PLAY PODCASTS
Chaos Computer Club - archive feed

Chaos Computer Club - archive feed

14,494 episodes — Page 39 of 290

Unlocked: PICing a wireless door access system (37c3)

Mainframe, Oldenburg's Hackerspace, needed a wireless door lock solution. We do not trust vendors advertising promises about the device security and had a closer look. Attend this talk for a presentation about an unusual variant of lock picking, which does not involve any wrenches, hooks or half-diamond picks. Instead the used tools are a software defined radio, PIC programmer and some self-developed software to gain access without using the original key remote control. If you had fun watching the [Hörmann BiSecur talk at 34C3](https://media.ccc.de/v/34c3-9029-uncovering_vulnerabilities_in_hoermann_bisecur), this talk is for you! If you haven't watched it, it is highly recommended to catch up on it before attending this talk. While it is about a different product from a different vendor, there are many parallels and it can be seen as a sequel talk. The plan for this talk is to first have a look at the radio signals from the door lock using a SDR. After making sense of the used message protocol, the hardware is analyzed to understand how it works and how to get access to the used micro-controllers (PIC18LF45K80 & PIC16LF1829). In the next step, the firmware from the read-protected PIC microcontroller is extracted by extending the existing PIC attacks. Last but not least the results will be demonstrated. about this event: https://events.ccc.de/congress/2023/hub/event/unlocked_picing_a_wireless_door_access_system/

Dec 29, 202338 min

How to build a submarine and survive (37c3)

3,4 Tonnen schwer, 4,3 Meter lang, Material: Stahl, Farbe: Orange und der Fahrzeugtyp ist „Sporttauchboot”. Vom Fund eines Drucktanks bis zum ersten Tauchgang auf den Grund eines Tagebausees – wir erzählen von unseren größten Herausforderungen sowie Fehlschlägen. Wir laden euch ein zu einem technischen Beratungsgespräch für alle, die schonmal mit dem Gedanken gespielt haben, ein U-Boot zu bauen. Die einzelnen Systeme eines U-Boots sind nicht kompliziert. Aber die Schwierigkeit liegt in der Summe der Einzelsysteme, die auf engem Raum im Zusammenspiel sicher funktionieren müssen. Der Fokus des Vortrags liegt neben unserer kurzweiligen Geschichte auf den technischen Schwierigkeiten, zu denen sich in der Literatur wenig findet oder wegen derer es nicht gleich auf Anhieb funktioniert hat. Damit ihr, falls ihr ähnliches plant, einen besseren Start habt und von unseren Fehlern profitieren könnt. Was gibt es bei der Wahl eines geeigneten Drucktanks zu beachten? Wie lässt sich eine wasserdichte Luke konstruieren? Drahtlose Unterwasserkommunikation mittels Ultraschall? Wie bauen wir Redundanz in die Systeme ein? Wie werden wir das CO2 los, um nicht zu ersticken? Warum sind auf einmal Risse in den Scheiben? Was tun, wenn nichts mehr geht? Und was, wenn dann auch noch die Polizei kommt? In dem Vortrag geht es nicht um Probleme anderer kaputter U-Boote. Wir werden das Titan-Desaster mit maximal einer Folie behandeln. Mit Fotos von Selene Magnolia about this event: https://events.ccc.de/congress/2023/hub/event/how_to_build_a_submarine_and_survive/

Dec 29, 202359 min

Reconstructing game footage from a Game Boy's memory bus (37c3)

How do you capture a video from an 1989's Game Boy without modding the original hardware? With an adapter cartridge that spies on the memory bus! Let's talk about how to reconstruct the Game Boy's memory state, emulate its graphics unit and then encode the image into an MJPEG stream for anyone to use as a USB video class device. In realtime. On an rp2040 microcontroller. The original goal of the open source project "GB Interceptor" was to capture gameplay for one specific game: Tetris. In order to live stream a Tetris tournaments from the contestant's personal Game Boys, the idea was to create an adapter that goes between the Game Boy and the game module to analyze the communication on the memory bus and reconstruct the game state. It turns out that it is actually possible to reconstruct the entire memory state of almost any game and in fact create an rp2040-based adapter that acts as a USB video class device offering the on-screen game footage in realtime. Players can simply put this adapter into their Game Boy and use it like a webcam without additional drivers or knowledge. An essential aspect of this concept is that the Game Boy basically runs all of its code directly from the ROM module, which makes it possible to directly follow the program counter of its 8bit CPU regardless of how the code branches. An image can then be recreated by emulating the graphics unit (PPU). However, there are many edge cases like interrupts, data from registers that are not visible on the bus, the link cable, DMA operations, synchronization of CPU and PPU, game bugs and even bugs in the Game Boy hardware itself. In this talk I will show how all this is done just on an rp2040 with spare cycles to encode everything as a 60fps MJPEG stream. I will shine a light on the edge cases - those that were solved and those that might just be unsolvable with this approach. And I will take you on a sightseeing tour through the 8bit hell that drives our iconic handheld from 1989. about this event: https://events.ccc.de/congress/2023/hub/event/reconstructing_game_footage_from_a_game_boy_s_memory_bus/

Dec 29, 20231h 1m

Die Wissenschaft vom Whisky (fireshonks)

Mit einem Glas in der Hand durch die Chemie und Physik eines überraschend komplizierten Getränks Whisky ist ein scheinbar einfaches Getränk: Wasser, Hefe, Gerstenmalz und dann drei Jahre ins Eichenfass. Doch bei genauerem Hinsehen bleiben viele Fragen offen. Warum muss man Scotch Whisky in einer Destille aus Kupfer herstellen? Weshalb werden die Fässer ausgebrannt? Und warum schmeckt mancher Whisky nach Lagerfeuer, andere aber nach Krankenhaus? Hinter all dem stecken oft überraschende chemische und physikalische Prozesse, die auch heute noch Rätsel aufgeben. about this event: https://events.ccc.de/congress/2023/hub/event/die-wissenschaft-vom-whisky/

Dec 29, 20231h 1m

Gemeinsam gegen rechten Terror! Aber wie? (37c3)

Die zwölf Jahre seit der Selbstenttarnung des NSU haben gezeigt, dass auf den Staat bei der Aufklärung und Aufarbeitung von rechtem Terror kein Verlass ist. Deshalb haben Betroffene von rechter Gewalt, Antifaschist\*innen und Zivilgesellschaft diese Aufgabe wieder und wieder selbst in die Hand genommen. Die daraus gewonnenen Analysen, die Aufklärung und die entstandenen solidarischen Netzwerke sind vielfältiger, als sich viele am Anfang vorgestellt haben. Doch wir wollen fragen: Was können nächste Schritte sein? Wie können wir rechten Terror verhindern? Das bundesweite antifaschistische Bündnis NSU-Watch hat im Sommer 2023 sein Buch „Aufklären und Einmischen. Der NSU-Komplex und der Münchener Prozess“ in der erweiterten Neuauflage herausgebracht. Es gibt einen Überblick über die bisherige Aufarbeitung des NSU-Komplexes. Auf dieser Grundlage wollen Vortrag und Lesung fragen: Was können nächste Schritte sein? Wie können wir rechten Terror verhindern? Die Antworten sind vielfältig und warten teilweise noch darauf, entdeckt zu werden. Und trotzdem bleibt die Gefahr rechten Terrors hoch, auch weil auf staatlicher, behördlicher und gesellschaftlicher Seite Konsequenzen noch ausstehen. Doch wir wissen bereits jetzt genug, um rechtem Terror aktiv entgegenzuwirken. about this event: https://events.ccc.de/congress/2023/hub/event/gemeinsam_gegen_rechten_terror_aber_wie/

Dec 29, 20231h 1m

On Digitalisation, Sustainability & Climate Justice (37c3)

The aim of this talk is to critically analyse the use of digital technology in the current context of global ecological injustice and the collapse of ecosystems. But how can we strive for and promote a sustainable, just and democratic digital future? The challenges are huge and include the digital world's hunger for energy as well as the exploitative global practices of tech companies or the discussion of the current AI sustainability hype. But which digital tools make sense, which do not and how can we achieve global social emancipation from self-destructive structures and towards ecological sustainability and a and a just world? about this event: https://events.ccc.de/congress/2023/hub/event/on_digitalisation_sustainability_climate_justice/

Dec 29, 20231h 0m

Erklär ma: (37c3)

Von Simone Herpich (Balkonsolar eV) und Dr. Juliane Borchert (Fraunhofer Institut für Solare Energiesysteme) lasse ich mir alles (so viel wie geht) über Solarenergie erzählen. about this event: https://events.ccc.de/congress/2023/hub/event/erklr-ma-solarenergie/

Dec 29, 20231h 25m

DevOps but for artworks in museums (37c3)

In the original Hacker Ethics, Steven Levy stated that "you can create art and beauty on a computer". That was 40 years ago, creating art and beauty is one thing, but how do you maintain or develop it as a gallery, archive or museum? You know all about CI/CD and deploying to "the cloud"? Well, let me show you how to deploy to a museum or art space. Important note: this talk is not about NFTs. The preservation and presentation of software/computer-based art in museums presents unique challenges in the contemporary landscape. One prominent issue is the ephemeral nature of digital media, which includes websites, games, software and virtual reality art. Unlike traditional art forms, these works often rely on rapidly evolving technologies, making them vulnerable to obsolescence. Museums are faced with the task of preserving and restoring media art in a way that not only preserves the original intent of the artist, but also ensures accessibility for future audiences. Another significant challenge is the dynamic and interactive nature of many media artworks. Unlike static paintings or sculptures, digital artworks often require specific hardware, software or immersive environments to be experienced. Museums need to invest in both the technological infrastructure and the expertise to recreate these conditions and provide visitors with an authentic encounter with the artwork. In this talk we want to look at some solutions from the perspective of software developers who are motivated not only to preserve and present digital media art, but also to develop it with contemporary software development strategies. about this event: https://events.ccc.de/congress/2023/hub/event/devops_but_for_artworks_in_museums/

Dec 29, 20231h 1m

Chatkontrolle - Es ist noch nicht vorbei! (37c3)

In diesem Vortrag wollen wir auf die letzten knapp drei Jahre Kampf gegen die Chatkontrolle zurückblicken. Ein Kampf, der genauso droht zu einem Wiedergänger zu werden wie die Vorratsdatenspeicherung. Wir waren auf eine harte Auseinandersetzung um Überwachung und sichere Kommunikation vorbereitet. Als Patrick 2020 angefangen, hat uns vor dem, was da kommt, zu warnen, haben wir nicht erwartet, dass es sich zu einer Tragödie entwickeln würde, in der es nicht um Kinderschutz oder Überwachung geht. Sondern um eine Kommission, der jedes Mittel recht ist. Und Korruption und Lobbyskandal. Über die Chatkontrolle wurde in den letzten zwei Jahren viel geredet – die problematischen Inhalte des Gesetzes kommen den meisten von uns wahrscheinlich zu den Ohren heraus. Aber letztlich geht es um nicht weniger als einen historischen Kampf um Ende-zu-Ende-Verschlüsselung. Auf dem Tisch liegt das Thema aber schon deutlich länger. Wir wollen zurückblicken auf die Ursprünge und Kernpunkte des Gesetzesvorschlags. Und dann zusammen mit dem Publikum noch einmal die unüberschaubaren Wege gehen, die die Arbeit an diesem Gesetzesentwurf genommen hat. Aus der Perspektive von Deutschlands oberstem Datenschützer (Ulrich Kelber), dem Abgeordneten des Europäischen Parlamanets (Patrick Breyer) und der digitalen Zivilgesellschaft (khaleesi) erzählen wir die bisherige Geschichte der Chatkontrolle. Wenn ihr dachtet, ihr hättet alles zur Chatkontrolle gehört, bereitet euch auf eine absurde Tragödie vor, die ihr Ende noch nicht gefunden hat. Trotz des Erfolgs im EU-Parlament haben wir noch lange nicht gewonnen. Denn alles hängt im und am Rat, dessen Position könnte im Trilog alles zunichte machen was wir hart erarbeitet haben. Und auch die Europawahlen stehen vor der Tür und damit kann sich nochmal alles ändern. Nicht fertige Gesetze werden in der EU in der nächste Legislaturperiode einfach weiterverhandelt. Um die Chatkontrolle endgültig zu stoppen, darf keine EU-Abgeordnete durch den Wahlkampf kommen, ohne sich klar zum Schutz von Verschlüsselung zu bekennen. about this event: https://events.ccc.de/congress/2023/hub/event/chatkontrolle_-_es_ist_noch_nicht_vorbei/

Dec 29, 202359 min

Writing secure software (37c3)

I have previously given talks about security principles and approaches like Least Privilege, TCB Minimization, and Self Sandboxing. The most frequent feedback has been "I don't know how to apply this in practice". So, in this talk, I will show how I applied those principles in a real-world software project: a CRUD web app. My blog. I introduced dangerous attack surface on purpose so I could some day give a talk about how to apply these techniques to reduce risk. This is that talk. I will also introduce the concept of append-only data storage. The end goal of this talk is to show how much more security you can achieve if you don't take an existing architecture and try to sprinkle security over it, but you make architectural decisions with security in mind. This is rarely done in practice because there is a fundamental disagreement between security and software engineering. Security is about limiting what can be done with the software, while software engineering is about not limiting what can be done with the software. My goal with this talk is to show what kind of security gains are possible architecturally. You, too, can sleep soundly at night. Even if the software is written in C. Even if you have bad ACLs or a buffer overflow in the software. about this event: https://events.ccc.de/congress/2023/hub/event/writing_secure_software/

Dec 29, 202346 min

Try Mental Health Care - zuhause (fireshonks)

Wir sollten uns alle mehr Zeit für Mental Health Care nehmen, also mehr für unsere psychische Gesundheit tun. Ich zeige Euch, mit welchen einfachen Schritten das auch zuhause geht... Und wie und wo Ihr professionelle Hilfe dabei findet, wenn Ihr sie braucht - und warum die klassischen Therapiemethoden bei neurodiversen Menschen oft nicht so gut funktionieren. Der erste Teil des Talks klärt, was Mental Health eigentlich ist, wer die braucht (Spoiler: wir alle) und wie sich mit Mental Health Care Resilienz aufbauen lässt. Wir müssen aber auch darüber sprechen, was dieses "Home" eigentlich ist - und ob Ihr das als wichtigsten Mental Health - Skill erkannt habt und nutzt. Ich stelle Euch einfache Skills für Zuhause und unterwegs vor, wie ich sie in der DBT kennen- und schätzen gelernt habe. Skills auch für Menschen ohne psychische Diagnosen - damit das auch so bleibt. Und im dritten Teil reden wir über die Situation, dass und wenn Ihr doch mal Unterstützung für die Psyche braucht: Wie und wo findet Ihr Unterstützung? Ambulante oder stationäre Therapie - oder ganz ungewöhnliche Art der Therapie (Wawuschel-Style)? Und warum brauchen neurodiverse Menschen andere, leider in unserem Gesundheitssystem nicht vertretene, Therapien? Schickt mir gerne vor dem Talk Eure Themen und Fragen zu Mental Health Care zuhause mit, damit ich die einbauen kann. :) about this event: https://events.ccc.de/congress/2023/hub/event/try-mental-health-care-zuhause/

Dec 29, 20231h 29m

Ecocide and (green) colonialism in Sápmi (37c3)

What is Sápmi? And who are the Sami people? Why is their land threatened by the so-called Green Transition? Why is Europe's largest data centre being built on their land? We would like to try to answer these questions and explain in detail why "our green transition" is a threat to the land and rights of the Sami people. We will also discuss the so-called green server infrastructure in Sápmi for example the largest data centre in Europe (by Facebook). We are from the Decolonise Sápmi info tour through Germany and not Sámi ourselves. Our talk is based on presentations given by Sámi people during our tour. Sápmi is located in northern Europe and refers to the land of the Sámi people. Over time it has been colonized by Sweden, Norway, Finland and Russia. As a result, the Sámi have been subjected to various forms of oppression and discrimination by these countries to this day. Sápmi and Sápmi’s colonial history are presented. Current forms of oppression are also addressed. An important role is played by “green capitalism,” a form of capitalism in which oppression is advanced under the guise of climate protection. Some examples include: Dams that disrupt reindeer migration routes and flood sacred Sámi sites, or wind turbines that are widely avoided by reindeer. Of course, the lectures will also address the problems that mines pose for the Sámi. A topic which was discussed lately with the discussion around the rare earths found in the so-called Sweden also here in Germany. Furthermore, the problems caused by the still occurring clear-cutting in the area of the Sámi and the resulting loss of biodiversity are explained. What resistance has there been in recent years against this capitalist destruction and (green) colonialism? What is the current situation in Sápmi and what does the future look like? about this event: https://events.ccc.de/congress/2023/hub/event/ecocide_and_green_colonialism_in_sapmi/

Dec 29, 202342 min

How Many Planets in Our Solar System? Glad You Asked! (37c3)

The Solar System has had 8 planets ever since Pluto was excluded in 2006. This has made a lot of people very angry and been widely regarded as a bad move. But did you know Neptune was discovered as the 12th planet? Or that, 80 years before Star Trek, astronomers seriously suspected a planet called Vulcan near the Sun? This talk will take you through centuries of struggling with the question: Do you even planet?! In antiquity, scientists counted the 7 classical planets: the Moon, Mercury, Venus, the Sun, Mars, Jupiter and Saturn – but their model of the universe was wrong. Two thousand years later, a new model was introduced. It was less wrong, and it brought the number of planets down to 6: Mercury, Venus, Earth, Mars, Jupiter, Saturn. Since then, it's been a roller coaster ride of planet discoveries and dismissals. In this talk, we stagger through the smoke and mirrors of scientific history. We meet old friends like Uranus and Neptune, forgotten lovers like Ceres, Psyche and Eros, fallen celebrities like Pluto, regicidal interlopers like Eris and Makemake as well as mysterious strangers like Vulcan, Planet X and Planet Nine. Find out how science has been tricked by its own vanity, been hampered by too little (or too much!) imagination, and how human drama can make a soap opera out of a question as simple as: How Many Planets in Our Solar System? about this event: https://events.ccc.de/congress/2023/hub/event/how_many_planets_in_our_solar_system_glad_you_asked/

Dec 29, 20231h 1m

Gut feelings: Can we optimize lifestyle, diet and medication according to our respective microbiota? (37c3)

Why do some people stay fit and healthy easier than others, even when following the same health advice? Why does the same medication work well in one person, but not in another? Some of our individuality in these regards may trace to which bacteria we carry in the soil of our intestinal gardens. In this talk, drawing on work by my own research lab at the Charité and on that by our collaborators and rivals elsewhere in the world, I outline what we know, what we speculate, and what obstacles remain in the way of widespread adoption of personalized health prevention through microbiome sequencing. Despite our best efforts of finding the perfect regimen of diet, exercise and medication to keep any person fit and healthy, outcomes for different people vary widely for all of these measures, even when we comply with them fully. Some of this traces to our individual genetics, which remains difficult to change, but another source of variation in responses may come from differences between our gut microbiomes. Human bodies are not sterile, and our skin, our mucosal surfaces and, in particular, our intestines are home to many more bacteria than there are human cells in our bodies, representing hundreds of different species in each person. These microbial ecosystems, or microbiomes, are found in all animals and have coevolved with their hosts. Therefore we rely on commensal ("friendly") bacteria for many functions, including breaking down nutrients, converting some medications into their active forms, producing certain crucial compounds for us from our diet, and helping our immune systems mature and remain tuned. The microbiota also contains temporary visitors and both transient and resident opportunistic pathogens, often kept in check by the immune system and by the commensals, but sometimes escaping such control to multiply and cause disease. Human gut microbiomes begin establishing at birth and evolve over a lifetime, but remain quite stable within each person throughout adulthood unless something serious like repeated antibiotic cures disrupt them. However, they can differ quite substantially between individuals as well as between populations, reflecting factors such as nutrition and environmental exposures. It has been proposed, and to a degree already demonstrated, that differences between individuals in which gut bacteria they harbour may underlie differences in their susceptibility to disease, their resilience to stressors, and their responses to environmental stimuli. Thus the variation in responses to the same lifestyle between different people may reflect their gut microbiomes. This would open up several venues of personalized medicine, lifestyle advice and nutrition. Choice of medications, diets or interventions could be selected according to a person's specific microbiome to be most effective. It might also be possible to potentiate such interventions by altering the gut microbiome in different ways, such as through antibiotics, probiotics, nutrition or through microbiome transplantation from another person. Alternately put, by adapting the microbiome to a lifestyle intervention, and/or adapting a lifestyle intervention to the microbiome, we may be able to optimize how a given person can seek and achieve fitness and health. In this talk, I will outline what we know on these topics so far, especially from studies using large-scale microbial (meta-)genome DNA sequencing. In this talk I will draw on work by my own lab at the Charité in Berlin, as well as that of our colleagues, rivals and collaborators elsewhere in the world. I will give examples of known gut microbial modulation of human responses to the external environment and introduce the most common strategies both for researching such effects and for their leverage as health-promoting tools. Where there are limits to our knowledge or obstacles to its practical application, I will identify those obstacles and suggest ways to overcome them. about this event: https://events.ccc.de/congress/2023/hub/event/gut_feelings_can_we_optimize_lifestyle_diet_and_medication_according_to_our_respective_microbiota/

Dec 29, 202341 min

Vierjahresrückblick des CCC (37c3)

Über die letzten vier Jahre sind in der Nautosphäre um den Chaos Computer Club, Deutschland, Europa und der Welt aufregende, irritierende, bemerkenswerte und empörenswerte Dinge passiert, bei deren Einordnung wir gerne helfend zur Seite stehen wollen. Von Berichten aus den Erfahrungsaustauschkreisen über die digitalen Hausbesuche bei den Luca-Apps dieser Welt, von kleinen und riesengroßen Hacker-Veranstaltungen zu den inzwischen schöne Tradition gewordenen Gutachten für unser Verfassungsgericht wollen wir in vielen kleinen Wortmeldung ein rundes Bild zu den Entwicklungen der letzten vier Jahre und einen Ausblick auf das Jahr 2024 geben. about this event: https://events.ccc.de/congress/2023/hub/event/vierjahresruckblick_des_ccc/

Dec 29, 20231h 55m

About Gamma-Ray Bursts And Boats (37c3)

In October 2022 a gamma-ray burst dubbed the 'Brightest Of All Times' smashed records. But what is that actually, a gamma-ray burst? How do we detect it? And why was the BOAT so special? Gamma-ray bursts are the biggest explosions in our Universe since the Big Bang: In just a few seconds, they release as much energy as the Sun will radiate over its entire lifetime. Even though they occur in far-away galaxies, their emission dominates the high-energy astrophysical sky during their seconds-long duration. They come from the cataclysmic deaths of very massive stars or the mergers of two compact objects such as neutron stars and black holes. In both cases the energy is concentrated in an astrophysical jet moving at approximately the speed of light. In October 2022, a once-in-a-lifetime gamma-ray burst smashed records and was dubbed the ‘Brightest of All Time,’ or the BOAT. In fact, it was so bright that it oversaturated the most sensitive gamma-ray burst monitors, posing a challenge for data reconstruction and analysis. But why was it so bright? And how long do we have to wait until the next one? Using the BOAT as an example, we will give an introduction about the fascinating phenomena called gamma-ray bursts. From their accidental discovery during the Cold War to our still surprisingly limited understanding of their nature. The talk will revisit the state-of-the-art of theoretical modelling/interpretations (how are jets launched? what produces the gamma rays?), as well as current detector techniques (how do we catch a gamma-ray photon on Earth or in space?). Naturally, we will also discuss what we really learn from prominent, outstanding events such as the BOAT -- and the questions that still give scientists headaches. about this event: https://events.ccc.de/congress/2023/hub/event/about_gamma-ray_bursts_and_boats/

Dec 29, 20231h 1m

ANIMAL()CITY (37c3)

Presentation/introduction to the ongoing 37C3 art exhibition groupshow with Joachim Blank, Eva Davidova, Meredith Drum, exonemo, Jonas Lund, Sahej Rahal, Ingeborg Wie by panke.gallery (Sakrowski). With ANIMAL()CITY we draw inspiration from the ghostly presence of foxes that roam the city at night – which nowadays is a common appearance in urban environments – evoking echoes of a pre-industrial era while at the same time drawing people’s attention to a layer of the city that completely eludes their perception in everyday life. In these moments we witness animals and plants forming their own realm and the city itself having its own life, acting like an entity, a ghost at times. Encounters with wild animals in the city make the parallel layers of the landscape momentarily tangible and remind us that we are part of these ‘non-human’ networks as well. On a darker note: urban wildlife not only echoes pre-industrial times but also projects an idea of what our cities will look like when all the people have disappeared due to the consequences of the climate catastrophe. However, the city may also be read analogous to the internet. Animals, humans and plants seldomly interact within the city, and while we might notice traces or encounter their phantoms we seem to live in parallel worlds. Similarly, online we are divided by platforms into threads and channels, living in multi-layered structures haunted by uncanny bots and AI agents. We believe that AR sculptures highlight an ethereal quality of the digital; they appear to transcend from the realm of immateriality into the physical space – the so-called spatial internet that overlays our cities. AR layers possess a magical quality in that they exist as objects whose influence on our world is – on a first step – contingent to our acceptance and perception of them as physical objects. ANIMAL()CITY is an aesthetic inquiry of the artists’ views on how AR may intercept different layers of perception and realities or completely superimpose them. The exhibition presents a collection of animals that transcend their natural forms and assume various "non-natural" shapes; from fantastical mythical creatures to archetypical animal sculpture adhering to classical composition to the most basic 3D animal assets, taken from game engine templates. These AR-animals introduce elements of imagination to their representation, inviting viewers to explore their own interpretations and engage with the artworks on different levels. about this event: https://events.ccc.de/congress/2023/hub/event/animal_city/

Dec 29, 202327 min

RFC 9420 or how to scale end-to-end encryption with Messaging Layer Security (37c3)

They call it RFC 9420, we say MLS: A new IETF standard for end-to-end encryption was published in July and brings large improvements in performance and security compared to existing protocols. We are here to present Messaging Layer Security, its ecosystem and its roadmap. The MLS protocol is already being used in production to end-to-end encrypt Webex conference calls and will soon provide encryption for Android messages and RCS 2.0 for billions of users. Other messaging tools (such as Discord, Matrix, Wire, etc.) are currently trialing MLS and are expected to follow. Why was the protocol developed in the first place? How does it work? What are the next steps for MLS? MLS improves upon existing protocols such as Signal in group messaging applications. We co-authored the protocol specification and will briefly talk about what motivated the creation of MLS, how it relates to other existing messaging protocols as well as its design process in general. As a group messaging protocol, the security guarantees provided by MLS go beyond authentication and confidentiality. We will go into detail on what security properties users can expect and take a look under the hood on how MLS works. While the MLS specification has only been published recently, more work is underway and an ecosystem is already forming around the standard. We’ll touch on topics like MLS implementations, metadata hiding, federation, and interoperability between messengers (also in the context of the new IETF MIMI working group [1]). And of course we’ll share insights into the future of Messaging Layer Security! [1] https://datatracker.ietf.org/group/mimi/about/ about this event: https://events.ccc.de/congress/2023/hub/event/rfc_9420_or_how_to_scale_end-to-end_encryption_with_messaging_layer_security/

Dec 29, 202340 min

Klänge coden: Eine Einführung in Supercollider (fireshonks)

Mit der Programmiersprache SuperCollider komponiere ich seit einigen Jahren elektronische Musik, Klangkunst und Sound Design. Dieser Talk ist eine kurze, praxisbezogene Einführung ins Klangbasteln mit Code. SuperCollider ist eine Programmiersprache mit einem eigenen Audioserver. Vom grundlegenden Sound Design über die Komposition, Effekte und Signalfluss wird alles über Code gesteuert. Zugleich kann SuperCollider mit anderen Systemen interagieren, zum Beispiel über MIDI, OpenSoundControl oder Arduino. In meinem Talk spreche ich über * Was ist SuperCollider und wofür ist es gut? * Die SC IDE: Aufbau und Hilfesystem; alternative Editoren * Grundlegende Syntax * Das "Hallo Welt"-Äquivalent von SuperCollider * Eine etwas komplexere Klangfunktion * SynthDefs: die Sound Design-"Blaupausen" in SuperCollider * Komposition mit Patterns * Tipps zum Einstieg und Lernen * Vorstellung einer kleinen Beispielkomposition about this event: https://events.ccc.de/congress/2023/hub/event/klnge-coden-eine-einfhrung-in-supercollider/

Dec 29, 20231h 35m

Finding Vulnerabilities in Internet-Connected Devices (37c3)

This introductory session will outline the process of hacking internet-connected devices, with the help of a real world example: Poly telephones and conference speaker systems. We will explain vulnerabilities we identified in them and how they can be leveraged to transform the devices into wiretaps. In this introductory session we will journey into the field of internet-connected device security. Our talk aims to empower beginners by simplifying the process of hacking such devices. We'll discuss vulnerabilities we uncovered in Poly telephones and conference speaker systems and describe how we effectively transformed a seemingly innocuous conference speaker into a fully functional wiretap. We'll begin with straightforward findings accessible to beginners and progress to more technical discoveries, so that people with no experience in the field can follow along, too. By the end of the talk, the attendees will have a foundational understanding of how they can approach hacking such a device and will have learned how the impact of vulnerabilities can be shown and increased by chaining them. All the vulnerabilities we discovered during our research have been responsibly disclosed to the vendor and will be published in December 2023. about this event: https://events.ccc.de/congress/2023/hub/event/finding_vulnerabilities_in_internet-connected_devices/

Dec 29, 202347 min

Social Engineering: Geschichte, Wirkung & Maßnahmen. (37c3)

In diesem Vortrag beschreibe ich die Geschichte und den Gegenstand des Social Engineerings über den Tech-Kontext hinaus und erkläre anhand relevanter Forschung, wie, warum und bei wem es wirkt. Die modernen technischen Herausforderungen werden ebenso erläutert wie Maßnahmen, die jetzt oder in der Zukunft gegen Social Engineering getroffen werden können – individuell oder in Gruppen bzw. Organisationen. Über verschiedene Epochen hinweg hat sich Social Engineering stets in der kriminellen Nutzung hervorgetan. Professionelle Hochstapler, Trickbetrüger und Agenten nutzten Social Engineering erfolgreich für kriminelle Unterfangen, Datensammlung oder einfach weil es Spaß machte. Doch Social Engineering ist eigentlich ein sehr alltägliches Phänomen. Jeder Mensch ist mindestens in seiner Kindheit ein geschickter Social Engineer. Manche machen es sich zum Beruf, sei es als Verkäufer oder Red-Teamer. Denn Social Engineering ist in seinem Kern die Kunst der Überzeugung anderer Personen. Die psychologische Forschung hat sich seit den 1970ern intensiv damit beschäftigt, wie andere Menschen sich überzeugen lassen und welche Methoden dafür geeignet sind. Die zentralen Modelle und Konzepte wie das ELM-Modell und verschiedene kognitive Verzerrungen (Biases) werden vorgestellt, es wird praktisch veranschaulicht, welche Rolle sie für Social Engineering spielen. Einige Mythen, die in Bezug auf Social Engineering im Umlauf sind, werden beschrieben und aufgeklärt, die ein oder anderen Fun Facts, die so vielleicht noch nicht allen bekannt sind, zur Sprache kommen. Im finalen Teil des Vortrags dreht sich alles um den größten Bereich von bösartigem Social Engineering, der heutzutage online stattfindet. Ich werde die grundlegenden Klassifizierungen von Social Engineering praktisch relevant anhand neuester Forschung erklären und Maßnahmen aufzeigen, die wirklich helfen - konträr zu dem, was einige Berater gerne verkaufen. about this event: https://events.ccc.de/congress/2023/hub/event/social_engineering_geschichte_wirkung_massnahmen/

Dec 29, 202356 min

Seeds of Change (37c3)

Let's explore how online communities of activists can help to bring about forms of radical collective change, through decolonial practices of social (un)learning. What enabling conditions need to be put in place? And what counts as "radical change" in the first place?! It's plain to see: modern societies need to undergo radical social, political, and cultural transformations if they are to truly evolve away from capitalist and neocolonial structures founded on egregious exploitation and injustice. In a context of widespread epistemic fragmentation and echo chambers, we urgently need to become better at harnessing the generative power of socio-technical networks to unite our forces as we compost the harmful ways of being, knowing, and doing that are at the root of our our planetary predicament. But we must do so critically, and not view technology as a miracle solution to anything. What could be the role of the internet, and of online communities in particular, in exploring how such deep changes might happen? And how may everyone's wisdom and skills come together in democratic and sophisticated social (un)learning systems, to figure out the way(s) forward? In this talk, we will discuss the results of a 5-year participatory action research program which considered this topic within two different online communities of activists. This project led the researchers to tackle the idea of radical collective change as involving a decolonial approach to collaboration, knowledge, and community-building, and to consider the enabling and disabling conditions - both social and technological - that may influence whether change happens... or not. In particular, this research highlighted the importance of enabling participants to engage on an equal footing and self-organise, while learning to "stay with the trouble" of confronting modern societies' fundamentally unsustainable and oppressive structures, and one's own implication in them. And it also showed some of the pitfalls that come with the use of digital communication tools, as we try to use them to create a better world. Three of the many insights I will substantiate and examine in the talk are: - that online communities have the potential to create deep changes in people when they are built in ways that foster deep relationships, criticality and conflict transformation, and emergent leadership; - that changing socio-political structures must go together with joyful, liberating practices that can help us unlearn harmful cultural patterns that get in the way; and - that perhaps we should be less interested in becoming experts, and rather find the courage and open hearts allowing us to be fearlessly and fiercely present to the world, with all its shit, its wonder, and its uncertainty. Feeling curious? Join us for a chat on how to change the world! about this event: https://events.ccc.de/congress/2023/hub/event/seeds_of_change/

Dec 29, 202343 min

AlekSIS - Das freie Schulinformationssystem (37c3-meta)

Digitalisierung in der Schule ist spannend, schwierig, und enorm umstritten. Insbesondere in der Verwaltung fehlt es an freien Tools. AlekSIS ist ein umfangreiches freies Schul-Informations-System, das organisatorische Prozesse digitalisieren kann. Wir möchten einen kurzen Einblick geben, was AlekSIS ist, was es kann, wo es aktuell eingesetzt wird und wie die aktuelle Entwicklung aussieht. Weitere Informationen zu AlekSIS auf https://aleksis.org about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/NGE7W8/

Dec 29, 20233 min

Brettspiele IRL: Scotland Yard (37c3-meta)

Scotland Yard ist ein Brettspiel bei dem es darum geht sich als Gruppe auf einem Stadtplan von London zu koordinieren um einen flüchtigen Mr X zu fassen. Wir haben dieses Konzept in die echte Welt übertragen und als Open Source Web-App für Karlsruhe umgesetzt. In diesem Lightning Talk tauchen wir in die aufregende Welt von Scotland Yard ein und zeigen, wie wir dieses fesselnde Spiel in die Realität übertragen haben. Inspiriert von den spannenden Jagden nach dem flüchtigen Mr X auf dem Londoner Stadtplan, haben wir eine Open-Source-Web-App entwickelt, die es den Spielern ermöglicht, sich in den Straßenbahnen von Karlsruhe zu koordinieren, um ihren eigenen "Mr X" zu finden. Wir erkunden die Herausforderungen und den Reiz, ein Brettspiel in die reale Welt zu übertragen. Von der Kartierung der Stadt bis hin zur Implementierung von Strategien und Mechaniken, die es den Teilnehmern ermöglichen, die Rolle von Ermittlern oder dem flüchtigen "X" zu übernehmen, beleuchten wir den gesamten Prozess der Umsetzung dieses aufregenden Konzepts. Wenn ihr Spaß an Hotfixes, weirden Bugs und deployment nach Spielstart habt, kommt gerne vorbei. about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/U8XGFL/

Dec 29, 20234 min

What is this? A machine learning model for ants? (37c3)

This talk will give a brief introduction of deep learning models and the energy they consume for training and inference. We then discuss what methods currently exist for handling their complexity, and how neural network parameter counts could grow by orders of magnitude, despite the end of Moore's law. Declared dead numerous times, the hype around deep learning is bigger than ever. With Large Language Models and Diffusion Models becoming a commodity, we ask the question of how bad their energy consumption *really* is, what we can do about it, and how it is possible to run cutting-edge language models on off-the-shelf GPUs. We will look at the various ways that people have come up with to rein in the hunger for resources of deep learning models, and why we still struggle to keep up with the demands of modern neural network model architectures. From low-bitwidth integer representation, through pruning of redundant connections and using a large network to teach a small one, all the way to quickly adapting existing models using low-rank adaptation. This talk aims to give the audience an estimation of the amount of energy modern machine learning models consume to allow for more informed decisions around their usage and regulations. In the second part, we discuss the most common techniques used for running modern architectures on commodity hardware, outside of data centers. Hopefully, deeper insights into these methods will help improve experimentation with and access to deep learning models. about this event: https://events.ccc.de/congress/2023/hub/event/what_is_this_a_machine_learning_model_for_ants/

Dec 29, 202340 min

Geplante Obsoleszenz und in einigen Fällen das einfache Vorgehen dagegen. (37c3-meta)

Viele Geräte für Zuhause gehen viel zu schnell kaputt. Wie mach ich diese wieder fit? Viele Geräte für Zuhause gehen viel zu schnell kaputt. Wie mach ich diese wieder fit? Bügeleisen, Soundbar (Bose!), Elektrogrills etc. haben zumindest ein eingbautes Teil das nach wenigen Jahren den kompletten Bebtrieb des Gerätes verhindert. Absolute Frechheit, gut dass sich der Entstörkondensator in Serie zum Netz für 2-3€ Materialkosten ersetzen lässt. Ein paar Fotos, woher Ersatzteile bekommen, welche, auf was achten? (Werte, Typen, Grösse.) Warum wird das so gemacht, kurze Erklärung dieses "Netzteil" Aufbaus von modernem Wahnsinn. about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/ZP7EEP/

Dec 29, 20234 min

Der Schlüsseltechnologie-Podcast (37c3-meta)

Computertechnik, von Grund auf erklärt Xyrill arbeitet in der Softwareentwicklung und hat sich auch beim Hacker-Jeopardy schon einen Namen gemacht. Jetzt möchte sein Co-Host ttimeless, seines Zeichens Tischlermeister, mal wissen, wie der ganze Computerkram eigentlich genau funktioniert. Und das schon seit mittlerweile 50 Folgen, von A wie algorithmische Komplexität bis Z wie Zeitdarstellung. Alle Folgen und den Link zum Podcast-Feed gibt es unter https://schlüsseltechnologie-podcast.de/ about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/EUNDLQ/

Dec 29, 20232 min

Single Source Publishing mit Markdown, Github, Mkdocs, Material und Pandoc (37c3-meta)

Das Open Source Projekt lernOS (lernos.org) verwendet für die Publikation von Lern-Leitfäden Markdown-Quellen, die über eine Produktionskette mit pandoc in eine Webseite sowie PDF- und E-Book-Versionen konvertiert wird. Der Lightning Talk stellt den Ansatz vor und zeigt einige Problemfelder. about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/LKH3RA/

Dec 29, 20235 min

Gläserne Geflüchtete (37c3)

Digitale Bezahlkarten, Migrationsvorhersage mit sogenannter KI, digitalisierte Grenzen zur Festung Europa und immer mehr davon. Ein Überblick, wie Digitalisierung jenseits des öffentlichen Aufschreis genutzt wird, um den Pull-Faktor Menschlichkeit zu drücken. In der Hackerethik steht: „Computer können dein Leben zum Besseren verändern." Aber viel zu oft werden sie für das Gegenteil genutzt. Vor allem im Bereich der digitalisierten Migrationskontrolle. Mit dabei: das Ausländerzentralregister, eines der größten automatisierten Register der öffentlichen Verwaltung; die Idee für digitale Bezahlkarten, die mehr Freiheitsbeschränkung sind als Zahlungsmittel; die üblichen Verdächtigen unter den BAMF-IT-Assistenzsystemen; Vorhersage-Systeme für Migrationsbewegungen; die digitale Festung Europa. Und ganz neu: das Schneller-Abschieben- und das Datenübermittlungsvorschriftenanpassungsgesetz. Die aktuelle Bundesregierung macht munter dabei mit, ihre digitalen Kontrollhelfer weiter auszuweiten. Und fast niemand schaut hin. about this event: https://events.ccc.de/congress/2023/hub/event/glaserne_gefluchtete/

Dec 29, 202359 min

Full AACSess: Exposing and exploiting AACSv2 UHD DRM for your viewing pleasure (37c3)

Following the failure and easy exploitation of the AACSv1 DRM on HD-DVD and Blu-ray, AACS-LA went back to the drawing board and announced the next generation AACSv2 DRM scheme, launching alongside 4K UHD Blu-ray in 2015. Since then, nearly no information has come out publicly about any vulnerabilities or even the algorithms themselves, owing in large part to software players requiring the use of Intel SGX secure enclave technology, which promises integrity and confidentiality of AACSv2 code and data through local and remote attestation mechanisms. Join us as we explore the broken history of AACS, describe practical side-channel attacks against SGX, and present the first look into the inner workings of AACSv2 DRM, culminating in a demonstration of the first full compromise of AACSv2 and unofficial playback of a UHD-BD disc. The Advanced Access Content System (AACS) is a DRM scheme used to safeguard audio and visual content, particularly in high-definition formats like HD-DVD and Blu-ray. First introduced in 2005 following the failure of the Content Scramble System (CSS) used in DVDs, AACS was designed to be not only secure against regular piracy, but included multiple features intended to restrict the impact of a potential leak of cryptographic material such as revocation lists and traitor-tracing. The concepts and algorithms of AACS were described in a publicly-released whitepaper, relying on strong cryptography and secrecy of keys to maintain security. Unsurprisingly, less than a year after publication, the first unlicensed decryption tool was demonstrated using keys reverse-engineered from a software player binary. While AACS-LA was quick to revoke those keys, a cat-and-mouse game emerged with new keys being regularly extracted from sources such as software updates and PS3 firmware. With AACS effectively broken and easily bypassed as described in Eckersley’s 24c3 presentation, AACS-LA would announce the introduction of AACSv2 for the next generation 4K UHD Blu-ray discs. This time, however, AACS-LA would not release the specifications of the DRM publicly, requiring strict NDAs for implementers and increased software/hardware security measures. Most notably, playback of legitimately purchased UHD-BDs on PC requires Cyberlink PowerDVD software running on Windows 10 and an SGX-capable 7th-10th generation Intel CPU. Since the DRM would run exclusively in the SGX secure enclave, no further information about its inner workings or vulnerabilities would be discovered publicly, until now. In this presentation, we explore the security system of AACSv2 DRM and the Intel SGX trusted execution environment. We first analyze the principles of SGX and its promises of an isolated environment, protected from all software running on the machine. We also investigate the use of SGX local and remote attestation primitives intended to verify the integrity and confidentiality of AACSv2 key material and DRM code, and why it has resisted outside analysis for so many years. We then discover how hardware side-channel attacks can be used to undermine these guarantees of SGX, and craft an effective exploit to extract cryptographic material from the enclave and defeat the DRM code obfuscation. Following that, we present the first public description of the inner workings of AACSv2, the key derivation process, and the updated revocation and traitor-tracing mechanisms. We studied BIOS updates from six motherboard vendors to show how SGX can be broken both easily and cheaply, and that vendors are now faced with a decision of security vs. usability in trusting unpatched machines. Finally, we conclude with the first demonstration of a UHD Blu-ray disc being decrypted and played back on a non-official platform. about this event: https://events.ccc.de/congress/2023/hub/event/full_aacsess_exposing_and_exploiting_aacsv2_uhd_drm_for_your_viewing_pleasure/

Dec 29, 202359 min

Projekt Link: Multimobilität für alle (37c3-meta)

Im Projekt Link möchten wir einen multimodalen Routenplaner entwickeln und die Verkehrswende aktiv mitgestalten. Im ländlichen Raum auf's Auto verzichten? Für viele angesichts teils dünner ÖPNV-Anbindung undenkbar. In der Folge fahren viele Pendler*innen im eigenen Fahrzeug in die Stadt, wo alle unter Lärm, Platzmangel, Stau und Emissionen leiden – dabei ist der nächste Bahnhof häufig gar nicht allzu weit entfernt. Im Projekt Link möchten wir einen modernen, freien und echt multimodalen Routenplaner entwickeln, der alle persönlichen Belange berücksichtigt. Dafür suchen wir Mitstreiter*innen! ### Mitmachen Das Projekt wird gerade im Rahmen des *Take-Off-Accelerator*-Programms der Hochschule für Technik und Wirtschaft des Saarlandes gefördert. Wenn Du mitgestalten möchtest, freue ich mich, von Dir zu hören: * Bis Tag 4 bin ich auf dem 37c3 anzutreffen. Ruf mich an unter **DECT [5671](tel:5671)**! * Du erreichst mich auch per E-Mail an [[email protected]](mailto:[email protected]) (möglicherweise werde ich erst nach dem Congress antworten). about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/HAS887/

Dec 29, 20234 min

Digitalsensible Bildung | Bridging the Nerdgap (37c3-meta)

Das Wissen über Open Source Tools, der Zugang zu datensensiblen Technologien und das Verständnis, warum das Datensammelverhalten des DB Navigators ein Problem ist, sind hauptsächlich einer sehr priveligierten Gruppe von Menschen vorbehalten. Das @all-Kollektiv hat es sich zur Aufgabe gemacht diesen Nerdgap zumindest ein bisschen zu schrumpfen und mehr Menschen an netzpolitischen Diskussionen teilhaben zu lassen. Wie, das erzählen wir euch in unserem Lightning Talk! Es ist faszinierend mitzuerleben, wie sich die FOSS-Bewegung den Techgiganten tagtäglich mit unglaublich viel Kreativität und tausend tollen Tools entgegenstellt, die unsere persönlichen Daten persönlich sein lassen und uns in immer mehr Bereichen Alternativen zu fancy durchdesignten Apps bieten, die oft mehr shiny sind als nice. Dennoch bleibt das Wissen über all die tollen Möglichkeiten zum Schutz der eigenen Daten und warum das überhaupt wichtig sein soll, häufig ein intellektuelles Privileg. Und auch Hardcore-Nerds überblicken doch meist nur ihr eigenes kleines Techno-Village und bekommen gar nicht mehr mit, dass Open Source, Fediverse und DDOS-Attacke vielen Menschen einfach gar nichts sagen. Wir, das @all-Kollektiv, finden, dass sich das dringend ändern muss. Es sollte netzpolitisch woken Nerds nicht egal sein, ob ihre Friends weiter ihre Adressbücher, Passwörter, Standortdaten und Nacktfotos mit iDrive teilen und in ihre GCloud laden. Datenschutz darf kein Privileg sein! about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/HBFXMP/

Dec 29, 20234 min

Vorstellung HW Hacking 101 Board (37c3-meta)

Kurze Vorstellung eines HW Hacking 101 Boards und Motivation Im Rahmen einer IT-Security Vorlesung (Vertiefung) an der DHBW in Mosbach kam die Idee ein kleines Hardware Hacking 101 inkl. Hardware und Challanges zu erstellen. Das Test-Board und Challanges sind so aufgebaut, das diese mit vorgelagerten Vorlesung und Übung an zwei 4-5h Blockveranstaltungen gelöst werden können. **Ziel:** Den Student:inen in der Angewandten Informatik Embedded Security und Design anhand von typischen HW- und SW-Designfails näher zu bringen. about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/HXYASN/

Dec 29, 20234 min

The Analog Thing: Der Arduino des Analogy Computings (37c3-meta)

We present THE ANALOG THING, an open source / open hardware project demonstrating how analog computers work. There is no processor in this board. Analog Computing is an unconventional computer architecture based on mathematical analogies. It shares aspects with quantum computing (nonalgorithmic, initial state preparation and measurement) but is way easier to grasp. 5mins of your time are sufficient. about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/WNNDEZ/

Dec 29, 20234 min

The Free Software Foundation Europe (37c3-meta)

Get an understanding of what the Free Software Foundation is and what we are doing to empower user to control technology Software is deeply involved in all aspects of our lives. Free Software gives everybody the rights to use, understand, adapt, and share software. These rights help support other fundamental rights like freedom of speech, freedom of press, and privacy. about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/ANWWN9/

Dec 29, 20234 min

Google Cloud’s insecure default configurations (37c3-meta)

When using Google Cloud, default configurations and policies are enabled by default that might lead to an increase in the attack surface. These configurations include, and not limited to, identity and access management (IAM) and network setup. about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/XM9MGR/

Dec 29, 20233 min

Bird Clock Opera/ w text from Days Of The Week (fireshonks)

The texts for this piece were originally written as part of a revision of the Homeric Hymn to Demeter; a revision which broadens the picture of Black women who are descendant of colonial enslavement. A dialogue based on the contrast of Artemis’ power and agency over her body compared to women who have been unsafe for generations. Women who carry these wounds as warnings and a call out for accountability. The underlying track called ‚Xercathalon’s Debut: A Bird Clock Opera, is a piece based on the sounds of childhood as remembered and incorporated into this collaborative soundscape. The question works such as these answer is a soft approach towards understanding the people that 37C3 wants to become more diverse towards. Diversity, equity and inclusion are more than catchy phrases. They don't happen overnight, but through art and literature there are greater options for briding understanding. Prism Obsidian Duo Obsidian is a visual artist and researcher in postcolonial theology, culture and education. She is taking a Black Quantum Afrofuturist approach towards tackling issues of racism, cultural appropriation, intersectionality and sustainable urban regeneration by drawing on an image of global Black cultures. Prism is a musician and visual artist specialising in rainbowgoth sound design and crafting analog double exposure captures. She is based in Berlin and responds to the inspiration of memory, saturation, and the dreamworld. about this event: https://events.ccc.de/congress/2023/hub/event/bird-clock-opera-w-text-from-days-of-the-week/

Dec 29, 20231h 36m

Browsers biggest TLS mistake (37c3-meta)

Chrome and Firefox's TLS certificate verification have a weird hack, and it might be a long term mistake, this talk quickly goes over the quirk, and provides data on how many people it impacts about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/XGML8T/

Dec 29, 20235 min

Universities, Step into the Fediverse! Reclaiming Digital Sovereignty (37c3-meta)

Universities can be important creators of digital public spaces and use, design and provide public-interest network structures such as the Fediverse. In line with its FLOSS tradition, the University of Innsbruck focuses on the Fediverse and has established an instance on university servers. Alongside insights into the process, motivation and networking is the aim of this Lightning Talk. Universities, join the Fediverse! The disaster with Twitter highlighted the risks of relying on commercial platforms for central communication channels. This isn't new, but it sharply illustrates the issues with much of social media's structure. Universities can significantly contribute to establishing the Fediverse as a decentralized, non-commercial, privacy-conscious network. Using the example of the University of Innsbruck, the talk will show how a trio from different departments, science communication, data protection and IT, set up a Fediverse instance for institutional science communication on Mastodon on university servers. This Lightning Talk aims to inform and showcase how one university successfully engaged with the Fediverse, serving as a call to action for other universities to join in seizing the opportunity to improve online communication structures. Melanie Bartos, Hansjörg Pehofer, Matthias Weiler about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/UXKQBQ/

Dec 29, 20234 min

Darf's noch etwas visionärer sein? (37c3)

Supereffiziente digitale Technik als Lösung aller Probleme oder doch lieber die selbstgebaute ressourcensparsame Low-Tech-Variante? Die Zukunftsvorstellungen, die den Einsatz digitaler Technik und ökologische Fragen zusammendenken, sind in der deutschen Diskurslandschaft nicht gerade üppig gesät. Im Vortrag werden die Ergebnisse einer Kurzstudie präsentiert, bei der wir die Zukunftsvorstellungen digital-ökologischer Transformation bei gesellschaftspolitischen Akteuren gesucht, analysiert und zu Visionskategorien zusammengefasst haben. Der Vortrag bietet einen Einblick in die Ergebnisse einer erstmaligen systematischen Untersuchung der im deutschsprachigen Diskurs präsenten Visionen zur digital-ökologischen Transformation und setzt diese in einer Landschaft an Vorstellungen von Transformation, Nachhaltigkeit und Technikgestaltung zueinander in Beziehung. Bei der Recherche wurden zivilgesellschaftliche, staatliche, wissenschaftliche und wirtschaftliche Akteure berücksichtigt. Das Ergebnis sind sechs verschiedene Typen an Visionskategorien: „Dematerialisierung", „Digital-ökologische Modernisierung", „Leitplanken einer zukunftsfähigen Digitalpolitik", „Digital-ökologischer TÜV", „Digitale Suffizienz" und „Low-Tech" bilden die Landschaft der Visionen digital-ökologischer Transformation im deutschsprachigen Raum. Die Vorstellung, dass digitale Technik durch Effizienzsteigerungen zu einer Entkopplung von Wirtschaftswachstum und Ressourcenverbrauch beiträgt, kann unter dem Begriff „Dematerialisierung” gefasst werden. „Digital-ökologische Modernisierung” bezeichnet einen eher technokratischen Ansatz, in dem die ökologischen Kosten der Digitalisierung durch Sparsamkeit, Recycling und vor allem den flächendeckenden Einsatz von erneuerbaren Energien zu bewältigen sind. Vertreter\*innen des Visionstyps „Leitplanken einer zukunftsfähigen Digitalpolitik” geben statt einer scharf formulierten Vision eher Leitplanken für die zukünftige Gestaltung der Digitalisierung im Rahmen ökologischer Grenzen vor. Die Kategorie „Digital-ökologischer TÜV” beschreibt Ansätze, die eine Bewertung des Verhältnisses von Ökologie und digitaler Technik von einer fortlaufenden Überprüfung des Einsatzes digitaler Technik abhängig machen. Bei „Digitaler Suffizienz” wird das Konzept der Suffizienz auf den Bereich Digitalisierung übertragen und orientiert sich an dem Motto „so viel Digitalisierung wie nötig, so wenig wie möglich“. Zuletzt kann die Idee der Abkehr vom linearen Fortschrittsdenken und von damit einhergehenden ressourcenintensiven High-Tech-Infrastrukturen als „Low-Tech”-Vision bezeichnet werden. Im Vortrag wird das Verhältnis der einzelnen Kategorien zueinander anhand von verschiedenen Dimensionen, wie ihr zugrundeliegendes Transformationsverständnis oder die Radikalität der beschriebenen Veränderungen, dargestellt sowie deren politische Bedeutung reflektiert. Welche Visionen erfüllen den Anspruch an eine global gerechte Digitalität der Zukunft? about this event: https://events.ccc.de/congress/2023/hub/event/darf_s_noch_etwas_visionarer_sein/

Dec 29, 202342 min

The FIM (Fbi IMproved) Universal Image Viewer (37c3-meta)

FIM (Fbi IMproved) is a "swiss army-knife" image viewer for: either the Linux Framebuffer or the graphical environment, or in text terminals (ASCII Art, also coloured), with a consistent interface and with many powerful features. FIM is known among enthusiasts of Raspberry Pi and other minimalistic computing devices, but also among VIM/Emacs users seeking functionality, configurability, and flexibility. My flash presentation will show the ideas of FIM and why it can be useful to many. See a full presentation at https://archive.fosdem.org/2023/schedule/event/om_fim/ about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/FLJNGZ/

Dec 29, 20235 min

More privacy for the EHDS (37c3-meta)

I will explain and propose to use a storage technology based on a cardinality estimation algorithm called HyperLogLog for the so-called secondary use within the European Health Data Space EU launched the European Health Data Space to make health records of all Europeans accessible from anywhere. The so-called "secondary use" of these data should be made available for research, decision-making, development and innovation. This is a highly privacy-relevant issue as it affects every EU citizen. Over the last few years I have been working on a research project on a similar privacy-relevant problem. I came up with a solution that relies on a cardinality estimation algorithm called HyperLogLog. It stores data in sets in a way that makes it impossible to retrieve individual data items, thus protecting the privacy of social media users. In this lightning talk, I will present the algorithm and propose this technology to be used for the secondary use of the European Health Data Space in order to improve privacy. about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/9Y8ZGZ/

Dec 29, 20235 min

Join the 'Task Tracker Systems' team! (37c3-meta)

You like to tinker with electronics, software or mechanical design in your spare time? 🧑‍💻 And would you like to develop a system as part of a supportive team? 👥💪 This talk invites you to join some devs working on a small open source project. 👋 Our goal is to experiment and play with technology while working together towards a common product. 🚀 The system we develop is a combination of a handheld device to track time spent on tasks and a desktop/mobile app which additionally allows to transfer the records to existing accounting systems. Our primary goal is to learn and practice technologies and exchange ideas with the team. While there is room to experiment, there is a useful product we want to deploy eventually. Some of the technologies currently applied or planed in the project: - ESP32 - KiCAD - Prusa 3D printer - Kotlin - modern C++ - unit tests and continuous integration Visit 👉[🔗 Task Tracker Systems on GitHub](https://github.com/Task-Tracker-Systems)👈! Contact: - 📧 [email protected] - ☎️ DECT 5689 @ 37C3 about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/RV7CMY/

Dec 29, 20234 min

The Serenity Operating System (37c3-meta)

The SerenityOS project has been developing a from-scratch Unix desktop operating system over the past five years. A five-minute look at what that means and why it's interesting. The SerenityOS project has been developing a from-scratch Unix desktop operating system over the past five years. The system has excellent vertical integration, since we write all the software ourselves, from standard library to applications. An important part of the project is the Ladybird Browser, a new cross platform browser that's compatible with large parts of the modern Web. This talk is not only an overview over the project and what we are doing, but also an invitation to our assembly and the project in general. about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/TWFWL9/

Dec 29, 20234 min

Developing the Next Generation Open Source Event Management with eventyay (37c3-meta)

The new version of the open source event system eventyay is currently being developed and we will release the first version in February. In this lightning talk I will share about the exiting features and AI capabilities we are working on. about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/WBRVVN/

Dec 29, 20234 min

Local Change, Global Impact: Transforming International Development through Local Empowerment (37c3-meta)

We're tackling a key issue in international development cooperation by empowering local change agents with direct funding and a platform to share their data and stories. Our mobile-first solution will combine e-payment and information sharing, addressing an industry-wide challenge. We present an approach to address a fundamental challenge of international development cooperation. Currently, the sector is deeply shaped by a hierarchical North-South structure that influences not only funding flows, but also priorities, methods, tools, and concerns. We want to change this by empowering local change agents. How do we do this? By directing funding flows directly to these individuals, and empowering them to share key data and their own stories - not those created by donors. Our technical solution: a mobile-first solution that combines an e-payment system with information tracks to share relevant information - both data and (micro) stories. This approach has immense potential because it addresses an industry-wide challenge. about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/TZ7CE3/

Dec 29, 20234 min

Let’s change the default language of the Internet (37c3-meta)

These days, English is the _lingua franca_, the language that “everyone” speaks and understands. But which English? Our common choice is between two different waning empires that have been imposing their culture and voice on the world for the past few centuries. For most audiences, this is a choice between two foreign locales. We need to do better. We can choose another English: an International English. Our choice of language defines the framework for our communication. It defines what’s expressible, and what the defaults are. It limits our expressibility in ways seen and unseen, and subtly hints where our allegiances lie. In this post-Brexit Europe, English is a more neutral choice than it’s ever been. We need to recognise this, and to capitalize on this opportunity to appropriate the language wholesale. In the software we write and the sites we maintain, we can: European English and International English are already supported by the underlying standards and libraries, and it’s up to us to use them, and to own our voice. The English we speak in international contexts does not need to change; we only need to explicitly realise that it is _our_ language, and that it does not need to bow to imperial authorities. Beyond that, I want to change default language of the Internet. Let me tell you how we can do that. about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/P7REEC/

Dec 29, 20235 min

Numerical Air Quality Modeling Systems (37c3)

High performance computing (HPC) in environmental science is usually associated with research on climate change, investigating the impact of atmospheric greenhouse gases (GHG) over the next century. Besides these GHGs, there are many other gases and aerosolos in the atmosphere, which have a much more direct and immediate impact on human health: air pollutants. The World Health Organization (WHO) considers air pollution to be the world's single largest environmental health threat, accounting for approximately 7 million deaths worldwide every year. That's why in this talk we want to speak about how the problem of air pollution can be understood and predicted using HPC pollution modeling and its application based on general concepts and our own research. We are Dr. Johannes Bieser and Dr. Martin Ramacher, both working at the Helmholtz Zentrum Hereon in the field of numerical pollution modelling. While Dr. Bieser wrote his Dissertation on emission modelling and its application, Dr. Ramacher wrote his Dissertation on pollutant transport and exposure modelling. In our talk on numerical air quality modelling systems, we want to introduce basic principles and share our personal knowledge in the field of numerical pollution modelling, covering the entire pathway from emissions, transport, transformation and human exposure. Each of these steps relies heavily on large amounts of data from many different sources - satellite data, activity and meta data, measurements and many more - and skills in computer science. By default, environmental scientists are often not trained in computer science and high performance computing which implies a challenge of its own (and allows Nerds like us to excel). Our talk will be enriched with practical, technical and partially political examples to demonstrate the difficulties scientist face during their quest to improve air quality for everyone: from TB of wasted data due to historically grown data formats to counterproductive policy decisions to „improve“ air quality. We’ve seen it all and after participating in the CCC for many years now, we decided to draw attention to some state-of-the science approaches for solving one of the world’s single largest environmental health threats: „air pollution“. about this event: https://events.ccc.de/congress/2023/hub/event/numerical_air_quality_modeling_systems/

Dec 29, 20231h 1m

Einführung in Smartphone Malware Forensik (37c3)

Smartphones sind in den letzten zehn Jahren zu einem allseits beliebten Angriffsziel geworden, sei es für Stalkerware, Staatstrojaner oder Banking-Malware. In diesem Vortrag wollen wir einen Überblick geben, mit welchen Techniken und Open-Source-Tools man auf Smartphones (unter iOS und Android) auf die Jagd nach Malware gehen kann. Im Anschluss findet ein Workshop mit einem praktischen Teil zum Ausprobieren einiger dieser Techniken statt. Die Qualität von Anleitungen und Einführungen zu Smartphone-Forensik im Internet ist leider sehr durchwachsen: Hier will dir jemand ein buntes Tool verkaufen, hier riecht es nach einem Scam, vielerorts geht es um das, was Strafverfolgungsbehörden machen, nämlich in den Daten fremder Leute wühlen. Stattdessen möchten wir in diesem Vortrag einen strukturierten Überblick geben, welche (öffentlichen) Möglichkeiten es in der einvernehmlichen Smartphone-Forensik mit Open-Source-Tools gibt. Wir zeigen euch, wie man welche Arten von Malware finden kann, welche Spuren sie hinterlassen und wie sich Stalkerware und Staatstrojaner in der Praxis unterscheiden. Um 14:15 findet ein praktischer Workshop statt indem gelerntes aus dem Vortrag umgesetzt werden kann: https://events.ccc.de/congress/2023/hub/en/event/introduction-to-smartphone-malware-forensics-pract/ about this event: https://events.ccc.de/congress/2023/hub/event/einfuhrung_in_smartphone_malware_forensik/

Dec 29, 20231h 2m

Digital Fordite (37c3-meta)

Fordite are polished bits of many layers of hardened enamel car paint. Originally, this car paint was just dumped, until some years ago, when people started to dig them out of the garbage dump, polished them and used them in jewellery. I wrote some code that simulates that process to generate pretty (2D) images and animations. I will quickly show what actual fordite is, then show my early attempts to use the same underlying process to make pretty pictures, describe what is implemented now, show some pretty (abstract) pictures and (if possible) some animations that have been created with it. about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/A9REYL/

Dec 29, 20234 min