T00:00:00+01:00 Julien Vanegue No 27c3, Hacking Applications of theorem proving for securing the windows kernel The dynamic memory allocator is a fundamental component of modern operating systems, and one of the most important sources of security vulnerabilities. In this presentation, we emphasize on a particular weakness of the heap management that has proven to be the root cause of many escalation of privilege bugs in the windows kernel and other critical remote vulnerabilities in user-land applications. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4209.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4209-en-zero_sized_heap_allocations_vulnerability_analysis.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4211-en-chip_and_pin_is_broken.mp4 EMV is the dominant protocol used for smart card payments worldwide, with over 730 million cards in circulation. Known to bank customers as “Chip and PIN”, it is used in Europe; it is being introduced in Canada; and there is pressure from banks to introduce it in the USA too. EMV secures credit and debit card transactions by authenticating both the card and the customer presenting it through a combination of cryptographic authentication codes, digital signatures, and the entry of a PIN. In this paper we describe and demonstrate a protocol flaw which allows criminals to use a genuine card to make a payment without knowing the card’s PIN, and to remain undetected even when the merchant has an online connection to the banking network. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4211.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4211-en-chip_and_pin_is_broken.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4211-en-chip_and_pin_is_broken.mp4 2010-12-29T00:00:00+01:00 Steven J. Murdoch No 27c3, Hacking Vulnerabilities in the EMV Protocol EMV is the dominant protocol used for smart card payments worldwide, with over 730 million cards in circulation. Known to bank customers as “Chip and PIN”, it is used in Europe; it is being introduced in Canada; and there is pressure from banks to introduce it in the USA too. EMV secures credit and debit card transactions by authenticating both the card and the customer presenting it through a combination of cryptographic authentication codes, digital signatures, and the entry of a PIN. In this paper we describe and demonstrate a protocol flaw which allows criminals to use a genuine card to make a payment without knowing the card’s PIN, and to remain undetected even when the merchant has an online connection to the banking network. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4211.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4211-en-chip_and_pin_is_broken.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4221-en-omg_wtf_pdf.mp4 Ambiguities in the PDF specification means that no two PDF parsers will see a file in the same way. This leads to many opportunities for exploit obfuscation. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4221.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4221-en-omg_wtf_pdf.html Thu, 30 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4221-en-omg_wtf_pdf.mp4 2010-12-30T00:00:00+01:00 Julia Wolf No 27c3, Hacking What you didn't know about Acrobat Ambiguities in the PDF specification means that no two PDF parsers will see a file in the same way. This leads to many opportunities for exploit obfuscation. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4221.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4221-en-omg_wtf_pdf.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4231-en-datenrettung_fun_with_hard_drives.mp4 Data recovery has always been an area of myths. This lecture will lift some of their covers. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4231.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4231-en-datenrettung_fun_with_hard_drives.html Tue, 28 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4231-en-datenrettung_fun_with_hard_drives.mp4 2010-12-28T00:00:00+01:00 Peter Franck No 27c3, Hacking Fun with Hard Drives Data recovery has always been an area of myths. This lecture will lift some of their covers. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4231.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4231-en-datenrettung_fun_with_hard_drives.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4237-en-indect_eu_surveillance_project.mp4 INDECT The acronym stands for Intelligent Information System Supporting Observation, Searching and Detection for Security of Citizens in Urban Environment. A total of 17 partners in nine member states are developing an infrastructure for linking existing surveillance technologies to form one mighty instrument for controlling the people. They are laying the foundation of a European police state, since INDECT's results serve to increase the effectiveness of police operation on the national and European level. INDECT is funded under the European Commission's Seventh Framework Programme (FP7), the security-related research of which provides € 1.4 billion Euro for more than 60 partly interlaced projects. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4237.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4237-en-indect_eu_surveillance_project.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4237-en-indect_eu_surveillance_project.mp4 2010-12-29T00:00:00+01:00 Sylvia Johnigk No 27c3, Society INDECT The acronym stands for Intelligent Information System Supporting Observation, Searching and Detection for Security of Citizens in Urban Environment. A total of 17 partners in nine member states are developing an infrastructure for linking existing surveillance technologies to form one mighty instrument for controlling the people. They are laying the foundation of a European police state, since INDECT's results serve to increase the effectiveness of police operation on the national and European level. INDECT is funded under the European Commission's Seventh Framework Programme (FP7), the security-related research of which provides € 1.4 billion Euro for more than 60 partly interlaced projects. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4237.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4237-en-indect_eu_surveillance_project.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4244-en-critical_overview_of_10_years_pet.mp4 The objective of the session is to provide a critical overview of "privacy research" within computer science. The mechanisms proposed in the last ten year include mechanisms for anonymous communications, censorship resistance, selective disclosure credentials (and their integration in identity management systems), as well as privacy in databases. All of these system are meant to shield the user from different aspects of on-line surveillance either through allowing a user to keep some of her data "confidential" or by allowing her to assert "control" over her data. We will illustrate using concrete examples, why some paradigms came to dominate the field, their advantages, but also their blind spots, and unfulfilled promises given the conditions of our surveillance societies. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4244.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4244-en-critical_overview_of_10_years_pet.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4244-en-critical_overview_of_10_years_pet.mp4 2010-12-29T00:00:00+01:00 seda No 27c3, Society The objective of the session is to provide a critical overview of "privacy research" within computer science. The mechanisms proposed in the last ten year include mechanisms for anonymous communications, censorship resistance, selective disclosure credentials (and their integration in identity management systems), as well as privacy in databases. All of these system are meant to shield the user from different aspects of on-line surveillance either through allowing a user to keep some of her data "confidential" or by allowing her to assert "control" over her data. We will illustrate using concrete examples, why some paradigms came to dominate the field, their advantages, but also their blind spots, and unfulfilled promises given the conditions of our surveillance societies. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4244.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4244-en-critical_overview_of_10_years_pet.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4297-de-die_gesamte_technik_ist_sicher.mp4 Für den neuen elektronischen Personalausweis sind drei verschiedene Lesegeräteklassen spezifiziert, von denen die einfachste bereits einige Kritik erfahren hat. Nach der Diskussion um die Sicherheit des Personalausweises stellt sich die Frage: Können zertifizierte Lesegeräte den neuen Ausweis schützen? about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4297.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4297-de-die_gesamte_technik_ist_sicher.html Mon, 27 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4297-de-die_gesamte_technik_ist_sicher.mp4 2010-12-27T00:00:00+01:00 Dominik Oepen, Frank Morgner No 27c3, Hacking Besitz und Wissen: Relay-Angriffe auf den neuen Personalausweis Für den neuen elektronischen Personalausweis sind drei verschiedene Lesegeräteklassen spezifiziert, von denen die einfachste bereits einige Kritik erfahren hat. Nach der Diskussion um die Sicherheit des Personalausweises stellt sich die Frage: Können zertifizierte Lesegeräte den neuen Ausweis schützen? about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4297.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4297-de-die_gesamte_technik_ist_sicher.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4326-de-radio_der_zukunft.mp4 Radio – das ist eine der wenigen elektronischen Medientechnologien, die den Sprung in die digitale Ära noch nicht richtig geschafft hat. Während die Fernsehverbreitung schon fast vollständig per volldigitalen Systemen wie DVB-T stattfindet, bleiben die Radiosender dem guten alten Analog-Funk auf UKW treu. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4326.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4326-de-radio_der_zukunft.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4326-de-radio_der_zukunft.mp4 2010-12-29T00:00:00+01:00 Peter Welchering, Ralph Müller-Schmid, Tim Pritlove, Willi Steul No 27c3, Culture Was kommt nach dem analogen Radio? Radio – das ist eine der wenigen elektronischen Medientechnologien, die den Sprung in die digitale Ära noch nicht richtig geschafft hat. Während die Fernsehverbreitung schon fast vollständig per volldigitalen Systemen wie DVB-T stattfindet, bleiben die Radiosender dem guten alten Analog-Funk auf UKW treu. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4326.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4326-de-radio_der_zukunft.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4333-en-hacker_jeopardy_translation.mp4 The Hacker Jeopardy is a quiz show. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4333.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4333-en-hacker_jeopardy_translation.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4333-en-hacker_jeopardy_translation.mp4 2010-12-29T00:00:00+01:00 No 27c3, Community Number guessing for geeks The Hacker Jeopardy is a quiz show. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4333.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4333-en-hacker_jeopardy_translation.html http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4334-en-fnord_jahresrueckblick.mp4 Auch dieses Jahr werden wir uns wieder bemühen, Euch mit einem Rückblick auf die Fnords des Jahres zu unterhalten. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4334.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4334-en-fnord_jahresrueckblick.html Wed, 29 Dec 2010 00:00:00 +0100 http://media.ccc.de/ftp/congress/2010/mp4-h264-HQ/27c3-4334-en-fnord_jahresrueckblick.mp4 2010-12-29T00:00:00+01:00 Felix von Leitner, Frank Rieger No 27c3, Society von Atomausstieg bis Zwangsintegration Auch dieses Jahr werden wir uns wieder bemühen, Euch mit einem Rückblick auf die Fnords des Jahres zu unterhalten. about this event: http://events.ccc.de/congress/2010/Fahrplan/events/4334.en.html event on media: http://media.ccc.de/browse/congress/2010/27c3-4334-en-fnord_jahresrueckblick.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3782_en_reach_out_and_touch_face.mp4 Hackers love knowledge. They try to find out how stuff works. And that's great. Experimentation is a major part of hacking. It is in the most philosophical sense a deconstruction of things. A specific use is never inherent to an object, even though technical demagogues like to claim that it is. Just compare the term "self-explanatory" and the term "archeological find". It's a pretty hard task to find out what technology is and what it should do if you don't have a clue about the context. Usually the use is connected with the object through definition ("instructions for use"). Turning an object against the use inscribed in it means probing its possibilities. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3782.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3782_en_reach_out_and_touch_face.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3782_en_reach_out_and_touch_face.mp4 2010-05-23T00:00:00+02:00 Johannes Grenzfurthner No sigint10, Sonstiges A rant about failing Hackers love knowledge. They try to find out how stuff works. And that's great. Experimentation is a major part of hacking. It is in the most philosophical sense a deconstruction of things. A specific use is never inherent to an object, even though technical demagogues like to claim that it is. Just compare the term "self-explanatory" and the term "archeological find". It's a pretty hard task to find out what technology is and what it should do if you don't have a clue about the context. Usually the use is connected with the object through definition ("instructions for use"). Turning an object against the use inscribed in it means probing its possibilities. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3782.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3782_en_reach_out_and_touch_face.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3821_en_peer_to_peer_communism.mp4 The Telekommunist Manifesto is an exploration of class conflict and property born in the realization of the primacy of economic capacity in social struggles. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3821.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3821_en_peer_to_peer_communism.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3821_en_peer_to_peer_communism.mp4 2010-05-23T00:00:00+02:00 Dmytri Kleiner No sigint10, Aktivisten The Political Economy of Network Topologies The Telekommunist Manifesto is an exploration of class conflict and property born in the realization of the primacy of economic capacity in social struggles. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3821.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3821_en_peer_to_peer_communism.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3822_de_die_gescheiterte_revolution.mp4 Es gibt berechtigte Kritikpunkte an der "alten" Musikindustrie und ihrem Unvermögen, sich auf die neue digitale Kulturtechnik Internet einzustellen. Aber revolutionäre neue Geschäftsmodelle sind auch bei den Kritiker_innen noch in einem recht theoretischen Stadium. Warum läuft eine Dekade nach Napster und eine halbe nach Creative Commons noch immer keine freie Musik im Radio? Dieser Vortrag stellt Thesen zur Diskussion, die noch nicht Folklore wurden. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3822.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3822_de_die_gescheiterte_revolution.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3822_de_die_gescheiterte_revolution.mp4 2010-05-23T00:00:00+02:00 m.eik No sigint10, Aktivisten Chancen, Risiken & Nebenwirkungen freier Musikkultur Es gibt berechtigte Kritikpunkte an der "alten" Musikindustrie und ihrem Unvermögen, sich auf die neue digitale Kulturtechnik Internet einzustellen. Aber revolutionäre neue Geschäftsmodelle sind auch bei den Kritiker_innen noch in einem recht theoretischen Stadium. Warum läuft eine Dekade nach Napster und eine halbe nach Creative Commons noch immer keine freie Musik im Radio? Dieser Vortrag stellt Thesen zur Diskussion, die noch nicht Folklore wurden. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3822.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3822_de_die_gescheiterte_revolution.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3853_en_future_3.0.mp4 Is there a relationship between the evolution of Human Computer Interaction, the future of money and the way we eat? Yes, and it comes in threes! This talk explores the striking similarities in the Semantic Web (Web 3.0), Post-Piracy Pop Culture Economics, Natural User Interface Design, Local Food Movements, Rapid Prototyping, Polyamory and other Third Wave points of "Future Shock" to help better frame and understand how the future evolves. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3853.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3853_en_future_3.0.html Mon, 24 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3853_en_future_3.0.mp4 2010-05-24T00:00:00+02:00 Nick Farr No sigint10, Netzbewohner One Theory on Patterns in Culture, Technology and Commerce Is there a relationship between the evolution of Human Computer Interaction, the future of money and the way we eat? Yes, and it comes in threes! This talk explores the striking similarities in the Semantic Web (Web 3.0), Post-Piracy Pop Culture Economics, Natural User Interface Design, Local Food Movements, Rapid Prototyping, Polyamory and other Third Wave points of "Future Shock" to help better frame and understand how the future evolves. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3853.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3853_en_future_3.0.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3862_de_volkszaehler.mp4 Seit dem 1.1.2010 müssen Stromversorger Ihren Kunden für Neubauten sog. “intelligente Stromzähler” anbieten. Der Kunde soll dadurch seinen Stromverbrauch analysieren und optimieren können. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3862.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3862_de_volkszaehler.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3862_de_volkszaehler.mp4 2010-05-23T00:00:00+02:00 Justin Otherguy No sigint10, Hacker SmartMeter im Selbstbau und Selbstversuch Seit dem 1.1.2010 müssen Stromversorger Ihren Kunden für Neubauten sog. “intelligente Stromzähler” anbieten. Der Kunde soll dadurch seinen Stromverbrauch analysieren und optimieren können. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3862.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3862_de_volkszaehler.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3870_de_digitaler_steuerbuerger.mp4 Automatisierter Kontenabruf, digitale Außenprüfung, Benford-Test, Chi-Quadrat-Test, Bußgeld für GDPdU-Verweigerer: Die Steuerverwaltung hat in den letzten Jahren digital aufgerüstet. Wo wann werden wie welche Daten eingesammelt und verwertet? about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3870.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3870_de_digitaler_steuerbuerger.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3870_de_digitaler_steuerbuerger.mp4 2010-05-22T00:00:00+02:00 Kai Kobschätzki (/bengoshi) No sigint10, Aktivisten Automatisierter Kontenabruf, digitale Außenprüfung, Benford-Test, Chi-Quadrat-Test, Bußgeld für GDPdU-Verweigerer: Die Steuerverwaltung hat in den letzten Jahren digital aufgerüstet. Wo wann werden wie welche Daten eingesammelt und verwertet? about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3870.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3870_de_digitaler_steuerbuerger.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3881_de_keykeriki_v2.mp4 nil about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3881.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3881_de_keykeriki_v2.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3881_de_keykeriki_v2.mp4 2010-05-23T00:00:00+02:00 Keykeriki No sigint10, Hacker Practical Exploitation of Modern Wireless Devices nil about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3881.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3881_de_keykeriki_v2.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3916_de_(dis-)connected_worlds.mp4 Von der Öffentlichkeit relativ unbemerkt wird in der Europäischen Union schon seit Jahren intensiv an der Umsetzung von Internetsperren gearbeitet. Projekte wie CIRCAMP und CSAADF haben bisher versucht über freiwillige Vereinbarungen der Exekutive mit Internetprovidern Internetfilter zu etablieren. In den CIRCAMP-Teilnehmerstaaten waren diese Bemühungen bis auf Deutschland bisher erfolgreich. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3916.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3916_de_(dis-)connected_worlds.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3916_de_(dis-)connected_worlds.mp4 2010-05-22T00:00:00+02:00 Christian Bahls No sigint10, Aktivisten European Union goes east? Von der Öffentlichkeit relativ unbemerkt wird in der Europäischen Union schon seit Jahren intensiv an der Umsetzung von Internetsperren gearbeitet. Projekte wie CIRCAMP und CSAADF haben bisher versucht über freiwillige Vereinbarungen der Exekutive mit Internetprovidern Internetfilter zu etablieren. In den CIRCAMP-Teilnehmerstaaten waren diese Bemühungen bis auf Deutschland bisher erfolgreich. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3916.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3916_de_(dis-)connected_worlds.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_544_-_de_-_brainrepublic_-_powered_by_mongodb_co_-_andreas_jung.mp4 Der Vortrag zeigt anhand eines aktuellen Webprojektes wie man Hilfe des Python-basierten Web-Frameworks repoze.bfg eine hochskalierbares und hoch-performantes "Web 2.0" Portal erstellen kann. Technologisch setzt das Projekt im Backend auf MongoDB, RabbitMQ und Solr auf. about this event: http://programm.froscon.org/2010/events/544.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_544_-_de_-_brainrepublic_-_powered_by_mongodb_co_-_andreas_jung.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_544_-_de_-_brainrepublic_-_powered_by_mongodb_co_-_andreas_jung.mp4 2010-08-22T00:00:00+02:00 Andreas Jung No froscon10, Web Powered by MongoDB und RabbitMQ Der Vortrag zeigt anhand eines aktuellen Webprojektes wie man Hilfe des Python-basierten Web-Frameworks repoze.bfg eine hochskalierbares und hoch-performantes "Web 2.0" Portal erstellen kann. Technologisch setzt das Projekt im Backend auf MongoDB, RabbitMQ und Solr auf. about this event: http://programm.froscon.org/2010/events/544.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_544_-_de_-_brainrepublic_-_powered_by_mongodb_co_-_andreas_jung.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_580_-_en_-_open_source_your_career_-_lorna_jane_mitchell.mp4 With words like community bandied about, what can the individual gain in professional terms from getting involved in extra-curricular activities? Come and hear tales from someone who has almost accidentally benefitted from her community activities about what drives her to get involved and how this has crossed over into her day job. Everyone will take home from this session some new ideas about how giving can actually be receiving, and strategies for situations where everyone wins. about this event: http://programm.froscon.org/2010/events/580.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_580_-_en_-_open_source_your_career_-_lorna_jane_mitchell.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_580_-_en_-_open_source_your_career_-_lorna_jane_mitchell.mp4 2010-08-21T00:00:00+02:00 Lorna Jane Mitchell No froscon10, Other Fast-track your professional development with community involvement With words like community bandied about, what can the individual gain in professional terms from getting involved in extra-curricular activities? Come and hear tales from someone who has almost accidentally benefitted from her community activities about what drives her to get involved and how this has crossed over into her day job. Everyone will take home from this session some new ideas about how giving can actually be receiving, and strategies for situations where everyone wins. about this event: http://programm.froscon.org/2010/events/580.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_580_-_en_-_open_source_your_career_-_lorna_jane_mitchell.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_615_-_en_-_free_and_open_source_software_in_the_developing_world_-_jon_maddog_hall.mp4 maddog has been to over 100 countries talking about FOSS and its abilities to allow businesses to succeed. Some of these countries are thought of as "developing economies"....and some are not. Some think that all of their software is "free"...but what they mean is that they do not pay for it in terms they understand. This talk will discuss business situations in countries far and near and how FOSS enables business. about this event: http://programm.froscon.org/2010/events/615.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_615_-_en_-_free_and_open_source_software_in_the_developing_world_-_jon_maddog_hall.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_615_-_en_-_free_and_open_source_software_in_the_developing_world_-_jon_maddog_hall.mp4 2010-08-21T00:00:00+02:00 Jon "maddog" Hall No froscon10, Keynote (and aren't we all developing?) maddog has been to over 100 countries talking about FOSS and its abilities to allow businesses to succeed. Some of these countries are thought of as "developing economies"....and some are not. Some think that all of their software is "free"...but what they mean is that they do not pay for it in terms they understand. This talk will discuss business situations in countries far and near and how FOSS enables business. about this event: http://programm.froscon.org/2010/events/615.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_615_-_en_-_free_and_open_source_software_in_the_developing_world_-_jon_maddog_hall.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_498_-_de_-_fehlersuche_in_netzwerken_-_jens_link.mp4 "Das Netzwerk geht nicht!" - Eine Aussage die man als Netzwerkadmin regelmäßig hört. Aber in den wenigsten Fällen ist es wirklich das Netzwerk, welches Probleme macht. Dieser Vortrag soll Admins aller Fachrichtungen zeigen, wie man methodisch Netzwerkfehler sucht und stellt außerdem noch zahlreiche Methoden und Werkzeuge vor um Fehler einzugrenzen oder gar nicht erst entstehen zu lassen. about this event: http://programm.froscon.org/2010/events/498.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_498_-_de_-_fehlersuche_in_netzwerken_-_jens_link.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_498_-_de_-_fehlersuche_in_netzwerken_-_jens_link.mp4 2010-08-22T00:00:00+02:00 Jens Link No froscon10, Administration "Das Netzwerk geht nicht!" - Eine Aussage die man als Netzwerkadmin regelmäßig hört. Aber in den wenigsten Fällen ist es wirklich das Netzwerk, welches Probleme macht. Dieser Vortrag soll Admins aller Fachrichtungen zeigen, wie man methodisch Netzwerkfehler sucht und stellt außerdem noch zahlreiche Methoden und Werkzeuge vor um Fehler einzugrenzen oder gar nicht erst entstehen zu lassen. about this event: http://programm.froscon.org/2010/events/498.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_498_-_de_-_fehlersuche_in_netzwerken_-_jens_link.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_499_-_de_-_datenschutz_fuer_systemadministratoren_-_fortsetzung_-_hanno_rince_wagner.mp4 Vor einem Jahr habe ich einen Vortrag zum Thema "Datenschutz für Systemadministratoren" gehalten. Dieses Jahr möchte ich auf die (Risiko-)Klassifizierung von personenbezogenen Daten eingehen und auch die Klassifizierung der Daten aufgrund des Umfeldes. Zusätzlich möchte ich auf die Neuheiten der Novellierung des Bundesdatenschutzgesetzes eingehen. about this event: http://programm.froscon.org/2010/events/499.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_499_-_de_-_datenschutz_fuer_systemadministratoren_-_fortsetzung_-_hanno_rince_wagner.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_499_-_de_-_datenschutz_fuer_systemadministratoren_-_fortsetzung_-_hanno_rince_wagner.mp4 2010-08-21T00:00:00+02:00 Hanno 'Rince' Wagner No froscon10, Administration Klassifizierung von Daten und Neuigkeiten Vor einem Jahr habe ich einen Vortrag zum Thema "Datenschutz für Systemadministratoren" gehalten. Dieses Jahr möchte ich auf die (Risiko-)Klassifizierung von personenbezogenen Daten eingehen und auch die Klassifizierung der Daten aufgrund des Umfeldes. Zusätzlich möchte ich auf die Neuheiten der Novellierung des Bundesdatenschutzgesetzes eingehen. about this event: http://programm.froscon.org/2010/events/499.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_499_-_de_-_datenschutz_fuer_systemadministratoren_-_fortsetzung_-_hanno_rince_wagner.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_501_-_de_-_datafinder_-_miriam_ney.mp4 Der DataFinder ist eine in Python entwickelte Open Source Software zur Datenverwaltung. Veröffentlicht unter der Simplified BSD Lizenz, ermöglicht sie es einfach, große Datenmengen, wie sie häufig bei wissenschaftlichen Simulationen und Versuchen anfallen, zu verwalten. Dabei hilft die konsequente Angabe von individuell definierten Metadaten, welche die Daten beschreiben und diese durchsuchbar machen. Eine intuitive Verwaltung von wissenschaftlichen Daten ist sehr wichtig für die Zusammenarbeit innerhalb einer Forschungs oder Entwicklungsgruppe, aber auch um Projektpartnern und Kollegen die Möglichkeit zu geben, existierende Ergebnisse einsehen und verwenden zu können. Konzipiert wurde der DataFinder als leichtgewichtige Anwendung basierend auf einer Client-Server-Struktur. Er kann durch Einbindung von Skripten leicht in die eigene Arbeitsumgebung eingebunden und und neue Funktionen erweitert werden. In der Entwicklung wurden viele Standards, wie zum Beispiel XML und WebDAV, verwendet, um möglichst kompatibel zu ähnlichen Tools zu sein. Der DataFinder wurde mit Fokus auf die Datenmanagementsituation im Deutschen Zentrum für Luft und Raumfahrt (DLR) entwickelt. Mit der kürzlich releasten Version 2.0 ist die Entwicklung auf eine öffentliche Plattform verschoben, um mehr Anwendungsgebieten den Einsatz zu ermöglichen. Der Vortrag stellt den Aufbau der Software vor, präsentiert Beispiele zum Einsatz der Software und zeigt Möglichkeiten aktiv an der Entwicklung mitzuarbeiten. about this event: http://programm.froscon.org/2010/events/501.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_501_-_de_-_datafinder_-_miriam_ney.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_501_-_de_-_datafinder_-_miriam_ney.mp4 2010-08-21T00:00:00+02:00 Miriam Ney No froscon10, Other Datenmanagement Der DataFinder ist eine in Python entwickelte Open Source Software zur Datenverwaltung. Veröffentlicht unter der Simplified BSD Lizenz, ermöglicht sie es einfach, große Datenmengen, wie sie häufig bei wissenschaftlichen Simulationen und Versuchen anfallen, zu verwalten. Dabei hilft die konsequente Angabe von individuell definierten Metadaten, welche die Daten beschreiben und diese durchsuchbar machen. Eine intuitive Verwaltung von wissenschaftlichen Daten ist sehr wichtig für die Zusammenarbeit innerhalb einer Forschungs oder Entwicklungsgruppe, aber auch um Projektpartnern und Kollegen die Möglichkeit zu geben, existierende Ergebnisse einsehen und verwenden zu können. Konzipiert wurde der DataFinder als leichtgewichtige Anwendung basierend auf einer Client-Server-Struktur. Er kann durch Einbindung von Skripten leicht in die eigene Arbeitsumgebung eingebunden und und neue Funktionen erweitert werden. In der Entwicklung wurden viele Standards, wie zum Beispiel XML und WebDAV, verwendet, um möglichst kompatibel zu ähnlichen Tools zu sein. Der DataFinder wurde mit Fokus auf die Datenmanagementsituation im Deutschen Zentrum für Luft und Raumfahrt (DLR) entwickelt. Mit der kürzlich releasten Version 2.0 ist die Entwicklung auf eine öffentliche Plattform verschoben, um mehr Anwendungsgebieten den Einsatz zu ermöglichen. Der Vortrag stellt den Aufbau der Software vor, präsentiert Beispiele zum Einsatz der Software und zeigt Möglichkeiten aktiv an der Entwicklung mitzuarbeiten. about this event: http://programm.froscon.org/2010/events/501.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_501_-_de_-_datafinder_-_miriam_ney.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_502_-_de_-_der_java-albtraum_-_torsten_werner.mp4 Der Vortrag stellt die Probleme dar, Java-Code aus der Open-Source-Community so zu paketieren, dass die Pakete die minimalen Qualitätsanforderungen von Debian genügen. Probleme sind u.a. die Tatsache, dass Binärcode nicht vollständig aus Quelltexten gebaut wird, sowie die Verwendung von unfreier Software oder gar Lizenzverletzungen. Möglichkeiten von Verbesserungen werden am Beispiel von Maven aufgezeigt. about this event: http://programm.froscon.org/2010/events/502.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_502_-_de_-_der_java-albtraum_-_torsten_werner.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_502_-_de_-_der_java-albtraum_-_torsten_werner.mp4 2010-08-22T00:00:00+02:00 Torsten Werner No froscon10, Packaging Der Vortrag stellt die Probleme dar, Java-Code aus der Open-Source-Community so zu paketieren, dass die Pakete die minimalen Qualitätsanforderungen von Debian genügen. Probleme sind u.a. die Tatsache, dass Binärcode nicht vollständig aus Quelltexten gebaut wird, sowie die Verwendung von unfreier Software oder gar Lizenzverletzungen. Möglichkeiten von Verbesserungen werden am Beispiel von Maven aufgezeigt. about this event: http://programm.froscon.org/2010/events/502.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_502_-_de_-_der_java-albtraum_-_torsten_werner.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_504_-_de_-_mobile-linux_development_-_ein_ueberblick_-_christian_kuester.mp4 Mit Maemo, MeeGo, Android und webOS konkurrieren inzwischen vier auf Linux basierende Mobilplattformen nicht nur um Benutzer, sondern auch um Applikationsentwickler. Letztendlich ist die Menge an verfügbaren Applikationen mitentscheidend für die Vorherrschaft im Smartphone-Markt. Der Vortrag gibt einen Überblick und Vergleich der verschiedenen Mobilplattformen aus Entwicklersicht und versucht dabei folgende Fragen zu beantworten: - Welche Hilfsmittel und Software-Development-Kits stehen Entwicklern zur Verfügung und wieviel Komfort bieten sie? - Mit welchen Programmiersprachen lassen sich Anwendungen entwickeln? - Wo liegen die Schwierigkeiten und Vorzüge der einzelnen Plattformen, insbesondere im Hinblick auf die Nutzung von Telefoniefunktionen bzw. den Zugriff auf Daten und Gerätehardware? about this event: http://programm.froscon.org/2010/events/504.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_504_-_de_-_mobile-linux_development_-_ein_ueberblick_-_christian_kuester.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_504_-_de_-_mobile-linux_development_-_ein_ueberblick_-_christian_kuester.mp4 2010-08-21T00:00:00+02:00 Christian Küster No froscon10, Development Mit Maemo, MeeGo, Android und webOS konkurrieren inzwischen vier auf Linux basierende Mobilplattformen nicht nur um Benutzer, sondern auch um Applikationsentwickler. Letztendlich ist die Menge an verfügbaren Applikationen mitentscheidend für die Vorherrschaft im Smartphone-Markt. Der Vortrag gibt einen Überblick und Vergleich der verschiedenen Mobilplattformen aus Entwicklersicht und versucht dabei folgende Fragen zu beantworten: - Welche Hilfsmittel und Software-Development-Kits stehen Entwicklern zur Verfügung und wieviel Komfort bieten sie? - Mit welchen Programmiersprachen lassen sich Anwendungen entwickeln? - Wo liegen die Schwierigkeiten und Vorzüge der einzelnen Plattformen, insbesondere im Hinblick auf die Nutzung von Telefoniefunktionen bzw. den Zugriff auf Daten und Gerätehardware? about this event: http://programm.froscon.org/2010/events/504.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_504_-_de_-_mobile-linux_development_-_ein_ueberblick_-_christian_kuester.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_512_-_en_-_xtrabackup_for_mysql_-_aleksandr_kuzminsky_aurimas_mikalauskas.mp4 Introduction to new, free backup solution for MySQL/InnoDB. Talk will cover how to use it scenarios, xtradb internals, tips & tricks and live demonstration about this event: http://programm.froscon.org/2010/events/512.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_512_-_en_-_xtrabackup_for_mysql_-_aleksandr_kuzminsky_aurimas_mikalauskas.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_512_-_en_-_xtrabackup_for_mysql_-_aleksandr_kuzminsky_aurimas_mikalauskas.mp4 2010-08-22T00:00:00+02:00 Aleksandr Kuzminsky, Aurimas Mikalauskas No froscon10, OpenSQLCamp Introduction to new, free backup solution for MySQL/InnoDB. Talk will cover how to use it scenarios, xtradb internals, tips & tricks and live demonstration about this event: http://programm.froscon.org/2010/events/512.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_512_-_en_-_xtrabackup_for_mysql_-_aleksandr_kuzminsky_aurimas_mikalauskas.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_513_-_en_-_xtradb_--_innodb_on_steroids_-_morgan_tocker.mp4 Introduction to XtraDB storage engine as replacement for stock InnoDB. Talk covering all important features, use cases and performance/usability gains. about this event: http://programm.froscon.org/2010/events/513.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_513_-_en_-_xtradb_--_innodb_on_steroids_-_morgan_tocker.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_513_-_en_-_xtradb_--_innodb_on_steroids_-_morgan_tocker.mp4 2010-08-22T00:00:00+02:00 Morgan Tocker No froscon10, OpenSQLCamp Introduction to XtraDB storage engine as replacement for stock InnoDB. Talk covering all important features, use cases and performance/usability gains. about this event: http://programm.froscon.org/2010/events/513.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_513_-_en_-_xtradb_--_innodb_on_steroids_-_morgan_tocker.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_514_-_de_-_tiroler_taschenmesser_-_harald_grzybowski.mp4 Die Open Source Collaboration Software GROUP-E als zentrales Werkzeug für E-Mails, gemeinsame Kalender, Aufgaben, interne Projektverwaltung und Zeiterfassung stellt durch integriertes Single-Sign-on eine skalierbare und sichere Businesslösung dar. about this event: http://programm.froscon.org/2010/events/514.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_514_-_de_-_tiroler_taschenmesser_-_harald_grzybowski.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_514_-_de_-_tiroler_taschenmesser_-_harald_grzybowski.mp4 2010-08-22T00:00:00+02:00 Harald Grzybowski No froscon10, Collaboration Die Collaboration-Software Group-E im Unternehmenseinsatz Die Open Source Collaboration Software GROUP-E als zentrales Werkzeug für E-Mails, gemeinsame Kalender, Aufgaben, interne Projektverwaltung und Zeiterfassung stellt durch integriertes Single-Sign-on eine skalierbare und sichere Businesslösung dar. about this event: http://programm.froscon.org/2010/events/514.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_514_-_de_-_tiroler_taschenmesser_-_harald_grzybowski.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_520_-_de_-_zodb_-_eine_native_objektdatenbank_fuer_python_-_christian_theune.mp4 Python-Programme werden nach den objekt-orientierten Paradigma geschrieben. Man verwendet Objekte, die sich frei referenzieren und jede Form und Gestalt annehmen können: kein Objekt muss einem spezifischen Schema genügen und kann beliebige Information speichern. Um Objekte in einer relationalen Datenbank zu speichern muss man die Referenz- und Schemafreiheit aufgeben: die Einschränkungen des relationalen Models beschränken auch die Möglichkeiten objekt-orientiert zu entwickeln. Die ZODB ist eine native Objektdatenbank, in der alle Objekte gespeichert werden und man trotzdem mit allen objekt-orientierten Paradigmen von Python arbeiten kann. Dadurch wird der Anwendungscode einfach, robuster und leichter zu verstehen. Der Vortrag gibt eine Übersicht über die Fähigkeiten der ZODB und zeigt Code-Beispiele wie Paradigmen umgesetzt werden und soll den Einstieg in die Entwicklung mit der ZODB erleichtern. about this event: http://programm.froscon.org/2010/events/520.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_520_-_de_-_zodb_-_eine_native_objektdatenbank_fuer_python_-_christian_theune.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_520_-_de_-_zodb_-_eine_native_objektdatenbank_fuer_python_-_christian_theune.mp4 2010-08-21T00:00:00+02:00 Christian Theune No froscon10, NoSQL Quetsch deine Objekte nicht in Tabellen - leg sie in eine Objektdatenbank. Python-Programme werden nach den objekt-orientierten Paradigma geschrieben. Man verwendet Objekte, die sich frei referenzieren und jede Form und Gestalt annehmen können: kein Objekt muss einem spezifischen Schema genügen und kann beliebige Information speichern. Um Objekte in einer relationalen Datenbank zu speichern muss man die Referenz- und Schemafreiheit aufgeben: die Einschränkungen des relationalen Models beschränken auch die Möglichkeiten objekt-orientiert zu entwickeln. Die ZODB ist eine native Objektdatenbank, in der alle Objekte gespeichert werden und man trotzdem mit allen objekt-orientierten Paradigmen von Python arbeiten kann. Dadurch wird der Anwendungscode einfach, robuster und leichter zu verstehen. Der Vortrag gibt eine Übersicht über die Fähigkeiten der ZODB und zeigt Code-Beispiele wie Paradigmen umgesetzt werden und soll den Einstieg in die Entwicklung mit der ZODB erleichtern. about this event: http://programm.froscon.org/2010/events/520.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_520_-_de_-_zodb_-_eine_native_objektdatenbank_fuer_python_-_christian_theune.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_522_-_en_-_inside_the_cassandra_distributed_database_-_jonathan_ellis.mp4 Despite the growing demands placed on databases, traditional relational solutions scale poorly. Cassandra is a distributed database combining the best of Google's Bigtable and Amazon's Dynamo and is in use at Facebook, Twitter, Rackspace, and more companies that have large, active data sets. The largest production cluster has over 100 TB of data in over 150 machines. This session will cover Cassandra's architecture and data model and case studies of how Cassandra is being used. about this event: http://programm.froscon.org/2010/events/522.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_522_-_en_-_inside_the_cassandra_distributed_database_-_jonathan_ellis.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_522_-_en_-_inside_the_cassandra_distributed_database_-_jonathan_ellis.mp4 2010-08-21T00:00:00+02:00 Jonathan Ellis No froscon10, NoSQL Despite the growing demands placed on databases, traditional relational solutions scale poorly. Cassandra is a distributed database combining the best of Google's Bigtable and Amazon's Dynamo and is in use at Facebook, Twitter, Rackspace, and more companies that have large, active data sets. The largest production cluster has over 100 TB of data in over 150 machines. This session will cover Cassandra's architecture and data model and case studies of how Cassandra is being used. about this event: http://programm.froscon.org/2010/events/522.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_522_-_en_-_inside_the_cassandra_distributed_database_-_jonathan_ellis.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_523_-_de_-_daten_mit_rrdtool_speichern_und_visualisieren_-_sebastian_tokkee_harl.mp4 [RRDtool](http://oss.oetiker.ch/rrdtool) (Round Robin Database) ist ein Programm, mit dem Zeit-bezogene Daten (z.B. Netzwerk-Bandbreite, Temperatur, Server Load) gespeichert und graphisch visualisiert werden können. Daher erfreut es sich im Monitoring oder bei der Performance-Analyse einer großen Beliebtheit. Die Daten werden in Round Robin Datenbanken fester Größe gespeichert, wobei neue Werte alte überschreiben, wodurch eine konstante Größe der Datei sichergestellt wird. Optional werden alte Daten konsolidiert (mehrere Datenpunkte werden zu einem zusammengefasst), wodurch das Speichern über einen längeren Zeitraum, aber mit einer niedrigeren Auflösung ermöglicht wird. Dieser Vortrag bietet eine Einführung in die Funktionsweise und Verwendung von RDtool. Nach einem Überblick über die interne Arbeitsweise wird an Beispielen der Umgang mit dem Werkzeug erläutert. Im Anschluss wird ein Überblick über Werkzeuge gegeben, die Daten in RRD Dateien füttern und/oder deren graphische Darstellung erleichtern. about this event: http://programm.froscon.org/2010/events/523.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_523_-_de_-_daten_mit_rrdtool_speichern_und_visualisieren_-_sebastian_tokkee_harl.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_523_-_de_-_daten_mit_rrdtool_speichern_und_visualisieren_-_sebastian_tokkee_harl.mp4 2010-08-22T00:00:00+02:00 Sebastian "tokkee" Harl No froscon10, Administration Viele bunte Graphen [RRDtool](http://oss.oetiker.ch/rrdtool) (Round Robin Database) ist ein Programm, mit dem Zeit-bezogene Daten (z.B. Netzwerk-Bandbreite, Temperatur, Server Load) gespeichert und graphisch visualisiert werden können. Daher erfreut es sich im Monitoring oder bei der Performance-Analyse einer großen Beliebtheit. Die Daten werden in Round Robin Datenbanken fester Größe gespeichert, wobei neue Werte alte überschreiben, wodurch eine konstante Größe der Datei sichergestellt wird. Optional werden alte Daten konsolidiert (mehrere Datenpunkte werden zu einem zusammengefasst), wodurch das Speichern über einen längeren Zeitraum, aber mit einer niedrigeren Auflösung ermöglicht wird. Dieser Vortrag bietet eine Einführung in die Funktionsweise und Verwendung von RDtool. Nach einem Überblick über die interne Arbeitsweise wird an Beispielen der Umgang mit dem Werkzeug erläutert. Im Anschluss wird ein Überblick über Werkzeuge gegeben, die Daten in RRD Dateien füttern und/oder deren graphische Darstellung erleichtern. about this event: http://programm.froscon.org/2010/events/523.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_523_-_de_-_daten_mit_rrdtool_speichern_und_visualisieren_-_sebastian_tokkee_harl.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_524_-_de_-_smart_itsm_-_martin_hartkopf.mp4 Mit Smart ITSM werden großartige Open-Source Werkzeuge für die System- und Serviceverwaltung zu einer einzigartigen Lösung. Basierend auf der Dokumentations- und CMDB-Lösung i-doit können bereits heute Prozesse zur Überwachung (Nagios®), dem Helpdesk (Request Tracker) oder der Inventarisierung (OCS, hInventory) eine gemeinsame, konsolidierte Sicht auf die Unternehmens-IT liefern. Der Vortrag zeigt das Zusammenspiel von i-doit mit verschiedenen anderen ITSM-Komponenten am Beispiel von Request Tracker, Nagios und OCS Inventory NG. about this event: http://programm.froscon.org/2010/events/524.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_524_-_de_-_smart_itsm_-_martin_hartkopf.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_524_-_de_-_smart_itsm_-_martin_hartkopf.mp4 2010-08-21T00:00:00+02:00 Martin No froscon10, Administration Mit Smart ITSM werden großartige Open-Source Werkzeuge für die System- und Serviceverwaltung zu einer einzigartigen Lösung. Basierend auf der Dokumentations- und CMDB-Lösung i-doit können bereits heute Prozesse zur Überwachung (Nagios®), dem Helpdesk (Request Tracker) oder der Inventarisierung (OCS, hInventory) eine gemeinsame, konsolidierte Sicht auf die Unternehmens-IT liefern. Der Vortrag zeigt das Zusammenspiel von i-doit mit verschiedenen anderen ITSM-Komponenten am Beispiel von Request Tracker, Nagios und OCS Inventory NG. about this event: http://programm.froscon.org/2010/events/524.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_524_-_de_-_smart_itsm_-_martin_hartkopf.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_525_-_en_-_apache_couchdb_the_peer-to-peer_database_of_the_web_-_jan_lehnardt.mp4 This talk introduces CouchDB: The high-level concepts, coolest features, pros, and cons, and everything else you need to know to decide for yourself if it is worth a loo about this event: http://programm.froscon.org/2010/events/525.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_525_-_en_-_apache_couchdb_the_peer-to-peer_database_of_the_web_-_jan_lehnardt.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_525_-_en_-_apache_couchdb_the_peer-to-peer_database_of_the_web_-_jan_lehnardt.mp4 2010-08-21T00:00:00+02:00 Jan Lehnardt No froscon10, NoSQL This talk introduces CouchDB: The high-level concepts, coolest features, pros, and cons, and everything else you need to know to decide for yourself if it is worth a loo about this event: http://programm.froscon.org/2010/events/525.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_525_-_en_-_apache_couchdb_the_peer-to-peer_database_of_the_web_-_jan_lehnardt.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_528_-_de_-_dslinux_-_uwe_berger.mp4 DSLinux ist eine Minidistribution für die Pocketspielkonsole Nintendo DS (NDS). Neben dem eigentlichen Linux-Kernel und den üblichen Kommandozeilentools, beinhaltet DSLinux diverse Services und sogar eine X-ähnliche grafische Oberfläche mit einigen dazugehörigen Anwendungen. Über das, in der NDS standardmäßig vorhandene WLAN-Modul kann das Gerät auch in ein Netzwerk integriert werden. Der Vortrag gibt einen Überblick über die NDS-Hardware, erläutert die Installation/Konfiguration von DSLinux und beschreibt die Vorgehensweise zur Entwicklung eigener Anwendungen für diese Plattform. about this event: http://programm.froscon.org/2010/events/528.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_528_-_de_-_dslinux_-_uwe_berger.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_528_-_de_-_dslinux_-_uwe_berger.mp4 2010-08-22T00:00:00+02:00 Uwe Berger No froscon10, Tinkering "Linux spielen" DSLinux ist eine Minidistribution für die Pocketspielkonsole Nintendo DS (NDS). Neben dem eigentlichen Linux-Kernel und den üblichen Kommandozeilentools, beinhaltet DSLinux diverse Services und sogar eine X-ähnliche grafische Oberfläche mit einigen dazugehörigen Anwendungen. Über das, in der NDS standardmäßig vorhandene WLAN-Modul kann das Gerät auch in ein Netzwerk integriert werden. Der Vortrag gibt einen Überblick über die NDS-Hardware, erläutert die Installation/Konfiguration von DSLinux und beschreibt die Vorgehensweise zur Entwicklung eigener Anwendungen für diese Plattform. about this event: http://programm.froscon.org/2010/events/528.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_528_-_de_-_dslinux_-_uwe_berger.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_529_-_en_-_be_lazy_make_automation_-_fabrizio_manfredi.mp4 With Linux you can control and monitor devices and information around your home using a standard personal computer.You don’t have to be a master programmer or a google Sys admin to create one. about this event: http://programm.froscon.org/2010/events/529.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_529_-_en_-_be_lazy_make_automation_-_fabrizio_manfredi.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_529_-_en_-_be_lazy_make_automation_-_fabrizio_manfredi.mp4 2010-08-21T00:00:00+02:00 Fabrizio Manfredi No froscon10, Other With Linux you can control and monitor devices and information around your home using a standard personal computer.You don’t have to be a master programmer or a google Sys admin to create one. about this event: http://programm.froscon.org/2010/events/529.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_529_-_en_-_be_lazy_make_automation_-_fabrizio_manfredi.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_531_-_de_-_verloren_im_nebel_-_ampersize.mp4 Die Welt der IT verändert sich stetig. Der neueste Trend der Gebetsmühlenartig immer wieder von allen Analysten, Managern, Evangelisten und Vetrieblern beschworen wird ist das Cloud Computing. about this event: http://programm.froscon.org/2010/events/531.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_531_-_de_-_verloren_im_nebel_-_ampersize.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_531_-_de_-_verloren_im_nebel_-_ampersize.mp4 2010-08-21T00:00:00+02:00 Ampersize No froscon10, Cloud Computing Gefahren und Risiken von Cloud Computing Die Welt der IT verändert sich stetig. Der neueste Trend der Gebetsmühlenartig immer wieder von allen Analysten, Managern, Evangelisten und Vetrieblern beschworen wird ist das Cloud Computing. about this event: http://programm.froscon.org/2010/events/531.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_531_-_de_-_verloren_im_nebel_-_ampersize.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_533_-_de_-_datenbank-performance-monitoring_mit_zabbix_-_oli_sennhauser.mp4 In diesem Vortrag schauen wir uns die Monitoring-Lösung Zabbix für die Überwachung von MySQL Datenbanken an. Wir gehen kurz auf die Architektur von Zabbix ein, wie das ganze System aufgesetzt wird und wie wir die Überwachung von Datenbanken lösen. Im weiteren beleuchten wir die Vor- und Nachteile der Zabbix-Lösung gegenüber dem MySQL Enterprise Monitor. about this event: http://programm.froscon.org/2010/events/533.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_533_-_de_-_datenbank-performance-monitoring_mit_zabbix_-_oli_sennhauser.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_533_-_de_-_datenbank-performance-monitoring_mit_zabbix_-_oli_sennhauser.mp4 2010-08-22T00:00:00+02:00 Oli Sennhauser No froscon10, OpenSQLCamp Eine Alternative zum MySQL Enterprise Monitor? In diesem Vortrag schauen wir uns die Monitoring-Lösung Zabbix für die Überwachung von MySQL Datenbanken an. Wir gehen kurz auf die Architektur von Zabbix ein, wie das ganze System aufgesetzt wird und wie wir die Überwachung von Datenbanken lösen. Im weiteren beleuchten wir die Vor- und Nachteile der Zabbix-Lösung gegenüber dem MySQL Enterprise Monitor. about this event: http://programm.froscon.org/2010/events/533.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_533_-_de_-_datenbank-performance-monitoring_mit_zabbix_-_oli_sennhauser.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_536_-_en_-_keep_your_mysql_backend_online_no_matter_what_-_istvan_podor.mp4 I helped architect and build a system to get 4 nines (99.99) availability for the mysql backend behind a website. It used mysql replication to set up a multi-master environment, MMM to manage it and LVS for mysql backend loadbalancing. This architecture not only provided high availability, but also permitted us to change the schema, upgrade MySQL versions, or even replace hardware without any downtime. This presentation explains how this solution worked. about this event: http://programm.froscon.org/2010/events/536.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_536_-_en_-_keep_your_mysql_backend_online_no_matter_what_-_istvan_podor.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_536_-_en_-_keep_your_mysql_backend_online_no_matter_what_-_istvan_podor.mp4 2010-08-21T00:00:00+02:00 Istvan Podor No froscon10, OpenSQLCamp How to build a multilevel mysql backend to stay online at all the time with MySQL, LVS and MMM I helped architect and build a system to get 4 nines (99.99) availability for the mysql backend behind a website. It used mysql replication to set up a multi-master environment, MMM to manage it and LVS for mysql backend loadbalancing. This architecture not only provided high availability, but also permitted us to change the schema, upgrade MySQL versions, or even replace hardware without any downtime. This presentation explains how this solution worked. about this event: http://programm.froscon.org/2010/events/536.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_536_-_en_-_keep_your_mysql_backend_online_no_matter_what_-_istvan_podor.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_537_-_en_-_developers_diary_the_wine_project_-_wolfram_sang.mp4 Pursuing my personal quest "1000 projects to send patches to before I die", I also approached the WINE-project. WINE aims to provide a software-layer which runs Windows-binaries directly on a Linux/BSD-system. This means no less than reimplementing the Windows-APIs as free software! Having this goal, WINE development is special for a number of legal, technical and collaborational reasons. In other words: it is highly challenging. This talk explains how I got in touch with the workflow, how I dealt with its peculiarities and why they are needed. I will not talk much about using the program or about its APIs, but more about its creation process. Using a concrete bugfix as an example, you can have an introduction into WINE-development, learn how to get connected (and if you want that), and have a glimpse how this large-scale free software project is working. about this event: http://programm.froscon.org/2010/events/537.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_537_-_en_-_developers_diary_the_wine_project_-_wolfram_sang.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_537_-_en_-_developers_diary_the_wine_project_-_wolfram_sang.mp4 2010-08-22T00:00:00+02:00 Wolfram Sang No froscon10, Behind the scenes Pursuing my personal quest "1000 projects to send patches to before I die", I also approached the WINE-project. WINE aims to provide a software-layer which runs Windows-binaries directly on a Linux/BSD-system. This means no less than reimplementing the Windows-APIs as free software! Having this goal, WINE development is special for a number of legal, technical and collaborational reasons. In other words: it is highly challenging. This talk explains how I got in touch with the workflow, how I dealt with its peculiarities and why they are needed. I will not talk much about using the program or about its APIs, but more about its creation process. Using a concrete bugfix as an example, you can have an introduction into WINE-development, learn how to get connected (and if you want that), and have a glimpse how this large-scale free software project is working. about this event: http://programm.froscon.org/2010/events/537.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_537_-_en_-_developers_diary_the_wine_project_-_wolfram_sang.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_540_-_de_-_single-sign-on_mit_kerberos_-_alexander_wirt.mp4 Kerberos ist ein Authentifizierungsprotokoll, das es ermöglicht, eine Vielzahl von Diensten und Betriebssystemen transparent einzubinden. Durch die Verwendung von Tickets wird hier ein Single-Sign-On ermöglicht. Dies führt dazu, dass ein Benutzer mit einmaliger Anmeldung auf alle Dienste zugreifen kann. Dieser Vortrag möchte eine praktische Einführung in Kerberos und das Einrichten von Diensten wie SSH, Apache und IMAP bieten. about this event: http://programm.froscon.org/2010/events/540.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_540_-_de_-_single-sign-on_mit_kerberos_-_alexander_wirt.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_540_-_de_-_single-sign-on_mit_kerberos_-_alexander_wirt.mp4 2010-08-22T00:00:00+02:00 Alexander Wirt No froscon10, Administration Kerberos ist ein Authentifizierungsprotokoll, das es ermöglicht, eine Vielzahl von Diensten und Betriebssystemen transparent einzubinden. Durch die Verwendung von Tickets wird hier ein Single-Sign-On ermöglicht. Dies führt dazu, dass ein Benutzer mit einmaliger Anmeldung auf alle Dienste zugreifen kann. Dieser Vortrag möchte eine praktische Einführung in Kerberos und das Einrichten von Diensten wie SSH, Apache und IMAP bieten. about this event: http://programm.froscon.org/2010/events/540.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_540_-_de_-_single-sign-on_mit_kerberos_-_alexander_wirt.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_543_-_de_-_agile_open_source_entwicklung_-_patrick_cornelissen.mp4 Agile Softwareentwicklung ist kein Buzzword mehr. Seit der Begriff im Februar 2001 u.a. von Kent Beck geprägt wurde hat er sich als erfolgreiches Modell in der kommerziellen Softwareentwicklung durchgesetzt. Dieser Vortrag wird kurz in die Kernprinzipien der agilen Softwareentwicklung einführen und dann einige "Tools" vorstellen, die Projekte unterstützen, ihre Software agil zu entwickeln. Es wird auch auf agile Praktiken eingegangen, die nicht oder nur schwer in dezentralen Projekten durchgeführt werden können. Am Schluss werden noch die Ergebnisse einer Befragung von Open Source Projekten zu agilen Vorgehen/Praktiken präsentiert. about this event: http://programm.froscon.org/2010/events/543.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_543_-_de_-_agile_open_source_entwicklung_-_patrick_cornelissen.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_543_-_de_-_agile_open_source_entwicklung_-_patrick_cornelissen.mp4 2010-08-22T00:00:00+02:00 Patrick Cornelißen No froscon10, Behind the scenes Was? Wie? Wer? Agile Softwareentwicklung ist kein Buzzword mehr. Seit der Begriff im Februar 2001 u.a. von Kent Beck geprägt wurde hat er sich als erfolgreiches Modell in der kommerziellen Softwareentwicklung durchgesetzt. Dieser Vortrag wird kurz in die Kernprinzipien der agilen Softwareentwicklung einführen und dann einige "Tools" vorstellen, die Projekte unterstützen, ihre Software agil zu entwickeln. Es wird auch auf agile Praktiken eingegangen, die nicht oder nur schwer in dezentralen Projekten durchgeführt werden können. Am Schluss werden noch die Ergebnisse einer Befragung von Open Source Projekten zu agilen Vorgehen/Praktiken präsentiert. about this event: http://programm.froscon.org/2010/events/543.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_543_-_de_-_agile_open_source_entwicklung_-_patrick_cornelissen.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_545_-_de_-_gnome_3_-_hendrik_richter.mp4 Im September wird nach langer Entwicklungszeit Version 3 der GNOME-Arbeitsumgebung veröffentlicht. Nicht nur der Unterbau wurde grundlegend aufgeräumt und modernisiert, auch die Benutzeroberfläche erfährt umfangreiche Änderungen. Nur noch wenige Wochen vor der Veröffentlichung gibt dieser Vortrag einen Überblick über die getroffenen Entscheidungen und deren Gründe und legt dar, was Benutzer und Entwickler von der kommenden Version 3.0 und den nachfolgenden Versionen erwarten können. about this event: http://programm.froscon.org/2010/events/545.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_545_-_de_-_gnome_3_-_hendrik_richter.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_545_-_de_-_gnome_3_-_hendrik_richter.mp4 2010-08-22T00:00:00+02:00 Hendrik Richter No froscon10, Desktop Im September wird nach langer Entwicklungszeit Version 3 der GNOME-Arbeitsumgebung veröffentlicht. Nicht nur der Unterbau wurde grundlegend aufgeräumt und modernisiert, auch die Benutzeroberfläche erfährt umfangreiche Änderungen. Nur noch wenige Wochen vor der Veröffentlichung gibt dieser Vortrag einen Überblick über die getroffenen Entscheidungen und deren Gründe und legt dar, was Benutzer und Entwickler von der kommenden Version 3.0 und den nachfolgenden Versionen erwarten können. about this event: http://programm.froscon.org/2010/events/545.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_545_-_de_-_gnome_3_-_hendrik_richter.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_546_-_en_-_agile_in_a_year_-_thomas_ferris_nicolaisen.mp4 In the last ten years our industry has seen a slow but steady adoption of agile practices. Methodologies like Scrum and eXtreme Programming have long been taught and spread through conferences, courses and consultants, but many companies still struggle to introduce the practices that really matter. Luckily, tools that support these practices have become cheaper/free, and knowledge around agile practices is willingly shared through blogs and wikis online. The open-source alternatives have increased in maturity, and today there is little standing in the way of introducing practices like continuous integration, even with limited resources. This talk is an experience report from how we introduced a number of agile practices into IP Labs, increasing transparency, quality and productivity throughout or process. We will show which practices were easy to introduce, which were hard, and how one depended on the other. After attending this talk, you should have some concrete ideas on how you can get started in your own organization, which pitfalls to avoid, and how to gradually increase agility. about this event: http://programm.froscon.org/2010/events/546.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_546_-_en_-_agile_in_a_year_-_thomas_ferris_nicolaisen.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_546_-_en_-_agile_in_a_year_-_thomas_ferris_nicolaisen.mp4 2010-08-21T00:00:00+02:00 Thomas Ferris Nicolaisen No froscon10, Behind the scenes How a Bonn software development company became more agile in a year In the last ten years our industry has seen a slow but steady adoption of agile practices. Methodologies like Scrum and eXtreme Programming have long been taught and spread through conferences, courses and consultants, but many companies still struggle to introduce the practices that really matter. Luckily, tools that support these practices have become cheaper/free, and knowledge around agile practices is willingly shared through blogs and wikis online. The open-source alternatives have increased in maturity, and today there is little standing in the way of introducing practices like continuous integration, even with limited resources. This talk is an experience report from how we introduced a number of agile practices into IP Labs, increasing transparency, quality and productivity throughout or process. We will show which practices were easy to introduce, which were hard, and how one depended on the other. After attending this talk, you should have some concrete ideas on how you can get started in your own organization, which pitfalls to avoid, and how to gradually increase agility. about this event: http://programm.froscon.org/2010/events/546.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_546_-_en_-_agile_in_a_year_-_thomas_ferris_nicolaisen.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_550_-_de_-_gute_open-source-projekte_bestehen_aus_mehr_als_nur_code_-_michael_prokop.mp4 Hinter einem erfolgreichem Open-Source-Projekt steckt mehr als nur guter Code. Von professionellem Release-Management und dem Support, über die Pressearbeit und Zusammenarbeit mit der Community bis hin zu Projektinfrastruktur und Dokumentation sind viele Faktoren für den Erfolg oder Misserfolg eines Projekts verantwortlich. Welche Fehler gilt es zu vermeiden, wie startet man ein neues Projekt am Besten und was kann man beim eigenen Projekt verbessern? about this event: http://programm.froscon.org/2010/events/550.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_550_-_de_-_gute_open-source-projekte_bestehen_aus_mehr_als_nur_code_-_michael_prokop.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_550_-_de_-_gute_open-source-projekte_bestehen_aus_mehr_als_nur_code_-_michael_prokop.mp4 2010-08-21T00:00:00+02:00 Michael Prokop No froscon10, Behind the scenes Das Zen des Open-Source-Projektmanagements Hinter einem erfolgreichem Open-Source-Projekt steckt mehr als nur guter Code. Von professionellem Release-Management und dem Support, über die Pressearbeit und Zusammenarbeit mit der Community bis hin zu Projektinfrastruktur und Dokumentation sind viele Faktoren für den Erfolg oder Misserfolg eines Projekts verantwortlich. Welche Fehler gilt es zu vermeiden, wie startet man ein neues Projekt am Besten und was kann man beim eigenen Projekt verbessern? about this event: http://programm.froscon.org/2010/events/550.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_550_-_de_-_gute_open-source-projekte_bestehen_aus_mehr_als_nur_code_-_michael_prokop.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_551_-_de_-_lumiera_-_hermann_vosseler.mp4 Das Projekt Lumiera entwickelt einen professionellen Video-Editor für Linux. Ausgehend von den speziellen Anforderungen beim Schneiden eines Spiel- oder Dokumentarfilmes erläutert dieser Vortrag anhand ausgewählter Einzelprobleme den besonderen Ansatz dieses Projektes, der es von bestehender OpenSource Videobearbeitungssoftware unterscheidet. about this event: http://programm.froscon.org/2010/events/551.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_551_-_de_-_lumiera_-_hermann_vosseler.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_551_-_de_-_lumiera_-_hermann_vosseler.mp4 2010-08-22T00:00:00+02:00 Hermann Voßeler No froscon10, Other Entwicklung eines professionellen Schnittsystems für Linux Das Projekt Lumiera entwickelt einen professionellen Video-Editor für Linux. Ausgehend von den speziellen Anforderungen beim Schneiden eines Spiel- oder Dokumentarfilmes erläutert dieser Vortrag anhand ausgewählter Einzelprobleme den besonderen Ansatz dieses Projektes, der es von bestehender OpenSource Videobearbeitungssoftware unterscheidet. about this event: http://programm.froscon.org/2010/events/551.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_551_-_de_-_lumiera_-_hermann_vosseler.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_552_-_de_-_khairn_-_open_source_projektmanagement_-_jutta_horstmann.mp4 Erfolgreiches Projektmanagement benötigt ein effizientes Werkzeug, das alle Prozesse eines großen Projekts aus einer Hand unterstützt. Khairn ist ein Projektmanagement-Tool auf Drupal-Basis, das seine Stärken bereits vielfach im Projektalltag ausspielen konnte. Der Vortrag gibt eine Einführung in den Aufbau von Khairn und erläutert das Konzept des „Requirement-Driven Project Management“ sowie dessen Vorzüge für die Projektkommunikation. about this event: http://programm.froscon.org/2010/events/552.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_552_-_de_-_khairn_-_open_source_projektmanagement_-_jutta_horstmann.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_552_-_de_-_khairn_-_open_source_projektmanagement_-_jutta_horstmann.mp4 2010-08-21T00:00:00+02:00 Jutta Horstmann No froscon10, Collaboration Requirement-driven project management Erfolgreiches Projektmanagement benötigt ein effizientes Werkzeug, das alle Prozesse eines großen Projekts aus einer Hand unterstützt. Khairn ist ein Projektmanagement-Tool auf Drupal-Basis, das seine Stärken bereits vielfach im Projektalltag ausspielen konnte. Der Vortrag gibt eine Einführung in den Aufbau von Khairn und erläutert das Konzept des „Requirement-Driven Project Management“ sowie dessen Vorzüge für die Projektkommunikation. about this event: http://programm.froscon.org/2010/events/552.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_552_-_de_-_khairn_-_open_source_projektmanagement_-_jutta_horstmann.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_554_-_de_-_open_source_in_der_luft-_und_raumfahrt-forschung_-_andreas_schreiber.mp4 In der Luft- und Raumfahrt spielen Computer eine sehr zentrale Rolle. Die darauf laufende Software umfasst missionskritische Software, die meist echt-zeitfähig und in ein übergeordnetes technisches System eingebettet ist, effiziente Codes, vor allem Simulationsalgorithmen mit hohen Anforderungen an Performance, Software, die bei komplexen Anwendungen oder im Umgang mit umfangreichen Datenbeständen unterstützt und Systeme mit vielen Benutzern, meist Internet-, Intranet- oder E-Mail-Anwendungen. In fast allen Instituten und sämtlichen Forschungsgebieten des Deutschen Zentrums für Luft- und Raumfahrt (DLR) wird Software entwickelt, wobei der Umfang der einzelnen Software-Pakete dabei stark variiert und reicht von kleinsten Entwicklungen, die etwa durch Studenten erstellt werden, bis hin zu sehr großen Softwaresystemen, die gemeinsam mit Partnern aus Forschung und Industrie über viele Jahre entwickelt werden. Fast allen Entwicklungen ist gemein, dass durch die konsequente Nutzung frei erhältlicher Open-Source-Software der gesamte Entwicklungsaufwand deutlich reduziert wird. In einigen Fällen wurde nur etwa zehn Prozent neu programmiert. Zudem profitieren viele Software-Systeme des DLR von der Stabilität der vielfach getesteten Open-Source-Software und deren ständigen Weiterentwicklung. Insgesamt ist Open-Source-Software eine wichtige Kerntechnologie für viele Entwicklungen des DLR geworden.Neben der Nutzung freier Software stellt das DLR viele eigene Entwicklungen als Open-Source-Software der Allgemeinheit zur Verfügung oder beteiligt sich aktiv an der Weiterentwicklung existierender Open-Source-Software. about this event: http://programm.froscon.org/2010/events/554.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_554_-_de_-_open_source_in_der_luft-_und_raumfahrt-forschung_-_andreas_schreiber.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_554_-_de_-_open_source_in_der_luft-_und_raumfahrt-forschung_-_andreas_schreiber.mp4 2010-08-22T00:00:00+02:00 Andreas Schreiber No froscon10, Other In der Luft- und Raumfahrt spielen Computer eine sehr zentrale Rolle. Die darauf laufende Software umfasst missionskritische Software, die meist echt-zeitfähig und in ein übergeordnetes technisches System eingebettet ist, effiziente Codes, vor allem Simulationsalgorithmen mit hohen Anforderungen an Performance, Software, die bei komplexen Anwendungen oder im Umgang mit umfangreichen Datenbeständen unterstützt und Systeme mit vielen Benutzern, meist Internet-, Intranet- oder E-Mail-Anwendungen. In fast allen Instituten und sämtlichen Forschungsgebieten des Deutschen Zentrums für Luft- und Raumfahrt (DLR) wird Software entwickelt, wobei der Umfang der einzelnen Software-Pakete dabei stark variiert und reicht von kleinsten Entwicklungen, die etwa durch Studenten erstellt werden, bis hin zu sehr großen Softwaresystemen, die gemeinsam mit Partnern aus Forschung und Industrie über viele Jahre entwickelt werden. Fast allen Entwicklungen ist gemein, dass durch die konsequente Nutzung frei erhältlicher Open-Source-Software der gesamte Entwicklungsaufwand deutlich reduziert wird. In einigen Fällen wurde nur etwa zehn Prozent neu programmiert. Zudem profitieren viele Software-Systeme des DLR von der Stabilität der vielfach getesteten Open-Source-Software und deren ständigen Weiterentwicklung. Insgesamt ist Open-Source-Software eine wichtige Kerntechnologie für viele Entwicklungen des DLR geworden.Neben der Nutzung freier Software stellt das DLR viele eigene Entwicklungen als Open-Source-Software der Allgemeinheit zur Verfügung oder beteiligt sich aktiv an der Weiterentwicklung existierender Open-Source-Software. about this event: http://programm.froscon.org/2010/events/554.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_554_-_de_-_open_source_in_der_luft-_und_raumfahrt-forschung_-_andreas_schreiber.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_559_-_de_-_performance_-_observability_-_debugging_-_joerg_moellenkamp.mp4 Eine Frage, die sich der geneigte Admin des häufigeren stellt ist die Frage, was eigentlich ihr/sein System gerade macht? Wo verliert eine Applikation Zeit, wo kann man noch Zeit gewinnen. Dieser Vortrag soll am Beispiel von OpenSolaris zeigen, wie man aus dieser Betriebsystemumgebung die nötigen Informationen gewinnt: Der Vortrag geht über die *stat tools über DTrace bis hin zum kstat-Interface von Solaris und soll am Ende kurz auch auf das dim_stat Tool eingehen, mit dem sowohl unter Solaris als auch Linux Informationen zum System gesammelt werden koennen. PS: Nebenstory des Vortrags "Warum Solaris deswegen in der Entwicklung eine gute Idee ist ..." about this event: http://programm.froscon.org/2010/events/559.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_559_-_de_-_performance_-_observability_-_debugging_-_joerg_moellenkamp.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_559_-_de_-_performance_-_observability_-_debugging_-_joerg_moellenkamp.mp4 2010-08-21T00:00:00+02:00 Jörg Möllenkamp No froscon10, Administration oder: Was treibt mein Unix eigentlich? Eine Frage, die sich der geneigte Admin des häufigeren stellt ist die Frage, was eigentlich ihr/sein System gerade macht? Wo verliert eine Applikation Zeit, wo kann man noch Zeit gewinnen. Dieser Vortrag soll am Beispiel von OpenSolaris zeigen, wie man aus dieser Betriebsystemumgebung die nötigen Informationen gewinnt: Der Vortrag geht über die *stat tools über DTrace bis hin zum kstat-Interface von Solaris und soll am Ende kurz auch auf das dim_stat Tool eingehen, mit dem sowohl unter Solaris als auch Linux Informationen zum System gesammelt werden koennen. PS: Nebenstory des Vortrags "Warum Solaris deswegen in der Entwicklung eine gute Idee ist ..." about this event: http://programm.froscon.org/2010/events/559.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_559_-_de_-_performance_-_observability_-_debugging_-_joerg_moellenkamp.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_563_-_de_-_redmine_und_dann_-_holger_just.mp4 Redmine ist installiert, ein paar Projekte sind angelegt, und die Defaulteinstellungen scheinen gut zu klappen. Alles läuft gut, ein paar Kleinigkeiten scheinen allerdings noch zu fehlen, aber was? Redmine eignet sich nicht nur hervorragend zum verwalten von "einfachen" Softwareprojekten, sondern dank der hohen Anpassbarkeit des System zu komplexeren oder gar nicht softwarebezogenen Projekten. about this event: http://programm.froscon.org/2010/events/563.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_563_-_de_-_redmine_und_dann_-_holger_just.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_563_-_de_-_redmine_und_dann_-_holger_just.mp4 2010-08-21T00:00:00+02:00 Holger Just No froscon10, Development Projektmanagement, nicht nur für Software Redmine ist installiert, ein paar Projekte sind angelegt, und die Defaulteinstellungen scheinen gut zu klappen. Alles läuft gut, ein paar Kleinigkeiten scheinen allerdings noch zu fehlen, aber was? Redmine eignet sich nicht nur hervorragend zum verwalten von "einfachen" Softwareprojekten, sondern dank der hohen Anpassbarkeit des System zu komplexeren oder gar nicht softwarebezogenen Projekten. about this event: http://programm.froscon.org/2010/events/563.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_563_-_de_-_redmine_und_dann_-_holger_just.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_564_-_de_-_quadrocopter_fuer_anfaenger_-_timo_boettcher.mp4 Steini's Vortrag auf dem 23C3 hat bei vielen das Interesse für Quadrocopter geweckt. Seit dem sind etwa ein dutzend freie Projekte für Quadro- und Multicopter entstanden. Aber wie funktionieren diese Fluggeräte eigentlich? about this event: http://programm.froscon.org/2010/events/564.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_564_-_de_-_quadrocopter_fuer_anfaenger_-_timo_boettcher.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_564_-_de_-_quadrocopter_fuer_anfaenger_-_timo_boettcher.mp4 2010-08-22T00:00:00+02:00 Timo Boettcher No froscon10, Tinkering How to make them fly Steini's Vortrag auf dem 23C3 hat bei vielen das Interesse für Quadrocopter geweckt. Seit dem sind etwa ein dutzend freie Projekte für Quadro- und Multicopter entstanden. Aber wie funktionieren diese Fluggeräte eigentlich? about this event: http://programm.froscon.org/2010/events/564.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_564_-_de_-_quadrocopter_fuer_anfaenger_-_timo_boettcher.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_565_-_de_-_verteilte_versionskontrolle_in_der_praxis_-_dirk_haun.mp4 Verteilte Versionskontrollsysteme (DVCS) sind im Open-Source-Bereich bereits etabliert. In diesem Vortrag soll beleuchtet werden, wie sich deren Einsatz in der Praxis gestaltet und wie Entwickler (Neulinge wie alte Hasen) damit zurecht kommen. about this event: http://programm.froscon.org/2010/events/565.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_565_-_de_-_verteilte_versionskontrolle_in_der_praxis_-_dirk_haun.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_565_-_de_-_verteilte_versionskontrolle_in_der_praxis_-_dirk_haun.mp4 2010-08-21T00:00:00+02:00 Dirk Haun No froscon10, Development Verteilte Versionskontrollsysteme (DVCS) sind im Open-Source-Bereich bereits etabliert. In diesem Vortrag soll beleuchtet werden, wie sich deren Einsatz in der Praxis gestaltet und wie Entwickler (Neulinge wie alte Hasen) damit zurecht kommen. about this event: http://programm.froscon.org/2010/events/565.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_565_-_de_-_verteilte_versionskontrolle_in_der_praxis_-_dirk_haun.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_566_-_en_-_howto_write_a_website_in_the_cloud_-_geerd-dietger_hoffmann.mp4 Cloud computing is getting more and more popular and has now become more than a hyped theory. Twitter and other big companies happily tap into this massive resource. But how can you write applications harnessing the power of all these machines? This is what this talk will try to explain by showing how to write a little application with Google App Engine and then with Amazon EC2 and S3. about this event: http://programm.froscon.org/2010/events/566.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_566_-_en_-_howto_write_a_website_in_the_cloud_-_geerd-dietger_hoffmann.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_566_-_en_-_howto_write_a_website_in_the_cloud_-_geerd-dietger_hoffmann.mp4 2010-08-21T00:00:00+02:00 Geerd-Dietger Hoffmann No froscon10, Cloud Computing Using Amazon and Google to serve your data Cloud computing is getting more and more popular and has now become more than a hyped theory. Twitter and other big companies happily tap into this massive resource. But how can you write applications harnessing the power of all these machines? This is what this talk will try to explain by showing how to write a little application with Google App Engine and then with Amazon EC2 and S3. about this event: http://programm.froscon.org/2010/events/566.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_566_-_en_-_howto_write_a_website_in_the_cloud_-_geerd-dietger_hoffmann.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_569_-_en_-_a_nosql_guide_-_isabel_drost.mp4 What started as a small user group twelve months ago has turned into a world wide movement of developers looking into alternative storage systems that do not necessarily support the standard query language. Most of them come with alternative ways to query databases, usually they focus either on consistency, availability or partition tolerance. This talks tries to give an overview of the existing NoSQL ecosystem - explaining what are the special use cases of each database variant. about this event: http://programm.froscon.org/2010/events/569.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_569_-_en_-_a_nosql_guide_-_isabel_drost.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_569_-_en_-_a_nosql_guide_-_isabel_drost.mp4 2010-08-21T00:00:00+02:00 Isabel Drost No froscon10, NoSQL What started as a small user group twelve months ago has turned into a world wide movement of developers looking into alternative storage systems that do not necessarily support the standard query language. Most of them come with alternative ways to query databases, usually they focus either on consistency, availability or partition tolerance. This talks tries to give an overview of the existing NoSQL ecosystem - explaining what are the special use cases of each database variant. about this event: http://programm.froscon.org/2010/events/569.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_569_-_en_-_a_nosql_guide_-_isabel_drost.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_577_-_en_-_cross_distribution_packaging_-_jan_weber.mp4 Creating a software package to easier distribute the software and to make it available for multiple distributions is quite complicated. Multiple installations are needed to create the packages. This also causes a problem, because there is no central instance to control the data, there can be multiple versions of the software package. Most of the time there is also no easy way to update existing installations, as no repositories are available. The openSUSE BuildService (OBS) offers an easy way to create packages for multiple distributions, e.g. openSUSE, Fedora, Mandriva, Ubuntu and Debian. OBS allows controlling package creation at one single point and moves package creation to a central server, with no need for multiple installations. Also OBS offers the packages in a stand alone repository allowing users to update the installed software when it changes. This talk will give an introduction to the openSUSE BuildService and will outline the benefits of using OBS. The focus will be on creating one package for multiple distributions. about this event: http://programm.froscon.org/2010/events/577.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_577_-_en_-_cross_distribution_packaging_-_jan_weber.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_577_-_en_-_cross_distribution_packaging_-_jan_weber.mp4 2010-08-22T00:00:00+02:00 Jan Weber No froscon10, Packaging Using the openSUSE BuildService for coss distribution packaging Creating a software package to easier distribute the software and to make it available for multiple distributions is quite complicated. Multiple installations are needed to create the packages. This also causes a problem, because there is no central instance to control the data, there can be multiple versions of the software package. Most of the time there is also no easy way to update existing installations, as no repositories are available. The openSUSE BuildService (OBS) offers an easy way to create packages for multiple distributions, e.g. openSUSE, Fedora, Mandriva, Ubuntu and Debian. OBS allows controlling package creation at one single point and moves package creation to a central server, with no need for multiple installations. Also OBS offers the packages in a stand alone repository allowing users to update the installed software when it changes. This talk will give an introduction to the openSUSE BuildService and will outline the benefits of using OBS. The focus will be on creating one package for multiple distributions. about this event: http://programm.froscon.org/2010/events/577.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_577_-_en_-_cross_distribution_packaging_-_jan_weber.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_583_-_de_-_automatisiertes_bauen_von_deb-paketen_aus_vcs-snapshots_-_axel_beckert.mp4 Auch wenn es für Debian selbst weniger sinnvoll ist, Pakete automatisiert und ohne Qualitätskontrolle zu bauen und ins Archiv hochzuladen, so ist es für die Entwickler-Community eines Programmes doch oft sehr angenehm und hilfreich aktuelle Snapshots nicht immer selbst kompilieren und installieren zu müssen sondern sie einfach per APT aus einem Repository zu installieren. about this event: http://programm.froscon.org/2010/events/583.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_583_-_de_-_automatisiertes_bauen_von_deb-paketen_aus_vcs-snapshots_-_axel_beckert.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_583_-_de_-_automatisiertes_bauen_von_deb-paketen_aus_vcs-snapshots_-_axel_beckert.mp4 2010-08-22T00:00:00+02:00 Axel Beckert No froscon10, Packaging Nightly Builds als .deb Auch wenn es für Debian selbst weniger sinnvoll ist, Pakete automatisiert und ohne Qualitätskontrolle zu bauen und ins Archiv hochzuladen, so ist es für die Entwickler-Community eines Programmes doch oft sehr angenehm und hilfreich aktuelle Snapshots nicht immer selbst kompilieren und installieren zu müssen sondern sie einfach per APT aus einem Repository zu installieren. about this event: http://programm.froscon.org/2010/events/583.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_583_-_de_-_automatisiertes_bauen_von_deb-paketen_aus_vcs-snapshots_-_axel_beckert.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_586_-_en_-_find_it_possibly_near_you_with_apache_solr_-_paul_borgermans.mp4 An overview of the Apache Solr search and general information retrieval server, including upcoming features such as geo-aware searching and "cloud" functionalities. about this event: http://programm.froscon.org/2010/events/586.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_586_-_en_-_find_it_possibly_near_you_with_apache_solr_-_paul_borgermans.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_586_-_en_-_find_it_possibly_near_you_with_apache_solr_-_paul_borgermans.mp4 2010-08-21T00:00:00+02:00 Paul Borgermans No froscon10, Other An overview of the Apache Solr search and general information retrieval server, including upcoming features such as geo-aware searching and "cloud" functionalities. about this event: http://programm.froscon.org/2010/events/586.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_586_-_en_-_find_it_possibly_near_you_with_apache_solr_-_paul_borgermans.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_588_-_de_-_simplevoc_-_yet_another_memcached_-_frank_celler.mp4 Zur Zeit existieren viele, verschiedene Key/Value-Datenbanken. Neben dem Urvater "memcached" gibt es kompatible Produkte, wie beispielsweise Redis, oder Neuentwicklungen ala Dynamo oder Riak. Warum sollte man also eine weitere Key/Value-Datenbank bauen? Der Vortrag beschreibt, aus welchen Bausteine eine solche Datenbank besteht, warum HTTP/JSON zur Zeit die Protokolle der Wahl sind, und warum man Dank des Satzes von Brewer (aka CAP Theorem) manchmal nicht alles haben kann. about this event: http://programm.froscon.org/2010/events/588.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_588_-_de_-_simplevoc_-_yet_another_memcached_-_frank_celler.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_588_-_de_-_simplevoc_-_yet_another_memcached_-_frank_celler.mp4 2010-08-21T00:00:00+02:00 Frank Celler No froscon10, NoSQL Bausteine für eine Key/Value-Datenbank Zur Zeit existieren viele, verschiedene Key/Value-Datenbanken. Neben dem Urvater "memcached" gibt es kompatible Produkte, wie beispielsweise Redis, oder Neuentwicklungen ala Dynamo oder Riak. Warum sollte man also eine weitere Key/Value-Datenbank bauen? Der Vortrag beschreibt, aus welchen Bausteine eine solche Datenbank besteht, warum HTTP/JSON zur Zeit die Protokolle der Wahl sind, und warum man Dank des Satzes von Brewer (aka CAP Theorem) manchmal nicht alles haben kann. about this event: http://programm.froscon.org/2010/events/588.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_588_-_de_-_simplevoc_-_yet_another_memcached_-_frank_celler.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_591_-_en_-_a_look_into_a_mysql_dbas_toolchest_-_lenz_grimmer.mp4 An introduction and overview to the most popular and commonly used tools and tool collections that make performing MySQL administration tasks on Linux and other Unix systems a breeze. about this event: http://programm.froscon.org/2010/events/591.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_591_-_en_-_a_look_into_a_mysql_dbas_toolchest_-_lenz_grimmer.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_591_-_en_-_a_look_into_a_mysql_dbas_toolchest_-_lenz_grimmer.mp4 2010-08-22T00:00:00+02:00 Lenz Grimmer No froscon10, OpenSQLCamp An introduction and overview to the most popular and commonly used tools and tool collections that make performing MySQL administration tasks on Linux and other Unix systems a breeze. about this event: http://programm.froscon.org/2010/events/591.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_591_-_en_-_a_look_into_a_mysql_dbas_toolchest_-_lenz_grimmer.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_592_-_de_-_zfs_unter_linux_-_lenz_grimmer.mp4 Dieser Vortrag gibt einen Überblick über die Vorzüge von ZFS und wie sich das Dateisystem mit Hilfe des "Filesystem in Userspace" (FUSE) unter Linux nutzen läßt. Es werden nützliche Konfigurationen und Tricks und Scripts vorgestellt, wie ZFS unter Linux effektiv genutzt werden kann, z.B. für Backup- und Archivierungszwecke oder zum Datenaustausch zwischen Linux- und OpenSolaris/Solaris-Systemen auf dem gleichen Rechner. about this event: http://programm.froscon.org/2010/events/592.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_592_-_de_-_zfs_unter_linux_-_lenz_grimmer.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_592_-_de_-_zfs_unter_linux_-_lenz_grimmer.mp4 2010-08-22T00:00:00+02:00 Lenz Grimmer No froscon10, Operating Systems Dieser Vortrag gibt einen Überblick über die Vorzüge von ZFS und wie sich das Dateisystem mit Hilfe des "Filesystem in Userspace" (FUSE) unter Linux nutzen läßt. Es werden nützliche Konfigurationen und Tricks und Scripts vorgestellt, wie ZFS unter Linux effektiv genutzt werden kann, z.B. für Backup- und Archivierungszwecke oder zum Datenaustausch zwischen Linux- und OpenSolaris/Solaris-Systemen auf dem gleichen Rechner. about this event: http://programm.froscon.org/2010/events/592.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_592_-_de_-_zfs_unter_linux_-_lenz_grimmer.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_595_-_de_-_die_open_source_cloud_ein_ueberblick_-_michael_kleinhenz.mp4 Mit Cloud-Computing wurde eine Möglichkeit geschaffen, Infrastrukturen "on Demand" bereit zu stellen und für einen konkreten, auch kurzfristigen Einsatz zu skalieren. Weiterhin wird durch die Anwendung von massiver Parallelisierung die effiziente Verarbeitung von großen Datenmengen erst möglich. Der Vortrag gibt einen Überblick über aktuelle Cloud-Technologien und Infrastrukturen. Von den Vor- und Nachteilen der Google App Engine über die Möglichkeiten der Amazon EC2-Cloud-Infrastruktur bis zu Open Source Frameworks wie der Red Hat Cloud Infrastructure oder dem Parallelisierungsframework Apache Hadoop werden Beispielszenarien, Einsatzmöglichkeiten und technische Details vorgestellt und anhand praktischer Beispiele demonstriert. about this event: http://programm.froscon.org/2010/events/595.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_595_-_de_-_die_open_source_cloud_ein_ueberblick_-_michael_kleinhenz.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_595_-_de_-_die_open_source_cloud_ein_ueberblick_-_michael_kleinhenz.mp4 2010-08-21T00:00:00+02:00 Michael Kleinhenz No froscon10, Cloud Computing Mit Cloud-Computing wurde eine Möglichkeit geschaffen, Infrastrukturen "on Demand" bereit zu stellen und für einen konkreten, auch kurzfristigen Einsatz zu skalieren. Weiterhin wird durch die Anwendung von massiver Parallelisierung die effiziente Verarbeitung von großen Datenmengen erst möglich. Der Vortrag gibt einen Überblick über aktuelle Cloud-Technologien und Infrastrukturen. Von den Vor- und Nachteilen der Google App Engine über die Möglichkeiten der Amazon EC2-Cloud-Infrastruktur bis zu Open Source Frameworks wie der Red Hat Cloud Infrastructure oder dem Parallelisierungsframework Apache Hadoop werden Beispielszenarien, Einsatzmöglichkeiten und technische Details vorgestellt und anhand praktischer Beispiele demonstriert. about this event: http://programm.froscon.org/2010/events/595.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_595_-_de_-_die_open_source_cloud_ein_ueberblick_-_michael_kleinhenz.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_599_-_en_-_shooting_from_the_hip._mysql_at_the_command_line._-_lenz_grimmer.mp4 GUIs are nice to see, but the command line is so much more powerful. Learn the basics of the command line power. Using standard tools and a bit of creativity, you can put together results that few GUIs can achieve. And, most important, you get the result immediately. No need to wait till the developers implement the features you need. With the command line, you are the master and the owner of your system. about this event: http://programm.froscon.org/2010/events/599.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_599_-_en_-_shooting_from_the_hip._mysql_at_the_command_line._-_lenz_grimmer.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_599_-_en_-_shooting_from_the_hip._mysql_at_the_command_line._-_lenz_grimmer.mp4 2010-08-21T00:00:00+02:00 Lenz Grimmer No froscon10, OpenSQLCamp Mastering MySQL from the command line, like a guru GUIs are nice to see, but the command line is so much more powerful. Learn the basics of the command line power. Using standard tools and a bit of creativity, you can put together results that few GUIs can achieve. And, most important, you get the result immediately. No need to wait till the developers implement the features you need. With the command line, you are the master and the owner of your system. about this event: http://programm.froscon.org/2010/events/599.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_599_-_en_-_shooting_from_the_hip._mysql_at_the_command_line._-_lenz_grimmer.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_600_-_de_-_mongodb_on_rails_-_jan_krutisch.mp4 MongoDB, an Open Source Document Database from 10gen is, from all NoSQL databases, probably the closest in concepts and usage to SQL databases. Still, the Document oriented approach has quite some appeal to web developers and also MongoDB promises to scale a lot better than your average SQL database. Ruby bindings and Rails integration libraries are currently maturing and there are quite a few people using this combination in production. This talk will gloss over the general concepts behind MongoDB usage and then show the various ways of using it in your Ruby and Rails Projects. about this event: http://programm.froscon.org/2010/events/600.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_600_-_de_-_mongodb_on_rails_-_jan_krutisch.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_600_-_de_-_mongodb_on_rails_-_jan_krutisch.mp4 2010-08-22T00:00:00+02:00 Jan Krutisch No froscon10, Web Using MongoDB in your Rails and Ruby projects MongoDB, an Open Source Document Database from 10gen is, from all NoSQL databases, probably the closest in concepts and usage to SQL databases. Still, the Document oriented approach has quite some appeal to web developers and also MongoDB promises to scale a lot better than your average SQL database. Ruby bindings and Rails integration libraries are currently maturing and there are quite a few people using this combination in production. This talk will gloss over the general concepts behind MongoDB usage and then show the various ways of using it in your Ruby and Rails Projects. about this event: http://programm.froscon.org/2010/events/600.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_600_-_de_-_mongodb_on_rails_-_jan_krutisch.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_603_-_en_-_open-source_crypto_accelerator_-_mickey.mp4 going deeper from crypto(4) framework to a standalone crypto cruncher about this event: http://programm.froscon.org/2010/events/603.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_603_-_en_-_open-source_crypto_accelerator_-_mickey.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_603_-_en_-_open-source_crypto_accelerator_-_mickey.mp4 2010-08-22T00:00:00+02:00 mickey No froscon10, Tinkering going deeper from crypto(4) framework to a standalone crypto cruncher about this event: http://programm.froscon.org/2010/events/603.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_603_-_en_-_open-source_crypto_accelerator_-_mickey.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_604_-_en_-_mysql_plugins_-_what_are_they_-_sergei_golubchik.mp4 You have heard about "MySQL Plugins", but have no idea what that means ? This technology is GA for almost two years, still surprisingly few users know about it, even though it can help to advance their applications in the most drastic way. The talk will look at MySQL plugins from the end user point of view. What are they, what can they do, how can you use them, what plugins are available - these are the topics of this talk. about this event: http://programm.froscon.org/2010/events/604.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_604_-_en_-_mysql_plugins_-_what_are_they_-_sergei_golubchik.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_604_-_en_-_mysql_plugins_-_what_are_they_-_sergei_golubchik.mp4 2010-08-22T00:00:00+02:00 Sergei Golubchik No froscon10, OpenSQLCamp how can you use them to do wonders You have heard about "MySQL Plugins", but have no idea what that means ? This technology is GA for almost two years, still surprisingly few users know about it, even though it can help to advance their applications in the most drastic way. The talk will look at MySQL plugins from the end user point of view. What are they, what can they do, how can you use them, what plugins are available - these are the topics of this talk. about this event: http://programm.froscon.org/2010/events/604.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_604_-_en_-_mysql_plugins_-_what_are_they_-_sergei_golubchik.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_605_-_de_-_virtualization_with_kvm_kernel-based_virtual_machine_-_andre_steincke.mp4 This presentation discusses the Kernel-Based Virtual Machine (KVM) which is part of the Linux kernel since version 2.6.20 and is applied for virtualization techniques. An overview of virtualization in general and important tools necessary to attach and administer a guest is given. Furthermore, themes as the migration of virtual machines and high-availabilities are mentioned. Graphical administration tools as for example virt-manager are presented. about this event: http://programm.froscon.org/2010/events/605.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_605_-_de_-_virtualization_with_kvm_kernel-based_virtual_machine_-_andre_steincke.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_605_-_de_-_virtualization_with_kvm_kernel-based_virtual_machine_-_andre_steincke.mp4 2010-08-21T00:00:00+02:00 Andre Steincke No froscon10, Administration This presentation discusses the Kernel-Based Virtual Machine (KVM) which is part of the Linux kernel since version 2.6.20 and is applied for virtualization techniques. An overview of virtualization in general and important tools necessary to attach and administer a guest is given. Furthermore, themes as the migration of virtual machines and high-availabilities are mentioned. Graphical administration tools as for example virt-manager are presented. about this event: http://programm.froscon.org/2010/events/605.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_605_-_de_-_virtualization_with_kvm_kernel-based_virtual_machine_-_andre_steincke.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_606_-_de_-_recovery_of_lost_or_corrupted_innodb_tables_-_aleksandr_kuzminsky.mp4 When an InnoDB table is deleted physically its records remain untouched some time. Knowing how InnoDB stores information and the table’s structure it is possible to recover the records. The session covers topics: * InnoDB page format * Internal system tables SYS_INDEXES and SYS_TABLES * InnoDB Primary and Secondary keys * Typical failure scenarios * Dealing with corrupted InnoDB tablespace * Recovery from a raw partition The session is illustrated with examples using Percona in-house InnoDB Recovery Tool. about this event: http://programm.froscon.org/2010/events/606.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_606_-_de_-_recovery_of_lost_or_corrupted_innodb_tables_-_aleksandr_kuzminsky.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_606_-_de_-_recovery_of_lost_or_corrupted_innodb_tables_-_aleksandr_kuzminsky.mp4 2010-08-21T00:00:00+02:00 Aleksandr Kuzminsky No froscon10, OpenSQLCamp When an InnoDB table is deleted physically its records remain untouched some time. Knowing how InnoDB stores information and the table’s structure it is possible to recover the records. The session covers topics: * InnoDB page format * Internal system tables SYS_INDEXES and SYS_TABLES * InnoDB Primary and Secondary keys * Typical failure scenarios * Dealing with corrupted InnoDB tablespace * Recovery from a raw partition The session is illustrated with examples using Percona in-house InnoDB Recovery Tool. about this event: http://programm.froscon.org/2010/events/606.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_606_-_de_-_recovery_of_lost_or_corrupted_innodb_tables_-_aleksandr_kuzminsky.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_609_-_en_-_rails_3_-_yehuda_katz.mp4 nil about this event: http://programm.froscon.org/2010/events/609.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_609_-_en_-_rails_3_-_yehuda_katz.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_609_-_en_-_rails_3_-_yehuda_katz.mp4 2010-08-22T00:00:00+02:00 Yehuda Katz No froscon10, Web nil about this event: http://programm.froscon.org/2010/events/609.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_609_-_en_-_rails_3_-_yehuda_katz.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_610_-_en_-_testing_database_systems_using_the_random_query_generator_-_philip_stoev.mp4 This talk will present the Random Query Generator, an open-source database testing framework that generates pseudo-random queries and then validates the correct operation of the database using various approaches. The tool is currently being used in the MySQL and Drizzle projects, and will be introduced in MariaDB as well. Given its expressive power and practical effectiveness, it is hoped that other MySQL-derived or NoSQL projects will also adopt it. about this event: http://programm.froscon.org/2010/events/610.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_610_-_en_-_testing_database_systems_using_the_random_query_generator_-_philip_stoev.html Sat, 21 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_610_-_en_-_testing_database_systems_using_the_random_query_generator_-_philip_stoev.mp4 2010-08-21T00:00:00+02:00 Philip Stoev No froscon10, OpenSQLCamp This talk will present the Random Query Generator, an open-source database testing framework that generates pseudo-random queries and then validates the correct operation of the database using various approaches. The tool is currently being used in the MySQL and Drizzle projects, and will be introduced in MariaDB as well. Given its expressive power and practical effectiveness, it is hoped that other MySQL-derived or NoSQL projects will also adopt it. about this event: http://programm.froscon.org/2010/events/610.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_610_-_en_-_testing_database_systems_using_the_random_query_generator_-_philip_stoev.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_635_-_en_-_hiphop_for_php_-_scott_macvicar.mp4 HipHop transforms PHP source code into highly optimized C++ and then compiles it using g++. It allows developers to continue writing complex logical directly with PHP but leverages the speed benefits of C++. HipHop is more than just a theoretical exercise and currently powers the majority of Facebook servers. This session will cover using HipHop and some of the code changes required to use it. about this event: http://programm.froscon.org/2010/events/635.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_635_-_en_-_hiphop_for_php_-_scott_macvicar.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_635_-_en_-_hiphop_for_php_-_scott_macvicar.mp4 2010-08-22T00:00:00+02:00 No froscon10, Web HipHop transforms PHP source code into highly optimized C++ and then compiles it using g++. It allows developers to continue writing complex logical directly with PHP but leverages the speed benefits of C++. HipHop is more than just a theoretical exercise and currently powers the majority of Facebook servers. This session will cover using HipHop and some of the code changes required to use it. about this event: http://programm.froscon.org/2010/events/635.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_635_-_en_-_hiphop_for_php_-_scott_macvicar.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_643_-_en_-_blackray_-_the_state_of_the_engine_-_felix_schupp.mp4 Since its first release in October 2008 the BlackRay Data Engine has come a long way. BlackRay, the high-performance in-memory data engine is a fully SQL enabled relational database, combining database technology and search engine performance and features. about this event: http://programm.froscon.org/2010/events/643.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_643_-_en_-_blackray_-_the_state_of_the_engine_-_felix_schupp.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_643_-_en_-_blackray_-_the_state_of_the_engine_-_felix_schupp.mp4 2010-08-22T00:00:00+02:00 Felix Schupp No froscon10, OpenSQLCamp Since its first release in October 2008 the BlackRay Data Engine has come a long way. BlackRay, the high-performance in-memory data engine is a fully SQL enabled relational database, combining database technology and search engine performance and features. about this event: http://programm.froscon.org/2010/events/643.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_643_-_en_-_blackray_-_the_state_of_the_engine_-_felix_schupp.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_644_-_en_-_antifeatures_-_benjamin_mako_hill.mp4 This talk provides a humorous description of an argument in favor of free software based on what I call "antifeatures:" functionality that users hate and that technology developers will often charge users to not include. From DRM to crippled non-free operating systems to digital cameras, I will show off many of the worst antifeatures and describe how free software both makes them impossible and helps users work around them. about this event: http://programm.froscon.org/2010/events/644.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_644_-_en_-_antifeatures_-_benjamin_mako_hill.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_644_-_en_-_antifeatures_-_benjamin_mako_hill.mp4 2010-08-22T00:00:00+02:00 Benjamin Mako Hill No froscon10, Keynote This talk provides a humorous description of an argument in favor of free software based on what I call "antifeatures:" functionality that users hate and that technology developers will often charge users to not include. From DRM to crippled non-free operating systems to digital cameras, I will show off many of the worst antifeatures and describe how free software both makes them impossible and helps users work around them. about this event: http://programm.froscon.org/2010/events/644.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_644_-_en_-_antifeatures_-_benjamin_mako_hill.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_655_-_en_-_next_generation_capacity_planning_-_stephen_nelson-smith.mp4 Critical to successful systems management is the ability to detect trends within the vast amounts of both technical and business metrics available. The current crop of tools bring with them a number of disadvantages, from the weaknesses associated with the commonly used RRD backends to the presentation and management interfaces which haven't kept up to date with the volume and complexity of modern systems, or the advances in interface design. This talk explores two projects which represent the vanguard of a new breed of capacity planning tools - Visage and Reconnoiter. We'll discuss the design objectives and architecture and look at how to go about implementing them in practice. The talk will conclude with suggestions for improvements to the current approaches, which should give devops ample opportunity to experiment and contribute to the community. about this event: http://programm.froscon.org/2010/events/655.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_655_-_en_-_next_generation_capacity_planning_-_stephen_nelson-smith.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_655_-_en_-_next_generation_capacity_planning_-_stephen_nelson-smith.mp4 2010-08-22T00:00:00+02:00 Stephen Nelson-Smith No froscon10, Administration Critical to successful systems management is the ability to detect trends within the vast amounts of both technical and business metrics available. The current crop of tools bring with them a number of disadvantages, from the weaknesses associated with the commonly used RRD backends to the presentation and management interfaces which haven't kept up to date with the volume and complexity of modern systems, or the advances in interface design. This talk explores two projects which represent the vanguard of a new breed of capacity planning tools - Visage and Reconnoiter. We'll discuss the design objectives and architecture and look at how to go about implementing them in practice. The talk will conclude with suggestions for improvements to the current approaches, which should give devops ample opportunity to experiment and contribute to the community. about this event: http://programm.froscon.org/2010/events/655.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_655_-_en_-_next_generation_capacity_planning_-_stephen_nelson-smith.html http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_667_-_de_-_whats_coming_in_apache_2.4_-_rainer_jung.mp4 Der Apache Web Server ist nach wie vor der am weitesten verbreitete Webserver. Dies wird immer wieder durch die Netcraft-Studie bestätigt. Doch der Markt ist in Bewegung. Nicht nur Microsofts Internet Information Server erobert Markanteile, auch andere Newcomer wie Nginx oder lighttpd liegen gut im Rennen. Gleichzeitig steigen die Anforderungen an moderne Webserver. Neue Kommunikationsmuster wie „Hanging HTTP“ auch genannt „Comet“ oder „Server Push“ skalieren nur noch bei Einsatz einer asynchroner Verarbeitungsarchitektur. Neue Sprachen und RIA-Frameworks bringen neue Anwendungsserver mit, die in Webserver eingebunden werden müssen. Soziale Netzwerke und andere neue Services im Internet verlangen nach sehr großen Farms bei gleichzeitig effizientem Betrieb und schließlich müssen Webserver nahtlos mit Virtualisierung und den aufziehenden Clouds harmonieren. Das Apache HTTP Server-Projekt arbeitet seit einigen Jahren am Release 2.4. Nachdem der Wechsel von 2.0 auf 2.2 keine dramatischen Neuerungen mit sich brachte, stehen jetzt endlich wieder spannende Neuigkeiten an. Wir wollen einen Überblick über die wichtigsten Features und ihren Nutzen präsentieren. about this event: http://programm.froscon.org/2010/events/667.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_667_-_de_-_whats_coming_in_apache_2.4_-_rainer_jung.html Sun, 22 Aug 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2010/mp4/froscon10_-_667_-_de_-_whats_coming_in_apache_2.4_-_rainer_jung.mp4 2010-08-22T00:00:00+02:00 Rainer Jung No froscon10, Web Der Apache Web Server ist nach wie vor der am weitesten verbreitete Webserver. Dies wird immer wieder durch die Netcraft-Studie bestätigt. Doch der Markt ist in Bewegung. Nicht nur Microsofts Internet Information Server erobert Markanteile, auch andere Newcomer wie Nginx oder lighttpd liegen gut im Rennen. Gleichzeitig steigen die Anforderungen an moderne Webserver. Neue Kommunikationsmuster wie „Hanging HTTP“ auch genannt „Comet“ oder „Server Push“ skalieren nur noch bei Einsatz einer asynchroner Verarbeitungsarchitektur. Neue Sprachen und RIA-Frameworks bringen neue Anwendungsserver mit, die in Webserver eingebunden werden müssen. Soziale Netzwerke und andere neue Services im Internet verlangen nach sehr großen Farms bei gleichzeitig effizientem Betrieb und schließlich müssen Webserver nahtlos mit Virtualisierung und den aufziehenden Clouds harmonieren. Das Apache HTTP Server-Projekt arbeitet seit einigen Jahren am Release 2.4. Nachdem der Wechsel von 2.0 auf 2.2 keine dramatischen Neuerungen mit sich brachte, stehen jetzt endlich wieder spannende Neuigkeiten an. Wir wollen einen Überblick über die wichtigsten Features und ihren Nutzen präsentieren. about this event: http://programm.froscon.org/2010/events/667.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2010/froscon10_-_667_-_de_-_whats_coming_in_apache_2.4_-_rainer_jung.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3738-de-verschwoerungsdenken.mp4 Ist darüber, dass über Verschwörungstheorien bereits alles gesagt wurde, bereits alles gesagt worden? Natürlich nicht. Nun hat sich wieder jemand frisch an die Arbeit gemacht, einiges zusammengetragen und sein Eigenes daraus gestrickt. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3738.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3738-de-verschwoerungsdenken.html Fri, 02 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3738-de-verschwoerungsdenken.mp4 2010-04-02T00:00:00+02:00 Nico Bach No eh2010 Eine sozialpsychologische und gesellschaftspolitische Betrachtung des heutigen Verschwörungsdenkens. Ist darüber, dass über Verschwörungstheorien bereits alles gesagt wurde, bereits alles gesagt worden? Natürlich nicht. Nun hat sich wieder jemand frisch an die Arbeit gemacht, einiges zusammengetragen und sein Eigenes daraus gestrickt. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3738.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3738-de-verschwoerungsdenken.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3760-de-schlafhacking.mp4 Schlafhacking ist Monitoring, Recording, Analyse (z.B. der EEG-Signale) und Interaktion (z.B. mit Blinkbrille, Kopfhörern) mit der Außenwelt während man selbst schläft (und träumt, idealerweise luzide). about this event: http://eh2010.muc.ccc.de/fahrplan/events/3760.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3760-de-schlafhacking.html Fri, 02 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3760-de-schlafhacking.mp4 2010-04-02T00:00:00+02:00 PHPat No eh2010 von EEG, BCI und technisch unterstützten Klarträumen Schlafhacking ist Monitoring, Recording, Analyse (z.B. der EEG-Signale) und Interaktion (z.B. mit Blinkbrille, Kopfhörern) mit der Außenwelt während man selbst schläft (und träumt, idealerweise luzide). about this event: http://eh2010.muc.ccc.de/fahrplan/events/3760.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3760-de-schlafhacking.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3772-en-ld1.mp4 a brief outline of ld(1) implementation followed by a description of some security improvements that are done at the linking time such as more randomisation, address space allocation randomisation and another approah to "dynamic" linking. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3772.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3772-en-ld1.html Sat, 03 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3772-en-ld1.mp4 2010-04-03T00:00:00+02:00 mickey No eh2010 a brief outline of ld(1) implementation followed by a description of some security improvements that are done at the linking time such as more randomisation, address space allocation randomisation and another approah to "dynamic" linking. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3772.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3772-en-ld1.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3781_de_whistleblowing.mp4 The presentation deals with the importance of whistleblowing and the hurdels it faces. Starting point is the need for information as a basis of a democracy and the lacks of transparency in several important areas of state, economy and society. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3781.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3781_de_whistleblowing.html Mon, 24 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3781_de_whistleblowing.mp4 2010-05-24T00:00:00+02:00 Guido Strack No sigint10, Aktivisten Whistleblowing: Demokratie braucht Zivilcourage und Transparenz The presentation deals with the importance of whistleblowing and the hurdels it faces. Starting point is the need for information as a basis of a democracy and the lacks of transparency in several important areas of state, economy and society. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3781.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3781_de_whistleblowing.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3798_de_imaginaeres_eigentum.mp4 Aufbauend auf den Argumenten von Hans-Hermann Hoppe und Stephan Kinsella, wird das philosophische Argument dargelegt mit dem das Eigentumsrecht begründet wird und daraus abgeleitet wieso sich ein Recht an geistiges Eigentum nicht philosophisch begründen lässt bzw. nicht ethisch vertreten werden kann. Da die Argumentation im wesentlichen auf das Naturrecht beruht, wird eine kurze Kritik an der alternative, dem positiven Recht, gegeben. Das Eigentumsrecht wird begründet durch die Knappheit und der dadurch bestehenden Möglichkeit für physische Konflikte die vermieden werden sollen. Eigentum wird definiert und die verschiedenen Möglichkeiten zur Aneignung von Eigentum insb. die originäre Aneignung nach John Locke wird dargelegt. Ein kurze Erläuterung zu den verschiedenen Beweisen mit denen das Eigentum begründet werden kann schließt das Argument ab, sodass die wohl fundiert zu dem Argument gegen geistiges "Eigentum" fortgefahren werden kann. Geistiges Eigentum ist vor diesem Hintergrund eine gesetzliche Konstruktion die eine neue Art der originären Aneignung vorschlägt die wir kritisch betrachten müssen. Es ist nicht begründet durch Knappheit, was einen weiteren Kritikpunkt darstellt und nicht zuletzt wird damit in das Eigentum anderer eingegriffen, da diese nicht weiter frei über ihr Eigentum verfügen dürfen. Einige utilitaristische Verteidigungen für geistiges Eigentum sowie eine mögliche Begründung durch das Vertragsrecht werden dargelegt und es wird gezeigt, dass sie ebenfalls nicht vertretbar sind. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3798.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3798_de_imaginaeres_eigentum.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3798_de_imaginaeres_eigentum.mp4 2010-05-23T00:00:00+02:00 Manuel Barkhau No sigint10, Aktivisten Kritik am geistigen Eigentum aus der naturrechtlichen Perspektive Aufbauend auf den Argumenten von Hans-Hermann Hoppe und Stephan Kinsella, wird das philosophische Argument dargelegt mit dem das Eigentumsrecht begründet wird und daraus abgeleitet wieso sich ein Recht an geistiges Eigentum nicht philosophisch begründen lässt bzw. nicht ethisch vertreten werden kann. Da die Argumentation im wesentlichen auf das Naturrecht beruht, wird eine kurze Kritik an der alternative, dem positiven Recht, gegeben. Das Eigentumsrecht wird begründet durch die Knappheit und der dadurch bestehenden Möglichkeit für physische Konflikte die vermieden werden sollen. Eigentum wird definiert und die verschiedenen Möglichkeiten zur Aneignung von Eigentum insb. die originäre Aneignung nach John Locke wird dargelegt. Ein kurze Erläuterung zu den verschiedenen Beweisen mit denen das Eigentum begründet werden kann schließt das Argument ab, sodass die wohl fundiert zu dem Argument gegen geistiges "Eigentum" fortgefahren werden kann. Geistiges Eigentum ist vor diesem Hintergrund eine gesetzliche Konstruktion die eine neue Art der originären Aneignung vorschlägt die wir kritisch betrachten müssen. Es ist nicht begründet durch Knappheit, was einen weiteren Kritikpunkt darstellt und nicht zuletzt wird damit in das Eigentum anderer eingegriffen, da diese nicht weiter frei über ihr Eigentum verfügen dürfen. Einige utilitaristische Verteidigungen für geistiges Eigentum sowie eine mögliche Begründung durch das Vertragsrecht werden dargelegt und es wird gezeigt, dass sie ebenfalls nicht vertretbar sind. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3798.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3798_de_imaginaeres_eigentum.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3800_en_ndis.mp4 This paper clearly describes the interception and analysis of malicious network traffic through the NDIS intermediate driver. Source codes will be provided in this paper and act as an interception-driver for network malicious traffic. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3800.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3800_en_ndis.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3800_en_ndis.mp4 2010-05-23T00:00:00+02:00 Lee No sigint10, Hacker This paper clearly describes the interception and analysis of malicious network traffic through the NDIS intermediate driver. Source codes will be provided in this paper and act as an interception-driver for network malicious traffic. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3800.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3800_en_ndis.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3825_de_AIDA.mp4 AIDA -die Algebraische IV DifferentialAttacke- bricht BIVIUM (A&B) in wenigen Minuten und errechnet einen TRIVIUM-Teilschlüssel bei einer reduzierten Setuplänge von 792 = 11/16*1152. Wir sehen uns an, was hinter AIDA steckt (DNF,ANF,IEP,RMT, d.h. Disjunktive und Algebraische Normalform, Ein/Ausschließungsprinzip, (Schnelle) Reed-Muller-Transformation), welche Ergebnisse bisher vorliegen und was AIDA für zukünftige Stromchiffren bedeutet. Die sogenannte "Cube attack" (Dinur/Shamir) von 2008 ist eine Whlg der AIDA-Idee (von 2007), in anderen Worten, ein Plagiat. Wer sich für die "cube attack" interessiert, kommt hier voll auf seine/ihre Kosten. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3825.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3825_de_AIDA.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3825_de_AIDA.mp4 2010-05-23T00:00:00+02:00 Vielhaber No sigint10, Hacker BIVIUM A/B und (792/1152)stel TRIVIUM gebrochen, wie weiter? AIDA -die Algebraische IV DifferentialAttacke- bricht BIVIUM (A&B) in wenigen Minuten und errechnet einen TRIVIUM-Teilschlüssel bei einer reduzierten Setuplänge von 792 = 11/16*1152. Wir sehen uns an, was hinter AIDA steckt (DNF,ANF,IEP,RMT, d.h. Disjunktive und Algebraische Normalform, Ein/Ausschließungsprinzip, (Schnelle) Reed-Muller-Transformation), welche Ergebnisse bisher vorliegen und was AIDA für zukünftige Stromchiffren bedeutet. Die sogenannte "Cube attack" (Dinur/Shamir) von 2008 ist eine Whlg der AIDA-Idee (von 2007), in anderen Worten, ein Plagiat. Wer sich für die "cube attack" interessiert, kommt hier voll auf seine/ihre Kosten. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3825.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3825_de_AIDA.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3830_de_on_bits_and_pieces.mp4 The Call for Papers for SIGINT 2010 claims that "the world of atoms and the world of bits operate on completely different levels.". Of course there is some truth to this claim. However, if we think about society and its future it is also a wrong claim in interesting ways. First the talk compares matter and information as concepts where they are different. It then moves on to the societal question and outlines why production is the common denominator of information and matter. Finally the talk considers a few implications for the future. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3830.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3830_de_on_bits_and_pieces.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3830_de_on_bits_and_pieces.mp4 2010-05-22T00:00:00+02:00 Stefan Merten No sigint10, Aktivisten How Information and Matter Are Similar The Call for Papers for SIGINT 2010 claims that "the world of atoms and the world of bits operate on completely different levels.". Of course there is some truth to this claim. However, if we think about society and its future it is also a wrong claim in interesting ways. First the talk compares matter and information as concepts where they are different. It then moves on to the societal question and outlines why production is the common denominator of information and matter. Finally the talk considers a few implications for the future. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3830.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3830_de_on_bits_and_pieces.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3838_de_wo_sind_die_fnords.mp4 Neben "Snafu" ist "Fnord" der Begriff aus der diskordischen Philosophie, der bis heute am häufigsten verwendet wird. Die Fnords sind die Operatoren der Manipulation, die verborgenen Schaltwörter der Kontrolle. Sie stecken als unterschwellige negative Verstärker in den Nachrichten, in der Zeitung, in den Schulbüchern. "Das Wesen der Kontrolle ist Angst", heißt es in der "Illuminatus!"-Trilogie, und die Fnords stellen diese Angst her. Aber tun sie das wirklich? Und wo stecken sie denn genau? Und geht die Angst wirklich weg, wenn man sie sieht? about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3838.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3838_de_wo_sind_die_fnords.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3838_de_wo_sind_die_fnords.mp4 2010-05-23T00:00:00+02:00 classless Kulla No sigint10, Aktivisten Sind sie da - sind sie weg Neben "Snafu" ist "Fnord" der Begriff aus der diskordischen Philosophie, der bis heute am häufigsten verwendet wird. Die Fnords sind die Operatoren der Manipulation, die verborgenen Schaltwörter der Kontrolle. Sie stecken als unterschwellige negative Verstärker in den Nachrichten, in der Zeitung, in den Schulbüchern. "Das Wesen der Kontrolle ist Angst", heißt es in der "Illuminatus!"-Trilogie, und die Fnords stellen diese Angst her. Aber tun sie das wirklich? Und wo stecken sie denn genau? Und geht die Angst wirklich weg, wenn man sie sieht? about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3838.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3838_de_wo_sind_die_fnords.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3867_de_ccc_jahreszwischenbericht.mp4 Auch aus dem Jahr 2009 gibt es wieder über ein wahres Mammutprogramm zu berichten. Wir werden – in aller gebotenen Kürze – erzählen, was für Aktivitäten wir entfaltet haben. Wir rechnen ab. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3867.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3867_de_ccc_jahreszwischenbericht.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3867_de_ccc_jahreszwischenbericht.mp4 2010-05-23T00:00:00+02:00 Andy Müller-Maguhn, Frank Rosengart, maha/Martin Haase No sigint10, Sonstiges Auch aus dem Jahr 2009 gibt es wieder über ein wahres Mammutprogramm zu berichten. Wir werden – in aller gebotenen Kürze – erzählen, was für Aktivitäten wir entfaltet haben. Wir rechnen ab. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3867.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3867_de_ccc_jahreszwischenbericht.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3879_de_das_ueberwachte_netz.mp4 Der Vortrag beleuchtet, mit welchen Mitteln und wie intensiv Straftaten im Internet verfolgt werden. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3879.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3879_de_das_ueberwachte_netz.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3879_de_das_ueberwachte_netz.mp4 2010-05-23T00:00:00+02:00 Udo Vetter No sigint10, Netzbewohner Verfolgung von Straftaten im Internet Der Vortrag beleuchtet, mit welchen Mitteln und wie intensiv Straftaten im Internet verfolgt werden. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3879.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3879_de_das_ueberwachte_netz.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3883_en_anonymous_internet_communication_done_right.mp4 This talk will be a summary of contemporary methods for communicating anonymously in the Internet. We will show * who is in actual need of increased privacy protection * which methods exists * what are the limits of these techniques In addition to network layer anonymity we will also explain methods for identifying individuals at the application layer, e.g., during web sessions. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3883.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3883_en_anonymous_internet_communication_done_right.html Mon, 24 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3883_en_anonymous_internet_communication_done_right.mp4 2010-05-24T00:00:00+02:00 lexi No sigint10, Hacker This talk will be a summary of contemporary methods for communicating anonymously in the Internet. We will show * who is in actual need of increased privacy protection * which methods exists * what are the limits of these techniques In addition to network layer anonymity we will also explain methods for identifying individuals at the application layer, e.g., during web sessions. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3883.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3883_en_anonymous_internet_communication_done_right.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3886_de_perlen_im_misthaufen.mp4 Muss im Netz jede Meinung gehört werden? Kann es auch problematisch sein, alles stehen zu lassen? Muss man sich in seinem Zuhause alles bieten lassen? Gibt es Unterschiede zwischen Blogs, Zeitungen und öffentlichen Seiten? Welche technischen Krücken gibt es, um Gespräche im Netz vernünftig zu moderieren? Das soll in diesem Vortrag an Hand praktischer Beispiele aus dem Kommentarbereich der taz und von weiteren Webseiten besprochen werden. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3886.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3886_de_perlen_im_misthaufen.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3886_de_perlen_im_misthaufen.mp4 2010-05-22T00:00:00+02:00 Zeitrafferin No sigint10, Netzbewohner Berichte aus dem Kommentarbereich Muss im Netz jede Meinung gehört werden? Kann es auch problematisch sein, alles stehen zu lassen? Muss man sich in seinem Zuhause alles bieten lassen? Gibt es Unterschiede zwischen Blogs, Zeitungen und öffentlichen Seiten? Welche technischen Krücken gibt es, um Gespräche im Netz vernünftig zu moderieren? Das soll in diesem Vortrag an Hand praktischer Beispiele aus dem Kommentarbereich der taz und von weiteren Webseiten besprochen werden. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3886.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3886_de_perlen_im_misthaufen.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3897_de_plattformneutralitaet.mp4 Warum fordern wir Neutralität der Kommunikation nur auf der technischen Ebene? Der Kontrollverlust durch das Internet macht es nötig, herrschaftsfreie Kommunikation auf allen denkbaren Layern des Lebens zu einfordern. Plattformneutralität ist der Versuch ein universelles politisches Paradigma aus dem netzpolitischen Diskurs zu extrahieren und für alle Politikfelder anwendbar zu machen. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3897.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3897_de_plattformneutralitaet.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3897_de_plattformneutralitaet.mp4 2010-05-22T00:00:00+02:00 Michael Seemann No sigint10 Warum fordern wir Neutralität der Kommunikation nur auf der technischen Ebene? Der Kontrollverlust durch das Internet macht es nötig, herrschaftsfreie Kommunikation auf allen denkbaren Layern des Lebens zu einfordern. Plattformneutralität ist der Versuch ein universelles politisches Paradigma aus dem netzpolitischen Diskurs zu extrahieren und für alle Politikfelder anwendbar zu machen. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3897.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3897_de_plattformneutralitaet.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3902_en_get_lamp.mp4 Before First Person Shooter there was the Second Person Thinker. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3902.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3902_en_get_lamp.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3902_en_get_lamp.mp4 2010-05-22T00:00:00+02:00 Jason Scott No sigint10, Sonstiges European premiere of the documentary film on Interactive Fiction and Textadventures Before First Person Shooter there was the Second Person Thinker. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3902.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3902_en_get_lamp.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3906_en_hari_kari.mp4 The web is remarkably difficult to secure. Browsers are ornery, powerful creations, and we security people demand all sorts of things of developers to make them behave. By in large, the developers ignore us. Our asks, they say, are too expensive. Rather than just guilting them, could we make better asks -- of both web developers, and browser manufacturers? Possibly. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3906.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3906_en_hari_kari.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3906_en_hari_kari.mp4 2010-05-22T00:00:00+02:00 Dan Kaminsky No sigint10, Hacker And Other Approaches For The Strange Reality Of Web Defense The web is remarkably difficult to secure. Browsers are ornery, powerful creations, and we security people demand all sorts of things of developers to make them behave. By in large, the developers ignore us. Our asks, they say, are too expensive. Rather than just guilting them, could we make better asks -- of both web developers, and browser manufacturers? Possibly. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3906.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3906_en_hari_kari.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3745_de_open_data_open_government_und_transparenz.mp4 Ein Vortrag zum Thema "Open data, open government und Transparenz - warum eine freie Gesellschaft offene Daten braucht". Nach einer kurzen Einführung ins Thema "open data, open government und Transparenz" wollen wir die Situation hierzulande diskutieren, unsere neuesten Projekte vorstellen und gemeinsam überlegen wie wir einer offenen und transparenten Regierung im Sinne von "open data und open government" in Deutschland näher kommen. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3745.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3745_de_open_data_open_government_und_transparenz.html Mon, 24 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3745_de_open_data_open_government_und_transparenz.mp4 2010-05-24T00:00:00+02:00 Daniel Dietrich No sigint10, Aktivisten warum eine freie Gesellschaft offene Daten braucht Ein Vortrag zum Thema "Open data, open government und Transparenz - warum eine freie Gesellschaft offene Daten braucht". Nach einer kurzen Einführung ins Thema "open data, open government und Transparenz" wollen wir die Situation hierzulande diskutieren, unsere neuesten Projekte vorstellen und gemeinsam überlegen wie wir einer offenen und transparenten Regierung im Sinne von "open data und open government" in Deutschland näher kommen. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3745.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3745_de_open_data_open_government_und_transparenz.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3764_de_datenschutz_fuer_systemadministratoren.mp4 One year ago, I made the first talk about data security. This year; I want to talk about the classification of personal data in your company and the relation of data to the environment. Additionally, there have been changes in the law and I want to cover the new topics (mainly for marketing, but also for all kinds of review within the company itself) about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3764.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3764_de_datenschutz_fuer_systemadministratoren.html Mon, 24 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3764_de_datenschutz_fuer_systemadministratoren.mp4 2010-05-24T00:00:00+02:00 Hanno 'Rince' Wagner No sigint10, Hacker Was gibt es für Neuerungen, was will man immer wieder hören? One year ago, I made the first talk about data security. This year; I want to talk about the classification of personal data in your company and the relation of data to the environment. Additionally, there have been changes in the law and I want to cover the new topics (mainly for marketing, but also for all kinds of review within the company itself) about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3764.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3764_de_datenschutz_fuer_systemadministratoren.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3783_en_guerrilla.mp4 The term guerrilla communication refers to unconventional forms of communication and/or intervention in more conventional processes of communication. Communication guerilla is a specific style of political action drawing from a watchful view of the paradoxes and absurdities of power, turning these into the starting point for political interventions by playing with representations and identities, with alienation and over-identification. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3783.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3783_en_guerrilla.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3783_en_guerrilla.mp4 2010-05-22T00:00:00+02:00 Johannes Grenzfurthner No sigint10, Aktivisten How to mess with media, the market and life itself The term guerrilla communication refers to unconventional forms of communication and/or intervention in more conventional processes of communication. Communication guerilla is a specific style of political action drawing from a watchful view of the paradoxes and absurdities of power, turning these into the starting point for political interventions by playing with representations and identities, with alienation and over-identification. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3783.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3783_en_guerrilla.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3802_en_open_spectrum_alliance.mp4 Radio spectrum policy has been a field of regulation authorities, ministries, the EU commission, MEPs and all of these are heavily lobbied by the telecoms and broadcasting industries, among others. I will talk about my personal experience in the different levels of radio spectrum lobbying on the European level, and why hackers should get involved in radio spectrum policy. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3802.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3802_en_open_spectrum_alliance.html Mon, 24 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3802_en_open_spectrum_alliance.mp4 2010-05-24T00:00:00+02:00 Alexander List No sigint10, Aktivisten Hacking EU radio spectrum policy Radio spectrum policy has been a field of regulation authorities, ministries, the EU commission, MEPs and all of these are heavily lobbied by the telecoms and broadcasting industries, among others. I will talk about my personal experience in the different levels of radio spectrum lobbying on the European level, and why hackers should get involved in radio spectrum policy. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3802.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3802_en_open_spectrum_alliance.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3804_de_culture_jamming.mp4 Die Doku 'Culture Jamming' zeigt die subversive Kulturstrategie des 21ten Jahrhunderts zwischen Media Actionism, Netart und Information Warfare. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3804.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3804_de_culture_jamming.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3804_de_culture_jamming.mp4 2010-05-22T00:00:00+02:00 Sub_Kid No sigint10, Aktivisten Media Actionism in the 21st Century Die Doku 'Culture Jamming' zeigt die subversive Kulturstrategie des 21ten Jahrhunderts zwischen Media Actionism, Netart und Information Warfare. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3804.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3804_de_culture_jamming.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3813_de_der_abmahnwahn_in_deutschland.mp4 Die Abmahnsituation in Deutschland scheint ihren Zenit erreicht zu haben. Auch wenn genaue Zahlen nicht bekannt sind, so existieren doch akzeptable Schätzungen. Wohin der Weg führt, ist noch unklar. Blickt man auf die Entwicklung der Abmahnsituation, so zeigen sich jedoch negative Tendenzen. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3813.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3813_de_der_abmahnwahn_in_deutschland.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3813_de_der_abmahnwahn_in_deutschland.mp4 2010-05-23T00:00:00+02:00 Firebird77 No sigint10, Netzbewohner Filesharing und die rechtlichen Konsequenzen Die Abmahnsituation in Deutschland scheint ihren Zenit erreicht zu haben. Auch wenn genaue Zahlen nicht bekannt sind, so existieren doch akzeptable Schätzungen. Wohin der Weg führt, ist noch unklar. Blickt man auf die Entwicklung der Abmahnsituation, so zeigen sich jedoch negative Tendenzen. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3813.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3813_de_der_abmahnwahn_in_deutschland.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3823_en_opensource_policies_for_governments.mp4 Most European governments are busy migrating important components of their IT-systems to opensource alternatives. The Netherlands was the first western country to develop a comprehensive policy for its entire public sector in 2007 but is lagging its neighbors in working implementations. The comprehensive policy in the Netherlands is focused on the practical advantages of open systems such as interoperability and lower cost and no vendor-lock, these reasons are also shared by policies in the UK and Denmark. German, Spanish and French policies seem to have a more political dimension by also stressing national independence of critical systems and the possibility of code-audits as important reasons for going the open route. By comparing Dutch progress (and sometimes lack thereof) with our neighboring countries some lessons can be learned about what policies work and what some of the required conditions are for them to work in different political and IT-legacy environments. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3823.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3823_en_opensource_policies_for_governments.html Mon, 24 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3823_en_opensource_policies_for_governments.mp4 2010-05-24T00:00:00+02:00 Arjen Kamphuis No sigint10, Aktivisten What we learned in the Netherlands Most European governments are busy migrating important components of their IT-systems to opensource alternatives. The Netherlands was the first western country to develop a comprehensive policy for its entire public sector in 2007 but is lagging its neighbors in working implementations. The comprehensive policy in the Netherlands is focused on the practical advantages of open systems such as interoperability and lower cost and no vendor-lock, these reasons are also shared by policies in the UK and Denmark. German, Spanish and French policies seem to have a more political dimension by also stressing national independence of critical systems and the possibility of code-audits as important reasons for going the open route. By comparing Dutch progress (and sometimes lack thereof) with our neighboring countries some lessons can be learned about what policies work and what some of the required conditions are for them to work in different political and IT-legacy environments. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3823.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3823_en_opensource_policies_for_governments.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3824_de_das_beispiel_elena.mp4 Beispiel ELENA: Die Daten von etwa Vierzigmillionen ArbeitnehmerInnen sollen alle in einem großen Pool der Zentralen Speicherstelle (ZSS) gesammelt und für bis zu fünf Jahre aufbewahrt werden. Solche Datensammlungen, für die es dann auch noch einen Zentralschlüssel gibt, wecken Begehrlichkeiten bei Staat, Wirtschaft und Kriminellen. Eins ist sicher: Sicher sind diese Daten nicht. Zwar wird suggeriert, dass ein Zugriff auf die ELENA-Daten ohne das Zutun des Betroffenen nicht möglich sei, dieser Schutz wird aber nur rechtlich und organisatorisch hergestellt. Technisch ist ein Zugriff auch ohne Einwilligung des Betroffenen möglich. Es stellt sich – nicht nur bei ELENA – die Frage, ob es wirklich politisch gewollt ist, dass ein Schutz derartiger Daten vor Zugriffen ohne Mitwirkung des Betroffenen auch technisch umgesetzt wird. Schließlich gibt es praktikable technische Verfahren, die unter Zuhilfenahme von Einmalschlüsseln sicher stellen können, dass die in den zentralen Servern gespeicherten Daten nur bei Mitwirkung des Betroffenen lesbar sind. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3824.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3824_de_das_beispiel_elena.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3824_de_das_beispiel_elena.mp4 2010-05-22T00:00:00+02:00 Werner Hülsman No sigint10, Aktivisten Wie mit der Verwendung von Einmalschlüsseln ein Datenzugriff ohne Beteiligung der Betroffen technisch verhindert werden kann Beispiel ELENA: Die Daten von etwa Vierzigmillionen ArbeitnehmerInnen sollen alle in einem großen Pool der Zentralen Speicherstelle (ZSS) gesammelt und für bis zu fünf Jahre aufbewahrt werden. Solche Datensammlungen, für die es dann auch noch einen Zentralschlüssel gibt, wecken Begehrlichkeiten bei Staat, Wirtschaft und Kriminellen. Eins ist sicher: Sicher sind diese Daten nicht. Zwar wird suggeriert, dass ein Zugriff auf die ELENA-Daten ohne das Zutun des Betroffenen nicht möglich sei, dieser Schutz wird aber nur rechtlich und organisatorisch hergestellt. Technisch ist ein Zugriff auch ohne Einwilligung des Betroffenen möglich. Es stellt sich – nicht nur bei ELENA – die Frage, ob es wirklich politisch gewollt ist, dass ein Schutz derartiger Daten vor Zugriffen ohne Mitwirkung des Betroffenen auch technisch umgesetzt wird. Schließlich gibt es praktikable technische Verfahren, die unter Zuhilfenahme von Einmalschlüsseln sicher stellen können, dass die in den zentralen Servern gespeicherten Daten nur bei Mitwirkung des Betroffenen lesbar sind. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3824.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3824_de_das_beispiel_elena.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3845_de_antropofagia.mp4 Nach Hartmut Rosa läßt sich die alte kantische Frage der Ethik: Was sollen wir tun? bruchlos in eine andere überführen: Womit verbringen wir unsere Zeit? Je länger man lebt, desto entscheidender ist eine für den Einzelnen sinnstiftende Antwort auf diese Frage. Der Vortrag versteht sich als Beitrag, der diese Frage und ihren Kontext aufnimmt und vorläufig zu beantworten versucht: Wie funktioniert in dieser Zeit authentisches und selbstbestimmtes Leben, Arbeiten und Lernen und welche Modelle dazu bietet unsere digitalisierten Welt? Über das Konzept der 'Antropofagia', einer emanzipatorischen Kulturtechnik ursprünglicher brasilianischer Herkunft werden Modelle der analogen und digitalen Aneignung, Neuzusammenstellung und Collage vorgestellt und auf ihr kreatives und aufklärerisches Potential hin befragt. Darunter befinden sich so unterschiedliche Konzepte und Praktiken wie Le Parkour, Open Source Software und Überwachung der Überwacher. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3845.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3845_de_antropofagia.html Mon, 24 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3845_de_antropofagia.mp4 2010-05-24T00:00:00+02:00 Martin Butz No sigint10, Netzbewohner Von Menschenfressern, Prosumenten und einer eigenartigen Kultur Nach Hartmut Rosa läßt sich die alte kantische Frage der Ethik: Was sollen wir tun? bruchlos in eine andere überführen: Womit verbringen wir unsere Zeit? Je länger man lebt, desto entscheidender ist eine für den Einzelnen sinnstiftende Antwort auf diese Frage. Der Vortrag versteht sich als Beitrag, der diese Frage und ihren Kontext aufnimmt und vorläufig zu beantworten versucht: Wie funktioniert in dieser Zeit authentisches und selbstbestimmtes Leben, Arbeiten und Lernen und welche Modelle dazu bietet unsere digitalisierten Welt? Über das Konzept der 'Antropofagia', einer emanzipatorischen Kulturtechnik ursprünglicher brasilianischer Herkunft werden Modelle der analogen und digitalen Aneignung, Neuzusammenstellung und Collage vorgestellt und auf ihr kreatives und aufklärerisches Potential hin befragt. Darunter befinden sich so unterschiedliche Konzepte und Praktiken wie Le Parkour, Open Source Software und Überwachung der Überwacher. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3845.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3845_de_antropofagia.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3846_de_usability.mp4 Anonym surfen, Emails oder Datenträger verschlüsseln - das Bedürfnis nach Schutz der Privatsphäre hat stark zugenommen, während der Einsatz entsprechender Techniken bislang nicht sprunghaft gestiegen ist. Eine Analyse und ein Plädoyer für Usability im digitalen Selbstschutz. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3846.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3846_de_usability.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3846_de_usability.mp4 2010-05-23T00:00:00+02:00 Helga Huppertz No sigint10, Netzbewohner Zwiebel zum Heulen und Schlüssel zum Glück? Anonym surfen, Emails oder Datenträger verschlüsseln - das Bedürfnis nach Schutz der Privatsphäre hat stark zugenommen, während der Einsatz entsprechender Techniken bislang nicht sprunghaft gestiegen ist. Eine Analyse und ein Plädoyer für Usability im digitalen Selbstschutz. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3846.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3846_de_usability.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3851_en_opencv.mp4 Detourning CCTV for the internet, OpenCV about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3851.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3851_en_opencv.html Mon, 24 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3851_en_opencv.mp4 2010-05-24T00:00:00+02:00 jilt No sigint10, Hacker Detourning CCTV for the internet, OpenCV about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3851.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3851_en_opencv.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3854_en_women_and_geek_culture.mp4 Tech savvy girls and women meet problems not only in everyday life, but also with their peer geeks. The panel will discuss those from many perspectives from their fields of geekery, hacking and activism, and talk from different feminist perspectives. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3854.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3854_en_women_and_geek_culture.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3854_en_women_and_geek_culture.mp4 2010-05-23T00:00:00+02:00 Eleanor Saitta, Heather Kelley, Leena Simon, Ragni, Svenja Schroeder No sigint10, Netzbewohner A discussion panel Tech savvy girls and women meet problems not only in everyday life, but also with their peer geeks. The panel will discuss those from many perspectives from their fields of geekery, hacking and activism, and talk from different feminist perspectives. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3854.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3854_en_women_and_geek_culture.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3882_de_auf_der_ueberholspur_zum_stoppschild.mp4 Der Vortrag soll einen Überblick bieten, wie das Internet in den vergangenen 15 Jahren in der Politik sprachlich angekommen ist. „Stoppschilder“, „Datenautobahnen“ und die berühmte „Internet-Community“ werden in zahlreichen Reden und Interviews von Politikern immer wieder gern bemüht, um ihre Gesetzesvorhaben ihren Wählern schmackhaft zu machen. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3882.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3882_de_auf_der_ueberholspur_zum_stoppschild.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3882_de_auf_der_ueberholspur_zum_stoppschild.mp4 2010-05-23T00:00:00+02:00 maha/Martin Haase No sigint10, Netzbewohner Politiker sprechen über Datenautobahnen Der Vortrag soll einen Überblick bieten, wie das Internet in den vergangenen 15 Jahren in der Politik sprachlich angekommen ist. „Stoppschilder“, „Datenautobahnen“ und die berühmte „Internet-Community“ werden in zahlreichen Reden und Interviews von Politikern immer wieder gern bemüht, um ihre Gesetzesvorhaben ihren Wählern schmackhaft zu machen. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3882.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3882_de_auf_der_ueberholspur_zum_stoppschild.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3885_de_c_vs_d.mp4 Der Vortrag beschreibt möglichst objektiv Eigenheiten bekannter und auch eher ungebräuchlicher Programmiersprachen. Skurrilitäten springen dem Betrachter der jeweiligen Sprache mit Hilfe eingängiger Beispiele geradezu zu, besonders im Kontext, der für die Sprache unüblich ist. Doch eine Warnung ist angebracht: Hörer dieser Veranstaltung werden mit bewusstseinserweiternden Ideen aus Bereichen der Code Obfuscation, sowie nacktem Quellcode konfrontiert. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3885.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3885_de_c_vs_d.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3885_de_c_vs_d.mp4 2010-05-22T00:00:00+02:00 BeF No sigint10, Hacker Ein Abriss mehr oder weniger esoterischer Programmiersprachen Der Vortrag beschreibt möglichst objektiv Eigenheiten bekannter und auch eher ungebräuchlicher Programmiersprachen. Skurrilitäten springen dem Betrachter der jeweiligen Sprache mit Hilfe eingängiger Beispiele geradezu zu, besonders im Kontext, der für die Sprache unüblich ist. Doch eine Warnung ist angebracht: Hörer dieser Veranstaltung werden mit bewusstseinserweiternden Ideen aus Bereichen der Code Obfuscation, sowie nacktem Quellcode konfrontiert. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3885.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3885_de_c_vs_d.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3889_de_operating_systems_dissected.mp4 Zu einer Zeit, zu der Computer noch raumfüllende Maschinen waren, gab es sogenannte Operator, die sich den ganzen Tag lang damit beschäftigt haben Computer mit Programmen auf Lochkarten oder Bändern zu füttern und auf das (hoffentlich korrekte) Ergebnis einer Reihe von Rechenoperationen zu warten. Als sich Programmierer im Jahr 1964 zum ersten mal Gedanken machten, wie man diese Prozesse automatisieren kann, wurde das erste Betriebssystem entworfen. Heutzutage sind sie auf jedem Rechner, den man vorfindet vorhanden und bilden den Grundstein einer Softwareumgebung, um Rechenmaschinen komfortabel und effizient nutzen zu können. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3889.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3889_de_operating_systems_dissected.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3889_de_operating_systems_dissected.mp4 2010-05-22T00:00:00+02:00 Andreas Galauner No sigint10, Hacker Was passiert im Hintergrund? Zu einer Zeit, zu der Computer noch raumfüllende Maschinen waren, gab es sogenannte Operator, die sich den ganzen Tag lang damit beschäftigt haben Computer mit Programmen auf Lochkarten oder Bändern zu füttern und auf das (hoffentlich korrekte) Ergebnis einer Reihe von Rechenoperationen zu warten. Als sich Programmierer im Jahr 1964 zum ersten mal Gedanken machten, wie man diese Prozesse automatisieren kann, wurde das erste Betriebssystem entworfen. Heutzutage sind sie auf jedem Rechner, den man vorfindet vorhanden und bilden den Grundstein einer Softwareumgebung, um Rechenmaschinen komfortabel und effizient nutzen zu können. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3889.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3889_de_operating_systems_dissected.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3891_en_botnets_in_2010.mp4 In this talk, we will present an overview of current trends in the area of bots and botnets. The main focus will be on Waledac, one of the prevalent botnets of 2009 that was recently taken down. We will also discuss other modern botnets and the challenges we might face in the future. On the other hand, we will also explain some techniques to study bot binaries in order to improve automated analysis. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3891.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3891_en_botnets_in_2010.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3891_en_botnets_in_2010.mp4 2010-05-23T00:00:00+02:00 Thorsten Holz No sigint10, Hacker Status Quo and Future Threats In this talk, we will present an overview of current trends in the area of bots and botnets. The main focus will be on Waledac, one of the prevalent botnets of 2009 that was recently taken down. We will also discuss other modern botnets and the challenges we might face in the future. On the other hand, we will also explain some techniques to study bot binaries in order to improve automated analysis. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3891.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3891_en_botnets_in_2010.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3895_en_malware_joe_blobs.mp4 The talk is an overview about different blobs or common techniques that are often found in modern malware. Besides information about rootkidding, spreading, and the like, we present some nice "fails" found in malware. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3895.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3895_en_malware_joe_blobs.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3895_en_malware_joe_blobs.mp4 2010-05-23T00:00:00+02:00 Felix Leder, Tillmann Werner No sigint10, Hacker An overview of stuff that "Malware Joe" puts into his creations. The talk is an overview about different blobs or common techniques that are often found in modern malware. Besides information about rootkidding, spreading, and the like, we present some nice "fails" found in malware. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3895.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3895_en_malware_joe_blobs.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3898_en_hackers_in_government.mp4 What if one morning, the world woke up and found Hackers in charge of government? What laws would a party of fearless, anti-authoritarians rescind? What would we want our government to look like? Tying together thoughts on the future, politics, lessons from hackerspaces and four years spent in Washington DC, Nick Farr will present his take on what an ideal government might look like. While presenting some controversial viewpoints, this session is designed to provoke thought and discussion on the governments we have, the world we want and what hackers all over the planet can do in the mean time. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3898.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3898_en_hackers_in_government.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3898_en_hackers_in_government.mp4 2010-05-23T00:00:00+02:00 Nick Farr No sigint10 What if one morning, the world woke up and found Hackers in charge of government? What laws would a party of fearless, anti-authoritarians rescind? What would we want our government to look like? Tying together thoughts on the future, politics, lessons from hackerspaces and four years spent in Washington DC, Nick Farr will present his take on what an ideal government might look like. While presenting some controversial viewpoints, this session is designed to provoke thought and discussion on the governments we have, the world we want and what hackers all over the planet can do in the mean time. about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3898.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3898_en_hackers_in_government.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3901_de_demoscene_2010.mp4 „Demos“ stehen hier nicht für politische Demonstrationen, sondern für ästhetisch ausgefeilte, in Musik und Bild aufeinander abgestimmte Echtzeit-Videos. Programmierer, Grafiker und Musiker demonstrieren, was man technisch und ästhetisch aus einem Computer herausholen kann. Mit Leidenschaft programmieren, pixeln und komponieren sie. Und arbeiten an ihren Demos oft monatelang, denn: die nächste Demoparty der internationalen Szene kommt bestimmt. Im Vortrag gibt´s was auf die Augen und die Ohren, es soll aber auch gefragt werden, wo die Motivation der Macher herkommt, wo die Szene 2010 steht und wo es hingehen könnte. Quo Vadis Demoszene? about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3901.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3901_de_demoscene_2010.html Sun, 23 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3901_de_demoscene_2010.mp4 2010-05-23T00:00:00+02:00 Tobias Kopka No sigint10, Hacker „Demos“ stehen hier nicht für politische Demonstrationen, sondern für ästhetisch ausgefeilte, in Musik und Bild aufeinander abgestimmte Echtzeit-Videos. Programmierer, Grafiker und Musiker demonstrieren, was man technisch und ästhetisch aus einem Computer herausholen kann. Mit Leidenschaft programmieren, pixeln und komponieren sie. Und arbeiten an ihren Demos oft monatelang, denn: die nächste Demoparty der internationalen Szene kommt bestimmt. Im Vortrag gibt´s was auf die Augen und die Ohren, es soll aber auch gefragt werden, wo die Motivation der Macher herkommt, wo die Szene 2010 steht und wo es hingehen könnte. Quo Vadis Demoszene? about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3901.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3901_de_demoscene_2010.html http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3915_de_das_zensusgesetz_2011.mp4 Die letzte Volkszählung der Bundesrepublik Deutschland in den 80er Jahren markiert den Beginn der Datenschutzbewegung in Deutschland. Heute, 23 Jahre später, versucht der Staat es noch einmal und keiner weiß es... about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3915.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3915_de_das_zensusgesetz_2011.html Sat, 22 May 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/sigint10/mp4/sigint10_3915_de_das_zensusgesetz_2011.mp4 2010-05-22T00:00:00+02:00 Oliver "Unicorn" Knapp, Tim Weber No sigint10, Aktivisten All your Database are belong to us Die letzte Volkszählung der Bundesrepublik Deutschland in den 80er Jahren markiert den Beginn der Datenschutzbewegung in Deutschland. Heute, 23 Jahre später, versucht der Staat es noch einmal und keiner weiß es... about this event: http://events.ccc.de/sigint/2010/wiki/Fahrplan/events/3915.en.html event on media: http://media.ccc.de/browse/conferences/sigint10/sigint10_3915_de_das_zensusgesetz_2011.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3806-de-badge.mp4 Der Überraschungsvortrag zum Überraschungs-Badge der Easterhegg: Vom haserl zum ehaserl... about this event: http://eh2010.muc.ccc.de/fahrplan/events/3806.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3806-de-badge.html Fri, 02 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3806-de-badge.mp4 2010-04-02T00:00:00+02:00 lilafisch, s No eh2010 [Löt] ehaserl Präsentation Der Überraschungsvortrag zum Überraschungs-Badge der Easterhegg: Vom haserl zum ehaserl... about this event: http://eh2010.muc.ccc.de/fahrplan/events/3806.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3806-de-badge.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3730-de-dn42.mp4 dn42 is the reboot of DIAC24. We are a big dynamic VPN with Internet services as BGP, OSPF, DNS, etc. We put emphasis on self-organization and sort the information here in this Wiki. Each participant has a direct connection to at least on other (via mostly OpenVPN). This is where all the routes of the VPN are being exchanged via BGP. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3730.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3730-de-dn42.html Sun, 04 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3730-de-dn42.mp4 2010-04-04T00:00:00+02:00 Frederic Jaeckel No eh2010 dn42 - a network to learn and practice dn42 is the reboot of DIAC24. We are a big dynamic VPN with Internet services as BGP, OSPF, DNS, etc. We put emphasis on self-organization and sort the information here in this Wiki. Each participant has a direct connection to at least on other (via mostly OpenVPN). This is where all the routes of the VPN are being exchanged via BGP. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3730.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3730-de-dn42.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3734-de-virtualisation.mp4 - Überblick ueber die Historie von Virtualisierung bis in die aktuelle Zeit - die wichtigsten Softwares/Technologien werden mit ihren Features aufgezaehlt - Erklaeren der wichtigsten grundliegenden Techniken about this event: http://eh2010.muc.ccc.de/fahrplan/events/3734.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3734-de-virtualisation.html Mon, 05 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3734-de-virtualisation.mp4 2010-04-05T00:00:00+02:00 Christian Horn No eh2010 - Überblick ueber die Historie von Virtualisierung bis in die aktuelle Zeit - die wichtigsten Softwares/Technologien werden mit ihren Features aufgezaehlt - Erklaeren der wichtigsten grundliegenden Techniken about this event: http://eh2010.muc.ccc.de/fahrplan/events/3734.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3734-de-virtualisation.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3741-de-stereo101.mp4 Der Film "Avatar" war der Durchbruch für 3D-Filme. Dabei ist die Technik der Stereoskopie fast so alt wie die Technik des Fotographierens an sich. In dem Vortrag werden die Grundlagen der Stereoskopie erläutert, der Aufbau von 3D-Kameras, historische und aktuelle Wiedergabetechniken (Anaglyphen, Polarisation, Shutter) - und wie man sich mit vergleichsweise günstigen Mitteln selbst entsprechende Systeme, sowohl zur Aufnahme als auch Wiedergabe basteln kann. Dazu gibt es praktische Tipps, wie man stereoskopische Bilder und Filme so in Szene setzt, dass der 3D-Effekt nicht als störend empfunden wird, sondern die Immersion des Zuschauers verstärkt. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3741.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3741-de-stereo101.html Sun, 04 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3741-de-stereo101.mp4 2010-04-04T00:00:00+02:00 Wolfgang Draxinger No eh2010 Der Film "Avatar" war der Durchbruch für 3D-Filme. Dabei ist die Technik der Stereoskopie fast so alt wie die Technik des Fotographierens an sich. In dem Vortrag werden die Grundlagen der Stereoskopie erläutert, der Aufbau von 3D-Kameras, historische und aktuelle Wiedergabetechniken (Anaglyphen, Polarisation, Shutter) - und wie man sich mit vergleichsweise günstigen Mitteln selbst entsprechende Systeme, sowohl zur Aufnahme als auch Wiedergabe basteln kann. Dazu gibt es praktische Tipps, wie man stereoskopische Bilder und Filme so in Szene setzt, dass der 3D-Effekt nicht als störend empfunden wird, sondern die Immersion des Zuschauers verstärkt. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3741.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3741-de-stereo101.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3744-de-hackerspace.mp4 Kreative Köpfe brauchen Freiräume. Kreative Köpfe können sich nicht dauerhaft um wiederkehrende, stupide Aufgaben kümmern, die das Leben abverlangt. Warum also nicht in einer Kommune wohnen und Fachkräfte für diese Aufgaben einstellen? about this event: http://eh2010.muc.ccc.de/fahrplan/events/3744.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3744-de-hackerspace.html Fri, 02 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3744-de-hackerspace.mp4 2010-04-02T00:00:00+02:00 Lars Weiler No eh2010 Living in a Hackerspace Co-operative Kreative Köpfe brauchen Freiräume. Kreative Köpfe können sich nicht dauerhaft um wiederkehrende, stupide Aufgaben kümmern, die das Leben abverlangt. Warum also nicht in einer Kommune wohnen und Fachkräfte für diese Aufgaben einstellen? about this event: http://eh2010.muc.ccc.de/fahrplan/events/3744.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3744-de-hackerspace.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3758-de-semanticweb.mp4 Eine kompakte Einführung in den Themenkreis 'Semantic Desktop' mit dem Ziel, zu verstehen, wie diese Technologien die Schwächen herkömmlicher Dateisysteme überwinden, und in Zukunft die Basis für verteilte Dateiverwaltung bilden können. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3758.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3758-de-semanticweb.html Mon, 05 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3758-de-semanticweb.mp4 2010-04-05T00:00:00+02:00 Sebastian Faubel No eh2010 Eine kompakte Einführung in den Themenkreis 'Semantic Desktop' mit dem Ziel, zu verstehen, wie diese Technologien die Schwächen herkömmlicher Dateisysteme überwinden, und in Zukunft die Basis für verteilte Dateiverwaltung bilden können. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3758.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3758-de-semanticweb.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3762-de-publicdomain.mp4 Inzwischen gibt es eine breite Bewegung, die Digitalgüter aller Art unter freien Lizenzen sammelt und produziert. Dieser Vortrag plädiert dafür, mehr Inhalte völlig frei von Einschränkungen ("Public Domain") zu veröffentlichen. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3762.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3762-de-publicdomain.html Sun, 04 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3762-de-publicdomain.mp4 2010-04-04T00:00:00+02:00 Hanno Böck No eh2010 Ein Plädoyer für die Lizensierung freier Inhalte als "Public Domain" Inzwischen gibt es eine breite Bewegung, die Digitalgüter aller Art unter freien Lizenzen sammelt und produziert. Dieser Vortrag plädiert dafür, mehr Inhalte völlig frei von Einschränkungen ("Public Domain") zu veröffentlichen. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3762.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3762-de-publicdomain.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3765-de-socialengineering.mp4 Jedes technische System ist dazu gebaut, für Menschen zu arbeiten und Menschen bilden oft die beste Angriffsfläche eines Systems. Mein Talk soll die Anwendung grundlegender Methoden des Social Engineering erklären und erläutern, wie man sich dagegen wehrt. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3765.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3765-de-socialengineering.html Sun, 04 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3765-de-socialengineering.mp4 2010-04-04T00:00:00+02:00 klobs No eh2010 Jedes technische System ist dazu gebaut, für Menschen zu arbeiten und Menschen bilden oft die beste Angriffsfläche eines Systems. Mein Talk soll die Anwendung grundlegender Methoden des Social Engineering erklären und erläutern, wie man sich dagegen wehrt. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3765.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3765-de-socialengineering.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3773-en-unixsyscalls.mp4 a brief overview of unix syscalls history and implementation followed by introduction of a few syscalls to replace them all (; describe some techniques to make it harder for an attacker to use syscalls (from exploits code) for typical attacks. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3773.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3773-en-unixsyscalls.html Mon, 05 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3773-en-unixsyscalls.mp4 2010-04-05T00:00:00+02:00 mickey No eh2010 a brief overview of unix syscalls history and implementation followed by introduction of a few syscalls to replace them all (; describe some techniques to make it harder for an attacker to use syscalls (from exploits code) for typical attacks. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3773.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3773-en-unixsyscalls.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3776-de-inframuc3.mp4 Ein virtueller Rundgang durch den Münchner Club um die Infrastruktur Projekte in mehr oder weniger chronologischer Reihenfolge vorzustellen: Luftschleuse, Matemat, Moodlamps, Hausbus, (Strom-)Verkabelung und Sonstiges. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3776.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3776-de-inframuc3.html Fri, 02 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3776-de-inframuc3.mp4 2010-04-02T00:00:00+02:00 Andi No eh2010 Doku rund um die Projekte in den Münchner Clubräumen Ein virtueller Rundgang durch den Münchner Club um die Infrastruktur Projekte in mehr oder weniger chronologischer Reihenfolge vorzustellen: Luftschleuse, Matemat, Moodlamps, Hausbus, (Strom-)Verkabelung und Sonstiges. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3776.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3776-de-inframuc3.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3778-de-ipv6.mp4 Was ist dieses IPv6? Will man es, und wenn ja warum? Was ändert sich für den Anwender, was ändert sich für den Sysadmin, was für den Programmierer? about this event: http://eh2010.muc.ccc.de/fahrplan/events/3778.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3778-de-ipv6.html Fri, 02 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3778-de-ipv6.mp4 2010-04-02T00:00:00+02:00 Gert Döring No eh2010 Was ist dieses IPv6? Will man es, und wenn ja warum? Was ändert sich für den Anwender, was ändert sich für den Sysadmin, was für den Programmierer? about this event: http://eh2010.muc.ccc.de/fahrplan/events/3778.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3778-de-ipv6.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3779-de-reverseengineering.mp4 wie macht man das eigentlich, chips aufschleifen? Und was braucht man dazu? und was kann man dann sehen? Und was sagt einem das? Diese und andere Fragen werden in diesem Vortrag geklärt werden. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3779.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3779-de-reverseengineering.html Sun, 04 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3779-de-reverseengineering.mp4 2010-04-04T00:00:00+02:00 starbug No eh2010 wie macht man das eigentlich? wie macht man das eigentlich, chips aufschleifen? Und was braucht man dazu? und was kann man dann sehen? Und was sagt einem das? Diese und andere Fragen werden in diesem Vortrag geklärt werden. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3779.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3779-de-reverseengineering.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3780-de-multitouch.mp4 Bei diesem Workshop geht es darum, den Teilnehmern einen Überblick über verschiedene existierende Multitouch-Technologien zu geben, insbesondere die DIY-freundlichen. Idealerweise sollten auch eine bzw. mehrere interaktive Oberflächen direkt vor Ort konstruiert werden (oder zumindest damit angefangen). Ein fertiges Beispielsystem wird vorhanden sein und kann parallel zum Hardwareteil für Softwareentwicklung genutzt werden. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3780.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3780-de-multitouch.html Mon, 05 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3780-de-multitouch.mp4 2010-04-05T00:00:00+02:00 Florian Echtler No eh2010 Bei diesem Workshop geht es darum, den Teilnehmern einen Überblick über verschiedene existierende Multitouch-Technologien zu geben, insbesondere die DIY-freundlichen. Idealerweise sollten auch eine bzw. mehrere interaktive Oberflächen direkt vor Ort konstruiert werden (oder zumindest damit angefangen). Ein fertiges Beispielsystem wird vorhanden sein und kann parallel zum Hardwareteil für Softwareentwicklung genutzt werden. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3780.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3780-de-multitouch.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3784-de-limux.mp4 Die Landeshauptstadt München setzt mit dem Projekt LiMux auf freie Software für ihre 15.000 Arbeitsplatzrechner. Dem erfolgreich abgeschlossenen Umstieg auf OpenOffice.org folgt seit 2010 der Flächenrollout des Linuxclients. Herausforderungen sind die Integration in heterogene IT-Strukturen, die Verfügbarkeit von Fachanwendungen und die Optimierung des Releaseprozesses. Der Schwerpunkt liegt dabei auf der Integration der Dienststellen in das Anforderungsmanagement und die Testphasen. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3784.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3784-de-limux.html Fri, 02 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3784-de-limux.mp4 2010-04-02T00:00:00+02:00 Florian Schießl No eh2010 Die Landeshauptstadt München setzt mit dem Projekt LiMux auf freie Software für ihre 15.000 Arbeitsplatzrechner. Dem erfolgreich abgeschlossenen Umstieg auf OpenOffice.org folgt seit 2010 der Flächenrollout des Linuxclients. Herausforderungen sind die Integration in heterogene IT-Strukturen, die Verfügbarkeit von Fachanwendungen und die Optimierung des Releaseprozesses. Der Schwerpunkt liegt dabei auf der Integration der Dienststellen in das Anforderungsmanagement und die Testphasen. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3784.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3784-de-limux.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3787-de-lockpick.mp4 Klassisches Lockpicking kennen inzwischen viele, es gibt aber noch ganz andere Methoden Schlösser zu öffnen. Dieser Vortrag stellt sowohl die Impressionstechnik vor, als auch das Dekodieren verschiedener Kombinationsschlösser, vom neuen Master Lock Speed Dial bis zur Tresorschlössöffnung wie man sie aus dem Kino kennt. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3787.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3787-de-lockpick.html Sun, 04 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3787-de-lockpick.mp4 2010-04-04T00:00:00+02:00 Ray No eh2010 Es geht auch anders: Impression und Dekodieren Klassisches Lockpicking kennen inzwischen viele, es gibt aber noch ganz andere Methoden Schlösser zu öffnen. Dieser Vortrag stellt sowohl die Impressionstechnik vor, als auch das Dekodieren verschiedener Kombinationsschlösser, vom neuen Master Lock Speed Dial bis zur Tresorschlössöffnung wie man sie aus dem Kino kennt. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3787.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3787-de-lockpick.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3790-de-cloud.mp4 1. Vortrag In diesem Vortrag soll das Thema "Cloud Computing" generell erklärt werden. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3790.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3790-de-cloud.html Sat, 03 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3790-de-cloud.mp4 2010-04-03T00:00:00+02:00 bob No eh2010 1. Vortrag In diesem Vortrag soll das Thema "Cloud Computing" generell erklärt werden. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3790.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3790-de-cloud.html http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3793-de-volkszaehler.mp4 Seit dem 1.1.2010 müssen Stromversorger Ihren Kunden für Neubauten sog. “intelligente Stromzähler” anbieten. Der Kunde soll dadurch seinen Stromverbrauch analysieren und optimieren können. Die dabei anfallenden Daten (“Stromverbrauchsprofil”) erlauben einen sehr detallierten Einblick in den Tagesablauf des Nutzers (“wann geht er in's Bett?”, “wann kocht er?”, “wie oft verwendet er seine Spülmaschine?”, “verändert sich sein Verhalten?”,…). Darum sollten die Daten ausschließlich für den Nutzer selbst zur Verfügung stehen - und das geht nur, wenn man sich den “SmartMeter” selbst baut. Mit einem Materialeinsatz von ca. EUR 100, etwas Geschick und Zeit lässt sich das mit Hilfe eines Standard-µC-Moduls aufbauen. Ein Einblick in Selbstbau und Selbstversuch. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3793.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3793-de-volkszaehler.html Fri, 02 Apr 2010 00:00:00 +0200 http://media.ccc.de/ftp/events/eh2010/mp4_1024x576/EH2010-3793-de-volkszaehler.mp4 2010-04-02T00:00:00+02:00 Justin Otherguy No eh2010 SmartMeter im Selbstbau und Selbstversuch Seit dem 1.1.2010 müssen Stromversorger Ihren Kunden für Neubauten sog. “intelligente Stromzähler” anbieten. Der Kunde soll dadurch seinen Stromverbrauch analysieren und optimieren können. Die dabei anfallenden Daten (“Stromverbrauchsprofil”) erlauben einen sehr detallierten Einblick in den Tagesablauf des Nutzers (“wann geht er in's Bett?”, “wann kocht er?”, “wie oft verwendet er seine Spülmaschine?”, “verändert sich sein Verhalten?”,…). Darum sollten die Daten ausschließlich für den Nutzer selbst zur Verfügung stehen - und das geht nur, wenn man sich den “SmartMeter” selbst baut. Mit einem Materialeinsatz von ca. EUR 100, etwas Geschick und Zeit lässt sich das mit Hilfe eines Standard-µC-Moduls aufbauen. Ein Einblick in Selbstbau und Selbstversuch. about this event: http://eh2010.muc.ccc.de/fahrplan/events/3793.en.html event on media: http://media.ccc.de/browse/conferences/eh2010/EH2010-3793-de-volkszaehler.html CCC media team media@koeln.ccc.de CCC media team No CCC, Congress, Hacking, Security, Netzpolitik A wide variety of video material distributed by the CCC. All content is taken from ftp.ccc.de and media.ccc.de A wide variety of video material distributed by the Chaos Computer Club.