Skip to content

Instantly share code, notes, and snippets.

@johnjohndoe
Last active Aug 29, 2015
Embed
What would you like to do?
31c3 schedule.xml
<?xml version='1.0' encoding='utf-8' ?>
<schedule>
<version>1.5 To shine in a bright light</version>
<conference>
<acronym>31c3</acronym>
<title>31. Chaos Communication Congress</title>
<start>2014-12-27</start>
<end>2014-12-31</end>
<days>4</days>
<timeslot_duration>00:05</timeslot_duration>
</conference>
<day date="2014-12-27" end="2014-12-28T04:00:00+01:00" index="1" start="2014-12-27T11:00:00+01:00">
<room name="Saal 1">
<event guid="29aecfd7-2e44-4f49-ab86-29b5e0877325" id="6561">
<date>2014-12-27T11:00:00+01:00</date>
<start>11:00</start>
<duration>00:30</duration>
<room>Saal 1</room>
<slug>31c3_-_6561_-_en_-_saal_1_-_201412271100_-_31c3_opening_event_-_erdgeist_-_geraldine_de_bastion</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>31C3 Opening Event</title>
<subtitle/>
<track>CCC</track>
<type>lecture</type>
<language>en</language>
<abstract/>
<description/>
<persons>
<person id="1544">erdgeist</person>
<person id="3874">Geraldine de Bastion</person>
</persons>
<links/>
</event>
<event guid="8c4e647f-813e-41ef-b05b-65469dd841c3" id="6571">
<date>2014-12-27T11:30:00+01:00</date>
<start>11:30</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>31c3_-_6571_-_en_-_saal_1_-_201412271130_-_31c3_keynote_-_alecempire</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>31C3 Keynote</title>
<subtitle>A New Dawn</subtitle>
<track>CCC</track>
<type>lecture</type>
<language>en</language>
<abstract>The 31C3 Keynote</abstract>
<description>A New Dawn</description>
<persons>
<person id="5309">alecempire</person>
</persons>
<links/>
</event>
<event guid="HOqeNIb6G7M4hYFKFRkCmQ" id="6264">
<date>2014-12-27T12:45:00+01:00</date>
<start>12:45</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>31c3_-_6264_-_de_-_saal_1_-_201412271245_-_wir_beteiligen_uns_aktiv_an_den_diskussionen_-_martin_haase_maha</slug>
<recording>
<license>cc-by-sa</license>
<optout>false</optout>
</recording>
<title>„Wir beteiligen uns aktiv an den Diskussionen“</title>
<subtitle>Die digitale „Agenda“ der Bundesregierung aus inhaltlicher, philologischer und linguistischer Perspektive</subtitle>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>de</language>
<abstract>Im Sommer 2014 wurde die sogenannte Digitale „Agenda“ vorgestellt, die als „netzpolitisches Regierungsprogramm“ bezeichnet wurde. Aus texttypologischer Sicht handelt es sich aber eher um einen PR-Text, der so aussieht, als sei er ein Auszug aus einer Wahlkampfbroschüre. Der Vortrag analysiert den Text zunächst inhaltlich, um zu zeigen, worum es im Einzelnen geht und wo Widersprüche auftauchen, dann aus textkritischer und aus linguistischer Perspektive. Insbesondere werden bestimmte Interessen der Bundesregierung und anderer Akteure deutlich, die weniger offen thematisiert werden, aber doch sprachlich zu Tage treten.</abstract>
<description>Am 20. August 2014 wurde in Berlin die so genannte Digitale „Agenda“ der Bundesregierung vorgestellt. Das „netzpolitische Regierungsprogramm“ wurde begrüßt, aber viele Kritiker qualifizierten es als „zu wenig, zu spät“. Dabei ist wenigen aufgefallen, dass es sich in Bezug auf die Textsorte um einen PR-Text handelt, der wenig Ähnlichkeiten mit einem Regierungsprogramm hat, sondern eher so aussieht, als stamme er aus einer Wahlkampfbroschüre. Eine textkritische und eine linguistische Analyse ergeben, dass von einer „Agenda“ wenig zu spüren ist, obwohl das Wort „aktiv“ sehr häufig verwendet wird, allerdings in Kontexten, die nichts mit Aktivitäten zu tun haben. Das ist nicht der einzige Widerspruch. Es zeigt sich wieder einmal, dass die Sprache des Textes auch versteckte Interessen an den Tag bringt. </description>
<persons>
<person id="4085">Martin Haase/maha</person>
</persons>
<links>
<link href="http://breitband.deutschlandradiokultur.de/brb140823/">Maha kurz bei Breitband zu diesem Thema</link>
</links>
</event>
<event guid="OQzXwQcnHSLD9Qd7Iu7Rqw" id="6010">
<date>2014-12-27T14:00:00+01:00</date>
<start>14:00</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>31c3_-_6010_-_en_-_saal_1_-_201412271400_-_scada_strangelove_too_smart_grid_in_da_cloud_-_sergey_gordeychik_-_aleksandr_timorin</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>SCADA StrangeLove: Too Smart Grid in da Cloud</title>
<subtitle/>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>For two years SCADA StrangeLove speaks about Industrial Control Systems and nuclear plants. This year we want to discuss Green Energy. Our hackers' vision of Green Energy, SmartGrids and Cloud IoT technology.
We will also speak about the security problems of traditional &quot;heavy&quot; industrial solutions, about the things that Zurich Airport and Large Hadron Collider have in common
On top of it you will learn about our new releases, some funny and not so funny stories about discovery and fixing of vulnerabilities and the latest news from the front struggling for the Purity of Essence.​</abstract>
<description>Our latest research was devoted to the analysis of the architecture and implementation of the most wide spread platforms for wind and solar energy generation which produce many gigawatts of it.
It may seem (not) surprising but the systems which manage huge turbine towers and household PhotoVoltaic plants are not only connected to the internet but also prone to many well known vulnerabilities and low-hanging 0-days. Even if these systems cannot be found via Shodan, fancy cloud technologies leave no chances for security.
We will also speak about the security problems of traditional &quot;heavy&quot; industrial solutions, about the things that Zurich Airport and Large Hadron Collider have in common and why one should not develop brand new web server.
Specially for the specialists on the other side of the fences, we will show by example of one industry the link between information security and industrial safety and will also demonstrate how a root access gained in a few minutes can bring to nought all the years of efforts that were devoted to the improvement of fail-safety and reliability of the ICS system.
On top of it you will learn about our new releases, some funny and not so funny stories about discovery and fixing of vulnerabilities and the latest news from the front struggling for the Purity of Essence.​</description>
<persons>
<person id="3530">Sergey Gordeychik</person>
<person id="5274">Aleksandr Timorin</person>
</persons>
<links>
<link href="http://www.scadasl.org">SCADA StrangeLove</link>
<link href="https://twitter.com/scadasl">Twitter</link>
</links>
</event>
<event guid="J9UXjl3ggsIGnkIJSxSxmw" id="6120">
<date>2014-12-27T16:00:00+01:00</date>
<start>16:00</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>31c3_-_6120_-_en_-_saal_1_-_201412271600_-_practical_emv_pin_interception_and_fraud_detection_-_andrea_barisani</slug>
<recording>
<license>CC-BY-3.0</license>
<optout>false</optout>
</recording>
<title>Practical EMV PIN interception and fraud detection</title>
<subtitle/>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>This talks follows our previous EMV research uncovering new findings as well as a detailed analysis of Chip &amp; PIN fraud markers in order to benefit cardholders, as well as issuing banks, in preventing wrongful liability for fraudulent charges.</abstract>
<description>The EMV global standard for electronic payments is widely used for
inter-operation between chip equipped credit/debit cards, Point of Sales devices and ATMs.
In 2011, our &quot;Chip &amp; PIN is definitely broken&quot; presentation uncovered an EMV design flaw that, by means of chip skimmers, allows for arbitrary PIN harvesting.
Since then, by consulting on EMV implementations and their behaviour under effective attacks, Inverse Path has assisted issuing banks, as well as cardholders, with successful resolution of cases involving wrongful liability for fraudulent charges.
Our updated research effort identifies and verifies new interactions between previous EMV attacks, which even further affect the protection, or lack of, that EMV provides for the PIN.
This presentation aims to fully empower both cardholders and issuers with an understanding of all applicable attacks, while also illustrating the relevant EMV fraud detection markers.
Such information is vital to enable cardholders to request the correct and relevant information necessary to claim fraudulent charges and to enable issuers and processors to prevent fraud in the first place.</description>
<persons>
<person id="4941">Andrea Barisani</person>
</persons>
<links>
<link href="http://dev.inversepath.com/download/emv/emv_2014.pdf">Slides - Practical EMV PIN interception and fraud detection</link>
</links>
</event>
<event guid="-n9QScyDLXMEwkqrCHASYw" id="6249">
<date>2014-12-27T17:15:00+01:00</date>
<start>17:15</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>31c3_-_6249_-_en_-_saal_1_-_201412271715_-_ss7_locate_track_manipulate_-_tobias_engel</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>SS7: Locate. Track. Manipulate.</title>
<subtitle>You have a tracking device in your pocket</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>Companies are now selling the ability to track your phone number whereever you go. With a precision of up to 50 meters, detailed movement profiles can be compiled by somebody from the other side of the world without you ever knowing about it. But that is just the tip of the iceberg.</abstract>
<description>SS7 is the global telecommunications backbone network. You use it every time you make a call, receive a text message or use the mobile network's internet access. But to be reachable, the network has to know your location. And access to the SS7 network is getting easier and easier, without the security measures keeping up.
As a follow-up to 25C3's &quot;Locating Mobile Phones using SS7&quot; this talk will offer a look at what has changed in the last six years. I will show how easy it is for intelligence services and criminals to circumvent the network's defenses to get the data they want, just based on your phone number.
</description>
<persons>
<person id="1848">Tobias Engel</person>
</persons>
<links>
<link href="http://www.washingtonpost.com/business/technology/for-sale-systems-that-can-secretly-track-where-cellphone-users-go-around-the-globe/2014/08/24/f0700e8a-f003-11e3-bf76-447a5df6411f_story.html">Overview of the subject in the Washington Post</link>
</links>
</event>
<event guid="szHEwO2pazLIG7w8wQTa1w" id="6122">
<date>2014-12-27T18:30:00+01:00</date>
<start>18:30</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>31c3_-_6122_-_en_-_saal_1_-_201412271830_-_mobile_self-defense_-_karsten_nohl</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Mobile self-defense</title>
<subtitle/>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>We know that mobile networks can — and do — attack us on many fronts. As this talk will show, even 3G is attackable. It’s high time that we upgrade from complaining to self-defense.</abstract>
<description>Modern phones include all components necessary to block — or at least make visible — a large range of attacks including IMSI catchers, SIM exploits, and SMS attacks. The possibility of other attacks, such as passive intercept, can be inferred from measurements that normally remain hidden in a phone’s baseband.
This talk details how these secrets were unlocked through reverse-engineering of the most widely deployed baseband family. We release tools that block or alert users to many common attacks.
We also introduce and demonstrate new attack scenarios — hybrids between local and interconnect abuse — including the passive intercept and decryption of 3G traffic.</description>
<persons>
<person id="1741">Karsten Nohl</person>
</persons>
<links/>
</event>
<event guid="A8xVpIjX1oKQOQcWMt_49Q" id="6450">
<date>2014-12-27T20:30:00+01:00</date>
<start>20:30</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>31c3_-_6450_-_de_-_saal_1_-_201412272030_-_ich_sehe_also_bin_ich_du_-_starbug</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Ich sehe, also bin ich ... Du</title>
<subtitle>Gefahren von Kameras für (biometrische) Authentifizierungsverfahren</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>de</language>
<abstract>Bei der Passworteingabe über die Schultern schauen? Die Mateflasche klauen, um an Fingerabdrücke zu kommen? Alles Technik von gestern. Der Vortrag zeigt, wie man heutzutage an Daten kommt, um Authentifizierungsmethoden zu überwinden.</abstract>
<description>Dass man Menschen bei der Passworteingabe über die Schulter gucken kann, ist bekannt. Und auch, dass man bestimmte biometrische Merkmale mit einer Kamera fotografieren kann oder Spuren der Merkmale an Gegenständen findet. Bisher ging man davon aus, dass man sich für solche Angriffe in der unmittelbaren Nähe der auszuspähenden Person befinden musste. Der Vortrag soll klar machen, dass dem nicht so ist. Wir stellen Ergebnisse von Untersuchungen vor, die zeigen, dass biometrische Merkmale und Passworteingaben auch aus großer Entfernung oder remote durch Kameras in Mobiltelefonen direkt oder indirekt (durch Reflexionen im Auge) ausgespäht werden können. </description>
<persons>
<person id="1623">starbug</person>
</persons>
<links/>
</event>
<event guid="7G4FQIXg2eb7D6F_jNwuxA" id="6369">
<date>2014-12-27T21:45:00+01:00</date>
<start>21:45</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>31c3_-_6369_-_en_-_saal_1_-_201412272145_-_ecchacks_-_djb_-_tanja_lange</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>ECCHacks</title>
<subtitle>A gentle introduction to elliptic-curve cryptography</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>This talk will explain how to work with elliptic curves constructively to obtain secure and efficient implementations, and will highlight pitfalls that must be avoided when implementing elliptic-curve crypto (ECC). The talk will also explain what all the buzz in curve choices for TLS is about. This talk does not require any prior exposure to ECC.</abstract>
<description>ECC is rapidly becoming the public-key technology of choice for Internet protocols. ECC was introduced in 1985 and has a much stronger security record than RSA. ECC research has found new ways of attacking implementations but has also found nicer curves that avoid such attacks.
As a followup to the Snowden revelations, the TLS working group of the IETF has recently asked the crypto research group (CFRG) to suggest new curves for use in TLS, and NIST has publicly announced that they are considering new curves.
This talk gives a hands-on description of how to compute with elliptic curves. It shows different ways to write elliptic curves and the consequences of this representation for secure and efficient implementation. Algorithms will be presented as Python code snippets and will already be online before the talk at http://ecchacks.cr.yp.to.
The talk will be given as a joint presentation by Daniel J. Bernstein and Tanja Lange.</description>
<persons>
<person id="3538">djb</person>
<person id="3714">Tanja Lange</person>
</persons>
<links/>
</event>
<event guid="MghFmvDBS-J7T2ZOkNXUKA" id="6154">
<date>2014-12-27T23:00:00+01:00</date>
<start>23:00</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>31c3_-_6154_-_en_-_saal_1_-_201412272300_-_crypto_tales_from_the_trenches_-_nadia_heninger_-_julia_angwin_-_laura_poitras_-_jack_gillum</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Crypto Tales from the Trenches</title>
<subtitle/>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>Julia Angwin, Jack Gillum, and Laura Poitras will tell us stories about how they use crypto and privacy-enhancing technologies as high-profile journalists, and rant in an entertaining way about how these tools have failed or are horribly inadequate for their needs. They will also talk about their rare crypto successes.</abstract>
<description>Cryptography and privacy-enhancing technologies are increasingly part of a modern journalist's spycraft. But what does it look like when a reporter actually tries to protect herself and her sources with the best tools that the hacker/academic/activist/cipherpunk/technologist communities have produced? Disaster, chaos, crashes, and UI-sponsored opsec fails.
In this talk, Julia Angwin, Jack Gillum, and Laura Poitras will tell us highly entertaining and disturbing war stories of using crypto in the field as high-risk targets, and excoriate the crypto and developer communities for failing to meet their needs while claiming success and security for all. We will hear how the crypto-nerd's utopia of
deniable poker over the phone with an honest-but-curious adversary becomes a set of barely usable implementations and user expectation mismatches.
We hope to provide some clarity on what works and what doesn't for those who develop or aspire to develop secure applications, and also a rough guide to usable opsec right now for sources, journalists, and
other nontechnical users worried about sophisticated adversaries.</description>
<persons>
<person id="4131">Nadia Heninger</person>
<person id="4993">Julia Angwin</person>
<person id="3669">Laura Poitras</person>
<person id="5345">Jack Gillum</person>
</persons>
<links/>
</event>
<event guid="77aea78c-f2d2-461a-92b3-82929a79d598" id="6581">
<date>2014-12-28T00:00:00+01:00</date>
<start>00:00</start>
<duration>02:15</duration>
<room>Saal 1</room>
<slug>31c3_-_6581_-_en_-_saal_1_-_201412280000_-_citizenfour_-_laura_poitras</slug>
<recording>
<license/>
<optout>true</optout>
</recording>
<title>Citizenfour</title>
<subtitle/>
<track>Entertainment</track>
<type>other</type>
<language>en</language>
<abstract>&quot;Citizenfour&quot; is Laura Poitras' documentary and a closeup view about blowing the whistle on the spooks at the NSA.</abstract>
<description>A portrait of Edward Snowden in the weeks he chooses to change our understanding of what governments know about us.</description>
<persons>
<person id="5258">Laura Poitras</person>
</persons>
<links/>
</event>
</room>
<room name="Saal 2">
<event guid="mzNAGavKy2KOcwOjGqC8pw" id="6443">
<date>2014-12-27T12:45:00+01:00</date>
<start>12:45</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>31c3_-_6443_-_en_-_saal_2_-_201412271245_-_trustworthy_secure_modular_operating_system_engineering_-_hannes_-_david_kaloper</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Trustworthy secure modular operating system engineering</title>
<subtitle>fun(ctional) operating system and security protocol engineering</subtitle>
<track>Science</track>
<type>lecture</type>
<language>en</language>
<abstract>We present Mirage OS, a modular library operating system developed from scratch in the functional programming language OCaml. Each service, called unikernel, is an OCaml application using libraries such as a TCP/IP stack, DNS. It is either compiled to a Xen virtual machine image or to a Unix binary (for development). State in 2014 is that it runs on x86 and arm, we implemented a clean-slate TLS (1.0, 1.1, 1.2), X.509, ASN.1 stack, crypto primitives, Off-the-record. We also have TCP/IP, HTTP, a persistent branchable store (similar to git) - all implemented in OCaml. A virtual machine serving data via https is roughly 2MB in size - no libc inside :)</abstract>
<description>Mirage OS is a (BSD-licensed) research project at University of Cambridge and released in December 2013 a 1.0 version. In 2014, 2.0 got released with full support on arm, a clean-slate TLS implementation, and the branchable data store Irmin. We (Hannes and David) developed a TLS stack from scratch (including cryptographic primitives, X.509, ASN.1), which we will present.
We intentionally breaks with the UNIX philosophy. Instead of using a programming language designed to replace platform-specific assembly code we use the functional programming language OCaml with higher-order functions, a composable module system, pattern matching, a sophisticated type system. Our developed TLS stack separates side effects, such as mutable memory, network input and output, etc., clearly from the pure functional core. This separation is not enforced on a language level, but by convention.
A mirage unikernel runs either as a Xen guest or as native Unix application. Each unikernel runs in a single address space, and does not include layers over layers of abstraction (kernel, user space, file system, processes, language runtime, threads, ...). The performance is not too bad (see link below). Each unikernel only uses those libraries it really needs - e.g. a name server does not depend on a file system or user accounts. A common unikernel is rather small in binary size: a web server, including TCP/IP stack and the data to be served, is less than a megabyte in size, including the OCaml runtime. There is no libc included :)
Modularity is the key for Mirage OS: the same application code can be compiled as a UNIX executable using the POSIX socket API, or as UNIX program using the userspace tun/tap interface and the TCP/IP stack written in OCaml, or as a Xen domU. This eases development, testing, debugging, and deployment.
Our target platform is the cubieboard2, a small board with a dual-core ARM A7 CPU and ethernet (and various other unused interfaces).
Code reviews, comments, contributions are always welcome.</description>
<persons>
<person id="1626">hannes</person>
<person id="4273">David Kaloper</person>
</persons>
<links>
<link href="http://www.openmirage.org">Mirage OS</link>
<link href="http://roscidus.com/blog/blog/2014/08/15/optimising-the-unikernel/">Performance: optimising the unikernel</link>
<link href="https://tls.openmirage.org">TLS demonstration server</link>
<link href="https://github.com/mirleft/ocaml-tls">OCaml-TLS source code</link>
<link href="http://openmirage.org/blog/announcing-mirage-20-release">Mirage 2.0 release</link>
<link href="http://openmirage.org/blog/introducing-ocaml-tls">Blog entry about OCaml-TLS</link>
<link href="http://docs.cubieboard.org/products/start">Cubieboard 2</link>
<link href="https://github.com/mirleft">Mirleft source code</link>
</links>
</event>
<event guid="419d4f7e-7506-4d46-8700-e47e164a8e32" id="6584">
<date>2014-12-27T14:00:00+01:00</date>
<start>14:00</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>31c3_-_6584_-_de_-_saal_2_-_201412271400_-_mit_kunst_die_gesellschaft_hacken_-_stefan_pelzer_-_philipp_ruch</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Mit Kunst die Gesellschaft hacken</title>
<subtitle>Das Zentrum für politische Schönheit</subtitle>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>de</language>
<abstract>Ein Mahnmal gegen die Vereinten Nationen, 25.000 Euro Kopfgeld auf eine
deutsche Waffenhändlerfamilie, eine falsche Kampagne für das
Familienministerium oder die Flucht der &quot;Mauerkreuze&quot; vom Reichstagsufer
an die EU-Außengrenzen: wenn das Zentrum für Politische Schönheit (ZPS)
das Kriegsbeil ausgräbt, ist eine kontroverse Debatte garantiert.</abstract>
<description>Die Reaktionen reichen von Begeisterung bis Entsetzen. Das Feuilleton
jauchzt, die Springer-Presse heult, die CDU ist tief erschüttert, der
Bundestag debattiert und Griechenland mobilisiert Spezialeinheiten der
Polizei.
Eins ist sicher: Das Thema schlägt mit aller Wucht auf der Agenda ein
und wird bundesweit diskutiert.
Wie kann Kunst die Gesellschaft hacken?
Wie trifft man immer wieder den empfindlichen Nerv?
Wie transportiert man am helllichten Tag eine ganze Gedenkstätte ab, die
nur 15 Meter vom Bundestag entfernt steht?
Warum kann Theater so schlagkräftig Politik machen?
Und: Was ist eigentlich Politische Schönheit?
Philipp Ruch und Stefan Pelzer reisen aus der sagenumworbenen &quot;Zentrale&quot;
(O-TON &quot;BILD&quot;-Zeitung) des Zentrums für Politische Schönheit an und
nehmen Euch mit auf einen einstündigen Roadtrip an die EU-Außenmauern.
Unterwegs suchen sie Antworten auf diese und andere Fragen; mit
allerhand Skurilitäten und Annekdoten im Gepäck. Außerdem präsentieren
sie – in einer Welturaufführung – den SMS-Verkehr mit
Bundestagsabgeordneten der CDU/CSU Fraktion. Köpfe werden rollen. Und du
kannst dabei mithelfen.</description>
<persons>
<person id="5261">Stefan Pelzer</person>
<person id="5266">Philipp Ruch</person>
</persons>
<links/>
</event>
<event guid="HLDDEFxCxCrQryx8fEacZw" id="5960">
<date>2014-12-27T16:00:00+01:00</date>
<start>16:00</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>31c3_-_5960_-_en_-_saal_2_-_201412271600_-_revisiting_ssl_tls_implementations_-_sebastian_schinzel</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Revisiting SSL/TLS Implementations</title>
<subtitle>New Bleichenbacher Side Channels and Attacks</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>We present four new Bleichenbacher side channels, and three successful Bleichenbacher attacks against the Java Secure Socket Extension (JSSE) SSL/TLS implementation and against hardware security appliances using the Cavium NITROX SSL accelerator chip.</abstract>
<description>16 years ago, Daniel Bleichenbacher presented a protocol-level padding oracle attack against SSL/TLS. As a countermeasure, all TLS RFCs starting from RFC 2246 (TLS 1.0) propose &quot;to treat incorrectly formatted messages in a manner indistinguishable from correctly formatted RSA blocks&quot;.
In our recent paper [1] we show that this objective has not been achieved yet: We present four new Bleichenbacher side channels, and three successful Bleichenbacher attacks against the Java Secure Socket Extension (JSSE) SSL/TLS implementation and against hardware security appliances using the Cavium NITROX SSL accelerator chip. Three of these side channels are timing-based, and two of them provide the first timing-based Bleichenbacher attacks on SSL/TLS described in the literature. Our measurements confirmed that all these side channels are observable over a switched network, with timing differences between 1 and 23 microseconds. We were able to successfully recover the PreMasterSecret using three of the four side channels in a realistic measurement setup.
Besides the academic relevance of breaking common SSL/TLS implementations, the timing attacks we performed are quite interesting for the hacking community. In our talk, we will thus focus on the challenges we had to solve during our attacks and on the challenges of fixing these issues.
The talk extends the topics that I presented at 28c3 [2] and 29c3 [3].
[1]: Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks.
Meyer, Somorovsky, Weiss, Schwenk, Schinzel, Tews.
Usenix Security Symposium 2014.
[2]: https://media.ccc.de/browse/congress/2011/28c3-4640-en-time_is_on_my_side.html
[3]: https://media.ccc.de/browse/congress/2012/29c3-5044-en-time_is_not_on_your_side_h264.html</description>
<persons>
<person id="3205">Sebastian Schinzel</person>
</persons>
<links/>
</event>
<event guid="Bnz1quB2NHq9BEXoyNm5xQ" id="6499">
<date>2014-12-27T17:15:00+01:00</date>
<start>17:15</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>31c3_-_6499_-_en_-_saal_2_-_201412271715_-_glitching_for_n00bs_-_exide</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Glitching For n00bs</title>
<subtitle>A Journey to Coax Out Chips' Inner Secrets</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>Despite claims of its obsolescence, electrical glitching can be a viable attack vector against some ICs. This presentation chronicles a quest to learn what types of electrical transients can be introduced into an integrated circuit to cause a variety of circuit faults advantageous to an reverser. Several hardware platforms were constructed during the quest to aid in research, including old-skool &amp; solderless breadboards, photo-etched &amp; professional PCBs, FPGAs, and cheap &amp; dirty homemade logic analyzers. The strengths and weaknesses of the various approaches will be discussed.</abstract>
<description>A shroud of mystery surrounds the topic of electrical glitching. Every now and then, you hear it thrown around as a possible attack vector - perhaps to aid in reverse-engineering efforts, or to understand an unknown cryptographic implementation. But what is glitching, exactly? And, more importantly, how can it be leveraged as a potentially powerful tool?
This presentation chronicles a quest to learn what types of electrical transients can be introduced into an integrated circuit to cause a variety of circuit faults advantageous to an reverser. Several hardware platforms were constructed during the quest to aid in research, including old-skool &amp; solderless breadboards, photo-etched &amp; professional PCBs, FPGAs, and cheap &amp; dirty homemade logic analyzers. The strengths and weaknesses of the various approaches will be discussed.
Instead of covering a hypothetical &quot;toy&quot; implementation of a victim chip - such as where the researcher/reverser implements a cryptographic algorithm themselves as software in a common microcontroller, and then attempts to glitch the implementation - a successful blackbox attack against a production security IC will be discussed, including how the attack was mounted, how results were obtained, and approaches to interpret the results.
Despite claims of its obsolescence, electrical glitching can be a viable attack vector against a variety of ICs, with a notable exception being some ultra-modern purpose-built security ICs. It is cheap to perform, you don't need an expensive laboratory, and if done properly, is non-destructive in nature. Glitching should be another tool in the reverser's arsenal, and can potentially provide results when other approaches have failed.</description>
<persons>
<person id="5172">exide</person>
</persons>
<links/>
</event>
<event guid="oI8n77eKy3Uz2Fklmk4hVQ" id="6180">
<date>2014-12-27T18:30:00+01:00</date>
<start>18:30</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>31c3_-_6180_-_en_-_saal_2_-_201412271830_-_rocket_science_how_hard_can_it_be_-_david_madlener_-_sean</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Rocket science – how hard can it be?</title>
<subtitle>First steps into space with sounding rockets</subtitle>
<track>Science</track>
<type>lecture</type>
<language>en</language>
<abstract>Three years have elapsed since the call for a &quot;Hacker Space Program&quot; during the Chaos Communication Camp 2011. In this lecture we will review the basics of space flight, discuss common problems and pitfalls encountered by a practitioner on the way to orbit, and report on the state of our sounding rocket program.</abstract>
<description>We are the Forschungsgemeinschaft Alternative Raumfahrt e. V. (Research Community on Alternative Space Travel) or FAR for short, and have been working on feasible ways into space since our foundation in August 2003. After extensive experimentation with solid and hybrid propulsion systems on the ground, we developed the sounding rocket family &quot;Arguna&quot;. Since 2005 four different versions have been designed, built, and flown with different payloads. After a short review of basic rocket science and an outline of common propulsion technologies, we will report on the results of performed flights and experiments, especially of our latest sounding rocket Arguna IV.</description>
<persons>
<person id="3008">David Madlener</person>
<person id="5361">Sean</person>
</persons>
<links/>
</event>
<event guid="i_Dt13BFiawklEaokv3pKg" id="6142">
<date>2014-12-27T20:30:00+01:00</date>
<start>20:30</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>31c3_-_6142_-_en_-_saal_2_-_201412272030_-_space_hacker_-_karsten_becker_-_robert</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Space Hacker</title>
<subtitle>Uploading rover...</subtitle>
<track>Science</track>
<type>lecture</type>
<language>en</language>
<abstract>At the 26C3 we first presented our vision of sending a rover to the moon. We're still in the pursuit of doing this and are closer than ever. Many things have happened in the past 5 years and we want to share our story with you.
But this talk is not just about us, it is also about you! You will have the possibility to contribute to our mission, just tune in to get all the details :)</abstract>
<description>In the past five years, we developed several lunar rovers. Each got more and more sophisticated and better suited for our mission.
In this presentation we will also unveil our latest upgrade to the the well known R3 rover, as well as the latest camera technology. Those two allowed us to participate in an interims competition of the Google Lunar X Prize.
This interims prize enables us to further pursue our dream of sending a rover to the moon.
In our mission to the moon, we also have the ability to bring payloads up on the lunar surface for the first time in a few decades (unless you have some good connection to the chinese who were there last year).
We are calling out to you, to develop an interesting payload, that we could potentially bring to the surface of the moon!</description>
<persons>
<person id="3798">Karsten Becker</person>
<person id="3052">Robert</person>
</persons>
<links>
<link href="http://ptscientists.com/go/space">To the moon!</link>
<link href="https://twitter.com/ptscientists">Twitter</link>
<link href="https://www.facebook.com/PartTimeScientists">Facebook</link>
<link href="https://plus.google.com/107778888097122544837">Google Plus</link>
</links>
</event>
<event guid="_lVlmBO98KMg4M-n-_A3FA" id="6103">
<date>2014-12-27T21:45:00+01:00</date>
<start>21:45</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>31c3_-_6103_-_en_-_saal_2_-_201412272145_-_amd_x86_smu_firmware_analysis_-_rudolf_marek</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>AMD x86 SMU firmware analysis</title>
<subtitle>Do you care about Matroshka processors?</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>You definitely should care. The aim of this talk is to provide insight to the security, architecture and yes you guessed it, vulnerability of the AMD System Management Unit (SMU) firmware found in modern AMD x86 processors.</abstract>
<description>Every modern x86 platform contains several other auxiliary processors, which kind of erase the line between pure hardware and software. How well are those processors secured? What is running on them? Is there a way to analyze them?
Great attention had the Intel ME engine, but similar, although not so unfriendly processor(s) exists on the AMD platforms too. The aim of this talk is to provide insight to the security, architecture and vulnerability of the AMD SMU firmware found in modern AMD x86 processors.
The SMU is designed to prevent unauthorized code execution, thus making it ideal candidate to verify if it is so. This is where the fun starts.
The overall goal is to educate the audience enough that they may (and want to) start to tinker around various non-x86 firmwares found on x86 systems on their own.
</description>
<persons>
<person id="4759">Rudolf Marek</person>
</persons>
<links/>
</event>
<event guid="67baa392-2af9-4213-a9ce-bf63331d43a4" id="6575">
<date>2014-12-27T23:00:00+01:00</date>
<start>23:00</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>31c3_-_6575_-_en_-_saal_2_-_201412272300_-_rocket_kitten_advanced_off-the-shelf_targeted_attacks_against_nation_states_-_tw_-_gadi</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Rocket Kitten: Advanced Off-the-Shelf Targeted Attacks Against Nation States</title>
<subtitle>A Deep Technical Analysis</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>Rocket Kitten is an advanced APT set of campaigns, with a twist - off-the-shelf malware that won’t shame a nation state. The talk will combine an assessment of the threat group’s modus operandi with a technical deep dive. Prepare for some hex dumps.</abstract>
<description>This talk will uncover a set of high profile espionage campaigns from 2014 that involve a commercial attack framework – a highly specialized tool that has not been publicly documented and remained undetected in multiple operations. We will discuss the framework's technical design and review its features and capabilities that make it a premium instrument for stealth intrusions. We will further discuss how the tool was delivered to victims and how the compromise was carried out.</description>
<persons>
<person id="4135">tw</person>
<person id="1342">gadi</person>
</persons>
<links/>
</event>
</room>
<room name="Saal G">
<event guid="SXxWu-U4pNjjFZLl9XXDDA" id="6417">
<date>2014-12-27T12:45:00+01:00</date>
<start>12:45</start>
<duration>01:00</duration>
<room>Saal G</room>
<slug>31c3_-_6417_-_en_-_saal_g_-_201412271245_-_3d_casting_aluminum_-_julia_longtin</slug>
<recording>
<license>CC by SA 3.0</license>
<optout>false</optout>
</recording>
<title>3D Casting Aluminum</title>
<subtitle>Too Much Fun with Microwaves</subtitle>
<track>Hardware &amp; Making</track>
<type>lecture</type>
<language>en</language>
<abstract>We use microwaves to cast aluminum from 3D printed objects. This gives us the ability to cast high quality 6040 aluminum pieces using a 3D printer and commercially available consumer microwaves. </abstract>
<description>We manufacture microwave safe kilns for melting aluminum. We create microwave transparent molds that allow us to burn out plastic without heating the mold itself therefor creating a quicker method of accomplishing the lost PLA process.</description>
<persons>
<person id="4937">Julia Longtin</person>
</persons>
<links>
<link href="http://fosscar.faikvm.com/">FossCar Project</link>
</links>
</event>
<event guid="KJiq3wTS9cMLTTrgJ8PqHA" id="6240">
<date>2014-12-27T14:00:00+01:00</date>
<start>14:00</start>
<duration>01:00</duration>
<room>Saal G</room>
<slug>31c3_-_6240_-_en_-_saal_g_-_201412271400_-_reproducible_builds_-_mike_perry_-_seth_schoen_-_hans_steiner</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Reproducible Builds</title>
<subtitle>Moving Beyond Single Points of Failure for Software Distribution</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>Software build reproducibility is the ability to use independent build machines to compile bit-identical binaries from program source code. In this talk, we will discuss the motivation for and the technical details behind software build reproducibility. We will describe the technical mechanisms used by the Tor Project to produce
reproducible builds of the Tor Browser, and also introduce the early efforts of both F-Droid and Debian to achieve these same build integrity properties on a more wide-scale basis.</abstract>
<description>For the past several years, we've been seeing a steady increase in the weaponization, stockpiling, and the use of software exploits by many parties. In particular, there are an increasing number of vectors to &quot;bridge the air gap&quot; and exploit even disconnected machines. Software build systems make a worrisome target for these types of exploits, as they provide a stepping stone to compromise very large numbers of machines.
To underscore this point, we will demonstrate a simple Linux rootkit that is capable of infecting the compilation process while otherwise leaving no traces on the machine.
We will discuss a powerful solution to this problem: Build Reproducibility. We will focus on the build system used by The Tor Project to build Tor Browser - our Firefox-based browser. We will also touch upon current work by Debian, as well as by F-Droid and the Guardian Project for Android.</description>
<persons>
<person id="5030">Mike Perry</person>
<person id="51">Seth Schoen</person>
<person id="5330">Hans Steiner</person>
</persons>
<links/>
</event>
<event guid="E95sP8WH8tLiiJj2SBAA1A" id="6267">
<date>2014-12-27T16:00:00+01:00</date>
<start>16:00</start>
<duration>01:00</duration>
<room>Saal G</room>
<slug>31c3_-_6267_-_en_-_saal_g_-_201412271600_-_osmo-gmr_what_s_up_with_sat-phones_-_sylvain_munaut</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>osmo-gmr: What's up with sat-phones ?</title>
<subtitle>Piecing together the missing bits</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>At 28C3 we introduced the very first steps of the osmo-gmr projects. During this talk, we will present the various advances that have been made in this project on various aspects (voice codec, crypto algorithm, ...)</abstract>
<description>GMR-1 (GEO Mobile Radio) is a satellite phone protocol derived from GSM. The main operator using this protocol is Thuraya and is mainly active in the middle east and asia.
osmo-gmr is a project of the osmocom family whose goal is to implement the various levels of a GMR stacks, starting from SDR signal acquisition up to the actual voice layer.
At 28C3 we gave and introductory talk to the project which was pretty new at the time. On this talk, we will quickly summarize what was presented last time and then move on to the new stuff.
The two main obstacles to implement a practical monitoring software for GMR-1 were the secret crypto algorithm and the unknown voice codec. Both obstacles have now been lifted and we will present the details of how that happened. We will also look toward the next steps and other aspects of the system that we're planning to dig into.</description>
<persons>
<person id="3123">Sylvain Munaut</person>
</persons>
<links>
<link href="http://gmr.osmocom.org/">osmo-gmr website</link>
</links>
</event>
<event guid="sAZoeOc6Qu4bMPxrU8yEpw" id="6184">
<date>2014-12-27T17:15:00+01:00</date>
<start>17:15</start>
<duration>01:00</duration>
<room>Saal G</room>
<slug>31c3_-_6184_-_de_-_saal_g_-_201412271715_-_mein_bot_der_kombattant_-_josch_-_arche3000</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Mein Bot, der Kombattant</title>
<subtitle>Operative Kommunikation im digitalen Informationskrieg</subtitle>
<track>Science</track>
<type>lecture</type>
<language>de</language>
<abstract>Der Vortrag bietet eine sprachwissenschaftlich informierte Perspektive auf den Informationskrieg mit Fokus auf operative Kommunikation in sozialen Medien. Am Beispiel eines selbst entwickelten Bots werden wir linguistische Prozeduren zur Manipulation von Kommunikation mit dem Ziel der Beeinflussung von Wissen, Werten, Gefühlen und Handlungsdispositionen vorstellen. </abstract>
<description>Der Meinungskampf im Netz wird professioneller: Während der Ukrainischen Maidan-Proteste sahen sich die Redaktionen von Online-Zeitungen mit einer Flut von russlandfreundlichen Kommentaren konfrontiert, die die Proteste als Werk amerikanischer Geheimdienste und die Regierung in Kiew als Nazi-Junta zu diskreditieren suchten. Verursacher war die &quot;Agentur zur Analyse des Internets&quot; aus St. Petersburg, die mutmaßlich von staatlichen Akteuren damit beauftragt wurde, die öffentliche Meinung in anderen Ländern durch verdeckte Operationen in sozialen Netzwerken zu beeinflussen. Und in Südkorea hat die Abteilung Psychologische Strategie des National Intelligence Service (NIS) mittels gefälschter Twitter-Accounts im Vorfeld der Präsendentschaftswahlen 1,2 Millionen Tweets versendet, um Stimmung für Park Geun Hye, Kandidatin der konservativen Saenuri-Partei zu machen.
Der digitale Informationskrieg ist also längst im Gang. Er zielt wie traditionelle Psychologische Operationen auf die Beeinflussung von Wissen, Werten, Gefühlen und Handlungsdispositionen und will Agenda Setting in der gegnerischen Öffentlichkeit betreiben. Von den traditionellen PSYOPS unterscheidet ihn, dass er maschinell und klandestin geführt wird und statt massenkommunikativ zu agieren über die Möglichkeit verfügt, jeden, der sich in sozialen Netzwerken bewegt, persönlich und mit einer individuellen Strategie anzusprechen. Der Bot ist ein Kombattant mit der Aufgabe, Menschen zu beeinflussen, konstruktive Diskussionen zu verhindern und Social-Media-Monitoring-Systeme und Aggregatoren zu manipulieren. Sein Medium ist in erster Linie die Sprache, die einordnen, bewerten, konfrontieren und überzeugen will, die eine Wirklichkeit erschaffen will, in der das Handeln der eigenen Konfliktpartei als legitim, gerecht und zwingend und das des Feindes als falsch, unrecht und unwahrhaftig erscheint.
In unserem Vortrag werden wir den Begriff der operativen Kommunikation aus sprachwissenschaftlicher Perspektive definieren, ihre rechtlichen Rahmenbedingungen im Informationskrieg bestimmen und die Legitimität von operativer Kommunikation für unterschiedliche Regimetypen diskutieren. Anhand eines selbst entwickelten einfachen Bots wollen wir im zweiten Teil des Vortrags Szenarien für den operativen Einsatz in der semantischen Matrix vorstellen und die linguistischen Operationen illustrieren, die zur Manipulation von Kommunikation führen können. </description>
<persons>
<person id="4168">josch</person>
<person id="5007">arche3000</person>
</persons>
<links/>
</event>
<event guid="1hSKsR-r9B0BnpLfUvpDAg" id="6255">
<date>2014-12-27T18:30:00+01:00</date>
<start>18:30</start>
<duration>01:00</duration>
<room>Saal G</room>
<slug>31c3_-_6255_-_de_-_saal_g_-_201412271830_-_10_jahre_openstreetmap_-_thomas_skowron_-_ubahnverleih</slug>
<recording>
<license>CC-BY-3.0</license>
<optout>false</optout>
</recording>
<title>10 Jahre OpenStreetMap</title>
<subtitle>Wir leben noch und zwar sehr gut.</subtitle>
<track>Hardware &amp; Making</track>
<type>lecture</type>
<language>de</language>
<abstract>Seit nun über 10 Jahren gibt es OpenStreetMap. Besonders in den letzten drei Jahren war die Entwicklung überwältigend, sowohl was die Datenlage als auch das gesamte Ökosystem anbelangt. Wir wollen zeigen, was möglich ist und was in der Zukunft (hoffentlich) passieren wird.</abstract>
<description/>
<persons>
<person id="3938">Thomas Skowron</person>
<person id="4059">ubahnverleih</person>
</persons>
<links/>
</event>
<event guid="n2DFvyl_lWjW-gm317vT3A" id="6050">
<date>2014-12-27T20:30:00+01:00</date>
<start>20:30</start>
<duration>01:00</duration>
<room>Saal G</room>
<slug>31c3_-_6050_-_en_-_saal_g_-_201412272030_-_code_pointer_integrity_-_gannimo</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Code Pointer Integrity</title>
<subtitle>... or how we battle the daemons of memory safety</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>Programs are full of bugs, leading to vulnerabilities. We'll discuss power and limitations of code-pointer integrity (CPI), a strong but practical security policy that enforces memory safety for all code pointers, protecting against any form of control-flow hijack attack (e. g., ROP or JOP).
</abstract>
<description>Systems code is often written in low-level languages like C/C++, which offer many benefits but also delegate memory management to programmers. This invites memory safety bugs that attackers can exploit to divert control flow and compromise the system. Deployed defence mechanisms (e. g., ASLR, DEP) are incomplete, and stronger defence mechanisms (e. g., CFI) often have high overhead and limited guarantees (and are therefore not generally deployed).
In this talk we discuss code-pointer integrity (CPI), a strong security policy that guarantees the integrity of all code pointers in a program (e.g., function pointers, saved return addresses) and thereby prevents all control-flow hijack attacks, including return-oriented programming and jump-oriented programming. We also introduce code-pointer separation (CPS), a relaxation of CPI with better performance properties. Both CPI and CPS offer substantially better
security-to-overhead ratios than the state of the art, they are practical (we protect a complete FreeBSD system and over 100 packages like apache and postgresql), effective (prevent all attacks in the RIPE benchmark), and efficient, resulting in very low to negligible performance overhead.
We will also discuss technical challenges in the CPI prototype implementation, practical challenges we faced when protecting a full FreeBSD distribution, and give more details on the scope of protection which will be interesting to hackers. The full prototype implementation is open-source, all changes to FreeBSD are open-source and we're working on integrating the patches into LLVM.</description>
<persons>
<person id="2410">gannimo</person>
</persons>
<links>
<link href="http://levee.epfl.ch/">Code-Pointer Integrity project</link>
<link href="https://github.com/cpi-llvm">GitHub</link>
<link href="http://nebelwelt.net/publications/14OSDI/">Code-Pointer Integrity (2)</link>
</links>
</event>
<event guid="H_jf4nwFLZMEY7zwBlrehA" id="6195">
<date>2014-12-27T21:45:00+01:00</date>
<start>21:45</start>
<duration>01:00</duration>
<room>Saal G</room>
<slug>31c3_-_6195_-_en_-_saal_g_-_201412272145_-_the_cloud_conspiracy_2008-2014_-_caspar_bowden</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>The Cloud Conspiracy 2008-2014</title>
<subtitle>how the EU was hypnotised that the NSA did not exist</subtitle>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>In 2011 I started trying to warn EU institutions about what we now call PRISM, after working it out from open sources. Civil society, privacy regulators, and the Commission all did nothing. This is the story of exactly how they did nothing, and why, and what is happening now</abstract>
<description>There is one law (FISA 702) and one policy (EO12333) which authorizes the US government to conduct mass surveillance on &quot;foreigners in foreign lands&quot;. These are drafted in terms which discriminate the privacy rights you have by the passport you hold - in fact there are no rights at all for non-Americans outside the US.
It is obvious that this is a reasonably important dimension of the whole Snowden affair, because it starkly conflicts with ECHR norms that rights are universal and equal.
The only possible resolution compatible with universal rights is data localization, or construction of a virtual zone in which countries have agreed mutual verifiable inspections that mass-surveillance is not occurring (and at present this seems unlikely). There is a widespread misconception that somehow the new GDPR privacy regulation will curb foreign spying, when in fact it is designed to widen loopholes into floodgates.
This talk is multidisciplinary and will cover national and international surveillance and privacy law, Five Eyes SIGINT policy, technical security and economics.</description>
<persons>
<person id="3857">Caspar Bowden</person>
</persons>
<links/>
</event>
<event guid="AvAdq20cdc8iWoNubd6ABw" id="6361">
<date>2014-12-27T23:00:00+01:00</date>
<start>23:00</start>
<duration>01:00</duration>
<room>Saal G</room>
<slug>31c3_-_6361_-_en_-_saal_g_-_201412272300_-_from_maxwell_to_antenna_arrays_-_friederike</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>From Maxwell to antenna arrays</title>
<subtitle>How 150 year old equations still help to communicate</subtitle>
<track>Science</track>
<type>lecture</type>
<language>en</language>
<abstract>Maxwell's equations are four differential equations which form the foundation of classical electrodynamics, classical optics, and electric circuits. This talk will take a look at the connection between these equations, wave propagation and antenna arrays.
</abstract>
<description>Maxwell's equations describe how electric and magnetic fields are generated and altered by each other and by charges and currents. They are named after the Scottish physicist and mathematician James Clerk Maxwell, who published those equations exactly 150 years ago and form the foundation of classical electrodynamics. Actually Maxwell had 20 equations and it took another 20 years until they were understood and the self-taught British engineer, mathematician, and physicist Heaviside put the equations in their present form. Some years later Hertz brought the experimental prove of Maxwell's theory.
Under a lot of simplifying boundary conditions wave propagation and antenna theory can be derived from this four equations. This talk will lead from Maxwell's equations to wave equations and nice antenna forms and arrays. Also some practical aspects will be evaluated. Why do low frequencies reach farther than higher frequencies? Why do radio astronomers spread their antenna arrays over whole continents? Or why is China Mobile building antenna arrays for mobile radio consisting of 128 antennas?
</description>
<persons>
<person id="5073">Friederike</person>
</persons>
<links/>
</event>
</room>
<room name="Saal 6">
<event guid="NjtxGgpt76NkFb1Q4LLjvg" id="6100">
<date>2014-12-27T12:45:00+01:00</date>
<start>12:45</start>
<duration>01:00</duration>
<room>Saal 6</room>
<slug>31c3_-_6100_-_en_-_saal_6_-_201412271245_-_personal_tracking_devices_and_online_identity_-_silvia</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Personal Tracking Devices and Online Identity</title>
<subtitle/>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>In the post-NSA world it is important to understand the magnitude of our online activities in order to take informative decisions on our ubiquitous shared lives.
Personal Tracking Devices is the result of a two years long study on tracking technologies and the inherent nature of the web and telecommunication networks in general.
The study, conducted as part of Ph.D. research in privacy and security at UPC Barcelona Tech, collected a large amount of metadata to raise awareness on the footprints left by users on the web and through mobile apps.
</abstract>
<description>Personal tracking devices will visualise the online footprint of a user by looking at their metadata.
A hypermedia model of the user footprint would then be introduced in order to better explore it. This model has been called hyperme.
Hyperme is a hyperdata model of a user online footprint. The hyperme model links the user identities created across different services and the features associated with them. These features are attributes that compose an identity, such as email, date of birth, place of birth and so on.
The hyperme model of the user identity permits the visualisation of the user expressed preferences, the content they have created and who or what can access this content.
The model uses context between the user’s various identities and the signals produced, to create links between different objects, obtaining an explorable graph­-like structure.
Links between data snippets are creating by exploring the keywords and categories used to describe the entities. These are provided by the user themselves through freeform annotations, particular use of language, location information, timestamps, social relationships and association with other entities such as companies and institutions.
Explicit connections are also discovered by associating such keywords with Wikipedia concepts. By exploiting links between articles, it is possible to draw relations between different entities, providing a dictionary to build strong connections between different categories.
If the identities created by a single user, and the signals generated are analysed at different levels, it would be possible to discover different subgraphs and sub­hypergraphs between the data object, therefore revealing a complex network of heterogeneous information shared across a number of services and with sets of different parties, being this social relationships or other applications and devices.
Each party in fact enjoys a certain level of access to the different documents produced by the user, by the devices used and by the application authorised to access and produce content on their behalf.
A hypergraph model therefore allows the possibility to explore the user’s different identities and the corresponding created content at different levels, exposing how different services or relationships contribute to protect or threaten the user privacy.</description>
<persons>
<person id="4036">Silvia</person>
</persons>
<links>
<link href="http://www.nopressure.co.uk/31C3/#/">Slides</link>
</links>
</event>
<event guid="BhRiQWa_rOqEw5k-l4GRXg" id="6447">
<date>2014-12-27T14:00:00+01:00</date>
<start>14:00</start>
<duration>01:00</duration>
<room>Saal 6</room>
<slug>31c3_-_6447_-_en_-_saal_6_-_201412271400_-_let_s_build_our_own_personalized_open_textile_production_line_-_hong_phuc_dang</slug>
<recording>
<license>Public domain</license>
<optout>false</optout>
</recording>
<title>Let’s build our own personalized open textile production line </title>
<subtitle/>
<track>Hardware &amp; Making</track>
<type>lecture</type>
<language>en</language>
<abstract>The talk is about our project to develop software and hardware tools for a fair and environment friendly garment and textile production and how we break down the locks that exists on every level in the industry from design, to software, machines and distribution. </abstract>
<description>The talk is about our project to develop software and hardware tools for a fair and environment friendly garment and textile production and how we break down the locks that exists on every level in the industry from design, to software, machines and distribution.
We want to set up our own personalized open textile production line and offer an alternative to the unethical ways most of our clothes are produced today. At the talk we will present the first successes of this endeavor in our community - Open Source pattern making software, sewing robots, next generation knitting machine upgrades - and challenges that are ahead.
Democratizing digital textile production and offers the chance for a fair and environment friendly production of garments and textiles at home and in the industry. Just as 3D printers enable more and more people to become makers we want to enable digital garment makers to create their own clothes, share them online and produce it where-ever they are.
Members of our projects include software developers, fashion designers, pattern creators, knitters, textile manipulators, hardware hackers, and even industry experts. We started a FashionTec Working Group about two years ago after the annual Libre Graphics meeting in Madrid.
The traditional industry is in a state of complete lock on all levels:
* digital fashion design locked to competing proprietary formats and software
* production locked to machines of producers accepting formats
* distribution lock - locked to existing large distribution channels in order to be a viable business
The Free and Open Source community has taught us that it is possible to overcome a complete proprietary lock down. Let’s repeat this success in the textile and garment industry. We need Free and Open Source software, Open Formats and Open machines. With todays development tools successes are just a short step away. Our talk will give you insights and hopes to inspire more people.
</description>
<persons>
<person id="2658">Hong Phuc Dang</person>
</persons>
<links>
<link href="http://fashiontec.org">FashionTec</link>
<link href="http://www.taumeta.org/">TauMetaTau Physica</link>
</links>
</event>
<event guid="0CpZm9-0S1ja92XDOICX0Q" id="6077">
<date>2014-12-27T16:00:00+01:00</date>
<start>16:00</start>
<duration>01:00</duration>
<room>Saal 6</room>
<slug>31c3_-_6077_-_en_-_saal_6_-_201412271600_-_how_i_learned_to_stop_reinventing_and_love_the_wheels_-_andreas_bihlmaier</slug>
<recording>
<license>CC BY 3.0</license>
<optout>false</optout>
</recording>
<title>How I Learned to Stop Reinventing and Love the Wheels</title>
<subtitle>or having FUN with (home/hackerspace) robotics</subtitle>
<track>Hardware &amp; Making</track>
<type>lecture</type>
<language>en</language>
<abstract>An introduction to the Robot Operating System (ROS) for the home/hackerspace roboticist (if it physically interacts with the world through code, call it robot).</abstract>
<description>All large, feature-rich and complex frameworks suck. True, but too short for a talk. Therefore the talk tries to make a point on why one should still us these frameworks (for robotics). At least so, if one wants to have fun with (home/hackerspace) robotics and do something cool, instead of getting stuck at the usual &quot;trivial&quot; (or low-level, sounds less judging) capabilities.
In order to build robots one needs at least a basic understanding of mechanics, electronics and computer science. Obviously, more advanced robot features in each area, depend on more advanced roboticist skills – and equipment ... and money. The growing community of makers, the proliferation of hackerspaces (cooperators, equipment!) and highly useful consumer devices lessen the hardware related challenges. On the other hand, state-of-the-art open-source robotics software has been available for quite a few years already. Unfortunately, it is still somewhat neglected by the extended, i. e. non-academic, robotics community. The mindset and prejudices of too many hackerspace natives is opposed to using preexisting frameworks, especially large ones, in favor of starting from scratch. Bloat, ugly APIs, deprecated programming styles and of course bad code conventions ... good and good enough reasons to start over (I confess, too!). As a result many projects never get beyond the point of &quot;finally fixed the bug by reflashing the microcontroller with code that sets register bar42=0xf00, now it moves – sort of&quot;.
The famous &quot;Re-inventing the Wheel&quot; comic (http://www.willowgarage.com/sites/default/files/blog/201004/willow_p1_02s.jpg) posted by Willow Garage in 2010, does tell the life cycle of robotics in the PhD world, but not only that. Rather, unfortunately, it pertains to robotic and closely related projects in general.
So in a nutshell, yet another 'Introduction to ROS' talk? Yes, an introduction to the Robot Operating System (ROS).
However, for once without leaving behind the impression (in the hobbyists mind) that this is all cool stuff, but what to do with it when not owning a 100K dollar robot.
The goal is to show a few basics (the Plumbing), as many of the tools and capabilities as time permits and a few words about the people side of things.
(http://www.ros.org/wp-content/uploads/2013/12/ros_equation.png)
Should the robot visually perceive the world? ROS + Webcam(s) / Kinect / Xtion. Hello, out of the box drivers, calibration, point clouds and object recognition.
Should the robot drive around and navigate in the environment? ROS + Navigation stack. Hello, out of the box SLAM.
Should the robot reach out and grasp something? ROS + MoveIt!. Hello, out of the box collision-free motion planning.
Should the robot brain be distributed across multiple computers without changing a line of code? ROS. Hello, out of the box usable(!) middleware.
Should the robot builders be able to create independent, yet compatible modules? ROS. Hello, out of the box modularity (well ok – at least kind of).
Should the robot's world be easily understandable through interactive visualizations? ROS + Rviz / rqt. Hello, out of the box advanced 3D visualization for many types of data.
Is this an advertisement? Yes, for great open source software – to make each of your lines of code do more _interesting_ stuff. Hello ROS world.</description>
<persons>
<person id="4896">Andreas Bihlmaier</person>
</persons>
<links/>
</event>
<event guid="hixbG3OS0o1-lkJG36qcug" id="6234">
<date>2014-12-27T17:15:00+01:00</date>
<start>17:15</start>
<duration>01:00</duration>
<room>Saal 6</room>
<slug>31c3_-_6234_-_en_-_saal_6_-_201412271715_-_the_experimental_robot_project_-_norbert_braun_-_darthrake</slug>
<recording>
<license>CC-BY-3.0</license>
<optout>false</optout>
</recording>
<title>The eXperimental Robot Project</title>
<subtitle>An open-hardware bipedal walking machine</subtitle>
<track>Hardware &amp; Making</track>
<type>lecture</type>
<language>en</language>
<abstract>The talk is on the eXperimental Robot Project (XRP), a project to develop an open-hardware humanoid robot. More precisely, we are focusing on the distinguishing feature of a &lt;i&gt;humanoid&lt;/i&gt; robot - the ability to walk on two legs.
</abstract>
<description>Humanoid robots fascinate us - they appear in nearly every science fiction universe. Compared to Mr. Data or C-3PO, humanoids in reality are rather disappointing. Not only do they lack anything resembling human-level intelligence, but even their walking is slow and fragile - most of them only work on perfectly even ground. While we still have to wait a long time for true artificial intelligence, the recent years have brought substantial progress with respect to motion.
Unfortunately, most of that progress is proprietary - the leading groups, such as Schaft and Boston Dynamics, publish very little beyond Youtube videos. University projects are more open, but still usually do not publish source code or construction drawings. We think that bipedal robots are way too important to be left to the proprietary world, so we decided to learn from what is available and start to build our own, completely open one. In the talk, we will try to share what we have learned so far.
The first part of the talk will be on simulation, which allows us to test control algorithms and to get an idea about the mechanical requirements without having to build actual hardware. We will introduce the basics of rigid body dynamics, discuss the physics of walking and show how a successful walking machine can be built, at least a virtual one.
In the second part of the talk, we will discuss how a physical, human-size robot might be built without needing a 100,000+ € budget. We will present our plans and experiments on sensors, motor drivers and actuators.</description>
<persons>
<person id="4970">Norbert Braun</person>
<person id="3800">darthrake</person>
</persons>
<links>
<link href="http://www.xrpbot.org/">The eXperimental Robot Project</link>
</links>
</event>
<event guid="0a06acd5-709e-4bba-9444-e71f78cd2094" id="6559">
<date>2014-12-27T18:30:00+01:00</date>
<start>18:30</start>
<duration>01:00</duration>
<room>Saal 6</room>
<slug>31c3_-_6559_-_de_-_saal_6_-_201412271830_-_jugend_hackt_-_fiona_krakenburger_-_maria_reimer_-_philipp_kalweit_-_max_nagy_-_lukas_-_nico</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Jugend hackt</title>
<subtitle/>
<track>Hardware &amp; Making</track>
<type>lecture</type>
<language>de</language>
<abstract>Im September 2014 fand die Veranstaltung Jugend hackt statt: Ein Wochenende Hacken, Basteln und Programmieren mit 120 computerbegeisterten Jugendlichen. Wir als Organisatorinnen und Teilnehmer wollen von dem Event erzählen und unsere Erfahrungen teilen. Der Talk richtet sich gleichermaßen an Jugendliche, die sich für's Hacken begeistern, als auch an alle, die sich für Code Literacy, Medienpädagogik oder den IT-Nachwuchs interessieren.</abstract>
<description>&quot;In Deutschland lernen Kinder den Umgang mit Medien trotz Schule.&quot; Das ist das ernüchternde Fazit eines Schulforschers, der dieses Jahr die nicht weniger desillusionierende International Computer and Information Literacy Studie vorstellte. Dabei ist ein grundlegendes Verständnis von Computertechnologien Voraussetzung dafür, sich in einer Welt der digitalen Technologien zurechtzufinden und sie mitgestalten zu können. Da sind sich alle einig, und es wird viel darüber gesprochen. Doch die große Bildungsinitiative lässt auf sich warten, und Nachwuchstalente werden gesellschaftlich noch immer wenig beachtet und noch seltener aktiv gefördert.
Wir von der gemeinnützigen Open Knowledge Foundation Deutschland e.V. wollten nicht länger warten und haben deswegen 2013 das Förderprogramm Jugend hackt ins Leben gerufen. Zuletzt kamen im September 2014 rund 120 Jugendliche aus ganz Deutschland in Berlin zusammen. Gemeinsam mit Gleichgesinnten haben sie an Software- und Hardwareprojekten rund um die Themen Überwachung, Bildung, Gesundheit, Gesellschaft, Freizeit und Umwelt gearbeitet.
Die Jugendlichen, die zwischen 12 und 18 Jahre alt sind, entwickelten insgesamt 27 Projekte, mit denen sie ein deutliches Statement gegen das beliebte Narrativ der politisch desinteressierten Jugend setzten. Sie zeigten nicht nur, dass sie technisch versiert und kreativ mit Computern umgehen konnten, sondern auch einen wachsamen und kritischen Blick auf gesellschaftliche und politische Herausforderungen haben. Alle 27 Projektideen sind selbstständig von den Jugendlichen erarbeitet und umgesetzt worden. Für Fragen standen den Jugendlichen erwachsene Softwareentwickler/innen zur Seite.
Auf dem 31c3 wollen wir unsere Erfahrungen mit euch teilen. Zudem werden Teilnehmer von Jugend hackt ihre entstandenen Projekte vorstellen. Da ist z.B. &quot;Awearness&quot;, ein Armband, das vibriert, wenn eine Überwachungskamera in der Nähe ist. Oder &quot;Dapro&quot;, ein Datenschutzproxy, der über aufgezeichnete Metadaten informiert. Oder die &quot;intelligente Pillenbox&quot;, die Tabletten an demenzkranke Patienten ausgibt und bei Nicht-Einnahme einen Notruf an den Pfleger absetzt.</description>
<persons>
<person id="5289">Fiona Krakenbürger</person>
<person id="5285">Maria Reimer</person>
<person id="5322">Philipp Kalweit</person>
<person id="5323">Max Nagy </person>
<person id="5324">Lukas</person>
<person id="5325">Nico</person>
</persons>
<links/>
</event>
<event guid="qdo1rVjUVrQBHvjWYYx8sQ" id="6412">
<date>2014-12-27T20:30:00+01:00</date>
<start>20:30</start>
<duration>01:00</duration>
<room>Saal 6</room>
<slug>31c3_-_6412_-_en_-_saal_6_-_201412272030_-_towards_general_purpose_reconfigurable_computing_on_novena_-_stars_-_andy_isaacson</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Towards General Purpose Reconfigurable Computing on Novena</title>
<subtitle>FPGAs for Everybody with Novena</subtitle>
<track>Hardware &amp; Making</track>
<type>lecture</type>
<language>en</language>
<abstract>The Novena open source laptop contains a FPGA, but free software support for FPGAs is lacking and requires root access to the hardware.</abstract>
<description>Our work is on providing a framework and a demonstration application for general purpose accelerator cores for Novena's FPGA.</description>
<persons>
<person id="3431">stars</person>
<person id="4229">Andy Isaacson</person>
</persons>
<links/>
</event>
<event guid="P27IBlfmjGfZIib1deB_xg" id="6530">
<date>2014-12-27T21:45:00+01:00</date>
<start>21:45</start>
<duration>01:00</duration>
<room>Saal 6</room>
<slug>31c3_-_6530_-_en_-_saal_6_-_201412272145_-_in_security_of_mobile_banking_-_ericfiliol_-_paul_irolla</slug>
<recording>
<license>CC-BY-3.0</license>
<optout>false</optout>
</recording>
<title>(In)Security of Mobile Banking</title>
<subtitle/>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>This talk presents a deep analysis of banking mobile apps available in the world. Based on static and dynamic analysis as well as on the analysis of the final source code we show that a vast majority of them are not respecting users' privacy and users' data protection. Worse a few of them contains critical bugs</abstract>
<description>Mobile banking is about to become the de facto standard for banking activities. Banking apps – on smartphones and tablets - are widespreading more and more and this evolution aims at strongly limiting the classical access to bank (physical, through PC browser, through ATM…). The aim is first to cut the cost but also to make the personal data explode.
Then three critical issues arise. Since we entrust those mobile applications by feeding them with passwords, private information, and access to one of the most critical part of our like (money):
• Do those applications protect our private life and especially which kind of information is leaking to the bank?
• Are they containing vulnerabilities that could be exploited by attackers?
In this talk, we are going to present a deep analysis of many banking apps collected in the world. We have performed static and dynamic analysis based on the binaries AND the source code. We will show that almost all apps are endangering our private data (sometimes severely) but in a few cases the presence of vulnerabilities are extremely concerning. While we tried to contact all the relevant banks for a free, detailed technical feedback and to help them fixing their apps, we will explain that a few of them did not care about this feedback and therefore did not want to take any security measure.
This talk contains demos and operational results on existing apps.
</description>
<persons>
<person id="3066">ericfiliol</person>
<person id="5221">Paul Irolla</person>
</persons>
<links/>
</event>
<event guid="13hAy7IIWod2RIuLMvnELw" id="6531">
<date>2014-12-27T23:00:00+01:00</date>
<start>23:00</start>
<duration>01:00</duration>
<room>Saal 6</room>
<slug>31c3_-_6531_-_en_-_saal_6_-_201412272300_-_ss7map_mapping_vulnerability_of_the_international_mobile_roaming_infrastructure_-_laurent_ghigonis_-_alexandre_de_oliveira</slug>
<recording>
<license>CC-BY-3.0</license>
<optout>false</optout>
</recording>
<title>SS7map : mapping vulnerability of the international mobile roaming infrastructure</title>
<subtitle/>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>SS7 has been shown repeatedly as an insecure protocol: spoofing, faking, crash through fuzzing, fraud. The main question of our study is to determine how this insecurity is mitigated by network operator’s action to prevent compromise on both network exposure of infrastructure and privacy compromise of subscribers. It's why we wanted to come out with SS7map.</abstract>
<description>SS7 has been shown repeatedly as an insecure protocol: spoofing, faking, crash through fuzzing, fraud. The main question of our study is to determine how this insecurity is mitigated by network operator’s action to prevent compromise on both network exposure of infrastructure and privacy compromise of subscribers.
The goal of SS7map is to provide a global overview by building the first SS7 signaling network world map revealing how vulnerable and exposed are telecom operators and their subscribers. We explain how it is possible for each mapped network to abuse legitimate signalling messages and call flows to discover and fingerprint equipment, intercept SMS messages, and perform massive location tracking of subscribers. More than pure analysis of vulnerability, this map rates and ranks the vulnerability of countries and operators showing discrepancies in the level and type of protection: SCCP screening, SS7 policing, MAP filtering, rate limiting, Network Element security configurations. We then conclude on the direction of signaling security and its current trend and development in the LTE world that shares many similar design insecurities with SS7.</description>
<persons>
<person id="5170">Laurent Ghigonis</person>
<person id="5328">Alexandre De Oliveira</person>
</persons>
<links/>
</event>
</room>
</day>
<day date="2014-12-28" end="2014-12-29T04:00:00+01:00" index="2" start="2014-12-28T11:30:00+01:00">
<room name="Saal 1">
<event guid="Km3oA97mSXAMOZGte_v8Fg" id="6196">
<date>2014-12-28T11:30:00+01:00</date>
<start>11:30</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>31c3_-_6196_-_en_-_saal_1_-_201412281130_-_switches_get_stitches_-_eireann_leverett</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Switches Get Stitches</title>
<subtitle>Industrial System Ownership</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>This talk will introduce you to Industrial Ethernet Switches and their vulnerabilities. These are switches used in industrial environments, like substations, factories, refineries, ports, or other other homes of industrial automation. In other words: DCS, PCS, ICS &amp; SCADA switches. It is a very good companion talk to Damn Vulnerable Chemical Process? Own your own critical infrastructures today!</abstract>
<description>This talk will introduce you to Industrial Ethernet Switches and their vulnerabilities. These are switches used in industrial environments, like substations, factories, refineries, ports, or other other homes of industrial automation. In other words: DCS, PCS, ICS &amp; SCADA switches.
The researchers focus on attacking the management plane of these switches, because we all know that industrial system protocols lack authentication or cryptographic integrity. Thus, compromising any switch allows the creation of malicious firmwares for further MITM manipulation of a live process.
Not only will vulnerabilities be disclosed for the first time (exclusively at 31C3), but the methods of finding those vulnerabilities will be shared. All vulnerabilities disclosed will be in the default configuration state of the devices. While these vulnerabilities have been responsibly disclosed to the vendors, SCADA/ICS patching in live environments tends to take 1-3 years. At least three vendors switches will be examined: Siemens, GE, Garrettcom.
Therefore, this presentation matters to any hackers or anarchists, who believe they have a right to examine the resilience and security of the infrastructures that support their communities.
Own your own critical infrastructures today!
</description>
<persons>
<person id="4081">Eireann Leverett</person>
</persons>
<links/>
</event>
<event guid="DvpNPWPGVgSqGcOI1WK45g" id="6308">
<date>2014-12-28T12:45:00+01:00</date>
<start>12:45</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>31c3_-_6308_-_en_-_saal_1_-_201412281245_-_beyond_pnr_exploring_airline_systems_-_saper</slug>
<recording>
<license>CC-BY-3.0</license>
<optout>false</optout>
</recording>
<title>Beyond PNR: Exploring airline systems</title>
<subtitle/>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>Ever wondered what the cryptic &lt;code&gt;QNY27R&lt;/code&gt; on your airline reservaton means? This talk explores typical computing environment as seen in the air transport industry. Discover ancient software, old communication protocols and cryptic systems. What data are stored and how they are exchanged to keep the air transport industry running. </abstract>
<description>&lt;h2&gt;Airport environment&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;Air traffic control systems&lt;/li&gt;
&lt;li&gt;Flight information systems (FIDS)&lt;/li&gt;
&lt;li&gt;Terminal environment&lt;/li&gt;
&lt;li&gt;Baggage control&lt;/li&gt;
&lt;li&gt;Access control&lt;/li&gt;
&lt;li&gt;Networks and networks&lt;/li&gt;
&lt;/ul&gt;
&lt;h2&gt;Airline environment&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;Reservations/ticketing&lt;/li&gt;
&lt;li&gt;Airline inventory&lt;/li&gt;
&lt;li&gt;Departure control (check-in)&lt;/li&gt;
&lt;li&gt;Flight management&lt;/li&gt;
&lt;li&gt;Load control&lt;/li&gt;
&lt;li&gt;Avionics&lt;/li&gt;
&lt;li&gt;In-flight entertainment&lt;/li&gt;
&lt;/ul&gt;
&lt;h2&gt;Global Distribution Systems&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;SABRE&lt;/li&gt;
&lt;li&gt;Galileo&lt;/li&gt;
&lt;li&gt;Worldspan&lt;/li&gt;
&lt;li&gt;Amadeus&lt;/li&gt;
&lt;/ul&gt;
&lt;h2&gt;Your data with the airline&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;Passenger Name Record&lt;/li&gt;
&lt;li&gt;Departure control data&lt;/li&gt;
&lt;li&gt;Electronic Ticket&lt;/li&gt;
&lt;li&gt;Frequent Travel Data&lt;/li&gt;
&lt;/ul&gt;
&lt;h2&gt;No human is illegal&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;APIS data&lt;/li&gt;
&lt;li&gt;TIMATIC&lt;/li&gt;
&lt;li&gt;PAXLST message&lt;/li&gt;
&lt;li&gt;APP/AQQ&lt;/li&gt;
&lt;li&gt;PNR data exported to the US&lt;/li&gt;
&lt;/ul&gt;
&lt;h2&gt;Communication networks and protocols&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;Telex&lt;/li&gt;
&lt;li&gt;SITA network&lt;/li&gt;
&lt;li&gt;AIRIMP manual&lt;/li&gt;
&lt;/ul&gt;
&lt;h2&gt;Typical airport workstation&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;Terminal emulated on PC&lt;/li&gt;
&lt;li&gt;Boarding pass printers (thermal)&lt;/li&gt;
&lt;li&gt;Bag tag printers&lt;/li&gt;
&lt;li&gt;Document printers (dot matrix)&lt;/li&gt;
&lt;li&gt;Device standarization&lt;/li&gt;
&lt;/ul&gt;
&lt;h2&gt;Software enviroment&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;Direct terminal access&lt;/li&gt;
&lt;li&gt;(Java-based) Terminal emulators&lt;/li&gt;
&lt;li&gt;CUTE enviroment&lt;/li&gt;
&lt;li&gt;Departure from direct mainframe access: EDI&lt;/li&gt;
&lt;/ul&gt;
</description>
<persons>
<person id="2680">saper</person>
</persons>
<links>
<link href="http://pinboard.in/t:BeyondPNR">Collection of #BeyondPNR links</link>
<link href="http://saper.info/talk/31c3">Slide deck online</link>
</links>
</event>
<event guid="yMuYr5eW4o9FpJMw-NwXrg" id="6344">
<date>2014-12-28T14:00:00+01:00</date>
<start>14:00</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>31c3_-_6344_-_en_-_saal_1_-_201412281400_-_security_analysis_of_estonia_s_internet_voting_system_-_j_alex_halderman</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Security Analysis of Estonia's Internet Voting System</title>
<subtitle/>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>Estonia is the only country in the world that relies on Internet voting in a significant way for legally-binding national elections — up to 30% of all voters cast their ballots online. This makes the security of Estonia's Internet voting system of interest to technologists and citizens the world over. Over the past year, I helped lead the first rigorous, independent security evaluation of the system, based on election observation, code review, and laboratory testing. The findings are alarming: there are staggering gaps in Estonia's procedural and operational security, and the architecture of the system leaves it open to cyberattacks from foreign powers. Our investigation confirmed the viability of these attacks in the lab, but the Estonian government has chosen to downplay them. We urgently recommend that Estonia discontinue use of the system before the country suffers a major attack.</abstract>
<description>When Estonia introduced its online voting system in 2005, it became the first country to offer Internet voting nationally. Today, people around the world look to Estonia's example, and some wonder why they can't vote online too. Nevertheless, the system remains controversial. While many Estonians view Internet voting as a source of national pride, one major political party has repeatedly called for it to be abandoned.
Over the past year, I took part in the first rigorous and fully independent security analysis of the Estonian Internet voting system. My team observed operations during the October 2013 and May 2014 elections, conducted interviews with the system developers and election officials, assessed the software through source code review and reverse engineering, and performed tests on a reproduction of the complete system in our lab.
The threats facing national elections have shifted significantly since the Estonian system was designed more than a decade ago. State-level cyberattacks, once a largely hypothetical threat, has become a well documented reality, and attacks by foreign states are now a credible threat to a national online voting system. To test the feasibility of such attacks, we reproduced the I-voting system and played the role of a sophisticated attacker during a mock election. We developed client-side attacks that silently steal votes on voters' own computers We also demonstrated server-side attacks that target introduce malware into the vote counting server, allowing a foreign power or dishonest insider to shifting results in favor of their preferred candidate.
These risks are even more serious because of deviations from procedure and serious lapses in operational security that we observed during real elections. Election workers downloaded security-critical software over unsecured Internet connections, typed server root passwords in full view of observers and public video cameras, and prepared election software for distribution to the public on insecure personal computers, among other examples. These actions indicate a dangerously inadequate level of professionalism in security administration that leaves the whole system open to attack and manipulation.
When we made our study public in Estonia, government responses ranged from dismissive to absurd. Officials discounted them, and the President and Prime Minister insinuated that we had been bought off by a rival political party. We hope that the country can separate technical reality from politics in time to avert a major attack. For other countries that are considering adopting Internet voting, we hope that the weaknesses of the Estonian system can be an important cautionary lesson.</description>
<persons>
<person id="4228">J. Alex Halderman</person>
</persons>
<links>
<link href="https://estoniaevoting.org">Website about our study</link>
<link href="https://jhalderm.com/pub/papers/ivoting-ccs14.pdf">Our full research paper</link>
</links>
</event>
<event guid="psS7-V3-VqYDuiKCr5PmWg" id="6131">
<date>2014-12-28T16:00:00+01:00</date>
<start>16:00</start>
<duration>00:30</duration>
<room>Saal 1</room>
<slug>31c3_-_6131_-_en_-_saal_1_-_201412281600_-_safer_playing_with_lasers_-_sarah</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Safer playing with lasers</title>
<subtitle/>
<track>Hardware &amp; Making</track>
<type>lecture</type>
<language>en</language>
<abstract>How to play with lasers without injuring Yourself and others and how to design the safety circuits of a laser system.</abstract>
<description>This talk covers:
Laser classification
Laser safety
Effects of laser radiation to tissue and eyes
Real world don'ts
Other dangers of laser systems
What to do to be safe
Technical implementation of safety systems
Relevant standards</description>
<persons>
<person id="4642">Sarah</person>
</persons>
<links/>
</event>
<event guid="rHjqtfbslD_ucUr8kW5wcQ" id="6236">
<date>2014-12-28T16:45:00+01:00</date>
<start>16:45</start>
<duration>00:30</duration>
<room>Saal 1</room>
<slug>31c3_-_6236_-_en_-_saal_1_-_201412281645_-_iridium_pager_hacking_-_sec_-_schneider</slug>
<recording>
<license>public domain</license>
<optout>false</optout>
</recording>
<title>Iridium Pager Hacking</title>
<subtitle/>
<track>Hardware &amp; Making</track>
<type>lecture</type>
<language>en</language>
<abstract>The chronicles of reversing the Iridium pager system.</abstract>
<description>The Iridium satellite system provides voice and data coverage to satellite phones, pagers and integrated transceivers over Earth's entire surface. It was built by Motorola over 15 years ago, and parts of it remain unchanged to this day.
Iridium pagers are similar to other pager systems from that time (they are receive-only devices) with the benefit that they will work anywhere on earth. Additionally they work on a receiver-pays subscription model, and due to their age are probably not using cryptography.
Broadcasting messages all over the world sounds interesting enough to take a closer look. As Iridium is a proprietary system, documentation is scarce and hard to come by. But with the rise of software defined radio we can take a peek at what happens over the air...
</description>
<persons>
<person id="2506">Sec</person>
<person id="5339">schneider</person>
</persons>
<links/>
</event>
<event guid="lWgvj2btOjK-_XxUtIs-qw" id="6358">
<date>2014-12-28T17:30:00+01:00</date>
<start>17:30</start>
<duration>00:30</duration>
<room>Saal 1</room>
<slug>31c3_-_6358_-_en_-_saal_1_-_201412281730_-_information_control_and_strategic_violence_-_anita_gohdes</slug>
<recording>
<license>CC-BY-3.0</license>
<optout>false</optout>
</recording>
<title>Information Control and Strategic Violence</title>
<subtitle>How governments use censorship and surveillance as part of their violent repressive tactics</subtitle>
<track>Science</track>
<type>lecture</type>
<language>en</language>
<abstract>Simple access to social media and cell phone has widely been accepted as a positive tool for citizens to voice dissatisfaction with their government and coordinate protest. But why would rulers permit these tools if they merely pose a threat to their own survival? This talk will investigate how a government’s ability to censor and limit the flow of information feeds into its choice of violent responses to protest. I will talk about the conditions under which a government is likely to benefit more from surveilling the free flow of information, and under which conditions it is more likely to benefit from censorship.
</abstract>
<description>A few weeks before the first mass protests ensued across Syria in March 2011, the Regime led by President Bashar Al-Assad lifted a large number of bans on social networking platforms, including Facebook and Youtube. Up to that point, the Regime had controlled the most regulated media landscape and telecommunications market in the Middle East, which is why the move towards providing access to social media sites not even permitted in China was not something to be expected. Why, after all these years of extreme censorship, does a government suddenly permit free access to, and generation of, information?
The ability to connect via large social network platforms has been celebrated as an important way for ordinary citizens to collectively organise protest in light of repressive rulers. The revolutions in the Middle East and North Africa have spurred a new and important research area on the effects of digital communication technology on citizen’s propensity to voice dissent and organise protest and resistance. The fact that anyone with a working network connection can now access, generate, and exchange content on the internet has been termed a ‘game changer’ for authoritarian regimes intent on maintaining control in light of mass popular protest.
What has remained largely unanswered, is how regimes resolved to stay in power can make use of their ability to surveil, censor, and limit the flow of information in an age where the majority of communication has been relegated to the inter- net and mobile phones. Understanding the way in which this new form of control feeds into more traditional means of repression, such as the use of extreme forms of physical coercion, is a crucial part of this process. In this talk, I will discuss under which conditions the free flow of information is likely to prove helpful in conducting effective state repression, and under which conditions the censoring of information access is likely to be more beneficial.
Regimes intent on maintaining power against all adversaries have long since combined the use of censorship with physical violations of those deemed threatening to their position. The introduction of digital communication technology has, however, altered the costs and benefits of limiting the flow of information when conducting coercive campaigns. When Syria’s government decided to unblock social networking sites, it might thus have simultaneously increased its intelligence for counterinsurgency operations, while also providing new ways of collective action for the opposition. Investigating these changes and how they affect the tactics of state violence is a crucial first step in understanding how contemporary and future governments are likely to incorporate their control of communication technology into strategies of repression.
I use supervised machine-learning to analyze over 60,000 records of killings perpetrated by the Syrian Regime in the ongoing conflict, and classify them according to their event circumstances, to arrive at a categorization between targeted and untargeted acts of repression. I find that higher levels of information accessibility are consistently linked to an increase in the proportion of targeted repression, whereas areas with little or no access witness more indiscriminate campaigns of violence.
</description>
<persons>
<person id="5080">Anita Gohdes</person>
</persons>
<links/>
</event>
<event guid="xmlu4jFXkob2t8CUHi0Rng" id="6294">
<date>2014-12-28T18:15:00+01:00</date>
<start>18:15</start>
<duration>00:30</duration>
<room>Saal 1</room>
<slug>31c3_-_6294_-_de_-_saal_1_-_201412281815_-_vor_windows_8_wird_gewarnt_-_ruedi</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Vor Windows 8 wird gewarnt</title>
<subtitle>Und nichts (Secure) Bootet mehr?</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>de</language>
<abstract>Im Vortrag sollen technische und gesellschaftliche Konsequenzen der von Microsoft kontrollierten Windows-8-Secure-Boot-Architektur und mögliche Gegenmaßnahmen diskutiert werden.</abstract>
<description>Nachdem die Einführung einer Microsoft-kontrollierten Sicherheitsinfrastruktur durch politischen Widerstand lange aufgehalten werden konnte, hat Microsoft inzwischen ein weiteres Mal Fakten geschaffen. In den Hardwareanforderungen für Windows 8 wird Secure Boot verpflichtend vorausgesetzt. Andere Betriebssysteme können in der Praxis bisher nur mit technisch und rechtlich problematischen Notkonstruktionen gestartet werden.
Für die stark wachsende ARM-Prozessorwelt soll dem Nutzer sogar komplett die Kontrolle entzogen werden. Dies beinhaltet sogar eine Zwangsaktivierung und ein Verbot der Deaktivierung des Microsoft-kontrollierten Secure-Boot-Prozesses.
Was vielen lange Zeit als der bekannte Kampf zwischen Hackern und Microsoft um die freie Nutzung unserer Gerätschaften erschien, erhielt durch die politischen Entwicklungen höchste Brisanz für die gesamte Industrie. Microsoft kann und hat auch schon ohne nachvollziehbare Begründung konkurrierende Bootloader deaktiviert.
Ein Szenario, dass Microsoft (möglicherweise durch US-Regierungsdruck) die Berechtigung für die von Microsoft unterschriebene Bootloader für Linux-Distributionen zurückzieht, will man sich insbesondere für sicherheitskritische Systeme oder eingebettete Systeme nicht wirklich vorstellen.
Während deutsche Behörden darüber diskutieren, wie sehr vor Windows 8 gewarnt werden sollte, verbot China völlig die Verwendung von Windows 8 auf staatlichen Computern.
Im Vortrag sollen weitere technische und gesellschaftliche Konsequenzen vom Microsoft-kontrollierten Sicherheitsinfrastrukturen und mögliche Gegenmaßnahmen diskutiert werden.</description>
<persons>
<person id="1545">ruedi</person>
</persons>
<links/>
</event>
<event guid="defd3b01-c39d-433f-b3c4-dbea1ea2fe00" id="6595">
<date>2014-12-28T19:00:00+01:00</date>
<start>19:00</start>
<duration>00:30</duration>
<room>Saal 1</room>
<slug>31c3_-_6595_-_en_-_saal_1_-_201412281900_-_hard_drive_punch_-_aram_bartholl</slug>
<recording>
<license>CC-BY-3.0</license>
<optout>false</optout>
</recording>
<title>»Hard Drive Punch«</title>
<subtitle>Destroying data as a performative act</subtitle>
<track>Art &amp; Culture</track>
<type>lecture</type>
<language>en</language>
<abstract>In general data is stored on technically sensitive systems and can easily be lost. At the same time files today appear often as indestructible once uploaded to the Internet.</abstract>
<description>In this presentation I will talk about a variety of approaches on data destruction and how these connect to current events and questions in society. From professional hard drive punch systems and art projects to DIY thermite melting, the art of destroying data is a wide spread cultural phenomenon.
Workshop: Bring your old hard drives to have them crushed with the IDEAL 0101 hard drive punch or cut the data platter yourself by hand.
Competition: You think you can still recover files from this drive? Which methods are the best?
</description>
<persons>
<person id="4383">Aram Bartholl</person>
</persons>
<links>
<link href="http://datenform.de">Aram Bartholl</link>
</links>
</event>
<event guid="1NE5joYD0o-gaf5SqL-1Nw" id="6258">
<date>2014-12-28T20:30:00+01:00</date>
<start>20:30</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>31c3_-_6258_-_en_-_saal_1_-_201412282030_-_reconstructing_narratives_-_jacob_-_laura_poitras</slug>
<recording>
<license>CC-BY-3.0</license>
<optout>false</optout>
</recording>
<title>Reconstructing narratives</title>
<subtitle>transparency in the service of justice</subtitle>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>Surveillance, cryptography, terrorism, malware, economic espionage, assassination, interventions, intelligence services, political prisoners, policing, transparency, justice and you.</abstract>
<description>Structural processes and roles are designed to create specific outcomes for groups. Externally facing narratives are often only one of many and they seek to create specific outcomes by shaping discourse. We will cover a wide range of popular narratives surrounding the so-called Surveillance State. We intend to discuss specific historical contexts as well as revealing new information as part of a longer term research project.</description>
<persons>
<person id="1083">Jacob</person>
<person id="5258">Laura Poitras</person>
</persons>
<links/>
</event>
<event guid="gRbk7OprwZBqF3cv0NddMQ" id="6156">
<date>2014-12-28T21:45:00+01:00</date>
<start>21:45</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>31c3_-_6156_-_en_-_saal_1_-_201412282145_-_fernvale_an_open_hardware_and_software_platform_based_on_the_nominally_closed-source_mt6260_soc_-_bunnie_-_xobs</slug>
<recording>
<license>CC-BY-SA 3.0</license>
<optout>false</optout>
</recording>
<title>Fernvale: An Open Hardware and Software Platform, Based on the (nominally) Closed-Source MT6260 SoC</title>
<subtitle>A Lawful Method for Converting Closed IP into Open IP</subtitle>
<track>Hardware &amp; Making</track>
<type>lecture</type>
<language>en</language>
<abstract>We introduce Fernvale, a reverse-engineered, open hardware and software platform based upon Mediatek's MT6260 value phone SoC. The MT6260 is the chip that powers many of the $10 GSM feature phones produced by the Shanzhai.
Fernvale is made available as open-licensed schematics, board layouts, and an RTOS based upon the BSD-licensed NuttX, as well as a suite of open tools for code development and firmware upload. We discuss our technical reverse engineering efforts, as well as our methodology to lawfully import IP from the Shanzhai ecosystem into the Maker ecosystem. We hope to establish a repeatable, if not labor-intensive, model for opening up previously closed IP of interest, thereby outlining a path to leveling the playing field for lawful Makers.
</abstract>
<description>There is a set of technology which Makers are legally allowed access, and there is a much larger set of technology which is used to make our every day gadgets. Access to the best closed-source technology is prevented via barriers such as copyright (limiting your ability to learn how it works), patent (limiting your ability to make something similar), and supply-chain (limiting your ability to buy it). As a result, open-licensed, Maker-friendly technologies have trailed closed-source technology in terms of cost, performance, and features.
Makers operating under Western IP law are legally bound by these barriers, and are forced to settle for Arduinos, Beaglebones, Raspberry Pis and Novenae. However, all of these are a far cry in terms of cost, performance, and features from what consumers typically expect from boxes purchased in retail stores.
Our research into the Chinese ecosystem indicates there is another way. Originally marginalized as outlaws and copycats, the Shanzhai of China – China's counterpart to the Western hacker-maker – exist in a realm where copyright and patent barriers are permeable, a state which we refer to as 'gongkai'. As a result, knowledge and access to state of the art closed source technology has diffused into the Shanzhai ecosystem. Today, they have moved beyond the rote copying of Nokia, Samsung, and Apple, and have created a thriving, vibrant ecosystem where mobile technology is rip/mix/burned; their products are mass-produced at a rate of millions per month for the “rest of the world”, e.g. emerging markets such as Africa, Brazil, India, Indonesia, and Russia.
About a year ago, we did a tear-down of an example $12 phone, and contrasted it to the Arduino Uno. For $29, the Arduino Uno gets you a 16MHz, 8-bit CPU with 2.5k of RAM, and USB plus a smattering of GPIO as the sole interfaces. For $12, a phone out of the Chinese gongkai ecosystem gets you a 260 MHz, 32-bit CPU with 8MiB of RAM, with USB, microSD, SIM, quad-band GSM, Bluetooth, an OLED display and a battery. It begs the question of why, when Makers talk about IoT technologies in the West, they typically think of wifi-powered solutions in the $20-70 range, versus a GSM platform in the $10-$20 range.
In this lecture, we disclose an attempt to short-circuit the disclosure barrier. We are releasing an open hardware and software solution built around the Mediatek MT6260. The MT6260 is a 32-bit ARM7EJ-S SoC with 8MiB of PSRAM in-package, as well as USB, LCD, touchscreen, audio, Bluetooth, quad-band GSM, dual-SIM, FM radio, UART, keypad, SD card, camera, and other peripherals integrated. The chip can be purchased on the over-the-counter market for about $2-3 in China. We call our solution built around this chip “Fernvale”.
Fernvale is similar to the “LinkIt ONE” recently released by Mediatek and Seeed Studios, based upon the MT2502A SoC and targeted at IoT and wearables. LinkIt indicates a new direction for Mediatek and we are optimistic that their effort indicates a new pattern of openness toward Makers. At the time of this proposal's submission, the details of the LinkIt ONE platform are still unfolding, but the basic feature set looks comparable to that of Fernvale. However, it seems the LinkIt SDK is still based upon a closed-source Nucleus RTOS providing services to an open Arduino-like API.
Unlike LinkIt ONE, Fernvale runs a port of NuttX, a small-footprint BSD-licensed RTOS that is Posix and ANSI compliant, and includes a partial set of drivers for the available hardware peripherals. The mainboard is laid out to function as either a SoM (system on module) or as a truncated Arduino shield (with the appropriate headers populated), and focuses on the computational abilities of the platform. In other words, Fernvale is not positioned as a mobile phone solution per se, but rather as an Engineering Development Kit (EDK) for embedded applications that can benefit from a highly-integrated, low-cost high-performance microcontroller solution such as the MT6260. As a result, the mainboard breaks out a selection of GPIO as well as the speaker, battery, USB, and SD card interfaces. The mainboard also serves as a base platform for rallying a larger community of developers who can aid with the task of reverse engineering and writing legally open drivers for its massive peripheral set.
Two expansion headers are provided on the mainboard. A larger UX header can be used to attach a keypad + LCD + audio interface, for applications that require UI elements. A smaller analog header enables users to attach an RF front-end of their choosing, which could potentially enable GSM-compatible voice and data services, if drivers were to exist.
This lecture will also discuss our experiences reverse engineering, and our approach to open-sourcing the MT6260. We had to reverse engineer significant portions of the system, including but not limited to circuit board layouts, hardware configuration options, bootloader protocols, partial register maps, and the internal boot ROM of the SoC. This reverse engineering effort was necessary to create a blob-free software implementation, and to give developers an alternative to Mediatek's proprietary firmware flashing utilities to upload code. It was also necessary to create schematics and circuit board maskworks which have an original copyright thereby giving us the right to pick an open license for the hardware designs.
We took special pains to ensure our method was lawful and the resulting work is copyright-clean under U.S. law. We did review some non-open-licensed chip documentation and code examples available for download from open file-sharing sites. None of these materials were restricted by DRM. American copyright law contains a fair-use exception that allows limited copying and examination of such materials for the purpose of understanding the ideas and functional concepts embodied in them. We believe our download and review of those materials is fair use. Should potential copyright holders disagree with our interpretation, we invite any offended parties to engage us in rational discourse.
We believe that Makers have for too long lived in the shadow of overbearing copyright laws. We need to develop an example of how to import ideas from less strict IP jurisdictions where innovation is flourishing; failing this, hardware Makers run the risk of being eternally behind the Shanzhai. Fernvale is our first attempt at developing a legal context for importing IP from the gongkai ecosystem into a fully open source solution; we hope our example will embolden other developers to pursue more ambitious targets. We also hope our work may, in the long term, catalyze meaningful Maker-friendly reform to Western IP law by raising awareness of the disparity between East and West, with the success of the Shanzhai serving as evidence of how permissive IP policy can be good for both grass-roots innovators (the Shanzhai) and big businesses (Mediatek and the phone network operators) alike.
</description>
<persons>
<person id="3155">bunnie</person>
<person id="4376">Xobs</person>
</persons>
<links/>
</event>
<event guid="6bXRd7c5UJbIlb4QiTd1ng" id="6321">
<date>2014-12-28T23:00:00+01:00</date>
<start>23:00</start>
<duration>00:30</duration>
<room>Saal 1</room>
<slug>31c3_-_6321_-_en_-_saal_1_-_201412282300_-_the_matter_of_heartbleed_-_zakir_durumeric</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>The Matter of Heartbleed</title>
<subtitle>What went wrong, how the Internet reacted, what we can learn for the future</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>The Heartbleed vulnerability took the Internet by surprise in April of this year. The vulnerability was one of the most consequential in the history of the Internet, since it allowed attackers to potentially steal login credentials, cryptographic keys, and other private data from up to half of all popular HTTPS sites. In this talk, we take a detailed look at Heartbleed and its aftermath, based on comprehensive measurements and analysis that our research team performed over the past six months. We began tracking Heartbleed's impact within hours of its disclosure using massive ZMap scans and large network telescopes. This allowed us to track which sites remained vulnerable, observe certificate revocations, and monitor for large scale attacks in close to real time. Based on this data, we also conducted one of the largest ever mass vulnerability notifications, informing the network administrators for all devices still susceptible to Heartbleed across the entire IPv4 address space. Finally, we investigated the question of whether attackers knew about and exploited Heartbleed prior to its public disclosure---and we will present new details about this question in the talk. We hope that by learning from the Heartbleed security disaster, our community can prepare to respond more effectively to such events in the future. </abstract>
<description>&lt;p&gt;In March 2014, researchers found a catastrophic vulnerability in OpenSSL, the cryptographic library used to secure connections in popular servers including Apache and Nginx. The bug allowed attackers to extract cryptographic keys, login credentials, and other private data from an estimated 22-55% of HTTPS sites. Worsening its severity, the bug was both simple to understand and exploit.&lt;/p&gt;
&lt;p&gt;We used ZMap to perform comprehensive scans of the IPv4 address space and popular web servers in the days and months following disclosure. We provide more extensive estimates on who was originally vulnerable, track who patched their sites, and replaced certificates. We will present exactly which server products and devices were vulnerable. We will further discuss how Heartbleed affected the HTTPS CA ecosystem. Worryingly, we find that only 10% of the known vulnerable sites replaced their certificates within the next month, and of those that did, 14% neglected to change the private key, gaining no protection from certificate replacement! We'll also present the shortcomings in the public key infrastructure that Heartbleed unearthed and problems our community needs to focus on moving forward.&lt;/p&gt;
&lt;p&gt;We investigated widespread attempts to exploit Heartbleed post disclosure at four network sites. We will discuss the subsequent exploit attempts we observed from almost 700 sources and the Internet-wide scans that started post disclosure. We also investigated whether exploit attempts took place prior to Heartbleed's public disclosure, including examining suspicious network traces recorded months earlier. We will disclose new details of these traces and their implications in the talk.&lt;/p&gt;
&lt;p&gt;Even with global publicity, Heartbleed patching plateaued after two weeks. To try to help, we notified network administrators responsible for more than 500,000 unpatched systems. While much of the security community (including us!) assumed that mass vulnerability notifications would be too difficult or ineffective, we found that it increased the Heartbleed patching rate by nearly 50%. We will discuss how we performed these notifications, the reactions of network operators, and prospects for performing automatic mass notifications based on Internet-wide scanning in future vulnerability events.&lt;/p&gt;
&lt;p&gt;Throughout the talk, we will use real world data to frame what went well and what went poorly in the Internet's response to Heartbleed. The vulnerability's severe risks, widespread impact, and costly global cleanup qualify it as a security disaster. However, by understanding what went wrong and learning from it, the Internet security community can be better prepared to address major security failures in the future.&lt;/p&gt;</description>
<persons>
<person id="5006">Zakir Durumeric</person>
</persons>
<links>
<link href="https://jhalderm.com/pub/papers/heartbleed-imc14.pdf">The Matter of Heartbleed Research Paper</link>
<link href="https://zmap.io/heartbleed/">ZMap Heartbleed Health Report</link>
<link href="https://jhalderm.com">Alex Halderman's web site</link>
<link href="https://zakird.com">Zakir Durumeric's web site</link>
</links>
</event>
<event guid="4aOXU9cdQYbirV0Q-k5usw" id="6212">
<date>2014-12-28T23:30:00+01:00</date>
<start>23:30</start>
<duration>00:30</duration>
<room>Saal 1</room>
<slug>31c3_-_6212_-_en_-_saal_1_-_201412282330_-_heartache_and_heartbleed_the_insider_s_perspective_on_the_aftermath_of_heartbleed_-_nick_sullivan</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Heartache and Heartbleed: The insider’s perspective on the aftermath of Heartbleed</title>
<subtitle>The untold story of what really happened, how it was patched and what was learned.</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>Two weeks after the Heartbleed bug was announced, CloudFlare patched the Heartbleed bug, created a challenge to prove the bug could be used to find private keys (uncovering a second bug in OpenSSL) and turned its entire network into a giant honeypot. This session will discuss the specific steps taken to prevent early disclosure, creating and scaling the first public vulnerability test, how the CloudFlare Heartbleed challenge showed that you can reveal private SSL keys (how a second bug in OpenSSL made this possible) the incredible impact of revoking over 100,000 certificates in a single day, and the results of our honeypot revealing the proportion of attack traffic versus research traffic. </abstract>
<description>CloudFlare was notified about Heartbleed as soon as it was discovered--ahead its public announcement--and took extreme precaution to not reveal anything about the bug. This required communicating only over secure channels, restricting the visibility of the branch from which we built the workaround, and using secure software deployment methods.
After the patch was announced, there was a rush to reverse engineer the bug and create an exploit. The cloudFlare team immediately started working proof of concept, and hosted it on a website allowing others to scan for vulnerable sites. Within minutes, the original site was flooded with requests. CloudFlare’s Nick Sullivan will share this process and the feats pulled off to make sure the site could scale and provide accurate results. He will go into the numbers and technical details of the PoC and speak about its bugs and how they were found. Statistics and anonymized raw data of the 70+ millions of results will be provided, giving an overview of the patching process over time.
It was clear soon after the bug was revealed that the number of servers affected by this bug was massive. What wasn’t clear was the scope of data that was vulnerable to attack. In order to determine the risk to private keys from this vulnerability, his team launched the CloudFlare Heartbleed Challenge. They set up a site that was vulnerable to the attack, added logging and created a webpage to submit a signed proof of key ownership. In less than a day, there were several successful submissions. Nick will go over the naive (but successful) strategy used to extract keys and the more advanced technique based on Coppersmith’s Method. Finally he will discuss the *second* OpenSSL bug we discovered that allowed the private key to be extracted via Heartbleed.
After the exploits were in the wild, his team added logging to see who was trying to exploit this bug. Nick will reveal the results of this analysis and cross-reference the results with the IPs of the test site. These numbers give new insight into how many people were attempting to maliciously exploit this flaw versus research done to probe vulnerable sites.
Once the dust settled and the team worked out the details with our CA, we revoked over 80,000 of CloudFlare’s SSL certificates. This turned into an internet scaling nightmare, resulting in a constant flood of more than 40 gigabits per second of traffic to serve overgrown certificate revocation lists. Since CloudFlare provides caching for its CA, the team bore the brunt of this traffic. Their revocation lists would have DDoSed most sites (and some certificate authorities) off the internet. Nick will talk about caching CRLs, and how the revocation system was not designed for this scale of internet flaw.
In conclusion we he will summarize the many ways this coding error revealed some of the deeper flaws in the internet, and discuss ways we can move forward. Nick will share actionable advice and the security strategies used by cloud service companies on how to monitor the way companies store keys internally.
Attendees will leave with actionable advice on how to better secure their own systems against the next Heartbleed and the security strategies used by cloud service companies on how to monitor the way companies store keys internally.</description>
<persons>
<person id="5003">Nick Sullivan</person>
</persons>
<links>
<link href="http://blog.cloudflare.com/answering-the-critical-question-can-you-get-private-ssl-keys-using-heartbleed">Answering the Critical Question: Can You Get Private SSL Keys Using Heartbleed?</link>
<link href="http://blog.cloudflare.com/the-results-of-the-cloudflare-challenge">The Results of the CloudFlare Challenge</link>
<link href="http://blog.cloudflare.com/the-hard-costs-of-heartbleed">The Hidden Costs of Heartbleed</link>
</links>
</event>
<event guid="Mw1wjnNzwxzSkM3Ip5Lg0g" id="6109">
<date>2014-12-29T00:15:00+01:00</date>
<start>00:15</start>
<duration>01:30</duration>
<room>Saal 1</room>
<slug>31c3_-_6109_-_de_-_saal_1_-_201412290015_-_fnord_news_show_-_frank_-_fefe</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Fnord News Show</title>
<subtitle>Wir helfen Euch die Fnords zu sehen.</subtitle>
<track>Entertainment</track>
<type>lecture</type>
<language>de</language>
<abstract>Im Format einer lockeren Abendshow werden wir die Nachrichten-Highlights des Jahres präsentieren, die Meldungen zwischen den Meldungen, die subtilen Sensationen hinter den Schlagzeilen.</abstract>
<description>Kommen Sie, hören Sie, sehen Sie! Lassen Sie sich mitreißen!</description>
<persons>
<person id="1633">frank</person>
<person id="1621">Fefe</person>
</persons>
<links/>
</event>
</room>
<room name="Saal 2">
<event guid="1116a02b-0312-4949-9921-d605148bfccb" id="6573">
<date>2014-12-28T11:30:00+01:00</date>
<start>11:30</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>31c3_-_6573_-_en_-_saal_2_-_201412281130_-_from_computation_to_consciousness_-_joscha</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>From Computation to Consciousness</title>
<subtitle>How computation helps to explain mind, universe and everything</subtitle>
<track>Science</track>
<type>lecture</type>
<language>en</language>
<abstract>How can the physical universe give rise to a mind? I suggest to replace this confusing question by another one: what kind of information processing system is the mind, and how is the mind computed? As we will see, even our ideas of the physical universe turn out to be computational. Let us explore some fascinating scenery of the philosophy underlying Artificial Intelligence.</abstract>
<description>How do minds work? In my view, this is the most interesting question of all, and our best bet at answering it lies in building theories that we can actually test in the form of computer programs, that is, in building Artificial Intelligence. Let us explore some of the philosophical ideas that explicitly or implicitly form the basis of Artificial Intelligence.
The idea that minds are some kind of machine, mechanical contraptions, seems to be unconvincing, even offending to many people, even if they accept that the physical universe is a machine, and minds are part of that universe. Computer science has revolutionized our concept of machines, though: no longer do we see machines as mechanical arrangements of parts that pull and push against each other, but as arbitrary, stable causal arrangements that perform regular changes on their environment. We can think about mathematical machines, like cellular automatons, about financial, social or ecological machines. Machines do not have to be human-made artifacts, they are a way of conceptualizing regular processes and dynamic systems. In the case of conceptualizing the human mind, what matters is not biology, chemistry, or structural properties of the brain, but what these implement: a class of machine that is capable to process information, in very specific ways. The mind is not necessarily a mechanical machine, but certainly an information processing machine, a computational system.
Computationalism is the notion that minds can and have to be modeled as computational, and in its strong form, it maintains that the mind actually _is_ a computer, implemented by a physical mechanism. But the ideas of computation have permeated our understanding of the world even further. Our understanding of physics no longer conforms to mechanical world views (i.e. parts and particles pulling and pushing against each other), but requires us to switch to the broader notion of how the universe processes information. The foundational theories of physics are concerned with how the universe is computed.
In the view of universal computationalism, the question of what sort of thing minds are resolves into the question whether hypercomputation is possible, and if not, what classes of computation are involved in their functionality.
Computationalism systematizes the intuitions we get naturally while we program computers, and it helps us understand some of the deepest questions of cosmology, epistemology and the nature of the mind in ways that did not exist in the past.</description>
<persons>
<person id="4034">Joscha</person>
</persons>
<links/>
</event>
<event guid="e8e29f6a-11df-491a-acae-1253879ae8f9" id="6600">
<date>2014-12-28T12:45:00+01:00</date>
<start>12:45</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>31c3_-_6600_-_en_-_saal_2_-_201412281245_-_tell_no-one_-_james_bamford</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Tell no-one</title>
<subtitle>A century of secret deals between the NSA and the telecom industry</subtitle>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>For nearly one hundred years, the NSA and its predecessors have been engaging in secret, illegal deals with the American telecom industry, with both virtually immune from prosecution.</abstract>
<description>How did this begin? How does it work? How much have US presidents known? What happens when they get caught? Will it change after the Snowden revelations? A fascinating look at a hundred years of handshakes and backroom deals between the eavesdroppers and the telecom executives. </description>
<persons>
<person id="5307">James Bamford</person>
</persons>
<links/>
</event>
<event guid="ELK9-ZQeFcqKxBYW8eay8g" id="5956">
<date>2014-12-28T14:00:00+01:00</date>
<start>14:00</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>31c3_-_5956_-_en_-_saal_2_-_201412281400_-_cyber_necromancy_-_joseph_tartaro_-_matthew_halchyshak</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Cyber Necromancy</title>
<subtitle>Reverse Engineering Dead Protocols</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>Reverse engineering is not all binaries and byte-code. The black art also extends to networks and unobtainable game servers. In this talk we go into the gruesome details of how we dug through the graveyards of console binaries and mausoleums of forgotten network protocols in order to stitch together the pieces necessary to bring our favorite game Metal Gear Online back to life.
We will be examining the process of reverse engineering the games custom network protocols in all angles from packet logs to low level disassembly of client code.</abstract>
<description>In this presentation we will be discussing the path we took to successfully develop our own private server for Metal Gear Online on the Sony PlayStation 2 and PlayStation 3 video game consoles. Interestingly enough this was a private server that was developed after the original was already taken offline, so we did not have a live active server to help with the reverse engineering. Due to this we ran into some issues but ultimately succeeded. We believe that the details of the techniques that we used will prove useful for anyone attempting similar actions in the future. The topics that we will discuss in this talk will cover a wide range of high and low level issues related to network protocol and binary reversing.
We will begin with an overall survey of the general problems faced by anyone attempting this type of work. The talk will quickly delve from the high-level and simple issues into the more technical aspects of reverse engineering in the blind. We will be including the techniques we used to determine the protocol and payload responses that the client was expecting. Describing in detail how we honed in on common traits that we expected to see on the network, using open source knowledge and binary level reverse engineering of client code to determine the expected response.
We expect the attendees of this talk to walk away with knowledge that will help them in the future when working on similar projects or any activities related to protocol reverse engineering.</description>
<persons>
<person id="4720">Joseph Tartaro</person>
<person id="4705">Matthew Halchyshak</person>
</persons>
<links/>
</event>
<event guid="66379bd1-4e68-4bcf-9d1e-0f4c38fbe78e" id="6582">
<date>2014-12-28T16:00:00+01:00</date>
<start>16:00</start>
<duration>00:30</duration>
<room>Saal 2</room>
<slug>31c3_-_6582_-_de_-_saal_2_-_201412281600_-_das_transparenzportal_hamburg_-_lothar_hotz</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Das Transparenzportal Hamburg</title>
<subtitle>Inhalt und Umsetzung</subtitle>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>de</language>
<abstract>Im Vortrag wird die technische Umsetzung des Transparenzportals Hamburg vorgestellt.</abstract>
<description>Die Inhalte des Portals werden durch das Hamburger Transparenzgesetz bestimmt. Aufgrund der Vielzahl der anzubindenden heterogenen Systeme wurde eine umfassende Architektur entwickelt, die es erlaubt, über einen dezidierten Zugang
alle angebundenen Systeme zu erreichen. Der Zugang besteht aus einem Webportal sowie einer API, die die maschinelle Abfrage der Portalinhalte erlaubt.</description>
<persons>
<person id="5256">Lothar Hotz</person>
</persons>
<links/>
</event>
<event guid="oBQMMNfX5t-5TBIk3z6pOg" id="6295">
<date>2014-12-28T16:45:00+01:00</date>
<start>16:45</start>
<duration>00:30</duration>
<room>Saal 2</room>
<slug>31c3_-_6295_-_de_-_saal_2_-_201412281645_-_krypto_fur_die_zukunft_-_ruedi</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Krypto für die Zukunft</title>
<subtitle>Verteidigung gegen Dunkle Künste</subtitle>
<track>Science</track>
<type>lecture</type>
<language>de</language>
<abstract>(K)ein kleiner Rant über Elliptische Kurven, Quantencomputer, Bitcoins und die NSA et al.</abstract>
<description>1 Was würde Ihrer Meinung nach passieren, wenn ein funktionierender
Quantencomputer entwickelt würde? Auf welche Arten von Kryptografie
würde sich das wie auswirken?
Quantencomputer können mit Hilfe des Shor Algorithmus die gängigen
Public Key Verfahren, wie beispielsweise RSA und DSA, sehr effektiv
attackieren. Aber auch die neueren Verfahren, welche Elliptische
Kurven verwenden, sind betroffen. Für diese Angriffe benötigt man eine
von der Schlüssellänge abhängigen Anzahl von qubits. Elliptisch Kurven
Kryptosysteme nutzen deutlich kürzere Schlüssel, im Falle von Bitcoin
256 bit. Das klassische RSA System verwendet in der heutigen Praxis
mindestens 2048 bit.
2 Wären Bitcoins dann wertlos? Wenn ja, warum genau?
Ein erfolgreicher Angriff gegen die in Bitcoin verwendete
Signaturfunktion, würde wegen des geschickten Design, nicht sofort
alle Bitcoins wertlos machen.
Bitcoin nutzt zunächst statt des eigentlichen öffentlichen Schlüssels
eine von diesem mit Hilfe von zwei verschiedenen Hashfunktionen
abgeleiteten Adresse. Der Public Key wird erst bei einer Überweisung
selbst enthüllt. Dieses Vorgehen verkürzt die möglichen
Angriffszeiten, falls nicht noch Geld auf dem Konto gelassen wird. Aus
Sicherheitsgründen sollte für jede Transaktion eine neue Adresse
verwendet werden, was bisher nur aus Datenschutzgründen empfohlen
wurde.
3 Was sehen Sie an der bei Bitcoin verwendeten Kryptografie kritisch?
Auch wenn man sicher an einigen Stellen aus Sicht der
Kryptographieforschung die ein oder andere Verbesserung vorschlagen
könnte, welche auch teilweise schon in alternativen Systemen
erfolgreich eingesetzt werden, ist jedoch gerade die Einfachheit und
Robustheit der eingesetzten Konstruktionen zu loben. Die Autoren
verfügen über ausgezeichnete Kryptographiekenntnisse.
Die in bitcoin verwendete Kurve Secp256k1 wurde zwar begründet
ausgewählt, bedarf jedoch einer intensiveren Beforschung. Die 256 bit
Schlüssellänge verschafft keinen beruhigenden Sicherheitsspielraum.
Eine Wahl von 512 bit wäre die bessere Wahl gewesen. Auch würde eine
Wahl von unterschiedlichen Kurven für jede Transaktion stärker der
Bitcoin-Philosophie entsprechen.
4 Können Sie grob einschätzen wie lange es noch dauert bis der erste
echte funktionierende Quantencomputer entwickelt wird? Wie hoch ist
Ihrer Einschätzung nach die Chance, dass das in den kommenden
Jahrzehnten passiert?
Es ist leider von außen sehr schwer einzuschätzten wie weit die
amerikanischen Dienste bei der Entwicklung von Quantencomputern
gekommen ist. Die Enthüllung von Snowden zeigten, dass die US
Regierung erhebliche Mittel zur Erforschung von neuartigen
Angriffsmöglichkeiten aufwendet In jedem Falle erscheinen Public Key
Schlüssellängen von mehr als die üblichen 256 bit empfehlenswert.
5 Warum wird heute PostQuantum-Kryptographie so gut wie noch nicht
verwendet? Was sind die Hürden beim Einsatz? Wäre es möglich Bitcoin auf
PostQuantum-Kryptographie umzustellen, ohne dass dabei alle vorhanden
Coins ihren Wert verlieren?
PostQuantum-Kryptographie ist eine recht junge Forschungsrichtung. Die
bisher vorgeschlagenen Verfahren können oftmals noch nicht
hinsichtlich Schlüssellängen und Ausführungsgeschwindigkeit mit den
bisherigen Ansätzen konkurrieren.
Es erscheint wegen der umfassenden Gefährdung der gesamten
Internetkommunikation, die bei einem Quantencomputerdurchbruch sehr
schnell eintreten würde, unabdingbar mathematische Grundlagenforschung
zur Entwicklung zukunftsicheren Verfahren stärker zu fördern.
Bitcoin könnte auf PostQuantum-Kryptographie umgestellt werden, ohne
dass dabei alle vorhanden Coins ihren Wert verlieren.</description>
<persons>
<person id="1545">ruedi</person>
</persons>
<links/>
</event>
<event guid="UqfjLnUNKqc6-WzUjP6YQg" id="6541">
<date>2014-12-28T17:30:00+01:00</date>
<start>17:30</start>
<duration>00:30</duration>
<room>Saal 2</room>
<slug>31c3_-_6541_-_en_-_saal_2_-_201412281730_-_forging_the_usb_armory_-_andrea_barisani</slug>
<recording>
<license>CC-BY-3.0</license>
<optout>false</optout>
</recording>
<title>Forging the USB armory</title>
<subtitle>Creating an open source secure flash-drive-sized computer</subtitle>
<track>Hardware &amp; Making</track>
<type>lecture</type>
<language>en</language>
<abstract>The presentation will cover the journey that we have taken to develop the USB armory board from scratch, explaining the lessons learned and its prospected applications.</abstract>
<description>Inverse Path recently introduced the USB armory project (http://inversepath.com/usbarmory), an open source hardware design, implementing a flash drive sized computer for security applications. The USB armory is a compact USB powered device that provides a platform for developing and running a variety of applications.
The security features of the USB armory System on a Chip (SoC), combined with the openness of the board design, empower developers and users with a fully customizable USB trusted device for open and innovative personal security applications.
The presentation will cover the journey that we have taken to develop the USB armory board from scratch, explaining the lessons learned and its prospected applications.</description>
<persons>
<person id="4941">Andrea Barisani</person>
</persons>
<links>
<link href="http://inversepath.com/usbarmory">USB armory project</link>
<link href="https://github.com/inversepath/usbarmory">USB armory github</link>
<link href="http://dev.inversepath.com/download/usbarmory/forging_the_usb_armory.pdf">Presentation</link>
</links>
</event>
<event guid="lcqCv-SWZ2OTU7b2xqw9tg" id="6202">
<date>2014-12-28T18:15:00+01:00</date>
<start>18:15</start>
<duration>00:30</duration>
<room>Saal 2</room>
<slug>31c3_-_6202_-_en_-_saal_2_-_201412281815_-_privacy_and_consumer_markets_-_reuben_binns</slug>
<recording>
<license>CC BY 3.0</license>
<optout>false</optout>
</recording>
<title>Privacy and Consumer Markets</title>
<subtitle>Reversing the Surveillance Business Model</subtitle>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>The internet may be the nervous system of the 21st century, but its main business purpose is helping marketers work out how to make people buy stuff. This talk maps out a possible alternative, where consumers co-ordinate online, pooling their data and resources to match demand with supply.</abstract>
<description>The internet, perhaps the most incredible communications medium ever created, is fast becoming the nervous system of the 21st century. But right now its primary business function is to gather data about us, to categorise and sort us, to machine learn our most intimate secrets, all so that marketers can craft advertisements designed to extract as much money out of us as possible.
As well as being the cause of our current privacy and surveillance woes, this business model is also a surprisingly inefficient way of matching consumers with stuff they actually want and need. A vast infrastructure of ad servers, data brokers, CRMs, and real-time bidding platforms exists in order to quietly nudge consumers to buy a different brand of soap. The problem is that we are easily nudged, and being a rational consumer in the modern economy requires an impossible amount of time, information and intelligence. Realistically, it is beyond the powers of human computation.
The seeds of a technology-driven alternative are emerging in some corners of the economy. A range of new tools crunch through masses of pricing and product data to help consumers avoid getting ripped off, and find the products they really need. Collective buying schemes have enabled households to club together in their thousands to negotiate better, cheaper, more sustainable suppliers of home energy and other products. The growth of free software, peer production and decentralised systems demonstrate that technology for independence, co-operation and empowerment are possible outside of the traditional market model. Combining these trends suggests a possible future where ordinary people collectively pool their data, computation and buying power to drive the production and allocation of goods and services, rendering the surveillance-advertising business model redundant in the process.</description>
<persons>
<person id="5014">Reuben Binns</person>
</persons>
<links/>
</event>
<event guid="T7Ta13fUuQaAbv1JlO4-Qg" id="6459">
<date>2014-12-28T19:00:00+01:00</date>
<start>19:00</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>31c3_-_6459_-_en_-_saal_2_-_201412281900_-_the_invisible_committee_returns_with_fuck_off_google_-_anonymous_member_of_tarnac_solidarity_committee_-_tarnac_nine</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>The Invisible Committee Returns with &quot;Fuck Off Google&quot;</title>
<subtitle>Cybernetics, Anti-Terrorism, and the ongoing case against the Tarnac 10</subtitle>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>“There will be people who resist adopting and using technology, people who want nothing to do with virtual profiles, online data systems or smart phones. Yet a government might suspect that people who opt out completely have something to hide and thus are more likely to break laws, and as a counterterrorism measure, that government will build the kind of ‘hidden people’ registry we described earlier. If you don’t have any registered social-networking profiles or mobile subscriptions, and on-line references to you are unusually hard to find, you might be considered a candidate for such a registry. You might also be subjected to a strict set of new regulations that includes rigorous airport screening or even travel restrictions.”</abstract>
<description>The figure of the hacker contrasts point by point with the figure of the engineer, whatever the artistic, police-directed, or entrepreneurial efforts to neutralize him may be. Where the engineer would capture everything that functions in such a manner that everything functions better, in order to place it in the service of the system, the hacker asks himself “How does that work?” in order to find its flaws, but also to invent other uses, to experiment. Experimenting then means exploring what such and such a technique implies ethically. The hacker pulls techniques out of the technological system in order to free them. If we are slaves of technology, this is precisely because there is a whole ensemble of artifacts of our everyday existence that we take to be specifically “technical” and that we will always regard simply as black boxes of which we are the innocent users. The use of computers to attack the CIA attests rather clearly that cybernetics is no more the science of computers than astronomy is the science of telescopes. Understanding how any of the devices that surround us brings an immediate increase in power, giving us a purchase on what will then no longer appear as an environment, but as a world arranged in a certain way and one that we can shape. This is the hacker’s perspective on the world.
These past few years, the hacker milieu has gained some sophistication politically, managing to identify friends and enemies more clearly. Several substantial obstacles stand in the way of its becoming-revolutionary, however. In 1986, “Doctor Crash” wrote: “Whether you know it or not, if you are a hacker you are a revolutionary. Don’t worry, you’re on the right side.” It’s not certain that this sort of innocence is still possible. In the hacker milieu there‘s an originary illusion according to which “freedom of information,” “freedom of the Internet,” or “freedom of the individual” can be set against those who are bent on controlling them. This is a serious misunderstanding. Freedom and surveillance, freedom and the panoptical belong to the same paradigm of government.
Historically, the endless expansion of control procedures is the corollary of a form of power that is realized through the freedom of individuals. Liberal government is not one that is exercised directly on the bodies of its subjects or that expects a filial obedience from them. It’s a background power, which prefers to manage space and rule over interests rather than bodies. A power that oversees, monitors, and acts minimally, intervening only where the framework is threatened, against that which goes too far. Only free subjects, taken en masse, are governed. Individual freedom is not something that can be brandished against the government, for it is the very mechanism on which government depends, the one it regulates as closely as possible in order to obtain, from the amalgamation of all these freedoms, the anticipated mass effect. Ordo ab chao.
Government is that order which one obeys “like one eats when hungry and covers oneself when cold,” that servitude which I coproduce at the same time that I pursue my happiness, that I exercise my “freedom of expression.” “Market freedom requires an active and extremely vigilant politics,” explained one of the founders of neoliberalism. For the individual, monitored freedom is the only kind there is. This is what libertarians, in their infantilism, will never understand, and it’s this incomprehension that makes the libertarian idiocy attractive to some hackers. A genuinely free being is not even said to be free. It simply is, it exists, deploys its powers according to its being. We say of an animal that it is en liberté, “roaming free,” only when it lives in an environment that’s already completely controlled, fenced, civilized: in the park with human rules, where one indulges in a safari. “Friend” and “free” in English, and “Freund” and “frei” in German come from the same Indo-European root, which conveys the idea of a shared power that increases. Being free and having ties was one and the same thing. I am free because I have ties, because I am linked to a reality greater than me. In ancient Rome, the children of citizens were liberi : through them, it was Rome that was growing. Which goes to show how ridiculous and what a scam the individual freedom of “I do what I feel like doing” is. If they truly want to fight the government, the hackers have to give up this fetish. The cause of individual freedom is what prevents them from forming strong groups capable of laying down a real strategy, beyond a series of attacks; it’s also what explains their inability to form ties beyond themselves, their incapacity for becoming a historical force. A member of Telecomix alerts his colleagues in these terms: “What is certain is that the territory you’re living in is defended by persons you would do well to meet. Because they’re changing the world and they won’t wait for you.”
Another obstacle for the hacker movement, as every new meeting of the Chaos Computer Club demonstrates, is in managing to draw a front line in its own ranks between those working for a better government, or even the government, and those working for its destitution. The time has come for taking sides. It’s this basic question that eludes Julian Assange when he says: “We high-tech workers are a class and it’s time we recognize ourselves as such.” France has recently exploited the defect to the point of opening a university for molding “ethical hackers.” Under DCRI supervision, it will train people to fight against the real hackers, those who haven’t abandoned the hacker ethic.
These two problems merged in a case affecting us. After so many attacks that so many of us applauded, Anonymous/LulzSec hackers found themselves, like Jeremy Hammond, nearly alone facing repression upon getting arrested. On Christmas day, 2011, LulzSec defaced the site of Strafor, a “private intelligence” multinational. By way of a homepage, there was now the scrolling text of The Coming Insurrection in English, and $700,000 was transferred from the accounts of Stratfor customers to a set of charitable associations – a Christmas present. And we weren’t able to do anything, either before or after their arrest. Of course, it’s safer to operate alone or in a small group – which obviously won’t protect you from infiltrators – when one goes after such targets, but it’s catastrophic for attacks that are so political, and so clearly within the purview of global action by our party, to be reduced by the police to some private crime, punishable by decades of prison or used as a handle for pressuring this or that “Internet pirate” to turn into a government agent.
</description>
<persons>
<person id="5124">Anonymous member of Tarnac Solidarity Committee</person>
<person id="5296">tarnac nine</person>
</persons>
<links>
<link href="https://twitter.com/@anosamis">Twitter: A nos amis</link>
<link href="http://www.bloom0101.org/">bloom0101.org</link>
</links>
</event>
<event guid="T7aunKcOFBLl5b8IGVqJWQ" id="6129">
<date>2014-12-28T20:30:00+01:00</date>
<start>20:30</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>31c3_-_6129_-_en_-_saal_2_-_201412282030_-_attacks_on_uefi_security_inspired_by_darth_venamis_s_misery_and_speed_racer_-_rafal_wojtczuk_-_corey_kallenberg</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Attacks on UEFI security, inspired by Darth Venamis's misery and Speed Racer</title>
<subtitle/>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>On modern Intel based computers there exists two powerful and protected code regions: the UEFI firmware and System Management Mode (SMM). UEFI is the replacement for conventional BIOS and has the responsibility of initializing the platform. SMM is a powerful mode of execution on Intel CPUs that is even more privileged than a hypervisor. Because of their powerful positions, SMM and UEFI are protected by a variety of hardware mechanisms. In this talk, Rafal Wojtczuk and Corey Kallenberg team up to disclose several prevalent vulnerabilities that result in SMM runtime breakin as well as arbitrary reflash of the UEFI firmware.
</abstract>
<description>In 2009 Rafal Wojtczuk and Alexander Tereshkin described the first publicly presented BIOS reflash exploit. Then in 2013 Corey Kallenberg presented the second instance of this class of vulnerability with an exploit targeting Dell BIOS. Now, in 2014, Rafal and Corey have joined forces to complete the destruction of the jedi^H^H BIOS.
The UEFI firmware is normally the first code to execute on the CPU, putting it in a powerful position to subvert other components of the platform. Because of its security critical nature, the UEFI code resides on a flash chip that is protected against arbitrary writes via a number of chipset protection mechanisms. Besides initializing the platform and bootstrapping to an operating system, UEFI is also charged with instantiating the all powerful System Management Mode (SMM). SMM is neither readable or writeable by any other code on the platform. In fact, SMM has the ability to read and write hypervisor protected memory, but the converse is not true! These properties make SMM an ideal place to store a rootkit. Similar to the UEFI firmware, because of these security critical properties, there are hardware mechanisms that protect the integrity and confidentiality of SMM.
This talk will explore attack surface against SMM and UEFI that has not previously been discussed. We will highlight a bug in one of the critical hardware protection mechanisms that results in a compromise of the firmware. We will also directly target a part of the UEFI specification that provides SMM exploitation opportunities. The vulnerabilities disclosed and their corresponding exploits are both prevalent among UEFI systems and reliably exploitable.
The consequences of these vulnerabilities include hypervisor and TXT subversion, bricking of the victim platform, insertion of powerful rootkits, secure boot break, among other possibilities.
</description>
<persons>
<person id="4940">Rafal Wojtczuk</person>
<person id="4934">Corey Kallenberg</person>
</persons>
<links/>
</event>
<event guid="78e2d419-0adc-43ff-989e-95a78ac9ddd4" id="6585">
<date>2014-12-28T21:45:00+01:00</date>
<start>21:45</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>31c3_-_6585_-_en_-_saal_2_-_201412282145_-_inside_field_station_berlin_teufelsberg_-_bill_scannell</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Inside Field Station Berlin Teufelsberg</title>
<subtitle>The story of the NSA listening post – told by an ex-SIGINT analyst who worked there</subtitle>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>Of all the NSA's Cold War listening posts, their intelligence facility on top of Berlin's Teufelsberg was their most secretive.</abstract>
<description>Field Station Berlin – its white tower and geodesic domes visible for miles around – was the epicenter of of the western intelligence community's most sensitive SIGINT operations. Now abandoned, the ghosts of &quot;The Hill&quot; know many stories left untold.
Ever wondered how it was to work there at the height of the Cold War? What did people do there, anyway? And what it was really like inside the day Ronald Reagan said, &quot;we begin bombing in five minutes&quot;?
Wonder no longer. As a young SIGINT analyst straight out of college in the 1980's, Bill Scannell was there and will tell (almost) all.</description>
<persons>
<person id="5306">Bill Scannell</person>
</persons>
<links/>
</event>
<event guid="xyADKdXtvEgJWo6eaTmUBQ" id="6291">
<date>2014-12-28T23:00:00+01:00</date>
<start>23:00</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>31c3_-_6291_-_en_-_saal_2_-_201412282300_-_doing_right_by_sources_done_right_-_sarah_harrison_-_grace_north</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Doing right by sources, done right</title>
<subtitle/>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>Whistleblowing is becoming a progressively popular topic and ways to technically support anonymous submissions by journalistic sources are being increasingly discussed and developed. However, there is much more to protecting sources than the technical side. There is currently little discussion about the surrounding ethics, operational security and public protections of sources. Two women that have expertise in all areas of source protection; from submission, to publication, to after-care explain and discuss what source protection really means, issues that have arisen in recent years, often causing disastrous consequences, as well as the important lessons to learn from these and successful cases.</abstract>
<description>Speakers: Sarah Harrison: Courage Acting Director and WikiLeaks Investigations Editor and Grace North: Jeremy Hammond campaign manager
With current technology the ability for journalists to be provided with large data sets securely is increasing. With the surveillance revelations from Snowden there is much talk about ways for the public and journalists to work online safely, and how this can be used to help protect sources. However, there are few to no discussions about a holistic attitude to source protection. In fact we can see in the past that its often not technical, but operational security issues that pose the greatest threat to source's ongoing safety, whether that is the source's or journalist's operational security, informants, or lack of after care.
Source protection begins at the point of contact, and it doesn’t stop at publication - in some cases, the real work actually begins at publication. From the angle of investigations editor at WikiLeaks, a publishing organisation with a clean record of source protection, Harrison is well placed to explain the nuanced areas of source protection for media, from submission through to publication.
But its not just within the publication process that source protection needs to be considered. Simply not printing a sources name is not enough. It’s irresponsible for journalists to speculate about sources they know little about, or to publicly speculate that an unnamed source is on the loose. Recently media outlets have suggested there is another NSA source, leaking information to the Intercept and elsewhere. What has that incurred? The US government launched an internal investigation to hunt out any other suspected sources, and we know well what the United States does to whistleblowers.
And for media and the public alike there is an aftercare responsibility to sources that have risked so much for our right to know - how they are supported and spoken about. Both Harrison and North are experts in how media and the public have and should protect sources. Media generally abandons sources (they did in the case of Manning and Hammond in a devastating way), this can and should change. In addition public solidarity is vital for sources, we have this past year seen a growing trend in pitting sources against one another in the public domain: Harrison and North will discuss the dangers and consequences of this.
While the use of the term “whistleblower” is increasingly used and understood, it doesn’t always describe a source. Courage uses the term ‘truthteller’ to encompass all people who bring secret truths to public light. Someone like Jeremy Hammond, who did not work for Stratfor or its clients, but knew its operations were of interest to the public at large, to the citizens of a government that subscribes to Stratfor’s services, is a truthteller. He is an outsider who worked, allegedly, to make important truths public, and thus a vital journalistic source, without whom we wouldn’t have hundreds upon hundreds of valuable news stories on the private intelligence industry.
These lessons give us a better understanding of what has gone right and wrong with recent high-level sources, like Manning, Snowden and Hammond, but they should also be building blocks for an understanding of the principles involved and how we can employ them in the future. Courage wants to continue protecting the sources we know about, but we also work to engender a culture of support for whistleblowing, a knowledgeable and ethical media class, and a trust among sources that journalists will protect them from start to finish. We encourage whistleblowing as a key method to keeping governments and powerful corporations accountable to the public, but we must be responsible first. This talk will explain and highlight these lessons from a first hand perspective, giving an understanding of what real source protection means, and how the media and public can perform it. The speakers will take questions after.
</description>
<persons>
<person id="5055">Sarah Harrison</person>
<person id="4690">Grace North</person>
</persons>
<links/>
</event>
<event guid="74711c06-8813-4158-b102-36dbbe374d13" id="6606">
<date>2014-12-29T00:15:00+01:00</date>
<start>00:15</start>
<duration>01:30</duration>
<room>Saal 2</room>
<slug>31c3_-_6606_-_de_-_saal_2_-_201412290015_-_fnord_news_show_stream_-_fefe_-_frank_rieger</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Fnord News Show (Stream)</title>
<subtitle>Wir helfen Euch die Fnords zu sehen.</subtitle>
<track>Entertainment</track>
<type>lecture</type>
<language>de</language>
<abstract>Im Format einer lockeren Abendshow werden wir die Nachrichten-Highlights des Jahres präsentieren, die Meldungen zwischen den Meldungen, die subtilen Sensationen hinter den Schlagzeilen.</abstract>
<description>Kommen Sie, hören Sie, sehen Sie! Lassen Sie sich mitreißen!</description>
<persons>
<person id="1621">Fefe</person>
<person id="5183">Frank Rieger</person>
</persons>
<links/>
</event>
</room>
<room name="Saal G">
<event guid="XGqu620EKR92-WUWMXNRvA" id="6021">
<date>2014-12-28T11:30:00+01:00</date>
<start>11:30</start>
<duration>01:00</duration>
<room>Saal G</room>
<slug>31c3_-_6021_-_en_-_saal_g_-_201412281130_-_why_is_gpg_damn_near_unusable_-_arne_padmos</slug>
<recording>
<license>CC-BY-3.0</license>
<optout>false</optout>
</recording>
<title>Why is GPG &quot;damn near unusable&quot;?</title>
<subtitle>An overview of usable security research</subtitle>
<track>Science</track>
<type>lecture</type>
<language>en</language>
<abstract>GPG has been correctly described as &quot;damn near unusable&quot;. Why is this so? What does research into usable security tell us? This talk covers the history, methods, and findings of the research field, as well as proposed solutions and open questions.</abstract>
<description>With all the frustration around trying to get Glen Greenwald to use encryption [0,1], it is not surprising that Edward Snowden has described GPG as &quot;damn near unusable&quot; [2]. Such usability problems of end-to-end email encryption tools have been around for a long time. In 1999, a seminal study found that most participants were unable to use PGP 5.0 to encrypt an email when given 1.5 hours to do so [3]. Others have tried to solve these usability problems by automating the key exchange and encryption [4]. However, issues persist around a lack of end-user trust in the software [5], difficulties in getting encryption widely implemented, and having to deal with a general absence of understanding the email architecture [6].
Despite being almost 50 years old [7], email is still not widely encrypted on an end-to-end basis. In this year's SOUPS keynote (the major conference on usable security), Christopher Soghoian described how we as a community are not doing nearly enough to get security into the hands of consumers: we are mostly stuck with the same broken interface as PGP 5.0 from back in 1999, people still face the same conceptual barriers, and we still have crappy defaults [8]. While there has been renewed interest in end-to-end email encryption after the Snowden revelations [9], many projects do not take usability into account.
This talk goes into some of the dos and don'ts gleaned from the usable security research field. Building on a discussion of the history, methodology, and findings of the research, the talk will cover topics including the constraints of humans, the need for clear mental models, and the usefulness of user testing. Some examples of successes and failures will be used to illustrate a range of usable security principles. Remaining pain points such as metadata protection, key management, and end-user understanding will be covered, including proposals for fixing these such as anonymous routing, more appropriate metaphors, and trust on first use. Various open questions will also be discussed, including:
- Should we patch the existing email architecture or should we move towards new protocols?
- How can the crypto community build subversion-resistant collaboration platforms?
- Is there a way to standardise our cryptoplumbing to a restricted set of secure algorithms?
- Can we provide developers with usable coding technologies to prevent nightmares like OpenSSL?
- How should we involve end-users into the development cycle of open source software?
- Can we empower end-users to take security back into their own hands?</description>
<persons>
<person id="4773">Arne Padmos</person>
</persons>
<links>
<link href="http://vimeo.com/56881481">[0] GPG for Journalists, anon108</link>
<link href="http://en.wikipedia.org/wiki/No_Place_to_Hide_(Greenwald_book)">[1] No place to hide, Glenn Greenwald</link>
<link href="https://www.youtube.com/watch?v=onrTo1sYri8">[2] Snowden speaks at HOPE X in 2014 with Ellsberg</link>
<link href="http://www.gaudior.net/alma/johnny.pdf">[3] Why Johnny can't encrypt</link>
<link href="http://groups.csail.mit.edu/lapis/projects/secure-email/soups05.pdf">[4] Johnny 2</link>
<link href="https://cups.cs.cmu.edu/soups/2013/proceedings/a5_Ruoti.pdf">[5] Confused Johnny</link>
<link href="https://www.petsymposium.org/2014/papers/Renkema.pdf">[6] Why doesn't Jane protect her privacy?</link>
<link href="http://www.multicians.org/thvv/anhc-34-1-anec.html">[7] Electronic mail and text messaging in CTSS</link>
<link href="https://www.youtube.com/watch?v=is9luGFzqgA">[8] Sharing blame for NSA's dragnet surveillance</link>
<link href="https://github.com/OpenTechFund/secure-email">[9] Overview of projects working on next-generation secure email</link>
</links>
</event>
<event guid="c3efec0b-cfb1-4e59-88fd-f519dd31d9a6" id="6563">
<date>2014-12-28T12:45:00+01:00</date>
<start>12:45</start>
<duration>02:15</duration>
<room>Saal G</room>
<slug>31c3_-_6563_-_en_-_saal_g_-_201412281245_-_lightning_talks_day_2_-_gedsic</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Lightning Talks Day 2</title>
<subtitle/>
<track>Other</track>
<type>lecture</type>
<language>en</language>
<abstract>Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick! </abstract>
<description/>
<persons>
<person id="5263">gedsic</person>
</persons>
<links>
<link href="https://events.ccc.de/congress/2014/wiki/Static:Lightning_Talks">31C3 Wiki: Lightning Talks</link>
</links>
</event>
<event guid="1Xe2U3LqTfMTXAvI6hrgxg" id="6325">
<date>2014-12-28T16:00:00+01:00</date>
<start>16:00</start>
<duration>00:30</duration>
<room>Saal G</room>
<slug>31c3_-_6325_-_de_-_saal_g_-_201412281600_-_gifs_tod_eines_mediums_und_sein_leben_nach_dem_tod_-_felix_mutze</slug>
<recording>
<license>CC-BY-3.0</license>
<optout>false</optout>
</recording>
<title>GIFs: Tod eines Mediums. Und sein Leben nach dem Tod.</title>
<subtitle>Wie es kommt, dass technischer Fortschritt den Nutzern gänzlich egal sein kann.</subtitle>
<track>Science</track>
<type>lecture</type>
<language>de</language>
<abstract>Im Grunde sind GIFs Schnee von gestern. Es gibt zahlreiche Alternativen, die das, was ein GIF kann, besser können. Und trotzdem haben sich GIFs als Kulturtechnik durchgesetzt. Oder war es nur ein letzter Hype vor dem Tod? Wie kommt es, dass ein Medium, das schon in den 90ern veraltet war, sich noch zwei Jahrzehnte später bester Beliebtheit erfreut? Und was können wir daraus über die Diskrepanz zwischen aktueller technischer Entwicklung einerseits und der tatsächlichen Nutzung von Technologie andererseits lernen?</abstract>
<description>In seiner langen Geschichte hat das Dateiformat GIF einiges an Auf und Ab erlebt. Mittlerweile ist es technisch völlig überholt, wurde mehrfach totgesagt, teils aktiv bekämpft und wurde trotzdem nicht völlig von der technisch besseren Konkurrenz abgelöst. Zu verdanken ist diese Entwicklung neben einigen Zufällen vor allem den Internetnutzern selbst. Denn obwohl sich GIFs technisch seit 1998 nicht mehr verändert haben, findet das Internet immer wieder neue Anwendungen für die Zappelbilder.
Der Vortrag blickt kurz auf die vielen Tode zurück, welche das GIF-Format schon gestorben ist – oder die ihm gewünscht wurden – und behandelt die aktuelle Entwicklung, bei der WebM angetreten ist, das Kapitel GIF zu beenden.
Viel wichtiger ist jedoch der Blick auf die Seite der Nutzer. Anhand von Beispielen aus den letzten Jahrzehnten werden Gründe dafür analysiert, weshalb GIFs immer wieder belebt werden konnten.
Am Ende bleibt die Frage, ob und wie sich das Erfolgsrezept GIF auf andere Medien und Technologien übertragen lässt.
Und: Ja, natürlich spielt auch Pr0n eine Rolle.</description>
<persons>
<person id="5063">Felix Mütze</person>
</persons>
<links>
<link href="http://metagif.wordpress.com">metagif blog</link>
</links>
</event>
<event guid="0T8GTXjwMVJLM_n5VEuE0A" id="6144">
<date>2014-12-28T16:45:00+01:00</date>
<start>16:45</start>
<duration>00:30</duration>
<room>Saal G</room>
<slug>31c3_-_6144_-_en_-_saal_g_-_201412281645_-_finding_the_weak_crypto_needle_in_a_byte_haystack_-_ben_h</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Finding the Weak Crypto Needle in a Byte Haystack</title>
<subtitle>Automatic detection of key-reuse vulnerabilities</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>Using the same stream cipher key twice is known to be a Very Bad Idea, but keystream-resuse vulnerabilities are still very much a thing of the present - both in legitimate software and in the malware landscape. We describe a heuristic algorithm which can detect vulnerabilities of this kind. We explain the inner workings of the algorithm and demonstrate a proof-of-concept attack on sevreral examples of vulnerable data, including files encrypted by the DirCrypt malware and encrypted traffic generated by malware such as variants of Zeus and Ramnit.</abstract>
<description>When operating a stream cipher, reusing a keystream introduces a critical weakness to the resulting ciphertext: the encryption becomes vulnerable to easy (and sometimes /very/ easy) cryptographic attacks. This is due to the encryption's linear nature - for instance, XORing a plaintext with the corresponding ciphertext yields keystream bytes. While key reuse is a widely known issue, it's an issue that keeps arising in practice. The soviets did it during WWII, Microsoft did it in the implementation of Word 2003 document encryption, and malware authors did it when designing variants of Zeus, DirCrypt and Ramnit.
To exploit a vulnerability, you must first realize it's there. Unfortunately, many instances of homebrew crypto operate on the &quot;security by obscurity&quot; principle, and don't reveal their implementation details. As a result, detecting key reuse often requires trial and error, an accidental epiphany or a night spent reverse engineering - and in all these cases, luck and human effort. In this presentation we show an approach to automating this task - based on the linear properties of stream ciphers, redundancy in the text and Bayesian reasoning. Finally, we demonstrate the algorithm's operation in several real-world use cases.
Math Ph.D. not required.</description>
<persons>
<person id="4950">Ben H.</person>
</persons>
<links/>
</event>
<event guid="n8k2uElFR872zYbrs7kycQ" id="6071">
<date>2014-12-28T17:30:00+01:00</date>
<start>17:30</start>
<duration>00:30</duration>
<room>Saal G</room>
<slug>31c3_-_6071_-_en_-_saal_g_-_201412281730_-_hacking_ethics_in_education_-_jeroen_van_der_ham</slug>
<recording>
<license>CC-BY-3.0</license>
<optout>false</optout>
</recording>
<title>Hacking Ethics in Education</title>
<subtitle/>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>Ethics in Computer Science is now finally gaining some well deserved attention. At the University of Amsterdam, we have started an ethical committee for the System and Network Engineering Master. In this talk we describe how and why we started this committee, and also look back at our first results.</abstract>
<description>Ethics in Computer Science is now finally gaining some well deserved attention. With the advent of Big Data, Cloud Computing, and the Internet of Things, much of our daily life is happening through digital channels. As most of us have learned, developers do not consider security to be an important point, imagine how much they consider the social aspect of their product or code. This is a huge problem, not only because it presents security and privacy risks for the users, but also presents moral dilemmas for hackers and researchers.
Since my PirateBay blocking study, I have become interested in ethics in computer science. In that study I gathered personally identifiable information, to be able to prove that the website blockade was ineffective. These kinds of moral dilemmas are hard to judge, and in computer science we have no history of teaching or awareness about this.
At the University of Amsterdam, we have started an ethical committee for the System and Network Engineering Master. In this talk we describe how and why we started this committee, and also look back at our first results.</description>
<persons>
<person id="4812">Jeroen van der Ham</person>
</persons>
<links>
<link href="https://www.os3.nl/2014-2015/info/ethics">Ethical Procedures for SNE Master</link>
<link href="https://1sand0s.nl">Personal Blog</link>
</links>
</event>
<event guid="KNu4tX4NRJCFiFCsIh-FxA" id="6399">
<date>2014-12-28T18:15:00+01:00</date>
<start>18:15</start>
<duration>00:30</duration>
<room>Saal G</room>
<slug>31c3_-_6399_-_en_-_saal_g_-_201412281815_-_global_civil_society_under_attack_-_michael_carbone</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Global Civil Society Under Attack</title>
<subtitle>Reports from the Frontlines</subtitle>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>An update to our Reports from the Frontlines talk at OHM 2013, we will provide the latest stories and figures from Access' digital security helpline that provides security incident response and technical support to civil society groups and human rights defenders around the world.</abstract>
<description>Access runs a dedicated 24-hour digital security helpline for civil society groups out of three offices in Tunisia, Costa Rica, and the Philippines. We serve groups around the world in a variety of contexts, securing communications, providing website security support, incident response, and strategic security planning and training.
In this talk we'll explore what trends we've seen on the helpline, both in reactive incident response and technical support requests by civil society groups. We'll also discuss the recent Digital First Aid Kit worked on by a number of organizations including Access, and some longer term initiatives and goals such as an official civil society CERT (CiviCERT).</description>
<persons>
<person id="5086">Michael Carbone</person>
</persons>
<links>
<link href="https://program.ohm2013.org/event/126.html">OHM 2013 talk</link>
<link href="https://www.accessnow.org/pages/tech">Tech page on Access website</link>
<link href="https://digitaldefenders.org/digitalfirstaid/">Digital First Aid Kit</link>
<link href="http://www.trusted-introducer.org/directory/teams/civicert.html">CiviCERT</link>
</links>
</event>
<event guid="qRQclNxyOV7ZYPwbrXrw1Q" id="6370">
<date>2014-12-28T19:00:00+01:00</date>
<start>19:00</start>
<duration>00:30</duration>
<room>Saal G</room>
<slug>31c3_-_6370_-_en_-_saal_g_-_201412281900_-_internet_of_toilets_-_tbsprs</slug>
<recording>
<license>CC-BY-3.0</license>
<optout>false</optout>
</recording>
<title>Internet of toilets</title>
<subtitle>Trends in the sanitarian territory</subtitle>
<track>Hardware &amp; Making</track>
<type>lecture</type>
<language>en</language>
<abstract>A toilet is a toilet is a toilet ... was a toilet. Nowadays hackers discover a larger interest in doing more with toilets then just what they were designed for in the first place. Within the &quot;Internet of things&quot; scene the sanitarian sphere claims a place of its own. This talk will present current projects, technologies used and research published.</abstract>
<description>This talk provides an overview of past and current hardware installations, services and publications that focus on the sanitarian territory. People track a wide variety of things: doors, water consumption, visiting times, paper usage and not to forget the habits of their pets. The range of implementations starts of with dedicated Twitter streams, exploratory websites and ends of with APIs, consumable services and extensive statistics which allow analysis over time. You will get to know the detailed installation architecture which allows building your own toilet tracking.
Furthermore, the talk outlines the serious aspects of the Internet of toilets and its importance for the society. Hygiene facts and economic considerations are discussed.
One of the motivations for this talk besides a general interest in the topic itself is the vision to realize such an installation for the congress in the near future (talking about 31c3).
</description>
<persons>
<person id="4983">tbsprs</person>
</persons>
<links/>
</event>
<event guid="xvPazrSLJdMwzpnphpOEIQ" id="6534">
<date>2014-12-28T20:30:00+01:00</date>
<start>20:30</start>
<duration>01:00</duration>
<room>Saal G</room>
<slug>31c3_-_6534_-_en_-_saal_g_-_201412282030_-_mining_for_bugs_with_graph_database_queries_-_fabs</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Mining for Bugs with Graph Database Queries</title>
<subtitle/>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>While graph databases are primarily known as the backbone of the modern dating world, this nerd has found a much more interesting application for them: program analysis. This talk aims to demonstrate that graph databases and the typical program representations developed in compiler construction are a match made in heaven, allowing large code bases to be mined for vulnerabilities using complex bug descriptions encoded in simple, and not so simple graph database
queries.</abstract>
<description>This talk will bring together two well known but previously unrelated
topics: static program analysis and graph databases. After briefly
covering the &quot;emerging graph landscape&quot; and why it may be interesting for hackers, a graph representation of programs exposing syntax, control-flow, data-dependencies and type information is presented, designed specifically with bug hunting in mind. Our open-source program analysis platform Joern (http://mlsec.org/joern/) is then introduced, which implements these ideas and has been successfully used to uncover various vulnerabilities in the Linux kernel. Capabilities and limitations of the system will then be demonstrated live as we craft queries for buffer overflows, memory disclosure bugs and integer-related vulnerabilities.</description>
<persons>
<person id="5200">fabs</person>
</persons>
<links>
<link href="http://mlsec.org/joern">Joern Code Analysis Platform</link>
</links>
</event>
<event guid="1lKbMS92kS0J0pQAAO6XZA" id="6170">
<date>2014-12-28T21:45:00+01:00</date>
<start>21:45</start>
<duration>01:00</duration>
<room>Saal G</room>
<slug>31c3_-_6170_-_en_-_saal_g_-_201412282145_-_net_neutrality_days_of_future_past_-_rejo_zenger_-_thomas_lohninger</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>net neutrality: days of future past? </title>
<subtitle>Taking stock after two years of net neutrality in the Netherlands</subtitle>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>Our talk will highlight the current debates surrounding net neutrality in Europe, the United States and other parts of the world. We will look at the results of the &lt;a href=&quot;https://savetheinternet.eu&quot;&gt;SaveTheInternet.eu&lt;/a&gt; campaign which was lunched a year ago on 30c3. We will discuss various legal protections for net neutrality, look closer at the experience of the Netherlands and we will give an overview of all important open ends of the debate.</abstract>
<description>Since two years net neutrality is on the agenda of politicians world wide. These are important debates, as net neutrality became one of the central questions about our freedom on the internet. With different faces around the globe we see a trend towards more violations of the neutrality principle which the internet was founded upon. The efforts of telecommunication companies to find new ways to monetize their networks and us users within them are countered in some countries with legislation preventing this new business models.
In 2010, after two years of preparation and a fierce battle, the Dutch
parliament accepted a change to the Telecommunications Act which made net neutrality a principle that was protected by law. In this talk we will take stock after two years of legal protection of net neutrality in The Netherlands. Did it work and do the Dutch now have undiscriminated access to all services on the internet? Has the doomsday scenario of the providers, that subscriptions would become outrageously expensive, become reality? In which cases was the Dutch law enforced?
Are there any loopholes in the Dutch implementation? If others are to
fight for net neutrality, what are the pitfalls to avoid? And, on a more
meta-level, is it enough? Will net neutrality protect your freedom to
access websites and services, or do we need a broader type neutrality?</description>
<persons>
<person id="3699">Rejo Zenger</person>
<person id="4366">Thomas Lohninger</person>
</persons>
<links>
<link href="https://savetheinternet.eu">SaveTheInternet campaign</link>
<link href="https://netzfreiheit.org">Initiative für Netzfreiheit</link>
<link href="https://www.bof.nl">Bits of Freedom</link>
<link href="https://edri.org">European Digital Rights (EDRi)</link>
<link href="https://digitalegesellschaft.de">Digitale Gesellschaft</link>
</links>
</event>
<event guid="2f68e356-6c3f-4034-9640-c06d717ed96b" id="6558">
<date>2014-12-28T23:00:00+01:00</date>
<start>23:00</start>
<duration>01:00</duration>
<room>Saal G</room>
<slug>31c3_-_6558_-_de_-_saal_g_-_201412282300_-_traue_keinem_scan_den_du_nicht_selbst_gefalscht_hast_-_david_kriesel</slug>
<recording>
<license>CC BY 3.0</license>
<optout>false</optout>
</recording>
<title>Traue keinem Scan, den du nicht selbst gefälscht hast</title>
<subtitle>&quot;Bei Kopierern kommt das raus, was man reinsteckt.&quot; – Wer das denkt, sollte diesen Vortrag besuchen.</subtitle>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>de</language>
<abstract>Kopierer, die spontan Zahlen im Dokument verändern: Im August 2013 kam heraus, dass so gut wie alle Xerox-Scankopierer beim Scannen Zahlen und Buchstaben einfach so durch andere ersetzen. Da man solche Fehler als Benutzer so gut wie nicht sehen kann, ist der Bug extrem gefährlich und blieb lange unentdeckt: Er existiert über acht Jahre in freier Wildbahn.</abstract>
<description>Das gemeine ist, dass die gefälschten Zahlen perfekt in die gescannte Textseite hineinlayoutet sind. Das klingt so gemein wie unglaublich, es ist aber wahr (siehe Beispielbilder im Originalartikel-Link rechts). Der Bug existiert auf hunderttausenden Xerox-Scankopierern weltweit.
Die Problematik hat nichts mit OCR zu tun, die Zahlenersetzung passiert hart in den Pixeldaten. So ein perfekt getarntes Kompressionsartefakt kann ein Benutzer nicht sehen. Das ist lebensgefährlich, wenn man eine Autobahnbrücke oder eine Medikamentendosierung scannt oder die Lithiumakkus der Boing 787 vielleicht doch für die 767 gedacht waren.
Der Vortrag hat drei rote Fäden.
&lt;ul&gt;
&lt;li&gt;&lt;b&gt;Auseinandersetzung mit Xerox.&lt;/b&gt; In diesem Vortrag erzählt David auf unterhaltsame Weise, wie er diese Urgroßmutter aller Bugs entdeckt hat. Die Geschichte ging von seinem Blog aus durch die Weltpresse, was zu einem unterhaltsamen öffentlichen Schlagabtausch zwischen Xerox und ihm führte. Xerox musste einen Patch für einen riesigen Gerätepark liefern. Die Folgen von acht Jahren an subtil falschen Dokumentenproduktionen in zigtausenden Institutionen weltweit sind bis heute unabsehbar. &quot;Xerox Can Fix Number-Switching Scanners, but Not Altered Docs&quot;, titelte das Wirtschaftsmagazin &quot;Businessweek&quot; treffend.
&lt;li&gt;&lt;b&gt;Für die Aktivisten unter euch&lt;/b&gt; leitet David konkrete Regeln ab, wie man einen Großkonzern zum Handeln zwingt, und wie das für einen selbst aussieht. Er skizziert genau, wie er vorgegangen ist, wo er Angst hatte, und wo er aus seinen Fehlern lernen mußte.
&lt;li&gt;&lt;b&gt;Für die Verschwörungstheoretiker&lt;/b&gt; wird verraten, was der Bug mit Barack Obamas Geburtsurkunde zu tun hat.
&lt;/ul&gt;
&lt;b&gt;Spread the word! &lt;/b&gt; Aller Wahrscheinlichkeit nach existieren immer noch hunderttausende nummernvertauschende Scankopierer. Euer Kommen ist wichtig. </description>
<persons>
<person id="5240">David Kriesel</person>
</persons>
<links>
<link href="http://www.dkriesel.com/xerox">Originalartikel; genaue Beschreibung der Story samt Timeline und Bildern</link>
</links>
</event>
</room>
<room name="Saal 6">
<event guid="hnRe8t6JYI_8PYnFh-dsug" id="6084">
<date>2014-12-28T11:30:00+01:00</date>
<start>11:30</start>
<duration>01:00</duration>
<room>Saal 6</room>
<slug>31c3_-_6084_-_en_-_saal_6_-_201412281130_-_uncaging_microchips_-_peter_laackmann_-_marcus_janke</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Uncaging Microchips</title>
<subtitle>Techniques for Chip Preparation</subtitle>
<track>Security &amp; Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>An entertaining, thrilling and educational journey through the world of chip preparation. Deep insight into amateur- as well as professional methods and equipment is given, for the first, most important steps for analysis and attacks on dedicated hardware.</abstract>
<description>Marcus Janke and Dr. Peter Laackmann focus on the first challenge a smart card hacker would encounter – the appropriate preparation of a microchip from its environment for further analysis and attacks.
The direct sight on microchips, especially on their secured variants, is not only impressive and informative, but will also open up interesting opportunities for various security attacks, like demonstrated in their 30C3 overview &quot;25 Years of Smart Card Attacks&quot;.Therefore, useful ways of releasing the chips from their packages are needed in order to get access to the chip's surface without destroying the device.
The authors open up their bag of tricks, filled with physical and chemical methods that can be used to carefully liberate the silicon from its environment. These packages include smart cards, tags as well as standard packages for microcontrollers and special enclosures.
Creative methods for amateurs and inexpensive ways for &quot;domestic use&quot; are depicted, including the manufacture of specialized devices and the production of dedicated preparation chemicals. For comparison, professional methods are presented in parallel, giving insight into today's industrial processes of chip preparation for reverse engineering.
The authors look back to over 25 years of private security research and nearly 20 years of professional engagement. They held their first chipcard talks and workshops 1991-93 at the CCC congress in the Eidelstädter Bürgerhaus.</description>
<persons>
<person id="4262">Peter Laackmann</person>
<person id="4408">Marcus Janke</person>
</persons>
<links/>
</event>
<event guid="Fj7J1P7FKCiWEl7lIaDaXg" id="6244">
<date>2014-12-28T12:45:00+01:00</date>
<start>12:45</start>
<duration>01:00</duration>
<room>Saal 6</room>
<slug>31c3_-_6244_-_de_-_saal_6_-_201412281245_-_serenitat_anleitung_zum_glucklichsein_-_elektra_-_andrea_behrendt_-_read_delete</slug>
<recording>
<license>CC-BY-3.0</license>
<optout>false</optout>
</recording>
<title>Serenität – Anleitung zum Glücklichsein</title>
<subtitle>Das Duo 'read &amp; delete' präsentiert radikale philosophische Texte mit musikalischer Begleitung</subtitle>
<track>Art &amp; Culture</track>
<type>other</type>
<language>de</language>
<abstract>Die radikalen philosophischen Texte von Elektra W. haben das Ziel - seien wir offen und direkt - einen Headcrash des Ich-Erlebens herbeizuführen, das sich im Laufe unserer Enkulturation und Erziehung im Vorderlappen des Großhirns breit gemacht hat. </abstract>
<description>'Echtes Denken ist eine Sache, die das Gehirn selbständig per Autopilot erledigt.'
Der Vortrag bringt Texte aus dem Buch 'Serenität – Anleitung zum Glücklichsein' der Edition 'Operation Mindcrash' zum Klingen. Elektra trägt die Texte vor, während Andi B. auf dem Keyboard dazu improvisiert. Durch die Kombination von Text und Musik kann man entspannt zuhören und sich dabei in eine heitere, gelassene Stimmung versetzen lassen.
Serenität – ein deutsches Wort, dass vermutlich aus der französischen Sprache übernommen wurde, ist heute vergessen. Es passt auch gar nicht so recht zur deutschen Mentalität. Überliefert ist, dass im 18. Jahrhundert im deutschen Sprachraum Personen höchsten Respekts als 'Ihre Serenität' angesprochen wurden, im Sinne von 'Ihre Erhabenheit' oder 'Durchlaucht'. Im Französischen und Englischen ist der Begriff dagegen geläufiger und bedeutet Heiterkeit, Gelassenheit, Erhabenheit, Klarheit, innere Ruhe, Frieden mit sich selbst.
Hinter dem Buch steckt eine radikale materialistische Philosophie über das Gehirn und das Denken. Es geht um - oder besser gegen – die innere Narration der eigenen Heldengeschichte, durch die viele Menschen heute Ordnung in ihr inneres Erleben bringen wollen, indem sie sich selbst in ihrem Kopf eine Fabel, das Märchen ihres Lebens erzählen.
Der Vortrag geht an die Wurzel des Strukturmodells der menschlichen Psyche. Assoziationen mit dem Science-Fiction-Klassiker 'Snowcrash' von Neal Stephenson sind nicht ganz zufällig, aber nicht beabsichtigt. Wer Angst davor hat, dass sich in seinem Leben etwas ändert, sollte diesem Programm besser nicht beiwohnen.
Zu Wort kommen auch Franz Kafka, Friedrich Hölderlin, Epikur, Julien Offray de La Mettrie, Jiddu Krishnamurti und Max Stirner. Vor allem letzterer hat es Elektra angetan. Über Stirner haben einige Philosophen gesagt, dass der Untergang des Menschengeschlechtes bevor stünde, wenn sich seine Gedanken gegen die Entfremdung der Menschen verbreiten würden.
Um Kopfschmerzen oder Schlimmeres zu vermeiden, sollte man nicht über den Inhalt des Vortrags nachdenken. Echtes Denken ist eine Sache, die das Gehirn selbständig per Autopilot erledigt. Machen Sie sich daher keine Sorgen! Nur echtes Denken hilft in Zeiten der Krise!
</description>
<persons>
<person id="1281">Elektra</person>
<person id="5273">Andrea Behrendt - read &amp; delete</person>
</persons>
<links>
<link href="http://read-and-delete.elektrad.info/de/index.html">Read and Delete:</link>
<link href="http://read-and-delete.elektrad.info/download/Read_And_Delete-Live_vom_5ten_Weltkongress_der_hedonistischen_Internationale/10-Achtsamkeit.mp3">Audio:</link>
<link href="http://side-ways.net/portrait1_de/">Web-Portrait über Elektra Wagenrad bei Side-ways.net:</link>
</links>
</event>
<event guid="JhCUm-jQqCMx_jDfrzH24Q" id="6162">
<date>2014-12-28T14:00:00+01:00</date>
<start>14:00</start>
<duration>01:00</duration>
<room>Saal 6</room>
<slug>31c3_-_6162_-_en_-_saal_6_-_201412281400_-_programming_with_dependent_types_in_idris_-_raichoo</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>Programming with dependent types in Idris</title>
<subtitle/>
<track>Science</track>
<type>lecture</type>
<language>en</language>
<abstract>Idris is a relatively young research programming languages that attempts to bring dependent types to general purpose programming. In this talk I will introduce the concept of dependent types and the Curry-Howard isomorphism and how these can be applied to prove properties about software and eradicate whole classes of bugs and security issues.</abstract>
<description>Building robust software is a hard task these days. As software gets more complex it gets increasingly hard to reason about it, this leads to a larger attack surface for bugs and security flaws.
Some of these bugs can be completely eliminated with the introduction of type systems that keep our values at runtime in check. Type systems are in fact the most widespread mechanism to verify correctness properties of programs, with dependent types we take this to the next level.
While most dependently typed systems (e.g. Coq and Agda) aim to be proof assistants rather than programming languages. Idris tries to answer the question how a general purpose programming language with dependent types could look like, it also enables us to produce self contained binaries as well as JavaScript applications today.
In this talk I will introduce techniques for programming with dependent types as well as interaction with the programming language itself. Examples will present resource tracking in the type system e.g. tracking file handles and yielding compilation errors on resource leaks, modeling specifications of protocols as types and enforcing them.
I argue that functional programming and dependently typed programming languages provide various exciting opportunities to the programmer, including a powerful mental model, compositionality and machine assisted programming through interactive editing capabilities. The presentation software for this talk will be a web application written in Idris which compiles to JavaScript using a compiler backend written by the lecturer.</description>
<persons>
<person id="3518">raichoo</person>
</persons>
<links>
<link href="https://github.com/idris-hackers/IdrisScript">IdrisScript</link>
<link href="https://github.com/raichoo/strangegroup-idris-June2014.">StrangeGroup Talk code examples</link>
</links>
</event>
<event guid="2yBK0TAIqddmCWa1MJUNQQ" id="6265">
<date>2014-12-28T16:00:00+01:00</date>
<start>16:00</start>
<duration>00:30</duration>
<room>Saal 6</room>
<slug>31c3_-_6265_-_en_-_saal_6_-_201412281600_-_the_automobile_as_massive_data_gathering_source_and_the_consequences_for_individual_privacy_-_jimmy_schulz_-_dr_rudiger_hanig</slug>
<recording>
<license/>
<optout>false</optout>
</recording>
<title>The automobile as massive data gathering source and the consequences for individual privacy</title>
<subtitle>The next big privacy heist</subtitle>
<track>Ethics, Society &amp; Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>We report about a LOAD e. V. study regarding data collection of cars, future developments of this technology field, how this data is accessed and secured and what the stakeholders (car manufacturers, car owners and users) positions are on this data gathering. In a summary we outline necessary consequences.</abstract>
<description>We present a LOAD-study regarding car data. Aspects within the study are:
- Car data gathering today and expected developments,
- Data security and privacy of this data,
- Car manufacturers position regarding data ownership and access to this data,
- Survey results regarding current knowledge and understanding of car data gathering from car owners and users.
Aim of the study is to highlight current issues with car data gathering and outlining necessary consequences.
Über LOAD e. V. :
Das Internet ist ein Versprechen von Freiheit. LOAD ist der Zusammenschluss von Menschen, die sich gemeinsam für den Schutz dieser Freiheit einsetzen. LOAD ist Denkfabrik und Interessenvertretung und fördert die aktuellen und zukünftigen Netzbürgerinnen und Netzbürger bei der Verwirklichung ihrer Grundrechte. Wir werden den gesellschaftlichen digitalen Wandel konstruktiv unterstützen. Unsere Grundwerte sind Freiheit, Eigenverantwortung und das vorurteilsfreie Interesse an Neuerungen.</description>
<persons>
<person id="5017">Jimmy Schulz</person>