http://media.ccc.de/ Der Chaos Computer Club ist die größte europäische Hackervereinigung und seit über 25 Jahren Vermittler im Spannungsfeld technischer und sozialer Entwicklungen. en-us, de-de mostly cc-by-nc Thu, 23 May 2013 06:25:21 +0200 http://media.ccc.de/images/miro-banner.png http://media.ccc.de/ http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5077-en-ethics_in_security_research_h264.mp4 Recently, several research papers in the area of computer security were published that may or may not be considered unethical. Looking at these borderline cases is relevant as today’s research papers will influence how young researchers conduct their research. In our talk we address various cases and papers and highlight emerging issues for ethic committees, internal review boards (IRBs) and senior researchers to evaluate research proposals and to finally decide where they see a line that should not be crossed. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5077.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5077-en-ethics_in_security_research_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5077-en-ethics_in_security_research_h264.mp4 2012-12-29T00:00:00+01:00 Sebastian Schrittwieser No 29c3 Recently, several research papers in the area of computer security were published that may or may not be considered unethical. Looking at these borderline cases is relevant as today’s research papers will influence how young researchers conduct their research. In our talk we address various cases and papers and highlight emerging issues for ethic committees, internal review boards (IRBs) and senior researchers to evaluate research proposals and to finally decide where they see a line that should not be crossed. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5077.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5077-en-ethics_in_security_research_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5091-de-en-unsicherheit_hardwarebasierter_festplattenverschluesselung_h264.mp4 Hardware-basierte Festplattenvollverschlüsselungen in Form sogenannter SEDs (Self-Encrypting Drives) werden gemeinhin als sichere und performante Alternative zu Software-basierter Verschlüsselung wie BitLocker und TrueCrypt gesehen. Während der Performance-Gewinn und die Benutzerfreundlichkeit von SEDs, bspw. Intel's SSD 320 bzw. SSD 520, außer Frage stehen, ist der Sicherheits-Gewinn deutlich geringer als bisher angenommen. Teilweise sind Systeme die auf SEDs basieren gar schwächer als vergleichbare Systeme die auf Software-Verschlüsselung basieren. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5091.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5091-de-en-unsicherheit_hardwarebasierter_festplattenverschluesselung_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5091-de-en-unsicherheit_hardwarebasierter_festplattenverschluesselung_h264.mp4 2012-12-28T00:00:00+01:00 tilo No 29c3 Hardware-basierte Festplattenvollverschlüsselungen in Form sogenannter SEDs (Self-Encrypting Drives) werden gemeinhin als sichere und performante Alternative zu Software-basierter Verschlüsselung wie BitLocker und TrueCrypt gesehen. Während der Performance-Gewinn und die Benutzerfreundlichkeit von SEDs, bspw. Intel's SSD 320 bzw. SSD 520, außer Frage stehen, ist der Sicherheits-Gewinn deutlich geringer als bisher angenommen. Teilweise sind Systeme die auf SEDs basieren gar schwächer als vergleichbare Systeme die auf Software-Verschlüsselung basieren. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5091.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5091-de-en-unsicherheit_hardwarebasierter_festplattenverschluesselung_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5102-de-en-digiges_h264.mp4 In den letzten Jahren haben sich die netzpolitischen Kräfteverhältnisse auf interessante Weise verschoben. Neue Allianzen bilden sich sowohl gegen als auch für das freie Internet – und dennoch bleibt der Aktivismus weit hinter seinem Potential zurück. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5102.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5102-de-en-digiges_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5102-de-en-digiges_h264.mp4 2012-12-27T00:00:00+01:00 Linus Neumann, Markus Beckedahl, Ulf Buermeyer No 29c3 Eine subjektive Bestandsaufnahme In den letzten Jahren haben sich die netzpolitischen Kräfteverhältnisse auf interessante Weise verschoben. Neue Allianzen bilden sich sowohl gegen als auch für das freie Internet – und dennoch bleibt der Aktivismus weit hinter seinem Potential zurück. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5102.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5102-de-en-digiges_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5123-en-small_footprint_inspection_techniques_for_android_h264.mp4 The lecture would address topics related to reverse engineering for mobile platforms, especially from the Android point of view. The main aspects of the presentation is a new approach to reverse engineering side effects problem: some low footprint inspection techniques that grant analysts with the ability to access the program memory without altering its behavior. One technique is presented in particular - Android service injection - and is demonstrated. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5123.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5123-en-small_footprint_inspection_techniques_for_android_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5123-en-small_footprint_inspection_techniques_for_android_h264.mp4 2012-12-29T00:00:00+01:00 Damien Cauquil, Pierre Jaury No 29c3 Reverse engineering on Android platforms The lecture would address topics related to reverse engineering for mobile platforms, especially from the Android point of view. The main aspects of the presentation is a new approach to reverse engineering side effects problem: some low footprint inspection techniques that grant analysts with the ability to access the program memory without altering its behavior. One technique is presented in particular - Android service injection - and is demonstrated. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5123.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5123-en-small_footprint_inspection_techniques_for_android_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5134-en-new_human_interfaces_for_music_h264.mp4 Human interface design for musical instruments presents unique challenges and vast new possibilities. The proliferation of low cost rapid-prototyping tools has put the means of fabricating instruments within reach of the performing musician. In this talk, I'll go through the design process for my main performance controller (The Mojo), my multiplayer instruments (aka Jamboxes) and my new RoboCaster guitar-controller. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5134.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5134-en-new_human_interfaces_for_music_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5134-en-new_human_interfaces_for_music_h264.mp4 2012-12-27T00:00:00+01:00 Moldover No 29c3 DIY MIDI Controllers Human interface design for musical instruments presents unique challenges and vast new possibilities. The proliferation of low cost rapid-prototyping tools has put the means of fabricating instruments within reach of the performing musician. In this talk, I'll go through the design process for my main performance controller (The Mojo), my multiplayer instruments (aka Jamboxes) and my new RoboCaster guitar-controller. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5134.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5134-en-new_human_interfaces_for_music_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5138-en-romantichackers_h264.mp4 In 1791, the political reformer Jeremy Bentham theorized the Panopticon, whose design promised to allow a single Inspector to surveil (exercise "inspective force" over) large numbers of criminals or workers. In recent years, the advent of a suitable technical apparatus – CCTV, ISP taps (network traffic interception), data banks, and so on – has extended the proposed 30m circumference of Bentham’s structure to, and beyond, the physical boundaries of entire countries. While total surveillance is often perceived as a feature of modernity, its conceptual and epistemological framework is rooted in the Romantic period, moreover at a key juncture in the history of ideas concerning individual subjectivity, rights and freedoms. David Barnard-Wills refers to inspective culture as a "nexus of surveillance, identity and language" (2012). In this talk, we examine this nexus in the historical period that first, and so powerfully, imagined the fully surveilled world. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5138.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5138-en-romantichackers_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5138-en-romantichackers_h264.mp4 2012-12-28T00:00:00+01:00 Anne Marggraf-Turley & Prof. Richard Marggraf-Turley No 29c3 Keats, Wordsworth and Total Surveillance In 1791, the political reformer Jeremy Bentham theorized the Panopticon, whose design promised to allow a single Inspector to surveil (exercise "inspective force" over) large numbers of criminals or workers. In recent years, the advent of a suitable technical apparatus – CCTV, ISP taps (network traffic interception), data banks, and so on – has extended the proposed 30m circumference of Bentham’s structure to, and beyond, the physical boundaries of entire countries. While total surveillance is often perceived as a feature of modernity, its conceptual and epistemological framework is rooted in the Romantic period, moreover at a key juncture in the history of ideas concerning individual subjectivity, rights and freedoms. David Barnard-Wills refers to inspective culture as a "nexus of surveillance, identity and language" (2012). In this talk, we examine this nexus in the historical period that first, and so powerfully, imagined the fully surveilled world. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5138.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5138-en-romantichackers_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5146-en-an_overview_of_secure_name_resolution_h264.mp4 There's about 100 top-level domains signed with DNSSEC and .nl recently hit 1M second-level domains. At this occasion, we take a look at the goods and the bads of DNSSEC deployment, including amplification attacks, Zensursula-like DNS redirects, China DNS injection and NASA key rollover mistakes. We will find out what DNSCurve and Namecoin promise to make better and what Zooko's triangle has all to do with this. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5146.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5146-en-an_overview_of_secure_name_resolution_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5146-en-an_overview_of_secure_name_resolution_h264.mp4 2012-12-29T00:00:00+01:00 Matthäus Wander No 29c3 DNSSEC, DNSCurve and Namecoin There's about 100 top-level domains signed with DNSSEC and .nl recently hit 1M second-level domains. At this occasion, we take a look at the goods and the bads of DNSSEC deployment, including amplification attacks, Zensursula-like DNS redirects, China DNS injection and NASA key rollover mistakes. We will find out what DNSCurve and Namecoin promise to make better and what Zooko's triangle has all to do with this. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5146.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5146-en-an_overview_of_secure_name_resolution_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5164-de-en-sharing_access_risiken_beim_betrieb_von_wlan_netzen_h264.mp4 Der Betrieb von WLAN-Funk-Netzen und auch von offenen oder freien Netzen ist heute weit verbreitet und Teil der Diskussion um die "Cultures of Sharing". Der Vortrag soll die Grundlagen der Haftung für offene Netze und die Entwicklung der Rechtsprechung vom Landgericht Hamburg ("gestern") zum BGH-Urteil "Sommer unseres Lebens" und den Einfluss aktueller Rechtsprechung des Europäischen Gerichtshofs, des Bundesgerichtshofs und der Instanzgerichte darstellen ("heute"). Ein Ausblick auf die Folgen dieser neuen, teilweise abweichenden Rechtsprechung und auf die Gesetzesinitiativen der SPD und der Linken ("morgen") soll den Vortrag abrunden. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5164.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5164-de-en-sharing_access_risiken_beim_betrieb_von_wlan_netzen_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5164-de-en-sharing_access_risiken_beim_betrieb_von_wlan_netzen_h264.mp4 2012-12-28T00:00:00+01:00 Reto Mantz No 29c3 Stand gestern, heute und morgen Der Betrieb von WLAN-Funk-Netzen und auch von offenen oder freien Netzen ist heute weit verbreitet und Teil der Diskussion um die "Cultures of Sharing". Der Vortrag soll die Grundlagen der Haftung für offene Netze und die Entwicklung der Rechtsprechung vom Landgericht Hamburg ("gestern") zum BGH-Urteil "Sommer unseres Lebens" und den Einfluss aktueller Rechtsprechung des Europäischen Gerichtshofs, des Bundesgerichtshofs und der Instanzgerichte darstellen ("heute"). Ein Ausblick auf die Folgen dieser neuen, teilweise abweichenden Rechtsprechung und auf die Gesetzesinitiativen der SPD und der Linken ("morgen") soll den Vortrag abrunden. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5164.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5164-de-en-sharing_access_risiken_beim_betrieb_von_wlan_netzen_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5179-de-en-hacking_philosophy_h264.mp4 Wir sehen in der digitalen Technik großes Potential zur Demokratisierung und Befreiung der Menschen. Doch machen wir uns nichts vor. Technik kann genausogut der Entmündigung von Menschen dienen. Je komplexer sie wird, desto mehr sind wir von Vereinfachung abhängig und desto weniger Einfluss können wir selber auf die Technik nehmen. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5179.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5179-de-en-hacking_philosophy_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5179-de-en-hacking_philosophy_h264.mp4 2012-12-29T00:00:00+01:00 Leena Simon No 29c3 Digitale Mündigkeit, Technikpaternalismus und warum wir Netzphilosophie brauchen Wir sehen in der digitalen Technik großes Potential zur Demokratisierung und Befreiung der Menschen. Doch machen wir uns nichts vor. Technik kann genausogut der Entmündigung von Menschen dienen. Je komplexer sie wird, desto mehr sind wir von Vereinfachung abhängig und desto weniger Einfluss können wir selber auf die Technik nehmen. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5179.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5179-de-en-hacking_philosophy_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5203-en-omg_oer_h264.mp4 Polish government decided in favour of open-licensed e-textbooks. This is not to liking of big textbook publishers, reaping in profits hand over fist. While their black PR campaign focuses on technicalities, it seems obvious that their real beef is with the liberal licensing. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5203.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5203-en-omg_oer_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5203-en-omg_oer_h264.mp4 2012-12-28T00:00:00+01:00 Michał "rysiek" Woźniak No 29c3 How big business fights open education in Poland, and how open education fights back! Polish government decided in favour of open-licensed e-textbooks. This is not to liking of big textbook publishers, reaping in profits hand over fist. While their black PR campaign focuses on technicalities, it seems obvious that their real beef is with the liberal licensing. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5203.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5203-en-omg_oer_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5208-en-accessibility_and_security_h264.mp4 Accessibility of digital content is a hugely misunderstood issue. Programmers and content developers tend to view it as a distraction or a special interest concern. Accessibility advocates fail to describe it in terms that would put it in the proper place for other technologists, in particular security practitioners. We argue that if a format or a document has systemic accessibility problems, then accessibility is likely to be the least of its problems; that accessibility only collapses first, like a canary in a mine, and security is next to follow. We argue that many accessibility problems, just like many security problems, stem from documents being hard to parse or containing executable content, and that the accessibility community is only the first to suffer, due to not having the manpower to make extremely complicated formats to almost work almost always. It's an arms race tougher than the security patching cycle, made worse by there being no common model for what accessibility properties should look like. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5208.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5208-en-accessibility_and_security_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5208-en-accessibility_and_security_h264.mp4 2012-12-27T00:00:00+01:00 Anna Shubina No 29c3 Accessibility of digital content is a hugely misunderstood issue. Programmers and content developers tend to view it as a distraction or a special interest concern. Accessibility advocates fail to describe it in terms that would put it in the proper place for other technologists, in particular security practitioners. We argue that if a format or a document has systemic accessibility problems, then accessibility is likely to be the least of its problems; that accessibility only collapses first, like a canary in a mine, and security is next to follow. We argue that many accessibility problems, just like many security problems, stem from documents being hard to parse or containing executable content, and that the accessibility community is only the first to suffer, due to not having the manpower to make extremely complicated formats to almost work almost always. It's an arms race tougher than the security patching cycle, made worse by there being no common model for what accessibility properties should look like. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5208.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5208-en-accessibility_and_security_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5210-en-on_breaking_saml_h264.mp4 The Security Assertion Markup Language (SAML) is a widely adopted language for making security statements about subjects. It is a critical component for the development of federated identity deployments and Single Sign-On scenarios. In order to protect integrity and authenticity of the exchanged SAML assertions, the XML Signature standard is applied. However, the signature verification algorithm is much more complex than in traditional signature formats like PKCS#7. The integrity protection can thus be successfully circumvented by application of different XML Signature specific attacks, under a weak adversarial model. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5210.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5210-en-on_breaking_saml_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5210-en-on_breaking_saml_h264.mp4 2012-12-29T00:00:00+01:00 Andreas Mayer No 29c3 Be Whoever You Want to Be The Security Assertion Markup Language (SAML) is a widely adopted language for making security statements about subjects. It is a critical component for the development of federated identity deployments and Single Sign-On scenarios. In order to protect integrity and authenticity of the exchanged SAML assertions, the XML Signature standard is applied. However, the signature verification algorithm is much more complex than in traditional signature formats like PKCS#7. The integrity protection can thus be successfully circumvented by application of different XML Signature specific attacks, under a weak adversarial model. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5210.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5210-en-on_breaking_saml_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5219-en-how_i_met_your_pointer_h264.mp4 An approach to the problem of fuzzing proprietary protocols will be shown, focusing on network protocols and native software. In the course of this talk I will combine several methods in order to force the client software to work as a “double agent” against the server. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5219.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5219-en-how_i_met_your_pointer_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5219-en-how_i_met_your_pointer_h264.mp4 2012-12-28T00:00:00+01:00 Carlos Garcia Prado No 29c3 Hijacking client software for fuzz and profit An approach to the problem of fuzzing proprietary protocols will be shown, focusing on network protocols and native software. In the course of this talk I will combine several methods in order to force the client software to work as a “double agent” against the server. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5219.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5219-en-how_i_met_your_pointer_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5225-en-security_evaluation_of_russian_gost_cipher_h264.mp4 In this talk we will survey some 30 recent attacks on the Russian GOST block cipher. Background: GOST cipher is the official encryption standard of the Russian federation, and also has special versions for the most important Russian banks. Until 2012 there was no attack on GOST when it is used in encryption with random keys. I have developed more than 30 different academic attacks on GOST the fastest has complexity of 2^118 to recover some but not all 256-bit keys generated at random, which will be presented for the first time at CCC conference. It happens only once per decade that a government standard is broken while it is still an official government standard (happened for DES and AES, no other cases known). All these are broken only in academic sense, for GOST most recent attacks are sliding into maybe arguably practical in 30 years from now instead of 200 years... Our earlier results were instrumental at ISO for rejecting GOST as an international encryption standard last year. Not more than 5+ block cihers have ever achieved this level of ISO standardisation in 25 years and it NEVER happended in history of ISO that a cipher got broken during the standardization process. Two main papers with 70+30 pages respectively which are http://eprint.iacr.org/2011/626 and http://eprint.iacr.org/2012/138. Two other papers have been already published in Cryptologia journal which specializes in serious military and government crypto. The talk will cover three main families of attacks on GOST: high-level transformations, low- level inversion/MITM/guess-then-software/algebraic attacks and advanced truncated differential cryptanalysis of GOST. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5225.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5225-en-security_evaluation_of_russian_gost_cipher_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5225-en-security_evaluation_of_russian_gost_cipher_h264.mp4 2012-12-29T00:00:00+01:00 Dr Nicolas T. Courtois No 29c3 Survey of All Known Attacks on Russian Government Encryption Standard In this talk we will survey some 30 recent attacks on the Russian GOST block cipher. Background: GOST cipher is the official encryption standard of the Russian federation, and also has special versions for the most important Russian banks. Until 2012 there was no attack on GOST when it is used in encryption with random keys. I have developed more than 30 different academic attacks on GOST the fastest has complexity of 2^118 to recover some but not all 256-bit keys generated at random, which will be presented for the first time at CCC conference. It happens only once per decade that a government standard is broken while it is still an official government standard (happened for DES and AES, no other cases known). All these are broken only in academic sense, for GOST most recent attacks are sliding into maybe arguably practical in 30 years from now instead of 200 years... Our earlier results were instrumental at ISO for rejecting GOST as an international encryption standard last year. Not more than 5+ block cihers have ever achieved this level of ISO standardisation in 25 years and it NEVER happended in history of ISO that a cipher got broken during the standardization process. Two main papers with 70+30 pages respectively which are http://eprint.iacr.org/2011/626 and http://eprint.iacr.org/2012/138. Two other papers have been already published in Cryptologia journal which specializes in serious military and government crypto. The talk will cover three main families of attacks on GOST: high-level transformations, low- level inversion/MITM/guess-then-software/algebraic attacks and advanced truncated differential cryptanalysis of GOST. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5225.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5225-en-security_evaluation_of_russian_gost_cipher_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5256-en-the_future_of_protocol_reversing_and_simulation_h264.mp4 Have you ever been staring for nights at binary or hexadecimal data flows extracted from an USB channel? Don't you remember yourself searching for some patterns and similarities in this fuc***g mess of zeros and ones grabbed from a binary configuration file? How long did it take you to find an 16 bits decimal size field last time you reversed an IPC communication protocol? Did you know you were not alone and that among them, Rob Savoye (@ FOSDEM-08) and Drew Fisher (@ 28C3) have already reported the main difficulties of the RE operations. Both of them called for the creation of a tool which would help experts in their work. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5256.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5256-en-the_future_of_protocol_reversing_and_simulation_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5256-en-the_future_of_protocol_reversing_and_simulation_h264.mp4 2012-12-29T00:00:00+01:00 Frédéric Guihéry, Georges Bossert No 29c3 Mapping your enemy Botnet with Netzob Have you ever been staring for nights at binary or hexadecimal data flows extracted from an USB channel? Don't you remember yourself searching for some patterns and similarities in this fuc***g mess of zeros and ones grabbed from a binary configuration file? How long did it take you to find an 16 bits decimal size field last time you reversed an IPC communication protocol? Did you know you were not alone and that among them, Rob Savoye (@ FOSDEM-08) and Drew Fisher (@ 28C3) have already reported the main difficulties of the RE operations. Both of them called for the creation of a tool which would help experts in their work. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5256.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5256-en-the_future_of_protocol_reversing_and_simulation_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5263-de-en-mehr_transparenz_und_teilhabe_im_gesetzgebungsprozess_h264.mp4 Wir brauchen ein maschinenlesbares und -schreibbares Gesetzgebungsverfahren, in dem jede Änderung transparent diskutiert und beschlossen wird. Der Bundestag öffnet und digitalisiert sich eher langsam und widerwillig, dennoch kann man schon heute anfangen, die Werkzeuge der parlamentarischen Zukunft in Deutschland zu gestalten und auszuprobieren. Dazu stellen wir die Projekte OffenesParlament.de und das Bundes-Git vor und zeigen, wie es in Zukunft weitergehen könnte. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5263.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5263-de-en-mehr_transparenz_und_teilhabe_im_gesetzgebungsprozess_h264.html Sun, 30 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5263-de-en-mehr_transparenz_und_teilhabe_im_gesetzgebungsprozess_h264.mp4 2012-12-30T00:00:00+01:00 Friedrich Lindenberg, Stefan Wehrmeyer No 29c3 Mehr Transparenz und Teilhabe im Gesetzgebungsprozess Wir brauchen ein maschinenlesbares und -schreibbares Gesetzgebungsverfahren, in dem jede Änderung transparent diskutiert und beschlossen wird. Der Bundestag öffnet und digitalisiert sich eher langsam und widerwillig, dennoch kann man schon heute anfangen, die Werkzeuge der parlamentarischen Zukunft in Deutschland zu gestalten und auszuprobieren. Dazu stellen wir die Projekte OffenesParlament.de und das Bundes-Git vor und zeigen, wie es in Zukunft weitergehen könnte. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5263.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5263-de-en-mehr_transparenz_und_teilhabe_im_gesetzgebungsprozess_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5265-en-page_fault_liberation_army_h264.mp4 x86 processors contain a surprising amount of built-in memory translation logic, which is driven by various data tables with intricate entry formats, and can produce various kinds of traps and other interesting computational effects. These features are mostly relics of earlier, more civilized times, when Jedi Knights tried to protect the Old Republic OSes with segmentation, supervisor bits, and hardware task support, but were defeated by processor de-optimizations and performance concerns and left unused by both Windows and UNIX systems – and explored only by hackers. For the rest of the world, an x86 PC was a "von Neumann architecture" with most of its strangeness unused. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5265.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5265-en-page_fault_liberation_army_h264.html Sun, 30 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5265-en-page_fault_liberation_army_h264.mp4 2012-12-30T00:00:00+01:00 Julian Bangert, Sergey Bratus No 29c3 a history of creative x86 virtual memory uses x86 processors contain a surprising amount of built-in memory translation logic, which is driven by various data tables with intricate entry formats, and can produce various kinds of traps and other interesting computational effects. These features are mostly relics of earlier, more civilized times, when Jedi Knights tried to protect the Old Republic OSes with segmentation, supervisor bits, and hardware task support, but were defeated by processor de-optimizations and performance concerns and left unused by both Windows and UNIX systems – and explored only by hackers. For the rest of the world, an x86 PC was a "von Neumann architecture" with most of its strangeness unused. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5265.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5265-en-page_fault_liberation_army_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5280-en-miilions_of_lesson_learned_on_electronic_napkins_h264.mp4 Massive open online courses are the vogue of the season when it comes to discussing the future of university-level education. But we’re only starting to see what education at this scope means and how it can be supported best, in terms of both didactics and technology. This talk is an inside report by two instructors who have delved into the experience of teaching large audiences online. We share the lessons that we have learned: how to spark student interest, how to put intuition before formal theories, how to streamline production and much more. And we point out what needs to be done to truly democratize education from the viewpoint of both the students and the instructors. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5280.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5280-en-miilions_of_lesson_learned_on_electronic_napkins_h264.html Sun, 30 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5280-en-miilions_of_lesson_learned_on_electronic_napkins_h264.mp4 2012-12-30T00:00:00+01:00 Jörn Loviscach, Sebastian Wernicke No 29c3 On the way to free(ing) education Massive open online courses are the vogue of the season when it comes to discussing the future of university-level education. But we’re only starting to see what education at this scope means and how it can be supported best, in terms of both didactics and technology. This talk is an inside report by two instructors who have delved into the experience of teaching large audiences online. We share the lessons that we have learned: how to spark student interest, how to put intuition before formal theories, how to streamline production and much more. And we point out what needs to be done to truly democratize education from the viewpoint of both the students and the instructors. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5280.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5280-en-miilions_of_lesson_learned_on_electronic_napkins_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5282-de-en-rfidkleidung_h264.mp4 Mit RFID-Lesegeräten Menschen tracken - keine Zukunftsvision. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5282.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5282-de-en-rfidkleidung_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5282-de-en-rfidkleidung_h264.mp4 2012-12-28T00:00:00+01:00 padeluun, Rena Tangens No 29c3 Tracking von Menschen durch in Kleidung integrierte RFID-Chips Mit RFID-Lesegeräten Menschen tracken - keine Zukunftsvision. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5282.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5282-de-en-rfidkleidung_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5283-de-en-whiteit_cleanit_ceocoalition_h264.mp4 Nach dem Scheitern der diversen politischen und gesetzgeberischen Initiativen zur Sperrung und Filterung von Inhalten in Deutschland und der EU haben verschiedene politische Akteuere Initiativen gestartet dieselben Mechanismen auf Basis eine "Selbstregulation" mit Service-Providern auszuhandeln und umzusetzen. Diese Verhandlungen zwischen den Regierungen (oder regierungsähnlichen Organisationen) und Industrie-Partnern passieren nicht nur in Hinterzimmern. Nicht weniger dieser Projekte sind überraschend transparent darüber, was sie zu tun gedenken, und wie sie dorthin gelangen wollen. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5283.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5283-de-en-whiteit_cleanit_ceocoalition_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5283-de-en-whiteit_cleanit_ceocoalition_h264.mp4 2012-12-27T00:00:00+01:00 Christian Bahls No 29c3 Wie die Exekutive versucht Provider zur Inhaltekontrolle im Internet einzuspannen Nach dem Scheitern der diversen politischen und gesetzgeberischen Initiativen zur Sperrung und Filterung von Inhalten in Deutschland und der EU haben verschiedene politische Akteuere Initiativen gestartet dieselben Mechanismen auf Basis eine "Selbstregulation" mit Service-Providern auszuhandeln und umzusetzen. Diese Verhandlungen zwischen den Regierungen (oder regierungsähnlichen Organisationen) und Industrie-Partnern passieren nicht nur in Hinterzimmern. Nicht weniger dieser Projekte sind überraschend transparent darüber, was sie zu tun gedenken, und wie sie dorthin gelangen wollen. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5283.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5283-de-en-whiteit_cleanit_ceocoalition_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5285-de-en-men_who_stare_at_bits_h264.mp4 Unsichere Studierenden- und Mensakarten. Eine wissenschaftliche Auswertung. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5285.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5285-de-en-men_who_stare_at_bits_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5285-de-en-men_who_stare_at_bits_h264.mp4 2012-12-29T00:00:00+01:00 nuit, Rena Tangens No 29c3 RFID-Studierendenkarten mit Fehlern Unsichere Studierenden- und Mensakarten. Eine wissenschaftliche Auswertung. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5285.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5285-de-en-men_who_stare_at_bits_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5305-en-long_live_the_protocoletariat_h264.mp4 We're winning! The future looks like network politics! Wait, what the hell are network politics and how do they work? Is that like the Pirate Party, or the IETF, or Anonymous? about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5305.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5305-en-long_live_the_protocoletariat_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5305-en-long_live_the_protocoletariat_h264.mp4 2012-12-29T00:00:00+01:00 Eleanor Saitta, Smári McCarthy No 29c3 We're winning! The future looks like network politics! Wait, what the hell are network politics and how do they work? Is that like the Pirate Party, or the IETF, or Anonymous? about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5305.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5305-en-long_live_the_protocoletariat_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5306-en-the_tor_software_ecosystem_h264.mp4 At the very beginning, Tor was just a socks proxy that protected the origin and/or destination of your TCP flows. Now the broader Tor ecosystem includes a diverse set of projects -- browser extensions to patch Firefox and Thunderbird's privacy issues, Tor controller libraries to let you interface with the Tor client in your favorite language, network scanners to measure relay performance and look for misbehaving exit relays, LiveCDs, support for the way Android applications expect Tor to behave, full-network simulators and testing frameworks, plugins to make Tor's traffic look like Skype or other protocols, and metrics and measurement tools to keep track of how well everything's working. Many of these tools aim to be useful beyond Tor: making them modular means they're reusable for other anonymity and security projects as well. In this talk, Roger and Jake will walk you through all the tools that make up the Tor software world, and give you a better understanding of which ones need love and how you can help. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5306.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5306-en-the_tor_software_ecosystem_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5306-en-the_tor_software_ecosystem_h264.mp4 2012-12-28T00:00:00+01:00 Jacob Appelbaum, Roger Dingledine No 29c3 At the very beginning, Tor was just a socks proxy that protected the origin and/or destination of your TCP flows. Now the broader Tor ecosystem includes a diverse set of projects -- browser extensions to patch Firefox and Thunderbird's privacy issues, Tor controller libraries to let you interface with the Tor client in your favorite language, network scanners to measure relay performance and look for misbehaving exit relays, LiveCDs, support for the way Android applications expect Tor to behave, full-network simulators and testing frameworks, plugins to make Tor's traffic look like Skype or other protocols, and metrics and measurement tools to keep track of how well everything's working. Many of these tools aim to be useful beyond Tor: making them modular means they're reusable for other anonymity and security projects as well. In this talk, Roger and Jake will walk you through all the tools that make up the Tor software world, and give you a better understanding of which ones need love and how you can help. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5306.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5306-en-the_tor_software_ecosystem_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5368-de-en-ifg_chance_oder_buergerbluff_h264.mp4 Sechs Jahre nach seinem Inkrafttreten wurde das Informationsfreiheitsgesetz (IFG) des Bundes für den Deutschen Bundestag evaluiert. Auch aus einzelnen Bundesländern liegen zwischenzeitlich wissenschaftlich untermauerte Erkenntnisse zum Stand oder Nichtstand der Informationsfreiheit in Deutschland vor. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5368.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5368-de-en-ifg_chance_oder_buergerbluff_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5368-de-en-ifg_chance_oder_buergerbluff_h264.mp4 2012-12-28T00:00:00+01:00 Jörg Tauss No 29c3 Informationsfreiheit in Deutschland. Ein Sachstand. Sechs Jahre nach seinem Inkrafttreten wurde das Informationsfreiheitsgesetz (IFG) des Bundes für den Deutschen Bundestag evaluiert. Auch aus einzelnen Bundesländern liegen zwischenzeitlich wissenschaftlich untermauerte Erkenntnisse zum Stand oder Nichtstand der Informationsfreiheit in Deutschland vor. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5368.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5368-de-en-ifg_chance_oder_buergerbluff_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5378-de-en-stabilitaetsanker_wachstumslokomotive_h264.mp4 Stabilitätsanker & Wachstumslokomotive geben als politische Metaphern ungewollt Auskunft über das Ausmaß der europäischen Wirtschafts- und Finanzkrise. Wie kommt so ein Begriff in Verkehr? Wer gebraucht ihn? Zu welchem Zweck? Was fördert die Analyse der Metaphern zutage? about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5378.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5378-de-en-stabilitaetsanker_wachstumslokomotive_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5378-de-en-stabilitaetsanker_wachstumslokomotive_h264.mp4 2012-12-29T00:00:00+01:00 Hans Huett No 29c3 Stabilitätsanker & Wachstumslokomotive geben als politische Metaphern ungewollt Auskunft über das Ausmaß der europäischen Wirtschafts- und Finanzkrise. Wie kommt so ein Begriff in Verkehr? Wer gebraucht ihn? Zu welchem Zweck? Was fördert die Analyse der Metaphern zutage? about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5378.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5378-de-en-stabilitaetsanker_wachstumslokomotive_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5390-en-tacticaltech_h264.mp4 Don't call us if your campaign does not work! And worse, everyone's been harassed or arrested. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5390.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5390-en-tacticaltech_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5390-en-tacticaltech_h264.mp4 2012-12-28T00:00:00+01:00 Marek Tuszynski, Stephanie Hankey No 29c3 Don't call us if your campaign does not work! And worse, everyone's been harassed or arrested. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5390.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5390-en-tacticaltech_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5397-de-en-indect_verhaltenserkennung_h264.mp4 INFECT: "Bei der Forschung an unserem neuen Killervirus hat unsere Ethikkommission penibelst darauf geachtet, dass niemand der Forscher sich ansteckt." about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5397.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5397-de-en-indect_verhaltenserkennung_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5397-de-en-indect_verhaltenserkennung_h264.mp4 2012-12-27T00:00:00+01:00 Ben No 29c3 automatisierte staatliche Verdächtigung INFECT: "Bei der Forschung an unserem neuen Killervirus hat unsere Ethikkommission penibelst darauf geachtet, dass niemand der Forscher sich ansteckt." about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5397.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5397-de-en-indect_verhaltenserkennung_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5417-en-cve_2011_3402_analysis_h264.mp4 CVE-2011-3402 is well known as the Windows Kernel TrueType [Font] 0-day used in the "Duqu" attack(s). Recently this exploit has begun to appear in several crimeware exploit kits... Actually, not merely just the exploit, but the *entire* font file used by Duqu, now being harnessed to infect a large population with malware. This talk will mostly be an extremely low-level walk-through of the font program within this TrueType font, which is used to manipulate the Windows Kernel into executing the native x86 shellcode. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5417.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5417-en-cve_2011_3402_analysis_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5417-en-cve_2011_3402_analysis_h264.mp4 2012-12-29T00:00:00+01:00 Julia Wolf No 29c3 CVE-2011-3402 is well known as the Windows Kernel TrueType [Font] 0-day used in the "Duqu" attack(s). Recently this exploit has begun to appear in several crimeware exploit kits... Actually, not merely just the exploit, but the *entire* font file used by Duqu, now being harnessed to infect a large population with malware. This talk will mostly be an extremely low-level walk-through of the font program within this TrueType font, which is used to manipulate the Windows Kernel into executing the native x86 shellcode. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5417.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5417-en-cve_2011_3402_analysis_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5205-en-analytical_summary_of_the_blackhole_exploit_kit_h264.mp4 There are hundreds, if not thousands, of news articles and blog posts about the BlackHole Exploit Kit. Usually, each story covers only a very narrow part of the subject matter. This talk will summarize the history of the BlackHole Exploit Kit into one easy to follow story. There will be diagrams and flow-charts for explaining code, rather than a giant blob of illegible Javascript, PHP, or x86 Assembly. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5205.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5205-en-analytical_summary_of_the_blackhole_exploit_kit_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5205-en-analytical_summary_of_the_blackhole_exploit_kit_h264.mp4 2012-12-29T00:00:00+01:00 Julia Wolf No 29c3 Almost Everything You Ever Wanted To Know About The BlackHole Exploit Kit There are hundreds, if not thousands, of news articles and blog posts about the BlackHole Exploit Kit. Usually, each story covers only a very narrow part of the subject matter. This talk will summarize the history of the BlackHole Exploit Kit into one easy to follow story. There will be diagrams and flow-charts for explaining code, rather than a giant blob of illegible Javascript, PHP, or x86 Assembly. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5205.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5205-en-analytical_summary_of_the_blackhole_exploit_kit_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5262-de-en-anderthalb_jahre_fragdenstaat_h264.mp4 Seit anderthalb Jahren begleitet FragDenStaat.de die deutsche Informationsfreiheit in der Praxis und dokumentiert die Korrespondenz zwischen Anfragestellenden und Behörden. Welche Informationen gibt der Staat preis, und gegen welche Veröffentlichungen kämpft er sogar bis vor Gericht? Die interessantesten Fälle werden genauer beleuchtet und eine Bewertung zur Lage der staatlichen Information in Deutschland abgegeben. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5262.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5262-de-en-anderthalb_jahre_fragdenstaat_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5262-de-en-anderthalb_jahre_fragdenstaat_h264.mp4 2012-12-27T00:00:00+01:00 Stefan Wehrmeyer No 29c3 1.5 Jahre FragDenStaat.de Seit anderthalb Jahren begleitet FragDenStaat.de die deutsche Informationsfreiheit in der Praxis und dokumentiert die Korrespondenz zwischen Anfragestellenden und Behörden. Welche Informationen gibt der Staat preis, und gegen welche Veröffentlichungen kämpft er sogar bis vor Gericht? Die interessantesten Fälle werden genauer beleuchtet und eine Bewertung zur Lage der staatlichen Information in Deutschland abgegeben. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5262.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5262-de-en-anderthalb_jahre_fragdenstaat_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5275-en-facthacks_h264.mp4 RSA is the dominant public-key cryptosystem on the Internet. This talk will explain the state of the art in techniques for the attacker to figure out your secret RSA keys. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5275.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5275-en-facthacks_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5275-en-facthacks_h264.mp4 2012-12-28T00:00:00+01:00 djb, Nadia Heninger, Tanja Lange No 29c3 RSA factorization in the real world RSA is the dominant public-key cryptosystem on the Internet. This talk will explain the state of the art in techniques for the attacker to figure out your secret RSA keys. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5275.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5275-en-facthacks_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5301-en-defeating_windows_memory_forensics_h264.mp4 Aside from further development of traditional forensic techniques which involve post-mortem hard disk analysis, in the last couple of years the field of computer forensics has been marked by significant development of live forensic techniques and tools. Memory forensics is composed of two main activities: memory aquisition/capture and analysis. This presentation will give an overview of the memory acquisition and analysis techniques and tools on the Windows operating systems. The main part of the presentation will cover current exploitation techniques and methods for defeating both acquisition and analysis phase of the memory forensics, as well as present a new approach for hiding specific artifacts from forensic tools. Based on the covered exploitation techniques, some suggestions and improvements of the current tools will be given. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5301.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5301-en-defeating_windows_memory_forensics_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5301-en-defeating_windows_memory_forensics_h264.mp4 2012-12-28T00:00:00+01:00 Luka Milkovic No 29c3 Aside from further development of traditional forensic techniques which involve post-mortem hard disk analysis, in the last couple of years the field of computer forensics has been marked by significant development of live forensic techniques and tools. Memory forensics is composed of two main activities: memory aquisition/capture and analysis. This presentation will give an overview of the memory acquisition and analysis techniques and tools on the Windows operating systems. The main part of the presentation will cover current exploitation techniques and methods for defeating both acquisition and analysis phase of the memory forensics, as well as present a new approach for hiding specific artifacts from forensic tools. Based on the covered exploitation techniques, some suggestions and improvements of the current tools will be given. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5301.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5301-en-defeating_windows_memory_forensics_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5316-en-lightningtalks1_h264.mp4 about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5316.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5316-en-lightningtalks1_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5316-en-lightningtalks1_h264.mp4 2012-12-28T00:00:00+01:00 Nick Farr No 29c3 5 Minutes of Fame about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5316.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5316-en-lightningtalks1_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5383-en-lightning_talks_2_h264.mp4 about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5383.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5383-en-lightning_talks_2_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5383-en-lightning_talks_2_h264.mp4 2012-12-29T00:00:00+01:00 Nick Farr No 29c3 5 Minutes of Fame about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5383.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5383-en-lightning_talks_2_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5395-en-howto_hack_the_law_h264.mp4 Legal systems have a huge impact on what we do as hackers, but also on internet users in general. Laws can restrict our freedom to use the internet in ways we deem to be natural and it can impede the tools which we hackers use on a daily basis. Which is not to say that laws cannot also protect our freedom and ensure that all bits are treated equally. Most importantly, these laws can be hacked and tweaked to fit our needs - like most things in this world. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5395.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5395-en-howto_hack_the_law_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5395-en-howto_hack_the_law_h264.mp4 2012-12-27T00:00:00+01:00 Ot van Daalen, Rejo Zenger No 29c3 The key elements of policy hacking Legal systems have a huge impact on what we do as hackers, but also on internet users in general. Laws can restrict our freedom to use the internet in ways we deem to be natural and it can impede the tools which we hackers use on a daily basis. Which is not to say that laws cannot also protect our freedom and ensure that all bits are treated equally. Most importantly, these laws can be hacked and tweaked to fit our needs - like most things in this world. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5395.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5395-en-howto_hack_the_law_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5024-en-hackers_as_a_highrisk_population_h264.mp4 Hackers are a high-risk population. This talk will provide hackers with tools to reduce the risk to themselves and their communities using harm reduction methodology. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5024.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5024-en-hackers_as_a_highrisk_population_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5024-en-hackers_as_a_highrisk_population_h264.mp4 2012-12-28T00:00:00+01:00 Violet Blue No 29c3 Harm Reduction Methodology Hackers are a high-risk population. This talk will provide hackers with tools to reduce the risk to themselves and their communities using harm reduction methodology. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5024.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5024-en-hackers_as_a_highrisk_population_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5037-de-en-nougatbytes10_h264.mp4 Gut gereift und mit verbesserter Rezeptur. Aber immer noch: Zwei sich auf Couchen fläzende Teams gehirnwinden, spitzfinden und assoziieren gegeneinander an, um Bilderrätsel aus den Gefilden IT, Netzgesellschaft und Informatik zu entwirren. (Hashtag: #Nougatbytes) about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5037.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5037-de-en-nougatbytes10_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5037-de-en-nougatbytes10_h264.mp4 2012-12-27T00:00:00+01:00 Ben, Rainer No 29c3 Gebilde(r)ter Hirnsalat – die rhekkcüЯ der Bilderrätsel Gut gereift und mit verbesserter Rezeptur. Aber immer noch: Zwei sich auf Couchen fläzende Teams gehirnwinden, spitzfinden und assoziieren gegeneinander an, um Bilderrätsel aus den Gefilden IT, Netzgesellschaft und Informatik zu entwirren. (Hashtag: #Nougatbytes) about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5037.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5037-de-en-nougatbytes10_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5044-en-time_is_not_on_your_side_h264.mp4 In this year’s talk, I tie on my 28c3 talk and present timing side channels from a defending viewpoint: How can one mitigate timing side channels? Aren’t random delays sufficient to prevent timing side channels in practice? What is the minimum size of random delays to be effective? Are there other delay strategies besides random delays that are more effective and efficient? about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5044.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5044-en-time_is_not_on_your_side_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5044-en-time_is_not_on_your_side_h264.mp4 2012-12-27T00:00:00+01:00 Sebastian Schinzel No 29c3 Mitigating Timing Side Channels on the Web In this year’s talk, I tie on my 28c3 talk and present timing side channels from a defending viewpoint: How can one mitigate timing side channels? Aren’t random delays sufficient to prevent timing side channels in practice? What is the minimum size of random delays to be effective? Are there other delay strategies besides random delays that are more effective and efficient? about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5044.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5044-en-time_is_not_on_your_side_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5059-en-scada_strangelove_h264.mp4 Modern civilization unconditionally depends on information systems. It is paradoxical but true that ICS/SCADA systems are the most insecure systems in the world. From network to application, SCADA is full of configuration issues and vulnerabilities. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5059.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5059-en-scada_strangelove_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5059-en-scada_strangelove_h264.mp4 2012-12-27T00:00:00+01:00 Denis Baranov, Gleb Gritsai, Sergey Gordeychik No 29c3 or: How I Learned to Start Worrying and Love Nuclear Plants Modern civilization unconditionally depends on information systems. It is paradoxical but true that ICS/SCADA systems are the most insecure systems in the world. From network to application, SCADA is full of configuration issues and vulnerabilities. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5059.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5059-en-scada_strangelove_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5085-en-everycook_h264.mp4 We know, that cooking is an art. Selecting the ingredients, carefully washing, pealing and cutting them before you put them into the right dish at the right time with the right heat. Watching the food change his color, form and consistency, seasoning it to develop it's flavors and serving it on beautiful plates is a pleasure. For some, but not for all.Those who love cooking can spend hours at the stove and relax while preparing delicious meals. For others cooking is pure stress. What is the difference between orange and yellow carrots? Did I forget something? Is the pan hot enough? Or too hot? How long after the pasta do I start cooking the steak? Will it be healthy? Is it sustainable? So many questionsappear if one starts to think about food. The answers are complicated and ambiguous. They require research and analyzing. Many have stopped thinkingabout food. They just believe what is written on the package. I can't cook is such an easy answer. And it is accepted in our society. Nobody is ashamed of it. This gives more and more control tomultinational corporations. Through precooked food and shiny commercials they calm our conscience and stimulate our laziness. The consequences are dramatic!The profit-focused approach of multinational corporations have led to things like: • Patented genetically modified seeds. Lawyers suing farmers for copyrights. • Destruction of South-American jungle to make soya to feed European cows so they make more milk. Although a cow as never born to eat proteins. • Chickens that can't stand on their own feet due to the weight of their breasts. They will never see soil, worms or even sunlight. • Oran-Utangs losing their homes for palm oil • Vegetables getting grown in the desert, wasting huge amounts of drinking water. Conclusions: • We must know more about our food • We have to cook more ourselves • So we will recover some control over what we eat about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5085.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5085-en-everycook_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5085-en-everycook_h264.mp4 2012-12-28T00:00:00+01:00 Alexis No 29c3 Cooking gets digital We know, that cooking is an art. Selecting the ingredients, carefully washing, pealing and cutting them before you put them into the right dish at the right time with the right heat. Watching the food change his color, form and consistency, seasoning it to develop it's flavors and serving it on beautiful plates is a pleasure. For some, but not for all.Those who love cooking can spend hours at the stove and relax while preparing delicious meals. For others cooking is pure stress. What is the difference between orange and yellow carrots? Did I forget something? Is the pan hot enough? Or too hot? How long after the pasta do I start cooking the steak? Will it be healthy? Is it sustainable? So many questionsappear if one starts to think about food. The answers are complicated and ambiguous. They require research and analyzing. Many have stopped thinkingabout food. They just believe what is written on the package. I can't cook is such an easy answer. And it is accepted in our society. Nobody is ashamed of it. This gives more and more control tomultinational corporations. Through precooked food and shiny commercials they calm our conscience and stimulate our laziness. The consequences are dramatic!The profit-focused approach of multinational corporations have led to things like: • Patented genetically modified seeds. Lawyers suing farmers for copyrights. • Destruction of South-American jungle to make soya to feed European cows so they make more milk. Although a cow as never born to eat proteins. • Chickens that can't stand on their own feet due to the weight of their breasts. They will never see soil, worms or even sunlight. • Oran-Utangs losing their homes for palm oil • Vegetables getting grown in the desert, wasting huge amounts of drinking water. Conclusions: • We must know more about our food • We have to cook more ourselves • So we will recover some control over what we eat about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5085.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5085-en-everycook_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5088-en-many_tamagotchis_were_harmed_in_the_making_of_this_presentation_h264.mp4 You might remember Tamagotchi virtual pets from the 1990's. These toys are still around and just as demanding as ever! This talk covers my attempts to hack the latest Tamagotchis. Starting with the IR interface, and moving down into the hardware, this presentation will discuss techniques for reverse engineering a device with limited inputs, computing power and debugging capabilities. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5088.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5088-en-many_tamagotchis_were_harmed_in_the_making_of_this_presentation_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5088-en-many_tamagotchis_were_harmed_in_the_making_of_this_presentation_h264.mp4 2012-12-28T00:00:00+01:00 Natalie Silvanovich No 29c3 You might remember Tamagotchi virtual pets from the 1990's. These toys are still around and just as demanding as ever! This talk covers my attempts to hack the latest Tamagotchis. Starting with the IR interface, and moving down into the hardware, this presentation will discuss techniques for reverse engineering a device with limited inputs, computing power and debugging capabilities. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5088.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5088-en-many_tamagotchis_were_harmed_in_the_making_of_this_presentation_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5095-en-privacy_and_the_car_of_the_future_h264.mp4 To date, remote vehicle communications have provided little in the way of privacy. Much information and misinformation has been spread on what the system is and can do, especially within the information security community. The recent field trial in the US of a connected vehicle infrastructure raises the level of concern amongst all who are aware of existing privacy issues. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5095.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5095-en-privacy_and_the_car_of_the_future_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5095-en-privacy_and_the_car_of_the_future_h264.mp4 2012-12-27T00:00:00+01:00 Christie Dudley No 29c3 Considerations for the Connected Vehicle To date, remote vehicle communications have provided little in the way of privacy. Much information and misinformation has been spread on what the system is and can do, especially within the information security community. The recent field trial in the US of a connected vehicle infrastructure raises the level of concern amongst all who are aware of existing privacy issues. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5095.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5095-en-privacy_and_the_car_of_the_future_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5101-de-en-privatisierung_der_rechtsdurchsetzung_h264.mp4 ACTA war das beherrschende Thema des zweiten Halbjahres. Mit ACTA sollte der Weg einer Privatisierung der Rechtsdurchsetzung weiter gegangen werden. Was das konkret bedeutet, können wir bereits im Ausland sehen: Netzsperren, 3-Strikes-Systeme und eine Echtzeit-Überwachung des Datenverkehrs zur Bekämpfung von Urheberrechtsverletzungen. Existierende Modelle in anderen europäischen Staaten zeigen, dass diese Maßnahmen erhebliche grund- und datenschutzrechtliche Probleme aufwerfen. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5101.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5101-de-en-privatisierung_der_rechtsdurchsetzung_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5101-de-en-privatisierung_der_rechtsdurchsetzung_h264.mp4 2012-12-29T00:00:00+01:00 Kirsten Fiedler, Markus Beckedahl No 29c3 Von ACTA, IPRED und Freunden ACTA war das beherrschende Thema des zweiten Halbjahres. Mit ACTA sollte der Weg einer Privatisierung der Rechtsdurchsetzung weiter gegangen werden. Was das konkret bedeutet, können wir bereits im Ausland sehen: Netzsperren, 3-Strikes-Systeme und eine Echtzeit-Überwachung des Datenverkehrs zur Bekämpfung von Urheberrechtsverletzungen. Existierende Modelle in anderen europäischen Staaten zeigen, dass diese Maßnahmen erhebliche grund- und datenschutzrechtliche Probleme aufwerfen. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5101.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5101-de-en-privatisierung_der_rechtsdurchsetzung_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5104-en-esxi_beast_h264.mp4 This presentation will cover a demonstration of the new version of the Canape protocol analysis tool being released for Ruxcon. During the course of the presentation various attack scenarios against the VMWare ESXi binary protocol will be demonstrated using Canape. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5104.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5104-en-esxi_beast_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5104-en-esxi_beast_h264.mp4 2012-12-28T00:00:00+01:00 James Forshaw No 29c3 Exploiting VMWARE ESXi Binary Protocols Using CANAPE This presentation will cover a demonstration of the new version of the Canape protocol analysis tool being released for Ruxcon. During the course of the presentation various attack scenarios against the VMWare ESXi binary protocol will be demonstrated using Canape. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5104.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5104-en-esxi_beast_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5121-de-en-sind_faire_computer_moeglich_h264.mp4 Green-IT kennen wir inzwischen zur Genüge. Computer können aber nicht nur nicht "green" sein, sondern auch unfair und unsozial, von der Rohstoffgewinnung bis zur Verschrottung. Unfair spart nämlich Geld. Der Gedanke, faire Produkte anzubieten und zu kaufen, ist inzwischen weit verbreitet, allerdings eher bei Kaffee oder Kleidung. Ein Angebot an fairer IT fehlt. Die Industrie hat sich noch nicht auf den Weg gemacht, faire Computer herzustellen. Wir Nutzer haben kaum die Wahl – verändern können wir aber durchaus etwas. Der Vortrag erklärt, was und wie. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5121.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5121-de-en-sind_faire_computer_moeglich_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5121-de-en-sind_faire_computer_moeglich_h264.mp4 2012-12-29T00:00:00+01:00 Sebastian Jekutsch No 29c3 Green-IT kennen wir inzwischen zur Genüge. Computer können aber nicht nur nicht "green" sein, sondern auch unfair und unsozial, von der Rohstoffgewinnung bis zur Verschrottung. Unfair spart nämlich Geld. Der Gedanke, faire Produkte anzubieten und zu kaufen, ist inzwischen weit verbreitet, allerdings eher bei Kaffee oder Kleidung. Ein Angebot an fairer IT fehlt. Die Industrie hat sich noch nicht auf den Weg gemacht, faire Computer herzustellen. Wir Nutzer haben kaum die Wahl – verändern können wir aber durchaus etwas. Der Vortrag erklärt, was und wie. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5121.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5121-de-en-sind_faire_computer_moeglich_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5124-en-low_cost_chip_microprobing_h264.mp4 Security is moving deeper into hardware and so should security research. This talks introduces microprobing, an old technique for snooping on data inside chips, and details a low-cost probing setup. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5124.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5124-en-low_cost_chip_microprobing_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5124-en-low_cost_chip_microprobing_h264.mp4 2012-12-29T00:00:00+01:00 dexter, Karsten Nohl No 29c3 Security is moving deeper into hardware and so should security research. This talks introduces microprobing, an old technique for snooping on data inside chips, and details a low-cost probing setup. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5124.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5124-en-low_cost_chip_microprobing_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5140-en-safecast_h264.mp4 The triple meltdown of the Fukushima Dai-Ichi nuclear power plant in March last year and the release of radioactive material that has ensued have left a good part of Northern Japan contaminated with unknown amount of radioactivity. An outstanding lack of transparency from both the government and the power utility then resulted in a near total lack of information concerning the levels of radiation in the, yet unknown, contaminated areas. As a response, concerned citizen have started to take upon themselves this challenging task. However it quickly became clear that handheld measurements wouldn't scale up to the full magnitude of the area to cover. New means of measuring radiation accurately, quickly and cheaply were needed. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5140.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5140-en-safecast_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5140-en-safecast_h264.mp4 2012-12-28T00:00:00+01:00 sean bonner No 29c3 Empowering citizen in the wake of Fukushima triple-meltdown disaster The triple meltdown of the Fukushima Dai-Ichi nuclear power plant in March last year and the release of radioactive material that has ensued have left a good part of Northern Japan contaminated with unknown amount of radioactivity. An outstanding lack of transparency from both the government and the power utility then resulted in a near total lack of information concerning the levels of radiation in the, yet unknown, contaminated areas. As a response, concerned citizen have started to take upon themselves this challenging task. However it quickly became clear that handheld measurements wouldn't scale up to the full magnitude of the area to cover. New means of measuring radiation accurately, quickly and cheaply were needed. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5140.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5140-en-safecast_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5152-en-hashflooding_dos_reloaded_h264.mp4 At 28C3, Klink and Waelde showed that a number of technologies (PHP, ASP.NET, Ruby, Java, Python, etc.) were vulnerable to the decade-old hash-flooding DoS attacks. The vulnerability was then often fixed by adopting stronger hash functions and "randomizing" them. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5152.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5152-en-hashflooding_dos_reloaded_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5152-en-hashflooding_dos_reloaded_h264.mp4 2012-12-29T00:00:00+01:00 djb, Jean-Philippe Aumasson, Martin Boßlet No 29c3 At 28C3, Klink and Waelde showed that a number of technologies (PHP, ASP.NET, Ruby, Java, Python, etc.) were vulnerable to the decade-old hash-flooding DoS attacks. The vulnerability was then often fixed by adopting stronger hash functions and "randomizing" them. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5152.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5152-en-hashflooding_dos_reloaded_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5159-en-defend_freedoms_online_h264.mp4 Over the years we learned impressively how to oppose bad legislation hurting our freedoms online. We are now facing an even bigger challenge: how to guarantee that a Free, open, decentralized Internet will be protected in the long run? In 2012 The Internetz won major battles against SOPA/PIPA in the US, and against ACTA in the EU. Yet, we know that the powerful industries and governments behind these projects will never stop. They have an incentive to gain control of the Internet, attacking fundamental rights and promoting technologies like "Deep Packet Inspection", now being deployed in each and every corner of the Net, and used indifferently to break Net neutrality, to filter, block and censor communications or to inspect citizens traffic. How to push for proposals that will ensure that the sharing of knowledge and culture, citizens freedoms, and access to an open infrastructure will be guaranteed in the future public policies? How to become as successful in proposition as we are now in opposition? (Hint: it's political, stupid!) about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5159.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5159-en-defend_freedoms_online_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5159-en-defend_freedoms_online_h264.mp4 2012-12-27T00:00:00+01:00 Jérémie Zimmermann No 29c3 A Positive agenda against the next ACTA, SOPA, and such Over the years we learned impressively how to oppose bad legislation hurting our freedoms online. We are now facing an even bigger challenge: how to guarantee that a Free, open, decentralized Internet will be protected in the long run? In 2012 The Internetz won major battles against SOPA/PIPA in the US, and against ACTA in the EU. Yet, we know that the powerful industries and governments behind these projects will never stop. They have an incentive to gain control of the Internet, attacking fundamental rights and promoting technologies like "Deep Packet Inspection", now being deployed in each and every corner of the Net, and used indifferently to break Net neutrality, to filter, block and censor communications or to inspect citizens traffic. How to push for proposals that will ensure that the sharing of knowledge and culture, citizens freedoms, and access to an open infrastructure will be guaranteed in the future public policies? How to become as successful in proposition as we are now in opposition? (Hint: it's political, stupid!) about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5159.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5159-en-defend_freedoms_online_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5160-en-transparenzgesetz_hh_h264.mp4 In the Free City of Hamburg, which is one of 16 German states, a coalition of hackers, activists and other players of civil society have drafted the most revolutionary Freedom of information law in the world. The law obliges the state to proactively publish all important public information (such as contracts, studies, construction permits) in an OpenData format on the Internet. After the start of a referendum campaign, the law was passed unanimously by the state parliament in June 2012 to avoid a public vote on it. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5160.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5160-en-transparenzgesetz_hh_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5160-en-transparenzgesetz_hh_h264.mp4 2012-12-28T00:00:00+01:00 Gregor Hackmack No 29c3 How to further transparency by law – the Hamburg example and beyond In the Free City of Hamburg, which is one of 16 German states, a coalition of hackers, activists and other players of civil society have drafted the most revolutionary Freedom of information law in the world. The law obliges the state to proactively publish all important public information (such as contracts, studies, construction permits) in an OpenData format on the Internet. After the start of a referendum campaign, the law was passed unanimously by the state parliament in June 2012 to avoid a public vote on it. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5160.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5160-en-transparenzgesetz_hh_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5167-en-setting_mobile_phones_free_h264.mp4 In The Netherlands, this year the community-driven mobile telco Limesco has started operations. We're providing voice, SMS and data services to dozens of hackers in our country. One of the founders of Limesco will give a lecture about mobile telephony in The Netherlands, encompassing topics like what companies are involved in the system, how tariffs are constructed and the role of government regulations. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5167.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5167-en-setting_mobile_phones_free_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5167-en-setting_mobile_phones_free_h264.mp4 2012-12-27T00:00:00+01:00 Mark van Cuijk No 29c3 An overview of a mobile telephony market and how a community-driven operator is born In The Netherlands, this year the community-driven mobile telco Limesco has started operations. We're providing voice, SMS and data services to dozens of hackers in our country. One of the founders of Limesco will give a lecture about mobile telephony in The Netherlands, encompassing topics like what companies are involved in the system, how tariffs are constructed and the role of government regulations. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5167.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5167-en-setting_mobile_phones_free_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5177-en-securing_the_campaign_h264.mp4 This talk will go into some of challenges, solutions, and stories from securing a campaign for the 2012 US presidential election. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5177.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5177-en-securing_the_campaign_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5177-en-securing_the_campaign_h264.mp4 2012-12-29T00:00:00+01:00 Ben Hagen No 29c3 Security and the 2012 US Presidential Election This talk will go into some of challenges, solutions, and stories from securing a campaign for the 2012 US presidential election. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5177.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5177-en-securing_the_campaign_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5178-en-the_ultimate_galaksija_talk_h264.mp4 Galaksija was to be in Yugoslavia what Commodore and Sinclair were in the west. Whether it succeeded or not, its deceptively simple design can still teach us a lot of interesting tricks on how to make a usable computer and operating system with as few transistors and bits as possible. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5178.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5178-en-the_ultimate_galaksija_talk_h264.html Sun, 30 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5178-en-the_ultimate_galaksija_talk_h264.mp4 2012-12-30T00:00:00+01:00 Tomaž Šolc No 29c3 Everything about a Yugoslavian microcomputer halfway between a TRS-80 and a ZX 80 Galaksija was to be in Yugoslavia what Commodore and Sinclair were in the west. Whether it succeeded or not, its deceptively simple design can still teach us a lot of interesting tricks on how to make a usable computer and operating system with as few transistors and bits as possible. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5178.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5178-en-the_ultimate_galaksija_talk_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5180-de-en-marvin_und_der_blues_h264.mp4 Autonomer Drumroboter, robotisches Glockenspiel oder klingende Installation: Musikinstrumente zu modifizieren und selbstzubauen bietet musik- und technikaffinen Geeks die Möglichkeit, vorgefertigten Klang-Setups etwas eigenständiges entgegenzusetzen. Drumroboter und Klanginstallationen üben dabei sowohl physisch als auch optisch einen besonderen Reiz aus: die Quelle des Klangs wird entdeckt. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5180.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5180-de-en-marvin_und_der_blues_h264.html Sun, 30 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5180-de-en-marvin_und_der_blues_h264.mp4 2012-12-30T00:00:00+01:00 Moritz Simon Geist No 29c3 Wie Roboterinstrumente zum Musik machen benutzt werden können Autonomer Drumroboter, robotisches Glockenspiel oder klingende Installation: Musikinstrumente zu modifizieren und selbstzubauen bietet musik- und technikaffinen Geeks die Möglichkeit, vorgefertigten Klang-Setups etwas eigenständiges entgegenzusetzen. Drumroboter und Klanginstallationen üben dabei sowohl physisch als auch optisch einen besonderen Reiz aus: die Quelle des Klangs wird entdeckt. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5180.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5180-de-en-marvin_und_der_blues_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5195-en-executable_metadata_h264.mp4 The Executable and Linkable Format (ELF) is omnipresent; related OS and library code is run whenever processes are set up and serviced (e.g., dynamically linked). The loader is the stage manager for every executable. Hardly anyone appreciates the work that the ELF backstage crew (including the linker and the loader) puts in to make an executable run smoothly. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5195.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5195-en-executable_metadata_h264.html Sun, 30 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5195-en-executable_metadata_h264.mp4 2012-12-30T00:00:00+01:00 bx No 29c3 The Executable and Linkable Format (ELF) is omnipresent; related OS and library code is run whenever processes are set up and serviced (e.g., dynamically linked). The loader is the stage manager for every executable. Hardly anyone appreciates the work that the ELF backstage crew (including the linker and the loader) puts in to make an executable run smoothly. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5195.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5195-en-executable_metadata_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5198-en-de-fnord_jahresrueckblick2012_h264.mp4 Neues Jahr, neue Fnords :-) about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5198.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5198-en-de-fnord_jahresrueckblick2012_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5198-en-de-fnord_jahresrueckblick2012_h264.mp4 2012-12-29T00:00:00+01:00 Felix von Leitner, Frank Rieger No 29c3 Diesmal mit noch mehr Eurozonen-Spaltung! Neues Jahr, neue Fnords :-) about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5198.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5198-en-de-fnord_jahresrueckblick2012_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5206-en-the_ethics_of_activists_ddos_actions_h264.mp4 In the world of digital activism, distributed denial of service attacks present relatively low barriers to popular participation, have a high potential for attracting large numbers of first-time and repeat participants, and can attract large amounts of media attention. But though such actions popular, are they ethical? In this talk I will be presenting an ethical framework for the analysis of activist DDOS actions. The framework is grounded in a historical analysis of various activist DDOS actions, such as the IGC attacks in Spain in the late 90s, Electronic Disturbance Theater actions in the early 2000s, and the Anonymous-led Operation Payback attacks in 2010. Each historical case study presents a unique confluence of technological, political, legal and operational factors allowing for a full spectrum of ethical analysis. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5206.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5206-en-the_ethics_of_activists_ddos_actions_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5206-en-the_ethics_of_activists_ddos_actions_h264.mp4 2012-12-27T00:00:00+01:00 Molly Sauter No 29c3 A Historical Analysis In the world of digital activism, distributed denial of service attacks present relatively low barriers to popular participation, have a high potential for attracting large numbers of first-time and repeat participants, and can attract large amounts of media attention. But though such actions popular, are they ethical? In this talk I will be presenting an ethical framework for the analysis of activist DDOS actions. The framework is grounded in a historical analysis of various activist DDOS actions, such as the IGC attacks in Spain in the late 90s, Electronic Disturbance Theater actions in the early 2000s, and the Anonymous-led Operation Payback attacks in 2010. Each historical case study presents a unique confluence of technological, political, legal and operational factors allowing for a full spectrum of ethical analysis. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5206.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5206-en-the_ethics_of_activists_ddos_actions_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5216-en-attacking_mobile_terminated_service_in_gsm_h264.mp4 In the last years, mobile security and specifically GSM has been attacked in many different ways. It was demonstrated how to sniff and crack traffic, how to impersonate a subscriber by placing a fake call and the general security characteristics of this mobile protocol stack have been evaluated. In this presentation, we will check out a part of the protocol procedures that hasn't been looked at yet, specifically Mobile Terminated services. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5216.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5216-en-attacking_mobile_terminated_service_in_gsm_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5216-en-attacking_mobile_terminated_service_in_gsm_h264.mp4 2012-12-28T00:00:00+01:00 Nico Golde No 29c3 adventures in mobile paging In the last years, mobile security and specifically GSM has been attacked in many different ways. It was demonstrated how to sniff and crack traffic, how to impersonate a subscriber by placing a fake call and the general security characteristics of this mobile protocol stack have been evaluated. In this presentation, we will check out a part of the protocol procedures that hasn't been looked at yet, specifically Mobile Terminated services. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5216.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5216-en-attacking_mobile_terminated_service_in_gsm_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5216-en-let_me_answer_that_for_you_h264.mp4 In the last years, mobile security and specifically GSM has been attacked in many different ways. It was demonstrated how to sniff and crack traffic, how to impersonate a subscriber by placing a fake call and the general security characteristics of this mobile protocol stack have been evaluated. In this presentation, we will check out a part of the protocol procedures that hasn't been looked at yet, specifically Mobile Terminated services. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5216.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5216-en-let_me_answer_that_for_you_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5216-en-let_me_answer_that_for_you_h264.mp4 2012-12-28T00:00:00+01:00 Nico Golde No 29c3 adventures in mobile paging In the last years, mobile security and specifically GSM has been attacked in many different ways. It was demonstrated how to sniff and crack traffic, how to impersonate a subscriber by placing a fake call and the general security characteristics of this mobile protocol stack have been evaluated. In this presentation, we will check out a part of the protocol procedures that hasn't been looked at yet, specifically Mobile Terminated services. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5216.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5216-en-let_me_answer_that_for_you_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5221-de-en-cyberwar_statt_cyberwar_h264.mp4 Wir sind Zeugen eines seit einigen Jahren stattfindenden Wettrüstens im Cyberspace. Immer mehr Staaten bauen militärische Cyberware Einheiten auf, die aus IT Spezialisten bestehen und dem Zweck dienen, bestenfalls IT Systeme abzusichern oder schlechterdings Systeme von „Feinden“ anzugreifen. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5221.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5221-de-en-cyberwar_statt_cyberwar_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5221-de-en-cyberwar_statt_cyberwar_h264.mp4 2012-12-27T00:00:00+01:00 Sylvia Johnigk No 29c3 Wir sind Zeugen eines seit einigen Jahren stattfindenden Wettrüstens im Cyberspace. Immer mehr Staaten bauen militärische Cyberware Einheiten auf, die aus IT Spezialisten bestehen und dem Zweck dienen, bestenfalls IT Systeme abzusichern oder schlechterdings Systeme von „Feinden“ anzugreifen. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5221.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5221-de-en-cyberwar_statt_cyberwar_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5226-en-further_hacks_calypso_h264.mp4 The calypso baseband and its companion chips are used on the Motorola C123 among other and are now well known for being supported by the Osmocom-BB open source GSM baseband implementation. A couple years ago, it was hacked a little further by using it as a raw bits capture device allowing the interception of GSM traffic very cheaply. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5226.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5226-en-further_hacks_calypso_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5226-en-further_hacks_calypso_h264.mp4 2012-12-29T00:00:00+01:00 Sylvain Munaut No 29c3 or how to turn a phone into a BTS The calypso baseband and its companion chips are used on the Motorola C123 among other and are now well known for being supported by the Osmocom-BB open source GSM baseband implementation. A couple years ago, it was hacked a little further by using it as a raw bits capture device allowing the interception of GSM traffic very cheaply. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5226.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5226-en-further_hacks_calypso_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5237-en-a_rambling_walk_through_an_emv_transaction_h264.mp4 With Visa and Mastercard pushing for EMV (http://www.emvco.com, aka “chip and pin”) rollout in the United States, the uptake of contactless payment and the use of mobile NFC wallets, the chipcard security community will soon be getting more eyes to analyze the protocols in use with chip and contactless credit card transactions. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5237.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5237-en-a_rambling_walk_through_an_emv_transaction_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5237-en-a_rambling_walk_through_an_emv_transaction_h264.mp4 2012-12-29T00:00:00+01:00 Tim Becker No 29c3 With Visa and Mastercard pushing for EMV (http://www.emvco.com, aka “chip and pin”) rollout in the United States, the uptake of contactless payment and the use of mobile NFC wallets, the chipcard security community will soon be getting more eyes to analyze the protocols in use with chip and contactless credit card transactions. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5237.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5237-en-a_rambling_walk_through_an_emv_transaction_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5239-en-smart_meter_h264.mp4 This talk will give an overview on the technology, the laws and the technical guidelines of the smartMeter roll-out in Germany. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5239.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5239-en-smart_meter_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5239-en-smart_meter_h264.mp4 2012-12-28T00:00:00+01:00 derpeter No 29c3 A technological overview of the German roll-out This talk will give an overview on the technology, the laws and the technical guidelines of the smartMeter roll-out in Germany. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5239.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5239-en-smart_meter_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5244-de-en-security_nightmares2012_h264.mp4 Was hat sich im letzten Jahr im Bereich IT-Sicherheit getan? Welche neuen Entwicklungen haben sich ergeben? Welche neuen Buzzwords und Trends waren zu sehen? about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5244.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5244-de-en-security_nightmares2012_h264.html Sun, 30 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5244-de-en-security_nightmares2012_h264.mp4 2012-12-30T00:00:00+01:00 Frank Rieger, Ron No 29c3 Damit Sie auch morgen schlecht von Ihrem Computer träumen. Was hat sich im letzten Jahr im Bereich IT-Sicherheit getan? Welche neuen Entwicklungen haben sich ergeben? Welche neuen Buzzwords und Trends waren zu sehen? about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5244.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5244-de-en-security_nightmares2012_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5266-de-en-proximax_telex_flashproxy_h264.mp4 Zensur im Internet betrifft immer mehr Nutzer. Wir kennen Tools wie Proxies, VPNs oder Tor Bridges. Doch welche weiteren Werkzeuge unterstützen die Nutzer vor Ort? Wo sind die Stärken und Schwächen? Der Vortrag stellt einige von diesen vor und zeigt die Stärken und Schwächen. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5266.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5266-de-en-proximax_telex_flashproxy_h264.html Sun, 30 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5266-de-en-proximax_telex_flashproxy_h264.mp4 2012-12-30T00:00:00+01:00 Jens Kubieziel No 29c3 Übersicht über aktuelle Zensurumgehungssoftware Zensur im Internet betrifft immer mehr Nutzer. Wir kennen Tools wie Proxies, VPNs oder Tor Bridges. Doch welche weiteren Werkzeuge unterstützen die Nutzer vor Ort? Wo sind die Stärken und Schwächen? Der Vortrag stellt einige von diesen vor und zeigt die Stärken und Schwächen. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5266.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5266-de-en-proximax_telex_flashproxy_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5270-de-en-hanussens_mindreading_h264.mp4 This is fun stuff for the late night program, not a serious talk: Is it possible to read sb. others mind? In the late 1920ies/early 1930ies Berlin was excited by the famous mindreader and fortune-teller Erik Jan Hanussen who performed his strange abilities on stage. His act was so convincing that leading nazis believed in his powers and wanted him for advice – until they decided to murder him. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5270.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5270-de-en-hanussens_mindreading_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5270-de-en-hanussens_mindreading_h264.mp4 2012-12-28T00:00:00+01:00 markuskompa No 29c3 Experiments of the historical psychic This is fun stuff for the late night program, not a serious talk: Is it possible to read sb. others mind? In the late 1920ies/early 1930ies Berlin was excited by the famous mindreader and fortune-teller Erik Jan Hanussen who performed his strange abilities on stage. His act was so convincing that leading nazis believed in his powers and wanted him for advice – until they decided to murder him. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5270.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5270-de-en-hanussens_mindreading_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5274-en-grand_eu_data_protection_reform_h264.mp4 The current European data protection directive is from 1995, which was when the internet had not hit Brussels' decision-makers yet. Now, 17 years later, it is being completely re-writen. Will it meet the challenges of the age of big data? Will it have any effect on non-EU data hoarders? How will it deal with user-generated consent? What is this strange new "right to be forgotten"? And what about privacy by design? about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5274.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5274-en-grand_eu_data_protection_reform_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5274-en-grand_eu_data_protection_reform_h264.mp4 2012-12-27T00:00:00+01:00 Jan Philipp Albrecht, Katarzyna Szymielewicz, Kirsten Fiedler No 29c3 A latest battle report by some key actors from Brussels The current European data protection directive is from 1995, which was when the internet had not hit Brussels' decision-makers yet. Now, 17 years later, it is being completely re-writen. Will it meet the challenges of the age of big data? Will it have any effect on non-EU data hoarders? How will it deal with user-generated consent? What is this strange new "right to be forgotten"? And what about privacy by design? about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5274.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5274-en-grand_eu_data_protection_reform_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5287-de-en-hinter_den_kulissen_nsu_h264.mp4 NSU-Untersuchungsausschuss in Thüringen und NSU-Untersuchungsausschuss des Bundestages, über die Mordserie des NSU, das System der V-Leute und die Rolle des Verfassungsschutzes. Zwölf Jahre lang konnte der „Nationalsozialistische Untergrund“ (NSU) unerkannt in Deutschland eine rassistische Mordserie an neun migrantischen Gewerbetreibenden, zwei Bombenanschläge mit mehr als zwanzig Verletzten, den Mord an einer jungen Polizistin sowie ein Dutzend Banküberfälle verüben. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5287.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5287-de-en-hinter_den_kulissen_nsu_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5287-de-en-hinter_den_kulissen_nsu_h264.mp4 2012-12-27T00:00:00+01:00 Heike Kleffner, Katharina König No 29c3 NSU-Untersuchungsausschuss in Thüringen und NSU-Untersuchungsausschuss des Bundestages, über die Mordserie des NSU, das System der V-Leute und die Rolle des Verfassungsschutzes. Zwölf Jahre lang konnte der „Nationalsozialistische Untergrund“ (NSU) unerkannt in Deutschland eine rassistische Mordserie an neun migrantischen Gewerbetreibenden, zwei Bombenanschläge mit mehr als zwanzig Verletzten, den Mord an einer jungen Polizistin sowie ein Dutzend Banküberfälle verüben. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5287.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5287-de-en-hinter_den_kulissen_nsu_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5289-de-en-meldegesetz_h264.mp4 Meldegesetz und der erfolgreiche Protest dagegen. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5289.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5289-de-en-meldegesetz_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5289-de-en-meldegesetz_h264.mp4 2012-12-28T00:00:00+01:00 Katharina Nocun, Rena Tangens No 29c3 Was aus dem 57-Sekunden-Gesetz wurde Meldegesetz und der erfolgreiche Protest dagegen. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5289.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5289-de-en-meldegesetz_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5299-de-en-best_of_verfassungsschutz_h264.mp4 Verfassungsschutzskandale gibt es nicht erst seit der Entdeckung des NSU vor einem Jahr. Vorgestellt werden: sie Affaire Traube, der Schmücker-Prozess, das Celler Loch, die Vulkan-Affaire, der Anschlagsversuch auf das Jüdische Gemeindehaus West-Berlin, vier Jahrzehnte Beobachtung von Rolf Gössner. Vielleicht sind aber gar nicht die Pannen der Skandal, sondern vielmehr der ganz gewöhnliche Alltag des Verfassungsschutzes. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5299.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5299-de-en-best_of_verfassungsschutz_h264.html Sun, 30 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5299-de-en-best_of_verfassungsschutz_h264.mp4 2012-12-30T00:00:00+01:00 Anne Roth No 29c3 Der Verfassungsschutz schützt die Verfassung so wie Zitronenfalter Zitronen falten. Verfassungsschutzskandale gibt es nicht erst seit der Entdeckung des NSU vor einem Jahr. Vorgestellt werden: sie Affaire Traube, der Schmücker-Prozess, das Celler Loch, die Vulkan-Affaire, der Anschlagsversuch auf das Jüdische Gemeindehaus West-Berlin, vier Jahrzehnte Beobachtung von Rolf Gössner. Vielleicht sind aber gar nicht die Pannen der Skandal, sondern vielmehr der ganz gewöhnliche Alltag des Verfassungsschutzes. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5299.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5299-de-en-best_of_verfassungsschutz_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5308-de-en-open_source_schluessel_und_schloesser_h264.mp4 Was bedeutet das Zeitalter offener Designs für die Sicherheit von Schlössern? Zum Beispiel solchen, die auf eine geringe Verbreitung eines Schlüssels setzen? Ein Beispiel sind die sogenannten Hochsicherheitsversionen von Polizeihandschellen. Der Talk zeigt was (und wie) sich in diesem Bereich mit Lasercuttern und 3D Druckern erreichen lässt - sowie welche komplexeren Angriffsziele noch warten. Als Ausweg aus der Problematik kopierbarer Schlüssel gelten digitale Schlösser, aber sie kranken anders an offenen Quellen: sie haben keine! Im Rahmen eines Open Source Lock Projektes haben wir uns daher ein reflashbares Vorhängeschloss angesehen, doch noch ehe wir den Programmieradapter angeschlossen hatten fanden wir eine Schwachstelle der Hardware... Leider kein Einzelfall! about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5308.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5308-de-en-open_source_schluessel_und_schloesser_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5308-de-en-open_source_schluessel_und_schloesser_h264.mp4 2012-12-29T00:00:00+01:00 Jan, mh, Ray No 29c3 Offene Quellen zum Bösen und Guten: von downloadbaren Handschellenschlüsseln zu sicheren elektronischen Schlössern Was bedeutet das Zeitalter offener Designs für die Sicherheit von Schlössern? Zum Beispiel solchen, die auf eine geringe Verbreitung eines Schlüssels setzen? Ein Beispiel sind die sogenannten Hochsicherheitsversionen von Polizeihandschellen. Der Talk zeigt was (und wie) sich in diesem Bereich mit Lasercuttern und 3D Druckern erreichen lässt - sowie welche komplexeren Angriffsziele noch warten. Als Ausweg aus der Problematik kopierbarer Schlüssel gelten digitale Schlösser, aber sie kranken anders an offenen Quellen: sie haben keine! Im Rahmen eines Open Source Lock Projektes haben wir uns daher ein reflashbares Vorhängeschloss angesehen, doch noch ehe wir den Programmieradapter angeschlossen hatten fanden wir eine Schwachstelle der Hardware... Leider kein Einzelfall! about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5308.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5308-de-en-open_source_schluessel_und_schloesser_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5309-de-en-hacker_jeopardy_h264.mp4 about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5309.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5309-de-en-hacker_jeopardy_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5309-de-en-hacker_jeopardy_h264.mp4 2012-12-28T00:00:00+01:00 Ray, Stefan 'Sec' Zehl No 29c3 Zahlenraten für Geeks about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5309.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5309-de-en-hacker_jeopardy_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5319-en-certificate_authority_collapse_h264.mp4 Hypertext Transfer Protocol Secure (HTTPS) has evolved into the de facto standard for secure web browsing. But in the security community, it has long been known that HTTPS is fundamentally broken, and this has been confirmed by alarming hacks and security breaches at several Certificate Authorities (CAs). To tackle the global collapse of trust in these central mediators of HTTPS communications and to augment HTTPS security, the EU has launched a proposal for strict regulation. Will these efforts succeed? about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5319.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5319-en-certificate_authority_collapse_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5319-en-certificate_authority_collapse_h264.mp4 2012-12-28T00:00:00+01:00 axelarnbak No 29c3 Will the EU Succeed in Regulating HTTPS? Hypertext Transfer Protocol Secure (HTTPS) has evolved into the de facto standard for secure web browsing. But in the security community, it has long been known that HTTPS is fundamentally broken, and this has been confirmed by alarming hacks and security breaches at several Certificate Authorities (CAs). To tackle the global collapse of trust in these central mediators of HTTPS communications and to augment HTTPS security, the EU has launched a proposal for strict regulation. Will these efforts succeed? about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5319.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5319-en-certificate_authority_collapse_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5323-de-en-pflanzenhacken_richtig_h264.mp4 Der Vortrag handelt über Getreidezüchtung. Am Beispiel von Weizen soll der langjährige Prozess beschrieben werden, den es benötigt, um eine neue Sorte auf den Markt zu bringen. Es sollen die biologischen Grundlagen sowie die benötigte Technik vorgestellt werden. Außerdem wird auf die Problematik eingegangen, die die Konzentration des Marktes auf wenige große Konzerne mit sich bringt. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5323.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5323-de-en-pflanzenhacken_richtig_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5323-de-en-pflanzenhacken_richtig_h264.mp4 2012-12-29T00:00:00+01:00 Alexander No 29c3 Einblicke in die Weizenzüchtung Der Vortrag handelt über Getreidezüchtung. Am Beispiel von Weizen soll der langjährige Prozess beschrieben werden, den es benötigt, um eine neue Sorte auf den Markt zu bringen. Es sollen die biologischen Grundlagen sowie die benötigte Technik vorgestellt werden. Außerdem wird auf die Problematik eingegangen, die die Konzentration des Marktes auf wenige große Konzerne mit sich bringt. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5323.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5323-de-en-pflanzenhacken_richtig_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5327-en-writing_a_thumbdrive_from_scratch_h264.mp4 This action-packed lecture presents the inner workings of the author's from-scratch implementation of a USB Mass Storage disk in user-land Python, along with some embarrassing bugs in operating systems that support such disks. The lecture concludes with an introduction to Active Antiforensics, in which a thumbdrive's own firmware can recognize and defend itself against disk imaging and other forensic tools. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5327.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5327-en-writing_a_thumbdrive_from_scratch_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5327-en-writing_a_thumbdrive_from_scratch_h264.mp4 2012-12-29T00:00:00+01:00 Travis Goodspeed No 29c3 Prototyping Active Disk Antiforensics This action-packed lecture presents the inner workings of the author's from-scratch implementation of a USB Mass Storage disk in user-land Python, along with some embarrassing bugs in operating systems that support such disks. The lecture concludes with an introduction to Active Antiforensics, in which a thumbdrive's own firmware can recognize and defend itself against disk imaging and other forensic tools. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5327.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5327-en-writing_a_thumbdrive_from_scratch_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5333-en-gsm_cell_phone_network_review_h264.mp4 Did you notice 262 42 in your mobile phone network search list at the last CCC events? Did you and your friends buy SIM cards at the PoC and help test the network by calling each other, or by calling through the bridge to the DECT network services? Did you ever wonder about the details of this open source test network, set up by a team of volunteers in the middle of the city? We would like to tell you all the details of the cell phone network we operate at 29C3, and show you some fancy graphs based on the network activity! about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5333.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5333-en-gsm_cell_phone_network_review_h264.html Sun, 30 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5333-en-gsm_cell_phone_network_review_h264.mp4 2012-12-30T00:00:00+01:00 Peter Stuge No 29c3 262 42 - The full spectrum Did you notice 262 42 in your mobile phone network search list at the last CCC events? Did you and your friends buy SIM cards at the PoC and help test the network by calling each other, or by calling through the bridge to the DECT network services? Did you ever wonder about the details of this open source test network, set up by a team of volunteers in the middle of the city? We would like to tell you all the details of the cell phone network we operate at 29C3, and show you some fancy graphs based on the network activity! about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5333.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5333-en-gsm_cell_phone_network_review_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5336-de-en-sprache_ungleichheit_unfreiheit_h264.mp4 Forderungen nach einer gerechten Sprache (also einer Sprache frei von Rassismus, Sexismus und anderen menschenfeindlichen Ideologien) stoßen häufig auf Unverständnis und Ablehnung. Unverständnis, weil statt der sozialen Wirklichkeit die Sprache kritisiert wird, mit der sie beschrieben wird. Ablehnung, weil Sprachkritik häufig als Sprechverbot empfunden wird. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5336.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5336-de-en-sprache_ungleichheit_unfreiheit_h264.html Sun, 30 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5336-de-en-sprache_ungleichheit_unfreiheit_h264.mp4 2012-12-30T00:00:00+01:00 Anatol Stefanovitsch No 29c3 Forderungen nach einer gerechten Sprache (also einer Sprache frei von Rassismus, Sexismus und anderen menschenfeindlichen Ideologien) stoßen häufig auf Unverständnis und Ablehnung. Unverständnis, weil statt der sozialen Wirklichkeit die Sprache kritisiert wird, mit der sie beschrieben wird. Ablehnung, weil Sprachkritik häufig als Sprechverbot empfunden wird. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5336.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5336-de-en-sprache_ungleichheit_unfreiheit_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5338-en-enemies_of_the_state_h264.mp4 With the post 9/11 rise of the leviathan national security state, the rule of law in the United States under the Constitution is increasingly rule by secrecy, surveillance and executive fiat. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5338.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5338-en-enemies_of_the_state_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5338-en-enemies_of_the_state_h264.mp4 2012-12-27T00:00:00+01:00 Jesselyn Radack, Thomas Drake, William Binney No 29c3 Blowing the Whistle on Spying, Lying & Illegalities in the Digital Era With the post 9/11 rise of the leviathan national security state, the rule of law in the United States under the Constitution is increasingly rule by secrecy, surveillance and executive fiat. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5338.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5338-en-enemies_of_the_state_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5374-en-re_igniting_the_crypto_wars_on_the_web_h264.mp4 This talk will give an overview of the ongoing work by the W3C on a controversial general purpose Javascript cryptography API in context of the larger desire to create trusted and encrypted cloud services with rich web applications. Today, cryptography is difficult to use and the Web is an insecure environment at best, but can this situation be improved and cryptography be put in the hands of ordinary developers and users? The W3C specification, currently under development, will be described, as well as its interaction with other parts of the emerging Web Security Model at the W3C and IETF such as Content Security Policy, HTTP Strict Transport Security, and Certificate Transparency. A number of use-cases, ranging from decentralized identity systems to secure cloud services for activists, will be detailed. As the specification will be under active development until autumn 2013, feedback from the hacker community is needed! about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5374.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5374-en-re_igniting_the_crypto_wars_on_the_web_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5374-en-re_igniting_the_crypto_wars_on_the_web_h264.mp4 2012-12-27T00:00:00+01:00 Harry Halpin No 29c3 This talk will give an overview of the ongoing work by the W3C on a controversial general purpose Javascript cryptography API in context of the larger desire to create trusted and encrypted cloud services with rich web applications. Today, cryptography is difficult to use and the Web is an insecure environment at best, but can this situation be improved and cryptography be put in the hands of ordinary developers and users? The W3C specification, currently under development, will be described, as well as its interaction with other parts of the emerging Web Security Model at the W3C and IETF such as Content Security Policy, HTTP Strict Transport Security, and Certificate Transparency. A number of use-cases, ranging from decentralized identity systems to secure cloud services for activists, will be detailed. As the specification will be under active development until autumn 2013, feedback from the hacker community is needed! about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5374.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5374-en-re_igniting_the_crypto_wars_on_the_web_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5379-de-en-jahresrueckblick2012_h264.mp4 Wir schauen nicht zurück im Zorn, aber jetzt auch nicht grade mit Euphorie. Im CCC-Jahresrückblick präsentieren wir Euch einige der hacktivistischen Themen des vergangenen Jahres, an denen der CCC gearbeitet oder sich abgearbeitet hat. Diesmal mit schönen neuen Gesetzen, Hacker-Humor, versäumten Gerichtsterminen, bunten Blinkenlichtern und Iggy Pop. Wir haben uns wirklich das ganze Jahr bemüht, nur in begrenztem Umfange zu prokrastinieren. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5379.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5379-de-en-jahresrueckblick2012_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5379-de-en-jahresrueckblick2012_h264.mp4 2012-12-29T00:00:00+01:00 Constanze Kurz, Dodger, Erdgeist, Frank Rieger No 29c3 Wir schauen nicht zurück im Zorn, aber jetzt auch nicht grade mit Euphorie. Im CCC-Jahresrückblick präsentieren wir Euch einige der hacktivistischen Themen des vergangenen Jahres, an denen der CCC gearbeitet oder sich abgearbeitet hat. Diesmal mit schönen neuen Gesetzen, Hacker-Humor, versäumten Gerichtsterminen, bunten Blinkenlichtern und Iggy Pop. Wir haben uns wirklich das ganze Jahr bemüht, nur in begrenztem Umfange zu prokrastinieren. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5379.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5379-de-en-jahresrueckblick2012_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5380-de-en-staatstrojaner2012_h264.mp4 Wir wissen seit ein paar Jahren, dass der Staat technisch in der Lage ist, die Computer einiger seiner Bürger zu infiltrieren. Aber soll er das auch dürfen? Was hat sich in den letzten Monaten beim Staatstrojaner getan? about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5380.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5380-de-en-staatstrojaner2012_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5380-de-en-staatstrojaner2012_h264.mp4 2012-12-28T00:00:00+01:00 Constanze Kurz, Ulf Buermeyer No 29c3 Spionage-Software von Staats wegen Wir wissen seit ein paar Jahren, dass der Staat technisch in der Lage ist, die Computer einiger seiner Bürger zu infiltrieren. Aber soll er das auch dürfen? Was hat sich in den letzten Monaten beim Staatstrojaner getan? about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5380.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5380-de-en-staatstrojaner2012_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5382-de-en-antiterrordatei_h264.mp4 Am 6. November 2012 war der CCC vor dem Bundesverfassungsgericht zur Anhörung über die Antiterrordatei und die Grenzen polizeilicher Datenverarbeitung geladen. Wir berichten über die Anhörung, die dort vorgebrachten Argumente und die technische Konzeption der ATD. Und wir orakeln über ein mögliches Urteil im nächsten Jahr. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5382.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5382-de-en-antiterrordatei_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5382-de-en-antiterrordatei_h264.mp4 2012-12-27T00:00:00+01:00 Constanze Kurz, Frank Rieger No 29c3 Am 6. November 2012 war der CCC vor dem Bundesverfassungsgericht zur Anhörung über die Antiterrordatei und die Grenzen polizeilicher Datenverarbeitung geladen. Wir berichten über die Anhörung, die dort vorgebrachten Argumente und die technische Konzeption der ATD. Und wir orakeln über ein mögliches Urteil im nächsten Jahr. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5382.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5382-de-en-antiterrordatei_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5384-en-lightning_talks_3_h264.mp4 about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5384.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5384-en-lightning_talks_3_h264.html Sun, 30 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5384-en-lightning_talks_3_h264.mp4 2012-12-30T00:00:00+01:00 Nick Farr No 29c3 5 Minutes of Fame about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5384.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5384-en-lightning_talks_3_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5385-en-not_my_department_h264.mp4 On the topic of resistance. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5385.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5385-en-not_my_department_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5385-en-not_my_department_h264.mp4 2012-12-27T00:00:00+01:00 Jacob Appelbaum No 29c3 On the topic of resistance. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5385.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5385-en-not_my_department_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5393-en-milking_the_digital_cash_cow_h264.mp4 Contactless smartcards have become widespread for applications such as ticketing, access control, identification and payments. Side-channel analysis (SCA) is a powerful type of passive implementation attack that enables to extract the secret keys of cryptographic devices. At the example of NXP's Mifare DESfire MF3ICD40 smartcards we demonstrate that SCA attacks can be applied to cryptographic RFID devices: By exploiting the electro-magnetic information leakage of the cards, its cryptographic keys are revealed. We introduce our open-source tools for analyzing contactless smartcards, i.e., an ISO 14443 RFID reader (http://sourceforge.net/projects/reader14443) and the card emulator Chameleon (http://sourceforge.net/projects/chameleon14443). We then present the probably worst realization of a commercial contactless payment system ever and detail on various real-world attacks on this widespread (in Germany) system, e.g., how to 'milk the digital cash cow' by modifying the credit balance and convert zeros and ones into real money. The content of the talk is joint work with Ingo von Maurich, David Oswald and Christof Paar. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5393.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5393-en-milking_the_digital_cash_cow_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5393-en-milking_the_digital_cash_cow_h264.mp4 2012-12-29T00:00:00+01:00 Timo Kasper No 29c3 Extracting Secret Keys of Contactless Smartcards Contactless smartcards have become widespread for applications such as ticketing, access control, identification and payments. Side-channel analysis (SCA) is a powerful type of passive implementation attack that enables to extract the secret keys of cryptographic devices. At the example of NXP's Mifare DESfire MF3ICD40 smartcards we demonstrate that SCA attacks can be applied to cryptographic RFID devices: By exploiting the electro-magnetic information leakage of the cards, its cryptographic keys are revealed. We introduce our open-source tools for analyzing contactless smartcards, i.e., an ISO 14443 RFID reader (http://sourceforge.net/projects/reader14443) and the card emulator Chameleon (http://sourceforge.net/projects/chameleon14443). We then present the probably worst realization of a commercial contactless payment system ever and detail on various real-world attacks on this widespread (in Germany) system, e.g., how to 'milk the digital cash cow' by modifying the credit balance and convert zeros and ones into real money. The content of the talk is joint work with Ingo von Maurich, David Oswald and Christof Paar. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5393.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5393-en-milking_the_digital_cash_cow_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5396-de-en-gender_studies_informatik_h264.mp4 Weltbilder der Informatik sind in mancher Hinsicht denen in der Hacker- und Hackerinnen-Community nicht unähnlich. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5396.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5396-de-en-gender_studies_informatik_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5396-de-en-gender_studies_informatik_h264.mp4 2012-12-28T00:00:00+01:00 Britta Schinzel No 29c3 Weltbilder der Informatik sind in mancher Hinsicht denen in der Hacker- und Hackerinnen-Community nicht unähnlich. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5396.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5396-de-en-gender_studies_informatik_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5398-en-closing_event2012_h264.mp4 Some facts and stats about Congress, plus stories and legends. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5398.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5398-en-closing_event2012_h264.html Sun, 30 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5398-en-closing_event2012_h264.mp4 2012-12-30T00:00:00+01:00 bios No 29c3 Some facts and stats about Congress, plus stories and legends. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5398.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5398-en-closing_event2012_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5399-en-opening_event_h264.mp4 about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5399.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5399-en-opening_event_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5399-en-opening_event_h264.mp4 2012-12-27T00:00:00+01:00 bios No 29c3 about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5399.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5399-en-opening_event_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5400-en-hacking_cisco_phones_h264.mp4 We discuss a set of 0-day kernel vulnerabilities in CNU (Cisco Native Unix), the operating system that powers all Cisco TNP IP phones. We demonstrate the reliable exploitation of all Cisco TNP phones via multiple vulnerabilities found in the CNU kernel. We demonstrate practical covert surveillance using constant, stealthy exfiltration of microphone data via a number of covert channels. We also demonstrate the worm-like propagation of our CNU malware, which can quickly compromise all vulnerable Cisco phones on the network. We discuss the feasibility of our attacks given physical access, internal network access and remote access across the internet. Lastly, we built on last year's presentation by discussing the feasibility of exploiting Cisco phones from compromised HP printers and vice versa. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5400.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5400-en-hacking_cisco_phones_h264.html Thu, 27 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5400-en-hacking_cisco_phones_h264.mp4 2012-12-27T00:00:00+01:00 Ang Cui, Michael Costello No 29c3 Just because you are paranoid doesn't mean your phone isn't listening to everything you say We discuss a set of 0-day kernel vulnerabilities in CNU (Cisco Native Unix), the operating system that powers all Cisco TNP IP phones. We demonstrate the reliable exploitation of all Cisco TNP phones via multiple vulnerabilities found in the CNU kernel. We demonstrate practical covert surveillance using constant, stealthy exfiltration of microphone data via a number of covert channels. We also demonstrate the worm-like propagation of our CNU malware, which can quickly compromise all vulnerable Cisco phones on the network. We discuss the feasibility of our attacks given physical access, internal network access and remote access across the internet. Lastly, we built on last year's presentation by discussing the feasibility of exploiting Cisco phones from compromised HP printers and vice versa. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5400.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5400-en-hacking_cisco_phones_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5401-de-en-der_mord_faellt_aus_h264.mp4 Die Debatte um die Tarifreform der GEMA war eines der großen Themen des Jahres 2012: Die Verwertungsgesellschaft geriet quer durch alle politischen Lager und gesellschaftlichen Schichten in die Kritik, die Warnungen vor einem großen Clubsterben wurden von Tausenden auf die Straße getragen. Dies steigerte auch das Interesse an der »Cultural Commons Collecting Society« (C3S), einem Graswurzelprojekt zur Gründung einer neuen, modernen und internetverstehenden Verwertungsgesellschaft, die u. a. auch vollen Support für Creative-Commons-Lizenzen bieten soll. 2012 war daher auch ein ereignisreiches Jahr für dieses Projekt, und 2013 sollen nach Plan die Gründung als Europäische Genossenschaft und die Antragsstellung beim Deutschen Patent- und Markenamt folgen. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5401.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5401-de-en-der_mord_faellt_aus_h264.html Fri, 28 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5401-de-en-der_mord_faellt_aus_h264.mp4 2012-12-28T00:00:00+01:00 Christoph Scheid, m.eik, Meinhard Starostik No 29c3 Ein Werkstattbericht der GEMA-Alternative C3S Die Debatte um die Tarifreform der GEMA war eines der großen Themen des Jahres 2012: Die Verwertungsgesellschaft geriet quer durch alle politischen Lager und gesellschaftlichen Schichten in die Kritik, die Warnungen vor einem großen Clubsterben wurden von Tausenden auf die Straße getragen. Dies steigerte auch das Interesse an der »Cultural Commons Collecting Society« (C3S), einem Graswurzelprojekt zur Gründung einer neuen, modernen und internetverstehenden Verwertungsgesellschaft, die u. a. auch vollen Support für Creative-Commons-Lizenzen bieten soll. 2012 war daher auch ein ereignisreiches Jahr für dieses Projekt, und 2013 sollen nach Plan die Gründung als Europäische Genossenschaft und die Antragsstellung beim Deutschen Patent- und Markenamt folgen. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5401.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5401-de-en-der_mord_faellt_aus_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5402-en-russias_surveillance_state_h264.mp4 Privacy International, Agentura.Ru, the Russian secret services watchdog, and Citizen Lab have joined forces to launch a new project entitled 'Russia’s Surveillance State'. The aims of the project are to undertake research and investigation into surveillance practices in Russia, including the trade in and use of surveillance technologies, and to publicise research and investigative findings to improve national and international awareness of surveillance and secrecy practices in Russia. The project is made possible with support from the Canada Centre for Global Security Studies, Munk School of Global Affairs, at the University of Toronto. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5402.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5402-en-russias_surveillance_state_h264.html Sat, 29 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5402-en-russias_surveillance_state_h264.mp4 2012-12-29T00:00:00+01:00 Andrei Soldatov No 29c3 Privacy International, Agentura.Ru, the Russian secret services watchdog, and Citizen Lab have joined forces to launch a new project entitled 'Russia’s Surveillance State'. The aims of the project are to undertake research and investigation into surveillance practices in Russia, including the trade in and use of surveillance technologies, and to publicise research and investigative findings to improve national and international awareness of surveillance and secrecy practices in Russia. The project is made possible with support from the Canada Centre for Global Security Studies, Munk School of Global Affairs, at the University of Toronto. about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5402.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5402-en-russias_surveillance_state_h264.html http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5404-en-noc_review_h264.mp4 about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5404.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5404-en-noc_review_h264.html Sun, 30 Dec 2012 00:00:00 +0100 http://ftp.ccc.de/congress/2012/mp4-h264-HQ/29c3-5404-en-noc_review_h264.mp4 2012-12-30T00:00:00+01:00 Kay No 29c3 NOC Review about the 29C3 about this event: http://events.ccc.de/congress/2012/Fahrplan/events/5404.en.html event on media: http://media.ccc.de/browse/congress/2012/29c3-5404-en-noc_review_h264.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-18_12_00_-_geheimnisse_des_kleinen_mannes_-_dominik_george_-_jochim_selzer_-_89.mp4 Bei der E-Mail-Kommunikation kommt Verschlüsselung auch unter Datenschutzgesichtspunkten eine wichtige Rolle zu. Die meisten Mails werden heute durch Infrastrukturen geschickt, bei denen man wenigstens damit rechnen, wenn nicht sogar davon ausgehen muss, dass eine dritte Partei mitliest. Besonders die gesellschaftlichen Auswirkungen und Möglichkeiten für jede Privatperson, sich selber zu schützen, möchten wir genauer beleuchten. about this event: https://program.sigint.ccc.de/fahrplan/events/89.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-18_12_00_-_geheimnisse_des_kleinen_mannes_-_dominik_george_-_jochim_selzer_-_89.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-18_12_00_-_geheimnisse_des_kleinen_mannes_-_dominik_george_-_jochim_selzer_-_89.mp4 2012-05-18T00:00:00+02:00 Dominik George, Jochim Selzer No sigint12, Community E-Mail-Sicherheit und persönlicher Datenschutz für Jeden Bei der E-Mail-Kommunikation kommt Verschlüsselung auch unter Datenschutzgesichtspunkten eine wichtige Rolle zu. Die meisten Mails werden heute durch Infrastrukturen geschickt, bei denen man wenigstens damit rechnen, wenn nicht sogar davon ausgehen muss, dass eine dritte Partei mitliest. Besonders die gesellschaftlichen Auswirkungen und Möglichkeiten für jede Privatperson, sich selber zu schützen, möchten wir genauer beleuchten. about this event: https://program.sigint.ccc.de/fahrplan/events/89.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-18_12_00_-_geheimnisse_des_kleinen_mannes_-_dominik_george_-_jochim_selzer_-_89.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-18_20_00_-_pray_to_the_omega_point_-_christian_heller_-_81.mp4 A look at the resonance between certain religious and techno-futuristic concepts, with a strong focus on Teilhard de Chardin as a favorite of cyber-utopians and a sort of proto-Singularitarian, and on Frank Tipler's Omega Point Theory which sees God and Heaven as the result of the universe developing into one huge super computer. about this event: https://program.sigint.ccc.de/fahrplan/events/81.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-18_20_00_-_pray_to_the_omega_point_-_christian_heller_-_81.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-18_20_00_-_pray_to_the_omega_point_-_christian_heller_-_81.mp4 2012-05-18T00:00:00+02:00 Christian Heller No sigint12, Culture Religious ideas and techno-futurism. The Rapture for nerds, Teilhard de Chardin's "Noosphere" and Frank Tipler's "Omega Point Theory". A look at the resonance between certain religious and techno-futuristic concepts, with a strong focus on Teilhard de Chardin as a favorite of cyber-utopians and a sort of proto-Singularitarian, and on Frank Tipler's Omega Point Theory which sees God and Heaven as the result of the universe developing into one huge super computer. about this event: https://program.sigint.ccc.de/fahrplan/events/81.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-18_20_00_-_pray_to_the_omega_point_-_christian_heller_-_81.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-18_21_00_-_tot_sind_wir_noch_lange_nicht_-_m_eik_-_57.mp4 Genügt erst einmal eine neue Verwertungsgesllschaft, oder müssen wir das Urheberrecht neu schreiben, um die Interessen von KünstlerInnen und Öffentlichkeit im digitalen Zeitalter wieder ins Gleichgewicht zu bringen? about this event: https://program.sigint.ccc.de/fahrplan/events/57.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-18_21_00_-_tot_sind_wir_noch_lange_nicht_-_m_eik_-_57.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-18_21_00_-_tot_sind_wir_noch_lange_nicht_-_m_eik_-_57.mp4 2012-05-18T00:00:00+02:00 m.eik No sigint12, Society Wo bleiben Kulturwertmark und Cultural Commons Collecting Society (C3S)? Genügt erst einmal eine neue Verwertungsgesllschaft, oder müssen wir das Urheberrecht neu schreiben, um die Interessen von KünstlerInnen und Öffentlichkeit im digitalen Zeitalter wieder ins Gleichgewicht zu bringen? about this event: https://program.sigint.ccc.de/fahrplan/events/57.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-18_21_00_-_tot_sind_wir_noch_lange_nicht_-_m_eik_-_57.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-18_22_00_-_you_have_a_farmville_gift_request_-_katharina_kinder_-_66.mp4 Wissenschaftlicher, hoffentlich unterhaltsamer Vortrag zum Thema Social Casual Gaming mit Präsentation about this event: https://program.sigint.ccc.de/fahrplan/events/66.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-18_22_00_-_you_have_a_farmville_gift_request_-_katharina_kinder_-_66.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-18_22_00_-_you_have_a_farmville_gift_request_-_katharina_kinder_-_66.mp4 2012-05-18T00:00:00+02:00 Katharina Kinder No sigint12, Society Zu Social Casual Gaming Wissenschaftlicher, hoffentlich unterhaltsamer Vortrag zum Thema Social Casual Gaming mit Präsentation about this event: https://program.sigint.ccc.de/fahrplan/events/66.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-18_22_00_-_you_have_a_farmville_gift_request_-_katharina_kinder_-_66.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-18_23_00_-_hallo_welt_in_assembler_-_christian_heller_-_erlehmann_-_fotografiona_-_82.mp4 Wir halten das Verstehen und Programmieren von Computern für eine lohnenswerte Kompetenz, die so vielen Menschen als möglich vermittelt werden sollte. Hierfür gibt es verschiedene Ansätze, die uns nicht alle zusagen; wir probieren mit "Fiona lernt programmieren" unseren eigenen, mit einigen Besonderheiten (wir fangen in unserer Drei-Leute-Lernzelle low-level mit Assembler an und arbeiten uns von dort bis Python hoch), vergleichen ihn mit anderen; und wollen dafür werben, sich in bedürfnismäßig stark individualisierbaren Hacker-und-(Noch)-nicht-Hacker-Kleingruppen zum gemeinsamen Ausbau der eigenen Fähigkeiten zusammenzufinden. about this event: https://program.sigint.ccc.de/fahrplan/events/82.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-18_23_00_-_hallo_welt_in_assembler_-_christian_heller_-_erlehmann_-_fotografiona_-_82.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-18_23_00_-_hallo_welt_in_assembler_-_christian_heller_-_erlehmann_-_fotografiona_-_82.mp4 2012-05-18T00:00:00+02:00 Christian Heller, erlehmann, Fotografiona No sigint12, Society Programmieren ist das neue Latein. Wie bringen wir es unter unsere Mitmenschen? Wir halten das Verstehen und Programmieren von Computern für eine lohnenswerte Kompetenz, die so vielen Menschen als möglich vermittelt werden sollte. Hierfür gibt es verschiedene Ansätze, die uns nicht alle zusagen; wir probieren mit "Fiona lernt programmieren" unseren eigenen, mit einigen Besonderheiten (wir fangen in unserer Drei-Leute-Lernzelle low-level mit Assembler an und arbeiten uns von dort bis Python hoch), vergleichen ihn mit anderen; und wollen dafür werben, sich in bedürfnismäßig stark individualisierbaren Hacker-und-(Noch)-nicht-Hacker-Kleingruppen zum gemeinsamen Ausbau der eigenen Fähigkeiten zusammenzufinden. about this event: https://program.sigint.ccc.de/fahrplan/events/82.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-18_23_00_-_hallo_welt_in_assembler_-_christian_heller_-_erlehmann_-_fotografiona_-_82.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_12_00_-_the_semantic_web_-_raising_of_the_dead_-_carina_haupt_-_41.mp4 A lot of people say that the semantic web is dead, but why is then google announcing that they plan to make the biggest change in their web search ever by introducing it. So, what is the semantic web actually? Which technologies are behind it? Why was it called dead? And why is it coming back? about this event: https://program.sigint.ccc.de/fahrplan/events/41.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_12_00_-_the_semantic_web_-_raising_of_the_dead_-_carina_haupt_-_41.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_12_00_-_the_semantic_web_-_raising_of_the_dead_-_carina_haupt_-_41.mp4 2012-05-19T00:00:00+02:00 Carina Haupt No sigint12, Science A lot of people say that the semantic web is dead, but why is then google announcing that they plan to make the biggest change in their web search ever by introducing it. So, what is the semantic web actually? Which technologies are behind it? Why was it called dead? And why is it coming back? about this event: https://program.sigint.ccc.de/fahrplan/events/41.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_12_00_-_the_semantic_web_-_raising_of_the_dead_-_carina_haupt_-_41.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_13_00_-_android_security_-_thuxnder_-_29.mp4 Probleme und Lösungsansätze beim Analysieren von Android Applikationen. Woran vorhandene Tools beim disassemblieren scheitern und welche Obfuscationtechniken dem Reverse Engineerer die Arbeit schwer machen. about this event: https://program.sigint.ccc.de/fahrplan/events/29.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_13_00_-_android_security_-_thuxnder_-_29.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_13_00_-_android_security_-_thuxnder_-_29.mp4 2012-05-19T00:00:00+02:00 thuxnder No sigint12, Hacking bringing x86 fuckups to dalvik Probleme und Lösungsansätze beim Analysieren von Android Applikationen. Woran vorhandene Tools beim disassemblieren scheitern und welche Obfuscationtechniken dem Reverse Engineerer die Arbeit schwer machen. about this event: https://program.sigint.ccc.de/fahrplan/events/29.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_13_00_-_android_security_-_thuxnder_-_29.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_15_00_-_lightning_talks_-_nick_farr_-_3.mp4 Lighting talks are 4-5 minute talks by you! about this event: https://program.sigint.ccc.de/fahrplan/events/3.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_15_00_-_lightning_talks_-_nick_farr_-_3.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_15_00_-_lightning_talks_-_nick_farr_-_3.mp4 2012-05-19T00:00:00+02:00 Nick Farr No sigint12, Community Lighting talks are 4-5 minute talks by you! about this event: https://program.sigint.ccc.de/fahrplan/events/3.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_15_00_-_lightning_talks_-_nick_farr_-_3.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_18_00_-_geeks_und_depressionen_-_stephan_tomate_urbach_-_johl_-_28.mp4 Geeks haben Depressionen - sprechen wir endlich darüber. about this event: https://program.sigint.ccc.de/fahrplan/events/28.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_18_00_-_geeks_und_depressionen_-_stephan_tomate_urbach_-_johl_-_28.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_18_00_-_geeks_und_depressionen_-_stephan_tomate_urbach_-_johl_-_28.mp4 2012-05-19T00:00:00+02:00 Stephan "tomate" Urbach, johl No sigint12, Community Erfahrungen, Einzelschicksale und Gegenstrategien Geeks haben Depressionen - sprechen wir endlich darüber. about this event: https://program.sigint.ccc.de/fahrplan/events/28.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_18_00_-_geeks_und_depressionen_-_stephan_tomate_urbach_-_johl_-_28.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_19_00_-_der_inhalt_dieses_vortrags_ist_in_deinem_land_leider_nicht_verfugbar_-_maurice_van_brast_-_60.mp4 Der Vortrag beschäftigt sich mit den Versuchen von Einzelpersonen, Unternehmen und politischen Organisationen, dezentrale Kommunikationssysteme zu kontrollieren und diese für den Erhalt der eigenen Art zu nutzen. Gemäß dem Motto: „Der Zweck heiligt die Mittel, und sei es mit Zensur!“ Ebenfalls im Vortrag enthalten ist die Darstellung evolutionsbedingter Schwachstellen in den jeweiligen zum Einsatz kommenden Systemen und ihrer Funktion als natürlicher Schutzmechanismus. Der Vortrag umfasst die Bereiche Gesellschaft, Politik und Kultur. about this event: https://program.sigint.ccc.de/fahrplan/events/60.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_19_00_-_der_inhalt_dieses_vortrags_ist_in_deinem_land_leider_nicht_verfugbar_-_maurice_van_brast_-_60.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_19_00_-_der_inhalt_dieses_vortrags_ist_in_deinem_land_leider_nicht_verfugbar_-_maurice_van_brast_-_60.mp4 2012-05-19T00:00:00+02:00 Maurice van Brast No sigint12, Society oder wie man in einen Walfisch klettert, ohne ihn dabei zu berühren Der Vortrag beschäftigt sich mit den Versuchen von Einzelpersonen, Unternehmen und politischen Organisationen, dezentrale Kommunikationssysteme zu kontrollieren und diese für den Erhalt der eigenen Art zu nutzen. Gemäß dem Motto: „Der Zweck heiligt die Mittel, und sei es mit Zensur!“ Ebenfalls im Vortrag enthalten ist die Darstellung evolutionsbedingter Schwachstellen in den jeweiligen zum Einsatz kommenden Systemen und ihrer Funktion als natürlicher Schutzmechanismus. Der Vortrag umfasst die Bereiche Gesellschaft, Politik und Kultur. about this event: https://program.sigint.ccc.de/fahrplan/events/60.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_19_00_-_der_inhalt_dieses_vortrags_ist_in_deinem_land_leider_nicht_verfugbar_-_maurice_van_brast_-_60.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_20_00_-_social_media_burgerkrieg_-_ertraeglichkeit_-_62.mp4 Der Begriff der Facebook-Revolution unterstellt eine umstandslose Demokratisierung in der Phase des Arabischen Frühlings. Darauf postuliert Evgeny Morozov:„Stop pretending that social media will democratize the world“. Der Gegenentwurf zur Facebook-Revolution ist der Social Media Bürgerkrieg. Er war zuerst auf europäischem Boden ausgetragen, in den Ausschreitungen von London 2011. Eine digitale Bürgerwehr jagt dort mit Hilfe von Social Media und Gesichtserkennung vermeintliche Plünderer und verletzt dabei etliche Bürgerrechte. about this event: https://program.sigint.ccc.de/fahrplan/events/62.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_20_00_-_social_media_burgerkrieg_-_ertraeglichkeit_-_62.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_20_00_-_social_media_burgerkrieg_-_ertraeglichkeit_-_62.mp4 2012-05-19T00:00:00+02:00 Ertraeglichkeit No sigint12, Society Digitale Bürgerwehr entdeckt Gesichtserkennung Der Begriff der Facebook-Revolution unterstellt eine umstandslose Demokratisierung in der Phase des Arabischen Frühlings. Darauf postuliert Evgeny Morozov:„Stop pretending that social media will democratize the world“. Der Gegenentwurf zur Facebook-Revolution ist der Social Media Bürgerkrieg. Er war zuerst auf europäischem Boden ausgetragen, in den Ausschreitungen von London 2011. Eine digitale Bürgerwehr jagt dort mit Hilfe von Social Media und Gesichtserkennung vermeintliche Plünderer und verletzt dabei etliche Bürgerrechte. about this event: https://program.sigint.ccc.de/fahrplan/events/62.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_20_00_-_social_media_burgerkrieg_-_ertraeglichkeit_-_62.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_21_00_-_feminismus_fur_nerds_-_philip_steffan_-_73.mp4 Feminismus, dazu haben alle eine Meinung. Wird online diskutiert, redet man aber oft aneinander vorbei. Das muss nicht sein! In diesem Crash-Kurs gibt's in einer Stunde die Konzepte und Begriffe inklusive Quellen zum Weiterlesen. about this event: https://program.sigint.ccc.de/fahrplan/events/73.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_21_00_-_feminismus_fur_nerds_-_philip_steffan_-_73.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_21_00_-_feminismus_fur_nerds_-_philip_steffan_-_73.mp4 2012-05-19T00:00:00+02:00 Philip Steffan No sigint12, Society Mitreden können für 0 Euro Feminismus, dazu haben alle eine Meinung. Wird online diskutiert, redet man aber oft aneinander vorbei. Das muss nicht sein! In diesem Crash-Kurs gibt's in einer Stunde die Konzepte und Begriffe inklusive Quellen zum Weiterlesen. about this event: https://program.sigint.ccc.de/fahrplan/events/73.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_21_00_-_feminismus_fur_nerds_-_philip_steffan_-_73.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_22_00_-_code_versus_daten_ein_perspektivwechsel_-_moritz_heidkamp_-_103.mp4 Wenn wir an Code und Daten denken, dann denken wir meistens an zwei grundverschiedene Dinge: Auf der einen Seite stehen Operationen, Prozeduren und Aktionen und auf der anderen Seite Objekte, Werte oder Strukturen. Code arbeitet, Daten werden verarbeitet. Code ist aktiv, Daten sind passiv. Code ist Java, Daten sind XML. Doch ist diese Trennung wirklich so streng wie sie erscheint? Oder besteht sie vielleicht überhaupt nicht? Was passiert, wenn wir Code als Daten und Daten als Code behandeln? about this event: https://program.sigint.ccc.de/fahrplan/events/103.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_22_00_-_code_versus_daten_ein_perspektivwechsel_-_moritz_heidkamp_-_103.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-19_22_00_-_code_versus_daten_ein_perspektivwechsel_-_moritz_heidkamp_-_103.mp4 2012-05-19T00:00:00+02:00 Moritz Heidkamp No sigint12, Hacking Wenn wir an Code und Daten denken, dann denken wir meistens an zwei grundverschiedene Dinge: Auf der einen Seite stehen Operationen, Prozeduren und Aktionen und auf der anderen Seite Objekte, Werte oder Strukturen. Code arbeitet, Daten werden verarbeitet. Code ist aktiv, Daten sind passiv. Code ist Java, Daten sind XML. Doch ist diese Trennung wirklich so streng wie sie erscheint? Oder besteht sie vielleicht überhaupt nicht? Was passiert, wenn wir Code als Daten und Daten als Code behandeln? about this event: https://program.sigint.ccc.de/fahrplan/events/103.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-19_22_00_-_code_versus_daten_ein_perspektivwechsel_-_moritz_heidkamp_-_103.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-20_12_00_-_gesetze_hacken_-_dodger_-_6.mp4 Vorstellung und aktueller Stand der Volksinitiative "Transparenz schafft Vertrauen" für die einführung eines Transparenzgesetzes in Hamburg about this event: https://program.sigint.ccc.de/fahrplan/events/6.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-20_12_00_-_gesetze_hacken_-_dodger_-_6.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-20_12_00_-_gesetze_hacken_-_dodger_-_6.mp4 2012-05-20T00:00:00+02:00 dodger No sigint12, Politics Stand der Volksinitiative zum Transparenzgesetzers Hamburg Vorstellung und aktueller Stand der Volksinitiative "Transparenz schafft Vertrauen" für die einführung eines Transparenzgesetzes in Hamburg about this event: https://program.sigint.ccc.de/fahrplan/events/6.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-20_12_00_-_gesetze_hacken_-_dodger_-_6.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-20_13_00_-_integrity_is_doing_the_right_thing_even_if_nobody_is_watching_-_tante_-_30.mp4 Wenn wir ehrlich sind dann ist die Hackerethik, auf die wir uns fast alle berufen, aus vielen Gründen ziemlich unbrauchbar und es ist Zeit dieses Problem zu reparieren. In diesem Vortrag werde ich kurz zeigen, warum die bestehende Ethik nicht gut genug ist und dann aus der Definition des Hackers versuchen eine neue Ethik für eine vernetzte Welt abzuleiten. about this event: https://program.sigint.ccc.de/fahrplan/events/30.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-20_13_00_-_integrity_is_doing_the_right_thing_even_if_nobody_is_watching_-_tante_-_30.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-20_13_00_-_integrity_is_doing_the_right_thing_even_if_nobody_is_watching_-_tante_-_30.mp4 2012-05-20T00:00:00+02:00 tante No sigint12, Community Eine neue Hackerethik Wenn wir ehrlich sind dann ist die Hackerethik, auf die wir uns fast alle berufen, aus vielen Gründen ziemlich unbrauchbar und es ist Zeit dieses Problem zu reparieren. In diesem Vortrag werde ich kurz zeigen, warum die bestehende Ethik nicht gut genug ist und dann aus der Definition des Hackers versuchen eine neue Ethik für eine vernetzte Welt abzuleiten. about this event: https://program.sigint.ccc.de/fahrplan/events/30.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-20_13_00_-_integrity_is_doing_the_right_thing_even_if_nobody_is_watching_-_tante_-_30.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-20_14_00_-_lightning_talks_-_nick_farr_-_112.mp4 Your talk can be about a program, a system, a technique, some hardware - or about a cool project, or some strange idea. You may also give us an idea about your real talk, announce your workshop or tell us about your booth. Or you could simply ask people to join you for some DOS attack of the next food store, announcing a key signing party, or maybe a *real* party. Whatever it is... be brief. Four minutes is all you get, possibly five if the audience likes you! Slides all run from one machine, see the SIGINT wiki for more instructions! about this event: https://program.sigint.ccc.de/fahrplan/events/112.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-20_14_00_-_lightning_talks_-_nick_farr_-_112.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-20_14_00_-_lightning_talks_-_nick_farr_-_112.mp4 2012-05-20T00:00:00+02:00 Nick Farr No sigint12, Community Your talk can be about a program, a system, a technique, some hardware - or about a cool project, or some strange idea. You may also give us an idea about your real talk, announce your workshop or tell us about your booth. Or you could simply ask people to join you for some DOS attack of the next food store, announcing a key signing party, or maybe a *real* party. Whatever it is... be brief. Four minutes is all you get, possibly five if the audience likes you! Slides all run from one machine, see the SIGINT wiki for more instructions! about this event: https://program.sigint.ccc.de/fahrplan/events/112.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-20_14_00_-_lightning_talks_-_nick_farr_-_112.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-20_15_00_-_android_analysis_framework_-_pleed_-_thuxnder_-_24.mp4 Der Vortrag behandelt Techniken und Werkzeuge zur Programmanalyse mit dem Fokus auf Android Applikationen. Die besondere Systemumgebung bietet eine Basis zur neuen Herangehensweise beim Thema Reverse-Engineering. about this event: https://program.sigint.ccc.de/fahrplan/events/24.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-20_15_00_-_android_analysis_framework_-_pleed_-_thuxnder_-_24.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-20_15_00_-_android_analysis_framework_-_pleed_-_thuxnder_-_24.mp4 2012-05-20T00:00:00+02:00 pleed, thuxnder No sigint12, Hacking dex reversing in deep Der Vortrag behandelt Techniken und Werkzeuge zur Programmanalyse mit dem Fokus auf Android Applikationen. Die besondere Systemumgebung bietet eine Basis zur neuen Herangehensweise beim Thema Reverse-Engineering. about this event: https://program.sigint.ccc.de/fahrplan/events/24.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-20_15_00_-_android_analysis_framework_-_pleed_-_thuxnder_-_24.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-20_16_00_-_seccomp_sandbox_konzepte_-_johannes_-_36.mp4 Mit Seccomp können unter Linux Threads und Prozesse in ihren Syscalls beschränkt werden. Dies kann benutzt werden um Sandboxes zu bauen, die das Betriebssystem vor nicht vertrauenwürdigem Code schützen. Ich werde die verschiedenen Betriebsmodi von Seccomp vorstellen. Darauf aufbauend werde ich verschiedene Konzepte vorstellen wie damit Sandboxes gebaut werden können. about this event: https://program.sigint.ccc.de/fahrplan/events/36.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-20_16_00_-_seccomp_sandbox_konzepte_-_johannes_-_36.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-20_16_00_-_seccomp_sandbox_konzepte_-_johannes_-_36.mp4 2012-05-20T00:00:00+02:00 johannes No sigint12, Hacking Mit Seccomp können unter Linux Threads und Prozesse in ihren Syscalls beschränkt werden. Dies kann benutzt werden um Sandboxes zu bauen, die das Betriebssystem vor nicht vertrauenwürdigem Code schützen. Ich werde die verschiedenen Betriebsmodi von Seccomp vorstellen. Darauf aufbauend werde ich verschiedene Konzepte vorstellen wie damit Sandboxes gebaut werden können. about this event: https://program.sigint.ccc.de/fahrplan/events/36.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-20_16_00_-_seccomp_sandbox_konzepte_-_johannes_-_36.html http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-20_18_00_-_blinkenwall_reloaded_-_stefan_schuermans_-_63.mp4 The talk is report of how a large LED display with 23040 LEDs was reverse-engineered and extended to support live black/white video input via Ethernet in a first step and grayscale video in a second step. about this event: https://program.sigint.ccc.de/fahrplan/events/63.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-20_18_00_-_blinkenwall_reloaded_-_stefan_schuermans_-_63.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/konferenz_mp6_og_-_2012-05-20_18_00_-_blinkenwall_reloaded_-_stefan_schuermans_-_63.mp4 2012-05-20T00:00:00+02:00 Stefan Schuermans No sigint12, Making Extending a large LED display from 1986 to support Ethernet and Grayscales The talk is report of how a large LED display with 23040 LEDs was reverse-engineered and extended to support live black/white video input via Ethernet in a first step and grayscale video in a second step. about this event: https://program.sigint.ccc.de/fahrplan/events/63.html event on media: http://media.ccc.de/browse/conferences/sigint12/konferenz_mp6_og_-_2012-05-20_18_00_-_blinkenwall_reloaded_-_stefan_schuermans_-_63.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_11_00_-_keynote_-_scusi_-_1.mp4 about this event: https://program.sigint.ccc.de/fahrplan/events/1.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_11_00_-_keynote_-_scusi_-_1.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_11_00_-_keynote_-_scusi_-_1.mp4 2012-05-18T00:00:00+02:00 scusi No sigint12 about this event: https://program.sigint.ccc.de/fahrplan/events/1.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_11_00_-_keynote_-_scusi_-_1.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_12_00_-_econnrefused_-_clemens_cap_-_72.mp4 Communication technologies are everywhere but on many occasions we cannot communicate. My laptop cannot read my smart meter, my tablet in the canteen cannot broadcast for a lift to town and my iPhone cannot distribute pictures via Bluetooth – I must use eMail, Facebook or Twitter. Various motivations impede free communication: Expensive services should be used, ads should be viewed, contents, connections and locations are monitored; often communication is prevented completely. In an open society only a single reason seems acceptable to prevent communication: The users of the devices do not want to communicate. This principle of recipient-freedom requires different communication architectures: Our current Internet, contrary to its reputation, still allows monitoring and censoring. The talk describes adaptions to be made in the overall communication architecture, especially to the concepts of identity and adressing. It sketches a virtual network layer on top of traditional PHY and MAC abstractions. about this event: https://program.sigint.ccc.de/fahrplan/events/72.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_12_00_-_econnrefused_-_clemens_cap_-_72.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_12_00_-_econnrefused_-_clemens_cap_-_72.mp4 2012-05-18T00:00:00+02:00 Clemens Cap No sigint12, Science Communication technologies are everywhere but on many occasions we cannot communicate. My laptop cannot read my smart meter, my tablet in the canteen cannot broadcast for a lift to town and my iPhone cannot distribute pictures via Bluetooth – I must use eMail, Facebook or Twitter. Various motivations impede free communication: Expensive services should be used, ads should be viewed, contents, connections and locations are monitored; often communication is prevented completely. In an open society only a single reason seems acceptable to prevent communication: The users of the devices do not want to communicate. This principle of recipient-freedom requires different communication architectures: Our current Internet, contrary to its reputation, still allows monitoring and censoring. The talk describes adaptions to be made in the overall communication architecture, especially to the concepts of identity and adressing. It sketches a virtual network layer on top of traditional PHY and MAC abstractions. about this event: https://program.sigint.ccc.de/fahrplan/events/72.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_12_00_-_econnrefused_-_clemens_cap_-_72.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_13_00_-_hacking_the_leistungsschutzrecht_-_kay_hamacher_-_50.mp4 In der Diskussion über die Zukunft der Medien wird die ständig vorgebrachte Forderung nach Leistungsschutzrechten zum Mantra der traditionellen (Print)medien. Sprecher dieser Interessengruppe argumentieren dabei über die vorgeblich höhere Qualität professioneller Medienmachern gegenüber Bloggern und Co. Die Forderung der (Print)verlage gehen dabei soweit, auch sogenannte "Snippets" - also Phrasen mit nur wenigen Wörtern - als ihr 'Geistiges Eigentum' zu schützen. Daraus ergeben sich nicht nur umfassende Unterlassungsansprüche gegen Dritte bei einer potentiellen oder angenommenen Weiterverbreitung, sondern auch Zahlungs- bzw. Kompensationsansprüche. Aber ist besonders die 'Snippet'-Frage überhaupt realistisch? Wieviele Phrasen kann es überhaupt geben mit nur 4-5 Wörtern? Und: kann man nicht sogar den Raum der möglichen Phrasen kombinatorisch ausprobieren und alle 'sinnvollen' (also gerade nicht "Wir sind Papst") Phrasen extrahieren? Wenn diese dann alle auf einer 'Webseite' stehen, gelten sie dann nicht als bereits publiziert? Zeigt das nicht die Absurdität der Snippet-Debatte? Mit ein paar einfachen Argumenten, werde ich diskutieren, wie wahrscheinlich es ungefähr sein wird, in seinem eigenen Blog aus Zufall eine solche Phrase zu benutzen - und somit der Gefahr einer Abmahnung ausgesetzt zu sein. about this event: https://program.sigint.ccc.de/fahrplan/events/50.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_13_00_-_hacking_the_leistungsschutzrecht_-_kay_hamacher_-_50.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_13_00_-_hacking_the_leistungsschutzrecht_-_kay_hamacher_-_50.mp4 2012-05-18T00:00:00+02:00 Kay Hamacher No sigint12, Society In der Diskussion über die Zukunft der Medien wird die ständig vorgebrachte Forderung nach Leistungsschutzrechten zum Mantra der traditionellen (Print)medien. Sprecher dieser Interessengruppe argumentieren dabei über die vorgeblich höhere Qualität professioneller Medienmachern gegenüber Bloggern und Co. Die Forderung der (Print)verlage gehen dabei soweit, auch sogenannte "Snippets" - also Phrasen mit nur wenigen Wörtern - als ihr 'Geistiges Eigentum' zu schützen. Daraus ergeben sich nicht nur umfassende Unterlassungsansprüche gegen Dritte bei einer potentiellen oder angenommenen Weiterverbreitung, sondern auch Zahlungs- bzw. Kompensationsansprüche. Aber ist besonders die 'Snippet'-Frage überhaupt realistisch? Wieviele Phrasen kann es überhaupt geben mit nur 4-5 Wörtern? Und: kann man nicht sogar den Raum der möglichen Phrasen kombinatorisch ausprobieren und alle 'sinnvollen' (also gerade nicht "Wir sind Papst") Phrasen extrahieren? Wenn diese dann alle auf einer 'Webseite' stehen, gelten sie dann nicht als bereits publiziert? Zeigt das nicht die Absurdität der Snippet-Debatte? Mit ein paar einfachen Argumenten, werde ich diskutieren, wie wahrscheinlich es ungefähr sein wird, in seinem eigenen Blog aus Zufall eine solche Phrase zu benutzen - und somit der Gefahr einer Abmahnung ausgesetzt zu sein. about this event: https://program.sigint.ccc.de/fahrplan/events/50.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_13_00_-_hacking_the_leistungsschutzrecht_-_kay_hamacher_-_50.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_15_00_-_eigentum_sex_cloud_-_mspro_-_julian_finn_-_68.mp4 Das Internet vereinfacht die Organisation des Zugriffs auf soziale und materielle Ressourcen dramatisch. Sowohl die Stellung des Eigentums in der Lebenswelt sowie die Formen des Zusammenlebens verändern sich durch die neuen Möglichkeiten hin zur Freiheit. Julian Finn und Michael Seemann sehen darin die Bausteine einer utopischen Skizze. about this event: https://program.sigint.ccc.de/fahrplan/events/68.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_15_00_-_eigentum_sex_cloud_-_mspro_-_julian_finn_-_68.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_15_00_-_eigentum_sex_cloud_-_mspro_-_julian_finn_-_68.mp4 2012-05-18T00:00:00+02:00 mspro, Julian Finn No sigint12, Society Das Ende der Exklusivität Das Internet vereinfacht die Organisation des Zugriffs auf soziale und materielle Ressourcen dramatisch. Sowohl die Stellung des Eigentums in der Lebenswelt sowie die Formen des Zusammenlebens verändern sich durch die neuen Möglichkeiten hin zur Freiheit. Julian Finn und Michael Seemann sehen darin die Bausteine einer utopischen Skizze. about this event: https://program.sigint.ccc.de/fahrplan/events/68.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_15_00_-_eigentum_sex_cloud_-_mspro_-_julian_finn_-_68.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_16_00_-_spam_spam_spam_-_spam_spit_und_spom_-_ben_fuhrmannek_-_65.mp4 Warum hat der Anwalt eines Onkels aus Süd-Afrika plötzlich Geld für mich aus der Erbschaft des Vaters seines Schwippschwagers? Warum singen betrunkene Python-Programmierer Lieder von Dosenfleisch? Diese und weitere Fragen werden mit Elan gestellt. Die in Teilen literarisch tiefgründige Auseinandersetzung mit ungewollten Botschaften zeigt sowohl die Historie, als auch mögliche Zukuftsszenarien. about this event: https://program.sigint.ccc.de/fahrplan/events/65.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_16_00_-_spam_spam_spam_-_spam_spit_und_spom_-_ben_fuhrmannek_-_65.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_16_00_-_spam_spam_spam_-_spam_spit_und_spom_-_ben_fuhrmannek_-_65.mp4 2012-05-18T00:00:00+02:00 Ben Fuhrmannek No sigint12, Society Eine mehr oder weniger ernst gemeinte Betrachtung der dunklen Ecken des neuartigen Mediums Warum hat der Anwalt eines Onkels aus Süd-Afrika plötzlich Geld für mich aus der Erbschaft des Vaters seines Schwippschwagers? Warum singen betrunkene Python-Programmierer Lieder von Dosenfleisch? Diese und weitere Fragen werden mit Elan gestellt. Die in Teilen literarisch tiefgründige Auseinandersetzung mit ungewollten Botschaften zeigt sowohl die Historie, als auch mögliche Zukuftsszenarien. about this event: https://program.sigint.ccc.de/fahrplan/events/65.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_16_00_-_spam_spam_spam_-_spam_spit_und_spom_-_ben_fuhrmannek_-_65.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_17_00_-_what_you_thought_you_knew_about_c_-_florob_-_56.mp4 This lecture will talk about some aspects of the C programming language that are poorly understood by a large percentage of C programmers. The focus will be on undefined behavior. about this event: https://program.sigint.ccc.de/fahrplan/events/56.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_17_00_-_what_you_thought_you_knew_about_c_-_florob_-_56.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_17_00_-_what_you_thought_you_knew_about_c_-_florob_-_56.mp4 2012-05-18T00:00:00+02:00 Florob No sigint12, Hacking Impacts of undefined behaviour and other C oddities This lecture will talk about some aspects of the C programming language that are poorly understood by a large percentage of C programmers. The focus will be on undefined behavior. about this event: https://program.sigint.ccc.de/fahrplan/events/56.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_17_00_-_what_you_thought_you_knew_about_c_-_florob_-_56.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_18_00_-_sie_haben_das_recht_zu_schweigen_-_udo_vetter_-_97.mp4 about this event: https://program.sigint.ccc.de/fahrplan/events/97.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_18_00_-_sie_haben_das_recht_zu_schweigen_-_udo_vetter_-_97.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_18_00_-_sie_haben_das_recht_zu_schweigen_-_udo_vetter_-_97.mp4 2012-05-18T00:00:00+02:00 Udo Vetter No sigint12, Politics about this event: https://program.sigint.ccc.de/fahrplan/events/97.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_18_00_-_sie_haben_das_recht_zu_schweigen_-_udo_vetter_-_97.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_20_00_-_signal_intelligence_und_electronic_warfare_-_andreas_bogk_-_90.mp4 Immer wieder sterben Journalisten bei der Berichterstattung über Umwälzungen, jüngst in Syrien. Der Vortrag gibt einen Überblick über aktuelle Technologie zur Funkraumüberwachung und Senderortung, und diskutiert mögliche Ansätze, unbemerkt per Funk zu kommunizieren. about this event: https://program.sigint.ccc.de/fahrplan/events/90.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_20_00_-_signal_intelligence_und_electronic_warfare_-_andreas_bogk_-_90.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_20_00_-_signal_intelligence_und_electronic_warfare_-_andreas_bogk_-_90.mp4 2012-05-18T00:00:00+02:00 Andreas Bogk No sigint12, Hacking Wie man nach Hause telefoniert, ohne von einer Rakete getroffen zu werden Immer wieder sterben Journalisten bei der Berichterstattung über Umwälzungen, jüngst in Syrien. Der Vortrag gibt einen Überblick über aktuelle Technologie zur Funkraumüberwachung und Senderortung, und diskutiert mögliche Ansätze, unbemerkt per Funk zu kommunizieren. about this event: https://program.sigint.ccc.de/fahrplan/events/90.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_20_00_-_signal_intelligence_und_electronic_warfare_-_andreas_bogk_-_90.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_21_00_-_minemu_protecting_buggy_binaries_from_memory_corruption_attacks_-_erik_bosman_-_75.mp4 While ASLR and DEP have certainly made it more difficult to exploit modern programs, exploit writers have advanced as well. Practices like return oriented programming and heap spraying often succesfully counter these new defence measures. So the question arises: Can we do more to protect buggy binaries from being exploited? about this event: https://program.sigint.ccc.de/fahrplan/events/75.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_21_00_-_minemu_protecting_buggy_binaries_from_memory_corruption_attacks_-_erik_bosman_-_75.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_21_00_-_minemu_protecting_buggy_binaries_from_memory_corruption_attacks_-_erik_bosman_-_75.mp4 2012-05-18T00:00:00+02:00 Erik Bosman No sigint12, Hacking While ASLR and DEP have certainly made it more difficult to exploit modern programs, exploit writers have advanced as well. Practices like return oriented programming and heap spraying often succesfully counter these new defence measures. So the question arises: Can we do more to protect buggy binaries from being exploited? about this event: https://program.sigint.ccc.de/fahrplan/events/75.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_21_00_-_minemu_protecting_buggy_binaries_from_memory_corruption_attacks_-_erik_bosman_-_75.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_22_15_-_portuguese_electoral_system_autopsy_-_chacal_-_22.mp4 Votes counting distortion of current Portuguese Electoral System. A case study. about this event: https://program.sigint.ccc.de/fahrplan/events/22.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_22_15_-_portuguese_electoral_system_autopsy_-_chacal_-_22.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-18_22_15_-_portuguese_electoral_system_autopsy_-_chacal_-_22.mp4 2012-05-18T00:00:00+02:00 Chacal No sigint12, Society Taking political advantage of rounding errors Votes counting distortion of current Portuguese Electoral System. A case study. about this event: https://program.sigint.ccc.de/fahrplan/events/22.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-18_22_15_-_portuguese_electoral_system_autopsy_-_chacal_-_22.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_11_00_-_als_die_nerds_sauer_wurden_-_stephan_tomate_urbach_-_27.mp4 about this event: https://program.sigint.ccc.de/fahrplan/events/27.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_11_00_-_als_die_nerds_sauer_wurden_-_stephan_tomate_urbach_-_27.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_11_00_-_als_die_nerds_sauer_wurden_-_stephan_tomate_urbach_-_27.mp4 2012-05-19T00:00:00+02:00 Stephan "tomate" Urbach No sigint12, Society Eigentlich wollten wir nur was mit Technik machen about this event: https://program.sigint.ccc.de/fahrplan/events/27.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_11_00_-_als_die_nerds_sauer_wurden_-_stephan_tomate_urbach_-_27.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_12_00_-_freedom_from_the_web_s_monopolies_-_jan-christoph_borchardt_-_78.mp4 The web is not as open as it used to be: monopoly platforms formed new proprietary layers on top of it. Apps always have storage attached to it, forming a package deal of »you get our app, we get your data«. The web's infrastructure has to be re-decentralized by separating web application logic from per-user data storage: Users should be able to use web services they love but keep their life stored in one place they control. At the same time, application developers shouldn't need to bother about providing data storage. And unfortunately, freedom on the web is not achieved by freely licensed web applications, because they still run on servers you can't control. That's why applications should be pure Javascript which runs client-side, all in the browser. It doesn't matter if free or proprietary – everything can be inspected and verified. about this event: https://program.sigint.ccc.de/fahrplan/events/78.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_12_00_-_freedom_from_the_web_s_monopolies_-_jan-christoph_borchardt_-_78.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_12_00_-_freedom_from_the_web_s_monopolies_-_jan-christoph_borchardt_-_78.mp4 2012-05-19T00:00:00+02:00 Jan-Christoph Borchardt No sigint12, Hacking A better architecture for the web, beneficial to both developers and users. The web is not as open as it used to be: monopoly platforms formed new proprietary layers on top of it. Apps always have storage attached to it, forming a package deal of »you get our app, we get your data«. The web's infrastructure has to be re-decentralized by separating web application logic from per-user data storage: Users should be able to use web services they love but keep their life stored in one place they control. At the same time, application developers shouldn't need to bother about providing data storage. And unfortunately, freedom on the web is not achieved by freely licensed web applications, because they still run on servers you can't control. That's why applications should be pure Javascript which runs client-side, all in the browser. It doesn't matter if free or proprietary – everything can be inspected and verified. about this event: https://program.sigint.ccc.de/fahrplan/events/78.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_12_00_-_freedom_from_the_web_s_monopolies_-_jan-christoph_borchardt_-_78.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_13_00_-_virtueller_einbruch_-_constanze_kurz_-_25.mp4 Nach dem Hack des Staatstrojaners von Digitask blieb eine ganze Reihe von Fragen offen. Einige davon lassen sich nun beantworten, andere bleiben ungeklärt. about this event: https://program.sigint.ccc.de/fahrplan/events/25.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_13_00_-_virtueller_einbruch_-_constanze_kurz_-_25.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_13_00_-_virtueller_einbruch_-_constanze_kurz_-_25.mp4 2012-05-19T00:00:00+02:00 Constanze Kurz No sigint12, Politics Update nach dem Staatstrojaner-Hack Nach dem Hack des Staatstrojaners von Digitask blieb eine ganze Reihe von Fragen offen. Einige davon lassen sich nun beantworten, andere bleiben ungeklärt. about this event: https://program.sigint.ccc.de/fahrplan/events/25.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_13_00_-_virtueller_einbruch_-_constanze_kurz_-_25.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_15_00_-_das_recht_der_neuen_ermittlungsmethoden_-_dominik_boecker_-_13.mp4 Neue Ermittlungsbefugnisse für den Staat? about this event: https://program.sigint.ccc.de/fahrplan/events/13.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_15_00_-_das_recht_der_neuen_ermittlungsmethoden_-_dominik_boecker_-_13.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_15_00_-_das_recht_der_neuen_ermittlungsmethoden_-_dominik_boecker_-_13.mp4 2012-05-19T00:00:00+02:00 Dominik Boecker No sigint12, Society Vermag das Strafverfolgungsinteresse beliebige Ermittlungsmethoden zu rechtfertigen? Neue Ermittlungsbefugnisse für den Staat? about this event: https://program.sigint.ccc.de/fahrplan/events/13.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_15_00_-_das_recht_der_neuen_ermittlungsmethoden_-_dominik_boecker_-_13.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_16_00_-_clickjacking_und_ui-redressing_-_marcus_niemietz_-_14.mp4 UI-Redressing ist eine Technik, welche die Veränderung des Verhaltens sowie optional auch des Aussehens einer Webseite beschreibt. Ein im Jahr 2008 eingeführter und sich in der Menge von UI-Redressing befindlicher Angriff wird Clickjacking genannt. Mit der Hilfe des klassischen Clickjacking war es möglich, die Kamera sowie das Mikrofon eines Opfers innerhalb des Adobe Flash Player automatisch für einen Angreifer freizuschalten. Der Vortrag umfasst die zu der Thematik UI-Redressing gehörenden Angriffe, Gegenmaßnahmen und Statistiken. Dabei werden insbesondere neue und bisher unbekannte UI-Redressing- respektive Clickjacking-Techniken in einer Live-Demonstration vorgestellt. Schlussendlich wird diskutiert welchen Einfluss die Thematik auf die Zukunft haben kann. about this event: https://program.sigint.ccc.de/fahrplan/events/14.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_16_00_-_clickjacking_und_ui-redressing_-_marcus_niemietz_-_14.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_16_00_-_clickjacking_und_ui-redressing_-_marcus_niemietz_-_14.mp4 2012-05-19T00:00:00+02:00 Marcus Niemietz No sigint12, Hacking Wie Hacker vorgehen und wie man sich schützen kann UI-Redressing ist eine Technik, welche die Veränderung des Verhaltens sowie optional auch des Aussehens einer Webseite beschreibt. Ein im Jahr 2008 eingeführter und sich in der Menge von UI-Redressing befindlicher Angriff wird Clickjacking genannt. Mit der Hilfe des klassischen Clickjacking war es möglich, die Kamera sowie das Mikrofon eines Opfers innerhalb des Adobe Flash Player automatisch für einen Angreifer freizuschalten. Der Vortrag umfasst die zu der Thematik UI-Redressing gehörenden Angriffe, Gegenmaßnahmen und Statistiken. Dabei werden insbesondere neue und bisher unbekannte UI-Redressing- respektive Clickjacking-Techniken in einer Live-Demonstration vorgestellt. Schlussendlich wird diskutiert welchen Einfluss die Thematik auf die Zukunft haben kann. about this event: https://program.sigint.ccc.de/fahrplan/events/14.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_16_00_-_clickjacking_und_ui-redressing_-_marcus_niemietz_-_14.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_17_00_-_urheberrecht_wer_will_was_von_wem_wofur_und_warum_-_fukami_-_ole_reissmann_-_philipp_otto_-_benno_poppelmann_-_16.mp4 Nicht erst seit Sven Regeners Rant im BR vor einigen Wochen wird das Thema Urheberrecht lauter und auf breiterer Ebene diskutiert. Grade das deutsche Urheberrecht ist relativ komplex und hat viele Aspekte. In dem Panel wollen wir uns einer bestimmten Gruppe widmen, nämlich Journalisten und Autoren. Hintergrund ist, dass grade diese Gruppe in besonderer Gruppe vom digitalen Wandel betroffen ist. Ziel ist dabei, in diesem einen Bereich diskutieren, wie Pauschalvergütung funktioniert, mit welchen speziellen Problemen die Gruppe von Urhebern hat und welche Modelle es in Zukunft geben könnte, about this event: https://program.sigint.ccc.de/fahrplan/events/16.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_17_00_-_urheberrecht_wer_will_was_von_wem_wofur_und_warum_-_fukami_-_ole_reissmann_-_philipp_otto_-_benno_poppelmann_-_16.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_17_00_-_urheberrecht_wer_will_was_von_wem_wofur_und_warum_-_fukami_-_ole_reissmann_-_philipp_otto_-_benno_poppelmann_-_16.mp4 2012-05-19T00:00:00+02:00 fukami, Ole Reissmann, Philipp Otto, Benno Pöppelmann No sigint12, Society Nicht erst seit Sven Regeners Rant im BR vor einigen Wochen wird das Thema Urheberrecht lauter und auf breiterer Ebene diskutiert. Grade das deutsche Urheberrecht ist relativ komplex und hat viele Aspekte. In dem Panel wollen wir uns einer bestimmten Gruppe widmen, nämlich Journalisten und Autoren. Hintergrund ist, dass grade diese Gruppe in besonderer Gruppe vom digitalen Wandel betroffen ist. Ziel ist dabei, in diesem einen Bereich diskutieren, wie Pauschalvergütung funktioniert, mit welchen speziellen Problemen die Gruppe von Urhebern hat und welche Modelle es in Zukunft geben könnte, about this event: https://program.sigint.ccc.de/fahrplan/events/16.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_17_00_-_urheberrecht_wer_will_was_von_wem_wofur_und_warum_-_fukami_-_ole_reissmann_-_philipp_otto_-_benno_poppelmann_-_16.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_19_00_-_stand_der_tk_datenspeicherung_und_vds_debatte_2012_-_malte_spitz_-_104.mp4 Input zum Stand der Debatte um die Vorratsdatenspeicherung und die aktuelle Situation der Speicherung von Telekommunikationsverkehrsdaten bei einzelnen Mobilfunkanbietern. about this event: https://program.sigint.ccc.de/fahrplan/events/104.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_19_00_-_stand_der_tk_datenspeicherung_und_vds_debatte_2012_-_malte_spitz_-_104.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_19_00_-_stand_der_tk_datenspeicherung_und_vds_debatte_2012_-_malte_spitz_-_104.mp4 2012-05-19T00:00:00+02:00 Malte Spitz No sigint12, Politics Was wird gespeichert, wie ist der Stand der Debatte Input zum Stand der Debatte um die Vorratsdatenspeicherung und die aktuelle Situation der Speicherung von Telekommunikationsverkehrsdaten bei einzelnen Mobilfunkanbietern. about this event: https://program.sigint.ccc.de/fahrplan/events/104.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_19_00_-_stand_der_tk_datenspeicherung_und_vds_debatte_2012_-_malte_spitz_-_104.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_20_00_-_the_eu_approach_to_cybersecurity_and_cybercrime_-_ralf_bendrath_-_92.mp4 The upcoming EU directive on "Attacks against Information Systems" has raised some concerns among the hacker community. We will give and overview of the policies and politics behind it, but also put it in the larger context of EU attempts to enhance cybersecurity and fight cybercrime from a critical insider perspective, but also with enough fun. about this event: https://program.sigint.ccc.de/fahrplan/events/92.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_20_00_-_the_eu_approach_to_cybersecurity_and_cybercrime_-_ralf_bendrath_-_92.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_20_00_-_the_eu_approach_to_cybersecurity_and_cybercrime_-_ralf_bendrath_-_92.mp4 2012-05-19T00:00:00+02:00 Ralf Bendrath No sigint12, Politics From the Virtual Schengen Border to Criminalising Hacker Devices The upcoming EU directive on "Attacks against Information Systems" has raised some concerns among the hacker community. We will give and overview of the policies and politics behind it, but also put it in the larger context of EU attempts to enhance cybersecurity and fight cybercrime from a critical insider perspective, but also with enough fun. about this event: https://program.sigint.ccc.de/fahrplan/events/92.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_20_00_-_the_eu_approach_to_cybersecurity_and_cybercrime_-_ralf_bendrath_-_92.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_21_15_-_men_who_stare_at_bits_-_nuit_-_murx_-_64.mp4 Analyse des Datenformats eines real existierenden RFID-basierten bargeldlosen Bezahlsystem. about this event: https://program.sigint.ccc.de/fahrplan/events/64.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_21_15_-_men_who_stare_at_bits_-_nuit_-_murx_-_64.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_21_15_-_men_who_stare_at_bits_-_nuit_-_murx_-_64.mp4 2012-05-19T00:00:00+02:00 nuit, Murx No sigint12, Hacking Die abenteuerliche Analyse des Datenformats eines real existierenden RFID-basierten bargeldosen Bezahlsystems Analyse des Datenformats eines real existierenden RFID-basierten bargeldlosen Bezahlsystem. about this event: https://program.sigint.ccc.de/fahrplan/events/64.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_21_15_-_men_who_stare_at_bits_-_nuit_-_murx_-_64.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_22_15_-_von_ponys_und_drachen_trollen_und_flausch_-_sofakissen_-_map_-_jella_-_madmalik_-_tenkoman_-_58.mp4 My Little Pony spaltet die Netzgemeinde. Aber egal ob man die Serie liebt oder hasst, eins kann man nicht: den bunten Ponys entkommen, die das Netz seit mehr als einem Jahr überfluten. Wir erklären euch, warum My Little Pony mehr als nur ein weiteres Mem ist. about this event: https://program.sigint.ccc.de/fahrplan/events/58.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_22_15_-_von_ponys_und_drachen_trollen_und_flausch_-_sofakissen_-_map_-_jella_-_madmalik_-_tenkoman_-_58.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-19_22_15_-_von_ponys_und_drachen_trollen_und_flausch_-_sofakissen_-_map_-_jella_-_madmalik_-_tenkoman_-_58.mp4 2012-05-19T00:00:00+02:00 Sofakissen, map, Jella, madmalik, tenkoman No sigint12, Culture Wie eine Zeichentrickserie für Kinder das Internet ein bisschen besser macht My Little Pony spaltet die Netzgemeinde. Aber egal ob man die Serie liebt oder hasst, eins kann man nicht: den bunten Ponys entkommen, die das Netz seit mehr als einem Jahr überfluten. Wir erklären euch, warum My Little Pony mehr als nur ein weiteres Mem ist. about this event: https://program.sigint.ccc.de/fahrplan/events/58.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-19_22_15_-_von_ponys_und_drachen_trollen_und_flausch_-_sofakissen_-_map_-_jella_-_madmalik_-_tenkoman_-_58.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_11_00_-_ur_ihr_wir_und_die_-_nika_-_110.mp4 about this event: https://program.sigint.ccc.de/fahrplan/events/110.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_11_00_-_ur_ihr_wir_und_die_-_nika_-_110.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_11_00_-_ur_ihr_wir_und_die_-_nika_-_110.mp4 2012-05-20T00:00:00+02:00 nika No sigint12, Culture Urheberrecht für Freigeister about this event: https://program.sigint.ccc.de/fahrplan/events/110.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_11_00_-_ur_ihr_wir_und_die_-_nika_-_110.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_12_00_-_kampfstern_privatica_-_jochim_selzer_-_67.mp4 In Zeiten der großen sozialen Netzwerke wirken Datenschützer oft wie ein Relikt aus der Zeit der Europa-Hörspielkassetten. Das sehen die Datenschützer natürlich anders. Sie verstehen sich als, Bastion gegen überbordende Datensammelwut von Staat und Privatunternehmen, als Mahner gegen leichtfertige Preisgabe der Privatsphäre. Welche Sicht stimmt? Warum bekommen Datenschützer ihre Botschaft so schwer vermittelt? Dieser Vortrag beschreibt einige der Mechanismen, die greifen, wenn viele Menschen genervt aufstöhnen, weil die Datenschützer sich wieder zu Wort melden und sucht nach einer Position, auf der Datenschutzbefürworter und -gegner miteinander konstruktiv diskutieren können. about this event: https://program.sigint.ccc.de/fahrplan/events/67.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_12_00_-_kampfstern_privatica_-_jochim_selzer_-_67.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_12_00_-_kampfstern_privatica_-_jochim_selzer_-_67.mp4 2012-05-20T00:00:00+02:00 Jochim Selzer No sigint12, Politics Warum Datenschutz mit der Brechstange nicht funktioniert In Zeiten der großen sozialen Netzwerke wirken Datenschützer oft wie ein Relikt aus der Zeit der Europa-Hörspielkassetten. Das sehen die Datenschützer natürlich anders. Sie verstehen sich als, Bastion gegen überbordende Datensammelwut von Staat und Privatunternehmen, als Mahner gegen leichtfertige Preisgabe der Privatsphäre. Welche Sicht stimmt? Warum bekommen Datenschützer ihre Botschaft so schwer vermittelt? Dieser Vortrag beschreibt einige der Mechanismen, die greifen, wenn viele Menschen genervt aufstöhnen, weil die Datenschützer sich wieder zu Wort melden und sucht nach einer Position, auf der Datenschutzbefürworter und -gegner miteinander konstruktiv diskutieren können. about this event: https://program.sigint.ccc.de/fahrplan/events/67.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_12_00_-_kampfstern_privatica_-_jochim_selzer_-_67.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_13_00_-_efi_rootkits_-_andreas_galauner_-_35.mp4 EFI wird in naher Zukunft das alte Legacy BIOS vollständig ersetzen. Spätestens mit Windows 8 wird es zur Mindestvorraussetzung. Dieser Talk soll zeigen, wie es, größtenteils durch reine Nutzung der EFI-API, möglich ist einen geladenen Kernel mit einer beliebigen Backdoor zu versehen. Bringt schwarze Hüte mit! about this event: https://program.sigint.ccc.de/fahrplan/events/35.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_13_00_-_efi_rootkits_-_andreas_galauner_-_35.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_13_00_-_efi_rootkits_-_andreas_galauner_-_35.mp4 2012-05-20T00:00:00+02:00 Andreas Galauner No sigint12, Hacking Abusing your Firmware to backdoor the kernel EFI wird in naher Zukunft das alte Legacy BIOS vollständig ersetzen. Spätestens mit Windows 8 wird es zur Mindestvorraussetzung. Dieser Talk soll zeigen, wie es, größtenteils durch reine Nutzung der EFI-API, möglich ist einen geladenen Kernel mit einer beliebigen Backdoor zu versehen. Bringt schwarze Hüte mit! about this event: https://program.sigint.ccc.de/fahrplan/events/35.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_13_00_-_efi_rootkits_-_andreas_galauner_-_35.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_14_00_-_dynamic_malware_analysis_on_android_phones_-_hanno_lemoine_-_71.mp4 Kleine Einführung in Android Reversing. Vorstellung eines neuen dynamischen Analyse Tools. Untersuchung verschiedener Android Malware. about this event: https://program.sigint.ccc.de/fahrplan/events/71.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_14_00_-_dynamic_malware_analysis_on_android_phones_-_hanno_lemoine_-_71.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_14_00_-_dynamic_malware_analysis_on_android_phones_-_hanno_lemoine_-_71.mp4 2012-05-20T00:00:00+02:00 Hanno Lemoine No sigint12, Hacking Presentation of the DyAnA Framework (Dynamic Android Analysis Framework) Kleine Einführung in Android Reversing. Vorstellung eines neuen dynamischen Analyse Tools. Untersuchung verschiedener Android Malware. about this event: https://program.sigint.ccc.de/fahrplan/events/71.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_14_00_-_dynamic_malware_analysis_on_android_phones_-_hanno_lemoine_-_71.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_15_00_-_die_maschinenlesbare_regierung_-_fukami_-_5.mp4 In diesem Vortrag soll untersucht werden, wie weit bzw. wie wenig weit wir einer maschinenlesbaren Regierung in den letzten zweieinhalb Dekaden näher gekommen sind. about this event: https://program.sigint.ccc.de/fahrplan/events/5.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_15_00_-_die_maschinenlesbare_regierung_-_fukami_-_5.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_15_00_-_die_maschinenlesbare_regierung_-_fukami_-_5.mp4 2012-05-20T00:00:00+02:00 fukami No sigint12, Politics Zum Stand von Open Data in Deutschland In diesem Vortrag soll untersucht werden, wie weit bzw. wie wenig weit wir einer maschinenlesbaren Regierung in den letzten zweieinhalb Dekaden näher gekommen sind. about this event: https://program.sigint.ccc.de/fahrplan/events/5.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_15_00_-_die_maschinenlesbare_regierung_-_fukami_-_5.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_16_00_-_der_geist_von_acta_-_markus_beckedahl_-_23.mp4 ACTA kenne ich, aber worum geht es da überhaupt? about this event: https://program.sigint.ccc.de/fahrplan/events/23.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_16_00_-_der_geist_von_acta_-_markus_beckedahl_-_23.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_16_00_-_der_geist_von_acta_-_markus_beckedahl_-_23.mp4 2012-05-20T00:00:00+02:00 Markus Beckedahl No sigint12, Politics ACTA kenne ich, aber worum geht es da überhaupt? about this event: https://program.sigint.ccc.de/fahrplan/events/23.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_16_00_-_der_geist_von_acta_-_markus_beckedahl_-_23.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_17_00_-_what_is_forensic_software_doing_in_journalism_and_elsewhere_-_kappuchino_-_69.mp4 There is more and more data in journalism. What can be done? What would you do? Can you help? about this event: https://program.sigint.ccc.de/fahrplan/events/69.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_17_00_-_what_is_forensic_software_doing_in_journalism_and_elsewhere_-_kappuchino_-_69.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_17_00_-_what_is_forensic_software_doing_in_journalism_and_elsewhere_-_kappuchino_-_69.mp4 2012-05-20T00:00:00+02:00 kappuchino No sigint12, Society We have too much data: Watch. Suggest. Help. There is more and more data in journalism. What can be done? What would you do? Can you help? about this event: https://program.sigint.ccc.de/fahrplan/events/69.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_17_00_-_what_is_forensic_software_doing_in_journalism_and_elsewhere_-_kappuchino_-_69.html http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_18_00_-_keine_angst_vor_grossen_zahlen_-_erlehmann_-_christian_heller_-_80.mp4 Was das „nächste Diaspora“ von 4chan, Ernstchan, Tumblr und Wordpress lernen könnte, davon handelt dieser Vortrag. about this event: https://program.sigint.ccc.de/fahrplan/events/80.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_18_00_-_keine_angst_vor_grossen_zahlen_-_erlehmann_-_christian_heller_-_80.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/saal_mp7_og_-_2012-05-20_18_00_-_keine_angst_vor_grossen_zahlen_-_erlehmann_-_christian_heller_-_80.mp4 2012-05-20T00:00:00+02:00 erlehmann, Christian Heller No sigint12, Culture Außerhalb des Mainstreams ist mehr als genug Platz Was das „nächste Diaspora“ von 4chan, Ernstchan, Tumblr und Wordpress lernen könnte, davon handelt dieser Vortrag. about this event: https://program.sigint.ccc.de/fahrplan/events/80.html event on media: http://media.ccc.de/browse/conferences/sigint12/saal_mp7_og_-_2012-05-20_18_00_-_keine_angst_vor_grossen_zahlen_-_erlehmann_-_christian_heller_-_80.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_12_00_-_einfuhrung_in_django_-_force4_-_15.mp4 Einführung in Django am Beispiel von DocMan, der kollaborativen Dokumentenverwaltungssoftware. about this event: https://program.sigint.ccc.de/fahrplan/events/15.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_12_00_-_einfuhrung_in_django_-_force4_-_15.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_12_00_-_einfuhrung_in_django_-_force4_-_15.mp4 2012-05-18T00:00:00+02:00 force4 No sigint12, Hacking "The Web Framework for perfectionists with deadlines." Einführung in Django am Beispiel von DocMan, der kollaborativen Dokumentenverwaltungssoftware. about this event: https://program.sigint.ccc.de/fahrplan/events/15.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_12_00_-_einfuhrung_in_django_-_force4_-_15.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_13_00_-_cyberpeace_-_sylvia_johnigk_-_kain_-_61.mp4 Cyberpeace – eine FIfF Initiative zur Abrüstung im Cyberspace Wir sind Zeugen eines seit einigen Jahren stattfindenden Wettrüstens im Cyberspace. Immer mehr Staaten bauen militärische Cyberware Einheiten auf, die aus IT Spezialisten bestehen und dem Zweck dienen, IT Systeme abzusichern oder diese anzugreifen. Unter der Zielsetzung einer Verbesserung der IT Sicherheit wird in staatlichen Initiativen eine Vermischung von militärischen und zivilen Forschungs- und Entwicklungsprojekten, Kooperationen und Sicherheitsprozessen vorangetrieben. Die US Regierung hat in 2011 Teile ihrer Militärdoktrin für den Cyberspace veröffentlicht. Darin wird nur auf defensive Aspekte eingegangen. In Presseberichten wurde aber auch mehrfach auf offensive Optionen eingegangen. Diskutiert wird auch, Cyberangriffe mit konventionellen militärischen Gegenschlägen zu beantworten. Dieser Ansatz weckt Erinnerungen an die Abschreckungsdoktrin des atomaren Wettrüsten im letzten Jahrhundert. Die Aufrüstung erhöht das Risiko für die Zivilgesellschaft. Im Zuge der Vernetzung und Digitalisierung der Welt steigen auch die Verletzlichkeit, Abhängigkeit von IT. Im digitalen Raum lösen sich nationale Grenzen, Verantwortlichkeiten und Zuständigkeiten auf. Jeder kann Gegner oder Feind sein, jeder kann Partner oder Betroffener sein. Konflikte lassen sich dadurch nur noch schwer eingrenzen und durch nationale Aktionen bekämpfen. Antworten müssen in einer friedenspolitischen Deeskalation gesucht werden. IT Sicherheitsrisiken können durch Dezentralisierung von kritischen Infrastsrukturen, Verringerung von Abhängigkeiten und allgemeiner Verfügbarkeit von defensiver Technologie z.B. durch Transparenz freie Lizenzen reduziert werden. about this event: https://program.sigint.ccc.de/fahrplan/events/61.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_13_00_-_cyberpeace_-_sylvia_johnigk_-_kain_-_61.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_13_00_-_cyberpeace_-_sylvia_johnigk_-_kain_-_61.mp4 2012-05-18T00:00:00+02:00 Sylvia Johnigk, KaiN No sigint12, Politics Cyberpeace – eine FIfF Initiative zur Abrüstung im Cyberspace Wir sind Zeugen eines seit einigen Jahren stattfindenden Wettrüstens im Cyberspace. Immer mehr Staaten bauen militärische Cyberware Einheiten auf, die aus IT Spezialisten bestehen und dem Zweck dienen, IT Systeme abzusichern oder diese anzugreifen. Unter der Zielsetzung einer Verbesserung der IT Sicherheit wird in staatlichen Initiativen eine Vermischung von militärischen und zivilen Forschungs- und Entwicklungsprojekten, Kooperationen und Sicherheitsprozessen vorangetrieben. Die US Regierung hat in 2011 Teile ihrer Militärdoktrin für den Cyberspace veröffentlicht. Darin wird nur auf defensive Aspekte eingegangen. In Presseberichten wurde aber auch mehrfach auf offensive Optionen eingegangen. Diskutiert wird auch, Cyberangriffe mit konventionellen militärischen Gegenschlägen zu beantworten. Dieser Ansatz weckt Erinnerungen an die Abschreckungsdoktrin des atomaren Wettrüsten im letzten Jahrhundert. Die Aufrüstung erhöht das Risiko für die Zivilgesellschaft. Im Zuge der Vernetzung und Digitalisierung der Welt steigen auch die Verletzlichkeit, Abhängigkeit von IT. Im digitalen Raum lösen sich nationale Grenzen, Verantwortlichkeiten und Zuständigkeiten auf. Jeder kann Gegner oder Feind sein, jeder kann Partner oder Betroffener sein. Konflikte lassen sich dadurch nur noch schwer eingrenzen und durch nationale Aktionen bekämpfen. Antworten müssen in einer friedenspolitischen Deeskalation gesucht werden. IT Sicherheitsrisiken können durch Dezentralisierung von kritischen Infrastsrukturen, Verringerung von Abhängigkeiten und allgemeiner Verfügbarkeit von defensiver Technologie z.B. durch Transparenz freie Lizenzen reduziert werden. about this event: https://program.sigint.ccc.de/fahrplan/events/61.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_13_00_-_cyberpeace_-_sylvia_johnigk_-_kain_-_61.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_15_00_-_oil_into_digits_-_olivier_cleynen_-_91.mp4 Can we evaluate the energetic cost of playing with our high-technology equipment? Is the environmental impact of making and running computers significant? Is software any different from the other technology domains? Should a "ping ccc.de" require any fuel be burned or atoms be split? This talk will attempt to answer some of these questions by describing the main physical mechanisms at hand, and outlining the main patterns in the fuzzy and all-important relation between computing and energy. about this event: https://program.sigint.ccc.de/fahrplan/events/91.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_15_00_-_oil_into_digits_-_olivier_cleynen_-_91.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_15_00_-_oil_into_digits_-_olivier_cleynen_-_91.mp4 2012-05-18T00:00:00+02:00 Olivier Cleynen No sigint12, Science A short exploration of the relation between energy and computing Can we evaluate the energetic cost of playing with our high-technology equipment? Is the environmental impact of making and running computers significant? Is software any different from the other technology domains? Should a "ping ccc.de" require any fuel be burned or atoms be split? This talk will attempt to answer some of these questions by describing the main physical mechanisms at hand, and outlining the main patterns in the fuzzy and all-important relation between computing and energy. about this event: https://program.sigint.ccc.de/fahrplan/events/91.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_15_00_-_oil_into_digits_-_olivier_cleynen_-_91.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_16_00_-_luminous_flux_-_presenting_long-running_issues_-_fin_-_33.mp4 Luminous Flux is an open source project experimenting with presenting long-running/developing stories. about this event: https://program.sigint.ccc.de/fahrplan/events/33.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_16_00_-_luminous_flux_-_presenting_long-running_issues_-_fin_-_33.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_16_00_-_luminous_flux_-_presenting_long-running_issues_-_fin_-_33.mp4 2012-05-18T00:00:00+02:00 fin No sigint12, Society an introduction & progress report Luminous Flux is an open source project experimenting with presenting long-running/developing stories. about this event: https://program.sigint.ccc.de/fahrplan/events/33.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_16_00_-_luminous_flux_-_presenting_long-running_issues_-_fin_-_33.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_17_00_-_social_swarm_-_leena_simon_-_padeluun_-_rena_tangens_-_77.mp4 Der Vortrag wird das Projekt vorstellen, die gesellschaftspolitschen Probleme mit zentralisierten sozialen Netzwerken erläutern und Lösungswege diskutieren. about this event: https://program.sigint.ccc.de/fahrplan/events/77.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_17_00_-_social_swarm_-_leena_simon_-_padeluun_-_rena_tangens_-_77.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_17_00_-_social_swarm_-_leena_simon_-_padeluun_-_rena_tangens_-_77.mp4 2012-05-18T00:00:00+02:00 Leena Simon, padeluun, Rena Tangens No sigint12, Community Freie Soziale Netzwerke vereinigt euch! Der Vortrag wird das Projekt vorstellen, die gesellschaftspolitschen Probleme mit zentralisierten sozialen Netzwerken erläutern und Lösungswege diskutieren. about this event: https://program.sigint.ccc.de/fahrplan/events/77.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_17_00_-_social_swarm_-_leena_simon_-_padeluun_-_rena_tangens_-_77.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_18_00_-_media_ccc_de_-_kenny_-_2.mp4 Der CCC betreibt seit einigen Jahren eine eigene Webseite für Aufgezeichnete Vorträge auf Veranstaltungen des CCC und Chaos naher Events. Dennoch scheint das Projekt auch innerhalb des Clubs noch nicht ganz so bekannt zu sein. about this event: https://program.sigint.ccc.de/fahrplan/events/2.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_18_00_-_media_ccc_de_-_kenny_-_2.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_18_00_-_media_ccc_de_-_kenny_-_2.mp4 2012-05-18T00:00:00+02:00 kenny No sigint12, Hacking Das YouTube des CCC Der CCC betreibt seit einigen Jahren eine eigene Webseite für Aufgezeichnete Vorträge auf Veranstaltungen des CCC und Chaos naher Events. Dennoch scheint das Projekt auch innerhalb des Clubs noch nicht ganz so bekannt zu sein. about this event: https://program.sigint.ccc.de/fahrplan/events/2.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_18_00_-_media_ccc_de_-_kenny_-_2.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_20_00_-_rhetorik_fur_linux-admins_-_jochim_selzer_-_12.mp4 Nichts ist bleibender als das Provisorium. Entsprechend hoch ist die Wahrscheinlichkeit, dass ein hastig hingeschmiertes Skript den eigenen Arbeitsvertrag deutlich überdauern wird. Um der Verachtung späterer Bearbeiter des Skripts zu entgehen und sich die Chance zu bewahren, später sein eigenes Werk noch lesen und erweitern zu können, sollte man einige einfache Stilregeln beachten. Dieser Vortrag beschreibt anhand der Skripte, die an einem einzigen Vormittag über den Schreibtisch eines Admins gingen, welche Stolperfallen man umgehen kann. about this event: https://program.sigint.ccc.de/fahrplan/events/12.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_20_00_-_rhetorik_fur_linux-admins_-_jochim_selzer_-_12.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_20_00_-_rhetorik_fur_linux-admins_-_jochim_selzer_-_12.mp4 2012-05-18T00:00:00+02:00 Jochim Selzer No sigint12, Community Shellscripting from Hell Nichts ist bleibender als das Provisorium. Entsprechend hoch ist die Wahrscheinlichkeit, dass ein hastig hingeschmiertes Skript den eigenen Arbeitsvertrag deutlich überdauern wird. Um der Verachtung späterer Bearbeiter des Skripts zu entgehen und sich die Chance zu bewahren, später sein eigenes Werk noch lesen und erweitern zu können, sollte man einige einfache Stilregeln beachten. Dieser Vortrag beschreibt anhand der Skripte, die an einem einzigen Vormittag über den Schreibtisch eines Admins gingen, welche Stolperfallen man umgehen kann. about this event: https://program.sigint.ccc.de/fahrplan/events/12.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_20_00_-_rhetorik_fur_linux-admins_-_jochim_selzer_-_12.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_21_00_-_der_alltagsgegenstand_im_zeitalter_seiner_technischen_reproduzierbarkeit_-_philip_steffan_-_74.mp4 Auf der SIGINT 2009 hieß der Vortrag „Es gibt keinen Löffel? Dann druck doch einen neuen aus!“. Drei Jahre später gibt es mit Praxiserfahrung einiges zu berichten. Die Entwicklung von 3D-Druckern ist sowohl im DIY- als auch im kommerziellen Bereich weitergegangen. Ein Rückblick und Ausblick. about this event: https://program.sigint.ccc.de/fahrplan/events/74.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_21_00_-_der_alltagsgegenstand_im_zeitalter_seiner_technischen_reproduzierbarkeit_-_philip_steffan_-_74.html Fri, 18 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-18_21_00_-_der_alltagsgegenstand_im_zeitalter_seiner_technischen_reproduzierbarkeit_-_philip_steffan_-_74.mp4 2012-05-18T00:00:00+02:00 Philip Steffan No sigint12, Making Drei Jahre später: Wie viel näher sind wir dem Replikator? Auf der SIGINT 2009 hieß der Vortrag „Es gibt keinen Löffel? Dann druck doch einen neuen aus!“. Drei Jahre später gibt es mit Praxiserfahrung einiges zu berichten. Die Entwicklung von 3D-Druckern ist sowohl im DIY- als auch im kommerziellen Bereich weitergegangen. Ein Rückblick und Ausblick. about this event: https://program.sigint.ccc.de/fahrplan/events/74.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-18_21_00_-_der_alltagsgegenstand_im_zeitalter_seiner_technischen_reproduzierbarkeit_-_philip_steffan_-_74.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-19_15_00_-_this_is_why_you_can_t_make_nice_stuff_-_tim_-_matthias_krauss_-_59.mp4 We’re currently in the process of creating a piece of open hardware aimed both at consumers and hackers. We’ll keep the technical part short. Instead we want to focus our talk on the difficulties that small endeavours face producing physical (and especially electronic) things. Challenges ranging from the bureaucratic runaround starting a company, toilets and insurance, to figuring out which one of several 10.000 TARIC tarif codes covers electronic components, RoHS, CE, WEEE ... These rules and regulations were implemented to address legitimate safety and environmental concerns, but unfortunately in ways that their requirements can only be reasonably met by large corporations. We will talk about good intentions of regulations, abstruse consequences for people like us and will present some solutions we’ve found to deal with them. about this event: https://program.sigint.ccc.de/fahrplan/events/59.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-19_15_00_-_this_is_why_you_can_t_make_nice_stuff_-_tim_-_matthias_krauss_-_59.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-19_15_00_-_this_is_why_you_can_t_make_nice_stuff_-_tim_-_matthias_krauss_-_59.mp4 2012-05-19T00:00:00+02:00 tim, Matthias Krauß No sigint12, Making … or the joy of disposing of 5 tons of refrigerators We’re currently in the process of creating a piece of open hardware aimed both at consumers and hackers. We’ll keep the technical part short. Instead we want to focus our talk on the difficulties that small endeavours face producing physical (and especially electronic) things. Challenges ranging from the bureaucratic runaround starting a company, toilets and insurance, to figuring out which one of several 10.000 TARIC tarif codes covers electronic components, RoHS, CE, WEEE ... These rules and regulations were implemented to address legitimate safety and environmental concerns, but unfortunately in ways that their requirements can only be reasonably met by large corporations. We will talk about good intentions of regulations, abstruse consequences for people like us and will present some solutions we’ve found to deal with them. about this event: https://program.sigint.ccc.de/fahrplan/events/59.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-19_15_00_-_this_is_why_you_can_t_make_nice_stuff_-_tim_-_matthias_krauss_-_59.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-19_16_00_-_das_konzept_dingfabrik_-_lars_weiler_-_21.mp4 Wir stellen das Konzept “Dingfabrik+”, wie das erste Kölner Fablab Dingfabrik in die urbane Infrastruktur integriert wird. Es geht dabei um die Erweiterung des Angebots für Bastler, Schulen, Hochschulen, Wirtschaftsförderung und die lokale Industrie. about this event: https://program.sigint.ccc.de/fahrplan/events/21.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-19_16_00_-_das_konzept_dingfabrik_-_lars_weiler_-_21.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-19_16_00_-_das_konzept_dingfabrik_-_lars_weiler_-_21.mp4 2012-05-19T00:00:00+02:00 Lars Weiler No sigint12, Society Das Fablab als Teil der urbanen Infrastruktur Wir stellen das Konzept “Dingfabrik+”, wie das erste Kölner Fablab Dingfabrik in die urbane Infrastruktur integriert wird. Es geht dabei um die Erweiterung des Angebots für Bastler, Schulen, Hochschulen, Wirtschaftsförderung und die lokale Industrie. about this event: https://program.sigint.ccc.de/fahrplan/events/21.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-19_16_00_-_das_konzept_dingfabrik_-_lars_weiler_-_21.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-19_17_00_-_what_s_in_a_name_-_tante_-_31.mp4 Last year's #nymwars have brought the discussion about names and what they mean online to a new high: While one group strongly supports "real names" claiming them to leading to better conversations and transparence the opposite fraction fights tooth and nail against it championing the right to anonymity and whistleblowing. In this talk we'll start by clearly separating the different -nymities from each other and look - in that light - at the different fraction's arguments. What's really in a name and is anonymity a viable base for communication? about this event: https://program.sigint.ccc.de/fahrplan/events/31.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-19_17_00_-_what_s_in_a_name_-_tante_-_31.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-19_17_00_-_what_s_in_a_name_-_tante_-_31.mp4 2012-05-19T00:00:00+02:00 tante No sigint12, Culture #nymwars and the public sphere Last year's #nymwars have brought the discussion about names and what they mean online to a new high: While one group strongly supports "real names" claiming them to leading to better conversations and transparence the opposite fraction fights tooth and nail against it championing the right to anonymity and whistleblowing. In this talk we'll start by clearly separating the different -nymities from each other and look - in that light - at the different fraction's arguments. What's really in a name and is anonymity a viable base for communication? about this event: https://program.sigint.ccc.de/fahrplan/events/31.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-19_17_00_-_what_s_in_a_name_-_tante_-_31.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-19_18_00_-_information_centric_networking_-_claudio_imbrenda_-_51.mp4 This lecture will present the Information Centric Networking paradigm, a radically new networking paradigm for the future internet, which is being a hot topic in networking and future internet research fields. In Information Centric Networking, the focus is on information objects, and not on the way those object are obtained, overcoming the obstacles of connection oriented networks (like the internet), e.g. delay tolerance is achievable out of the box. Objects self-certification and self-authentication are obviously key elements of the paradigm. This lecture focuses on the security, privacy and censorship aspects of Information Centric Networking. about this event: https://program.sigint.ccc.de/fahrplan/events/51.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-19_18_00_-_information_centric_networking_-_claudio_imbrenda_-_51.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-19_18_00_-_information_centric_networking_-_claudio_imbrenda_-_51.mp4 2012-05-19T00:00:00+02:00 Claudio Imbrenda No sigint12, Science A radically new paradigm for the future internet This lecture will present the Information Centric Networking paradigm, a radically new networking paradigm for the future internet, which is being a hot topic in networking and future internet research fields. In Information Centric Networking, the focus is on information objects, and not on the way those object are obtained, overcoming the obstacles of connection oriented networks (like the internet), e.g. delay tolerance is achievable out of the box. Objects self-certification and self-authentication are obviously key elements of the paradigm. This lecture focuses on the security, privacy and censorship aspects of Information Centric Networking. about this event: https://program.sigint.ccc.de/fahrplan/events/51.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-19_18_00_-_information_centric_networking_-_claudio_imbrenda_-_51.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-19_19_00_-_linked_open_data_-_angelo_veltens_-_7.mp4 Open Data ist auf dem Vormarsch. Doch es reicht nicht CSV-Daten in ein Zip-Archiv zu packen und zum Download anzubieten. Wenn wir die Stärken von frei verfügbaren Behördendaten voll ausschöpfen wollen, dann müssen wir ein "Web of Data" schaffen, in dem Rohdaten miteinander verlinkt sind, so wie im WWW HTML-Seiten miteinander verlinkt sind. Der Vortrag stellt das Konzept "Linked Data" vor, erklärt, wie wir zum "Web of Data" beitragen können und erläutert das gesellschaftliche Potential von Linked Open Data. about this event: https://program.sigint.ccc.de/fahrplan/events/7.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-19_19_00_-_linked_open_data_-_angelo_veltens_-_7.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-19_19_00_-_linked_open_data_-_angelo_veltens_-_7.mp4 2012-05-19T00:00:00+02:00 Angelo Veltens No sigint12, Science Warum "open" nicht genug ist und wir Daten verlinken müssen. Open Data ist auf dem Vormarsch. Doch es reicht nicht CSV-Daten in ein Zip-Archiv zu packen und zum Download anzubieten. Wenn wir die Stärken von frei verfügbaren Behördendaten voll ausschöpfen wollen, dann müssen wir ein "Web of Data" schaffen, in dem Rohdaten miteinander verlinkt sind, so wie im WWW HTML-Seiten miteinander verlinkt sind. Der Vortrag stellt das Konzept "Linked Data" vor, erklärt, wie wir zum "Web of Data" beitragen können und erläutert das gesellschaftliche Potential von Linked Open Data. about this event: https://program.sigint.ccc.de/fahrplan/events/7.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-19_19_00_-_linked_open_data_-_angelo_veltens_-_7.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-19_20_00_-_power_to_the_patient_-_bastian_greshake_-_fabian_zimmer_-_40.mp4 Thanks to technological advances biomedicine has changed rapidly in the last years. Large amounts of genetic/biomecial data can be produced at low cost. In the near future it may be standard to produce full-genome scans to diagnose diseases and to treat patients more effectively using personalised drugs. Even though ... has been generated already, the lack of data sharing slows down the progress of biomedicine significantly. This lack does not only arise due to the competitiveness of the field, but also because bioethics and privacy concerns have to be kept in mind. Should scientists share the data of participants? Should patients get access to the raw data produced during diagnosis? And could this be a solution to open up biomedicine while keeping those concerns in mind? We will present how biomedicine has already changed, where those advances are used today in a clinical setting and how crowdsourcing could be a driving factor in opening biomedical data. about this event: https://program.sigint.ccc.de/fahrplan/events/40.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-19_20_00_-_power_to_the_patient_-_bastian_greshake_-_fabian_zimmer_-_40.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-19_20_00_-_power_to_the_patient_-_bastian_greshake_-_fabian_zimmer_-_40.mp4 2012-05-19T00:00:00+02:00 Bastian Greshake, Fabian Zimmer No sigint12, Science How Crowdsourcing could change Biomedicine Thanks to technological advances biomedicine has changed rapidly in the last years. Large amounts of genetic/biomecial data can be produced at low cost. In the near future it may be standard to produce full-genome scans to diagnose diseases and to treat patients more effectively using personalised drugs. Even though ... has been generated already, the lack of data sharing slows down the progress of biomedicine significantly. This lack does not only arise due to the competitiveness of the field, but also because bioethics and privacy concerns have to be kept in mind. Should scientists share the data of participants? Should patients get access to the raw data produced during diagnosis? And could this be a solution to open up biomedicine while keeping those concerns in mind? We will present how biomedicine has already changed, where those advances are used today in a clinical setting and how crowdsourcing could be a driving factor in opening biomedical data. about this event: https://program.sigint.ccc.de/fahrplan/events/40.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-19_20_00_-_power_to_the_patient_-_bastian_greshake_-_fabian_zimmer_-_40.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-19_21_00_-_robotics_an_introduction_to_optimal_control_-_norbert_braun_-_39.mp4 A physicists take on robotics: we will learn to understand the way things move, i.e. analytical mechanics, and how to make them move in the way we want them to, i.e. control theory. Two important toy systems are considered: the cart-pole balancing task, which has an analytical solution, and the Acrobot swing-up task, which requires numerical methods. Finally, we will discuss how these techniques may be useful for advanced bipedal robots. about this event: https://program.sigint.ccc.de/fahrplan/events/39.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-19_21_00_-_robotics_an_introduction_to_optimal_control_-_norbert_braun_-_39.html Sat, 19 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-19_21_00_-_robotics_an_introduction_to_optimal_control_-_norbert_braun_-_39.mp4 2012-05-19T00:00:00+02:00 Norbert Braun No sigint12, Science A physicists take on robotics: we will learn to understand the way things move, i.e. analytical mechanics, and how to make them move in the way we want them to, i.e. control theory. Two important toy systems are considered: the cart-pole balancing task, which has an analytical solution, and the Acrobot swing-up task, which requires numerical methods. Finally, we will discuss how these techniques may be useful for advanced bipedal robots. about this event: https://program.sigint.ccc.de/fahrplan/events/39.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-19_21_00_-_robotics_an_introduction_to_optimal_control_-_norbert_braun_-_39.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-20_12_00_-_introduction_to_secureshare_-_daniel_reusche_-_53.mp4 Why are we still using insecure channels of communication, like e-mail, Skype, IRC and Facebook? Why do we entrust central authorities with our most private data and why do we rely on their infrastructure? Because there isn't an easy to use alternative yet! End-to-end encryption and decentralized social interaction is always a hassle. Our goal is to give developers an easy to use framework that hides the complexity of decentralized message passing, a distributed social graph and naturally embedded encryption. We hope to encourage the development of interfaces and platforms that are as user friendly as they can be. In the end, a distributed social platform can only succeed if everyone uses it. The network we are currently bootstrapping enjoys the speed of servers that help without knowing much about us, the trust of social relationships between users without becoming transparent, the privacy of elaborate obfuscation strategies without becoming unpractical. This way, we can become independent of centralized infrastructure and rest assured that no one but the designated recepients can read our communications. We employ GNUnet for peer-to-peer routing and encryption (the new openssl of P2P) and PSYC to create the social trust graph (because it performs a dozen times better than XMPP or OStatus). about this event: https://program.sigint.ccc.de/fahrplan/events/53.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-20_12_00_-_introduction_to_secureshare_-_daniel_reusche_-_53.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-20_12_00_-_introduction_to_secureshare_-_daniel_reusche_-_53.mp4 2012-05-20T00:00:00+02:00 Daniel Reusche No sigint12, Hacking A peer-to-peer, end-to-end encrypted social networking framework Why are we still using insecure channels of communication, like e-mail, Skype, IRC and Facebook? Why do we entrust central authorities with our most private data and why do we rely on their infrastructure? Because there isn't an easy to use alternative yet! End-to-end encryption and decentralized social interaction is always a hassle. Our goal is to give developers an easy to use framework that hides the complexity of decentralized message passing, a distributed social graph and naturally embedded encryption. We hope to encourage the development of interfaces and platforms that are as user friendly as they can be. In the end, a distributed social platform can only succeed if everyone uses it. The network we are currently bootstrapping enjoys the speed of servers that help without knowing much about us, the trust of social relationships between users without becoming transparent, the privacy of elaborate obfuscation strategies without becoming unpractical. This way, we can become independent of centralized infrastructure and rest assured that no one but the designated recepients can read our communications. We employ GNUnet for peer-to-peer routing and encryption (the new openssl of P2P) and PSYC to create the social trust graph (because it performs a dozen times better than XMPP or OStatus). about this event: https://program.sigint.ccc.de/fahrplan/events/53.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-20_12_00_-_introduction_to_secureshare_-_daniel_reusche_-_53.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-20_13_00_-_chaos_macht_schule_-_rem0te_-_32.mp4 Ein kleiner Vortrag über die Arbeit Chaos Computer Clubs in Schulen about this event: https://program.sigint.ccc.de/fahrplan/events/32.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-20_13_00_-_chaos_macht_schule_-_rem0te_-_32.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-20_13_00_-_chaos_macht_schule_-_rem0te_-_32.mp4 2012-05-20T00:00:00+02:00 Rem0te No sigint12, Community Wie der CCC Medienkompetenz im deutschen Bildungssystem fördert Ein kleiner Vortrag über die Arbeit Chaos Computer Clubs in Schulen about this event: https://program.sigint.ccc.de/fahrplan/events/32.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-20_13_00_-_chaos_macht_schule_-_rem0te_-_32.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-20_14_00_-_computer_in_die_parlamente_-_philip_plaetzchen_brechler_-_8.mp4 Die Piratenpartei wurde im September 2011 in das Abgeordnetenhaus von Berlin gewählt, seit dem gibt es neue Probleme zu lösen. Wie macht man Politik maschinenlesbar, wie schafft es als Admin, dass sie die Nerds der Fraktion wohl fühlen und was für Möglichkeiten gibt es für die Piraten jetzt mit der Community zusammarbeiten, um das Alles geht es in diesem Talk. about this event: https://program.sigint.ccc.de/fahrplan/events/8.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-20_14_00_-_computer_in_die_parlamente_-_philip_plaetzchen_brechler_-_8.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-20_14_00_-_computer_in_die_parlamente_-_philip_plaetzchen_brechler_-_8.mp4 2012-05-20T00:00:00+02:00 Philip "plaetzchen" Brechler No sigint12, Politics Welche Probleme die Piratenfraktion im AGH hat und hatte. Die Piratenpartei wurde im September 2011 in das Abgeordnetenhaus von Berlin gewählt, seit dem gibt es neue Probleme zu lösen. Wie macht man Politik maschinenlesbar, wie schafft es als Admin, dass sie die Nerds der Fraktion wohl fühlen und was für Möglichkeiten gibt es für die Piraten jetzt mit der Community zusammarbeiten, um das Alles geht es in diesem Talk. about this event: https://program.sigint.ccc.de/fahrplan/events/8.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-20_14_00_-_computer_in_die_parlamente_-_philip_plaetzchen_brechler_-_8.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-20_16_00_-_pitch_your_project_and_vision_-_jens_oberender_-_87.mp4 Bring es auf den Punkt, was Dein Projekt und Deine Vision ausmacht! In jedem Fall ist zielgerichtete Kommunikation notwendig: erfülle präzise die Bedürfnisse Deiner Community. Visionen und Ziele müssen effizient kommuniziert werden. about this event: https://program.sigint.ccc.de/fahrplan/events/87.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-20_16_00_-_pitch_your_project_and_vision_-_jens_oberender_-_87.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-20_16_00_-_pitch_your_project_and_vision_-_jens_oberender_-_87.mp4 2012-05-20T00:00:00+02:00 Jens Oberender No sigint12, Society Zielgerichtete Kommunikation Bring es auf den Punkt, was Dein Projekt und Deine Vision ausmacht! In jedem Fall ist zielgerichtete Kommunikation notwendig: erfülle präzise die Bedürfnisse Deiner Community. Visionen und Ziele müssen effizient kommuniziert werden. about this event: https://program.sigint.ccc.de/fahrplan/events/87.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-20_16_00_-_pitch_your_project_and_vision_-_jens_oberender_-_87.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-20_17_00_-_das_kreuz_mit_dem_crossposting_-_hendrik_spree_-_11.mp4 Blog, Twitter, Facebook, Tumblr, Instagram, Delicious, Foursquare, Thisismyjam, Pinterest - der Ausdifferenzierung der Webservices steht das Verlangen der maximalen Reichweite gegenüber. Also wird alles überall crossgeposted, gerne automatisiert. Das nervt auf die Dauer vor allem deswegen, weil die Filter nicht adäquat fein genug eingestellt werden können. about this event: https://program.sigint.ccc.de/fahrplan/events/11.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-20_17_00_-_das_kreuz_mit_dem_crossposting_-_hendrik_spree_-_11.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-20_17_00_-_das_kreuz_mit_dem_crossposting_-_hendrik_spree_-_11.mp4 2012-05-20T00:00:00+02:00 Hendrik Spree No sigint12, Community oder: Die Grenzen der Filtersouveränität Blog, Twitter, Facebook, Tumblr, Instagram, Delicious, Foursquare, Thisismyjam, Pinterest - der Ausdifferenzierung der Webservices steht das Verlangen der maximalen Reichweite gegenüber. Also wird alles überall crossgeposted, gerne automatisiert. Das nervt auf die Dauer vor allem deswegen, weil die Filter nicht adäquat fein genug eingestellt werden können. about this event: https://program.sigint.ccc.de/fahrplan/events/11.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-20_17_00_-_das_kreuz_mit_dem_crossposting_-_hendrik_spree_-_11.html http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-20_18_00_-_owncloud_-_frankkarlitschek_-_4.mp4 The advantages of storing data in the cloud are many: ubiquitous access to data from multiple devices, social interaction and sharing with others on the web and no extra software to install. However, in exchange for this privilege, YOUR data is often stored on -- and even OWNED by -- one of several organizations -- none of which easily allow interaction or sharing of data among them. Besides these convenience issues, there are also problems with privacy and security as well as the potential for one hardware failure to make the data of thousands of users impossible to access. Taken together, the cloud is not perfect. about this event: https://program.sigint.ccc.de/fahrplan/events/4.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-20_18_00_-_owncloud_-_frankkarlitschek_-_4.html Sun, 20 May 2012 00:00:00 +0200 http://ftp.ccc.de/events/sigint12/mp4/vortrag_mp6_og_-_2012-05-20_18_00_-_owncloud_-_frankkarlitschek_-_4.mp4 2012-05-20T00:00:00+02:00 frankkarlitschek No sigint12, Community FOSS alternative to cloud data storage The advantages of storing data in the cloud are many: ubiquitous access to data from multiple devices, social interaction and sharing with others on the web and no extra software to install. However, in exchange for this privilege, YOUR data is often stored on -- and even OWNED by -- one of several organizations -- none of which easily allow interaction or sharing of data among them. Besides these convenience issues, there are also problems with privacy and security as well as the potential for one hardware failure to make the data of thousands of users impossible to access. Taken together, the cloud is not perfect. about this event: https://program.sigint.ccc.de/fahrplan/events/4.html event on media: http://media.ccc.de/browse/conferences/sigint12/vortrag_mp6_og_-_2012-05-20_18_00_-_owncloud_-_frankkarlitschek_-_4.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4581-en-taking_control_over_the_tor_network.webm This talk deals with weaknesses identified in the TOR network protocol and cryptography implementation. We manage to take control over users using this network and to access all your information and data exchanged despite cryptography. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4581.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4581-en-taking_control_over_the_tor_network.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4581-en-taking_control_over_the_tor_network.webm 2011-12-29T00:00:00+01:00 Eric Filiol, Seun Omosowon No 28c3, Hacking This talk deals with weaknesses identified in the TOR network protocol and cryptography implementation. We manage to take control over users using this network and to access all your information and data exchanged despite cryptography. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4581.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4581-en-taking_control_over_the_tor_network.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4587-en-bup_git_for_backups.webm bup is short for "backup". bup uses the file format of the distributed version control system Git. It solves Git's problems with big files. Deduplication is used to make backups space efficent (about five times smaller than rsnapshot's backups). Data is deduplicated globally across files and backups. If a small part of a big file is changed only little additional space is needed. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4587.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4587-en-bup_git_for_backups.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4587-en-bup_git_for_backups.webm 2011-12-30T00:00:00+01:00 Zoran Zaric No 28c3, Hacking bup is short for "backup". bup uses the file format of the distributed version control system Git. It solves Git's problems with big files. Deduplication is used to make backups space efficent (about five times smaller than rsnapshot's backups). Data is deduplicated globally across files and backups. If a small part of a big file is changed only little additional space is needed. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4587.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4587-en-bup_git_for_backups.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4640-en-time_is_on_my_side.webm Timing side channel attacks are non-intrusive attacks that are still widely ignored in day-to-day penetration testing, although they allow attackers to breach the confidentiality of sensitive information. The reason for this is, that timing attacks are still widely considered to be theoretical. In this talk, I present a toolkit for performing practical timing side channel attacks and showcase several timing attacks against real-world systems. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4640.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4640-en-time_is_on_my_side.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4640-en-time_is_on_my_side.webm 2011-12-28T00:00:00+01:00 Sebastian Schinzel No 28c3, Hacking Exploiting Timing Side Channel Vulnerabilities on the Web Timing side channel attacks are non-intrusive attacks that are still widely ignored in day-to-day penetration testing, although they allow attackers to breach the confidentiality of sensitive information. The reason for this is, that timing attacks are still widely considered to be theoretical. In this talk, I present a toolkit for performing practical timing side channel attacks and showcase several timing attacks against real-world systems. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4640.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4640-en-time_is_on_my_side.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4648-en-quantum_of_science.webm Quantum systems can have very different properties from their classical analogues which allows them to have states that are not only correlated but entangled. This allows for quantum computers running algorithms more powerful than those on classical computers (represented by Turing machines) and for quantum cryptography whose safety is (in principle) guaranteed by the laws of nature. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4648.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4648-en-quantum_of_science.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4648-en-quantum_of_science.webm 2011-12-30T00:00:00+01:00 Robert Helling No 28c3, Science How quantum information differs from classical Quantum systems can have very different properties from their classical analogues which allows them to have states that are not only correlated but entangled. This allows for quantum computers running algorithms more powerful than those on classical computers (represented by Turing machines) and for quantum cryptography whose safety is (in principle) guaranteed by the laws of nature. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4648.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4648-en-quantum_of_science.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4652-en-data_mining_the_israeli_census.webm The entire Israeli civil registry database has been leaked to the internet several times over the past decade. In this talk, we examine interesting data that can be mined and extracted from such database. Additionally, we will review the implications of such data being publicly available in light of the upcoming biometric database. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4652.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4652-en-data_mining_the_israeli_census.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4652-en-data_mining_the_israeli_census.webm 2011-12-28T00:00:00+01:00 Yuval Adam No 28c3, Hacking Insights into a publicly available registry The entire Israeli civil registry database has been leaked to the internet several times over the past decade. In this talk, we examine interesting data that can be mined and extracted from such database. Additionally, we will review the implications of such data being publicly available in light of the upcoming biometric database. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4652.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4652-en-data_mining_the_israeli_census.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4656-en-ooops_i_hacked_my_pbx.webm This talk is cautionary tale about developers forgetting to remove debug interfaces from finished products and the need of repetitive system reviews. A midrange PBX systems (non web) configuration interface is used as an example of what flaws you can actually find in commercial systems. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4656.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4656-en-ooops_i_hacked_my_pbx.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4656-en-ooops_i_hacked_my_pbx.webm 2011-12-29T00:00:00+01:00 pt No 28c3, Hacking Why auditing proprietary protocols matters This talk is cautionary tale about developers forgetting to remove debug interfaces from finished products and the need of repetitive system reviews. A midrange PBX systems (non web) configuration interface is used as an example of what flaws you can actually find in commercial systems. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4656.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4656-en-ooops_i_hacked_my_pbx.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4660-en-post_memory_corruption_memory_analysis.webm Pmcma is a tool aimed at automating the most time consuming taskes of exploitation. It for instance determine why an application is triggering a segmentention fault, evaluate if the faulting instruction can be used to write to memory or execute arbitrary code, and list all the function pointers potentially called from a given point in time by an application. Pmcma is a totally new kind of debugger, which allows for easy experimentation with a process in memory by forcing it to fork. The exact replicas of the process created in memory can then be intrumented while keeping the properties (eg: state of variables, ASLR, permissions...) of the original process. Pmcma is an easily extensible framework available under the Apache 2.0 license from http://www.pmcma.org/ . about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4660.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4660-en-post_memory_corruption_memory_analysis.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4660-en-post_memory_corruption_memory_analysis.webm 2011-12-28T00:00:00+01:00 endrazine No 28c3, Hacking Automating exploitation of invalid memory writes Pmcma is a tool aimed at automating the most time consuming taskes of exploitation. It for instance determine why an application is triggering a segmentention fault, evaluate if the faulting instruction can be used to write to memory or execute arbitrary code, and list all the function pointers potentially called from a given point in time by an application. Pmcma is a totally new kind of debugger, which allows for easy experimentation with a process in memory by forcing it to fork. The exact replicas of the process created in memory can then be intrumented while keeping the properties (eg: state of variables, ASLR, permissions...) of the original process. Pmcma is an easily extensible framework available under the Apache 2.0 license from http://www.pmcma.org/ . about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4660.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4660-en-post_memory_corruption_memory_analysis.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4661-en-scade_and_plc_vulnerabilities_in_correctional_facilities.webm Many prisons and jails use SCADA systems with PLCs to open and close doors. Using original and publically available exploits along with evaluating vulnerabilities in electronic and physical security designs, Newman, Rad and Strauchs have discovered significant vulnerabilities in PLCs used in correctional facilities by being able to remotely flip the switches to “open” or “locked closed” on cell doors and gates. This talk will evaluate and demo SCADA systems and PLC vulnerabilities in correctional and government secured facilities while recommending solutions. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4661.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4661-en-scade_and_plc_vulnerabilities_in_correctional_facilities.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4661-en-scade_and_plc_vulnerabilities_in_correctional_facilities.webm 2011-12-27T00:00:00+01:00 Teague, Tiffany Rad No 28c3, Hacking Tiffany Rad, Teague Newman, John Strauchs Many prisons and jails use SCADA systems with PLCs to open and close doors. Using original and publically available exploits along with evaluating vulnerabilities in electronic and physical security designs, Newman, Rad and Strauchs have discovered significant vulnerabilities in PLCs used in correctional facilities by being able to remotely flip the switches to “open” or “locked closed” on cell doors and gates. This talk will evaluate and demo SCADA systems and PLC vulnerabilities in correctional and government secured facilities while recommending solutions. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4661.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4661-en-scade_and_plc_vulnerabilities_in_correctional_facilities.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4663-en-cellular_protocol_stacks_for_internet.webm Almost everyone uses the packet oriented transmission modes of cellular networks. However, unlike TCP/IP, Ethernet and Wifi, not many members of the hacker commnunity are familiar with the actual protocol stack for those services. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4663.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4663-en-cellular_protocol_stacks_for_internet.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4663-en-cellular_protocol_stacks_for_internet.webm 2011-12-29T00:00:00+01:00 Harald Welte No 28c3, Hacking GPRS, EDGE, UMTS, HSPA demystified Almost everyone uses the packet oriented transmission modes of cellular networks. However, unlike TCP/IP, Ethernet and Wifi, not many members of the hacker commnunity are familiar with the actual protocol stack for those services. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4663.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4663-en-cellular_protocol_stacks_for_internet.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4668-en-electronic_money.webm The proposed talk provides a definition of the problem of creating e-money and after a review of the state of the art points out possible solutions and proposes questions for discussion for the properties of electronic money system. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4668.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4668-en-electronic_money.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4668-en-electronic_money.webm 2011-12-29T00:00:00+01:00 peio No 28c3, Society and Politics How the e-money systems can be made better The proposed talk provides a definition of the problem of creating e-money and after a review of the state of the art points out possible solutions and proposes questions for discussion for the properties of electronic money system. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4668.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4668-en-electronic_money.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4669-en-bionic_ears.webm In many social situations being hearing impaired is a serious handicap, not only for elderly people. Today's hearing aids are tiny computers that do a decent job in signal processing. During the last years, the progress in this technology was significant, amongst other things by switching from analog to digital devices. Since this field becomes more and more related to computer technology, there is even more improvement to be expected. In particular, it turns into a more and more interesting playground for hackers. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4669.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4669-en-bionic_ears.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4669-en-bionic_ears.webm 2011-12-28T00:00:00+01:00 Helga Velroyen No 28c3, Hacking Introduction into State-of-the-Art Hearing Aid Technology In many social situations being hearing impaired is a serious handicap, not only for elderly people. Today's hearing aids are tiny computers that do a decent job in signal processing. During the last years, the progress in this technology was significant, amongst other things by switching from analog to digital devices. Since this field becomes more and more related to computer technology, there is even more improvement to be expected. In particular, it turns into a more and more interesting playground for hackers. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4669.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4669-en-bionic_ears.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4675-de-politik_neusprech_2011.webm Aktuelle politische Texte (Reden, Interviews) werden auf Leerformeln, Füllsel und Übertreibungen untersucht, die den Text entlarven, selbst wenn der Autor versucht, die Hörer bzw. Leser einzulullen, bestimmte sprachliche Mittel verraten, welche eigentlichen Meinungen sich im Text verstecken. Auf diese Weise wird in den Texten sichtbar, was Wilson und Shea als „Fnord“ bezeichnen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4675.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4675-de-politik_neusprech_2011.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4675-de-politik_neusprech_2011.webm 2011-12-28T00:00:00+01:00 maha/Martin Haase No 28c3, Society and Politics Sprachlicher Nebel in der Politik Aktuelle politische Texte (Reden, Interviews) werden auf Leerformeln, Füllsel und Übertreibungen untersucht, die den Text entlarven, selbst wenn der Autor versucht, die Hörer bzw. Leser einzulullen, bestimmte sprachliche Mittel verraten, welche eigentlichen Meinungen sich im Text verstecken. Auf diese Weise wird in den Texten sichtbar, was Wilson und Shea als „Fnord“ bezeichnen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4675.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4675-de-politik_neusprech_2011.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4676-en-apple_vs_google_client_platforms.webm We will discuss the two different approaches Apple and Google take for the client platforms iPad and Chromebook, how they are similar and how they are not. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4676.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4676-en-apple_vs_google_client_platforms.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4676-en-apple_vs_google_client_platforms.webm 2011-12-28T00:00:00+01:00 Bruhns, FX of Phenoelit, greg No 28c3, Hacking How you end up being the Victim. We will discuss the two different approaches Apple and Google take for the client platforms iPad and Chromebook, how they are similar and how they are not. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4676.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4676-en-apple_vs_google_client_platforms.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4680-en-effective_dos_attacks_against_web_application_platforms.webm This talk will show how a common flaw in the implementation of most of the popular web programming languages and platforms (including PHP, ASP.NET, Java, etc.) can be (ab)used to force web application servers to use 99% of CPU for several minutes to hours for a single HTTP request. This attack is mostly independent of the underlying web application and just relies on a common fact of how web application servers typically work. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4680.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4680-en-effective_dos_attacks_against_web_application_platforms.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4680-en-effective_dos_attacks_against_web_application_platforms.webm 2011-12-28T00:00:00+01:00 Alexander ‘alech’ Klink, Julian | zeri No 28c3, Hacking We are the 99% (CPU usage) This talk will show how a common flaw in the implementation of most of the popular web programming languages and platforms (including PHP, ASP.NET, Java, etc.) can be (ab)used to force web application servers to use 99% of CPU for several minutes to hours for a single HTTP request. This attack is mostly independent of the underlying web application and just relies on a common fact of how web application servers typically work. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4680.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4680-en-effective_dos_attacks_against_web_application_platforms.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4686-en-implementation_of_mitm_attack_on_hdcp_secured_links.webm A man-in-the-middle attack on HDCP-secured video links is demonstrated. The attack is implemented on an embedded Linux platform, with the help of a Spartan-6 FPGA, and is capable of operating real-time on HD video links. It utilizes the HDCP master key to derive the corresponding private keys of the video source and sink through observation and computation upon the exchanged public keys. The man-in-the-middle then genlocks its raster and cipher state to the incoming video stream, enabling it to do pixel by pixel swapping of encrypted data. Since the link does no CRC or hash verification of the data, one is able to forge video using this method. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4686.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4686-en-implementation_of_mitm_attack_on_hdcp_secured_links.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4686-en-implementation_of_mitm_attack_on_hdcp_secured_links.webm 2011-12-29T00:00:00+01:00 bunnie No 28c3, Hacking A non-copyright circumventing application of the HDCP master key A man-in-the-middle attack on HDCP-secured video links is demonstrated. The attack is implemented on an embedded Linux platform, with the help of a Spartan-6 FPGA, and is capable of operating real-time on HD video links. It utilizes the HDCP master key to derive the corresponding private keys of the video source and sink through observation and computation upon the exchanged public keys. The man-in-the-middle then genlocks its raster and cipher state to the incoming video stream, enabling it to do pixel by pixel swapping of encrypted data. Since the link does no CRC or hash verification of the data, one is able to forge video using this method. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4686.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4686-en-implementation_of_mitm_attack_on_hdcp_secured_links.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4688-en-introducing_osmo_gmr.webm The latest member of the Osmocom-family projects, osmo-gmr focuses on the GMR-1 (GEO Mobile Radio) air interface used in some satellite Phones. This talk will shortly present the GMR protocol, the Thuraya network that uses this protocol in the Eurasian/African and Australian continents and finally details how you can capture samples and process them for analysis using osmo-gmr. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4688.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4688-en-introducing_osmo_gmr.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4688-en-introducing_osmo_gmr.webm 2011-12-29T00:00:00+01:00 Sylvain Munaut No 28c3, Hacking Building a sniffer for the GMR satphones The latest member of the Osmocom-family projects, osmo-gmr focuses on the GMR-1 (GEO Mobile Radio) air interface used in some satellite Phones. This talk will shortly present the GMR protocol, the Thuraya network that uses this protocol in the Eurasian/African and Australian continents and finally details how you can capture samples and process them for analysis using osmo-gmr. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4688.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4688-en-introducing_osmo_gmr.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4699-en-building_a_distributed_satellite_ground_station_network.webm As proposed by Nick Farr et al at CCCamp11, we - the hacker community - are in desperate need for our own communication infrastructure. So here we are, answering the call for the Hacker Space Program with our proposal of a distributed satellite communications ground station network. An affordable way to bring satellite communications to a hackerspace near you. We're proposing a multi-step approach to work towards this goal by setting up a distributed network of ground stations which will ensure a 24/7 communication window - first tracking, then communicating with satellites. The current state of a proof of concept implementation will be presented. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4699.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4699-en-building_a_distributed_satellite_ground_station_network.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4699-en-building_a_distributed_satellite_ground_station_network.webm 2011-12-28T00:00:00+01:00 Andreas -horn- Hornig, hadez No 28c3, Hacking Hackers need satellites. Hackers need internet over satellites. Satellites require ground stations. Let's build them! As proposed by Nick Farr et al at CCCamp11, we - the hacker community - are in desperate need for our own communication infrastructure. So here we are, answering the call for the Hacker Space Program with our proposal of a distributed satellite communications ground station network. An affordable way to bring satellite communications to a hackerspace near you. We're proposing a multi-step approach to work towards this goal by setting up a distributed network of ground stations which will ensure a 24/7 communication window - first tracking, then communicating with satellites. The current state of a proof of concept implementation will be presented. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4699.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4699-en-building_a_distributed_satellite_ground_station_network.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4700-en-what_is_whiteit.webm This talk will be about the WhiteIT project, initiated by Mr Schünemann, German Minister of Interior in the state of Lower Saxony. The WhiteIT project is concerned with combating the online-distribution of child abuse material. WhiteIT tries to develop tools and processes to cooperatively suppress the disemination and (re-)distribution of said material. During the Talk the lecturer will try to encourage some open source intelligence. So please consider bringing a laptop, netbook or tablet with you to help gather and collect certain informations right away. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4700.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4700-en-what_is_whiteit.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4700-en-what_is_whiteit.webm 2011-12-27T00:00:00+01:00 Christian Bahls -- MOGiS e.V. - Eine Stimme der Vernunft No 28c3, Society and Politics Why you probably want to be concerned about it and similiar alliances. This talk will be about the WhiteIT project, initiated by Mr Schünemann, German Minister of Interior in the state of Lower Saxony. The WhiteIT project is concerned with combating the online-distribution of child abuse material. WhiteIT tries to develop tools and processes to cooperatively suppress the disemination and (re-)distribution of said material. During the Talk the lecturer will try to encourage some open source intelligence. So please consider bringing a laptop, netbook or tablet with you to help gather and collect certain informations right away. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4700.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4700-en-what_is_whiteit.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4706-en-power_gadgets_with_your_own_electricity.webm This talk, consisting of five distinct parts, is intended to show the audience how to get electricity without needing a grid connection. It will give information on * Which energy sources to use * What to power with them * What equipment to get * How to wire it up * And some wishful thinking Participants should be able to assemble their own small-scale energy-generating systems after listening. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4706.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4706-en-power_gadgets_with_your_own_electricity.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4706-en-power_gadgets_with_your_own_electricity.webm 2011-12-28T00:00:00+01:00 Gunnar Thöle, Jörg Dürre No 28c3, Hacking escape the basement and make the sun work for you This talk, consisting of five distinct parts, is intended to show the audience how to get electricity without needing a grid connection. It will give information on * Which energy sources to use * What to power with them * What equipment to get * How to wire it up * And some wishful thinking Participants should be able to assemble their own small-scale energy-generating systems after listening. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4706.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4706-en-power_gadgets_with_your_own_electricity.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4707-en-your_disaster_crisis_revolution_just_got_pwned.webm Software is becoming more and more important in organizing response to all kinds of crises, whether that means activists responding to an unjust government or aid workers helping with the aftermath of a disaster. Security often isn't the first thing people think about in these situations -- they have work to get done, just like the rest of us, and many of these tools are built in the heat of the moment. In a crisis, a lack of security can make a small disaster into a big one. In this talk, we'll look at real world experiences of the security and privacy problems in the field, and how to fix them, at both large and small levels. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4707.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4707-en-your_disaster_crisis_revolution_just_got_pwned.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4707-en-your_disaster_crisis_revolution_just_got_pwned.webm 2011-12-30T00:00:00+01:00 Herr Urbach, willowbl00 No 28c3, Hacking Telecomix and Geeks without Bounds on Security and Crisis Response Software is becoming more and more important in organizing response to all kinds of crises, whether that means activists responding to an unjust government or aid workers helping with the aftermath of a disaster. Security often isn't the first thing people think about in these situations -- they have work to get done, just like the rest of us, and many of these tools are built in the heat of the moment. In a crisis, a lack of security can make a small disaster into a big one. In this talk, we'll look at real world experiences of the security and privacy problems in the field, and how to fix them, at both large and small levels. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4707.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4707-en-your_disaster_crisis_revolution_just_got_pwned.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4710-en-the_future_of_cryptology.webm The lessons and best practices of the titanic will be extracted. Are we ready? This will be a co-presentation (Jean-Jacques Quisquater / David Samyde) and occasional friendly exchange, with point and counter-point of different contrasting views on the impact of solving integer factorization and some other difficult problem in cryptography. The idea is to perform a provocative comparison between the 'unbreakable' RSA algorithm and the unsinkable Titanic. Receiving his RSA Conference Lifetime Achievement Award, Rivest said that it has not been demonstrated mathematically that factorization into primes is difficult. So “Factoring could turn out to be easy,” and according to him “maybe someone here will find the method”. Since 1994 and Shor's algorithm, the danger of quantum computer is known: breaking RSA in polynomial time. Factoring large numbers is conjectured to be computationally infeasible on classic non quantum computers. No efficient algorithm is known and the research in the last 30 years did not show enormous progress. Iceberg existence is predicted but not shown yet. According to Rivest a variety of alternative schemes have been developed in the decades since RSA was published, and a new system could probably be adopted quickly. This relies on solving factorization only, but several other cases can be considered, in some of them the action to replace RSA with a new algorithm could require more work than initially planned (solution to discrete logarithm). Managing the risk and the threat of the resolution of any major problem used in cryptography is crucial. This presentation challenges the conventional thinking using lessons learned from history. RSA users are everywhere so what could be the consequences of a break in the real world? What were the errors made on the Titanic? Can the best practices used be improved or just translated into a new scheme? What would be the impact of solving the RSA assumption on cryptography? The outline is: History of factorization Titanic primes and RSA keys Complexity, classes of algorithms and practical costs Risk analysis and Threat management Probability estimation and proactive monitoring From best to worst case Best methods and lessons learned Multiple scenari (Im)possibility of accurate prediction What to expect and how to be ready Conclusion Andrew Grove, former CEO of Intel said "Only the paranoid survive". Forecasting the presence of a strategic inflection point is hard. What to expect at the time of the next major cryptanalysis breakthrough? What history teaches? What remains to be done? Are we ready? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4710.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4710-en-the_future_of_cryptology.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4710-en-the_future_of_cryptology.webm 2011-12-29T00:00:00+01:00 Jean-Jacques Quisquater , Renaud Devaliere No 28c3, Hacking RMS Olympic, RMS Titanic, HMHS Britannic vs Discrete Logarithm, Integer factorization, Conjectured hard problems The lessons and best practices of the titanic will be extracted. Are we ready? This will be a co-presentation (Jean-Jacques Quisquater / David Samyde) and occasional friendly exchange, with point and counter-point of different contrasting views on the impact of solving integer factorization and some other difficult problem in cryptography. The idea is to perform a provocative comparison between the 'unbreakable' RSA algorithm and the unsinkable Titanic. Receiving his RSA Conference Lifetime Achievement Award, Rivest said that it has not been demonstrated mathematically that factorization into primes is difficult. So “Factoring could turn out to be easy,” and according to him “maybe someone here will find the method”. Since 1994 and Shor's algorithm, the danger of quantum computer is known: breaking RSA in polynomial time. Factoring large numbers is conjectured to be computationally infeasible on classic non quantum computers. No efficient algorithm is known and the research in the last 30 years did not show enormous progress. Iceberg existence is predicted but not shown yet. According to Rivest a variety of alternative schemes have been developed in the decades since RSA was published, and a new system could probably be adopted quickly. This relies on solving factorization only, but several other cases can be considered, in some of them the action to replace RSA with a new algorithm could require more work than initially planned (solution to discrete logarithm). Managing the risk and the threat of the resolution of any major problem used in cryptography is crucial. This presentation challenges the conventional thinking using lessons learned from history. RSA users are everywhere so what could be the consequences of a break in the real world? What were the errors made on the Titanic? Can the best practices used be improved or just translated into a new scheme? What would be the impact of solving the RSA assumption on cryptography? The outline is: History of factorization Titanic primes and RSA keys Complexity, classes of algorithms and practical costs Risk analysis and Threat management Probability estimation and proactive monitoring From best to worst case Best methods and lessons learned Multiple scenari (Im)possibility of accurate prediction What to expect and how to be ready Conclusion Andrew Grove, former CEO of Intel said "Only the paranoid survive". Forecasting the presence of a strategic inflection point is hard. What to expect at the time of the next major cryptanalysis breakthrough? What history teaches? What remains to be done? Are we ready? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4710.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4710-en-the_future_of_cryptology.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4711-en-the_atari_2600_video_computer_system_the_ultimate_talk.webm Going more retro than the Commodore C=64: The Atari 2600 VCS was the breakthrough for video games in your own living room. This lecture will cover a bit of the history on how it came to live, describes the hardware used and shows how to write your own code for it. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4711.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4711-en-the_atari_2600_video_computer_system_the_ultimate_talk.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4711-en-the_atari_2600_video_computer_system_the_ultimate_talk.webm 2011-12-27T00:00:00+01:00 Sven Oliver ('SvOlli') Moll No 28c3, Hacking The history, the hardware and how to write programs Going more retro than the Commodore C=64: The Atari 2600 VCS was the breakthrough for video games in your own living room. This lecture will cover a bit of the history on how it came to live, describes the hardware used and shows how to write your own code for it. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4711.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4711-en-the_atari_2600_video_computer_system_the_ultimate_talk.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4712-en-mining_your_geotags.webm A practical discussion of how potentially revolutionary, yet ethically questionable data---such as that from facebook---is currently being handled in academia. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4712.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4712-en-mining_your_geotags.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4712-en-mining_your_geotags.webm 2011-12-28T00:00:00+01:00 Conrad Lee No 28c3, Society and Politics Academia, social media data, and privacy A practical discussion of how potentially revolutionary, yet ethically questionable data---such as that from facebook---is currently being handled in academia. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4712.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4712-en-mining_your_geotags.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4713-en-what_is_in_a_name.webm Starting with the history of birth-registration an overview on the historical regimes of naming and identifying people from the 15th to the 20th century is given. the talk will show examples of the different identity media through time and their standardization with the rise of the westphalian nation state and the subsequent developments after the french revolution and during the 20th century. the goal of the talk is to show the complexity of the phenomenon of personal names and their media and the need for an informed debate on who and how naming and identification in the digital age is achieved. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4713.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4713-en-what_is_in_a_name.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4713-en-what_is_in_a_name.webm 2011-12-27T00:00:00+01:00 Christoph Engemann No 28c3, Society and Politics Identity-Regimes from 1500 to the 2000s Starting with the history of birth-registration an overview on the historical regimes of naming and identifying people from the 15th to the 20th century is given. the talk will show examples of the different identity media through time and their standardization with the rise of the westphalian nation state and the subsequent developments after the french revolution and during the 20th century. the goal of the talk is to show the complexity of the phenomenon of personal names and their media and the need for an informed debate on who and how naming and identification in the digital age is achieved. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4713.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4713-en-what_is_in_a_name.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4721-en-pentanews_game_show_2k11.webm The Penta News Game Show rehashes a collection of absurd, day-to-day news items of 2011 to entertain the audience, let the Net participate, and make it's winners heroes. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4721.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4721-en-pentanews_game_show_2k11.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4721-en-pentanews_game_show_2k11.webm 2011-12-27T00:00:00+01:00 Alien8, _john, klobs No 28c3, Show 42 new questions, new jokers, same concept, more fun than last year! The Penta News Game Show rehashes a collection of absurd, day-to-day news items of 2011 to entertain the audience, let the Net participate, and make it's winners heroes. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4721.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4721-en-pentanews_game_show_2k11.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4722-de-dick_size_war_for_nerds.webm Hier geht es um die Gretchenfrage: „Welches Tool ist das beste?“ Dabei treten zwei Teams gegeneinander an und müssen live verschiedene $RANDOM\_NERD\_TASK auf ihren eigenen Rechnern lösen. Wer dabei zeigt, dass sein Tool das schnellere, schlankere, mächtigere, längere, größere^w^w^w^wist, gewinnt. Durch das Programm führen Jan „git-zsh-keynote-firefox“ Wulfes und Benjamin „bzr-fish-latexbeamer-chrome“ Kellermann. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4722.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4722-de-dick_size_war_for_nerds.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4722-de-dick_size_war_for_nerds.webm 2011-12-28T00:00:00+01:00 Benjamin Kellermann, klobs No 28c3, Show Mein Ruby ist besser als dein urxvt! Hier geht es um die Gretchenfrage: „Welches Tool ist das beste?“ Dabei treten zwei Teams gegeneinander an und müssen live verschiedene $RANDOM\_NERD\_TASK auf ihren eigenen Rechnern lösen. Wer dabei zeigt, dass sein Tool das schnellere, schlankere, mächtigere, längere, größere^w^w^w^wist, gewinnt. Durch das Programm führen Jan „git-zsh-keynote-firefox“ Wulfes und Benjamin „bzr-fish-latexbeamer-chrome“ Kellermann. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4722.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4722-de-dick_size_war_for_nerds.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4723-en-dc_plus_the_protocol.webm The idea of Dining Cryptographers-Networks (DC) offers a much better anonymity compared to MIX-Networks: Defined anonymity sets, no need to trust in a central service, no possible attack for data retention. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4723.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4723-en-dc_plus_the_protocol.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4723-en-dc_plus_the_protocol.webm 2011-12-30T00:00:00+01:00 klobs No 28c3, Hacking Technical defense against data retention law The idea of Dining Cryptographers-Networks (DC) offers a much better anonymity compared to MIX-Networks: Defined anonymity sets, no need to trust in a central service, no possible attack for data retention. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4723.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4723-en-dc_plus_the_protocol.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4730-en-crowdsourcing_genome_wide_association_studies.webm It was only a couple of years ago that generating genetic information about individuals was expensive and laborious work. Modern techniques have drastically cut cost and time needed to get an insight into one's genome and have ultimately led to the formation of personal genetics companies – like 23andMe, deCODEme and others – that now offer direct-to-customer genetic testing. With a price tag of those tests starting at about 100 €, the number of people that do such tests is on the rise. By now, 23andMe alone has over 100.000 paying customers, with over 60.000 of them willing to donate their genetic data and to actively participate in research projects by filling out surveys, e.g. on their medical histories. This has resulted in a high-quality dataset with genetic information of 60.000 individuals. The best part: The data has already been paid for by the participants in the research. Who would not love to get their hands on data like this? Unfortunately, the data sits locked away in corporate vaults, inaccessible to interested (citizen) scientists. But what if we could change this? We've created openSNP, a central, open source, free-to-use repository which lets customers of genotyping companies upload their genotyping data and annotate them with phenotypes. OpenSNP provides its users with the latest scientific research on their genotypes and lets scientists download annotated genotypes to make science more open. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4730.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4730-en-crowdsourcing_genome_wide_association_studies.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4730-en-crowdsourcing_genome_wide_association_studies.webm 2011-12-28T00:00:00+01:00 Bastian Greshake, Philipp Bayer No 28c3, Science Freeing Genetic Data from Corporate Vaults It was only a couple of years ago that generating genetic information about individuals was expensive and laborious work. Modern techniques have drastically cut cost and time needed to get an insight into one's genome and have ultimately led to the formation of personal genetics companies – like 23andMe, deCODEme and others – that now offer direct-to-customer genetic testing. With a price tag of those tests starting at about 100 €, the number of people that do such tests is on the rise. By now, 23andMe alone has over 100.000 paying customers, with over 60.000 of them willing to donate their genetic data and to actively participate in research projects by filling out surveys, e.g. on their medical histories. This has resulted in a high-quality dataset with genetic information of 60.000 individuals. The best part: The data has already been paid for by the participants in the research. Who would not love to get their hands on data like this? Unfortunately, the data sits locked away in corporate vaults, inaccessible to interested (citizen) scientists. But what if we could change this? We've created openSNP, a central, open source, free-to-use repository which lets customers of genotyping companies upload their genotyping data and annotate them with phenotypes. OpenSNP provides its users with the latest scientific research on their genotypes and lets scientists download annotated genotypes to make science more open. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4730.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4730-en-crowdsourcing_genome_wide_association_studies.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4732-en-datamining_for_hackers.webm This talk presents Traffic Mining (TM) particularly in regard to VoiP applications such as Skype. TM is a method to digest and understand large quantities of data. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4732.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4732-en-datamining_for_hackers.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4732-en-datamining_for_hackers.webm 2011-12-27T00:00:00+01:00 Stefan Burschka No 28c3, Hacking Encrypted Traffic Mining This talk presents Traffic Mining (TM) particularly in regard to VoiP applications such as Skype. TM is a method to digest and understand large quantities of data. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4732.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4732-en-datamining_for_hackers.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4735-en-reverse_engineering_a_qualcomm_baseband.webm Despite their wide presence in our lives, baseband chips are still nowadays poorly known and understood from a system point of view. Some presentations have hilighted vulnerabilities in GSM stacks across various models of basebands (cf. 27c3: _All your baseband are belong to us_ by R-P. Weinmann). However none of them actually focused on the details of how a baseband operating system really works. This is the focus of our presentation. From the study of a simple 3G USB stick equipped with a Qualcomm baseband, we will discuss how to dump the volatile memory, reverse-engineer the proprietary RTOS, and ultimately execute and debug code while trying to preserve the real-time system constraints. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4735.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4735-en-reverse_engineering_a_qualcomm_baseband.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4735-en-reverse_engineering_a_qualcomm_baseband.webm 2011-12-28T00:00:00+01:00 Guillaume Delugré No 28c3, Hacking Despite their wide presence in our lives, baseband chips are still nowadays poorly known and understood from a system point of view. Some presentations have hilighted vulnerabilities in GSM stacks across various models of basebands (cf. 27c3: _All your baseband are belong to us_ by R-P. Weinmann). However none of them actually focused on the details of how a baseband operating system really works. This is the focus of our presentation. From the study of a simple 3G USB stick equipped with a Qualcomm baseband, we will discuss how to dump the volatile memory, reverse-engineer the proprietary RTOS, and ultimately execute and debug code while trying to preserve the real-time system constraints. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4735.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4735-en-reverse_engineering_a_qualcomm_baseband.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4736-en-defending_mobile_phones.webm Cell phone users face an increasing frequency and depth of privacy intruding attacks. Defense knowledge has not scaled at the same speed as attack capabilities. This talk intends to revert this imbalance. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4736.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4736-en-defending_mobile_phones.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4736-en-defending_mobile_phones.webm 2011-12-27T00:00:00+01:00 Karsten Nohl, Luca Melette No 28c3, Hacking Cell phone users face an increasing frequency and depth of privacy intruding attacks. Defense knowledge has not scaled at the same speed as attack capabilities. This talk intends to revert this imbalance. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4736.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4736-en-defending_mobile_phones.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4738-de-echtes_netz.webm Anfang 2012 startet "Echtes Netz", die Kampagne für Netzneutralität, die vom Digitale Gesellschaft e.V. initiert und von der stiftung bridge gefördert wird. Die Kampagne macht sich zur Aufgabe, das Bewusstsein für den Wert eines echten Netzes zu steigern und mit Offline- und Onlineaktionen für eine gesetzliche Verankerung der Netzneutralität zu werben. Der Vortrag gibt einen Überblick auf die Debatte rund um die Netzneutralität in Deutschland und der EU und einen einen Ausblick auf die Kampagne. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4738.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4738-de-echtes_netz.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4738-de-echtes_netz.webm 2011-12-28T00:00:00+01:00 Falk Lüke, Markus Beckedahl No 28c3, Society and Politics Kampagne für Netzneutralität Anfang 2012 startet "Echtes Netz", die Kampagne für Netzneutralität, die vom Digitale Gesellschaft e.V. initiert und von der stiftung bridge gefördert wird. Die Kampagne macht sich zur Aufgabe, das Bewusstsein für den Wert eines echten Netzes zu steigern und mit Offline- und Onlineaktionen für eine gesetzliche Verankerung der Netzneutralität zu werben. Der Vortrag gibt einen Überblick auf die Debatte rund um die Netzneutralität in Deutschland und der EU und einen einen Ausblick auf die Kampagne. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4738.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4738-de-echtes_netz.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4740-de-frag_den_staat.webm FragDenStaat.de startete am 1. August 2011 als Plattform zum Stellen von Anfragen nach dem Informationsfreiheitsgesetz und veröffentlicht dort die Korrespondenz mit den Behörden nach dem Vorbild von whatdotheyknow.com and befreite-dokumente.de. Der Vortrag wird die Plattform vorstellen, zeigen wie die Seite Antragssteller bei ihrem Recht auf Akteneinsicht unterstützt und die interessantesten Vorfälle genauer beleuchten. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4740.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4740-de-frag_den_staat.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4740-de-frag_den_staat.webm 2011-12-29T00:00:00+01:00 Stefan Wehrmeyer No 28c3, Society and Politics Praktische Informationsfreiheit FragDenStaat.de startete am 1. August 2011 als Plattform zum Stellen von Anfragen nach dem Informationsfreiheitsgesetz und veröffentlicht dort die Korrespondenz mit den Behörden nach dem Vorbild von whatdotheyknow.com and befreite-dokumente.de. Der Vortrag wird die Plattform vorstellen, zeigen wie die Seite Antragssteller bei ihrem Recht auf Akteneinsicht unterstützt und die interessantesten Vorfälle genauer beleuchten. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4740.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4740-de-frag_den_staat.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4741-en-neo_feudalism_or_why_julian_assange_might_be_wrong_after_all.webm In his now (in)famous pamphlet "Conspiracy as Governance" Julian Assange (JA) argues about the need for leaking as an efficient way to destroy "unjust" groups as the neo-feudalistic ones - luring the conspiracy theory leaning hacker community into his belief system. Eventually, JA used a biologistic argument on the benefits and drawbacks that uncontrolled leaking might pose for "just" and "unjust" systems, arriving at the conclusion that "unjust" systems are hurt more and thus will be less viable, essentially being destroyed by more "just" systems. While an innovative proposal, the underlying assumptions on complexity, network theory, and especially the evolutionary perspectives were never critically assessed. Some blogs and media raised questions on details and potential threats to innocent bystanders. Still, fundamental problems with the philosophy were never addressed. This paper argues against the general validity of such theories. In particular, we will refute some of the biologistic arguments. Theoretical biology has long ago pointed out the hidden complexity in evolutionary processes and as such the envisioned "leaking revolution" might be a limited artifact: there might even arise situations where the leaking envisioned and encouraged by Wikileaks and the like can actually strengthen some "conspiracies". In this paper I will describe some research questions, that should be answered before given the “leaking philosophy” an unconditioned “thumbs-up”. Empirically, for example, a potential strengthening is illustrated by the rise of a 'neo-feudalistic economy', which is linked closely to the paradigm of "intellectual property" as it is to the security-financial-political complex. The players have effectively created a closed network or a "conspiracy" and might be resilient towards Wikileaks-like attacks. The paper concludes with an alternative to that proposal; in particular, a way to deal with the 'conspiracy' that might be coined the rise of the neo-feudalistic society (which in itself is a self-sustainable, self-amplifying feedback loop, not necessarily a conscious conspiracy). about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4741.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4741-en-neo_feudalism_or_why_julian_assange_might_be_wrong_after_all.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4741-en-neo_feudalism_or_why_julian_assange_might_be_wrong_after_all.webm 2011-12-30T00:00:00+01:00 Kay Hamacher No 28c3, Society and Politics In his now (in)famous pamphlet "Conspiracy as Governance" Julian Assange (JA) argues about the need for leaking as an efficient way to destroy "unjust" groups as the neo-feudalistic ones - luring the conspiracy theory leaning hacker community into his belief system. Eventually, JA used a biologistic argument on the benefits and drawbacks that uncontrolled leaking might pose for "just" and "unjust" systems, arriving at the conclusion that "unjust" systems are hurt more and thus will be less viable, essentially being destroyed by more "just" systems. While an innovative proposal, the underlying assumptions on complexity, network theory, and especially the evolutionary perspectives were never critically assessed. Some blogs and media raised questions on details and potential threats to innocent bystanders. Still, fundamental problems with the philosophy were never addressed. This paper argues against the general validity of such theories. In particular, we will refute some of the biologistic arguments. Theoretical biology has long ago pointed out the hidden complexity in evolutionary processes and as such the envisioned "leaking revolution" might be a limited artifact: there might even arise situations where the leaking envisioned and encouraged by Wikileaks and the like can actually strengthen some "conspiracies". In this paper I will describe some research questions, that should be answered before given the “leaking philosophy” an unconditioned “thumbs-up”. Empirically, for example, a potential strengthening is illustrated by the rise of a 'neo-feudalistic economy', which is linked closely to the paradigm of "intellectual property" as it is to the security-financial-political complex. The players have effectively created a closed network or a "conspiracy" and might be resilient towards Wikileaks-like attacks. The paper concludes with an alternative to that proposal; in particular, a way to deal with the 'conspiracy' that might be coined the rise of the neo-feudalistic society (which in itself is a self-sustainable, self-amplifying feedback loop, not necessarily a conscious conspiracy). about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4741.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4741-en-neo_feudalism_or_why_julian_assange_might_be_wrong_after_all.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4742-en-from_press_freedom_to_the_freedom_of_information.webm This talk is about: - Information freedom and the issues for the citizens - RWB ressources: a “human network” - RWB needs: Get involved! about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4742.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4742-en-from_press_freedom_to_the_freedom_of_information.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4742-en-from_press_freedom_to_the_freedom_of_information.webm 2011-12-30T00:00:00+01:00 Reporters Without Borders No 28c3, Society and Politics Why every citizen should be concerned This talk is about: - Information freedom and the issues for the citizens - RWB ressources: a “human network” - RWB needs: Get involved! about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4742.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4742-en-from_press_freedom_to_the_freedom_of_information.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4746-en-bitcoin_an_analysis.webm Bitcoin is the first distributed, digital currency. It received a lot of attention recently as it questions the state monopoly to issue legal tender. It relies on distributed proof-of-work concepts to ensure money-like characteristics. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4746.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4746-en-bitcoin_an_analysis.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4746-en-bitcoin_an_analysis.webm 2011-12-29T00:00:00+01:00 Kay Hamacher, Stefan Katzenbeisser No 28c3, Hacking Bitcoin is the first distributed, digital currency. It received a lot of attention recently as it questions the state monopoly to issue legal tender. It relies on distributed proof-of-work concepts to ensure money-like characteristics. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4746.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4746-en-bitcoin_an_analysis.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4748-en-the_best_of_the_oxcars.webm The Best of the oXcars! OXcars is fun. oXcars is empowering the people. Presentation and screening of the best of the oXcars 2011, 2010, 2009, 2008. Because their business is not our business. Every year, in Barcelona 1500 people gather for the biggest free/libre culture Show of all times ;-). Artists and performers from all areas of Spanish and international culture take part in a "Gala";-) in which artists say "Not in my name" to the commercialisation of culture, "Not in my name" to limiting the potential of digital media and to criminalization of the Internet. Civil society demands the 'lost profits' of all the knowledge that is being withheld and stolen from public use in the name of private profits. http://oxcars11.whois--x.net/en/ http://oxcars10.whois--x.net/en/ http://oxcars09.whois--x.net/en/ http://whois--x.net/proyectos/oxcars-08 about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4748.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4748-en-the_best_of_the_oxcars.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4748-en-the_best_of_the_oxcars.webm 2011-12-29T00:00:00+01:00 Simona Xnet No 28c3, Culture the greatest free/Libre culture show of all times The Best of the oXcars! OXcars is fun. oXcars is empowering the people. Presentation and screening of the best of the oXcars 2011, 2010, 2009, 2008. Because their business is not our business. Every year, in Barcelona 1500 people gather for the biggest free/libre culture Show of all times ;-). Artists and performers from all areas of Spanish and international culture take part in a "Gala";-) in which artists say "Not in my name" to the commercialisation of culture, "Not in my name" to limiting the potential of digital media and to criminalization of the Internet. Civil society demands the 'lost profits' of all the knowledge that is being withheld and stolen from public use in the name of private profits. http://oxcars11.whois--x.net/en/ http://oxcars10.whois--x.net/en/ http://oxcars09.whois--x.net/en/ http://whois--x.net/proyectos/oxcars-08 about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4748.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4748-en-the_best_of_the_oxcars.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4749-en-does_hacktivism_matter.webm Do you remember those days when hackers were “real men?” When hacking was not yet a crime and the cyberspace an undiscovered land? Just before anti-hacking laws were introduced in Germany? Back in these days, the famous founding father of the CCC made the Bundespost (Germany's Federal Mail Service) meet its Waterloo, when they hacked Bildschirmtext (Btx)—the epitome of both technological utopias and dystopias at that time. But soon, hackers suffered a setback: new laws criminalized hacking in the name of fighting white-collar crimes. Simultaneously to the laws, things were getting rougher in the media and the public opinion. While being seen as a weird vanguard of technology before, hackers soon became pranksters and outlaws. Apparently hacktivism, the portmanteau word for hacking activism, had failed to shape the policies in the dawning information society. However, there are evidences that hacktivism had an impact on the new computer crime legislation—not in terms of having more, but less restrictions implemented in the law. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4749.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4749-en-does_hacktivism_matter.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4749-en-does_hacktivism_matter.webm 2011-12-27T00:00:00+01:00 Kai Denker No 28c3, Society and Politics How the Btx hack changed computer law-making in Germany Do you remember those days when hackers were “real men?” When hacking was not yet a crime and the cyberspace an undiscovered land? Just before anti-hacking laws were introduced in Germany? Back in these days, the famous founding father of the CCC made the Bundespost (Germany's Federal Mail Service) meet its Waterloo, when they hacked Bildschirmtext (Btx)—the epitome of both technological utopias and dystopias at that time. But soon, hackers suffered a setback: new laws criminalized hacking in the name of fighting white-collar crimes. Simultaneously to the laws, things were getting rougher in the media and the public opinion. While being seen as a weird vanguard of technology before, hackers soon became pranksters and outlaws. Apparently hacktivism, the portmanteau word for hacking activism, had failed to shape the policies in the dawning information society. However, there are evidences that hacktivism had an impact on the new computer crime legislation—not in terms of having more, but less restrictions implemented in the law. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4749.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4749-en-does_hacktivism_matter.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4753-en-the_movement_against_state_controlled_internet_in_turkey.webm We are members of Alternatif Bilişim Derneği (Alternative Informatics Association)**, one of many organizations that oppose the ongoing efforts for state-controlled Internet in Turkey. We see that the problems with media control in Turkey and in Europe are increasingly becoming part of a global problem. The governments are working on their own view of a 'secure' Internet, and we have to articulate and suggest an alternative. In our talk we want to give an account of our anti-censorship movement and the challenges we face in Turkey. We will first provide an overview of the political events; sanctions, censorship regulations and attempts of resistance in the country. Then, we will point out the main problems we face in making use of laws and technology against state control. We would also like to use our presentation as an opportunity to meet people at the CCC with similar affinities and to learn from their experience. We see a great need to create global networks and communities to articulate an alternative message; the Internet as the peoples’ media. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4753.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4753-en-the_movement_against_state_controlled_internet_in_turkey.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4753-en-the_movement_against_state_controlled_internet_in_turkey.webm 2011-12-27T00:00:00+01:00 Barış, seda No 28c3, Society and Politics A short account of its history and future challenges We are members of Alternatif Bilişim Derneği (Alternative Informatics Association)**, one of many organizations that oppose the ongoing efforts for state-controlled Internet in Turkey. We see that the problems with media control in Turkey and in Europe are increasingly becoming part of a global problem. The governments are working on their own view of a 'secure' Internet, and we have to articulate and suggest an alternative. In our talk we want to give an account of our anti-censorship movement and the challenges we face in Turkey. We will first provide an overview of the political events; sanctions, censorship regulations and attempts of resistance in the country. Then, we will point out the main problems we face in making use of laws and technology against state control. We would also like to use our presentation as an opportunity to meet people at the CCC with similar affinities and to learn from their experience. We see a great need to create global networks and communities to articulate an alternative message; the Internet as the peoples’ media. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4753.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4753-en-the_movement_against_state_controlled_internet_in_turkey.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4754-en-smart_hacking_for_privacy.webm Advanced metering devices (aka smart meters) are nowadays being installed throughout electric networks in Germany, in other parts of Europe and in the United States. Due to a recent amendment especially in Germany they become more and more popular and are obligatory for new and refurbished buildings. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4754.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4754-en-smart_hacking_for_privacy.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4754-en-smart_hacking_for_privacy.webm 2011-12-30T00:00:00+01:00 Dario Carluccio, Stephan Brinkhaus No 28c3, Hacking Advanced metering devices (aka smart meters) are nowadays being installed throughout electric networks in Germany, in other parts of Europe and in the United States. Due to a recent amendment especially in Germany they become more and more popular and are obligatory for new and refurbished buildings. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4754.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4754-en-smart_hacking_for_privacy.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4755-en-counterlobbying_eu_institutions.webm Return of experience about opposing #censorship #ACTA #censilia #copywrong and promoting #openness and #netneutrality to the EU institutions. Strategic and tactical perspectives by two old and tired activists. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4755.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4755-en-counterlobbying_eu_institutions.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4755-en-counterlobbying_eu_institutions.webm 2011-12-28T00:00:00+01:00 Christian Bahls - MOGiS e.V., Jérémie Zimmermann No 28c3, Society and Politics How to attempt to counter the influence of industry lobbyists and political forces aiming towards increasing control over the Internet Return of experience about opposing #censorship #ACTA #censilia #copywrong and promoting #openness and #netneutrality to the EU institutions. Strategic and tactical perspectives by two old and tired activists. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4755.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4755-en-counterlobbying_eu_institutions.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4756-en-quantified_self_and_neurofeedback_mind_hacking.webm Hacking Mind and Body – self knowledge through numbers and mental reprogramming Since ancient times humans were trying to improve themselves. Today we have open-source computer technology that helps us. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4756.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4756-en-quantified_self_and_neurofeedback_mind_hacking.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4756-en-quantified_self_and_neurofeedback_mind_hacking.webm 2011-12-28T00:00:00+01:00 Christian Kleineidam, MetaMind Evolution No 28c3, Hacking Transhumanism, Self-Optimization and Neurofeedback for post-modern hackers Hacking Mind and Body – self knowledge through numbers and mental reprogramming Since ancient times humans were trying to improve themselves. Today we have open-source computer technology that helps us. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4756.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4756-en-quantified_self_and_neurofeedback_mind_hacking.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4758-de-ein_mittelsmannangriff_auf_ein_digitales_signiergeraet.webm In dieser Arbeit wird gezeigt, wie unter Ausnutzung einer ungesicherten Verbindung zwischen einer sicheren Signaturerstellungseinheit und einem Anwender-PC eine qualifizierte elektronische Signatur gefälscht werden kann. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4758.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4758-de-ein_mittelsmannangriff_auf_ein_digitales_signiergeraet.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4758-de-ein_mittelsmannangriff_auf_ein_digitales_signiergeraet.webm 2011-12-28T00:00:00+01:00 Alexander Koch No 28c3, Hacking Bachelorarbeit Informatik Uni Kiel SS 2011 In dieser Arbeit wird gezeigt, wie unter Ausnutzung einer ungesicherten Verbindung zwischen einer sicheren Signaturerstellungseinheit und einem Anwender-PC eine qualifizierte elektronische Signatur gefälscht werden kann. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4758.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4758-de-ein_mittelsmannangriff_auf_ein_digitales_signiergeraet.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4759-en-open_source_music_tracking_2_0.webm Tracking is so 1990s. Nowadays MP3 and other similar formats are overwhelmingly more popular. But is this really a step forward? A (very) brief history of computer music, where we are at now, and why I think people are headed in the wrong direction. And what we can do about it. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4759.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4759-en-open_source_music_tracking_2_0.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4759-en-open_source_music_tracking_2_0.webm 2011-12-29T00:00:00+01:00 Tom Hargreaves No 28c3, Hacking Tracking is so 1990s. Nowadays MP3 and other similar formats are overwhelmingly more popular. But is this really a step forward? A (very) brief history of computer music, where we are at now, and why I think people are headed in the wrong direction. And what we can do about it. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4759.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4759-en-open_source_music_tracking_2_0.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4760-en-chokepointproject.webm The object of the lecture is to present and discuss the chokepointproject. How it (will) attempt(s) to aggregate and visualize near-realtime global internetwork data and augment this visualisation with legislative, commercial(ownership) and circumvention information. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4760.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4760-en-chokepointproject.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4760-en-chokepointproject.webm 2011-12-30T00:00:00+01:00 Ruben Bloemgarten No 28c3, Hacking Aggregating and Visualizing (lack of) Transparancy Data in near-realtime The object of the lecture is to present and discuss the chokepointproject. How it (will) attempt(s) to aggregate and visualize near-realtime global internetwork data and augment this visualisation with legislative, commercial(ownership) and circumvention information. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4760.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4760-en-chokepointproject.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4761-en-new_ways_im_going_to_hack_your_web_app.webm Writing secure code is hard.  Even when people do it basically right there are sometimes edge cases that can be exploited. Most the time writing code that works isn’t even the hard part,  it’s keeping up with the changing attack techniques while still keeping an eye on all the old issues that can come back to bite you, straddling the ancient world of the 90’s RFCs and 2010’s HTML5 compatible browsers.  A lot like how Indiana Jones bridges the ancient and the modern...  Except for Indiana Jones 4. Let’s never talk about that again. Ever.   Take Facebook, Office 365, Wordpress, Exchange, and Live. These are applications that had decent mitigations to standard threats, but they all had edge cases. Using a mix of old and new ingredients, we’ll provide a sampler plate of clickjacking protection bypasses, CSRF mitigation bypasses, "non-exploitable" XSS attacks that are suddenly exploitable and XML attacks where you can actually get a shell; and we'll talk about how to defend against these attacks. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4761.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4761-en-new_ways_im_going_to_hack_your_web_app.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4761-en-new_ways_im_going_to_hack_your_web_app.webm 2011-12-29T00:00:00+01:00 Jesse Ou, Rich No 28c3, Hacking Writing secure code is hard.  Even when people do it basically right there are sometimes edge cases that can be exploited. Most the time writing code that works isn’t even the hard part,  it’s keeping up with the changing attack techniques while still keeping an eye on all the old issues that can come back to bite you, straddling the ancient world of the 90’s RFCs and 2010’s HTML5 compatible browsers.  A lot like how Indiana Jones bridges the ancient and the modern...  Except for Indiana Jones 4. Let’s never talk about that again. Ever.   Take Facebook, Office 365, Wordpress, Exchange, and Live. These are applications that had decent mitigations to standard threats, but they all had edge cases. Using a mix of old and new ingredients, we’ll provide a sampler plate of clickjacking protection bypasses, CSRF mitigation bypasses, "non-exploitable" XSS attacks that are suddenly exploitable and XML attacks where you can actually get a shell; and we'll talk about how to defend against these attacks. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4761.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4761-en-new_ways_im_going_to_hack_your_web_app.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4763-en-the_science_of_insecurity.webm Why is the overwhelming majority of common networked software still not secure, despite all effort to the contrary? Why is it almost certain to get exploited so long as attackers can craft its inputs? Why is it the case that no amount of effort seems to be enough to fix software that must speak certain protocols? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4763.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4763-en-the_science_of_insecurity.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4763-en-the_science_of_insecurity.webm 2011-12-28T00:00:00+01:00 Meredith L. Patterson, Sergey No 28c3, Hacking Why is the overwhelming majority of common networked software still not secure, despite all effort to the contrary? Why is it almost certain to get exploited so long as attackers can craft its inputs? Why is it the case that no amount of effort seems to be enough to fix software that must speak certain protocols? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4763.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4763-en-the_science_of_insecurity.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4764-en-automatic_algorithm_invention_with_a_gpu.webm You write software. You test software. You know how to tell if the software is working. Automate your software testing sufficiently and you can let the computer do the writing for you! "Genetic Programming", especially "Cartesian Genetic Programming" (CGP), is a powerful tool for creating software and designing physical objects. See how to do CGP as we invent image filters for the Part Time Scientists' 3D cameras. Danger: Actual code will be shown! about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4764.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4764-en-automatic_algorithm_invention_with_a_gpu.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4764-en-automatic_algorithm_invention_with_a_gpu.webm 2011-12-27T00:00:00+01:00 Wes Faler No 28c3, Hacking Hell Yeah, it's rocket science You write software. You test software. You know how to tell if the software is working. Automate your software testing sufficiently and you can let the computer do the writing for you! "Genetic Programming", especially "Cartesian Genetic Programming" (CGP), is a powerful tool for creating software and designing physical objects. See how to do CGP as we invent image filters for the Part Time Scientists' 3D cameras. Danger: Actual code will be shown! about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4764.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4764-en-automatic_algorithm_invention_with_a_gpu.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4766-en-802_11_packets_in_packets.webm New to 2011, Packet-in-Packet exploits allow for injection of raw radio frames into remote wireless networks. In these exploits, an attacker crafts a string that when transmitted over the air creates the symbols of a complete and valid radio packet. When radio interference damages the beginning of the outer packet, the receiver is tricked into seeing only the inner packet, allowing a frame to be remotely injected. The attacker requires no radio, and injection occurs without a software or hardware bug. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4766.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4766-en-802_11_packets_in_packets.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4766-en-802_11_packets_in_packets.webm 2011-12-27T00:00:00+01:00 Travis Goodspeed No 28c3, Hacking A Standard-Compliant Exploit of Layer 1 New to 2011, Packet-in-Packet exploits allow for injection of raw radio frames into remote wireless networks. In these exploits, an attacker crafts a string that when transmitted over the air creates the symbols of a complete and valid radio packet. When radio interference damages the beginning of the outer packet, the receiver is tricked into seeing only the inner packet, allowing a frame to be remotely injected. The attacker requires no radio, and injection occurs without a software or hardware bug. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4766.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4766-en-802_11_packets_in_packets.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4767-en-security_log_visualization_with_a_correlation_engine.webm This brief session focuses on the visualization of actual security incidents, network forensics and counter surveillance of covert criminal communications utilizing large data sets from various security logs and a very brief introduction to correlation engine logic. Visually displaying security or network issues can express the risk or urgency in a way a set of dry logs or other methods might not be able to. Additionally, many organizations rely on a more singular approach and react to security events, many times from a high false positive rate source such as isolated intrusion prevention or firewall alerts, or relying only on anti-virus alerts. Utilizing a correlation engine (especially open source) or similar applications could offer a method of discovering or in some cases proactively detecting issues. The research discussed involves analysis and interrogation of firewall, intrusion detection and prevention systems, web proxy logs and available security research. What does a compromised server infected with spam malware look like or cyber warfare? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4767.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4767-en-security_log_visualization_with_a_correlation_engine.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4767-en-security_log_visualization_with_a_correlation_engine.webm 2011-12-29T00:00:00+01:00 Chris Kubecka No 28c3, Hacking What's inside your network? This brief session focuses on the visualization of actual security incidents, network forensics and counter surveillance of covert criminal communications utilizing large data sets from various security logs and a very brief introduction to correlation engine logic. Visually displaying security or network issues can express the risk or urgency in a way a set of dry logs or other methods might not be able to. Additionally, many organizations rely on a more singular approach and react to security events, many times from a high false positive rate source such as isolated intrusion prevention or firewall alerts, or relying only on anti-virus alerts. Utilizing a correlation engine (especially open source) or similar applications could offer a method of discovering or in some cases proactively detecting issues. The research discussed involves analysis and interrogation of firewall, intrusion detection and prevention systems, web proxy logs and available security research. What does a compromised server infected with spam malware look like or cyber warfare? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4767.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4767-en-security_log_visualization_with_a_correlation_engine.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4768-en-eating_in_the_anthropocene.webm Over the last few years hackers have begun to take a larger interest in food, gastronomy and agriculture. For many in the community the ability to create DIY molecular gastronomy hardware and recipes is an obvious entry point. This talk extends some of these early investigations beyond the kitchen and the chemical properties of food by looking at specific cultivars, food technology organizations, and connections between food systems, ecosystems and planetary change. Part 1 of the talk explores some of the more bizarre and interesting biotechnologies and genomes that make up the human food system on planet earth, including Chinese Space Potatoes, Mutagenic Grapefruits and Glowing Sushi. Pat 2 of the talk presents ideas of food system redesign particularly relevant to hackers and food explorers: utopian cuisines, resilient biotechnologies and eaters as agents of selection. In Part 3 we provide access to resources and propose interesting projects for black hat food hackers, DIY BIO foodies, and prospective food security researchers, such as mining the IAEA's database of radiation breeding, eating things that weren't meant to be eaten and defending agricultural biodiversity. By introducing less known stories from the history of food and technology, and providing access to resources we hope to get more hackers curious about exploring, questioning and redesigning our human food systems. BIO: Zack Denfeld & Cathrine Kramer run the Center for Genomic Gastronomy an independent research institute that studies the genomes and biotechnologies that make up the human food systems on the planet. They are currently in residence at Art Science Bangalore and a curating a show on the future of food at the Science Gallery in Dublin Ireland. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4768.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4768-en-eating_in_the_anthropocene.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4768-en-eating_in_the_anthropocene.webm 2011-12-28T00:00:00+01:00 Cathrine Kramer, Zack Denfeld No 28c3, Culture Transgenic Fish, Mutagenic Grapefruits and Space Potatoes Over the last few years hackers have begun to take a larger interest in food, gastronomy and agriculture. For many in the community the ability to create DIY molecular gastronomy hardware and recipes is an obvious entry point. This talk extends some of these early investigations beyond the kitchen and the chemical properties of food by looking at specific cultivars, food technology organizations, and connections between food systems, ecosystems and planetary change. Part 1 of the talk explores some of the more bizarre and interesting biotechnologies and genomes that make up the human food system on planet earth, including Chinese Space Potatoes, Mutagenic Grapefruits and Glowing Sushi. Pat 2 of the talk presents ideas of food system redesign particularly relevant to hackers and food explorers: utopian cuisines, resilient biotechnologies and eaters as agents of selection. In Part 3 we provide access to resources and propose interesting projects for black hat food hackers, DIY BIO foodies, and prospective food security researchers, such as mining the IAEA's database of radiation breeding, eating things that weren't meant to be eaten and defending agricultural biodiversity. By introducing less known stories from the history of food and technology, and providing access to resources we hope to get more hackers curious about exploring, questioning and redesigning our human food systems. BIO: Zack Denfeld & Cathrine Kramer run the Center for Genomic Gastronomy an independent research institute that studies the genomes and biotechnologies that make up the human food systems on the planet. They are currently in residence at Art Science Bangalore and a curating a show on the future of food at the Science Gallery in Dublin Ireland. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4768.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4768-en-eating_in_the_anthropocene.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4770-en-dont_scan_just_ask.webm For years, we tried to identify vulnerable systems in company networks by getting all the companies netblocks / ip addresses and scanning them for vulnerable services. Then with the growing importance of web applications and of course search engines, a new way of identifying vulnerable systems was introduced: "Google hacking". However this approach of identifying and scanning companies ip addresses as well as doing some Google hacking for the (known) URLs of the company doesn't take all aspects into account and has some limitations. At first we just check the systems which are obvious, the ones that are in the companies netblocks, the IP addresses that were provided by the company and the URLs that are known or can be resolved using reverse DNS. However how about URLs and systems that aren't obvious? Systems maybe even the company in focus forgot? Second, the current techniques are pretty technical. They don't take the business view into account at any point. Therefore we developed a new technique as well as framework to identify companies’ web pages based on a scored keyword list. In other words: From zero to owning all of a company’s existing web pages, even the pages not hosted by the company itself, with just a scored keyword list as input. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4770.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4770-en-dont_scan_just_ask.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4770-en-dont_scan_just_ask.webm 2011-12-28T00:00:00+01:00 Fabian Mihailowitsch No 28c3, Hacking A new approach of identifying vulnerable web applications For years, we tried to identify vulnerable systems in company networks by getting all the companies netblocks / ip addresses and scanning them for vulnerable services. Then with the growing importance of web applications and of course search engines, a new way of identifying vulnerable systems was introduced: "Google hacking". However this approach of identifying and scanning companies ip addresses as well as doing some Google hacking for the (known) URLs of the company doesn't take all aspects into account and has some limitations. At first we just check the systems which are obvious, the ones that are in the companies netblocks, the IP addresses that were provided by the company and the URLs that are known or can be resolved using reverse DNS. However how about URLs and systems that aren't obvious? Systems maybe even the company in focus forgot? Second, the current techniques are pretty technical. They don't take the business view into account at any point. Therefore we developed a new technique as well as framework to identify companies’ web pages based on a scored keyword list. In other words: From zero to owning all of a company’s existing web pages, even the pages not hosted by the company itself, with just a scored keyword list as input. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4770.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4770-en-dont_scan_just_ask.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4775-de-hacker_jeopardy.webm The Hacker Jeopardy is a quiz show. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4775.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4775-de-hacker_jeopardy.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4775-de-hacker_jeopardy.webm 2011-12-28T00:00:00+01:00 Ray, Stefan 'Sec' Zehl No 28c3, Show Number guessing for geeks The Hacker Jeopardy is a quiz show. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4775.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4775-de-hacker_jeopardy.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4777-en-r0ket.webm Now you've got that r0ket thing. What to do with it? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4777.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4777-en-r0ket.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4777-en-r0ket.webm 2011-12-27T00:00:00+01:00 lilafisch, Stefan 'Sec' Zehl No 28c3, Hacking The CCC-Badge Now you've got that r0ket thing. What to do with it? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4777.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4777-en-r0ket.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4780-en-print_me_if_you_dare.webm Network printers are ubiquitous fixtures within the modern IT infrastructure. Residing within sensitive networks and lacking in security, these devices represent high-value targets that can theoretically be used not only to manipulate and exfiltrate the sensitive information such as network credentials and sensitive documents, but also as fully functional general-purpose bot-nodes which give attackers a stealthy, persistent foothold inside the victim network for further recognizance, exploitation and exfiltration. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4780.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4780-en-print_me_if_you_dare.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4780-en-print_me_if_you_dare.webm 2011-12-29T00:00:00+01:00 Ang Cui, Jonathan Voris No 28c3, Hacking Firmware Modification Attacks and the Rise of Printer Malware Network printers are ubiquitous fixtures within the modern IT infrastructure. Residing within sensitive networks and lacking in security, these devices represent high-value targets that can theoretically be used not only to manipulate and exfiltrate the sensitive information such as network credentials and sensitive documents, but also as fully functional general-purpose bot-nodes which give attackers a stealthy, persistent foothold inside the victim network for further recognizance, exploitation and exfiltration. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4780.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4780-en-print_me_if_you_dare.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4781-en-deceiving_authorship_detection.webm Stylometry is the art of detecting authorship of a document based on the linguistic style present in the text. As authorship recognition methods based on machine learning have improved, they have also presented a threat to privacy and anonymity. We have developed two open-source tools, Stylo and Anonymouth, which we will release at 28C3 and introduce in this talk. Anonymouth aids individuals in obfuscating documents to protect identity from authorship analysis. Stylo is a machine-learning based authorship detection research tool that provides the basis for Anonymouth's decision making. We will also review the problem of stylometry and the privacy implications and present new research related to detecting writing style deception, threats to anonymity in short message services like Twitter, examine the implications for languages other than English, and release a large adversarial stylometry corpus for linguistic and privacy research purposes. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4781.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4781-en-deceiving_authorship_detection.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4781-en-deceiving_authorship_detection.webm 2011-12-29T00:00:00+01:00 Michael Brennan, Rachel Greenstadt No 28c3, Hacking Tools to Maintain Anonymity Through Writing Style & Current Trends in Adversarial Stylometry Stylometry is the art of detecting authorship of a document based on the linguistic style present in the text. As authorship recognition methods based on machine learning have improved, they have also presented a threat to privacy and anonymity. We have developed two open-source tools, Stylo and Anonymouth, which we will release at 28C3 and introduce in this talk. Anonymouth aids individuals in obfuscating documents to protect identity from authorship analysis. Stylo is a machine-learning based authorship detection research tool that provides the basis for Anonymouth's decision making. We will also review the problem of stylometry and the privacy implications and present new research related to detecting writing style deception, threats to anonymity in short message services like Twitter, examine the implications for languages other than English, and release a large adversarial stylometry corpus for linguistic and privacy research purposes. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4781.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4781-en-deceiving_authorship_detection.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4788-de-datenvieh_oder_daten_fee.webm Eine nüchterne Untersuchung der Verfahren zum Nutzertracking und des wirtschaftlichen Wertes von Tracking- und Userdaten. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4788.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4788-de-datenvieh_oder_daten_fee.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4788-de-datenvieh_oder_daten_fee.webm 2011-12-29T00:00:00+01:00 Rene Meissner No 28c3, Hacking Welchen Wert haben Trackingdaten? Eine nüchterne Untersuchung der Verfahren zum Nutzertracking und des wirtschaftlichen Wertes von Tracking- und Userdaten. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4788.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4788-de-datenvieh_oder_daten_fee.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4798-en-sovereign_keys.webm This talk will describe the Sovereign Key system, an EFF proposal for improving the security of SSL/TLS connections against attacks that involve Certificate Authorities (CAs) or portions of the DNSSEC hierarchy. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4798.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4798-en-sovereign_keys.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4798-en-sovereign_keys.webm 2011-12-29T00:00:00+01:00 Peter Eckersley No 28c3, Hacking A proposal for fixing attacks on CAs and DNSSEC This talk will describe the Sovereign Key system, an EFF proposal for improving the security of SSL/TLS connections against attacks that involve Certificate Authorities (CAs) or portions of the DNSSEC hierarchy. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4798.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4798-en-sovereign_keys.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4799-de-can_trains_be_hacked.webm Warum sind Züge sicher unterwegs? Wie werden Zusammenstöße trotz der Gefahr eines menschlichen Fehlverhaltens vermieden? Und was hat das alles mit IT-Sicherheit zu tun? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4799.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4799-de-can_trains_be_hacked.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4799-de-can_trains_be_hacked.webm 2011-12-27T00:00:00+01:00 Stefan Katzenbeisser No 28c3, Hacking Die Technik der Eisenbahnsicherungsanlagen Warum sind Züge sicher unterwegs? Wie werden Zusammenstöße trotz der Gefahr eines menschlichen Fehlverhaltens vermieden? Und was hat das alles mit IT-Sicherheit zu tun? about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4799.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4799-de-can_trains_be_hacked.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4800-en-how_governments_have_tried_to_block_tor.webm Iran blocked Tor handshakes using Deep Packet Inspection (DPI) in January 2011 and September 2011. Bluecoat tested out a Tor handshake filter in Syria in June 2011. China has been harvesting and blocking IP addresses for both public Tor relays and private Tor bridges for years. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4800.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4800-en-how_governments_have_tried_to_block_tor.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4800-en-how_governments_have_tried_to_block_tor.webm 2011-12-28T00:00:00+01:00 Jacob Appelbaum, Roger Dingledine No 28c3, Hacking Iran blocked Tor handshakes using Deep Packet Inspection (DPI) in January 2011 and September 2011. Bluecoat tested out a Tor handshake filter in Syria in June 2011. China has been harvesting and blocking IP addresses for both public Tor relays and private Tor bridges for years. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4800.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4800-en-how_governments_have_tried_to_block_tor.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4802-en-towards_a_single_secure_european_cyberspace.webm The "European Great Firewall" was the way that European civil rights organizations has addressed the proposal to create a "single European cyberspace". Surely other lectures will describe the technicalities of the proposal. This lecture will go beyond that, describing a vulnerability that the proposal reveals in the power structures of the European and world governance, that could be exploited by the hackerdom if the war is understood as a value to be avoided. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4802.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4802-en-towards_a_single_secure_european_cyberspace.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4802-en-towards_a_single_secure_european_cyberspace.webm 2011-12-29T00:00:00+01:00 Suso Baleato No 28c3, Society and Politics What the European Union wants. What the hackerdom can do.. The "European Great Firewall" was the way that European civil rights organizations has addressed the proposal to create a "single European cyberspace". Surely other lectures will describe the technicalities of the proposal. This lecture will go beyond that, describing a vulnerability that the proposal reveals in the power structures of the European and world governance, that could be exploited by the hackerdom if the war is understood as a value to be avoided. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4802.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4802-en-towards_a_single_secure_european_cyberspace.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4804-de-politik_hacken.webm Klassischer Protest, konventionelle Demos, Online-Petitionen und Bürgerinitiativen werden seit einiger Zeit durch neue Instrumente der politischen Partizipation ergänzt. Deren Stärke liegt in dezentraler Organisation, Kommunikationsguerilla-Aktionen, diskursiver Intervention und kollaborativer Spontaneität. Der Vortrag stellt anhand von Beispielen ein Toolset an Möglichkeiten des regelverletzenden und gewaltfreien Mitmischens und Einmischens in Politik vor. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4804.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4804-de-politik_hacken.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4804-de-politik_hacken.webm 2011-12-28T00:00:00+01:00 Alexander Müller, Bärwulf Kannitschreiber, Montserrat Graupenschläger No 28c3, Society and Politics Kleine Anleitung zur Nutzung von Sicherheitslücken gesellschaftlicher und politischer Kommunikation Klassischer Protest, konventionelle Demos, Online-Petitionen und Bürgerinitiativen werden seit einiger Zeit durch neue Instrumente der politischen Partizipation ergänzt. Deren Stärke liegt in dezentraler Organisation, Kommunikationsguerilla-Aktionen, diskursiver Intervention und kollaborativer Spontaneität. Der Vortrag stellt anhand von Beispielen ein Toolset an Möglichkeiten des regelverletzenden und gewaltfreien Mitmischens und Einmischens in Politik vor. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4804.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4804-de-politik_hacken.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4811-en-rootkits_in_your_web_application.webm XSS bugs are the most widely known and commonly occurring Web vulnerability, but their impact has often been limited to cookie theft and/or simple actions, such as setting malicious email filters, stealing some data, or self-propagation via an XSS worm. In this work, I discuss practical approaches for exploiting XSS and other client-side script injection attacks, and introduce novel techniques for maintaining and escalating access within the victim's browser. In particular, I introduce the concept of _resident XSS_ where attacker-supplied code is running in the context of an affected user's main application window and describe its consequences. I also draw analogies between such persistent Web threats and the traditional rootkit model, including similarities in the areas of embedding malicious code, maintaining access, stealthy communication with a C&C server, and the difficulty of detecting and removing attacker-supplied code. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4811.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4811-en-rootkits_in_your_web_application.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4811-en-rootkits_in_your_web_application.webm 2011-12-28T00:00:00+01:00 Artur Janc No 28c3, Hacking Achieving a permanent stealthy compromise of user accounts with XSS and JS injection attacks. XSS bugs are the most widely known and commonly occurring Web vulnerability, but their impact has often been limited to cookie theft and/or simple actions, such as setting malicious email filters, stealing some data, or self-propagation via an XSS worm. In this work, I discuss practical approaches for exploiting XSS and other client-side script injection attacks, and introduce novel techniques for maintaining and escalating access within the victim's browser. In particular, I introduce the concept of _resident XSS_ where attacker-supplied code is running in the context of an affected user's main application window and describe its consequences. I also draw analogies between such persistent Web threats and the traditional rootkit model, including similarities in the areas of embedding malicious code, maintaining access, stealthy communication with a C&C server, and the difficulty of detecting and removing attacker-supplied code. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4811.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4811-en-rootkits_in_your_web_application.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4813-en-macro_dragnets.webm As governments increase their data collection capabilities software developers are stepping up to both utilize and augment surveillance capabilities. DNA databases, facial recognition, behavioral patterning, and geographic profiling are all in use today. Police are crowdsourcing identification of suspects and citizens are willingly participating. This talk will cover real technologies in place today as well as educated speculation of what is coming next. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4813.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4813-en-macro_dragnets.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4813-en-macro_dragnets.webm 2011-12-27T00:00:00+01:00 Redbeard No 28c3, Hacking What happens when data collection goes awry in the 21st century As governments increase their data collection capabilities software developers are stepping up to both utilize and augment surveillance capabilities. DNA databases, facial recognition, behavioral patterning, and geographic profiling are all in use today. Police are crowdsourcing identification of suspects and citizens are willingly participating. This talk will cover real technologies in place today as well as educated speculation of what is coming next. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4813.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4813-en-macro_dragnets.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4814-en-behind_the_scenes_of_a_c64_demo.webm C64 "demos" were the root of the whole demo-scene-thing and they are still the main force keeping the C64 alive today. Audiovisual pleasure, still pushing hardware limits, still exploring different ways of expression. But what is typically happening inside the machine when you watch a demo? What effort is needed to entertain the audience? This talk will give you an inside look at the steps taken for the award winning demo "Error 23" given first hand by one of its main programmers. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4814.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4814-en-behind_the_scenes_of_a_c64_demo.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4814-en-behind_the_scenes_of_a_c64_demo.webm 2011-12-29T00:00:00+01:00 Ninja / The Dreams No 28c3, Hacking C64 "demos" were the root of the whole demo-scene-thing and they are still the main force keeping the C64 alive today. Audiovisual pleasure, still pushing hardware limits, still exploring different ways of expression. But what is typically happening inside the machine when you watch a demo? What effort is needed to entertain the audience? This talk will give you an inside look at the steps taken for the award winning demo "Error 23" given first hand by one of its main programmers. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4814.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4814-en-behind_the_scenes_of_a_c64_demo.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4816-en-7_years_400_podcasts_and_lots_of_frequent_flyer_miles.webm In 2004 I started a weekly podcast on international under-reported news based on a feeling that this was something I enjoy doing and I could be good at. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4816.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4816-en-7_years_400_podcasts_and_lots_of_frequent_flyer_miles.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4816-en-7_years_400_podcasts_and_lots_of_frequent_flyer_miles.webm 2011-12-28T00:00:00+01:00 Bicyclemark No 28c3, Community Lessons learned from producing a weekly independent podcast on international conflicts and concerns. In 2004 I started a weekly podcast on international under-reported news based on a feeling that this was something I enjoy doing and I could be good at. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4816.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4816-en-7_years_400_podcasts_and_lots_of_frequent_flyer_miles.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4817-en-string_oriented_programming.webm The protection landscape is changing and exploits are getting more and more sophisticated. Exploit generation toolkits can be used to construct exploits for specific applications using well-defined algorithms. We present such an algorithm for leveraging format strings and introduce string oriented programming. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4817.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4817-en-string_oriented_programming.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4817-en-string_oriented_programming.webm 2011-12-27T00:00:00+01:00 Mathias Payer No 28c3, Hacking Circumventing ASLR, DEP, and Other Guards The protection landscape is changing and exploits are getting more and more sophisticated. Exploit generation toolkits can be used to construct exploits for specific applications using well-defined algorithms. We present such an algorithm for leveraging format strings and introduce string oriented programming. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4817.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4817-en-string_oriented_programming.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4818-en-evolving_custom_communication_protocols.webm Even after years of committee review, communication protocols can certainly be hacked, sometimes highly entertainingly. What about creating a protocol the opposite way? Start with all the hacks that can be done and search for a protocol that gets around them all. Is it even possible? Part Time Scientists has used a GPU to help design our moon mission protocols and we'll show you the what and how. Danger: Real code will be shown! about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4818.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4818-en-evolving_custom_communication_protocols.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4818-en-evolving_custom_communication_protocols.webm 2011-12-30T00:00:00+01:00 Wes Faler No 28c3, Hacking Hell Yeah, it's rocket science Even after years of committee review, communication protocols can certainly be hacked, sometimes highly entertainingly. What about creating a protocol the opposite way? Start with all the hacks that can be done and search for a protocol that gets around them all. Is it even possible? Part Time Scientists has used a GPU to help design our moon mission protocols and we'll show you the what and how. Danger: Real code will be shown! about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4818.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4818-en-evolving_custom_communication_protocols.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4821-en-not_your_grandfathers_moon_landing.webm We got a new rover and it's much more awesome than last year! Ok, there's a bit more to it :-) The basics, we are team of part-time scientists and engineers who want to send a rover to the moon before the end of the year 2013. There is a lot to be done towards this first private moon landing and we want to take the chance to explore what we want to do and show what we already accomplished in the past 12 months. The talk will feature important technical milestone like our very first R3 rover prototype and great events like the CCCamp11. There is also be a live demonstration of the very first R3A rover right in the presentation. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4821.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4821-en-not_your_grandfathers_moon_landing.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4821-en-not_your_grandfathers_moon_landing.webm 2011-12-29T00:00:00+01:00 Karsten Becker, Robert Böhme No 28c3, Making Hell yeah, it's Rocket Science 3.1415926535897932384626! We got a new rover and it's much more awesome than last year! Ok, there's a bit more to it :-) The basics, we are team of part-time scientists and engineers who want to send a rover to the moon before the end of the year 2013. There is a lot to be done towards this first private moon landing and we want to take the chance to explore what we want to do and show what we already accomplished in the past 12 months. The talk will feature important technical milestone like our very first R3 rover prototype and great events like the CCCamp11. There is also be a live demonstration of the very first R3A rover right in the presentation. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4821.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4821-en-not_your_grandfathers_moon_landing.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4826-en-a_brief_history_of_plutocracy.webm This whistlestop re-telling of world economic history squeezes 12,000 years of history into 18 slides. Its focus is the changing nature of money and the rise of the monied class in US and Europe. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4826.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4826-en-a_brief_history_of_plutocracy.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4826-en-a_brief_history_of_plutocracy.webm 2011-12-28T00:00:00+01:00 Robin Upton No 28c3, Society and Politics This whistlestop re-telling of world economic history squeezes 12,000 years of history into 18 slides. Its focus is the changing nature of money and the rise of the monied class in US and Europe. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4826.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4826-en-a_brief_history_of_plutocracy.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4828-de-antiforensik.webm Antiforensik ist ein noch eher neues Thema und bekommt zunehmend mehr Bedeutung. IT-Forensik als Mittel zur Aufklärung von Sachverhalten kann vor Gericht aber auch in internen Ermittlungen maßgeblich für Freisprüche oder Schuldsprüche sorgen. Daher ist es besonders schlimm, wenn die dazu verwendeten Programme nicht korrekt arbeiten und sogar mit präparierten antiforensischen Aktionen angegriffen werden können. Der Vortrag zeigt eine bisher unbekannte und dennoch technisch einfache Sicherheitslücke in mindestens einer weltweit verwendeten Forensik-Suite und wie diese ausgenutzt werden kann: Hinzufügen von Ermittlungsergebnissen, Löschen/Verändern von Ermittlungsergebnissen, Infektion des Auswertesystems mit Malware. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4828.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4828-de-antiforensik.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4828-de-antiforensik.webm 2011-12-30T00:00:00+01:00 Martin Wundram No 28c3, Hacking Einführung in das Thema Antiforensik am Beispiel eines neuen Angriffsvektors Antiforensik ist ein noch eher neues Thema und bekommt zunehmend mehr Bedeutung. IT-Forensik als Mittel zur Aufklärung von Sachverhalten kann vor Gericht aber auch in internen Ermittlungen maßgeblich für Freisprüche oder Schuldsprüche sorgen. Daher ist es besonders schlimm, wenn die dazu verwendeten Programme nicht korrekt arbeiten und sogar mit präparierten antiforensischen Aktionen angegriffen werden können. Der Vortrag zeigt eine bisher unbekannte und dennoch technisch einfache Sicherheitslücke in mindestens einer weltweit verwendeten Forensik-Suite und wie diese ausgenutzt werden kann: Hinzufügen von Ermittlungsergebnissen, Löschen/Verändern von Ermittlungsergebnissen, Infektion des Auswertesystems mit Malware. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4828.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4828-de-antiforensik.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4832-de-neue_leichtigkeit.webm Despite the vast new possibilities new medias offer to artists, musicians and composers, regulation authorities and governments are trimming creative minds in their freedom, introducing new laws, filters and limitations. On the example of "Europa: Neue Leichtigkeit" the immanence of unconditional artistic freedom in creativity is brought to the audience. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4832.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4832-de-neue_leichtigkeit.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4832-de-neue_leichtigkeit.webm 2011-12-29T00:00:00+01:00 Alex Antener, Amelie Boehm, Andrin Uetz, Jonas Bischof, ruedi tobler, Samuel Weniger No 28c3, Show when unconditional artistic freedom happens Despite the vast new possibilities new medias offer to artists, musicians and composers, regulation authorities and governments are trimming creative minds in their freedom, introducing new laws, filters and limitations. On the example of "Europa: Neue Leichtigkeit" the immanence of unconditional artistic freedom in creativity is brought to the audience. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4832.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4832-de-neue_leichtigkeit.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4844-de-eu_datenschutz_internet_der_dinge.webm Derzeit arbeitet die EU-Kommission an der Modernisierung der Datenschutzrichtlinie. Dieser Beitrag informiert über den Stand der Dinge. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4844.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4844-de-eu_datenschutz_internet_der_dinge.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4844-de-eu_datenschutz_internet_der_dinge.webm 2011-12-27T00:00:00+01:00 Andreas Krisch No 28c3, Society and Politics Derzeit arbeitet die EU-Kommission an der Modernisierung der Datenschutzrichtlinie. Dieser Beitrag informiert über den Stand der Dinge. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4844.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4844-de-eu_datenschutz_internet_der_dinge.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4847-en-reverse_engineering_usb_devices.webm While USB devices often use standard device classes, some do not. This talk is about reverse engineering the protocols some of these devices use, how the underlying USB protocol gives us some help, and some interesting patterns to look for. I'll also detail the thought processes that went into reverse engineering the Kinect's audio protocol. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4847.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4847-en-reverse_engineering_usb_devices.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4847-en-reverse_engineering_usb_devices.webm 2011-12-28T00:00:00+01:00 Drew Fisher No 28c3, Hacking While USB devices often use standard device classes, some do not. This talk is about reverse engineering the protocols some of these devices use, how the underlying USB protocol gives us some help, and some interesting patterns to look for. I'll also detail the thought processes that went into reverse engineering the Kinect's audio protocol. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4847.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4847-en-reverse_engineering_usb_devices.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4848-en-the_coming_war_on_general_computation.webm The last 20 years of Internet policy have been dominated by the copyright war, but the war turns out only to have been a skirmish. The coming century will be dominated by war against the general purpose computer, and the stakes are the freedom, fortune and privacy of the entire human race. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4848.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4848-en-the_coming_war_on_general_computation.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4848-en-the_coming_war_on_general_computation.webm 2011-12-27T00:00:00+01:00 Cory Doctorow No 28c3, Society and Politics The copyright war was just the beginning The last 20 years of Internet policy have been dominated by the copyright war, but the war turns out only to have been a skirmish. The coming century will be dominated by war against the general purpose computer, and the stakes are the freedom, fortune and privacy of the entire human race. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4848.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4848-en-the_coming_war_on_general_computation.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4856-en-the_engineering_part_of_social_engineering.webm All the talks i saw about SE so far just showed which good SE's the speakers are. I try to do another approach, what if i get in and don't know what to do then. The talk is about the reconn. before the assessment, the different approaches of SE. Which techniques can one use, how to do a proper intel. and what is useful. How things work and more important why. Which skill set should one have before entering a engagement. And last but not least how do one counter a SE attack. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4856.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4856-en-the_engineering_part_of_social_engineering.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4856-en-the_engineering_part_of_social_engineering.webm 2011-12-30T00:00:00+01:00 Aluc No 28c3, Hacking Why just lying your way in won't get you anywhere All the talks i saw about SE so far just showed which good SE's the speakers are. I try to do another approach, what if i get in and don't know what to do then. The talk is about the reconn. before the assessment, the different approaches of SE. Which techniques can one use, how to do a proper intel. and what is useful. How things work and more important why. Which skill set should one have before entering a engagement. And last but not least how do one counter a SE attack. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4856.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4856-en-the_engineering_part_of_social_engineering.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4866-de-fnord_jahresrueckblick.webm Auch dieses Jahr werden wir euch wieder mit den Fnords des Jahres zu unterhalten suchen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4866.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4866-de-fnord_jahresrueckblick.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4866-de-fnord_jahresrueckblick.webm 2011-12-29T00:00:00+01:00 Felix von Leitner, Frank Rieger No 28c3, Community von Atomendlager bis Zensus Auch dieses Jahr werden wir euch wieder mit den Fnords des Jahres zu unterhalten suchen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4866.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4866-de-fnord_jahresrueckblick.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4869-de-tresor.webm Herkömmliche Festplattenverschlüsselungen legen notwendige Schlüssel im RAM ab. Dadurch sind sie schutzlos Angriffen wie Cold-Boot Attacken ausgeliefert, die auf den Arbeitsspeicher abzielen. TRESOR bietet Schutz gegen solche Angriffe. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4869.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4869-de-tresor.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4869-de-tresor.webm 2011-12-29T00:00:00+01:00 tilo No 28c3, Hacking Herkömmliche Festplattenverschlüsselungen legen notwendige Schlüssel im RAM ab. Dadurch sind sie schutzlos Angriffen wie Cold-Boot Attacken ausgeliefert, die auf den Arbeitsspeicher abzielen. TRESOR bietet Schutz gegen solche Angriffe. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4869.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4869-de-tresor.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4871-en-hacking_mfps.webm We have decided to continue our research onto PostScript realms - an old, very powerful and nicely designed programming language, where (as a coincidence or not, given it's numerous security flaws) Adobe owns most PostScript interpreters instances. This time we demonstrate that PostScript language, given it's power, elegance and Turing-completeness, can be used more than just for drawing dots, lines and circles - and to a certain extent it can be a hacker's sweet delight if fully mastered. We will be presenting a real-life implementation of unusual PostScript APIs (along with it's dissection and reconstructed documentation) that interact with various levels of OS and HW, implementation we have found in a TOP10 printer vendor product line. Also, we will investigate whether a PostScript-based (hence platform-independent) virus (18+ years after first proposals of such theory) can be acomplished, thus giving theoretical hints and few building blocks in this direction. We will also present some very constructive uses of the PostScript language in the creative (i.e. non-destructive) hacking direction. In the end, we will try to summarize our conclusions and possible solution for all parties involved (vendors, users, sysadmins, security experts). With this research we hope we can prove that entire printer industry (devices, printing software/drivers/subsystems, publishing and managed services) have to be rethought security-wise, so that it can withstand in the long run the current security landscape and threats. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4871.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4871-en-hacking_mfps.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4871-en-hacking_mfps.webm 2011-12-28T00:00:00+01:00 Andrei Costin No 28c3, Hacking Part2 - PostScript: Um, you've been hacked We have decided to continue our research onto PostScript realms - an old, very powerful and nicely designed programming language, where (as a coincidence or not, given it's numerous security flaws) Adobe owns most PostScript interpreters instances. This time we demonstrate that PostScript language, given it's power, elegance and Turing-completeness, can be used more than just for drawing dots, lines and circles - and to a certain extent it can be a hacker's sweet delight if fully mastered. We will be presenting a real-life implementation of unusual PostScript APIs (along with it's dissection and reconstructed documentation) that interact with various levels of OS and HW, implementation we have found in a TOP10 printer vendor product line. Also, we will investigate whether a PostScript-based (hence platform-independent) virus (18+ years after first proposals of such theory) can be acomplished, thus giving theoretical hints and few building blocks in this direction. We will also present some very constructive uses of the PostScript language in the creative (i.e. non-destructive) hacking direction. In the end, we will try to summarize our conclusions and possible solution for all parties involved (vendors, users, sysadmins, security experts). With this research we hope we can prove that entire printer industry (devices, printing software/drivers/subsystems, publishing and managed services) have to be rethought security-wise, so that it can withstand in the long run the current security landscape and threats. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4871.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4871-en-hacking_mfps.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4876-de-die_spinnen_die_sachsen.webm Die Meldungen aus Sachsen in diesem Jahr wirkten für alle, die nicht dort wohnen, ein bisschen, als kämen sie von einem sehr weit entfernten Stern. In regelmäßigen Abständen werden Dinge bekannt, die jeweils einzeln früher zum Rücktritt von Ministern geführt hätten. Funkzellenabfrage, §129-Verfahren, die Durchsuchung eines Pfarrers, Aberkennung der Immunität eines Fraktionsvorsitzenden wegen Rädelführerschaft: umfassende Kriminalisierung von Protesten gegen Nazis, und zwar weit bis in die "Mitte der Gesellschaft". Offline-Überwachung und -Drangsalierung sind in Sachsen Alltag. Der Talk gibt einen Überblick über den Stand der Dinge und warnt davor, sich (außerhalb Sachsens) gemütlich schaudernd zurückzulehnen. Denn: Wenn Sachsen damit durchkommt, setzt das Maßstäbe für andere Bundesländer. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4876.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4876-de-die_spinnen_die_sachsen.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4876-de-die_spinnen_die_sachsen.webm 2011-12-27T00:00:00+01:00 Anne Roth No 28c3, Society and Politics On- und Offline-Überwachung: Weil sie es können Die Meldungen aus Sachsen in diesem Jahr wirkten für alle, die nicht dort wohnen, ein bisschen, als kämen sie von einem sehr weit entfernten Stern. In regelmäßigen Abständen werden Dinge bekannt, die jeweils einzeln früher zum Rücktritt von Ministern geführt hätten. Funkzellenabfrage, §129-Verfahren, die Durchsuchung eines Pfarrers, Aberkennung der Immunität eines Fraktionsvorsitzenden wegen Rädelführerschaft: umfassende Kriminalisierung von Protesten gegen Nazis, und zwar weit bis in die "Mitte der Gesellschaft". Offline-Überwachung und -Drangsalierung sind in Sachsen Alltag. Der Talk gibt einen Überblick über den Stand der Dinge und warnt davor, sich (außerhalb Sachsens) gemütlich schaudernd zurückzulehnen. Denn: Wenn Sachsen damit durchkommt, setzt das Maßstäbe für andere Bundesländer. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4876.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4876-de-die_spinnen_die_sachsen.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4897-en-keynote.webm While it's old news that authoritarian regimes regularly rely on censorship and surveillance technology supplied to them by Western companies, 2011 was a year (thanks, in part, to the Arab Spring) when it became a hot issue in the public debate. While politicians on both sides of the Atlantic have recently committed to ban the sale of such technologies to dictators, it's not clear whether such measures would prove effective (or merely drive the sale of such technologies underground) or simply stimulate the growth of Chinese, Russian and Indian companies. More disturbingly, there is still very little awareness – at least among the general public – that many of the tools that are currently exported to authoritarian states have been designed to help fight "The Global War On Terror" and are thus inextricably linked to domestic policies of Western states. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4897.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4897-en-keynote.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4897-en-keynote.webm 2011-12-27T00:00:00+01:00 Evgeny Morozov No 28c3, Society and Politics While it's old news that authoritarian regimes regularly rely on censorship and surveillance technology supplied to them by Western companies, 2011 was a year (thanks, in part, to the Arab Spring) when it became a hot issue in the public debate. While politicians on both sides of the Atlantic have recently committed to ban the sale of such technologies to dictators, it's not clear whether such measures would prove effective (or merely drive the sale of such technologies underground) or simply stimulate the growth of Chinese, Russian and Indian companies. More disturbingly, there is still very little awareness – at least among the general public – that many of the tools that are currently exported to authoritarian states have been designed to help fight "The Global War On Terror" and are thus inextricably linked to domestic policies of Western states. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4897.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4897-en-keynote.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4898-de-security_nightmares.webm about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4898.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4898-de-security_nightmares.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4898-de-security_nightmares.webm 2011-12-30T00:00:00+01:00 Frank Rieger, Ron No 28c3, Hacking about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4898.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4898-de-security_nightmares.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4899-en-closing_event.webm about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4899.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4899-en-closing_event.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4899-en-closing_event.webm 2011-12-30T00:00:00+01:00 No 28c3, Community about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4899.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4899-en-closing_event.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4901-de-der_staatstrojaner_aus_sicht_der_technik.webm 0zapftis wird aus Sicht der Technik und unter juristischen Gesichtspunkten analysiert. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4901.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4901-de-der_staatstrojaner_aus_sicht_der_technik.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4901-de-der_staatstrojaner_aus_sicht_der_technik.webm 2011-12-27T00:00:00+01:00 0zapfths, Constanze Kurz, Frank Rieger, Ulf Buermeyer No 28c3, Hacking Vom braunen Briefumschlag bis zur Publikation 0zapftis wird aus Sicht der Technik und unter juristischen Gesichtspunkten analysiert. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4901.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4901-de-der_staatstrojaner_aus_sicht_der_technik.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4903-en-changing_techno_optimists_by_shaking_up_the_bureaucrats.webm Meet the Netherlands: a nation filled with techno-optimists protecting our freedom by puting in place restrictions on what you can do, reducing our privacy and have technology as a solution for anything and everything. When you make a trip we store your details for two years, your airplane meal selection from two years earlier is good data to test with and when migrating the government website we keep the old website running in an unmaintained state. If you have nothing to hide nothing can go wrong and there is nothing you can do. Well not quite. What would happen if you play the system? If you would take the train and hack the card? What if you were to pick up the resistance you face and use it in your advantage. No matter what the costs would carry on? If you would take some data and show the failures? Not just once but a full month long and call that month Leaktober. What if you would publicly call the failures with our personal data? Ultimately you make a difference. You change the law, you changes the rules of the game and you really can raise the question if storing all that data is really needed. Ultimately people really start to doubt if this is the right way to go. This is a strategic and tactical story on how you can regain some privacy and data protection. Even though for a journalist this should be normal work, thanks to some people these things become very personal. It ends in criminal prosecution, legal threats, insults, a successful counter hack and ultimately a lot of benefits. But standing up for a cause does work as long as you focus on the stories you want to bring. My story is about hacking the system from the inside, overcoming fear and showing bureaucrats that hackers are people too. The talk is a lessons learnt how a few people can change a nation with hacker beliefs if they really want to. A guideline on how to make a difference by hacking the system you want to change. Where you can even make huge mistakes, but with some luck you can win a world. How you can make your critical voice be heard. Zillions of lessons learnt. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4903.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4903-en-changing_techno_optimists_by_shaking_up_the_bureaucrats.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4903-en-changing_techno_optimists_by_shaking_up_the_bureaucrats.webm 2011-12-30T00:00:00+01:00 Brenno de Winter No 28c3, Society and Politics Meet the Netherlands: a nation filled with techno-optimists protecting our freedom by puting in place restrictions on what you can do, reducing our privacy and have technology as a solution for anything and everything. When you make a trip we store your details for two years, your airplane meal selection from two years earlier is good data to test with and when migrating the government website we keep the old website running in an unmaintained state. If you have nothing to hide nothing can go wrong and there is nothing you can do. Well not quite. What would happen if you play the system? If you would take the train and hack the card? What if you were to pick up the resistance you face and use it in your advantage. No matter what the costs would carry on? If you would take some data and show the failures? Not just once but a full month long and call that month Leaktober. What if you would publicly call the failures with our personal data? Ultimately you make a difference. You change the law, you changes the rules of the game and you really can raise the question if storing all that data is really needed. Ultimately people really start to doubt if this is the right way to go. This is a strategic and tactical story on how you can regain some privacy and data protection. Even though for a journalist this should be normal work, thanks to some people these things become very personal. It ends in criminal prosecution, legal threats, insults, a successful counter hack and ultimately a lot of benefits. But standing up for a cause does work as long as you focus on the stories you want to bring. My story is about hacking the system from the inside, overcoming fear and showing bureaucrats that hackers are people too. The talk is a lessons learnt how a few people can change a nation with hacker beliefs if they really want to. A guideline on how to make a difference by hacking the system you want to change. Where you can even make huge mistakes, but with some luck you can win a world. How you can make your critical voice be heard. Zillions of lessons learnt. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4903.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4903-en-changing_techno_optimists_by_shaking_up_the_bureaucrats.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4905-en-lightning_talks_day_2.webm about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4905.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4905-en-lightning_talks_day_2.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4905-en-lightning_talks_day_2.webm 2011-12-28T00:00:00+01:00 Nick Farr No 28c3, Community about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4905.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4905-en-lightning_talks_day_2.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4906-en-lightning_talks_day_3_pecha_kucha.webm about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4906.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4906-en-lightning_talks_day_3_pecha_kucha.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4906-en-lightning_talks_day_3_pecha_kucha.webm 2011-12-29T00:00:00+01:00 Nick Farr No 28c3, Community Pecha Kucha Round! about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4906.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4906-en-lightning_talks_day_3_pecha_kucha.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4907-en-lightning_talks_day_4.webm about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4907.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4907-en-lightning_talks_day_4.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4907-en-lightning_talks_day_4.webm 2011-12-30T00:00:00+01:00 Nick Farr No 28c3, Community about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4907.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4907-en-lightning_talks_day_4.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4908-de-jahresrueckblick_2011.webm Kaum hat es begonnen, da ist es auch schon wieder vorbei – das Jahr 2011. Also ist es wieder an der Zeit für den Rückblick auf Technikforschung und Nerd-Lobbyismus mit Hackerperspektive, der natürlich nie ohne Ausblick ist. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4908.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4908-de-jahresrueckblick_2011.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4908-de-jahresrueckblick_2011.webm 2011-12-29T00:00:00+01:00 Andreas Bogk, Constanze Kurz, Erdgeist, Frank Rieger No 28c3, Society and Politics Kaum hat es begonnen, da ist es auch schon wieder vorbei – das Jahr 2011. Also ist es wieder an der Zeit für den Rückblick auf Technikforschung und Nerd-Lobbyismus mit Hackerperspektive, der natürlich nie ohne Ausblick ist. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4908.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4908-de-jahresrueckblick_2011.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4910-de-demokratie_auf_saechsisch.webm Alles begann im Vorfeld des 13. Februar 2010. Nachdem sich der sogenannte rechte Trauermarsch am Jahrestag der Bombardierung Dresdens innerhalb weniger Jahre zum größten Naziaufmarsch Europas entwickelt hatte, gründete sich 2009 ein bundesweites Bündnis aus Antifa-Gruppen, Parteien und Zivilgesellschaft mit dem Ziel, diesen zu blockieren. Soviel Engagement gegen Rechts war den sächsischen Behörden jedoch von Anfang ein Dorn im Auge, so dass die Oberstaatsanwaltschaft Dresden bereits im Januar 2009 den Vorwurf des „Aufrufs zu Straftaten“ konstruierte, um Räumlichkeiten des Bündnisses zu durchsuchen, Plakate zu beschlagnahmen und so die Mobilisierung nach Dresden zu unterbinden. Die Taktik ging nicht auf: Am 13. Februar 2010 belagerten mehr als 10.000 Menschen den Aufmarschort, woraufhin der Naziaufmarsch nicht stattfand. Eine solche Schlappe wollten LKA und Staatsanwaltschaft nicht noch einmal hinnehmen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4910.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4910-de-demokratie_auf_saechsisch.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4910-de-demokratie_auf_saechsisch.webm 2011-12-27T00:00:00+01:00 Josephine Fischer, Tobias Naumann No 28c3, Society and Politics Alles begann im Vorfeld des 13. Februar 2010. Nachdem sich der sogenannte rechte Trauermarsch am Jahrestag der Bombardierung Dresdens innerhalb weniger Jahre zum größten Naziaufmarsch Europas entwickelt hatte, gründete sich 2009 ein bundesweites Bündnis aus Antifa-Gruppen, Parteien und Zivilgesellschaft mit dem Ziel, diesen zu blockieren. Soviel Engagement gegen Rechts war den sächsischen Behörden jedoch von Anfang ein Dorn im Auge, so dass die Oberstaatsanwaltschaft Dresden bereits im Januar 2009 den Vorwurf des „Aufrufs zu Straftaten“ konstruierte, um Räumlichkeiten des Bündnisses zu durchsuchen, Plakate zu beschlagnahmen und so die Mobilisierung nach Dresden zu unterbinden. Die Taktik ging nicht auf: Am 13. Februar 2010 belagerten mehr als 10.000 Menschen den Aufmarschort, woraufhin der Naziaufmarsch nicht stattfand. Eine solche Schlappe wollten LKA und Staatsanwaltschaft nicht noch einmal hinnehmen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4910.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4910-de-demokratie_auf_saechsisch.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4913-de-almighty_dna_and_beyond.webm Die Erstellung von Personenprofilen aus DNA und ihre Speicherung in polizeilichen Datenbanken erfreut sich allgemeiner Akzeptanz. Die Annahme ist weitverbreitet, es ginge dabei allein um die Aufklärung von Mord und Totschlag. Tatsächlich speichert das Bundeskriminalamt hier aber Datensätze auf Vorrat und zwar aus immer geringfügigeren Anlässen und in immer größerer Zahl. Zudem werden die DNA-Datenbanken der europäischen Polizeien derzeit miteinander vernetzt. Das ist umso beunruhigender, als wir alle beständig DNA hinterlassen, ob nun in Haaren, Hautabrieb oder Speichel. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4913.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4913-de-almighty_dna_and_beyond.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4913-de-almighty_dna_and_beyond.webm 2011-12-27T00:00:00+01:00 Susanne Schultz, Uta Wagenmann No 28c3, Society and Politics Was die Tatort-Wahrheitsmaschine mit Überwachung zu tun hat Die Erstellung von Personenprofilen aus DNA und ihre Speicherung in polizeilichen Datenbanken erfreut sich allgemeiner Akzeptanz. Die Annahme ist weitverbreitet, es ginge dabei allein um die Aufklärung von Mord und Totschlag. Tatsächlich speichert das Bundeskriminalamt hier aber Datensätze auf Vorrat und zwar aus immer geringfügigeren Anlässen und in immer größerer Zahl. Zudem werden die DNA-Datenbanken der europäischen Polizeien derzeit miteinander vernetzt. Das ist umso beunruhigender, als wir alle beständig DNA hinterlassen, ob nun in Haaren, Hautabrieb oder Speichel. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4913.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4913-de-almighty_dna_and_beyond.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4916-en-buggedplanet.webm BuggedPlanet.Info is a small Wiki that tries to list and track down the activities of the surveillance industry in the fields of "Lawful Interception", Signals Intelligence (SIGINT), Communications Intelligence (COMINT) and related fields to gain access to data from telecommunication systems. In this talk I want to explain the idea behind the project and also discuss some observations made between industrial activites and governmental actings. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4916.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4916-en-buggedplanet.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4916-en-buggedplanet.webm 2011-12-27T00:00:00+01:00 Andy Müller-Maguhn No 28c3, Society and Politics Surveillance Industry & Country's Actings BuggedPlanet.Info is a small Wiki that tries to list and track down the activities of the surveillance industry in the fields of "Lawful Interception", Signals Intelligence (SIGINT), Communications Intelligence (COMINT) and related fields to gain access to data from telecommunication systems. In this talk I want to explain the idea behind the project and also discuss some observations made between industrial activites and governmental actings. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4916.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4916-en-buggedplanet.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4927-en-noc_review_28c3_camp.webm A review about the camp and the congress network. Network layout, planning, setup, operation and finally the teardown. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4927.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4927-en-noc_review_28c3_camp.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4927-en-noc_review_28c3_camp.webm 2011-12-30T00:00:00+01:00 Kay, Will Hargrave No 28c3, Hacking NOC Review about the Camp 2011 and the 28C3 A review about the camp and the congress network. Network layout, planning, setup, operation and finally the teardown. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4927.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4927-en-noc_review_28c3_camp.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4928-en-kinectfusion.webm This project investigates techniques to track the 6DOF position of handheld depth sensing cameras, such as Kinect, as they move through space and perform high quality 3D surface reconstructions for interaction. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4928.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4928-en-kinectfusion.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4928-en-kinectfusion.webm 2011-12-29T00:00:00+01:00 David Kim No 28c3, Science Real-time 3D Reconstruction and Interaction Using a Moving Depth Camera This project investigates techniques to track the 6DOF position of handheld depth sensing cameras, such as Kinect, as they move through space and perform high quality 3D surface reconstructions for interaction. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4928.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4928-en-kinectfusion.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4930-en-black_ops_of_tcpip_2011.webm Black Ops of TCP/IP 2011, a cleanup of the BH USA talk. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4930.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4930-en-black_ops_of_tcpip_2011.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4930-en-black_ops_of_tcpip_2011.webm 2011-12-27T00:00:00+01:00 Dan Kaminsky No 28c3, Hacking Black Ops of TCP/IP 2011, a cleanup of the BH USA talk. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4930.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4930-en-black_ops_of_tcpip_2011.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4932-de-camp_review_2011.webm All of us who did attend are still dreaming. All of us who did not attend are still weeping. The CCCamp 2011. This film recapitulates all the great moments that took place during summer this year. All the great moments. Really. All of them. English and German with English subs (still improvable, though). about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4932.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4932-de-camp_review_2011.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4932-de-camp_review_2011.webm 2011-12-29T00:00:00+01:00 No 28c3, Culture Reviving a nice summer dream All of us who did attend are still dreaming. All of us who did not attend are still weeping. The CCCamp 2011. This film recapitulates all the great moments that took place during summer this year. All the great moments. Really. All of them. English and German with English subs (still improvable, though). about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4932.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4932-de-camp_review_2011.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4934-en-hacker_jeopardy_translation.webm about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4934.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4934-en-hacker_jeopardy_translation.html Wed, 28 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4934-en-hacker_jeopardy_translation.webm 2011-12-28T00:00:00+01:00 No 28c3, Show about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4934.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4934-en-hacker_jeopardy_translation.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4935-en-eu_datenschutz_internet_der_dinge.webm Derzeit arbeitet die EU-Kommission an der Modernisierung der Datenschutzrichtlinie. Dieser Beitrag informiert über den Stand der Dinge. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4935.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4935-en-eu_datenschutz_internet_der_dinge.html Tue, 27 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4935-en-eu_datenschutz_internet_der_dinge.webm 2011-12-27T00:00:00+01:00 Andreas Krisch No 28c3, Society and Politics Derzeit arbeitet die EU-Kommission an der Modernisierung der Datenschutzrichtlinie. Dieser Beitrag informiert über den Stand der Dinge. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4935.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4935-en-eu_datenschutz_internet_der_dinge.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4936-en-fnord_jahresrueckblick.webm Auch dieses Jahr werden wir euch wieder mit den Fnords des Jahres zu unterhalten suchen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4936.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4936-en-fnord_jahresrueckblick.html Thu, 29 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4936-en-fnord_jahresrueckblick.webm 2011-12-29T00:00:00+01:00 Felix von Leitner, Frank Rieger No 28c3, Community von Atomendlager bis Zensus Auch dieses Jahr werden wir euch wieder mit den Fnords des Jahres zu unterhalten suchen. about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4936.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4936-en-fnord_jahresrueckblick.html http://media.ccc.de//ftp/congress/2011/webm/28c3-4937-en-security_nightmares.webm about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4937.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4937-en-security_nightmares.html Fri, 30 Dec 2011 00:00:00 +0100 http://media.ccc.de//ftp/congress/2011/webm/28c3-4937-en-security_nightmares.webm 2011-12-30T00:00:00+01:00 Frank Rieger, Ron No 28c3, Hacking about this event: http://events.ccc.de/congress/2011/Fahrplan/events/4937.en.html event on media: http://media.ccc.de/browse/congress/2011/28c3-4937-en-security_nightmares.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_15:15_-_automating_complex_infrastructures_-_kris_buytaert_-_669.mp4 This talk will bring you the story of automating a SipFoundry based voip (sipx) infrastructure with puppet, a popular configuration management framework. After a gentle introduction into using the world of Puppet, this talk will also tell you how we used both existing and fresh puppet modules to configure as much as possible, before running into the dreaded "manual intervention needed" problem. about this event: http://programm.froscon.org/2011/events/669.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_15:15_-_automating_complex_infrastructures_-_kris_buytaert_-_669.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_15:15_-_automating_complex_infrastructures_-_kris_buytaert_-_669.mp4 2011-08-21T00:00:00+02:00 Kris Buytaert No froscon11, Devops Pupetizing your infrastructure This talk will bring you the story of automating a SipFoundry based voip (sipx) infrastructure with puppet, a popular configuration management framework. After a gentle introduction into using the world of Puppet, this talk will also tell you how we used both existing and fresh puppet modules to configure as much as possible, before running into the dreaded "manual intervention needed" problem. about this event: http://programm.froscon.org/2011/events/669.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_15:15_-_automating_complex_infrastructures_-_kris_buytaert_-_669.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_10:00_-_gnome_3_-_ein_blick_in_die_zukunft_-_hendrik_richter_-_681.mp4 Am 6. April wurde nach mehrjähriger Entwicklungsarbeit Version 3.0 der freien Arbeitsumgebung GNOME veröffentlicht. Dieser Vortrag zeigt, welche Überlegungen hinter den vielfältigen Änderungen stecken und gibt einen Überblick der geplanten Neuerungen für GNOME 3.2, das im Oktober erscheinen wird. Zu guter Letzt wird ein Blick in die Zukunft der 3.x-Reihe gewagt, der viele spannende Ideen aufzeigt. about this event: http://programm.froscon.org/2011/events/681.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_10:00_-_gnome_3_-_ein_blick_in_die_zukunft_-_hendrik_richter_-_681.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_10:00_-_gnome_3_-_ein_blick_in_die_zukunft_-_hendrik_richter_-_681.mp4 2011-08-20T00:00:00+02:00 Hendrik Richter No froscon11, Desktop Am 6. April wurde nach mehrjähriger Entwicklungsarbeit Version 3.0 der freien Arbeitsumgebung GNOME veröffentlicht. Dieser Vortrag zeigt, welche Überlegungen hinter den vielfältigen Änderungen stecken und gibt einen Überblick der geplanten Neuerungen für GNOME 3.2, das im Oktober erscheinen wird. Zu guter Letzt wird ein Blick in die Zukunft der 3.x-Reihe gewagt, der viele spannende Ideen aufzeigt. about this event: http://programm.froscon.org/2011/events/681.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_10:00_-_gnome_3_-_ein_blick_in_die_zukunft_-_hendrik_richter_-_681.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_11:15_-_from_zero_to_openstack_-_richard_richih_hartmann_-_685.mp4 Openstack is a very strong new-comer in the cloud computing space. Expect real-world experience and best practices setting it up. about this event: http://programm.froscon.org/2011/events/685.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_11:15_-_from_zero_to_openstack_-_richard_richih_hartmann_-_685.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_11:15_-_from_zero_to_openstack_-_richard_richih_hartmann_-_685.mp4 2011-08-20T00:00:00+02:00 Richard "RichiH" Hartmann No froscon11, System Administration Deploying Openstack for fun and profit Openstack is a very strong new-comer in the cloud computing space. Expect real-world experience and best practices setting it up. about this event: http://programm.froscon.org/2011/events/685.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_11:15_-_from_zero_to_openstack_-_richard_richih_hartmann_-_685.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_12:45_-_software_freedom_means_business_value_-_simon_phipps_-_830.mp4 As we enter the era of cloud computing and see distributed computing become a daily reality, it's important to realise that everything we value in using open source software arises from the principles of software freedom. In the light of this realisation, we need to re-interpret software freedom for the new era rather than forget it. about this event: http://programm.froscon.org/2011/events/830.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_12:45_-_software_freedom_means_business_value_-_simon_phipps_-_830.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_12:45_-_software_freedom_means_business_value_-_simon_phipps_-_830.mp4 2011-08-20T00:00:00+02:00 Simon Phipps No froscon11, Keynote As we enter the era of cloud computing and see distributed computing become a daily reality, it's important to realise that everything we value in using open source software arises from the principles of software freedom. In the light of this realisation, we need to re-interpret software freedom for the new era rather than forget it. about this event: http://programm.froscon.org/2011/events/830.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_12:45_-_software_freedom_means_business_value_-_simon_phipps_-_830.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_14:00_-_the_state_of_open_source_licensing_and_how_to_improve_it_-_martin_michlmayr_-_753.mp4 Love it or hate it, but correct licensing is an important component of every free software and open source project. This is especially true as an increasing number of corporations are adopting and distributing open source applications and code. This talk will therefore give an overview of the current state of open source licensing and will discuss efforts currently underway to improve the status quo. about this event: http://programm.froscon.org/2011/events/753.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_14:00_-_the_state_of_open_source_licensing_and_how_to_improve_it_-_martin_michlmayr_-_753.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_14:00_-_the_state_of_open_source_licensing_and_how_to_improve_it_-_martin_michlmayr_-_753.mp4 2011-08-20T00:00:00+02:00 Martin Michlmayr No froscon11, Legal Issues Love it or hate it, but correct licensing is an important component of every free software and open source project. This is especially true as an increasing number of corporations are adopting and distributing open source applications and code. This talk will therefore give an overview of the current state of open source licensing and will discuss efforts currently underway to improve the status quo. about this event: http://programm.froscon.org/2011/events/753.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_14:00_-_the_state_of_open_source_licensing_and_how_to_improve_it_-_martin_michlmayr_-_753.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_15:15_-_wrangling_git_-_scott_chacon_-_802.mp4 Many of us are familiar with the basics of Git and may use it on a daily basis, but there are some interesting gems of functionality hidden in the depths of Git obscurity. This talk will shed some light on these tools for you. about this event: http://programm.froscon.org/2011/events/802.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_15:15_-_wrangling_git_-_scott_chacon_-_802.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_15:15_-_wrangling_git_-_scott_chacon_-_802.mp4 2011-08-20T00:00:00+02:00 Scott Chacon No froscon11, Development Git power tips for the intermediate Git user Many of us are familiar with the basics of Git and may use it on a daily basis, but there are some interesting gems of functionality hidden in the depths of Git obscurity. This talk will shed some light on these tools for you. about this event: http://programm.froscon.org/2011/events/802.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_15:15_-_wrangling_git_-_scott_chacon_-_802.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_16:30_-_openmoko_5_years_after_what_s_left_behind_-_dr_michael_lauer_-_713.mp4 A brief look at the history of the Openmoko project, what lead to its (perceived) failure, and why even despite that it was very valuable for the free and open source community. We're then discussing at what's left behind and what the future holds. about this event: http://programm.froscon.org/2011/events/713.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_16:30_-_openmoko_5_years_after_what_s_left_behind_-_dr_michael_lauer_-_713.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_16:30_-_openmoko_5_years_after_what_s_left_behind_-_dr_michael_lauer_-_713.mp4 2011-08-20T00:00:00+02:00 Dr. Michael Lauer No froscon11, Mobile Free software and hardware projects for mobile communication A brief look at the history of the Openmoko project, what lead to its (perceived) failure, and why even despite that it was very valuable for the free and open source community. We're then discussing at what's left behind and what the future holds. about this event: http://programm.froscon.org/2011/events/713.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_16:30_-_openmoko_5_years_after_what_s_left_behind_-_dr_michael_lauer_-_713.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_17:45_-_the_state_of_the_union_-_michael_kleinhenz_-_oliver_zendel_-_737.mp4 Was war, was wird 2011 in Sachen Open Source und Freie Software? Welche Themen haben uns bewegt und werden uns bewegen? Ein Couchgespräch zwischen Oliver Zendel und Michael Kleinhenz. about this event: http://programm.froscon.org/2011/events/737.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_17:45_-_the_state_of_the_union_-_michael_kleinhenz_-_oliver_zendel_-_737.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-20_17:45_-_the_state_of_the_union_-_michael_kleinhenz_-_oliver_zendel_-_737.mp4 2011-08-20T00:00:00+02:00 Michael Kleinhenz, Oliver Zendel No froscon11, Other Das FOSS-Jahr 2011 Was war, was wird 2011 in Sachen Open Source und Freie Software? Welche Themen haben uns bewegt und werden uns bewegen? Ein Couchgespräch zwischen Oliver Zendel und Michael Kleinhenz. about this event: http://programm.froscon.org/2011/events/737.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-20_17:45_-_the_state_of_the_union_-_michael_kleinhenz_-_oliver_zendel_-_737.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_10:00_-_open_source_chancen_und_risiken_fur_software_hersteller_-_lori_grosland_-_patric_boscolo_-_766.mp4 Mehr als 350.000 Open Source Applikationen laufen derzeit auf der Windows Plattform. Aber was tut Microsoft für Open Source? Wie sieht Microsofts Open Source Strategie aus? Von Port 25 über CodePlex bis hin zu den Kremien in denen Microsoft aktiv ist. Wir sprechen über den Einsatz der Microsoft Research Kernel und des CRK im Universitären Umfeld. Und zeigen wie im ALM Umfeld NuGet und Orchad die Verwendung von Open Source Projekte für Entwickler vereinfacht. about this event: http://programm.froscon.org/2011/events/766.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_10:00_-_open_source_chancen_und_risiken_fur_software_hersteller_-_lori_grosland_-_patric_boscolo_-_766.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_10:00_-_open_source_chancen_und_risiken_fur_software_hersteller_-_lori_grosland_-_patric_boscolo_-_766.mp4 2011-08-21T00:00:00+02:00 Lori Grosland, Patric Boscolo No froscon11, Other Mehr als 350.000 Open Source Applikationen laufen derzeit auf der Windows Plattform. Aber was tut Microsoft für Open Source? Wie sieht Microsofts Open Source Strategie aus? Von Port 25 über CodePlex bis hin zu den Kremien in denen Microsoft aktiv ist. Wir sprechen über den Einsatz der Microsoft Research Kernel und des CRK im Universitären Umfeld. Und zeigen wie im ALM Umfeld NuGet und Orchad die Verwendung von Open Source Projekte für Entwickler vereinfacht. about this event: http://programm.froscon.org/2011/events/766.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_10:00_-_open_source_chancen_und_risiken_fur_software_hersteller_-_lori_grosland_-_patric_boscolo_-_766.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_11:15_-_eight_rollouts_a_day_keeping_downtime_away_-_kristian_kohntopp_-_650.mp4 Booking.com violates best practice in every conceivable way, taking "agile" to the next level. The talk describes why and how we are doing it, and how we are getting away with it. about this event: http://programm.froscon.org/2011/events/650.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_11:15_-_eight_rollouts_a_day_keeping_downtime_away_-_kristian_kohntopp_-_650.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_11:15_-_eight_rollouts_a_day_keeping_downtime_away_-_kristian_kohntopp_-_650.mp4 2011-08-21T00:00:00+02:00 Kristian Köhntopp No froscon11, Devops The philosophy of shared space in a development environment Booking.com violates best practice in every conceivable way, taking "agile" to the next level. The talk describes why and how we are doing it, and how we are getting away with it. about this event: http://programm.froscon.org/2011/events/650.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_11:15_-_eight_rollouts_a_day_keeping_downtime_away_-_kristian_kohntopp_-_650.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_12:45_-_why_going_open_source_will_improve_your_product_-_michael_monty_widenius_-_857.mp4 In this keynote speech Monty will explain the impact of taking your product open source. From Licensing to Community building, much can be learned from those that have done it successfully before. about this event: http://programm.froscon.org/2011/events/857.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_12:45_-_why_going_open_source_will_improve_your_product_-_michael_monty_widenius_-_857.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_12:45_-_why_going_open_source_will_improve_your_product_-_michael_monty_widenius_-_857.mp4 2011-08-21T00:00:00+02:00 Michael "Monty" Widenius No froscon11, Keynote In this keynote speech Monty will explain the impact of taking your product open source. From Licensing to Community building, much can be learned from those that have done it successfully before. about this event: http://programm.froscon.org/2011/events/857.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_12:45_-_why_going_open_source_will_improve_your_product_-_michael_monty_widenius_-_857.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_14:00_-_driving_openstack_with_puppet_-_james_turnbull_-_648.mp4 Discover the power (and low cost!) of open source Cloud with OpenStack and discover how Puppet makes it easy to build and manage open source clouds. about this event: http://programm.froscon.org/2011/events/648.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_14:00_-_driving_openstack_with_puppet_-_james_turnbull_-_648.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_14:00_-_driving_openstack_with_puppet_-_james_turnbull_-_648.mp4 2011-08-21T00:00:00+02:00 James Turnbull No froscon11, Devops Discover the power (and low cost!) of open source Cloud with OpenStack and discover how Puppet makes it easy to build and manage open source clouds. about this event: http://programm.froscon.org/2011/events/648.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_14:00_-_driving_openstack_with_puppet_-_james_turnbull_-_648.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_16:30_-_google_summer_of_code_-_dirk_haun_-_661.mp4 Google Summer of Code ist ein Programm, bei dem Google Studenten dafür bezahlt, Open-Source-Software zu entwickeln. Dabei arbeiten die Studenten einen Sommer lang mit einem Open-Source-Projekt zusammen und werden dafür von Google bezahlt. about this event: http://programm.froscon.org/2011/events/661.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_16:30_-_google_summer_of_code_-_dirk_haun_-_661.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_16:30_-_google_summer_of_code_-_dirk_haun_-_661.mp4 2011-08-21T00:00:00+02:00 Dirk Haun No froscon11, Community Neue Mitstreiter mit Geld (und T-Shirts) gewinnen - klappt das? Google Summer of Code ist ein Programm, bei dem Google Studenten dafür bezahlt, Open-Source-Software zu entwickeln. Dabei arbeiten die Studenten einen Sommer lang mit einem Open-Source-Projekt zusammen und werden dafür von Google bezahlt. about this event: http://programm.froscon.org/2011/events/661.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_16:30_-_google_summer_of_code_-_dirk_haun_-_661.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_17:45_-_drupal_-_breaching_our_way_in_-_richard_japenga_-_873.mp4 In this talk I will take you through what Drupal exactly is, what it can do, and how we set up a quick working website. about this event: http://programm.froscon.org/2011/events/873.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_17:45_-_drupal_-_breaching_our_way_in_-_richard_japenga_-_873.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_17:45_-_drupal_-_breaching_our_way_in_-_richard_japenga_-_873.mp4 2011-08-21T00:00:00+02:00 Richard Japenga No froscon11, Web In this talk I will take you through what Drupal exactly is, what it can do, and how we set up a quick working website. about this event: http://programm.froscon.org/2011/events/873.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_17:45_-_drupal_-_breaching_our_way_in_-_richard_japenga_-_873.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_18:45_-_shutdown_-_lars_ehrhardt_-_david_roetzel_-_860.mp4 about this event: http://programm.froscon.org/2011/events/860.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_18:45_-_shutdown_-_lars_ehrhardt_-_david_roetzel_-_860.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs1_2_-_2011-08-21_18:45_-_shutdown_-_lars_ehrhardt_-_david_roetzel_-_860.mp4 2011-08-21T00:00:00+02:00 Lars Ehrhardt, David Roetzel No froscon11, Other about this event: http://programm.froscon.org/2011/events/860.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs1_2_-_2011-08-21_18:45_-_shutdown_-_lars_ehrhardt_-_david_roetzel_-_860.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_10:00_-_deduplication_-_joerg_c0t0d0s0_org_moellenkamp_-_711.mp4 Da wird zum 30igsten Male die ach so witzige Präsentation auf einem Server gespeichert, um sie noch einer Kollegin, einem Kollegen zu zeigen. 30 Windows VMs, in denen eigentlich das gleiche Windows ist. Eigentlich Platzverschwendung, wenn man die Doubletten beseitigen würde. Deduplication kann das? Aber wie funktioniert sie? Wie sehen die unterschiedlichen Implementationen aus? Wofür kann man sie nutzen? Wann sollte man die Finger davon lassen? Was kann man stattdessen machen? about this event: http://programm.froscon.org/2011/events/711.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_10:00_-_deduplication_-_joerg_c0t0d0s0_org_moellenkamp_-_711.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_10:00_-_deduplication_-_joerg_c0t0d0s0_org_moellenkamp_-_711.mp4 2011-08-20T00:00:00+02:00 Joerg "c0t0d0s0.org" Moellenkamp No froscon11, Operating Systems Wie funktioniert es? Wofür kann man es Nutzen? Wofür nicht? Da wird zum 30igsten Male die ach so witzige Präsentation auf einem Server gespeichert, um sie noch einer Kollegin, einem Kollegen zu zeigen. 30 Windows VMs, in denen eigentlich das gleiche Windows ist. Eigentlich Platzverschwendung, wenn man die Doubletten beseitigen würde. Deduplication kann das? Aber wie funktioniert sie? Wie sehen die unterschiedlichen Implementationen aus? Wofür kann man sie nutzen? Wann sollte man die Finger davon lassen? Was kann man stattdessen machen? about this event: http://programm.froscon.org/2011/events/711.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_10:00_-_deduplication_-_joerg_c0t0d0s0_org_moellenkamp_-_711.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_11:15_-_c_template_metaprogramming_considered_sexy_-_florian_sowade_-_765.mp4 This talk will prove the sexyness of C++ template metaprogramming (TMP), by showing real world use cases and simple ad hoc library solutions which use TMP. The given samples will cover a large field of problems, like domain-specific embedded languages, parser generators, lambda libraries and regular expression matching. These samples will show the wide range of applicationareas of TMP and how it allows the development of sexy and expressive C++ libraries. Don't be afraid, if you are no C++ expert. This talk starts with a short introduction into the basics of C++ and templates in general. This ensures everybody will get a solid insight into the topic. about this event: http://programm.froscon.org/2011/events/765.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_11:15_-_c_template_metaprogramming_considered_sexy_-_florian_sowade_-_765.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_11:15_-_c_template_metaprogramming_considered_sexy_-_florian_sowade_-_765.mp4 2011-08-20T00:00:00+02:00 Florian Sowade No froscon11, Development This talk will prove the sexyness of C++ template metaprogramming (TMP), by showing real world use cases and simple ad hoc library solutions which use TMP. The given samples will cover a large field of problems, like domain-specific embedded languages, parser generators, lambda libraries and regular expression matching. These samples will show the wide range of applicationareas of TMP and how it allows the development of sexy and expressive C++ libraries. Don't be afraid, if you are no C++ expert. This talk starts with a short introduction into the basics of C++ and templates in general. This ensures everybody will get a solid insight into the topic. about this event: http://programm.froscon.org/2011/events/765.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_11:15_-_c_template_metaprogramming_considered_sexy_-_florian_sowade_-_765.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_14:00_-_behaviour_driven_development_-_jan_ehrhardt_-_731.mp4 Wie schreibe ich eigentlich Tests? Mit welchen Tests fange ich an? Und überhaupt, wie nenne ich meine Tests? BDD gibt Antworten und mit den richtigen Frameworks lässt sich viel schöner Test getrieben arbeiten. about this event: http://programm.froscon.org/2011/events/731.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_14:00_-_behaviour_driven_development_-_jan_ehrhardt_-_731.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_14:00_-_behaviour_driven_development_-_jan_ehrhardt_-_731.mp4 2011-08-20T00:00:00+02:00 Jan Ehrhardt No froscon11, Development TDD richtig gemacht Wie schreibe ich eigentlich Tests? Mit welchen Tests fange ich an? Und überhaupt, wie nenne ich meine Tests? BDD gibt Antworten und mit den richtigen Frameworks lässt sich viel schöner Test getrieben arbeiten. about this event: http://programm.froscon.org/2011/events/731.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_14:00_-_behaviour_driven_development_-_jan_ehrhardt_-_731.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_15:15_-_openvpn_im_unternehmenseinsatz_-_dominik_fischer_-_oliver_dumschat-hotte_-_781.mp4 In diesem Vortrag wird eine Lösung für eine hochverfügbare VPN-Anbindung mit OpenVPN, Quagga/OSPF und einem selbstentwickelten Daemon für das HA-Signaling beschrieben. Zur Authentisierung werden auf den Clients Smartcards mit X509 Zertifikaten eingesetzt. about this event: http://programm.froscon.org/2011/events/781.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_15:15_-_openvpn_im_unternehmenseinsatz_-_dominik_fischer_-_oliver_dumschat-hotte_-_781.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_15:15_-_openvpn_im_unternehmenseinsatz_-_dominik_fischer_-_oliver_dumschat-hotte_-_781.mp4 2011-08-20T00:00:00+02:00 Dominik Fischer, Oliver Dumschat-Hötte No froscon11, Security Realisierung einer Hochverfügbarkeitslösung mit dynamischem Routing In diesem Vortrag wird eine Lösung für eine hochverfügbare VPN-Anbindung mit OpenVPN, Quagga/OSPF und einem selbstentwickelten Daemon für das HA-Signaling beschrieben. Zur Authentisierung werden auf den Clients Smartcards mit X509 Zertifikaten eingesetzt. about this event: http://programm.froscon.org/2011/events/781.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_15:15_-_openvpn_im_unternehmenseinsatz_-_dominik_fischer_-_oliver_dumschat-hotte_-_781.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_16:30_-_making_software_see_-_michael_maclean_-_663.mp4 Although creating graphics though software is easy, with many different libraries available to do so, interpreting images isn't so common. By using the OpenCV image processing library, it is possible to be able to detect features in images, such as people's faces and other objects, and process them further. This presentation will show how. about this event: http://programm.froscon.org/2011/events/663.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_16:30_-_making_software_see_-_michael_maclean_-_663.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_16:30_-_making_software_see_-_michael_maclean_-_663.mp4 2011-08-20T00:00:00+02:00 Michael Maclean No froscon11, Development Image processing using OpenCV Although creating graphics though software is easy, with many different libraries available to do so, interpreting images isn't so common. By using the OpenCV image processing library, it is possible to be able to detect features in images, such as people's faces and other objects, and process them further. This presentation will show how. about this event: http://programm.froscon.org/2011/events/663.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_16:30_-_making_software_see_-_michael_maclean_-_663.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_17:45_-_provenance_in_der_informatik_-_ein_softwaresystem_und_sein_einsatz_-_miriam_ney_-_744.mp4 Die Herkunft von Daten, die auch als Provenance bezeichnet wird, spielt eine große Rolle in der Wissenschaft. Informationen über die Nutzer, die die Daten bearbeitet haben, Software, die Daten berechnet haben und Instrumente, die Daten produziert haben, sind dabei besonders wichtig. Um die Herkunft genau rekonstruieren zu können, werden verschiedene Technologien eingesetzt. Ein wichtiger Bestandteil dieser Technologien ist ein System, welches die Provenance Informationen speichert. Dieser Vortrag stellt ein vom DLR entwickeltes Softwaresystem zur Speicherung von Provenance Informationen vor. Außerdem zeigt der Vortrag ein Beispiel für die Nutzung eines solchen Systems. esonders wichtig. Um die Provenance genau rekonstruieren zu können, werden verschiedene Technologien eingesetzt. Ein wichtiger Bestandteil dieser Technologien ist ein System, welches die Herkunftsinformationen speichert. Dieser Vortrag stellt ein vom DLR entwickeltes Softwaresystem zur Speicherung von Provenance Informationen vor. Außerdem zeigt der Vortrag ein Beispiel für die Nutzung eines solchen Systems. about this event: http://programm.froscon.org/2011/events/744.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_17:45_-_provenance_in_der_informatik_-_ein_softwaresystem_und_sein_einsatz_-_miriam_ney_-_744.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-20_17:45_-_provenance_in_der_informatik_-_ein_softwaresystem_und_sein_einsatz_-_miriam_ney_-_744.mp4 2011-08-20T00:00:00+02:00 Miriam Ney No froscon11, Development Eine Open Source Software zur wissenschaftlichen Dokumentation vom Deutschen Zentrums für Luft- und Raumfahrt e.V. Die Herkunft von Daten, die auch als Provenance bezeichnet wird, spielt eine große Rolle in der Wissenschaft. Informationen über die Nutzer, die die Daten bearbeitet haben, Software, die Daten berechnet haben und Instrumente, die Daten produziert haben, sind dabei besonders wichtig. Um die Herkunft genau rekonstruieren zu können, werden verschiedene Technologien eingesetzt. Ein wichtiger Bestandteil dieser Technologien ist ein System, welches die Provenance Informationen speichert. Dieser Vortrag stellt ein vom DLR entwickeltes Softwaresystem zur Speicherung von Provenance Informationen vor. Außerdem zeigt der Vortrag ein Beispiel für die Nutzung eines solchen Systems. esonders wichtig. Um die Provenance genau rekonstruieren zu können, werden verschiedene Technologien eingesetzt. Ein wichtiger Bestandteil dieser Technologien ist ein System, welches die Herkunftsinformationen speichert. Dieser Vortrag stellt ein vom DLR entwickeltes Softwaresystem zur Speicherung von Provenance Informationen vor. Außerdem zeigt der Vortrag ein Beispiel für die Nutzung eines solchen Systems. about this event: http://programm.froscon.org/2011/events/744.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-20_17:45_-_provenance_in_der_informatik_-_ein_softwaresystem_und_sein_einsatz_-_miriam_ney_-_744.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_10:00_-_mysql_performance_tuning_-_oli_sennhauser_-_658.mp4 MySQL Performance Tuning ist früher oder später ein Thema für jeden Admin. In diesem Vortrag zeigen wir die Vorgehensweise auf, wie wir bei FromDual dieses Problem angehen. about this event: http://programm.froscon.org/2011/events/658.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_10:00_-_mysql_performance_tuning_-_oli_sennhauser_-_658.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_10:00_-_mysql_performance_tuning_-_oli_sennhauser_-_658.mp4 2011-08-21T00:00:00+02:00 Oli Sennhauser No froscon11, Databases Wie gehe ich vor? MySQL Performance Tuning ist früher oder später ein Thema für jeden Admin. In diesem Vortrag zeigen wir die Vorgehensweise auf, wie wir bei FromDual dieses Problem angehen. about this event: http://programm.froscon.org/2011/events/658.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_10:00_-_mysql_performance_tuning_-_oli_sennhauser_-_658.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_14:00_-_mysql_and_its_forks_what_is_different_which_future_-_stephane_combaudon_-_693.mp4 MySQL forks like Percona Server, MariaDB and Drizzle are becoming popular. Which features have been added? Why leave standard MySQL for one of the fork? These will be the topics of this session. about this event: http://programm.froscon.org/2011/events/693.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_14:00_-_mysql_and_its_forks_what_is_different_which_future_-_stephane_combaudon_-_693.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_14:00_-_mysql_and_its_forks_what_is_different_which_future_-_stephane_combaudon_-_693.mp4 2011-08-21T00:00:00+02:00 Stephane Combaudon No froscon11, Databases MySQL forks like Percona Server, MariaDB and Drizzle are becoming popular. Which features have been added? Why leave standard MySQL for one of the fork? These will be the topics of this session. about this event: http://programm.froscon.org/2011/events/693.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_14:00_-_mysql_and_its_forks_what_is_different_which_future_-_stephane_combaudon_-_693.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_15:15_-_best_practices_for_creating_high_load_websites_-_fabrizio_manfredi_-_662.mp4 High performance for a Web server that receive a large numbers of requests is critical success factor for a web site, but in many cases the Web server is only "tip of the iceberg" of a very large heterogeneous systems, with lots of components and technologies. This talk present best practices to design an high availability and high performance web site. The presentation will cover load balancing, Web server acceleration, and efficient management of dynamic data, that can be adopted by any sites to improve performance and availability. We also describe common mistake implemented in the web application framework that create performance limitations and bottleneck. The presentation will describe how to define monitors metrics of the service , that are the "eyes" of operation departments, and the implementation of the "red button" about this event: http://programm.froscon.org/2011/events/662.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_15:15_-_best_practices_for_creating_high_load_websites_-_fabrizio_manfredi_-_662.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_15:15_-_best_practices_for_creating_high_load_websites_-_fabrizio_manfredi_-_662.mp4 2011-08-21T00:00:00+02:00 Fabrizio Manfredi No froscon11, Web High performance for a Web server that receive a large numbers of requests is critical success factor for a web site, but in many cases the Web server is only "tip of the iceberg" of a very large heterogeneous systems, with lots of components and technologies. This talk present best practices to design an high availability and high performance web site. The presentation will cover load balancing, Web server acceleration, and efficient management of dynamic data, that can be adopted by any sites to improve performance and availability. We also describe common mistake implemented in the web application framework that create performance limitations and bottleneck. The presentation will describe how to define monitors metrics of the service , that are the "eyes" of operation departments, and the implementation of the "red button" about this event: http://programm.froscon.org/2011/events/662.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_15:15_-_best_practices_for_creating_high_load_websites_-_fabrizio_manfredi_-_662.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_16:30_-_freie_software_-_wer_wie_was_wieso_weshalb_warum_-_guido_arnold_-_793.mp4 Der Vortrag erklärt den Entstehungsprozess von Software und unter welchen Lizenzmodellen Software allgemein vertrieben wird. Dabei werden Begriffe wie Open Source, Copyleft, Freeware, etc. kurz erläutert und häufige Missverständnisse angesprochen. Die Definition Freier Software (4 Freiheiten) wird anhand praktischer Beispiele erklärt. Darauf aufbauend wird auf die gesellschaftliche Bedeutung Freier Software hingewiesen. about this event: http://programm.froscon.org/2011/events/793.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_16:30_-_freie_software_-_wer_wie_was_wieso_weshalb_warum_-_guido_arnold_-_793.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_16:30_-_freie_software_-_wer_wie_was_wieso_weshalb_warum_-_guido_arnold_-_793.mp4 2011-08-21T00:00:00+02:00 Guido Arnold No froscon11, Frog Labs (Kids Track) Eine kurze Einführung Der Vortrag erklärt den Entstehungsprozess von Software und unter welchen Lizenzmodellen Software allgemein vertrieben wird. Dabei werden Begriffe wie Open Source, Copyleft, Freeware, etc. kurz erläutert und häufige Missverständnisse angesprochen. Die Definition Freier Software (4 Freiheiten) wird anhand praktischer Beispiele erklärt. Darauf aufbauend wird auf die gesellschaftliche Bedeutung Freier Software hingewiesen. about this event: http://programm.froscon.org/2011/events/793.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_16:30_-_freie_software_-_wer_wie_was_wieso_weshalb_warum_-_guido_arnold_-_793.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_17:45_-_test-driven_web_development_-_christoph_neuroth_-_676.mp4 An introduction to the automated testing process of modern web applications, aimed at making your job more fun and relieve your apps from the feeling of being treated like a 3-yr-old (let's face it: HTML, CSS and JavaScript are allowed to drink together in a German pub). about this event: http://programm.froscon.org/2011/events/676.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_17:45_-_test-driven_web_development_-_christoph_neuroth_-_676.html Sun, 21 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs3_-_2011-08-21_17:45_-_test-driven_web_development_-_christoph_neuroth_-_676.mp4 2011-08-21T00:00:00+02:00 Christoph Neuroth No froscon11, Web Treating your web application like the grown-up it is An introduction to the automated testing process of modern web applications, aimed at making your job more fun and relieve your apps from the feeling of being treated like a 3-yr-old (let's face it: HTML, CSS and JavaScript are allowed to drink together in a German pub). about this event: http://programm.froscon.org/2011/events/676.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs3_-_2011-08-21_17:45_-_test-driven_web_development_-_christoph_neuroth_-_676.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs4_-_2011-08-20_10:00_-_project_lancelot_mailing_list_management_done_right_-_anselm_lingnau_-_690.mp4 In a world of web forums, who needs mailing lists? We do! Mailing lists are convenient, simple and austerely beautiful. However, most mailing list management software sucks, too! We present Project Lancelot: A new(ish) mailing list manager combining simplicity, modularity and awesome power in a compelling package. Its flexible design makes it easy to go where no other mailing list software has gone before. about this event: http://programm.froscon.org/2011/events/690.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs4_-_2011-08-20_10:00_-_project_lancelot_mailing_list_management_done_right_-_anselm_lingnau_-_690.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs4_-_2011-08-20_10:00_-_project_lancelot_mailing_list_management_done_right_-_anselm_lingnau_-_690.mp4 2011-08-20T00:00:00+02:00 Anselm Lingnau No froscon11, System Administration In a world of web forums, who needs mailing lists? We do! Mailing lists are convenient, simple and austerely beautiful. However, most mailing list management software sucks, too! We present Project Lancelot: A new(ish) mailing list manager combining simplicity, modularity and awesome power in a compelling package. Its flexible design makes it easy to go where no other mailing list software has gone before. about this event: http://programm.froscon.org/2011/events/690.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs4_-_2011-08-20_10:00_-_project_lancelot_mailing_list_management_done_right_-_anselm_lingnau_-_690.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs4_-_2011-08-20_11:15_-_the_gnome3_desktop_and_you_-_guido_gunther_-_770.mp4 You want to port an application from GNOME2 to GNOME3, extend GNOME Shell, develop a new GNOME program from scratch or add a feature to an existing one? Never heard of GObject Introspection, GSettings, GDBus or resident notifications? This talk tries to give an overview on how to access the cool features of GNOME3 from C, Python or JavaScript and where to look for documentation and examples. about this event: http://programm.froscon.org/2011/events/770.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs4_-_2011-08-20_11:15_-_the_gnome3_desktop_and_you_-_guido_gunther_-_770.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs4_-_2011-08-20_11:15_-_the_gnome3_desktop_and_you_-_guido_gunther_-_770.mp4 2011-08-20T00:00:00+02:00 Guido Günther No froscon11, Desktop You want to port an application from GNOME2 to GNOME3, extend GNOME Shell, develop a new GNOME program from scratch or add a feature to an existing one? Never heard of GObject Introspection, GSettings, GDBus or resident notifications? This talk tries to give an overview on how to access the cool features of GNOME3 from C, Python or JavaScript and where to look for documentation and examples. about this event: http://programm.froscon.org/2011/events/770.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs4_-_2011-08-20_11:15_-_the_gnome3_desktop_and_you_-_guido_gunther_-_770.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs4_-_2011-08-20_14:00_-_linuxcontainer_-_erkan_yanar_-_694.mp4 LXC beschreibt die im Vanilla-Kernel integrierte Virtualisierungslösung. Bei weitem noch nicht so ausgereift wie OpenVZ und doch nicht unbrauchbar. Im Vortrag wird in diese Lösung eingeführt. about this event: http://programm.froscon.org/2011/events/694.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs4_-_2011-08-20_14:00_-_linuxcontainer_-_erkan_yanar_-_694.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs4_-_2011-08-20_14:00_-_linuxcontainer_-_erkan_yanar_-_694.mp4 2011-08-20T00:00:00+02:00 Erkan Yanar No froscon11, System Administration fast forward LXC beschreibt die im Vanilla-Kernel integrierte Virtualisierungslösung. Bei weitem noch nicht so ausgereift wie OpenVZ und doch nicht unbrauchbar. Im Vortrag wird in diese Lösung eingeführt. about this event: http://programm.froscon.org/2011/events/694.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs4_-_2011-08-20_14:00_-_linuxcontainer_-_erkan_yanar_-_694.html http://media.ccc.de/ftp/events/froscon/2011/mp4/hs6_-_2011-08-20_10:00_-_session_management_fur_skalierbare_web_projekte_-_martin_schonert_-_730.mp4 Vorstellung einer Open Source Standardlösung für Session Management inklusive der NODE.JS Integration. about this event: http://programm.froscon.org/2011/events/730.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs6_-_2011-08-20_10:00_-_session_management_fur_skalierbare_web_projekte_-_martin_schonert_-_730.html Sat, 20 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/froscon/2011/mp4/hs6_-_2011-08-20_10:00_-_session_management_fur_skalierbare_web_projekte_-_martin_schonert_-_730.mp4 2011-08-20T00:00:00+02:00 Martin Schönert No froscon11, JavaScript Zentrales Session Management mit SessionVOC und node.js Vorstellung einer Open Source Standardlösung für Session Management inklusive der NODE.JS Integration. about this event: http://programm.froscon.org/2011/events/730.en.html event on media: http://media.ccc.de/browse/conferences/froscon/2011/hs6_-_2011-08-20_10:00_-_session_management_fur_skalierbare_web_projekte_-_martin_schonert_-_730.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4406-giving_great_workshops-en.mp4 Mitch Altman has taught well over 10,000 people to solder and make cool things at workshops around the world. Drawing from his experiences, this lecture will show you how to create and give your own successful workshops about what you know. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4406.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4406-giving_great_workshops-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4406-giving_great_workshops-en.mp4 2011-08-11T00:00:00+02:00 Mitch No camp2011, Community You can create your own successful workshop Mitch Altman has taught well over 10,000 people to solder and make cool things at workshops around the world. Drawing from his experiences, this lecture will show you how to create and give your own successful workshops about what you know. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4406.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4406-giving_great_workshops-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4418-cyberpeace_and_datalove-en.mp4 Governments and corporations craft powerful memes to justify their repressive policies, it is time for us to provide with solid countermeasures. Will we get "cyberwar", censorship, and repression of sharing, or impose that Internet remains the instrument of (cyber)Peace, (data)Love and (hackers)Unity? about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4418.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4418-cyberpeace_and_datalove-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4418-cyberpeace_and_datalove-en.mp4 2011-08-10T00:00:00+02:00 Jérémie Zimmermann No camp2011, Society How do we counter the memes of control? Governments and corporations craft powerful memes to justify their repressive policies, it is time for us to provide with solid countermeasures. Will we get "cyberwar", censorship, and repression of sharing, or impose that Internet remains the instrument of (cyber)Peace, (data)Love and (hackers)Unity? about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4418.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4418-cyberpeace_and_datalove-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4429-life_foods-en.mp4 The regular consumption of life foods was very important for healthy life style thousands years ago and the same applies for today. The use of today's scientific knowledge in combination with current technology will allow us to optimise these techniques. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4429.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4429-life_foods-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4429-life_foods-en.mp4 2011-08-11T00:00:00+02:00 No camp2011, Hacker Space Program Benefits of use of microbial fermentations in food and beverage preparations. The regular consumption of life foods was very important for healthy life style thousands years ago and the same applies for today. The use of today's scientific knowledge in combination with current technology will allow us to optimise these techniques. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4429.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4429-life_foods-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4435-windkraftanlagen-de.mp4 Windenergie ist momentan noch interessanter geworden, aber kaum jemand weiß über die eingesetzte Technik Bescheid. Daher soll sowohl der Aufbau als auch der Betrieb erklärt werden. Zusätzlich wird auf potentielle Probleme eingegangen. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4435.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4435-windkraftanlagen-de.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4435-windkraftanlagen-de.mp4 2011-08-12T00:00:00+02:00 luky No camp2011, Science Aufbau, Betrieb, Probleme Windenergie ist momentan noch interessanter geworden, aber kaum jemand weiß über die eingesetzte Technik Bescheid. Daher soll sowohl der Aufbau als auch der Betrieb erklärt werden. Zusätzlich wird auf potentielle Probleme eingegangen. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4435.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4435-windkraftanlagen-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4440-solid_rocket_engines-en.mp4 We will present the design and construction of a solid rocket motor and discuss results from recent test campaigns. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4440.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4440-solid_rocket_engines-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4440-solid_rocket_engines-en.mp4 2011-08-11T00:00:00+02:00 No camp2011, Hacker Space Program Design and implementation of engines with solid propellant We will present the design and construction of a solid rocket motor and discuss results from recent test campaigns. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4440.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4440-solid_rocket_engines-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4450-imagine_the_future_of_money-en.mp4 What comes after capitalism? We will give an overview on the development of complementary and alternative monetary systems: Which ones are there to stay, how they influence social development, how they can be improved and why hackers should really care. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4450.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4450-imagine_the_future_of_money-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4450-imagine_the_future_of_money-en.mp4 2011-08-11T00:00:00+02:00 Jaromil, radium No camp2011, Society Economic transformations, hacker culture and why we should be so lucky What comes after capitalism? We will give an overview on the development of complementary and alternative monetary systems: Which ones are there to stay, how they influence social development, how they can be improved and why hackers should really care. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4450.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4450-imagine_the_future_of_money-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4458-inertial_navigation-en.mp4 The motion of objects through space can be observed in everyday life and the analysis of their dynamics leads to a fundamental notion of theoretical mechanics, the rigid body. Inertial navigation is based on continuous measurement of acceleration and angular velocities and the inversion of the rigid body's equations of motion. Additionally, the modeling of noise and error propagation is essential to correctly estimate position and attitude. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4458.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4458-inertial_navigation-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4458-inertial_navigation-en.mp4 2011-08-11T00:00:00+02:00 No camp2011, Hacker Space Program Rigid body dynamics and its application to dead reckoning The motion of objects through space can be observed in everyday life and the analysis of their dynamics leads to a fundamental notion of theoretical mechanics, the rigid body. Inertial navigation is based on continuous measurement of acceleration and angular velocities and the inversion of the rigid body's equations of motion. Additionally, the modeling of noise and error propagation is essential to correctly estimate position and attitude. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4458.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4458-inertial_navigation-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4459-transition_telecom-en.mp4 We'll need to come to grips with the challenges that declining oil production and increasing temperatures present. This talk explores positive future scenarios for the world of networking and communications past the great global energy free-for-all. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4459.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4459-transition_telecom-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4459-transition_telecom-en.mp4 2011-08-10T00:00:00+02:00 Frank Rieger, Rop Gonggrijp No camp2011, Society Telecommunications and networking during energy descent We'll need to come to grips with the challenges that declining oil production and increasing temperatures present. This talk explores positive future scenarios for the world of networking and communications past the great global energy free-for-all. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4459.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4459-transition_telecom-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4466-rocket_telemetry-en.mp4 Retrieval of information is essential for every experiment, especially involving rockets. The use of electromagnetic waves is the natural choice for communication with a rocket and sometimes the only means to retrieve flight hardware afterwards. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4466.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4466-rocket_telemetry-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4466-rocket_telemetry-en.mp4 2011-08-13T00:00:00+02:00 No camp2011, Hacker Space Program Real-time communication during rocket flight Retrieval of information is essential for every experiment, especially involving rockets. The use of electromagnetic waves is the natural choice for communication with a rocket and sometimes the only means to retrieve flight hardware afterwards. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4466.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4466-rocket_telemetry-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4493-space_federation-en.mp4 Our mission is to provide financial and organizational support to open communities in shared physical spaces who use innovative methods and technology in hands-on education. We'll speak to the global community about the progress in America. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4493.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4493-space_federation-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4493-space_federation-en.mp4 2011-08-10T00:00:00+02:00 willowbl00 No camp2011, Community Linking and Launching Earth-Based Hackerspaces Our mission is to provide financial and organizational support to open communities in shared physical spaces who use innovative methods and technology in hands-on education. We'll speak to the global community about the progress in America. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4493.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4493-space_federation-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4496-applied_research_on_security_of_tetra_radio.mp4 The digital professional mobile radio system TETRA is used by a wide range of users in almost all continents of the world. The OsmocomTETRA project has created a software radio receiver for the TETRA air interface, similar to what airprobe has done for GSM. Using this receiver plus associated protocol analysis tools, we are able to investigate and research the security level of real-world TETRA networks. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4496.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4496-applied_research_on_security_of_tetra_radio.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4496-applied_research_on_security_of_tetra_radio.mp4 2011-08-12T00:00:00+02:00 Harald Welte No camp2011, Hacking digital radio technology beyond GSM The digital professional mobile radio system TETRA is used by a wide range of users in almost all continents of the world. The OsmocomTETRA project has created a software radio receiver for the TETRA air interface, similar to what airprobe has done for GSM. Using this receiver plus associated protocol analysis tools, we are able to investigate and research the security level of real-world TETRA networks. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4496.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4496-applied_research_on_security_of_tetra_radio.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4500-reviving_smart_card_analysis-en.mp4 Smart cards chips – originally invented as a protection for cryptographic keys – are increasingly used to keep protocols secret. This talk challenges the chips' security measures to unlock the protocols for public analysis. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4500.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4500-reviving_smart_card_analysis-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4500-reviving_smart_card_analysis-en.mp4 2011-08-12T00:00:00+02:00 Karsten Nohl No camp2011, Hacking Smart cards chips – originally invented as a protection for cryptographic keys – are increasingly used to keep protocols secret. This talk challenges the chips' security measures to unlock the protocols for public analysis. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4500.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4500-reviving_smart_card_analysis-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4505-strahlung_im_weltall-de.mp4 Wer eine Mission zum Mond plant, muss sich über das, was die Umgebung dort bereithält, Gedanken machen. Neben Temperaturen von -180 bis +120° C ist Strahlung eine der größten Herausforderungen bei einer derartigen Mission. So genannte Single Event Upsets (SEU) können in einer Speicherzelle Datenbits flippen. Mit diesen umgekippten Bits muss man dann zurechtkommen. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4505.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4505-strahlung_im_weltall-de.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4505-strahlung_im_weltall-de.mp4 2011-08-10T00:00:00+02:00 Karsten Becker No camp2011, Hacker Space Program Hell yeah, it's radiation science! Wer eine Mission zum Mond plant, muss sich über das, was die Umgebung dort bereithält, Gedanken machen. Neben Temperaturen von -180 bis +120° C ist Strahlung eine der größten Herausforderungen bei einer derartigen Mission. So genannte Single Event Upsets (SEU) können in einer Speicherzelle Datenbits flippen. Mit diesen umgekippten Bits muss man dann zurechtkommen. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4505.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4505-strahlung_im_weltall-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4560-post_hacker_ethics_cyberwar-en.mp4 Several newly formed hacker groups were in the press, like Anonymous and lulzsec. We will analyze and discuss how these fit into the world, and how the different groups (politics, press, media, hackers) react to this new movement. Set sail for fail! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4560.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4560-post_hacker_ethics_cyberwar-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4560-post_hacker_ethics_cyberwar-en.mp4 2011-08-11T00:00:00+02:00 Hannes, Jens Ohlig No camp2011, Culture Applied loss of control to hacker-ethics? Several newly formed hacker groups were in the press, like Anonymous and lulzsec. We will analyze and discuss how these fit into the world, and how the different groups (politics, press, media, hackers) react to this new movement. Set sail for fail! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4560.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4560-post_hacker_ethics_cyberwar-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4564-r0ket-en.mp4 The r0ket is the badge for the Chaos Communication Camp 2011. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4564.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4564-r0ket-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4564-r0ket-en.mp4 2011-08-10T00:00:00+02:00 kiu, s, Stefan 'Sec' Zehl No camp2011, Hacking The CCC-Badge The r0ket is the badge for the Chaos Communication Camp 2011. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4564.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4564-r0ket-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4588-what_is_brewing_in_brussels-en.mp4 Right now the European Union is in a bit of a lawmaking frenzy on areas that are relevant to the internet in general. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4588.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4588-what_is_brewing_in_brussels-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4588-what_is_brewing_in_brussels-en.mp4 2011-08-11T00:00:00+02:00 Walter van Holst No camp2011, Society Right now the European Union is in a bit of a lawmaking frenzy on areas that are relevant to the internet in general. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4588.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4588-what_is_brewing_in_brussels-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4589-a_brief_history_of_european_internet_surveillance_policy_and_what_maybe_next-en.mp4 about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4589.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4589-a_brief_history_of_european_internet_surveillance_policy_and_what_maybe_next-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4589-a_brief_history_of_european_internet_surveillance_policy_and_what_maybe_next-en.mp4 2011-08-13T00:00:00+02:00 Caspar Bowden No camp2011 about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4589.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4589-a_brief_history_of_european_internet_surveillance_policy_and_what_maybe_next-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4597-moonbounce_radio_communication-en.mp4 Moon bounce, also known as EME (Earth-Moon-Earth), is a technique that allows two earth-based radio stations to communicate directly by using the moon as passive reflector. It is the longest path two stations on Earth can use to establish direct connection with each other. First developed the late 1940s by the United States Navy it was used as a revolutionary way to communicate without the uncertainties of shortwave radio propagation. The development of artificial satellites completely obsoleted this usecase only a few years later but the technique itself is still one of the most challenging tasks in radio communication. Today it's Amateur Radio stations that are practising the art of Moon bounce. We are here to tell and to show you how it is done. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4597.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4597-moonbounce_radio_communication-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4597-moonbounce_radio_communication-en.mp4 2011-08-13T00:00:00+02:00 Andreas Schreiner, Clemens Hopfer, Patrick Strasser No camp2011, Hacker Space Program To the Moon and back in two seconds. The joy of light speed information travel Moon bounce, also known as EME (Earth-Moon-Earth), is a technique that allows two earth-based radio stations to communicate directly by using the moon as passive reflector. It is the longest path two stations on Earth can use to establish direct connection with each other. First developed the late 1940s by the United States Navy it was used as a revolutionary way to communicate without the uncertainties of shortwave radio propagation. The development of artificial satellites completely obsoleted this usecase only a few years later but the technique itself is still one of the most challenging tasks in radio communication. Today it's Amateur Radio stations that are practising the art of Moon bounce. We are here to tell and to show you how it is done. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4597.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4597-moonbounce_radio_communication-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4427-the_blackbox_in_your_phone-en.mp4 This talk sheds some light on a cellphone-component, that's inevitable, virtually unclonable and as closed as it gets: the SIM. The SIM can do a lot more than just user-authentication nowadays: the SIM Application Toolkit gives it control over your phone about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4427.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4427-the_blackbox_in_your_phone-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4427-the_blackbox_in_your_phone-en.mp4 2011-08-10T00:00:00+02:00 hunz No camp2011, Hacking Some details about SIM cards This talk sheds some light on a cellphone-component, that's inevitable, virtually unclonable and as closed as it gets: the SIM. The SIM can do a lot more than just user-authentication nowadays: the SIM Application Toolkit gives it control over your phone about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4427.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4427-the_blackbox_in_your_phone-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4453-stuff_you_dont_see_every_day-en.mp4 Software Defined Radio defines a new approach to analyze signals with software. With the flexibility of software SDR literally opened a new spectrum of hacking. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4453.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4453-stuff_you_dont_see_every_day-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4453-stuff_you_dont_see_every_day-en.mp4 2011-08-10T00:00:00+02:00 Marius Ciepluch No camp2011, Science GNU Radio Internals - how to use the Framework Software Defined Radio defines a new approach to analyze signals with software. With the flexibility of software SDR literally opened a new spectrum of hacking. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4453.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4453-stuff_you_dont_see_every_day-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4472-hacking_dna-en.mp4 Genetic modification is getting cheaper and biohackers are making it more accessible. This talk outlines the state of DIYbio and institutional synthetic biology; current challenges in biological programming and why you should be hacking biology. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4472.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4472-hacking_dna-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4472-hacking_dna-en.mp4 2011-08-11T00:00:00+02:00 Marc Juul No camp2011, Science Compiling code for living systems Genetic modification is getting cheaper and biohackers are making it more accessible. This talk outlines the state of DIYbio and institutional synthetic biology; current challenges in biological programming and why you should be hacking biology. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4472.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4472-hacking_dna-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4478-die_psychologischen_grundlagen_des_social_engineerings-de.mp4 Dieser Vortrag zeigt, wie Social-Engineering funktioniert und erklärt die zugrundeliegenden Tricks und Kniffe anhand sozialpsychologischer Studien und Experimente. Außerdem werden Beispiele, Warnsignale und Gegenmaßnahmen vorgestellt. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4478.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4478-die_psychologischen_grundlagen_des_social_engineerings-de.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4478-die_psychologischen_grundlagen_des_social_engineerings-de.mp4 2011-08-11T00:00:00+02:00 Stefan Schumacher No camp2011, Science Dieser Vortrag zeigt, wie Social-Engineering funktioniert und erklärt die zugrundeliegenden Tricks und Kniffe anhand sozialpsychologischer Studien und Experimente. Außerdem werden Beispiele, Warnsignale und Gegenmaßnahmen vorgestellt. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4478.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4478-die_psychologischen_grundlagen_des_social_engineerings-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4486-building_and_giving_away-en.mp4 What motivates people to create and freely distribute their works? This presentation will draw on personal experience, research literature, and existing communities of those who build and give away. Open source software, hardware, community building. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4486.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4486-building_and_giving_away-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4486-building_and_giving_away-en.mp4 2011-08-10T00:00:00+02:00 Greg Newby No camp2011, Culture What motivates people to create and freely distribute their works? This presentation will draw on personal experience, research literature, and existing communities of those who build and give away. Open source software, hardware, community building. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4486.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4486-building_and_giving_away-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4491-rethinking_online_news-en.mp4 Journalism needs hackers to survive. We present our project to revolutionize online news and encourage you to start your own. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4491.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4491-rethinking_online_news-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4491-rethinking_online_news-en.mp4 2011-08-13T00:00:00+02:00 Christopher Clay / c3o, fin No camp2011, Society Journalism needs hackers to survive Journalism needs hackers to survive. We present our project to revolutionize online news and encourage you to start your own. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4491.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4491-rethinking_online_news-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4497-a_short_history_of_ipv4-en.mp4 A few short weeks ago, APNIC's supply of IPv4 address space reached depletion. ARIN and the RIPE NCC will follow soon, most likely somewhere this year. In this talk I will discuss the history of the internet as seen from the point of view of the RIRs. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4497.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4497-a_short_history_of_ipv4-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4497-a_short_history_of_ipv4-en.mp4 2011-08-13T00:00:00+02:00 Djinh No camp2011, Hacking A few short weeks ago, APNIC's supply of IPv4 address space reached depletion. ARIN and the RIPE NCC will follow soon, most likely somewhere this year. In this talk I will discuss the history of the internet as seen from the point of view of the RIRs. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4497.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4497-a_short_history_of_ipv4-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4502-is_this_the_mobile_gadget_world_we_created-en.mp4 The most ubiquitous device on the planet is arguably the mobile phone. Tragically, it is also a device built under some of the worst living and working conditions in the world. This is the story of a mission - To build the world's first ethical phone. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4502.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4502-is_this_the_mobile_gadget_world_we_created-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4502-is_this_the_mobile_gadget_world_we_created-en.mp4 2011-08-10T00:00:00+02:00 Bicyclemark No camp2011, Society The story of the world's first socially responsible mobile phone. The most ubiquitous device on the planet is arguably the mobile phone. Tragically, it is also a device built under some of the worst living and working conditions in the world. This is the story of a mission - To build the world's first ethical phone. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4502.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4502-is_this_the_mobile_gadget_world_we_created-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4504-gprs_intercept-en.mp4 GPRS data networks provide the backbone for our mobile society. Just like their siblings, GSM networks, the GPRS infrastructure is often lacking an appropriate level of protection. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4504.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4504-gprs_intercept-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4504-gprs_intercept-en.mp4 2011-08-10T00:00:00+02:00 Karsten Nohl, Luca Melette No camp2011, Hacking Wardriving phone networks GPRS data networks provide the backbone for our mobile society. Just like their siblings, GSM networks, the GPRS infrastructure is often lacking an appropriate level of protection. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4504.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4504-gprs_intercept-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4389-decentralized_clustering-en.mp4 In January 2011 the fear of all internauts became bitter truth. A whole country was kill-switched by the government. The flow of data was interrupted, communication laid waste. Not only the Internets was taken down, other means of communication were interrupted too. Cell Phone providers took down their services. So, there was no Internets in Egypt. Internauts had no chance to communicate what is happening, mothers and fathers could not send emails to theire relatives. No data was flowing. As the phone lines were working, this was the solutions: Modems. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4389.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4389-decentralized_clustering-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4389-decentralized_clustering-en.mp4 2011-08-12T00:00:00+02:00 Herr Urbach No camp2011, Society Making the net - even if your local dicators hate it! In January 2011 the fear of all internauts became bitter truth. A whole country was kill-switched by the government. The flow of data was interrupted, communication laid waste. Not only the Internets was taken down, other means of communication were interrupted too. Cell Phone providers took down their services. So, there was no Internets in Egypt. Internauts had no chance to communicate what is happening, mothers and fathers could not send emails to theire relatives. No data was flowing. As the phone lines were working, this was the solutions: Modems. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4389.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4389-decentralized_clustering-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4506-wie_finanziere_ich_eine_mondmission-de.mp4 Jeder von uns kennt das Problem: Da hat man ein motiviertes Team an der Hand und einen fertigen Mondrover in der Garage stehen, aber wie immer fehlt das Geld für die Rakete, mit welcher der Rover auf den Mond befördert werden soll! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4506.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4506-wie_finanziere_ich_eine_mondmission-de.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4506-wie_finanziere_ich_eine_mondmission-de.mp4 2011-08-13T00:00:00+02:00 Robert Böhme No camp2011, Hacker Space Program Von Würstchen verkaufen bis Ballonflüge – ein Erfahrungsbericht. Jeder von uns kennt das Problem: Da hat man ein motiviertes Team an der Hand und einen fertigen Mondrover in der Garage stehen, aber wie immer fehlt das Geld für die Rakete, mit welcher der Rover auf den Mond befördert werden soll! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4506.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4506-wie_finanziere_ich_eine_mondmission-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4438-mehrseitig_sichere_web_20_umfragen-de.mp4 In diesem Vortrag wird eine Web-2.0-Applikation vorgestellt, mit der Umfragen durchgeführt werden können. Im Gegensatz zu anderen Anwendungen muss bei dieser dem Serveradministrator nicht vertraut werden. Die notwendigen kryptographischen Protokolle, welche für die Vertrauensreduktion nötig sind, werden mit JavaScript durchgeführt, was keinerlei clientseitige Installation nötig macht (zero-footprint). about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4438.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4438-mehrseitig_sichere_web_20_umfragen-de.html Sun, 14 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4438-mehrseitig_sichere_web_20_umfragen-de.mp4 2011-08-14T00:00:00+02:00 Benjamin Kellermann No camp2011, Science Mehrseitig sichere Web 2.0-Umfragen In diesem Vortrag wird eine Web-2.0-Applikation vorgestellt, mit der Umfragen durchgeführt werden können. Im Gegensatz zu anderen Anwendungen muss bei dieser dem Serveradministrator nicht vertraut werden. Die notwendigen kryptographischen Protokolle, welche für die Vertrauensreduktion nötig sind, werden mit JavaScript durchgeführt, was keinerlei clientseitige Installation nötig macht (zero-footprint). about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4438.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4438-mehrseitig_sichere_web_20_umfragen-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4439-maching_to_machine_security-en.mp4 Today, more and more real-world things and machines are equipped with some kind of connection back home to the vendor. Such machine-to-machine (M2M) communication is often poorly secured and some day, the shit will hit the fan! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4439.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4439-maching_to_machine_security-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4439-maching_to_machine_security-en.mp4 2011-08-13T00:00:00+02:00 hunz No camp2011, Hacking When physical security depends on IT security Today, more and more real-world things and machines are equipped with some kind of connection back home to the vendor. Such machine-to-machine (M2M) communication is often poorly secured and some day, the shit will hit the fan! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4439.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4439-maching_to_machine_security-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4443-theres_gold_in_them_circuit_boards-en.mp4 Everything we do as technologists depends on the critical minerals from which our devices are made. Recycling junk electronics is no longer just the right thing to do, it's the smart thing to do. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4443.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4443-theres_gold_in_them_circuit_boards-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4443-theres_gold_in_them_circuit_boards-en.mp4 2011-08-13T00:00:00+02:00 Steph Alarcon No camp2011, Society Why E-Waste Recycling Is Smart and How To Make It Smarter Everything we do as technologists depends on the critical minerals from which our devices are made. Recycling junk electronics is no longer just the right thing to do, it's the smart thing to do. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4443.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4443-theres_gold_in_them_circuit_boards-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4445-data_mining_your_city-en.mp4 Philadelphia (USA) recently launched an initiative to open up tons of city records and municipal data. This talk will review some of the things people are using it for, and show how open city data is useful to many kinds of people. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4445.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4445-data_mining_your_city-en.html Sun, 14 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4445-data_mining_your_city-en.mp4 2011-08-14T00:00:00+02:00 Steph Alarcon No camp2011, Society Early lessons in open city data from Philadelphia, PA, USA Philadelphia (USA) recently launched an initiative to open up tons of city records and municipal data. This talk will review some of the things people are using it for, and show how open city data is useful to many kinds of people. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4445.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4445-data_mining_your_city-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4447-hybrid_rocket_engines-en.mp4 about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4447.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4447-hybrid_rocket_engines-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4447-hybrid_rocket_engines-en.mp4 2011-08-12T00:00:00+02:00 No camp2011, Hacker Space Program Design and implementation of rocket engines with two-phase propellants about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4447.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4447-hybrid_rocket_engines-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4455-the-arguna-rocket-family-en.mp4 The "Arguna" rocket family consist of four one-stage sounding rockets that can reach altitudes up to 10km. We will present the designs of these rockets and discuss the performed flights and results from avionics experiments. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4455.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4455-the-arguna-rocket-family-en.html Sun, 14 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4455-the-arguna-rocket-family-en.mp4 2011-08-14T00:00:00+02:00 No camp2011, Hacker Space Program An overview of our recent sounding rocket campaigns The "Arguna" rocket family consist of four one-stage sounding rockets that can reach altitudes up to 10km. We will present the designs of these rockets and discuss the performed flights and results from avionics experiments. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4455.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4455-the-arguna-rocket-family-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4476-open_source_photovoltaics-en.mp4 Opensource-solar.org is working on open hardware power supplies for off-grid applications. The systems consist of self-build solar panels, charge controllers with microcontroller, and LiFePo4 rechargeable batteries. Green energy for your gadgets ! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4476.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4476-open_source_photovoltaics-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4476-open_source_photovoltaics-en.mp4 2011-08-13T00:00:00+02:00 Moritz von Buttlar No camp2011, Hacker Space Program power for off-grid devices Opensource-solar.org is working on open hardware power supplies for off-grid applications. The systems consist of self-build solar panels, charge controllers with microcontroller, and LiFePo4 rechargeable batteries. Green energy for your gadgets ! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4476.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4476-open_source_photovoltaics-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4487-she_hackers-en.mp4 In 2002, Ghosh et al released a study which found that in F/LOSS coder/hacker communities, only 1.5% of members were female. This participation-heavy session is about the challenges of immersive ethnographic research in a time of gender transformation. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4487.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4487-she_hackers-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4487-she_hackers-en.mp4 2011-08-12T00:00:00+02:00 Kat Braybrooke No camp2011, Society A Presentation of Research and Invitation for Debate In 2002, Ghosh et al released a study which found that in F/LOSS coder/hacker communities, only 1.5% of members were female. This participation-heavy session is about the challenges of immersive ethnographic research in a time of gender transformation. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4487.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4487-she_hackers-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4494-laptop_and_electronics_searches_at_the_us_border-en.mp4 The Electronic Frontier Foundation will discuss the legal situation that international travelers face when entering or leaving the United States, as well as various ways that travelers can safeguard electronic devices and digital information at the border. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4494.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4494-laptop_and_electronics_searches_at_the_us_border-en.html Sun, 14 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4494-laptop_and_electronics_searches_at_the_us_border-en.mp4 2011-08-14T00:00:00+02:00 Seth Schoen No camp2011, Society A Privacy Guide for Travelers The Electronic Frontier Foundation will discuss the legal situation that international travelers face when entering or leaving the United States, as well as various ways that travelers can safeguard electronic devices and digital information at the border. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4494.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4494-laptop_and_electronics_searches_at_the_us_border-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4495-introduction_to_multicast_security-en.mp4 For scaling real time applications multicast transport is the enabling technology. This event will present solutions for multicast security, that can be used for group conferencing and scaling data distribution services as transport layer security. Keywords: SRTP, AES-CM, Keystream, Multimedia Internet KEYing about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4495.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4495-introduction_to_multicast_security-en.html Sun, 14 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4495-introduction_to_multicast_security-en.mp4 2011-08-14T00:00:00+02:00 frehberg No camp2011, Science Beyond SSL/TLS For scaling real time applications multicast transport is the enabling technology. This event will present solutions for multicast security, that can be used for group conferencing and scaling data distribution services as transport layer security. Keywords: SRTP, AES-CM, Keystream, Multimedia Internet KEYing about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4495.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4495-introduction_to_multicast_security-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4549-sport_fuer_nerds-en.mp4 Viele von uns sitzen länger vorm Rechner als es ihnen gut tut, irgendwann geht dann die Suche nach einer geeigneten Sportart los … about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4549.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4549-sport_fuer_nerds-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4549-sport_fuer_nerds-en.mp4 2011-08-12T00:00:00+02:00 Michael Schwab No camp2011, Community discover your body Viele von uns sitzen länger vorm Rechner als es ihnen gut tut, irgendwann geht dann die Suche nach einer geeigneten Sportart los … about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4549.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4549-sport_fuer_nerds-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4554-closing_event-en.mp4 about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4554.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4554-closing_event-en.html Sun, 14 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4554-closing_event-en.mp4 2011-08-14T00:00:00+02:00 No camp2011, Misc Good Bye and have a safe trip home! about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4554.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4554-closing_event-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4575-mursat-en.mp4 In 2011, mur.at will have a nano satellite launched into a low earth orbit (310 km above the surface of our planet). The satellite itself is the evolved descendant of a TubeSat personal satellite kit from Interorbital Systems. mur.sat is a joint venture of mur.at, ESC im Labor and realraum. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4575.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4575-mursat-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4575-mursat-en.mp4 2011-08-13T00:00:00+02:00 Bernhard Tittelbach, equinox No camp2011, Hacker Space Program A (Hacker) Space Art Project In 2011, mur.at will have a nano satellite launched into a low earth orbit (310 km above the surface of our planet). The satellite itself is the evolved descendant of a TubeSat personal satellite kit from Interorbital Systems. mur.sat is a joint venture of mur.at, ESC im Labor and realraum. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4575.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4575-mursat-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4395-counselling_mischief_as_thought_crime-en.mp4 This presentation will show how the RCMP, CSIS, CSEC and other groups worked to "secure" the 2010 Olympics, G8 and G20 by criminalising dissent, and the use of "Open Source Surveillance" to attempt to crack down on all opposition to these mega-events. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4395.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4395-counselling_mischief_as_thought_crime-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4395-counselling_mischief_as_thought_crime-en.mp4 2011-08-12T00:00:00+02:00 Joe No camp2011, Society Social Networks, Free Speech and the Criminalization of Dissent in Canada This presentation will show how the RCMP, CSIS, CSEC and other groups worked to "secure" the 2010 Olympics, G8 and G20 by criminalising dissent, and the use of "Open Source Surveillance" to attempt to crack down on all opposition to these mega-events. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4395.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4395-counselling_mischief_as_thought_crime-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4399-runtine_reconfigurable_processors-en.mp4 The talk will give the audience an introduction to the world of runtime reconfigurable processors. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4399.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4399-runtine_reconfigurable_processors-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4399-runtine_reconfigurable_processors-en.mp4 2011-08-12T00:00:00+02:00 Dominik Meyer No camp2011, Science The talk will give the audience an introduction to the world of runtime reconfigurable processors. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4399.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4399-runtine_reconfigurable_processors-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4424-poker_bots-en.mp4 For a few years I was part of a team that developed and ran autonomous poker playing robots on commercial Internet poker sites; playing poker with real money against real people in real time. The project failed... about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4424.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4424-poker_bots-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4424-poker_bots-en.mp4 2011-08-13T00:00:00+02:00 Torbjörn Lofterud No camp2011, Science Developing and running autonomous pokerbots at online casinos For a few years I was part of a team that developed and ran autonomous poker playing robots on commercial Internet poker sites; playing poker with real money against real people in real time. The project failed... about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4424.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4424-poker_bots-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4426-certified_programming_with_dependent_types-en.mp4 Dependent types expand the concept of types in programming languages by arbitrary predicates depending on the value of the type. This lecture will introduce the concept and show how it can be used to develop formally verified code. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4426.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4426-certified_programming_with_dependent_types-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4426-certified_programming_with_dependent_types-en.mp4 2011-08-12T00:00:00+02:00 Andreas Bogk No camp2011, Science Because the future of defense is liberal application of math Dependent types expand the concept of types in programming languages by arbitrary predicates depending on the value of the type. This lecture will introduce the concept and show how it can be used to develop formally verified code. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4426.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4426-certified_programming_with_dependent_types-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4428-the_joy_of_intellectual_vampirism-en.mp4 What makes us gravitate towards other people? In Intellectual Vampires it is the craving for fresh ideas, and in Intellectual Fangbangers it is the joy of sharing them. A talk on the fine art of communication, channels, contexts, and language. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4428.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4428-the_joy_of_intellectual_vampirism-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4428-the_joy_of_intellectual_vampirism-en.mp4 2011-08-13T00:00:00+02:00 Christiane Ruetten No camp2011, Culture Mindfucking with Shared Information What makes us gravitate towards other people? In Intellectual Vampires it is the craving for fresh ideas, and in Intellectual Fangbangers it is the joy of sharing them. A talk on the fine art of communication, channels, contexts, and language. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4428.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4428-the_joy_of_intellectual_vampirism-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4442-introduction-to-satellite_communications-en.mp4 In this lecture, I'll cover some satellite communication basics like pros and cons of different orbits, the characteristics of a satellite communications link and the difficulties regarding noise and attenuation when handling high frequency satellite communication systems. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4442.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4442-introduction-to-satellite_communications-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4442-introduction-to-satellite_communications-en.mp4 2011-08-10T00:00:00+02:00 Irmi Meister No camp2011, Hacker Space Program the joy and challange of operating satellite communication systems; illustrated with postage stamps In this lecture, I'll cover some satellite communication basics like pros and cons of different orbits, the characteristics of a satellite communications link and the difficulties regarding noise and attenuation when handling high frequency satellite communication systems. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4442.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4442-introduction-to-satellite_communications-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4451-a_modern_manifest_of_cyberspace-en.mp4 The internet is increasingly falling under the control and restrictions of governments and multinational corporations. Internet connections are filtered and censored, not only in China but blatantly so in 'western' countries such as Australia and Canada. The content industry is clamping down on infringement on intellectual property and calls for ever more far-fetching and over-reaching laws to be put into effect. Meanwhile, telco's are making deals with content providers to decide how gets premium access and who gets degraded access to their networks. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4451.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4451-a_modern_manifest_of_cyberspace-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4451-a_modern_manifest_of_cyberspace-en.mp4 2011-08-12T00:00:00+02:00 gmc No camp2011, Hacker Space Program The internet is dead, long live the internet The internet is increasingly falling under the control and restrictions of governments and multinational corporations. Internet connections are filtered and censored, not only in China but blatantly so in 'western' countries such as Australia and Canada. The content industry is clamping down on infringement on intellectual property and calls for ever more far-fetching and over-reaching laws to be put into effect. Meanwhile, telco's are making deals with content providers to decide how gets premium access and who gets degraded access to their networks. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4451.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4451-a_modern_manifest_of_cyberspace-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4462-counter-lobbying_in_the_eu_parliament-en.mp4 The german access-blocking debate in 2009 only was a prelude to the EU-wide introduction of a blocking infrastructure in the Internet. Only delayed by the Lisbon Treaty compulsory, blocking by all EU-Memberstate has been discussed in the European Parliament since March 2010. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4462.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4462-counter-lobbying_in_the_eu_parliament-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4462-counter-lobbying_in_the_eu_parliament-en.mp4 2011-08-11T00:00:00+02:00 Christian Bahls MOGiS e.V., Jérémie Zimmermann No camp2011, Society How citizens can hack the legislative process to protect their freedoms online The german access-blocking debate in 2009 only was a prelude to the EU-wide introduction of a blocking infrastructure in the Internet. Only delayed by the Lisbon Treaty compulsory, blocking by all EU-Memberstate has been discussed in the European Parliament since March 2010. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4462.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4462-counter-lobbying_in_the_eu_parliament-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4467-design_and_implementation_of_flight_electronics-en.mp4 Flying hardware must perform its intended function under harsh environmental conditions while fulfilling strict requirements due to boundary conditions like weight, size, and power consumption. The design must exhibit redundancy and resilience against adversary conditions and special care has to be given to thermal management and energy sources. We will discuss design rules to cope with specific problems and present a prototype system based on the multicore chip P8X32A. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4467.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4467-design_and_implementation_of_flight_electronics-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4467-design_and_implementation_of_flight_electronics-en.mp4 2011-08-13T00:00:00+02:00 No camp2011, Hacker Space Program Design and implementation of flight electronics Flying hardware must perform its intended function under harsh environmental conditions while fulfilling strict requirements due to boundary conditions like weight, size, and power consumption. The design must exhibit redundancy and resilience against adversary conditions and special care has to be given to thermal management and energy sources. We will discuss design rules to cope with specific problems and present a prototype system based on the multicore chip P8X32A. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4467.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4467-design_and_implementation_of_flight_electronics-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4471-who_is_snitching_my_milk-en.mp4 Nowadays many office environments offer small tea kitchens for their employees. From subjective experiences there seems to be a milk drain in these environments. However, fundamentel research is still missing. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4471.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4471-who_is_snitching_my_milk-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4471-who_is_snitching_my_milk-en.mp4 2011-08-11T00:00:00+02:00 André Franz No camp2011, Science Nonlinear dynamics/analysis of vanishing bovine products in an office environment. Nowadays many office environments offer small tea kitchens for their employees. From subjective experiences there seems to be a milk drain in these environments. However, fundamentel research is still missing. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4471.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4471-who_is_snitching_my_milk-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4492-die-strugazki-brueder-oder-das-homoeostatische-weltbild-de.mp4 Die atomar verstrahlten Ruinen eines ehemaligen Kernkraftwerkes sind Symbole für das bevorstehende Ende der Zivilisation, aber gleichzeitig die Wunschmaschine, die alle Sehnsüchte stillen kann. Dieser Ort ist nicht Fukushima und auch nicht Tschernobyl, sondern der Zielort der Protagonisten im Roman „Picknick am Wegesrand“ der russischen Autorenbrüder Arkadi und Boris Strugazki. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4492.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4492-die-strugazki-brueder-oder-das-homoeostatische-weltbild-de.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4492-die-strugazki-brueder-oder-das-homoeostatische-weltbild-de.mp4 2011-08-12T00:00:00+02:00 Agata Królikowski, Ina Kwasniewski, Jens-Martin Loebel, Kai Kittler, Marcus Mews, Marcus Richter No camp2011, Culture Ein audiovisuelles Live-Hörspiel Die atomar verstrahlten Ruinen eines ehemaligen Kernkraftwerkes sind Symbole für das bevorstehende Ende der Zivilisation, aber gleichzeitig die Wunschmaschine, die alle Sehnsüchte stillen kann. Dieser Ort ist nicht Fukushima und auch nicht Tschernobyl, sondern der Zielort der Protagonisten im Roman „Picknick am Wegesrand“ der russischen Autorenbrüder Arkadi und Boris Strugazki. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4492.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4492-die-strugazki-brueder-oder-das-homoeostatische-weltbild-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4555-black_ops_of_tcpip_2011-en.mp4 Remember when networks represented interesting targets, when TCP/IP was itself a vector for messiness, when packet crafting was a required skill? about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4555.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4555-black_ops_of_tcpip_2011-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4555-black_ops_of_tcpip_2011-en.mp4 2011-08-12T00:00:00+02:00 Dan Kaminsky No camp2011, Hacking Remember when networks represented interesting targets, when TCP/IP was itself a vector for messiness, when packet crafting was a required skill? about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4555.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4555-black_ops_of_tcpip_2011-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4561-hacker_jeopardy-en.mp4 The Hacker Jeopardy is a quiz show. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4561.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4561-hacker_jeopardy-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4561-hacker_jeopardy-en.mp4 2011-08-13T00:00:00+02:00 Ray, Stefan 'Sec' Zehl No camp2011, Misc Number guessing for geeks The Hacker Jeopardy is a quiz show. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4561.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4561-hacker_jeopardy-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4591-financing_the_revolution-en.mp4 Financing The Revolution is a discussion about digital currencies with a particular emphasis on Bitcoin, a new distributed peer-to-peer electronic currency. Digital cash and Bitcoin in particular have caused many new and interesting markets to appear, and these are examined as well as the link between economic freedom and the expression of other basic rights. Keywords: digital cash, cryptography, bitcoin, dgc, darknets, markets, civil liberties about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4591.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4591-financing_the_revolution-en.html Fri, 12 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4591-financing_the_revolution-en.mp4 2011-08-12T00:00:00+02:00 Jeffrey Paul (sneak) No camp2011, Society Secure, private value transactions using digital cash Financing The Revolution is a discussion about digital currencies with a particular emphasis on Bitcoin, a new distributed peer-to-peer electronic currency. Digital cash and Bitcoin in particular have caused many new and interesting markets to appear, and these are examined as well as the link between economic freedom and the expression of other basic rights. Keywords: digital cash, cryptography, bitcoin, dgc, darknets, markets, civil liberties about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4591.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4591-financing_the_revolution-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4594-from_oscar_1_to_mars_and_beyond-en.mp4 Radio amateurs have been building and operating satellites for almost fifty years now, and we are aiming for more. In this talk, I'll present who AMSAT is, what we have achieved in the last fifty years, and what we are working on now. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4594.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4594-from_oscar_1_to_mars_and_beyond-en.html Sat, 13 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4594-from_oscar_1_to_mars_and_beyond-en.mp4 2011-08-13T00:00:00+02:00 Mario Lorenz No camp2011, Hacker Space Program Amateur Space Exploration – The last 50 years, now, and the future Radio amateurs have been building and operating satellites for almost fifty years now, and we are aiming for more. In this talk, I'll present who AMSAT is, what we have achieved in the last fifty years, and what we are working on now. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4594.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4594-from_oscar_1_to_mars_and_beyond-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4412-latest_developments_around_the_milkymist_system_on_chip-en.mp4 Milkymist develops a comprehensive solution for the live synthesis of interactive visual effects. It features one of the first open source system-on-chip designs. This talk gives a roundup of what has happened during the last 1.5 year in this project. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4412.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4412-latest_developments_around_the_milkymist_system_on_chip-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4412-latest_developments_around_the_milkymist_system_on_chip-en.mp4 2011-08-11T00:00:00+02:00 Sébastien Bourdeauducq No camp2011, Hacking A roundup of one the most advanced open hardware projects Milkymist develops a comprehensive solution for the live synthesis of interactive visual effects. It features one of the first open source system-on-chip designs. This talk gives a roundup of what has happened during the last 1.5 year in this project. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4412.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4412-latest_developments_around_the_milkymist_system_on_chip-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4421-strong_encryption_of_credit_card_information-en.mp4 The PCI DSS standard require strong cryptography or secure hashing as ways to protect cardholder information. But one important factor is missing; detailed instructions for how to correctly apply cryptography to credit card numbers. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4421.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4421-strong_encryption_of_credit_card_information-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4421-strong_encryption_of_credit_card_information-en.mp4 2011-08-10T00:00:00+02:00 Torbjörn Lofterud No camp2011, Hacking Attacks on common failures when encrypting credit card information The PCI DSS standard require strong cryptography or secure hashing as ways to protect cardholder information. But one important factor is missing; detailed instructions for how to correctly apply cryptography to credit card numbers. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4421.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4421-strong_encryption_of_credit_card_information-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4436-rocket_propulsion_basics-en.mp4 We will discuss the basic principles of thermochemical engines and their application for rocket propulsion. The three main types of chemical rocket engines, i.e. solid, liquid, and hybrid, will be presented and compared. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4436.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4436-rocket_propulsion_basics-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4436-rocket_propulsion_basics-en.mp4 2011-08-10T00:00:00+02:00 No camp2011, Hacker Space Program An introduction to rocket engines and their application for space travel We will discuss the basic principles of thermochemical engines and their application for rocket propulsion. The three main types of chemical rocket engines, i.e. solid, liquid, and hybrid, will be presented and compared. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4436.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4436-rocket_propulsion_basics-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4449-digitale_gesellschaft_ev-de.mp4 Im April 2011 wurde mit "Digitale Gesellschaft" ein neuer Verein zum Erhalt und Ausbau von digitalen Bürgerrechten präsentiert. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4449.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4449-digitale_gesellschaft_ev-de.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4449-digitale_gesellschaft_ev-de.mp4 2011-08-11T00:00:00+02:00 Markus Beckedahl No camp2011, Society Ein neuer Ansatz, um digitale Bürgerrechte zu erhalten Im April 2011 wurde mit "Digitale Gesellschaft" ein neuer Verein zum Erhalt und Ausbau von digitalen Bürgerrechten präsentiert. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4449.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4449-digitale_gesellschaft_ev-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4488-steal_everything_kill_everyone_cause_financial_ruin-en.mp4 This is not a presentation where I talk about how I would get in or the things I might be able to do. This is a talk where I am already in and I show you pictures from actual engagements that I have been on. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4488.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4488-steal_everything_kill_everyone_cause_financial_ruin-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4488-steal_everything_kill_everyone_cause_financial_ruin-en.mp4 2011-08-11T00:00:00+02:00 Jayson E. Street No camp2011, Hacking Or: How I walked in and misbehaved This is not a presentation where I talk about how I would get in or the things I might be able to do. This is a talk where I am already in and I show you pictures from actual engagements that I have been on. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4488.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4488-steal_everything_kill_everyone_cause_financial_ruin-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4490-ios_application_security-en.mp4 Over the last few years there has been a signifant amount of iPhone and iPad application development going on. Although based on Mac OSX, its development APIs are new and very specific to the iPhone and iPad. In this presentation, Ilja van Sprundel, Principal Security Consultant at IOActive, will discuss lessons learned from auditing iPhone and iPad applications over the last year. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4490.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4490-ios_application_security-en.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4490-ios_application_security-en.mp4 2011-08-11T00:00:00+02:00 Ilja van Sprundel No camp2011, Hacking A look at the security of 3rd party iOS applications Over the last few years there has been a signifant amount of iPhone and iPad application development going on. Although based on Mac OSX, its development APIs are new and very specific to the iPhone and iPad. In this presentation, Ilja van Sprundel, Principal Security Consultant at IOActive, will discuss lessons learned from auditing iPhone and iPad applications over the last year. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4490.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4490-ios_application_security-en.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4503-ich_und_23-de.mp4 Der Vortrag wird zunächst die Grundlagen des DNA-Fingerprinting auf unseren 23 Chromosomenpaaren zusammenfassen. Dabei wird besprochen, wie ein genetischer Fingerabdruck praktisch für die Verwendung in der Forensik entsteht und in welcher Form die Speicherung in einer Datenbank vorgenommen wird. Darauf aufbauend werden Stärken und Risiken der Technologie erörtert. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4503.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4503-ich_und_23-de.html Thu, 11 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4503-ich_und_23-de.mp4 2011-08-11T00:00:00+02:00 Mirko Swillus No camp2011, Science Fingerabdrücke der DNA Der Vortrag wird zunächst die Grundlagen des DNA-Fingerprinting auf unseren 23 Chromosomenpaaren zusammenfassen. Dabei wird besprochen, wie ein genetischer Fingerabdruck praktisch für die Verwendung in der Forensik entsteht und in welcher Form die Speicherung in einer Datenbank vorgenommen wird. Darauf aufbauend werden Stärken und Risiken der Technologie erörtert. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4503.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4503-ich_und_23-de.html http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4552-openleaks-en.mp4 This talk will introduce the next phase of the OpenLeaks project. We will present a more detailed insight into the project and take you on a tour around the different OL subprojects. We will also announce the activities we are planning for this years camp. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4552.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4552-openleaks-en.html Wed, 10 Aug 2011 00:00:00 +0200 http://media.ccc.de/ftp/events/camp2011/video/cccamp11-4552-openleaks-en.mp4 2011-08-10T00:00:00+02:00 OpenLeaks No camp2011, Society where leaking meets engineering This talk will introduce the next phase of the OpenLeaks project. We will present a more detailed insight into the project and take you on a tour around the different OL subprojects. We will also announce the activities we are planning for this years camp. about this event: http://events.ccc.de/camp/2011/Fahrplan/events/4552.en.html event on media: http://media.ccc.de/browse/conferences/camp2011/cccamp11-4552-openleaks-en.html http://media.ccc.de/ftp/events/camp2011/trailer/camp2011_trailer.m4v about this event: http://ccc.de event on media: http://media.ccc.de/browse/conferences/camp2011/camp-2011-trailer.html Sat, 01 Jan 2011 00:00:00 +0100 http://media.ccc.de/ftp/events/camp2011/trailer/camp2011_trailer.m4v 2011-01-01T00:00:00+01:00 No camp2011 about this event: http://ccc.de event on media: http://media.ccc.de/browse/conferences/camp2011/camp-2011-trailer.html CCC media team media@koeln.ccc.de CCC media team No CCC, Congress, Hacking, Security, Netzpolitik A wide variety of video material distributed by the CCC. All content is taken from ftp.ccc.de and media.ccc.de A wide variety of video material distributed by the Chaos Computer Club.