2.0 -//Pentabarf//Schedule//EN 34c3 Schedule 34c3 Schedule PUBLISH 8710@34c3@pentabarf.org 8710 34c3-8710-relativitatstheorie_fur_blutige_anfanger Relativitätstheorie für blutige Anfänger Raum, Zeit, Licht und Gravitation, wie hängt das zusammen? German de 20171227T211500 20171227T214500 003000 Relativitätstheorie für blutige Anfänger- Raum, Zeit, Licht und Gravitation, wie hängt das zusammen? Jeder kennt sie, kaum jemand versteht sie wirklich, die vielleicht berühmteste Gleichung der Welt: E=mc^2 Was hat es damit auf sich, was ist die spezielle- und was die allgemeine Relativitätstheorie? Wie kann man sicher sein, dass das wirklich stimmt? Bleibt die Zeit stehen, wenn man sich mit Lichtgeschwindigkeit bewegt? Was ist das Zwillings-Paradoxon und dehnt sich das Universum aus, oder werden wir einfach nur immer kleiner? PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8710.html Saal Clarke Steini PUBLISH 8714@34c3@pentabarf.org 8714 34c3-8714-schreibtisch-hooligans Schreibtisch-Hooligans Informationsfreiheit trotz CSU German de 20171230T121500 20171230T124500 003000 Schreibtisch-Hooligans- Informationsfreiheit trotz CSU Wie umgehen mit politischer Ohnmacht? Das Informationsfreiheitsgesetz bietet einige Ansätze: Es macht es auch für juristische Laien möglich, gegen Behörden vorzugehen, die das Recht brechen. Wir kämpfen gegen die Ohnmacht: Dieses Jahr haben wir alle Gesetzentwürfe aller Bundesministerien und Lobby-Stellungnahmen dazu befreit. Wir haben uns mit der Berliner Partypolizei angelegt - prost! - und 13 Behörden verklagt, darunter die Polizei Köln, das Innenministerium und das Verteidigungsministerium. Und wir haben einen Weg gefunden, zwei Behörden zu verklagen, die eigentlich sonst keine Auskunft geben ... PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8714.html Saal Adams Arne Semsrott PUBLISH 8720@34c3@pentabarf.org 8720 34c3-8720-ios_kernel_exploitation_archaeology iOS kernel exploitation archaeology English en 20171227T183000 20171227T193000 010000 iOS kernel exploitation archaeology- This talk presents the technical details and the process of reverse engineering and re-implementation of the evasi0n7 jailbreak's main kernel exploit. This work was done in late 2013, early 2014 (hence the "archaeology" in the title), however, it will provide insight into the kernel debugging setup for iOS devices (iDevices), the encountered difficulties and how they were overcome, all of which can be useful for current iOS kernel vulnerability research. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8720.html Saal Clarke argp PUBLISH 8721@34c3@pentabarf.org 8721 34c3-8721-blinkenrocket Blinkenrocket! How to make a community project fly English en 20171228T163000 20171228T173000 010000 Blinkenrocket!- How to make a community project fly The Blinkenrocket is a DIY SMD Soldering Kit that was designed to teach different manufacturing and soldering skills. A lot of work on both Hardware and Software was done in CCC erfas namely shackspace, chaosdorf and metalab. The kit is used in workshops since 1.5 years at the chaos macht schule events and is very successful in its purpose. Creating this project was plenty of work and there is so much to show and tell around it, it will blow your mind. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8721.html Saal Clarke overflo muzy PUBLISH 8724@34c3@pentabarf.org 8724 34c3-8724-defeating_not_petya_s_cryptography Defeating (Not)Petya's Cryptography English en 20171227T210000 20171227T220000 010000 Defeating (Not)Petya's Cryptography- In this presentation we will outline our findings about (Not)Petya's crypto flaws and how we were able to exploit them to decrypt infected computers. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8724.html Saal Borg Sebastian Eschweiler PUBLISH 8725@34c3@pentabarf.org 8725 34c3-8725-inside_android_s_safetynet_attestation_attack_and_defense Inside Android’s SafetyNet Attestation: Attack and Defense English en 20171228T183000 20171228T193000 010000 Inside Android’s SafetyNet Attestation: Attack and Defense- SafetyNet Attestation is the primary platform security service on Android. Until recently you had to use third party tools or implemented your own app integrity checks and device rooting checks. Today you can use Android's SafetyNet Attestation infrastructure to ensure the integrity of your application and the user's device. Unfortunately, SafetyNet Attestation is not well documented by Google. This talk is split into three parts. Part one provides a deep dive into SafetyNet Attestation how it works. Part two is a guide on how to implement and use it for real world applications. This is based on the lessons learned from implementing SafetyNet Attestation for an app with a large install base. The talk will provide you with everything you need to know about Android’s SafetyNet Attestation and will help you to implement and use it in your app. Part three presents attacks and bypasses against SafetyNet Attestation. The attack method targets not only SafetyNet but other similar approaches. New tools and techniques will be released at this talk. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8725.html Saal Clarke Collin Mulliner PUBLISH 8730@34c3@pentabarf.org 8730 34c3-8730-taking_a_scalpel_to_qnx Taking a scalpel to QNX Analyzing & Breaking Exploit Mitigations and Secure Random Number Generators on QNX 6.6 and 7.0 English en 20171228T194500 20171228T204500 010000 Taking a scalpel to QNX- Analyzing & Breaking Exploit Mitigations and Secure Random Number Generators on QNX 6.6 and 7.0 In this talk we will present a deep-dive analysis of the anatomy of QNX: a proprietary, real-time operating system aimed at the embedded market used in many sensitive and critical systems, particularly within the automotive industry. We will present the first reverse-engineering and analysis of the exploit mitigations, secure random number generators and memory management internals of QNX versions up to and including 6.6 and the brand new 64-bit QNX 7.0 (released in March 2017) and uncover a variety of design issues and vulnerabilities. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8730.html Saal Borg Jos Wetzels Ali Abbasi PUBLISH 8735@34c3@pentabarf.org 8735 34c3-8735-spy_vs_spy_a_modern_study_of_microphone_bugs_operation_and_detection Spy vs. Spy: A Modern Study Of Microphone Bugs Operation And Detection English en 20171228T151500 20171228T161500 010000 Spy vs. Spy: A Modern Study Of Microphone Bugs Operation And Detection- In 2015, artist Ai Weiwei was bugged in his home, presumably by government actors. This situation raised our awareness on the lack of research in our community about operating and detecting spying microphones. Our biggest concern was that most of the knowledge came from fictional movies. Therefore, we performed a deep study on the state-of-the-art of microphone bugs, their characteristics, features and pitfalls. It included real life experiments trying to bug ourselves and trying to detect the hidden mics. Given the lack of open detection tools, we developed a free software SDR-based program, called Salamandra, to detect and locate hidden microphones in a room. After more than 120 experiments we concluded that placing mics correctly and listening is not an easy task, but it has a huge payoff when it works. Also, most mics can be detected easily with the correct tools (with some exceptions on GSM mics). In our experiments the average time to locate the mics in a room was 15 minutes. Locating mics is the novel feature of Salamandra, which is released to the public with this work. We hope that our study raises awareness on the possibility of being bugged by a powerful actor and the countermeasure tools available for our protection. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8735.html Saal Borg Veronica Valeros Sebastian Garcia PUBLISH 8740@34c3@pentabarf.org 8740 34c3-8740-the_internet_in_cuba_a_story_of_community_resilience The Internet in Cuba: A Story of Community Resilience Get a unique tour of some of the world’s most unusual networks, led by a Cuban hacker English en 20171230T151500 20171230T161500 010000 The Internet in Cuba: A Story of Community Resilience- Get a unique tour of some of the world’s most unusual networks, led by a Cuban hacker Internet access in Cuba is notoriously restrictive. ETECSA, the government-run teleco, offers 60 wireless hotspots in parks and hotels, allowing foreigners and citizens alike to "visit" the Internet for only $1/hour… That’s what most tourists know about the Internet in Cuba, but of course, that can't be the whole story! In this talk, we'll take a deeper look at what life is like for Cuban hackers, and we’ll get to tour a vibrant set of community-driven networks that typical tourists never see. The story that emerges is an inspiring view of what communities can (and can’t) accomplish in the face of adversity. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8740.html Saal Adams Will Scott kopek PUBLISH 8741@34c3@pentabarf.org 8741 34c3-8741-treibhausgasemissionen_einschatzen Treibhausgasemissionen einschätzen Wieviel CO2 macht <...>? Ungefähr? German de 20171229T231500 20171230T000000 004500 Treibhausgasemissionen einschätzen- Wieviel CO2 macht <...>? Ungefähr? Alles was wir jeden Tag tun erzeugt Treibhausgase. Für eine vernünftige/moralische/ökologische Entscheidung, um mit anderen Handlungsoptionen brauchbar vergleichen zu können, muss man wissen - wieviel? Ungefähr zumindest? Für Einsteiger. Keine Formeln, wenig Mathematik/Physik. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8741.html Saal Borg Gunnar Thöle PUBLISH 8758@34c3@pentabarf.org 8758 34c3-8758-how_to_drift_with_any_car How to drift with any car (without your mom yelling at you) English en 20171228T183000 20171228T193000 010000 How to drift with any car- (without your mom yelling at you) Lots of research are arising from the fairly unexplored world of automative communications. Cars are no longer becoming computers, they are fully connected networks where every ECU exchanges and operates the vehicles at some point. Here is an introduction of my immersion and discussions with my car, and how I finally managed to drift (a bit) with my mom's FWD Fiat 500c. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8758.html Saal Dijkstra Guillaume Heilles P1kachu PUBLISH 8762@34c3@pentabarf.org 8762 34c3-8762-inside_intel_management_engine Inside Intel Management Engine English en 20171227T163000 20171227T173000 010000 Inside Intel Management Engine - Positive Technologies researchers Maxim Goryachy and Mark Ermolov have discovered a vulnerability that allows running unsigned code. The vulnerability can be used to activate JTAG debugging for the Intel Management Engine processor core. When combined with DCI, this allows debugging ME via USB. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8762.html Saal Borg Maxim Goryachy Mark Ermolov PUBLISH 8768@34c3@pentabarf.org 8768 34c3-8768-end-to-end_formal_isa_verification_of_risc-v_processors_with_riscv-formal End-to-end formal ISA verification of RISC-V processors with riscv-formal English en 20171227T124500 20171227T131500 003000 End-to-end formal ISA verification of RISC-V processors with riscv-formal- Formal hardware verification (hardware model checking) can prove that a design has a specified property. Historically only very simple properties in simple designs have been provable this way, but improvements in model checkers over the last decade enable us to prove very complex design properties nowadays. riscv-formal is a framework for formally verifying RISC-V processors directly against a formal ISA specification. In this presentation I will discuss how the complex task of verifying a processor against the ISA specification is broken down into smaller verification problems, and other techniques that I employed to successfully implement riscv-formal. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8768.html Saal Clarke Clifford Wolf PUBLISH 8782@34c3@pentabarf.org 8782 34c3-8782-intel_me_myths_and_reality Intel ME: Myths and reality English en 20171228T210000 20171228T220000 010000 Intel ME: Myths and reality- Many claims were made recently about purpose and capabilities of the Intel ME but with all the buzz it is not always clear what are facts and what is just speculation. We'll try to clear the fog of misunderstanding with research based on investigations of ME firmware and practical experiments on ME-equipped hardware. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8782.html Saal Adams Igor Skochinsky Nicola Corna PUBLISH 8784@34c3@pentabarf.org 8784 34c3-8784-emmc_hacking_or_how_i_fixed_long-dead_galaxy_s3_phones eMMC hacking, or: how I fixed long-dead Galaxy S3 phones A journey on how to fix broken proprietary hardware by gaining code execution on it English en 20171227T124500 20171227T134500 010000 eMMC hacking, or: how I fixed long-dead Galaxy S3 phones- A journey on how to fix broken proprietary hardware by gaining code execution on it How I hacked Sasmung eMMC chips: from an indication that they have a firmware - up until code execution ability on the chip itself, relevant to a countless number of devices. It all started when Samsung Galaxy S3 devices started dying due to a bug in their eMMC firmware. I will cover how I figured out there's a firmware inside the chip, how I obtained it, and my journey to gaining code execution on the chip itself &mdash; up until the point in which I could grab a bricked Galaxy S3, and fix it by software-only means. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8784.html Saal Dijkstra oranav PUBLISH 8789@34c3@pentabarf.org 8789 34c3-8789-lets_break_modern_binary_code_obfuscation Lets break modern binary code obfuscation A semantics based approach English en 20171227T183000 20171227T193000 010000 Lets break modern binary code obfuscation- A semantics based approach Do you want to learn how modern binary code obfuscation and deobfuscation works? Did you ever encounter road-blocks where well-known deobfuscation techniques do not work? Do you want to see a novel deobfuscation method that learns the code's behavior without analyzing the code itself? Then come to our talk and we give you a step-by-step guide. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8789.html Saal Dijkstra Tim Blazytko Moritz Contag PUBLISH 8797@34c3@pentabarf.org 8797 34c3-8797-social_cooling_-_big_data_s_unintended_side_effect Social Cooling - big data’s unintended side effect How the reputation economy is creating data-driven conformity English en 20171227T211500 20171227T214500 003000 Social Cooling - big data’s unintended side effect- How the reputation economy is creating data-driven conformity What does it mean to be free in a world where surveillance is the dominant business model? Behind the scenes databrokers are turning our data into thousands of scores. This digital reputation is increasingly influencing our chances to find a job, a loan or even a date. Researchers are pointing out that, as people become aware of this reputation economy, it is generating a culture where self-censorship and risk aversion are the new normal. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8797.html Saal Dijkstra Tijmen Schep PUBLISH 8805@34c3@pentabarf.org 8805 34c3-8805-die_fabelhafte_welt_des_mobilebankings Die fabelhafte Welt des Mobilebankings German de 20171227T220000 20171227T223000 003000 Die fabelhafte Welt des Mobilebankings- Bisher wurden Angriffe gegen App-basierte TAN-Verfahren und Mobilebanking von betroffenen Banken eher als akademische Kapriole abgetan. Sie seien, wenn überhaupt, nur unter Laborbedingungen und dazu unter wiederkehrend hohem manuellen Aufwand zu realisieren. Um diese Sichtweise zu korrigieren, haben wir das Programm Nomorp entwickelt, das in der Lage ist, zentrale Sicherungs- und Härtungsmaßnahmen in weltweit 31 Apps vollautomatisch zu deaktivieren und somit Schadsoftware Tür und Tor öffnet. Unter den Betroffenen stellen deutsche Unternehmen mit 20 Finanz-Apps die größte Fraktion. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8805.html Saal Adams Vincent Haupert PUBLISH 8806@34c3@pentabarf.org 8806 34c3-8806-the_seizure_of_the_iuventa The seizure of the Iuventa How search and rescue in the mediterranean was criminalized English en 20171228T143000 20171228T150000 003000 The seizure of the Iuventa- How search and rescue in the mediterranean was criminalized The ship „Iuventa“ of the organization „Jugend Rettet“ was seized on August 2nd 2017 by the Italian authorities. The accusations: facilitating illegal immigration, organized crime and possession of weapons. What followed was a smear campaign that had seldomly been seen before. Against „Jugend Rettet“ and all the other NGOs that do search and rescue (SAR) in the mediterranean sea. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8806.html Saal Borg Hendrik Kathrin PUBLISH 8811@34c3@pentabarf.org 8811 34c3-8811-beeinflussung_durch_kunstliche_intelligenz Beeinflussung durch Künstliche Intelligenz Über die Banalität der Beeinflussung und das Leben mit Algorithmen German de 20171228T124500 20171228T134500 010000 Beeinflussung durch Künstliche Intelligenz- Über die Banalität der Beeinflussung und das Leben mit Algorithmen Eine wissenschaftliche Perspektive auf die achtlose Anwendung der Algorithmen des maschinellen Lernens und der künstlichen Intelligenz, z.B. in personalisierten Nachrichtenempfehlungssystemen oder Risikosoftware im US-Justizsystem. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8811.html Saal Adams Hendrik Heuer KRN PUBLISH 8814@34c3@pentabarf.org 8814 34c3-8814-making_experts_makers_and_makers_experts Making Experts Makers and Makers Experts English en 20171228T121500 20171228T124500 003000 Making Experts Makers and Makers Experts- Over the past year, we have been developing open source wheelchair add-ons through user research, ideation, design, prototyping and testing. We present the outcome and insights from the process. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8814.html Saal Dijkstra Daniel Wessolek Isabelle Dechamps PUBLISH 8818@34c3@pentabarf.org 8818 34c3-8818-designing_pcbs_with_code Designing PCBs with code Is designing circuits with code instead of CAD the future of electronic design automation? English en 20171229T130000 20171229T133000 003000 Designing PCBs with code- Is designing circuits with code instead of CAD the future of electronic design automation? An overview and history of various tools and languages that allow you to use code rather than CAD software to design circuits. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8818.html Saal Clarke Kaspar PUBLISH 8831@34c3@pentabarf.org 8831 34c3-8831-trustzone_is_not_enough TrustZone is not enough Hijacking debug components for embedded security English en 20171230T130000 20171230T133000 003000 TrustZone is not enough- Hijacking debug components for embedded security This talk deals with embedded systems security and ARM processors architecture. Most of us know that we can perform security with the ARM TrustZone framework. I will show that most ARM processors include debug components (aka CoreSight components) that can be used to create efficient security mechanisms. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8831.html Saal Adams Pascal Cotret PUBLISH 8832@34c3@pentabarf.org 8832 34c3-8832-free_electron_lasers Free Electron Lasers ...or why we need 17 billion Volts to make a picture. English en 20171228T163000 20171228T173000 010000 Free Electron Lasers- ...or why we need 17 billion Volts to make a picture. Wouldn’t it be awesome to have a microscope which allows scientists to map atomic details of viruses, film chemical reactions, or study the processes in the interior of planets? Well, we’ve just built one in Hamburg. It’s not table-top, though: 1 billion Euro and a 3km long tunnel is needed for such a ‘free electron laser’, also called 4th generation synchrotron light source. I will talk about the basic physics and astonishing facts and figures of the operation and application of these types of particle accelerators. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8832.html Saal Dijkstra Thorsten PUBLISH 8842@34c3@pentabarf.org 8842 34c3-8842-zamir_transnational_network_und_zagreb_dairy Zamir Transnational Network und Zagreb Dairy Das erste computer netzwerk in Krieg (Jugoslavia 1992-1997) German de 20171229T194500 20171229T204500 010000 Zamir Transnational Network und Zagreb Dairy- Das erste computer netzwerk in Krieg (Jugoslavia 1992-1997) Die Geschichte des ZAMIR Transnational Network und meines Zagreb-Diary (http://www.wamkat.de/diaries1/zagreb-diary) zwischen 1991 und 1995 im früheren Jugoslawien. Es war das erste Computernetzwerk in einer Kriegsregion, das alle Friedens-, Frauen-, Menschenrechts- und humanitäre Aktivisten und alle anderen Menschen in dem Kriegsgebiet miteinander und der Außenwelt verbunden hat. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8842.html Saal Dijkstra Wam (P.J.H.F.) Kat PUBLISH 8848@34c3@pentabarf.org 8848 34c3-8848-type_confusion_discovery_abuse_and_protection Type confusion: discovery, abuse, and protection English en 20171230T163000 20171230T173000 010000 Type confusion: discovery, abuse, and protection- Type confusion, often combined with use-after-free, is the main attack vector to compromise modern C++ software like browsers or virtual machines. Typecasting is a core principle that enables modularity in C++. For performance, most typecasts are only checked statically, i.e., the check only tests if a cast is allowed for the given type hierarchy, ignoring the actual runtime type of the object. Using an object of an incompatible base type instead of a derived type results in type confusion. Attackers have been abusing such type confusion issues to compromise popular software products including Adobe Flash, PHP, Google Chrome, or Firefox, raising critical security concerns. We discuss the details of this vulnerability type and how such vulnerabilities relate to memory corruption. Based on an LLVM-based sanitizer that we developed, we will show how to discover such vulnerabilities in large software through fuzzing and how to protect yourself against this class of bugs. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8848.html Saal Clarke gannimo PUBLISH 8851@34c3@pentabarf.org 8851 34c3-8851-don_t_stop_til_you_feel_it Don't stop 'til you feel it Artistic interventions in climate change English en 20171229T163000 20171229T173000 010000 Don't stop 'til you feel it- Artistic interventions in climate change This talk will report on my current research in bringing to bear multiple knowledges on problem spaces around the environment and digital culture, and in so doing questioning both the prevailing knowledge hierarchy and the institutionalisation of knowledge production. To connect with the environment, for instance, do we need to connect with how it feels? This talk draws on works exploring both the marine environment and food, using knowledge from science, art, culture, instinct and history to create happenings and instances that break out the border of "me" and "my environment" to create an empathic response linking what we traditionally consider to be inside and outside. This will be demonstrated in the context of two artistic works - The Coral Empathy Device and Vital | Flows. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8851.html Saal Borg iamkat PUBLISH 8853@34c3@pentabarf.org 8853 34c3-8853-international_image_interoperability_framework_iiif_kulturinstitutionen_schaffen_interoperable_schnittstellen_fur_digitalisiertes_kulturgut International Image Interoperability Framework (IIIF) – Kulturinstitutionen schaffen interoperable Schnittstellen für digitalisiertes Kulturgut German de 20171230T113000 20171230T120000 003000 International Image Interoperability Framework (IIIF) – Kulturinstitutionen schaffen interoperable Schnittstellen für digitalisiertes Kulturgut- Neue Standards wie IIIF (http://iiif.io) ermöglichen es, digitalisiertes Kulturgut (Gemälde, Bücher, Handschriften, Fotografien, Karten u.s.w.) interoperabel und maschinenlesbar verfügbar zu machen. Darauf aufsetzend können nicht nur ansehnliche Präsentationen erstellt werden, insbesondere ermöglicht IIIF es, institutionsübergreifend Daten verknüpfbar zu machen und virtuelle Arbeitsoberflächen einrichtungsunabhängig zu realisieren. Dem Linked Data Prinzip folgend, sind alle Daten standardisiert identifizierbar und nutzbar. Es existieren bereits viele leistungsfähige Open Source Anwendungen für IIIF. Der Talk führt in IIIF ein und zeigt viele anschauliche Beispiele, die bedeutende Werke aus namhaften Einrichtungen weltweit enthalten. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8853.html Saal Clarke Leander Seige PUBLISH 8860@34c3@pentabarf.org 8860 34c3-8860-deep_learning_blindspots Deep Learning Blindspots Tools for Fooling the "Black Box" English en 20171228T140000 20171228T150000 010000 Deep Learning Blindspots- Tools for Fooling the "Black Box" In the past decade, machine learning researchers and theorists have created deep learning architectures which seem to learn complex topics with little intervention. Newer research in adversarial learning questions just how much “learning" these networks are doing. Several theories have arisen regarding neural network “blind spots” which can be exploited to fool the network. For example, by changing a series of pixels which are imperceptible to the human eye, you can render an image recognition model useless. This talk will review the current state of adversarial learning research and showcase some open-source tools to trick the "black box." PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8860.html Saal Adams Katharine Jarmul PUBLISH 8865@34c3@pentabarf.org 8865 34c3-8865-digitale_bildung_in_der_schule Digitale Bildung in der Schule 5.-Klässlerinnen, die über die Millisekunden für einen delay()-Aufruf diskutieren! Gibt es nicht? Doch, gibt es! German de 20171228T130000 20171228T133000 003000 Digitale Bildung in der Schule- 5.-Klässlerinnen, die über die Millisekunden für einen delay()-Aufruf diskutieren! Gibt es nicht? Doch, gibt es! „5.-Klässlerinnen, die über die Millisekunden für einen delay()-Aufruf diskutieren! Gibt es nicht? Doch, gibt es!“ Ein Modellprojekt mit sieben Schulen in Aachen hat diese Frage untersucht – wir haben die Schülerinnen und Schüler begleitet und würden gerne darüber berichten, denn wir wissen jetzt: Programmieren macht ihnen Spaß! PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8865.html Saal Dijkstra Katja Bach PUBLISH 8869@34c3@pentabarf.org 8869 34c3-8869-saving_the_world_with_space_solar_power Saving the World with Space Solar Power or is it just PEWPEW?! English en 20171229T151500 20171229T154500 003000 Saving the World with Space Solar Power- or is it just PEWPEW?! Space Solar Power station, such as SPS Alpha, could overcome some issues that renewable energy plants on Earth suffer of structural basis when challenges such as energy transfer from orbit to Earth are solved. But will this solve the Earth's problems in a peaceful way? PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8869.html Saal Borg anja sjunk PUBLISH 8874@34c3@pentabarf.org 8874 34c3-8874-gamified_control Gamified Control? China's Social Credit Systems English en 20171227T140000 20171227T150000 010000 Gamified Control?- China's Social Credit Systems In 2014 China’s government announced the implementation of big data based social credit systems (SCS). The SCS will rate online and offline behavior to create a score for each user. One of them is planned to become mandatory in 2020. This lecture will review the current state of governmental and private SCS and different aspects of these systems. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8874.html Saal Adams Katika Kühnreich PUBLISH 8877@34c3@pentabarf.org 8877 34c3-8877-drones_of_power_airborne_wind_energy Drones of Power: Airborne Wind Energy English en 20171229T154500 20171229T161500 003000 Drones of Power: Airborne Wind Energy- Airborne wind energy is the attempt to bring the digital revolution to the production of energy. It means that we convert the power of high-altitude winds into electricity by autonomously controlled aircraft which are connected to the ground via a tether. This technology can be a key element to finally power the world by clean energy only. In this talk we will explain the physical foundations, give an overview of the current status and show you how to build an experimental system by yourself: it involves hacking an off-the-shelf model aircraft and its autopilot based on the open and free Ardupilot framework. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8877.html Saal Borg Christoph PUBLISH 8879@34c3@pentabarf.org 8879 34c3-8879-mobile_data_interception_from_the_interconnection_link Mobile Data Interception from the Interconnection Link English en 20171228T113000 20171228T123000 010000 Mobile Data Interception from the Interconnection Link- Many mobile network operators rush to upgrade their networks to 4G/LTE from 2G and 3G, not only to improve the service, but also the security. The Diameter protocol - the successor of SS7 in Long Term Evolution (LTE) networks is believed to offer more protection to the network itself and to the end-users. However, also Diameter offers a rich functionality set, which can be also exploited and misused, if the network is not properly protected. We will show in this lecture, how data interception (MiM) can be done via the diameter based interconnection link. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8879.html Saal Adams Dr. Silke Holtmanns PUBLISH 8885@34c3@pentabarf.org 8885 34c3-8885-we_should_share_our_secrets We should share our secrets Shamir secret sharing: How it works and how to implement it English en 20171228T124500 20171228T134500 010000 We should share our secrets- Shamir secret sharing: How it works and how to implement it Backing up private keys in a secure manner is not straightforward. Once a backup has been compromised you need to refresh all your key material. For example, the disclosure of a private key of a Bitcoin wallet gives access to the coins inside. This makes it unattractive to store a complete backup of your private key(s) with your bank or your spouse. The better option would be to split the key into multiple parts. The recommended way to do this securely is to use the Shamir secret sharing scheme. This talk provides a detailed breakdown of how the scheme works and explains how it is implemented in C in a new library called SSS. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8885.html Saal Clarke Daan Sprenkels PUBLISH 8888@34c3@pentabarf.org 8888 34c3-8888-security_nightmares_0x12 Security Nightmares 0x12 German de 20171230T163000 20171230T173000 010000 Security Nightmares 0x12- Was hat sich im letzten Jahr im Bereich IT-Sicherheit getan? Welche neuen Entwicklungen haben sich ergeben? Welche neuen Buzzwords und Trends waren zu sehen? PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8888.html Saal Adams frank Ron PUBLISH 8896@34c3@pentabarf.org 8896 34c3-8896-tiger_drucker_und_ein_mahnmal Tiger, Drucker und ein Mahnmal Neues vom Zentrum für Politische Schönheit German de 20171229T210000 20171229T220000 010000 Tiger, Drucker und ein Mahnmal- Neues vom Zentrum für Politische Schönheit Flüchtlingsfressende Tiger in Berlin, zum Diktatorensturz aufrufende Flugblätter in Istanbul und ein Mahnmal das den Rechtsextremisten Björn Höcker in seinem Thüringer Dorf heimsucht: Viel ist geschehen, seit das Zentrum für Politische Schönheit vor 3 Jahren auf dem Kongress gesprochen hat. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8896.html Saal Adams Stefan Pelzer Philipp Ruch Morius Enden PUBLISH 8900@34c3@pentabarf.org 8900 34c3-8900-tightening_the_net_in_iran Tightening the Net in Iran The Situation of Censorship and Surveillance in Iran, and What Should Be Done English en 20171227T163000 20171227T173000 010000 Tightening the Net in Iran- The Situation of Censorship and Surveillance in Iran, and What Should Be Done How do Iranians experience the Internet? Various hurdles and risks exist for Iranians and including outside actors like American technology companies. This talk will assess the state of the Internet in Iran, discuss things like the threats of hacking from the Iranian cyber army; how the government are arresting Iranians for their online activities; the most recent policies and laws for censorship, surveillance and encryption; and the policies and relationships of foreign technology companies like Apple, Twitter and Telegram with Iran, and the ways they are affecting the everyday lives of Iranians. This talk will effectively map out how the Internet continues to be a tight and controlled space in Iran, and what efforts are being done and can be done to make the Iranian Internet a more accessible and secure space. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8900.html Saal Dijkstra Mahsa Alimardani PUBLISH 8908@34c3@pentabarf.org 8908 34c3-8908-doping_your_fitbit Doping your Fitbit Firmware modifications faking you fitter English en 20171227T224500 20171227T231500 003000 Doping your Fitbit- Firmware modifications faking you fitter Security architectures for wearables are challenging. We take a deeper look into the widely-used Fitbit fitness trackers. The Fitbit ecosystem is interesting to analyze, because Fitbit employs security measures such as end-to-end encryption and authentication to protect user data (and the Fitbit business model). Even though this goes beyond security mechanisms offered by other fitness tracker vendors, reverse-engineering the trackers enables us to launch practical attacks against Fitbit. In our talk, we demonstrate new attacks including wireless malware flashing on trackers as well as “unlocking” the trackers to work independent from the Fitbit cloud. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8908.html Saal Clarke jiska DanielAW PUBLISH 8911@34c3@pentabarf.org 8911 34c3-8911-34c3_infrastructure_review 34C3 Infrastructure Review How does the CCC run a conference? English en 20171230T151500 20171230T161500 010000 34C3 Infrastructure Review- How does the CCC run a conference? In this traditional lecture, various teams provide an inside look at how this Congress‘ infrastructure was planned and built. You’ll learn what worked and what went wrong, and some of the talks may even contain facts! Also, the NOC promises to try and not have the network fail in the middle of the NOC presentation this time. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8911.html Saal Borg Leon PUBLISH 8915@34c3@pentabarf.org 8915 34c3-8915-how_can_you_trust_formally_verified_software How can you trust formally verified software? English en 20171227T150000 20171227T153000 003000 How can you trust formally verified software?- Formal verification of software has finally started to become viable: we have examples of formally verified microkernels, realistic compilers, hypervisors etc. These are huge achievements and we can expect to see even more impressive results in the future but the correctness proofs depend on a number of assumptions about the Trusted Computing Base that the software depends on. Two key questions to ask are: Are the specifications of the Trusted Computing Base correct? And do the implementations match the specifications? I will explore the philosophical challenges and practical steps you can take in answering that question for one of the major dependencies: the hardware your software runs on. I will describe the combination of formal verification and testing that ARM uses to verify the processor specification and I will talk about our current challenge: getting the specification down to zero bugs while the architecture continues to evolve. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8915.html Saal Borg Alastair Reid PUBLISH 8916@34c3@pentabarf.org 8916 34c3-8916-der_netzpolitische_wetterbericht Der netzpolitische Wetterbericht Wird es Regen geben? Ein Ausblick auf die neue Legislaturperiode German de 20171227T141500 20171227T144500 003000 Der netzpolitische Wetterbericht- Wird es Regen geben? Ein Ausblick auf die neue Legislaturperiode Deutschland hat gewählt, man weiß nur noch nicht, wer regieren wird. Bis Weihnachten könnte ein Koalitionsvertrag verhandelt worden sein, vielleicht auch später. Was sind die zu erwartenden großen Debatten der neuen Legislaturperiode? PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8916.html Saal Borg Markus Beckedahl PUBLISH 8919@34c3@pentabarf.org 8919 34c3-8919-wtfrance WTFrance Decrypting French encryption law English en 20171227T141500 20171227T144500 003000 WTFrance- Decrypting French encryption law France is part of the top countries trying to destroy encryption, especially through backdoor obligations, global interceptions, and effort to get access to master keys. French law already criminalises the use of encryption, imposing heavier penalties on people using it or regarding them as general suspects. How can we oppose this trend? What political role for developers? PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8919.html Saal Clarke Agnes Okhin PUBLISH 8920@34c3@pentabarf.org 8920 34c3-8920-electromagnetic_threats_for_information_security Electromagnetic Threats for Information Security Ways to Chaos in Digital and Analogue Electronics English en 20171228T151500 20171228T161500 010000 Electromagnetic Threats for Information Security- Ways to Chaos in Digital and Analogue Electronics For non specialists, Electromagnetic Pulse weapons (EMP) are fantasy weapons in science fiction movies. Interestingly, the susceptibility of electronic devices to electromagnetic interference has been advertised since the 90’s. Regarding the high integration of sensors and digital systems to control power-grids, telecom networks and automation infrastructures (e.g. Smart-grids, Industrial Control Systems), the intrinsic vulnerability of electronic devices to electromagnetic interference is of fundamental interest. In the context of IT Security, few studies have been carried out to understand how the effects may be a significant issue especially in the far-field region (distance between the transmitter’s antenna and the target with regard to the wavelength/central frequency). Most studies in Emanation Security (EMSEC) are related to near-field probing for side-channel and fault injection attacks assuming a close physical access to the targeted devices. In this paper, we propose a methodology to detect, classify and correlate the effect induced during the intentional exposure of analogue and digital systems to electromagnetic interference. Applying this methodology, the implication of the effects for the IT security world will be discussed with regards to the attacker profile needed to set-up a given scenario. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8920.html Saal Clarke @EMHacktivity José Lopes Esteves PUBLISH 8922@34c3@pentabarf.org 8922 34c3-8922-methodisch_inkorrekt Methodisch inkorrekt! Die Wissenschaftsgala vom 34C3 German de 20171229T113000 20171229T133000 020000 Methodisch inkorrekt!- Die Wissenschaftsgala vom 34C3 Der IgNobelpreis ist eine Auszeichnung, um wissenschaftliche Leistungen zu ehren, die „Menschen zuerst zum Lachen, dann zum Nachdenken bringen“ („to honor achievements that first make people laugh, and then make them think“). Wir erklären die Preisträger 2017 in gewohnter Minkorrekt-Manier. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8922.html Saal Adams Nicolas Wöhrl @ReinhardRemfort PUBLISH 8923@34c3@pentabarf.org 8923 34c3-8923-ooni_let_s_fight_internet_censorship_together OONI: Let's Fight Internet Censorship, Together! The Open Observatory of Network Interference English en 20171229T143000 20171229T150000 003000 OONI: Let's Fight Internet Censorship, Together!- The Open Observatory of Network Interference How can we take a stand against the increasing shadow of Internet censorship? With OONI Probe you can join us in uncovering evidence of network interference! PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8923.html Saal Borg Arturo Filastò (hellais) PUBLISH 8935@34c3@pentabarf.org 8935 34c3-8935-simulating_the_future_of_the_global_agro-food_system Simulating the future of the global agro-food system Cybernetic models analyze scenarios of interactions between future global food consumption, agriculture, landuse, and the biogeochemical cycles of water, nitrogen and carbon. English en 20171229T210000 20171229T213000 003000 Simulating the future of the global agro-food system- Cybernetic models analyze scenarios of interactions between future global food consumption, agriculture, landuse, and the biogeochemical cycles of water, nitrogen and carbon. How can we feed a growing world population within a resilient Earth System? This session will present results from our cybernetic computer models that simulate how future trends in population growth, diets, technology and policy may change the global land cover, freshwater usage, the nitrogen cycle and the climate system, and how more sustainable pathways can be reached. We want to discuss how our computer models and our data can be made accessible and usable by a broader community, and which new ways exist to visualize key insights and provide decision support to our society. We will also showcase some interactive physical installations that have been developed jointly with a group of art students to visualize future scenarios. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8935.html Saal Borg Benjamin Leon Bodirsky PUBLISH 8936@34c3@pentabarf.org 8936 34c3-8936-1-day_exploit_development_for_cisco_ios 1-day exploit development for Cisco IOS English en 20171227T163000 20171227T173000 010000 1-day exploit development for Cisco IOS- Year 2017 was rich in vulnerabilities discovered for Cisco networking devices. At least 3 vulnerabilities leading to a remote code execution were disclosed. This talk will give an insight on exploit development process for Cisco IOS for two of the mentioned critical vulnerabilities. Both lead to a full takeover of the target device. Both PowerPC and MIPS architectures will be covered. The presentation will feature an SNMP server exploitation demo. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8936.html Saal Clarke Artem Kondratenko PUBLISH 8937@34c3@pentabarf.org 8937 34c3-8937-briar Briar Resilient P2P Messaging for Everyone English en 20171230T134500 20171230T141500 003000 Briar- Resilient P2P Messaging for Everyone Briar is a peer-to-peer messaging app that is resistant to censorship and works even without internet access. The app encrypts all data end-to-end and also hides metadata by utilizing Tor onion services. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8937.html Saal Borg Torsten Grote PUBLISH 8938@34c3@pentabarf.org 8938 34c3-8938-home_distilling Home Distilling Theory and practice of moonshining and legal distilling English en 20171228T233000 20171229T000000 003000 Home Distilling- Theory and practice of moonshining and legal distilling This talk covers the theory, legality and economics of home distilling. We present the theoretical background of mashing, fermenting and distilling alcohol as well as the legal framework for home distilling in Germany from 2018 on. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8938.html Saal Borg freibrenner PUBLISH 8940@34c3@pentabarf.org 8940 34c3-8940-policing_in_the_age_of_data_exploitation Policing in the age of data exploitation English en 20171229T140000 20171229T150000 010000 Policing in the age of data exploitation- What does policing look like in the age of data exploitation? This is the question we at Privacy International have been exploring for the past two years. Our research has focused on the UK where the population has been used as guinea pigs for ever more invasive modern approaches to policing. In this talk we will discuss our findings with you and avenues for change. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8940.html Saal Dijkstra Eva Blum--Dumontet Millie Wood PUBLISH 8941@34c3@pentabarf.org 8941 34c3-8941-console_security_-_switch Console Security - Switch Homebrew on the Horizon English en 20171228T194500 20171228T204500 010000 Console Security - Switch- Homebrew on the Horizon Nintendo has a new console, and it's more secure than ever. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8941.html Saal Adams plutoo derrek naehrwert PUBLISH 8946@34c3@pentabarf.org 8946 34c3-8946-schnaps_hacking Schnaps Hacking from apple to schnaps -- a complete diy-toolchain English en 20171229T000000 20171229T003000 003000 Schnaps Hacking- from apple to schnaps -- a complete diy-toolchain This talk covers the theory, the required tools and how to make them, and the process of turning apples into juice, ferment them, and enrich the alcohol content of the product. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8946.html Saal Borg Nero Lapislucis sir wombat PUBLISH 8948@34c3@pentabarf.org 8948 34c3-8948-low_cost_non-invasive_biomedical_imaging Low Cost Non-Invasive Biomedical Imaging An Open Electrical Impedance Tomography Project English en 20171227T203000 20171227T210000 003000 Low Cost Non-Invasive Biomedical Imaging- An Open Electrical Impedance Tomography Project An open source biomedical imaging project using electrical impedance tomography. Imagine a world where medical imaging is cheap and accessible for everyone! We'll discuss this current project, how it works, and future directions in medical physics. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8948.html Saal Clarke Jean Rintoul PUBLISH 8949@34c3@pentabarf.org 8949 34c3-8949-library_operating_systems library operating systems reject the default reality^W abstractions and substitute your own English en 20171230T113000 20171230T120000 003000 library operating systems- reject the default reality^W abstractions and substitute your own Traditional models of application development involve talking to an underlying operating system through abstractions of its choosing. These abstractions may or may not be a good fit for your language or application, but you have no choice but to use them - you can only layer more abstractions on top of them, to try to lessen the pain of a bad match. Library operating systems let you write applications that use better abstractions in your own language - either someone else's abstractions, or your own. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8949.html Saal Dijkstra Mindy Preston PUBLISH 8950@34c3@pentabarf.org 8950 34c3-8950-microarchitectural_attacks_on_trusted_execution_environments Microarchitectural Attacks on Trusted Execution Environments English en 20171227T221500 20171227T231500 010000 Microarchitectural Attacks on Trusted Execution Environments- Trusted Execution Environments (TEEs), like those based on ARM TrustZone or Intel SGX, intend to provide a secure way to run code beyond the typical reach of a computer’s operating system. However, when trusted and untrusted code runs on shared hardware, it opens the door to the same microarchitectural attacks that have been exploited for years. This talk provides an overview of these attacks as they have been applied to TEEs, and it additionally demonstrates how to mount these attacks on common TrustZone implementations. Finally, we identify new techniques which allow us to peer within TrustZone TEEs with greater resolution than ever before. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8950.html Saal Borg Keegan Ryan PUBLISH 8952@34c3@pentabarf.org 8952 34c3-8952-running_gsm_mobile_phone_on_sdr Running GSM mobile phone on SDR SDR PHY for OsmocomBB English en 20171229T210000 20171229T213000 003000 Running GSM mobile phone on SDR- SDR PHY for OsmocomBB Since SDR (Software Defined Radio) becomes more popular and more available for everyone, there is a lot of projects based on this technology. Looking from the mobile telecommunications side, at the moment it's possible to run your own GSM or UMTS network using a transmit capable SDR device and free software like OsmoBTS or OpenBTS. There is also the srsLTE project, which provides open source implementation of LTE base station (eNodeB) and moreover the client side stack (srsUE) for SDR. Our talk is about the R&D process of porting the existing GSM mobile side stack (OsmocomBB) to the SDR based hardware, and about the results we have achieved. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8952.html Saal Clarke Vadim Yanitskiy ptrkrysik PUBLISH 8953@34c3@pentabarf.org 8953 34c3-8953-think_big_or_care_for_yourself Think big or care for yourself On the obstacles to think of emergent technologies in the field of nursing science English en 20171228T134500 20171228T141500 003000 Think big or care for yourself- On the obstacles to think of emergent technologies in the field of nursing science In German nursing science the dominant position on emergent technologies demands the removal of machines from caring environments („Entmaschinisierung“). In contrast to this, European research policy heavily focus on developing new health and social technologies to solve societal issues like a skill shortage in nursing. Thinking about technology in nursing science cannot but be conflicted. In this talk we first expose requirements for particularly conceptualizing the application of technological systems in care work settings. Further we will give an overview on main arguments against digital technologies in care with an example of a current research project in the field of Augmented Reality in care work. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8953.html Saal Dijkstra AKO Hanna Wüller PUBLISH 8955@34c3@pentabarf.org 8955 34c3-8955-all_computers_are_beschlagnahmt All Computers Are Beschlagnahmt Zum Verbot von Indymedia linksunten German de 20171228T233000 20171229T003000 010000 All Computers Are Beschlagnahmt- Zum Verbot von Indymedia linksunten Im August 2017 wurde Indymedia linksunten vom Bundesinnenminister verboten. Rechtsanwältin Kristin Pietrzyk berichtet von den Razzien, von der Zusammenarbeit zwischen Polizei und Geheimdiensten und gibt Einblick in das juristische Vorgehen gegen Verbot und Zensur. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8955.html Saal Adams Kristin Pietrzyk PUBLISH 8956@34c3@pentabarf.org 8956 34c3-8956-scada_-_gateway_to_s_hell SCADA - Gateway to (s)hell Hacking industrial control gateways English en 20171230T163000 20171230T173000 010000 SCADA - Gateway to (s)hell - Hacking industrial control gateways Small gateways connect all kinds of fieldbusses to IP systems. This talk will look at the (in)security of those gateways, starting with simple vulnerabilities, and then deep diving into reverse-engineering the firmware and breaking the encryption of firmware upgrades. The found vulnerabilities will then be demonstrated live on a portable SCADA system. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8956.html Saal Dijkstra Thomas Roth PUBLISH 8961@34c3@pentabarf.org 8961 34c3-8961-0en_1en_auf_dem_acker 0en & 1en auf dem Acker Was die Sensor & Automatisierungstechnik in der Landwirtschaft heute schon leisten kann – Ein Einblick German de 20171230T134500 20171230T141500 003000 0en & 1en auf dem Acker- Was die Sensor & Automatisierungstechnik in der Landwirtschaft heute schon leisten kann – Ein Einblick Die Dynamik der globalen Agrarmärkte hat sich in den letzten Jahren verstärkt und birgt neue Herausforderungen für die Landwirte. Hoffnungsträger sind ähnlich wie in anderen Branchen auch Sensor- & Datenverarbeitungstechnik sowie das Internet: Produktionsprozesse steuern sich selbst, Anhänger werden halbautomatisch mittels Bilderkennung beladen, Maschinen kommunizieren mittels Maschinen und Fahrzeuge steuern sich weitestgehend schon jetzt autonom. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8961.html Saal Adams Fritz - Dietrich Burghardt PUBLISH 8964@34c3@pentabarf.org 8964 34c3-8964-watching_the_changing_earth Watching the changing Earth warning: gravity ahead English en 20171227T194500 20171227T201500 003000 Watching the changing Earth- warning: gravity ahead For a few decades by now, satellites offer us the tools to observe the whole Earth with a wide variety of sensors. The vast amount of data these Earth observations systems collect enters the public discourse reduced to a few numbers, numbers like 3 or even 300. So, how do we know the amount of ice melting in the arctic or how much rain is falling in the Amazon? Are groundwater aquifers stable or are they are being depleted? Are these regular seasonal changes or is there a trend? How can we even measure these phenomena on a global scale? This talk will provide one possible answer: gravity. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8964.html Saal Clarke manuel PUBLISH 8965@34c3@pentabarf.org 8965 34c3-8965-decoding_contactless_card_payments Decoding Contactless (Card) Payments An Exploration of NFC Transactions and Explanation How Apple Pay and Android Pay Work English en 20171229T221500 20171229T231500 010000 Decoding Contactless (Card) Payments - An Exploration of NFC Transactions and Explanation How Apple Pay and Android Pay Work This talk will dive into the techniques and protocols that drive contactless card payments at the Point of Sale. We will explore how Apple Pay works on a technical level and why you are able to 'clone' your credit card onto your phone. Building upon previous C3 talks on the topics of EMV and ICC payments, we will learn about different NFC payment options, why legacy will never die and how the individual card brands have specified their payment workflows. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8965.html Saal Adams Simon Eumes PUBLISH 8968@34c3@pentabarf.org 8968 34c3-8968-are_all_bsds_created_equally Are all BSDs created equally? A survey of BSD kernel vulnerabilities. English en 20171229T194500 20171229T204500 010000 Are all BSDs created equally? - A survey of BSD kernel vulnerabilities. In this presentation I start off asking the question „How come there are only a handful of BSD security kernel bugs advisories released every year?“ and then proceed to try and look at some data from several sources. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8968.html Saal Adams Ilja van Sprundel PUBLISH 8969@34c3@pentabarf.org 8969 34c3-8969-die_sprache_der_uberwacher Die Sprache der Überwacher Wie in Österreich über Sicherheit und Überwachung gesprochen wird German de 20171227T211500 20171227T214500 003000 Die Sprache der Überwacher- Wie in Österreich über Sicherheit und Überwachung gesprochen wird So intensiv wie 2017 wurde der Themenkomplex rund um Sicherheit und Überwachung in Österreich noch nie diskutiert. Das Thema ist in Hauptabendnachrichten und Leitartikeln angekommen. Die Diskussion rund um die geplante Einführung eines Sicherheitspakets, das sich bei näherer Betrachtung als ein reines Überwachungspaket entpuppt, bietet jede Menge Analysematerial: Öffentlich ausgetauschte (Schein-)Argumente, falsche Analogien und unpassende Sprachbilder haben die Debatte geprägt. In diesem Talk werden die Sprache der so genannten Sicherheitspolitiker (es sind in der Tat nur Männer) analysiert und ihre Argumente auf den Prüfstand gestellt. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8969.html Saal Adams Thomas Lohninger Werner Reiter Angelika Adensamer PUBLISH 8974@34c3@pentabarf.org 8974 34c3-8974-practical_mix_network_design Practical Mix Network Design Strong metadata protection for asynchronous messaging English en 20171227T233000 20171228T003000 010000 Practical Mix Network Design- Strong metadata protection for asynchronous messaging We shall explain the renewed interest in mix networks. Like Tor, mix networks protect metadata by using layered encryption and routing packets between a series of independent nodes. Mix networks resist vastly more powerful adversary models than Tor though, including global passive adversaries. In so doing, mix networks add both latency and cover traffic. We shall outline the basic components of a mix network, touch on their roles in resisting active and passive attacks, and discuss how the latency impacts reliability, application design, and user experience. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8974.html Saal Clarke David Stainton jeffburdges PUBLISH 8980@34c3@pentabarf.org 8980 34c3-8980-netzpolitik_in_der_schweiz Netzpolitik in der Schweiz Die aktuellen Auseinandersetzungen über digitale Freiheitsrechte German de 20171228T151500 20171228T161500 010000 Netzpolitik in der Schweiz- Die aktuellen Auseinandersetzungen über digitale Freiheitsrechte Gleich in drei Gesetzen drohen Netzsperren. Staatstrojaner und Massenüberwachung bis ins WLAN sind mit der Einführung der Überwachungsgesetze BÜPF und NDG vorgesehen. E-Voting soll auf Biegen und Brechen durchgesetzt werden. Nur garantierte Netzneutralität lässt weiter auf sich warten. Im Vortrag versuchen wir, Einsichten in die aktuellen netzpolitischen Auseinandersetzungen in der Schweiz zu geben und Handlungsmöglichkeiten aufzuzeigen. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8980.html Saal Dijkstra Kire Patrick Stählin Martin Steiger PUBLISH 8989@34c3@pentabarf.org 8989 34c3-8989-nabovarme_opensource_heating_infrastructure_in_christiania “Nabovarme” opensource heating infrastructure in Christiania Freetown Christiania´s digitally controlled/surveyed heating system. 350 users English en 20171229T134500 20171229T141500 003000 “Nabovarme” opensource heating infrastructure in Christiania- Freetown Christiania´s digitally controlled/surveyed heating system. 350 users Project “Nabovarme” (meaning “neighbour heating”) has transformed private heating necessity into a social experiment build on OpenSource software/hardware and social empowerment by transforming heat consumers into Nabovarme Users and letting them take ownership to infrastructure and consumption. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8989.html Saal Borg Johannes Valbjorn Emmerik PUBLISH 8993@34c3@pentabarf.org 8993 34c3-8993-nougatbytes_11 Nougatbytes 11₂ Die geekige Wort- & Bilderrätselspielshau ist zuЯück German de 20171230T004500 20171230T021500 013000 Nougatbytes 11₂- Die geekige Wort- & Bilderrätselspielshau ist zuЯück Zwei Teams mit rauchenden Köpfen und ein johlendes Publikum raten sich durch unsere dritte Wortspielhölle der IT, Informatik und digitalen Gesellschaft. Wer bei vielschichtigen (Anm. d. R.: „haarsträubenden“!) Assoziazionsbilderrätseln freudiges Synapsenfunkeln und feuchte Augen bekommt oder aber bei Gehirnschmerz und Um-die-Ecke-Denk-Beulen trotzdem feiert, ist bei uns zu Hause. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8993.html Saal Adams Rainer Rehak Benks PUBLISH 8994@34c3@pentabarf.org 8994 34c3-8994-vintage_computing_for_trusted_radiation_measurements_and_a_world_free_of_nuclear_weapons Vintage Computing for Trusted Radiation Measurements and a World Free of Nuclear Weapons English en 20171229T151500 20171229T161500 010000 Vintage Computing for Trusted Radiation Measurements and a World Free of Nuclear Weapons- Eliminating nuclear weapons will require trusted measurement systems to confirm authenticity of nuclear warheads prior to their dismantlement. A new idea for such an inspection system is to use vintage hardware (Apple IIe/6502) instead of modern microprocessors, reducing the attack surface through simplicity. In the talk, we present and demo a custom open hardware measurement system based on gamma spectroscopy. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8994.html Saal Adams Moritz ALX PUBLISH 8998@34c3@pentabarf.org 8998 34c3-8998-die_gottliche_informatik_the_divine_computer_science Die göttliche Informatik / The divine Computer Science Die Informatik löst formale (mathematisch modellierte) Probleme ganz vorzüglich – doch nun soll sie alle anderen Probleme auch noch lösen / Computer science nicely solves formally modelled problems – now it is believed to solve everything else too German de 20171227T233000 20171228T003000 010000 Die göttliche Informatik / The divine Computer Science- Die Informatik löst formale (mathematisch modellierte) Probleme ganz vorzüglich – doch nun soll sie alle anderen Probleme auch noch lösen / Computer science nicely solves formally modelled problems – now it is believed to solve everything else too Die Informatik ist scheinbar das neue Göttliche, das den Klimawandel, die Kriminalität, unser fehlendes Wissen über das Gehirn, den globalen Terror, dichter werdenden Stadtverkehr, die Energieprobleme und die Armut der Welt lösen kann; und zwar mit der Blockchain, mit künstlicher Intelligenz, mit der Cloud und mit Big-Data. Doch inwiefern ist die Informatik überhaupt in der Lage, derartige Probleme hoher gesellschaftlicher Relevanz anzugehen? In diesem Vortrag soll versucht werden, Teile der riesigen Wunschliste an die Informatik mit ihren tatsächlichen aktuellen Möglichkeiten in Einklang zu bringen sowie die ökonomischen Motivationen und Rahmenbedingungen einzubeziehen. <span style="color:grey;">Computer science seems to be the new divine element that can solve climate change, crime, our lack of knowledge about the brain, global terror, urban traffic, our energy issues and world poverty; with blockchain, with artificial intelligence, with the cloud and big data. But to what extent is computer science even able to address such problems of high societal relevance? In this lecture an attempt will be made to reconcile parts of the huge wish list to computer science with its actual current possibilities and to include the economic motivations and conditions.</span> PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8998.html Saal Dijkstra Rainer Rehak PUBLISH 9006@34c3@pentabarf.org 9006 34c3-9006-implementing_an_llvm_based_dynamic_binary_instrumentation_framework Implementing an LLVM based Dynamic Binary Instrumentation framework English en 20171228T220000 20171228T230000 010000 Implementing an LLVM based Dynamic Binary Instrumentation framework- This talk will go over our efforts to implement a new open source DBI framework based on LLVM. We'll explain what DBI is used for, how it works, the implementation challenges we faced and compare a few of the existing frameworks with our own implementation. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9006.html Saal Dijkstra Charles Hubain Cédric Tessier PUBLISH 9007@34c3@pentabarf.org 9007 34c3-9007-hacker_jeopardy Hacker Jeopardy Zahlenraten für Geeks German de 20171229T004500 20171229T024500 020000 Hacker Jeopardy- Zahlenraten für Geeks The Hacker Jeopardy is a quiz show. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9007.html Saal Adams Sec Ray PUBLISH 9014@34c3@pentabarf.org 9014 34c3-9014-whwp WHWP Walter Höllerer bei WikiPedia German de 20171230T121500 20171230T124500 003000 WHWP- Walter Höllerer bei WikiPedia Vorstellung der Dissertation "WHWP - Walter Höllerer bei WikiPedia". Es wurde ein einzelner Artikel in der deutschen WikiPedia untersucht. Es wird dargestellt, welchen Einfluss die beteiligten Autoren auf die Qualität des WikiPedia-Artikels über Walter Höllerer hatten und weiterhin haben. Dafür wurden 113 Veränderungen durch 89 Autoren einzeln untersucht und bezüglich ihrer Relevanz bewertet. Es wurden auch die Entwicklungen berücksichtigt, die seit der französischen Encyclopédie zur Online-Enzyklopädie WikiPedia geführt haben. Daraus ist eine bisher einzigartige Arbeit über die Produktion von Wissen und Wissenssammlungen entstanden. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9014.html Saal Clarke friederb PUBLISH 9021@34c3@pentabarf.org 9021 34c3-9021-squeezing_a_key_through_a_carry_bit Squeezing a key through a carry bit No bug is small enough English en 20171227T140000 20171227T150000 010000 Squeezing a key through a carry bit- No bug is small enough The Go implementation of the P-256 elliptic curve had a small bug due to a misplaced carry bit affecting less than 0.00000003% of field subtraction operations. We show how to build a full practical key recovery attack on top of it, capable of targeting JSON Web Encryption. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9021.html Saal Dijkstra Filippo Valsorda PUBLISH 9024@34c3@pentabarf.org 9024 34c3-9024-holography_of_wi-fi_radiation Holography of Wi-Fi radiation Can we see the stray radiation of wireless devices? And what would the world look like if we could? English en 20171229T113000 20171229T123000 010000 Holography of Wi-Fi radiation- Can we see the stray radiation of wireless devices? And what would the world look like if we could? Holography of Wi-Fi radiation Philipp Holl [1,2] and Friedemann Reinhard [2] [1] Max Planck Institute for Physics [2] Walter Schottky Institut and Physik-Department, Technical University of Munich When we think of wireless signals such as Wi-Fi or Bluetooth, we usually think of bits and bytes, packets of data and runtimes. Interestingly, there is a second way to look at them. From a physicist's perspective, wireless radiation is just light, more precisely: coherent electromagnetic radiation. It is virtually the same as the beam of a laser, except that its wavelength is much longer (cm vs µm). We have developed a way to visualize this radiation, providing a view of the world as it would look like if our eyes could see wireless radiation. Our scheme is based on holography, a technique to record three-dimensional pictures by a phase-coherent recording of radiation in a two-dimensional plane. This technique is traditionally implemented using laser light. We have adapted it to work with wireless radiation, and recorded holograms of building interiors illuminated by the omnipresent stray field of wireless devices. In the resulting three-dimensional images we can see both emitters (appearing as bright spots) and absorbing objects (appearing as shadows in the beam). Our scheme does not require any knowledge of the data transmitted and works with arbitrary signals, including encrypted communication. This result has several implications: it could provide a way to track wireless emitters in buildings, it could provide a new way for through-wall imaging of building infrastructure like water and power lines. As these applications are available even with encrypted communication, it opens up new questions about privacy. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9024.html Saal Dijkstra Friedemann Reinhard PUBLISH 9025@34c3@pentabarf.org 9025 34c3-9025-electroedibles Electroedibles Open Source Hardware for Smart Candies English en 20171229T214500 20171229T221500 003000 Electroedibles- Open Source Hardware for Smart Candies Electroedibles is an experiment with “edible” hardware that explores the limits of interaction between our tongue and circuits to mock the present fantasies of Internet of (Every)thing. This project initiated by the hardware lab at Shenkar College of Arts and Tel Aviv Makerspace consists from series of workshops, in which participants combine simple circuits (lickometer with LED, vibration motor or piezo) with recipes for candy making (hard candy based on syrups or gummy or corn starch molds). The circuits are casted in candy “molds” to serve different ideas defined by the participants: extreme hardware fetishist lollipops, philosophical props into sensory perception, post-colonial critique of the sugar cane addiction and slavery, scientific interest in triggering taste buds etc. This probe into the edible hardware is also a celebration of the DIY culture of sharing behind cooking, but also Open Source Hardware that bridges the divisions between the kitchen, the hardware studio and the science lab. Instead of applying science and technology to cooking and tasting (typical for molecular gastronomy & haute cuisine), the electroedibles use the experiences of candy cooking and to engage with different science and technology issues in enjoyable and funny ways. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9025.html Saal Clarke Denisa Kera yair reshef Zohar Messeca-Fara PUBLISH 9027@34c3@pentabarf.org 9027 34c3-9027-the_work_of_art_in_the_age_of_digital_assassination The Work of Art in the Age of Digital Assassination English en 20171227T133000 20171227T140000 003000 The Work of Art in the Age of Digital Assassination- My talk explores the interconnected nature of war and culture. It does so through the context of technology and political discourse in contemporary art. With a view from the battle fields of the Middle East, both real and imagined, I attempt to dissect how the political discourse of academia and the art world trickles down to everyday discussions. A simple word such as "assassination" becomes rife with racism when its etymology can be linked to anti-Muslim propaganda that originated during the Crusades. And today assassination is the primary political tool of the West to negotiate with Muslim radicals, even violating their own rules of citizenship, constitutional, and human rights protections in the process. With this backdrop, we see how the artistic works of such diverse artists such as Chris Marker, Chris Burden, Haroun Farouki, Anish Kapoor, and Banksy have evolved to reflect the political discourse of the moment. The digital advancements of the war zone, I argue, are reflected in the diametrically opposed peaceful spaces of the gallery, museum, or art house cinema. As the digital defeats analogue, the act of killing becomes disconnected from the killer, with democracies spreading thei blame over systemic failures rather than facing the reality of death. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9027.html Saal Clarke Saud Al-Zaid PUBLISH 9028@34c3@pentabarf.org 9028 34c3-9028-internet_censorship_in_the_catalan_referendum Internet censorship in the Catalan referendum Overview of how the state censored and how it got circumvented English en 20171229T151500 20171229T161500 010000 Internet censorship in the Catalan referendum- Overview of how the state censored and how it got circumvented On October 1st the Catalan society held a referendum to decide if they wanted to stay part of the Spanish state or create an independent state. This talk will explain the internet censorship which took place in the weeks before the referendum, on the very same day as well as in the timer after the referendum. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9028.html Saal Dijkstra Matthias PUBLISH 9029@34c3@pentabarf.org 9029 34c3-9029-uncovering_vulnerabilities_in_hoermann_bisecur Uncovering vulnerabilities in Hoermann BiSecur An AES encrypted radio system English en 20171228T233000 20171229T003000 010000 Uncovering vulnerabilities in Hoermann BiSecur- An AES encrypted radio system Hoermann BiSecur is a bi-directional wireless access control system “for the convenient and secure operation of garage and entrance gate operators, door operators, lights […]” and smart home devices. The radio signal is AES-128 encrypted and the system is marketed to be “as secure as online banking”. In comparison to conventional and often trivial to break wireless access control systems, the system should thus make it practically infeasible to clone a genuine transmitter so that attackers can get unauthorized access. We used the low-cost CCC rad1o software defined radio (SDR) platform to intercept and analyze the wireless radio signal. We took apart several Hoermann BiSecur hand transmitters and subsequently utilized a vulnerability in the microcontroller to successfully extract the firmware. In order to conduct a security audit, the extracted firmware was disassembled and analyzed so that the encryption mechanism, the key material, the cryptographic operations as well as the RF interface could be reverse engineered. Our security analysis shows that the overall security design is sound, but the manufacturer failed to properly initialize the random seed of the transmitters. As a result, an attacker can intercept an arbitrary radio frame and trivially compute the utilized encryption key within less than a second. Once the key is known to the attacker, a genuine transmitter can be cloned with an SDR platform such as the CCC rad1o. In addition to unauthorized operation of gates and doors, there is a likely (although currently untested) impact on Smart Home appliances that use the BiSecur system. We tested a total of 7 hand transmitters from 3 different model series and with manufacturing dates between 2015 and 2017. All analyzed hand transmitters shared the same static random seed and were found to be vulnerable to our attack. The vulnerability can easily be fixed so that future hand transmitters and radio transmission are protected from our attack. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9029.html Saal Clarke Markus Muellner Markus Kammerstetter PUBLISH 9030@34c3@pentabarf.org 9030 34c3-9030-algorithmic_science_evaluation_and_power_structure_the_discourse_on_strategic_citation_and_citation_cartels Algorithmic science evaluation and power structure: the discourse on strategic citation and 'citation cartels' English en 20171227T153000 20171227T160000 003000 Algorithmic science evaluation and power structure: the discourse on strategic citation and 'citation cartels'- Quantitative science evaluation, such as university rankings, rely on man-made algorithms and man-made databases. The modelling decisions underlying this data-driven algorithmic science evaluation are, among other things, the outcome of a specific power structure in the science system. Power relations are especially visible, when negotiated during processes of boundary work. Therefore, we use the discourse on 'citation cartels', to shed light on a specific perception of fairness in the scientific system, as well as on the actors who are in charge. While doing so, we draw analogies to the discourse on search engine optimization. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9030.html Saal Clarke J. Hartstein Teresa Isigkeit Franziska Sörgel PUBLISH 9031@34c3@pentabarf.org 9031 34c3-9031-mietshausersyndikat_den_immobilienmarkt_hacken Mietshäusersyndikat: den Immobilienmarkt hacken Wie man ein Haus kaufen kann ohne es zu besitzen German de 20171230T113000 20171230T120000 003000 Mietshäusersyndikat: den Immobilienmarkt hacken- Wie man ein Haus kaufen kann ohne es zu besitzen Das Mietshäusersyndikat ist eine nicht-kommerzielle Kooperative mit dem Ziel, Bereiche von selbstorganisiertem Wohnen zu schaffen, ohne selbst Vermieter zu werden. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9031.html Saal Adams Anita Hopes PUBLISH 9034@34c3@pentabarf.org 9034 34c3-9034-bbss_and_early_internet_access_in_the_1990ies BBSs and early Internet access in the 1990ies Modems, FIDO, Z-Netz, Usenet, UUCP, SLIP and ISDN English en 20171227T151500 20171227T161500 010000 BBSs and early Internet access in the 1990ies- Modems, FIDO, Z-Netz, Usenet, UUCP, SLIP and ISDN This talk explains how individuals were able to communicate globally in the 1990ies using self-organized networks of BBSsin networks like FIDO and Z-Netz, before individual access to the Internet was possible. It also covers the efforts of non-profit organizations to provide individual access to Internet Mail+News via UUCP and later via IP during that period. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9034.html Saal Dijkstra LaForge PUBLISH 9036@34c3@pentabarf.org 9036 34c3-9036-open_source_estrogen Open Source Estrogen From molecular colonization to molecular collaboration English en 20171229T151500 20171229T161500 010000 Open Source Estrogen- From molecular colonization to molecular collaboration Collaborative and interdisciplinary research, Open Source Estrogen combines biohacking and artistic intervention to demonstrate the entrenched ways in which estrogen is a biomolecule with institutional biopower. It is a form of biotechnical civil disobedience, seeking to subvert dominant biopolitical agents of hormonal management, knowledge production, and anthropogenic toxicity. Thus, the project initiates a cultural dialogue through the generation of DIY/DIWO (do-it-yourself/do-it-with-others) for the detection and extraction of estrogen, and contextualized as kitchen performance and queer body worship. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9036.html Saal Clarke maggic PUBLISH 9040@34c3@pentabarf.org 9040 34c3-9040-access_to_bodies Access To Bodies Ein Leitfaden für post-humane Computer- und Körperanwendungen German de 20171227T194500 20171227T201500 003000 Access To Bodies- Ein Leitfaden für post-humane Computer- und Körperanwendungen Cyborgs und Body Enhancement sind typisch männlich dominierte Thematiken (Terminator etc). Im Gegensatz dazu ist zB die weiblich konotierte Beautybranche auch hochtechnisiert. Körper und Technologie sind auf verschiedenen Ebenen hier schon eng verzahnt. Diese beiden Bereiche zusammenzubringen ist FUN. Stehen Computer eigentlich auf rosa? PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9040.html Saal Dijkstra Nadja Buttendorf PUBLISH 9044@34c3@pentabarf.org 9044 34c3-9044-growing_up_software_development Growing Up Software Development From Hacker Culture to the Software of the Future English en 20171228T231500 20171228T234500 003000 Growing Up Software Development- From Hacker Culture to the Software of the Future Hacker culture overcomes limitations in computer systems through creativity and tinkering. At the same time, hacker culture has shaped the practice of software development to this day. This is problematic - techniques effective for breaking (into) a computer systems are not necessarily suitable for developing resilient and secure systems. It does not have to be this way: We can approach software development as a methodical, systematic activity rather than tinkering, and teach it accordingly. I'll review my experience teaching these methods for the past 18 years and give some suggestions on what *you* may do. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9044.html Saal Dijkstra Mike Sperber PUBLISH 9045@34c3@pentabarf.org 9045 34c3-9045-extended_dna_analysis Extended DNA Analysis Political pressure for DNA-based facial composites English en 20171229T223000 20171229T230000 003000 Extended DNA Analysis - Political pressure for DNA-based facial composites In 2017, the federal states of Baden-Wurttemberg and Bavaria suggested the extension of the law on the analysis of forensic DNA. Up to now, DNA fingerprinting in forensic settings may, in addition to non-coding features of DNA, only analyze the chromosomal sex of the person, but not any other openly visible feature. Bavaria and Baden-Wurttemberg, under the leadership of CSU and the Green party, are pushing forward to analyze DNA found at crime scenes regarding hair color, eye color, skin color and in the case of Bavaria even geographical ethnicity. Extended DNA analysis, or “DNA facial composite” is seen as an impartial witness to the crime and, in the eyes of the states’ government, would help solve crimes. But would it? PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9045.html Saal Clarke _Adora_Belle_ PUBLISH 9047@34c3@pentabarf.org 9047 34c3-9047-taxation Taxation English en 20171229T113000 20171229T120000 003000 Taxation- Taxation, the most "boring" #34c3 talk, but hey it's the economy stupid, and you pay for it! We will a provide a quick overview of the international taxation system. Explaining what a Double Irish Sandwich is. Why international corporations like Google only pays 2.4% taxes. And how your favourite tech companies (Google, Amazon, Apple, Microsoft, ... ) evaded billions in taxes. This tax-dodging costs the European Union more than $50 billion. Annually. We bring this numbers into perspective. And why you pay more. And how you should discuss that topic, since it defines how our society will be. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9047.html Saal Clarke vavoida PUBLISH 9055@34c3@pentabarf.org 9055 34c3-9055-science_is_broken Science is broken How much can we trust science in light failed replications, bogus results and widespread questionable research practices? English en 20171227T150000 20171227T153000 003000 Science is broken- How much can we trust science in light failed replications, bogus results and widespread questionable research practices? We're supposed to trust evidence-based information in all areas of life. However disconcerting news from several areas of science must make us ask how much we can trust scientific evidence. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9055.html Saal Clarke hanno PUBLISH 9056@34c3@pentabarf.org 9056 34c3-9056-bringing_linux_back_to_server_boot_roms_with_nerf_and_heads Bringing Linux back to server boot ROMs with NERF and Heads English en 20171229T121500 20171229T124500 003000 Bringing Linux back to server boot ROMs with NERF and Heads- The NERF and Heads projects bring Linux back to the cloud servers' boot ROMs by replacing nearly all of the vendor firmware with a reproducible built Linux runtime that acts as a fast, flexible, and measured boot loader. It has been years since any modern servers have supported Free Firmware options like LinuxBIOS or coreboot, and as a result server and cloud security has been dependent on unreviewable, closed source, proprietary vendor firmware of questionable quality. With Heads on NERF, we are making it possible to take back control of our systems with Open Source Software from very early in the boot process, helping build a more trustworthy and secure cloud. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9056.html Saal Clarke Trammell Hudson PUBLISH 9058@34c3@pentabarf.org 9058 34c3-9058-everything_you_want_to_know_about_x86_microcode_but_might_have_been_afraid_to_ask Everything you want to know about x86 microcode, but might have been afraid to ask An introduction into reverse-engineering x86 microcode and writing it yourself English en 20171228T183000 20171228T193000 010000 Everything you want to know about x86 microcode, but might have been afraid to ask- An introduction into reverse-engineering x86 microcode and writing it yourself Microcode is an abstraction layer on top of the physical components of a CPU and present in most general-purpose CPUs today. While it is well-known that CPUs feature a microcode update mechanism, very little is known about its inner workings given that microcode and the update mechanism itself are proprietary and have not been throughly analyzed yet. We close this gap by both analyzing microcode and writing our own programs for it. This talk will give an insight into our results and how we achieved them, including live demos of what we can do and technical details. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9058.html Saal Adams Benjamin Kollenda Philipp Koppe PUBLISH 9063@34c3@pentabarf.org 9063 34c3-9063-ensuring_climate_data_remains_public Ensuring Climate Data Remains Public English en 20171229T223000 20171229T230000 003000 Ensuring Climate Data Remains Public- How do we keep important environmental and climate data accessible amidst political instability and risk? What even counts as an “accessible” dataset? Could we imagine better infrastructures for vital data? By describing the rapid data preservation efforts of U.S. environmental data that started in the wake of the recent election, I’ll address these questions and the new and existing issues that preservation surfaced about the vulnerability of data infrastructures. I'll focusing on specific projects, including the work of EDGI, that is trying to address these challenges by creating alternate forms of access and infrastructure! PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9063.html Saal Borg dcwalk PUBLISH 9064@34c3@pentabarf.org 9064 34c3-9064-the_ultimate_apollo_guidance_computer_talk The Ultimate Apollo Guidance Computer Talk English en 20171227T233000 20171228T003000 010000 The Ultimate Apollo Guidance Computer Talk- The Apollo Guidance Computer ("AGC") was used onboard the Apollo spacecraft to support the Apollo moon landings between 1969 and 1972. This talk explains "everything about the AGC", including its quirky but clever hardware design, its revolutionary OS, and how its software allowed humans to reach and explore the moon. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9064.html Saal Borg Michael Steil Christian Hessmann PUBLISH 9070@34c3@pentabarf.org 9070 34c3-9070-financial_surveillance Financial surveillance Exposing the global banking watchlist English en 20171228T194500 20171228T204500 010000 Financial surveillance- Exposing the global banking watchlist Faced with new responsibilities to prevent terrorism and money laundering, banks have built a huge surveillance infrastructure sweeping up millions of innocent people. Investigative journalists Jasmin Klofta and Tom Wills explain how, as part of an international collaboration, they exposed World-Check, the privately-run watchlist at the heart of the system. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9070.html Saal Clarke Jasmin Klofta Tom Wills PUBLISH 9072@34c3@pentabarf.org 9072 34c3-9072-bgp_and_the_rule_of_custom BGP and the Rule of Custom How the internet self-governs without international law English en 20171227T224500 20171227T231500 003000 BGP and the Rule of Custom- How the internet self-governs without international law When bad actors can simply move servers from country to country, why does the internet remain reasonably civil ? How does one get on, or get kicked off, of the internet ? Why do fraud and child abuse websites regularly get shut down but thepiratebay remains living ? I will explain BGP, the protocol that knits the internet together, also covering the world of last resort hosting, bulletproof hosting and high profile cases of servers that were taken offline and servers which could not be taken offline despite significant effort. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9072.html Saal Dijkstra Caleb James DeLisle PUBLISH 9075@34c3@pentabarf.org 9075 34c3-9075-latticehacks LatticeHacks Fun with lattices in cryptography and cryptanalysis English en 20171228T221500 20171228T231500 010000 LatticeHacks- Fun with lattices in cryptography and cryptanalysis Lattices are an extremely useful mathematical tool for cryptography. This talk will explain the basics of lattices in cryptography and cryptanalysis. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9075.html Saal Adams djb Tanja Lange Nadia Heninger PUBLISH 9077@34c3@pentabarf.org 9077 34c3-9077-humans_as_software_extensions Humans as software extensions Will You Be My Plugin? English en 20171228T194500 20171228T201500 003000 Humans as software extensions- Will You Be My Plugin? While technology is often described as an extension of our bodies, this talk will explore a reversed relationship: Bodies and minds of digital laborers (you and me and basically everybody else) as software extensions that can be easily plugged in, rewired, and discarded. I will approach this topic from an artist's point of view. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9077.html Saal Dijkstra Sebastian Schmieg PUBLISH 9085@34c3@pentabarf.org 9085 34c3-9085-uncertain_concern Uncertain Concern How Undocumented Immigrants in the US Navigate Technology English en 20171230T151500 20171230T161500 010000 Uncertain Concern- How Undocumented Immigrants in the US Navigate Technology Over 11 million undocumented immigrants live in the United States today. Immediately after taking office, the Trump administration issued two executive orders pumping resources into border and immigration enforcement agencies, heightening fears of deportation, harassment, and family separation among immigrant communities. In the following months reports emerged of increased immigration enforcement activity and hints about the deployment of new high-tech methods by the immigration enforcement agency. I will discuss the current state of immigration enforcement in the US and associated surveillance capabilities, the results of a study with undocumented immigrants about their technology practices, and the takeaways for the technology and privacy community in supporting communities of heightened risk. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9085.html Saal Clarke Allison McDonald PUBLISH 9086@34c3@pentabarf.org 9086 34c3-9086-protecting_your_privacy_at_the_border Protecting Your Privacy at the Border Traveling with Digital Devices in the Golden Age of Surveillance English en 20171229T183000 20171229T193000 010000 Protecting Your Privacy at the Border- Traveling with Digital Devices in the Golden Age of Surveillance Our lives are on our laptops – family photos, medical documents, banking information, details about what websites we visit, and so much more. Digital searches at national borders can reach our personal correspondence, health information, and financial records, allowing an affront to privacy and dignity which is inconsistent with the values of a free society. While privacy and security is important for any traveler, this has become a critical issue for international conferences and their attendees, who shouldn’t need to trade off an invasive search for participating in important conversations. This talk will discuss the both the legal and policy issues with border searches, as well as technological measures people can use in an effort to protect their data. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9086.html Saal Adams Kurt Opsahl William Budington PUBLISH 9087@34c3@pentabarf.org 9087 34c3-9087-organisational_structures_for_sustainable_free_software_development Organisational Structures for Sustainable Free Software Development English en 20171230T143000 20171230T150000 003000 Organisational Structures for Sustainable Free Software Development- What kind of organisational structures exist for free software projects? What funding sources? How can you avoid pitfalls with funding, support volunteers, and stay a happy family? PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9087.html Saal Clarke mo PUBLISH 9091@34c3@pentabarf.org 9091 34c3-9091-all_creatures_welcome All Creatures Welcome work in progress beta preview of the documentary German de 20171228T004500 20171228T021500 013000 All Creatures Welcome - work in progress beta preview of the documentary ALL CREATURES WELCOME is a documentary film about the communities of the digital age. It shows the possibilities of new paths and new perspectives for society by using hacking as a mind-set. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9091.html Saal Adams Sandra Trostel PUBLISH 9092@34c3@pentabarf.org 9092 34c3-9092-ladeinfrastruktur_fur_elektroautos_ausbau_statt_sicherheit Ladeinfrastruktur für Elektroautos: Ausbau statt Sicherheit Warum das Laden eines Elektroautos unsicher ist German de 20171227T124500 20171227T134500 010000 Ladeinfrastruktur für Elektroautos: Ausbau statt Sicherheit- Warum das Laden eines Elektroautos unsicher ist Wir retten das Klima mit Elektroautos — und bauen die Ladeinfrastruktur massiv aus. Leider werden dabei auch Schwachstellen auf allen Ebenen sichtbar: Von fehlender Manipulationssicherheit der Ladesäulen bis hin zu inhärent unsicheren Zahlungsprotokollen und kopierbaren Zahlkarten. Ladesäulenhersteller und Ladenetzbetreiber lassen ihre Kunden im Regen stehen — geht das schnelle Wachstum des Marktanteils zu Lasten der Kundensicherheit? PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9092.html Saal Adams Mathias Dalheimer PUBLISH 9094@34c3@pentabarf.org 9094 34c3-9094-modern_key_distribution_with_claimchain Modern key distribution with ClaimChain A decentralized Public Key Infrastructure that supports privacy-friendly social verification English en 20171230T121500 20171230T124500 003000 Modern key distribution with ClaimChain- A decentralized Public Key Infrastructure that supports privacy-friendly social verification ClaimChain is a Public Key Infrastructure unique in that it can operate in fully decentralized settings with no trusted parties. A vouching mechanism among users, similar to the Web of Trust, assists with social authentication but without revealing the users' social graph. High-integrity data structures prevent equivocation and help detect compromises; the protocol can support generic claims (conventional PGP, modern OTR/Signal etc.); and a prototype evaluation indicates that ClaimChain can scale. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9094.html Saal Dijkstra prometheas PUBLISH 9095@34c3@pentabarf.org 9095 34c3-9095-antipatterns_und_missverstandnisse_in_der_softwareentwicklung Antipatterns und Missverständnisse in der Softwareentwicklung Eine Geschichte voller Missverständnisse German de 20171229T143000 20171229T150000 003000 Antipatterns und Missverständnisse in der Softwareentwicklung- Eine Geschichte voller Missverständnisse Anhand von Anekdoten aus 20 Jahren Softwareentwicklung versucht der Vortrag herauszuarbeiten, was in der Praxis zu scheiternden Projekten führt. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9095.html Saal Adams Fefe PUBLISH 9104@34c3@pentabarf.org 9104 34c3-9104-how_alice_and_bob_meet_if_they_don_t_like_onions How Alice and Bob meet if they don't like onions Survey of Network Anonymisation Techniques English en 20171229T210000 20171229T220000 010000 How Alice and Bob meet if they don't like onions- Survey of Network Anonymisation Techniques There exists no such thing as a perfect anonymity network with low latency, low bandwith consumption which provides strong anonymity. Popular anonymisation networks rightfully focus on Web browsing, because that is the most popular application on todays Internet. The most popular anonymisation network is, rightfully so, Tor. You might, however, not have the requirements that mandate the use of the Tor network and thus are looking for alternatives. In this talk, we present alternatives to the popular Tor anonymisation network and examine what they achieve and how they differ. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9104.html Saal Dijkstra Tobias Mueller Erik Matthias PUBLISH 9105@34c3@pentabarf.org 9105 34c3-9105-coming_soon_machine-checked_mathematical_proofs_in_everyday_software_and_hardware_development Coming Soon: Machine-Checked Mathematical Proofs in Everyday Software and Hardware Development English en 20171229T124500 20171229T134500 010000 Coming Soon: Machine-Checked Mathematical Proofs in Everyday Software and Hardware Development- Most working engineers view machine-checked mathematical proofs as an academic curiosity, if they have ever heard of the concept at all. In contrast, activities like testing, debugging, and code review are accepted as essential. They are woven into the lives of nearly all developers. In this talk, I will explain how I see machine-checked proofs enabling new everyday activities for developers of computer software and hardware. These activities have the potential to lower development effort dramatically, at the same time as they increase our assurance that systems behave correctly and securely. I will give a cosmological overview of this field, answering the FAQs that seem to stand in the way of practicality; and I will illustrate the principles with examples from projects that you can clone from GitHub today, covering the computing stack from digital hardware design to cryptographic software and applications. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9105.html Saal Dijkstra Adam Chlipala PUBLISH 9106@34c3@pentabarf.org 9106 34c3-9106-pointing_fingers_at_the_media Pointing Fingers at 'The Media' The Bundestagswahl 2017 and Rise of the AfD English en 20171227T194500 20171227T204500 010000 Pointing Fingers at 'The Media'- The Bundestagswahl 2017 and Rise of the AfD The German election in September 2017 brought a tectonic shift to the layout of German politics. With the AfD in parliament far-right illiberalism has reached the mainstream. We investigate the communicative developments underlying this rise. Using web-scraping and automated content analysis, we collected over 10.000 articles from mainstream-news and far-right blogs, along with over 90GBs of Tweets and thousands of Facebook-Posts. This allows us a deep insight into how public discourse works in 2017 Germany. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9106.html Saal Borg alebey PUBLISH 9110@34c3@pentabarf.org 9110 34c3-9110-history_and_implications_of_drm History and implications of DRM From tractors to Web standards English en 20171229T134500 20171229T141500 003000 History and implications of DRM- From tractors to Web standards Digital Restrictions Management (DRM) is found everywhere from music to cars and, most recently, World Wide Web Consortium recommendations. How did we get here and where are we going with DRM? Who really owns not just your tools, but your experiences when someone (or something) else is controlling access to the data and access around them? We'll attempt to answer these questions, and more, in a historical overview, contemporary analysis, and look towards the future. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9110.html Saal Clarke Molly de Blanc PUBLISH 9111@34c3@pentabarf.org 9111 34c3-9111-public_fpga_based_dma_attacking Public FPGA based DMA Attacking English en 20171230T000000 20171230T003000 003000 Public FPGA based DMA Attacking- Most thought Direct Memory Access (DMA) attacks were a thing of the past after CPU vendors introduced IOMMUs and OS vendors blocked Firewire DMA. At least until the PCILeech direct memory access attack toolkit was presented a year ago and quickly became popular amongst red teamers and governments alike. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9111.html Saal Clarke Ulf Frisk PUBLISH 9113@34c3@pentabarf.org 9113 34c3-9113-mqa_-_a_clever_stealth_drm-trojan MQA - A clever stealth DRM-Trojan A critical look on a new audio Format English en 20171230T151500 20171230T161500 010000 MQA - A clever stealth DRM-Trojan- A critical look on a new audio Format Master Quality Authenticated (MQA) is a new audio format promising studio sound at home and no DRM. We take a critical look both at the sound-quality aspects as well as on the DRM story of MQA. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9113.html Saal Dijkstra Christoph Engemann Anton.schlesinger@studio-singer.de PUBLISH 9119@34c3@pentabarf.org 9119 34c3-9119-ein_festival_der_demokratie Ein Festival der Demokratie Von Technik, Kollaborationen und Erreichtem zum G20-Gipfel 2017 German de 20171229T221500 20171229T231500 010000 Ein Festival der Demokratie- Von Technik, Kollaborationen und Erreichtem zum G20-Gipfel 2017 Erfahrungen und Details zu den zwei kritischen Medienprojekten FC/MC (alternatives Medienzentrum im Herzen der Stadt) und THERE IS NO TIME (Live-Talks am Rande des Sperrgebiets und über die Stadt verteilte Video-Empfangsstationen) und ihrer Kollaboration mit dem VOC zum G20 Gipfel in Hamburg. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9119.html Saal Dijkstra Daniel Möring (TINT Kollektiv) h01ger nuriye@thereisnotime.net maren@nadir.org Oliver Gemballa PUBLISH 9125@34c3@pentabarf.org 9125 34c3-9125-net_neutraliy_enforcement_in_the_eu Net Neutraliy Enforcement in the EU English en 20171229T143000 20171229T150000 003000 Net Neutraliy Enforcement in the EU- After four years of advocacy and lobbying to enshrine net neutrality principles in law in Europe, we can now examine the first full year of enforcement of the new rules. We will compare the enforcment of net neutrality in the individual EU member states, showcase a few of the more creative net neutrality violations and demonstrate what civil society can do to keep the Internet neutral. Enforcing net neutrality also requires network measurement tools that can detect discrimination; we will discuss what progress Europe has made in this regard. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9125.html Saal Clarke Thomas Lohninger PUBLISH 9134@34c3@pentabarf.org 9134 34c3-9134-es_sind_die_kleinen_dinge_im_leben_ii Es sind die kleinen Dinge im Leben II was alles geht und wie man anfängt, mit Mikroskopen German de 20171229T231500 20171229T234500 003000 Es sind die kleinen Dinge im Leben II- was alles geht und wie man anfängt, mit Mikroskopen Jeder weiß ungefähr was man mit einem Mikroskop tun kann: Kleine Dinge ansehen. Aber wie geht das genau, was braucht man dafür und gibt es da nicht eine Möglichkeit, dass da digitale Bilder rauspurzeln? Das hier soll eine Einführung sein, und zwar in die Grundlagen von Mikroskopen, wo der Unterschied zu anderen Optiken (Fotografie, Teleskope) ist und wie man zu Hause mit einfachen Mitteln schöne Bilder machen kann. Was kann man sinnvolles an den Nachwuchs verschenken, was taugen Anstreck-Dinger für das Smartphone oder USB-Mikroskope, wie fange ich zu Hause mit Mikroskopie an und was kann man überhaupt so alles betrachten? Quasi Micsorcopy 101. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9134.html Saal Clarke André Lampe PUBLISH 9135@34c3@pentabarf.org 9135 34c3-9135-aslr_on_the_line ASLR on the line Practical cache attacks on the MMU English en 20171228T221500 20171228T231500 010000 ASLR on the line- Practical cache attacks on the MMU Address Space Layout Randomization (ASLR) is fundamentally broken on modern hardware due to a side-channel attack on the Memory management unit, allowing memory addresses to be leaked from JavaScript. This talk will show how. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9135.html Saal Clarke brainsmoke PUBLISH 9138@34c3@pentabarf.org 9138 34c3-9138-closing_the_loop_reconnecting_social-technologial_dynamics_to_earth_system_science Closing the loop: Reconnecting social-technologial dynamics to Earth System science English en 20171229T214500 20171229T221500 003000 Closing the loop: Reconnecting social-technologial dynamics to Earth System science- International commitment to the appropriately ambitious Paris climate agreement and the United Nations Sustainable Development Goals in 2015 has pulled into the limelight the urgent need for major scientific progress in understanding and modelling the Anthropocene, the tightly intertwined social-techno-ecological planetary system that humanity now inhabits. The Anthropocene qualitatively differs from previous eras in Earth’s history in three key characteristics: (1) There is planetary-scale human agency. (2) There are social and economic networks of teleconnections spanning the globe. (3) It is dominated by planetary-scale social-ecological feedbacks. Bolting together old concepts and methodologies cannot be an adequate approach to describing this new geological era. Instead, we need a new paradigm in Earth System science that is founded equally on a deep understanding of the physical and biological Earth System – and of the economic, technological, social and cultural forces that are now an intrinsic part of it. It is time to close the loop and bring socially mediated dynamics and the technosphere explicitly into theory, analysis and computer models that let us study the whole Earth System. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9138.html Saal Borg Jonathan Donges PUBLISH 9142@34c3@pentabarf.org 9142 34c3-9142-resilienced_kryptographie Resilienced Kryptographie German de 20171229T183000 20171229T193000 010000 Resilienced Kryptographie- Die Sicherheitsdesaster bei der Schlüsselgenerierung in TPM Chips und bei der Minix 3 basierten Intel ME Implementierung zeigen, dass das Vertrauen in hardwaregestützte Coputersicherheit grundlegend hinterfragt werden muss. Die Robustness in feindlicher Umgebung kann mit anspruchsvolleren kryptographische Verfahren mathematisch abgesichert erhöht werden. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9142.html Saal Dijkstra ruedi cforler PUBLISH 9147@34c3@pentabarf.org 9147 34c3-9147-unleash_your_smart-home_devices_vacuum_cleaning_robot_hacking Unleash your smart-home devices: Vacuum Cleaning Robot Hacking Why is my vacuum as powerful as my smartphone? English en 20171227T154500 20171227T161500 003000 Unleash your smart-home devices: Vacuum Cleaning Robot Hacking- Why is my vacuum as powerful as my smartphone? Did you ever want to run your own IoT cloud on your IoT devices? Or did you ever wonder what data your vacuum cleaning robot is transmitting to the vendor? Why a vacuum cleaning robot needs tcpdump? Nowadays IoT devices are getting more and more powerful and contain a lot of sensors. As most devices are connected directly to the vendor and transmit all data encrypted to the cloud, this may result in privacy issues. An IoT device with no internet connection lacks numerous features or is even unusable. We want to change that. We show you how to root a Xiaomi vacuum cleaning robot in order to get access to the underlying Linux operating system(Ubuntu 14.04 LTS), <b>**without opening the device or tampering the warranty seals**</b>. Furthermore, we will have a look into the vendors cloud interface and its commands, and will show you how to de-attach the device from the cloud and connect it to your local Smart Home system. Finally, we will demonstrate how to run Smart Home software directly on the vacuum cleaning robot itself. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9147.html Saal Borg Dennis Giese DanielAW PUBLISH 9148@34c3@pentabarf.org 9148 34c3-9148-italy_s_surveillance_toolbox Italy's surveillance toolbox Research on Monitoring Italian Government Surveillance Capabilities by means of Transparency tools English en 20171230T130000 20171230T133000 003000 Italy's surveillance toolbox- Research on Monitoring Italian Government Surveillance Capabilities by means of Transparency tools This project aims to take advantage of the availability of public procurement data sets, required by anticorruption transparency laws, to discover government surveillance capabilities in Italy. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9148.html Saal Dijkstra boter PUBLISH 9150@34c3@pentabarf.org 9150 34c3-9150-robot_music Robot Music The Robots Play Our Music and What Do We Do? English en 20171229T000000 20171229T003000 003000 Robot Music- The Robots Play Our Music and What Do We Do? Once full automation hits, we will have a lot of free time on our hands. This project demonstrates early explorations in computer generated music via robot hands, old computers and generative algorithms. While the robot performs, we sit next to it and invite people for a conversation about robots being “creative” and “stealing our jobs”. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9150.html Saal Dijkstra jacob remin goto80 PUBLISH 9159@34c3@pentabarf.org 9159 34c3-9159-demystifying_network_cards Demystifying Network Cards Things you always wanted to know about NIC drivers English en 20171227T124500 20171227T131500 003000 Demystifying Network Cards- Things you always wanted to know about NIC drivers Network cards are often seen as black boxes: you put data in a socket on one side and packets come out at the other end - or the other way around. Let's have a deeper look at how a network card actually works at the lower levels by writing a simple user space driver from scratch for a 10 Gbit/s NIC. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9159.html Saal Borg Paul Emmerich PUBLISH 9172@34c3@pentabarf.org 9172 34c3-9172-fuck_dutch_mass-surveillance_let_s_have_a_referendum Fuck Dutch mass-surveillance: let's have a referendum! Forcing the Netherlands to publicly debate privacy and the intelligence agencies English en 20171230T143000 20171230T150000 003000 Fuck Dutch mass-surveillance: let's have a referendum!- Forcing the Netherlands to publicly debate privacy and the intelligence agencies Dutch intelligence agencies will soon be allowed to analyse bulk data of civilians on a massive scale, by intercepting internet traffic and through real-time access to all kinds of databases. They will also start hacking third-parties. My friends and I want to stop this. We started an action to enforce a referendum on the law. Surprisingly, it worked! How do we get most out of this opportunity? PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9172.html Saal Adams niinja PUBLISH 9176@34c3@pentabarf.org 9176 34c3-9176-this_is_not_a_proposal_about_mass_surveillance This is NOT a proposal about mass surveillance! Analysing the terminology of the UK’s Snooper’s Charter English en 20171229T233000 20171230T003000 010000 This is NOT a proposal about mass surveillance!- Analysing the terminology of the UK’s Snooper’s Charter In November 2016 the UK has passed the Investigatory Powers Act (aka Snooper’s Charter). This act unprecedentedly extends surveillance powers of the state – p.e. legalising the hacking of devices or forcing Internet Service Providers to collect web browsing histories – one does not even need to be suspected of a crime. This talk investigates the choice of words of the parliamentary debates and reveals how euphemistic and understating terminology discloses the extent of surveillance and justifies the causeless intrusion into everyone’s privacy. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9176.html Saal Adams Lisa PUBLISH 9178@34c3@pentabarf.org 9178 34c3-9178-on_the_prospects_and_challenges_of_weather_and_climate_modeling_at_convection-resolving_resolution On the Prospects and Challenges of Weather and Climate Modeling at Convection-Resolving Resolution English en 20171229T194500 20171229T204500 010000 On the Prospects and Challenges of Weather and Climate Modeling at Convection-Resolving Resolution- The representation of thunderstorms (deep convection) and rain showers in climate models represents a major challenge, as this process is usually approximated with semi-empirical parameterizations due to the lack of appropriate computational resolution. Climate simulations using kilometer-scale horizontal resolution allow explicitly resolving deep convection and thus allow for an improved representation of the water cycle. We present a set of such simulations covering Europe and global computational domains. Finally, we discuss challenges and prospects climate modelers face on heterogeneous supercomputers architectures. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9178.html Saal Borg David Leutwyler PUBLISH 9182@34c3@pentabarf.org 9182 34c3-9182-upsat_-_the_first_open_source_satellite UPSat - the first open source satellite Going to space the libre way English en 20171229T163000 20171229T170000 003000 UPSat - the first open source satellite- Going to space the libre way During 2016 Libre Space Foundation a non-profit organization developing open source technologies for space, designed, built and delivered UPSat, the first open source software and hardware satellite. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9182.html Saal Clarke Pierros Papadeas PUBLISH 9184@34c3@pentabarf.org 9184 34c3-9184-a_hacker_s_guide_to_climate_change_-_what_do_we_know_and_how_do_we_know_it A hacker's guide to Climate Change - What do we know and how do we know it? An introduction to the basics of climate research and what we can do about climate change English en 20171229T183000 20171229T193000 010000 A hacker's guide to Climate Change - What do we know and how do we know it?- An introduction to the basics of climate research and what we can do about climate change Climate change has long ceased to be news to many people, but it is increasingly shaping humanity's reality. This talk sheds light on the changes in the climate system and their consequences. We introduce the basics and discuss possible actions in response. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9184.html Saal Borg Katja Bigge (seyru) Sven Willner Robert Gieseke PUBLISH 9188@34c3@pentabarf.org 9188 34c3-9188-hacking_disaster hacking disaster mit Krisenintervention den Kapitalismus hacken German de 20171227T113000 20171227T123000 010000 hacking disaster- mit Krisenintervention den Kapitalismus hacken Gesundheit als entscheidender Teil von Glück und Zufriedenheit ist bis in ihre kleinsten Teilbereiche „durchkapitalisiert“. Und dieser Prozess macht auch vor humanitärer Hilfe und Krisenintervention nicht halt. In diesem Talk gehen wir auf verschiedene Beispiele ein und erklären, wie CADUS mit seinem Makerspace versucht, dieses Problem auf vielen Ebenen zu hacken. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9188.html Saal Borg Sebastian Jünemann PUBLISH 9189@34c3@pentabarf.org 9189 34c3-9189-satnogs_crowd-sourced_satellite_operations SatNOGS: Crowd-sourced satellite operations Satellite Open Ground Station Network English en 20171229T170000 20171229T173000 003000 SatNOGS: Crowd-sourced satellite operations- Satellite Open Ground Station Network An overview of the SatNOGS project, a network of satellite ground station around the world, optimized for modularity, built from readily available and affordable tools and resources. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9189.html Saal Clarke Nikos Roussos PUBLISH 9190@34c3@pentabarf.org 9190 34c3-9190-catch_me_if_you_can_internet_activism_in_saudi_arabia Catch me if you can: Internet Activism in Saudi Arabia English en 20171227T220000 20171227T223000 003000 Catch me if you can: Internet Activism in Saudi Arabia- Activists in Saudi Arabia have been able to celebrate important victories like the recent lifting of the ban on women driving in September 2017 but have to fight on a lot of other front lines at the same time. Websites are blocked on a large scale and many activists are sent to jail on the grounds of a loosely used cybercrime law. This talk will give some insight into the current social and political strife happening on the Saudi Internet from a first-hand-perspective using some of the data collected in a collaboration with the OONI project. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9190.html Saal Clarke Noujoum PUBLISH 9193@34c3@pentabarf.org 9193 34c3-9193-internet_of_fails Internet of Fails Where IoT has gone wrong English en 20171228T163000 20171228T173000 010000 Internet of Fails- Where IoT has gone wrong Expect current examples of IoT fails that I collected during my work as a journalist in regards of privacy and security. What do such fails mean for society? What are possible solutions and what can customers do? PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9193.html Saal Borg Barbara Wimmer PUBLISH 9194@34c3@pentabarf.org 9194 34c3-9194-bildung_auf_dem_weg_ins_neuland Bildung auf dem Weg ins Neuland German de 20171227T183000 20171227T193000 010000 Bildung auf dem Weg ins Neuland- An unseren Schulen besteht ein großes Defizit hinsichtlich der Vermittlung digitaler Mündigkeit. Da mittlerweile weitgehender Konsens besteht, dass an Schulen bezüglich digitaler Technologien mehr passieren muss, reagiert die Bildungspolitik und integriert neue Medien in die Bildungspläne. Auf Basis unserer Erfahrungen, die wir im Rahmen vom Chaos Macht Schule gesammelt haben, diskutieren wir die aktuellen bildungspolitischen Entwicklungen. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9194.html Saal Borg benni dorina steffen PUBLISH 9195@34c3@pentabarf.org 9195 34c3-9195-avatar avatar² Towards an open source binary firmware analysis framework English en 20171229T163000 20171229T173000 010000 avatar²- Towards an open source binary firmware analysis framework Avatar² is an open source framework for dynamic instrumentation and analysis of binary firmware, which was released in June 2017. This talk does not only introduce avatar², but also focuses on the motivation and challenges for such a tool. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9195.html Saal Dijkstra nsr PUBLISH 9196@34c3@pentabarf.org 9196 34c3-9196-may_contain_dtraces_of_freebsd May contain DTraces of FreeBSD English en 20171228T143000 20171228T150000 003000 May contain DTraces of FreeBSD- Systems are getting increasingly complex and it's getting harder to understand what they are actually doing. Even though they are built by human individuals they often surprise us with seemingly bizarre behavior. DTrace lights a candle in the darkness that is a running production system giving us unprecedented insight into the system helping us to understand what is actually going on. We are going implement `strace`-like functionality, trace every function call in the kernel, watch the scheduler to its thing, observer how FreeBSD manages resources and even peek into runtime systems of high level programming languages. If you ever wondered what software is doing when you are not looking, this talk is for you. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9196.html Saal Dijkstra raichoo PUBLISH 9202@34c3@pentabarf.org 9202 34c3-9202-openpower_-_the_current_state_of_commercial_openness_in_cpu_development openPower - the current state of commercial openness in CPU development is there no such thing as open hardware? English en 20171230T130000 20171230T133000 003000 openPower - the current state of commercial openness in CPU development- is there no such thing as open hardware? How does developing future processors with yesterdays capabilities work out today? CPU development is something out of focus these days. In this lecture I would like to show the state-of-the-art processor development flow of POWER processors from the first initial ideas to post-silicon testing. Apart from x86 Intel products there have been initiatives across the hardware industry to form some alternative business model. I would like to show if and how this compares to real open principals. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9202.html Saal Clarke Matteo Michel PUBLISH 9205@34c3@pentabarf.org 9205 34c3-9205-bootstomp_on_the_security_of_bootloaders_in_mobile_devices BootStomp: On the Security of Bootloaders in Mobile Devices English en 20171227T220000 20171227T223000 003000 BootStomp: On the Security of Bootloaders in Mobile Devices- In our paper we present a novel tool called BootStomp able to identify security vulnerabilities in Android bootloaders (such as memory corruptions) as well as unlocking vulnerabilities. During its evaluation, BootStomp discovered 6 previously unknown vulnerabilities across 4 different bootloaders. Finally BootStomp has been open-sourced to help the security community. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9205.html Saal Dijkstra Audrey Dutcher PUBLISH 9207@34c3@pentabarf.org 9207 34c3-9207-opening_closed_systems_with_glitchkit Opening Closed Systems with GlitchKit 'Liberating' Firmware from Closed Devices with Open Source Hardware English en 20171228T221500 20171228T231500 010000 Opening Closed Systems with GlitchKit- 'Liberating' Firmware from Closed Devices with Open Source Hardware Systems that hide their firmware-- often deep in readout-protected flash or hidden in encrypted ROM chips-- have long stymied reverse engineers, who often have to resort to inventive methods to understand closed systems. To help reduce the effort needed to get a foothold into a new system, we present GlitchKit-- an open source hardware and firmware solution that significantly simplifies the process of fault-injecting your way into a new system -- and of fault-injecting firmware secrets out! This talk presents the development completed thus far, demonstrates the use of GlitchKit in simple attacks, and invites participation in the development of our open-source tools. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9207.html Saal Borg ktemkin dominicgs PUBLISH 9222@34c3@pentabarf.org 9222 34c3-9222-the_noise_protocol_framework The Noise Protocol Framework English en 20171228T211500 20171228T214500 003000 The Noise Protocol Framework- The <a href="https://noiseprotocol.org">Noise Protocol Framework</a> is a toolkit for 2-party secure-channel protocols. Noise is used by WhatsApp for client-server communication, by the WireGuard VPN protocol, and by the Lightning Network. In this talk I'll describe the rationale behind such a framework, and how you can use it to build simple, efficient, and customized secure-channel protocols. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9222.html Saal Dijkstra Trevor Perrin PUBLISH 9225@34c3@pentabarf.org 9225 34c3-9225-how_risky_is_the_software_you_use How risky is the software you use? CITL: Quantitative, Comparable Software Risk Reporting English en 20171227T151500 20171227T161500 010000 How risky is the software you use? - CITL: Quantitative, Comparable Software Risk Reporting Software vendors like to claim that their software is secure, but the effort and techniques applied to this end vary significantly across the industry. From an end-user's perspective, how do you identify those vendors who are effective at securing their software? From a vendor's perspective, how do you identify those techniques which are effective at improving security? Presenting joint work with Sarah Zatko, mudge, Patrick Stach, and Parker Thompson. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9225.html Saal Adams Tim Carstens & Parker Thompson PUBLISH 9233@34c3@pentabarf.org 9233 34c3-9233-uncovering_british_spies_web_of_sockpuppet_social_media_personas Uncovering British spies’ web of sockpuppet social media personas English en 20171227T133000 20171227T140000 003000 Uncovering British spies’ web of sockpuppet social media personas- The Joint Threat Research Intelligence Group (JTRIG), a unit in one of Britain’s intelligence agencies, is tasked with creating sockpuppet accounts and fake content on social media, in order to use "dirty tricks" to "destroy, deny, degrade [and] disrupt" enemies by "discrediting" them. In this talk, we reveal some of that content, in relation to infiltrating activists groups around the world, including during the Arab spring and Iranian revolution. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9233.html Saal Borg Mustafa Al-Bassam PUBLISH 9237@34c3@pentabarf.org 9237 34c3-9237-reverse_engineering_fpgas Reverse engineering FPGAs Dissecting FPGAs from bottom up, extracting schematics and documenting bitstream formats English en 20171228T140000 20171228T150000 010000 Reverse engineering FPGAs- Dissecting FPGAs from bottom up, extracting schematics and documenting bitstream formats In this talk I describe the basic makeup of FPGAs and how I reverse engineered the Xilinx 7 Series and Lattice iCE40 Series together with the implications. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9237.html Saal Clarke MathiasL PUBLISH 9240@34c3@pentabarf.org 9240 34c3-9240-cryptocurrencies_smart_contracts_etc_revolutionary_tech cryptocurrencies, smart contracts, etc.: revolutionary tech? short answer: Yes! English en 20171229T163000 20171229T173000 010000 cryptocurrencies, smart contracts, etc.: revolutionary tech?- short answer: Yes! Bitcoin arrived eight years ago, and has now spawned a dazzling array of follow-on technologies, including smart contracts, censorship-resistant computation, trustless databases (“blockchains”) and more. This talk attempts to highlight a few of the most significant developments in both technology and in society's response to it, including some nation-state governments banning cryptocurrencies and/or launching their own cryptocurrencies. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9240.html Saal Adams Zooko PUBLISH 9247@34c3@pentabarf.org 9247 34c3-9247-der_pc-wahl-hack Der PC-Wahl-Hack Analyse einer Wahlsoftware German de 20171227T194500 20171227T204500 010000 Der PC-Wahl-Hack- Analyse einer Wahlsoftware Hacker des Chaos Computer Clubs (CCC) haben eine in mehreren Bundesländern zur Erfassung und Auswertung der kommenden Bundestagswahl verwendete Software auf Angriffsmöglichkeiten untersucht. Die Analyse ergab eine Vielzahl von Schwachstellen und mehrere praktikable Angriffsszenarien. Diese erlauben die Manipulation von Wahlergebnissen auch über die Grenzen von Wahlkreisen und Bundesländern hinweg. Die untersuchte Software „PC-Wahl“ wird seit mehreren Jahrzehnten für die Erfassung, Auswertung und Präsentation von Wahlen auf Bundes-, Landes- und Kommunalebene eingesetzt. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9247.html Saal Adams Linus Neumann Martin Tschirsich Thorsten Schröder PUBLISH 9249@34c3@pentabarf.org 9249 34c3-9249-hardening_open_source_development Hardening Open Source Development English en 20171230T143000 20171230T150000 003000 Hardening Open Source Development- <p>As authors it is our responsibility to build secure software and give each other the chance to verify and monitor our work. Various flaws in development toolchains that allow code execution just by viewing or working in malicious repositories question the integrity of development environments and as such our projects as a whole.</p> <p>This talk will discuss practical solutions for both technical and social challenges of collaboration.</p> PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9249.html Saal Dijkstra gronke PUBLISH 9250@34c3@pentabarf.org 9250 34c3-9250-the_making_of_a_chip The making of a chip English en 20171228T210000 20171228T220000 010000 The making of a chip- You are surrounded by ICs. Yet you probably don't know much about how such a chip is made. This talk is an introduction to the world of chip fabrication from photolithography over ion implantation to vapor deposition of the connections PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9250.html Saal Clarke Ari PUBLISH 9253@34c3@pentabarf.org 9253 34c3-9253-inside_afd Inside AfD German de 20171229T183000 20171229T203000 020000 Inside AfD- Herbst 2017. Irgendwo in Deutschland. Die führenden Köpfe der AfD träumen von der parlamentarischen Machtübernahme und dem schleichenden Sieg im Kampf um die Deutungshoheit von Begrifflichkeiten. Doch dann kommt alles ganz anders. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9253.html Saal Clarke Felix Höfner Lucia Marek Janosch Slim PUBLISH 9256@34c3@pentabarf.org 9256 34c3-9256-lightning_talks_day_2 Lightning Talks Day 2 English en 20171228T113000 20171228T133000 020000 Lightning Talks Day 2- Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick! PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9256.html Saal Borg gedsic bigalex PUBLISH 9257@34c3@pentabarf.org 9257 34c3-9257-lightning_talks_day_3 Lightning Talks Day 3 English en 20171229T113000 20171229T133000 020000 Lightning Talks Day 3- Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick! PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9257.html Saal Borg gedsic bigalex PUBLISH 9258@34c3@pentabarf.org 9258 34c3-9258-lightning_talks_day_4 Lightning Talks Day 4 English en 20171230T113000 20171230T133000 020000 Lightning Talks Day 4- Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick! PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9258.html Saal Borg gedsic bigalex PUBLISH 9262@34c3@pentabarf.org 9262 34c3-9262-jahresruckblick_des_ccc_2017 Jahresrückblick des CCC 2017 tuwat German de 20171228T151500 20171228T174500 023000 Jahresrückblick des CCC 2017- tuwat Staatstrojaner, Vorratsdaten, automatisierte Biometriesammlungen, PC-Wahl – wir geben einen Überblick über die Themen, die den Chaos Computer Club 2017 beschäftigt haben. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9262.html Saal Adams frank Constanze Kurz nexus Linus Neumann PUBLISH 9268@34c3@pentabarf.org 9268 34c3-9268-social_bots_fake_news_und_filterblasen Social Bots, Fake News und Filterblasen Therapiestunde mit einem Datenjournalisten und vielen bunten Visualisierungen German de 20171228T113000 20171228T123000 010000 Social Bots, Fake News und Filterblasen- Therapiestunde mit einem Datenjournalisten und vielen bunten Visualisierungen „Angriff der Meinungsroboter“ und „Gefangen in der Filterblase“ titelten die deutschen Medien. Doch was ist wirklich daran? PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9268.html Saal Clarke Michael Kreil PUBLISH 9270@34c3@pentabarf.org 9270 34c3-9270-dude_you_broke_the_future Dude, you broke the Future! English en 20171227T113000 20171227T123000 010000 Dude, you broke the Future!- We're living in yesterday's future, and it's nothing like the speculations of our authors and film/TV producers. As a working science fiction novelist, I take a professional interest in how we get predictions about the future wrong, and why, so that I can avoid repeating the same mistakes. Science fiction is written by people embedded within a society with expectations and political assumptions that bias us towards looking at the shiny surface of new technologies rather than asking how human beings will use them, and to taking narratives of progress at face value rather than asking what hidden agenda they serve. In this talk, author Charles Stross will give a rambling, discursive, and angry tour of what went wrong with the 21st century, why we didn't see it coming, where we can expect it to go next, and a few suggestions for what to do about it if we don't like it. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9270.html Saal Adams Charles Stross PUBLISH 9271@34c3@pentabarf.org 9271 34c3-9271-lobby-schlacht_um_die_eprivacy-verordnung Lobby-Schlacht um die ePrivacy-Verordnung Die EU hat die Wahl: Schutz von Menschen oder von Geschäftsmodellen? German de 20171227T113000 20171227T123000 010000 Lobby-Schlacht um die ePrivacy-Verordnung- Die EU hat die Wahl: Schutz von Menschen oder von Geschäftsmodellen? In der EU wird gerade über eine Verordnung verhandelt, die für die Vertraulichkeit der elektronischen Kommunikation verbindliche und zeitgemäße Regeln schaffen soll. Diese „ePrivacy-Verordnung“ könnte in absehbarer Zeit die letzte Möglichkeit sein, dem informationellen Kontrollverlust EU-weit politisch etwas entgegenzusetzen. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9271.html Saal Clarke Ingo Dachwitz PUBLISH 9273@34c3@pentabarf.org 9273 34c3-9273-kracking_wpa2_by_forcing_nonce_reuse KRACKing WPA2 by Forcing Nonce Reuse English en 20171227T233000 20171228T003000 010000 KRACKing WPA2 by Forcing Nonce Reuse- We introduce key reinstallation attacks (KRACKs). These attacks abuse features of a protocol to reinstall an already in-use key, thereby resetting nonces and/or replay counters associated to this key. We show that our novel attack technique breaks several handshakes that are used in a WPA2-protected network. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9273.html Saal Adams Mathy Vanhoef PUBLISH 9275@34c3@pentabarf.org 9275 34c3-9275-afro_tech Afro TECH Afrofuturism, Telling tales of speculative futures English en 20171228T203000 20171228T210000 003000 Afro TECH- Afrofuturism, Telling tales of speculative futures Inke Arns will present speculative projections of the future and current developments in the field of digital technologies by artists and inventors from different countries in Africa, the African diaspora and many other actors in the USA and Europe. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9275.html Saal Dijkstra Inke Arns PUBLISH 9276@34c3@pentabarf.org 9276 34c3-9276-forensic_architecture Forensic Architecture Forensic Architecture is an independent research agency that undertakes historical and theoretical examinations of the history and present in articulating notions of public truth. English en 20171227T113000 20171227T123000 010000 Forensic Architecture- Forensic Architecture is an independent research agency that undertakes historical and theoretical examinations of the history and present in articulating notions of public truth. In recent years, the group Forensic Architecture began using novel research methods to undertake a series of investigations into human rights abuses. The group uses architecture as an optical device to investigate armed conflicts and environmental destruction, as well as to cross-reference a variety of evidence sources, such as new media, remote sensing, material analysis, witness testimony, and crowd-sourcing. In this talk, Eyal Weizman provides, for the first time, an in-depth introduction to the history, practice, assumptions, potentials, and double binds of this practice. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9276.html Saal Dijkstra Eyal Weizman PUBLISH 9278@34c3@pentabarf.org 9278 34c3-9278-ecstasy_10x_yellow_twitter_120mg_mdma Ecstasy 10x yellow Twitter 120mg Mdma Shipped from Germany for 0.1412554 Bitcoins English en 20171227T203000 20171227T210000 003000 Ecstasy 10x yellow Twitter 120mg Mdma- Shipped from Germany for 0.1412554 Bitcoins Artists !Mediengruppe Bitnik talk about recent works around bots and the online ecosystems that has been forming around them. Through the lens of their recent works around algorithms and bots, !Mediengruppe Bitnik offer a look into some of the technologies shaping our day-to-day. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9278.html Saal Dijkstra !Mediengruppe Bitnik !Mediengruppe Bitnik PUBLISH 9279@34c3@pentabarf.org 9279 34c3-9279-dprk_consumer_technology DPRK Consumer Technology Facts to fight lore English en 20171227T224500 20171227T231500 003000 DPRK Consumer Technology- Facts to fight lore The DPRK has largely succeeded at hiding its consumer technology. While versions of the desktop operating system, Red Star, have leaked, the mobile equivalent hasn't, and there remains little knowledge of the content available on the intranet. Let's fix that! PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9279.html Saal Adams Will Scott Gabe Edwards PUBLISH 9281@34c3@pentabarf.org 9281 34c3-9281-tracking_transience Tracking Transience English en 20171230T163000 20171230T173000 010000 Tracking Transience- Hasan Elahi is an interdisciplinary artist working with issues in surveillance, privacy, migration, citizenship, technology, and the challenges of borders. An erroneous tip called into law enforcement authorities in 2002 subjected Elahi to an intensive investigation by the FBI and after undergoing months of interrogations, he was finally cleared of suspicions. After this harrowing experience, Elahi conceived “Tracking Transience” and opened just about every aspect of his life to the public. Predating the NSA’s PRISM surveillance program by half a decade, the project questions the consequences of living under constant surveillance and continuously generates databases of imag- ery that tracks the artist and his points of transit in real-time. Although initially created for his FBI agent, the public can also monitor the artist’s communication records, banking transactions, and transportation logs along with various intelligence and government agencies who have been confirmed visiting his website. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9281.html Saal Borg Hasan Elahi PUBLISH 9285@34c3@pentabarf.org 9285 34c3-9285-qualityland QualityLand Lesung German de 20171227T183000 20171227T193000 010000 QualityLand- Lesung Willkommen in QualityLand, in einer nicht allzu fernen Zukunft: Alles läuft rund - Arbeit, Freizeit und Beziehungen sind von Algorithmen optimiert. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9285.html Saal Adams Marc-Uwe Kling PUBLISH 9286@34c3@pentabarf.org 9286 34c3-9286-institutions_for_resolution_disputes institutions for Resolution Disputes Rosa Menkman investigates video compression, feedback, and glitches English en 20171230T134500 20171230T141500 003000 institutions for Resolution Disputes- Rosa Menkman investigates video compression, feedback, and glitches The institutions of Resolution Disputes [iRD] call attention to media resolutions. While a ’resolution’ generally simply refers to a standard (measurement) embedded in the technological domain, the iRD reflect on the fact that a resolution is indeed a settlement (solution), but at the same time a space of compromise between different actors (objects, materialities and protocols) who dispute their stakes (framerate, number of pixels etc.) within the growing digital territories. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9286.html Saal Clarke Rosa Menkman PUBLISH 9287@34c3@pentabarf.org 9287 34c3-9287-trugerische_sicherheit Trügerische Sicherheit Wie die Überwachung unsere Sicherheit gefährdet German de 20171228T210000 20171228T220000 010000 Trügerische Sicherheit- Wie die Überwachung unsere Sicherheit gefährdet Wie steht es um die Sicherheitsversprechen, die mit dem Einsatz von neuen Überwachungsinstrumenten abgegeben werden? Welche Unterminierung der Sicherheit kann durch Überwachung eigentlich entstehen? PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9287.html Saal Borg Peter Schaar PUBLISH 9288@34c3@pentabarf.org 9288 34c3-9288-deconstructing_a_socialist_lawnmower Deconstructing a Socialist Lawnmower Obsolete Technologies + Critical Material Studies in Media Art English en 20171229T233000 20171230T003000 010000 Deconstructing a Socialist Lawnmower- Obsolete Technologies + Critical Material Studies in Media Art Darsha Hewitt is a Canadian artist working in new media and sound. She is known for her examinations of communication technology in the domestic sphere and her use of DIY aesthetics and practices as an artistic method. She makes electromechanical sound installations, drawings, audio-visual works, how-to videos and experimental performances with handmade electronics. Through deconstruction and experimentation with failed and obsolete technology, her work demystifies hidden systems within machines as a way to trace-out structures of economy, power and control embedded throughout capitalist culture. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9288.html Saal Dijkstra Darsha Hewitt PUBLISH 9289@34c3@pentabarf.org 9289 34c3-9289-die_lauschprogramme_der_geheimdienste Die Lauschprogramme der Geheimdienste German de 20171227T163000 20171227T173000 010000 Die Lauschprogramme der Geheimdienste- Der NSA-BND-Untersuchungsausschuss des Deutschen Bundestags ist zu Ende. Da bietet es sich an, nun auf die gesammelten Geheimdienstskandale und die Reaktionen auf die Enthüllungen zurückzublicken. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9289.html Saal Adams Hans-Christian Ströbele Constanze Kurz PUBLISH 9290@34c3@pentabarf.org 9290 34c3-9290-visceral_systems Visceral Systems Approaches to working with sound and network data transmissions as a sculptural medium. English en 20171228T113000 20171228T120000 003000 Visceral Systems- Approaches to working with sound and network data transmissions as a sculptural medium. This talk considers the visceral relationship one can have towards intangible media, notably sound and network data transmissions. Sarah presents a selection of her work demonstrating these synesthetic relationships, ranging from experiments in bio and fiber arts to interface design and educational tools for demystifying computer networking technology. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9290.html Saal Dijkstra Sarah Grant PUBLISH 9291@34c3@pentabarf.org 9291 34c3-9291-regulating_autonomous_weapons Regulating Autonomous Weapons The time travelling android isn’t even our biggest problem English en 20171229T134500 20171229T141500 003000 Regulating Autonomous Weapons- The time travelling android isn’t even our biggest problem Depending on the definition, autonomous weapon systems do not and might never exist, so why should we care about killer robots? It is the decline of human control as an ongoing trend in military systems and the incapacity of computing systems to „understand“ human beings and the nature of war that is worrisome. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9291.html Saal Adams Anja Dahlmann PUBLISH 9292@34c3@pentabarf.org 9292 34c3-9292-eroffnung_tuwat Eröffnung: tuwat German de 20171227T110000 20171227T113000 003000 Eröffnung: tuwat- Daß sich mit Kleinkomputern trotzalledem sinnvolle Sachen machen lassen, die keine zentralisierten Großorganisationen erfordern, glauben wir. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9292.html Saal Adams Tim Pritlove PUBLISH 9293@34c3@pentabarf.org 9293 34c3-9293-abschluss Abschluss #tuwat German de 20171230T173000 20171230T181500 004500 Abschluss- #tuwat DE: Damit wir als Komputerfrieks nicht länger unkoordiniert vor uns hinwuseln, tun wir wat und treffen uns! PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9293.html Saal Adams sva PUBLISH 9295@34c3@pentabarf.org 9295 34c3-9295-privacy_shield_-_lipstick_on_a_pig Privacy Shield - Lipstick on a Pig? English en 20171230T143000 20171230T150000 003000 Privacy Shield - Lipstick on a Pig?- In 2015 the Court of Justice of the European Union (CJEU) has overturned the EU-US data sharing system called „Safe Harbor“ over US mass surveillance, as disclosed by Edward Snowden. Only months later the European Commission agreed with the US government to replace it with the so-called “Privacy Shield”, despite the existence of PRISM and Upstream surveillance. Why the new deal is nothing but the old “Safe Harbor”, what we can learn for the documents exchanged between the EU and the US and why it will very likely be overturned as soon as it reached the CJEU again. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9295.html Saal Borg Max Schrems PUBLISH 9296@34c3@pentabarf.org 9296 34c3-9296-why_do_we_anthropomorphize_computers Why Do We Anthropomorphize Computers?... ...and dehumanize ourselves in the process? English en 20171228T134500 20171228T141500 003000 Why Do We Anthropomorphize Computers?...- ...and dehumanize ourselves in the process? A talk on waiting for the technological rapture in the church of big data. The paralysing effect of hiding the human hand in software through anthropomorphising computers and dehumanising ourselves. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9296.html Saal Borg Marloes de Valk PUBLISH 9297@34c3@pentabarf.org 9297 34c3-9297-the_snowden_refugees_under_surveillance_in_hong_kong The Snowden Refugees under Surveillance in Hong Kong A Rapidly Emerging Police State and Imminent Deportation to Sri Lanka and Philippines English en 20171228T183000 20171228T193000 010000 The Snowden Refugees under Surveillance in Hong Kong- A Rapidly Emerging Police State and Imminent Deportation to Sri Lanka and Philippines The Snowden Refugees’ actions to protect the world’s most significant whistle blower of the 21st Century, amounts to an expression of Political Opinion. Since September 2016, the Snowden Refugees have been systematically targeted and persecuted by the Hong Kong government based on that political opinion. PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9297.html Saal Borg Robert Tibbo Edward Snowden PUBLISH 9298@34c3@pentabarf.org 9298 34c3-9298-hacker_jeopardy_stream Hacker Jeopardy Stream Zahlenraten für Geeks (Stream) German de 20171229T004500 20171229T024500 020000 Hacker Jeopardy Stream- Zahlenraten für Geeks (Stream) The Hacker Jeopardy is a quiz show. -- Stream PUBLIC CONFIRMED Lecture https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9298.html Saal Borg