https://media.ccc.de/c/mrmcd101b This feed contains all events from mrmcd101b as mp4 see video outro Thu, 23 Jan 2025 18:41:40 -0000 https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b/folder-mrmcd-2006.png https://media.ccc.de/c/mrmcd101b https://media.ccc.de/v/mrmcd101b_-_3_____2_____1_____meins about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1468.en.html Mon, 01 Jan 2007 01:00:00 +0100 https://cdn.media.ccc.de/events/mrmcd/mrmcd101b/mrmcd101b - 3 ... 2 ... 1 ... meins.mp4?1609613947 import-b17c23649737fcc712 2007-01-01T01:00:00+01:00 Lexi Pimendis No mrmcd Hacken fuer Jedermann about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1468.en.html 00:28:43 https://media.ccc.de/v/mrmcd101b_-_X_25_(in)security_in_2006:_having_phun_with_it The presentation will focus on X.25 security issues, positioned in nowadays’ contest and problems. The main intention is to bring personal and professional know-hows, backgrounds and X.25 penetration testing experiences to the auditorium, with real-life case studies. You will discover how an airplane flying over the Atlantic Ocean uses X.25 packet switching to communicate with the outside world, as well as why many government institutions around the world still uses the reliable frame-relay X.25 networks. about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1364.en.html Mon, 01 Jan 2007 01:00:00 +0100 https://cdn.media.ccc.de/events/mrmcd/mrmcd101b/mrmcd101b - X.25 (in)security in 2006: having phun with it.mp4?1609614712 import-c1895fa3f2553ad9fe 2007-01-01T01:00:00+01:00 Raoul Chiesa No mrmcd Actual present, next future & field experiences analysis of an underestimated (and still actual) security issue. The presentation will focus on X.25 security issues, positioned in nowadays’ contest and problems. The main intention is to bring personal and professional know-hows, backgrounds and X.25 penetration testing experiences to the auditorium, with real-life case studies. You will discover how an airplane flying over the Atlantic Ocean uses X.25 packet switching to communicate with the outside world, as well as why many government institutions around the world still uses the reliable frame-relay X.25 networks. about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1364.en.html 01:51:48 https://media.ccc.de/v/mrmcd101b_-_Hackers_Int Der Blick über den Tellerrand - Hacker außerhalb von Deutschland. about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1408.en.html Mon, 01 Jan 2007 01:00:00 +0100 https://cdn.media.ccc.de/events/mrmcd/mrmcd101b/mrmcd101b - Hackers Int.mp4?1609614217 import-08a6d7fa4984bc8a7f 2007-01-01T01:00:00+01:00 mc.fly, Jens Ohlig, b9punk, Raoul Chiesa No mrmcd der blick ueber den tellerrand - hacker auserhalb von deutschland Der Blick über den Tellerrand - Hacker außerhalb von Deutschland. about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1408.en.html 01:39:10 https://media.ccc.de/v/mrmcd101b_-_Sicherheit_und_Angreifbarkeit_heutiger_Applikationen about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1465.en.html Mon, 01 Jan 2007 01:00:00 +0100 https://cdn.media.ccc.de/events/mrmcd/mrmcd101b/mrmcd101b - Sicherheit und Angreifbarkeit heutiger Applikationen.mp4?1609614372 import-7f543007ea360a56e4 2007-01-01T01:00:00+01:00 FX of Phenoelit No mrmcd about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1465.en.html 00:51:21 https://media.ccc.de/v/mrmcd101b_-_Comparison_of_WAN_IGP_protocols Most companies with large WANs use either RSTP+flooding/learning or OSPFv2· for two purposes: to route around network link failures, and to automatically find the correct path to a destination address on a large network with many hops. Including RSTP in the comparison is a realistic acknowledgement of the way L2 switching is abused these· days. Including OSI in the comparison should reveal some habitually irritating aspects of switched IP networks that are mere accidents of history, and others that are more fundamental. I'll provide background about how Ethernet switching works, what is an IGP, and what the now mostly-abandoned supposed-future OSI world feels like. IGP's are not just for fault-resilience. They also function as a network management protocol: like SNMP, it's impractical to deal with a very large network without using an IGP. The talk will not discuss EGP's, exterior gateway protocols like BGP. All these IGP's are used within one administrative domain. They are never used between one ISP and another, nor between a customer and his ISP. I say ``loosely about'' because I'll be introducing three protocols, only one of which is an IGP in common use on today's Internet: * RSTP + flooding/learning. L2 switches use a combination of RSTP and the flooding/learning system to route Ethernet frames. They can route traffic around a failed link, and they can direct traffic toward a wireless user that's roaming among access points. * OSPF. This is the standard routing protocol for IPv4. There are other important/popular ones like 'Integrated IS-IS' and 'EIGRP', but OSPF is the best example and probably the most popular. ISP's and big companies use this protocol to route around the failure of WAN links within their own networks, and to manage their large networks. * IS-IS. This is _the_ routing protocol for the ISO/OSI CLNP (ConnectionLess Network Protocol). OSI networking was designed many years ago through expensive necktie conferences in mountain· resort towns, and proposed as the replacement for IP on the future Internet. It included CLNP which was analagous to IP. No one fell for it. At least, no one uses it at the edge, although it's still used ubiquitously, I'm not sure how exactly, on most Sonet/SDH rings. More importantly, almost everything complicated and difficult at the core of the modern Internet right now is a simplified/adapted version of some earlier OSI Master Vision which you can find referenced in the bibliography of the relevant IETF RFC. The difficult algorithmic and conceptual pieces· in BGP, OSPF, LDAP, and many other things, are borrowed from OSI· standards. I want to teach people about these three protocols for two reasons.·· First, what's similar and what's different about the three types of routing? How, and with what limitations, do small and large networks route around failures? Second, which limitations are abstract, essential problems of network routing, and which are quirks of a particular implementation that has become overwhelmingly dominant, like IP or L2 switching. I think most people don't really understand how L2 switches work---they just think ``they're like hubs, only better.'' Switches unfortunately fall a bit short of that ideal lego-networking model.·· Now that such a bastard hack has attained such prominence in large· networks, I think we should have a second look at switches with the· aim of borrowing ideas from them, like how most of the modern Internet's· new ideas are borrowed from OSI. Also, we've become accustomed to IPv4 networks where there is a strict· rule: if you move to a different part of the L3 network, you have to· change your end system's IP address to match the new subnet. OSI CLNP· does not work that way. I think this will surprise and interest many· people, as it did me. I think the talk will broaden people's minds by introducing three standards central to our Internet heritage of which most people have vaguely heard, but have no idea how they work or even exactly what they are. Optimistically it'll help them think about new possibilities for how to design large networks and protocols, and will help them do it in a more historically grounded way than the usual creativity-heavy bikeshed moment of ``I've just invented this great· idea for a new kind of peer-to-peer filesharing network! see, it's· shaped like a tetrahedron, and when one node `drops out', then· there's the `discovery phase,' to replace it, and...'' about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1400.en.html Mon, 01 Jan 2007 01:00:00 +0100 https://cdn.media.ccc.de/events/mrmcd/mrmcd101b/mrmcd101b - Comparison of WAN IGP protocols.mp4?1609614067 import-3936e1a286f3d9ffb2 2007-01-01T01:00:00+01:00 Miles Nordin No mrmcd RSTP+flooding/learning for Ethernet, OSPFv2 for IPv4, and IS-IS for CLNP Most companies with large WANs use either RSTP+flooding/learning or OSPFv2· for two purposes: to route around network link failures, and to automatically find the correct path to a destination address on a large network with many hops. Including RSTP in the comparison is a realistic acknowledgement of the way L2 switching is abused these· days. Including OSI in the comparison should reveal some habitually irritating aspects of switched IP networks that are mere accidents of history, and others that are more fundamental. I'll provide background about how Ethernet switching works, what is an IGP, and what the now mostly-abandoned supposed-future OSI world feels like. IGP's are not just for fault-resilience. They also function as a network management protocol: like SNMP, it's impractical to deal with a very large network without using an IGP. The talk will not discuss EGP's, exterior gateway protocols like BGP. All these IGP's are used within one administrative domain. They are never used between one ISP and another, nor between a customer and his ISP. I say ``loosely about'' because I'll be introducing three protocols, only one of which is an IGP in common use on today's Internet: * RSTP + flooding/learning. L2 switches use a combination of RSTP and the flooding/learning system to route Ethernet frames. They can route traffic around a failed link, and they can direct traffic toward a wireless user that's roaming among access points. * OSPF. This is the standard routing protocol for IPv4. There are other important/popular ones like 'Integrated IS-IS' and 'EIGRP', but OSPF is the best example and probably the most popular. ISP's and big companies use this protocol to route around the failure of WAN links within their own networks, and to manage their large networks. * IS-IS. This is _the_ routing protocol for the ISO/OSI CLNP (ConnectionLess Network Protocol). OSI networking was designed many years ago through expensive necktie conferences in mountain· resort towns, and proposed as the replacement for IP on the future Internet. It included CLNP which was analagous to IP. No one fell for it. At least, no one uses it at the edge, although it's still used ubiquitously, I'm not sure how exactly, on most Sonet/SDH rings. More importantly, almost everything complicated and difficult at the core of the modern Internet right now is a simplified/adapted version of some earlier OSI Master Vision which you can find referenced in the bibliography of the relevant IETF RFC. The difficult algorithmic and conceptual pieces· in BGP, OSPF, LDAP, and many other things, are borrowed from OSI· standards. I want to teach people about these three protocols for two reasons.·· First, what's similar and what's different about the three types of routing? How, and with what limitations, do small and large networks route around failures? Second, which limitations are abstract, essential problems of network routing, and which are quirks of a particular implementation that has become overwhelmingly dominant, like IP or L2 switching. I think most people don't really understand how L2 switches work---they just think ``they're like hubs, only better.'' Switches unfortunately fall a bit short of that ideal lego-networking model.·· Now that such a bastard hack has attained such prominence in large· networks, I think we should have a second look at switches with the· aim of borrowing ideas from them, like how most of the modern Internet's· new ideas are borrowed from OSI. Also, we've become accustomed to IPv4 networks where there is a strict· rule: if you move to a different part of the L3 network, you have to· change your end system's IP address to match the new subnet. OSI CLNP· does not work that way. I think this will surprise and interest many· people, as it did me. I think the talk will broaden people's minds by introducing three standards central to our Internet heritage of which most people have vaguely heard, but have no idea how they work or even exactly what they are. Optimistically it'll help them think about new possibilities for how to design large networks and protocols, and will help them do it in a more historically grounded way than the usual creativity-heavy bikeshed moment of ``I've just invented this great· idea for a new kind of peer-to-peer filesharing network! see, it's· shaped like a tetrahedron, and when one node `drops out', then· there's the `discovery phase,' to replace it, and...'' about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1400.en.html 01:43:53 https://media.ccc.de/v/mrmcd101b_-_The_Hash_Disaster A lot of actual results show that all widely used hash functions (MD4,MD5,SHA,SHA-1) are broken in a cryptographic sense. Even worse because of some internal design properties even practical attacks against MD*-based hash functions security systems could be shown. In this talk we discuss the cryptographic status and some first-aid workarounds. We also show the impossibility to establish a "Trusted" infrastructure based on a untrustable cryptographic function. about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1490.en.html Mon, 01 Jan 2007 01:00:00 +0100 https://cdn.media.ccc.de/events/mrmcd/mrmcd101b/mrmcd101b - The Hash Disaster.mp4?1609614453 import-0d8239451007504f65 2007-01-01T01:00:00+01:00 Rüdiger Weis No mrmcd Recent Results on Cryptanalysis and their Implications on System Security A lot of actual results show that all widely used hash functions (MD4,MD5,SHA,SHA-1) are broken in a cryptographic sense. Even worse because of some internal design properties even practical attacks against MD*-based hash functions security systems could be shown. In this talk we discuss the cryptographic status and some first-aid workarounds. We also show the impossibility to establish a "Trusted" infrastructure based on a untrustable cryptographic function. about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1490.en.html 01:00:38 https://media.ccc.de/v/mrmcd101b_-_Geek_Mafia about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1407.en.html Mon, 01 Jan 2007 01:00:00 +0100 https://cdn.media.ccc.de/events/mrmcd/mrmcd101b/mrmcd101b - Geek Mafia.mp4?1609614169 import-288c74343fbab81c89 2007-01-01T01:00:00+01:00 Rick Dakan No mrmcd Rick Dakan liest aus seinem Buch Geek Mafia about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1407.en.html 00:35:35 https://media.ccc.de/v/mrmcd101b_-_Hacktivismus_und_die_Moeglichkeiten_politischer_Einflussnahme about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1399.en.html Mon, 01 Jan 2007 01:00:00 +0100 https://cdn.media.ccc.de/events/mrmcd/mrmcd101b/mrmcd101b - Hacktivismus und die Moeglichkeiten politischer Einflussnahme.mp4?1609614301 import-ea934ea3b0194459a1 2007-01-01T01:00:00+01:00 fukami No mrmcd about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1399.en.html 00:58:49 https://media.ccc.de/v/mrmcd101b_-_Nintendo_DS Nintendo DS vorstellen, Flashen, Hacken. Bringt euren NDS mit! about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1467.en.html Mon, 01 Jan 2007 01:00:00 +0100 https://cdn.media.ccc.de/events/mrmcd/mrmcd101b/mrmcd101b - Nintendo DS.mp4?1609613589 import-2772630a4ef636c476 2007-01-01T01:00:00+01:00 Marcel Klein, Mario Manno No mrmcd Fakten und Anderes Nintendo DS vorstellen, Flashen, Hacken. Bringt euren NDS mit! about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1467.en.html 00:42:44 https://media.ccc.de/v/mrmcd101b_-_Eroeffnungsveranstaltung Eroeffnungsveranstaltung der mrmcd101b. about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1263.en.html Mon, 01 Jan 2007 01:00:00 +0100 https://cdn.media.ccc.de/events/mrmcd/mrmcd101b/mrmcd101b - Eroeffnungsveranstaltung.mp4?1609614104 import-6f6b1744f703730b42 2007-01-01T01:00:00+01:00 mc.fly, Flex, Julian 'codemonk' No mrmcd Willkommen zu den metarheinmain chaosdays Eroeffnungsveranstaltung der mrmcd101b. about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1263.en.html 00:21:40 https://media.ccc.de/v/mrmcd101b_-_Abschlussveranstaltung about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1264.en.html Mon, 01 Jan 2007 01:00:00 +0100 https://cdn.media.ccc.de/events/mrmcd/mrmcd101b/mrmcd101b - Abschlussveranstaltung.mp4?1609614017 import-996cfd6dac2af3492c 2007-01-01T01:00:00+01:00 mc.fly, Flex No mrmcd Wie war's, was ist passiert... about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1264.en.html 00:15:08 https://media.ccc.de/v/mrmcd101b_-_Hacking_fingerprint_recognition_systems Today biometric systems are becoming mainstream. They can be· found everywhere. In mobile phones, computers, entrance systems even in ATMs. Because of the low costs, small sizes and the alleged maturity mostly fingerprint sensors are used. But contrary to the assurance of the manufacturers they are still very easy to hack with techniques invented three years ago (see http://www.ccc.de/biometrie/fingerabdruck_kopieren?language=en). The capacitive sensors built into the new generation of Thinkpad computer from IBM / Lenovo were one of the first implementing countermeasures· against this type of dummies. But counter measures only lead to new types of· dummies!· Using this fingerprint system as an Example I want to explain the different techniques of hacking biometric systems, from the attack on the communication and the stored reference data to the direct hack of the sensor· itself. The talk will present tools and ways to extract communication data to enhance dummy materials and a step by step approach to the final dummy finger· that will defeat the sensor. about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1471.en.html Mon, 01 Jan 2007 01:00:00 +0100 https://cdn.media.ccc.de/events/mrmcd/mrmcd101b/mrmcd101b - Hacking fingerprint recognition systems.mp4?1609614257 import-16b81408b8ec72018e 2007-01-01T01:00:00+01:00 starbug No mrmcd Today biometric systems are becoming mainstream. They can be· found everywhere. In mobile phones, computers, entrance systems even in ATMs. Because of the low costs, small sizes and the alleged maturity mostly fingerprint sensors are used. But contrary to the assurance of the manufacturers they are still very easy to hack with techniques invented three years ago (see http://www.ccc.de/biometrie/fingerabdruck_kopieren?language=en). The capacitive sensors built into the new generation of Thinkpad computer from IBM / Lenovo were one of the first implementing countermeasures· against this type of dummies. But counter measures only lead to new types of· dummies!· Using this fingerprint system as an Example I want to explain the different techniques of hacking biometric systems, from the attack on the communication and the stored reference data to the direct hack of the sensor· itself. The talk will present tools and ways to extract communication data to enhance dummy materials and a step by step approach to the final dummy finger· that will defeat the sensor. about this event: https://mrmcd101b.metarheinmain.de/fahrplan/events/1471.en.html 00:55:05 media.ccc.de / RSS 0.3.1 CCC media team media@c3voc.de CCC media team No CCC Congress Hacking Security Netzpolitik A wide variety of video material distributed by the CCC. All content is taken from cdn.media.ccc.de and media.ccc.de A wide variety of video material distributed by the Chaos Computer Club. This feed contains all events from mrmcd101b as mp4