Chaos Computer Club - archive feed

A conversation about digital EU politics in the present and future A conversation about EU digital policy now and in the future. The event will be a structured AMA (ask me anything). So we need your questions! We will structure the questions to ensure a smooth conversation. Questions we touched on in conversation: - Can you briefly explain the difference between Europe and the EU? - Do you represent the "Danish people" or the whole EU? - What is your opinion about the EU "chat control"? What can we do to stop it? What are you going to do? - What is your personal utopia for Europe? What positive changes would you like to see in the next few years? "EU digital legislation in the 2020's: The Good, the Bad and the Ugly" https://media.ccc.de/v/bornhack2022-4200-eu-digital-legislation about this event: https://c3voc.de

Closing, thank yous, sponsors, what's next, anything else about this event: https://talks.nixcon.org/nixcon-2023/talk/NRSXHT/

microvm.nix builds NixOS for a few virtual machine managers in a few different use-cases Full virtualization suffers from overhead and performance degradation due to software emulation of real hardware. MicroVMs are optimized by replacing this emulation with interfaces that have been optimized for the virtual machine use-case: VirtIO. microvm.nix helps you building and running NixOS on different virtual machine managers. You can use it in different use-cases, for example as a more isolated alternative to nixos-container. about this event: https://talks.nixcon.org/nixcon-2023/talk/RNTYJF/

Nix is an amazing build tool not only for applications, but also for the infamous "yaml engineering". Join Volodymyr to learn about the journey of using nix along with argocd to deploy payloads into kubernetes. What you will learn: - Setting up nix to work with argocd - Deploying simple applications written purely in nix - Utilizing the public helm charts in nix, with custom configuration and resource overriding without the chart forking - Using nixpkgs' modules system for complicated muti-cluster deployments about this event: https://talks.nixcon.org/nixcon-2023/talk/CYEPCX/

I've been using a Librem 5 running NixOS for a few months now as my daily driver. Here are the challenges I've faced, what works and what doesn't. about this event: https://talks.nixcon.org/nixcon-2023/talk/Q3YYMR/

Tvix is a modern design and implementation of the Nix package manager (GPLv3). It brings a modular architecture in which components such as the build environment or package store are replaceable, which enables new use-cases and platforms. This talk will give a status update on the current state of the project, and an outlook on the roadmap. about this event: https://talks.nixcon.org/nixcon-2023/talk/Z897S3/

It's been twenty years since Nix was unleashed upon this world, and yet, the only real alternative is Guix‽ Well, not on my watch! I've been working on Zilch for a while now, and it's starting to be ready to be released to the wild. This talk will describe what this fresh new Nix-compatible alternative is, how it came into being, and what the wider Nix community could learn from it. about this event: https://talks.nixcon.org/nixcon-2023/talk/DDVFVZ/

Building every operating system starts from something. I'm not as hardcore as the stage0 project folks going from assembly to Guix, but a shorter path from a ~320 KB TinyCC binary to Nix to a proof-of-concept Linux distribution also proved to be a story worth telling. We'll begin our journey by executing a -nostdlib C program with TinyCC, compile our way out towards a libc and a shell, work through older compilers to modern compilers and build Nix. Then we'll walk the same path again once over, but this time, we'll use Nix. Finally, in a different flake, we'll reimplement some of the founding nixpkgs patterns, work our way from toolchain to Linux and arrive at a bootable .iso. Corners will be cut, hacks will run amock, Nix will be both praised and complained about, reproducibility will be earned hard, and some patches will get upstreamed. Links: https://github.com/ZilchOS/bootstrap-from-tcc, https://github.com/ZilchOS/core, http://bootstrappable.org about this event: https://talks.nixcon.org/nixcon-2023/talk/DDQRWQ/

. about this event: https://talks.nixcon.org/nixcon-2023/talk/DHXKNW/

The team at flox has been producing a series of Nix in the Wild articles that showcase users and organizations doing innovative things with Nix. I’d like to take a quick few minutes to share some of these stories and invite others to participate. about this event: https://talks.nixcon.org/nixcon-2023/talk/8ENEKM/

In this lightening talk, we'll walk through process of creating a virtual machine using NixOS which will start Firefox and visit a pre-configured website. We'll work-around the performance issue of building multiple VMs when there are many configured websites. To do so, we'll employ flake outputs for caching and QEMU's ability to forward configuration options to the VM. At the end, we'll have a browser setup with improved isolation and alternative UX. about this event: https://talks.nixcon.org/nixcon-2023/talk/SERXWP/

A new Nix store implementation — local-overlay — that lets you create a writable layer over another underlying store. Nix has various different store implementations. For example the daemon store, which provides store access to unprivileged users on multiuser systems. Some caveats apply, but the new local-overlay store lets you combine an existing lower store with an upper layer, similar to the Linux Overlay Filesystem. Anything in the lower store will be accessible via the overlay store, while modifying the overlay store will only change the upper layer and leave the lower store untouched. about this event: https://talks.nixcon.org/nixcon-2023/talk/GXW3EX/

We should briefly see (or recap) what effort it takes today to provision via Nix a typical stack that includes Pytorch and CUDA, see when Nix could still be the better choice, and when Nix may seem to hinder progress. We should try to argue that the obstacles we observe can be eliminated at the nixpkgs level Nixpkgs and NixOS go a long way in stabilising a program's inherently random build and runtime behaviour. Meanwhile the scientific computing software, and the state of the art "AI" research code in particular, heavily rely on dynamic and "impure" deployment techniques. These include e.g. dynamic linkage using "dlopen", unenforced assumptions about paths, distribution of pre-built black-box binaries, largely facilitated by the use of dependency solvers, and more. Sometimes these "impurities" are necessary, as when using driver-aware libraries like OpenGL or CUDA. This seemingly makes it cheaper to relax the requirements to reproducibility set by Nix and embrace tools such as pip, conda, singularity (apptainer) and docker. We should briefly see (or recap) what effort it takes today to provision via Nix a typical stack that includes Pytorch and CUDA, see when Nix could still be the better choice, and when Nix may seem to hinder progress. We should try to argue that the obstacles we observe can be eliminated at the nixpkgs level. P.S. This description is preliminary about this event: https://talks.nixcon.org/nixcon-2023/talk/T3FZ8A/

In this quick talk, tomberek will introduce an upcoming experimental feature that has been in development for several years: dynamic derivations (RFC92). The talk will describe the motivation, the current status, implementation details, and a teaser of user-facing value they provide. References: - https://github.com/NixOS/rfcs/blob/master/rfcs/0092-plan-dynamism.md - https://github.com/NixOS/rfcs/pull/92 - https://github.com/NixOS/nix/issues/6316 about this event: https://talks.nixcon.org/nixcon-2023/talk/BABWGG/

Rust is a programming language with a knack for ergonomics in a space where robustness, correctness, and speed often come at the cost of many papercuts. Nix is a project focused on building software in a robust, correct, and deterministic way. These two projects should be best friends, right? In this talk Zach Mitchell from flox and the Documentation Team will give an experience report writing Rust bindings for Nix. What makes bindings difficult? Which bindings can be autogenerated? Which can (or should) be written by hand? Tune in to find out what went well, what was painful, and what didn't work at all. about this event: https://talks.nixcon.org/nixcon-2023/talk/CQVAZU/

Nuenv is an alternative builder for Nix derivations that uses Nushell rather than Bash. It offers enhanced expressiveness and type safety to Nix. While Bash is a tried-and-true and highly well-known quantity, it's not particularly expressive and it has known "footguns" surrounding things like string parsing. Nushell is a recent entry into the world of shells. It's written in Rust and it offers robust data types and safety guarantees that have a lot to potentially offer to Nix. In this talk, I'll teach you not just about Nushell, how I built it, and how it works, but also about the realisation process itself. about this event: https://talks.nixcon.org/nixcon-2023/talk/KAYMMA/

If you ask three NixOS users what their favorite NixOS deployment tool to update a NixOS system is, you might get four answers. However, installing NixOS on a machine can be a tedious and manual process, especially if the machine is not physically accessible or does not have a NixOS installer. In this talk, we will introduce two tools that can simplify and automate the installation of NixOS on any machine with Linux and SSH access: disko and nixos-anywhere. If you ask three NixOS users what their favorite NixOS deployment tool to update a NixOS system is, you might get four answers. However, installing NixOS on a machine can be a tedious and manual process, especially if the machine is not physically accessible or does not have a NixOS installer. In this talk, we will introduce two tools that can simplify and automate the installation of NixOS on any machine with Linux and SSH access: disko and nixos-anywhere. Disko is a declarative disk partitioning tool that allows you to specify the layout of your disks using a simple Nix expression. It can create, resize, format, and mount partitions on any device that supports block operations. It also supports encryption, ZFS, RAID, and LVM. Nixos-anywhere is a tool that can install NixOS on any cloud or bare-metal environment over SSH. It can detect whether the target machine has a NixOS installer; if not, it can use kexec to boot into one. It then uses disko to partition and format the disks according to your configuration, and installs NixOS with your desired packages and secrets. With these tools, you can easily deploy NixOS on any machine without needing physical access or manual intervention. You can also reuse the same configuration for multiple machines, ensuring consistency and reproducibility. In this talk, we will demonstrate how to use disko and nixos-anywhere to install NixOS on various scenarios, such as a virtual machine, laptops or bare-metal servers. We will also discuss some of the challenges and limitations of these tools, and how they can be improved in the future. about this event: https://talks.nixcon.org/nixcon-2023/talk/8QMELJ/

Even with recent improvements in documentation, sometimes the most expedient way to understand nixpkgs and NixOS is to read the source code. However, that's not trivial: there are now 2.9 million lines of Nix source in nixpkgs. This talk shows several methods of finding the sources behind things in nixpkgs and NixOS from using ctags to various lesser-known tricks in the repl. After this talk, getting around in nixpkgs should be familiar and quick. There are a lot of tools and methods for getting documentation and finding things in Nix but they are often not well publicized and form peoples' private workflows. Substantial progress has been made on this, for instance, with nixd, but there are other methods that still have their place when more advanced tools don't have perfect code context. This talk introduces a novel NixOS-modules ctags implementation allowing finding option definitions nearly instantly. It also presents how to navigate nixpkgs using nix-doc for ctags and to get function documentation in the Nix repl, how to fall back on `unsafeGetAttrPos`, and how to use the Nix debugger. I will briefly dive into the internals of NixOS to show the introspection capabilities it provides for where settings come from, and how to load a NixOS configuration into the repl for inspection in the first place. about this event: https://talks.nixcon.org/nixcon-2023/talk/BAVND7/

Opening ceremony for day 2! about this event: https://talks.nixcon.org/nixcon-2023/talk/DS3REV/

Congratulations, you’ve convinced your friends / peers / coworkers to give Nix a try. Now the hard work starts: you have to actually teach it to them! Nix might be hard to learn, but it sure can be a fun journey! In this talk, Rok Garbas from flox will share the tools and techniques you need to teach Nix to your friends and colleagues…and, most importantly, what NOT to teach. Congratulations, you’ve convinced your friends / peers / coworkers to give Nix a try. Now the hard work starts: you have to actually teach it to them! Nix might be hard to learn, but it sure can be a fun journey! In this talk, Rok Garbas from flox will share the tools and techniques you need to teach Nix to your friends and colleagues…and, most importantly, what NOT to teach. about this event: https://talks.nixcon.org/nixcon-2023/talk/KJCDMT/

Interesting things you can do using the proposed C API Nix plugins have been a possibility for years, but haven't caught on. I'll talk about the proposed new C API and what you can do with it. - Using Nix from your own tooling without wrapping the CLI - Writing Nix plugins about this event: https://talks.nixcon.org/nixcon-2023/talk/8BJU9K/

The [Impermanence](https://github.com/nix-community/impermanence) project aims to make it easy to build systems where the root storage is erased on every boot. In this talk, I'll go into why and how you would set up a system with ephemeral root storage and how Impermanence can help you manage the state you want to keep between reboots. about this event: https://talks.nixcon.org/nixcon-2023/talk/UPNSQD/

The NixOS virtual machine testing framework is very powerful, and allows for convenient testing of entire NixOS machines. However, some capabilities can only be tested by booting a physical machine with a given NixOS closure. This talk describes some work done toward the goal of enabling testing NixOS closures on physical machines, with an example of testing NVIDIA Jetson devices using the "jetpack-nixos" project. about this event: https://talks.nixcon.org/nixcon-2023/talk/VN8YMP/

The underlying machinery of the NixOS module system, evalModules, is useful for more than just declaring Operating Systems. At Replit, we use it to [declare IDE plugins](https://github.com/replit/nixmodules) for language runtimes, code intelligence (LSP), runners, packagers, and debuggers. Learn how you can use evalModules for your own applications and how we use it to declare an IDE. During the hackday, let's adapt the IDE plugins to emacs, vim, or vscode! about this event: https://talks.nixcon.org/nixcon-2023/talk/3FSNG9/

An interactive session with the NixOS Foundation Board, going through the past year and looking into the next. During this interactive session, board members will share their insights on the current state of Nix, discuss ongoing projects, and foundation plans for the upcoming year. In addition to sharing the board's roadmap, this panel will also facilitate an open dialogue with the community in the form of Q&A. about this event: https://talks.nixcon.org/nixcon-2023/talk/LZ9QTZ/

A rundown of what the Nix documentation team has done since last NixCon about this event: https://talks.nixcon.org/nixcon-2023/talk/G8NDHE/

This talk hints at how defining Nix packages (and development shells in particular) with another language than Nix influences the way we think about them, and discuss whether there are lessons to be learned from here for Nixpkgs or Nix itself. [Organist](https://github.com/nickel-lang/organist) is a Nickel library and tool aimed at serving as the entry point for all the development tools, and featuring in particular a [Nickel](https://github.com/tweag/nickel) frontend for Nix as an experiment in changing the surface language. Changing the frontend used was also an occasion of changing the way we declare, compose and override packages, with a framework based on merging records (_a la_ module-system) rather than stacked wrapping functions and explicit fixpoints. about this event: https://talks.nixcon.org/nixcon-2023/talk/7LPHTK/

What are the languages that target Nix? Why might someone choose not to write an expression directly in Nix? How do these languages differ from one another? This lightning talk will offer a brief overview of languages that can compile to Nix. For instance, [Dhall](https://dhall-lang.org/), [PureScript](https://hackage.haskell.org/package/purenix) and [Nickel](https://nickel-lang.org/) (even though it doesn't directly translate to Nix). What do the generated expressions look like? Can I use them to write a package definition or a NixOS configuration? **EDIT:** I will not have the time to introduce an experimental toy project of mine: a Scheme dialect that compiles to Nix, featuring a _static_ type system inspired by the [contracts](https://github.com/yvan-sraka/contracts) library. But I will be more than happy to discuss it while HackDay! about this event: https://talks.nixcon.org/nixcon-2023/talk/7WYFPW/

Creating a NixOS workstation configuration for non-Linux experts using Flathub with a graphical storefront so they can install the apps they want. Since 2006 I've been helping friends and family run desktop Linux. This lightning talk reflects on the distributions I've used in the past and why I'm now using NixOS with Flathub enabled to make NixOS accessible to non-expert Linux users. about this event: https://talks.nixcon.org/nixcon-2023/talk/MNUFFP/

This talk will describe our experience shipping a product as a NixOS appliance that supports site-specific customization after deployment. NixOS' declarative model is a good match when one can write down the complete system configuration. How can we handle dynamic aspects of the configuration? That is, anything we expect to vary such that we cannot specify it fully at build time. We will share the mechanisms used to achieve this and our assessment of the trade-offs involved. Examples of site-specific variations: * timezone * time server * network share * SSL/TLS certificate about this event: https://talks.nixcon.org/nixcon-2023/talk/V3UGSG/

For [almost 20 years now](https://github.com/nixos/nixpkgs/commit/1894a8b86c4f5233f4f28af3b93156aaaee44af1#diff-e55bb1f00549f56ee8b5e3a6977467543b29e7ddb51bd6df23bea76713fc972c), adding a new package to Nixpkgs required editing the `all-packages.nix` file, which grew to over 40000 barely-sorted lines this year. In addition, an appropriate place for your package definition had to be found in the loosely-categorised `pkgs` hierarchy. Especially with the recent growth of Nix, this has been a frequent cause of confusion for new contributors. However, in the months leading up to NixCon, this is all changing with the acceptance of [RFC 140](https://github.com/NixOS/rfcs/pull/140), originally designed by the new [Nixpkgs Architecture Team](https://nixos.org/community/teams/nixpkgs-architecture.html). This proposal allows most new packages to be added by simply creating a new directory in the right place with a name matching the desired attribute name. In this talk I will go over the new package contribution process, along with its limitations, historical context, interesting implementation details and future work. about this event: https://talks.nixcon.org/nixcon-2023/talk/HRWDVC/

Flakes is seeing widespread and increasing adoption, but some people and projects are still hesitant to move to them because they have requirements that are cumbersome or impossible to address with Nix Flakes in their current incarnation (there are also other reasons, but I will be focusing on the technical ones). I will talk about the gaps I see in the current design of Flakes, and how these gaps could be filled in the future without compromising the core goals of Flakes. I will also explore the implications that this will have for the broad range of projects already using Flakes as it exists today. about this event: https://talks.nixcon.org/nixcon-2023/talk/VPYBSY/

Flakes are a format for distributing Nix-based assets such as Nix packages, development shells, CI jobs and NixOS modules. The flake specification doesn't impose any restrictions on the contents ("outputs") of a flake, and these can be arbitrary Nix values. While this makes flakes very flexible, it means that there is no generic way to find out what a flake provides, or to check its correctness. To work around this, tools such as `nix flake show` and `nix flake check` have built-in support for a fixed set of flake output types such as `packages` and `devShells`. Unfortunately, this set cannot be extended by users to handle new flake output types. In this talk, I propose *flake schemas*, which are essentially Nix functions that enumerate the contents of a flake output, including documentation, checks and options. Flake schemas do not impose a type system on flake outputs - it is entirely up to the schema function how it checks the flake output. Flake schemas allow us to remove all output-specific code from commands like `nix flake {show, check, search}`, making it easier for developers to introduce new output types. about this event: https://talks.nixcon.org/nixcon-2023/talk/L3QVWC/

Du hast dich entschieden einen Hackerspace zu besuchen - das ist großartig! In diesem Petit Foo gibt sirgoofy Tipps für deinen ersten Besuch im Hackerspace. Was kannst du erwarten? Was solltest du machen? Was ist vielleicht keine gute Idee? Und auch für uns langjährige Hackerspace-Besucher ist dieses Video vielleicht ein guter Anreiz darüber nachzudenken, wie der eigene erste Besuch damals war - und wie man neuen Besuchern eine gute erste Erfahrung ermöglicht. about this event: https://chaospott.de/

Es geht los about this event: https://talks.mrmcd.net/2023/talk/9GQT8A/

ein kleiner Einblick in die Studiotechnik eines Radiosenders Fast jede*r hört im Lauf der Woche irgendwo ganz klassisch Radio - ob zum Aufstehen, im Auto, beim Arbeiten oder unfreiwillig im Supermarkt. Doch wie sieht es eigentlich auf der anderen Seite aus? Und was ist alles nötig, damit die Stimme der Moderatorin am Ende aus dem Radiolautsprecher kommt? Der Vortrag zeigt anhand der Technik eines der größten Freien Radios des deutschsprachigen Raums, wie ein zeitgenössisches Radiostudio aussehen kann. about this event: https://talks.mrmcd.net/2023/talk/Q3W7XY/

Große Social Media Netzwerke wie X, Instagram und TikTok sind einfach nur noch pervers und ballern einen unablässig mit Werbung, Triggern und Hass zu. Hate sells I guess. Ich hatte letztlich keine Lust mehr darauf und mit dem Fediverse und dezentralen Social Media angeboten die Erfahrung gemacht: Social Media muss gar nicht Grau, Hass und Bots - es kann auch Bunt, Liebe und Menschen. Ich plaudere aus dem Bitkästchen zu darmstadt.social, wer ich bin, wo ich herkomme und wie ich auf die ~~Dumme~~hervorragende Idee kam ein öffentliches Mastodon im fediverse zu betreiben. Ich möchte von meiner anfänglichen Motivation erzählen, dem Tief und der Enttäuschung während Covid19 und wie sich meine Motivation dadurch verändert hat. Rund um das fediverse und dessen Software hat sich eine engagierte Community aus Admins und Moderator*innen gebildet, die sich über Meetups, ActivityPub und Matrix selbst organisieren um Wissen auszutauschen und sich in Krisen beizustehen. Wie betreibt man eigentlich einen Teil des Fediverse? Mit wie viel Last und Kosten kann man rechnen? Moderation ist nicht einfach, wie geht darmstadt.social damit um? Nicht zuletzt stellen sich ab einer gewissen Größe auch rechtliche Fragen. Wie sieht es also mit darmstadt.social e.V. aus? about this event: https://talks.mrmcd.net/2023/talk/HCD88L/

Für viele Menschen da draußen ist IT Sicherheit gefühlt eher ganz weit weg. Das muss nicht so. Eine Anleitung zum selber machen! Im Unternehmenskontext habt ihr sicher auch viel mit Menschen zu tun, die sich in ihrer Domäne sehr gut auskennen und da super spannende Dinge tun. In meinem konkreten Fall oft Techies aus der Entwicklung. Für die sogenannten "Nichtfunktionalen Anforderungen": Informationssicherheit, Datenschutz,… ist mindestens eine Schulung im Jahr. Doch es gibt Momente wo mir die Frage aufkommt: Haben die Menschen noch nie was von dieser Sicherheitslücke gehört, die sie da eingebaut haben? Ist den Beteiligten eigentlich bewusst, dass dieses Feature hier gut zum Stalking missbraucht werden kann? Stellt sich heraus: Gefahren, die Menschen nicht kennen, können sie auch nicht vermeiden. Wie fixen wir das jetzt? Einmal die Seiten tauschen! Denn wie lässt sich Sicherheit besser lernen, als "einfach mal selbst kaputt machen"? Das Ziel ist ein bisschen Bewusstsein, was geht. Kein Häkchen für einen Comliance Fragebogen sondern diese gewisse Aufmerksamkeit. Ich mag aus Perspektive eines Techies "der da mal was gemacht hat" ein bisschen Lessons Learned teilen. Wie betreutes Kaputtmachen mit verschiedenen Gruppen funktioniert. Was schon mit einfachsten Mitteln geht. Und warum ihr das auch solltet. about this event: https://talks.mrmcd.net/2023/talk/CJCHRY/

Eine Einführung in Kapitalismus-Schwurbel-Kritik: Ausgehend vom Beispiel der "schwäbischen Hausfrau" versuche ich aufzudröseln, wie gerne Menschen mit "ökonomischem" und "(neo-)liberalem" Hintergrund pseudo-ökonomische Bilder aufgebauen und in einem schiefen Zusammenhang verwenden, um eigene politische Interessen zu fördern und tatsächlichen ökonomischen Argumenten auszuweichen. In letzter Zeit mehren sich in politischen Diskussionen "offensichtliche" Argumente, die Einschnitte in staatliche Leistungen oder das Schonen großer Vermögen und Einkommen begründen sollen. Dabei wird ein Framing mit einfachen Bildern aus dem gefühlten Alltag genommen um diese in pseudo-ökonomischem Duktus zu nutzen, die eigene Klientel vor Eingriffen zu schützen. Dadurch werden wiederholt sinnvolle Vorschläge mit unsachlichen Argumenten diskreditiert und abgewürgt. Und das auch dann, wenn internationale, durchaus konservativ angehauchte Experten-Gremien ebenfalls deutlich diese Veränderungen fordern, damit unsere Wirtschaft nicht weiter zurück fällt. Das wäre nicht so schlimm, wenn es nicht uns alle direkt betreffen würde. Dennoch lassen wir das meist unkommentiert zu, da wir uns nicht mit Geld und „Wirtschaft“ beschäftigen (wollen). Damit erlauben wir es diesen AkteurInnen auf einfache Weise ihre Ziele durchzusetzen, ohne dass sie groß hinterfragt werden. In diesem Talk schauen wir uns einzelne dieser Bilder an, wie sie funktionieren und warum sie auf die eigentlichen Probleme nicht übertragbar sind. Auch wenn wir uns ungerne mit Geld beschäftigen, lohnt es sich gerade wenn es um viel davon geht, den PolitikerInnen und Lobbygruppen genauer auf die Finger zu schauen. Denn es ist unser Geld verdient mit unserer Lebenszeit. about this event: https://talks.mrmcd.net/2023/talk/8NCL7Y/

WPA2 Enterprise ist in Institutionen weit verbreitet. Doch wie outdated ist das Protokoll, welches sich hinter dem WLAN mit Username und Passwort verbirgt? Wie können wir diese Probleme überwinden und Enterprise WiFi in die moderne Welt bringen? Wenn sich ein Gerät mit einem WPA Enterprise Netzwerk verbindet wird im Hintergrund das RADIUS Protokoll aktiv. Doch welche Probleme ergeben sich dabei wenn ein Protokoll aus 1997 dafür verwendet wird? Und wie gelingt es heute elegant Integrationen für WPA Enterprise zu bauen? about this event: https://talks.mrmcd.net/2023/talk/KCVLBZ/

This workshop is about knitting. That stuff that grows on sheep or goats. I was not taught to knit by my Nana when I was a child, I learned this at school Crafts lessens. Quite recently I have I picked up my knitting needles again to knit round scarfs based on the “cap comforter” for the Salvation Army. The last two years I was determined to get past the basics and progress towards techniques like double knitting, fair isle knitting, Lithuanian Knitting. So, with the help of several books and YouTu.be University, I have learned interesting new methods and am going to carry on with this foreseeable future. Because I have found that a lot of instructions on the internet are not comprehensive enough, or they assume you already know the basics and don’t go through everything step-by-step, I was asked knitting aimed at absolute beginners. But what about OSINT and reverse engineering its in the header? Yes Ill use it to identify patterns from the past and future. If asked nice I could give out some nasty Osint search for lost data or hidden persons. For Students: Start with the basics and get them right before moving on to more adventurous techniques, and don’t start a project which is too complicated for you or will take forever to finish If you're always enjoyed crafts but have neglected this interest for years, this is a beginners level to get back to it. Which Needles For A Beginner? Suggest that you purchase one set of straight (single-pointed) needles and one set of circular needles to start. Circular needles are a little intimidating at first but are for this workshop, but don’t worry, they’re friendly really and easy to find at thrift store’s Needles are in any material (bamboo, wood, metal, plastic), and if you can afford carbon, I would suggest that you buy in each material so that you can test them all out yourself. I have used most types and I’ve now decided to stick to round needles from wood or metal, although I don’t dislike using any type. The needle size you choose to use doesn’t really matter, but I would suggest that you start with a relatively large needle diameter such as 6mm (U.S.A size 10), which is best suited to using with a bulky yarn (weight 5). Go for a plain and quite inexpensive acrylic/wool yarn to start you off, and even though it’s tempting, it’s best NOT to go for a fancy mohair or art yarn at this point but if you find this at you’re local Trift store for 10 cents 10 grams just buy it. Pick a yarn you like that feels like good quality; you should pick a yarn that appeals to you, since you’re likely to enjoy knitting As for the cable length on the circular needles; I’d go for a 60cm (24”) cable personally as it’s a common size. I prefer the one that can unscrew the cable but there hard to find. Topics, The First Steps of Learning Casting on (How to set up the yarn on the needle) Basic: Knit stitch, Purl stitch and Casting/binding off: Patterns with samples will be available Reverse engineering patterns from a picture, finding free patterns about this event: https://talks.mrmcd.net/2023/talk/VAEVPF/

rosenpass.eu ist zur Zeit ein kryptographisches add-on zu WireGuard, das eine Post Quantum Funktionalität für VPNs bereitstellt. Es ist aber noch viel mehr. Wir berichten von den neuesten Entwicklungen. rosenpass.eu Karo, Emil und ajuvo berichten von den Cryptowars neuester Prägung und was wir dagegen machen: Post Quantum Cryptography. Schaut auf https://rosenpass.eu ! Dort gibt es Link zum Repo und ein schönes Whitepaper! about this event: https://talks.mrmcd.net/2023/talk/S8TG3H/

Talk über die Nische angewandter ML Methoden auf Timeseries Daten. In diesen Beispielen mit InfluxDB2 als Timeseries Datestore. Über meinen Weg von der Wahl der Methode über die implementierung einer ML Pipeline bis zur Visualisierung in einem Grafana Dashboard aus Sicht eines nicht-Mathematikers. Ich werde ein bisschen berichten über: - Anomalieerkennung going MAD(): Theorie und Praxis mit dem medium absolute deviation Algorithmus. - Forecasting von Timeseriesdaten mit prophet, pandas und InfluxDB und Grafana about this event: https://talks.mrmcd.net/2023/talk/WTVF3K/

Menschen können auf Deutsch oder Englisch gemeinsam mit ihrem Publikum Präsentationen kennenlernen und vorstellen. Die (vorher nicht offengelegten) Präsentationen sind entweder auf Deutsch oder Englisch erstellt, der Vortrag kann aber unabhängig davon in der gleichen oder jeweils anderen Sprache erfolgen. about this event: https://talks.mrmcd.net/2023/talk/UFPUD9/

Dieser Talk gibt eine Status-Update über das OpenWrt Projekt, der Feature-Entwicklung der letzten Jahre und was dies für den praktischen Einsatz bedeutet. Wir betrachten sowohl historische wie auch aktuelle Entwicklung von OpenWrt und den dazu gehörigen relevanten Entwicklungen aus dem Linux-Kernel sowie anderen Projekten. Themen des Vortrages sind unter anderem: - Unterstützte Platformen - L2 Switches - WiFi6 / WiFi 6E - Bufferbloat (SQM / Cake) - Airtime-Fairness - Offloading (Bridge / Flow) - Multi-AP Roaming Besondere Vorkenntnisse sind nicht nötig, grundlegende Netzwerkkenntnisse sind von Vorteil. about this event: https://talks.mrmcd.net/2023/talk/QMSBT3/

For a bunch of years, I have collected lots of gadgets from every hacker's favourite online stores, and coined the term "root on arrival" at some point. Leaning against the good old "Hack All The Things: 20 Devices in 45 Minutes" talk by The Exploiteers, I present another series of devices to hack on: IP cameras, network video records, wireless storages, car media players, TV boxes, physical access control systems, lounge/room control panels, portable mobile network gateways - you name it. Because all of those are actually nice gadgets to have, besides just popping those boxes, I will go further and walk through a handful of nice projects leveraging existing products to put custom software on them. about this event: https://talks.mrmcd.net/2023/talk/SLLVT8/

Der Vortrag widmet sich den Fortschritten im Gluon-Framework und dem zugrunde liegenden Betriebssystem OpenWrt. Diese ermöglichen es, herkömmliche Router-Hardware mit batman-adv / fastd-VPN und WLAN ins Gigabit-Zeitalter zu bringen. Erfahre in diesem Vortrag mehr über die aufregende Reise von Freifunk ins Gigabit-Zeitalter und lasse dich von den beeindruckenden Möglichkeiten inspirieren, die diese Entwicklungen für Freifunk bieten. Über einen Zeitraum von 10 Jahren wird die Evolution von OpenWrt, Freifunk, Gluon und Netzwerkhardware beleuchtet. Dabei betrachten wir verschiedene technische Neuerungen. Diese Entwicklungen haben die Freifunk-Landschaft revolutioniert und ermöglichen nun Gigabit über Freifunk. about this event: https://talks.mrmcd.net/2023/talk/MENNFX/

Die Entwicklung der maschinellen Denkmaschinen erreichen eine Komplexität, die es den meisten Menschen mittlerweile unmöglich macht, diese komplett zu erfassen. Stattddessen werden Abtrahierungsschichten generiert, die den BenutzerInnen, Entwicklerinnen und SystemadministratorInnen jene Systeme vorgaukeln, die sie erwarten. Phantasie und Wirklichkeit verschwimmen und der Markt wird von den Akteuren mit der größten Abwärtskompatibilität kontrolliert. Dieser Talk versucht einen Überblick über die Abstraktions- und Virtualisierungsschichten der aktuellen IT-Landschaften zu geben und EinsteigerInnen in das Feld ein wenig Verständnis dafür zu geben, weswegen die Dinge so sind, wie sie sind. Dieser Talk erhebt aufgrund der Komplexität keinen Anspruch auf Vollständigkeit. Die Besuchenden des Vortrags werden explizit aufgefordert, Folgetalks zu diesem Vortrag zu halten, die Teilaspekte oder nicht berücksichtigte Themenbereiche aufgreifen und vertiefen. about this event: https://talks.mrmcd.net/2023/talk/9TSTZL/

Palantir ist ein US-amerikanisches Überwachungsunternehmen, das seine Dienste mit der Software Gotham dem öffentlichen Dienst, vor allem der Strafverfolgung zur Verfügung stellt. Seit einiger Zeit wütet das durch einen der derzeit mächtigsten Faschisten der Welt, Peter Thiel, gegründete Unternehmen auch in der deutschen und europäischen Polizeiarbeit. Europol hat sich gegen die Nutzung der Software entschieden - während sich die Bundesinnenministerin Faeser dieser Einschätzung angeschlossen hat, hat Bayern bereits einen Rahmenvertrag mit Palantir verhandelt, der anderen Bundesländern helfen soll, Vergabeverfahren zu umgehen. Hamburg wollte das Urteil des Bundesverfassungsgericht gegen Hessen abwarten, um die Software zu implementieren; auch wenn Hessen mit HessenData offenkundig verfassungswidrig ist, ist aber auch Nordrhein-Westfalen mitten in der Nutzung. Die Aussichten sind düster - wir erklären warum. about this event: https://talks.mrmcd.net/2023/talk/TGMBGQ/

Linux ist, vor allem im Server- und IoT-Bereich, nicht mehr wegzudenken. Leider sind Standard-Installationen i.d.R. unsicher konfiguriert und Administrator:innen sehen sich zahlreichen Sicherheitslücken ausgesetzt. Glücklicherweise bietet das Linux-Ökosystem einen ganzen Zoo an sinnvollen Tools zur Optimierung der Sicherheit, die - automatisiert eingesetzt - schnell zur Besserung der Lage beitragen können. Dieser Vortrag beinhaltet vor allem Lessons Learned und Praxistipps aus Projekterfahrung. Insbesondere im Server-Umfeld genießt Linux schon lange eine weite Verbreitung - so werden derzeit ca. 80% der Webserver mit Linux betrieben. Heute nicht mehr wegzudenkende IoT-Hardware verwendet ebenfalls zu großen Teilen Linux. Auch wenn mit dem quelloffenen Betriebsysteme betankte Desktop-Systeme nach wie vor nicht sehr weit verbreitet sind (das "year of the Linux desktop" kommt sicher noch!), ist Linux für Angreifende interessanter denn je. Entgegen der häufigen Erwartung sind Standard-Installationen gängiger Linux-Distributionen in der Regel nicht sicher, was ein neues System in einem ungeschützten Netzwerk direkt anfällig für Angriffe macht. Für viele Administrator:innen bedeutet das vor allem ein ewiges Jonglieren zwischen Sicherheit und Komfort und viel Nacharbeiten. Glücklicherweise bietet das Linux-Ökosystem einen ganzen Zoo an sinnvollen Tools zur Optimierung der Sicherheit. Neben prominenten Frameworks, wie z.B. SELinux, AIDE und fail2ban gibt es jedoch auch weniger weit verbreitete Tools wie z.B. NBDE, OpenSCAP und Dev-Sec. Im Zusammenspiel mit IaC-Tools, wie z.B. Ansible, lässt sich so schnell eine deutlich höhere Security Baseline herstellen. Dieser Vortrag beinhaltet vor allem Lessons Learned und Praxistipps aus Projekterfahrung. about this event: https://talks.mrmcd.net/2023/talk/ZXUFZ9/