35th Chaos Communication Congress

Voltron 3.1 2.1 1.5 MemoryRefreshV1.3 1.2.4 35c3 35th Chaos Communication Congress 2018-12-27 2018-12-30 4 00:10 https://fahrplan.events.ccc.de/congress/2018/Fahrplan/ https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9985.html 2018-12-27T11:00:00+01:00 11:00 00:30 Adams 35c3-9985-opening_event Opening Event 35C3: Refreshing Memories CCC lecture de Hier geht es los. false rufus rixx https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10021.html 2018-12-27T11:30:00+01:00 11:30 01:00 Adams 35c3-10021-the_precariat_a_disruptive_class_for_disruptive_times The Precariat: A Disruptive Class for Disruptive Times. Why and How the Precariat will define the Global Transformation to save our planet. Ethics, Society & Politics lecture en The combination of the ongoing technological revolution, globalisation and what are usually called 'neo-liberal' economic policies has generated a global system of rentier capitalism in which property rights have supplanted free market principles and in which a new global class structure has taken shape. The 20th century income distribution system has broken down irretrievably, and a new mass class, the precariat has been growing dramatically fast in every part of the world. What are the deeper reasons for these developments? How does an ecologically sustainable strategy look like? Is it possible to restore a balanced market economy in which inequalities and insecurities will lessen and in which the drift to populist and even neo-fascist politics will be reversed? This talk will try to provide answers. false Guy Standing https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9917.html 2018-12-27T12:50:00+01:00 12:50 01:00 Adams 35c3-9917-election_cybersecurity_progress_report Election Cybersecurity Progress Report Will the U.S. be ready for 2020? Ethics, Society & Politics lecture en Recent attacks against elections in the U.S. and Europe demonstrate that nation-state attackers are becoming more aggressive, even as campaigning and voting are becoming increasingly reliant on computers. How much has changed since 2016, when the U.S. experienced unprecedented attacks on its election infrastructure? What has to happen to ensure that the 2020 presidential election is secure? In this talk, I'll give a progress report on election security in the U.S. and around the world, informed by results from my own research and my work with legislators and election officials over the past two years. I'll also hold a mock election with a current U.S. voting machine to demonstrate how cyberattacks on election infrastructure could potentially change the results of national elections. Finally, I'll explain what everyone can do to get involved and help safeguard the foundations of democracy. Strengthening election cybersecurity is essential for safeguarding democracy. For over 15 years, I and other computer scientists have been warning about the vulnerable state of election security, but attacks against recent elections in the U.S. and Europe demonstrate that sophisticated attackers are becoming more aggressive, even as campaigning and voting become increasingly reliant on computers. Since 2016, I’ve been working with election officials and members of congress to strengthen election cybersecurity. In this talk, I’ll give a progress report about what’s happened since then and what still needs to happen to secure future elections. While many U.S. states have made progress at securing some aspects of their election infrastructure, and Congress provided $380M in new funding to the strengthen elections, significant vulnerabilities remain that put the integrity of future elections at risk. To demonstrate the ongoing threat, I’ll hold a mock election on stage with a real U.S. voting machine still used in 18 states, and show how remote attacks could potentially affect the outcome of a close national contest. Finally, I’ll explain how defenses developed by researchers over the past decade could provide practical and cost-effective safeguards. Unfortunately, they have yet to be widely deployed due to a lack of resources and political leadership. I’ll describe legislative efforts in the U.S. and other countries that could, if successful, go a long way to making elections secure. I’ll also explain what technologists and other concerned humans can do to help secure elections at all levels. false J. Alex Halderman Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9647.html /system/events/logos/000/009/647/large/rems_logo.png?1542841646 2018-12-27T14:10:00+01:00 14:10 01:00 Adams 35c3-9647-taming_the_chaos_can_we_build_systems_that_actually_work Taming the Chaos: Can we build systems that actually work? Possible paths from today's ghastly hackery to what computing should be Resilience lecture en We rely on mainstream computer engineering every day, but it's insanely complex, poorly understood, unreliable, and, as CCC reminds us every year, chronically insecure. This talk will explain some ways that we can do better: taming parts of this this chaos with precise understanding - illustrated with disturbing facts and clean models for current architectures and the C language, from the <a href="https://www.cl.cam.ac.uk/~pes20/rems/">REMS</a> project, and principled but pragmatic new alternatives, that build in more hardware and software security protection,as developed in the <a href="https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/">CHERI</a> project. Computing has been massively successful, and we routinely trust computer systems with our personal, financial, medical, commercial, and governmental information. But at the same time, these systems are pervasively prone to security flaws and subject to malicious attacks. We have to trust them, but they are not *trustworthy*. There are two root causes. First, the pan-industry computing infrastructure, of processors, programming languages, and operating systems, is based on designs from a more forgiving time, with simpler systems and little incentive to design-in strong security protection. Second, the conventional engineering techniques we use (prose specifications, manually written tests, and test-and-debug development) are good enough to make systems work in common cases, but cannot exclude all errors - and a single coding error can lead to a devastating exploit. Are we doomed? Perhaps not. This talk will highlight the sorry state of the art and then draw on cutting-edge research, from the University of Cambridge, SRI International, ARM, and other partners, to show some ways we can do better. First, we'll show how it's become possible to build and use rigorous models for key existing interfaces to improve engineering: for the ARMv8-A and RISC-V architectures, and the C language, in the <a href="https://www.cl.cam.ac.uk/~pes20/rems/">REMS</a> project. Then we'll describe a principled but pragmatic path to build in more hardware and software security protection to future systems, as developed in the <a href="https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/">CHERI</a> project. These are joint work by many people over the last 10 years. false Peter Sewell REMS CHERI Sail ISA Description Language and Models Cerberus C Semantics https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9491.html /system/events/logos/000/009/491/large/logo.svg.png?1538557991 2018-12-27T16:10:00+01:00 16:10 00:40 Adams 35c3-9491-hunting_the_sigfox_wireless_iot_network_security Hunting the Sigfox: Wireless IoT Network Security Dissecting the radio protocol of Sigfox, the global cellular network for the IoT you have probably never heard of Hardware & Making lecture en <a href="https://www.sigfox.com/">Sigfox</a> is an emerging low-power wide-area network (LP-WAN) technology for IoT devices, comparable to <a href="https://lora-alliance.org/">LoRa</a>. This talk recounts my analysis of Sigfox's radio protocol and presents an open reference implementation of an alternative Sigfox protocol stack. It confirms that while Sigfox ensures authenticity and integrity, transmitted payloads are not confidential. This presentation is targeted at a technical audience with some basic knowledge of cryptography (security goals, AES), but no knowledge in RF technology (modulation, scrambling, error correction) is required. Sigfox can be compared to a cellular network, but for mostly battery-powered IoT devices that don't need to transmit much data. While <a href="https://www.etsi.org/deliver/etsi_gs/LTN/001_099/003/01.01.01_60/gs_LTN003v010101p.pdf">some</a> <a href="https://www.sigfox.com/en/sigfox-iot-technology-overview">sparse</a> <a href="https://tools.ietf.org/html/draft-zuniga-lpwan-sigfox-system-description-04">details</a> on Sigfox's architecture and <a href="https://www.sigfox.com/sites/default/files/1701-SIGFOX-White_Paper_Security.pdf">its security</a> have been published and <a href="https://www.disk91.com/2017/technology/sigfox/the-sigfox-radio-protocol/">some basic reverse engineering has been carried out</a>, most of the protocol specifications remain proprietary and closed, so by now, no independent security audit was performed. Advertised use cases of Sigfox include air quality monitoring, weather stations, utilities metering and tracking farm animals. In this talk, I illustrate why these applications are fine, but why one might not want to track a money transporter with Sigfox or base a home alarm system on it. The Sigfox network is very atypical, with uplink and downlink based on different physical layers. After a short introduction, I begin the presentation by taking a deep dive into Sigfox's radio protocol with a focus on its Security. Basics of radio technology (SDRs, ultra-narrow band (UNB) modulation, SRD bands) and techniques for analyzing protocols are briefly summarized and the uplink's and downlink's frame structures are presented. Subsequently, I show how a radio sniffer that has captured Sigfox messages can extract the uplink's and downlink's contents. While the uplink's payload is already contained in plaintext, the downlink is scrambled, but I indicate how the downlink's pseudorandom whitening sequence used for scrambling can be generated or brute-forced by an eavesdropper. Moreover, I outline attacks that could even compromise Sigfox's authenticity checking. Finally, I provide some suggestions on how to improve Sigfox's security. The reference implementation of an alternative Sigfox protocol stack "librenard" that was created as part of this work as well as reconstructed protocol specifications detailing the uplink and significant portions of the downlink protocol will be published immediately after this talk. false Florian Euchner (Jeija) https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9386.html /system/events/logos/000/009/386/large/i2DL.jpg?1544387802 2018-12-27T17:10:00+01:00 17:10 00:40 Adams 35c3-9386-introduction_to_deep_learning Introduction to Deep Learning Science lecture en This talk will teach you the fundamentals of machine learning and give you a sneak peek into the internals of the mystical black box. You'll see how crazy powerful neural networks can be and understand why they sometimes fail horribly. Computers that are able to learn on their own. It might have sounded like science-fiction just a decade ago, but we're getting closer and closer with recent advancements in Deep Learning. Or are we? In this talk, I'll explain the fundamentals of machine-learning in an understandable and entertaining way. I'll also introduce the basic concepts of deep learning. With the current hype of deep learning and giant tech companies spending billions on research, understanding how those methods works, knowing the challenges and limitations is key to seeing the facts behind the often exaggerated headlines. One of the most common applications of deep learning is the interpretation of images, a field that has been transformed significantly in recent years. Applying neural networks to image data helps visualising and understanding many of the faults as well as advantages of machine learning in general. As a research scientist in the field of automated analysis of bio-medical image data, I can give you some insights into these as well as some real-world applications. false teubi Nussschale Podcast Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10011.html 2018-12-27T18:10:00+01:00 18:10 00:40 Adams 35c3-10011-hackerethik_-_eine_einfuhrung Hackerethik - eine Einführung Verantwortung und Ethik beim schöpferisch-kritischen Umgang mit Technologie Ethics, Society & Politics lecture de Die Hackerethik ist die Grundlage für den Umgang mit den diversen ethischen Problemen, die sich beim schöpferisch-kritischen Umgang mit Technologie (auch "hacking" genannt) stellen. Die Hackerethik ist die Grundlage für den Umgang mit den diversen ethischen Problemen, die sich beim schöpferisch-kritischen Umgang mit Technologie (auch "hacking" genannt) stellen. Sie bietet Anhaltspunkte für die alltäglichen Fragestellungen und Probleme, die aufkommen, wenn man Technologie anders benutzt, als der Hersteller es sich gedacht hat, wenn man Lücken in Systemen findet und ausnutzt oder über Berge von persönlichen Daten stolpert. Dieser Talk gibt eine Einführung in die verschiedenen Aspekte der Hackerethik und regt zum Nachdenken über die ethischen Fragen an, die sich Menschen mit speziellen Fähigkeiten und Fertigkeiten stellen, wenn sie ihren Neigungen nachgehen. false frank https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9545.html 2018-12-27T19:10:00+01:00 19:10 00:40 Adams 35c3-9545-venenerkennung_hacken Venenerkennung hacken Vom Fall der letzten Bastion biometrischer Systeme Security lecture de Die Venenerkennung ist eine der letzten Bastionen biometrischer Systeme, die sich bisher der Eroberung durch Hacker widersetzt hat. Dabei ist sie ein lohnendes Ziel, schützt sie doch Bankautomaten und Hochsicherheitsbereiche. In diesem Talk machen wir die Verteidigungsanlagen dem Erdboden gleich. Seit Jahrzehnten vor allem im asiatischen Raum eingesetzt sind bisher keine ernsthaften Versuche bekannt Venenerkennungssysteme zu üeberwinden. Neben dem Mythos der Hochsicherheit sind vor allem die, unsichtbar im Körper gelegenen Merkmale dafür verantwortlich. In diesem Talk werden wir zeigen, mit welch geringem Aufwand man an die "versteckten" Venenbilder gelangen kann und wie, auf Grundlage dieser, Attrappen gebaut werden können, welche die Systeme der beider grosser Hersteller überwinden. false starbug Julian slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10016.html 2018-12-27T20:50:00+01:00 20:50 01:00 Adams 35c3-10016-g10_bnd-gesetz_und_der_effektive_schutz_vor_grundrechten G10, BND-Gesetz und der effektive Schutz vor Grundrechten Die strategische Fernmeldeüberwachung des BND vor dem Bundesverfassungsgericht Ethics, Society & Politics lecture de Der Vortrag behandelt die Klage des Internetknotens DE-CIX gegen die strategische Fernmeldeüberwachung des BND vor dem Bundesverwaltungsgericht in Leipzig, was wir aus dem Urteil über den Rechtsschutz der Bürger lernen können und wieso der Fall nun das Bundesverfassungsgericht in Karlsruhe beschäftigt. false Klaus Landefeld Präsentation https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9992.html 2018-12-27T22:10:00+01:00 22:10 01:00 Adams 35c3-9992-all_your_gesundheitsakten_are_belong_to_us All Your Gesundheitsakten Are Belong To Us "So sicher wie beim Online-Banking": Die elektronische Patientenakte kommt - für alle. Security lecture de Plötzlich geht alles ganz schnell: Online-Behandlungen und elektronische Gesundheitsakten sind dieses Jahr für Millionen Krankenversicherte Wirklichkeit geworden. Zu einem hohen Preis: Bereits einfache Angriffe lassen das Sicherheitskonzept der Apps und Plattformen zusammenbrechen. Warum das so ist, welche kritischen Fehler Vivy & Co. gemacht haben und wie das möglicherweise verhindert werden kann, das soll dieser Vortrag zeigen - denn in spätestens drei Jahren sollen auch die Gesundheitsdaten aller übrigen Versicherten zentral gespeichert und online abrufbar sein. Die elektronische Gesundheitskarte ist gescheitert. Stattdessen kommt jetzt die elektronische Patientenakte: In spätestens drei Jahren sollen die Befunde, Diagnosen, Röntgenbilder und Rezepte aller gesetzlich Krankenversicherten online und zentral gespeichert verfügbar sein. Schon heute können Millionen Versicherte eine solche Lösung nutzen und, wie Gesundheitsminister Jens Spahn fordert, "auch auf Tablets und Smartphones auf ihre elektronische Patientenakte zugreifen". Zeitgleich zur elektronischen Patientenakte steht die Onlinebehandlung vor der Tür: Das Fernbehandlungsverbot wurde vor wenigen Monaten gekippt, und schon heute können sich Millionen Versicherte ausschließlich online behandeln lassen. Nach Jahren des Wartens geht dabei alles ganz schnell. "Diese Maßnahmen dulden keinen Aufschub", sagt Spahn. Und macht uns alle damit zu Beta-Testern in Sachen Gesundheit. Mit fatalen Folgen: Unsere streng vertraulichen Gesundheitsdaten liegen für alle sichtbar im Netz. In diesem Vortrag zeige ich an fünf konkreten Beispielen, welche fahrlässigen Entscheidungen die Online-Plattformen und Apps der Anbieter aus dem Bereich Gesundheitsakte und Telemedizin so angreifbar machen und demonstriere, wie einfach der massenhafte Zugriff auf unsere vertraulichen Gesundheitsdaten gelang. Zur Debatte steht, was angesichts dieser neuen alten Erkenntnisse zu tun ist - und was wir besser bleiben lassen. false Martin Tschirsich https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10015.html /system/events/logos/000/010/015/large/polizeiRun.jpg?1544462653 2018-12-27T23:30:00+01:00 23:30 01:00 Adams 35c3-10015-polizeigesetze Polizeigesetze Endlich viele neue Gründe zu demonstrieren Ethics, Society & Politics lecture de Heimatminister Horst Seehofer und seine Amtskollegen in den Ländern erweitern die Rechte der Polizeien und planen ein „Musterpolizeigesetz“. Damit handelten sie sich die größten Proteste gegen Überwachungsvorhaben seit Jahren ein. Wir geben nicht nur einen Überblick über die zahlreichen Neuregelungen der Polizeigesetze in den Bundesländern, sondern berichten auch aus den Anhörungen in den Landtagen und von den Stellungnahmen. Wir erklären, was in den neuen Gesetzen steht und welche rechtlichen und technischen Grenzüberschreitungen wir zu kritisieren haben. Und wir haben ein paar Forderungen. false Marie Bröckling Constanze Kurz Berichterstattung zu den Polizeigesetzen bei netzpolitik.org https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9506.html 2018-12-28T00:40:00+01:00 00:40 01:00 Adams 35c3-9506-freude_ist_nur_ein_mangel_an_information Freude ist nur ein Mangel an Information Ein Demotivationsworkshop zur politischen Lage. Entertainment lecture de Nico Semsrott hat in Zeiten des globalen Rechtsrucks den überflüssigsten Job der Welt: Er ist Demotivationstrainer. Mit Powerpointpräsentationen und viel Pessimismus schafft er es, komplexe Themen zu vereinfachen, ohne dabei auf alternative Fakten zurückgreifen zu müssen. Politisch gesehen ist zwar alles aussichtslos. Aber wenn man schon aufgibt, kann man man genauso gut auch das Resignieren aufgeben. Deswegen kandidiert Nico auf Platz 2 der Europaliste der Partei Die PARTEI. Um dann in Brüssel als Kommissionspräsident die Demokratie in Europa einzuführen. Notfalls gegen den Willen der Bürgerinnen und Bürger. false Nico Semsrott https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9607.html /system/events/logos/000/009/607/large/500px-Move_protect.svg.png?1539423571 2018-12-27T11:30:00+01:00 11:30 01:00 Borg 35c3-9607-the_rocky_road_to_tls_1_3_and_better_internet_encryption The Rocky Road to TLS 1.3 and better Internet Encryption Security lecture en Since a few months we have a new version of TLS, the most important encryption protocol on the Internet. From the vulnerabilities that created the need of a new TLS version to the challenges of deploying it due to broken devices this talk will give an overview of the new TLS 1.3. In August the new version 1.3 of the Transport Layer Security (TLS) protocol was released. It‘s the result of a process that started over four years ago when it became increasingly clear that previous TLS versions suffered from some major weaknesses. In many ways TLS 1.3 is the biggest step ever done in the history of TLS and its predecessor SSL. While previous TLS versions always tried to retain compatibility and not change too many things, the new version radically removes problematic and insecure constructions like static RSA key exchanges, fragile CBC/HMAC constructions and broken hash functions like MD5 and SHA1. As a bonus TLS 1.3 comes with a reworked handshake that reduces the number of round-trips and thus provides not just more security, but also better performance. If that sounds too good to be true: An optional, even faster mode of TLS 1.3 – the zero round trip or 0RTT mode – makes some security researchers worried, because they fear it introduces new security risks due to replay attacks. Though the road to TLS 1.3 was complicated. The Internet is a buggy place and particularly Enterprise devices of all kinds – middleboxes, TLS-terminating servers and TLS-interception devices – slowed down the deployment and finalization of the new encryption protocol. Also some banks thought that TLS 1.3 is too secure for them. The talk will give an overview of the developments that led to TLS 1.3, the major changes it brings, the challenges it had to face and some practical advice for deployment. false hanno TLS 1.3 is here Why TLS 1.3 isn’t there yet TLS 1.3: Die Zukunft der Netzverschlüsselung The Rocky Road to TLS 1.3 - Slides Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9904.html 2018-12-27T12:50:00+01:00 12:50 01:00 Borg 35c3-9904-the_social_credit_system "The" Social Credit System Why It's Both Better and Worse Than We can Imagine Ethics, Society & Politics lecture en The Chinese Social Credit System (SCS) has been discussed a lot in Western media. However, we do not know currently how the system that is supposed to take nationwide effect by 2020 will look like, as there are more than 70 pilot projects currently undertaken. These pilots rank from commercial royalty and rewards programs (Sesame Credit) to an Orwellian system, where each action has a predetermined associated score (Rongcheng). In-between, there’s nebulous algorithmic systems that basically act as a Black Box (Honesty Shanghai). This talk, therefore, looks at some of these pilots and their implementation details, and through an agent-based modeling framework, discusses the likely effects of different implementations. In doing so, it shows that most of the systems currently being tested are prone to manipulation by leaders from all levels of government, and that the ostensible goal of allocating scarce resources more efficiently is unlikely to be served by the new system(s). The author, Antonia Hmaidi, is a PhD candidate in East Asian Economics with a focus on China. She presented a talk on the impact of internet censorship at the 33C3. This talk’s goal is to provide those interested with a technically-grounded understanding of “the” Chinese social credit system and its possible impact on Chinese society and economy. In doing so, it seeks to provide a more nuanced picture than is usually presented in either Chinese or Western media. Working on data science and machine learning in her free time allows the author to better understand the algorithms comprising “the” social credit system. false Toni https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9877.html /system/events/logos/000/009/877/large/cp.png?1539636113 2018-12-27T14:10:00+01:00 14:10 01:00 Borg 35c3-9877-censored_planet_a_global_censorship_observatory Censored Planet: a Global Censorship Observatory Resilience lecture en Six years ago the idea behind CensoredPlanet started, that is now launched at censoredplanet.org. We had a simple (yet essential) guiding principle: measurements that may be politically sensitive should be done without volunteer participation. In this talk, besides a detailed scientific overview of the techniques and the current state of CensoredPlanet, I plan to talk about my experience in developing the project from the ground up. Despite the pervasive nature of Internet censorship and the continuous evolution of how and where censorship is applied, measurements of censorship remain comparatively sparse. Current censorship projects, including OONI, depend on participants within countries to help them collect measurements. While these projects are valuable, we have empirically seen that there are issues relating to continuity in terms of measurement, coverage of the geographical area, and ethical dilemmas when user participation is a requirement. Censored Planet use tens of thousands of *remote infrastructural and organizational vantage points* from over 170 countries to conduct it’s measurements, thereby removing the need for user participation. This allows us to regularly measure Internet disruptions over a longer period of time in significantly more countries in a safer way. The research we conduct at Censored Planet provides unique insights and data points on Internet disruptions. This information is extremely valuable to researchers in diverse fields from political science to computer science as well as to activists and journalists living and operating in countries where Internet disruptions are prevalent. By making our data easily accessible to the public, we aim to encourage future research in the field. Link to our data: https://censoredplanet.org/data/raw. false Roya Ensafi Censored Planet: a Global Censorship Observatory Presentation Slides file https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10005.html 2018-12-27T16:10:00+01:00 16:10 01:00 Borg 35c3-10005-how_does_the_internet_work How does the Internet work? An explanation of Inter-Net and everyday protocols Resilience lecture en This Foundations talk explains the systems and protocols that make up the Internet, starting from a laptop with a Wi-Fi connection. No particular technical knowledge required. Many consider "the Internet" a utility similar to electricity - and that's a great attitude! - but for most, "the Internet" only means access to a few centralized services offered by mega-corporations "for free", around which people build their entire social and professional lives. Come along for a look behind the scenes of all those fancy websites, let's go through what the Internet actually is! Knowing the difference between the network and services reachable through the network is perhaps more important than ever, because if we implicitly give service providers all the power by never asking for a public, utility-like network then that's the end of the Internet as we know it. Key word: Net neutrality. So in this talk we will discover the network. In simple terms and without too much technical detail we'll start out with the "atom" of networks the packet, then cover the fundamental Internet Protocol (IPv4-only for simplicity), we'll try to answer what is a network? - not obvious it turns out, we'll look at where do IP addresses come from? and then we'll move on to the Internet cornerstone that is routing. We'll approach routing from the perhaps most well-known router - the wireless home router - and then look at how similar or dissimilar routers on the Internet are to that home router, leading us to a look at the routing protocol which constantly determines how our packets flow throughout the world. Those are the basic building blocks of the Internet. Now for some delicious alphabet soup! We'll take a step toward applications and compare UDP, TCP and SCTP, which are all used together with IP for most if not all end-user Internet communication. Finally, we'll arrive at the most common applications, looking into how DNS (domain names), SMTP (sending email) and HTTP (web) work. All of this is actually surprisingly simple and surprisingly old. None of it was built to be secure. The goal is that you will gain an understanding of the structure of the Internet, that you will be able "see through" the browser, email client and web service facades, because now you know what's going on behind the scenes, and everything that's actually possible with a public utility network - far more than centralized consumption/you-are-our-product services. false Peter Stuge Presentation slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9563.html /system/events/logos/000/009/563/large/wallet.fail.png?1539543982 2018-12-27T17:30:00+01:00 17:30 01:00 Borg 35c3-9563-wallet_fail wallet.fail Hacking the most popular cryptocurrency hardware wallets Security lecture en In this presentation we will take a look at how to break the most popular cryptocurrency hardware wallets. We will uncover architectural, physical, hardware, software and firmware vulnerabilities we found including issues that could allow a malicious attacker to gain access to the funds of the wallet. The attacks that we perform against the hardware wallets range from breaking the proprietary bootloader protection, to breaking the web interfaces used to interact with wallets, up to physical attacks including glitching to bypass the security implemented in the IC of the wallet. Our broad look into several wallets demonstrates systemic and recurring issues. We provide some insight into what needs to change to build more resilient hardware wallets. Hardware wallets are becoming increasingly popular and are used to store a significant percentage of the world’s cryptocurrency. Many traders, hedge funds, ICOs and blockchain projects store the entirety of their cryptocurrency on one or very few wallets. This means that users of hardware wallets store tens of millions of euros of cryptocurrency on small USB peripherals that costs only a few euros to manufacture. Moreover, many users that trade and speculate in cryptocurrency interact, update, and generate transactions using their hardware wallets on a daily basis. In this talk we look at the good, the bad and the ugly of hardware wallet security: We will walk through the different architectures of the wallets, look at the different attack vectors and talk about the challenges of building secure hardware before diving in deep finding vulnerabilities in the different wallets. The vulnerabilities we will present range from vulnerabilities that can be fixed in a firmware upgrade, to bugs that will require a new hardware revision, up to attacks on the microcontrollers themselves, requiring new silicon to be fixed. Some of the (most entertaining) vulnerabilities will be demonstrated live on stage. <h2>Classes of Vulnerabilities we will look at</h2> Firmware Vulnerabilities Firmware vulnerabilities are vulnerabilities affecting the software that runs on the hardware wallet. Since most wallets provide update mechanisms this class of bug can be patched in a future firmware release. Software Vulnerabilities Software vulnerabilities are vulnerabilities affecting the host software that runs on the PC or smartphone and communicates with the hardware wallet. Since most wallets provide update mechanisms this class of bug can be patched in a future release of the host software Hardware Vulnerabilities Hardware vulnerabilities are vulnerabilities affecting the device hardware of the hardware wallet. Hardware vulnerabilities are generally incorrectly set configurations of the hardware either during manufacturing or by the firmware. If the configuration is set by firmware these vulnerabilities can be patched in a future firmware release. Otherwise, they are unlikely to be fixed by the vendor. Physical Vulnerabilities Physical vulnerabilities are vulnerabilities affecting the hardware design of the hardware wallet. Once the device has been manufactured, hardware vulnerabilities cannot be mitigated and can only be fixed in a future hardware revision of the device. This class of vulnerabilities is unlikely to be fixed by the vendor. Architectural Vulnerabilities Architectural vulnerabilities are vulnerabilities affecting the overall architecture of the hardware wallet. These are inherent design flaws in the device and can only be fixed in a major hardware revision, i.e. a new version of the device. This class of vulnerabilities is unlikely to be fixed by the vendor. false Thomas Roth Dmitry Nedospasov Josh Datko wallet.fail website https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9766.html /system/events/logos/000/009/766/large/logo-quadrat-vector.jpg?1539611939 2018-12-27T18:50:00+01:00 18:50 01:00 Borg 35c3-9766-das_ist_mir_nicht_erinnerlich_der_nsu-komplex_heute "Das ist mir nicht erinnerlich." − Der NSU-Komplex heute Fünf Monate nach dem Urteil im ersten NSU-Prozess Ethics, Society & Politics lecture de Sieben Jahre lang musste den Behörden jedes Stück der versprochenen Aufklärung des NSU-Komplexes abgerungen werden. Das Urteil im ersten NSU-Prozess zeigt: Deutschland ist nur sehr eingeschränkt bereit, rechtem Terror entgegenzutreten und ihn aufzuarbeiten, den Betroffenen, Geschädigten und Überlebenden zuzuhören und ihnen Schutz zu garantieren. Das zu leisten ist unsere Aufgabe: die Aufgabe der Gesellschaft, die Aufgabe einer antifaschistischen und antirassistischen Linken. Am 4. November 2011 enttarnte sich der „Nationalsozialistische Untergrund“ (NSU) selbst. Fast sieben Jahre später, am 10. Juli 2018, wurde das Urteil im ersten NSU-Prozess gesprochen. Heute, fünf Monate nach der von Neonazis bejubelten mündlichen Urteilsverkündung, müssen wir mit einem Urteil umgehen, in dem sich viele gebrochene Aufklärungsversprechen zuspitzen. Das Gericht geht von der These aus, der NSU sei ein weitgehend isoliertes „Trio“ ohne Netzwerk und ohne Verstrickung der Behörden gewesen. Nach allem, was in den letzten Jahren – teilweise mühsam – über den NSU-Komplex ans Licht gezerrt werden konnte, ist die „Trio“-These aber nicht haltbar. Zum NSU-Komplex gehören ein Neonazinetzwerk, der gesamtgesellschaftliche Rassismus und das Handeln der Polizei sowie des Verfassungsschutzes. Gleichzeitig stellen sich die Angehörigen der vom NSU Ermordeten und die Überlebenden der Anschläge immer noch die gleichen Fragen wie 2011: Wer hat die Tatorte ausgewählt? Warum wurde gerade ihr Vater, Ehemann, Sohn, ihre Tochter ermordet? Wer ist Teil des Unterstützungsnetzwerks des NSU? Was wusste der Verfassungsschutz und was machte er warum mit seinem Wissen (nicht)? Klar ist: Die gesellschaftlichen Verhältnisse, die den NSU hervorgebracht haben, müssen abgeschafft werden. Das Urteil im ersten NSU-Prozess hat noch einmal unterstrichen: Deutschland ist nur in sehr eingeschränktem Maße bereit, rechtem Terror entgegenzutreten und ihn aufzuarbeiten, den Betroffenen, Geschädigten und Überlebenden zuzuhören und ihnen Schutz zu garantieren. Das zu leisten ist unsere Aufgabe: die Aufgabe der Gesellschaft, die Aufgabe einer antifaschistischen und antirassistischen Linken. Im Vortrag soll der Stand der Aufklärung im NSU-Komplex umrissen werden und diskutiert werden, wie wir als Gesellschaft damit umgehen und was wir tun können. false Caro Keller (NSU-Watch) NSU-Watch https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9462.html 2018-12-27T20:50:00+01:00 20:50 00:40 Borg 35c3-9462-what_the_fax What The Fax?! Hacking your network likes it's 1980 again Security lecture en We all know what FAX is, and for some strange reason most of us need to use it from time to time. Hard to believe its 2018, right? But can FAX be something more than a bureaucratic burden? Can it actually be a catastrophic security hole that may be used to compromise your entire network? Come watch our talk and find out … Unless you've been living under a rock for the past 30 years or so, you probably know what a fax machine is. For decades, fax machines were used worldwide as the main way of electronic document delivery. But this happened in the 1980s. Humanity has since developed far more advanced ways to send digital content, and fax machines are all in the past, right? After all, they should now be nothing more than a glorified museum item. Who on earth is still using fax machines? The answer, to our great horror, is EVERYONE. State authorities, banks, service providers and many others are still using fax machines, despite their debatable quality and almost non-existent security. In fact, using fax machines is often mandatory and considered a solid and trustworthy method of delivering information. What the Fax?! We embarked on a journey with the singular goal of disrupting this insane state of affairs. We went to work, determined to show that the common fax machine could be compromised via mere access to its fully exposed and unprotected telephone line – thus completely bypassing all perimeter security protections and shattering to pieces all modern-day security concepts. Join us as we take you through the strange world of embedded operating systems, 30-year-old protocols, museum grade compression algorithms, weird extensions and undebuggable environments. See for yourself first-hand as we give a live demonstration of the first ever full fax exploitation, leading to complete control over the entire device as well as the network, using nothing but a standard telephone line. This talk is intended to be the canary in the coal mine. The technology community cannot sit idly by while this ongoing madness is allowed to continue! The world must stop using FAX! false Yaniv Balmas Eyal Itkin https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9838.html /system/events/logos/000/009/838/large/logo.png?1539632549 2018-12-27T21:50:00+01:00 21:50 00:40 Borg 35c3-9838-genom-editierung_mit_crispr_cas Genom-Editierung mit CRISPR/Cas “Eine neue Hoffnung” oder “Angriff der Klonkrieger”? Science lecture de CRISPR/Cas hat die Genforschung revolutioniert und könnte bald in großem Stil gentechnisch eingesetzt werden. Aber was ist CRISPR und wie funktioniert es? Kurz gesagt: Teile des adaptiven Immunsystems von Bakterien werden genutzt, um Gene zu verändern. Und das funktioniert präziser als mit jedem anderen Werkzeug zuvor und offenbar in allen Tier- und Pflanzenarten. Damit ist CRISPR anders als die herkömmlichen Methoden der Gentechnik. Es ist einfach anzuwenden, preiswert, schnell, extrem vielseitig und damit in jedem Biologielabor erhältlich. Bio-Hacker haben sogar begonnen, CRISPR zu Hause zu nutzen. CRISPR wird bereits eingesetzt, um mehr über Genfunktionen und -dysfunktionen zu erfahren. So könnte es realistischerweise zur Behandlung einiger Krankheiten eingesetzt werden. Aber welche Hürden gibt es noch und welche ethischen Fragen würden sie mit sich bringen? Wie kann (oder sollte?) CRISPR in der Landwirtschaft eingesetzt werden, wenn der Klimawandel die Erträge verringert und die Biodiversität gefährdet? Unser Vortrag gibt einen Überblick darüber, was mit dem CRISPR/Cas-System möglich ist. Wir möchten genügend Informationen liefern, um zwischen Pseudowissenschaften und dem, was tatsächlich möglich ist, unterscheiden zu können. André ist Physiker, Biochemiker und Wissenschaftskommunikator. Katrin studierte Biochemie, verpodcastete Wissenschaftsnachrichten und berät wissenschaftliche Softwareprojekte. Anna ist Biologin und hat während ihrer Doktorarbeit teilweise mit CRISPR gearbeitet. Obwohl wir aus verschiedenen Bereichen der Wissenschaft kommen, haben wir eine gemeinsame Leidenschaft: Themen aus der Wissenschaft verständlich darzustellen. Eine der vielversprechendsten neuen Technologien ist CRISPR/Cas. Dabei handelt es sich um eine Gentechnikmethode, die ein großes Potenzial für Mensch und Umwelt hat. Aber wie jedes Werkzeug kann CRISPR sowohl für Gutes als auch für Böses eingesetzt werden - und es ist nicht immer einfach zu sagen, was was ist, besonders in biologischen und ökologischen Systemen. CRISPR hilft uns, Genfunktionen und Krankheiten besser erforschen zu können. Es könnte uns auch helfen, die Folgen des Klimawandels in vielerlei Hinsicht zu bekämpfen - doch haben wir uns nicht genug in die Umwelt eingemischt? CRISPR könnte uns helfen, Krankheiten zu behandeln, vielleicht sogar bei Embryonen mit genetischen Krankheiten. Aber ist es ethisch vertretbar, die menschliche Keimbahn zu verändern? Oder sollten wir sie bei Tieren verändern, um höhere Fleisch-, Milch- oder Eiererträge zu erzielen? Was könnten wir ändern und was sollten wir besser in Ruhe lassen? Was mit CRISPR getan wird - darüber sollte es einen breiten Dialog in der Gesellschaft geben. Wir wollen versuchen die wissenschaftliche Faktenlage darzustellen, und die Möglichkeiten und Grenzen von CRISPR zu beleuchten. false _Adora_Belle_ André Lampe KaLeiMai Blog André Lampe / anderelampe Anna Müllner / Adora Belle Wirkstoffradio kuratierte Podcastepisoden über CRISPR & Co. Google-Slides (zum Kommentieren) PDF file https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9597.html /system/events/logos/000/009/597/large/bios.png?1539366432 2018-12-27T22:50:00+01:00 22:50 00:40 Borg 35c3-9597-modchips_of_the_state Modchips of the State Hardware implants in the supply-chain Security lecture en Hardware implants and supply chain attacks have been in the news recently, but how feasible are they and what can we do about them? In this talk we'll examine the design of a proof of concept SPI bus hardware implant that has similar capabilities to those described in the Bloomberg/Supermicro article as well as some countermeasures that we can use to try to detect these "modchips" and increase our trust in our systems. We don't know how much of the Bloomberg story about hardware implants installed in Supermicro servers shipped to Apple and Amazon is true, nor do we know the story behind the story and the reasons for the vehement denials by all the parties involved. However, a technical assessment of details of the describe implants reveals that a supply chain attack on the hardware is definitely possible, that the capabilities of the BMC can be used to bypass OS protections, and that there are means to access the BMC that would not necessarily generate readily identified network traffic. In this talk we'll examine the design of a proof of concept SPI bus hardware implant that has similar capabilities to those described in the Bloomberg/Supermicro article as well as some countermeasures that we can use to try to detect these "modchips" and increase our trust in our systems. false Trammell Hudson https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9614.html 2018-12-27T23:50:00+01:00 23:50 00:40 Borg 35c3-9614-inside_the_amd_microcode_rom Inside the AMD Microcode ROM (Ab)Using AMD Microcode for fun and security Security lecture en Microcode runs in most modern CPUs and translates the outer instruction set (e.g. x86) into a simpler form (usually a RISC architecture). It is updatable to fix bugs in the silicon (see Meltdown/Spectre), but these updates are encrypted and signed, so no one knows how microcode works on conventional CPUs. We successfully reverse engineered part of the microde semantics of AMD CPUs and are able to write our own programs. We also recovered the mapping between the physical readout (electron microscope) and the "virtual" addresses used by microcode itself. In this talk we present background on microcode, our findings, our open source framework to write custom microcode and our custom defensive measures implemented in microcode. We build on our results presented on 34C3 to provide more insight into how microcode works and more details of the microcode ROM itself. tl;dr diff to last talk: - Mapped physical readout to virtual addresses, we can now read the microcode implementation of specfic instructions - More microcode semantics known, more stable programs - Opensource framework for creating, diassembling and testing microcode on AMD CPUs - Simple hardware setup to develop microcode programs - More practical examples of what you can do with microcode, focused on defense instead of offense this time Since 34C3 we worked on recovering the microcode ROM completely and used that knowledge to implement constructive microcode programs that add to or enhance functionality of the CPU. We also worked on our now open source framework to create and diassemble microcode for AMD CPUs up to 2013. We will give a short intro into how to use it to create custom microcode programs and test them on real hardware. We also provide guidelines on how to construct the test setup we used, which is essentially any old AMD mainboard (native serial port required), a RaspberryPi with a serial adapter and some wiring including a few basic electronic components. Using this you can remotely and automatically test any number of microcode updates and it is integrated in our framework. On the microcode program side we will show how to hijack microcoded instructions to replace them with new semantics, for example reviving the good-old BOUND x86 instruction. We also show how to roll your own microcode update verification scheme, so only trusted and signed updates can be loaded on vulnerable CPUs. Additionally we will provide some implementation details found in the microcode ROM and show how it is used to implement complex functions like the instruction WRMSR, which among other functions is used to update the microcode. We will start with a crash-course covering fundamentals related to instruction decoding, CPU architecture and microcode principles. We will then present our new insights and finish with a demo of how our framework works. false Benjamin Kollenda Philipp Koppe Our 34C3 talk on microcode Paper with our new insights, to-be-presented on CCS 2018 Original microcode paper and corresponding talk Github project - to be updated Presentation Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9599.html /system/events/logos/000/009/599/large/icon-new.png?1542635567 2018-12-27T11:30:00+01:00 11:30 00:40 Clarke 35c3-9599-locked_up_science Locked up science Tearing down paywalls in scholarly communication Ethics, Society & Politics lecture en Restricting access to knowledge and science is not beneficial for society. So why are scientific results still locked up behind paywalls? Even though the answer to this question is enlightening, the story is quickly told. Much more important is the knowledge on how to change this. Politics, research funders, libraries and scientists have to join forces and to push forward to flip scholarly communication from closed to open access. What has happened so far? What are the current developments? What can each of these parties contribute to the transformation of scholarly communication? Open access guidelines, repositories and the hashtag #ICanHazPDF are just a few examples of approaches that jointly undermine the paywalls. One that has been recognized even beyond the scientific community is Project DEAL which aims to achieve open access for scientific publications from German scientists with major academic publishers. Things are currently progressing very fast and a lot can happen in the weeks between now and the congress. The talk will start with a brief introduction to the most common way of scholarly communication, where science is still mainly locked up behind paywalls. In line with the most recent developments, the talk will then focus on different approaches to open up science and their political and practical consequences. Whatever happens, the transformation of scholarly communication is well underway and it will affect not only the scientific community but society as a whole. So let’s join forces! false Claudia Frick - @FuzzyLeapfrog Slides (DOI) Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9513.html 2018-12-27T12:30:00+01:00 12:30 00:40 Clarke 35c3-9513-mind_the_trap_die_netzpolitik_der_afd_im_bundestag Mind the Trap: Die Netzpolitik der AfD im Bundestag Ethics, Society & Politics lecture de Die AfD-Bundestagsfraktion wird in der Öffentlichkeit vor allem mit ihren rassistischen Positionen wahrgenommen – mit ihren netzpolitischen Aktivitäten bleibt sie zumeist unter dem Radar. Dieser Talk zeigt, wie die AfD-Fraktion die Netzpolitik dennoch als vermeintlich neutrales Thema nutzt, um für ihre rechtsextreme Partei eine parlamentarische und gesellschaftliche Normalisierung herzustellen. Als Mitarbeiterin einer Bundestagsabgeordneten von den Grünen verfolge ich täglich das Verhalten der AfD in netzpolitischen Debatten im Bundestag: Im Plenarsaal, im Ausschuss Digitale Agenda, in der Enquête-Kommission Künstliche Intelligenz und bei Veranstaltungen und Diskussionen mit außerparlamentarischen Organisationen. Dabei ist mir aufgefallen, dass die netzpolitischen AfD-Abgeordneten in ihrem Verhalten eher einem kooperationsorientierten statt einem krawallorientierten Parlamentariertyp innerhalb ihrer Fraktion zuzuordnen sind. Die inhaltliche Positionierung der AfD wiederum folgt bei verschiedenen netzpolitischen Debatten zumeist einer von drei verschiedenen Strategien: Konsensorientiert, anti-europäisch oder Opfermythos-betonend. Diese Beobachtungen werden mit einer Reihe von Beispielen illustriert. Bei den netzpolitischen Diskussionen im Bundestag finden die zentralen Auseinandersetzungen zwischen der Großen Koalition und den demokratischen Oppositionsparteien statt. Was die AfD-Fraktion dazu sagt, wird häufig kaum wahrgenommen. Dieser Talk zeigt, wie die AfD-Fraktion die Netzpolitik dennoch als vermeintlich neutrales Thema nutzt, um für ihre rechtsextreme Partei eine parlamentarische und gesellschaftliche Normalisierung herzustellen. Er belegt dies anhand zahlreicher Beispiele aus dem parlamentarischen Alltag und zeigt auf, wo diese Strategie bereits aufgeht und wo nicht. Deswegen soll es auch darum gehen, wie zivilgesellschaftliche Organisationen und Akteure damit umgehen können, wenn AfD-Abgeordnete in der netzpolitischen Szene auftauchen und vermeintlich sinnvolle netzpolitische Positionen vertreten. false Noujoum Blog https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9561.html 2018-12-27T13:30:00+01:00 13:30 00:40 Clarke 35c3-9561-first_sednit_uefi_rootkit_unveiled First Sednit UEFI Rootkit Unveiled Security lecture en UEFI rootkits have been researched and discussed heavily in the past few years, but sparse evidence has been presented of real campaigns actively trying to compromise systems at this level. Our talk will reveal such a campaign successfully executed by the Sednit group. We will detail the full infection chain showing how Sednit was able to install their custom UEFI module on key targets' computers. Additionally, we will provide an in-depth analysis of their UEFI module and the associated trojanized LoJack agent. UEFI rootkits have been researched and discussed heavily in the past few years, but sparse evidence has been presented of real campaigns actively trying to compromise systems at this level. Our talk will reveal such a campaign successfully executed by the Sednit group. This APT group, also known as Fancy Bear, Sofacy and APT28, has been linked to numerous high profile cyberattacks such as the 2016 Democratic National Committee email leak scandal. Earlier this year, there was a public report stating that the infamous Sednit/Sofacy/APT28 APT group successfully trojanized a userland LoJack agent and used it against their targets. LoJack, an embedded anti-theft application, was scrutinized by security researchers in the past because of its unusual persistence method: a module preinstalled in many computers' UEFI/BIOS software. Over the years, several security risks have been found in this product, but no significant in-the-wild activity was ever reported until the discovery of the Sednit group leveraging some of the vulnerabilities affecting the userland agent. However, through our research, we now know that Sednit did not stop there: they also tried to, and succeeded, in installing a custom UEFI module directly into a system's SPI flash memory. In this talk, we will detail the full infection chain showing how Sednit was able to install their custom UEFI module on key targets' computers. Additionally, we will provide an in-depth analysis of their UEFI module and the associated trojanized LoJack agent. false Frédéric Vachon LOJAX: First UEFI rootkit found in the wild, courtesy of the Sednit group (white paper) Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9809.html 2018-12-27T14:30:00+01:00 14:30 00:40 Clarke 35c3-9809-datenschutz_fur_neulandburger Datenschutz für Neulandbürger Ethics, Society & Politics lecture de Der Datenschutz ist als erst relativ frisch erkämpftes Abwehrrecht von Bürgern gegen Firmen und Staat ein wichtiges, aber häufig missverstandenes Rechtsgebiet. Zuletzt ist es durch die Grundverordnung auf europäischer Ebene in den Blick der Netzöffentlichkeit geraten. Dieser Vortrag soll einen niedrigschwelligen Einstieg in den Datenschutz geben und aus Perspektive einer Datenschützerin mit zehnjähriger Erfahrung im Gebiet die aufregenden Aspekte und Herausforderungen aufzeigen, dem Bürgerrecht Leben einzuhauchen. Ziele des Vortrags (wird noch zum Volltext ausgearbeitet) * Eingrenzen des Rechtsgebiets * Beleuchten der Geschichte, Kontrast zu anderen "Geheimnis-Schutz"-Rechten * positive Auswirkungen auf den Bürger seit Kodifizierung durch BVerfG und Hessischem Datenschutzgesetz (angebliche) negative Auswirkungen auf Sicherheit, Strafverfolgung und Wirtschaftlichkeit * jüngste Neuerungen seit DSGVO * tatsächliche Auswirkungen der DSGVO auf bestehende Infrastruktur ("Blogsterben", "war vorher schon illegal") * Mythos Datenschutzerklärung * Wie sieht unsere Lieblings-Datenschutzerklärung aus? * Ausblicke auf weitere Initiativen false Beata Hubrig https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9923.html 2018-12-27T16:10:00+01:00 16:10 01:00 Clarke 35c3-9923-space_ops_101 Space Ops 101 An introduction to Spacecraft Operations Science lecture en After launching a spacecraft into orbit the actual work for mission control starts. Besides taking care of the position and speed of the spacecraft this includes e.g. detailed modeling of the power usage, planning of ground station contacts, payload operations and dealing with unexpected anomalies. In this talk we will see many examples of problems particular to space crafts and how they influence the way space craft mission operations works. Suppose you built your own satellite and somehow managed to launch it into space, what are you going to do next? Can you just ssh into your onboard computer and try out a couple of things to take a picture of earth and download the file? Did you just lose contact with your satellite due to an empty battery, because it heated up too much or because it rotated in the wrong direction? What are other issues you might forget to account for? After understanding why in spacecraft operations nothing works the way one expects we will have some answers to these questions. Also we will see how these problems are nowadays tackled by mission control centers all over the world, what happens in emergencies, what FDS, GDS, LEOP and TTC stand for and why spacecraft operators worry so much about weird particularities of time systems. Everything will be illustrated by real-life examples. The only prerequisite for this talk is that you know that earth is not flat! false sven https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9508.html /system/events/logos/000/009/508/large/Screenshot_2018-12-09_21-08-08.png?1544386150 2018-12-27T17:30:00+01:00 17:30 01:00 Clarke 35c3-9508-digital_airwaves Digital Airwaves Software Defined Radio Basics and some Modulation Theory Hardware & Making lecture en Encoding or decoding random radio-waveforms doesn't need incredible expensive hardware anymore which offers new possibilities for building up over-the-air communication systems. There are Software Defined Radios providing affordable cellular radio to remote villages, Community Radios are using SDR to build up digital radio networks and other cool stuff. Some basic knowledge what is going on in SDR Hard/Software as the influence of the samplerate, I/Q-data of the math behind the waterfall-diagram is helpful to have fun with SDR. Some theory on modulation techniques helps you to decode or encode your waveforms. With a cheap DVB-T USB receiver used with some SDR-Software you can already have a look whats going on in the airwaves around you at certain frequencies. But what happens between the antenna and your computer display showing or decoding the signal? The talk should give basic information and background about SDR and some modulation theory. There will probably be a SDR Challenge at the Congress to practice you new skills. false Friederike https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9372.html /system/events/logos/000/009/372/large/edri_logo.png?1536831004 2018-12-27T18:50:00+01:00 18:50 01:00 Clarke 35c3-9372-citzens_or_subjects_the_battle_to_control_our_bodies_speech_and_communications Citzens or subjects? The battle to control our bodies, speech and communications A call to action to defend our ePrivacy and eliminate upload filters Ethics, Society & Politics lecture en Technology is the solution: What is the problem? This seems to be the motto. Algorithms may be about to control our free speech while tracking technologies could control our bodies and communications. Will we react or stay quiet? Technology is the solution: What is the problem? This seems to be the motto. Whether it is about preventing the dissemination of terrorist content or to prevent copyright infringements the solution from the legislator is upload filters. While content is controlled by algorithms, devices need to be under scrutiny. That is why confidentiality of communications needs to be secured now too. We have little time to stop these threats from becoming a reality, but we have most citizens on our side and the EU elections near. We still can and have to win this battle. Otherwise, once filters are put for copyright or terrorist content, they will be used for anything else. And if software and hardware does not defend our privacy by design and by default, 24/7 surveillance will be the new "normal". false Diego Naranjo (EDRi) Andreea Belu (EDRi) EDRi's analysis on the adoption of upload filters EFF analysis of upload filters in the EU https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9358.html /system/events/logos/000/009/358/large/Wikipedia_ZDF.gif?1536738413 2018-12-27T20:50:00+01:00 20:50 01:00 Clarke 35c3-9358-chaos_im_fernsehrat Chaos im Fernsehrat Ethics, Society & Politics lecture de Seit Juli 2016 darf ich – nominiert unter anderem vom CCC – den Bereich "Internet" im Fernsehrat des ZDF vertreten. Nach gut zwei Jahren ist es Zeit für eine Zwischenbilanz: Was macht ein Fernsehrat, was machen öffentlich-rechtliche Angebote im Netz, und was sollten sie eigentlich tun? <blockquote>Der Fernsehrat vertritt die Interessen der Allgemeinheit gegenüber dem ZDF. Deshalb ist er kein Expertengremium, sondern so vielfältig wie die Gesellschaft selbst. Seine Mitglieder werden von unterschiedlichen gesellschaftlichen Gruppen entsandt. Der Fernsehrat tagt öffentlich. Sowohl die Tagesordnung als auch die Zusammenfassungen der wesentlichen Ergebnisse der Sitzungen werden im Internet veröffentlicht.</blockquote> So beschreibt sich der ZDF-Fernsehrat auf seiner Webseite selbst. Nach einem Urteil des Bundesverfassungsgerichts im Jahr 2014 mussten die Länder den ZDF-Staatsvertrag neu formulieren, der Fernsehrat ist deshalb seit Juli 2016 neu zusammengesetzt. Nur noch maximal 20 von 60 Mitgliedern dürfen aktive Politiker sein, der Rest soll verschiedene gesellschaftliche Gruppen repräsentieren. Neu hinzu kamen im Zuge der Neuordnung Vertreter, die von den Ländern – in der Regel auf Vorschlag von Vereinen oder Verbänden – für Bereiche wie Minderheiten, Menschen mit Behinderung, Digitales oder LGBTQI nominiert werden. Während Bayern das Nominierungsrecht für den Bereich "Digitales" an den Branchenverband der Telekommunikationsindustrie BITKOM delegiert hat, wurde ich vom Land Berlin auf gemeinsamen Vorschlag der vier Vereine <a href="https://ccc.de/">Chaos Computer Club (CCC)</a>, <a href="https://d-64.org/">D64 – Zentrum für Digitalen Fortschritt e. V.</a>, <a href="https://www.eco.de/">eco – Verband der Internetwirtschaft</a> und <a href="http://www.medianet-bb.de/">media.net berlinbrandenburg e. V.</a> für den Bereich "Internet" nominiert. Nach etwas mehr als der Hälfte meiner vierjährigen Periode möchte ich im Rahmen des 35C3 von meinen Aktivitäten als und im Fernsehrat berichten – zumindest soweit das übertriebene Verschwiegenheitsklauseln zulassen – und skizzieren, welche (neuen) Aufgaben öffentlich-rechtliche Medien gerade im Zeitalter digitaler Plattformöffentlichkeiten haben. false Leonhard Dobusch Reihe "Neues aus dem Fernsehrat" bei netzpolitik.org Slides "Chaos im Fernsehrat" https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9792.html 2018-12-27T22:10:00+01:00 22:10 01:00 Clarke 35c3-9792-quantum_mechanics Quantum Mechanics A Gentle Introduction Science lecture en An (almost) self-contained introduction to the basic ideas of quantum mechanics. The theory and important experimental results will be discussed. Quantum mechanics is one of the two paradigm-changing physical theories of the early twentieth century (the other being special and general relativity). Suddenly, one of the most fundamental physical theories was no longer deterministic: Measurement is a probabilistic process in quantum mechanics. This caused a controversy on how to interpret this and whether quantum mechanics is a complete theory that continues until today. This talk tries to counter a trend: Most people know the fundamentals of special relativity, while few know quantum mechanics beyond the Bohr model of hydrogen. On reason is that the presentation of quantum mechanics in schoolbooks is often dated, inaccurate and incomplete, and, as a consequence, quantum mechanical concepts are often used as a magical component in fringe science and esoteric theories. The talk will shortly discuss some of the experimental results that have lead to the formulation of quantum mechanics and then formulate the theory. The parts of quantum mechanics that often show up in quack theories will be examined and dissected. Allergy advice: This talk may contain mathematics. Some prior knowledge of linear algebra will help to understand this talk. false sri Presentation Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9951.html /system/events/logos/000/009/951/large/mass-awareness-mass-surveillance-2.png?1539643035 2018-12-27T23:30:00+01:00 23:30 01:00 Clarke 35c3-9951-it_always_feels_like_the_five_eyes_are_watching_you It Always Feels Like the Five Eyes Are Watching You Five Eyes’ Quest For Security Has Given Us Widespread Insecurity Ethics, Society & Politics lecture en This talk will discuss all about the Five Eyes, the espionage alliance between Australia, Canada, New Zealand, the United Kingdom and the United States. It is one of the largest intelligence operations in the world, which monitors billions of communications around the globe in the name of security. Yet the Five Eyes propose to weaken security, privacy and eroded the possibility of secure systems. This talk will go into details about the Five Eyes (FVEY), covering its origins in the aftermath of World War II, its expansion in the cold war, ECHELON, and further expansion in the the era of counter-terrorism, through today, where the Five Eyes have set their sights on enabling mass surveillance and stopping strong encryption. The discussion will include: - The history and background of the Five Eyes Origins Cold War (ECHELON) Terrorism - How the FVEY spying and intelligence sharing works - Malware - Backdoors - Routers - Internet exchanges - Domestic sharing: when one member spies on another’s citizens, and shares the information back to get around prohibitions on domestic surveillance. - More Eyes, More Problems. Proposals to expand the number of eyes, including many within the EU - Whistleblowers: What the documents shared by Edward Snowden revealed about the Five Eyes - The Five Eyes latest fight: Against strong encryption. FVEY member claim to aim to "thwart the encryption of terrorist messaging,” and the UK and Australia have taken steps through legislation to weaken security. - Why this matters - the legal and policy framework for communications surveillance and the application of human rights principles for surveillance. false Kurt Opsahl https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9529.html 2018-12-27T11:30:00+01:00 11:30 00:40 Dijkstra 35c3-9529-artistic_pcb_design_and_fabrication Artistic PCB Design and Fabrication From doodle to manufacture: how I make mechanically complicated PCBs. Hardware & Making lecture en When a electrical device needs to be a piece of art or used as a mechanical component, a printed circuit board is more than a piece of fiberglass with wires embedded in it. In chemical engineering applications internal holes which allow fluids to be transported through the PCB need to be placed in complex precise patterns. As art, holes can be used to create positive and negative space, allowing you to see a charlieplexed LED display as a snowflake. Creating complex shapes in PCB design software is difficult to impossible. However, it is easy in CAD software. In this talk I will present the project workflow I use to design and manufacture my PCBs. Additionally, I will discuss the problems I have run into during manufacturing and how these problems were resolved. Making electrical-artistic and electrical-mechanical PCBs adds steps and complications to the usual PCB fabrication process. In this talk I will go over my project workflow and discuss how and why I do each step. I will also discuss problems I have run into during both the design and the manufacturing process. An overview of my workflow is as follows: <ul> <li>Make a sketch of what the final PCB will look like and what it will do. <li>Make a schematic of the electronics (kicad). <li>Assign footprints to the electrical components (kicad). <li>Check the manufacturers webpage for the design criterion on internal cuts. <li>Create a CAD file of the PCB outline (no electrical connections) (fusion 360/solidworks etc). <li> (optional) Conduct multiphysics simulations of the PCB outline, to find an optimal design (comsol etc). <li>Make boxes to represent the footprints of the electrical components and place these where you want them to be on the final PCB (fusion 360/solidworks etc). <li>Think about how the boards will be panelized and insert mouse bites/tabs for V-cuts as needed (fusion 360/solidworks etc). <li>Export a 2D drawing of the PCB including the components. <li>Make a PCB file with all the components (kicad). <li>Import the 2D drawing of the PCB as the edge cuts in the PCB file (kicad). <li>Place electrical components in the correct location and delete the edge cuts which are just being used as markers (kicad). <li>Use a routing software to connect components or connect these manually. <li>(optional) Panelize the boards by making a new PCB file and importing the single PCB. <li>Export the gerber files. <li>Check that the outlines are correct in the gerber files and clean up machining code if necessary. <li>Upload files to manufacturers webpage and include an image of which places should be milled out. </ul> Common problems have included: <ul> <li>V-cuts on non-rectangular PCBs. <li>Keepout zones on internal edge-cuts. <li>Gerber file generation errors caused by internal edge cuts and pannelization. <li>Some manufacturers do not do internal edge cuts. <li>Boards are mechanically weakened by internal cuts. </ul> false hammes hacks Project Webpage Youtube Channel shamrock file https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9720.html 2018-12-27T13:30:00+01:00 13:30 00:40 Dijkstra 35c3-9720-frontex_der_europaische_grenzgeheimdienst Frontex: Der europäische Grenzgeheimdienst Das Grenzüberwachungssystem EUROSUR führt Aufklärungsdaten von Satelliten, Flugzeugen, Drohnen und bald auch Fesselballons zusammen Ethics, Society & Politics lecture de Die EU-Grenzagentur Frontex nimmt eine Reihe neuer Überwachungsmethoden im Mittelmeer in Betrieb. Die Fähigkeiten zur Beobachtung des sogenannten Grenzvorbereichs gehören zum Grenzüberwachungssystem EUROSUR, das die Europäische Union vor fünf Jahren gestartet hat. EUROSUR vernetzt die Zentrale von Frontex in Warschau mit den Grenzbehörden der 28 Mitgliedstaaten. Über deren nationale Koordinierungszentren wird Frontex über alle wichtigen Vorkommnisse an den Außengrenzen der Europäischen Union unterrichtet. Kern des EUROSUR-Systems ist die Satellitenaufklärung, über die Frontex auch selbst an den Grenzen beobachten kann. Die Bilder stammen von kommerziellen Satellitendiensten sowie von optischen und radarbasierten Satelliten des EU-Erdbeobachtungsprogramms „Copernicus“. Sie werden vom Satellitenzentrum der Europäischen Union (SatCen) erhoben, aufbereitet und an Frontex übermittelt. Zu den Bildlieferanten gehört der Rüstungskonzern Airbus, der Bilder seiner Radarsatelliten „TerraSar-X“ und „TanDEM-X“ mit einer Auflösung von 24 cm verkauft. Für die schnelle Kommunikation mit den Satelliten nutzt „Copernicus“ als erster Kunde die „Weltraumdatenautobahn“ des Airbus-Konzerns. Die Nutzung der Daten für die einzelnen AnwenderInnen wurde erst kürzlich mithilfe einer App vereinfacht, die ein Mitarbeiter der Abteilung „Informationshoheit“ als eine Art Instagram für Sicherheitsanwendungen beschreibt. Nun werden auch die technischen Fähigkeiten von „Copernicus“ ausgebaut. Das System soll „Unregelmäßigkeiten im Schiffsverhalten“ erkennen und melden. Dabei werden Informationen zum Standort, der Schiffsbezeichnung und zum abweichenden Verhalten übermittelt. Als verdächtig kann etwa gelten, wenn ein Schiff keine gewöhnlichen Routen fährt oder die Geschwindigkeit verlangsamt. Frontex hat im vergangenen Jahr einen „Mehrzweck-Flugdienst“ gestartet. Von Flugzeugen über dem Mittelmeer aufgenommene Videos werden in Echtzeit in ein Lagezentrum der EUROSUR-Zentrale nach Warschau gestreamt. Seit diesem Jahr erhält Frontex außerdem Bilder von Aufklärungsdrohnen, die von der Agentur für die Sicherheit des Seeverkehrs geflogen werden. Zunächst handelt es sich dabei um ein Pilotprojekt für zwei verschieden große Drohnen der MALE-Klasse. Demnächst will Frontex außerdem Fesselballons zur „Grenzraumüberwachung aus der Luft“ testen. false Matthias Monroy EUROSUR-Pilotprojekt von 2009. Damals kam die Gefahr für Frontex noch aus dem Osten. Präsentation https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9909.html /system/events/logos/000/009/909/large/schrift_knoten.png?1539639051 2018-12-27T14:30:00+01:00 14:30 00:40 Dijkstra 35c3-9909-updates_von_der_europaischen_aussengrenze Updates von der europäischen Außengrenze Ethics, Society & Politics lecture de Als Organisation für Menschenrechtsbeobachtungen geben wir Euch einen Überblick der aktuellen Entwicklungen an der EU-Außengrenze auf dem Mittelmeer. Mare Liberum betreibt ein Schiff auf dem Mittelmeer, um Menschenrechtsverletzungen zu dokumentieren. Dabei arbeiten wir zur Zeit in der Ägäis, der Seegrenze zwischen der Türkei und Griechenland. Hier flüchten noch immer tausende Menschen auf der Suche nach Schutz und Würde. Seit den Vorträgen von Sea-Watch und der Iuventa-Crew ist viel Zeit vergangen. Die zivilen Seenotrettungsorganisationen fahren nicht mehr raus – sind alle gerettet? Wie hat sich die Situation für die Flüchtenden und Helfer verändert? Wie werden Euch einen Überblick der aktuellen Entwicklungen an der EU-Außengrenze auf dem Mittelmeer geben. Warum schaffen es die europäischen Staaten nach fünf Jahren Katastrophe im Mittelmeer nicht, das Sterben zu beenden? Was ist eigentlich deren Agenda? Warum wollen alle ständig eine neue Flagge? Wie gut funktionert eigentlich der EU-Türkei-Deal? Welche staatlichen Akteure gibt es auf dem Wasser und was machen sie? Warum ist die Rolle der Menschenrechtsbeobachter, selbst in Europa, so wichtig? false Nico Nina Gassmann Mare Liberum e. V. Unterstützung https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10027.html 2018-12-27T16:10:00+01:00 16:10 00:40 Dijkstra 35c3-10027-cyber-_stalking_wenn_grenzen_verschwimmen (Cyber-)Stalking: Wenn Grenzen verschwimmen Ethics, Society & Politics lecture de Von unerwünschten Nachrichten über Bedrohungen bis hin zum Intimizid. Allein im Jahr 2017 wurden rund 18.483 Fälle von Stalking polizeilich erfasst, die Dunkelziffer wird auf 600.000-800.000 Betroffene geschätzt. Unter dem Begriff Stalking wird allgemein das „wiederholte, widerrechtliche Verfolgen und Belästigen eines Menschen, so dass dessen Sicherheit bedroht und er/sie in seiner/ihrer Lebensgestaltung schwerwiegend beeinträchtig wird“ verstanden. Die Ausführungsformen und Intensität des Stalkings oder Cyberstalkings sind sehr heterogen, sodass sich oft die Frage nach der Grenze zur Strafbarkeit stellt.<\p> Neben einer kurzen Einführung in den Phänomenbereich werden die Ursachen und Typologien des Stalkings skizziert, sowie Internventionsmöglichkeiten präsentiert: Welche psychotherapeutischen Unterstützungsmaßnahmen gibt es für Betroffene und Ausführende? Welche juristischen Möglichkeiten gibt es? <\p> Da rund jeder zwölfte Mensch in Deutschland in seinem Leben von Stalking betroffen ist und der/die Ausführende zumeist aus dem Nahbereich der/des Betroffenen stammt, kann sich auch im eigenen Freundeskreis die Frage stellen: Wie kann ich einer/m Stalking-Betroffen/m unterstützen und helfen? Oder wie spreche ich eine/n vermutlichen Stalking-Ausführende/n auf sein/ihr Verhalten an?<\p> false Jan Kalbitzer Korina Winter https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10023.html /system/events/logos/000/010/023/large/Fliegenpilz_fly-agaric-2817723_640.jpg?1545772806 2018-12-27T17:10:00+01:00 17:10 00:40 Dijkstra 35c3-10023-stalking_spy_apps_doxing_digitale_gewalt_gegen_frauen Stalking, Spy Apps, Doxing: Digitale Gewalt gegen Frauen Die digitale Seite der häuslichen Gewalt CCC lecture de Digitale Formen von Gewalt gegen Frauen sind keine eigenständigen Phänomene, sondern in der Regel Weiterführungen oder Ergänzungen von anderen Gewaltformen. Stalking, Kontrolle, Bedrohung, Erpressung, Beleidigung, Überwachung sind altbekannte Aspekte häuslicher Gewalt. Für alle diese Phänomene gibt es digitale Entsprechungen, allerdings ist wenig darüber bekannt, wie oft sie ausgeübt werden, wann und von wem. Das macht es für die Betroffenen schwer, sich zu wehren, auch weil Politik und Justiz hier genauso verständnislos reagieren wie bei anderen digitalen Entwicklungen. Warum ist Kinderpornographie ein Kernthema der deutschen und europäischen Innenpolitik, aber kaum jemand redet über Revenge-Porn? In diesem Talk geht es um die verschiedenen Formen digitaler Gewalt und darum, wie oft sie vorkommen und wer davon betroffen ist. Es gibt kaum aussagekräftige Zahlen und wenig Hilfe für Betroffene. Warum wissen wir sowenig und was gibt es für Möglichkeiten, sich gegen die verschiedenen Formen digitaler Gewalt zu wehren? false Anne Roth bff Projekt 'Aktiv gegen digitale Gewalt' Kleine Anfrage Die Linke "Digitale Gewalt gegen Frauen" https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9383.html /system/events/logos/000/009/383/large/Screen-Shot-2018-08-14-at-4.16.18-AM-1.png?1536981731 2018-12-27T18:10:00+01:00 18:10 00:40 Dijkstra 35c3-9383-compromising_online_accounts_by_cracking_voicemail_systems Compromising online accounts by cracking voicemail systems Security lecture en Voicemail systems can be compromised by leveraging old weaknesses and top of current technology. The impact goes way beyond having your messages exposed. Voicemail systems have been with us since the 80s. They played a big role in the earlier hacking scene and re-reading those zines, articles and tutorials paints an interesting picture. Not much has changed. Not in the technology nor in some of the attack vectors. Can we leverage the last 30 years innovations to compromise voicemail systems? And what is the real impact today of pwning these? In this talk I will cover voicemail systems, it's security and how we can use oldskool techniques and new ones on top of current technology to compromise them. I will discuss the impact of gaining unauthorized access to voicemail systems and introduce a new tool that automates the process. Correction: There is no default PIN on O2 anymore. Initial PINs are generated randomly as it is the case for Vodafone and Telekom. false Martin Vigo Bruteforcing a voicemail PIN with voicemailcracker Compromising WhatsApp with voicemailcracker Compromising Paypal with voicemailcracker Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9675.html 2018-12-27T19:10:00+01:00 19:10 00:40 Dijkstra 35c3-9675-transmission_control_protocol Transmission Control Protocol TCP/IP basics Science lecture en TCP/IP is the most widely used protocol on the Internet for transmitting data. But how does it work in detail? This talk will explain the TCP protocol, from handshake over established to teardown in detail - and elaborate a bit on protocol adjustments over time and congestion control. I will briefly explain how computers talk to each other via the Internet Protocol (IP), and explain the transport protocols UDP and TCP, and their interaction with ICMP (for error and control messages). UDP is the user datagram protocol, an unreliable packet-oriented protocol. TCP provides a reliable stream of data, and includes connection establishment, feature negotiation, window management, and teardown. Over the last years at University of Cambridge I contributed to a formal model of TCP/IP and the Unix sockets API, developed in HOL4. We validated our HOL4 model with the FreeBSD-12 stack using Dtrace (packets, system calls, internal TCP state). In this research, we formalised a more exact TCP state machine than in initial RFCs or common literature (Stevens). false Hannes Mehnert Engineering with Logic: Rigorous Test-Oracle Specification and Validation for TCP/IP and the Sockets API Network Semantics repository https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9778.html /system/events/logos/000/009/778/large/oscar_eckig.png?1545254350 2018-12-27T22:10:00+01:00 22:10 01:00 Dijkstra 35c3-9778-open_source_firmware Open Source Firmware Eine Liebesgeschichte Hardware & Making lecture de Open Source firmware ist ein Begriff seit 1999 wo LinuxBIOS (coreboot) und u-boot als Projekt starteten. Heute nach fast 20 Jahren ist endlich Open Source firmware bei den Herstellern von Hardware angekommen: Google Chromebooks - coreboot Facebook Open Compute Hardware - coreboot / LinuxBoot Purism Laptops - coreboot Microsoft Olympus - TianoCore Microsoft Surface - TianoCore IBM Power 9 - Hostboot / Skiboot ARM Hardware - ARM Trusted Firmware Intel Minnowboard - TianoCore, coreboot A lot embedded hardware - u-boot In diesem Vortrag werden wir uns den Weg der Open Source firmware Entwicklung von der Vergangeheit bis in die Gegenwart anschauen. Dabei werden wir ein Schwerpunkt auf neue Technologien in der Firmware Entwicklung und eine Einführung in bestehende Konzepte legen. Teil des Vortrags werden auch Sicherheitstechnologien und Konzepte der Firmware sein. Zum Schluss werden wir einen Ausblick auf die Zukunft und damit verbundenen Ideen uns anschauen. Dies ist ein Einsteiger Vortrag der dazu dienen soll mehr Menschen von der Open Source Firmware Entwicklung zu begeistern. false zaolin coreboot LinuxBoot U-Boot TianoCore ARM Trusted Firmware Hostboot Talk slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9456.html 2018-12-27T23:30:00+01:00 23:30 01:00 Dijkstra 35c3-9456-hacking_ecology Hacking Ecology How Data Scientists can help to avoid a sixth global extinction Science lecture en As humans have a large negative impact on ecosystems all around the globe, we are approaching a major extinction event in which around 70% of all species will go extinct. This talk will give an introduction to a data-driven and system-based view of ecology. Since life emerged on this planet around 3 billion years ago, five global extinction events took place, that are characterized by over 60% of all species disappearing within a geologically short time interval. The last decades of environmental research, however, made it evidently clear that anthropogenic impacts on the global ecology could lead to a sixth global extinction. Being caused by the destabilization of ecosystems due to climate change, poaching, fragmenting of habitats, species invasions, pollution and other human activities, this extinction event would be the first induced by a species and not by natural catastrophes. Two general paths of action seem available to mitigate this threat or at least limit the damage: One consists of radically limiting anthropogenic influence on nature by restricting human habitats (to, as argued by E. O. Wilson among others, half of the earths surface), which, however, seems politically infeasible. A second strategy aims to effectively re-stabilize ecosystems by selective and specific intervention, but this would require a much deeper knowledge of ecosystem processes and how to modulate them. In this talk, I will provide an overview of the declining quality of ecosystems worldwide and argue that data-driven approaches as well as a hacker mindset will be essential to tackle open questions. I will support this argument by examples from my own research, in which I aim to identify important interactions between microbes in lake ecosystems. Finally, I will try to start a discussion on how to create citizen science projects that will help us understand our natural environment. false Theodor Sperlea Presentation slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9913.html 2018-12-27T11:30:00+01:00 11:30 01:00 Eliza 35c3-9913-going_deep_underground_to_watch_the_stars Going Deep Underground to Watch the Stars Neutrino Astronomy with Hyper-Kamiokande Science lecture en Neutrinos are “ghost-like” elementary particles that can literally go through walls. They can bring information from places that are impossible to observe through other means. This talk provides a glimpse behind the scenes of a next-generation neutrino detector called Hyper-Kamiokande – a cylindrical water tank the size of a high-rise building. I will describe some of the problems you encounter when planning a subterranean detector of this size, and explain how this detector helps us figure out why the sun shines and how giant stars explode. Neutrinos are tiny elementary particles that do not interact through the electromagnetic force. Almost like ghosts, they can literally go through walls and escape places that are inaccessible by other means, giving us a unique way of observing the interior of stars or nuclear reactors. Hyper-Kamiokande – a cylindrical water tank that is 62 m high and 76 m in diameter – is a next-generation neutrino detector, which will be built inside a mountain 250 km northwest of Tokyo starting in 2020. The talk will give an overview on the process of designing and building a subterranean detector of this size, starting from preparations for cavern construction and ending with the design of photodetectors, electronics and data analysis. In addition, the talk will cover selected areas of the physics programme of this detector. It will be explained how detecting neutrinos from our sun lets us figure out why the sun shines and how we can measure the temperature at its core to a precision of about 1%. Finally, I will explain how such a neutrino detector can help us watch, millisecond by millisecond, how giant stars explode in a supernova, creating many of the chemical elements that are necessary for life and computers to exist. false Jost Migenda Hyper-Kamiokande website Slides (pdf, 30MB) https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9410.html /system/events/logos/000/009/410/large/lsa.png?1537339912 2018-12-27T12:50:00+01:00 12:50 01:00 Eliza 35c3-9410-libresilicon LibreSilicon Decentralizing semiconductor manufacturing Hardware & Making lecture en While a lot of projects are currently developing their own processors, mostly as open source in Verilog, VHDL or even Chisel, we miss the free process that actually manufactures these chips. So we're developing the "Libre Silicon" project, a portable semiconductor manufacturing process and technology, using only free and open source tools: We would like to introduce the project, who we are, what we are doing and where we are now. The manufacturing is proprietary and has vendor lock-ins with triple NDAs – one for the process development kit (PDK), the technology itself; – one for the Standard Cell Library you can use to synthesize your RTL; – and even another one for the details of all purchase commitments. Our purpose is a free and open, community based silicon manufacturing process (<a href="https://github.com/libresilicon/process">GitHub link</a>) without any NDAs, a Standard Cell Library (<a href="https://github.com/chipforge/StdCellLib">GitHub link</a>) not only for that process as well as a suitable, refurbished, new-written open source tool chain QtFlow (<a href="https://github.com/leviathanch/qtflow">GitHub link</a>). During the last couple of months we already developed the first free 1µm process and are now close to manufacturing a first test wafer (<a href="https://github.com/libresilicon/PearlRiver">GitHub link</a>). Even though 1µm does not sounds very ambitious, this process node is still quite well documented in text books, robust and 5 Volt-tolerant. Once we get a hang on this, the machinery park in the clean room allows us to shrink down to 500nm and less. false leviathan hsank Andreas Westerwick QtFlow Standard Cell Lib LibreSilicon project page PearlRiver test wafer talk-20181227-35c3.pdf https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9375.html /system/events/logos/000/009/375/large/logo.png?1542061465 2018-12-27T14:10:00+01:00 14:10 01:00 Eliza 35c3-9375-silivaccine_north_korea_s_weapon_of_mass_detection SiliVaccine: North Korea's Weapon of Mass Detection How I Learned to Stop Worrying and Love the Backdoor Security lecture en Meet SiliVaccine – North Korea's national Anti-Virus solution. SiliVaccine is deployed widely and exclusively in the DPRK, and has been continuously in development by dedicated government teams for over fifteen years. When we heard of this strange software, we were immediately driven to investigate it: it's not every day that you can catch a glimpse of the malware landscape inside the closed garden of the DPRK's intranet. In this talk, we will describe how we were able to obtain a rare copy of SiliVaccine; how we reverse-engineered it, despite the hair-tearing obstacles; and what surprising discoveries we made about its program architecture – all the way down to the file scanning engine, the system level drivers, the user mode utilities, and the most bizarre and puzzling implementation details. As it turns out, there is plenty going on behind the scenes of this product, away from the public eye. How was SiliVaccine created? Who created it? What was the game plan? We will try to shed light on these questions, and on the sheer effort that must have gone into developing this product. If there is anything we learned from this research, it's that DPRK state-sponsored software is a secretive industry underlied by incredibly shady practices, and that if Kim Jong-Un sends you a free trial of his latest security solution, the correct answer is "thank you but no thank you". Disclaimer: No significant knowledge in reverse engineering is required to understand the talk. We break down our thought process and methodology to its very basics, so that this talk can relate to both technical and non-technical audiences. Another Disclaimer: We guarantee an entertaining talk. :) false Mark Lechtik Full technical publication of the research Slide deck of this talk, as presented in REcon Montreal 2018 A publication on the research from Forbes magazine (good non-technical summary) An even shorter summary from The Register https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9635.html /system/events/logos/000/009/635/large/hermies.png?1539503435 2018-12-27T16:10:00+01:00 16:10 00:40 Eliza 35c3-9635-scuttlebutt Scuttlebutt The decentralized P2P gossip protocol Resilience lecture en In this talk @zelf invites to the world of Scuttlebutt, the decentralized P2P gossiping protocol, and how it can be transformative for society through decentralization of data and enabling local community development. Scuttlebutt is a fast growing decentralized social network. As an alternative to the large corporate social networks it enables autonomy for the users and a free zone from big data harvesting. It’s based on a protocol (referred to as SSB) which connects the users via a blockchain styled base with each user functioning as a node. Since the information is collected via a 2 or 3 step social connection it’s completely usable while offline and syncs when connected to a local network, a friend or wifi. Scuttlebutt has a large community of users who together develop the protocol and platforms. Completely open-source there are many initiatives of projects, maintenance and explorations as part of the Scuttlebutt ecosystem. Some of these projects range from local community on-boarding by @luandro in Quilombola - Brazil, git-ssb by @cel, and even a chess interface! As the Scuttlebutt interface is interchangeable, with the one most widely used being Patchwork, there is a possibility to utilize the same network with multiple applications. Perfect for local communities in rural areas or for environments which require offline workability or simply for user with integrity, the potentials are grand. As of today the estimate is that the user base is beyond 8000 individuals, yet there's no way to surely know. We will explore the Scuttleverse and beyond. What is Scuttlebutt now, and and importantly, what can it enable society to become? false Zenna / zelf Scuttlebutt Manyverse - Mobile Client for Scuttlebutt https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9734.html /system/events/logos/000/009/734/large/GroupLogo.png?1539599370 2018-12-27T17:10:00+01:00 17:10 00:40 Eliza 35c3-9734-information_biology_-_investigating_the_information_flow_in_living_systems Information Biology - Investigating the information flow in living systems From cells to dynamic models of biochemical pathways and information theory, and back. Science lecture en How to apply Shannon's information theory to biology. Cells, from bacteria to human cells, constantly take up, store, retrieve, communicate and make decisions based on information. How they realise all this computation using very unreliable components is still largely an open question. Instead of transistors they have to employ proteins, but proteins constantly degenerate and are re-built making their numbers fluctuate. If cellular signalling is impaired severe diseases can be the result, for instance cancer or epilepsy. As cellular communication is so pervasive and essential, researchers start to look into this information flow in biological systems in more detail. My research group at the BioQuant centre, Heidelberg University, is also active in this area, an area which I would call Information Biology — the study of how biological systems deal with information. I will show you how you can apply Shannon's information theory to biological systems. For this we need three ingredients, namely dynamic models of biological pathways, stochastic simulation algorithms (that take into account intrinsic fluctuations in molecular numbers), and, of course, Shannon's theory of information. I will give brief and user-friendly introductions to these three ingredients. After that I am going to talk about a number of use cases, such as: <ul> <li>How much memory does a bacterium have? And how long can it remember things?</li> <li>How many bits per second can a liver cell process via its calcium signalling pathway?</li> <li>How must signalling pathways be constructed, structurally and dynamically, for certain stimuli to be decoded?</li> <li>and others…</li> </ul> I will also give links to (open source) software that is being developed in my group, which you can use to simulate and play around with biochemical pathways, and also to estimate information flows and do information biology. FYI: The research I am talking about here is part of a research area which is called Computational Systems Biology. Systems Biology is a field which studies biological systems not by reducing them to their constituent parts, such as single receptors, genes, molecular complexes etc., but by viewing them in the cellular or organismal context and, importantly, as (dynamic) systems. And Computational Systems Biology is Systems Biology done with the help of mathematical models and simulation/analysis algorithms. false Jürgen Pahle Research group homepage Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10009.html /system/events/logos/000/010/009/large/AFROROUTES__-_TEDx-_Praia_2018_%28Auszug%29.001.jpeg?1542300758 2018-12-27T18:10:00+01:00 18:10 00:40 Eliza 35c3-10009-afroroutes_africa_elsewhere Afroroutes: Africa Elsewhere VR experience "Beyond Slavery" Art & Culture lecture en Let's think "Beyond Slavery": Afroroutes is a one-of-a-kind VR experience conceived as a journey through 3 displaced African heritages, immersing users in Rituals and Ceremonies to experience that well-conserved memory form, but also to feel the power of Music as a strong anthropological tool. Connecting Afro-diasporic narratives: alterity and heritage transcendence within the digital era, Afroroutes is a trigger to open a crucial debate about diasporic identity. Afroroutes is a VR experience taking you to some burning key destinations where African culture has been displaced through slavery and then, rooted again. From Salvador to Bahia to Gujarat through Tangier, there is a common history. Based on this VR Experience, the debate should be extended around "Beyond Slavery".  What happened with the millions of displaced African men and women? Where are their descendants living today? Did their original culture and language disappear? How did their heritage contribute to building their new countries? How did the assimilation or rejection process go? How has this memory subsisted, and how is it lived and celebrated today? But also, how to assimilate that chapter of history and transform it into a real global narrative - is there what we call a "diasporic identity"? And if it is the case, how to build this identity within a global, disrupted world? How can digital tools push this storytelling process?   The medium "Virtual Reality" takes all its sense in this project, allowing an immersive and almost physical experience of those paths of slavery. This experience is triggered by music and sounds. Music is much more than a simple way of being together: it is the oral legacy of our intertwined culture. Music is such a powerful tool to explain and tackle the cultural dynamics of displaced heritage, but also as a most trustful narrative connector. false Sélim Harbi Afroroutes trailer https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9864.html /system/events/logos/000/009/864/large/pnxc_logo_bluemarine.png?1539635128 2018-12-27T19:10:00+01:00 19:10 00:40 Eliza 35c3-9864-a_routing_interregnum_internet_infrastructure_transition_in_crimea_after_russian_annexation A Routing Interregnum: Internet infrastructure transition in Crimea after Russian annexation Ethics, Society & Politics lecture en This lecture tells the story of Internet infrastructure transformations in Crimea, the peninsula disputed between Russia and Ukraine between 2014 and 2018. It is based on an extensive year-long study involving network measurements and interviews with key players. Crimea has become a "laboratory" where we can observe, in just 4 years, a rapid and profound transition of infrastructure, that deeply impacted the Internet Service Provider market, routing trajectories, Internet censorship practices in the region. Annexation has transformed the way Crimea is plugged to the "outer world" - in terms of peering and transit relations between various autonomous systems, creating a much more centralized infrastructure and monopolized market. This, in its turn, had an important impact for Crimean end-users - in terms of quality, speed, price of Internet service, as well as in terms of Internet censorship and various traffic anomalies that they experience. Moreover, server-side geoblocking by online payment platforms, Google Play, Apple and other important services, is imposed on Crimean users, because of international sanctions that have a controversial impact, including a risk of overblocking, further isolation of Crimean civil society and reinforcing a more general trend towards "balkanization" of the Internet(s). [1] This talk is based on a one-year long research conducted at Citizen Lab [2], using a mixed methods approach. On the one hand, we conducted network measurements with OONI probe [3], testing a set of URLs from Crimean vantage points, and comparing results with mainland Russia and Ukraine. We have done an analysis of BGP routing history, and AS neighbouring history, using data from RIPE and CAIDA in collaboration with researchers behind the "Internet Health Report" initiative [4] using the recently deployed methodology of "AS Hegemony Index" [5]. On the other hand, we conducted an extensive qualitative study, including interviews with Crimean ISPs, Ukrainian and Russian tech activists and representatives of RIPE and other Internet governance bodies; web-ethnography (analysis of professional chats and forums of Crimean / Ukrainian ISPs) and media analysis. We will briefly introduce the context of annexation from the point of view of Internet infrastructure, show an interactive timeline of events that have impacted Crimean Internet ecosystem. Then we will focus on the case of "Infrastructure interregnum", where Ukrainian and Russian traffic co-existed for a while. We will share our infographics, including video animation that demonstrates progressive "wiring" of Crimea to "Russian Internet". On the case of several Ukrainian ISPs we will show how routing becomes matter of dispute. We will question the role of international sanctions and geoblocking by Google, Apple and other big players, on Crimean Internet. Finally, we will conclude with observations of the effects of this infrastructure transition on the end-users, especially activists and journalists working in the region, in terms of their security and the way they experience censorship. We will also share our website [currently under final revisions, will be open to public by October 31, 2018] that presents results of our research in an accessible form for non-tech and non-academic audiences, but also contains longer reports and links for data and infographics that are open for downloading for further reusage, recycling and reading. [1] [Dalek et al., 2014] J. Dalek, B. Haselton, H. Noman, A. Senft, M. Crete-Nishihata, P. Gill, and R. J. Deibert. A method for identifying and confirming the use of URL filtering products for censorship. In 14th ACM Internet Measurement Conference (IMC), 2014. [2] Citizen Lab is an interdisciplinary research laboratory based at the University of Toronto, Canada. Citizen Lab studies information controls—such as network surveillance and content filtering—that impact the openness and security of the Internet. [3] https://ooni.torproject.org [4] https://ihr.iijlab.net/ihr/ [5] Romain Fontugne, Anant Shah, and Emile Aben. 2017. AS Hegemony: A Robust Metric for AS Centrality. In Proceedings of SIGCOMM Posters and Demos ’17, Los Angeles, CA, USA, August 22–24, 2017, 3 pages. https://doi.org/10.1145/3123878.3131982 false Xenia https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9654.html /system/events/logos/000/009/654/large/ICA-London.jpg?1539525271 2018-12-27T20:50:00+01:00 20:50 01:00 Eliza 35c3-9654-a_la_recherche_de_l_information_perdue A la recherche de l'information perdue some technofeminist reflections on Wikileaks Art & Culture performance en Performance lecture by Cornelia Sollfrank that makes a (techno-)feminist comment on the entanglements of gender, technology and information politics exemplified by the case of Julian Assange and Wikileaks. The artist takes us in her text assemblage on an adventurous trip into the realm of zeros and ones, of data and pure information, of ciphers, signifiers and figures. On the other side of reality we encounter suspected heroes, leaks and phreaks, engineers of escape who control our secret desires. Rape can be performed in many ways. In a state of total transparency: what shall we eat, when society feeds upon the repressed? Knowing yourself means knowing what to look for. The performance is a technofeminist comment on the wikileaks case, in particular the fact that Julian Assange has spent more than five years in confinement following a rape accusation. Instead of making a moral judgement, however, the performance uses and combines sources from information science, psychoanalysis, cultural studies, feminist studies and activism to embed the case is a wide cultural landscape in which gendered structures becomes more than obvious. The performance is divided into 9 chapters with headers such as Information, Organisation, Zeroes&Ones, Binary Worlds, Pure Difference, Cyberfeminism, Gender&Technology, Naked Information and Transparency, and creates a captivating atmosphere by the use of sound and visuals. false Coco Sollfrank Cornelia Sollfrank at ICA London https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10024.html /system/events/logos/000/010/024/large/01.jpg?1542036118 2018-12-27T22:10:00+01:00 22:10 01:00 Eliza 35c3-10024-tactical_embodiment Tactical Embodiment Activism and Performance In Hostile Spaces Online Art & Culture lecture en During her talk “Tactical Embodiment,” artist and activist Angela Washko will present several different strategies for performing, participating in and transforming online environments that are especially hostile toward women. She will introduce her long-term performative intervention “The Council on Gender Sensitivity and Behavioral Awareness in World of Warcraft” alongside several interventions, interviews, performances, written works and video games works she has created with the manosphere and online men’s seduction communities. In addition to walking the audience through her research, Washko will screen excerpts from her interview with a seduction coach who has been dubbed “The Web’s Most Infamous Misogynist” and highlight instructional DVDs, books, and hidden-camera videos created by a community of pick-up artists who teach men how to interact with and seduce women. The talk will close with an audience-participation based performative play-through of her most recent project “The Game: The Game,” a dating simulator video game presenting the practices of several infamous pick-up artists. During her talk “Tactical Embodiment,” artist and activist Angela Washko will present several different strategies for performing, participating in and transforming online environments that are especially hostile toward women. She will introduce her long-term performative intervention “The Council on Gender Sensitivity and Behavioral Awareness in World of Warcraft” alongside several interventions, interviews, performances, written works and video games works she has created with the manosphere and online men’s seduction communities. In addition to walking the audience through her research, Washko will screen excerpts from her interview with a seduction coach who has been dubbed “The Web’s Most Infamous Misogynist” and highlight instructional DVDs, books, and hidden-camera videos created by a community of pick-up artists who teach men how to interact with and seduce women. The talk will close with an audience-participation based performative play-through of her most recent project “The Game: The Game,” a dating simulator video game presenting the practices of several infamous pick-up artists. “The Game: The Game” is a video game presenting the practices of several prominent seduction coaches (aka pick-up artists) through the format of a dating simulator. In the game these pick-up gurus attempt to seduce the player using their signature techniques taken verbatim from their instructional books and video materials. The game sets up the opportunity for players to explore the complexity of the construction of social behaviors around dating as well as the experience of being a femme-presenting individual navigating this complicated terrain. false Angela Washko Artist Website Assistant Professor of Art, Carnegie Mellon University https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9446.html /system/events/logos/000/009/446/large/sdwan.png?1539171047 2018-12-27T23:30:00+01:00 23:30 01:00 Eliza 35c3-9446-sd-wan_a_new_hop SD-WAN a New Hop How to hack software defined network and keep your sanity? Security lecture en The software defined wide-area network is technology based on SDN approach applied to branch office connections in Enterprises. According to Gartner's predictions, more than 50% of routers will be replaced with SD-WAN Solutions by 2020. The SD-WAN can have firewalls and other perimeter security features on board which makes them attractive targets for attackers. Vendors promise "on-the-fly agility, security" and many other benefits. But what does "security" really mean from a hand-on perspective? Most of SD-WAN solutions are distributed as Linux-based Virtual Appliances or a Cloud-centric service which can make them low-hanging fruit even for script kiddie. Complexity of SDN creates additional security issues and cybersecurity pro should address it before an attack occurs. This presentation will introduce practical analysis of different SD-WAN solutions from the attacker perspective. Attack surface, threat model and real-world vulnerabilities in SD-WAN solutions will be presented. Detailed Outline: 1. SD-WAN overview a. SD-WAN in a nutshell b. Typical SD-WAN design overview c. Cloud, on premise, hybrid architecture d. Common technology stack (netconf, strongswan, DPDK, etc.) e. Customization, vCPE and VNF f. Security features Basic terminology, the essentials of SD-WAN architecture: declared advantages and implementation options. Customization approaches via tailored and 3rd party VNF and uCPE/vCPE. Overview of built-it and additional security features. 2. SD-WAN attack surface a. Management interfaces b. Local shells and OS c. Control plane and data plane separation d. Analytics-Controller-vCPE/uCPE-VNF communications e. Hypervisor and virtualization (VNF) separation f. Routing, IPSec Overlay g. Updates and Cloud features Technical analysis of data and control flow between major components in typical SD-WAN architecture (Orchestration – Controller – vCPE – VNF [and back]). Attack vectors, vertical and horizontal (for multi-tenant/managed service) privilege escalation scenarios. 3. Security Assessment a. SD-WAN as a (virtual) appliance b. Rooting the "box" c. Old school *nix tricks d. How I Learned to Stop Worrying and Love the Node.js e. Built-in security features f. Post-deploy "Forensics" g. SD-WAN Managed Services h. Top down, bottom up and lateral movement Practical SD-WAN security assessment cases, vulnerabilities (next summarized in "SD-WAN vulnerabilities" section), tips and tricks. 4. SD-WAN Offensive and Defensive toolkit a. Internet census b. SD-WAN vulnerabilities c. Attacks cases d. SD-WAN threat model e. Pentester and hardening checklists f. Buyer guide SD-WAN Internet census, Google/Shodan SD-WAN Cheat Sheet. Issues with cloud deployment and support (AWS, Azure). Publically know attack cases. Vulnerabilities in top 5 SD-WAN (depends on fixes, responsible disclosure in progress). 5. Conclusion/ Takeaways false Sergey Gordeychik SD-WAN New Hope project blog SD-WAN New Hope project Github SD-WAN New Hop slides 2018-12-27T10:45:00+01:00 10:45 00:15 Chaos West Bühne T3RMSP https://fahrplan.chaos-west.de/35c3chaoswest/talk/T3RMSP Opening der Chaos-West Stage Einfacher Slot mit optionalen Q+A de Opening der Chaos-West Stage Opening der Chaos-West Stage false Chaos-West 2018-12-27T11:00:00+01:00 11:00 00:30 Chaos West Bühne USG7KM https://fahrplan.chaos-west.de/35c3chaoswest/talk/USG7KM Opening [Streaming] Doppelter Slot 40 Minuten + 10 Minuten Q+A de Opening Streaming Opening Streaming true 35C3 2018-12-27T12:00:00+01:00 12:00 00:50 Chaos West Bühne 7LRXLM https://fahrplan.chaos-west.de/35c3chaoswest/talk/7LRXLM Security Expedition in b0rkenLand - Watch out! There are dangerous Security Problems Doppelter Slot 40 Minuten + 10 Minuten Q+A en 2018 started really well for the internet regarding computer security. Let's take care of it and bring it to a good end. A small travel from broken metal chunks to "undocumented user accounts" and other security holes. There will be a recap of security problems from well known and also lesser known products presented. IT resp. computer security is an interesting area. Not only for criminals but also for scientists, programmers and users. We all should know that 100% security does not exist. Therefore I would like to underpin this statement with this lecture. 2018 was a blast in case of security disasters. B0rken processors, authentification bypasses all around, behind every corner a Remote Code Execution waiting for you and sometimes even some 0days jumps out of nowhere. I want to review together with the audience the best security disasters from 2018. Maybe we can reveal some trends that are happening in the disaster industry. Besides having an entertaining lecture I want also reflect on consequences of such security failures and what we can hopefully learn about it. If the demo gods are not on holiday, I will present a live demo. You will probably see your software and hardware differently after this lecture. false Hetti Technical Computer Science student from Vienna with a passion for IT Security and geeky stuff. He is one of the board members of the finest Viennese Hackspace [Metalab](https://metalab.at/) . In his free time he enjoys travelling to community based IT Conferences. The [Viennese Cryptoparty](https://cryptoparty.at/) is organized by him, where he also holds lectures and workshops about a broad range of IT Security & Privacy topics. You can also find him at the [Chaos Computer Club Vienna (C3W)](https://c3w.at/) . On some weekends he is hunting flags with the successful academic CTF Team [We_0wn_Y0u](https://w0y.at/) . 2018-12-27T13:00:00+01:00 13:00 00:50 Chaos West Bühne KDYQEB https://fahrplan.chaos-west.de/35c3chaoswest/talk/KDYQEB Toll of personal privacy in 2018 Doppelter Slot 40 Minuten + 10 Minuten Q+A en We are well into 21st century and the all-digital promise land is just around the corner. What will happen to those of us who choose to retain our privacy by not joining the digital revolution? And most importantly how do we shape the revolution in a way that we can both reap the benefits brought to us by new technologies, while still keeping our private lives undisturbed? This talk is both scary and hilarious. It's about author's personal privacy choices that they made in the past and how those affected their life financially, socially and otherwise. Author also covers some more extreme choices they opted not to make and discusses what generally motivates one to care about their privacy. You'll learn about the dawn of loyalty cards, biometric passports, banking services, CCTV and more... We'll try to find out how to work for a better future and what can we all do to make life with privacy more bearable. false Kirils Solovjovs Mg. sc. comp. Kirils Solovjovs is the most visible white-hat hacker in Latvia having discovered and responsibly disclosed or reported multiple security vulnerabilities in information systems of both national and international significance. Kirils is one of the authors of the jailbreak tool for Mikrotik RouterOS. He has extensive experience in network flow analysis, reverse engineering, social engineering and penetration testing. 2018-12-27T14:00:00+01:00 14:00 00:50 Chaos West Bühne NZSH79 https://fahrplan.chaos-west.de/35c3chaoswest/talk/NZSH79 Die eigene Stimme hacken Doppelter Slot 40 Minuten + 10 Minuten Q+A de Die eigene Stimme ist sehr wichtig dafür wie eine Person von anderen am Telefon und im Alltag wahrgenommen wird. Das ist meist besonders für trans Personen wichtig die einen ungewollten Stimmbruch hinter sich haben. Der Vortrag orientiert sich daher an meinen eigenen Erfahrungen und versucht Grundlagen der Stimmbildung, der Stimmwahrnehmung und Ansätze zum Üben zu vermitteln. Der Inhalt des Vortrags orientiert sich besonders dran, eine femininer gelesene Stimme zu bekommen. Die eigene Stimme ist sehr wichtig dafür wie eine Person von anderen am Telefon und im Alltag wahrgenommen wird. Das ist meist besonders für trans Personen wichtig die einen ungewollten Stimmbruch hinter sich haben. Der Vortrag orientiert sich daher an meinen eigenen Erfahrungen aus den letzten anderthalb Jahren und versucht Grundlagen der Stimmbildung, der Stimmwahrnehmung und Ansätze zum Üben zu vermitteln. Der Inhalt des Vortrags orientiert sich besonders dran, eine femininer gelesene Stimme zu bekommen. false Leah Platzhalter. 2018-12-27T16:00:00+01:00 16:00 00:20 Chaos West Bühne HUCR9H https://fahrplan.chaos-west.de/35c3chaoswest/talk/HUCR9H GNUnet to the rescue! Einfacher Slot mit optionalen Q+A en GNUnet is a new network protocol stack for building secure, distributed, and privacy-preserving applications. You will learn which problems GNUnet can help to solve. This talk is a introductory talk to motivate you joining the workshops of the GNUnet assembly. GNUnet is a metadata-preserving foundation for your application, covering areas from addressing, to reliable bidirectional Axolotl-encrypted channels, with advanced routing. You will hear about * GNS, "a censorship-resistant, privacy-preserving and decentralized name system designed to provide a secure alternative to DNS, especially when censorship or manipulation is encountered." * CADET, "a new algorithm for establishing robust end-to-end transport-layer connections in completely self-organized networks with-out a central authority." * secushare, an application for distributed, privacy preserving, "real" social networking. false t3sserakt * secushare and GNUnet developer * privacy activist 2018-12-27T16:30:00+01:00 16:30 00:20 Chaos West Bühne JLPCPC https://fahrplan.chaos-west.de/35c3chaoswest/talk/JLPCPC Long range radio communication for everyone using LoRaWAN. Einfacher Slot mit optionalen Q+A en Having lots of ideas for wireless technical gadgets but your WLAN range is to short? Building a sensor network, but you are tired of wiring the sensors together? LoRaWAN could be the way out of those traps for your next project! Set up a single gateway, and you will be able to deploy a ton of devices in kilometres of range. And what is best, there is even a cooperative community about it. You will provide your neighbours with LoRaWAN, too! LoRa is a low power long range radio data transmission technology. LoRaWAN is a wide area network protocol on top of LoRa, that makes it easy to hook up lots of wireless, battery powered devices to the internet or to your personal server. We will introduce you to LoRaWAN, tell you what it can be used for, and how it works. With “the things network” there exists an open source community that aims at creating a global network for LoRaWAN devices. You can use it to have your own technical creations reach your server at home from wherever there is a gateway. You can set up your own gateways to help build that network and share the coverage created by you with the community. We are working with this technology on a daily basis at our jobs (at Lobaro GmbH [1], a small company creating industrial IoT solutions), and find that it has high potential in many geek/hobby/maker projects. With "the things network" [2] there exists a community based open source initiative for making it available (think "freifunk" for IoT), but still there is not much knowledge about it in the scene. It's a cool technology that people should know about! Our introductions will be centred around Arduino based hardware, which is what most are familiar with. We will also have a LoRaWAN TTN Gateway at our assembly (which is Deep Cyber [3]) along with some LoRaWAN devices, so that people who get interested by the talk and want to try out how it feels to work with the technology can come to our assembly and have a go at it. We are aware that there has been a talk about LoRa at 33C3 [4], but that had a totally different scope than ours. They focused on the modulation and how bits are physically transmitted. We want to talk about LoRaWAN, which is build on top of LoRa, and which provides an affordable and easy to use way of data transmission. [1]: https://www.lobaro.com/ [2]: https://www.thethingsnetwork.org/ [3]: https://www.deepcyber.de/ [4]: https://media.ccc.de/v/33c3-7945-decoding_the_lora_phy false Peer Springstübe I tried to get the most out of university by learning different aspects of computer science, with focus on embedded systems and machine learning, while also studying physics and philosophy. I'm currently working with industrial IoT, creating devices for existing problems instead of inventing problems to try and sell unnecessary solutions. Have an urge do create stuff with interesting technologies in my free time, so I try to keep some people around me, to do that together. Based in Hamburg. I'm heavily involved with the assembly Deep Cyber. Tobias Kaupat Ich beschäftige mich seit 2 Jahren im Umfeld Industrial IoT mit LoRa. Ich habe einen eigenen LoRaWAN Stack mit entwickelt und viel expertise über LoRaWAN von der Hardware-Entwicklung bis zum Appserver. 2018-12-27T17:00:00+01:00 17:00 00:50 Chaos West Bühne K39NLS https://fahrplan.chaos-west.de/35c3chaoswest/talk/K39NLS Wifi4EU - broken by technical specification Doppelter Slot 40 Minuten + 10 Minuten Q+A en With the Wifi4EU programm the EU is planning to spend 100 million € by 2020 to subsidise a centralized surveillance infrastructure for centers of public life in the EU. The talk will lay out how Wifi4EU is supposed to work both administratively and technically, where there are problems with the later and what is and can be done about it. Slides: https://zenodo.org/record/2527538#.XCUXplxKjIU With the [Wifi4EU programm [1]](https://www.wifi4eu.eu/) the EU is planning to subsidies the installation of free Wi-Fi with 120 million € until 2020. The installations are planned to be "... free of charge, free of advertising and free from commercial re-use of data. ..." [[2]](http://europa.eu/rapid/press-release_IP-18-2065_en.htm) and aim "... to equip every European village and every city with free wireless internet access around the main centres of public life. ..." [[1]](https://www.wifi4eu.eu/) Unfortunately the technical specifications implemented in the first call on the 7th - 9th of November [[3]](https://ec.europa.eu/digital-single-market/en/news/preliminary-results-1st-wifi4eu-call) tell a different story. So far 42 Million € are planned to be spend in a flawed design. Amongst other problems they include: * requirements for a centralized authentification infrastructure - like eduroam [[4]](https://ec.europa.eu/digital-single-market/en/faq/wifi4eu-questions-and-answers) (FAQ 23), * inherent IT security problems - embedded snippets in the captive portals [[4]](https://ec.europa.eu/digital-single-market/en/faq/wifi4eu-questions-and-answers) (FAQ 26) and * proprietary standards - hotspot 2.0. [[4]](https://ec.europa.eu/digital-single-market/en/faq/wifi4eu-questions-and-answers) (FAQ 27) Following a talk at the wireless community weekend in May this year [[5]](https://www.youtube.com/watch?v=YbPpK8_X9Qg) the talk will include: * a short introduction to the programm, * how it came to be, * what happend so far * the implications of the programm * what can be done to fix things. Besides contacting the european comission, several members of the european parlament and Klaus Landefeld of the eco [[6]](https://international.eco.de/people/klaus-landefeld/) we were able to get members of the german Bundestag to get interested in the issue [[7]](https://twitter.com/jimmyschulz/status/1060210780992356352). This led to a "schriftliche Anfrage" towards the Bundesregierung regarding the GDPR compliance of the authentification infrastructure, the situation is currently evolving. The talk aims to inform about the current state of affairs and hoefully foster a discussion during the congress what can and should be done to prohibit the creation of yet another surveillance infrastructure and what a desirable public Wi-Fi infrastructure should look like. false Little Detritus Freifunka aus Aachen der darüber nachdenkt wie man sowas antiquiertes wie Privatsphäre behalten kann. Diskutiert gerade gerne darüber wieso Wifi4EU - so wie gerade geplant - eine dumme Idee ist [1]. Man sich sonst Gedanken darüber wie Kryptographie im Zeitalter von Quantencomputern aussehen kann [2]. Teilt Albernes und Ernstes auf Twitter unter @LittleDetritus [1] https://www.youtube.com/watch?v=YbPpK8_X9Qg [2] https://video.fsmpi.rwth-aachen.de/cccac/6131 2018-12-27T18:00:00+01:00 18:00 02:00 Chaos West Bühne JGDLDW https://fahrplan.chaos-west.de/35c3chaoswest/talk/JGDLDW Haecksen Happy Hour Klangteppich de Party at the haecksen's (https://www.haecksen.org)! We invite all beings at the congress to enjoy two hours of electronic, rock, jazz, pop and downtempo beats with dj shroombab (https://m.soundcloud.com/shroombab). Party party! true Haecksen Die "Haecksen" sind der Zusammenschluss eines Teils der weiblichen* Mitglieder des Chaos Computer Clubs. Gegründet wurde die Gruppierung 1988 von Rena Tangens und Barbara Thoens. Die Haecksen treffen sich jährlich auf dem Chaos Communication Congress des CCC und veranstalten eigene Projekte. Da sie sich als virtueller Erfa-Kreis des CCC verstehen, ist ihr wichtigstes Kommunikationsmittel eine Mailingliste. Das Ziel der Haecksen ist es, zu zeigen, dass Mädchen* und Frauen* ganz selbstverständlich kreativ mit Technik umgehen können und dass das Bild in den Köpfen der Menschen - dass Hacker männlich sind - nicht stimmt. Hierbei verstehen wir unter Haecksen eine Gruppe aus Hackerinnen, die sich als Frauen* identifizieren. Dies umfasst cis und trans Frauen sowie nicht-binäre Menschen, die sich mit dem Label "Frau" wohlfühlen. Der Stern repräsentiert nicht nur diese Personengruppen, sondern auch die Tatsache, dass Geschlecht ein soziales Konstrukt (und damit überaus hackbar) ist. https://www.haecksen.org/mediawiki/index.php/Main_Page 2018-12-27T21:00:00+01:00 21:00 00:50 Chaos West Bühne AGSNQR https://fahrplan.chaos-west.de/35c3chaoswest/talk/AGSNQR Einfache Erkennung von fortschrittlichen Rootkits Doppelter Slot 40 Minuten + 10 Minuten Q+A de Ein Rootkit (englisch etwa: „Administratorenbausatz“; root ist bei unixähnlichen Betriebssystemen der Benutzer mit Administratorrechten) ist eine Sammlung von Softwarewerkzeugen, die nach dem Einbruch in ein Softwaresystem auf dem kompromittierten System installiert wird, um zukünftige Anmeldevorgänge (Logins) des Eindringlings zu verbergen und Prozesse und Dateien zu verstecken. Aufspüren von Schadsoftware durch Analyse des Datenverkehrs In unserem Talk beschreiben wir eine Methode, besonders gut getarnte (=virtualisierende) Rootkits sowie manipulierte Firmware (UEFI, BIOS, Netzwerkkarten- oder Grafikkarten-Firmware) zuverlässig zu entdecken. Hierzu wird ein Vergleich des erwarteten Datenverkehrs mit dem tatsächlichen Datenverkehr durchgeführt, um die Schadsoftware durch den von ihr initiierten Datenverkehr zu erkennen. Wir beschreiben, wie der Vergleich durchgeführt wird und wie die Daten erfasst und verglichen werden. Zudem beschreiben wir die Vor- und Nachteile des verwendeten Ansatzes, der im Zuge einer Masterarbeit entwickelt wurde. false Jennifer Roller christian schmidt-janssen christian schmidt-janssen 2018-12-27T22:00:00+01:00 22:00 00:50 Chaos West Bühne YKLGHA https://fahrplan.chaos-west.de/35c3chaoswest/talk/YKLGHA Die Faxgeräte im Zentrum der Macht Doppelter Slot 40 Minuten + 10 Minuten Q+A de Welche Bemühungen zur Digitalisierung des Bundestages gibt es, warum "ein Pad und ein Wiki" eben nicht ausreicht, was man noch so tun könnte und wofür man eigentlich immer noch Faxgeräte in der Politik braucht - darüber diskutieren Julia (Bundestag, netzpolitik.org, cihr.eu), Ijon (Bundestag, LOAD e.V.) und Walter (Open Knowledge Foundation), moderiert von Noujoum. In Fragen der Digitalisierung des Staates ist Deutschland weit hinter andere europäische Länder zurückgefallen, die Politik soll es jetzt (endlich) richten, ist aber selbst noch hoffnungslos analog. Die politischen Prozesse und bürokratischen Abläufe im Bundestag sind den Politiknerds Ijon, Noujoum und Julia als Mitarbeitende von Abgeordneten im Bundestag im Detail vertraut. Welche Bemühungen es gibt, warum "ein Pad und ein Wiki" eben nicht ausreichen, was man noch so tun könnte und wofür man eigentlich immer noch Faxgeräte in der Politik braucht - darüber diskutieren Julia (Bundestag, netzpolitik.org, cihr.eu), Ijon (Bundestag, LOAD e.V.) und Walter (Open Knowledge Foundation), moderiert von Noujoum. false ijon Julia Krüger 2018-12-27T23:00:00+01:00 23:00 00:50 Chaos West Bühne GBVHJT https://fahrplan.chaos-west.de/35c3chaoswest/talk/GBVHJT Geschichten aus der Cobol Gruft Doppelter Slot 40 Minuten + 10 Minuten Q+A de Das fast 60 Jahre alte Cobol wird noch heute von sehr vielen Banken und Versicherungen eingesetzt. Ich erzähle aus meiner langjährigen, nicht selten schmerzhaften, Erfahrung als Cobol-Entwickler in der Großrechner-Umgebung, heute unter anderem mit Blick auf die Security. Um auf die Sicherheitsaspekte eingehen zu können, stelle ich Cobol und die mir bekannte Großrechner-Umgebung kurz vor. Wie alt ist die Sprache, wo sind ihre Schwächen - hat sie Stärken? Warum nutzen Banken und Versicherungen bis heute Cobol und Großrechner-Umgebungen? Im zweiten Teil geht es um die Sicherheit der Sprache. Wie lohnenswert ist der Angriff auf Cobol-basierte Systeme? Wie leicht das Spiel für Angreifer? Wie läuft die interne Fehlersuche der DV? Und die Fehlerbehebung? Wie wird das Programmverhalten protokolliert? Können Großrechner-Umgebungen geschützt werden? Und wird entsprechender Schutz genutzt? Warum nicht? Abschließend der kleine Hoffnungsschimmer: Immer mehr Banken und Versicherungen wollen von Cobol auf modernere Programmiersprachen umstellen und - gezwungenermaßen - den Großrechner abschaffen. Ich berichte aus meiner Erfahrung, wie diese Umstellung in einer Versicherung läuft und was mögliche Probleme sind. Talk ist für Einsteiger mit Grundlagen in der Anwendungsentwicklung geeignet. Ihr müsst und wollt Cobol dafür nicht verstehen. false Habrok Ich bin Cobol-Entwickler in einer Großrechner-Umgebung - und als einer der jüngsten Spezialisten bei uns ist mein Job sicher... Solange Cobol und DB2 weiterhin nicht tot zu kriegen sind. 2018-12-27T11:00:00+01:00 11:00 00:30 ChaosZone DALFMM https://cfp.chaoszone.cz/35c3/talk/DALFMM livestream - Opening Ceremony Session 60min en Live stream of the 35C3 Opening Ceremony false livestream 2018-12-27T12:50:00+01:00 12:50 00:30 ChaosZone KYND3Y https://cfp.chaoszone.cz/35c3/talk/KYND3Y ChaosZone opening ceremony Session 60min de Welcome to ChaosZone at 35C3. Lets have a nice kickoff together. Learn and discuss about everything regarding ChaosZone at 35C3 and beyond. false nilo bigalex 2018-12-27T14:00:00+01:00 14:00 01:00 ChaosZone PUCEB3 https://cfp.chaoszone.cz/35c3/talk/PUCEB3 Früh übt sich -- Junghacker am Eigenbaukombinat Session 60min de Eine kurze Einführung in den Junghackertag am Eigenbaukombiant in Halle. Was machen wir dort? Was haben wir gemacht? Seit circa 2 Jahren treffen wir uns an jedem¹ 4. Samstag im Monat, um Kindern und Jugendlichen den Spaß am Umgang mit Elektronik, Bits und Bytes und Aspekte darum herum nahe zu bringen. In meiner kurzen Einführung möchte ich davon berichten, was gut läuft, wo wir Probleme sehen und wieso die Arbeit mit dem Nachwuchs nicht nur wichtig ist, sondern auch noch Spaß macht. ¹ Ausnahmen, wenn wir uns nicht treffen. false frlan Linux-Admin, Freie Software-Aktivist, Entwickler. Kurz gesagt: Klischee pur. 2018-12-27T16:00:00+01:00 16:00 01:00 ChaosZone GEBZBY https://cfp.chaoszone.cz/35c3/talk/GEBZBY Aenigma: The state-of-the-art, secure-by-default, one-touch-deployed XMPP server for everyone. Session 60min en After a short dive into the current state of instant messaging, we'll see how to take back our communications with aenigma, a fully standard-compliant and secure out-of-the-box xmpp server automation project. Follow us here: https://github.com/openspace42/aenigma Contact me here: nz [at] os [dot] vu [mail | xmpp | matrix/riot.im] false Nicolas North Founder at openspace, the new hackerspace in Milano, Italia. systems automation enthusiast and developer. 2018-12-27T17:30:00+01:00 17:30 01:00 ChaosZone U8YM3N https://cfp.chaoszone.cz/35c3/talk/U8YM3N Makertools im Labor - Über Raketentriebwerke und Beschleunigung Session 60min de Die Möglichkeiten moderner 3D-Drucker sind mannigfaltig. Komplexe Objekte lassen sich in kurzer Zeit von der digitalen Blaupause in die reale Welt bringen. Wir möchten die Möglichkeiten moderner 3D-Drucker im wissenschaftlichen Laborumfeld aufzeigen. Wie wäre es hochempfindliche Sensoren und Raketenantriebe damit zu drucken? Und da alles noch besser mit einem LASER wird, bauen wir diesen auch gleich mit ein. Raoul-Amadeus Lorbeer, Benjamin Ewers Deutsches Zentrum für Luft- und Raumfahrt, Institut für technische Physik, Stuttgart Wir zeigen einen Laserantrieb für Satelliten aus dem 3D-Drucker. Dabei wird der Treibstoff durch intensive Laserimpulse beschleunigt und generiert präzisen Schub. Soll der Antrieb zudem noch in einen Cube-Sat passen wird eine kompakte Bauweise obligatorisch. Dies wurde mittels 3D-Druck verwirklicht. Gesteuert wird der Antrieb mittels Mikrokontroller. Und da alles noch besser mit einem USB-Anschluss wird, bauen wir diesen auch gleich mit ein. Beschleunigungssensoren arbeiten häufig mit einer federnd gelagerten Masse, dessen Verschiebung kontinuierlich gemessen wird. Verschiebungen lassen sich hervorragend mit optischen Interferometern messen. Wir zeigen einen präzisen interferometrischen Beschleunigungssensor aus dem 3D-Drucker, natürlich mit LASER. Und da alles noch besser mit einem SDR (Software Defined Radio) wird, bauen wir dieses auch gleich mit ein. false Benjamin Ewers, Raoul-Amadeus Lorbeer 2018-12-27T19:30:00+01:00 19:30 01:00 ChaosZone MZWAKF https://cfp.chaoszone.cz/35c3/talk/MZWAKF a home among the stars: Galina Balashova, architect of the soviet space programme Session 60min en Galina Balashova was the main architect and designer for the soviet space programme. She designed the interieurs and visual identity of spacecrafts such as the Soyuz, Buran, and Mir. »Space stations are not only technical structures but architecture built amidst zero gravity.« Galina Balashova (b. 1931) is a self-described "architect-engineer" who spent almost 30 years working in the Soviet Space Programme. She designed the ergonomics, the colours & style and the typography of most soviet spacecrafts, including the Soyuz, the Salyut space stations, the Buran shuttle and the Mir space station. Her pioneering work in the field of zero-gravity architecture is still referenced today in the ISS and other spacecrafts. false aurora 2018-12-27T21:00:00+01:00 21:00 01:00 ChaosZone SVLSXP https://cfp.chaoszone.cz/35c3/talk/SVLSXP Erinnerungen an Wau Holland Session 60min de Erinnerungen an den Mitgründer des Chaos Computer Clubs, Wau Holland alias Herwart Holland Moritz Bin gern bereit, einige Geschichten aus dem Leben von Wau Holland zu erzählen. Und ich würde mich freuen, wenn zu dieser Session noch andere Leute sich zugesellen würden, die Wau vor oder während der Gründung des CCC kennen und schätzen gelernt haben. Und die meine Geschichten relativieren oder andere Geschichten beifügen könnten. Wau oder Herwart Holland-Moritz ist nun seit 17 Jahren tot. Seit 15 Jahren gibt es die Wau Holland Stiftung, die ein Archiv seines Nachlasses der Öffentlichkeit zugänglich machen soll und sein Lebenswerk weiter in Erinnerung bringen und vervollständigen soll. Ich möchte meine persönlichen Erinnerungen an ihn teilen und Menschen treffen, die auch ihre Erinnerungen an einen großartigen und innovatives intergalaktisches Wesen teilen möchten. false Ursula Kooke Na ja, über mich gibt es nicht viel zu sagen. Ich habe Wau kennen gelernt, als ich 18 war und wir gemeinsam Mathematik und Politik in Marburg studiert haben. Er war über lange Jahre bis zu seinem Tod mein bester Freund. Ich habe zeitweilig bei seinem Vater gelebt, der mich auch beauftragt, hat, Waus Nachlass zu verwalten, als Wau gestorben war. Und so habe ich gemeinsam mit Winfried Motzkus, Bernd Fix, Gerriet Hellwig und Mel Wahl auf der Beisetzungsfeier beschlossen, eine Stiftung zu gründen, habe als Stifterin diese errichtet und war die ersten Jahre auch Vorsitzende. Gab dann erst den Vorsitz und dann den Vorstandssitz 2007 ab. Ich bin Asperger Autistin und komme mit medizinischem Begleithund. Die Veranstaltung ist also nix für Hundehaarallergiker oder Paniker. 2018-12-27T22:30:00+01:00 22:30 01:00 ChaosZone GLMTRM https://cfp.chaoszone.cz/35c3/talk/GLMTRM Elektrogruselkabinett Session 60min de ich zeige Bilder meiner Urlaube, wo ich elektrische Installationen fragwürdiger Art fotografiert habe und erzähle ein wenig dazu. Im Prinzip dasselbe wie damals schon (https://log.koepferl.de/2017/12/29/34c3-elektrogruselkabinett/) Eine Diashow mit Erzählungen von teilweise abenteuerlichen Elektrokonstuktionen. false robert0k Softwareentwickler, Informatiker und Mitglied des chch.it Chemnitz 2018-12-27T10:00:00+01:00 10:00 00:50 OIO Vortrags-Arena CJQCCB https://pretalx.35c3oio.freifunk.space/35c3oio/talk/CJQCCB/ Introduction for oio stage helpers Talk 50min total (etwa 15min Q&A) en Come here if you want to help running the program on stage how to record how to use audio how to control lights false USJAK9 Andreas Bräu Freifunker since 2006 2018-12-27T10:55:00+01:00 10:55 00:30 OIO Vortrags-Arena 9ZHVHL https://pretalx.35c3oio.freifunk.space/35c3oio/talk/9ZHVHL/ OIO habour clean up - Day 1 OIO Housekeeping en daily OIO habour clean up daily OIO habour clean up false HUQ9YA 35c3oio@freifunk.space 2018-12-27T12:00:00+01:00 12:00 01:30 OIO Vortrags-Arena WNDAXJ https://pretalx.35c3oio.freifunk.space/35c3oio/talk/WNDAXJ/ Opening Session Talk 80min total (etwa 30min Q&A) en The official start of our orbit. With a keynote and a short introduction of all involved communities. false USJAK9 Andreas Bräu Freifunker since 2006 /media/35c3oio/images/DMQDTK/pic01-small.jpg 2018-12-27T14:00:00+01:00 14:00 00:50 OIO Vortrags-Arena DMQDTK https://pretalx.35c3oio.freifunk.space/35c3oio/talk/DMQDTK/ Freifunk IoT Talk 50min total (etwa 15min Q&A) de Bei diesem Talk stellen wir das Freifunk-IoT Projekt sowie seine Module vor, und zeigen generelle Möglichkeiten auf, das Freifunk-Netz nicht nur als Transitnetz zu verwenden, sondern auch smarte Sensoren einzubinden. Freifunk-IoT ist ein Projekt, welches ein Framework zum Einbinden von offenen Sensoren in Freifunk-Netze entwickelt und anbietet. Es gibt Ressourcen zu Hardware-Modulen wie Anleitungen und Platinenlayouts, und fertige Software für die Sensoren. Zusätzlich dazu stellt Freifunk-IoT ein serverseitiges Framework bereit, welches die Daten aggregiert, auswertet, visualisiert und wieder bereitstellt. In diesem Talk wird der aktuelle Stand des Projektes vorgestellt, sowie im Anschluss eine Diskussion zur Weiterentwicklung angeregt. false SZWSUS margau Student der Informationstechnik, Freifunk Stuttgart & begeisterter IoT-Bastler. JGZD9Q Hibas123 Hobby Entwickler, mit anscheinend zu viel Freizeit :) QFPHZF adnidor Mastodon: @adnidor@chaos.social /media/35c3oio/images/8GTXCY/DECT-612d-Eventphone-2000x1200.jpg 2018-12-27T16:00:00+01:00 16:00 00:50 OIO Vortrags-Arena 8GTXCY https://pretalx.35c3oio.freifunk.space/35c3oio/talk/8GTXCY/ Eventphone: früher, heute, morgen. Talk 50min total (etwa 15min Q&A) de Wir haben im letzten Jahr die Hard und Software des Phone Operation Center fast vollständig ersetzt. Der größte Schritt aus Benutzersicht war, die langen DECT Registrierungsschlangen gegen eine Selbst- oder Auto-Registrierungsfunktion zu tauschen. In einem Vortrag möchten wir zeigen was wir gemacht haben, warum wir agil arbeiten, wie eigentlich ein Minimum Viable Product (MVP) geht, welche Fehler wir gemacht haben und im Nachgang eure Fragen beantworten. false D8M8QM ST Kambor-Wiesenberg ST ist Künstler. Er hat eine Ausbildung zum Energieelektroniker absolviert, Informatik, Physik, generalistisches Management sowie bildende Kunst studiert und arbeitet neben seinen Kunstprojekten als Agile Coach und Scrum Master. Seit 2000 treibt er sich im Umfeld des Chaos Computer Club und den entsprechenden Veranstaltungen herum. Er ist Mitgründer der BlinkenArea und seit 2003 Teil des Eventphone Teams. /media/35c3oio/images/BRRGEK/end-to-end.png 2018-12-27T17:00:00+01:00 17:00 00:45 OIO Vortrags-Arena BRRGEK https://pretalx.35c3oio.freifunk.space/35c3oio/talk/BRRGEK/ End-to-end encryption for secure, zero-knowledge file sync & share Talk 20min total (etwa 5min Q&A) en In this talk I'll detail the Nextcloud End-to-end Encryption design, going through the steps of creating the private/public key pair, encrypting and syncing it, encrypting files and uploading them, adding devices to the trusted circle and so on. Nextcloud's E2EE is designed to protect user data from the server. The goal was to let users sync and share folders (and their contents) as easily as possible without the server ever having the ability to access the data. That rules out a web interface and has other limitations, but that's the price for knowing your server can't spy on you. It isn't and was never meant for ALL your data, as you should use a solution purely focused on E2EE instead! The nice features of Nextcloud, from online document editing to public sharing, will work on all your files except those you put in E2EE folders. The talk is reasonably technical - it doesn't delve in to code or algorithms but sticks to the general design and flow of data: how do we create and share public keys, how do we get the private key on another device without the server being able to access it, how do we encrypt files and share them and so on. false KMKHUZ Jos Poortvliet People person, technology enthusiast and all-things-open evangelist. Doing marketing at Nextcloud, previously Community Manager at ownCloud and SUSE, recovering business consultant with decade long involvement in the KDE community. Enjoys avoiding traffic and public transport on bike through Berlin, but only when the weather is good. Loves cooking for friends and family and playing with the dog. /media/35c3oio/images/XCU9PD/voidcoin.svg.png 2018-12-27T19:00:00+01:00 19:00 00:50 OIO Vortrags-Arena XCU9PD https://pretalx.35c3oio.freifunk.space/35c3oio/talk/XCU9PD/ State Of The Void Talk 50min total (etwa 15min Q&A) en Void Linux is a general purpose operating system based on the Linux Kernel. In this talk we'd like to give an introduction about Void, why we think our work matters and talk about the challenges that we were faced during the last year. false 7UUC7W Enno Boland An active member of the open source community since his teenage years. Former contributor of the Suckless project, then Node.js guy, now distribution maintainer. 2018-12-27T21:00:00+01:00 21:00 00:50 OIO Vortrags-Arena BJMGW8 https://pretalx.35c3oio.freifunk.space/35c3oio/talk/BJMGW8/ Detection of refugee boats on the Mediterranean with a drone by using FOSS Talk 50min total (etwa 15min Q&A) en As NGOs continuing searching the Mediterranean by boat and a few planes, it would be good to find additional effective ways to find people in distress in the sea. To be able to search a huge area in the Mediterranean its good to get more eyes in the sky. For this purpose I want to show you and discuss computer-vision approaches to detect refugee boats which are able to run on basic minicomputers (like the RPI) which are cheap enough to put on a simple drone. All done by using free open source software. Furthermore I want to present a dataset and the current codebase which enables you to help searchwing/seawatch to work on the topic false ZVA9RV Petrosilius ... 2018-12-27T16:00:00+01:00 16:00 01:20 OIO Workshop-Domo KFCQED https://pretalx.35c3oio.freifunk.space/35c3oio/talk/KFCQED/ Freifunk-Workshop: Was tun gegen den Admin-Mangel Workshop 80min de Diskussionsrunde: Ein Teil der Freifunk-Krise seit 2016 in vielen Communities ist die Admin-Fluktuation. Was sind wirksame Modelle dagegen? "Wenn Freifunk performed, dann hört man nichts. Und wenn es nicht läuft, dann gibt es Schimpfe" ist ein oft gehörtes Klagelied. Darüber hinaus: Solange es gut läuft werden von den "Routerverteilenden" immer mehr Geräte herausgestellt... bis es nimmer läuft. Und dann sind wieder die Admins schuld. Umgekehrt haben sich viele Admins über die Jahre ihre Standards so weit entwickelt, dass es für Dazukommende schwierig ist aufzuschließen, auch weil Dokumentation häufig allenfalls rudimentär und/oder veraltet ist. Welche erfolgreichen Konzepte gibt es und was gilt es besser zu vermeiden? true HFER8G Andreas Dorfer https://forum.freifunk.net/u/adorfer/ 2018-12-27T19:00:00+01:00 19:00 00:45 OIO Workshop-Domo MLQWXT https://pretalx.35c3oio.freifunk.space/35c3oio/talk/MLQWXT/ nerds go humanitarian aid Workshop 45min de Ein Workshop um Möglichkeiten aufzuzeigen, wie und wo sich Betätigungsfelder für Nerds, Geeks und Specialists im humanitären Bereich ergeben...operativ werden statt nur Geld spenden. false PFDWBY Sebastian CEO von CADUS e.V. /media/35c3oio/images/VWQJGS/transparent_0_0.png 2018-12-27T20:30:00+01:00 20:30 02:00 OIO Workshop-Domo VWQJGS https://pretalx.35c3oio.freifunk.space/35c3oio/talk/VWQJGS/ GNUnet e. V. Mitgliederversammlung Workshop 80min de Mitglieder Versammlung des GNUnet e. V. true RHHMVL xrs Mitglied des GNUnet e. V. 2018-12-27T12:00:00+01:00 12:00 00:45 WikiPakaWG Esszimmer NSU8Y8 https://cfp.verschwoerhaus.de/35c3/talk/NSU8Y8/ Orgameeting Tag 1 Meetup de true 33UT8A WikiPaka Orga 2018-12-27T13:00:00+01:00 13:00 01:30 WikiPakaWG Esszimmer GWJR9B https://cfp.verschwoerhaus.de/35c3/talk/GWJR9B/ Introduction to Wikidata and the Wikidata Query Service Talk en Discover Wikidata, the free knowledge base from Wikimedia, and learn how to work with it. false RE9MSE Lucas 8GDPPA Amir 2018-12-27T15:00:00+01:00 15:00 01:00 WikiPakaWG Esszimmer RRCVBW https://cfp.verschwoerhaus.de/35c3/talk/RRCVBW/ Datenpumpen-Hackathon #01 Workshop mit Gruppentischen de Explore the Data-Pump and build new Wikidata requests to visualise Free Knowledge and connected data. false 8XHJNS John RE9MSE Lucas 2018-12-27T16:30:00+01:00 16:30 01:00 WikiPakaWG Esszimmer BEANCH https://cfp.verschwoerhaus.de/35c3/talk/BEANCH/ Jugend hackt - Willkommen auf dem Congress! Meetup de true BWRH7E Daniel XN9PTD Paula VVLMZ9 Robert B9E7PX Ilona E3QEBQ Basti 9HQVHR Saadya 2018-12-27T18:00:00+01:00 18:00 01:30 WikiPakaWG Esszimmer YWXE7F https://cfp.verschwoerhaus.de/35c3/talk/YWXE7F/ Programmieren mit der Maus Workshop mit Standard-Bestuhlung de Werkstattbericht: Wie kam es zu Programmieren mit der Maus? Wie geht es 2019 weiter und gibt es Wünsche für Programmieren mit dem Elefanten? false NKKBZK P3nny 2018-12-27T19:45:00+01:00 19:45 00:30 WikiPakaWG Esszimmer WH3E9B https://cfp.verschwoerhaus.de/35c3/talk/WH3E9B/ Technikschulung Tag 2 für die WikipakaWG Workshop mit Gruppentischen de - true 8KKP9X robbi5 2018-12-27T20:30:00+01:00 20:30 02:00 WikiPakaWG Esszimmer ZAPYDL https://cfp.verschwoerhaus.de/35c3/talk/ZAPYDL/ Community Treffen Code for Germany Meetup de true LZAHGJ Michael 2018-12-27T15:00:00+01:00 15:00 01:00 WikiPakaWG Küche 7FRCLS https://cfp.verschwoerhaus.de/35c3/talk/7FRCLS/ Wikidata: help with queries Meetup en Additional space to address questions about Wikidata and the query service, if wanted. true RE9MSE Lucas 8GDPPA Amir 2018-12-27T18:00:00+01:00 18:00 01:30 WikiPakaWG Küche WGCR99 https://cfp.verschwoerhaus.de/35c3/talk/WGCR99/ The Things Network / LoRaWAN Meetup de Treffen der LoRaWAN / The Things Network Communities aus Deutschland. Kennenlernen, Erfahrungsaustausch, gemeinsame Projekte anschieben & Fachsimpeln. true GHKXRV Caspar https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10168.html 2018-12-27T14:00:00+01:00 14:00 03:00 Discodrama 35C3-ABFahrplan-10168-fairy_dust_-_day1 Fairy Dust - Day1 Rocket Away Music other en Modify the Fairy Dust! After standing in the cold rain and snow for too long, the Fairy Dust will find its place this time in the middle of the crowd at hall 5. A video installation will take place on the surface. This is a call for people, who can handle c4d files and have the bravery to put their vision on the symbol of the congress. The file attached to this event contains all information about the object, as well the position and lenses of the 4 projectors. Fell free to develop whatever you like. Keep in mind that the surface is very glossy and actually eats the light away. Rendered video best with HAP or MP4. In the hours between 2 pm and 5 pm on the days of the congress, there will be access to the video system, if you come around and have a device with HDMI out. Enjoy! Powered by PENTAKLON und Rico Rose Contact: privatlehrer[at]gmail[:]com false 35C3-template-ROCKET.c4d https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10049.html /system/events/logos/000/010/049/large/sui.jpg?1545328482 2018-12-27T18:00:00+01:00 18:00 02:00 Discodrama 35C3-ABFahrplan-10049-sui SUI Diverse Music Music djset en Sui likes the inconstancy of space affected by a diversity of sounds and people who drop in accidentally or with intent. All the emerging possibilities of such incidents are carefully sketched into a audible experience. This kind of soundvoyages evolving from slowly and fondly selected sounds and range from folklore to hiphop to field recordings to broken sounds. As she is not the best decision maker referring a genre, every sound that catches a curious ear and hits a heart needs to be played. A warm invitation to listen, hanging around lazily or to dance. false https://soundcloud.com/sofieheinz https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10112.html /system/events/logos/000/010/112/large/1654341_593106100763608_757469119_n.jpg?1545404961 2018-12-27T20:00:00+01:00 20:00 01:00 Discodrama 35C3-ABFahrplan-10112-das_weltweite_netzwerk_fur_ein_bedingungsloses_grundeinkommen Das weltweite Netzwerk für ein bedingungsloses Grundeinkommen Experimental Pop Music concert en »Das weltweite Netzwerk fur ein bedingungsloses Grundeinkommen« steht gekleidet im Blaumann mit beiden Beinen fest auf einem leeren Bierkasten und zersingt altbekannte Popsongs. Es vervielfaltigt einfältige Ohrwurmer so lange, bis sie Schwarmintelligenz entwickeln. Es transformiert beiläufges Nachgesumme in gänsehauterregende Opernchöre und Unterhaltungsgedudel in antikapitalistische Klagelieder. »Das weltweite Netzwerk für ein bedingungsloses Grundeinkommen« ist der bescheidene Name des Musikarbeiters und Medienkünstlers Tommy Neuwirth, der ganz alleine mit den Tönen und ihrer Herkunft jongliert, dass einem das taube Dahinhören vergeht und die Ohren des Publikums ihre vielfältigen Verbindungen zu verschiedensten Hirnregionen, zu den Lachmuskeln, den Tränensäcken und den Tanzbeinen entdecken. Neuwirth gönnt seinen Songs - oder soll man sagen: Musikkabarettnummern? - Nachdenkpausen, wenn die musikalische Konventionen sie voran peitschen wurden, er gebiert Melodien und überlässt sie sich selber und dem Publikum, wahrend er seine Aufmerksamkeit schon neuem Spielzeug widmet. Er trennt die Geräusche, die er als Performer live auf der Bühne hervorbringt magischerweise ab von den Bewegungen seines Körpers und synchronisiert sich mit erstaunlichstem. »Das weltweite Netzwerk fur ein bedingungsloses Grundeinkommen« alias Tommy Neuwirth lässt seinen skurrilen Humor seit 2012 in Form von Videos, Konzerten, Performances und Radio-Improvisationen auf die Menschen los. false www.tommyneuwirth.de https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10045.html /system/events/logos/000/010/045/large/954843_902544953129673_2577253257806048523_n.jpg?1545405145 2018-12-27T21:00:00+01:00 21:00 01:00 Discodrama 35C3-ABFahrplan-10045-melted_moon Melted Moon 8 Bit Electro Music concert en A black text on green background, scrolling towards the middle of the screen. Di-Dinnng! Gameboy: the electronic soul of the past. It flows across the dance floor like a flash in the fog. We are the symbiosis of man and machine, the pulse drives us, heartbeats counted in BPM, we make sounds out of waves and waves out of sounds, we turn music into emotions and emotions into music, from minimum to maximum, from techno to dubstep. The whole spectrum is dancing. Penetrating sounds move you, electrify you, and the bass is massaging your soul. 8-bit power saves your life. Give yourself a chance. Experience Melted Moon Melted Moon started in 2006, when Mathias combined his two hobbies (music and gaming) by converting Gameboys into instruments. Back then, Melted Moon was merely a solo project, which slowly but perceptively gained popularity in Aschaffenburg. Later, in 2012, his friend Stefan joined him, followed by Fabian in 2013. Stefan was more technically savvy, while Fabian brought a lot of musical know-how, and it took just half a year to find a label and release the first album, "Meltdown". Since the label (Kompuphonik) is affiliated with the well-known band "Welle:Erdball", who also use retro computer hardware to create their music, they came in touch with each other and Melted Moon now regularly performs as a sidekick on many large Welle:Erdball concerts. Melted Moon even officially played at "Rock am Ring" in 2016 - the largest open air festival of Europe - and has performed on Nintendoom (the largest chiptune festival on the European mainland) twice. Not only is Melted Moon known in the music scene - of course Nintendo had to hear about them - not only because of Mathias' conspicuous Nintendo tattoos. And so it came that Melted Moon is also often invited to make some noise at the Gamescom (the largest video games convention of the world) on Nintendo's stage, but Melted Moon is also an integral part of the ROCCAT raffle shows - every year since 2013 - as well as their daily performances on the retro stage in the Gamescom's family area. Also, the city festival of Aschaffenburg features Melted Moon every year on the most central stage of the town - the "5x4m ABhörn-Bühne". Melted Moon uses only original Gameboy hardware to make music. The Gameboys are, of course, modified with a so-called "pro sound mod" (audio output directly from the soundchip to eliminate noise from the volume control), a backlight for the LCD screen, Bluetooth transceivers as a wireless link cable, and MIDI-Out for additional hardware (like SID synthesizers). The software used by Melted Moon is called "Little Sound DJ", or LSDJ for short, which runs on flashable third-party cartridges. LSDJ is a tracker program with a "Live" mode, where sections in the four individual channels can be played and looped selectively (additional to some live editing and effects). false https://www.meltedmoon.de https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10091.html 2018-12-27T22:00:00+01:00 22:00 02:00 Discodrama 35C3-ABFahrplan-10091-konflikt Konflikt Techno/House Music djset en false https://soundcloud.com/herr-koreander https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10086.html /system/events/logos/000/010/086/large/VRIL_2019.jpg?1545251026 2018-12-28T00:00:00+01:00 00:00 01:00 Discodrama 35C3-ABFahrplan-10086-vril Vril Techno Live Set Music djset en Seemingly out of nothing, through dust and with no bang, VRIL appeared on the scene in 2010 with his debut on Giegling. His music made such beautiful noise that it instantly found his place on Marcel Dettmann’s selection for his “Conducted” CD. Also he was part of the Berghain05 Compilation in 2011. His sound is a search for the evergoing movement, exploring a never stopping energy. Once he catches you in his groove it will shine so bright you won’t be able to escape it. Tales of his harder sounding live sets being heard at DGTL, Awakenings, Fusion Festival, Berghain and all over the world. All sets share the same common feature that it was an as euphoric as energetic travel in sound. Since 2010 he was touring nonstop worldwide and had been to over 45 countries. The warmer and more slower side of VRILs sound he shows in Podcasts that are released yearly on sites like Resident Advisor, Dekmantel, XLR8R, Inverted Audio, etc. VRIL is also quite active in doing Remixes. For Percy X, Sterac, Suuns, Iori, HVOB to only name a few. His highly anticipated debut album on Giegling named “Torus” (2014) contained a lot of great surprises soundwise. The second Album „Portal“ (2015) (which had more functional sound) and also the 12inch called „Vortekz“ (2014) was realeased on Delsin Records. The same label where his third LP „anima mundi“ was released in late 2018. All Releases in 2018: VRIL -Haus- (12 inch on Giegling) VRIL -Omniverse- (12 inch on Dystopian) VRIL -anima mundi- (LP on Delsin Records). false https://soundcloud.com/vril_01 https://vrildelsin.bandcamp.com https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10114.html /system/events/logos/000/010/114/large/Steffen-Bennemann-1-by-Martin-Lovekosi_quad.jpg?1545310913 2018-12-28T01:00:00+01:00 01:00 02:00 Discodrama 35C3-ABFahrplan-10114-steffen_bennemann Steffen Bennemann Techno/House Music djset en Curator of Nachtdigital Festival, Holger Records and many events in his home city of Leipzig - among them: Acid Haus (allnighters in a dark foggy basement), Sleep In (indoors & outdoors Ambient sleepovers), Idiots (parties in various off-locations). false https://soundcloud.com/steffenbennemann https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10113.html /system/events/logos/000/010/113/large/Map.Ache-by-Thomas-Kru%CC%88ger-1068x527.png?1545310592 2018-12-28T03:00:00+01:00 03:00 01:00 Discodrama 35C3-ABFahrplan-10113-map_ache Map.ache House Live Set Music concert en Map.ache is Jan Barich, a Leipzig-based DJ-producer most widely known for his releases on Giegling, as part of the DJ duo Manamana, and work with KANN, the acclaimed imprint he runs with Alex Neuschulz (a.k.a. Sevensol) and Dennis Knoof (a.k.a. Bender). Promoting what they call "modern dance music," and with a discography that includes, among many other immensely talented artists, themselves, Traumprinz, and Falke, it's no surprise that the label is regarded so highly by deep house fans today. Barich's story has been partly told before: growing up in Leipzig, he began playing the drums aged 14 and subsequently became involved in two band projects, namely Diario and The Hands Of The Wrong People—the former of which was a real success. Steadily, throughout the mid-'90s, he became increasingly interested in electronica, in part down regular visits to Conne Island, an alternative youth cultural center that hosted a rich musical program ranging across the entire spectrum. "It [Conne Island] certainly shaped my musical personality," Barich reflects. Soon, however, he began attending illegal techno parties around the city, held in abandoned spaces in the twilight hours after Conne Island's doors had been closed. DJing and production started soon thereafter. He learned to do the former around the age of 14, though only started playing out in the early 2000s; while he taught himself the latter in 2003, inspired by the music he was being exposed too. He was, he says, a "shy bedroom producer" who lacked the self-confidence to share his music with labels, leading him to set up KANN in 2008 as an outlet for his productions and those of his partners. The imprint, without question, has been a success, seeing a wide number of wonderful releases and serving as a platform for Map.ache to share his work elsewhere: since quitting his job at Conne Island in 2014, the Leipzig-based artist has released a beautiful collection of musical works. He's certainly an artist on the rise, so what better time to catch up with him to reflect on his journey to date and plans for the future. false https://soundcloud.com/ache-map https://kann-records.com https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10111.html /system/events/logos/000/010/111/large/avatars-000146613399-bud282-t500x500.jpg?1545404839 2018-12-28T04:00:00+01:00 04:00 02:00 Discodrama 35C3-ABFahrplan-10111-rss_disco RSS Disco Disco/House Music djset en RSS DISCO (originally RSS Music Summary; later, two competing approaches emerged, which used the backronyms Really Simple Seduction and Relatively Serious Sequence respectively) is a type of continuous music feed which allows users and robots to access updates to recorded content in a standardized, computer-readable format. This feed can, for example, allow a dancer to keep track of many different tracks in a single night. Any fun aggregator can periodically check RSS Disco for new content, allowing the content to be automatically passed from the turntable to the soundsystem. This passing of content is called DJing. An RSS experience (called “set”, “mix”, or "performance") includes full frequencies, action and vibes. false https://soundcloud.com/rss https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10164.html 2018-12-27T10:00:00+01:00 10:00 01:00 Shutter Island 35C3-ABFahrplan-10164-start Start Expected Music meeting en All creatures welcomes each. false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10165.html 2018-12-27T11:00:00+01:00 11:00 01:00 Shutter Island 35C3-ABFahrplan-10165-moe Moe Mogreens Music djset en User:Mogreens false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10166.html 2018-12-27T12:00:00+01:00 12:00 01:00 Shutter Island 35C3-ABFahrplan-10166-fussil_moe Fussil & Moe Kick it. Get Punk* Music djset en false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10167.html 2018-12-27T13:00:00+01:00 13:00 01:00 Shutter Island 35C3-ABFahrplan-10167-fussil Fussil Fussel on the decks. Music djset en It is, what is it? false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10093.html 2018-12-27T14:00:00+01:00 14:00 03:00 Shutter Island 35C3-ABFahrplan-10093-mike_lait Mike Lait Music that feels like a warm blanket. Music djset en Mike Lait baut schon seit Jahren Deko auf dem Congress. Das kann er gut. Auch wirklich gut kann er Musik auflegen, die sich wie eine warme Kuscheldecke anfühlt. Mike Lait has been building deco at the congress for years. He's good at that. He is also good at put on music that feels like a warm blanket. false https://soundcloud.com/mikelait https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10094.html 2018-12-27T17:00:00+01:00 17:00 02:00 Shutter Island 35C3-ABFahrplan-10094-zuurb zuurb Chillgoldmine Music djset en zuurb ist eine wandelnde Chillgoldmine. Ob vor internationalen Größen Drum´n Bass Sets astrein abzuliefern oder stundenlang melanchonische Knusper-Piano-Flocken rieseln zu lassen, er kann es. zuurb is a walking chillgoldmine, whether to deliver drum´n bass sets in front of international stars or to let melanchonic crunchy piano flakes trickle for hours, he can do it. false https://soundcloud.com/zuurb https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10095.html 2018-12-27T19:00:00+01:00 19:00 02:00 Shutter Island 35C3-ABFahrplan-10095-timo_minmon Timo Minmon Minmon Kollektiv Music djset false https://www.minmon.de/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10096.html 2018-12-27T21:00:00+01:00 21:00 02:00 Shutter Island 35C3-ABFahrplan-10096-barbnerdy barbnerdy Basic chillout Music djset en barbnerdy ist Teil der Congresschillabteilung - ja man streitet sich auch mal und dann schaut man nach vorne und hört gemeinsam gute Musik mit viel Bass, das ist nämlich ihr Steckenpferd. --- barbnerdy is part of the congresschill department - yes argue happened sometimes and then we look forward and listen to good music together with a lot of bass, that's her hobbyhorse. false https://soundcloud.com/barbnerdy/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10097.html 2018-12-27T23:00:00+01:00 23:00 02:00 Shutter Island 35C3-ABFahrplan-10097-mohammed_atari Mohammed Atari Vinyl Spezialist Music djset en Mohammed Atari spielte mal in Hamburg seine Lieblingsschallplatten, als ein junges Mädchen an das DJ Pult herantrat und laut rief: “Tolle Musik spielst du!”. Er ist ein Mysterium und ja wir sind gespannt auf sein Set. --- Mohammed Atari was playing his beloved vinyls once in Hamburg when a young girl appeared and shouted “you play great music!”. He is a man of mystery and yes we are curious to listen to his set. false https://hearthis.at/mohammed-atari/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10098.html /system/events/logos/000/010/098/large/warden.png?1545255045 2018-12-28T01:00:00+01:00 01:00 02:00 Shutter Island 35C3-ABFahrplan-10098-gregoa Gregoa Mr. G. Music Music djset en Gregoa - Verkorkster Endvierziger mit Hang zu melancholischer Musik zwischen geschmeidigen bis stümperhaften Übergängen. Bislang unentdeckt, doch vom Chaos wegen der doch recht speziellen Musikmischung geschätzt. --- Gregoa - Corked up in his late forties with a tendency towards melancholic music between smooth and unprofessional transitions. So far undiscovered, but appreciated by the chaos because of the very special musical mixture. false https://hearthis.at/gregoa/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10099.html 2018-12-28T03:00:00+01:00 03:00 04:00 Shutter Island 35C3-ABFahrplan-10099-bidi_morelle Bidi & Morelle Swiss Fondue und Hamburger Jung' Music djset en Bidi - https://vannutt.ch/ ist direkt aus einem Casting einer italienisch-schweizerischen Koproduktion über psychidelische Aspekte nächtelanger Chillkultur und derer Interaktion mit heruntergepitchen Schlagersongs entsprungen und wie immer lange und spät dran. Morelle entstammt einem alten Hamburger Geschlecht der Musikpudel und hat sich mit seinen gerne auch über Stunden ziehenden Sets bei entsprechender Musikauswahl immer als einer der DJs erwiesen, der weiß, wie es geht. Musik die wohltuend ins Ohr aber auch in die Beine geht. --- Bidi - https://vannutt.ch/ is the direct result of a casting of an Italian-Swiss co-production on psychedelic aspects of night-long chill culture and its interaction with down-pitched folksongs and, as always, long and late. Morelle comes from an old Hamburg family of music poodles and with his sets, which can last for hours, has always proved to be one of the DJs who knows how to do it. Music that goes pleasantly into the ear but also into the legs. false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10146.html 2018-12-27T14:00:00+01:00 14:00 02:00 Compeiler 35C3-ABFahrplan-10146-rote_schule_music_workshop Rote Schule Music Workshop Workshop/Performance Music workshop en false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10120.html /system/events/logos/000/010/120/large/EselsAlptraum_1.jpg?1545595130 2018-12-27T16:00:00+01:00 16:00 01:00 Compeiler 35C3-ABFahrplan-10120-esels_alptraum Esels Alptraum Antifaschistisches Jodel Duo Music concert en Love Yodel - Hate Fascism "Jodeln klingt für Viele nach Heimatkitsch & Konservatismus - Nicht mit uns! Als Jodel-Delegation des 1. anarchistischen Traditions- und Folklorevereins jodeln wir gegen die Beschissenheit des Systems und für das gute, schöne, lustvolle Leben." false http://www.eselsalptraum.de https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10121.html /system/events/logos/000/010/121/large/1535626_619269164806791_1189704944_n.jpg?1545594520 2018-12-27T17:00:00+01:00 17:00 01:00 Compeiler 35C3-ABFahrplan-10121-form Form HipHop Music concert en form ist ein Gutmensch und macht Arschbombe in die Rapszene. Denn entgegen landläufiger Erwartungen muss man gar kein faschistoider, sexistischer Volltrottel sein, um zu rappen. HipHop ist very gut, vergesst das nicht! form ist ein sehr lebendiger Beweis dafür. Drum reihet euch ein, um auf der Achterbahn der Gutmenschlichkeit durch die Höhen und Tiefen der menschlichen Existenz zu rasen. Es knallt, versprochen. false http://www.fifaform.de https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10122.html /system/events/logos/000/010/122/large/lena_bio.jpg?1545410988 2018-12-27T18:00:00+01:00 18:00 01:00 Compeiler 35C3-ABFahrplan-10122-lena_stoehrfaktor Lena Stoehrfaktor HipHop Music concert en Lena Stoehrfaktor, rappende Underground-Größe aus Berlin, bringt sich seit 2004 mit rotzigen Styles in die karge HipHop-Landschaft ein. Seitdem entstanden 4 eigene Alben sowie 3 Crewalben mit "Conexion Musical". Außerdem wirkt sie in verschiedenen musikalischen Projekten mit. Seit ihren Anfängen ist sich Lena Stoehrfaktor treu geblieben. Die Themen ihrer Texte werden aus dem realen Leben gegriffen und in feinster Art und Weise auf Beats gelegt, die die Stimmung der Inhalte unterstreichen. false https://www.lenastoehrfaktor.de https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10123.html 2018-12-27T19:00:00+01:00 19:00 01:00 Compeiler 35C3-ABFahrplan-10123-koffer Koffer Punk (19:30-20:30) Music concert en Punk from Berlin false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10124.html /system/events/logos/000/010/124/large/0009954533_10.jpg?1545411278 2018-12-27T20:00:00+01:00 20:00 01:00 Compeiler 35C3-ABFahrplan-10124-warm_swords Warm Swords Garage Psy Rock (20:30-21:30) Music concert en Warm Swords is the "solo-project" of Regal's very own Caelan O'Flaherty. Born in New Zealand, raised in France, lived in Belgium and now living in Leipzig Germany where he found his live band featuring two members of The Staches. false https://warmswords.bandcamp.com https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10125.html /system/events/logos/000/010/125/large/page18-1000-full.jpg?1545410749 2018-12-27T22:00:00+01:00 22:00 01:00 Compeiler 35C3-ABFahrplan-10125-guts_pie_earshot Guts Pie Earshot DancePunk vs. DubTech / Hardcore vs. Punk'n'Bass Music concert en GUTS PIE EARSHOT are surely one of the most unusual modern bands who music-wise vaguely have something to do with punk/hardcore and in the same time breakbeat/techno. Their music is purely instrumental. This instrumentation may appear minimalist, only cello and drums are played, and yet the music conjures up entire new universes in the mind's eye - or ear. false http://www.gutspieearshot.de https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10126.html 2018-12-28T00:00:00+01:00 00:00 02:00 Compeiler 35C3-ABFahrplan-10126-hits_hits_hits Hits Hits Hits HitsPunkTrash Music djset en false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10127.html 2018-12-28T02:00:00+01:00 02:00 02:00 Compeiler 35C3-ABFahrplan-10127-miss_the_point Miss the Point Music djset en false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10128.html 2018-12-28T04:00:00+01:00 04:00 02:00 Compeiler 35C3-ABFahrplan-10128-monis_crew Monis Crew Music djset en false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10074.html /system/events/logos/000/010/074/large/2018-08-25_20.52.00.jpg?1545576403 2018-12-27T14:00:00+01:00 14:00 02:00 Uptime Bar 35C3-ABFahrplan-10074-otto_paul otto/paul Breakbeats, Pop, Electronic, Ambient Music djset en otto/paul appeared at the event horizon of Sagittarius A* where he began his journey to planet earth. While travelling through space & time he happened to meet ancient astronauts, superintelligences and multi-dimensional entities and collected their most different types of music. Currently on earth, otto/paul blends breakbeats, pop, electronic, ambient, tribal and slow rhythim from allover the galaxy to satisfy and enlighten the ears of mankind. false https://www.mixcloud.com/MartinOttoPaul/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10161.html 2018-12-27T16:00:00+01:00 16:00 02:00 Uptime Bar 35C3-ABFahrplan-10161-parole_emil Parole Emil! Music djset en false https://soundcloud.com/emil-torp https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10058.html /system/events/logos/000/010/058/large/avatars-000460064742-8nkpcj-t500x500.jpg?1545406404 2018-12-27T18:00:00+01:00 18:00 02:00 Uptime Bar 35C3-ABFahrplan-10058-psychedelic_duct_tape Psychedelic Duct Tape Ambient & more Music djset en false https://soundcloud.com/user-956219626 https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10116.html /system/events/logos/000/010/116/large/adelakram.jpg?1545311240 2018-12-27T20:00:00+01:00 20:00 02:00 Uptime Bar 35C3-ABFahrplan-10116-adel_akram Adel Akram Diverse Electronic Music Music djset en With a background in shaping landscapes and creating permacultural environments, Adel became a multidimensional and interdisciplinary artist creating visuals whilst exploring waveforms and rooms. As well as providing visuals for Herrensauna and AnnaMelina’s and Varg’s Flora project at atonalFestival, his music appears in the upcoming movie M/M by DrewLint. By launching ‘When Are We Now?’ Adel Akram takes the idea of a label as an archive to document his surrounding and the process of examination with different media, arts and questions about our current position in time. false http://timeandplace.net https://wawn.bandcamp.com https://soundcloud.com/adelakram https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10077.html /system/events/logos/000/010/077/large/123e-109b-4180-9a71-8c4a1880dba7.jpeg?1545406618 2018-12-27T22:00:00+01:00 22:00 02:00 Uptime Bar 35C3-ABFahrplan-10077-alexeyan Alexeyan D&B, Neurofunk Music djset en From the family... false https://www.mixcloud.com/Alexeyan/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10085.html /system/events/logos/000/010/085/large/avatars-000068578992-leteqv-t500x500.jpg?1545406859 2018-12-28T00:00:00+01:00 00:00 02:00 Uptime Bar 35C3-ABFahrplan-10085-tasmo Tasmo Bass&Drum Music djset en From the family... false https://tasmo.rocks/ https://soundcloud.com/tasmo/ https://twitter.com/_Tasmo https://hearthis.at/tasmo/ 2018-12-27T11:00:00+01:00 11:00 12:00 OIO Thementisch 1 Z98HRQ https://pretalx.35c3oio.freifunk.space/35c3oio/talk/Z98HRQ/ Freifunk IoT-Demo Präsentationsinsel (alle 3 Tage) de An dieser Präsentationsinsel wird das Konzept und verschiedene interaktive Ausstellungsstücke von Freifunk-IoT gezeigt. false SZWSUS margau Student der Informationstechnik, Freifunk Stuttgart & begeisterter IoT-Bastler. JGZD9Q Hibas123 Hobby Entwickler, mit anscheinend zu viel Freizeit :) QFPHZF adnidor Mastodon: @adnidor@chaos.social 2018-12-27T11:00:00+01:00 11:00 12:00 OIO Thementisch 2 Z37GSP https://pretalx.35c3oio.freifunk.space/35c3oio/talk/Z37GSP/ Seenotrettung Präsentationsinsel (alle 3 Tage) de Seenotrettungs-NGOs präsentieren ihre Arbeit, machen auf die Kriminalisierung von humanitärer Hilfe aufmerksam und freuen sich auf Gespräche und Austausch. false NFL8CT just humans Wir sind eine Gruppe politischer und humanitärer Aktivist*innen aus verschiedenen Organisationen. 2018-12-27T11:00:00+01:00 11:00 12:00 OIO Thementisch 3 HYJXWE https://pretalx.35c3oio.freifunk.space/35c3oio/talk/HYJXWE/ Lots of blinking stuff, Pixelflut and Intergalaktische Reisepässe Präsentationsinsel (alle 3 Tage) de Lots of blinking stuff and Pixelflut. Selling Intergalaktische Reisepässe We will populate a Presentation isle with blinking decoration and sculptures. Additionally we will provide a 40 Gb/s Pixelflut server. false VHNKEG tsys I'm a software developer/network administrator at Freifunk Kiel and active member of the Open Infrastructure Orbit Orga. /media/35c3oio/images/NVXWSM/who_owns_your_data.png 2018-12-27T11:00:00+01:00 11:00 12:00 OIO Thementisch 4 NVXWSM https://pretalx.35c3oio.freifunk.space/35c3oio/talk/NVXWSM/ Nextcloud Präsentationsinsel (alle 3 Tage) en We're the Nextcloud community (nextcloud.com/yourdata/) and we're here to meet people and chat about self-hosting, decentralization, federation, and many more topics! We can also show you Nextcloud demos, help you to get involved in our community, and of course, tell you everything about our new Nextcloud Include diversity program! false KMKHUZ Jos Poortvliet People person, technology enthusiast and all-things-open evangelist. Doing marketing at Nextcloud, previously Community Manager at ownCloud and SUSE, recovering business consultant with decade long involvement in the KDE community. Enjoys avoiding traffic and public transport on bike through Berlin, but only when the weather is good. Loves cooking for friends and family and playing with the dog. F3SR8V shiro I'm shiro (shiromarieke.github.io) and I work on Nextcloud :) 2018-12-27T11:00:00+01:00 11:00 12:00 OIO Thementisch 5 NXGJRN https://pretalx.35c3oio.freifunk.space/35c3oio/talk/NXGJRN/ Global Innovation Gathering Präsentationsinsel (alle 3 Tage) en GIG, the global network of social and technological innovators is bringing its members and their projects to the Congress for a showcase and interactive workshops - will follow - false R8T8AG GIG – Global Innovation Gathering tl;dr: GIG is the global network of social and technological innovators. #wearegig Global Innovation Gathering (GIG) is a vibrant, diverse community of innovation hubs, makerspaces, hackerspaces and other grassroot innovation community spaces and initiatives as well as individual innovators, makers, technologists and changemakers. GIG is pursuing a new vision for global cooperation based on equality, openness and sharing. We aim to enable more diversity in the production of technology, and global innovation processes and support open and sustainable solutions developed by grassroot innovators. With strong roots in the global south, we share, collaborate and work together globally. GIG provides a platform for meaningful exchange by fostering knowledge exchange and collaboration between its members. /media/35c3oio/images/W9G9FB/IMG_20181128_2313400.jpg 2018-12-27T11:00:00+01:00 11:00 12:00 OIO Thementisch 6 W9G9FB https://pretalx.35c3oio.freifunk.space/35c3oio/talk/W9G9FB/ Freifunk Event Installationen und autarke Installationen Präsentationsinsel (alle 3 Tage) de Freifunk temporär für kleine, mittlere und große Veranstaltungen. Freifunk kabelungebunden autark betreiben. Die Präsentation von Freifunk Düren zeigt zwei Dinge, einmal, wie Freifunk für Veranstaltungen angeboten werden kann und wie eine Versorgung ohne Kabelanbindung mit Strom und Mobilfunk möglich ist. Freifunk Düren hat vier Jahre Erfahrungen dazu sammeln können, wie auf Events bis zu 300 Clients versorgt werden und wie praxisnah Sachen funktionieren oder nicht. Ursprünglich war das Equipment groß und schwer. Wir zeigen, wie die Installationen so klein werden können, dass das Kisten schleppen entfällt und der Stromverbrauch so niedrig wird, dass mit Solarzellen kleineren Ausmaßes oder Powerbank der Betrieb funktioniert. Vom handlichen Freifunk2go mit LTE Stick für 30 Clients, um Freifunk in öffentlichen Verkehrsmitteln oder im Park mobil zu realisieren, bis zu einem mobilen LTE Offloader für 300 Clients, werden wir unserer Geräte zeigen. Auch die Aussicht, irgendwann Freifunk auf der Annakirmes anbieten zu können, einem Event in Düren mit bis zu 50.000 Menschen, die gleichzeitig auf dem Kirmesplatz sind, können wir berichten, was dafür benötigt wird. Der Stadt Düren konnten schon erste Vorschläge gemacht werden, die Orientierung dazu ist das WLAN auf dem Congress. false JGBAWZ Matthias Schmidt Seit September 2014 aktiv bei Freifunk Düren und Aachen. https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9744.html 2018-12-28T11:30:00+01:00 11:30 01:00 Adams 35c3-9744-inside_the_fake_science_factories Inside the Fake Science Factories Science lecture de This talk investigates fake science factories; international twilight companies whose sole purpose is to give studies an air of scientific credibility while cashing in on millions of dollars in the process. We present the findings, outcomes and methodology from a team of investigative journalists, hackers and data scientists who delved into the parallel universe of fraudulent pseudo-academic conferences and journals. The story was published in Germany (ARD and Süddeutsche Zeitung Magazin) in mid of July and then went around the world. How did it begin? What did we learn in the process? And: What happened since the story got published? Until recently, fake science factories have remained relatively under the radar, with few outside of academia aware of their presence; but the highly profitable industry has been growing significantly in the last five years and with it, so are the implications. To the public, fake science is often indistinguishable from legitimate science, which is facing similar accusations itself. We expose the scale and value of two fake science operations: Well-known institutions and professors who abuse this route of publication for personal gain and the deadly consequences when the public believe in fake cures or weird discoveries that seem scientific at a very first glance. Beyond the pressure to publish, we find varying motivations from paid vacations and promotions to obtaining stipends and research grants. Our findings highlight the prevalence of the pseudo-academic conferences, journals and publications and the damage they can and are doing to society. For 35C3 we did some extra analytics and will publish new numbers, how pseudo-academic publishing has dropped since the story got out in several countries in July 2018. false @sveckert @tillkrause Peter Hornung https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9975.html /system/events/logos/000/009/975/large/Jahresrueckblick18.png?1545577737 2018-12-28T12:50:00+01:00 12:50 02:20 Adams 35c3-9975-jahresruckblick_des_ccc_2018 Jahresrückblick des CCC 2018 Refreshing Memories CCC lecture de Biometrische Videoüberwachung, Hausdurchsuchungen, Polizeiaufgabengesetze, Staatstrojaner und ganz viel Cyber: Wir geben einen Überblick über die Themen, die den Chaos Computer Club 2018 beschäftigt haben. Neben der Zusammenfassung und der Rückschau auf das vergangene Jahr wollen wir aber auch über zukünftige Projekte und anstehende Diskussionen reden. false Linus Neumann Constanze Kurz frank erdgeist nexus https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9791.html 2018-12-28T16:10:00+01:00 16:10 01:00 Adams 35c3-9791-the_surveillance_state_limited_by_acts_of_courage_and_conscience The Surveillance State limited by acts of courage and conscience An update on the fate of the Snowden Refugees Ethics, Society & Politics lecture en An update on the circumstances of the Snowden Refugees will be provided at the 35C3 event and venue in December 2018. There have been many significant events and incidents during 2018, and some of these will be disclosed at the talk. Updates will provided on the Snowden Refugees appeals in Hong Kong and their refugee claims with Canada. There will also be disclosures on continued surveillance and harassment by the Hong Kong authorities. false Robert Tibbo https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9723.html /system/events/logos/000/009/723/large/Element_2.png?1543960831 2018-12-28T17:30:00+01:00 17:30 01:00 Adams 35c3-9723-smart_home_-_smart_hack Smart Home - Smart Hack Wie der Weg ins digitale Zuhause zum Spaziergang wird Security lecture de GERMAN: Mehr als 10.000 unterschiedliche Device-Hersteller aus aller Welt verwenden die Basis-Plattform (WIFI-Modul, Cloud, App) eines einzigen Unternehmens zur technischen Umsetzung ihrer Smart-Home-Produkte. Die Analyse dieser Basis zeigt erhebliche Sicherheitsmängel auch konzeptioneller Natur und somit diverse Angriffspunkte, von denen mehrere Millionen Smart Devices betroffen sind. Der Vortrag stellt die Funktionsweise smarter Geräte im Zusammenhang mit der genannten Basis-Plattform dar, zeigt das Ausmaß der Sicherheitslücken anhand diverser Angriffsszenarien und bietet der Community eine Lösung für die sichere Nutzung der betroffenen Geräte. ENGLISH: More than 10,000 different device manufacturers from all over the world use the basic platform (WIFI module, cloud, app) of a single company to technically implement their smart home products. The analysis of this base shows considerable security deficiencies, also of a conceptual nature, and thus various points of attack, which affects millions of smart devices. The lecture will present the functionality of smart devices in relation with the above-mentioned basic platform, show the extent of the security gaps using various attack scenarios and offer the community a solution for the secure use of the affected devices. GERMAN: Für die dem Vortrag zu Grunde liegenden Tests wurden verschiedenste Glühbirnen und Steckdosen verschiedener Hersteller bestellt und untersucht. Dabei fiel sofort auf, dass sehr oft ein ESP8266 (sehr kostengünstiger 32-Bit-Mikrocontroller mit integriertem 802.11 b/g/n Wi-Fi) der chinesischen Firma espressif verwendet wird. Weitere Untersuchungen zeigten, dass neben dem verwendeten WIFI-Modul, unabhängig vom aufgedruckten Hersteller der Smart-Devices, auch dieselbe Cloud, sowie die gleiche Basis-App eines chinesischen IoT-Modul-Herstellers verwendet wird. Diese Basis-Plattform ermöglicht somit jedem weltweit in kürzester Zeit selbst zum Reseller von bereits fertigen Produkten, wie „Smart Bulbs“ und „Smart Plugs“ zu werden, oder seine ganz eigenen Smart-Devices auf den Markt zu bringen, auch ohne den Besitz tieferer technischer Kenntnisse bezüglich IoT oder IT-Sicherheit. Die Analyse der "Smart"-Devices, die diese Basis-Plattform verwenden, ist allgemein erschreckend. Einfachste Sicherheitsregeln werden nicht befolgt und es gibt gravierende systematische und konzeptionelle Mängel, die stark zu Lasten der Sicherheit der Endanwender gehen. Aufgrund der einfachen Möglichkeit des Bezugs und Inverkehrbringens solcher Smart-Devices sind ganz neuartige kriminelle Konzepte denkbar, die auch ohne großes Experten-Hacker-Wissen in die Tat umgesetzt werden könnten. Der Vortrag stellt die Funktionsweise der untersuchten smarten Geräte im Zusammenhang mit der verwendeten Basis-Plattform dar und zeigt das Ausmaß der Sicherheitslücken anhand diverser Angriffsszenarien. Abschließend wird eine Lösung des Sicherheitsdilemmas bei der Verwendung betroffener Smart-Devices angeboten, welche die sichere Nutzung dieser Geräte im eigenen Zuhause, auch für Nichtexperten, möglich macht. ENGLISH: For the tests on which the lecture is based, various light bulbs and sockets from different manufacturers were ordered and tested. It was immediately noticed that an ESP8266 (very cost-effective 32-bit microcontroller with integrated 802.11 b/g/n Wi-Fi) from the Chinese company espressif is very often used. Further investigations showed that the same cloud and the same basic app from a Chinese IoT module manufacturer are used in addition to the WIFI module used, regardless of the printed manufacturer of the smart devices. This basic platform gives anyone worldwide the possibility to become a reseller of already finished products, such as "Smart Bulbs" and "Smart Plugs", or to bring their own smart devices onto the market in the shortest possible time, even without having in-depth technical knowledge of IoT or IT security. The analysis of the "smart" devices using this basic platform is generally frightening. The simplest security rules are not followed and there are serious systematic and conceptual shortcomings, which strongly affect the security of end users. Due to the simple possibility of obtaining and placing such smart devices on the market, completely new criminal concepts are conceivable that could be put into practice even without a great deal of expert hacker knowledge. The talk presents the functionality of the examined smart devices in relation with the basic platform and shows the extent of the security gaps on the basis of various attack scenarios. Finally, a solution to the security dilemma of using affected smart devices is offered, which makes it possible for even non-experts to safely use these devices in their own homes. false Michael Steigerwald Smart Home Smart Hack https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9999.html /system/events/logos/000/009/999/large/ID-Karim-2-2.jpg?1542118431 2018-12-28T18:50:00+01:00 18:50 01:00 Adams 35c3-9999-the_enemy The Enemy War, Journalism, VR Art & Culture lecture en The Enemy brings you face-to-face with combatants from three conflict zones: with the Maras in Salvador, in the Democratic Republic of the Congo, and in Israel and Palestine. Their testimonies and confessions about their lives, experiences, and perspectives on war will allow you to better understand their motivations… and their humanity. The Enemy by Karim Ben Khelifa, a groundbreaking interactive Virtual Reality (VR) exhibition, and immersive experience, makes its North American premiere at the MIT Museum. Through 360-degree imaging and recordings, participants will encounter combatants on opposite sides of conflicts in Israel/Palestine, the Congo, and El Salvador. In their own words, each will offer personal perspectives on war, including thoughts on motivations, suffering, freedom, and the future. The exhibition incorporates concepts from artificial intelligence and cognitive science-based interaction models. Conceived by acclaimed photojournalist Karim Ben Khelifa, this ambitious project was further developed during a visiting artist residency at MIT hosted by MIT’s Center for Art, Science & Technology (CAST) and in collaboration with MIT Professor D. Fox Harrell. false Karim Ben Khelifa The Enemy https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9463.html /system/events/logos/000/009/463/large/Bildschirmfoto_2018-09-28_um_09.53.44.png?1538121257 2018-12-28T20:50:00+01:00 20:50 01:00 Adams 35c3-9463-attacking_end-to-end_email_encryption Attacking end-to-end email encryption Efail, other attacks and lessons learned. Security lecture en In this talk, I’ll present several attacks that leak the plaintext of OpenPGP or S/MIME encrypted emails to an attacker. Some of the attacks are technically interesting, i.e. the two different efail attacks, some are somewhat silly, yet effective. Some abuse HTML emails, some also work with plain ASCII emails. Furthermore, I’ll discuss our lessons learned and describe the efail-related changes to mail clients and the OpenPGP and S/MIME standards. Email remains the least common denominator when two or more people communicate over the Internet. While many modern messengers use end-to-end (e2e) encryption by default, email relies on transport encryption among email servers, which offers a much weaker protection. OpenPGP and S/MIME are two competing standards that bring e2e encrypted communication to email. While S/MIME is mostly used in corporate environments and built into many of the widely used email clients, OpenPGP often requires that users install additional software and plugins. Both technologies never reached large deployment, mostly because both suffer from a range of usability issues. However, it is commonly assumed that if one manages to use OpenPGP or S/MIME to encrypt emails, it is very secure. In this talk, I’ll discuss several attacks that leak the plaintext of OpenPGP or S/MIME encrypted emails to an attacker. Some of the attacks are technically interesting, i.e. the two different efail attacks, some are somewhat silly, yet effective. Some abuse HTML emails, some also work with plain ASCII emails. The disclosure of the efail vulnerabilities caused a lot of stir in the press and the community, which also led to confusion about how the vulnerabilities work, about the mitigations and about the consequences for the OpenPGP and S/MIME standards. I’ll discuss our lessons learned and describe the efail-related changes to mail clients and the OpenPGP and S/MIME standards. false Sebastian Schinzel The efail attacks. Efail paper (USENIX Security 2018) Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10030.html 2018-12-28T22:10:00+01:00 22:10 01:00 Adams 35c3-10030-the_ghost_in_the_machine The Ghost in the Machine An Artificial Intelligence Perspective on the Soul Art & Culture lecture en Artificial Intelligence gives us a uniquely fascinating and clear perspective at the nature of our minds and our relationship to reality. We will discuss perception, mental representation, agency, consciousness, selfhood, and how they can arise in a computational system, like our brain. Cognitive Science describes our mind by identifying it as a particular kind of machine, a generally intelligent computer built from a nervous system embedded into the body of a social primate. Intelligence can be understood as a system's ability to create models, usually in the service of regulating the interaction of this system with its environment. But how does such regulation give rise to a sense of self and conscious awareness? This is the fifth installment on the series From Computation to Consciousness, which covers philosophy of mind, epistemology, the nature of consciousness, the emergence of social structure and the relationship between mind and universe using concepts from computer science and Artificial Intelligence. false Joscha https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10010.html 2018-12-28T23:30:00+01:00 23:30 01:00 Adams 35c3-10010-die_eu_und_ihre_institutionen Die EU und ihre Institutionen Ethics, Society & Politics lecture de Ein kurzer Grundlagenabriss über die Institution der Europäischen Union, insbesondere zur Funktionsweise und Zusammenarbeit Welche Institutionen gibt es? Welche Rollen haben sie? Wie sind die Machtverhältnisse? Was läuft gut? Was läuft schlecht? tbc false Dustin Hoffmann https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10038.html 2018-12-29T00:30:00+01:00 00:30 01:00 Adams 35c3-10038-meine_abenteuer_im_eu-parlament Meine Abenteuer im EU-Parlament Ethics, Society & Politics lecture de Bei der Europawahl 2014 wurde ich als Spitzenkandidat der Partei für Arbeit, Rechtsstaat, Tierschutz, Elitenförderung und basisdemokratische Initiative in das Europäische Parlament gewählt. Seit Juli 2014 bin ich dort Mitglied im Ausschuss für Kultur und Bildung, in der Delegation für die Beziehungen zur Koreanischen Halbinsel und war stellvertretendes Mitglied im Haushaltskontrollausschuss bis Juni 2015. Seit Januar 2017 bin ich stellvertretendes Mitglied im Ausschuss für auswärtige Angelegenheiten. In diesen Rollen erlebe ich so manches Abenteuer. true Martin Sonneborn https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9566.html /system/events/logos/000/009/566/large/yG2ahUfL_400x400.jpg?1543064858 2018-12-28T11:30:00+01:00 11:30 02:20 Borg 35c3-9566-lightning_talks_day_2 Lightning Talks Day 2 CCC lecture en Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick! Did you think that the thrill of sharing your ideas in front of a huge audience at a C3 was something you'd never experience? Do you work on a cool project and want to get the word out? Was your talk one of the hundreds that got rejected? Did you come up with an awesome hack that you need to share? Go ahead and enter your Lightning Talk now! The 35C3 Lightning Talks consist of three fast paced sessions which are perfect for pitching new software or hardware projects, exploits, creative pranks or strange ideas you need to get out to a global audience. Even if you don't have an awesome idea or project to share, a Lightning Talk is perfect for pitching your Assembly, your workshop or even a longer talk you'll give as a self-organized session. Your five minutes of fame! For registration and schedule info, please check out https://c3lt.de/35c3 false gedsic bigalex Registration and schedule Congress Wiki Page https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9419.html 2018-12-28T14:10:00+01:00 14:10 01:00 Borg 35c3-9419-explaining_online_us_political_advertising Explaining Online US Political Advertising Ethics, Society & Politics lecture en Over the summer Facebook, Google, and Twitter have started making transparent United States political ads shown on their platforms. We have been collecting and analyzing these political ads to understand how candidates, elected officials, PACs, non-profits, for-profit companies, and individual citizens are disseminating U.S. political content using these advertising platforms. Based on our analysis we will explain how major political sponsors are using online advertising system to send microtargeted messages to different audiences. We will also explain the messages, targetting, goals, spending, and impressions for major US political advertisers. As part of our project to improve the transparency of online political advertising, we have publically released our data and tools for others to analyze online political ads. This will be a talk about improving the transparency of online political advertising. We will start by describing the online political advertising transparency efforts that Facebook, Google, and Twitter have implemented. We will next explain how we collected data from each of these efforts and are making it public. After this, we will explain some of the methodologies and tools we are building to help analyze and visualize this data. Next, we will present some of our findings on how online political ads are being targetted and the messages they are communicating with different target audiences. We will also present some case studies on major online political advertisers such as Donald Trump, Beto O’Rourke, the NRA, and Planned Parenthood. This will focus on how they are leveraging „micro-targeted“ advertisements and the goals of their advertising. We will finish by demonstrating some of the visualization tools are have deployed to enable people to better understand online political advertising. false Damon McCoy Home page for our project An Analysis of Facebook’s Archive of Ads With Political Content https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10018.html /system/events/logos/000/010/018/large/atomicBomb.jpg?1545003847 2018-12-28T16:10:00+01:00 16:10 01:00 Borg 35c3-10018-verhalten_bei_hausdurchsuchungen Verhalten bei Hausdurchsuchungen Praktische Hinweise für den Kontakt mit der Staatsmacht CCC lecture de Es ist 6 Uhr und ein Trupp uniformierter Polizisten steht vor deiner Wohnungstür. Was solltest du bis dahin getan haben und was solltest du jetzt tun? Eine Hausdurchsuchung ist etwas, was sich niemand ersehnt und vor dem wir möglichst verschont bleiben wollen. Dennoch passiert es auch im Chaosumfeld immer wieder, dass Hackerinnen und Hacker Besuch von den Staatsorganen bekommen. Dieses Jahr erwischte es unter anderem die Zwiebelfreunde, das OpenLab in Augsburg, den C3DO und evtl. andere. Daher solltet ihr euch gedanklich auf eine Durchsuchung vorbereiten und Schritte ergreifen. Im Vortrag erzählen euch Jens und Kristin, welche Maßnahmen weit vor einer Durchsuchung sinnvoll sind. Weiterhin geben sie euch Empfehlungen, auf was ihr bei einer laufenden Durchsuchung achten solltet und wie es nach einer Hausdurchsuchung weitergeht. false qbi Kristin Pietrzyk https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9800.html 2018-12-28T17:30:00+01:00 17:30 01:00 Borg 35c3-9800-how_to_teach_programming_to_your_loved_ones How to teach programming to your loved ones Enabling students over example-driven teaching Hardware & Making lecture en Teaching beginners how to program is often hard. We love building programs, and seeing our loved ones struggle with this is painful. Showing them how to copy-paste a few example programs and change a few parameters is easy, but bridging from there to building substantial programs is a different game entirely. This talk is about how to teach programming successfully, through comprehensible design recipes, which anyone can follow, using languages and tools designed for beginners. This approach is probably different from how you learned how to program, or how you're used to teaching. It is more effective, however, as it teaches more material successfully to a broader spectrum of people. It is also more enjoyable. The talk is based on many years of research by the <a href="https://programbydesign.org/">Program by Design</a>, <a href="http://www.deinprogramm.de">DeinProgramm</a>, and <a href="http://www.bootstrapworld.org/">Bootstrap</a> educational projects, as well as over 30 years of personal teaching experience in school, university and industrial contexts. A word of warning: The resulting approach is radically different from most teaching approaches used in universities and schools. In particular, it avoids teaching purely through examples and expecting students to develop the skills to arrive at the solutions on their own. Instead, it eaches explicit methodology that enables students to solve problems of surprising complexity on their own, whether they are 11 or 55, whether in a classroom, a training facility, or your home. Extensive documentation, material, and software to support this methodology is available for free. false Mike Sperber teach-programming.pdf https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9658.html 2018-12-28T18:50:00+01:00 18:50 01:00 Borg 35c3-9658-computer_die_uber_asyl_mit_entscheiden Computer, die über Asyl (mit)entscheiden Wie das BAMF seine Probleme mit Technik lösen wollte und scheitert Ethics, Society & Politics lecture de Welchen Dialekt spricht eine Geflüchtete aus Syrien? Was verrät das Handy eines Asylsuchenden aus dem Irak darüber, wo er herkommt? Und ist der Name Wasef eigentlich typisch für Afghanistan? Über diese Fragen entscheiden im Bundesamt für Migration und Flüchtlinge (BAMF) zunehmend Computer. Sie spucken Wahrscheinlichkeiten für Herkunftsländer aus, die entscheidend dafür sind, ob Geflüchtete Asyl bekommen - oder nicht. Kurz: Menschliche Schicksale hängen von Maschinen ab. Diese Maschinen wissen nichts darüber, ob einem Menschen in seiner alten Heimat Verfolgung, Folter und Tod drohen. Mitarbeiter des BAMF verlassen sich auf diese Ergebnisse, auch wenn sie falsch sein können. Recherchen und bisher unveröffentlichte Dokumente zeigen, warum das schiefgehen muss und welche schweren Folgen für Schutzsuchende das haben kann. Im Jahr 2015 stellte fast <a href="https://www.bmi.bund.de/SharedDocs/pressemitteilungen/DE/2016/01/asylantraege-dezember-2015.html">eine halbe Million Menschen</a> einen Asylantrag in Deutschland. Das BAMF war überfordert, immer mehr unbearbeitete Anträge sammelten sich an. Der vermeintliche Ausweg lautete Prozessoptimierung. Allein im Jahr 2016 wurden 25 Millionen Euro für Unternehmensberatungen wie McKinsey ausgegeben, die das Amt <a href="https://www.zeit.de/2017/14/bamf-unternehmensberater-geschwindigkeiten-folgen-fluechtlinge/komplettansicht">zu einer Entscheidungsfabrik machen</a> sollten. Dass die Behörde über das Schicksal von Menschen entscheidet, trat in den Hintergrund. Immer mehr Entscheidungen in immer kürzerer Zeit, kaum ausgebildete Entscheider, schlechte Übersetzer, massive Datenschutzprobleme und viele falsche Ablehnungen, die im Nachhinein vor Gericht landeten und im Nachhinein revidiert werden mussten. Ein Beitrag zur vermeintlichen Optimierung sollten IT-Systeme für ein "Integriertes Identitätsmanagement" leisten, das aus vier Teilen besteht: Ein "Transliterationsassistent" soll Namen in arabischer Schrift einheitlich in lateinische Buchstaben übertragen, um Verwechslungen zu vermeiden und gleichzeitig auswerten, ob der Name im angegebenen Herkunftsland des Geflüchteten vorkommt. Aus einer automatischen Handyauswertung sollen sich Hinweise ergeben, welche Nationalität eine Person hat. Die Technik dafür stammt von einer Firma, die auch für Militär und Geheimdienste arbeitet. Mittels stimmbiometrischer Verfahren sollen die Entscheider Hinweise darauf bekommen, ob ein Antragsteller eher ägyptisches Arabisch spricht oder vielleicht einen levantinischen Dialekt, der auf eine syrische Herkunft hindeutet. Nicht zuletzt sollen biometrische Fotos helfen festzustellen, ob jemand bereits in einer anderen Datenbank registriert wurde. Damit will das BAMF "Vorreiter bei der Erschließung innovativer Technologien" sein. Doch die neuen IT-Systeme, die kurz vor der Bundestagswahl 2017 vorgestellt wurden, lösen die Probleme des BAMF nicht. Sie schaffen neue und entmenschlichen die Entscheidungen über Schutzsuchende, indem sie die Illusion von Korrektheit und Objektivität erzeugen. Durch Recherchen und Gespräche mit Betroffenen erhärtete sich der Verdacht, dass das zum Scheitern verurteilt ist. Geflüchtete erzählten davon, dass BAMF-Mitarbeiter die Systeme nicht richtig bedienen konnten. Ihre Asylakten zeigen, dass sie auch die Ergebnisse fahrlässig interpretiert haben. Sie vertrauten kaum aussagefähigen Prozentangaben aus intransparenten Computerprogrammen mehr als den Schilderungen und Dokumenten der Betroffenen. Bisher unveröffentlichte Dokumente zeigen, dass es sich wohl nicht nur um Einzelfälle handelt. Neben der Gefahr, dass Geflüchtete auf Grundlage der automatisierten Auswertungen abgeschoben werden, hat die Digitalisierungsoffensive im BAMF weitere Auswirkungen: Datenschutzprobleme und massenhafte Datenweiterleitungen an den Verfassungsschutz zum Beispiel. Doch die Behörde hat bereits ein neues Projekt gestartet: die <a href="http://www.bamf.de/DE/DasBAMF/BAMFdigital/Blockchain/blockchain-node.html">Blockchainisierung des Asylverfahrens</a>. false Anna Biselli Digitalisierte Migrationskontrolle: Wenn Technik über Asyl entscheidet Eine Software des BAMF bringt Menschen in Gefahr https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9629.html 2018-12-28T20:50:00+01:00 20:50 01:00 Borg 35c3-9629-snakes_and_rabbits_-_how_ccc_shaped_an_open_hardware_success Snakes and Rabbits - How CCC shaped an open hardware success Hardware & Making lecture en This talk will present a historical narrative of the background behind how the <a href="https://kosagi.com/w/index.php/NeTV_Main_Page">NeTV</a> + Milkymist inspire the <a href="hdmi2usb.tv">HDMI2USB</a> then helped the <a href="https://www.crowdsupply.com/alphamax/netv2">NeTV2</a> projects and how they all became interlinked through events like Congress! From the study of this history, we will attempt to distill a few core lessons learned that can hopefully be applied to other open hardware projects. Open hardware projects tend to evolve differently from open software projects. Even though it’s very easy to fork an open software project, pull requests and merges help ensure the main branch of a project continues to improve. Furthermore, open software projects tend to evolve along with their tools, as evidenced by the concurrent maturation of Servo and Rust, or Linux and Git. In contrast, open hardware projects tend to fork and then fracture the community as they gain commercial success and go closed, as evidenced in the evolution of the 3D printer and drone communities. There are also few examples of hardware projects that co-evolve with their tools. The evolution of the <a href="https://kosagi.com/w/index.php/NeTV_Main_Page">NeTV</a> + Milkymist to the <a href="hdmi2usb.tv">HDMI2USB</a> to the <a href="https://www.crowdsupply.com/alphamax/netv2">NeTV2</a>, along with the concurrent maturation and adoption of the <a href="https://m-labs.hk/migen/">Migen</a> and <a href="http://www.enjoy-digital.fr/">LiteX ecosystem</a>, is one of these rare examples. This talk will present a historical narrative of the background behind each of these projects and how they became interlinked. From the study of this history, we will attempt to distill a few core lessons learned that can hopefully be applied to other open hardware projects. One important lesson is that open anything takes time and patience, and so the project itself needs to be in a space where it can move at an appropriate pace to grow a healthy community while maintaining relevance against potentially better-funded closed-source options. Another lesson is the importance of crowdfunding as a mechanism to marshall community around a given release, as opposed to relying upon sources of financing that expect direct returns on investment (such as venture capital or loans). A final example of a lesson we will discuss is the importance of picking the right tools to co-evolve with the project. While many open source options alternatives exist to closed-source tools, it’s problematic if the design tools somehow limit the hardware implementation or introduces flaws in the design itself -- and hardware, unlike software, cannot be patched. Migen/LiteX are front-end tooling for describing FPGA designs (“gateware”), and their output being a bitstream means it can be in the hardware space while enjoying the privilege of easy patching and updates. Furthermore, Migen/LiteX offer critical features and performance metrics unavailable in the closed-source alternatives, meaning that these are not simply design tools, they are also core to enabling the competitiveness of the hardware itself. <h3>Related previous Chaos Congress Talks</h3> <ul> <li><a href="https://media.ccc.de/v/cccamp11-4412-latest_developments_around_the_milkymist_system_on_chip-en"> Latest developments around the Milkymist System-on-Chip - A roundup of one the most advanced open hardware projects</a></li> <ul> <li><a href="https://media.ccc.de/v/28c3-4686-en-implementation_of_mitm_attack_on_hdcp_secured_links"> Implementation of MITM Attack on HDCP-Secured Links - A non-copyright circumventing application of the HDCP master key</a></li> <li><a href="https://media.ccc.de/v/33c3-8057-dissecting_hdmi">Dissecting HDMI - Developing open, FPGA-based capture hardware for conference & user group recording</a></li> </ul> <h4>Presenters</h4> <ul> <li><a href="https://blog.mithis.net">Tim 'mithro' Ansell</a> is the founder of <a href="http://code.timvideos.us">TimVideos</a>. He is known for having to many projects including hardware like the <a href="https://hdmi2usb.tv">HDMI2USB.tv</a>, <a href="https://tomu.im">I'm Tomu</a> and many more!</li> <li><a href="https://www.bunniestudios.com/">Andrew 'bunnie' Huang</a> is a hacker, activist and author who is known for many projects including hardware like the <a href=”https://kosagi.com/w/index.php/NeTV_Main_Page”>NeTV</a>, <a href=”https://chibitronics.com”>Chibitronics</a>, Novena, and Chumby. </li> </ul> false Tim 'mithro' Ansell bunnie HDMI2USB.tv Migen (+Milkymist) NeTV NeTV2 Enjoy Digital + LiteX https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9979.html /system/events/logos/000/009/979/large/gadget_500x500.png?1539718621 2018-12-28T22:10:00+01:00 22:10 01:00 Borg 35c3-9979-the_layman_s_guide_to_zero-day_engineering The Layman's Guide to Zero-Day Engineering A demystification of the exploit development lifecycle Security lecture en There's a certain allure to zero-day exploits. At the apex of the security industry, these elusive technologies are engineered by a persistent few to open doors of software systems that were never meant to exist. We go behind-the-scenes to provide an inside look at the zero-day development lifecycle, breaking common misconceptions regarding this increasingly difficult tradecraft. In this talk, we will discuss the engineering process behind a <a href=”https://blog.ret2.io/2018/06/05/pwn2own-2018-exploit-development/”>zero-day</a> that was used to exploit Apple Safari at PWN2OWN 2018. Rather than placing an intense focus on the technical challenges required to weaponize this particular chain of vulnerabilities, we reflect on this experience as a case-study of the analytical approach we employ to attack unfamiliar software targets. In addition to these methods, we will contrast how this process differs from CTF/Wargame challenges, highlighting the path one can take to graduate from casual enthusiast to security professional. false Markus Gaasedelen Amy (itszn) Ret2 Systems https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9617.html /system/events/logos/000/009/617/large/l1.png?1539450734 2018-12-28T23:30:00+01:00 23:30 01:00 Borg 35c3-9617-a_deep_dive_into_the_world_of_dos_viruses A deep dive into the world of DOS viruses Explaining in detail just how those little COM files infected and played with us back in the day Security lecture en It is now 27 years since MS-DOS 5.0 was released. During its day there was the threat of viruses breaking your system or making it act in unpredictable ways. Due to its age and near total lack of consumer use it is safe to assume that all of the viruses for MS-DOS have been written. Using community archives and modern analysis methods we can uncover how they worked and reflect on how things have changed. Computers have come a long way in the last 27 years, and so has malware too. This talk will start off with some of the most famous and widely known payloads. A basic guide on how MS-DOS runs applications, and we will work up from there to analysing all 17k+ samples with that are in the archives using automatic tooling to pick out some of the most interesting ones. If you don’t have reverse engineering skills, don’t be afraid! We will start off with the basics of how the IBM PC works, MS DOS execution, binary runtime, and how we automatically run/disassemble/trace/fuzz malware on mass. false Ben Cartwright-Cox https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9873.html /system/events/logos/000/009/873/large/FairyBot_kl.jpg?1546016301 2018-12-29T00:30:00+01:00 00:30 02:00 Borg 35c3-9873-all_creatures_welcome All Creatures Welcome a utopian documentary about the digital age CCC film de "All Creatures Welcome sketches a utopian image of society in the digital era. Accompanied by the appeal to “use hacking as a mindset,” the viewers immerse themselves, together with the filmmaker, in a documentary adventure game and explore the world of digital communities at the events held by the Chaos Computer Club; a real-world reflection of the virtual spectrum." – after the rough cut screening at the 34c3 we will show now the final version. Join us and be part of the moment when we put the movie online and make it freely available under a creative commons license at the beginning of the screening! Together with the filmmaker and the slogan"use hacking as a mindset" we immerse in a documentary adventure game and explore the world of Komputerfrieks, as they used to call themselves at the inaugural meeting of the Chaos Computer Club in 1981. We come upon an open, free-spirited society. The events of the CCC are a kind of utopian real-world reflection of the virtual spectrum. We encounter angels, activists, robots, coders and makers. We learn what a hack is, why lockpicking can be important, how a cellular system works. We dive into the game and become part of the community that is as inclusive as it is sophisticated. Still outside of this collective the challenges are immense in an era, in which political certainties and institutions increasingly erode. Models of governance, economics, social order, technology and science are being put into question 24/7. With the internet’s rules of conduct, national laws are being repealed and transformed into global structures. While the worldwide web would structurally actually allow a radical renewal of democracy, changing it from representation to participation, more and more states are drifting towards authoritarian societies in political reality. In the course of that process, en passant the largest surveillance machinery of human history has been created. We see how the hacker culture meets these challenges and what inner contradictions it encounters. We learn that our lives are not determined by general, given truths but actually through the way we work, develop ourselves, suffer or dream. The events of the CCC become a possible blueprint of social upheaval. Self-organization, freedom of expression and critical discussion merge in a colorful, polyphonic chorus apart from social norms and capitalist constraints: "Be excellent to each other!“ false Sandra Trostel Thies Mynther Movie Page Poster file https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9852.html 2018-12-28T11:30:00+01:00 11:30 01:00 Clarke 35c3-9852-exploring_fraud_in_telephony_networks Exploring fraud in telephony networks Security lecture en Telephone networks form the oldest large scale network that has grown to touch over 7 billion people. Telephony is now merging many complex technologies (PSTN, cellular and IP networks) and enabling numerous services that can be easily monetized. However, security challenges for telephony are often neither well understood, nor well addressed. As a result, telephone networks attract a lot of fraud. In this talk, we will systematically explore the fraud in telephone networks, focusing on voice telephony. We will present a taxonomy of fraud, and analyze two prevalent fraud schemes in more detail: looking into the ecosystem of International Revenue Share Fraud (IRSF), and discussing a new countermeasure to the well-known problem of voice spam. This talk aims to improve the understanding of the fraud ecosystem in telephony networks. We first provide a clear taxonomy that differentiates between the root causes, the vulnerabilities, the exploitation techniques, the fraud types and finally the way fraud benefits fraudsters. As concrete examples, we first look into International Revenue Share Fraud (IRSF), where phone calls to certain destinations are hijacked by fraudulent operators and diverted to the so-called ‘international premium rate services’. This fraud often involves multiple parties who collect and share the call revenue, and is usually combined with other techniques (such as voice scam, mobile malware, PBX hacking) to generate call traffic without payment. We will further explore the IRSF ecosystem by analyzing more than 1 million `premium rate' phone numbers that we collected from several online service providers over the past 3 years. In the second part, we will look into voice spam, a prevalent fraud in many countries. After giving an overview of various types of unwanted phone calls, we will focus on a recent countermeasure which involves connecting the phone spammer with a phone bot (“robocallee”) that mimics a real persona. Lenny is such a bot (a computer program) which plays a set of pre-recorded voice messages to interact with the spammers. We try to understand the effectiveness of this chatbot, by analyzing the recorded conversations of Lenny with various types of spammers. As we consider the ‘benefits’ as a fundamental part of our fraud definition, we believe that chatbots can be combined with the existing fraud detection and prevention mechanisms, as a supplementary way of slowing down voice spam campaigns. false Merve Sahin Aurélien Francillon SoK: Fraud in Telephony Networks Using chatbots against voice spam: Analyzing Lenny’s effectiveness IRSF https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9631.html 2018-12-28T12:50:00+01:00 12:50 01:00 Clarke 35c3-9631-symbiflow_-_finally_the_gcc_of_fpgas SymbiFlow - Finally the GCC of FPGAs! A fully FOSS, Verilog to bitstream, timing driven, cross FPGA, usable toolchain. Hardware & Making lecture en The <a href="http://symbiflow.github.io">SymbiFlow project</a> aims to be the "GCC of FPGAs" - a fully open source toolchain supporting, multiple FPGAs from different vendors. Allowing compilation from Verilog to bitstream without touching vendor provided tools, it includes support for large modern FPGAs like the Lattice ECP5 and Xilinx 7 series. These FPGAs can be used for things previously out of reach of FOSS tools, things like high resolution video and many gigabit networking. We have also documented the FPGA bitstreams to allow other new tools and a process for replicating this effort on new types of FPGAs! The <a href="http://symbiflow.github.io">SymbiFlow project</a> aims to be the "GCC of FPGAs" - a fully open source toolchain supporting multiple FPGAs from multiple different vendors. FPGAs have been around since 1980s but most have previously require getting giant closed source proprietary black boxes from the FPGA vendor (10 gigabytes or more!). Thanks to SymbiFlow this is no longer the case! Like the previous IceStorm efforts, SymbiFlow includes both documentation of FPGA bitstreams and a workingtoolchain for compiling Verilog into these bitstreams. Unlike previous efforts, this new toolchain supports industry standard timing driven place, and route and significantly larger designs. This makes SymbiFlow a big change over the previous Project IceStorm effort and enables support for large, modern FPGAs that can be used for things like high resolution video and many gigabit networking. This presentation will give you an update on the current status of the project. What currently works, the future roadmap and how you can help with the project and how to expand the number of supported FPGAs even further. Currently SymbiFlow is supporting the Lattice iCE40 plus two modern, capable and popular FPGAs architectures - the Lattice ECP5 and Xilinx 7 Series. The project has also gone to an effort to provide a well documented process for understanding FPGA bitstreams. This provides a clear pathway for new contributors to extend the tooling to support even more FPGAs! Come find out about how a small group are changing the world of FPGA development! <h3>About FPGAs</h3> Due to their reconfigurable nature, FPGAs make hardware problems into software problems and enable anyone to building custom integrated circuits. This means you could create your ideal microcontroller, not what some manufacturer thinks you want. You can have the exact right set of peripherals including as many SPI, I2C or CAN as you want! Previously developing for FPGAs has require getting giant closed source proprietary black boxes from the FPGA vendor (10 gigabytes or more!). This has strongly hampered their adoption and reduced them to niche use cases. However, with the ending of Moore's law and things like <a href="https://riscv.org/">RISC-V</a>, FPGAs have a strong role to play in enabling open source communities to participate in the explosion of new hardware design. They also enable us to apply the high speed of innovation and security we expect from an open source software. <h3>Presenters</h3> <a href="https://blog.mithis.net">Tim 'mithro' Ansell</a> is the founder of <a href="http://code.timvideos.us">TimVideos</a>.He is known for having to many projects including hardware like the <a href="https://hdmi2usb.tv">HDMI2USB.tv</a>, <a href="https://tomu.im">I'm Tomu</a> and many more! Through this frustration with FPGA toolchains while developing these projects he ended up being heavily involved with the development of the <a href="http://symbiflow.github.io">SymbiFlow</a> project. false Tim 'mithro' Ansell SymbiFlow Website SymbiFlow GitHub https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9612.html 2018-12-28T14:10:00+01:00 14:10 01:00 Clarke 35c3-9612-the_nextpnr_foss_fpga_place-and-route_tool The nextpnr FOSS FPGA place-and-route tool the next step forward in open source FPGA tools Hardware & Making lecture en Project IceStorm provides the first end-to-end open source FPGA toolchain, was originally presented at 32c3, and only targetted Lattice iCE40 FPGAs. nextpnr is the next big step for open source FPGA tools, providing a retargetable open source FPGA place-and-route tool that will enable open source flows for many different FPGAs from many different vendors. nextpnr is a retargetable FOSS FPGA place-and-route tool that is replacing arachne-pnr as place-and-route tool in the IceStorm open source iCE40 flow. (I have originally presented IceStorm and arachne-pnr at 32c3.) nextpnr is retargetable, meaning it can be ported to other FPGA architectures easily, uses timing-driven algorithms, provides a python scripting API, supports complex placement and floorplanning constraints, and has a nice GUI. Python and GUI support are optional, which may be useful when deploying nextpnr on an embedded platform. In short: It is a big step forward for open source FPGA tools, attempting to close the gap to vendor tools in some aspects, and even setting new standards in other aspects. As of now, iCE40 FPGAs (Project IceStorm) and ECP5 FPGAs (Project Trellis) are supported in nextpnr, but support for more architectures is expected to follow in short order. false Clifford Wolf https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9775.html 2018-12-28T16:10:00+01:00 16:10 01:00 Clarke 35c3-9775-how_medicine_discovered_sex How medicine discovered sex Introduction to sex- and gender-sensitive medicine Science lecture en Men with osteoporosis or depression, women with heart attacks - these are examples of diseases where medicine still shows a gender bias. Assuming that men and women have the same bodies, except when it comes to the reproductive organs still causes maltreatment up to death. In the past few years sex- and gender-sensitive medicine has discovered that the assumption of the same body has lead to the unnecessary death of patients and needs to be challenged. This is a brief introduction into the paradigm shifting realm of sex- and gender-sensitive medicine showing how and where the sexes differ, that there are actually more than two sexes and that your gender also plays a role in how you are being treated by medical professionals. false Sarah Hiltner 35c3-4-komprimiert.pdf https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9998.html 2018-12-28T17:30:00+01:00 17:30 01:00 Clarke 35c3-9998-the_good_the_strange_and_the_ugly_in_2018_art_tech The good, the strange and the ugly in 2018 art &tech On art, AI, hormones hacking and other prospects of a post-human world Art & Culture lecture en What's been good, exciting, spooky and challenging in art and science/technology over this past year. With a short incursion into the ugly because even artists have the right to be awful. Global warming, the threat of another economic crisis, the rise of far right discourses across Europe or the mass extinction of natural species, it might seem futile to invest time and attention to contemporary art. And yet, with their inquisitive mind, their skills in (ab)using new media and their provocative attitude, artists and critical designers can play a valuable role in creating richer narratives around issues that tend to polarize and/or dismay. The talk will look at the good, the strange and the exciting in art and science/technology over this past year. With a short incursion into the ugly because even artists have the right to be awful. Some of the topics explored might include the environmental and human cost of AI, hormones hacking, 'racism' behind innocent looking devices and other prospects of a post-human world. false Régine Debatty https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9797.html 2018-12-28T18:50:00+01:00 18:50 01:00 Clarke 35c3-9797-analyze_the_facebook_algorithm_and_reclaim_data_sovereignty Analyze the Facebook algorithm and reclaim data sovereignty Algorithms define your priorities. Who else besides you can know what you need? Resilience lecture en Facebook monopoly is an issue, but looking for replacements it is not enough. We want to develop critical judgment on algorithms, on why data politics matter and educate, raise awareness for a broad audience. With <a href="https://facebook.tracking.exposed">our tool</a>, we enable an individual to collect evidence and see how Facebook's algorithm truly shares their data. Not data about themselves, but the bias of facebook treats data, re-shares certain content over other content. Collectively we can analyze the algorithm, understand Facebooks agendas and show how little agency users have. As algorithms define what our priorities are, they should be recognized as an extension of our will. We must be able to consciously build our own algorithms, change them whenever we want, and not have to delegate this decision to a commercial entity, with opaque functioning and objectives. This is the goal of <a href="https://tracking.exposed">tracking.exposed</a>, a goal that can only be achieved through education. We recognize that not everyone possesses the knowledge and skills to design their own algorithms, and therefore there is the need to create a support community, where algorithms can be shared, compared, improved and criticized. The algorithm is power; it can be a harmful cage or a helpful filter. Only autonomous and informed individuals can decide what is most appropriate for them at a given time. We also worked on <a href="https://youtube.tracking.exposed">analyzing YouTube algorithm</a>! And others platform should follow; the collaborative observation approach is replicable in every platform which personalizes the results. This talk wants to be accessible for ordinary social media users. We understand that many have to be on these platforms, but at least, we can try to use them without getting used! false Claudio Agosti website https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9893.html /system/events/logos/000/009/893/large/spectre.png?1539637629 2018-12-28T20:50:00+01:00 20:50 01:00 Clarke 35c3-9893-a_christmas_carol_-_the_spectres_of_the_past_present_and_future A Christmas Carol - The Spectres of the Past, Present, and Future Security lecture en With the beginning of last year, two major security vulnerabilities have been disclosed: Meltdown and Spectre. While mitigations in software and hardware have been rolled out right away, new variants have been continuously released in the following months. With all those confusing names, how can you possibly still have a clear overview of all those vulnerabilities (SpectreV1, SpectreV2, Meltdown, Spectre-NG, SpectreRSB, L1TF, Foreshadow, ...)? With this talk, we present a novel classification that will ease the naming complexity of the current jungle of variants. Along with all different attacks, we will give an overview of all proposed mitigations and show how an attacker still can mount an attack despite the presence of implemented countermeasures. Furthermore, we will present new variants of the Meltdown attack, exploiting different parts of the CPU. Only a few days after the Chaos Communication Congress closed its doors last year, two major security vulnerabilities have been disclosed to the public. Meltdown and Spectre exploit critical vulnerabilities in modern processors, allowing attackers to read arbitrary data currently processed on the computer without any permissions or privileges. While mitigations in software and hardware have been proposed and rolled out right away, new variants of Spectre and Meltdown attacks have been published frequently in the following months. Spectre v1? Spectre v2? Meltdown? Spectre-NG? SpectreRSB? L1TF? Foreshadow? - With all those names and variants, how can you possibly have still a clear overview of those vulnerabilities? With all those operating systems, compiler, and microcode updates, is my system really protected? In our talk, we present a novel classification of Spectre and Meltdown attacks and propose a new naming scheme to ease the naming complexity of the current jungle of variants. Furthermore, we give an overview of all proposed mitigations and show that an attacker can still mount an attack despite the presence of implemented countermeasures. Finally, we show new variants of the Meltdown attack, exploiting different parts of the CPU. false Moritz Lipp Michael Schwarz Daniel Gruss Claudio Canella https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9703.html 2018-12-28T22:10:00+01:00 22:10 01:00 Clarke 35c3-9703-supermuc-ng SuperMUC-NG … und das Rennen um den schnellsten Computer der Welt Science lecture de Der nationale Höchstleistungsrechner SuperMUC-NG unterstützt die öffentliche Wissenschaft in Deutschland. Wie ist er aufgebaut, was kann man damit tun, und wo steht er im Vergleich mit den schnellsten Supercomputern der Welt? Im September 2018 wurde nach einem Jahr für die öffentliche Ausschreibung und Beschaffung sowie einem halben Jahr Bauzeit die Inbetriebnahme des bayerischen Höchstleistungsrechners SuperMUC-NG gestartet. Der Rechner am Leibniz-Rechenzentrum (LRZ) in Garching wird derzeit diversen Tests unterzogen und soll Anfang 2019 für die Wissenschaft in Deutschland zur Verfügung stehen. In diesem Vortrag soll die Architektur von SuperMUC-NG vorgestellt und auf seine Besonderheiten eingegangen werden. Dazu zählt u. a. der Einsatz von herkömmlichen Skylake-Prozessoren und der Verzicht auf Beschleuniger (GPGPUs), aber auch die spezielle Heißwasserkühlung in Kombination mit Adsorptionskältemaschinen. Anhand ausgewählter Anwendungsbeispiele aus der Astrophysik, den Erdwissenschaften, der Genomanalyse und der personalisierten Medizin wird gezeigt, wofür diese Rechner gebaut werden. Natürlich ist SuperMUC-NG nicht der einzige derartige Rechner auf der Welt und mit der Top 500 Liste der Supercomputer gibt es zwei Mal jährlich ein "Rennen" um den schnellsten Computer der Welt. Wo steht Deutschlands derzeit schnellster akademischer Rechner im internationalen Vergleich, und warum ist dieser Vergleich genauso unwichtig wie ein Formel-1 Rennen für die Automobilbranche? false Dieter Kranzlmueller Pressemitteilung zu SuperMUC-NG Characteristics SuperMUC-NG Slides:SuperMUC-NG https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9965.html /system/events/logos/000/009/965/large/g62.png?1546009994 2018-12-28T23:30:00+01:00 23:30 01:00 Clarke 35c3-9965-what_is_good_technology What is Good Technology? Answers & practical guidelines for engineers. Ethics, Society & Politics lecture en The last years, we all have felt the impact of applying technologies like machine learning, social networks and data-driven decision making on a massive scale to our societies. Yet all that technology has been developed by engineers like us. It's become clear that we have to do more than chase the ever evolving technological challenges and start to assume responsibility for our creations - or we too will wake up one day to the realization that technology we helped develop has done more harm than good. We want to present practical, every day guidelines and principles that can help engineers and organizations to build technology that not only serves the application and business purpose, but also minimizes negative long-term effects on society and the people that use it. The Good Technology Collective was founded in December of 2017 in Berlin by a diverse group of experts from academia, government & the private sector with the goal to bring fresh wind into the discussions everybody seemed to have about the impact of modern technology in the wake of the full impact of fake news, algorithmic biases, filter bubbles & massive data breaches - without ever resulting in tangible action. The GTC hosts and supports regular events to educate engineers, publishes articles to educate society through media partnerships, holds internal round tables and aims to work with policy makers long-term. As part of this years effort, we are releasing "Ethical Engineering Guidelines" that offer a practical way for engineers and organizations to responsibly develop new technology that takes ethics & societal impact more into account and can easily be applied to small and large projects alike. These guidelines have been developed throughout the year a parts of them presented at various events as they progressed, to collect feedback and further improve them. Members of GTC range from (former) whistle blowers, activist MPs, Oxford professors in ethics, authors to entrepreneurs and technology makers in various areas. The GTC is fully independent and only accepts public donations that are not tied to a specific project. false Yann Leretaille Good Technology Collective Website Presentation Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9812.html 2018-12-28T11:30:00+01:00 11:30 01:00 Dijkstra 35c3-9812-a_farewell_to_soul-crushing_code A farewell to soul-crushing code Towards correct software that enriches our lives Resilience lecture en A major part of software development is maintenance, i.e. tinkering with software that should already be completed but still somehow does not work as it should. Software developed by tinkering is the antithesis to resilient technology, and a growing threat to our profession and our lives. Working on this kind of software crushes the soul. Yet this is exactly how most IoT devices (and computers in general) are programmed these days. We need to replace the dead technology-oriented objects of the past with supple models enriching our domains and our souls. This talk shows how it is done. So how do we gain autonomy over the software of the future, which is currently spiralling out of control? Not with object-oriented programming, as it turns out: Mutable state, the absence of uniform abstraction mechanisms and the complexity introduced by inheritance make it hard for humans to develop correct and robust software. While "agile" has given developers autonomy over the soul-crushing processes of the past, the prevalent technology - object-orientation - is a fundamental part of the problem, not of the solution. It is time to say goodbye; we must start to teach the principles of systematic construction of correct software instead. At the core of this revolution is the consistent application of functional programming, i.e. of immutable data structures, systematic abstraction and data modelling. The talk illustrates the problems of the programming techniques of the past, and shows how to build robust models that lead to useful software. false Mike Sperber Nicole Rauch Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9660.html 2018-12-28T12:50:00+01:00 12:50 01:00 Dijkstra 35c3-9660-modern_windows_userspace_exploitation Modern Windows Userspace Exploitation Security lecture en In this talk we will go through the different mitigations in Windows 10 and see how they affect modern userspace exploitation. We will explain the primary ones and the different ways to bypass them. Finally, we will demo a cool exploit that achieves code execution. In the past few years, many new mitigation techniques were introduced both into Windows kernel and userspace. These are supposed to make exploitation of certain vulnerabilities significantly harder, reduce exploit reliability, and require dependency on multiple primitives. It impacts many of the core components of the OS and build stack, including the loader, front-end allocator, compiler, and memory management. With such investment and impact, how effective are these really, from the exploit developer’s perspective? In this talk, we’ll explain the primary mitigations in Windows that hinder modern memory corruption exploitation in userspace. Using examples of real-world vulnerabilities, we will see how to achieve arbitrary code execution on different Windows versions, comparing their impact on exploits. On our journey to code execution, we will learn the motivation behind these mitigations, understand their design, scope, and implementation, and study their weaknesses. false Saar Amar https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9414.html 2018-12-28T14:10:00+01:00 14:10 01:00 Dijkstra 35c3-9414-sense_without_sight_a_crash_course_on_blindnavigation Sense without sight: a crash course on #BlindNavigation Resilience lecture en Learn to see the world without your eyes. Wonder what it's like to navigate while blind? Want to learn to use your everyday senses in ways you don't know you don't know? In this talk, I hack you with permanently enhanced sensory perceptions. This is very participatory, not just "sit and listen", and workshops are even more hands-on (blindfolded w/ cane in hand). Workshop & volunteer signup: <a href="https://s.ai/ccc/ws">https://s.ai/ccc/ws</a> Tag plz: #BlindNavigation @saizai #35c3 <h2>Talk</h2> This talk is not the same on video as in person. Come in person if you can. A few things I'll cover require a cane, but the vast majority are sensory input that you already have, and you simply don’t realize or pay attention to. This will also (briefly) cover how and how not to interact with a blind person on the street, cognitive shifts from perceiving the world as a blind person, real vs myth difficulties, etc. This talk is specifically focused on navigation and sensory experience. It won't cover Braille, computers, general life skills, medical/legal issues, or the like. After you attend, I'd greatly appreciate your feedback: <a href="https://s.ai/ccc/fb">https://s.ai/ccc/fb</a>. If you post about it, I'd appreciate if you use gender neutral pronouns for me, and tag me (saizai) or send me a link. <h3>Participation</h3> The talk is applied and participatory, not just abstract. I want you to actually experience what I discuss, so that you have a genuine qualitative sense of what it is like to navigate the world while blind. You will have a better experience if you are totally sober, don't have arms or head covered, & have used the toilet beforehand. Some things you may be asked to do: <ul> <li>make a single synchronized clap, to generate a sonic ping of the room</li> <li>listen carefully to the timing differences of echos</li> <li>stand up / sit down</li> <li>feel air currents</li> <li>put the back of your hand near the face of the person sitting next to you (& vice versa), feeling for heat changes & air currents</li> <li>come up to the stage when asking questions, so that you can get on stage if that would be helpful for me to demonstrate an answer for you directly</li> </ul> Participation in these is strictly optional. It's totally OK if you don't want to (e.g. comfort, disability, not wanting to be on camera, etc), and you don't need to justify it. I'll ask for indications of consent or opt-out. However, participating will very significantly improve your experience and how much you'll learn. <h2>Workshops</h2> The talk will try to cover as much as can be done without direct experience. However, there's a huge qualitative difference between simply hearing me talk about it and experiencing it for yourself. Therefore, I am also running hands-on, 1-hour workshops (approx. 2 per day, TBD). Workshop participants will be blindfolded, given a guide cane, and led through a crash course in how to use and perceive the cues that are discussed in the talk, and an additional Q&A / debriefing session afterwards. This starts from simply walking along a straight path, and quickly escalates to hearing corridors, feeling walls at a (short) distance, etc. Workshop observers are welcome. I also need several volunteers to make this happen, so if you can, please do. <h3>Workshop & volunteer signup</h3> <a href="https://s.ai/ccc/ws">https://s.ai/ccc/ws</a> <h2>Help wanted!</h2> <h3>People</h3> I need volunteers:<ol> <li>on stage (general, e.g. as human obstacle, safety, slides-checker, demonstration partner, etc.)</li> <li>on stage (aikido uke)</li> <li>during talk, in audience (to walk and/or bike around the aisles to generate wind currents, hold an open cup of coffee / mate for smell, etc)</li> <li>workshop assistants (requires training, preferably before 35C3 day 0)</li> </ol> If you can, please <a href="https://s.ai/ccc/ws">volunteer</a>. I'll train you on what needs to be done. Please also <a href="https://s.ai/contact">contact me</a> if you:<ul> <li>are blind / visually impaired and a cane or guide dog user going to 35C3; or</li> <li>would like to collaborate on blind navigation aids (e.g. cane-embedded compass).</li></ul> <h3>Stuff</h3> If you have:<ul> <li>to give: <ul> <li>a working Northpaw anklet you can part with</li> <li>ability to make custom eyeglass frames with zero light leakage</li> </ul></li> <li>to borrow:<ul> <li>long white guide canes</li> <li>sections of tactile paving (bumps, grooves, etc used on the street for blind people)</li> <li>sections of any random paving, flooring, tiles, carpet, etc</li> <li>tatami (aikido floor safety style)</li> <li>tactile or audio street crossing indicators</li> <li>dry ice & a trough</li> <li>laser that can emit as a flat plane</li> <li>binaural audio recording equipment</li> <li>hands-free 360° video recording equipment (& editing capability)</li> <li>… or anything similar</li> </ul></li> </ul> ... please contact me: <a href="https://s.ai/contact">https://s.ai/contact</a> <h3>Money</h3> All workshops are free. Unfortunately, the equipment to run them is not (it costs a few hundred Euros), and I'm poor. If you can donate, it'd be appreciated: <a href="https://s.ai/donate">https://s.ai/donate</a> <h2>About me</h2> I do lots of things, e.g. conlanging (26C3), cognitive psychology (27C3), meditation (26C3 & 27C3), civil rights litigation, government transparency, meta-politics, meta-law research, etc. See my wesite. <a href="https://s.ai">https://s.ai</a> I'm part-time fully blind. See <a href="https://s.ai/essays/interaction">https://s.ai/essays/interaction</a> for tips on how to interact with me & <a href="https://s.ai/essays/blindness">https://s.ai/essays/blindness</a> for background info. In particular, please understand that blindness is not "what I do", and I'm going to hit my capacity for talking about it with the talk, Q&A, and workshops. I always welcome feedback, collaborations, fellow-travelers, and press. Other than that, if you see me around Congress, let's please talk about something other than my blindness. <a href="https://s.ai/contact">Contact info</a>:<ul> <li>Handle: saizai (Twitter/IRC/FB/G+/etc.)</li> <li>Email: ccc@s.ai</li> <li>DECT: 4724</li> <li>Signal/WhatsApp/Telegram +15103944724</li> </ul> Gender neutral pronouns please. false Sai Workshop signup Notes & other links Interaction tips (from blind POV) Tweets about #BlindNavigation Slides PDF https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10039.html 2018-12-28T16:10:00+01:00 16:10 01:00 Dijkstra 35c3-10039-theater_und_quantenzeitalter Theater und Quantenzeitalter „Die Parallelwelt“- Das Schauspiel Dortmund und die Digitalität Art & Culture lecture de Seit 2010 ist die Sehnsucht des Schauspiel Dortmund, ein gegenwärtiges und wagemutiges Schauspiel für ein Publikum des 21. Jahrhunderts zu schaffen, ein Volkstheater für die Digitale Moderne. Intendant Kay Voges, Videokünstler Mario Simon und Engineer Lucas Pleß berichten über Dortmunder Theaterarbeiten zum Menschsein im Digitalen Zeitalter, speziell über die Stückentwicklung "Die Parallelwelt", die im September 2018 am Berliner Ensemble und am Schauspiel Dortmund gleichzeitig Premiere hatte, sowie über die "Akademie für Digitalität und Theater", die 2020 in Dortmund gegründet werden soll. Einen Theaterabend, der die Ränder des Erzählens auslotet und die Grenzen zwischen Theater, Film und Netz in Frage stellt: Im September 2018 hatte „Die Parallelwelt“ simultan am Schauspiel Dortmund und am Berliner Ensemble Premiere. Regisseur Kay Voges, Videokünstler Mario Simon und Software-Ingenieur Lucas Pleß vom Schauspiel Dortmund berichten über die Entwicklung eines Theaterabends, für den zwei Bühnen und zwei Zuschauerräume in zwei Städten in Echtzeit per Glasfaser verbunden sind. „Die Parallelwelt“ spielt mit der Vervielfältigung von Identitäten im Zusammenspiel mit dem Wandel von Bildern, die sich die menschliche Spezies zu dem Kosmos macht, dessen Teil sie ist – und mit Entgrenzung, Auflösungs-Alptraum und einer Neuzusammensetzung der Welt, wie wir sie kannten. „Die Parallelwelt“ ist die neueste Produktion zum Thema Menschsein im Digitalen Zeitalter vom Dortmunder Team um Kay Voges, das seit 2010 inhaltlich und formal an den Grenzen von Theater und Installation, Performance, Coding, Game und neuer Medienkunst forscht. Die Sehnsucht von „Deutschlands führendem Theaterlabor“ (DIE WELT): Ein gegenwärtiges und wagemutiges Schauspiel für ein Publikum des 21. Jahrhunderts, ein Volkstheater für die Digitale Moderne. Diese Forschungsreise wird ab 2020 intensiviert werden, wenn in Dortmund die neue „Akademie für Digitalität und Theater“ an den Start gehen soll. false Kay Voges Mario Simon Lucas Pleß "Parallelwelt" in Dortmund Parallelwelt in Berlin https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9526.html /system/events/logos/000/009/526/large/SOUNDCLOUD.jpg?1539001057 2018-12-28T17:30:00+01:00 17:30 00:40 Dijkstra 35c3-9526-never_forgetti Never Forgetti a didactic live-gaming performance about dying women across video game history Art & Culture performance en Never Forgetti lecture performance, 2018 multiplatform game, <a href="https://soundcloud.com/imdrivingfast/sets/never-forgetti-ost"> soundtrack </a> & <a href="http://janberger.info/texts/nf_guide_web.pdf"> strategy guide </a> Never Forgetti is a didactic live gaming lecture about the deaths of female video game characters and how their normative framing prevents them from developing agency to avert their fatal destiny. The performance investigates on power relationships between lecturer and audience to reflect on how models of subjugation are established in media and our current social realities. Taking on the persona of Jenny Vorfahrt, a mysterious character that exists both outside and inside the gaming realm, I provide attendees with showcase of gameplay and theoretical knowledge about life and death of popular heroines, as well as the symbolism of classical game design. In reality, however, Jenny is pursuing her own secretive agenda... false JAN BERGER website summary Never Forgetti https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10028.html 2018-12-28T18:30:00+01:00 18:30 01:20 Dijkstra 35c3-10028-feminist_perspectives Feminist Perspectives Inclusive and Diverse Spaces and Communities Ethics, Society & Politics podium en A variety of initiatives aims at encouraging female engagement in the hacker and maker scene. We present there some promising approaches and key learnings in a joint panel discussion. Hong Phuc grew up in a small town in the Mekong Delta, south of Vietnam, She could never imagine how her life went a completely different path than what she was told as a young girl. Le RESET is a French feminist hackerspace created in 2016 by a small group of queer & feminist hackers and hacktivists. The goal was to create a space at the intersection of communities that often remain apart. Em O'Sullivan is a former hackerspace and Maker Faire organiser. Currently, they are a PhD student researching ways to improve women and non-binary people's engagement with technology via makerspaces. Ready to Code is a young project from Stuttgart that teaches girls and women how to code and stand up for themselves. false Geraldine de Bastion Em O'Sullivan Lena Mohr Hong Phuc Dang Le RESET, feminist hackerspace HongPhucDang ReadyToCode-Lena https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9618.html 2018-12-28T20:50:00+01:00 20:50 01:00 Dijkstra 35c3-9618-jailbreaking_ios Jailbreaking iOS From past to present Security lecture en This talk aims to give a general overview of iOS Jailbreaking by starting at what jailbreaking was back in the days and how it evolved up until today, while also taking a quick look at how it might evolve in future. Therefore the following topics are covered: - Jailbreaking goals (technical) - Types of jailbreak and it's origins (tethered, untethered, semi-tethered, semi-untethered) - Exploit mitigations (ASLR, iBoot-level AES, KPP, KTRR, PAC) - Kernel patches (h3lix) - Kppless jailbreaks The goal is to give an insight into the jailbreak terminology, exploit mitigations and how these are dealt with in past and modern jailbreaks. I will give an introduction in jailbreak terminology and walk through the jailbreak history, thus presenting how iOS devices have been hacked/jailbroken in the past while focusing on what mitigations Apple added over the years. Therefore i will discuss what effects these mitigations have on jailbreaking and how they were (and still are) dealt with. This should be interesting for hackers new in the iOS game, as several technical aspects are covered, but also for people who jailbreak their devices and want to get a better understanding of what is happening under the hood of jailbreaks as well as what challenges hackers have to face and why things evoled the way they are right now. This talk is structured somewhat similar to my previous talk 2 years ago "iOS Downgrading - From past to present". Watching my previous talk is not neccessary for understanding this one, but is suggested to get a better overall image of iOS hacking. false tihmstar https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9451.html /system/events/logos/000/009/451/large/AWl49xgk_400x400.jpg?1537891971 2018-12-28T22:10:00+01:00 22:10 01:00 Dijkstra 35c3-9451-simulating_universes Simulating Universes What Virtual Universes Can Tell Us About Our Own Science lecture en In this talk I want to present the computational undertakings in the field of cosmological structure formation and galaxy formation. Here, sometimes gigantic simulations help us to unravel the processes that led to the Universe that we can see today. I will give a short overview of our current understanding of the evolution of the Universe, the history and techniques of the simulations and their current state and future. Almost every field of human discovery has gained immensely from the invention of computers, astrophysics maybe more than most others. Experiments are not an option in astrophysics. We cannot form planets, stars, or galaxies in laboratories on earth, but only observe them in an uncontrolled fashion using telescopes. We therefore rely on mathematical models that predict observations which we can test in reality. As the range of analytically tractable problems is very limited we rely on computers to numerically help us to understand the cosmos. In this talk I will concentrate on a specific branch of astrophysics and cosmology, the science of the evolution of the Universe as a whole: simulations of cosmological structure formation. These simulations follow dark matter in an expanding universe as it collapses under the influence of gravity into the structures which are the birthplaces of galaxies. We will see how these galaxies are glowing tracers on the highly complex, almost invisible structure of the cosmic web. The largest of these simulations are immense computational undertakings and take tens of millions of core-hours to run on tens of thousand of cores while producing hundreds of tera- if not petabytes of output. Throughout their history they have pushed to the limits of technical feasibility and limits of computing power. They are so rich in information that teams of scientists can find new results in them years, sometimes even more than a decade, after they were run. After a quick overview of our current understanding of the development of the Universe I will give an introduction to simulations of the dynamics of dark matter with so-called N-body simulations and how these were developed in the 20th century. We will then explore how people follow the evolution of gas and galaxies in these simulations to fill the darkness with stars, supernovae, black holes and sometimes even light. Finally, I will show how these simulations are comparing against our observations and how they helped us to further our understanding of what the Universe is made of, before ending with a short outlook on how cosmological simulations might improve in the future to explain more phenomena and keep up with observations. false Philipp Busch https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9926.html 2018-12-28T23:30:00+01:00 23:30 01:00 Dijkstra 35c3-9926-the_year_in_post-quantum_crypto The year in post-quantum crypto Security lecture en The world is finally catching on to the urgency of deploying post-quantum cryptography: cryptography designed to survive attacks by quantum computers. NIST's post-quantum competition is in full swing, and network protocols are exploring post-quantum extensions. This talk will take the audience on a journey through selected recent highlights from the post-quantum world. Post-quantum cryptography has become one of the most active areas in cryptography, trying to address important questions from potential users. Is post-quantum cryptography secure? In the first ten months of this year we have seen several serious breaks of submissions to the NIST competition. At this point, out of the original 69 submissions, 13 are broken and 8 are partially broken. Are the remaining 48 submissions all secure? Or is this competition a denial-of-service attack against the cryptanalysis community? NIST will select fewer candidates for the 2nd round, but it is not clear whether there is an adequate basis for judging security. Does post-quantum cryptography provide the functionality we expect from cryptography? For example, the original Diffie-Hellman system provides not just encryption but also more advanced features such as non-interactive key exchange (not provided by any NIST submissions) and blinding. The era of post-NIST post-quantum cryptography has begun with the exciting new CSIDH proposal, which has non-interactive key exchange and is smaller than any NIST submission, but uses more CPU time and needs much more study. Is post-quantum cryptography small enough? Even for network protocols that rely purely on encryption, integration remains a major problem because of the bandwidth requirements of most post-quantum systems, especially the post-quantum systems with the strongest security track records. Experiments with integration of post-quantum cryptography into TLS have focused on encryption without post-quantum authentication. A new generation of network protocols has been designed from the ground up for full post-quantum security. Is post-quantum cryptographic software fast enough, and is it safe to use? Adding post-quantum cryptography to the cryptographic software ecosystem has produced a giant step backwards in software quality. Major areas of current activity include software speedups, benchmarking, bug fixes, formal verification, patent avoidance, and development of post-quantum software libraries such as Open Quantum Safe and libpqcrypto. The talk will be given as a joint presentation by Daniel J. Bernstein and Tanja Lange. false djb Tanja Lange Slides for presentation file https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10026.html 2018-12-28T11:30:00+01:00 11:30 01:00 Eliza 35c3-10026-c2x_the_television_will_not_be_revolutionized C2X: The television will not be revolutionized. From Cyberfeminism to XenoFeminism Art & Culture lecture en From Cyberfeminism to XenoFeminism - a short history of radical appropriations of media. This discussion will question how media is made (for whom and for what) and how meaning is produced through different contexts. it will feature media hacks and productions spanning a century and three continents. Sci-Hub, film excerpts, Red Planet and more will be referenced. It will also address how and where media matter, comparing different technologies, commenting on CCC projects and what is more/less relevant in different African and European contexts. We will also explore how media and technical developments are informed by their social, economic and political environments. false Rama Thiaw dia https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9762.html 2018-12-28T12:50:00+01:00 12:50 01:00 Eliza 35c3-9762-the_urban_organism The Urban Organism Hacking [in] Hong Kong Art & Culture lecture en This talk will engage the practises and protocols of hacking in the context of Hong Kong, drawing parallels from the stigmergic responses of the city (consensus network organisation) and the peer-production (or attempt) of the hackerspace, Dim Sum Labs. Perspectives on this will also draw from the publication, The Field Guide to Hacking (_TFGTH), a collection of (project and essay) snapshots generated from the hackerspace and its surrounding community. Part I: Culture + Society: Idiosyncrasies of the Metropolis I.i Political and economic structures from outside (the space) to the inside (the space). I.ii Cultural identities from the outside to the inside I.iii The resulting pastiche Part II: Dim Sum Labs and _TFGTH: Hong Kong's First and Only Hackerspace II.i Brief introduction to our space and activities II.ii Introduction of the book (_TFGTH) II.iii A few excerpts within II.iv Demonstration of the interactive cover of the book Part III: Peer Production: Collaborative Scenarios III.i Meritocracy vs Democracy III.ii How this applies in the space/ III.iii How this applied to the project (_TFGTH) III.iv How this applies to the city III.v Parallels between hacking and urbanism false mp_ttaa https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10022.html 2018-12-28T14:10:00+01:00 14:10 01:00 Eliza 35c3-10022-reality_check_basel_lagos_in_virtual_reality Reality Check! Basel/Lagos?? In virtual reality? An African tale of art, culture and technology Art & Culture lecture en This talk will share the experience of a leading African extended reality lab - Imisi 3D. It will highlight this African journey to adopt augmented and virtual reality, the challenges and lessons learned and will then focus on some of the arts and culture use cases that have emerged so far. In particular we will explore the collaboration with the IAF Basel festival (organisers of the Contemporary Africa Photography prize) that resulted in Reality Check, a simultaneous virtual reality tour of Lagos and Basel. false Judith Okonkwo https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9595.html /system/events/logos/000/009/595/large/wind_v3-1.jpg?1539610776 2018-12-28T16:10:00+01:00 16:10 01:00 Eliza 35c3-9595-wind_off-grid_services_for_everyday_people Wind: Off-Grid Services for Everyday People Integrating nearby and offline connectivity with the Internet Resilience lecture en The internet has become essential services, and offline methods of sharing data are rapidly disappearing. Other possible networks are often better suited when connectivity is not available or affordable. Radios, sensors, and computing are available in the cheapest of smartphones and routers. Wind is integrating nearby/offline data exchange with the internet services that we all rely on. We rely on the internet for so many things, from personal relationships to essential services. As the internet has gotten stronger, the asynchronous and offline methods of sharing data are rapidly disappearing. There has not been enough investment in the many other possible nets, even though they are often better suited for situations where connectivity is not available or affordable. The potential in radios, sensors and processing available in the cheapest of smartphones and routers are not fully utilized or realized. Wind is a network designed for opportunistic communication and sharing of local knowledge. It is built on impermanence, movement, and spontaneity. Wind is a direct counterpoint to the metaphor of the Web, a system built upon the concept of fixed physical nodes, centralized authorities and permanent links. It is rooted in the mindsets and needs of people and communities who face challenges communicating. Wind is shaped by the movements and density of people in time and space. The Wind project began with giving F-Droid the ability to "swap apps" using only Bluetooth and local Wi-Fi connections. We have enabled users with limited connectivity to gather and share media to archive.org via OpenArchive. Added "nearby" data exchange to share sensitive or blocked news via Proofmode and Courier. LibraryBoxen are integrated in as relay or source of data. Guardian Project always works in partnership with the people and organizations whose needs we are aiming to address. Real world solutions do not exist in a bubble, so we always integrate with established free software projects, as well as develop design guidelines and document key concepts to spread all aspects of this research. This work was undertaken in partnership with Tibetans facing internet shutdowns, Cubans working with their own separate networks, Latin Americans facing expensive data plans, and people all over the world who experience outages and unreliable connectivity. For Wind, our development approach is to incrementally improve upon existing efforts, while also focusing on developing the new integration glue necessary to provide a smooth, usable and practical to deploy experience. We are not inventing a new stack or protocol from scratch, or envisioning a utopian silo in which our systems solves all of the potential problems end-to-end. The issue that we see is that there are many potential components, protocols or software libraries that exist today, but that they have not been unified into a cohesive, usable experience that promotes easy deployment, bootstrapping and adoption. This work just won fourth prize in the Mozilla "Wireless Innovation for a Networked Society" Off-the-Grid Internet Challenge, providing us funding to take the next step in the development. false Hans-Christoph Steiner Guardian Project's Wind page Mozilla "Wireless Innovation for a Networked Society" Off-the-Grid Internet Challenge Latin American Personas for guiding design processes https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9915.html 2018-12-28T17:30:00+01:00 17:30 01:00 Eliza 35c3-9915-projekt_hannah Projekt Hannah Ein open-source Hardware- und Software-Design für vierbeinige Laufroboter Hardware & Making lecture de Um das Entwickeln von eigenen Laufrobotern zu erleichtern, brauchen wir offene Alternativen zu bestehenden Plattformen. Am Beispiel unseres Projektes "Hannah" stellen wir euch Möglichkeiten vor, wie Open Source in Robotik-Hardware praktisch eingesetzt werden kann. Wir bauen einen vierbeinigen Laufroboter, der vollständig open-source in Hard- und Software ist, denn Roboter werden für uns alle sicherer und nützlicher sein, wenn wir ihre Funktionalität vollständig verstehen und ihrer Hardware vertrauen können. Außerdem sind wir überzeugt, dass zukünftige Robotik/KI-Systeme für die Menschheit allgemein förderlich sein werden, wenn die zugrundeliegende Technologie unabhängig von privaten Interessen und in den Händen von Wissenschaftlern, Ingenieuren und Hackern weltweit ist. Bei der Entwicklung von Laufrobotern ist die notwendige Hardware oft nicht erschwinglich, oder die Quellen für die Hardware-Designs oder die Software schwer zugänglich. Einen Laufroboter von Grund auf zu entwickeln kann leicht mehrere Jahre dauern, was für Forscher und Hobbyisten viel Aufwand bedeutet und für Startups ein hohes Risiko darstellt. Wir entwickeln ein völlig freies quelloffenes Hardware- und Software-Design für einen Laufroboter, welches von allen verwendet, studiert, modifiziert und verteilt werden kann, und wollen damit einen Beitrag zur Demokratisierung des Bereichs der Laufroboter leisten. Das mechanische Design besteht aus 3D-gedruckten oder Laser-geschnitten Teilen, welche anderweitig zu teuer wären, bzw. aus Standardteilen, welche vielerorts günstig erworben werden können. Der Roboter kann somit leicht im lokalen Hackspace oder zu Hause nachgebaut werden. Das Motorsteuerungssystem ist eine ebenfalls quelloffene Elektronik- und Firmware-Eigenentwicklung zur einfachen Regelung von DC-Motoren inklusive eines flexiblen Bussystems zur Echtzeitkommunikation. Die Software umfasst die Low-Level Motorregelung und die Algorithmen zur Bewegungssteuerung für verschiedene Gangarten und Richtungen, welche durch Mikroprozessor-freundliche neuronale Regler erzeugt werden. false Matthias Kubisch Felix Just Supreme Machines Website Kurzes Video vom Roboter Foto vom Roboter Noch ein Foto vom Roboter Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9733.html /system/events/logos/000/009/733/large/privacy.png?1539962563 2018-12-28T18:50:00+01:00 18:50 01:00 Eliza 35c3-9733-was_schutzt_eigentlich_der_datenschutz Was schützt eigentlich der Datenschutz? Warum DatenschützerInnen aufhören müssen von individueller Privatheit zu sprechen. Ethics, Society & Politics lecture de Beim Datenschutz geht es mitnichten um Privatsphäre, um das eigene Schlafzimmer oder um das Teilen privater Daten bei Facebook. Es geht gleichermaßen um den Erhalt einer demokratischen Gesellschaftsordnung wie um den Erhalt individueller Handlungsalternativen im digitalen Zeitalter. Wir dürfen also nicht so sehr über Einzelpersonen und ihre höchst subjektiven Privatheitswünsche sprechen, sondern viel mehr von Machtasymmetrien, Durchsetzungsmacht, sowie „starken“ und „schwachen“ Akteuren. Erst mit diesem strukturellen Blick können wir politischen Nebelkerzen wie "Selbst-Datenschutz", "Dateneigentum", "individuelle Datensouveränität" oder etwa "Algorithmen-Ethik" etwas entgegensetzen, die zunehmend als Lösung für das Problem der Verdatung der Gesellschaft angeboten werden. Wir müssen uns strukturell und auch theoretisch mit dem Problem der Informationsmacht großer Organisationen (Behörden, Firmen) beschäftigen, wenn wir einer grundrechtsorientierten digitalen Gesellschaft leben wollen. Denn Datenreichtumsbefürworter- und DatenschutzverächterInnen, die derartige Probleme wie so oft dem Individuum aufbürden wollen, haben nämlich keinen theoretischen Unterbau. Dieser Foundation-Talk vermittelt passioniert das Rüstzeug und die nötigen Grundlagen, um tatsächlich sinnvolle Datenschutzbebatten zu führen. false Rainer Rehak VIDEO FOLIEN https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9590.html /system/events/logos/000/009/590/large/swiss-flag_001.jpg?1545082519 2018-12-28T20:50:00+01:00 20:50 00:40 Eliza 35c3-9590-schweiz_netzpolitik_zwischen_bodensee_und_matterhorn Schweiz: Netzpolitik zwischen Bodensee und Matterhorn Massenüberwachung, Netzsperren und andere netzpolitische Schauplätze in der Schweiz Ethics, Society & Politics lecture de Datenreichtum, E-Voting, Massenüberwachung und andere netzpolitische Schauplätze in der Schweiz Der Kampf um die Freiheit im digitalen Raum wird auch in der Schweiz intensiver. Wir blicken auf das netzpolitische Jahr 2018 in der Schweiz zwischen Bodensee und Matterhorn zurück. Wir behandeln jene Themen, die relevant waren und relevant bleiben. Weiter zeigen wir, was von der Digitalen Gesellschaft in der Schweiz im neuen Jahr zu erwarten ist. Themen sind unter anderem: Massenüberwachung: Kabelaufklärung und Vorratsdatenspeicherung sowie die Beschwerden, welche die Digitale Gesellschaft in der Schweiz führt. E-Voting: Abstimmungen und Wahlen im Internet sowie der Kampf für das Vertrauen in die Direkte Demokratie in der Schweiz. Netzsperren: Die Zensur im schweizerischen Internet begann mit «Denkt denn niemand an die Kinder?» und geht nun mit Geldspielen im Internet weiter … Urheberrecht: Wie die USA im «Piratenstaat» Schweiz ihre Forderungen durchsetzen, unter anderem mit Massenabmahnungen gegen Filesharing. Datenschutz: Wo war in der Schweiz besonders viel «Datenreichtum» zu beobachten? Digitale Gesellschaft in der Schweiz: Razzia am «Hort der Linksextremen», Winterkongress und andere Aktivitäten. Nach dem Vortrag sind alle interessierten Personen eingeladen, die Diskussion an einem Workshop der Digitalen Gesellschaft fortzusetzen. Es werden Aktivisten von verschiedenen aktiven Organisationen der Netzpolitik in der Schweiz anwesend sein (Digitale Gesellschaft, CCC-CH, CCCZH, Piratenpartei Schweiz, Digitale Allmend). <a href="https://events.ccc.de/congress/2018/wiki/index.php/Session:Follow-up_meeting_to_the_Netzpolitik_in_der_Schweiz_talk">https://events.ccc.de/congress/2018/wiki/index.php/Session:Follow-up_meeting_to_the_Netzpolitik_in_der_Schweiz_talk</a> false Martin Steiger Patrick "packi" Stählin Kire Digitale Gesellschaft in der Schweiz Folien / Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9492.html /system/events/logos/000/009/492/large/alice_bob.png?1545322020 2018-12-28T21:50:00+01:00 21:50 00:40 Eliza 35c3-9492-wallet_security Wallet Security How (not) to protect private keys Security lecture en There are multiple different ways to store cryptocurrency secret keys. This talk will investigate advantages and disadvantages of different methods with regards to cryptographic backdoors known as kleptograms. With the increasing popularity of cryptocurrencies such as Bitcoin, there is now a variety of different wallet solutions and products available. Wallet in this context refers to any device or piece of software which store secret keys. Those secret keys are typically used to create and sign transactions (payments, smart contracts, etc.) using ECDSA. Wallet implementations range from simple open-source software to hardware tokens. Some solutions store the keys in files (possibly encrypted with a passphrase), while others use hardware-based cryptography modules. Hardware-based key storage comes with a lot of advantages. The chips are designed to make it hard to extract keys. What is often overlooked is that it is hard to verify that the wallet actually does what the manufacturer claims it does. One obvious solution is to not connect the wallet to a computer with Internet access in order to avoid exposure of secrets. However, there are possible cryptographic backdoors called kleptograms that can hide the secret information within the published signatures in a way that is provably undetectable. The kleptographic attacks were first discovered by Adam Young and Moti Yung in 1997 for classic DSA. The author of this talk has investigated the relevance of this attack for ECDSA in the context of Bitcoin. Note that this attack is not limited to Bitcoin and might be relevant for other ECDSA-based protocols as well. false Stephan Verbücheln How Perfect Offline Wallets Can Still Leak Bitcoin Private Keys Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9939.html /system/events/logos/000/009/939/large/ccc_talk4.jpg?1545941976 2018-12-28T22:50:00+01:00 22:50 00:40 Eliza 35c3-9939-disnovation_org DISNOVATION.ORG Disobedient Innovation Art & Culture lecture en Through the hacking of surveillance techniques, machine learning, and big-data analytics, DISNOVATION.ORG’s trilogy of internet bots is uncovering and repurposing some of the influential and opaque operating systems of our online environment. Started in 2012 with The Pirate Cinema (exposing the dynamics of peer-to-peer media sharing and its materiality), followed by Predictive Art Bot (a disruption of the normative effects of social media on creativity), and continued with Computational Propaganda (a ‘system test’ of the online political influence apparatus), this series explores black box technologies and the algorithmic governance of our aspirations, decisions, and political views. These three artworks aim to reveal emergent algorithmic imaginaries, expose the inner workings of these systems, and stimulate critical debate. false DISNOVATION.ORG DISNOVATION.ORG Art Collective Predictive Art Bot The Pirate Cinema Predictive Art Bot | Online artwork view Predictive Art Bot | Installation view https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10036.html /system/events/logos/000/010/036/large/photo_2017-12-25_16-24-33.jpg?1545927390 2018-12-28T23:50:00+01:00 23:50 01:00 Eliza 35c3-10036-mondnacht Mondnacht Lesung Art & Culture performance de "Mondnacht" von Stanislav Lem. Das berühmte SF Rundfunk-Hörspiel als Lesung mit analogen und digitalen Mitteln. Drei SchauspielerInnen lassen die letzte Mondnacht einer Raumfahrtbesatzung aufleben. Der Mond sieht still zu, wie sich in der beengten Atmosphäre der Raumstation ein verheerendes Spiel des Misstrauens entfaltet. Mit analogen und digitalen Soundeffekten werden die Zuhörer in die Hemisphere entführt. Ein besonderes Ereignis mit dem genialen Text des Meisters der SF Literatur. false Jule Torhorst Tammo Messow Ted Siegert 2018-12-28T00:00:00+01:00 00:00 02:00 Chaos West Bühne X8P8VN https://fahrplan.chaos-west.de/35c3chaoswest/talk/X8P8VN Tech-House Set ft. VJ Moritz Hilscher Klangteppich de Ein DJ Set, gemixed von avocadoom, mit viel Tech-House, mit bekannteren und unbekannteren Tracks, relativ ausgewogen und vielseitig. „Es ist Zeit, den Klangteppich mit 4 on the floor mal ein bisschen auszuklopfen.“. + VJ Moritz Hilscher Hey, ich bin Thilo (avocadoom) vom CCC-Darmstadt und neben dem ganzen gehacke lege ich ab und zu hobbymäßig House auf. Ich würde dieses Jahr gerne in die Welt des Klangteppichs eintauchen und euch ein bisschen House auf die Ohren geben. Das Set soll relativ ausgeglichen werden, nicht zu aufgeregt, nicht zu ruhig. Um das ein bisschen zu konkretisieren, hier ein paar Beispiele: - "La Luna" - Jude & Frank - "Crowd Control" - FISHER - "The Jam" - Guz, Simun true avocadoom Student, Member@CCCDA, Schlagzeuger, Hobby-DJ Moritz Hilscher Lorem Ipsum. 2018-12-28T02:00:00+01:00 02:00 02:00 Chaos West Bühne BCXFBN https://fahrplan.chaos-west.de/35c3chaoswest/talk/BCXFBN DJ robelix Klangteppich de »Ach, wenn ich alleine rumfahre, höre ich meistens Industrial«, sagt das Auto. (aus Qualityland, Marc Uwe Kling) DJ-set - nicht nur für selbstfahrende Autos. Von melodischem Futurepop, Darkwave, Synthwave über stampfenden Industrial Dance, EBM bis krachendem Rhythm'n'Noise, IDM. »Ach, wenn ich alleine rumfahre, höre ich meistens Industrial«, sagt das Auto. (aus Qualityland, Marc Uwe Kling) DJ-set - nicht nur für selbstfahrende Autos. Von melodischem Futurepop, Darkwave, Synthwave über stampfenden Industrial Dance, EBM bis krachendem Rhythm'n'Noise, IDM, gespickt mit etwas Chiptunes. true robelix Hacker, Linuxer, Admin, DJ, Vampir aus Innsbruck https://www.robelix.com/ 2018-12-28T11:30:00+01:00 11:30 00:20 Chaos West Bühne UZXL7T https://fahrplan.chaos-west.de/35c3chaoswest/talk/UZXL7T Wie aus einer Wette ein Kiosk System für den Raspi wurde Einfacher Slot mit optionalen Q+A de Evaluierung welches Betriebssystem am wenigsten Ressourcen verbraucht und welcher Browser am Besten geeignet ist. Installation und Konfiguration des OS auf dem RASPI sowie Konfiguration des Kiosk Modus im Browser. Der eingebaute Browser unserer Fernseher in der IT-Abteilung hatte Probleme, Nagios /Check MK richtig darzustellen. Mein Chef wollte einen Tiny PC Mit Windows 10 (Lenovo M920 ca. 1.000,--€)) einsetzten , Ich wollte Geld sparen und habe den RASPI vorschlagen, daraus wurde eine Wette ! Das hauptsächliche Problem war eine Distri zu finden, die auch auf dem Raspberry PI eine brauchbare Performance erzielt . Es musste aber auch sichergestellt werden, das wir in unserem Windows Umfeld einen Linux PC auch administrieren können (VNC, SSH) false B@lu Fachinformatiker für Systemintegration Seit mehr als 40 Jahren setze ich mich intensiv mit den Entwicklungen der IT auseinander. 2021 - 2004 während des Studiums, Arbeit als First Level Hotliner bei einer Software Firma im Siegerland Seit 2016 Arbeit als Second und Third Level, Verantwortlicher bei einem mittelständischen Unternehmen am Niederrhein mit insgesamt 6 Werken auch im europäischen Ausland 2018-12-28T12:00:00+01:00 12:00 00:50 Chaos West Bühne TMPXSJ https://fahrplan.chaos-west.de/35c3chaoswest/talk/TMPXSJ Exploiting PS4 Video Apps Doppelter Slot 40 Minuten + 10 Minuten Q+A de Video Apps auf der PS4 sind etwas Herrliches. In diesem Talk zeige ich wie man sie Ausnutzen kann um eigenen unsignierten Code auszuführen (unabhängig von der installierten Firmwareversion). Schritt für Schritt zeige ich dabei vor was für Probleme ich am Anfang meines Einstieges in die PS4 Szene stand und wie ich diese, um ans Ziel zu gelangen, gelöst habe. Vor knapp drei Jahren hat meine Frau mir eine PS4 zum Geburtstag geschenkt. Sie konnte ja nicht ahnen das ich mit der Konsole alles tun würde, nur nicht zocken. In diesem Talk wird es um das Projekt gehen mit dem ich Fuß in der PS4 Untergrundszene gefasst habe. Schritt für Schritt werden wir sehen was nötig war um auf einem fremden/unbekannten System unsignierten Code ausführen zu können. Ich werde den Exploit und seine Schritte so detailliert wie möglich erklären und somit zeigen das Software-Exploits keine Magie, sondern eine Folge logischer Abläufe sind. false m0rph3us1987 Reverse engineering fetischist mit einer Vorliebe für Spielekonsolen. Twitter: @m0rph3us1987 2018-12-28T13:00:00+01:00 13:00 00:50 Chaos West Bühne WY9DSX https://fahrplan.chaos-west.de/35c3chaoswest/talk/WY9DSX Neusprech Crashkurs Doppelter Slot 40 Minuten + 10 Minuten Q+A de Der Vortrag gibt einen Einblick in das Thema Neusprech. In drei Teilen wird eine Definition im Historischen Kontext erarbeitet, anhand von konkreten Beispielen Neusprech unterschiedlicher Absender betrachtet und schließlich wird die Wirkungsweise von Neusprech anhand von Framing aufgezeigt. Teile das Vortrags basieren auf Arbeiten und Talks von Martin Haase. In der öffentlichen Diskussion wird oft die Verwendung von Neusprech angesprochen, doch was ist Neusprech genau? Im „Neusprech Crashkurs“ möchte ich anhand umfangreicher Beispiele aufzeigen, was Neusprech für Orwell war, was unter heutigem Neusprech zu verstehen ist und welche Strategien dabei eingesetzt werden. Dabei möchte ich mich nicht nur auf politischen Neusprech beschränken, sondern auch Aspekte wie die Public Relation und soziokulturelle Einflüsse beleuchten. Zuletzt möchte ich aufzeigen, was kontinuierlicher Neusprech in unseren Köpfen macht. Dabei möchte ich nicht nur auf Definition und trockene Theorie beschränken, sondern auch die emotionalen Wirkungen aufzeigen, die durch kontinuierliche Wiederholung auch unsere Gedanken verändern kann. Aktuelle Folien des Vortrags: http://www.NerdGirl.de/Download/Neusprech.zip (17,3 MB | .odp-Format) false MissInformation Warpzone hackerspace Münster 2018-12-28T14:00:00+01:00 14:00 00:50 Chaos West Bühne CHEGRS https://fahrplan.chaos-west.de/35c3chaoswest/talk/CHEGRS Frauen* + NIT Gruppen im Umfeld des CCC: Wo, warum und was sind unsere Projekte Doppelter Slot 40 Minuten + 10 Minuten Q+A de Das Panel besteht aus Vertreter\*innen der F(NIT)-Gruppen aus mehreren Städten sowie dem Mz\* Baltazar’s Lab (Wien) und den Haecksen. Angedacht ist es, den Bogen von Feminismus im Generellen zur Planung und Umsetzung eines eigenen Spaces oder einer Gruppe zu schlagen. Dabei sollen Probleme, positive Erlebnisse, Strategien und Tipps für eine Neugründung gesammelt werden. Geplanter Verlauf: - Welche Probleme in unserer Gesellschaft aus feministischer Sicht seht ihr? - Was hat euch geholfen, euch zu gründen? - Welche Probleme gab es, im Space, generell, warum habt ihr euch keinem Space angeschlossen? - Wie seit ihr gegen diese angegangen, konnten diese gelöst werden? - Welche Unterstützung bräuchtet ihr, um noch offene Probleme anzugehen in eurem Space? - Welche Unterstützung bräuchte Mensch, um offene Probleme allgemein anzugehen? - Gibt es Dinge, Situationen, die euch positiv überrascht haben? - Was würdet ihr anders, genau so wieder machen um eure Gruppe entstehen zu lassen? - Welche Tipps habt ihr für Menschen, die eine lokale Gruppe in dieser oder ähnlicher Form gründen möchten? false Haecksen haecksen.org 2018-12-28T16:00:00+01:00 16:00 00:50 Chaos West Bühne ANCPJM https://fahrplan.chaos-west.de/35c3chaoswest/talk/ANCPJM Stack Buffer Overflow Exploits - Wie ein "harmloses" Dokument einen Rechner infizieren kann Doppelter Slot 40 Minuten + 10 Minuten Q+A de Dieser Vortrag ist der Versuch, nicht-Fachleuten anhand eines Stack Buffer Overflows anschaulich zu erklären und zu demonstrieren, warum und wie ein vermeintlich harmloses Dokument wie bspw. ein PDF einen Rechner mit einem Virus oder Wurm infizieren kann. Hast Du dich schon mal gefragt, wie es eigentlich möglich ist, dass ein PDF, ein Office Dokument oder eine Email einen Rechner lahm legt? In diesem Vortrag gehen wir dieser Frage auf den Grund. Hierbei wird versucht, unwichtige Details weg zu lassen, nur die nötigsten Fachwörter zu verwenden und diese auch zu erklären. An einigen technischen Details kommen wir leider nicht vorbei, diese werden aber vereinfacht dargestellt, um möglichst viele erreichen und mitnehmen zu können. Als Beispiel dient ein klassischer Stack Buffer Overflow wie im berühmten Artikel "Smashing the Stack for Fun and Profit" beschrieben. Wenn die Demo-Götter gut gelaunt sind, "infiziert" der Vortragende am Ende live seinen eigenen Rechner mit dem vorgestellten Verfahren. Zielgruppe: Alle außer ITSec ExpertInnen und anderen Menschen, die bereits wissen, wie ein Buffer Overflow funktioniert. :-) Quellcode von Folien und Demo: https://gitlab.com/chaos-siegen/oektion/vortrag/buffer_overflow false haggl * Diplom-Informatiker und Meister der Wissenschaft * Anhänger des Hackspace und Chaostreffs Siegen * Organisator und Betreuer von CmS in Siegen * Lehrkraft für analoge und digitale Selbstverteidigung 2018-12-28T17:00:00+01:00 17:00 00:50 Chaos West Bühne B9JQG9 https://fahrplan.chaos-west.de/35c3chaoswest/talk/B9JQG9 Der Strom kommt aus der Steckdose, oder? Doppelter Slot 40 Minuten + 10 Minuten Q+A de Dieser Talk gibt einen Überblick darüber, wie das deutsche Stromnetz aufgebaut ist und wo die Reise hingeht. Wo stehen die großen Kraftwerke? Was passiert, wenn diese durch dezentrale Erneuerbare Energiequellen ersetzt werden und führt die Energiewende wirklich zu einer dezentraleren Energieversorgung? Wie ist das Stromnetz in Deutschland aufgebaut? Warum verwendet man Hochspannung? Wieso bauen Netzbetreiber lieber Freileitungen, als ein Kabel in den Boden zu legen? Die Energiewende verändert derzeit das elektrische Netz ungemein. Erneuerbare Energien übernehmen immer mehr die Aufgaben von Großkraftwerken und bringen dadurch völlig neue Herausforderungen mit sich. Plötzlich gibt es zu einigen Zeiten Überkapazitäten, die nicht nur zu absurden Effekten an der Strombörse in Leipzig führen, sondern auch gefährlich für die Netzstabilität werden können. Dann gibt es wiederum Tage, an denen die Erneuerbaren Energien fast nichts zum Strommix beitragen und der Großteil der elektrischen Energie aus Kohle-, Gas- und (noch) Kernkraftwerken kommt. Wir gehen den Fragen nach, ob die neuen dezentralen Energiequellen wirklich so dezentral sind, wie es heiß, ob neue Leitungen wirklich nur wegen der Energiewende gebaut werden oder nicht doch auch aus Profitgründen und warum Kabel oft nicht die bessere Alternative zu Freileitungen sind. Natürlich kommen am Anfang auch nicht die Grundlagen zu kurz. All das versucht dieser Vortrag verständlich zu erklären. Vorwissen wird nicht benötigt! false bodems Bodems ist Freifunka, Infrastructuralist und hat mal bei so einem Netzbetreiber gearbeitet. Heute sorgt er dafür, dass Elektrofahrzeuge sich mit dem Netz vertragen und therapiert manchmal Katzen. 2018-12-28T18:00:00+01:00 18:00 00:50 Chaos West Bühne NZ38DR https://fahrplan.chaos-west.de/35c3chaoswest/talk/NZ38DR Track me, if you … oh. Doppelter Slot 40 Minuten + 10 Minuten Q+A de Sammeln und Verkauf von Bewegungsdaten abseits von Mobilfunk und Smartphone. Der Mobilfunkanbieter weiß, wo Du Dich bewegst - no news here. Aber wie steht es mit den Dutzenden anderen Firmen, Marketing Agenturen, Kaufhäusern oder Netzwekausrüstern, die Deine Bewegungsdaten selbst ohne Smartphone-App erfassen und das, ohne dass Du es wissen kannst? Feature Phones, Smartphones, Laptops, Smartwatches, Bluetooth Kopfhöhrer - sie alle haben eines gemeinsam: sie können Funktechnologien wie WLAN oder Bluetooth. In den letzten Jahren hat sich eine ganze Marktsparte an Firmen entwickelt, deren Geschäftsmodell es ist, die Metadaten dieser Technologien zu erfassen, zu korrelieren und zu verwerten. Dabei ist es unerheblich, ob Du z.B. das öffentliche WLAN dieser Firmen nutzt oder nicht. Die Präsenz Deiner Geräte reicht aus, um sie (wieder)zuerkennen. Und eine automatische Macadressen-Randomisierung hilft nur begrenzt. false Clemens Hopfer Elektroniker mit Kommandozeilen-Hintergrund. Busybox alchemist, embedded firmware wrangler. OE1RFC. Clemens arbeitet seit über 10 Jahren mit embedded linux systems beschäftigt sich seit einigen Jahren stärker mit dem Thema Datenschutz. jinxx Autorin, Podcasterin, Dinge mit Datenschutz 2018-12-28T19:00:00+01:00 19:00 00:50 Chaos West Bühne PV98T9 https://fahrplan.chaos-west.de/35c3chaoswest/talk/PV98T9 Wertschätzend kommunizieren - durch vier Schritte "in Kontakt kommen" Doppelter Slot 40 Minuten + 10 Minuten Q+A de [Rosenberg](https://de.wikipedia.org/wiki/Marshall_B._Rosenberg) hat in der [gewaltfreien Kommunikation (GFK)](https://de.wikipedia.org/wiki/Gewaltfreie_Kommunikation) vier konkrete Schritte formuliert, die jede/n besser kommunizieren lassen sollen. Im Slot werden diese vorgestellt und durch praktische Übungen begleitet. Mehr als eine kurze Einführung in die GFK kann der Slot in der knappen Zeit nicht bieten. Aber Achtung: It's simple, but not easy! :-) Die GFK ist eine "Erfindung" des amerikanischen Psychologen [M. B. Rosenberg](https://de.wikipedia.org/wiki/Marshall_B._Rosenberg). Er hat verschiedene Ansätze und Ideen zusammengetragen und in ein praktisch anwendbare Handlungsempfehlung gegossen. Seine Ansätze sind nicht neu oder revolutionär, sie betonen nur gewisse Dinge und legen einen Schwerpunkt auf Empathie, Bedürfnisse und Gefühle. Rosenberg hat die GFK Mitte der 60er Jahre entwickelt. Vor der Jahrtausendwende hat GFK in Deutschland weite Verbreitung gefunden. Mittlerweile gibt es in vielen Regionen Deutschlands lokale Gruppen, die sich der Verbreitung und der praktischen Ausübung der GFK verschrieben haben. Im Slot werden wir die vier Schritte der GFK kennenlernen und (in kleineren Gruppen) praktisch üben bzw. erfahren. Besondere Voraussetzungen: keine: Offenheit und Neugierde auf Neues und die Auseinandersetzung mit den eigenen Gefühlen sind hilfreich. ;-) false Ludger Ich arbeite in der IT-Branche, liebe Podcasts und habe vor einigen Jahren Basis-Kurse in gewaltfreier Kommunikation besucht. Durch eigenes Erleben weiß ich (für mich), dass GFK ein sinnvoller Weg ist "besser" zu kommunizieren. 2018-12-28T21:00:00+01:00 21:00 00:20 Chaos West Bühne 33CNRG https://fahrplan.chaos-west.de/35c3chaoswest/talk/33CNRG Network monitoring via SSH und ELK Einfacher Slot mit optionalen Q+A de Wenn SNMP nicht will, wie kann man Netzwerk Hardware mit SSH überwachen. Welche Tools gibt es, wie kann man diese Tools verbinden und was für Informationen erhält man (plus welche Informationen wirft man besser direkt weg) Wenn die Netzwerkhardware bestimmte Dinge nicht über SNMP ausgeben will, aber man Daten via SSH erhalten kann zeigt dieser Vortrag wie man die Daten am besten nutzen kann. Es wird zusätzlich eine kurze Übersicht über python paramiko, splunk/ELK Stacks und was im Network Monitoring möglich ist geben, wenn SNMP keine Option ist. Dieser Vortrag ist auch für Personen interessant, die grundlegende Erfahrung sammeln wollen, wie man Python verwenden kann um Netzwerk Hardware zu verwalten. Die in den Beispielen verwendeten Quelltexte sind auf Github verfügbar. false Heiko Borchers Ehemaliger Azubi an der Heinrich-Heine Universität Düsseldorf. Inzwischen mache ich Dinge mit Wolken 2018-12-28T21:30:00+01:00 21:30 00:20 Chaos West Bühne K8ABSC https://fahrplan.chaos-west.de/35c3chaoswest/talk/K8ABSC Die Geschichte vom Biegeradius Einfacher Slot mit optionalen Q+A de Was passiert mit einer Faser die 10x um einen Bleistift gewickelt wird? Was hat es mit dieser Dämpfung auf sich, und warum macht sie mein Internet langsam? Was ist der unterschied zwischen 1310nm & 1550nm und warum gibt es beides? Diese und andere Fragen beantworten wir auf der Bühne. Was passiert mit einer Faser die 10x um einen Bleistift gewickelt wird? Was hat es mit dieser Dämpfung auf sich, und warum macht sie mein Internet langsam? Was ist der unterschied zwischen 1310nm & 1550nm und warum gibt es beides? Diese und andere Fragen beantworten wir auf der Bühne. false Thies Mueller (td00) . 2018-12-28T22:00:00+01:00 22:00 02:00 Chaos West Bühne 9VD3XJ https://fahrplan.chaos-west.de/35c3chaoswest/talk/9VD3XJ Chaos-Familien-Duell Doppelter Slot 40 Minuten + 10 Minuten Q+A de Die chaotische Variante des Familien-Duells, gleiches Spielprinzip nur Chaotischer. Gespielt wird in Teams, welche sich vorzugsweise aus Hackerspaces und ähnlichen Gruppierungen bilden. Am Ende ziehen zwei Teams ins Finale ein und haben die Chance auf "tolle Preise". Dieses Spiel soll sich stark an der Fernseh-Show "Familien-Duell" orientieren, nur mit anderen Fragen. Vor dem Spiel werde ich mich darum kümmern, dass sich Teams aus einzelnen Hackerspaces und anderen Hacker-Familien bilden die dann antreten können. Zudem werden die Antworten auf die Fragen die das Spiel voraussetzt aus Chaos-West gesammelt. Es wird zwei Spiele mit jeweils zwei Teams geben. Aus jedem dieser Spiele wird ein Team siegreich hervorgehen und dieses wird dann im Finale gegen das andere antreten. Das Team, dass im Finale gewinnt wird einige Preise erhalten, was das sein wird steht natürlich noch nicht fest. Dieses Spiel soll zum einen für ein wenig Entspannung nach Talks und Arbeit auf dem Congress dienen, zum anderen soll durch ein solches Spiel die Kommunikation zwischen einzelnen Hacksen, Hackern und Hackspaces fördern. false olel Hackt in Münster, alles ist mit seinem Namen beschriftet. 2018-12-28T14:30:00+01:00 14:30 01:00 ChaosZone QX9NBX https://cfp.chaoszone.cz/35c3/talk/QX9NBX Datenguide: Hacking the statistics office! Session 60min en With our project [Datenguide](https://datengui.de), we work on making official statistics data more accessible to normal people. In this session we'll explain why and how we do it. Official statistics are statistics published by government agencies and other public bodies, usually about economic, environmental, and societal topics. They are commonly used by policy makers and public administrators but are also an important tool for journalists and civil society initiatives. Official statistics can be used for political reporting, for debunking misinformation and "fake news", and for lobbying for social change. The good news is that official statistics are open data, so at least in theory anyone can download and use them for whatever they like. The bad news is that official statistics are usually made and published by bureaucrats for other bureaucrats. German official statistics are hidden in ancient data portal software and are notorious for being hard to use and to understand. [Datenguide](https://datengui.de) is a civic tech initiative that aims to make German official statistics accessible to everyone. We work on [Python and JavaScript tools](https://github.com/datenguide/datenguide) for freeing official statistics data and organize events to help people use them. In this talk, we'll give an overview of the technology we are building, explain the problems we are facing, and talk about ways to contribute to the project. false Simon Jockers 2018-12-28T16:00:00+01:00 16:00 01:00 ChaosZone 7JWW8Q https://cfp.chaoszone.cz/35c3/talk/7JWW8Q WikiTech Session 60min en How does Wikimedia serve a hundred thousand Wikipedia pages second? An overview of the technical side of running Wikipedia & Co, from code review and the server farm to the deployment process and scaling storage infrastructure. false brightbyte Been here. Done that. Got all the t-shirts. áč 2018-12-28T17:30:00+01:00 17:30 01:00 ChaosZone PHHS7L https://cfp.chaoszone.cz/35c3/talk/PHHS7L Reversing Industrial Protocols – Real World Use Cases Session 60min en Most PLC protocols are old (older than the entire Ethernet protocol) and by their very nature insecure. I will not be discussing the “known” industrial protocols, such as S7com, TwinCAT and modbusTCP etc … in large detail, but rather the lesser known variants that are used to actually control and/or configure these devices. Almost every single use case and demonstration during this session are actually zero days and will remain zero days. Since it is a “normal” use of the (unauthenticated protocols) and these devices remain untouched for 20 to 30 years, it is practically impossible to “update the protocols” without closing down a million dollar factory for like a year or so. We will demonstrate vulnerabilities on Siemens and Beckhoff PLC's. Both patched and non patched (as part of the protocol). false Tijl Deneut 2018-12-28T19:00:00+01:00 19:00 01:00 ChaosZone 3L8XYN https://cfp.chaoszone.cz/35c3/talk/3L8XYN Polizei Gesetz in Sachsen Session 60min de Nein zum neuen saechsichen Polizeigesetz! Der Referent*innen Entwurf für das neue sächsische Polizeigesetz (Sächsisches Polizeivollzugsdienstgesetz – SächsPVDG) wurde geleaked: download Einführung Wenn es nach der sächsischen Polizei geht, sind wir zukünftig alle verdächtig. Wir alle sind eine potenzielle Bedrohung und müssen mit Kameras, Maschinenpistolen und Überwachungstechnik in Schach gehalten werden. Der Staat scheint sich vor uns schützen zu wollen aber wie schützen wir uns eigentlich vor dem Staat? Im sächsischen Landtag wird derzeit über ein neues Polizeigesetz verhandelt. In Bayern soll ein ähnliches Gesetz verabschiedet werden und stößt auf viel Widerstand. Nicht umsonst wird der (bayerische) Entwurf als „schärfstes Polizeigesetz seit 1945“ bezeichnet: Die Polizei soll umfangreiche neue Befugnisse erhalten, selbstständig Grundrechte einschränken und uns alle überwachen und bespitzeln dürfen. Gleichzeitig werden die Einheiten militärisch aufgerüstet und bewaffnet. Hier werden Freiheitsrechte und die Unschuldsvermutung mit Füßen getreten. Es wird verstärkt ein Klima der Angst und des gegenseitigen Misstrauens geschaffen. Der Rechtsstaat verändert sich immer mehr hin zu einem autoritären Polizeistaat. Diese Entwicklung betrifft uns alle! Angriff auf Grundrechte Das Gesetz gibt der Polizei Befugnisse bei einer „drohenden Gefahr“ und gegenüber sogenannten Gefährdern. Die sächsische Polizei könnte dann bei bloßen Vermutungen ermitteln, ohne dass überhaupt ein Verbrechen begangen wurde oder ein begründeter Verdacht vorliegt. Das bedeutet: Die Polizei kann quasi gegen jede/n ermitteln. So würde das Polizeigesetz die Unschuldsvermutung außer Kraft setzen. Eine Art Hausarrest (Aufenthaltsgebot §21) bis zu drei Monaten kann die Polizei verhängen, auch ohne richterlichen Beschluss. Dies kann sie mittels elektronischer Fußfesseln durchsetzten. Jede Privatsphäre von Betroffenen kann ohne konkreten Vorwurf ausgehebelt werden. Auch Verdächtige und Verurteilte haben Grundrechte. Das unterscheidet einen Rechtsstaat vom Polizeistaat. Mit dem neuen Polizeigesetz soll auch der besondere Schutz für Journalist/Innen und Beratungsstellen aufgehoben werden. Die Polizei darf diese dann auch nach eigenem Ermessen abhören und überwachen. Das ist ein drastischer Eingriff in die Pressefreiheit und gefährdet das Vertrauen in diese Institutionen. Das neue Polizeigesetz rüttelt an der körperlichen Unversehrtheit, der persönlichen Freiheit, dem Recht auf informationelle Selbstbestimmung, dem Briefgeheimnis, der Unverletztlichkeit der Wohnung. Das Gesetz ist ein Angriff auf unsere Grundrechte und die Grundfesten des Zusammenlebens. Das können wir nicht hinnehmen! Rassismus und Abschottung Viele der Maßnahmen, die im Gesetz vorgesehen sind, richten sich offensiv gegen Geflüchtete und Menschen, die nicht in Deutschland geboren sind. Die Einstufung von Refugee-Unterkünften als sogenannte „gefährliche Orte“ stellt alle dort Lebenden unter Generalverdacht und lässt zu sie jederzeit zu kontrollieren. Hausarrest und technische Überwachung erleichtern es, Menschen jederzeit orten und abschieben zu können. Stärkere Grenzkontrollen mithilfe von Videoüberwachung und Gesichtserkennung dienen nicht der allgemeinen Sicherheit sondern der Abschottung nach außen. Der Staat nimmt sich hier das Recht, Menschen als Kriminelle zu behandeln, sie zu bevormunden und zu schikanieren und das ausschließlich auf Grund ihrer Hautfarbe und Herkunft. Das ist keine Sicherheitspolitik, das ist rassistische Ausgrenzung. Flucht ist kein Verbrechen – Bewegungsfreiheit ist Menschenrecht! Überwachung um jeden Preis Das neue Gesetz würde die Videoüberwachung noch mehr ausweiten: Auch die Polizeibehörden, also die Kommunen, sollen künftig mit Kameras überwachen dürfen. Kennzeichen, Ort, Zeit und Fahrtrichtung von Autos soll die Polizei zu bestimmten Anlässen automatisch erfassen dürfen. In grenznahen Gebieten soll sogar automatische Gesichtserkennung ermöglicht werden. Der Öffentliche Raum wird so immer mehr überwacht. Der Staat soll überall zuschauen. Zusammen mit den vielen digitalen Überwachungsprogrammen führt das zum „gläsernen Menschen“. Wir lassen uns nicht belauschen und überwachen. Wir haben ein Recht auf Privatsphäre! Grungrechte statt Polizeisonderrechte Auch Polizeibeamt*innen im Dienst begehen Straftaten. Es kommt jedoch selten zu Prozessen gegen sie und sie werden praktisch nie verurteilt, obwohl Betroffene Anzeige erstatten. . Wir fordern dagegen, auch Polizist*innen zur Verantwortung zu ziehen: Mit einer Kennzeichnungspflicht könnten Beamt*innen nach Straftaten juristisch verfolgt werden. Eine Beschwerdestelle könnte ein Beginn sein, Polizei zu kontrollieren und Missständen entgegenzuwirken – wenn sie unabhängig ist. Das würde die Grundrechte Aller stärken. Stattdessen bleiben diese wiederholten Forderungen unbeachtet, Polizist*innen „kontrollieren“ sich gegenseitig und interne Ermittlungen enden weiterhin an einer Mauer des Schweigens. Keine andere Berufs- oder Bevölkerungsgruppe hat solche Sonderrechte. Paragraphen Militarisierung, Bewaffnung (§40) Einige Polizeieinheiten tragen künftig Handgranaten, Maschinengewehre und anderes militärisches Equitment. Hausarrest & Fußfesseln (§21) Die Polizei kann dir zukünft verbieten dich an bestimmten Orten aufzuhalten, dir den Kontakt zu bestimmten Menschen untersagen, dich zwingen einen festen Bereich nicht zu verlassen oder dich unter Hausarrest stellen. Dazu darf sie dich auch zwingen eine elektronische Fußfessel zu tragen. Videoüberwachung, Gesichtserkennung (§ 15, § 58 sowie § 30 PVB) Zukünftig dar der öffentliche Raum noch stärker videoüberwacht werden. Dazu darf auch Gesichtserkennungstechnik und Kennzeichenerfassung eingesetzt werden. Es kann dadurch genau erfasst werden, wann du dich wo in diesen Bereichen aufgehalten hast. Auch das Ordnungsamt und die Kommunen dürfen diese Technik einsetzen. Sie ist nicht auf konkrete Ermittlungen beschränkt. Telefon- und Handyüberwachung (§§ 66-70) Zukünftig dürfen Polizeibeamte nicht nur Telefonate abhören, sondern sie auch unterbrechen. Das gilt auch für ganze Funkmasten. Der Handyempfang kann so etwa in ganzen Gebieten (etwa bei Demos) unterbrochen werden. Außerdem dürfen auch die Bestandsdaten eines Mobiltelefons ausgelesen werden. Also: Name, Adresse, Kontodaten, PIN & PUK Nummer, gespeicherte Passwörter, alles Accountzugänge auf dem Telefon, Mailaccounts und gespeicherte Bilder und Kontakte. false Anarchist Black Cross Dresden Anarchist Black Cross Dresden ist ein Kollektiv von Menschen das sich zum Ziel gesetzt hat Ideen über Anarchismus und Solidarität zu verbreiten. Wir organisieren gemeinsame Abende um Briefe an Gefangene zu schreiben, Spendenaktionen und Vortäge, die über verschiedene Orte der Welt informieren. Durch das Verbreiten von Informationen über Gefangene und Repression gegen soziale Bewegungen, hoffen wir Menschen in Dresden Mechanismen von Repression aufzuzeigen, um diese besser bekämpfen zu können und eine Kultur der Solidarität in der Gesellschaft zu entwickeln. ABC Dresden unterstützt anarchistische und antiauthoritäre Aktivist*innen, deren Ideen anarchistische Grundsätze nicht wiedersprechen. Wir unterstützen auch Menschen, die während ihrere Zeit im Gefängnis Anarchist*innen werden. 2018-12-28T20:30:00+01:00 20:30 01:00 ChaosZone EQPXLK https://cfp.chaoszone.cz/35c3/talk/EQPXLK M.A.R.V.I.N. Session 60min de In Chemnitz wurde seit Frühjahr 2016 eine Überwachung der Innenstadt geplant und zum 1. Oktober 2018 umgesetzt. In einem kurzen Abriss werden die Ereignisse zusammengefasst, die eingesetzte Technik vorgestellt und anschließend die parallele Entstehung einer Antwort vorgestellt. Als es hieß, dass Chemnitz im großen Stil videoüberwacht werden soll, saßen wir in Chemnitz zusammen und haben über eine Antwort nachgedacht. Langsam entstand die Idee, die Überwacher zu überwachen. In reichlich einem Jahr ist MARVIN entstanden, während parallel immer neue Meldungen und Erklärungen der Stadt zur die Presse geisterten. Am 1. Oktober war es so weit, ein Großteil der Kameras ging online. Pünktlich hatte auch MARVIN seinen Auftritt und rief erste Reaktionen auf den Plan. Eine fernsteuerbare Drohne mit Kamera auf Augenhöhe führ und fährt nun durch die Stadt und soll die Überwachung ins Blickfeld zurückholen. Die Geschichte um die Kameras in der chemnitzer Innenstadt soll aber noch nicht abgeschlossen sein, da Sie nun auch den sächsischen Landtag beschäftigen false DaTa Seit ca. 5 Jahren im Chaostreff Chemnitz aktiv, versuche ich Kunst, Kultur und Technik in einer Stadt mit vielen Potentialen unter einen Hut zu bringen. 2018-12-28T22:10:00+01:00 22:10 01:00 ChaosZone V9T9UR https://cfp.chaoszone.cz/35c3/talk/V9T9UR livestream - The Ghost in the Machine (Joscha) Session 60min en Livestream from Room Adams false livestream 2018-12-28T11:00:00+01:00 11:00 00:30 OIO Vortrags-Arena ZJ99EX https://pretalx.35c3oio.freifunk.space/35c3oio/talk/ZJ99EX/ OIO habour clean up OIO Housekeeping en daily habour clean up @ OIO daily habour clean up @ OIO true HUQ9YA 35c3oio@freifunk.space 2018-12-28T11:30:00+01:00 11:30 00:20 OIO Vortrags-Arena FCADXP https://pretalx.35c3oio.freifunk.space/35c3oio/talk/FCADXP/ OIO Daily Standup day 2 Talk 20min total (etwa 5min Q&A) en Let's start into day 2 false HFER8G Andreas Dorfer https://forum.freifunk.net/u/adorfer/ 2018-12-28T12:00:00+01:00 12:00 00:50 OIO Vortrags-Arena V8RTSW https://pretalx.35c3oio.freifunk.space/35c3oio/talk/V8RTSW/ Open Prototype Fund Talk 50min total (etwa 15min Q&A) en The Prototype Fund is a funding program for Public Interest Techfirst of its kind in Germany and supports independent software developers, hackers and creative people in implementing their open source ideas from concept to first demo. Since 2016, we (Adriana, Elisa, Fiona, Julia and Katharina) have been working to break down existing structures and narratives in the field of innovation funding and to encourage meaningful digital solutions for society in Software Infrastructure, IT-Security, Data Literacy and Civic Tech. We want to get to know you and your ideas and talk about how we, together with politicians, developers and other initiators from the (active) civil society, can best support, develop and make visible good digital-social innovation practices from the perspective of the community. Which decisions are necessary in the future, what are meaningful political demands? And which are the next big things in Tech? Get to know us, ask us everything, recover from the hustle and bustle of the congress! false BBLK3X Katharina Meyer 2018-12-28T13:00:00+01:00 13:00 00:20 OIO Vortrags-Arena 7BRU3D https://pretalx.35c3oio.freifunk.space/35c3oio/talk/7BRU3D/ Empowering rural Africa using the freifunk model Talk 20min total (etwa 5min Q&A) en envisioning a thriving, connected future amidst conflict-struck Nigeria. Creating opportunities for rural women and youth, in a scalable, inclusive way. ###About the presenter Paul Henckel from TribeGroup (DK-based) will share his thoughts and plans for an ongoing resilience project with Fantsuam (NG-based) in creating ICT coworking spaces for rural women and youths in Nigeria, using the knowledge from Freifunk communities. ###About TribeGroup TribeGroup is a Danish impact investment startup with mission to support or invest in other companies, projects or initiatives that have a potentially high social or environmental impact. It currently directs WorkHive, a flexible, affordable, inclusive and carbon negative coworking space in Copenhagen. The collaboration with Nigerian-based Fantsuam tries to integrate best practices of Freifunk, Fantsuam and WorkHive to create a new coworking space in Kafanchan, Nigeria. ###About Fantsuam Our Mission at Fantsuam Foundation (www.fantsuam.org) is to eliminate poverty and disadvantage among rural women and youths in Nigeria through integrated development programs. At our ICT Academy,In 22 years, we have empowered 12,000, and we aim to educate women and youths with relevant digital literacy skills to manage their development priorities, providing opportunities for girls to become developers and deploy ICT solutions for their livelihoods. Our services have become even more imperative as our communities come out of decade long cycles of sectarian violence. We plan to reach 25,000 more by 2020. Community Network, is a resilient communication platform in which the community owns, manages and maintains its own communication infrastructure provides the opportunities for rural youths to gain the necessary hands-on experience. Fantsuam Foundation hosts the Google Developers Group in Kafanchan, this is another resource that is being deployed to provide ICT skills and knowledge opportunities for our youths. We are now engaged in high level policy advocacy for affordable and available internet access for the unconnected in rural Nigeria. Obtaining the TVWS concession for the unconnected in Nigeria will begin to make for an inclusive national telecommunication effort. It is within that context that Fantsuam continues to support the increasing number of youths, particularly females, who now recognise the career opportunities available in ICT. Our ICT Academy provides basic digital literacy training and has expanded to provision of training in computer and network maintenance. In order to optimise the use of resources and make our services more accessible, we have located an office space in the Kafanchan Railway town where we would like to set up an ICT Co-Working space where budding entrepreneurs can have ready access to training and mentoring facilities, office space with assured power and internet access at affordable prices. Our efforts at tackling poverty through an integrated approach has meant that we also provide social services in public health, menstrual health hygiene, sanitation marketing, peace building, entrepreneurship training supported by microfinance. We currently have 32 full time staff and a large pool of volunteers who are invited to join specific projects and programs, which are usually of short duration. Our work in peace building led us to build six new apartments for victims of recent sectarian crisis, and we continue to explore opportunities to enable our communities to resume their normal lives. Our model of farming cooperatives, called the TIME-AID, empowers individuals and families to engage in commercial farming with the goal of household food security, family health insurance, adequate housing and education for all our children. Fantsuam Foundation’s integrated approach to develop has enabled it to have an inbuilt resilience to cope with the challenges of rural development, global economic challenges whose effects are usually more devastating at the base of the pyramid, while we continue to develop initiatives that helps the people to assert their humanity and freedom from poverty. false EWPH87 Paul Henckel Let me cut it short: *I'm basically a care-taker.* I care for you, and I care for myself, and I care for our mutual existence on this planet. If I should recap my life then this aspect is pretty much the essence of me actually. I grew up with my mum and big sister and times werent always easy, so I learned to care because there was no other option than that to make our life work. 'Caring for others' became a big part of me, so as I went into adolescence and adulthood I see patterns that I was stressing my self out too much in trying to find new people to 'care for', new relations. We all know where that kind of behavior goes, when 'caring runs rampant' and you try care for people who dont care similarly for you -> stress, depression, anxiety, fear of rejection, etc. That was OK too, because that in turn taught me a lot about caring for myself... Go read some more on the anthropological and socio-economic aspects of caretaking, it's a very interesting topic if not a form of art/craft in itself. Giving back to the world I'm also a philosopher, software developer, mathematician, statistician, data visualiser, test engineer, consultant, entrepreneur, photographer, inventor, permaculture designer, volunteer, counsellor, , interaction designer, ethnographer, business developer, market analyst, etc. and am truly blessed with many close friends that I can team up with to co-create 'truly good stuff with a focus and a purpose'. I'm currently working on WorkHive - the tagline of which is 'Making space for people and plants to be productive'. It's a co-working space for the self-employed, students and 'struggling' (unemployed, seniors, etc) to sit together and work on their own projects, or team up at different workshops and attend seminars. It's a networking platform, enabling people to be more productive on their own things, and to get inspiration from others in the same or different situations and with different perspectives - being able to do short, informal reviews of your own work in a safe space together with an 'unwilling third person' has a huge implication for the success of your work before sending it out to your real audience in the big world. (What about the plants? Yeah, I will tell you about it when you have signed up, but as you know I'm into permaculture, sustainable livelihoods, aquaponics and I have quite a few good horticulturist friends and biologists who are helping me do some amazing stuff) Thank you for your time, create the world you want to live in, today! Paul Olutokunbo Kristian Henckel-Ojo 2018-12-28T13:30:00+01:00 13:30 00:20 OIO Vortrags-Arena SWS3WR https://pretalx.35c3oio.freifunk.space/35c3oio/talk/SWS3WR/ Careables: Open Source Hardware in Health+Care [Introduction] Talk 20min total (etwa 5min Q&A) en Careables Calling all hackers, designers, makers, carers, and healthcare professionals! What are challenges you face every day using standard tools for health and wellbeing? Do you have an idea that makes everyday life easier? How could you use your existing hackerspace to foster exchange and collaboration in health and care? Through Careables, maker and designer collaborate with patients and healthcare professionals to create personalized solutions and open source knowledge that will improve the lives of many patients and professionals. Accessible, comprehensive and easy to use open source hardware are being documented, collected and shared through the platform Careables.org. This platform is currently being launched and will function as repository for well documented open hardware projects. It offers many different communities a place to connect and exchange knowledge, needs and co-create solutions. It's easy to think of open hardware that make a difference in people's lives. An example of this is OPEN LIGHTS. This project offers people with wheelchairs an adjustable wheelchair specific light that makes them better visible at night and that can be built with most common DIY technologies. false P3GLDY Sandra GIG tl;dr: GIG is the global network of social and technological innovators. #wearegig Global Innovation Gathering (GIG) is a vibrant, diverse community of innovation hubs, makerspaces, hackerspaces and other grassroot innovation community spaces and initiatives as well as individual innovators, makers, technologists and changemakers. GIG is pursuing a new vision for global cooperation based on equality, openness and sharing. We aim to enable more diversity in the production of technology, and global innovation processes and support open and sustainable solutions developed by grassroot innovators. With strong roots in the global south, we share, collaborate and work together globally. GIG provides a platform for meaningful exchange by fostering knowledge exchange and collaboration between its members. 2018-12-28T14:00:00+01:00 14:00 00:42 OIO Vortrags-Arena WUBRSK https://pretalx.35c3oio.freifunk.space/35c3oio/talk/WUBRSK/ GSoC 2018 - project presentations Talk 20min total (etwa 5min Q&A) en Some students will present results of their projects * zoobab shows "MultipathTCP and Openwrt improvements with eBPF" * mwarning talks about the "Meshenger App" false USJAK9 Andreas Bräu Freifunker since 2006 2018-12-28T16:00:00+01:00 16:00 00:50 OIO Vortrags-Arena V3XY87 https://pretalx.35c3oio.freifunk.space/35c3oio/talk/V3XY87/ Project Parker: Klassisches Routing für Freifunk Talk 50min total (etwa 15min Q&A) de Gluon mit BATMAN setzt klassisch auf ein großes Layer 2 Netz, was in den großen Freifunk Communities zu Problemen führt. Mit unseren Bemühungen in "Project Parker" versuchen wir diese Probleme durch den Einsatz von klassischem Routing zu umgehen. In unserem Talk stellen wir unsere Architektur vor und zeigen welchen Stand unsere Umsetzung erreicht hat. Gluon mit BATMAN setzt klassisch auf ein großes Layer 2 Netz, was in den großen Freifunk Communities zu Problemen führt. Diese Communities begegnen den Problemen i.d.R. mit der Segmentierung des Netzes in Domains. Innerhalb dieser Domains wird allerdings das klassische Netz (BATMAN) eingesetzt. Mit "Project Parker" versuchen wir diese Probleme durch klassisches Routing in einem hierarchischem Netz zu lösen: Jeder Freifunk-Knoten mit Uplink ist Gateway für sein Netzsegment, macht DHCP und ist DNS-Cache. Das Routing mit BATMAN beschränkt sich nun auf kleine Mesh-Netze innerhalb des gesamten Netzes. Wir stellen in unserem Talk unsere Architektur vor und zeigen welchen Stand unsere Umsetzung erreicht hat. false LWSSPE Chris Fiege und Jan Lübbe Chris Fiege (chrissi^) und Jan Lübbe (shoragan) sind ein Teil der Technik-Abteilung beim Freifunk Braunschweig. 2018-12-28T17:00:00+01:00 17:00 01:20 OIO Vortrags-Arena BBGXPY https://pretalx.35c3oio.freifunk.space/35c3oio/talk/BBGXPY/ Wem ist noch zu helfen Talk 80min total (etwa 30min Q&A) de Global NGO Players vs. (linke) Grassroots-Gruppen - wer entscheidet, wem wann wie geholfen wird...und wo verkommt humanitäre Praxis zum politischen Spielfeld Aus Kritik am humanitären System der UN und seinen beteiligten Groß-NGOs haben sich viele (linke) Grassroots-Gruppen gegründet. Auch diese können natürlich nicht ohne finanzielle Mittel arbeiten, und sind somit auf Spenden, ergo auf Öffentlichkeitsarbeit angewiesen. Wie entscheiden die "Großen" wann und wie und wem geholfen wird? Welche Lücken bleiben dabei (zwangsläufig)? Und wie werden diese Entscheidungen bei den Grassroots getroffen? Und welche Auswirkungen auf die Wahrnehmung von Krisen hat ihre Öffentlichkeitsarbeit? "Trommeln gehört zum Handwerk", aber wo läuft linkes humanitäres Engagement Gefahr, in rein politisch motivierten Aktivismus abzudriften? Und wenn das schlimm ist, warum? Eine kritische Betrachtungsweise. false PFDWBY Sebastian CEO von CADUS e.V. /media/35c3oio/images/KB9VRZ/who-owns-your-data.png 2018-12-28T18:30:00+01:00 18:30 00:50 OIO Vortrags-Arena KB9VRZ https://pretalx.35c3oio.freifunk.space/35c3oio/talk/KB9VRZ/ Get your data back under control - 200 things you can do with Nextcloud Talk 50min total (etwa 15min Q&A) en We live in a world of data theft and broken clouds and I believe it is time to decentralize, host at home or a local provider we trust. Nextcloud is an option that can take care of many of your file sync'n'share, chat and document editing needs, and I'll show how and why! The data from many people is floating around on 'clouds', regularly stolen and traded. We need to decentralize, host ourselves or at a large number of small, local providers we can trust! Probably the most used solution for that today is Nextcloud, which through its app ecosystem of almost 200 apps can be extended to do lots of things. With Nextcloud you can sync and share files, access your calendars and contacts, share holiday pictures with your family or play music. But also manage your passwords, track your phone through GPS, draw, read news, chat and have audio/video calls, read mail, manage tasks and much more. The community has developed almost 200 apps that do all that and more, and loads of tutorials on how to install Nextcloud on a Nuc, in a VM, on a raspberry Pi and more. If self-hosting isn't realistic for you, we have Simple Signup which sets you up at a Nextcloud hosting provider close to you in a few clicks. This talk is for people not yet familiar with Nextcloud! false KMKHUZ Jos Poortvliet People person, technology enthusiast and all-things-open evangelist. Doing marketing at Nextcloud, previously Community Manager at ownCloud and SUSE, recovering business consultant with decade long involvement in the KDE community. Enjoys avoiding traffic and public transport on bike through Berlin, but only when the weather is good. Loves cooking for friends and family and playing with the dog. 2018-12-28T19:30:00+01:00 19:30 00:20 OIO Vortrags-Arena ELUSFV https://pretalx.35c3oio.freifunk.space/35c3oio/talk/ELUSFV/ Menschenrechte, Bildung, open infrastructure Talk 20min total (etwa 5min Q&A) de Die 3 Begriffe werden beleutet und Zusammenhänge hergestellt Heute hat sich eindeutig das Internet durchgesetzt und es stellt sich die Frage, wie gehen wir damit um. Die AkteurInnen im Internet sind Menschen oder von Menschen gemachte Programme. Als Grundlage im Internet sollten die nun schon 70 Jahre alten Menschenrechte gelten. Auch im Bildungsbereich verändert das Internet die bisherigen Strukturen unseres Bildungssystems, mMn sogar weltweit. Menschen begegnen sich auf Augenhöhe. Die open infrastructure hilft dabei Bildung für Menschen zugänglich zu machen und Menschen ein selbstbestimmtes Leben führen zulassen. Die "Hierachien im Kopf" werden von dem realistischen Denken "wir sind alle gerade jetzt auf der Oberfläche von Planet Erde auf Augenhöhe" abgelöst. Dies ist der Prozess, den wir gerade in vielen Bereichen unserer Gesellschaft beobachten. false TRQPDR Peter Babnik (Petergoge) Ich komme aus Koblenz und bin "Musik-Peter-goge". Mich interessiert die derzeitige technische Entwicklung und daher mache ich gerne bei 35c3 mit. LG Peter /media/35c3oio/images/W9RHXR/TL-WR841ND-01.png 2018-12-28T21:00:00+01:00 21:00 00:20 OIO Vortrags-Arena W9RHXR https://pretalx.35c3oio.freifunk.space/35c3oio/talk/W9RHXR/ Fight for the bytes! Fun with Four Megabytes Flash Talk 20min total (etwa 5min Q&A) en The majority of Freifunk mesh routers only have 4mb flash and 32mb memory. The talk wants to start a discussion about possibilities and limits for future support of these devices. Lot's of mesh communities and even OpenWrt want to drop support for 4mb flash / 32mb memory devices. Where is the size and memory increase coming from? Can we do it in a different way or do we have to accept defeat? - Forcing OpenWrt to diet: What knobs can we tweak? What gains and tradeoffs can we expect? - A short introduction to ubus over HTTP - Stupid ideas and experiments. false AFNDA9 mt weimarnetz.de 2018-12-28T22:30:00+01:00 22:30 00:50 OIO Vortrags-Arena DAN8AX https://pretalx.35c3oio.freifunk.space/35c3oio/talk/DAN8AX/ Wifi4EU - broken by technical specification Talk 50min total (etwa 15min Q&A) en With the Wifi4EU programm the EU is planning to spend 100 million € by 2020 to subsidise a centralized surveillance infrastructure for centers of public life in the EU. The talk will lay out how Wifi4EU is supposed to work both administratively and technically, where there are problems with the later and what is and can be done about it. Slides: https://zenodo.org/record/2527538#.XCUXplxKjIU With the Wifi4EU programm [1] the EU is planning to subsidies the installation of free Wi-Fi with 120 million € until 2020. The installations are planned to be "... free of charge, free of advertising and free from commercial re-use of data. ..." [2] and aim "... to equip every European village and every city with free wireless internet access around the main centres of public life. ..." [1] Unfortunately the technical specifications implemented in the first call on the 7th - 9th of November [3] tell a different story. So far 42 Million € are planned to be spend in a flawed design. Amongst other problems they include: * requirements for a centralized authentification infrastructure - like eduroam [4] (FAQ 23), * inherent IT security problems - embedded snippets in the captive portals [4] (FAQ 26) and * proprietary standards - hotspot 2.0. [4] (FAQ 27) Following a talk at the wireless community weekend in May this year [5] the talk will include: * a short introduction to the programm, * how it came to be, * what happend so far * the implications of the programm * what can be done to fix things. Besides contacting the european comission, several members of the european parlament and Klaus Landefeld of the eco [6] we were able to get members of the german Bundestag to get interested in the issue [7]. This led to a "schriftliche Anfrage" towards the Bundesregierung regarding the GDPR compliance of the authentification infrastructure, the situation is currently evolving. The talk aims to inform about the current state of affairs and hoefully foster a discussion during the congress what can and should be done to prohibit the creation of yet another surveillance infrastructure and what a desirable public Wi-Fi infrastructure should look like. false EWR9DF Gregor Bransky 2018-12-29T00:00:00+01:00 00:00 00:40 OIO Vortrags-Arena GYT733 https://pretalx.35c3oio.freifunk.space/35c3oio/talk/GYT733/ 9DoorsOpen - audiivisueller 35min Trip Talk 50min total (etwa 15min Q&A) en 10 Jahre Schaffensphase, 20.000.000 Fotodateien, 9 Doors Open ist ein künstlerisches Langzeitprojekt, eine meditativ psychedelisch, audiovisuelle Reise. Für Fans von: Ambient, Doom, Dronemusik, visuelle Kunst, psychedelische Trips, Meditation, Bewusstseinserweiterung Andreas Voland (Musiker) und Steffen Freiling (Fotograf) verschieben in ihrem gemeinsamen Werk die Dimensionen Raum und Zeit und geben so die Möglichkeit, die uns bekannte Realität in vielfälltigsten Formen neu zu entdecken. Am 2. Februar findet im Friedrichshainer Zukunft am Ostkreuz (Laskerstr. 5, 10245 Berlin die Aufführung statt. Hier auf dem CCC schon vorab. true U9QGT3 Andreas 2018-12-28T13:00:00+01:00 13:00 00:45 OIO Workshop-Domo RPSCUR https://pretalx.35c3oio.freifunk.space/35c3oio/talk/RPSCUR/ Nudeln hacken für Junghacker von 5 Jahren bis ∞ (Session 1) Workshop 45min de Spaß am Gerät: Mehrere Teams bauen gleichzeitig mit Nudeln um die Wette. Was man aus Nudeln alles machen kann ... Junghacker bzw. solche die es werden wollen können alleine oder als Team kommen. Es kann jeder mitmachen, der weiß was eine Nudel ist. Erwachsene dürfen auch mitmachen - werden aber wahrscheinlich gegen den Nachwuchs verlieren :-D PS: Erwachsene nur, so lange sie den Junghackern kenen Platz wegnehmen. PPS: Man kann auch mit Glutenallergie bedenkenlos teilnehmen. false 73PEWU Stefan Safari Ich bin Nudelfan, dreifacher Vater und freue mich auf den Congress. 2018-12-28T14:30:00+01:00 14:30 00:45 OIO Workshop-Domo NXGUVK https://pretalx.35c3oio.freifunk.space/35c3oio/talk/NXGUVK/ Nudeln hacken für Junghacker von 5 Jahren bis ∞ (Session 2) Workshop 45min de Spaß am Gerät: Mehrere Teams bauen gleichzeitig mit Nudeln um die Wette. Was man aus Nudeln alles machen kann ... Junghacker bzw. solche die es werden wollen können alleine oder als Team kommen. Es kann jeder mitmachen, der weiß was eine Nudel ist. Erwachsene dürfen auch mitmachen - werden aber wahrscheinlich gegen den Nachwuchs verlieren :-D PS: Erwachsene nur, so lange sie den Junghackern kenen Platz wegnehmen. PPS: Man kann auch mit Glutenallergie bedenkenlos teilnehmen. false 73PEWU Stefan Safari Ich bin Nudelfan, dreifacher Vater und freue mich auf den Congress. /media/35c3oio/images/QSRLNA/Little_Detritus.jpg 2018-12-28T16:00:00+01:00 16:00 01:20 OIO Workshop-Domo QSRLNA https://pretalx.35c3oio.freifunk.space/35c3oio/talk/QSRLNA/ Wifi4EU - how to fix it? Workshop 80min en Wifi4EU is currently broken by technical specifications. Within this workshop session I would like to kick of a discussion what a desireable infrastructure would look like and if it can be realized within the given political boundaries. The issues with Wifi4EU will be outlined in the following talk: https://fahrplan.chaos-west.de/35c3chaoswest/talk/K39NLS/ tba false QZCMD7 Little Detritus Freifunka aus Aachen der darüber nachdenkt wie man sowas antiquiertes wie Privatsphäre behalten kann. Diskutiert gerade gerne darüber wieso Wifi4EU - so wie gerade geplant - eine dumme Idee ist [1]. Man sich sonst Gedanken darüber wie Kryptographie im Zeitalter von Quantencomputern aussehen kann [2]. Teilt Albernes und Ernstes auf Twitter unter @LittleDetritus [1] https://www.youtube.com/watch?v=YbPpK8_X9Qg [2] https://video.fsmpi.rwth-aachen.de/cccac/6131 2018-12-28T18:30:00+01:00 18:30 01:20 OIO Workshop-Domo FUL8DG https://pretalx.35c3oio.freifunk.space/35c3oio/talk/FUL8DG/ Weimarnetztreffen Workshop 80min de Communitytreffen des Weimarnetzes true Z7W7NQ René Hoffmann 2018-12-28T20:00:00+01:00 20:00 01:00 OIO Workshop-Domo ZXBCCJ https://pretalx.35c3oio.freifunk.space/35c3oio/talk/ZXBCCJ/ SatNOGS meeting (AOS) Workshop 45min en ... false 7VMKDP bastla Sebastian Lange (DL7BST), c3space, SatNOGS, AfuTUB/DK0TU 2018-12-28T21:00:00+01:00 21:00 01:20 OIO Workshop-Domo BEWPU3 https://pretalx.35c3oio.freifunk.space/35c3oio/talk/BEWPU3/ Maritime Technik: How to Schiff Workshop 80min de Hier bekommt ihr eine kurze Einführung in die Welt der Nautik und der schwankenden Metallkähne. Was gibt es da für Technik an Bord, wofür wird es gebraucht und wie wird es benutzt. Überblick mit Schwerpunkt auf technischen Details. Wir fühlen uns auf Schiffen zu Hause. Wir nutzen sie als vielfältiges Mittel zum Retten und Versorgen von Menschen in Not, um Menschenrechtsverletzungen auf See zu dokumentieren oder um gegen das Aussterben von Tierarten zu kämpfen. Doch was hält eigentlich so ein Schiff zusammen? Wie steuert mensch es? Warum klingt unsere Kommunikation immer noch nach 19. Jahrhundert? Was ist eigentlich ein Ruderlagenanzeiger und wofür braucht man Stevenrohr und Stopfbuchse? Technisch-nerdige Antworten rund ums Schiff und eure Fragen. true 7W3VBM Nico Aktivist, Segler und Schiffe. 2018-12-28T12:00:00+01:00 12:00 01:00 WikiPakaWG Esszimmer F9NUJT https://cfp.verschwoerhaus.de/35c3/talk/F9NUJT/ Generative Art with Paper.js Workshop mit Standard-Bestuhlung de The heck is Generative Art and what to do with it? The workshop will give a short introduction into paper.js and how it can be used to generate art. Please bring your own laptop so we can code together a bit. false RBEKZW bleeptrack 2018-12-28T13:00:00+01:00 13:00 01:00 WikiPakaWG Esszimmer WFA9YB https://cfp.verschwoerhaus.de/35c3/talk/WFA9YB/ FragDenStaat User-Treffen Meetup de Alle Leute, die FragDenStaat und Informationsfreiheitsgesetze bereits nutzen oder nutzen wollen, sind herzlich eingeladen. Wir sprechen über Neuerungen und Pläner für FragDenStaat.de und nehmen Kritik und Anregungen auf. true K38FMT Arne 7U9YY3 Stefan LJNMJA Filter 2018-12-28T14:30:00+01:00 14:30 00:30 WikiPakaWG Esszimmer 883YLC https://cfp.verschwoerhaus.de/35c3/talk/883YLC/ Einführung in Kubernetes Deployments für Codefor Labs Talk de false 8TKR3G Tobias 2018-12-28T16:00:00+01:00 16:00 01:30 WikiPakaWG Esszimmer PXFGZ8 https://cfp.verschwoerhaus.de/35c3/talk/PXFGZ8/ Hebocon-Finale Meetup de false BWRH7E Daniel B9E7PX Ilona VVLMZ9 Robert MU8SYW Philip 2018-12-28T18:00:00+01:00 18:00 02:00 WikiPakaWG Esszimmer VX8N7K https://cfp.verschwoerhaus.de/35c3/talk/VX8N7K/ Legal Documents Hack Workshop mit Gruppentischen de Mit OffeneGesetze.de haben wir sämtliche Bundesgesetzblätter seit 1949 frei veröffentlicht. Jetzt sollten wir die Dokumente auch angemessen nutzen. Hier besprechen wir, was man mit den Daten machen kann und was wir als nächstes befreien sollten. true K38FMT Arne LJNMJA Filter 7U9YY3 Stefan 2018-12-28T22:00:00+01:00 22:00 02:00 WikiPakaWG Esszimmer V7FCMD https://cfp.verschwoerhaus.de/35c3/talk/V7FCMD/ Community Treffen Jugend hackt Meetup de true BWRH7E Daniel 2018-12-28T12:00:00+01:00 12:00 00:30 WikiPakaWG Küche R9SZCT https://cfp.verschwoerhaus.de/35c3/talk/R9SZCT/ Orgameeting Tag 2 Meetup de true 33UT8A WikiPaka Orga 2018-12-28T15:00:00+01:00 15:00 01:30 WikiPakaWG Küche LSDUED https://cfp.verschwoerhaus.de/35c3/talk/LSDUED/ Ride Sharing, OpenData, Schnittstellen, Mitfahr-Börsen, Fahrgemeinschaften, Trampen und mehr Meetup de We meet to talk about ride sharing. How to reduce the ecologic impact of traffic by more people riding in cars together. Some activists of the ride sharing ecosystem will be there and we would like to meet more people to grow. Topics will be tools, data and especiall ahot to imporove ride shraing to and from the Congress. Inhalte: Ride Sharing, Mitfahren, Fahrgemeinschaften, Trampen Note there is 35c3.fahrgemeinschaft.de for finding ride to and from the Congress. The meeting is not exclusively about fahrgemeinschaft.de but open to any other projects, ideas, etc. true 8GKMBN Ernesto 2018-12-28T19:00:00+01:00 19:00 01:00 WikiPakaWG Küche EC9ZRM https://cfp.verschwoerhaus.de/35c3/talk/EC9ZRM/ Wikibase Quick starter guide Talk en true GD7CGL Matthias 2018-12-28T20:00:00+01:00 20:00 01:30 WikiPakaWG Küche JCUCQA https://cfp.verschwoerhaus.de/35c3/talk/JCUCQA/ Wikidata+Wikibase meetup Meetup en Meetup for all Wikidata and Wikibase enthusiasts. Come and meet the community, ask questions, hack together true FNL9RF Léa https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10169.html 2018-12-28T14:00:00+01:00 14:00 03:00 Discodrama 35C3-ABFahrplan-10169-fairy_dust_-_day2 Fairy Dust - Day2 Rocket Away Music other en Modify the Fairy Dust After standing in the cold rain and snow for too long, the Fairy Dust will find its place this time in the middle of the crowd at hall 5. A video installation will take place on the surface. This is a call for people, who can handle c4d files and have the bravery to put their vision on the symbol of the congress. The file attached to this event contains all information about the object, as well the position and lenses of the 4 projectors. Fell free to develop whatever you like. Keep in mind that the surface is very glossy and actually eats the light away. Rendered video best with HAP or MP4. In the hours between 2 pm and 5 pm on the days of the congress, there will be access to the video system, if you come around and have a device with HDMI out. Enjoy! Powered by PENTAKLON und Rico Rose Contact: privatlehrer[at]gmail[:]com false 35C3-template-ROCKET.c4d https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10062.html /system/events/logos/000/010/062/large/avatars-000007922119-cq47oe-t500x500.jpg?1545407521 2018-12-28T18:00:00+01:00 18:00 02:00 Discodrama 35C3-ABFahrplan-10062-lxc LXC Dub, Broken Beats, Drum&Bass Music djset en LXC is an audio tinker from Leipzig, creating pretty much everything between Ambient and Hardcore with a focus on broken beats, dubwise soundscapes and a hefty amount of sub bass. Early sound research about 8 bit bassdrum sampling started about 1993, leading to a quite noisy Drum&Bass liveact around the years of 2000. The leipzig based label Phantomnoise pressed LXC's pretty harsh debut vinyl entitled Strukturbruch EP in 2002. Further releaes followed up on labels such as Offshore from overseas, Subtle Sudio from Dublin, Death$ucker from London, on the hamburg-based imprints Sozialistischer Plattenbau and Plainaudio and Tübingen's Santorin. These days one can find works on Zamzam's Khaliphonic and the latest compilation of Defrostatica, again from trade fair town. Or bare rave town? Beyond exploring unheard music and non-music, the man like LXC is running his own cutting-edge drum&bass/jungle imprint called Alphacut Records, which got expanded into sublabels like 45seven and Alpha Cutauri. Also, LXC is promoting Bassmaessage, Alphacutility and more bassy nights in his home hood, operating Bassmaessage sound system, mastering and cutting lacquers at the RAND Muzik vinyl pressing plant and is looking after an endless amount of smaller projects about audible and visual confusion every now and then. No shit. LXC sounds like: Anti-clockwize-Drum'n'Bass, Scientific Dubber, Fakecore, Noskoolbreaks, Dumbstep, Reggaetomb, Deathhall, Gabbadub, Chip Hop, Phunkrock, Bambient, ... LXC releases on: 45seven, Alphacut, Alpha Cutauri, Offshore, Subtle Audio, Bustle Beats, Modern Urban Jazz, Death$ucker, Zamzam's Khaliphonic, Defrostatica, Sozialistischer Plattenbau, Phantomnoise, Santorin, Plainaudio, Dhyana, Minor, Trash Tapes, Moniker Eggplant, ... false http://www.lxc808.com https://soundcloud.com/lxc http://alphacut.net https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10069.html /system/events/logos/000/010/069/large/avatars-000361741337-lfts8t-t500x500.jpg?1545407693 2018-12-28T20:00:00+01:00 20:00 01:00 Discodrama 35C3-ABFahrplan-10069-voxel_blue voxel.blue Various Styles of Psy Music djset en DJ from Dresden / Sachsen / Germany Styles: zenonesque, uk night psy, darkprog, psybass, psybreaks, psychill, psybient, ambient, ... "My style changes over the day. The atmosphere of the floor heavy influence the music I find fitting so, zero guarantees ;)" false https://soundcloud.com/voxel-blue https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10172.html /system/events/logos/000/010/172/large/a2020515426_10.jpg?1546021817 2018-12-28T21:00:00+01:00 21:00 01:00 Discodrama 35C3-ABFahrplan-10172-dual_core Dual Core nerdcore Music concert en Brought together by the power of the internet (and perhaps a touch of musical providence), California based computer programmer / rapper int eighty and English web designer / music producer c64 have been rocking the more studious side of the hip hop underground since 2007. Brought together by the power of the internet (and perhaps a touch of musical providence), California based computer programmer / rapper int eighty and English web designer / music producer c64 have been rocking the more studious side of the hip hop underground since 2007. false http://dualcoremusic.com/nerdcore/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10041.html /system/events/logos/000/010/041/large/avatars-000119756252-ydapyg-t500x500.jpg?1545407986 2018-12-28T22:00:00+01:00 22:00 02:00 Discodrama 35C3-ABFahrplan-10041-kollektiv_turmstrasse Kollektiv Turmstrasse Techno/House/Trance Music djset en There are few artists operating in the house/techno milieu who offer much beyond functionality in their music. Those who bring more than this to the table always stand out from the crowd. Hamburg/Berlin duo Kollektiv Turmstrasse (Christian Hilscher and Nico Plagemann) are one of those rare acts whose music caters for both body and soul. false https://soundcloud.com/kollektivturmstrasse https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10068.html /system/events/logos/000/010/068/large/avatars-000109415745-x7apen-t500x500.jpg?1545389220 2018-12-29T00:00:00+01:00 00:00 02:00 Discodrama 35C3-ABFahrplan-10068-dave_dinger Dave Dinger Techno/House Music djset en Bachstelzen / KaterBlau, Berlin Dave Dinger began his illustrious career in Berlins legendary Bar25 in his own, very special way. There, he didn’t just play music, but actually built the DJ booths where the music was played from. This unique blend of passion for music and intrigue in aesthetic concepts has driven him through the mesmerising Berlin underground since the end of the '90s. Dave is personalizing his workspace as a DJ according to his interpretation of what electronic music culture is all about. There is a certain warmth, honesty and depth throughout his work that transcends through both his musicality and his design treatments. As a core member of Berlins famous Bachstelzen Collective, he was one of the founders who blueprinted what got to be known as the typical Berlin style – an architecture of social, musical and aesthetic concepts. Using chaotic, wild and organic scrap wood in his constructions were his distinctive signature well before the term ‘up-cycling‘ became hip. Bar25, the Katerholzig club and the Bachstelzen floor at Fusion Festival were prototypes of this time. His recent works contain a more polarising focus; a love for minimalistic abstract geometry, and years of experience in project management. Nothing shows this development in a greater way than Garbicz Festival — whose natural, albeit utopian habitat has become a homebase for both his music and his design aesthetics. An invitation to create the celebrated Turmbühne Stage at Fusion Festival’s 20th anniversary along with a coveted gig on the stage marked a milestone for both of his careers. For Dave, spacial design and sound are tools for installing an arena for unconventional social interactions. A sphere where common aesthetics are to be challenged and will change therefore constantly. His residency in KaterBlau helped him to build up his reputation as a DJ and to grow into the international realm. In the last years he has worked and played in Australia, New Zealand, India and all around Europe. There is a saying that ‘To talk about music, is like dancing to architecture’ - Dave Dinger takes the latter part as a challenge. So let his music speak for itself — and dance to both. false https://soundcloud.com/dave-dinger https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10083.html /system/events/logos/000/010/083/large/avatars-000007049727-oyxhri-t500x500.jpg?1545408610 2018-12-29T02:00:00+01:00 02:00 02:00 Discodrama 35C3-ABFahrplan-10083-akaak akaak House Music djset en akaak is also a member of hamburg-based dj-trio sutsche false https://soundcloud.com/akaak_klingtsogut https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10071.html 2018-12-29T04:00:00+01:00 04:00 02:00 Discodrama 35C3-ABFahrplan-10071-404 404 Electronica, Downbeat Music djset en dj 7000, bidi, 404, köfte, dj abbau, dj closing, ayran, tyskie, dj partner set, and more ... Unter gewaltigen Opfern, schreibt er eine Reihe von Geschichten mit Ortsnamen, Jahreszahlen und sonstigen Daten, die sich durchaus belegen lassen und in ihrer Wirklichkeit nicht anzuzweifeln sind. Diese Eckdaten sind nur Bruchstücke, die aus einer Summe von Erinnerungen zusammengesetzt wurden. Das tatsächlich gelebte und dies was wir zu erleben glaubten, ist ein Teil seiner Biographie, die lediglich eine nachträgliche Interpretation darstellt. false https://www.mixcloud.com/bambaata/ https://vannutt.ch/about/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10100.html 2018-12-28T10:00:00+01:00 10:00 02:00 Shutter Island 35C3-ABFahrplan-10100-mr_galonga_-_minmon Mr. Galonga - Minmon Minmon Kollektiv Music other en Mr. Galonga ist Mutti und Vati vom Minmon Kollektiv. Vor allem im Raum Potsdam sind einige Partys und Podcasts auf seinem Mist gewachsen. Ihm geht es nicht um Kohle, sondern um Liebe und deshalb ist er in diesem jahr erstmalig als Dj aufm 35C3. --- Mr. Galonga is mum and dad from the Minmon collective. Especially in the Potsdam area some parties and podcasts he did on his own bat. He is not interested in wonga, but in love and that's why this year for the first time he's a DJ on 35C3. false https://www.minmon.de/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10162.html 2018-12-28T12:00:00+01:00 12:00 02:00 Shutter Island 35C3-ABFahrplan-10162-welle welle n(e)w Music djset en false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10102.html 2018-12-28T14:00:00+01:00 14:00 01:00 Shutter Island 35C3-ABFahrplan-10102-mogreens Mogreens Vinyls of Funk, Soul and Jazz Music djset en Einer der ersten Stunden. Ein echter Prototyp. --- One of the first. A real prototype. false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10103.html 2018-12-28T15:00:00+01:00 15:00 01:00 Shutter Island 35C3-ABFahrplan-10103-fussel Fussel Electronic Music Music djset en Fussel, vom Pech verfolgt, ist er nicht nur unser Allrounder für die Umsetzung jeder noch so wahnsinnigen Idee, er hat auch einen ausgeprägten Hang zur endzeitlichen, elektronischen Musik - auf die wir uns sehr freuen. --- Fussel - followed by bad luck, he is not only our all-rounder for the realization of even-the-most-insane-ideas, he also has a pronounced inclination towards electronic music of the last days - to which we are very much looking forward. false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10104.html 2018-12-28T16:00:00+01:00 16:00 02:00 Shutter Island 35C3-ABFahrplan-10104-karlakakarl Karlakakarl Gute Music von Schallplatte Music djset en Karlakakarl wäre gern mit dem Rad gekommen, muss aber gleich weiter nach Tel Aviv - Karl untersucht den Einfluss guter Musik (vorsicht kann Teile von Jazz enthalten) auf die Bluthirnschranke und teilt seine Erkenntnisse für 2 Stunden mit uns. --- Karlakakarl would have liked to come by bike, but has to go straight on to Tel Aviv - Karl examines the influence of good music (caution may contain parts of Jazz) on the blood-brain barrier and shares his findings for 2h with us. false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10105.html 2018-12-28T18:00:00+01:00 18:00 06:00 Shutter Island 35C3-ABFahrplan-10105-mr_jb Mr. JB The master of mission Music djset en Mr. JB aka monkeyking ist die Geheimwaffe und der wohl am besten vorbereiteteste DJ im Shutterisland, ein wandelndes Musiklexikon und Meister der Übergänge und genau darum bekommt er auch 6h Playtime. --- Mr. JB is the secret weapon and probably the best prepared dj in shutterisland, a walking music encyclopedia and master of transitions and that's exactly why he gets 6h playtime. false https://soundcloud.com/monkeyking https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10106.html 2018-12-29T00:00:00+01:00 00:00 02:00 Shutter Island 35C3-ABFahrplan-10106-senor_sib Señor SIB More Vinyl Music djset en Señor SIB ist in der (guten) politschen Bildung tätig und er sammelt (gute) Platten und er ist ein (guter) Freund - irgendein Bogen von jazzig zu drum´n bass war mal im Gespräch. --- Señor SIB is active in (good) political education and he collects (good) records and he is a (good) friend - some bow from jazzy to drum´n bass was once in the conversation. false https://www.mixcloud.com/senorsib/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10107.html 2018-12-29T02:00:00+01:00 02:00 02:00 Shutter Island 35C3-ABFahrplan-10107-zeerone ZeerOne TwittyTwister Music djset en ZeerOne der Philosoph mit diesem Humor darf nicht fehlen. Er ist der Inbegriff der gut gelaunten Stetigkeit und sein musikalisches Spektrum würde auf kein Display passen. --- ZeerOne the philosopher and with this humor must not be absent. He is the epitome of good-humoured consistency and his musical spectrum he would not fit on any display. false https://soundcloud.com/zeerone-aka-twittytwister https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10108.html 2018-12-29T04:00:00+01:00 04:00 01:00 Shutter Island 35C3-ABFahrplan-10108-malte_rathmann Malte Rathmann Audio / Video Set Music concert en false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10109.html 2018-12-29T05:00:00+01:00 05:00 01:00 Shutter Island 35C3-ABFahrplan-10109-die_snuff_lagune Die Snuff Lagune Audio / Video Set Music concert en Devon, Franziska, Jan, Malte. elektoinstrumentaler ambient chillcore, Glitchyplatsch meets Rohrschachbrettmuster im Darkroom. Alle können. immer. --- Devon, Franziska, Jan, Malte. electro-instrumental ambient chillcore, Glitchyplatsch meets Rohrschach board pattern in the darkroom. Everyone can. Always. false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10110.html 2018-12-29T06:00:00+01:00 06:00 01:00 Shutter Island 35C3-ABFahrplan-10110-fussel Fussel djset Music djset en Fussel, vom Pech verfolgt, ist er nicht nur unser Allrounder für die Umsetzung jeder noch so wahnsinnigen Idee, er hat auch einen ausgeprägten Hang zur endzeitlichen, elektronischen Musik - auf die wir uns sehr freuen. --- Fussel - followed by bad luck, he is not only our all-rounder for the realization of even-the-most-insane-ideas, he also has a pronounced inclination towards electronic music of the last days - to which we are very much looking forward. false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10147.html 2018-12-28T14:00:00+01:00 14:00 01:00 Compeiler 35C3-ABFahrplan-10147-rote_schule_music_workshop Rote Schule Music Workshop Workshop/Performance Music workshop en false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10129.html /system/events/logos/000/010/129/large/avatars-000138623825-tpdxbg-t500x500.jpg?1545595311 2018-12-28T15:00:00+01:00 15:00 01:00 Compeiler 35C3-ABFahrplan-10129-anna_hauss Anna Hauss Singer-Songwriterin Music concert en Anna Hauss ist Sängerin, Texterin und Komponistin und lebt derzeit in Leipzig. Aufgewachsen ist sie in Berlin, wo ihre musikalische Laufbahn schon früh begann. 2013 erschien ihr Solo-Debüt "Summerbreak", ein Jahr später begann sie in Leipzig Jazzgesang zu studieren. In ihren Songs geht es um persönliche Erfahrungen sowie aktuelle Beobachtungen unserer Zeit. Dabei ist sie immer wieder auf der Suche nach neuen Herausforderungen und Sounds. Aktuell ist sie mit ihrer Band STILL IN THE WOODS und deren aktuellem Album "Rootless Tree" unterwegs, spielt Konzerte als Solokünstlerin oder startet Projekte mit Musikern aus der Leipziger Jazzszene. false https://soundcloud.com/haussmusic https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10130.html /system/events/logos/000/010/130/large/bio01.png?1545412551 2018-12-28T16:00:00+01:00 16:00 01:00 Compeiler 35C3-ABFahrplan-10130-peter_klohmann Peter Klohmann Jazz Music concert en Peter Klohmann geb. 1986, Frankfurt am Main 2001-2005 Jungstudent am Peter-Cornelius-Konservatorium Mainz 2005-2010 Bachelor Studium Jazz Saxophon an der Johannes Gutenberg-Universität Mainz 2010 bis 2012 Master Studium Jazz Saxophon bei Prof. Bernd Konrad an der Musikhochschule Stuttgart ab WS 2012 Master Studium Jazz Komposition bei Prof. Rainer Tempel an der Musikhochschule Stuttgart 2001-2007 Landesjugenjazzorchesters Rheinland-Pfalz 2007-2011 Bundesjazzorchester (BujazzO) 2012 Aushilfe HR-Big Band (Schultour) Tourneen führten ihn nach Brasilien, USA, Südafrika, Süd-Korea, Russland, Polen, Indien, Italien und auf den Balkan (Kroatien, Bosnien-Herzegowina, Serbien, Bulgarien, Rumänien) Gründet 2009 die Konzertreihe „Junge Szene Frankfurt“ 2013 Arbeitsstipendium Jazz der Stadt Frankfurt am Main 2014 Eröffnung des 45. Deutsches Jazzfestivals Frankfurt am Main false http://peterklohmann.com https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10088.html /system/events/logos/000/010/088/large/avatars-000389452269-8x5ub9-t500x500.jpg?1545412662 2018-12-28T17:00:00+01:00 17:00 01:00 Compeiler 35C3-ABFahrplan-10088-jeanette_tresbien Jeanette Trèsbien Part 1 Music djset en Moloch, Ringelpietz / Hamburg false https://soundcloud.com/jeanette-tr-sbien https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10131.html /system/events/logos/000/010/131/large/sofija.jpg?1545754685 2018-12-28T18:00:00+01:00 18:00 01:00 Compeiler 35C3-ABFahrplan-10131-zso_co Zso & Co. live! ukulele Music concert en Zso is the stage name of a young artist Sofia (16) from Novi Sad, Serbia. Her voice is regularly described as “hypnotic”, and her performances as “out-of-this-world”. She started to perform just recently and her sets usually consists of cover songs that the most of you will recognise, but they could hardly be labeled as “hits”. She also writes her own songs and one will be premiered at 35C3. Currently, she is touring Germany with her dad, _djura_ who is a musician and a DJ. Together, under the name “Zso & Co.” they will bring you interesting renditions of some popular songs in their own, unique style: combining analogue and acoustic instruments with dirty synths in minimalistic arrangements, accompanying Sofia’s beautiful voice. Zso is the stage name of a young artist Sofia (16) from Novi Sad, Serbia. Her voice is regularly described as “hypnotic”, and her performances as “out-of-this-world”. She started to perform just recently and her sets usually consists of cover songs that the most of you will recognise, but they could hardly be labeled as “hits”. She also writes her own songs and one will be premiered at 35C3. Currently, she is touring Germany with her dad, _djura_ who is a musician and a DJ. Together, under the name “Zso & Co.” they will bring you interesting renditions of some popular songs in their own, unique style: combining analogue and acoustic instruments with dirty synths in minimalistic arrangements, accompanying Sofia’s beautiful voice. false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10132.html /system/events/logos/000/010/132/large/avatars-000389452269-8x5ub9-t500x500.jpg?1545412872 2018-12-28T19:00:00+01:00 19:00 01:00 Compeiler 35C3-ABFahrplan-10132-jeanette_tresbien Jeanette Trèsbien Part 2 Music djset en Moloch, Ringelpietz / Hamburg false https://soundcloud.com/jeanette-tr-sbien https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10053.html /system/events/logos/000/010/053/large/35.jpg?1545413155 2018-12-28T20:00:00+01:00 20:00 01:00 Compeiler 35C3-ABFahrplan-10053-air_cushion_finish Air Cushion Finish Impromptu, Acousmatic, Ambient, Krautrock, Music concert en Air Cushion Finish do multi-style and real time music. It's created from anything the players come up with at a particular moment. The resulting music defies style definitions. The slow motion part was referred to as homeopathic punk. before, however ambient, electro-acoustic electronica, dada, soundtrack, radio play, spoken word, impromptu (though preconceived in a certain sense), even jazz or free music could come to mind as well. Air Cushion Finish formed in Berlin in 2007 and comprised composer/player jayrope and natural vocal synthesizer Lippstueck, who had enjoyed playing Berlin’s underground together since the 1990s. Lippstueck prominently sings, wordless and backwards in time, while his partner jayrope tends to also appreciate any DIY, electronic, string or percussion instrument small enough to fit into a single suitcase altogether. Changing setup and subsequently music is programmatic to them, as well as having friends as guest musicians, all resulting into an unforeseeable slow motion cacophony of whispers, bleeps, rhythms and harmonies. There’s a notion of Dada, but you never know. This rather poetic note about their separation from cemented structures & styles took them to places. ACF got to support a number of their own favourite artists along the line. Subsequently ACF’s 8th album FLINK – upon a friendly invitation – was recorded and mixed with Thierry Amar at Montreal’s Hotel2Tango. For the first time in a proper studio, if you will, but nonetheless with an audience present at recording time. The resulting double 12” ‘Flink’ was released on Lullabies for Insominacs in early 2017, telling of ACF’s current state of poetical accident, swaying, swinging and bouncing, boldly careful, like a transparent tattoo on your forehead. false https://www.aircushionfinish.com https://aircushionfinish.bandcamp.com/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10079.html /system/events/logos/000/010/079/large/avatars-000023223454-7aeb1i-t500x500.jpg?1545413510 2018-12-28T21:00:00+01:00 21:00 01:00 Compeiler 35C3-ABFahrplan-10079-michelson Michelson Part 1 Music djset en ..puts compositions together like a dj does so that makes him a dj in a ambienty, krauty, electronicy way he is trtying to tell you something he only knows when its time for it. magical! false https://soundcloud.com/megamichelson https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10060.html 2018-12-28T22:00:00+01:00 22:00 01:00 Compeiler 35C3-ABFahrplan-10060-vai Vai Experimental Electronics Live Set Music djset en "This world is so full of love. You are not here by accident. You don’t have to worry about anything. Your being, is so full of love, so full of peace. You don’t have to go to someplace else to find peace. It is right where you are. Trust this, don’t worry about anything at all. Just enter this place and be ." false Listen: Son of Idaia EP (Holger Records) https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10133.html /system/events/logos/000/010/133/large/avatars-000023223454-7aeb1i-t500x500.jpg?1545413633 2018-12-28T23:00:00+01:00 23:00 01:00 Compeiler 35C3-ABFahrplan-10133-michelson Michelson Part 2 Music djset en ..puts compositions together like a dj does so that makes him a dj in a ambienty, krauty, electronicy way he is trtying to tell you something he only knows when its time for it. magical! false https://soundcloud.com/megamichelson https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10081.html /system/events/logos/000/010/081/large/Leafar-Legov-.jpg?1545389380 2018-12-29T00:00:00+01:00 00:00 02:00 Compeiler 35C3-ABFahrplan-10081-leafar_legov Leafar Legov Ambient Music concert en Leafar Legov is a quiet but essential member of the Giegling family. Legov's relationship with club music seems purely conditional—he'll follow its guidelines only when they happen to suit his creative impulses. With Kettenkarussell, he makes what could loosely be described as downtempo house. On his solo records, he offsets ambient sketches with somber hip-hop instrumentals. But his personal musical universe is still, for the most part, a mystery—aside from "Blush," an excellent one-off from 2009 he made as Robert Oh, his first solo release was the EP "Talk" on Giegling, which came out in 2016. Abstract and subdued, it's a record that points to Giegling's emotional depth and stylistic open-endedness. false https://soundcloud.com/leafarlegov https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10134.html 2018-12-29T02:00:00+01:00 02:00 02:00 Compeiler 35C3-ABFahrplan-10134-pacheko_b2b_oliotronix Pacheko b2b Oliotronix Techno/Rave Music djset en Oliotronix: In 2017/18 her new music setup has taken shape in form of energetic performances using Gameboy DMG and various electronic noise machines still combined with an hooligan/techno/rave DJ set. Few feedbacks from the audience: “What is exciting about DJ Oliotronix is she doesn't follow the trend but deliver crazy sets following her own taste while keeping it entertaining on a high level of intensity. Prepare to have fun!“ Madame Claude, Berlin “Very original and eclectic, with interesting non-standard use of equipment. Also very cool neo-cyber-hip look!” Galaxy Wolf, London “Great! Good energy and selection. Nice to see DJs enjoying themselves too!” Crux, London false Pacheko: https://soundcloud.com/elcapitano https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10061.html /system/events/logos/000/010/061/large/avatars-000140974016-n2w1av-t500x500.jpg?1545414123 2018-12-28T14:00:00+01:00 14:00 02:00 Uptime Bar 35C3-ABFahrplan-10061-sudseemelodien Südseemelodien Finest Hawaii Bar Sounds Music djset en Purest aloha spirit to dream away as you let the sounds transporting you to ocean, beach, surfers and luau riding on the back of a glittering Humuhumunukunukuāpua'a. false https://soundcloud.com/suedseemelodien https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10063.html /system/events/logos/000/010/063/large/shikoba.jpg?1545329369 2018-12-28T16:00:00+01:00 16:00 02:00 Uptime Bar 35C3-ABFahrplan-10063-shikoba SHIKOBA Krautrock, Experimental, Techno Music djset en SHIKOBA, real name Adem Zor, creative mind behind the interstellar label Planet Almanac, collaborates with Don't DJ and Iku Sakan, varies in his DJ sets in the hypnotic tension field between Krautrock, Experimental and Techno. Juggling with the sound aesthetics appeals to him the most. Dance Music, which transfers the club night's escapism to a more artistic than functional level. Loops, rhythms and sound aesthetics are the three key words with which his sets can be described. Natural sounds combined with digital synthesis, using the listener as a medium to close the gap between these two. He himself understands his sets as experienceable ideas, which are presented and carried forward by the experiencer and be thougt even further. false https://soundcloud.com/shikobamakesnoize https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10073.html /system/events/logos/000/010/073/large/avatars-000539299344-d3tt0s-t500x500.jpg?1545414558 2018-12-28T18:00:00+01:00 18:00 02:00 Uptime Bar 35C3-ABFahrplan-10073-alexa_d_saster Alexa D!saster Musical oxymorons Music djset en AL-D! (Alexa-D!saster) // electric-guitar //loops & effects // vocals // lo-fi //improv // DAW // drums // bells // Alexa D Saster is a DJ, musician and crossover artist based in Berlin. DJ Alexa D!saster is a record collector and sound-explorer. Her dj-sets are between mildstyle and wildstyle and based on underground-music and unheard rarities. She's spinning her sets in Berlin's subculture spots and elsewhere in Germany and Europe. Alexa is a guitarist and singer and plays in different formations. Under the moniker AL-D! she runs her indie-loop-project, where she combines electronic sounds with vocals and electric-guitar. She is creator of Golden Disko, resident of mild! open air in Berlin's cutest garden Zuckerzauber and host of Kizamani kisasa radio show on Radio Rixdorf. In addition to her music, Alexa is working as comic artist and web designer. false http://alexa-dsaster.de https://soundcloud.com/alexadsaster https://www.mixcloud.com/alexadsaster https://soundcloud.com/alexadisaster (spot the difference!) https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10087.html /system/events/logos/000/010/087/large/avatars-000449268345-ysghqy-t500x500.jpg?1545414667 2018-12-28T20:00:00+01:00 20:00 02:00 Uptime Bar 35C3-ABFahrplan-10087-please_talk_softly Please Talk Softly Diverse Music Music djset en Con Han Hop, mjut / Leipzig false https://soundcloud.com/pleasetalksoftly https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10084.html /system/events/logos/000/010/084/large/unnamed.jpg?1545741830 2018-12-28T22:00:00+01:00 22:00 02:00 Uptime Bar 35C3-ABFahrplan-10084-cornelius_niki_nebel Cornelius & Niki Nebel Diverse Music Music djset en Hamburg in town Sven. sind Nele und Cornelius. Sie haben Irgendwann in der Vergangenheit gemerkt, dass sie ganz gut musikalisch aufeinander reagieren können. Zusammen lassen sie ein Amalgam aus gebrochenen Beats, krautigen Wellen und wabernden Flächen enstehen. In einen Genre-Setzkasten lässt sich das alles nicht stellen, muss es ja auch nicht, ganz im Gegenteil. Manchmal wissen sie selbst nicht so ganz genau, wohin die Reise geht, um dann aber trotzdem genau da anzukommen wo sie vielleicht hinwollten. Geradezu übernatürlich, einfach wowi. false https://soundcloud.com/nele-wittler https://soundcloud.com/cornelius11 https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10117.html 2018-12-29T00:00:00+01:00 00:00 02:00 Uptime Bar 35C3-ABFahrplan-10117-dj_samantha DJ Samantha Music for non places Music djset en A selection of dub, african and techno classics will be rearranged for a mix; to park (20 kilogramm) suitcases; find a seat next to the smoking compartment and head off to gate B. Playing a DJ set with mostly vinyl, Samantha is slowly paneling her sound with a diverse selection of music. false 2018-12-28T10:00:00+01:00 10:00 06:00 OIO Lötarea XHGP3G https://pretalx.35c3oio.freifunk.space/35c3oio/talk/XHGP3G/ Löten zum Junghackertag Lötarea 110 min de Zum Junghackertag gibt es extra Lötprogramme false UYHAB8 djim https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9686.html 2018-12-29T11:30:00+01:00 11:30 01:00 Adams 35c3-9686-die_dreckige_empirie Die dreckige Empirie Kann man empirischen Studien trauen? Science lecture de Kann man empirischen Studien trauen oder nicht? Wie kann ich gute Studien von schlechten unterscheiden? Und was mache ich, wenn es zu einem Thema Studien mit gegensätzlichen Befunden gibt? Der Vortrag soll helfen, Antworten auf diese Fragen zu finden und empirische Studien besser zu verstehen. Empirischen Studien begegnet man nicht nur in Vorlesungen und Laboren, auch in den Nachrichten und in Diskussionen werden sie zitiert und oft als unumstößliche Wahrheit dargestellt. Andererseits gibt es ein großes Misstrauen gegenüber diesen Studien. Den Satz „Traue keiner Statistik die du nicht selbst gefälscht hast“ hat wohl jeder schon gehört und beim Congress im letzten Jahr hieß es mit Verweis auf psychologische und sozialwissenschaftliche Methoden „Science is broken“. Aber entspricht das wirklich der Wahrheit? Der Vortrag beschäftigt sich mit der Frage, was die Denkweise hinter empirischen Studien ist und wie man sie besser verstehen kann. Dabei sollen sowohl Grundlagen wie Wahrscheinlichkeiten, verschiedene statistische Testverfahren und Metaanlysen als auch Probleme wie p-Hacking und die Replikationskrise angesprochen werden. Ziel des Vortrags ist es, den Zuhörer*innen einen Eindruck davon zu vermitteln, was empirische Studien aussagen können und was nicht. Dabei liegt besonderes Augenmerk auf der Frage, ob und welchen empirischen Studien man trauen kann. Man benötigt keine Vorkenntnisse zum verfolgen des Vortrages. Als Beispiele werden aktuelle und klassische Studien aus der Psychologie benutzt. false Aiko Slides_DieDreckigeEmpirie file https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9407.html 2018-12-29T12:50:00+01:00 12:50 01:00 Adams 35c3-9407-die_verborgene_seite_des_mobilfunks Die verborgene Seite des Mobilfunks HF-Störquellen im Uplink Science lecture de Der Vortrag beleuchtet die Einflüsse auf den geheimnisvollen Teil des Mobilfunks – Störquellen im Uplink und deren Auswirkungen auf die Mobilfunk-Kommunikation sowie Praktiken zum Aufspüren von HF-Störquellen. Die Feldstärke-Balkenanzeige eines Smartphones (die Downlink-Empfangsfeldstärke) ist nur die Hälfte der Wahrheit zur Bewertung einer Mobilfunkversorgung. Die andere Hälfte ist der weithin unsichtbare aber gegen Störeinflüsse hochempfindliche Uplink, die Richtung vom Endgerät zu den Basisstationen. In diesem Vortrag werden Uplink-Störquellen, deren Auswirkungen sowie Mess- und Analysemöglichkeiten erläutert. Der Uplink von Mobilfunknetzen ist für die mobile Kommunikation unerlässlich, aber niemand kann ihn wirklich sehen. Der Uplink kann durch Störsender, Repeater und viele andere HF-Quellen gestört werden. Wenn er gestört ist, ist die mobile Kommunikation eingeschränkt. Ich werde zeigen, welche Arten von Störquellen den Uplink stören können und welche Auswirkungen das auf die Nutzung des Mobilfunks hat und wie Interference Hunting durchgeführt werden kann. Zunächst erläutere ich die notwendige Pegelsymmetrie des Downlinks (von der Mobilfunk-Basisstation - eNodeB zum Endgerät) und dem Uplink (vom Endgerät zurück zur eNodeB). Da die Sendeleistungen von Endgerät und eNodeB sehr unterschiedlich sind, erkläre ich technische Hintergründe zum Erreichen der Symmetrie. Im Folgenden werde ich die Probleme und Möglichkeiten bei der Messung von Uplink-Signalen am eNodeB erläutern, in Empfänger kann man ja schlecht hineinschauen. Der Downlink ist im Vergleich dazu sehr einfach zu messen, man sieht die Balken auf dem Smartphone oder kann APPs dazu nutzen, die detaillierte Feldstärkeinfos etc. liefern. Der Uplink bleibt allerdings weitgehend unsichtbar. Wenn dieser allerdings am eNodeB gestört ist, sagen die Feldstärkebalken am Endgerät gar nichts aus. Dazu werde ich eine Möglichkeit der Beobachtung vorstellen, die einige Endgeräte on Board mitbringen bzw. mit APPs aus dem Chipset herausgelesen werden können. In welcher Form der Uplink gestört werden kann, die Auswirkungen für die Kommunikation und das Suchen von Uplink-Störquellen werden den Vortrag abschließen. Dabei werde ich auch auf das Problem der 'passiven Intermodulation' (PIM), eine (nicht) neue Störquelle in den Bassisstations-Antennenanlagen, deren Bewertung, Messung und Vermeidung eingehen. false Peter Schmidt https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9507.html /system/events/logos/000/009/507/large/IFG_angriff.jpg?1545231555 2018-12-29T14:10:00+01:00 14:10 01:00 Adams 35c3-9507-best_of_informationsfreiheit Best of Informationsfreiheit Transparenz mit der Brechstange Ethics, Society & Politics lecture de Mit (u. a.): Rainer Rehak, Anna Biselli, Andre Meister, ... Was für die Breitbandversorgung in Deutschland gilt, gilt auch für Transparenz: Überall Demokratie-Funklöcher, die man stopfen muss, am besten mit Klagen. Wir erzählen, was das Informationsfreiheitsgesetz in diesem Jahr für die Demokratie-Infrastruktur getan hat, welche Rolle dabei Klagen gespielt haben und was die IFG-Meisterschaften damit zu tun haben. false Arne Semsrott Rainer Rehak Andre Meister Anna Biselli VIDEO https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9858.html 2018-12-29T16:10:00+01:00 16:10 00:40 Adams 35c3-9858-archaologische_studien_im_datenmull Archäologische Studien im Datenmüll Welche Daten speichert Amazon über uns? Ethics, Society & Politics lecture de Jeder Nutzer hat das Recht bei seinen Dienstanbietern eine Kopie seiner Daten anzufordern. Doch wer macht das schon? Wir haben genau das getan. Das Ergebnis war nicht nur eine intensive und emotionale Brieffreundschaften mit der Datenschutz-Abteilung von Amazon. Das Ganze hat auch sehr viel Datenmüll zu Tage befördert. Jeder Nutzer hat das Recht bei seinen Dienstanbietern eine Kopie seiner Daten anzufordern. Doch wer macht das schon? Wir haben genau das getan. Das Ergebnis war nicht nur eine intensive und emotionale Brieffreundschaft mit der Datenschutz-Abteilung von Amazon. Das Ganze hat auch sehr viel Datenmüll zu Tage befördert. Amazon schickte eine Tabelle mit den letzten 15.000 Klicks – zu jedem Eintrag gab es bis zu 50 zusätzliche Angaben. Auf den ersten Blick war klar: In diesen Datenbergen lohnt es sich zu wühlen. Genau das haben wir in den darauf folgenden Monaten getan. Mit einigen Analysen haben wir nach Auffälligkeiten und Mustern gesucht und diese auch gefunden. Amazon weiß, wann wir wo unterwegs waren, wie es um die Qualität unserer Internetverbindung steht, wie es um die Häufigkeit von um Familienbesuchen bestellt ist und und welche Zeitung wir lesen. Der Vortrag erklärt auf unterhaltsame und kurzweilige Weise, was sich aus unserem Datenmüll mit einfachen Mitteln alles herauslesen lässt. Und warum es problematisch ist, wenn Amazon unsere Vorlieben irgendwann besser kennt, als enge Freunde. Als Bonus geben wir Euch noch die wichtigsten Tipps & Kniffe auf den Weg, wie ihr auch bei unkooperativen Unternehmen an Eure eigene Datenauskunft kommt. false Letty Katharina Nocun https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9761.html 2018-12-29T17:10:00+01:00 17:10 00:40 Adams 35c3-9761-truly_cardless_jackpotting_an_atm_using_auxiliary_devices Truly cardless: Jackpotting an ATM using auxiliary devices. Security lecture en Pursuit of “good customers’ experience“ not only leads to new customers, but also attract criminals of all sorts. Presentation will give overview of current security situation of ATMs with different auxiliary devices allowing cardless transactions. Cardless is new sexy for criminals. Era of ATMs has started in London in 1967. Since time, when the “hole-in-the-wall” cash machine used radiocarbon paper cheques, ATMs became more complex and smart, providing opportunity to withdraw money without cards. Vendors, in accordance to banks and consumer’s demand, create ATMs that replace plastic cards and PINs with smartphones or QR codes. Cash withdrawal from an ATM now easier than never before not only for clients, but also for attackers. Jackpotting an ATM via malware or black box are pretty familiar. Countermeasures against such attacks are already in place in many banks. Thus, attackers need to discover new (or well-forgotten) ways to achieve their evil goals. We will not chew the fat, telling stories about the old days, because new functionality provides new possibilities. Migration from Windows XP to Windows 7/10 means there is always PowerShell on the ATM. “New” types of input devices allow BadBarcode-like attacks. Legitimate auxiliary device connected to the ATM in pursuit of so-called good customers’ experience may lead to ejection of all money from ATM. false Olga Kochetova Alexey Osipov https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9653.html /system/events/logos/000/009/653/large/photo_2018-10-14_15-01-31.jpg?1539524849 2018-12-29T18:10:00+01:00 18:10 00:40 Adams 35c3-9653-russia_vs_telegram_technical_notes_on_the_battle Russia vs. Telegram: technical notes on the battle Ethics, Society & Politics lecture en It's time to highlight facts and epic fails that were observed on the wire during attempts to block Telegram in Russia. Russian Federal Service for Supervision of Communications, IT and Mass Media started the process to ban Telegram on April the 16th. Roskomnadzor press-office claimed that the process will take a few hours. Telegram mostly worked in Russia during the incident beginning and still works half a year later. Russia banned Amazon, Google, Microsoft, DigitalOcean, Hetzner and other networks covering almost 0.5% of Internet Protocol address space, presumably, to put pressure on international businesses to make Telegram persona non-grata on those networks. Russia also banned IP addresses of major local businesses (VKontakte, Yandex and others), presumably, by mistake. A flaw in the filter was exploited to bring one of the major ISPs down for a while. Moscow Internet exchange point announced that alike flaw of the filter could be used to disrupt peering. Proxy-hunting experiments were observed sniffing live network traffic, both for obfuscated MTProto proxy and good old Socks5. This talk will not cover legal aspects of the lawyers fighting for Telegram in court. Also, it will not show any "insider" information from Telegram team. false Leonid Evdokimov (darkk) Usher II: having fun with Roskomnadzor's Register of Prohibited sites Errata & Slides mirror PDF slides OpenDocument slides with speaker notes https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9783.html /system/events/logos/000/009/783/large/Mars_Science_Laboratory_mission_logo.png?1539618594 2018-12-29T19:10:00+01:00 19:10 00:40 Adams 35c3-9783-the_mars_rover_on-board_computer The Mars Rover On-board Computer How Curiosity's Onboard Computer works, and what you can learn from how it was designed Hardware & Making lecture en Mars Rover Curiosity is one of the most sophisticated pieces of hardware ever launched into space. Because of the communication delay from Earth to Mars, it needs to accomplish most of its tasks completely autonomously: landing, navigation, exploration and singing birthday songs to itself. To do all this, it only has one central onboard computer. Let's look at that computer and the software it runs in detail. While space is a somewhat unique environment, we can still learn a lot by looking at how the pieces hardware and software on board of Curiosity are designed and managed. The spacecraft only has one onboard computer that took over from the second it was launched towards Mars. It navigated the stars and orbits, managed a very complicated landing procedure, and now drives around as a car-sized rover over rocks and slippery ravines, all while collecting samples and analysing them with its on board lab. First we'll have a look at the history of the Mars Science Laboratory plans, then in part two we will launch into hardware. What processors do we have, how are the working together? How is redundancy handled, and shielding against radiation? As a part three, we'll look closely at the rover's software. Using over the air updates, almost all code running on Curiosity has been pushed there after it had landed on Mars. NASA pushed updates to enable new scientific missions, to make it traverse the environment in a different way, and to route around broken hardware. After listening to this talk, you should find yourself inspired to look at problems of software and hardware fault-tolerance and long-term maintenance in a new light. You should be entertained by a hopefully interesting aspect of computers and space flight. And you'll get a certain awe of the engineers at JPL and their accomplishments. false breakthesystem The Design and Engineering of Curiosity: How the Mars Rover Performs Its Job (Springer Praxis Books) 1st ed. 2018 Edition Another Talk by Daniel https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9716.html /system/events/logos/000/009/716/large/lossy-page1-576px-%22WAAC_-_SILENCE_MEANS_SECURITY%22_-_NARA_-_515987.tif.jpg?1545215113 2018-12-29T20:50:00+01:00 20:50 01:00 Adams 35c3-9716-du_kannst_alles_hacken_du_darfst_dich_nur_nicht_erwischen_lassen Du kannst alles hacken – du darfst dich nur nicht erwischen lassen. OpSec für Datenreisende Security lecture de Schon Wladimir Wladimirowitsch Putin wusste: "Hacker, das sind freie Menschen, so wie Künstler." Wie wollen dafür sorgen, dass es so bleibt. Der Hacksport erfreut sich immer größerer Beliebtheit – nicht nur in Russland. In diesem Einführungs-Talk geben wir einen Überblick über die Risiken des Hobbys: Eingetretene Türen, Hausdurchsuchungen und hohe Anwaltskosten trüben den Genuss des freien Hacksports. Hier lohnt es sich für den hackenden Nachwuchs, aus den Fehlern anderer zu lernen. Wir geben klassische Beispiele für Fehler in der Operational Security, damit Ihr sie nicht machen müsst. false Linus Neumann Thorsten Schröder https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10017.html 2018-12-29T22:10:00+01:00 22:10 00:50 Adams 35c3-10017-electronic_evicence_in_criminal_matters Electronic Evicence in Criminal Matters An introduction and critique of the EC proposal for a regulation Ethics, Society & Politics lecture en The lecture will give an introduction into the "EC Proposal for a Regulation on European Production and Preservation Orders for Electronic Evidence in Criminal Matters (COM (2018) 225 final)" and . the impact to civil liberties of the users as well as the challenges for service providers of the diverse range of services covered by the proposal. Urgent action is required now by diverse groups to fight the existing proposal and prevent it from becoming binding law throughout the EU.. false Klaus Landefeld Presentation https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9667.html 2018-12-29T23:10:00+01:00 23:10 00:40 Adams 35c3-9667-desinformation_und_fake_news_-_bekampfung_und_verifizierung_leicht_gemacht Desinformation und Fake News - Bekämpfung und Verifizierung leicht gemacht Ethics, Society & Politics lecture de Für Journalisten bieten soziale Netzwerke eine Vielzahl von Quellen und Informationen, in einem Ausmaß, das vor Jahren unvorstellbar war. Doch damit steigt auch das Risiko immer weiter, auf Manipulationen und „Fake News“ hereinzufallen. In Zeiten von „Lügenpresse“-Rufen stellt das Journalisten vor neue Herausforderungen. Der Vortrag zeigt, wie die Verifizierung von Bildmaterial bei großen Medienhäusern abläuft – und warum auch normale Nutzer diese Möglichkeiten kennen und benutzen sollten. Während Bildmaterial bis vor wenigen Jahren noch hauptsächlich eigenproduziert oder eingekauft wurde oder über Agenturen geliefert wurde, kann dank Smartphones jeder zum Video- und Nachrichtenproduzent werden. Teilweise haben solche Videos eine Reichweite, von der etablierte Medien nur träumen können. Es geschieht kaum eine Breaking News, bei der nicht nach wenigen Minuten bereits Bilder im Netz kursieren. Dass solche Bilder nicht ungeprüft übernommen werden sollten, hat sich zum Glück rumgesprochen. Aber wie kann der Wahrheitsgehalt eines Bildes oder Videos unabhängig und nachvollziehbar verifiziert werden? Viele Medienhäuser haben erkannt, dass traditionelle Recherchemethoden bei diesem Thema schnell an ihre Grenzen stoßen und haben Verifizierungsteams gegründet. Glücklicherweise gibt es viele Programme, Webseiten und Plug-Ins, die einen bei der Verifizierung unterstützen. Der Vortrag zeigt, welche Arten von Fälschungen es gibt und wie man Fälschungen mit welchen Mitteln entlarven kann. false Robert Clausen verificationhandbook.com osintframework.com suncalc.org invid-project.eu wikimapia.org graph.tips citizenevidence.amnestyusa.org camopedia.org logos.iti.gr worldlicenseplates.com Bellingcat Toolkit (Google Doc) geolocatethis.site (aktuell offline) https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9486.html 2018-12-30T00:10:00+01:00 00:10 01:00 Adams 35c3-9486-hebocon Hebocon The sumo robot fight for the technically ungifted Entertainment lecture en We let the technically ungifted build robots and to fight each other for the laughs. Please contact @honky in RocketChat or visit the ChaosZone Hall 2 if you want to participate. We need at least 8 Robots to participate, if we have more, we'll bring this to the battlefield. Let's build funny robots and let them fight each other as long as we are superior to them :) Please let's dishonor high tech and celebrate everything made out of stuff we usually throw away (and blinks). Please contact @honky in RocketChat or visit the ChaosZone Hall 2 if you want to participate. We need at least 8 Robots to participate, if we have more, we'll bring this to the battlefield. false honky Datenspuren 2018 Advertisment on Site Slides for Translators file https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9911.html 2018-12-30T01:10:00+01:00 01:10 01:30 Adams 35c3-9911-chaos_communication_slam Chaos Communication Slam Technische Liebesgedichte & Horrorgeschichten im Dichterwettstreit Entertainment other de Chaos meets Poetry Slam. Der humoristische Dichterwettstreit mit Informatikhintergrund. Mitmachen ausdrücklich erwünscht. Und keine Sorge, ein Poetry Slam hat nichts mit dem Ingeborg-Bachmann-Preis zu tun. Hierbei geht es um einen Wettkampf bei dem selbstgeschriebene Texte live vorgetragen werden. Prosa, Lyrik, lustige Geschichte, das ist eure Wahl. Erzählt von euren Sysadmin Lovestorys, WebDev-f*ckUps oder was auch immer euch auf der Seele liegt. Für Kurzentschlossene bieten wir euch davor noch einen Crash Kurs in Slam Poetry an, damit auch ihr das Publikum begeistern könnt und mit in das Finale einzieht. Die Session findet ihr zeitnah im Event-Wiki. Auf dieser Seite findet ihr auch eine Adresse, um euch für das große Event anzumelden. Durch den Abend begleitet euch das Slam-erfahrene Team der "Slamigans" aus dem Umfeld des Chaostreff Flensburg. Moderiert von Thorben Dittmar, früherer U20-Local aus dem Kühlhaus und ewiger zweiter Platz, stimmt das Publikum zusammen über die besten Beiträge ab. Das Siegertreppchen darf sich schon auf tolle Preise freuen. Also schnell anmelden! false Thorben Dittmar https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9567.html /system/events/logos/000/009/567/large/yG2ahUfL_400x400.jpg?1543064844 2018-12-29T11:30:00+01:00 11:30 02:20 Borg 35c3-9567-lightning_talks_day_3 Lightning Talks Day 3 CCC lecture en Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick! Did you think that the thrill of sharing your ideas in front of a huge audience at a C3 was something you'd never experience? Do you work on a cool project and want to get the word out? Was your talk one of the hundreds that got rejected? Did you come up with an awesome hack that you need to share? Go ahead and enter your Lightning Talk now! The 35C3 Lightning Talks consist of three fast paced sessions which are perfect for pitching new software or hardware projects, exploits, creative pranks or strange ideas you need to get out to a global audience. Even if you don't have an awesome idea or project to share, a Lightning Talk is perfect for pitching your Assembly, your workshop or even a longer talk you'll give as a self-organized session. Your five minutes of fame! For registration and schedule info, please check out https://c3lt.de/35c3 false gedsic bigalex Registration and schedule Congress Wiki Page https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9971.html 2018-12-29T14:10:00+01:00 14:10 01:00 Borg 35c3-9971-the_critical_making_movement The Critical Making Movement How using critical thinking in technological practice can make a difference Hardware & Making lecture en Critical Thinking + Making = Critical Making. Around the world, academics and grassroots communities alike are engaging in critical making. With roots in critical design and critical engineering, etc., the point is to re-politicise making, help people understand that it needs to be more than printing cheap plastic knickknacks and can be used for activism and social innovation to improve peoples' lives. Using critical thinking in the DIY culture to look beyond the idealised picture of the maker and "reintroduce a sense of criticality back into post-2010 maker culture to un-sanitize, un-smooth and re-politicize it" (Hertz) is a relatively recent notion. More and more academia introduce Critical Making into their curricula, but bottom-up, grassroots movements also use critical making. Not only to raise awareness and hopefully change the status quo but also to see profit-oriented innovation practices vary, to minimise their adverse effects on society and the environment. This lecture will explore the notion of using more societal reflection in technology (both hardware and software) and its importance for our future. Insights on political-activist examples and case studies from around the world (Indonesia, Brazil, Germany) will be presented, with a focus on practice, practitioner and motivation. The aim is to explore making movement as a broader, global yet hyper-locally relevant phenomenon. false Regina M. Sipos Saad Chinoy Ricardo Ruiz Critical Making movement, first part of talk, by Regina Engineering Good https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9364.html /system/events/logos/000/009/364/large/molecule.png?1536771644 2018-12-29T16:10:00+01:00 16:10 01:00 Borg 35c3-9364-viva_la_vita_vida Viva la Vita Vida Hacking the most secure handheld console Security lecture en Since its release in 2012, the PlayStation Vita has remained one of the most secure consumer devices on the market. We will describe the defenses and mitigations that it got right as well as insights into how we finally defeated it. The talk will be broken into two segments: software and hardware. First, we will give some background on the proprietary security co-processor we deem F00D, how it works, and what we had to do to reverse an architecture with minimal public information. Next, we will talk about hardware attacks on a real world secure hardware and detail the setup process and the attacks we were able to carry out. This talk assumes no prior knowledge in hardware and a basic background in system software. Focus will be on the methods and techniques we've developed along the way. How do you hack a device running a full featured, security hardened, and completely proprietary operating system executed on a custom designed SoC? Although the PlayStation Vita did not reach the market success of its contemporaries, it was a surprisingly solid device security-wise. Sony learned from the mistakes of PS3 and PSP and there were (mostly) no "FAIL" moments. It carried exploit mitigations that are standard today but groundbreaking for a "popular" device in 2012: SMAP, kernel ASLR, > 2 security domains, and more. Molecule was the first group to run unsigned code on the device as well as the first to hack kernel mode and TrustZone. However, to target the security co-processor (F00D), we need to bring out the big guns. Using a highly customized version of the popular ChipWhisperer hardware, we carried out hardware attacks on the device including fault injection (glitching) and side channel analysis. In a board with twelve layers, dozens of unknown ICs, and hundreds of passives, how do you even begin to attack it without any information? We will start with the basics: a whirlwind tour of the theory behind the attacks. Then we will move to the practical application: mapping out the power domains of a SoC, soldering tips for microscopic points, finding a good trigger signal, finding a glitch target, and searching the right parameters. Finally, if time permits, we will also talk a bit about how to extend our existing setup to perform side channel analysis with a few modifications. It is unfortunate that the Vita was such a niche device, but we hope this talk will inspire more people to pick it up. The Vita is dead, long live the Vita! false Yifan Lu Davee State of the Vita (2016) Ensō Bootloader Hack (2017) taiHEN CFW Framework (2016) HENkaku Hack (2016) Why hacking the Vita is hard (2013) Exploiting WebKit on Vita 3.60 Ensō: A PS Vita bootloader exploit https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9788.html 2018-12-29T17:30:00+01:00 17:30 01:00 Borg 35c3-9788-memsad Memsad why clearing memory is hard. Security lecture en This presentation will start off with a simple problem (how do you clear memory that holds sensitive content). It explores numerous possible solutions, and presents real live facts and figures. bugs in common applications will be shown. false Ilja van Sprundel file memsad.pptx https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9973.html /system/events/logos/000/009/973/large/GFF_Bildmarke_freigestellt.jpg?1540979362 2018-12-29T18:50:00+01:00 18:50 01:00 Borg 35c3-9973-freedom_needs_fighters Freedom needs fighters! Wie die GFF mit strategischen Klagen für Freiheitsrechte kämpft und was in 2019 auf uns zukommt Ethics, Society & Politics lecture de Der Talk gibt einen Überblick über die Arbeit der Gesellschaft für Freiheitsrechte (GFF): Wir klagen, um Grund- und Menschenrechte vor Gesetzgebern und Behörden zu schützen. Die letzten Jahre waren harte Zeiten für die Bürgerrechte: Im Bund regierten große Koalitionen, die reihenweise Überwachungsgesetze verabschiedeten - etwa die Staatstrojaner im Strafverfahren, das neue BKA-Gesetz oder den Zugriff von Geheimdienste auf die biometrischen Passbildern aller Bürgerinnen und Bürger, selbst wenn sie sich nichts haben zuschulden kommen lassen. Auch in vielen Bundesländern scherten sich die Parlamente nicht viel um Grundrechte, etwa in Bayern, wo seit dem Sommer das härteste Polizeigesetz seit dem Ende der Nazi-Diktatur herrscht - ein Gesetz, das so krass ist, dass sich sogar die Polizeigewerkschaft kritisch äußerte. Diese und viele andere Themen beschäftigen die GFF, die mit strategischen Klagen versucht, Grundrechte und Menschenrechte zu schützen. Unsere Arbeit geht dabei weit hinaus über den Bereich "digitale Grundrechte" hinaus: Derzeit laufen Verfahren bzw. bereiten wir Verfahren vor gegen § 219a StGB (Maulkorb für Ärzt*innen, die Abtreibungen vornehmen), die Polizeigesetze in Bayern, NRW und Hessen, das Verbot von linksunten.indymedia, die Staatstrojaner in der StPO sowie gegen die Internet-Massenüberwachung durch den BND durch das G10 und das BND-Gesetz. Außerdem engagieren wir uns in einem Verfahren für gleiches Gehalt für Frauen und Männer und organisieren gemeinsam mit Frag den Staat eine Serie von Transparenzklagen, um Informationsfreiheit auch vor Gericht durchzusetzen. false Ulf Buermeyer Nora Markard https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9851.html 2018-12-29T20:50:00+01:00 20:50 00:40 Borg 35c3-9851-conquering_large_numbers_at_the_lhc Conquering Large Numbers at the LHC From 1 000 000 000 000 000 to 10: Breaking down 14 Orders of Magnitude Science lecture en We are going to outline the ingredients necessary to perform measurements at the LHC, starting from an ordinary bottle of hydrogen. Let us take you on a journey following the path of the protons from this bottle to being ready for collisions in one of the detectors. Once the collisions are recorded we show the approaches and tools on how to extract the metaphorical needle in the haystack. The Large Hadron Collider at CERN is one of the largest and most precise machines mankind has built. As a particle accelerator, it enables us to study proton collisions in large detector experiments such as ATLAS and CMS. These detectors basically work like huge cameras with millions of channels taking up to one billion snapshots of the collisions per second. In a large fraction of these collisions, reactions take place that have been studied and understood for decades now. The very rare processes, however, are those that are especially interesting, but at the same time challenging to extract. The probabilities of processes, that have been studied and confirmed so far, span a range of 14 orders of magnitude. Finding the needle in the haystack of events we record at the LHC is like trying to score a field goal in basketball from space. The rareness of the interesting phenomena not only calls for pure physics understanding, but it also requires advanced techniques in data mining to find as many events of interest as possible while reducing the number of incorrectly accepted events. Hence, data handling in high energy physics means to dig into petabytes of data to filter out and catch a hand full of interesting reactions. false Carsten Bittrich Stefanie Todt Slides file https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9596.html 2018-12-29T21:50:00+01:00 21:50 00:40 Borg 35c3-9596-no_evidence_of_communication_and_morality_in_protocols_off-the-record_protocol_version_4 No evidence of communication and morality in protocols: Off-the-Record protocol version 4 Resilience lecture en OTRv4 is the newest version of the Off-The-Record protocol. It is a protocol where the newest academic research intertwines with real-world implementations. It is also one of the first protocols that comes from the global south which makes the political discussion around protocols an urgency. This newest versions also asks us to revisit our definitions around deniability (online and offline) and how important is it to the world. In this talk we will try to start a discussion around the importance of protocols, its political/moral foundations, the real-world implementation of academic ideas, the importance of securely implementing them, the definition of deniability in the current world and the design of OTRv4. As we know from past revelations, the Internet has become a place where any action is surveilled and recorded. In the light of this, the OTR protocol was created. But it was created long time ago. In the past years, there have been a increased work on cryptographic primitives, and privacy and security notions. But these thoughts have not been incorporated into projects. OTRv4 is the newest version of the Off-The-Record protocol, which tries to incorporate these new ideas. At the same time, OTRv4 is a protocol that challenges the common thinking around protocols as it comes from the global south, and takes moral questions into its design, as Rogaway tried to defined on his "The Moral Character of Cryptographic Work?" paper. Furthermore, OTRv4 tries to update the notion of deniability and why it is important for the world. false Sofia Celi Jurre van Bergen No evidence of communication: Off-The-Record Protocol version 4OTRv4: HotPETS paper OTRv4 specification OTRv4 implementation "The Moral Character of Cryptographic Work?" paper Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9523.html /system/events/logos/000/009/523/large/iod.png?1538977573 2018-12-29T22:50:00+01:00 22:50 00:40 Borg 35c3-9523-internet_of_dongs Internet of Dongs A long way to a vibrant future Security lecture en With great pleasure comes great responsibility. A responsibility, which is not taken enough into consideration by the smart sex toy manufacturers as they should, while handling extremely sensitive data. As long as there is no serious breach, there is no problem, right? This was the basis for a research project (Master Thesis) called “Internet of Dildos, a long way to a vibrant future”, dealing with the assessment of smart sex toys and identification of vulnerabilities in those products, including mobile apps, backends and the actual hardware. After the assessment of a selection of multiple smart sex toys an abyss of vulnerabilities was revealed. The identified vulnerabilities range from technically interesting vulnerabilities to vulnerabilities which affect the privacy of the users in extreme and explicit ways. In recent years the internet of things has slowly creeped into our daily life and is now an essential part of it, whether you want it or not. A long-existing sub category of the internet of things is a mysterious area called teledildonics. This term got invented about 40 years ago and described (at this time fictional) devices, allowing their users to pleasure themselves, while being interconnected to a global network of plastic dongs. In the 21st century, teledildonics actually exist. Multiple devices are on the (multi-million dollar) market, offering the ability to pleasure an individual, while being connected to the internet. Those devices offer functionalities, like remote pleasuring over local links as well as over the internet. They implement social media-like functionalities such as friends lists, instant messaging, movie chats and explicit-image sharing. With great pleasure comes great responsibility. A responsibility, which is not taken enough into consideration by the smart sex toy manufacturers as they should, while handling extremely sensitive data. As long as there is no serious breach, there is no problem, right? This was the basis for a research project called “Internet of Dildos, a long way to a vibrant future”, dealing with the assessment of smart sex toys and identification of vulnerabilities in those products, including mobile apps, backends and the actual hardware. After the assessment of a selection of multiple smart sex toys an abyss of vulnerabilities was revealed. The identified vulnerabilities range from technically interesting vulnerabilities to vulnerabilities which affect the privacy of the users in extreme and explicit ways. It was possible to gain access to thousands of users’ data records, including cleartext passwords, explicit images, real-world names, real-world addresses, and many more specific facts. Furthermore, we were able to remotely pleasure individuals without their consent over the internet, or over a local link. Presentation Outline 1. Why? Explanation as to why it is necessary to conduct penetration tests in the area of teledildonics and why the topic was chosen for further research. 2. Quick introduction into basics like Internet of Things (IoT) Sextech Teledildonics (History of Smart Sex Toys) Internet of Dongs (IoD) 3. The “Test Devices” A quick introduction of the test devices examined during this project. Explanation of their feature set including areas of application and use-cases. 4. Let’s get dirty – An overview of the identified vulnerabilities DS_STORE File Information Disclosure Customer Database Credential Disclosure Unrestricted Access to administrative interfaces Weird authentication implementation Unauthenticated Bluetooth LE Connections Missing Authentication in Remote Control And many more… 5. Bluetooth LE Protocol exploitation Brief overview over Bluetooth LE security features Brief overview over Bluetooth LE authentication/pairing methods Brief overview over Bluetooth LE exploitation Hardware Brief overview over Bluetooth LE exploitation Software Hands-on example 6. The “Swinger Club Problem” How the manufacturers tried to downplay the vulnerabilities. 7. Legal Issues – Rape over the wire? How are current laws dealing with sexual pleasure without consent over the internet? 8. Responsible Disclosure Process Coordinated vulnerability remediation with the German CERT-Bund 9. Ongoing/Similar Research Takeaways Attendees are made aware that not a single category of devices in the internet of things is secure, no matter how obscure and outlandish the device might be. This should also raise attention and motivation to test all those devices that are already out there and handle the Internet of Things more cautiously. Another important takeaway is to raise attention to how poorly programmed many IoT devices are and how it is still possible to discover vulnerability cases, which should be resolved and extinct. Last but not least, we want to take the opportunity to discuss and raise attention to the hot topic of “remote rape” or how our current legislature deals with remote pleasuring without consent. Why this talk? First and foremost, this talk will be a lot of fun while teaching the audience how to assess smart sex toys and penetrate their backends (pun intended). The audience will learn what an attacker is capable of when attacking smart sex toys, nowadays. Furthermore, the audience will get deep insights into Bluetooth LE penetration testing including a hands-on example on a selected smart sex toy. Most of the identified vulnerabilities [1, 2, 3, 4] identified to this day include minor backend issues and or the good old exploitation of the Bluetooth LE protocol. The major difference compared to this research is, that the SEC Consult Vulnerability Lab identified a potential massive breach of data, including explicit images, clear text passwords, etc) via the “publicly” accessible database, as well as the issue with the remote pleasuring without consent, which is a so called “Feature”. [1] https://arstechnica.com/information-technology/2017/10/screwdriving-many-bluetooth-sex-toys-leave-users-vulnerable/ [2] https://internetofdon.gs/reports/ [3] https://www.pentestpartners.com/security-blog/screwdriving-locating-and-exploiting-smart-adult-toys/ [4] https://scubarda.wordpress.com/2017/10/17/hacking-a-bt-low-energy-ble-butt-plug/ false Werner Schober IoD Blogpost https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9941.html /system/events/logos/000/009/941/large/images.png?1539641148 2018-12-29T23:50:00+01:00 23:50 00:40 Borg 35c3-9941-how_facebook_tracks_you_on_android How Facebook tracks you on Android (even if you don’t have a Facebook account) Ethics, Society & Politics lecture en In this talk, we’re looking at third party tracking on Android. We’ve captured and decrypted data in transit between our own devices and Facebook servers. It turns out that some apps routinely send Facebook information about your device and usage patterns - the second the app is opened. We’ll walk you through the technical part of our analysis and end with a call to action: We believe that both Facebook and developers can do more to avoid oversharing, profiling and damaging the privacy of their users. In this talk, we’re looking at third party tracking on Android. We’ve captured and decrypted data in transit between our own devices and Facebook servers. It turns out that some apps routinely send Facebook information about your device and usage patterns - the second the app is opened. We’ll walk you through the technical part of our analysis and end with a call to action: We believe that both Facebook and developers can do more to avoid oversharing, profiling and damaging the privacy of their users. false Frederike Kaltheuner Christopher Weatherhead Privacy International [Facebook Stories] Privacy International Website [Clearnet] Privacy International Website [onion] file Slides file https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9657.html 2018-12-29T11:30:00+01:00 11:30 01:00 Clarke 35c3-9657-from_zero_to_zero_day From Zero to Zero Day Security lecture en In this talk I will share my story of how in a little over a year, a high school student with almost zero knowledge in security research found his first RCE in Edge. After starting my BSc in CS and Math I picked up a new hobby: solving coding challenges. The next logical step was to try harder challenges, which lead me to participate in CTF competitions. During these CTFs I found that I’m fascinated by vulnerabilities: finding mistakes or things that developers failed to think through. This is how I started going down the rabbit hole. Fast forward a year later, I found my first 0-day, a critical RCE in Edge. To understand it, we will review the recent trend of JIT Type Confusion vulnerabilities in ChakraCore. I will talk about the vulnerability I found, explain how I discovered it and show similar vulnerabilities recently found by other researchers. Finally, I will demo a working exploit of this vulnerability. This session could be helpful both for people interested in getting into the security field, and for experienced security researchers who want to learn more about browser vulnerabilities and exploitation. false Jonathan Jacobi Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9664.html 2018-12-29T12:50:00+01:00 12:50 01:00 Clarke 35c3-9664-kosmische_teilchenbeschleuniger_und_ihre_spuren_in_der_antarktis Kosmische Teilchenbeschleuniger und ihre Spuren in der Antarktis Über die Identifikation des ersten kosmischen Teilchenbeschleunigers und den Beginn einer neuen Ära in der Multimessenger-Astronomie Science lecture de Vor 5.7 Milliarden Jahren emittierte der Blazar TXS0506+056 eine große Menge schwach wechselwirkender Neutrinos. Von dem durch ein supermassives schwarzes Loch im Zentrum seiner Galaxie angetriebenen kosmischen Teilchenbeschleuniger fand eines dieser Teilchen seinen Weg zur Erde und interagierte mit Wassermolekülen im antarktischen Eis. Durch einen glücklichen Zufall konnte das IceCube Neutrino Observatory, ein Kubikkilometer großer Detektor aus instrumentiertem Eis, am 22. September 2017 eine Lichtspur aufzeichnen, die direkt zur Quelle zurück zeigte. Damit konnte erstmals ein bekanntes astrophysikalisches Objekt mit dem Ursprung eines kosmischen Neutrinos assoziert werden und das Ereignis IceCube-170922A schrieb Geschichte. Ein näherer Blick auf die während 2014-2015 gesammelten Daten zeigte, dass die Neutrino-Emission von TXS0506+056 phasenweise erhöht ist. Dies unterstützt die These, dass das Ereignis von 2017 tatsächlich dem Blazar zugeordnet werden kann und die Entdeckung wurde zu einem großer Erfolg für die Multi-Messenger Astrophysik. Bereits 1912 entdeckte Viktor Hess die als kosmische Strahlen bekannten hochenergetischen Teilchen, die im Sekundentakt aus dem Weltall auf die Erdatmosphäre treffen. Einige von ihnen stammen aus unserer Sonne, andere von Quellen in unserer eigenen Galaxie – bei den höchsten Energien liegen die Ursprünge allerdings vermutlich in weit entfernten Galaxien. Unglücklicherweise handelt es sich größteils um geladene Ionen, die auf ihrem Weg durch das Universum durch Magnetfelder abgelenkt werden und nicht zu ihren Quellen zurückverfolgt werden können. Deswegen konnte in den mehr als 100 Jahren seit ihrer Entdeckung keine eindeutige Quelle extragalaktischer kosmischer Strahlen identifiziert werden. Trotz allem gibt es dort draußen Objekte, die winzige Teilchen mit den unvorstellbar geringen Massen von 10^-24g auf die Energie beschleunigen, mit der Rafael Nadal seine Tennisbälle aufschlägt. In irgendeiner Form müssen diese Objekte strahlen und neben kosmischen Strahlen auch andere Teilchen emittieren. Hier setzt die Idee von Multi-Messenger Astroteilchenphysik an: Bei der Untersuchung der energiereichsten Objekte unseres Universums werden zugleich Licht, Neutrinos und Gravitationswellen betrachtet, allesamt ungeladene Boten, die Informationen von den Quellen direkt zu unseren Detektoren tragen. Während 2017 Gravtitationswellen eines Gammastrahlenblitzes identifiziert werden konnten, war der diesjährige Durchbruch in der Multi-Messenger Astroteilchenphysik die Assoziation eines von IceCube detektierten Neutrinos mit einem bekannten Blazar in einer weit entfernten Galaxie. In diesem Vortrag erklären wir, was Menschen zum Bau komplexer Detektoren an den exotischsten Plätzen der Welt motiviert, um hochenergetische Teilchen aus dem Weltall zu jagen. Wir sprechen über die bahnbrechende Entdeckung diesen Jahres und beleuchten, wie der Durchbruch durch twitter-ähnliche Echtzeit-Monitoring-Systeme überhaupt erst möglich wurde. 5.7 billion years ago, the blazar TXS0506+056, a gigantic particle accelerator driven by the super-massive black hole at the center of its host galaxy, emitted a large number of weakly interacting elementary particles, known as neutrinos. One of these particles found its way to Earth and interacted with water molecules in the South-Antarctic Ice Sheet. Fortunately, the IceCube Observatory, a cubic kilometer of instrumented ice recorded a track of light that pointed directly back to its origin, unlike many other neutrinos captured in the past. This event, called IceCube-170922A writes history, since for the first time a concrete astrophysical object can be associated to the origin of this neutrino and thus the presence of strongly accelerated, interacting matter. A second look at the data recorded in 2014-2015 confirmed that the blazar has indeed periods of high-neutrino emission, strengthening the confidence in the 2017 event to be a real discovery and great success for Multi-Messenger Astrophysics. As discovered by Victor Hess already in 1912, there are particles impinging the Earth’s atmosphere every couple of seconds called Cosmic Rays. Some of them are accelerated in the sun, others by sources in our galaxy but at the highest energies, these particles are very likely coming from distant galaxies. Unfortunately, most of them are charged ions that are deflected by magnetic fields on their way through the universe and they do not point back to the point where they have been accelerated. Therefore, even 100 years after the discovery of cosmic rays a definite and obvious source has not been discovered. However, there is something out there that can accelerate a tiny particle with a mass as little as 10-24g (this is a number with !23! decimal zeros) to the energy equivalent to a tennis ball served by Rafael Nadal, then it must somehow shine and emit other radiation among the Cosmic Rays. This is the basic idea of multi-messenger astrophysics that aims to study the most violent objects in the universe by looking simultaneously at the emitted light, the neutrinos and the gravitational waves, which are all uncharged messengers carrying the information from the sources directly to our detectors. While n 2017, gravitational waves from a Gamma-Ray Burst were identified, this years major breakthrough in the field of multi-messenger astrophysics was the association of a high energy neutrino detected by IceCube with a known blazar in a far away galaxy. In this lecture, we will aim to explain what motivates mankind to build complex observatories at the most exotic location around the globe to haunt for very high energy particles from space. We will shed light on this brand new detection and highlight that without the recent developments in a real-time monitoring/Twitter-like system the detection would have gone unnoticed. Image / Video Credits Titelbild: NASA B2 Uni Wien B3 NASA B4 CERN / LHC B5 Auger Collaboration B6 Sven Lafebre B7 NASA B8 A. Fedynitch DESY B9 IceCube Observatory B10 freier-grafiker.de B11 IceCube Collaboration B12 https://military.id.me/ B13 Argonne National Laboratory B14 IceCube Collaboration B15 IceCube Collaboration B16 DESY (Renderbild) B17 IceCube Collaboration B18 IceCube Collaboration B19 IceCube Collaboration B20 Science Communication Lab und DESY (https://multimessenger.desy.de/ ) B21 Science Communication Lab und DESY (https://multimessenger.desy.de/ ) References R1 https://www.mpi-hd.mpg.de/hfm/HESS/public/vfHess.pdf (DE) ausführliche Diploma-Thesis R2 https://arxiv.org/abs/1808.02927 Original-Paper inkl. Kommentare R3 https://arxiv.org/abs/1701.07305 Proceedings on electron positron fluxes (AMS Coll. ) R4 https://arxiv.org/abs/astro-ph/0609060 Auger Observatory R5 https://arxiv.org/abs/1502.01323 ausführliche Detektorbeschreibung R6 https://arxiv.org/abs/1604.03637 AugerPrime Design Report, ohne AERA Radio Det. R7 https://arxiv.org/abs/1311.7346 Galactic Cosmic Rays Review R8 https://arxiv.org/abs/1804.02331 Galactic CR from young massive stars R9 https://arxiv.org/abs/0711.2256 2008 Correlation of UHECR with AGN (Auger Coll.) R10 https://arxiv.org/abs/1709.07321 2017 large scale UHECR anisotropy (Auger Coll.) R11 https://arxiv.org/abs/0812.3809 High Energy Neutrino Detectors overview R12 https://arxiv.org/abs/1412.5106 IceCube Gen2 R13 https://arxiv.org/abs/1607.02671 PINGU IceCube R14 https://arxiv.org/abs/1612.05093 IceCube Instrumentation and Online Systems (DOM) R15 http://science.sciencemag.org/content/342/6161/1242856.full (https://arxiv.org/abs/1311.5238 ) R16 https://arxiv.org/abs/1805.11112 Neutrino Astronomy focus IceCube R17 http://science.sciencemag.org/content/361/6398/eaat1378 (open access: https://arxiv.org/abs/1807.08816 ) R18 http://science.sciencemag.org/content/361/6398/147 (open access: https://arxiv.org/abs/1807.08794 ) R19 https://arxiv.org/abs/1807.04275 modeling TXS2 R20 http://adsabs.harvard.edu/abs/1993ARA%26A..31..473A AGN Unification scheme 1993 R21 https://arxiv.org/abs/1107.5576 AGN UHECR R22 https://arxiv.org/abs/1812.05939 Historical flare conventional models R23 https://arxiv.org/abs/1809.00601 Gas - Jet interaction model for historical flare false Anni Presentation https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9648.html /system/events/logos/000/009/648/large/CCC_title.jpg?1539521954 2018-12-29T14:10:00+01:00 14:10 01:00 Clarke 35c3-9648-micropython_python_for_microcontrollers MicroPython – Python for Microcontrollers How high-level scripting languages make your hardware project beautifuly easy Hardware & Making lecture en MicroPython is a lean and efficient implementation of the Python 3 programming language that includes a small subset of the Python standard library and is optimised to run on microcontrollers and in constrained environments. This talk will give an overview about the MicroPython hard- and software and introduces the community. MicroPython is an Open Source project and developed in the open on GitHub. With more than 7000 stars, it ranks in the top 100 of the most popular C/C++ projects. The MicroPython pyboard is a compact electronic circuit board that runs MicroPython on the bare metal, giving you a low-level Python operating system that can be used to control all kinds of electronic projects. MicroPython is packed full of advanced features such as an interactive prompt, arbitrary precision integers, closures, list comprehension, generators, exception handling and more. Yet it is compact enough to fit and run within just 256k of code space and 16k of RAM. MicroPython aims to be as compatible with normal Python as possible to allow you to transfer code with ease from the desktop to a microcontroller or embedded system. It's used by educators, makers and professional hard- and software developers around the world. The use cases reach from embedded hardware testing over Industrial Internet of Things into space applications. false Christine Spindler MicroPython Website MicroPython on Git Slides for MicroPython talk https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9346.html /system/events/logos/000/009/346/large/russiancard.png?1545036658 2018-12-29T16:10:00+01:00 16:10 00:40 Clarke 35c3-9346-in_soviet_russia_smart_card_hacks_you In Soviet Russia Smart Card Hacks You Security lecture en The classic spy movie hacking sequence: The spy inserts a magic smart card provided by the agency technicians into the enemy's computer, … the screen unlocks … What we all laughed about is possible! Smartcards are secure and trustworthy. This is the idea smart card driver developers have in mind when developing drivers and smart card software. The work presented in this talk not only challenges, but crushes this assumption by attacking drivers using malicious smart cards. We will present a fuzzing framework for *nix and Windows along with some interesting bugs found by auditing and fuzzing smart card drivers and middleware. Among them classic stack and heap buffer overflows, double frees, but also a replay attack against smart card authentication. Since smart cards are used in the authentication process, a lot of vulnerabilities can be triggered by an unauthenticated user, in code running with high privileges. During the author's research, bugs were discovered in OpenSC (EPass, PIV, OpenPGP, CAC, Cryptoflex …), YubiKey drivers, pam_p11, pam_pkc11, Apple's smartcard-services and others. false Eric Sesterhenn Defcon Slides file 35C3 Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9674.html 2018-12-29T17:10:00+01:00 17:10 00:40 Clarke 35c3-9674-domain_name_system Domain Name System Hierarchical decentralized naming system used since 30 years Security lecture en Whenever you enter a name into your computer, it resolves it to a numerical IP address. This resolution uses the Domain Name System (DNS), which is a hierarchical decentralised naming system used on the Internet. DNS is organised in a way that top-level domain (e.g. .com, .org) are delegated to registrars, which delegate subdomains (e.g. foo.com). This delegation is done as well via the DNS protocol via nameserver (NS) records. Since different types of data are kept in DNS, it can as well be seen as a distributed (and cached!) key-value store - which is fault-tolerant. I will explain the basic usage of DNS, including stub and recursive resolver, server, various protocol extensions (zone transfer, dynamic updates, authentication, notifications, ...), privacy extensions (query path minimisation, DNS-over-TLS), provisioning let's encrypt certificates. I will talk about attacks (poisoning, amplification, ...) and implementation pitfalls (not get stuck in the recursive resolver). I implemented DNS with above mentioned extensions as minimized MirageOS unikernels over past years. DNS is used since 1985 for the Internet, and provides useful service for various protocols. Its initial design could not foresee its wide usage 30 years later. DNS is a core dependency of today's Internet usage. Within the <a href="https://mirage.io">MirageOS</a> project we re-develop network protocols, and I was eager to learn about all the details of DNS, a protocol which has been around and will be around for more time since a lot of systems depend on it. false Hannes Mehnert Re-engineering DNS (blog) µDNS implementation MirageOS https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9483.html 2018-12-29T18:10:00+01:00 18:10 00:40 Clarke 35c3-9483-web-based_cryptojacking_in_the_wild Web-based Cryptojacking in the Wild When your browser is mining coins for other people Security lecture en A cryptojacking website abuses the computing resources of its visitors to covertly mine for cryptocurrencies in the browser. In this talk, we explore this phenomenon and answer, amongst others, the following questions: How does the mining script work under the hood? How common is this attack? How much money do the attackers earn? And how can I defend myself against such attacks? With the introduction of memory-bound cryptocurrencies, such as Monero, the implementation of mining code in browser-based JavaScript has become a worthwhile alternative to running dedicated mining rigs. Based on this technology, a new form of parasitic computing, widely called cryptojacking, has gained momentum in the web. In this talk, we systematically explore this phenomenon: To begin with, we demonstrate how modern web technologies are used to create an efficient miner solely in JavaScript. We then present our methodology on how to identify mining scripts on real websites at scale, which we use for a study on the Alexa top 1 million websites. In particular, we perform several secondary analyses to gain insight into the cryptojacking landscape, including a measurement of code characteristics, an estimate of expected mining revenue, and an evaluation of current blacklist-based countermeasures. false Marius Musch Technical Report Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9385.html /system/events/logos/000/009/385/large/publicdomainq-scientist-Isaac_Newton.png?1537050277 2018-12-29T19:10:00+01:00 19:10 00:40 Clarke 35c3-9385-modeling_and_simulation_of_physical_systems_for_hobbyists Modeling and Simulation of Physical Systems for Hobbyists Essential Tools for Developing, Testing and Debugging Systems Interacting with the Real World Hardware & Making lecture en This is a foundations talk about modeling and simulation as tools for development, testing and debugging systems. It requires very little previous knowledge to address all makers and hobbyists interested in creating or modifying hardware that physically interacts with its environment (e.g. robots, drones, etc.). It explains the purpose of modeling and simulation, basic principles, and tips and tricks on a practical level. During the development of robots, drones or other machines, the individual components are usually not all available at the same time, but are developed and tested separately and then assembled to the final system. Thus, it is often useful to have a placeholder that acts just like the missing components that are not present. Or, for debugging, it might be useful to have a reference configuration, which is known to work, in order to exclude potential sources of error. On the other side, it might be helpful to artificially recreate errors to test the system for robustness to these errors without risking real hardware. This is where modeling and simulation are useful tools to make the development faster and less error-prone. This talk explains basic modeling and simulation techniques that help even for small project, how to model the physical effects encountered most frequently and to make a simulation of the created model run in a simple way. All examples will be held as practical as possible for community projects, relying only on common hardware and open-source software, in order to make them useful for a broad audience. Bring your computer with Gnumeric, Python and OMEditor installed to follow the examples, if you want. false Manuel Aiple Self-balancing robot simulator example Drop with drag example Mass spring damper example Electric motor example Script to the talk Slides to the talk https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9765.html 2018-12-29T20:50:00+01:00 20:50 01:00 Clarke 35c3-9765-remo2hbo_-robustes_und_reparierbares_vitalparametermonitoring Remo2hbo -Robustes und reparierbares Vitalparametermonitoring Medizingeräte für Alle Resilience lecture de Moderne Medizintechnik ist teuer und wenn sie kaputt geht, dann kann man sie normalerweise nur durch Servicetechnikerinnen austauschen lassen. Designkriterien orientieren sich an den Gesundheitsversorgung reicher Länder. Wir stellen ein System zur Messung der wichtigsten Vitalparameter vor, das nicht nur open source und frei, sondern auch für den off-road Einsatz ausgelegt ist, wenn die Servicehotline nicht erreichbar ist. Medizinische Versorgung orientiert sich immer stärker an ökonomischen Aspekten und das gilt auch für Medizingeräte. Insbesondere werden sie für Industrieländer entwickelt. Wie bei Laptops und Smartphones geht der Trend zu unreparierbaren Einmalgeräten. Was aber, wenn man als kleine NGO mit wenig Geld mit dem mobilen Krankenhaus im Krisengebiet ist oder eine Gesundheitsstation in Kirgisien aufbaut? Da hilft dann auch die gutgemeinte Spende von alten Medizingeräten nicht so richtig viel weiter und endet schnell als Elektroschrott. Mit dem Anspruch, dass Medizinische Versorgung überall möglich sein muss und Gesundheit keine Ware ist, bauen wir einen Vitalparametermonitor, der sowohl hard- als auch softwaremäßig open source ist und möglichst robust und reparierbar ist. Im Rahmen des Talks wollen wir Euch die wichtigsten Designkriterien, unsere Tests mit "herkömmlichen" kommerziellen Systemen und unsere Hard- und Softwarelösungen vorstellen und mit Euch disktutieren. Wenn alles läuft wie geplant, gibt es sogar schon Lötkits des Prototypen zum Selbstkostenpreis... false Dagmar Krefting Sebastian Jünemann remo2hbo-Projekt 35C3_remo2hbo.pdf https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9972.html /system/events/logos/000/009/972/large/cellular-tower.jpg?1545130749 2018-12-29T22:10:00+01:00 22:10 01:00 Clarke 35c3-9972-funkzellenabfrage_die_alltagliche_rasterfahndung_unserer_handydaten Funkzellenabfrage: Die alltägliche Rasterfahndung unserer Handydaten Wie wir alle regelmäßig den Behörden ins Netz gehen und wie man immerhin mehr Transparenz schaffen kann Ethics, Society & Politics lecture de Polizei und Geheimdienste sammeln per "Funkzellenabfrage" Tag für Tag Millionen von Standort-Daten. Netzbetreiber liefern den Behörden regelmäßig Datensätze aller Mobilfunknummern, die zu einem bestimmten Zeitpunkt in bestimmten Funkzellen waren. Entgegen den gesetzlichen Bestimmungen erfahren Betroffene nicht davon. Dieser Talk macht deutlich, was diese Form der Massenüberwachung aus bürgerrechtlicher Sicht bedeutet. Danach stellen die Speaker das Berliner Funkzellenabfragen-Transparenz-System vor, das zumindest ein wenig Licht ins Dunkel dieser Überwachungsmaßnahmen bringen kann. false Ulf Buermeyer Andre Meister Funkzellenabfragen-Transparenz-System des Landes Berlin https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9943.html /system/events/logos/000/009/943/large/grafik.jpg?1539640858 2018-12-29T23:30:00+01:00 23:30 01:00 Clarke 35c3-9943-afdwegbassen_protest_club-_kultur_und_antifaschistischer_widerstand #afdwegbassen: Protest, (Club-)Kultur und antifaschistischer Widerstand Über kreative Organisation, poltische Aktionen und das Bedürfnis nach vernetztem Aktivismus Ethics, Society & Politics lecture de Im Mai 2018 initiierte Reclaim Club Culture (RCC) in Berlin einen Protest gegen einen Aufmarsch der AfD und die AFDsierung der Gesellschaft. Zusammen mit mehr als 170 Techno Clubs, Festivals und Veranstalter*innen organisierten wir innerhalb von zwei Wochen drei Demozüge, auf denen sich mehr als 60.000 Demonstrant*innen versammelten. Dies ereignete sich in einem politischen Klima, in dem die Linke von den Erfolgen der Faschist*innen wie gelähmt schien und ein großer Teil der Gesellschaft immer weiter nach rechts abdriftete. Ausgehend von einer selbstkritischen Praxis werden wir der Frage nachgehen, wie und warum dies (scheinbar) plötzlich gelang. Dieser Impuls war Teil einer Mobilisierung, die in 2018 - zumindest was Großdemos angeht - insgesamt wieder ein wenig Hoffnung macht. Gleichzeitig stellt sich die Frage, wie wir unsere Straßenmobilisation stärker in den gesellschaftlichen Alltag tragen. Auf keinen Fall dürfen wir trotz unserer Paar Erfolge vergessen, wie es unter anderem in Ellwangen und Chemnitz aussieht und dass global und in Europa gerade wieder ein vermehrtes Aufkommen faschistischer Regierungen Realität ist. Mit den entsprechenden Folgen für die dort lebenden Menschen. Derzeit arbeiten wir an Organisationsstrukturen, wie Infrastruktur, Kommunikation, Netzwerken und Sicherheit, die weitere politische Aktivitäten unterstützen sollen. Während dieser Arbeit und der Durchführung von weiteren Aktionen blieben einige Fragestellungen innerhalb dieser Felder unbeantwortet. Einer der größten Unterstützer*innenkreise der Aktion war der wohl älteste Club Berlins: der CCC. Wir werden unsere gegenwärtigen Ansätze vorstellen, untersuchen und daran die Frage knüpfen, wie durch die Hackercommunity der digitale Raum als Unterstützung im Kampf gegen Faschismus besser aktiviert werden kann. Ziel dabei ist gemeinsam ein anderes, vielleicht gar neues Level von Aktivismus zu erreichen. false Reclaim Club Culture Rosa Rave Rosa Rave* Aufruf Tweet zu #afdwegbassen https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9517.html 2018-12-29T11:30:00+01:00 11:30 01:00 Dijkstra 35c3-9517-provable_security Provable Security How I learned to stop worrying and love the backdoor Security lecture en Modern cryptography is based on security-proofs. We will demonstrate how these work, why they are desirable and what their limitations are. Even the use of secure primitives like AES or RSA does not guarantee that the end-result is secure as well. In recent years breaks of modern primitives have in fact become exceedingly rare, yet stories like the KRACK-attack or ROBOT keep appearing. The obvious answer to these problems would be to proof that our protocols are secure. While that may sound great in theory, there are many issues as well: <ul> <li>Proving (almost) anything secure, would require to solve a millennium-problem.</li> <li>Given the above, assumptions are required; but which assumptions are reasonable?</li> <li>The word “secure” may seem intuitive, but can we formally define it? And can something be too secure?</li> <li>Idealizing primitives can solve many problems, but what about over-idealizations?</li> <li>Can backdoors be necessary to prove security?</li> <li>A proof can only show the absence of attacks in a certain model. What about attacks outside those models?</li> </ul> false FJW Lukas Final slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9670.html 2018-12-29T12:50:00+01:00 12:50 01:00 Dijkstra 35c3-9670-safe_and_secure_drivers_in_high-level_languages Safe and Secure Drivers in High-Level Languages How to write PCIe drivers in Rust, go, C#, Swift, Haskell, and OCaml Resilience lecture en Drivers are usually written in C for historical reasons, this can be bad if you want your driver to be safe and secure. We show that it is possible to write low-level drivers for PCIe devices in modern high-level languages. We are working on super-fast user space network drivers for the Intel 82599ES (ixgbe) 10 Gbit/s NICs in different high-level languages. We've got fully working implementations in Rust, C#, go, OCaml, Haskell, and Swift. All of them are written from scratch and require no kernel code. Check out <a href="https://github.com/ixy-languages/ixy-languages">our GitHub page</a> with links to all implementations, performance measurements, and publications for further reading. Supposedly modern user space drivers (e.g., DPDK or SPDK) are still being written in C in 2018 :( This comes with all the well-known drawbacks of writing things in C that might be prevented by using safer programming languages. Also, did you ever see a kernel panic because a driver did something stupid? It doesn't have to be that way, drivers should not be able to take down the whole system. There are three steps to building better drivers: 1. Write them in a safer programming language eliminating whole classes of bugs and security problems like bad memory accesses 2. Isolating them from the rest of the operating system: user space drivers that drop privileges 3. Isolating the hardware using the IOMMU We show that it is possible to achieve all of these goals for PCIe drivers on Linux by implementing user space network drivers in all of the aforementioned programming languages. Our techniques are transferable to other drivers that would benefit from more modern implementations. Our drivers in <a href="https://github.com/ixy-languages/ixy.rs">Rust</a>, <a href="https://github.com/ixy-languages/ixy.cs">C#</a>, <a href="https://github.com/ixy-languages/ixy.go">go</a>, and <a href="https://github.com/ixy-languages/ixy.swift">Swift</a> are completely finished, tuned for performance, evaluated, and benchmarked. And all of them except for Swift are about 80-90% as fast as <a href="https://github.com/emmericp/ixy">our user space C driver</a> and 6-10 times faster than the kernel C driver. We also investigate how garbage collectod languages affects the latency of a packet forwarder built on top of our drivers. We also got something for fans of functional languages: our implementations in <a href="https://github.com/ixy-languages/ixy.ml">OCaml</a> and <a href="https://github.com/ixy-languages/ixy.hs">Haskell</a> are working but not yet tuned for performance. We are also working on Python, Java, and Javascript. We take a brief look at Haskell, Swift, OCaml, and C# in the talk and a deeper dive into Rust and Go. The talk also features a quick summary from <a href="https://media.ccc.de/v/34c3-9159-demystifying_network_cards">last year's talk about user space driver basics</a>, so no previous knowledge is required. Another thing to take away from this talk is: writing drivers is neither scary nor hard. You can write one in your favorite programming language, so go ahead and try that :) false Paul Emmerich Simon Ellmann Sebastian Voit Talk about the basics of user space drivers Project page on GitHub with further links https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9671.html 2018-12-29T14:10:00+01:00 14:10 01:00 Dijkstra 35c3-9671-self-encrypting_deception Self-encrypting deception weaknesses in the encryption of solid state drives (SSDs) Security lecture en We have analyzed the hardware full-disk encryption implementation of several Self-Encrypting Drives (SEDs) from Samsung and Crucial (Micron) by reverse engineering their firmwares. The vendors combined cover a majority of the market share of SEDs sold today. In theory, the security guarantees offered by hardware encryption are similar to those of software implementations. In reality, we found that many hardware implementations have critical security weaknesses, for many models allowing for complete recovery of the data without knowledge of any secret. BitLocker, the encryption software built into Microsoft Windows will rely exclusively on hardware full-disk encryption if the drive advertises supported for it. Thus, for these drives, data protected by BitLocker is also compromised. This challenges the view that full-disk encryption implemented in hardware is preferable over software. We conclude that one should not rely solely on hardware encryption offered by SEDs. In recent years, protection of sensitive data has received increased attention. Protection of digital data has become a necessity, certainly in the light of new European Data Protection Regulation. Technically, encryption is the go to protection mechanism; it may be implemented in software or hardware (or both). It can be applied on the level of individual files, or the entire drive, which is called full-disk encryption. Full-disk encryption is often the solution of choice as it takes away concerns of sensitive data leakage through, for example, temporary files, page files and caches. Several software solutions for full-disk encryption exist, and modern operating systems typically integrate it as a feature. However, purely software-based encryption has inherent weaknesses, such as the encryption key being present in RAM at all times and performance drawbacks. In an attempt to address these weaknesses, hardware full-disk encryption is often proposed; the encryption is performed within the drive itself, thereby confining the encryption key exclusively to the drive. Typically, the encryption itself is performed by a dedicated AES co-processor, whereas the software on the drive (firmware) takes care of the key management. It is often regarded as the successor of software full-disk encryption. Full-disk encryption software, including those integrated in modern operating systems, may autonomously decide to rely solely on hardware encryption in case it is supported by the storage device (via the TCG Opal standard). In case the decision is made to rely on hardware encryption, software encryption is disabled. In fact, BitLocker, the full-disk encryption software built into Microsoft Windows, switches off software encryption and completely relies on hardware encryption by default if the drive advertises support. false Carlo Meijer Author homepage Public Statement Draft Paper Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9400.html /system/events/logos/000/009/400/large/matrix_logo.png?1537273042 2018-12-29T16:10:00+01:00 16:10 00:40 Dijkstra 35c3-9400-matrix_the_current_status_and_year_to_date Matrix, the current status and year to date Resilience lecture en Matrix is an open standard for communication over the Internet. I will talk about the matrix standard, both the technical implementation and the reasons for its creation. We will focus on the changes and progress that has been made in the previous year, particularly getting the specification out of beta, and the growth of the ecosystem. Finally, the Matrix environment continues to develop, and we’ll look at the roadmap for the future. false Ben Parsons from Matrix Matrix Slides file https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9804.html /system/events/logos/000/009/804/large/s_einkaufswagen_tr.png?1542150721 2018-12-29T17:10:00+01:00 17:10 00:40 Dijkstra 35c3-9804-die_hauser_denen_die_darin_wohnen Die Häuser denen, die darin wohnen! Langfristig bezahlbares, gemeinsames „Mieteigentum“ schaffen – auch ohne Banken Ethics, Society & Politics lecture de Wir wenden uns gegen Gentrifizierung, Luxussanierung und Spekulation mit Häusern. Das Mietshäuser Syndikat ist ein bundesweiter Verbund linker, selbstverwalteter Hausprojekte mit dem Ziel der Initiierung und dauerhaften Erhaltung von gemeinschaftlich genutztem und bezahlbarem Wohn- und Gewerberaum. Der Grundgedanke: Gemeineigentum wird geschaffen und dauerhaft dem Markt entzogen. Die Mieter*innen sind zugleich Besitzer*innen ohne private Gewinnerzielungsabsichten, sie transferieren Knowhow und oft auch Direktkredite an andere Hausprojekte. In einer Zeit, in der Mieten teilweise die Hälfte des Einkommens verschlingen, wollen wir mit unserer Idee des Mietshäuser Syndikats (MHS) dagegenhalten. Jedes Haus eines MHS-Hausprojektes wird dabei Gemeineigentum, die aktuellen Mieter*innen sind damit auch ihre eigenen Vermieter*innen. Das MHS beruht auf drei Grundpfeilern: Die Gruppen müssen sich selbst organisieren, sie müssen in einen Solidarfonds zur Initialisierung weiterer Hausprojekte einzahlen, und sie dürfen "ihr" Haus nie mehr verkaufen. Die einzelnen Hausprojekte agieren wirtschaftlich eigenständig, der Dachverband (das MHS) hält jedoch Besitzanteile an allen Hausprojekten und hat damit ein Vetorecht bei Verkaufsabsichten. Solvente Hausprojekte fungieren zudem intern oft als Direktkreditgeber mit dem Ziel, die Abhängigkeit von kommerziellen Bankkrediten erheblich zu reduzieren bzw. sie langfristig komplett obsolet zu machen. Die Mieten werden nur soweit erhöht, dass die laufenden Kosten gedeckt werden können. So entstehen bezahlbare Wohnräume und Räume für soziale und politische Initiativen – auch in Städten, in denen Mieten mittlerweile unerschwinglich geworden sind. Derzeit gibt es 133 MHS-Hausprojekte, in Frankreich, Österreich und den Niederlanden entstehen nach modifiziertem Modell eigene Syndikate und es gibt weltweit Beratungsanfragen. Die Hausprojekte sind in ihrer Vielfalt sehr unterschiedlich, von reinen Wohn- bis hin zu reinen Gewerbehäusern ist alles vorhanden. Oft gibt es Räume für Veranstaltungen oder Treffen von sozialen Gruppen und politischen Initiativen. Das MHS beschränkt sich auf die Organisation von Hausprojekten, denkbar wären auch andere Syndikatsideen wie z.B. Ackerland- und Wagenburgsyndikate oder lokale Energieerzeugersyndikate. Die anschließende Diskussion beleuchtet Synergien von MHS und CCC, teils am Beispiel des CCC Freiburg, der seit einem Jahr seine Clubräume in einem solchen MHS-Hausprojekt hat und so zum MHS-Mitglied wurde. Das MHS benötigt wachstumsbedingt Unterstützung bei der Einrichtung von Tools für Kommunikation, Organisation und Entscheidungsfindung, aber auch bei neuen Partizipationsformen an (teils länder- und sprachübergreifenden) Projekten oder Veranstaltungen, bei denen nur noch ein Teil der Teilnehmer*innen vor Ort ist und die übrigen digital mitwirken. Die Hausprojekte profitieren von freier Kommunikation in digitalen Datennetzen, wie es beispielsweise reudnetz oder freifunk anbieten. Die regionalen CCC-Verbände wiederum finden bezahlbare Clubräume in den Hausprojekten. Eine Zusammenarbeit auf politischer Ebene könnte genutzt werden, um gemeinsamen Kampagnen mehr Durchschlagskraft zu geben. Ganz konkret werden Projekte gegen Rechts immer notwendiger. false Elke Manz fuzzle/fr Schmidt Lina Hurlin Das ist unser Haus (Film cc) Mietshäuser Syndikat https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9898.html /system/events/logos/000/009/898/large/mehr_slecht_als_recht.png?1546616089 2018-12-29T18:10:00+01:00 18:10 00:40 Dijkstra 35c3-9898-mehr_schlecht_als_recht_grauzone_sicherheitsforschung Mehr schlecht als Recht: Grauzone Sicherheitsforschung Ethics, Society & Politics lecture de Reverse Engineering zum Aufspüren von Schwachstellen ist gängige Praxis. Umso überraschender kam für 2 Forschungsteams die Abmahnung durch Rechtsanwälte eines Herstellers. Sie hatten Schwachstellen aufgedeckt und damit, so der Hersteller, seine Rechte verletzt. Vorwurf? Vom Verstoß gegen das Urheberrecht bis zum Verrat von Geschäftsgeheimnissen war alles dabei. Nach hunderten Seiten an Schriftsätzen, einem zurückgehaltenen Paper sowie 7 Stunden Marathon-Prozess konnte ein Vergleich geschlossen werden, bei dem wir mit einer Verpflichtung zum Responsible Disclosure davon kamen - die Kernfragen bleiben jedoch offen: Welche Teile des Reverse Engineering sind rechtswidrig? Verstößt Reversing auch zum Zwecke der IT-Sicherheitsforschung gegen das Urheberrechtsgesetz? Was schützt in Zukunft Sicherheitsforscher vor rechtlichen Schritten des Herstellers? Wie können sich Unternehmen verhalten und welche Abwägungen müssen vor der Veröffentlichung getroffen werden? Wir berichten vom Ablauf eines solchen Prozesses inklusive Anekdoten, weisen auf die Unklarheiten in geltendem Recht hin und schaffen ein Bewusstsein für die Problematik. false domenukk Fabian Franzen Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9573.html /system/events/logos/000/009/573/large/chain0.png?1545670378 2018-12-29T19:10:00+01:00 19:10 00:40 Dijkstra 35c3-9573-a_blockchain_picture_book A Blockchain Picture Book Blockchain origins and related buzzwords, described in pictures. Science lecture en Where is the blockchain, how long is it, and what does it have to do with cryptography? And is it really something completely new? I spent a lot of time in pubs explaining to people what this blockchain hype is all about. It turns out that the best way to do that is to use images - literally. The idea behind this talk is to give you a rough understanding of the scientific background behind the Blockchain technology. We make a short excursion into the field of distributed computing where we gain a rough understanding of the origins behind this technology - in a most abstract way. We explore how different kinds of Blockchains are formed and what kind of properties we may achieve - good as well as the bad ones. Be warned: This is not meant as investment advice. The goal of the talk is to give you an actual basic understanding of the topic so you can teach your uninformed friends at the pub, too. false Alex Dirksen https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9681.html 2018-12-29T20:50:00+01:00 20:50 00:40 Dijkstra 35c3-9681-butterbrotdosen-smartphone Butterbrotdosen-Smartphone Mein DIY-Smartphone-Bau Hardware & Making lecture de Ich möchte euch zeigen, wie ich mir aus einem Raspberry PI ein Smartphone baue. Auf welche Probleme und Schwierigkeiten ich dabei gestoßen bin und welche Lösungen ich gefunden habe. Das Projekt ist noch nicht abgeschlossen, es fehlen noch ein paar Kleinigkeiten. Trotzdem will ich euch schon mal mein Smartphone in der praktischen Butterbrotdose zeigen und euch erzählen wie es entstanden ist. Ich hab gar nicht gedacht, das der Bau eines Smartphones so kompliziert sein kann. Raspberry Pi + Touchdisplay ist nicht alles, was es zu bedenken gibt, bei diesem Projekt. Im Moment lebt das Smartphoneprojekt in einer Butterbrotdose und zieht in der S-bahn oder U-bahn schon mal die Aufmerksamkeit auf sich. Wenn die Powerbank passthrough kann, ist das vorteilhaft, hab ich feststellen müssen. Die Einrichtung der X und Y Achsen auf dem Touchdisplay, damit man damit auch die OnScreenTastatur bedienen kann, war nicht so einfach. Und ich musste feststellen das Landscape nicht die richtige Größe zum flüssigen arbeiten ist. Die meisten Linux-Programme sind, nicht so direkt Touchfähig oder brauchen zu viel Speicher. Dann gab es auch große Herausforderungen! Löten lernen war so eine. Erst lernen wie man lötet, um dann das entlöten zu lernen, um sich dann an den PI zu trauen. Diese und andere Geschichten zum Bau meines Smartphones möchte ich euch erzählen. false bücherratten Das Butterbrotdosen-Smartphone https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9758.html /system/events/logos/000/009/758/large/Logo.png?1539607949 2018-12-29T21:50:00+01:00 21:50 00:40 Dijkstra 35c3-9758-hacking_the_human_microbiome Hacking the Human Microbiome Science lecture en The human microbiome is a diverse community of bacteria that lives inside us. Their contribution towards our personal well-being or sickness is controversially discussed within the scientific world and, likewise, in our society. First attempts to rationally (reverse-)engineer the human microbiome are hyped in medicine and within the DIY biohacking scene. The implications of these endeavours potentially concern several aspects of our life: eating habits, fitness state, susceptibility for infections, aging, and cancer. But what about ethical aspects of hacking the human microbiome? How can biosafety be maintained? Are there any data security issues? I will seriously discuss the state-of-the-art and future directions of the research to show whether actual hacking of the human microbiome is rather science or fiction. First, I will answer some general questions to lay the foundation: What is the human microbiome? How is it studied? Why is there a hype at the moment? Subsequently, I will explain fundamental concepts of human microbiome research: Faecal microbiome transplantations (“eating poop”), microbiome enrichment (“taking probiotics”), microbiome depletion (“swallowing antibiotics”), and rational, targeted interventions (“getting or killing a single bug”). This will be followed by an introduction into different experimental and computational methods, that are being performed to discern the complex interplay between bacteria and our human body. The data obtained from these analyses are hard to interpret. The conclusions drawn from the data hardly move beyond associations. The advancement of the field from discovered correlations to causations is demanded but rarely achieved. I will outline major challenges in measurement techniques and analysis pipelines. The debate about the proper acquisition, encryption, storage and accessibility of genetic information of the human person itself is still in its infancy. Discussions about the (meta-)genetic information of the human microbiome are lacking even more behind. The talk will be concluded by a speculative but facts-based projection of current microbiome engineering approaches into the future. false LorenzAdlung Link to my blog regarding science slams: 20181229_HackingTheHumanMicrobiome_LorenzAdlung https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9616.html 2018-12-29T22:50:00+01:00 22:50 00:40 Dijkstra 35c3-9616-circumventing_video_identification_using_augmented_reality Circumventing video identification using augmented reality Security lecture en Video identification is the process of establishing the identity of a person via video chat. The person to be identified has to show his face as well as her official ID card to the camera. This lecture gives a step-by-step tutorial on how such video streams can be augmented with computer-generated official ID cards, including all visible watermarks. To be specific, we will use a credit-card printed with markers, which will be detected using the Aruco library shipping with OpenCV. The resulting position and orientation will then be used to render a 3D representation of an official ID card with arbitrary information. The 3D representation will be rendered using OpenGL. A shader will compose its look using several layered textures. Additionally, skin detection will be used to create a skin mask in the area of the card to avoid rendering over fingers held in front of it. Finally, the input image, the known position and orientation of the card, the rendered fake card and the skin mask will be composed to a convincing output image - ready to be presented to the call center agent. false Jan Garcia Official Post-Ident Video-Legitimation explanation https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9680.html 2018-12-29T23:50:00+01:00 23:50 00:40 Dijkstra 35c3-9680-osterreich_uberwachungsstaat_oder_doch_nur_digitalisierung_fur_anfanger Österreich: Überwachungsstaat oder doch nur Digitalisierung für Anfänger? Ein Jahr unter der rechtsextremen Regierung Ethics, Society & Politics lecture de In Österreich regiert seit einem Jahr eine Koalition aus der rechtskonservativen ÖVP und der rechtsextremen FPÖ. Eine ihrer ersten Maßnahmen war eine vollkommen überzogene Verschärfung von Überwachungsbefugnissen: Bundestrojaner, Anlassdatenspeicherung, verstärkte Videoüberwachung, Straßenüberwachung. Registrierungspflicht für SIM-Karten, etc. Zugleich wurde versucht, die Datenschutzgrundverordnung (DSGVO) zu untergraben. Betroffenenrechte wurden ausgeschlossen, weite Ausnahmen geschaffen und Strafen sollen am besten gleich gar nicht angewendet werden. In diesem Talk geben wir ein Update über die netzpolitische Lage in Österreich. Die neue österreichische Regierung steht für mehr Überwachung und weniger Datenschutz. Viele der Maßnahmen treffen alle Menschen in diesem Land und nicht nur Kriminelle. Schutzsuchenden werden die Menschenrechte überhaupt aberkannt. Künftig sollen sie im Asylverfahren ihre Mobiltelefone zur Beweissicherung aushändigen müssen. Diese können dann komplett ausgelesen werden, es kommt zu einer digitalen Hausdurchsuchung. Damit wird stärker in die Rechte von Asylwerbern und Asylwerberinnen eingegriffen, als in die von Menschen, die einer schweren Straftat verdächtigt werden. Heikle personenbezogene Daten aus öffentlichen Datenbanken sollen zu allen wissenschaftlichen Zwecken – auch kommerziellen – zur Verfügung stehen, z.B. auch Daten aus der Elektronischen Gesundheitsakte (ELGA). Krankenkassen wurden zur Rasterfahndung in Gesundheitsdaten verpflichtet, um "Missbrauch von Versicherungsleistungen" zu verhindern. Auch eine Vorratsdatenspeicherung von IP-Adressen versuchte die Regierung in einen Gesetzesentwurf zu schmuggeln - als es auffiel und Protest hervorrief, nahm sie den Vorschlag jedoch sofort wieder zurück. In unserem Vortrag versuchen wir, einen Überblick darüber zu geben, was sich im letzten Jahr in Österreich netzpolitisch getan hat und was noch alles auf uns zukommen könnte. false Thomas Lohninger Angelika Adensamer epicenter.works https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10019.html 2018-12-29T11:30:00+01:00 11:30 01:00 Eliza 35c3-10019-internet_the_business_side Internet, the Business Side a try to explain the ecosystem Ethics, Society & Politics lecture en Net neutrality, a big buzzword in the last years. It is not only a buzzword? There are economic reasons why it is a stake. This talk tries to give an overview and explain how money is made in the "internet" and how it is related to net neutrality. Topics discussed: - Early Days and the Finance behind the Internet / Darpanet - "Day 0" of the Internet as we know it today - Step By Step Explanation how the internet is built from Access To Backbone To World and back again - Add some price tags to the network and a try to explain the ecosystem behind it - „Netzneutralität“ a definition? - Show the relation between Netzneutralität and the price tags - Outlook into the next 24 months false swaio https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10012.html /system/events/logos/000/010/012/large/selbsportrait1.jpg?1541855191 2018-12-29T12:50:00+01:00 12:50 01:00 Eliza 35c3-10012-transhuman_expression Transhuman Expression Interdisciplinary research in Painting and Robotics. with Prof. Oliver Deussen, PhD candidate Marvin Guelzow, and the Artist Liat Grayver. Art & Culture lecture en The meeting point of art and science as a place of inspiration, exchange of knowledge and creation is the main focal point of the talk. Together with Prof. Oliver Deussen, the PhD candidate Marvin Guelzow, and Liat Grayver we will discuss both the technical challenges and innovation aspects in the development of the e-David robot, alongside the the social and artistic practice its offers. Topics as such “paradigms of creativity” under the title “New Materialism / Anthropocentrism / Posthumanism” will be presented with the goal to position and understand machine-assisted creative interfaces within the broader field of media art and painting traditions. The painting robot developed at the University of Konstanz in southwestern Germany is a pioneer project in this field and is presently the only one with a visual feedback system. Much more than just a printer capable of reproducing a flat image, the e-David creates unique works through the application of paint strokes that are irreproducible in terms of their colour blend and the materiality of their layering. The possibility of visual feedback brings up many questions within the contemporary discourse on deep learning, artificial intelligence and robotic creativity. The Collaborating explored further possibilities to exploit the painting robot creatively, and reflected on ideas about the ways in which these could be implemented in the form of software and hardware. A number of questions of wider impact arose as the result of our collaboration: When and why would a semantic method of defining the object in the image be used? Is it an advantage or a disadvantage to paint semantic objects without having a pre-existing cognitive understanding of them? How could I use abstract forms, grammatical structures or mathematic models to achieve more complex surfaces? How would computer language be used to express the intentions of a composition? When and why would different painting styles be used? Further, on a technical level, we had to take into consideration how different materials would react with one another. For example, how could different colours be mixed on the canvas or on the palette? How should the size of the brush be set, and when is it necessary to add glaze? We would have to develop a range of distinct, individual brushstrokes (controlling the velocity and the z-axis) whose characteristics are analogous to those made by human painters in the “real world”, in order to be able to pre-define when, in which order and for which tasks each stroke is to be used. In doing so, we are basically defining and categorizing singular parameters within a library of painterly “acts” and “perceptions”, in order to create a grammatical structure for the “language” of robotic painting. Constructing e-David has provided many challenges in the realms of engineering, robotics, computer graphics and computer vision. We discuss how we arrived at our current painting set up and highlight the strengths and weaknesses found so far, as well as plans for future extensions. On the robotics side, the main issue is working with machines designed for repetitive, precise tasks and applying them for approximate and dynamic processes. Supervision of a painting process using vision or other sensors is challenging, as well as finding methods to process the data in a meaningful way. Seemingly simple tools like brushes are highly complex in their behaviour and using them precisely is difficult. In the talk, we elaborate on current problems and what future plans are to deal with these issues. false Liat_Grayver Breaststrokes at the digital age Robotic Paintings Traversing the Threshold e-David. A painting process Brushstrokes in the Digital age Traversing the Threshold Abstract-Transhuman Expression. https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9695.html 2018-12-29T14:10:00+01:00 14:10 01:00 Eliza 35c3-9695-planes_and_ships_and_saving_lives Planes and Ships and Saving Lives How soft and hardware can play a key role in saving lives at sea and why Frontex doesn´t like it Resilience lecture en The death rate at Europes seaborder reached a historical record: One out of five trying for Europe drowned this September: Main reason is the crackdown on sea rescue by European authorithies who barely pass any information on distress cases to competent rescue workers. The hope of those trying to escape torture, slavery hunger and other forms of violence therefore soleyly lies on the efforts of the civil rescue fleet. In the future, a civil society run maritime rescue coordination center could help to significantly reduce the death rate at sea. This talk will focus on the software and hardware components used on the aerial and nautical assets of the civil rescue fleet. We´ll talk about the difficulties installing sat com on a moving ship or even an aircraft, how the camera system of the Sea-Watch 3 recorded the evidence that is now challenging the Italian state at the European Court of human rights, how important data is secured if the state challenges you as in the case of the LIFELINE and about a software that will help to join forces in the near future to coordinate rescues in an efficient way. Help is still needed to tear down Europes wall. The death rate at Europes seaborder reached a historical record this year: One out of five people, who left wartorn libya on flimsy boats, bound for Europe, drowned in September 2018. The main reason for the increasing death rate ist the crackdown on sea rescue by European authorithies. Back in 2015 and 2016, when rescue NGOs took up rescue efforts on the deadliest waters of the world, the Italian Coast Guard, the NGOS and even the European Navy worked hand in hand, to save as many lives as possible. Nowadays European authorithies are trying to turn the central med into a blackbox: As they rather want to watch people drown then to see them arrive at Europes shores, and barely any information on distress cases is passed to competent rescue workers, the hope of those trying to escape torture, slavery hunger and other forms of violence soleyly lies on the efforts of the civil rescue fleet. Since no rescue coordination center clearly takes responsibility in favor of those in distress, the technical means of communication and such to increase the search capacity or to document incidents at sea, used on the aerial and nautical assets of the civil rescue fleet, do play a key role in the efforts to coordinate rescues d.i.y. In the future, a civil society run maritime rescue coordination center could help to significantly reduce the death rate at sea. This talk focuses on the software and hardware components necessary to challenge Europes deadly border policy of letting people drown. We´ll talk about the difficulties installing sat com on a moving ship or even an aircraft, how the camera system of the Sea-Watch 3 recorded the evidence that is now challenging the Italian state at the European Court of human rights, how important data is secured if the state fights back as in the case of the LIFELINE and about a software that will help to join forces in the near future to be even more efficient. We will talk about standards (NMEA0183, NMEA2000), Communication technologies (VSAT, IRIDIUM), Positioning and information/communication systems and anti collision systems (RADAR, GPS, AIS) Other interesting devices to be found aboard (Gyrocompass, etc.) and of course our setup (OpenWRT, OLSR, Ansible, Wireguard) and open source applications for nautic purpose (weather, navigation, etc: ZyGRIB, OpenCPN). false Trollofix Seawatch Mission Lifeline https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9611.html /system/events/logos/000/009/611/large/35c3-Integrity.png?1539437398 2018-12-29T16:10:00+01:00 16:10 01:00 Eliza 35c3-9611-enclosure-puf Enclosure-PUF Tamper Proofing Commodity Hardware and other Applications Security lecture en We are presenting an innovative technology, which allows verifying the authenticity, integrity and/or the physical state of an item by employing the propagation behaviour of electromagnetic waves. In particular, it enables to check for any tamper attempts for larger structures, such as off-the-shelf computers and their periphery. The technology extends existing tamper proof approaches from the chip/PCB to a system level and is easily retrofittable. In this presentation, we are demonstrating exemplary tamper proofing in order to protect secret information without an attack-detection or data-deletion circuit (!), which is a known difficult problem and an imperfect undertaking. Therefore, we demonstrate the simplicity and effectiveness using a very cheap self-made testbed (using alumium foil) to protect standard hardware against invasive attacks, such as needle probing through the case. Cyber-physical systems are ubiquitous and are often located in non-trustworthy environments, in which data is processed that is both sensitive and worth protecting. Despite employed protection, measures such as secured communication an extraction of data and/or manipulation of it are often easily feasible if physical access to the components of the system is given. Or with the words of Brian Gladman: “It is relatively easy to build an encryption system that is secure if it is working as intended and is used correctly but it is still very hard to build a system that does not compromise its security in situations in which it is either misused or one or more of its sub-components fails (or is ’encouraged’ to misbehave) ... this is now the only area where the closed world is still a long way ahead of the open world and the many failures we see in commercial cryptographic systems provide some evidence for this.” Our technology is aiming to verify the integrity of such systems in order to detect attempts of an attack and activate appropriate countermeasures. The propagation behaviour of electromagnetic waves allows for an extension of the protection from individual small components to the entire periphery of a system (or even object). This allows detecting attacks, like spudding/drilling into cash terminals. By deriving cryptographic key material based on physical disorder and unclonable complexity of an environment, it is possible to create a protection, which protects secret information without an attack-detection or data-deletion circuit. Due to its generic nature it is possible to flexibly use this protection concerning size and application. false Christian Zenger David Holin Lars Steinschulte [1] https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9603.html 2018-12-29T17:30:00+01:00 17:30 01:00 Eliza 35c3-9603-sneaking_in_network_security Sneaking In Network Security Enforcing strong network segmentation, without anyone noticing Security lecture en Highly compartmentalized network segmentation is a long-held goal of most blue teams, but it's notoriously hard to deploy once a system has already been built. We leveraged an existing service discovery framework to deploy a large-scale TLS-based segmentation model that enforces access control while automatically learning authorization rules and staying out of the way of developers. We also did it without scheduling downtime or putting a halt to development. This talk covers how we engineered this, and shares lessons learned throughout the process. The "hard-shell, soft-center" model of network security has been popular since the invention of networks--building proper internal controls is often skipped when organizations grow quickly, and by the time that scale has been achieved, security teams resort to defending the perimeter. In this talk, I'll show an example of how we took a large modern network to a significantly more secure model by building network segmentation into the existing service discovery framework in use. Service discovery is a critical part of recent network design, and popular frameworks often offer security features. However, these tend to be difficult to implement after the network has already been established, and don't offer endpoint-to-endpoint solutions. We built a series of extensions to SmartStack, an open-source service discovery framework, that allow it to protect all communications with mutual TLS and offer both authentication and authorization. This was all done in a way that's transparent to the applications on either side, allowing us to migrate to this system without changing any application code or teaching developers the details of the system. This talk will discuss the technologies used and the challenges encountered in doing this rollout, and will aim to provide useful guidance to other security engineers wishing to make a similar transition. false Maximilian Burkhardt https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9579.html 2018-12-29T18:50:00+01:00 18:50 01:00 Eliza 35c3-9579-attacking_chrome_ipc Attacking Chrome IPC Reliably finding bugs to escape the Chrome sandbox Security lecture en In this talk, I discuss how to reliably find bugs in the Chrome IPC system with the goal of escaping the sandbox. I show how to enumerate the attack surface, how to identify the weak areas, and how to fuzz those areas efficiently to consistently produce bugs. Since the win32k lockdown on the Chrome renderer process, full chain Chrome exploits on Windows have become very rare, with the most recent successful competition exploit occurring in 2015. By applying new fuzzing strategies, I was able to identify many vulnerabilities in the sandbox in the past year, one of which I used to demonstrate a full chain exploit at Hack2Win this year when combined with a teammate's RCE bug. In this talk I hope to show how I found these bugs by using extremely targeted fuzzing in a way that was easy to setup but reliably had great results, and briefly cover how we leveraged one use after free bug to fully escape the sandbox. false nedwill Exploit Demo https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9598.html /system/events/logos/000/009/598/large/credit_Ana_Caria_Leonor_Fonseca__FBAUL.jpg?1539368387 2018-12-29T20:50:00+01:00 20:50 00:40 Eliza 35c3-9598-a_webpage_in_three_acts A WebPage in Three Acts live coding performance Art & Culture performance en A Web Page in Three Acts is a live coding performance which combines principles of choreography within the formal structures of coding. An assemblage of semi-improvised visuals and composition experiments in web environments. The screen becomes an open stage for the hybrid code which links choreography and web programming as well as body and language. For the series ‘WebPage Act I, II, III’, Joana Chicau created a specific grammar or vocabulary that links choreographic concepts from post-modern dance with web-coding functions. This technique follows the concept of esoteric programming languages, also called esolang, used when writing so ware, integrating a new grammar into an existing one. Although an esolang doesn’t have a proper functionality, it is used in combination with other programming languages to explore alternative ways of composing and writing code. Chicau started using esoteric programming languages as an a empt to overcome the abstractness of algorithmic code, and simultaneously as a way to develop my own design language, which derives from choreographic concepts. The performance starts with a standard webpage, followed by the opening of the web console. The screen is now divided in two stages: the ‘frontstage’, the interface a user normally accesses and the ‘backstage’ or the web console in which programming languages can be ran. In the web console Chicau is calling, juxtaposing and manipulating different functions from a glossary of code, while simultaneously displaying the varied outcomes of graphic elements in the screen. These functions are named a er choreographic concepts, which are assigned to specific web actions. While the computer interprets the code, the audience will be interpreting and start wondering about the relation between the ‘choreographic vocabulary’ within the code and its immediate outcome. The screen becomes an open stage, providing the audience the access to the methodology and the tools used during the performance. The performative aspect of the act of coding is a way to make more transparent the process of composition and to enhance the nuances and transient character of coding. As in choreography, web-design also deals with space, time and movement qualities. It has been defining ways of moving, collectively or individually, through fluid nonetheless complex landscapes of information displays, networked spaces, and multi- media environments. The performance being presented and the notion of ‘choreographic coding’ is a technical as much as social, cultural and aesthetic experiment constantly being expanded. Program Code The flexibility of code allows for a combination of possibilities, not only for the live performance se ing, but also for the use of the code itself by other designers, just as in any choreography that can be re-interpreted, re-created and adapted. The code serves as a generative tool for new possible outcomes in the creation of graphics for interfaces and a way of playing with the choreographic logic. Therefore, this method promotes disciplinary openness, by sharing ideologies and methodologies and questioning structures of collaboration and of intellectual property. The documentation is delivered in an open-ended format, following Free/Libre Open Source (Floss) models/ philosophies. The source code for the project is available on: github.com/JoBCB false Joana Chicau Project Website Performance by Joana Chicau Performance image https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9993.html 2018-12-29T21:50:00+01:00 21:50 00:40 Eliza 35c3-9993-media_disruption_led_by_the_blind Media Disruption Led By The Blind Hacking Visual Culture Art & Culture lecture en Visual culture dominates our societies, every day encouraging and rewarding corporations and their users to create more visual content to populate their digital spaces and build their digital lives. But what if there was an unseen method of disruption to these powers? What can we learn from the blind and their increased awareness of sound and vibration to disrupt and circumvent these powers without detection? As we move towards immersive computing (XR) being the primary means of human-computer interaction, are we thinking of the blind and visually impaired? To this date, the simple answer to that question is no. However, through the visual innovations of VR HMDs, we have seen a strong momentum build for improved sonic and tactile computer interfaces. In my project Infinite Observer, I am working directly with blind innovators and content creators to set standards for UX in VR, and to empower the next generation of computing to support accessibility for the blind and visually impaired. Infinite Observer is the first narrative VR experience designed from the ground up by the blind for the blind. The experience places you in an underground ring of blind hackers called the Infinite Observers. As you discover throughout the experience, the group is filled with members of unique sensory skill sets and a deep understanding of the vibratory qualities that make sound so powerful. They monitor movements using echolocation and build resonant frequency-based weaponry. They can shift tectonic plates, teleport using molecular vibration, and hack into digital communication via sub-frequencies undetectable to the typical human ear. And you (as the user)…your purpose is to learn these skills and secretly take them to the AG to subvert the present, corrupted visual culture. The goal of the experience is to empower its users, and create a heightened appreciation for the hidden powers of the senses beyond sight. It is also meant to instill clarity around the dominance of the visual in modern culture, and inspire ways to circumvent this. As hackers, I would hope for a discussion surrounding possible techniques that might be used by the Infinite Observers, and how sound/vibration can facilitate either increased privacy/anonimity or direct disruption of dominant visual media in the real world. false Sabio Infinite Observer Project Page The Glad Scientist Presentation Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9882.html /system/events/logos/000/009/882/large/fsworld.png?1539636379 2018-12-29T22:50:00+01:00 22:50 00:40 Eliza 35c3-9882-the_foodsaving_grassroots_movement The foodsaving grassroots movement How cooperative online structures can facilitate sustainable offline activism Resilience lecture en When you're fighting for a cause, you need tools that reflect your values. While venture capital-backed tools are seductive, especially at the beginning of your movement, they can be harmful in the long-term. This session shows how co-operatively owned, non-hierarchically built Free and Open Source Software (FOSS) provides a more sustainable, and equitable, solution. Capitalist and consumerist structures have led to reduced incentives to make the most efficient use of food. Wastage is massive and the reasons are many: misshapen vegetables, damaged packaging, mislabeling, forecasting errors, unsold items, etc. These are all symptoms of the structure of our industrialised food production structures, food waste is inherent in these systems. Many organisations have sprung up to try and access this food, using many approaches. France has tried to outlaw supermarket food waste, apps like Olio and Too Good To Go try and use the startup/funding approach, charities like FareShare in the UK receive massive government funding to redistribute to other charities. Startups and big charities replicate the hierarchical structures and bureaucratic processes of capitalist organisations. Whilst they can achieve much at times, we don't believe this is the sustainable resilient model - profit motives or government objectives dictate the approach to take. In Germany <a href="https://foodsharing.de">foodsharing.de</a> was created as a grassroots volunteer movement with origins in the dumpster diving scene. It has scaled up to co-ordinate the activities of 30k food savers to collect leftovers from supermarkets. This was achieved with almost no external funding. It faced its own organisational scaling issues and expanding beyond German speaking regions has not been possible. In response to this, and working together, we created <a href="https://github.com/yunity/karrot-frontend">Karrot</a> to try and alleviate some of these issues. Unlike in foodsharing.de we develop the software independently from any specific group, this has allowed us to build common software to be used across 6 countries by independent groups. We empower local groups with access to high quality software but otherwise leave them to organise themselves. We believe that for solving a problem you cannot use the very practices that produce it in the first place: Hierarchies lead to passive individuals who wait for their leader's decisions and don't dare to get active on their own accord. For-profit organisations need to make money and will always prioritize this goal. We are not just here to save food, but want to support and encourage self-help, self-responsibility, democracy, equality, equity and solidarity. This brings us inline with the wider co-operative and solidarity economics movement. To reject the capitalist structures that cause the problem in the first place. However, it's not always easy... false Tilmann Becker Nick sellen Janina Abels foodsaving.world Karrot foodsharing.de Foodsaving Community Forum Presentation from the beginning of the project (2016) Presentation https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9371.html /system/events/logos/000/009/371/large/Repair_Caf%C3%A9_-_Logo_generisch.png?1536821082 2018-12-29T23:50:00+01:00 23:50 00:40 Eliza 35c3-9371-repair-cafes Repair-Cafés … und warum ihr dabei mitmachen solltet Resilience lecture de Die Repaircafé-Bewegung rollt über unser Land herein. Wie können wir uns daran beteiligen und Synergien nutzen? In vielen Städte sind in den letzten Jahren Reparaturtreffs zur festen Institution geworden. Was gibt es für Schnittmengen mit der Hacker- und Makerszene? Warum solltet ihr euch beteiligen, was gibt es dabei zu beachten und zu gewinnen? false Fraxinas Presentation Repair-Cafés 2018-12-29T01:30:00+01:00 01:30 02:00 Chaos West Bühne ALV3XL https://fahrplan.chaos-west.de/35c3chaoswest/talk/ALV3XL Überraschungsgast Klangteppich en Wir bringen einen Überraschungsgast mit. Kommt vorbei, es wird gut werden! Wir bringen einen Überraschungsgast mit. Kommt vorbei, es wird gut werden! true Überraschungs Gast 2018-12-29T11:30:00+01:00 11:30 00:20 Chaos West Bühne NBCWSE https://fahrplan.chaos-west.de/35c3chaoswest/talk/NBCWSE pam_panic - A Linux authentication module for people in distress Einfacher Slot mit optionalen Q+A en pam_panic is an authentication module made for people who think they might get into a distressing situation where they are forced to type in or even tell the password to bad people. The idea is to use a password or a media device at a login screen which issues a destruction of the LUKS keyslots. There will be a little crash course on what LUKS is to be more clear how and why it works. ## pam_panic ## [on github](https://github.com/pampanic/pam_panic) ### Purposes ### - Make a LUKS encrypted filesystem inaccessible when in distress ### What is the idea? ### - Have an encrypted system done by LUKS - Have two passwords or two media devices (One of the passwords/media devices is used for regular authentication, the other one is used for issuing a destruction of the LUKS key material slots and have a reboot/shutdown) - Ask for a password/media device before your regular user password ### Crash course: LUKS ### - What do we need to know to get this to work? - How does the LUKS header look like? ### Making my data inaccessible ### - Using `cryptsetup luksErase` ### Scenarios ### Scenarios where it can help: - Being forced to type/tell your password - Raids Scenarios where it doesn't help: - Letting them make a clone of your hard drive, then having your password/media device forced from you ## Demonstration of pam_panic ## 1. Setup 2. Show authentication password and media device 3. Show panic password/media device and show the result of inaccessibility ## Q+A ## ..if there's enough time. false Bandie Home Hackspace: [Chaospott](https://chaospott.de) DECT: 2263 (BAND) 2018-12-29T12:00:00+01:00 12:00 00:50 Chaos West Bühne DUAEJC https://fahrplan.chaos-west.de/35c3chaoswest/talk/DUAEJC p≡p Engine Development - Tales of a MIME Warrior Doppelter Slot 40 Minuten + 10 Minuten Q+A en p≡p is an end-to-end privacy-focused security architecture, which, in its first incarnation, aims to provide a seamless private, encrypted email solution for everyone. This talk focuses on some of the development challenges in supporting an ambitious product from the inside and lessons-learned that don't appear in software engineering classes. p≡p is an end-to-end privacy-focused security architecture, which, in its first incarnation, aims to provide a seamless private, encrypted email solution for everyone. We do this without the requirement that the user has any understanding of keys, encryption, protocols, or encryption engines while still maintaining complete transparency at the core by providing the adapters and engine as free software. The p≡p foundation develops and maintains the engine and adapters which allow external app development (including that done by the business arm of p≡p) to securely use the p≡p engine without needing to understand and implement the secure functions of the p≡p protocol. Moving the complexity of a product to the engine, however, creates a number of challenges relating to ensuring maximal cross-platform compatibility, communication (and often, adaptation) of APIs and usage, determination of where problems should be solved, etc. Doing this with a product that handles email adds the additional entertainment of repeatedly revisiting the less-deterministic-than-desired land of MIME RFCs and the reality that the product has to support all of the violations of those RFCs, even when one would prefer to avoid the egregiously broken. This talk focuses on some of the development challenges in supporting an ambitious product from the inside and lessons-learned that don't appear in software engineering classes. false Krista Bennett Krista Bennett is a software developer, researcher and linguist residing in Germany, and is currently the core engine developer at p≡p foundation. She has previously worked at the Technische Universität München, Fraunhofer AISEC, Purdue University, and Hewlett-Packard, and has a Masters in Computer Science from Purdue University and a B.S. in Computer Science from the University of Wisconsin-Milwaukee. She would definitely rather be playing video games right now. 2018-12-29T13:00:00+01:00 13:00 00:20 Chaos West Bühne ATBYBZ https://fahrplan.chaos-west.de/35c3chaoswest/talk/ATBYBZ Introduction to Network Security Einfacher Slot mit optionalen Q+A en Learn about the most common attacks against your network privacy - and how to avoid them. By looking at things from an attackers perspective, we can get some insight into technical details that provide us with essential knowledge about network protocols. You will learn about three of the most common attacks against computer network security. In each of these scenarios, a victim's communication can be monitored and modified at a total loss of privacy. By learning how these attacks are executed, you can defend yourself better. ARP Spoofing is used to claim any IP address on a local network. This can be the address of the victim's computer or that of the router. I will show you how the possibilities of attacking in both directions. DNS Hijacking is a technique to monitor or modify the victim's queries on the Internet Domain System. Even when using encrypted protocols like HTTPS, privacy is at risk. With this scenario, you can apply a number of attacks I will present. Rogue Access Points on a wireless network are harmful on another layer than previously inspected. In probably most of the installations out there, the attacker can easily add a malicious access point to intercept traffic. I will give some short intro into wi-fi and its protocol design. Hopefully, you can use this knowledge to protect your own privacy and that of others. With these examples, you will at least get some valuable insight into an area that is the playground of the most commonly known type of hackers. Only basic knowledge about network protocols is expected. false nomaster Studied computer science and philosophy, but never got an academic title. With a practical approach, got some insight into the legacy of operating systems and networks. As an active member of several hackspaces and the Freifunk community, nomaster dedicates his work on the educational perspective on technology. 2018-12-29T13:30:00+01:00 13:30 00:50 Chaos West Bühne BBPFCJ https://fahrplan.chaos-west.de/35c3chaoswest/talk/BBPFCJ wirtschaft hacken! Doppelter Slot 40 Minuten + 10 Minuten Q+A de Was passiert, wenn menschen mit einer hacker_innen-artigen grundhaltung in die wirtschaft gehen? sie halten sich nicht an alle regeln. das geht nicht nur, es geht sogar oft viel besser als "normal"... wirtschaft ist auch nur ein system mit regeln. gesetze, sachzwänge, straßen, bwl, vwl, sowas. dinge sind wie sie sind. ja? nicht alle. gerade in der wirtschaft lassen sich regeln verbiegen und viele dinge anders machen. nicht die inhabenden treffen die entscheidungen, sondern alle betroffenen. nicht nur in mehrheiten, sondern im konsens. gewinne sind nicht nötig, ja gar nicht erwünscht. werbung ebenso. es gibt anti-mengenrabatte für kleine kunden, aber keine mengenrabatte für große. die umwelt ist wichtiger als der ertrag. einheitslöhne. und soweiter wir haben in den letzten jahren einiges in der wirtschaft verbogen; in der getränkebranche, in der festival-logistik, in beratungen, und in der hausverwaltung. und wir erzählen gerne davon, um andere zu ermutigen, auch dinge anders zu machen. das geht nicht nur, es geht sogar oft besser als "normal". false Uwe Lübbermann 2018-12-29T14:30:00+01:00 14:30 00:20 Chaos West Bühne N7LQFX https://fahrplan.chaos-west.de/35c3chaoswest/talk/N7LQFX Chatbots im Kundenservice - Are we still talking about pink dildos?? Einfacher Slot mit optionalen Q+A de Vortrag über Chatbots im Kundenservice. Eine Inhaltsanalyse mit anschliessender experimenteller Befragung. Was können Chatbots heutzutage und können sie Kunden genauso zufriedenstellen wie ein menschlicher Mitarbeiter? Chatbots im Kundenservice sind heutzutage nichts mehr aussergewöhnliches. Unternehmen wie ebay, zalando oder H&M setzen für die Beratung ihrer Kunden virtuelle Agenten ein. Chatbots können Kunden 24/7 bedienen, sind billiger im Unterhalt als ein menschlicher Mitarbeiter und nie unfreundlich. Jedoch stellt sich für Unternehmen auch die Frage, ob die virtuellen Berater die Kunden genauso zufrieden stellen können wie ein menschlicher Mitarbeiter. Schliesslich kann es zu technischen Fehlern oder auch zu einem Unverständnis der Eingabe des Kunden seitens des Chatbots kommen. Ausserdem fühlen sich manche Menschen unwohl im Umgang mit einem im Real life nicht existierenden Gesprächspartner. Viele Kunden sind auch der Überzeugung, dass sie mit einer solchen Künstlichen Intelligenz nichts zu tun haben wollen oder Chatbots technisch noch lang nicht so weit sind, um einen guten Service zu leisten. In meiner Masterarbeit bin ich genau diesem Thema nachgegangen (zusammen mit meiner Kollegin, die leider nicht am CCC dabei sein kann) und will es nun auf dem CCC vorstellen. Zunächst werde ich vorstellen, wie sich der heutige State of Art der existierenden Service-Chatbots gliedert und welche Fähigkeiten diese besitzen. Zeigen sie Gefühle oder sind sie eher neutral? Sind sie gut darin, meine Wünsche zu berücksichtigen? Welche Umgangsformen herrschen? All dies wurde in einer Inhaltsanalyse erforscht. Danach möchte ich vorstellen, wie Menschen darauf reagieren, wenn sie von einem Chatbots oder einem Mensch über Chat bedient werden. Dazu wurde aus dem Material der Inhaltsanaylse ein Stimulus geschaffen, mit dem getestet wurde, wie Kunden auf einen Chatbot im Vergleich zu einem menschlichen Mitarbeiter reagieren. Es wurde eine experimentelle Befragung mit ca. 200 Teilnehmern durchgeführt, wo ihnen ein Kundengespräch mit Chatbots oder menschlichen Mitarbeitern vorgeführt wurde. Daraufhin bewerteten die Kunden das Gespräch auf die Qualität hin. Es kam heraus, dass es keinen Unterschied macht, ob man von einem Mensch oder einem Chatbot bedient wird, Hauptsache, der Chatpartner leistet eine hohe Beratungsqualität. Dies bedeutet, dass man Chatbots im Service-Bereich durchaus einsetzen kann, jedoch darauf achten muss, dass diese ihre Aufgabe gut erledigen. false Silia Nebelstreif Ich studiere Kommunikationswissenschaften und Biologie an der Universität Zürich, und bin zum 4. Mal am CCC dabei. Ich bin am meisten an der sozialwissenschaftlichen Seite des Congresses interessiert, aber finde auch alle anderen Themen sehr spannend. Ich liebe Metal, Wrestling, Tiere und ganz viel Knuddeln :) 2018-12-29T16:00:00+01:00 16:00 00:20 Chaos West Bühne 7ZSFL9 https://fahrplan.chaos-west.de/35c3chaoswest/talk/7ZSFL9 9 out of 10 x86_64 firmware vendors will hate this talk! Einfacher Slot mit optionalen Q+A en We'll give a short introduction what you might find in your machines firmware and tell the story of two hackers that magically found tens of thousands x86_64 firmware images in their backyard as well as their journey to explore common configuration fuckups, update frequencies and potential security risks. 24 vendor images that will make you wonder where we all went wrong 2 hackers looked over 5 mins on several thousand firmware images an you'll never guess what they found! These 6 x86_64 vendors belong in jail What happens when you suddenly find tenth of thousand firmware images in your backyard On a level from coreboot to [censored]. How fucked are you? You won't believe what vendors put in your firmware image. Everything you need to know if all your friends are apparently????? Having non-free firmware???? 42 Facts about vendor firmware that'll probably make you want to start your own coreboot port. Sorry, but you have to decide between these few firmware vendors. These are the biggest firmware trends of 2018, according to these two people true bibor bibor is a random hacker with and interest in firmware, hardware and their security. Mimoja Mimoja is a western german hacker with a focus on firmware, hardware and security. 2018-12-29T16:30:00+01:00 16:30 00:50 Chaos West Bühne BEENSD https://fahrplan.chaos-west.de/35c3chaoswest/talk/BEENSD Cloudcalypse: It looks like you've reached the end. How to take your data into net2o Doppelter Slot 40 Minuten + 10 Minuten Q+A en The GPDR allows to take out your data **out** of the collapsing cloud (Google+ sunset: August 2019, Facebook jumping from data breach to breach, github now part of Microsoft), but the challenge is to take it **into** something else. This talk will show how to move it into net2o, a peer to peer system. #ybti #wefixthenet # Talk structure # 1. Motivation: The Internet is broken, it needs to be fixed. + Special highlight: Data in the cloud — up at whim to whoever owns that cloud + Nonfree software as a service means your data is useless without the service + Why free software means you have to operate it yourself 2. What is net2o: + peer to peer protocol stack + last years' talk: application layer framework. + this year: Let's talk about actual applications. 3. The technical challenge + how does data takeouts look like (Examples: Google+, Twitter, Facebook, blogger.com) + What kind of data does net2o want? + Convert the data + Done 4. The non-technical challenge + Get your contacts to net2o, too. false Bernd Paysan I've done free software for more than 25 years, since I started developing Gforth, the GNU project's Forth system in 1992, and am developing net2o, a peer to peer network protocol stack since 2010. 2018-12-29T17:30:00+01:00 17:30 00:20 Chaos West Bühne RZ7NWT https://fahrplan.chaos-west.de/35c3chaoswest/talk/RZ7NWT Nothing new about XSS in impress.js Einfacher Slot mit optionalen Q+A en I built a small demonstrator for Cross-Site-Scripting (XSS) attacks in impress.js. It would be a waste to let it stay on my computer, because I think it could help you giving a brief lecture on XSS. Much more interesting, probably, is my implementation of the whole thing: the cockpit (a header and footer that provide a visual frame, while the viewpoint navigates the 3-dimensional space of your presentation) and the handling of input to modify contents of successive slides. While I don't think to tell you anything new about cross-site scripting, I hope you are interested in the two features I add to the impress.js examples. Well the XSS-part also is interesting in itself, but I am astonished every time I find this weakness in the wild, because it is not difficult to prevent. Thus, if you also learn about XSS in the progress, I am happy. Mostly the presentation will show you two new example techniques for presentations with impress.js The cockpit: just some fixed headers and footer in the layout. But better graphical artists might actually turn this into a real cockpit view. In the end it is only a wee bitty of css, but it is something that turns a 3-d animation into a flight through the slide-space. Use my [demo sources](https://gitlab.com/larsipulami/xss-demo) and make me famous! Value-transfer: Why using JavaScript to present static slides, it makes no sense to not utilise a fully-fledged, yet tedious, interpreter environment — your web-browser — if you don't make something more dynamic with your slides. For example transferring inputs between slides and execute contents to demonstrate the effects of XSS. false inj4n CDA - HASI - CCCHB 2018-12-29T18:00:00+01:00 18:00 00:20 Chaos West Bühne QR8RPD https://fahrplan.chaos-west.de/35c3chaoswest/talk/QR8RPD Das Geoportal des Guten Lebens Einfacher Slot mit optionalen Q+A de Das Forschungsprojekt "Transformationsstadt - BürgerInnen forschen für ein Gutes Leben" (http://www.transformationsstadt.de/geoportal/) hat zum Ziel, ein GeoPortal für georeferenzierte offene Daten zu Themen des Gutes Lebens zu entwickeln. Warum noch ein GeoPortal? Und warum ein GeoPortal des Guten Lebens? Das haben wir uns auch gefragt. Die Antwort darauf erfahrt ihr in unserem Vortrag! Das GeoPortal des Guten Leben bietet eine Plattform, auf der zum einen georeferenzierbare offene Daten der Städte, Bundesländer und von wissenschaftlichen Einrichtungen fließen und zum anderen BürgerInnen Wissen über ihre Umgebung festhalten können. Alle Daten, die in das GeoPortal des Guten Lebens eingetragen werden, werden nach Dimensionen einer lokalen Adaption des Better Life Index der OECD (https://w-indikatoren.de/) indexiert. Zu den insgesamt 12 Dimensionen gehören beispielsweise Gemeinschaft, Infrastruktur, Wohnen, Engagement, Umwelt oder Sicherheit. Ziel des Portals ist einen dauerhaften Wissensaustausch zwischen Bürgerschaft und zivilgesellschaftlichen Initiativen, Wissenschaft und Kommunen zu diesen Themen zu initiieren. Eine erste Version des Portals wird aktuell entwickelt und im kleineren Rahmen getestet. Perspektivisch kann das Portal weltweit genutzt werden. Das GeoPortal des Guten Lebens wird gemeinsam von der zivilgesellschaftlichen Organisation Utopiastadt (http://utopiastadt.eu), dem Wuppertal Institut (https://wupperinst.org) und dem Zentrum für Transformationsforschung und Nachhaltigkeit (https://www.transzent.uni-wuppertal.de) entwickelt und verfolgt dabei die Grundgedanken von Open Data, Open Source und Open Access. Das Projekt wird gefördert vom Bundesministerium für Bildung und Forschung im Bereich Bürgerforschung. false Benedikt twitter.com/kleinbenny Jana Jana is an UX, Communication and Public Interest Designer from Wuppertal. She works for the project "GeoPortal des Guten Lebens" at the Center for Transformation Research and Sustainability (TransZent) at the University of Wuppertal. @JanaGreen | janapahlkoetter.de Ralf 2018-12-29T18:30:00+01:00 18:30 01:30 Chaos West Bühne JGUAGC https://fahrplan.chaos-west.de/35c3chaoswest/talk/JGUAGC Haecksen Happy Hour Klangteppich en Party with the haecksen! Dance and celebrate with an uplifiting drum and base mix by dj shroombab (https://m.soundcloud.com/shroombab). Party party! true Haecksen Die "Haecksen" sind der Zusammenschluss eines Teils der weiblichen* Mitglieder des Chaos Computer Clubs. Gegründet wurde die Gruppierung 1988 von Rena Tangens und Barbara Thoens. Die Haecksen treffen sich jährlich auf dem Chaos Communication Congress des CCC und veranstalten eigene Projekte. Da sie sich als virtueller Erfa-Kreis des CCC verstehen, ist ihr wichtigstes Kommunikationsmittel eine Mailingliste. Das Ziel der Haecksen ist es, zu zeigen, dass Mädchen* und Frauen* ganz selbstverständlich kreativ mit Technik umgehen können und dass das Bild in den Köpfen der Menschen - dass Hacker männlich sind - nicht stimmt. Hierbei verstehen wir unter Haecksen eine Gruppe aus Hackerinnen, die sich als Frauen* identifizieren. Dies umfasst cis und trans Frauen sowie nicht-binäre Menschen, die sich mit dem Label "Frau" wohlfühlen. Der Stern repräsentiert nicht nur diese Personengruppen, sondern auch die Tatsache, dass Geschlecht ein soziales Konstrukt (und damit überaus hackbar) ist. https://www.haecksen.org/mediawiki/index.php/Main_Page 2018-12-29T21:00:00+01:00 21:00 00:20 Chaos West Bühne U3R3RZ https://fahrplan.chaos-west.de/35c3chaoswest/talk/U3R3RZ Freitagsfoo gestern, heute, morgen Einfacher Slot mit optionalen Q+A de Wie organisiert man einen "offenen Abend" mit Vorträgen? Muss man da überhaupt etwas organisieren oder schaffen das die Vortragenden selbst? Wir erzählen vom [Freitagsfoo](https://wiki.chaosdorf.de/Freitagsfoo) im Chaosdorf und unseren Erfahrungen. Der Freitagsfoo ist ein wöchentliches Event im Chaosdorf, bei dem u.a. gegessen und vorgetragen wird. Wir berichten über Vergangenheit und Gegenwart und haben Ideen für die Zukunft. Früher wurde das mit den Vorträgen aber leider etwas schleifen gelassen. Dies hatte viele Gründe. Der Hauptgrund dürfte sein, dass die Moderationsrolle meistens erst spontan zugewiesen wurde - oder auch gar nicht. Mit unserem neuen Moderationsteam (die Vortragenden hier) und neuer Technik (z.B. unserer [Info-Beamer App](https://github.com/chaosdorf/freitagsfoo-infobeamer) und unserer [Web App](https://github.com/chaosdorf/freitagsfoo-web)) wird das alles besser! Außerdem berichten wir von einem anderen Anlauf, der in diese Richtung schon 2015 unternommen wurde, aber leider nur sehr kurzfristig (eine Woche) funktioniert hat. false ytvwld Ich bin Teil des Freitagsfoo-Moderations-Teams im Chaosdorf und Hauptentwickler unserer Info-Beamer-App und der Webapp. hanemile {Python, Go} {TFG, HHU, @chaosdorf} {ENERGIE!} nomaster Studied computer science and philosophy, but never got an academic title. With a practical approach, got some insight into the legacy of operating systems and networks. As an active member of several hackspaces and the Freifunk community, nomaster dedicates his work on the educational perspective on technology. 2018-12-29T21:30:00+01:00 21:30 00:50 Chaos West Bühne ZZ79BR https://fahrplan.chaos-west.de/35c3chaoswest/talk/ZZ79BR Bei gleicher Qualifikation werden Männer bevorzugt - Algorithmic Bias & der österreichische Arbeitsmarkt Doppelter Slot 40 Minuten + 10 Minuten Q+A de As algorithms are involved or even solely responsible for more and more decisions in our daily lives, there is more and more discussion about algorithms being unfair, biased, even straight-on discriminatory. The Austrian Public Employment Service (AMS) announced in October that they would start using an algorithmic system (in short, every-day language "algorithm") to decide who will receive more (or less) benefits and support from their system. First analyses in the days after the announcement already predicted that the system would be discriminating against people who are already marginalise In this talk I want to give people a better understanding of why and how algorithmic systems are biased and how people are trying to solve problems these biases cause. Specifically, we will see how data collection and interpretation, model creation, problem definition, definition of success and even the design of outputs can impact algorithmic systems – or improve justice and equality, if proper thought and care is put into designing them. As a computer science student, students' rights activist and privacy activist, I have worked on the topic of algorithmic bias at various institutions and with different groups of people. A one-page article I co-authored on the topic of algorithmic bias aimed at students in Austria can be found at <a href="https://www.progress-online.at/artikel/wenn-der-algortihmus-zum-unterdr%C3%BCcker-wird">Progress magazines' website</a>. A write-up for the masters' course "Critical Algorithm Studies" at TU Wien can be found on <a href="https://pascoda.fairydust.space/index.php/2018/09/write-up-bias-in-algorithmic-systems/">my blog</a>. It discusses which current issues in algorithmic systems are, in my opinion, the most urgent ones. false pascoda I am a CS student and an activist for students' rights, privacy, and social justice. 2018-12-29T22:30:00+01:00 22:30 00:50 Chaos West Bühne QHNDRQ https://fahrplan.chaos-west.de/35c3chaoswest/talk/QHNDRQ Hackspaces: How to conflict eine offene Frage Doppelter Slot 40 Minuten + 10 Minuten Q+A de Wir beobachten in immer mehr Spaces Konflikte innerhalb der Community die teilweise bis zur Spaltung führen. Wir wollen versuchen die Probleme anhand unseres eigenen Spaces zu analysieren. Außerdem wollen wir potentielle Lösungsmöglichkeiten, die wir gerade versuchen einzuführen, vorstellen. Schließlich wollen wir Versuchen einen Diskussion darüber innerhalb der gesamten Hacking und Chaos Community anzustoßen anstatt das jeder Space versucht die Probleme alleine und erneut zu lösen Aktuellen sehen wir immer mehr Gemeinschaften in der Hacking Community in denen es kriselt und sich Konflikte innerhalb der Gemeinschaft auftun. Oft gibt es auf den ersten Blick keinen konkreten Anlass oder Grund dafür. Wir haben das sowohl aus erster Hand in unserem lokalem Space als auch aus der ferne bei mehreren anderen beobachtet. Wir glauben das die Gründe dafür unter anderem in fehlenden Gemeinschaftlichen Identität und Gemeinschaftlichen Werten sowie der Kommunikation liegt. In diesem Talk wollen wir die Probleme die wir glauben Identifiziert zu haben am Beispiel unseres Spaces vorstellen. Außerdem werden wir vorstellen was wir glauben wie man diese Probleme angehen und beheben kann. Da die Ereignisse bei uns sehr aktuell sind ist es aber noch nicht möglich ein Fazit zu sehen ob alle diese Techniken wirklich funktionieren. Wir sehen diesen Talk viel mehr auch als ein Startpunkt das wir als deutsche Hacking bzw Chaosnahe Gemeinschaft darüber eine Diskussion führen sollten wie wir mit solchen Fällen umgehen und was wir hoffentlich proaktiv tun können damit es gar nicht so weit kommt. false Sandzwerg Seit Ende 2012 im münsteraner Hackspace, der warpzone aktiv. Seit 2013 im Vorstand, seit 2014 tue ich auch Dinge bei Chaos-West Reverend From hackerspace Münster: warpzone 2018-12-29T23:30:00+01:00 23:30 00:20 Chaos West Bühne S98TLU https://fahrplan.chaos-west.de/35c3chaoswest/talk/S98TLU IMFUC Einfacher Slot mit optionalen Q+A de Bei diesem Spiel, geht es um Filme und Code. Um nerdige Referenzen und tötlichen Wortwitz. Zwei Teams müssen anhand von Codeschnipseln Filmtitel erraten. Die Teams haben abwechselnd 30 Sekunden Zeit um den richtigen Titel zu finden. Mehr wird noch nicht verraten. In einem Moment endloser Langeweile schrieb einst Großmeister der Hackerfilme einen Code. Dabei viel ihm auf, dass dieser Code einen echten Handlungsstrang aufwies. Er rätselte über ein halbes Jahrhundert, bis ihm auffiel, dass es sich um den Pseudocode von "V wie Vendetta" handelte. Darauf hin beschloss er allen Code der Welt zu analysieren und auf versteckte Filme zu prüfen. Das Ergebnis von 3,1415 Jahrtausenden Arbeit ist IMFUC. Ein Spiel. Eine Challenge. Ein schmerzhafter Wordwitz. Auch das Publikum wird mitraten dürfen. Dabei wird die Anzahl der korrekten Antworten auf der Bühne angezeigt. Und das ganz sicher nicht, um die Teams ein wenig zu trollen. false harmoniemand Nerd und Softwareentwickler aus Heilbronn. Arbeite dort mit Jugendlichen und Technik. 2018-12-29T14:00:00+01:00 14:00 01:00 ChaosZone 8ZNLPJ https://cfp.chaoszone.cz/35c3/talk/8ZNLPJ Haskell Game Development Session 60min en A short view on my yet early stages of game development in Haskell and the tools I have crafted so far. In this talk I will give some insights into the programming language Haskell as well as common problems you encounter, when starting game development in this language. Furthermore You will see my attempts at game programming in this language, being both 2D and 3D applications, and my best attempts in completing a game, of which one is still work in progress. I will also be presenting "Affection", my own, still minimalist, game engine to the public and seek like-minded people to help advance it further. false Nek0 2018-12-29T15:15:00+01:00 15:15 01:00 ChaosZone GAP7W8 https://cfp.chaoszone.cz/35c3/talk/GAP7W8 ChaosZone goes Chaos Communication Camp - Hackspaces of the East, let's organize some Outdoor Chaos Session 60min de We need you to make ChaosZone at Chaos Communication Camp 2019 awesome. In this session we would like to start weaving the net between our hackspaces to make it happen. false bigalex nilo honky 2018-12-29T16:45:00+01:00 16:45 01:00 ChaosZone UDCQHX https://cfp.chaoszone.cz/35c3/talk/UDCQHX Hebocon - Regionalliga Session 60min de Weight-In und Vorausscheid für das später staffindende Hebocon-Finale false honky 2018-12-29T18:00:00+01:00 18:00 01:00 ChaosZone KHLB8Z https://cfp.chaoszone.cz/35c3/talk/KHLB8Z Aus der Praxis eines studentischen Hackspaces: Selfhosting, Freie Software, Chaos Session 60min de Der Maschinenraum ist ein Hackspace, der seit fast 20 Jahren Teil des studentischen Lebens in Weimar ist. Bei uns läuft einiges anderes - wir erzählen vom Kampf um freie Software, Akzeptanz dezentraler Dienste, und dem allgemeinen Chaos. Wir betreiben als Initative des Studierendenkonvents u.a. eigene Nextcloud-, Gitlab-, Etherpad-, Wordpress- & Mastodon-Instanzen. Und wir kämpfen für freie Software in der Lehre – manchmal auch einfach nur, weil wir keinen Bock mehr haben 10 mal am Tag gefragt zu werden ob wir Photoshop cracken können. Und auch die Bürokratie kann nicht viel mit einem Hackspace anfangen, aktuell sollen wir z.B. der Innenrevision nachweisen, dass wir nicht im kriminelle Machenschaften verstrickt sind – und zwar indem wir Selbstzensur und Totalüberwachung betreiben. Wir haben also genug zu erzählen, aber erwartet bitte keinen allzu ernsten und technischen Vortrag. :) false aurora mt 2018-12-29T19:30:00+01:00 19:30 01:00 ChaosZone GYDDDD https://cfp.chaoszone.cz/35c3/talk/GYDDDD DevOps Disasters Session 60min de Abgründe und Gruseligkeiten aus der Operations-Welt Software will nicht nur gebaut, sondern auch betrieben werden. Spätestens, wenn es sich beim Production Environment nicht länger um Wohnzimmerprovider, Standard-Webspace und FTP handelt, wird schnell deutlich, was ein Stück Code wirklich taugt, ob er skaliert, oder ob das, was in der Entwicklungsumgebung noch ganz nett aussah im Betrieb für ernsthafte Schmerzen sorgt. Doch nicht nur die Software selbst hat Grusel-Potential... false Stefan Hacktivism, DevOpse, Guerilla-IT, freies Radio & Co. 2018-12-29T21:00:00+01:00 21:00 01:00 ChaosZone SPC9JS https://cfp.chaoszone.cz/35c3/talk/SPC9JS Lightningtalks Overflow Session 60min en You didn't manage to get an official Lightningtalk slot? Here is another chance to deliver your talk. Overflow talks will be managed by the "official" Lightning talk pretalx system. Please do NOT submit lightningtalks directly to ChaosZone. Detailed program: https://c3lt.de/35c3overflow/schedule/ CfP https://c3lt.de/35c3overflow/cfp false - 2018-12-29T22:30:00+01:00 22:30 01:00 ChaosZone EWKNEU https://cfp.chaoszone.cz/35c3/talk/EWKNEU Fucked Up For A Cause Session 60min en When working coding for the Atari 2600 VCS, one can assume that the guys building the hardware did some very crude fuck ups. Let my show you why this is a wrong assumption. false SvOlli Award winning demo coder. Favourite system: Atari 2600 VCS as released in 1977 (US) and 1979 (Europe). 2018-12-29T11:00:00+01:00 11:00 00:30 OIO Vortrags-Arena QMHCUH https://pretalx.35c3oio.freifunk.space/35c3oio/talk/QMHCUH/ OIO habour clean up - Day 2 OIO Housekeeping en daily OIO habour clean up - Day 2 daily OIO habour clean up - Day 2 true HUQ9YA 35c3oio@freifunk.space 2018-12-29T11:30:00+01:00 11:30 00:20 OIO Vortrags-Arena CNPSQR https://pretalx.35c3oio.freifunk.space/35c3oio/talk/CNPSQR/ OIO Daily Standup day 3 Talk 20min total (etwa 5min Q&A) en Let's start into day 3 false HFER8G Andreas Dorfer https://forum.freifunk.net/u/adorfer/ 2018-12-29T12:30:00+01:00 12:30 00:20 OIO Vortrags-Arena AVFU8A https://pretalx.35c3oio.freifunk.space/35c3oio/talk/AVFU8A/ Freifunk - The Next Generation Talk 20min total (etwa 5min Q&A) en FF-TNG aims at regrowing a local FF based network community by -on the one hand- going back to the 90's "Bürgernetze" Idea of free communication with others, (focus on VOIP, SMS, Chat, mail) but also by enabling the individual community member to offer services to others and the world (e.g. via DNS zone delegation to individual nodes). For true autonomy we envisage to not only use WIFI and VPN links but also include LORA-based communication to connect local nodes for low bitrate communication (chat, sms). A small group of FF-Munich people is currently developing a concept called FF-TNG "Freifunk - The Next Generation". It came about after FFMUC had grown rapidly but a vast majority of FFMUC nodes is only using FF as a cheap pseudo-VPN gateway to the internet and after the rapid growth has put BATMAN to its limits making FF an only 'so-so' experience. The concept aims at regrowing a local network community by -on the one hand- going back to the 90's "Bürgernetze" Idea of free communication with others, (e.g. VOIP, SMS, Chat) and -on the other hand- also by enabling the individual community member to offer services to others and the world (i.e. including DNS zone delegation to individual nodes and ipv6). For parts of the mesh we are looking at Babel. To get to a truly wide ranging individual network our concept includes LORA based communication for low-bitrate communication (Chat, SMS) to reach locations not reachable by simple 2.4 or 5GHz WIFI nodes. The talk will be a ride through our first concept of how we think communication power can be put back to people so they can control their communication network. We hope for comments and input from the community - also of the kind "das kannste schon so machen, aber dann isses halt kacke" false JXBP8Z Peter Buschkamp After studying Physics in Bielefeld, I somehow thought getting a PhD in Astrophysics is fun. It was. In part. Now I build optical instruments that get to fly on satellites by day and sometimes stare at the sky by night. In between, I like to discuss and mull over implications of natural and computer sciences for society, hike the alps and help to build the Munich Freifunk wireless backbone. 2018-12-29T13:30:00+01:00 13:30 00:20 OIO Vortrags-Arena EGJW3F https://pretalx.35c3oio.freifunk.space/35c3oio/talk/EGJW3F/ Independent Solar Energy Mesh System Talk 20min total (etwa 5min Q&A) de Das Independent Solar Energy Mesh System (ISEMS) knüpft an den Freifunk-OpenMPP-Tracker an. Das System (Lua-Tool, Integration in Luci, Mikrocontroller-Firmware für den OpenMPPT, Web-App) soll es für Nicht-Experten einfacher machen, ihrer eigene drahtlosen Freifunk-Kommunikationsinfrastruktur unabhängig vom Stromnetz zu betreiben. ISEMS überwacht u.a. den Batteriestand, die Batterietemperatur und die Energiedaten des Moduls und bietet Strategien zum Energiesparen. Mit der ISEMS-Software können Benutzer eine Übersicht einsehen, wie ihre Solarknoten arbeiten. Die Web-App zeigt eine Übersicht aller Knoten sowie eine Checkliste für die einzelnen Knoten. Wenn etwas aus dem Ruder läuft, liefert sie Warnungen und Hinweise zur Fehlerbehebung. Dauer: 20 Minuten für unsere Präsentation mit 10 Minuten für Q + A Zusätzliche Infos / Links / Referenzen: http://isems.de https://www.youtube.com/watch?v=BxFpY2tsPtU https://wiki.freifunk.net/Freifunk-MPP-Tracker false HZ9WHF Elektra Free wireless networks since 2001 Freifunk since 2003 2018-12-29T14:00:00+01:00 14:00 00:50 OIO Vortrags-Arena Q7XT7M https://pretalx.35c3oio.freifunk.space/35c3oio/talk/Q7XT7M/ Störerhaftung: Aktuelles aus der juristschen Welt Talk 50min total (etwa 15min Q&A) de Bea gibt einen Überblick über den aktuellen Stand zur Störerhaftung, wie es den Abmahnungen geht und was uns der Gesetzgeber neues bietet. false UEK7FN Bea Hubrig . 2018-12-29T16:00:00+01:00 16:00 00:50 OIO Vortrags-Arena WCXEXU https://pretalx.35c3oio.freifunk.space/35c3oio/talk/WCXEXU/ Seenotrettung und humanitäre Hilfe - was war, was ist, was wird? Kriminalisierung und der Ausblick auf 2019 Talk 50min total (etwa 15min Q&A) de Die andauernde Kriminalisierung humanitärer Hilfe hat auch in diesem Jahr unsere Arbeit massiv erschwert, Menschenleben gekostet und die europäische Abschottungspolitik vorangetrieben. In diesem Talk geben wir einen Überblick darüber, welche Auswirkungen die Kriminalisierung humanitärer Hilfe haben kann und was im kommenden Jahr zu erwarten ist. false NFL8CT just humans Wir sind eine Gruppe politischer und humanitärer Aktivist*innen aus verschiedenen Organisationen. 2018-12-29T17:00:00+01:00 17:00 00:50 OIO Vortrags-Arena UFZYAS https://pretalx.35c3oio.freifunk.space/35c3oio/talk/UFZYAS/ F-Droid:Pimp your Android(-fork) with the best Free Software apps Talk 50min total (etwa 15min Q&A) en After a short introduction about software freedom on Android and Custom ROMs, I will demonstrate the Free-Software-App-Repository "F-Droid" with its anarchic and anti-censorship features. But as F-Droid offers you access to hundreds of Free-Software-apps and the sheer amount can be overwhelming in the beginning, in a next step I will also come up with the 10 or so most important apps (IMHO!). F-Droid is a Free-Software-App-only repository for Android systems and every Android-based fork and a powerful client that is designed to be resilient against surveillance and censorship. For its competitive character, F-Droid is not available via other "app stores" (like Google Play). You have to download it via your browser once but then it is easy to install and easy to use - and without the need for any account! Once installed, F-Droid offers you access to hundreds of Free-Software-apps in compiled form and their sources. It also allows you to share (your) apps in mulitple ways, including offline methods and via onion repositories. You can add your own Free-Software-project to the official F-Droid catalogue or even set-up your own repositories and offer access via F-Droid. Unfortunately, F-Droid misses any kind of rating system, so the sheer amount of available Free-Software-apps can be overwhelming in the beginning. So, after a short introduction about software freedom on Android and Custom ROMs, I will demonstrate F-Droid with its anarchic and anti-censorship features. Next, I will come up with the 10 or so most important apps (IMHO!). **Update:** [Slides by Erik Albers, CC-BY-SA](https://web.3rik.cc/Nextcloud13/index.php/s/zRqYoA3TQb97mrP) false AB9QAQ Erik Albers Erik Albers is communication and programme manager for the Free Software Foundation Europe and engages since many years for users' and software freedom. Erik regularly publishes articles about diverse aspects of Free Software on different channels and occasionally writes on Netzpolitik.org. In his spare time, Erik researches about digital sustainability with a special focus on sustainability of an by software as well as therein implied dependencies or solutions. 2018-12-29T18:00:00+01:00 18:00 00:20 OIO Vortrags-Arena FS7D9L https://pretalx.35c3oio.freifunk.space/35c3oio/talk/FS7D9L/ Vom eingestaubten Teleskop zum High Tech Lieblingsteleskop Talk 20min total (etwa 5min Q&A) de 3D-gedruckte Open Source GOTO Steuerung für 0815 Billig Teleskope, oder wer es lieber wissenschaftlich mag die bt³s Open Source und Open Hardware Steuerung zum nachbauen Open Hardware GOTO Steuerung für Low Budget Teleskope selber bauen. Erfahrungsbericht und Live Demonstration. Vorstellen der 3D gedruckten Open Hardware GOTO Steuerung für Teleskope (Entwickelt von Roman Hujer). Technische Details zur Hardware sowie Quellen Empfehlungen zum Nachbau. Konfiguration vorstellen für die GOTO Steuerung (Firmware) und Schnittstellen Konfiguration in Stellarium. Stellarium Konfiguration detailliert für GOTO Steuerung, GPS Daten via GPS/Glonas USB Stick einpflegen und Sternen und Satelliten Datenbank Repositories aktivieren und erweitern. false K93XDG h3rb3rn https://hackover.de/fahrplan/speakers/3958.html 2018-12-29T18:30:00+01:00 18:30 00:20 OIO Vortrags-Arena WA38FQ https://pretalx.35c3oio.freifunk.space/35c3oio/talk/WA38FQ/ Freifunkinstallationen in Flüchtlingsheimen - Erfahrungsbericht, Empfehlungen Talk 20min total (etwa 5min Q&A) de Am Beispiel einiger Freifunkinstallationen in Flüchtlingsunterkünften in München wird anhand von Best Practices beschrieben, wie am besten vorzugehen ist. Budget, Ansprache der Verantwortlichen, technische Hürden, Umsetzung, Planung, Rückbau. false X3XLVM pkoerner81929 Freifunker aus Leidenschaft. 2018-12-29T19:00:00+01:00 19:00 00:55 OIO Vortrags-Arena QHXBFG https://pretalx.35c3oio.freifunk.space/35c3oio/talk/QHXBFG/ State of the InterNAT - Freifunk Rheinland Backbone Update Talk 50min total (etwa 15min Q&A) de Was war, was ist, was wird - ein Überblick über die Events der letzten Zeit und unsere Pläne für mehr Selbstverwaltung false LLZPXX Maximilian Wilhelm * Barbarossa * Kevin * Lars * Takt * Thomas 2018-12-29T21:00:00+01:00 21:00 00:20 OIO Vortrags-Arena 3ME8XJ https://pretalx.35c3oio.freifunk.space/35c3oio/talk/3ME8XJ/ 10 Tops & Flops für den erfolgreichen Aufbau einer Community wie Freifunk München Talk 20min total (etwa 5min Q&A) de Freifunk München wird getrieben vom Freie Netze München e.V.. Jeder Verein hat Höhen und Tiefen. Um ein stabiles Team zu halten sind einige Basics notwendig. 1. Wir reden über die Größten Erfolge. 2. Über die Durststrecken ... ohne Admins. 3. Politik die mal will oder nicht in München und Bayern. 4. NixOS ist genial aber kaum einer kann es. 5. Segmentierung = Fluch oder Segen? 6. Warum traut sich keiner an Babel? 7. Virtualisierung Proxmox oder OpenNebula? Fragen.... false 9SNQSH Daniel Fussy Freifunk München 2018-12-29T21:30:00+01:00 21:30 00:20 OIO Vortrags-Arena ZFQCBB https://pretalx.35c3oio.freifunk.space/35c3oio/talk/ZFQCBB/ Mathematische Modellierung informatischer Probleme Talk 20min total (etwa 5min Q&A) de Der Vortrag soll sich hauptsächlich darauf beziehen, wie Mathematik bei der Lösung von informationstechischen Problemen helfen kann, wobei Möglichkeiten und Probleme aufgezeigt werden sollen. true 8YLAG3 Lukas Schneider * Schüler am ASGspez in Erfurt * BwInf-Teilnehmer * Großes Interesse an Politik * Und an Informatik :-D 2018-12-29T22:00:00+01:00 22:00 01:30 OIO Vortrags-Arena QAS33L https://pretalx.35c3oio.freifunk.space/35c3oio/talk/QAS33L/ Schwarze Löcher für blutige Anfänger Talk 80min total (etwa 30min Q&A) de Albert Einstein hat sie vorhergesagt, bis in die 90er hinein war ihre Existenz heftig umstritten - die vielleicht verrücktesten Dinger im Universum: Schwarze Löcher. Eigentlich dürften Schwarze Löcher nicht existieren. Wie kann etwas "unendliche Dichte" haben, "unendlich klein" sein. Und wenn nichts, aber auch gar nichts ein schwarzes Loch verlassen kann, wie kann dann die Gravitation das schwarze Loch verlassen? Und was passiert mit der Zeit in der Nähe schwarzer Löcher, bleibt die da wirklich stehen? Und woher wissen wir, dass sie wirklich existieren? In Schwarzen Löchern krachen zwei unvereinbare Theorien aufeinander, die Quantenphysik und die Relativitätstheorie. Wir beschäftigen uns mit jeder Menge Fragen an den Grenzen der Physik... und manchmal ein wenig darüber hinaus. Vorkenntnisse sind nicht erforderlich. false 9ZUND7 Steini 2018-12-30T00:00:00+01:00 00:00 01:00 OIO Vortrags-Arena UVGYXJ https://pretalx.35c3oio.freifunk.space/35c3oio/talk/UVGYXJ/ Iuventa counter-investigation Movie with Q&A en Documentation and Q&A with crew members of Iuventa and other SAR ships false UPW7QV Solidarity at Sea 2018-12-29T14:00:00+01:00 14:00 02:00 OIO Workshop-Domo AQ9TUQ https://pretalx.35c3oio.freifunk.space/35c3oio/talk/AQ9TUQ/ SatNOGS meeting (TCA) Workshop 110min en ... false 7VMKDP bastla Sebastian Lange (DL7BST), c3space, SatNOGS, AfuTUB/DK0TU 2018-12-29T16:00:00+01:00 16:00 00:45 OIO Workshop-Domo T8NVCS https://pretalx.35c3oio.freifunk.space/35c3oio/talk/T8NVCS/ Careables Open Source Hardware in Health+Care [Meetup] Workshop 45min en Meetup Calling all hackers, designers, makers, carers, and healthcare professionals! We want to discuss: What are challenges you face every day using standard tools for health and wellbeing? Do you have an idea that makes everyday life easier? How could you use your existing hackerspace to foster exchange and collaboration in health and care? Through Careables, maker and designer collaborate with patients and healthcare professionals to create personalized solutions and open source knowledge that will improve the lives of many patients and professionals. Accessible, comprehensive and easy to use open source hardware are being documented, collected and shared through the platform Careables.org. This platform is currently being launched and will function as repository for well documented open hardware projects. It offers many different communities a place to connect and exchange knowledge, needs and co-create solutions. It's easy to think of open hardware that make a difference in people's lives. An example of this is OPEN LIGHTS. This project offers people with wheelchairs an adjustable wheelchair specific light that makes them better visible at night and that can be built with most common DIY technologies. false P3GLDY Sandra GIG tl;dr: GIG is the global network of social and technological innovators. #wearegig Global Innovation Gathering (GIG) is a vibrant, diverse community of innovation hubs, makerspaces, hackerspaces and other grassroot innovation community spaces and initiatives as well as individual innovators, makers, technologists and changemakers. GIG is pursuing a new vision for global cooperation based on equality, openness and sharing. We aim to enable more diversity in the production of technology, and global innovation processes and support open and sustainable solutions developed by grassroot innovators. With strong roots in the global south, we share, collaborate and work together globally. GIG provides a platform for meaningful exchange by fostering knowledge exchange and collaboration between its members. 2018-12-29T17:00:00+01:00 17:00 00:45 OIO Workshop-Domo PXYMLE https://pretalx.35c3oio.freifunk.space/35c3oio/talk/PXYMLE/ Bits & Bäume @ Congress : weiter zusammen(-)wachsen Workshop 45min de Bei der Konferenz Bits & Bäume haben im November Aktivist*innen unter anderem aus der Hacker- und Ökoszene über ihre Ziele, Utopien und Strategien diskutiert. Entstanden sind nicht nur neue Verbindungen sondern auch elf Forderungen an die Politik. Wir wollen die Idee und Ergebnisse der Konferenz vorstellen und mit euch gemeinsam weiterspinnen. https://bits-und-baeume.org https://bits-und-baeume.org/forderungen https://media.ccc.de/v/bub2018-246-eine_andere_digitalisierung_ist_moglich (ab 31:00) false RADWLR Nico 2018-12-29T18:00:00+01:00 18:00 00:45 OIO Workshop-Domo KSDGVM https://pretalx.35c3oio.freifunk.space/35c3oio/talk/KSDGVM/ Freifunk-Workshop: Community-Vernetzung Workshop 45min de Das "Freifunk-Vernetzungsmumble" ist ziemlich tot. Warum? Möglichkeiten der Zusammenarbeit auf Community-Ebene? Es soll hier nicht die x-te Auflage von "warum das ICVPN in Zeiten von Public IPv6 niemand mehr will" und "warum es keine internen Dienste gibt" sein. Wir sehen deutlich mehr größere "Festivals", das WCW wird größer obwohl das Leben in vielen lokalen Communities eher weniger wird. Welche Inhaltliche Zusammenarbeit können wir ganz konkret selbst anbieten und wie könnte man es organsiieren, ohne eine Tooldebatte um "Mailingsliste vs. Slack vs Wiki (welches eigentlich?)" zu eröffnen. false HFER8G Andreas Dorfer https://forum.freifunk.net/u/adorfer/ 2018-12-29T19:00:00+01:00 19:00 01:20 OIO Workshop-Domo N7NADC https://pretalx.35c3oio.freifunk.space/35c3oio/talk/N7NADC/ Next Generation FOSS Lightning Control - Brainstorming & Kick-Off Workshop 80min en Die bisherigen Lösungen für Lichtsteuerung sind in der Regel teuer oder sehr kompliziert/nutzerunfreundlich. Ziel ist es, eine neue Lichtsteuerung zu entwickeln, die auf FOSS-Basis ein gutes Werkzeug für kreative wird. false SZWSUS margau Student der Informationstechnik, Freifunk Stuttgart & begeisterter IoT-Bastler. 2018-12-29T21:00:00+01:00 21:00 00:45 OIO Workshop-Domo WXUJ8N https://pretalx.35c3oio.freifunk.space/35c3oio/talk/WXUJ8N/ Aufbau von Freifunk in Kleingartenanlagen Workshop 45min de Diskussionsrunde auf Basis einer Problemstellung (Kartendaten zu einer Anlage) ohne eine Lösung einzubringen. Ziel ist: Erfahrungen einzusammeln und auszutauschen, Hinweise und Tips zu bekommen und auszutauschen. true NFMZXP Richard Softwareentwickler mit Garten 2018-12-29T12:00:00+01:00 12:00 00:45 WikiPakaWG Esszimmer DBVJK7 https://cfp.verschwoerhaus.de/35c3/talk/DBVJK7/ AI in Wikipedia Talk de A general overview and report on how Wikipedia uses artificial intelligence to improve its efficiency false 8GDPPA Amir 2018-12-29T13:00:00+01:00 13:00 01:30 WikiPakaWG Esszimmer XRQNHR https://cfp.verschwoerhaus.de/35c3/talk/XRQNHR/ Building a Wikidata tool Talk de Much of the work in the Wikimedia universe, and especially on Wikidata, is done using external tools. Here you’ll see how you can build your own! (See also the [behind-the-scenes blog post](https://lucaswerkmeister.de/posts/2019/01/04/speedpatrolling/).) false RE9MSE Lucas 2018-12-29T14:30:00+01:00 14:30 01:00 WikiPakaWG Esszimmer LEFJBC https://cfp.verschwoerhaus.de/35c3/talk/LEFJBC/ Squarelet - Kooperativ Lernen mit Open Source-Pinboards Workshop mit Gruppentischen de Wir entwickeln [squarelet.org](https://www.squarelet.org), ein Open-Source-Pinboard für kooperatives Lernen und Arbeiten. In dem Workshop stellen wir die Alpha-Version vor, erstellen Use Cases und freuen uns über eure Ideen und Anregungen. Agenda: https://hackmd.okfn.de/0Q4h28VDRym0vKKAm7GRxQ# false U9QVUW Markus EVCNRE mavo XHBSU3 Edgar 2018-12-29T16:00:00+01:00 16:00 01:30 WikiPakaWG Esszimmer MJAKJY https://cfp.verschwoerhaus.de/35c3/talk/MJAKJY/ Hacks/Hackers Meet-Up Meetup de “Hacks” (journalists) and “hackers” (technologists) work together to create physical and digital spaces for exploring new ways to tell stories. true ZV98N9 fex 2018-12-29T18:00:00+01:00 18:00 01:30 WikiPakaWG Esszimmer UYWYWZ https://cfp.verschwoerhaus.de/35c3/talk/UYWYWZ/ Jugend hackt Lightning Talks Lightning Talk de Android entgooglen (Max) Warum ich 1 Mozillian wurde (Jens) Android Entwicklung - Nativ vs nicht-Nativ (Abraham) Arduino ohne Arduino – bau nur den Microcontroller ein! (noniq) Amateurfunk (Janek Gàl und Noah Rullmann) false BWRH7E Daniel 2018-12-29T20:00:00+01:00 20:00 01:00 WikiPakaWG Esszimmer X7FPWS https://cfp.verschwoerhaus.de/35c3/talk/X7FPWS/ Alles was du jemals zu Wikipedia wissen wolltest Talk de Du kennst Wikipedia. Gibt es ja auch seit 17 Jahren. Du nutzt Wikipedia regelmäßig und weißt alles darüber. Aber wer zur Hölle sind Wikimedia, MediaWiki, Wikidata? Was machen die? Was können sie für dich tun? Menschen, die für Wikipedia Artikel oder Code schreiben, sich politisch oder kulturell oder für die Freiwilligen der Wikipedia einsetzen, können dir in dieser Session deine Fragen beantworten. false 7TBZJF Verena 2018-12-29T21:30:00+01:00 21:30 01:00 WikiPakaWG Esszimmer ZKJDBE https://cfp.verschwoerhaus.de/35c3/talk/ZKJDBE/ Digital what? Wie man Bildung nicht digitalisieren sollte Talk de Regierungen und politische Entscheidungstragende setzen auf die Forcierung und den Ausbau von Plattformen, um Bildung "endlich" zu digitalisieren. Doch die Umsetzung widerspricht dem Ziel, Menschen dazu zu befähigen, sich im digitalen Raum sicher und mündig zu bewegen. false WRQU7K Dominik Theis 9FJGJ3 Anja Lorenz GJBVT8 Jelisaweta Kamm 2018-12-29T23:00:00+01:00 23:00 01:00 WikiPakaWG Esszimmer 7CHZ9V https://cfp.verschwoerhaus.de/35c3/talk/7CHZ9V/ Operation Mindfuck #2 - Computer, Kunst und Kuriositäten Talk de Eine bunter Blumenstrauß von Nerdsniping-Themen! false RBEKZW bleeptrack 39LEJR blinry 2018-12-29T12:00:00+01:00 12:00 00:15 WikiPakaWG Küche BBDTHN https://cfp.verschwoerhaus.de/35c3/talk/BBDTHN/ Orgameeting Tag 3 Meetup de true 33UT8A WikiPaka Orga 2018-12-29T14:00:00+01:00 14:00 01:00 WikiPakaWG Küche VQP8QS https://cfp.verschwoerhaus.de/35c3/talk/VQP8QS/ Wikidata: help with building tools Workshop mit Gruppentischen en Additional space to help with building tools, if wanted. true RE9MSE Lucas 2018-12-29T16:00:00+01:00 16:00 01:30 WikiPakaWG Küche B3V7LE https://cfp.verschwoerhaus.de/35c3/talk/B3V7LE/ 🎂🎉 Meetup de 🎉 true 7AGQRG Ulrike 2018-12-29T18:00:00+01:00 18:00 01:00 WikiPakaWG Küche FDHUCR https://cfp.verschwoerhaus.de/35c3/talk/FDHUCR/ Zwischenstand der NSU-Aufklärung Talk de Im NSU-Komplex arbeiten aktuell auf juristischer sowie ausser- wie innerparlamentarischer Ebene verschiedene Akteure an der Aufklärung. Wir wollen uns über den aktuellen Stand und weitere Schritte verständigen. Ziel ist eine bessere Vernetzung und aufzuzeigen, wo auch das Chaos-Umfeld bei der NSU-Aufklärung helfen kann. true HVP8H3 noname G3E7Q3 Caro (NSU-Watch) https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10170.html 2018-12-29T14:00:00+01:00 14:00 03:00 Discodrama 35C3-ABFahrplan-10170-fairy_dust_-_day3 Fairy Dust - Day3 Rocket Away Music other en Modify the Fairy Dust After standing in the cold rain and snow for too long, the Fairy Dust will find its place this time in the middle of the crowd at hall 5. A video installation will take place on the surface. This is a call for people, who can handle c4d files and have the bravery to put their vision on the symbol of the congress. The file attached to this event contains all information about the object, as well the position and lenses of the 4 projectors. Fell free to develop whatever you like. Keep in mind that the surface is very glossy and actually eats the light away. Rendered video best with HAP or MP4. In the hours between 2 pm and 5 pm on the days of the congress, there will be access to the video system, if you come around and have a device with HDMI out. Enjoy! Powered by PENTAKLON und Rico Rose Contact: privatlehrer[at]gmail[:]com false 35C3-template-ROCKET.c4d https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10048.html /system/events/logos/000/010/048/large/0007254766_10.jpg?1545415840 2018-12-29T18:00:00+01:00 18:00 01:00 Discodrama 35C3-ABFahrplan-10048-demoscene_time_machine Demoscene Time Machine Melodic bleepy & fakebit music Music concert en Demoscene Time Machine (aka David Whiting) has been making melodic bleepy music since 2008. Inspired by old SNES soundtracks, DOS demos and the ever-versatile range of the PC speaker, he’s now in full force producing heavy dancefloor-friendly fakebit music with catchy melodies and infectious beats. false https://demoscenetimemachine.com/ http://www.thewit.ch https://soundcloud.com/demoscenetimemachine https://soundcloud.com/vitling https://soundcloud.com/davw http://www.thewit.ch/portfolio/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10042.html /system/events/logos/000/010/042/large/avatars-000373881752-5r40p5-t500x500.jpg?1545415685 2018-12-29T19:00:00+01:00 19:00 02:00 Discodrama 35C3-ABFahrplan-10042-viktor_talking_machine Viktor Talking Machine House Music djset en Digital is death. Shortly before the Tibetan Highlands, a small clearing, dressed with black fern which sways to the rhythm of the sun, extends itself. Here you can meet the inhabitants of a sleepy coastal village, who had found the remains of a huge comet years ago. A viscous dark mass that they turned immediately into brownies with ice cream and pickles. The energy that was gained from the process drives huge machines, planting anemones and helps the bees with their mating rituals. Every 1210 years when the planets order in a circular orbit, a child is born into this magical world, who comes to change everything. Viktor grew up in a musical family on the outskirts of a small mountain village. Early on, he discovered his love for nature and analogue soundscapes. He devoured all the sounds of nature and the vastness of the Antarctic wilderness and distilled from them his deep sound which accompanies him until today. false https://soundcloud.com/viktor-talking-machine https://www.residentadvisor.net/dj/viktortalkingmachine https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10052.html /system/events/logos/000/010/052/large/avatars-000410038332-aohj1k-t500x500.jpg?1545416337 2018-12-29T21:00:00+01:00 21:00 02:00 Discodrama 35C3-ABFahrplan-10052-maurizio_schmitz Maurizio Schmitz Techno/House Music djset en Maurizio Schmitz drives his own bus, dividing his diary effortlessly between work and play and playing. Half Italian, half German and his is a dizzying ongoing musical journey that flies economy and business all at the same time. Maurizio exploits these contrasts, wearing pinstripes or pyjamas or both - he jams. We are talking about psychedelic house here. Socks off and sensual. It works on the big stage, it works in the club and it washes all over an after hour. This sound did not happen by accident. In 1990 scrambling around some old Thorens decks in a club his mother worked in Maurizio was scooping up all the vinyl lost from the night before – the first Schmitz mixtapes (which actually were not mixed) saw the light of day at this time. Many were to follow and these valuable suckers live amongst 11,000 pieces of vinyl collected and stroked over the years. When German techno was dynamite, changing the rules and ushering in a whole new world of electronic music Maurizio was not only there – he was smack in the middle of it. Bonn, Hamburg, Frankfurt, Munich. From the infamous “Labor” club to a 10 years residency at 'FrequenzBerater' to Frankfurt and “U60311”. Many many more but maybe two things stand out and tell you more. Spaldingstreet 43 in Hamburg, the original flat sharing rave. Maurizio presided over 7 years of lovely madness. Today you could create a major art/music festival just from the people who crashed out on the sofas there. Then the tour de force. His very own Mauromusica night founded in Bonn 2004 in the beautiful “Rheingarten”. An octagon shaped glass pavilion. Promoter, resident DJ and mum on the door. Another 10 years. No need to name names, somewhere in the above paragraph they all passed through. Perhaps one name, because here comes the other Maurizio Schmitz. In a 1994 after hour set in Munich, “Pulvertum” it was called, the raver Maurizio noticed Sven Vath 2 metres high in a tree mid set. You don’t forget stuff like that. Their paths were never going to stop crossing. Event manager, promoter, booker and for some time now the right hand man and frequent support act for the immortal legendary magician Sven Vath. It is a relationship that is not stopping any time soon. So, to summarise, Sicilan passion met German techno and spat out the Dj Maurizio Schmitz. (2018, Words by Andrew Gillings) false https://soundcloud.com/mauromusica/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10075.html /system/events/logos/000/010/075/large/loungejpg?1546105301 2018-12-29T23:00:00+01:00 23:00 02:00 Discodrama 35C3-ABFahrplan-10075-marko_morelle Marko Morelle Techno/ Music djset en from the family from the family false https://soundcloud.com/chaishop-com/dj-marco-morelle-germany https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10044.html /system/events/logos/000/010/044/large/tn04_104__andreas04.jpg?1545417072 2018-12-30T01:00:00+01:00 01:00 01:00 Discodrama 35C3-ABFahrplan-10044-der_dritte_raum Der Dritte Raum Techno/Trance Music concert en Andreas Krüger, aka Der Dritte Raum, is the man behind some of the most stirring electronic music of the past twenty-five years. But he'd rather not talk about himself. "The least important thing in all I do is myself," he says. "It's about the music." But of course there would be no music -- no epic anthems like "Hale Bopp" nor transcendent tunes like "Electric Friends" without his creativity, vision, and technical virtuosity which has been honed by his lifelong fascination with sound. The son of musical parents, Andreas grew up immersed in music. He began to study the piano as a child but quickly tired of rigid instruction. He stopped taking lessons and instead played along to records by The Beatles and Pink Floyd, "trying to understand how they made the songs." His main love, though, was electronics and physics. "I never thought I'd be a musician," he says with a chuckle. "I was the boy who built my own circuits, my own AM radio." This fascination with electronics helped spark his love for pioneering synth bands like Devo, Human League and Heaven 17. When a friend lent him a synthesizer, Andreas and his brother set it up in their basement, along with a drum machine and organ, and proceeded to "make a lot of noise." He was studying physics at the time but music absorbed more and more of his energy. In the early 90s he and a friend opened a "freaky punk New Wave" studio. Suddenly, being a professional musician or recording engineer seemed realistic. About the same time another life-changing experience occurred: Andreas started going to techno parties. For the first time, he saw his two great loves, music and technology, wedded to create something unique. "It was music without a standard arrangement, music without vocals," he explains. "Our New Wave and EBM projects always had a standard intro, bridge, verses, etc. Techno was totally new." With typical fervour, Andreas dropped his other projects to concentrate on making a "really cool techno record". Much to the delight of electronic music fans, he has been doing so, with surpassing brilliance, ever since. The marriage of Andreas's deep musical background and peerless technical skills birthed a unique sound that runs like a high-tensile wire through his prolific output as Der Dritte Raum. In the course of a dozen albums and almost thirty records and EPs, Andreas has never lost his fascination with pushing the boundaries of melody and technology. "Commercial music has a very narrow horizon," he says. " It is important for me to make music that can be played with other tracks without copying other ideas or sounds. It is dangerous to maintain a unique direction but that is the basic idea of making art." Currently, the artist is at work on multiple projects, including polishing a new techno album for release later this year, playing with a live band, remastering old Der Dritte Raum material, and taking his music to the masses with his DJ/live performance partner Ralf Uhrlandt. As Der Dritte Raum live, Andreas and Ralf have been pushing the boundaries of electronica since the early '90s. They bring the studio to life onstage with an array of computers, synths, desks and effects. "The equipment keeps evolving but it's always about jamming with sounds," says Andreas. However far-flung his gigs, or wide-ranging his ideas, Andreas is grounded by a simple truth: "I love music. Not just electronic music. All music. false https://soundcloud.com/derdritteraum http://www.der-dritte-raum.de/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10076.html /system/events/logos/000/010/076/large/31947322_1886358088061796_2297047130939850752_n.jpg?1545417368 2018-12-30T02:00:00+01:00 02:00 02:00 Discodrama 35C3-ABFahrplan-10076-super_flu Super Flu Progressive House Music djset en Willkommen in einer Welt, in der knusprig gebackene Bassdrums den Ton angeben; in der Momratzn zu zwickenden Hihats zucken und dir Sprechblasen sympathische Bässe zuwinken! Du musst eine schwierige Entscheidung treffen? Super Flu empfehlen dir Doppelbrötchen mit Knoblauch und 6-Minuten-Eiern! Dein Equipment ist Schrott? Vertrau auf dein Gefühl, kitzel das Maximale aus der alten Bude und quetsch Inspiration aus allem, das du in die Finger kriegst! Dir fehlen die Ideen? Hör auf deinen Papagei! Mach Urlaub und trink Bier. Probier, (weißt schon, was zu machen, was du sonst nie machen würdest). Hör Jazz. Bastel was aus lustigen Dönerbuden-Namen, exotischen Instrumenten und Kinderspielzeug. Mit deinem besten Kumpel und mindestens einem gemeinsamen Lieblingsbäcker, viel Herzblut und einem großen Traum dahinter kann dir nun nichts mehr passieren…! false http://super-flu.de/ https://soundcloud.com/super-flu-de https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10070.html /system/events/logos/000/010/070/large/avatars-000186202996-mb8pqe-t500x500.jpg?1545417580 2018-12-30T04:00:00+01:00 04:00 02:00 Discodrama 35C3-ABFahrplan-10070-rk9 RK9 Joeri Jungschlager, EDM/Drum&Bass/Breakcore Music djset en From reverbnation: RK9 is an allias for Joeri Jungschlager, he used to play in bands and compose music in gerne's like hardcore (punk), jazz, deathcore & mathcore. in 2012 he first released on his own behave a EP Liquid Mind Fucks/Push this party till dawn later on in 2013 his first own EP murder for reblogs which came out on 2C-Broadcast Recordings and in 2014 a fully 3DS produced single came out through bandcamp 'miss the sky' and later used in a full live set recording avaible through youtube. RK9 is a general work out of the idea of a hybrid between liquid drum & bass and breakcore. Allong the road the hybrid ellements changed from the orginal idea too hardcore drum & bass/breakcore with mathcore. Which have given endless suprises and elements too the act. With support from around various scené's and different labels doing VIP Remix for various Dubstep & DnB labels. And founded 2C-Broadcast together with the prototype being the only hard DnB label in the Hague but also made several appearnces at District 9, Langweiligkeit, Benchmark Sessions and the PRSPCT stage on Eendracht Festival (Rotterdam) His productions since 2015 got several radio plays. And is played on the internet. Also he made several podcasts in that year Satanicast for example. RK9 is the Allias for Joeri Jungschlager also known as the disturbing breakcore panda but that is just a scene name. He was born in Drachten, Netherlands but now lives in Rotterdam. ==== From Soundcloud: Started out pretty young in the squat scené around nintencore & breakcore but moved on to breakcore and jungle and a different allias in 2011 RK9 plays and produces a violent combination of Liquid Drum & Bass, Breakcore and crossbreed with support from around various scené's and different labels doing VIP Remix for various Dubstep & DnB labels. And founded 2C-Broadcast together with the prototype being the only hard DnB label in the Hague but also made several appearnces at District 9, Langweiligkeit, Benchmark Sessions and the PRSPCT stage on Eendracht Festival (Rotterdam) His productions since 2015 got several radio plays. And is played on the internet. Also he made several podcasts in that year Satanicast for example. RK9 is also a Developer of OpenDJ: (text from Github) Open DJ or oDJ project is a project that aims to build a fully open source tabletop mediaplayer like pioneers X/CDJ or Denon SC5000 allowing DJ's to do more with their equipment than just DJ. The goal so far is to build 3 models one CDJ which contains CD/USB/SD card and ethernet/wifi link up connections, one XDJ which contains USB/SD, ethernet connections, wifi & LoRaWAN and a modular model which will start with an USB/SD but is expandable and get it's own development kit. Since this all can be quite complex and we have a tech community with more knowledge than just me, I want to build a community around this. This topic for a relatively simple device will be heavily cross domain. The goal is to provide an Open Source building block for smart clubs. false https://www.reverbnation.com/rk9 https://soundcloud.com/rk9_dnb OpenDJ on Github https://www.mixcloud.com/joeridamianjungschlager https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10149.html 2018-12-29T10:00:00+01:00 10:00 02:00 Shutter Island 35C3-ABFahrplan-10149-rudi_stoher Rudi Stöher Ask Ronny Kraftfuttermischwerk. Music djset en false https://soundcloud.com/rudi-stoher/tracks https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10150.html 2018-12-29T12:00:00+01:00 12:00 03:00 Shutter Island 35C3-ABFahrplan-10150-patstyx Patstyx Looking forward to Schuppi Music djset en Patstyx aka Schuppi war schon Sysadmin als man noch beim Internet angerufen hat - er zog weg, nach Halle, in Congressnähe. Legte schon immer auf, macht Podcasts und Drum´n Bass Events und wir freuen uns auf Schuppi. Patstyx was already sysadmin when you called the Internet, by dialing a number on moms phone - he moved away, to Halle, near the congress. Allways deejayed, does podcasts and Drum´n Bass events and we are looking forward to Schuppi. false https://hearthis.at/pat-styx/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10151.html 2018-12-29T15:00:00+01:00 15:00 02:00 Shutter Island 35C3-ABFahrplan-10151-e ë Legend AV-set Music performance en false http://raum-e.com/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10163.html 2018-12-29T17:00:00+01:00 17:00 01:00 Shutter Island 35C3-ABFahrplan-10163-umbaumusik Umbaumusik Mr. G & Mr. Mo Music djset en false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10152.html 2018-12-29T18:00:00+01:00 18:00 01:00 Shutter Island 35C3-ABFahrplan-10152-eulberg_spock Eulberg & Spock Fledermausmusik Music lecture en Vortrag: Fledermaus Streaming Project NABU, CCC und Dominik Eulberg & DJ Spock Die Geräusche der Fledermäuse werden hörbar in Musik umgewandelt und gestreamt. false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10153.html 2018-12-29T19:00:00+01:00 19:00 03:00 Shutter Island 35C3-ABFahrplan-10153-kfmw kfmw Irgendwelche Fragen? Music djset en Das Kraftfuttermischwerk. Srlsy? Ihr kennt Ronny nich? Bester Mumpelkollege, Chillflaggenhochhalter, hat auch ein tollen Myspaceaccount. Das Kraftfuttermischwerk. Srlsy? You don't know Ronny? Best mate, chilloutmusic clockstone, also has a great myspaceaccount. false https://www.kraftfuttermischwerk.de/blogg/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10154.html 2018-12-29T22:00:00+01:00 22:00 02:00 Shutter Island 35C3-ABFahrplan-10154-saetchmo Saetchmo. 1000 Echochambers Music djset en Sätche ist sowas von Teil der Familie - seine Echochamber läuft regelmässig in der c-base, er fährt ne alte Feuerwehr und wer ihm krummkommt, merkt das schon. Sätchmoe is sooo part of the family - his Echochamber runs regularly in the c-base, he drives an old fire brigade and whoever annoyise him, will notices that. false https://www.saetche.net/blog/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10155.html 2018-12-30T00:00:00+01:00 00:00 02:00 Shutter Island 35C3-ABFahrplan-10155-kons_t_il kons[t]il Till & Konsti, zwei Seelenverwandte begegnen einander. Music djset en Till & Konsti, zwei Seelenverwandte begegnen einander. Diese zwei Jungs aus Berlin, finden sich um einen Sound zu kreieren, ihre Stimmungen und Erfahrungen in unverwechselbare Sounds zu verpacken, durchlaufen verschiedenste Facetten der elektronischen Tanzmusik... Sumseln sich durch das Dickicht des Deep-House Waldes, das Ziel... Back to the roots, um sich zu einem großen Ganzen zu vereinen, unabhängig von Zeit und Raum tanzen wir schwerelos durch die Unendlichkeit. Till & Konsti, two soul mates meet each other, these two boys from Berlin find each other to create sound, to wrap their moods and experiences into unmistakable sounds, go through different facets of electronic music... Are humming through the thicket of the deep-house forest, the goal... Back to the roots, to unite to one big whole, independent of time and space we dance weightlessly through Infinity. false https://www.mixcloud.com/konstil/kons[t]il https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10156.html 2018-12-30T02:00:00+01:00 02:00 02:00 Shutter Island 35C3-ABFahrplan-10156-404_tba_aka_marillion 404 tba aka Marillion More to be and let go. Music djset en Swiss bliss & HH Adel false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10157.html 2018-12-30T04:00:00+01:00 04:00 03:00 Shutter Island 35C3-ABFahrplan-10157-lord_spreadpoint Lord Spreadpoint Audio Visual Set Music djset en Siegfried Kärcher (1974/Force Inc.) wurde in die Zeit der Heimcomputer hineingeboren. Nach Atari VCS 2600 folgte der C64 und dann der Commodore Amiga und einige Berühmtheit in der Hacker/Cracker- und Demoszene. Er ist Mitglied des Computerkollektivs Spreadpoint. Der nahe gelegene Techno Club in Frankfurt, wo seit Anfang der 80er Techno erfunden wurde, wirkte ebenso stilprägend. In den Anfangstagen gab es noch keine strikte Trennung der elektronischen Musikstile und so erlebte Kärcher von piepsenden Konsolen und chiptunigen Heimcomputern wie dem C64, harter EBM, über Midifizierung der Tonstudios durch den Atari ST, Harddiskrecording, Kommerzialisierung und Ausverkauf des Technos eigentlich alle wichtigen Entwicklungsschritte mit. Seit einem Hochbegabtenstudium der freien bildenden Kunst entwickelt er Werke im Bereich bildender Kunst und Musik. Er lebt und arbeitet in Frankfurt am Main und Berlin. Auf dem 35c3 nimmt uns Siegfried Kärcher mit auf eine Klangreise in technoide Ambientgefilde, die musikalisch mal historische Leuchttürme aufblinken lassen aber auch in die Zukunft schauen lassen oder einfach nur zur Kontemplation einladen. Siegfried Kärcher (1974/Force Inc.) was born into the time of home computers. After Atari VCS 2600 followed the C64 and then the Commodore Amiga and some celebrity in the hacker/cracker and demo scene. He is a member of the computer collective Spreadpoint. The nearby Techno Club in Frankfurt, where Techno was invented since the beginning of the 80's, also had a style shaping effect. In the early days there was no strict separation of the electronic music styles and so Kärcher experienced all important development steps from beeping consoles and chiptuning home computers like the C64, hard EBM, via midification of the recording studios by the Atari ST, hard disk recording, commercialization and sell out of the techno. He has been developing works in the field of fine arts and music since he studied free visual arts as a highly gifted student. He lives and works in Frankfurt am Main and Berlin. On the 35c3 Siegfried Kärcher takes us on a journey of sound into technoid ambient environments, which musically blink historical lighthouses but also let us look into the future or simply invite us to contemplation. false www.4sk.de https://www.youtube.com/watch?v=MEZcpR4aG9k https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10148.html 2018-12-29T14:00:00+01:00 14:00 01:00 Compeiler 35C3-ABFahrplan-10148-rote_schule_music_workshop Rote Schule Music Workshop Workshop/Performance Music workshop en false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10135.html 2018-12-29T15:00:00+01:00 15:00 01:00 Compeiler 35C3-ABFahrplan-10135-riley Riley Dance performance Music performance en false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10057.html /system/events/logos/000/010/057/large/47163654_2020787697968002_5431537559463264256_n.jpg?1545417900 2018-12-29T16:00:00+01:00 16:00 01:00 Compeiler 35C3-ABFahrplan-10057-window_magic Window Magic Ambient/Experimental Music concert en Window Magic is the ambient/tape music project of Andreas Bonkowski. With an arsenal of cassettes, tape loops, analog synths, trusty fx units and escapist tunes he creates lo-fi collages and mystical soundscapes. Sometimes you hear a sound and may be not quite sure what it is. Or what it was. If you are fascinated by the mystery of noise, tape music is an artichoke, a rough diamond, a welcome phantom with many faces. Window Magic melts found sounds, manipulated source material and field recordings into tape deck ghosts and drones that haunt, flutter and sing. From a very early age growing up in East-Berlin, Andreas Bonkowski was fascinated by tape recorders and shortwave radio stations, filling C60s of his late night finds and experimenting with cutting techniques to make his own versions of songs and broadcasts. This fascination never left, though his other musical adventures with Corwood Manual or Siva. somehow took very different routes to explore other territories. Window Magic opens a portal to someplace else, channeling sounds that move outside the workings of time. false http://windowmagic.pm/ https://soundcloud.com/windowmagic https://twitter.com/window_magic https://store.windowmagic.pm/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10050.html /system/events/logos/000/010/050/large/22730453_1809696109060321_4866779364793401634_n.jpg?1545419292 2018-12-29T17:00:00+01:00 17:00 01:00 Compeiler 35C3-ABFahrplan-10050-sevensol Sevensol Part 1 Music djset en Alex is one third of esteemed label Kann and 1/2 of DJ Duo Manamana together with Map.ache. Aside from his former work in recordshops, Dj-ing since ages and releasing new music (Mana-All-Nite, Kann) Alex has also been quietly issuing out his own music (together with Bender) and remixes as well. false https://soundcloud.com/sevensol https://kann-records.com/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10080.html /system/events/logos/000/010/080/large/maxresdefault.jpg?1545419128 2018-12-29T18:00:00+01:00 18:00 01:00 Compeiler 35C3-ABFahrplan-10080-ana_bogner Ana Bogner Experimental/Ambient Music concert en Ana Bogner is an electronic musician and sound artist. Her artistic content revolves around the theme of imaginary space: poetic realities as a state of human consciousness. She works both compositionally and installatively - architecturally. She layers spheres, dreams of utopian urban ambience, built on ethereal light-heartedness through which stories float. She received a honorary mention "Digital Musics and Sound Art" for "sounds from the white box" (as part of the exhibition Pulse 'Lab II: Works for Wave Field Synthesis', initiated by Robert Henke), Ars Electronica, AUS In 2014 her EP multiple proportions was published on headphonica. In 2019 there will be the release of 1967/People in collaboration with Arpen. false http://anabogner.de https://soundcloud.com/anabogner https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10136.html /system/events/logos/000/010/136/large/22730453_1809696109060321_4866779364793401634_n.jpg?1545419446 2018-12-29T19:00:00+01:00 19:00 01:00 Compeiler 35C3-ABFahrplan-10136-sevensol Sevensol Part 2 Music djset en Alex is one third of esteemed label Kann and 1/2 of DJ Duo Manamana together with Map.ache. Aside from his former work in recordshops, Dj-ing since ages and releasing new music (Mana-All-Nite, Kann) Alex has also been quietly issuing out his own music (together with Bender) and remixes as well. false https://soundcloud.com/sevensol https://kann-records.com https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10090.html /system/events/logos/000/010/090/large/Esmark_MG_0497_bw.jpg?1545250908 2018-12-29T20:00:00+01:00 20:00 01:00 Compeiler 35C3-ABFahrplan-10090-esmark Esmark Dark Drone Landscapes Music concert en Esmark is the latest musical vehicle of sound architect Nikolai von Sallwitz and experimental artist Alsen Rau. They’ve worked together on a variety of experimental and performative projects since 2001. Their latest project was recorded in late 2016, in Scandinavia, where they beautiful surroundings and solitude inspired them to record enough music for two albums. Rather than save some of the music for a followup album, a decision was made to release two albums simultaneously. Both Nikolai von Sallwitz and Alsen Rau are experienced musicians, who have enjoyed lengthy and successful careers. They’ve both previously worked together, and have also worked with a variety of different artists in a variety of roles. In the case of sound architect Nikolai von Sallwitz he was mastered Scheich In China first two albums and has written for the Karachi Files’ 2016 debut eponymous album and Scheich In China. However, Nikolai von Sallwitz is best known as known as Taprikk Sweezee, which is the moniker he has been using since 2006. Since then, Taprikk Sweezee has worked in a variety of capacities, ranging from singer and songwriter, to recordist remixer and producer. His career as Taprikk Sweezee started in 2006 as a vocalist and since then, he has served what is akin to a musical apprentice. That is only part of the Taprikk Sweezee story. Taprikk Sweezee has written music and has been involved with sound design for film, theatre and a variety of art and pop projects. Somehow, Taprikk Sweezee has found time to collaborate with a number of visual artists, including Chris Hoffmann, Andreas Nicholas Fischer and Robert Seidel. There are it seems, many strings to Taprikk Sweezee’s bow. In 2010, Taprikk Sweezee released his debut EP Conversea. A year later, and Taprikk Sweezee returned with his sophomore EP Poly. Taprikk Sweezee also finds time to work on projects with his friend Alsen Rau, including on the Barabass, Scheich in China and their most recent project Esmark. Just like Nikolai von Sallwitz, Alsen Rau has a wealth of musical experience. Over the years, he has been a member of various groups including Barabass, who released an EP in 2006. On + Brr followed in 2010, who released their debut album Peace and Love in 2010. This was followed by a quartet of singles. Alsen Rau’s next project was Scheich in China, who have released five albums between 2014 and 2016. However, this is just part of the story of Alsen Rau. He’s also one of the founders and curators of Kraniche, a Hamburg-based club, that is renowned for exhibitions of experimental art. They’ve received praise and plaudits from critics and cultural commentators. There’s also been performances of experimental music at Kraniche, which has gained a reputation as a place that is unafraid to showcase ambitious and inventive music. Away from Kraniche, Alsen Rau has also curated a number of exhibitions, performances and readings, and is heavily involved with city’s art scene. However, much of Alsen Rau’s time is spent making music. false http://www.bureau-b.com/esmark.php https://e-s-m-a-r-k.tumblr.com https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10056.html /system/events/logos/000/010/056/large/avatars-000118314231-989ats-t500x500.jpg?1545419962 2018-12-29T21:00:00+01:00 21:00 02:00 Compeiler 35C3-ABFahrplan-10056-electric_kool_aid Electric Kool Aid Deeptech Music djset en Electric Kool Aid is the atmospheric deeptech outfit of label head, studiogeek and dj extraordinaire Peer Schmid. Looking back on an intimate personal relationship with more than fifteen years of electrosonic art, Peer has been able to make himself a name – both as an artist and a remixer, with a great hand for unique and diverse atmospheres - as well as a witty producer, with the ability to capture and further refine the magic studio moment. With his dj residency @ "Zoo" in Hamburg's world famous "Villa Nova" club - he is regularly warming up for some of the biggest names in the industry like Dave Seaman, Robert Babicz, Extrawelt, Oliver Schories, Butch, Namito, Thomas Schumacher or D-Nox & Beckers with his praised musical and atmospheric blend of deephouse and groovy deeptech. You should also try to catch one of his acclaimed radio mixes on Frisky radio with a more listening oriented, couch-esque approach. Having worked in event-, label- and artist management, in both the underground and the mainstream music industry alike, his music proves a mature sense for the outstanding and fresh. Apart from his solo works as Electric Kool Aid, he has released more than 60 tracks under diverse names and further collaborated in diverse styles with various artists on dozens of different projects. false https://soundcloud.com/electrickoolaid https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10119.html 2018-12-29T23:00:00+01:00 23:00 01:00 Compeiler 35C3-ABFahrplan-10119-crasser_sauer Crasser & Sauer Experimental Electronics Music concert en Electroaccoustic interplay between the Leipzig-based musicians Judith Crasser & Adam Sauer, both representing the local Pracht collective, an association and venue dedicated to extraordinarities in sound and beyond. In their dialogic live-perfomance they investigate the relations between sonic reality and synthesized fiction, dynamically combining elements of Musique Concrete, Industrial, Glitch and Free Improvisation. false https://soundcloud.com/judithcrasser https://soundcloud.com/zond21 https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10089.html /system/events/logos/000/010/089/large/A-4388736-1517147016-1439.jpeg.jpg?1545387098 2018-12-30T00:00:00+01:00 00:00 01:00 Compeiler 35C3-ABFahrplan-10089-rodion_levin Rodion Levin Techno Music concert en One half of On+Brr and Brenz Hold (both with Alsen Rau), known for their infamous Hamburg club "Kraniche" (R.I.P.). false https://www.discogs.com/de/artist/4388736-Rodion-Levin https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10047.html /system/events/logos/000/010/047/large/26239498_140042200002882_4900957278046703016_n.jpg?1545420767 2018-12-30T01:00:00+01:00 01:00 01:00 Compeiler 35C3-ABFahrplan-10047-niklas_wandt Niklas Wandt Part 1 Music djset en Deeply inhaling rock music, then hiphop and, maybe most significantly jazz from an early age, collecting music has been Niklas’ favorite pastime since way back when. Starting to dj was then really just a process of making public and formatting a bit what had been going on at home anyways – with as little care for genre and imposed boundaries as possible, you’ll find Niklas aka Franco DJ play a diverse range of fringe dance musics from percussion and library records, disco and boogie tunes, spiritual jazz, No Wave, far out Kosmische and, yes, some roughed up house music. In Berlin, he regularly throws a party dedicated to genre-defying dances named SMELLS in various locations such as Sameheads and Loophole. Guests thus far include Jan Schulte, Retrogott, Basso, Philipp Otterbach, Jules, Twit One, Katzele among others. As a DJ, Niklas was heard at the Salon Des Amateurs, Düsseldorf, in Berlin at KaterBlau, JohnnyKnüppel, Klunkerkranich and Sisyphos, at the Teder/Romano in Tel Aviv and over the airwaves of LYL Radio, Redlight Radio and Cashmere Radio. Also catch him at his monthly bar residencies at Heiner/Weserstr. 58 in Berlin-Neukölln and at King Georg in Cologne. false https://niklaswandt.com https://soundcloud.com/niklaswandtmusik https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10078.html /system/events/logos/000/010/078/large/48416970_718041131928965_6199364178822561792_n.jpg?1545402577 2018-12-30T02:00:00+01:00 02:00 01:00 Compeiler 35C3-ABFahrplan-10078-nkls nkls Synths & Stuff Music concert en walking on tounges of drums, writing melodic textures - why not crying for a miracle ? false https://soundcloud.com/n_kl_s https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10092.html /system/events/logos/000/010/092/large/26239498_140042200002882_4900957278046703016_n.jpg?1545420917 2018-12-30T03:00:00+01:00 03:00 01:00 Compeiler 35C3-ABFahrplan-10092-niklas_wandt Niklas Wandt Part 2 Music djset en Deeply inhaling rock music, then hiphop and, maybe most significantly jazz from an early age, collecting music has been Niklas’ favorite pastime since way back when. Starting to dj was then really just a process of making public and formatting a bit what had been going on at home anyways – with as little care for genre and imposed boundaries as possible, you’ll find Niklas aka Franco DJ play a diverse range of fringe dance musics from percussion and library records, disco and boogie tunes, spiritual jazz, No Wave, far out Kosmische and, yes, some roughed up house music. In Berlin, he regularly throws a party dedicated to genre-defying dances named SMELLS in various locations such as Sameheads and Loophole. Guests thus far include Jan Schulte, Retrogott, Basso, Philipp Otterbach, Jules, Twit One, Katzele among others. As a DJ, Niklas was heard at the Salon Des Amateurs, Düsseldorf, in Berlin at KaterBlau, JohnnyKnüppel, Klunkerkranich and Sisyphos, at the Teder/Romano in Tel Aviv and over the airwaves of LYL Radio, Redlight Radio and Cashmere Radio. Also catch him at his monthly bar residencies at Heiner/Weserstr. 58 in Berlin-Neukölln and at King Georg in Cologne. false https://niklaswandt.com https://soundcloud.com/niklaswandtmusik https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10138.html 2018-12-29T14:00:00+01:00 14:00 02:00 Uptime Bar 35C3-ABFahrplan-10138-chiara Chiara Music djset en false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10139.html 2018-12-29T16:00:00+01:00 16:00 02:00 Uptime Bar 35C3-ABFahrplan-10139-faheus faheus Music djset en false https://www.mixcloud.com/matthiasdamasty/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10140.html 2018-12-29T18:00:00+01:00 18:00 02:00 Uptime Bar 35C3-ABFahrplan-10140-morellion Morellion Techno Music djset en From the family... false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10055.html 2018-12-29T20:00:00+01:00 20:00 02:00 Uptime Bar 35C3-ABFahrplan-10055-dj_t_shaba DJ T´shaba Electro-Kraut & Cosmic-Shit Music djset en „Welche Rolle spielt Musik bei der Identitätsbildung? Müssen Punker Punk hören? Dürfen Rocker nur Gitarre? Raver nur Techno? Rastas Reggae? Oder lässt sich da was extrahieren, gibt es sowas wie eine universale Musik? Aus einer in 30 Jahren in viele Richtungen gewachsenen Plattensammlung mit Subkulturaffinität werden im berliner underground, auf festivals wie fusion und eben auch hier Antworten versucht, Vinyl only, alles analoge Handarbeit.“ false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10054.html /system/events/logos/000/010/054/large/avatars-000373142309-25ak0t-t500x500.jpg?1545421325 2018-12-29T22:00:00+01:00 22:00 02:00 Uptime Bar 35C3-ABFahrplan-10054-naroma Naroma Downtempo Music djset en people also called her sets n°aromatherapy. it assumes that movement and emotion are directly related. Dance has been used therapeutically for thousands of years, its an expressive therapy for cognitive, social, behavioral and physical conditions. I’ve been hearing about Naroma from the beginning of my time working with artists from Europe. She’s a bit of a legend as an organizer - Urubu Marinka reported she traveled to Leipzig to play one of Naroma’s parties and stayed an extra night, and then another, and basically just moved to Leipzig, in large part due to Naroma’s warmth as a host. And then as a performer, there are Naroma’s 8-hour closing sets at Fusion. That’s some serious business. But, there’s a twist - for years she performed these marathons on two iPods. You know, with the wheels. This is entirely bonkers, borderline impossible. But don’t worry, since 2 years she uses a computer to play on and she loves all the new possibilities. false http://www.naroma.net/ https://soundcloud.com/naroma https://www.mixcloud.com/naroma/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10072.html 2018-12-30T00:00:00+01:00 00:00 02:00 Uptime Bar 35C3-ABFahrplan-10072-bambi_de_luxe bambi de luxe Electronica/Downtempo Music djset en Hailing from Geneva to Falken, bambi de luxe has been haunting Zurich's underground scene for many years. She cultivates an alternative vision of living in occupied places promoting community spirit and rejecting materialism in the centre of capitalism and consumption. Plays only on best PA’s. On a couch. Never calls the police. LOVE FREEDOM EVERYTHING false https://www.mixcloud.com/bambideluxe/ 2018-12-29T16:00:00+01:00 16:00 04:00 OIO Lötarea HPHDXC https://pretalx.35c3oio.freifunk.space/35c3oio/talk/HPHDXC/ Solder your own MPP tracker Lötarea 110 min en Elektra prepares some kits of her MPP tracker, you'll finish them with her help. See details here: https://wiki.freifunk.net/Freifunk-MPP-Tracker You can participate on a first come first serve base. false HZ9WHF Elektra Free wireless networks since 2001 Freifunk since 2003 https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9989.html /system/events/logos/000/009/989/large/espr_35c3.jpg?1545253268 2018-12-30T11:30:00+01:00 11:30 00:40 Adams 35c3-9989-what_the_flag_is_ctf What the flag is CTF? Security lecture en Every year since 2011 on the 28C3 we organize a Capture the Flag contest for people on the Congress and from all over the world. This year we want to give you an overview about what a CTF is, the challenges, the players, the community and how much fun it is to play (not only our) CTF. Capture the Flag competitions started to become a thing in the infosec community more than 20 years ago. When we started playing they were casual games to improve our skill set every now and then on weekends with a bunch of friends. In recent years, the CTF community grew much bigger and nowadays you can play a CTF every weekend if you want to. So what is it all about? For the past 7 years, we organized the C3 CTF with a variety of challenges that try to be oriented towards real-world scenarios. The range of topics include reverse engineering, crypto(graphy) and web, and of course good old binary exploitation. If you solve a task, you get a flag. As simple as that. For the second time this year, we also run a separate, entry-level CTF designed for folks who do not like spending 48 hours on a single challenge. We are honored that over a thousand teams are playing with us every year from every corner of the world, and trolling our IRC channels. We will present some challenges from this year's contest to give you an idea what you are up to when you decide to play. You will see how to solve our challenges even if you never played a CTF before. We realize that everybody needs to start somewhere and would love to motivate even more people to join our lovely community. false Andy https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/10037.html /system/events/logos/000/010/037/large/dollar.jpg?1544663679 2018-12-30T12:30:00+01:00 12:30 00:40 Adams 35c3-10037-microtargeting_und_manipulation Microtargeting und Manipulation Von Cambridge Analytica zur EU-Wahl Ethics, Society & Politics lecture de Die Möglichkeiten des Microtargetings, aber auch der Desinformation mit Hilfe von Werbeplattformen wie Facebook sind vielfältiger, als man vor dem Cambridge-Analytica-Skandal vielleicht vermutet hätte. Darauf wollen wir auch angesichts der anstehenden Wahlen in Europa einen Blick werfen. Seit dem US-Präsidentschaftswahlkampf und dem Brexit-Entscheid sind Details ans Licht gekommen, wie politische Propaganda heute praktisch durchgeführt wird. Was die noch nicht einmal beendeten Untersuchungen bisher ergeben haben, wollen wir zusammenfassen. Denn dass sie mindestens dazu beitrugen, die Wahlergebnisse zu beeinflussen, ist nun nachvollziehbar. Entsprechend werden in Brüssel derzeit Gegenmaßnahmen geplant, die die Wahlen zum Europäischen Parlament vor ungebetenen verdeckten Manipulationen schützen sollen. Aber halten sich die zur Wahl Stehenden selber an ihre Forderungen und Vorschläge? false Ingo Dachwitz Constanze Kurz https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9727.html 2018-12-30T13:30:00+01:00 13:30 00:40 Adams 35c3-9727-netzpolitischer_wetterbericht_2018 Netzpolitischer Wetterbericht 2018 Die Höhen und Tiefen der deutschen und europäischen Netzpolitik Ethics, Society & Politics lecture de Das Jahr 2018 bietete wieder zahlreiche Beispiele für einen netzpolitischen Wetterbericht. Die Große Koalition lief sich mit der Bundesregierung warm und am Ende des Jahres droht man den Überblick über zahlreiche Kommissionen und Arbeitsgruppen zur Digitalisierung zu verlieren. Die gute Nachricht ist: Netzpolitik ist angekommen und geht nicht mehr so schnell weg. Die schlechte Nachricht ist: Beispiele für eine bessere Netzpolitik, Wert auf den Schutz und Ausbau von Grund- und Verbraucherrechte legt, gibt es leider eher weniger. Während die Urheberrechtsrichtlinie wahrscheinlich Uploadfilter und Leistungsschutzrecht auf EU-Ebene verankert, bringen die Innenminister Uploadfilter gegen Terrorpropaganda voran. Die ePrivacy-Verordnung hatte im Parlament zuviele Fans von Verbraucherrechten, deshalb wird sich jetzt im EU-Rat gestoppt. Der Skandal um Cambridge Analytica führte dazu, dass Geschäftsmodelle und Datenschutz bei Facebook und Co in der Öffentlichkeit stärker diskutiert wurden und nebenbei erblickte die Datenschutzgrundverordnung das Licht der Öffentlichkeit. Fast alles in der Netzpolitik dreht sich derzeit um Künstliche Intelligenz, wobei immer noch unklar ist, was sich Politikerinnen und Politiker darunter vorstellen, wenn sie davon sprechen. Irgendwas mit Arbeitsplätzen auf jeden Fall, vielleicht auch noch was mit Ethik und Regulierung. Je nach Perspektive. Dafür gibt es natürlich mehr Überwachung. Es gibt neue Behörden und Agenturen für den Bau von Staatstrojanern und am Bahnhof Südkreuz wurden erfolgreich/erfolgslos biometrische Videoüberwachungssysteme getestet, die demnächst überall ausgerollt werden könnten. Neue Polizeigesetze bringen mehr Überwachungsbefugnisse auf Länderebene. Es gibt aber auch gute Nachrichten aus diesem Jahr. Mehr dazu dann gerne live vor Ort. Es ist viel passiert in 2018 und die längeren Linien helfen dabei, einen Blick in die Debatten des kommenden Jahres zu werfen. false Markus Beckedahl https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9498.html /system/events/logos/000/009/498/large/bug.png?1546169738 2018-12-30T14:30:00+01:00 14:30 00:40 Adams 35c3-9498-dissecting_broadcom_bluetooth Dissecting Broadcom Bluetooth Security lecture en Broadcom's Bluetooth firmware on popular devices – such as Nexus 5, Nexus 6P, Raspberry Pi 3, and Raspberry Pi 3+ – shares the same firmware update mechanisms, which allows for local firmware modifications. With InternalBlue we published a framework to change lower Bluetooth layers. In this talk we go even further and demonstrate a remote exploit in the Broadcom firmware. In the first part of this talk we present the InternalBlue framework, which allows to experiment with Broadcom-based Bluetooth chips. On Nexus 5 and 6P, it already supports monitoring and injection tools for the lower layers of the Bluetooth protocol stack. The second part of this talk focuses on security. We show how behavior during pairing can be modified, e.g. by setting other device features or IO capabilities. We also demonstrate an implementation of the recent publicly known ECDH key exchange attack. Last, we demonstrate a new attack (CVE-2018-19860) that can crash the Bluetooth stack and execute a limited set of functions – only requiring knowledge of the Bluetooth MAC address of the device under attack. This vulnerability has silently been patched in newer firmware versions, but it applies to Broadcom chips in popular devices such as Nexus 5, Raspberry Pi 3, iPhone 6, Xperia Z5, Samsung Galaxy Note 3, MacBook Pro 2016 and more. false jiska mantz MRMCD talk on InternalBlue (more details on how to use it) InternalBlue on GitHub Presentation Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9685.html 2018-12-30T16:10:00+01:00 16:10 01:00 Adams 35c3-9685-security_nightmares_0x13 Security Nightmares 0x13 CCC lecture de Was hat sich im letzten Jahr im Bereich IT-Sicherheit getan? Welche neuen Entwicklungen haben sich ergeben? Welche neuen Buzzwords und Trends waren zu sehen? Wie immer wagen wir den IT-Security-Alptraum-Ausblick auf das Jahr 2019 und darüber hinaus. Denn was wir wirklich wissen wollen, ist ja schließlich: Welche artifiziell intelligenten Poltergeister werden in unseren Geräten herumspuken, welchen Meistern werden sie gehorchen und wie werden wir sie wieder los? false frank Ron https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9986.html 2018-12-30T17:10:00+01:00 17:10 01:00 Adams 35c3-9986-closing_event Closing Event CCC lecture de Hier hört es auf. false rufus rixx https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9568.html /system/events/logos/000/009/568/large/yG2ahUfL_400x400.jpg?1543064831 2018-12-30T11:30:00+01:00 11:30 02:20 Borg 35c3-9568-lightning_talks_day_4 Lightning Talks Day 4 CCC lecture en Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick! Did you think that the thrill of sharing your ideas in front of a huge audience at a C3 was something you'd never experience? Do you work on a cool project and want to get the word out? Was your talk one of the hundreds that got rejected? Did you come up with an awesome hack that you need to share? Go ahead and enter your Lightning Talk now! The 35C3 Lightning Talks consist of three fast paced sessions which are perfect for pitching new software or hardware projects, exploits, creative pranks or strange ideas you need to get out to a global audience. Even if you don't have an awesome idea or project to share, a Lightning Talk is perfect for pitching your Assembly, your workshop or even a longer talk you'll give as a self-organized session. Your five minutes of fame! For registration and schedule info, please check out https://c3lt.de/35c3 false gedsic bigalex Registration and schedule Congress Wiki Page https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9925.html /system/events/logos/000/009/925/large/IMG_20181225_232912.jpg?1545778008 2018-12-30T14:10:00+01:00 14:10 01:00 Borg 35c3-9925-let_s_reverse_engineer_the_universe Let's reverse engineer the Universe exploring the dark Science lecture en There is four times more dark matter and over fifteen times more dark energy than regular matter in the universe. And we have absolutely no idea what these invisible dark substances might be. This talk will show how we know that dark energy and dark matter exist, although we cannot see them directly. This kind of reverse enigneering of the universe already revealed some interesting features of the dark parts. However, the true nature of dark matter and dark energy are literally in the dark. When it comes to dark matter, cosmology is facing a crisis. Many theories that can be tested nowadays where falsified and dark matter particle candidates still haven't been found in most of the predicted energy ranges. Whatever dark matter and dark energy will turn out to be, it will be stunning. So stay tuned and explore the dark. false Sara Konrad https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9576.html 2018-12-30T16:10:00+01:00 16:10 01:00 Borg 35c3-9576-35c3_infrastructure_review 35C3 Infrastructure Review Up and to the right: All the statistics about this event you could wish for CCC lecture en 35C3 is run by teams of volunteers. In this event, they will provide some insight into the challenges they faced while building the GSM, DECT and IP networks, running video streams, or organizing ticket sales. All graphs will be pointing up and to the right. false Leon Kévin Redon https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9370.html /system/events/logos/000/009/370/large/newLogoEyeSkills.png?1543078784 2018-12-30T11:30:00+01:00 11:30 01:00 Clarke 35c3-9370-hacking_how_we_see Hacking how we see A way to fix lazy eye? Science lecture en We mostly see with the mind, and the mind is flexible. For the four hundred million people with amblyopia (lazy eye), their brain encountered an installation error when linking both eyes as babies. As a "Plan B", their brain switched one eye off. I'll talk a bit about how the visual system works, and how our open-source virtual reality software (backed by social impact lab Leipzig and the prototypefund.de) can hack through that suppression and provide a chance to "re-install" full sight with two eyes. By providing an open set of tools for creating comparable experiments, our goal is not just to provide a tool, and a set of tools for building more tools, but to provide the basis for one of the world's largest open-science experiments. Nobody claims to have predictive scientific models of how the visual system works in its entirety, and that means there is still so much more to discover. In the case of Lazy Eye, some aspects of the visual system are de-activated and/or dormant. What we can do is to comparatively explore which techniques and approaches have which effects on opening visual perceptions, and thereby drive our understanding of the system forward on a theoretical and practical level. If you'd like to know more, check out www.eyeskills.org and come along to this talk. :-) false Ben Senior EyeSkills https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9768.html /system/events/logos/000/009/768/large/0865eb00acd7dc00c592fd205d3f93de_preview_featured.jpg?1545500740 2018-12-30T12:50:00+01:00 12:50 01:00 Clarke 35c3-9768-open_source_orgelbau Open Source Orgelbau Hardware & Making lecture de Spaß und ein kleines Bisschen Wissenschaft mit 3D-gedruckten Orgelteilen Musikinstrumentenbau ist überwiegend geheim-by-accident, es wird persönlich weiter gegeben und ist nicht ohne weiteres öffentlich zugänglich. Das ist für musik- und handwerklich interessierte Nerds natürlich unbefriedigend. 3D-gedruckte Pfeifen werden ich mitbringen. ## Ablauf * Kurze Einführung, was ist eine Orgel eigentlich * Was kann man heute cooler machen mit 3D-Druck und modischer Elektronik, Erläuterungen zu Funktionsweisen und CAD-Files * Überlegungen über Tastatur-Dynamik ## Links Das Spektrogramm auf dem Mac: ffmpeg -f avfoundation -i ":0" -lavfi showspectrum=s=1440x900:slide=rscroll -c:v rawvideo -r 25 -pix_fmt yuv420p -f matroska - | mpv - Linux: ffplay -f pulse -i "default" Previously auf media.ccc.de * https://media.ccc.de/v/MRMCD15-7058-die_pfeifenorgel_im_zeitraffer * https://media.ccc.de/v/WHTT3V Parametrische Orgelpfeifen-Files (FreeCAD und OpenSCAD): * https://github.com/benjaminwand/3d-printed-labial-pipe * https://github.com/benjaminwand/3d-printed-reversed-free-reed-pipe * https://github.com/benjaminwand/3d-printed-organ-parts Fachwörter-pdf: https://www.walcker.com/downloads/dictionnaire-des-orgues.pdf false Benjamin Wand Jannik Beyerstedt Folien Jannik Beyerstedt Folien Benjamin Wand https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9964.html /system/events/logos/000/009/964/large/Untitled-11.png?1539703024 2018-12-30T14:10:00+01:00 14:10 00:50 Clarke 35c3-9964-cat_mouse_evading_the_censors_in_2018 Cat & Mouse: Evading the Censors in 2018 Preserving access to the open Internet with circumvention technology Resilience lecture en The deepening of global Internet infrastructure comes accompanied with an invigorated capacity and intent by adversaries to control the information that flows across it. Inextricably, political motivations and embedded power structures underlie the networks through which we interpret and understand our societies and our world - censorship threatens the integrity of the public sphere itself. The increasing technical sophistication of information controls deployed by censors in adversarial network environments around the world can be uniquely viewed and researched by circumvention tool providers, whose work continues to preserve access to the open Internet for all communities. Through this presentation, we endeavour to share insights gained from the front lines of this technical contest. The deepening of global Internet infrastructure comes accompanied with an invigorated capacity and intent by adversaries to control the information that flows across it. Inextricably, political motivations and embedded power structures underlie the networks through which we interpret and understand our societies and our world - censorship threatens the integrity of the public sphere itself. The increasing technical sophistication of information controls deployed by censors in adversarial network environments around the world can be uniquely viewed and researched by circumvention tool providers, whose work continues to preserve access to the open Internet for all communities. Through this presentation, we endeavour to share insights gained from the front lines of this technical contest. The following key questions will be answered in this session: - What are circumvention tools conceptually and how do they work? - How have the techniques of adversaries evolved? - What are the latest innovations in circumvention technology? - How have emerging economies been affected, where censorship and and surveillance hardware and software are built-in to newly established ICT infrastructure? - How do circumvention trends follow censorship events and social/political movements? - Where do we see these technical advances leading the next generation of censorship and circumvention technology? This is a Foundations talk. No prior understanding of circumvention technology is required to enjoy this, but the presentation will hopefully be enjoyable to all experience levels. false kmc A recently published paper by this presenter: Censorship and Collateral Damage: Analyzing the Telegram Ban in Iran https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9905.html /system/events/logos/000/009/905/large/talk_logo.png?1545853700 2018-12-30T11:30:00+01:00 11:30 01:00 Dijkstra 35c3-9905-are_machines_feminine Are machines feminine? exploring the relations between design and perception of machines and the dynamics in between Art & Culture lecture en Why do navigation systems have feminine voices? We know Tay, Eliza, Siri not only as female names, but also as chatbots and software, which directly interact with humans. Although computer programs are per se genderless, gender seems not to be cancelled out in human-machine interaction, but why? This talk aims to examine how we map gender on computers and machines. This includes looking at software in machine-human interaction, as well as digging deeper into a cultural history of imagining and building human-like machines. To look at this, two view points are taken; In the examples of the virtual assistants; What do the responses these devices give in conversation reveal about their design? What are the expectations and projections users map onto a machine when they interact with it? This connects to the cultural imagining of machines as subjects, which has been pondered in literature and film before and parallel to technical research. From 18th century clockwork powered figures, that wrote and played music, to 19th century literature, in which young men fall in love with piano playing automata to A.I. characters in movie series and cinema. This talk tries to explore the relations between design and perception of machines and the dynamics in between. false Polaris https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9532.html 2018-12-30T12:50:00+01:00 12:50 01:00 Dijkstra 35c3-9532-kernel_tracing_with_ebpf Kernel Tracing With eBPF Unlocking God Mode on Linux Security lecture en Have you ever wanted to trace all syscalls or dump all IPC traffic across a Linux system? Until recently, doing so may have required some significant setup involving a half-baked tracing kernel module, a custom kernel module, or even using a kernel debugger. This talk will introduce the eBPF functionality of the Linux kernel and cover practical uses of the technology beyond mere code profiling. We will show how eBPF can be used both defensively and offensively to protect, or compromise, a system. This talk will primarily focus on using eBPF to dynamically instrument kernel functionality and gain deep insight on the workings of both kernel and userspace code across a running system. Attendees will leave with practical knowledge for using eBPF to (performantly) watch every action taken on a running system and make processes reveal their secrets. eBPF (or "extended" Berkeley Packet Filter) is a bytecode and virtual machine used as a safe computing environment within the Linux kernel to perform arbitrary programmatic actions. It is a redesign of the original BPF bytecode VM used, typically in userspace, to power features like tcpdump filters. eBPF has an entirely different set of capabilities and instructions, with its primary goal being to serve as a JIT-able virtual machine instruction set that can be targeted by compilers of a memory-safe "restricted C" language. In the Linux kernel BPF and eBPF have been applied to various different kernel features, from programmatic syscall filtering (for sandboxing) to performing efficient custom packet processing inline on the kernel's network data plane. In this talk, we will first introduce and briefly discuss the internals of the eBPF implementation in the Linux kernel, its features, and the current set of components that it may be integrated with. We will also briefly cover how eBPF does not intrinsically make C code secure and demonstrate how using eBPF instead of other, more mature, technologies may introduce vulnerabilities. The majority of this talk will focus on using eBPF to trace kernel functions to inspect both kernel and userland code and the data that flows through them. In line with this goal, this talk will cover pragmatic approaches to using eBPF and the non-idiomatic coding styles required to perform useful tasks in eBPF's sandbox. Additionally, while the aim of this talk is to cover the capabilities of "vanilla" eBPF, we will also demonstrate how the kernel may be trivially modified to lift the constraints of the eBPF sandbox when one does not have the time to tiptoe around the bytecode validator (or seeks to use eBPF as a drop-in replacement for kernel modules). Lastly, this talk will show that while eBPF may generally be "safe" for the kernel itself, it is decidedly not when applied to userspace code. We will conclude this talk by demonstrating a general purpose privilege escalation technique that may be used by privileged users to hop namespacing and escape certain container configurations using nothing but eBPF. false Jeff Dileo Andy Olsen Slides https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9623.html 2018-12-30T14:10:00+01:00 14:10 01:00 Dijkstra 35c3-9623-augmented_reality_bridging_the_gap_between_the_physical_and_the_digital_world Augmented Reality: Bridging the gap between the physical and the digital world Science lecture en There has been a lot of talk about Virtual Reality (VR), but still there are very little applications to enhance our everyday lives outside of entertainment. Augmented Reality (AR), the less known sibling of VR, has the power to have a more profound impact on our lives than VR ever could. Instead of replacing the real world with a virtual one, AR enhances the reality with virtual content. Therefore, AR can be a gateway for people in accessing and understanding todays technology and could provide vast possibilities to support our everyday lives, e.g., for navigation, traveling, or education. This talk will give an overview on AR in general and explain its possible benefits and use cases, as well as the issues that may arise, e.g., regarding privacy, data security, as well as psychological and sociological challenges. The talk requires no special knowledge and is suited for people with little exposure to AR and mixed reality, but it will also give insights into current relevant research and development. The recent renaissance and the technical advance brought Virtual Reality (VR) into the spotlight of the mainstream media and led to many promises of a upcoming VR revolution. But despite the abundance of VR headsets, the profund impact into our everyday lives is still not on the horizon. However, hidden in the shadows of VR, Augmented Reality (AR) has a much higher potential to change our lives. In contrast to VR, which aims to replace our physical reality with a virtual one, AR expands our physical world with virtual content. While VR disconnects us from the world, AR bridges the gap between the real and the digital world. Research in last decades focused mostly on specialized and professional use, e.g., in medicine or the industry. Nonetheless, there are a lot of applications for everyday usage, like navigation, traveling, education, and others. Probably the most important promise of AR is that it can help mend the ever increasing breach between humans and technology. Todays technical systems are often to complex, processes to distributed for humans to fully understand the function and state of systems. With AR we can superimpose these information directly on our physical world, visualizing data flows and connections, and make technology understandable again. Despite these opportunities to improve our lives, AR also harbors possible dangers for our society. Looking at the development of the smartphone ecosystems, there will very likely be a few closed systems controlled by their respective globally operating manufacturer. The Microsoft HoloLens is an early example of this likely trend with supporting only applications of windows universal platform. This implies the danger that these concerns have a vast control over the devices itself and with AR could literally dictate what we are allowed to see and what not. Privacy is also an important factor. To function in a satisfactory manner, AR headsets need a very good positional tracking and a video feed of what the user is currently seeing. To make sense of these informations, cloud-services will very likely be involved. This means sending what is basically a live feed of a persons live to somewhere in the vast expanse of the web. It's very hard to think of data that is any more sensitive than this. Therefore the challenge is how to make sure the data is handled responsibly and remains in the control of the user. Furthermore, AR can also be used for services, which are not in the best interest of the user, like personalized advertisements that, in a worst case scenario, could be superimposed on any surface. Last but not least, there are also some psychological and sociological challenges in the regard of how AR could influence our understanding of the world and how we interact which each other. This is an important question with our current use of smartphones, it becomes even more important when AR has entered our everyday lives. All of this makes Augmented Reality one of the most interesting areas of the current technical development. Therefore, it is important to get an understanding of what it is all about, which is exactly the goal of this talk. Besides a short definition and overview of the historical context and the current state-of-the-art, the talk will introduce a possible scenario of how AR can influence our everyday lives, which is based on the raise of the smartphone to the ubiquitous device it is today. We will hopefully close with an interesting question and answer session, where we can discuss some aspects even further. false preip https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9774.html /system/events/logos/000/009/774/large/9.jpg?1539613952 2018-12-30T11:30:00+01:00 11:30 00:40 Eliza 35c3-9774-radical_digital_painting Radical Digital Painting Fantastic Media Manipulation Art & Culture lecture en Radical Digital Painting groups and presents several ideas and artifacts related to contemporary painting and contextualizes its connection to historical processes and digital technology. It is inspired by and is a continuation of Radical Computer Music. Through demonstrative, interactive performance lectures, American artist and educator Jeffrey Alan Scudder presents homegrown software inventions and new theories about painting and picture making. He has performed 60 times since 2016 across the US and Europe, mostly in art schools for students, and often with collaborators Goodiepal, Casey REAS, Julia Yerger, and Artur Erman. A Google search for “digital painting” today mostly brings up Photoshop tutorials related to translating age old representational painting techniques to computational media, but the topic of digital painting has much more to offer fine arts in terms of poetry and theory. Painting software today has largely developed out of a need for traditional artists to keep up pace of work in large scale mass media production pipelines, like those of video games and movies. Few systems have been developed to explore the spontaneity and spirituality present in modernism and contemporary art and further develop the language of painting in general. Jeffrey has created several programs that highlight abstract expressivity, play, and improvisation over production quality and technical control. In addition to software demos, new theoretical models of image resolution, computer literacy, and picture making are illustrated, described, and connected to the history of abstraction in drawing and painting. New ways of approaching drawing are also presented. He presently spends all his time traveling, performing, and continuing to develop his software and media performances. As of Summer and Fall 2018 he is traveling and lecturing with the Danish composer Goodiepal and his band GP&PLS throughout Europe. Jeffrey’s work Ten Minute Painting is now a part of the International Goodiepal Collection at the SMK Statens Museum for Kunst in Copenhagen, Denmark. false Jeffrey Alan Scudder Summary / Media https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9343.html /system/events/logos/000/009/343/large/logo-weiss.jpg?1536683965 2018-12-30T12:30:00+01:00 12:30 00:40 Eliza 35c3-9343-court_in_the_akten Court in the Akten OpenSchufa und OffeneGesetze Ethics, Society & Politics lecture de Private Unternehmen müssen nicht so transparent sein wie Behörden - selbst wenn sie sich wie Behörden benehmen. Welche Mittel können wir nutzen, um trotzdem Lichts ins Dunkel der Konzerne zu bringen? Wir stellen zwei Projekte mit unterschiedlichen Herangehensweise vor: Zum einen OpenSchufa, das das Scoring-Verfahren der Schufa rekonstruieren soll und erste Ergebnisse vorstellen kann. Zum anderen OffeneGesetze, das alle Bundesgesetzblätter seit 1949 erstmals kostenfrei und zur freien Weiterverwendung bereitstellt und jetzt dafür möglicherweise verklagt wird. false Arne Semsrott FragDenStaat https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9868.html 2018-12-30T14:30:00+01:00 14:30 00:40 Eliza 35c3-9868-kickstart_the_chaos_hackerspace_grunden_fur_anfanger Kickstart the Chaos: Hackerspace gründen für Anfänger Ein Erfahrungsbericht aus unbetreuter Vereinsmeierei CCC lecture de Laut Mythos wurde der CCC nur zu einem Verein, weil als einzige andere Rechtsform nur noch die kriminelle Vereinigung zur Alternative stand. Damit es bei euch nicht soweit kommt zeigen wir euch wie ihr bequem aus eurem Interessensverband, der Brettspielgruppe oder dem Nerdstammtisch einen guten deutschen e.V. macht. Alles mit einer Prise Humor aus unserem eigenen Versagen und einer Gemeinnützigkeit als Kirsche obendrauf. Was macht eigentlich ein Vorstand? Ist Kassenwart sein nicht voll viel Papierkram? Wie mache ich jetzt richtige Beitrittserklärungen? Alles Fragen die unser eins gerne davon abhalten einen richtigen Verein zu gründen. Wenn man sich aber kurz in das Abenteuer Vereinsrecht stürzt hat man am Ende ein klasse Tool in der Werkzeugkiste um noch fantastischer im Hackerspace zusammen an Projekten arbeiten zu können. Wir sprechen dabei aus teilweise schmerzlicher, teilweise lustiger Erfahrung. Samuel und Thorben waren beteiligt an der Gründung und Entwicklung mehrerer Vereine. In den letzteren Versuchen dann auch mit mehr Erfolg. So existiert und floriert bis heute auch der Chaostreff Flensburg e. V., an dessen Geschichte wir euch zeigen wollen wie ihr einen Hackerspace oder ähnliches auf die Beine stellen könnt, wo ihr ihn beheimatet, wie ihr Mitglieder gewinnt, eine Community schafft und auch das nötige Kleingeld für eure Projekte zusammenkratzt. Was für Tools und Technik könnt ihr auf eure Probleme werfen und wo hilft der Gang zum befreundeten Steuerberater? Und wie kann man überhaupt ein Teil des großen Chaos werden, ohne überhaupt nur eine Seele dabei zu haben die weiß worum es geht? Und wie kann ich mein erstes kleines Event starten? Den nötigen Papierkram für Gründung, Beitritte und Versammlungen bringen wir euch natürlich zum Kopieren und benutzen mit. Freut euch auf eine humoristische Mischung aus gut gemeinter Inkompetenz und gemeinnützigen Papierschlachten. Danach wollt auch ihr Vereinsmeier werden. false Thorben Dittmar Samuel Brinkmann 2018-12-30T00:00:00+01:00 00:00 02:00 Chaos West Bühne KCQ7PR https://fahrplan.chaos-west.de/35c3chaoswest/talk/KCQ7PR CTF Afterparty: Project Poltergeist ft. VJ Pyree Klangteppich de Wie letztes Jahr wird es wieder ein spezielles Set auf der Chaos West Bühne zur CTF Afterparty geben. Es wird intensiv elektronisch und tanzbar mit Techno, Hard Electro, Psytrance, Drum and Bass und ähnlichem. & Real-time generated visuals combined with live (shader) coding. I use a self-written OpenGL engine written in Python that can hotload both python and shader code to create an ever evolving visual landscape. Herzlich Willkommen zur dieses Jahr erstmals offiziellen CTF-Aftershowparty. Nachdem letztes Jahr so ein Erfolg war, ist die Wiederholung dieses Jahr selbstverständlich. Statt dem Hirn und Augen sind jetzt Ohren und Füße gefragt: Mit einem Mix aus Techno, Psytrance, Hard Dance und Artverwandtem. Lasst euch ein bisschen überraschen, es wird auf jeden Fall elektronisch und auf jeden Fall extrem tanzbar. Als coolen Zusatz gibt es Live Shaderprogrammierung von VJ Pyree obendrauf. Kommt also zur Chaos-West Bühne und lasst die Nacht voller Energie ausklingen zu lassen! true Alexeyan CTF-Spieler und DJ https://twitter.com/Alexeyan2 https://www.mixcloud.com/Alexeyan/ DrLuke I am VJ Pyree 2018-12-30T02:00:00+01:00 02:00 02:00 Chaos West Bühne FE8ABF https://fahrplan.chaos-west.de/35c3chaoswest/talk/FE8ABF Techno/Techhouse Set Klangteppich de Techno/Techhouse Set by dray Techno/Techhouse Set, vermutlich vom Stil zwischen Johnny Aemkel und Tiari, könnte sich aber auch noch ein wenig ändern. true dray TBD 2018-12-30T04:00:00+01:00 04:00 02:00 Chaos West Bühne 9YUVFS https://fahrplan.chaos-west.de/35c3chaoswest/talk/9YUVFS Technoid mit Juli Jane Klangteppich de Technoide Musik live gemixt von Juli Jane. Technoide Musik im Live-DJ-Mix von Juli Jane Eine bunte Mischung von Techno, Tech-House, Deep-House und/oder ähnlichen elektronischen Genres. * Set vom 34C3 im Electric Cube: https://soundcloud.com/juli_jane/nerds-can-dance * Set vom EMF Camp 2018: https://soundcloud.com/juli_jane/roadtrip * Mehr Sets und eigenproduzierte Tracks: https://soundcloud.com/juli_jane Zuvor zu hören u.a. bei: * CCC Camp 2015 - Chaos West * 32C3 - Chaos West Klangteppich * SHA2017 - Chaos West, GeraFFel und Mainfloor * 34C3 - Electric Cube * EMF Camp 2018 - Null Sector true Juli Jane CCC-Veteranin, Nerdette und DJane/Produzentin. Mehr chaosrelevante Details: https://wiki.das-labor.org/w/Benutzerin:Julijane 2018-12-30T11:30:00+01:00 11:30 00:20 Chaos West Bühne THQZWQ https://fahrplan.chaos-west.de/35c3chaoswest/talk/THQZWQ Eine Einführung in Bildschirmtext Einfacher Slot mit optionalen Q+A de Bildschirmtext war der Onlinedienst für Konsumenten bei der Post. Dieser Talk führt in die Technik dahinter ein und soll auch zeigen war man daraus für einen Web-Nachfolger wiederverwenden kann, und was man ändern müsste. Bildschirmtext ist nun schon seit 15 Jahre abgeschaltet. Wie bei jeder alten Technik spiegelt die Technik jedoch ihre Zeit wieder und zeigt gleichzeitig Möglichkeiten für die Zukunft auf. Bildschirmtext ist einerseits simpel genug, dass es von Einzelpersonen weitgehend implementiert werden kann, andererseits jedoch vielseitig genug um moderne Features einzubetten. Die Standards hinter Bildschirmtext sahen bereits hoch aufgelöste Fotos, Vektorgraphiken, Dateiübertragungen und Audio vor. Mit den gleichen Mechanismen von damals könnte man heute Video realisieren. Im Gegensatz zum Web, bei dem die Browser inzwischen Gigabytes an RAM benötigen, kann man ein simples Videotextterminal in einem mittelgroßen AT-Mega implementieren. Dafür muss man natürlich irgendwo anfangen. Deshalb habe ich vor ein kleines BTX-System aufzusetzen . Der Code dafür ist hier https://github.com/Casandro/cas_btx und wird dann (hoffentlich) per IP und DECT erreichbar sein. Dieses System hat einen primitiven Editor für BTX-Seiten und ist als Startpunkt für weitere Entwicklungen gedacht. false Christian Berger Elektroingenieur der Nachrichtentechnik aus Leidenschaft mit einem Hang zur Technikgeschichte. Bislang habe ich 5 Artikel von unterschiedlicher Qualität in 2600 veröffentlicht. (Pseudonym Casandro) In der übernächsten Datenschleuder wird voraussichtlich ein Artikel von mir über den T.30 Faxstandard sein. 2018-12-30T12:00:00+01:00 12:00 00:50 Chaos West Bühne RDVAAZ https://fahrplan.chaos-west.de/35c3chaoswest/talk/RDVAAZ Informationssicherheit & IT-Risikomanagement am Beispiel der Bank B Doppelter Slot 40 Minuten + 10 Minuten Q+A de Gerade im Bereich der IT halten externe Berater (und auch Mitarbeiter) sich oft mehr oder weniger an den Vorgaben der Aufsicht fest. So manch einer hat keine Ahnung, ob das eigentlich zielführend ist - und von was redet der Techniker am anderen Ende des Tisches da eigentlich?!?!!!??? Garniert mit eigenen Anekdoten, kleinen fiktiven Beispielen und absolut tauglich für Anfänger: Informationssicherheit & IT-Risikomanagement am Beispiel der Bank B! Zum Aufwärmen: Datenschutz und Informationssicherheit. Wo ist der Unterschied? Dann die drei Schutzziele Vertrautlichkeit / Integrität / Verfügbarkeit am Anfang des Regelkreises zur Informationssicherheit: welchen Schutzbedarf haben meine Informationen? Welche Prozesse wirken darauf ein? Auf welchem Server liegen die Informationen eigentlich? Hat meine Anwendung eine Schnittstelle? Warum stellen diese Leute immer so viele Fragen? Bisher ist doch auch nichts passiert? Dann mach ich halt mal was.... spätestens an dieser Stelle atme ich normalerweise tief durch. Dann kommt nämlich der Part, an dem erklärt wird: nö, ist nicht. Wenn dann weißer Rauch aufsteigt, und alle irgendwie zufrieden sind, kommt das Restrisiko. Wie, noch mehr zu tun?! Ja! Dann werden Risiken eingestellt, bewertet, und "gemanaged", berichtet, abgelehnt, verloren, wiedergefunden, mitigiert und irgendwie zu einem eigenen Süppchen gekocht. Dabei könnte es so schön sein (vollständiges, adressatengerechtes Reporting *hüstel*). Der zweite Teil beinhaltet dann also die Risikoanalyse. Über die Klärung, was eigentlich ein Risiko und eine Bedrohung ist, quantifizierter vs. qualifiziertes Ansatz, Risikobehandlung, Eintrittswahrscheinlichkeit & Schadenshöhe. false Diula Chaosdorf-Member <3 mit Vorliebe für Informationssicherheit, Prozesse und Anweisungen. Findet gerne heraus wie Dinge funktionieren, stellt Fragen und dokumentiert die Ergebnisse. Im Finanzbereich unterwegs. 2018-12-30T13:00:00+01:00 13:00 00:50 Chaos West Bühne ER9F8B https://fahrplan.chaos-west.de/35c3chaoswest/talk/ER9F8B Hacker eG - Genossenschaft für chaosnahes Wirtschaften Doppelter Slot 40 Minuten + 10 Minuten Q+A de # Hacker eG * Eine Genossenschaft für chaosnahes Wirtschaften Viele von uns brauchen neben ihrem alltäglichen Broterwerb eine Genossenschaft, die uns gehört und uns bei Bedarf sogar nebenbei anstellt. Viele von uns wissen nicht, dass das so ist und warum. Dieser Vortrag erklärt die Zusammenhänge und das Vorhaben. Viele von uns haben einen Voll- oder Teilzeitjob zum täglichen Broterwerb und tun daneben gutes im Chaos und darüber hinaus. Manchmal würde man dafür auch gern etwas Geld nehmen und auch gern bekommen - und nimmt dann doch keins, weil man dann ja ein Gewerbe anmelden, ein Unternehmen gründen, Nebentätigkeiten genehmigen lassen müsste, Steuerberater beschäftigen usw. usf. So mancher von uns braucht nur mal zwischendurch eine Firma. Für ein cooles Projekt, den Containerimport aus China, oder zur Überbrückung zwischen zwei Jobs. Erst gründen und dann wieder abwickeln lohnt sich oft nicht. Oder man möchte das zugeworfene Kleingeld für gefällige Dienste rechtssicher und steuerehrlich in einen solidarischen Topf geben. Manchmal kann man auch Fördermittel für Projekte bekommen - wenn man denn nicht "nur" ein kleiner Freelancer ist. Für alles das gibt es seit 150 Jahren eine Lösung. Nennt sich Genossenschaft. Ist ein bisschen aufwändig. Jedenfalls für einen alleine. Auch für 10 Leute. Aber nicht für 100 von uns. Tun wir uns zusammen. Grundsatzinfos: [https://de.wikipedia.org/wiki/Genossenschaft](https://de.wikipedia.org/wiki/Genossenschaft) und bald auch konkret hier: [hkbl.de](http://hkbl.de) Registrierung als Gründungsinteressent: Leere Mail mit Betreff "Interesse" an geno@damals-tm-podcast.de false ajuvo ## Privatier und Zeitzeuge. *Ich mache ehrenamtlich Vorträge, Workshops, Bücher, Radio und Podcasts. Lange Jahre habe ich international Unternehmen, Organisationen und Regierungen beraten, war Diplomat, Lobbyist, Wissenschaftler, akademischer Lehrer und Radiomacher. Alter Sack (tm). Radio Hyperbandrauschen auf Berlin 88.4 ; Podcaster damals-tm-podcast.de ; c-base; c3d2; 0x56686607E8A7D407; Z6X3DTSM; DECT 3370; @ajuvo@chaos.social ; zur Zeit Chaospate für Chaos Potsdam URL: [crew.c-base.org](https://ajuvo.crew.c-base.org/) therojam Bone shortly after. The Wallmanns down in the ChaosZone near Elbe. Today working in Linux & OpenSource branch as Consultant & Supporter. 2018-12-30T14:00:00+01:00 14:00 00:50 Chaos West Bühne MRKBBU https://fahrplan.chaos-west.de/35c3chaoswest/talk/MRKBBU It's not rocket science Doppelter Slot 40 Minuten + 10 Minuten Q+A en Space is hard, but not that hard. Despite progress in technology, and cheaper rockets, science in space is becoming ever more expensive. Even copies of old missions now cost 2-4x as much. Better solutions are available, some taken straight from smartphones and consumer cameras. Satellite hardware is not magic dust. It's a piece of electronics in a somewhat exotic environment. These days, hardware development has progressed to the point where off-the-shelf hardware can be used in space. Improving performance, while cutting costs to a fraction. Professional star trackers cost several hundred thousand dollars a piece. But it is just a simple camera and the necessary software to find and track star constellations. Consumer hardware, like CPUs and camera chips, is essentially space-rated by default. Silicon-on-insulator used to be special hardware for radiation environments, but is now used in consumer electronics. Cheaper rockets became possible by pragmatic rocket engineering, notably by SpaceX but also Russian rockets still flying today. The ideas had been around for a long time. European, Chinese and Indian Launcher provide some examples on how to achieve reductions in launch cost and how not to achieve them. Cheaper rockets in many cases also allow higher mass to be traded for lower prices. Larger margins reduce work for quality control and modular systems reuse old engineering hardware in new missions. Higher satellite mass become increasingly acceptable, if they reduce development and manufacturing cost. And none of this is rocket science. false Frank Wunderlich-Pfeiffer I'm a journalist working for [Golem.de] (https://www.golem.de/specials/autor-frank-wunderlich-pfeiffer/) Covering spaceflight and other topics in science and technology. 2018-12-30T16:10:00+01:00 16:10 00:50 Chaos West Bühne 7DQX77 https://fahrplan.chaos-west.de/35c3chaoswest/talk/7DQX77 Security Nightmares [Streaming] Doppelter Slot 40 Minuten + 10 Minuten Q+A de Security Nightmares Streaming Security Nightmares Streaming true 35C3 2018-12-30T17:10:00+01:00 17:10 00:50 Chaos West Bühne RMQHYM https://fahrplan.chaos-west.de/35c3chaoswest/talk/RMQHYM Closing [Streaming] Doppelter Slot 40 Minuten + 10 Minuten Q+A de Streaming des offiziellen Closing Events Streaming des offiziellen Closing Events true 35C3 2018-12-30T14:30:00+01:00 14:30 01:00 ChaosZone CR8PGP https://cfp.chaoszone.cz/35c3/talk/CR8PGP Die Alpha Session 60min de Demo einer Alphastation mit 21064 Prozessor. Dazu Infos über die Geschichte des Alpha-Prozessors und wie digital drin hängt/gehangen ist. Sowie Eckdaten zum Alpha false robert0k Softwareentwickler, Informatiker und Mitglied des chch.it Chemnitz 2018-12-30T17:10:00+01:00 17:10 01:00 ChaosZone L8MWNG https://cfp.chaoszone.cz/35c3/talk/L8MWNG livestream - Closing Ceremony Session 60min en Livestream from the 35C3 Closing Ceremony false livestream 2018-12-30T11:00:00+01:00 11:00 00:30 OIO Vortrags-Arena R3DGAF https://pretalx.35c3oio.freifunk.space/35c3oio/talk/R3DGAF/ OIO habour clean up - Day 3 OIO Housekeeping en OIO habour clean up false HUQ9YA 35c3oio@freifunk.space 2018-12-30T11:30:00+01:00 11:30 00:20 OIO Vortrags-Arena SQXVCE https://pretalx.35c3oio.freifunk.space/35c3oio/talk/SQXVCE/ OIO Daily Standup day 4 Talk 20min total (etwa 5min Q&A) en Let's start into day 4 false HFER8G Andreas Dorfer https://forum.freifunk.net/u/adorfer/ 2018-12-30T14:00:00+01:00 14:00 00:20 OIO Vortrags-Arena M9VQA9 https://pretalx.35c3oio.freifunk.space/35c3oio/talk/M9VQA9/ Why VPN? Freifunk via L2-BSA. Talk 20min total (etwa 5min Q&A) en Why hassle with the VPN-Overhead. With the availability of commodity SV-VDSL Hardware in Gluon , it’s now possible to replace Mesh-VPN with Mesh-DSL. What we learned in the process and how major projects and wireless backbone networks in particular can benefit from a "VPN-free" solution. true SB9DGB skorpy Below 1GE? Do not touch it! C9EY9L herrbett Freifunk Karlsruhe 2018-12-30T14:30:00+01:00 14:30 00:20 OIO Vortrags-Arena AYUMLK https://pretalx.35c3oio.freifunk.space/35c3oio/talk/AYUMLK/ Distributed DHCP Talk 20min total (etwa 5min Q&A) en In mesh networks clients stay in separated ethernets. We developed and implemented a distributed dhcp algorithm so our mesh nodes now can serve dhcp directly while maintaining a consensus about leases of the same subnet. In mesh networks, you can either run central dhcp servers or run them on the mesh nodes and have some administrative control about the served subnets, but those then scattered dhcp servers have no consensus about the whole lease state and thus are not able to renew leases of roamed clients. Our algorithm, implemented in the ddhcpd addresses these problems: It coordinates the served leases automatically, so you need no administrative control entity. And it allows roamed clients to renew and keep their IP addresses, through a forwarding mechanism. The talk will be about the theoretical concept, the state of our implementation in ddhcpd and practical experience. DDHCPD: https://github.com/sargon/ddhcpd Gluon Packet: https://github.com/sargon/gluon-sargon/tree/v2018.x/ddhcpd false KMR7N8 Daniel Ehlers informatics network guy with interests in combinatoric algorithms. 2018-12-30T18:00:00+01:00 18:00 00:20 OIO Vortrags-Arena CEMDER https://pretalx.35c3oio.freifunk.space/35c3oio/talk/CEMDER/ OIO Closing Session Talk 20min total (etwa 5min Q&A) en Shutdown notice false USJAK9 Andreas Bräu Freifunker since 2006 2018-12-30T14:00:00+01:00 14:00 01:00 OIO Workshop-Domo FTFSBU https://pretalx.35c3oio.freifunk.space/35c3oio/talk/FTFSBU/ ELECTRIC CARS, USE IT, HACK IT, TALK ABOUT IT Workshop 45min en Let's talk about computers on wheels. Electric cars. Let talk about experiences, hardware, software, hacking cars, coding cars. No presentation, just talk about experiences, ideas, problems and solutions. false SAXFNS Morris Jobke 2018-12-30T15:30:00+01:00 15:30 01:20 OIO Workshop-Domo WNYZ7A https://pretalx.35c3oio.freifunk.space/35c3oio/talk/WNYZ7A/ Freifunk-Workshop: bessere Vorschläge als "weiter so" für 2019? Workshop 80min de Eine Diskussion: Weniger Nachfrage, unzeitgemäße Performance, Adminfrust, erklärungsbedürftige Hardware-Situation: Was können wir anders machen in den etablierten Communities. Visionen oder schlicht Ansätze true HFER8G Andreas Dorfer https://forum.freifunk.net/u/adorfer/ 2018-12-30T12:00:00+01:00 12:00 00:45 WikiPakaWG Esszimmer K7G8NX https://cfp.verschwoerhaus.de/35c3/talk/K7G8NX/ HackspaceDesignPatterns Talk de "Wir brauchen einen Hackspace." Mit dieser Aussage beginnt alles. Aber was ist notwendig, um diese Idee Wirklichkeit werden zu lassen? Einen geeigneten Ort finden, bürokratische und finanzielle Hürden, Raumgestaltung, die Gemeinschaft in Ihrem Raum zusammenhalten ... Es gibt eine Menge Dinge, die man beachten sollte. Mit Hilfe von Design Patterns zeigen wir Euch, wie Ihr Euren eigenen Hackspace aufbauen könnt. Der Hackspace Design Pattern Catalogue wurde erstmals auf der 24C3 vorgestellt. Seitdem sind die HackspaceDesignPatterns DAS Handbuch zum Einrichten eines eigenen Hackspace geworden. Jetzt, über 10 Jahre später, glauben wir ist es an der Zeit, einige dieser Pattern zu aktualisieren. Was ist noch gültig? Was hat sich verändert? Brauchen wir neue Pattern? Brauchen wir Patterns für Makerspaces? etc... Kommt zu diesem Vortrag, wenn ihr im Begriff seid, euren lokalen Chaos Computer Club oder Hackspace an irgendeinem Ort der Welt zu gründen und um von unseren Erfahrungen zu lernen! false BDSWFX Felix YMCYGT Lars Weiler 2018-12-30T13:00:00+01:00 13:00 01:00 WikiPakaWG Esszimmer RGU9XL https://cfp.verschwoerhaus.de/35c3/talk/RGU9XL/ Datenguide / Statistik für alle! Workshop mit Gruppentischen de Mit unserem Projekt Datengui.de machen wir die Daten der statistischen Ämter zugänglich für alle! In unserer Präsentation zeigen wir, wie wir die Daten aus der amtlichen Statistik saugen und für euch so aufbereiten, dass ihr sie verstehen und weiterbenutzten könnt. false YMYTMP Simon NKKBZK P3nny 2018-12-30T14:30:00+01:00 14:30 01:30 WikiPakaWG Esszimmer A9QYBU https://cfp.verschwoerhaus.de/35c3/talk/A9QYBU/ How To Become a (Media)Wiki Hacker Talk en Basic introduction how to get started to hack on Wikimedia software projects with Q&A false RVGZKL Daniel DXJG8B Andre 2018-12-30T17:00:00+01:00 17:00 00:15 WikiPakaWG Esszimmer RXZ3FE https://cfp.verschwoerhaus.de/35c3/talk/RXZ3FE/ Abbau-Meeting Meetup de true 33UT8A WikiPaka Orga 2018-12-30T12:00:00+01:00 12:00 00:15 WikiPakaWG Küche XXY8Q7 https://cfp.verschwoerhaus.de/35c3/talk/XXY8Q7/ Orgameeting Tag 4 Meetup de true 33UT8A WikiPaka Orga https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10171.html 2018-12-30T14:00:00+01:00 14:00 03:00 Discodrama 35C3-ABFahrplan-10171-fairy_dust_-_day4 Fairy Dust - Day4 Rocket Away Music other en Modify the Fairy Dust After standing in the cold rain and snow for too long, the Fairy Dust will find its place this time in the middle of the crowd at hall 5. A video installation will take place on the surface. This is a call for people, who can handle c4d files and have the bravery to put their vision on the symbol of the congress. The file attached to this event contains all information about the object, as well the position and lenses of the 4 projectors. Fell free to develop whatever you like. Keep in mind that the surface is very glossy and actually eats the light away. Rendered video best with HAP or MP4. In the hours between 2 pm and 5 pm on the days of the congress, there will be access to the video system, if you come around and have a device with HDMI out. Enjoy! Powered by PENTAKLON und Rico Rose Contact: privatlehrer[at]gmail[:]com false 35C3-template-ROCKET.c4d https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10141.html 2018-12-30T18:00:00+01:00 18:00 01:00 Discodrama 35C3-ABFahrplan-10141-bobopk BoboPK Game Boy Live! Music concert en From the family... false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10142.html /system/events/logos/000/010/142/large/avatars-000311048113-9dewz4-t500x500.jpg?1545422530 2018-12-30T19:00:00+01:00 19:00 01:00 Discodrama 35C3-ABFahrplan-10142-exoboom Exoboom Techno Music concert en We were deeply into research, together with a mad cartoon scientist, when shit hit the fan! ..However, we got stuck in your dimension. And we brought you something very special. Our Quantum Techno Generator - EXOBOOM. You don´t want to miss us firing up that thing! false https://soundcloud.com/exoboom https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10143.html 2018-12-30T20:00:00+01:00 20:00 01:00 Discodrama 35C3-ABFahrplan-10143-onetake_perm Onetake & Perm Part 1 Music djset en Since years OneTake & Perm share a faible for heavyweight and spacey Dub 7inches. Every once in a while they get together for a rare b2b set. false https://soundcloud.com/onetake https://soundcloud.com/perm-3 https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10064.html /system/events/logos/000/010/064/large/disrupt_Cliona1.jpg?1545422990 2018-12-30T21:00:00+01:00 21:00 01:00 Discodrama 35C3-ABFahrplan-10064-disrupt Disrupt DigiDub Music concert en With a background in breakcore, weirdo electronic music and a love for video game soundtracks disrupt and a trashy laptop set out on a mission to unite bits and bytes with the goodness of DUB back in 2003. Starting the Jahtari imprint as an outlet for those humble but fun experiments helped to gain momentum for the sound and DIY approach the label is now known for. A fair heap of releases followed since 2007: “Foundation Bit” (on Werk Discs), “The Bass Has Left The Bilding” (LP), “Dot Matrix With Stereo Sound” and many ruffneck dancehall EPs and 7″s alongside Maffi and Naram. Disrupt also produced the cosmic enka LP “Karma No Kusari” by Kiki Hitomi, and the dub poetry epics “Dis Side Ah Town” and “Dog Heart City” by Roger Robinson. With his highly immersive SciFi adventure album “Omega Station” disrupt is setting out towards a new era of space exploration for the Jahtari label. false https://jahtari.org/artists/disrupt/ https://soundcloud.com/jahtari_records https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10144.html 2018-12-30T22:00:00+01:00 22:00 01:00 Discodrama 35C3-ABFahrplan-10144-onetake_perm Onetake & Perm Part 2 Music djset en Since years OneTake & Perm share a faible for heavyweight and spacey Dub 7inches. Every once in a while they get together for a rare b2b set. false https://soundcloud.com/onetake https://soundcloud.com/perm-3 https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10059.html /system/events/logos/000/010/059/large/avatars-000529235811-z36gbq-t500x500.jpg?1545423475 2018-12-30T23:00:00+01:00 23:00 02:00 Discodrama 35C3-ABFahrplan-10059-t-data T-Data Bass Music djset en Clear Memory member, future record store owner and Data Wrangler based in Leipzig. Transforming Breaks, UK Bass, Footwork, bossy Electro and Jungle into another format with the intent of making it more appropriate and valuable for a variety of listeners. false https://soundcloud.com/tdata https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10065.html /system/events/logos/000/010/065/large/avatars-000189510234-u4rq4y-t500x500.jpg?1545423354 2018-12-31T01:00:00+01:00 01:00 01:00 Discodrama 35C3-ABFahrplan-10065-ruz RUZ Jungle/Bass/Rave Music concert en Leipzig based Artist and Producer Sebastian G. aka RUZ. Associated with: ALPHACUT | 45SEVEN | BASSMÆSSAGE Original Junglist, Soundscape lover and musical Madness searching Vinylist from Leipzig, Germany. From ruff & rugged Breakbeat fiddlin' over smooth Oldschool Reggae Dub Vibes to dark, psychotic and melancholic Soundspheres. For fans of 90's oldschool Jungle & newly modern Drum and Bass movements. false https://soundcloud.com/ruzztle https://www.mixcloud.com/TaRUZ/ https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10043.html /system/events/logos/000/010/043/large/avatars-000154450404-yn2uz6-t500x500.jpg?1545423670 2018-12-31T02:00:00+01:00 02:00 02:00 Discodrama 35C3-ABFahrplan-10043-ingo_boss Ingo Boss Techno Music djset en Ingo Boss was born in 1979 in Frankfurt am Main. At the tender age of 11, Ingo was already entranced by the new sound called techno that he had heard on the radio – two years later he already became acquainted with the wonderful things one can do with two decks and a mixer. As so many others, he was inspired by the music Sven Väth played at the legendary „Omen“ in Frankfurt where Ingo used to turn the night into day at the age of 15. In 1998 he had his first gig at the short-lived „U-Bahnstation Miquelallee“ in Frankfurt. In 2000, Ingo became a resident at a series of events called „Spectrum@MTW“, organized by the German music magazine GROOVE. That same year he published his first production „modes“ in cooperation with his studio partner Denis Engemann on PV Records and later on two mix CDs. In 2001, Ingo went on a tour which also led him abroad for the first time: with PV Records and with the Delirium Recordstore on the occasion of their 10 year anniversary. In 2002, he began his residency at the „U60311“ in Frankfurt and he held it until he gave it up in 2004 in favour of Cocoonclub. Ingo’s breakthrough as a producer came in the form of his EP „Transistor“, which was released on Cocoon Recordings in 2003 and which contained the goosebump track „Little Eternity“. The track made it onto Sven Väth’s mix CD „Sound of the Fourth Season“. On Christmas Eve 2004, Ingo made his debut at Cocoonclub where he played side by side with Sven Väth and 2Raumwohnung – he became a regular at Cocoonclub and pretty soon, he hosted the „micromized“ night with Chris Tietjen as co-host. In 2006, he and REBOOT made the successful remix of G-Man’s techno classic „Quo Vadis“. In november 2010, the industrious musician finally released his first album on TopModel Records. Ingo has been part of the Cocoon roster since 2009. In 2011 he launched his BEATPORT label called EUREKA Frankfurt. In February 2012 he released "Same Mind" - his second artist album - on Eureka. Later on followed by the „Same Mind Remixes“ abum incl. Remixes by Mark Reeve, Johannes Heil, Romano Alfieri, Dr. Shingo and many more artist. In this year he launched also his „insane“ Techno Release „Freakshow EP“ with a Neil Landstrumm Remix (EURK006). And a Co-Op Production with Mark Reeve on Cocoon Recordings („Initial Spark“ – COR12099). In August 2013 he decide to be an artist of CONTACT Booking agency. false https://soundcloud.com/ingoboss https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10040.html 2018-12-31T04:00:00+01:00 04:00 02:00 Discodrama 35C3-ABFahrplan-10040-tschunkelmusik Tschunkelmusik Techno/House Music djset en two guys from the family, Erna Besen & Rosa Luxus, helping you to dance goodbye to 35C3 false Tschunkelmusik @ GPN18 Tschunkelmusik Ethik https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10158.html 2018-12-30T10:00:00+01:00 10:00 02:00 Shutter Island 35C3-ABFahrplan-10158-nuts Nuts. Let*s go ahead. Music djset en false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10159.html 2018-12-30T12:00:00+01:00 12:00 02:00 Shutter Island 35C3-ABFahrplan-10159-franz Franz Not knowing (ich weiß es doch auch nicht) Music djset en false https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10160.html 2018-12-30T14:00:00+01:00 14:00 03:00 Shutter Island 35C3-ABFahrplan-10160-lord_spreadpoint Lord/Spreadpoint Closing Music djset en false www.4sk.de https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10145.html /system/events/logos/000/010/145/large/avatars-000059086552-x8yvq5-t500x500.jpg?1545424436 2018-12-30T14:00:00+01:00 14:00 02:00 Uptime Bar 35C3-ABFahrplan-10145-jaycee Jaycee House/Techno Music djset en false https://soundcloud.com/jaycieh https://fahrplan.events.ccc.de/congress/2018/Lineup/events/10046.html /system/events/logos/000/010/046/large/avatars-000384533228-52qa9w-t500x500.jpg?1545424204 2018-12-30T16:00:00+01:00 16:00 02:00 Uptime Bar 35C3-ABFahrplan-10046-juli_jane Juli Jane Techno/Tech House/Deep House Music djset en I love music and I mix and create tracks which make me happy. I do my thing and if you like it, it makes me even happier :) false https://soundcloud.com/juli_jane