Chaos Computer Club - archive feed

The Elektronisches Orchester Charlottenburg (EOC) explores the improvisation and interpretation of Electroacoustic Music. This includes the interaction of diverse electronic instruments and their spatialization in real time. The EOC was founded at the Electronic Music Studio at Technical University of Berlin within a seminar of the Audio Communication Group. It offers a platform for developing and applying new instruments and concepts in the realm of electroacoustic music. The Elektronisches Orchester Charlottenburg (EOC) explores the improvisation and interpretation of Electroacoustic Music. This includes the interaction of diverse electronic instruments and their spatialization in real time. The EOC was founded at the Electronic Music Studio at Technical University of Berlin within a seminar of the Audio Communication Group. It offers a platform for developing and applying new instruments and concepts in the realm of electroacoustic music. https://eo-charlottenburg.de/about/ about this event: https://pretalx.c3voc.de/camp2023/talk/N8ZSFH/

What does it take to build a fully functional (and actually usable) voice assistant that runs on a Raspberry with FOSS? This talk describes the journey from the idea to Version 1.0 (and beyond). It has to be a HAL9000 - the enclosure for my cloud-free digital voice assistant. The personal project is based on FOSS and runs on a Raspberry Pi Zero2 W in combination with a RP2040 (with a small display showing an animated HAL eye and a small GUI). I will talk about: * design decisions (and changes), * the system architecture, * why which software components were chosen, * highlight some interesting hardware and software aspects and * quickly show how the 3D model for the enclosure was created with OpenSCAD. HAL will talk about: * the 9000 series, * the AE-35 unit, * ...and whatever else the demo gods will allow. This talk should also serve as a crash-course into the (basic) technology of digital voice assistants - stuffed with information (and anecdotes) about the hardware, software and the 3D-printed enclosure. about this event: https://pretalx.c3voc.de/camp2023/talk/AUN3FY/

Schon wieder muss Karlsruhe ran Vor mehr als zehn Jahren lang ein Staatstrojaner auf dem Seziertisch des CCC. Was die Analyse zeigte, waren neben eklatanten handwerklichen Fehlern auch die mangelnde Prüfbarkeit der Schadsoftware und weitere grundsätzliche Probleme solcher Ausspähmethoden. Leider hat sich nicht viel verbessert – im Gegenteil. Und so haben wir im Juli dieses Jahres eine weitere Stellungnahme zum Staatstrojaner an das Bundesverfassungsgericht gesendet. Wir wollen berichten, was darin steht und was politisch bei diesen heimlichen Ermittlungsmaßnahmen gerade ansteht. about this event: https://pretalx.c3voc.de/camp2023/talk/NWMSTD/

At Camp 2011 the “Space Program of the Hacker Scene” had been released as one of the main aspects as the outcome of this Camp. It is time for a review after 12 years and reshape it into Solarpunk. **~ For Our Future ~** The [Space Program of the Hacker Scene](https://events.ccc.de/camp/2011/wiki/Call_for_Space_Program) had been released. There were three targets for the upcoming 23 years until 2034: 1. Creation of a free Satellite Network 2. A Hacker in Orbit 3. Landing a Hacker safely on the Moon For reaching this goal, several challenges for self-sustaining habitats, community communication, and transportation needed to be resolved. That's where the hacking and making scene came into effect. But the events on the world changed quickly and we see more challenges to keep our space ship Earth intact. Time to review the Hacker Space Program from 2011 and use its spheres of activities for a better future on Earth in combination with the Solarpunk movement. about this event: https://pretalx.c3voc.de/camp2023/talk/SSL7AC/

You like coding and tinkering with software or hardware? And you are up for a challenge? Then the “Youth Hacking 4 Freedom” is the perfect competition to test your skills. The Free Software Foundation With the “Youth Hacking 4 Freedom” contest the FSFE has created a fun hacking competition for young people from Europe. The participants have the chance to work on their own project idea with the guidance of experts from the Free Software universe. There are no limitations for the projects as long as they are published under a Free Software license. In this competition young people can test their skills, learn how to work on a project under a deadline, and most importantly have fun while meeting different people from Europe. Hear all about the competition and how to participate in this talk. about this event: https://fahrplan.alpaka.space/camp-2023/talk/MBHHVC/

. Chaos Family about this event: https://pretalx.c3voc.de/camp2023/talk/5659/

The role of the Internet in the Ukrainian war is not been fully considered yet. Currently, primary Internet based attacks are analyzed, but it is greatly neglected that with the help of the Internet measurement verifiable statements can be made about the real world. Through global Internet scans and a passive blackhole sensor network, we can identify digital and conventional attacks and their effects in this case study on the territory of Ukraine. We will show that it is possible to detect where in Ukraine, Russian attack-related power outages occur and how long they last. For this purpose, we will also scan and analyze 2 major attack waves that occurred about 5 months apart in detail the service availability of more than 400,000 static IP addresses every 4 hours for several months. This long-term period will also allow us to determine whether and if so, how resilient the Ukrainian power supply has become against Russian missile attacks. In addition, we will also analyze other data such as ESA radar images and correlate the degree of destruction of certain regions in Ukraine with our scan data. This method could be used, for example, to support NGOs to determine the need for mobile power generators in certain regions. Furthermore, using BGP data and media information, we will show that Russian forces in Kherson are attempting to route network traffic from local ISPs through Russian territory to gain a tactical advantage. Finally, we will show that through a blackhole network of about 1000 IP addresses it is possible to detect certain DDOS attacks against Ukrainian infrastructures or government websites. The analysis of the temporal course of the attacks shows interesting temporal patterns that suggest some kind of campaign. about this event: https://pretalx.c3voc.de/camp2023/talk/YRKCQT/

Was hat sich beim Thema Digitale Gewalt seit dem letzten Camp verändert? Warum plant das BMJ eine Digitale-Gewalt-Gesetz, das diejenigen identifizieren und bestrafen soll, die in Messengern über schlechte Restaurants lästern, und warum ändert sich noch immer nichts an der Pflicht zur Adresse im Impressum? Das und mehr im Update zum Stand der Dinge bei der Digitalen Gewalt. Vier Jahre nach ["Was tun gegen Digitale Gewalt gegen Frauen"](https://media.ccc.de/v/Camp2019-10346-was_tun_gegen_digitale_gewalt_gegen_frauen), meinem Talk im letzten Camp, ist es Zeit für ein Update. Die Ampel hat sich ein Digitale-Gewalt-Gesetz in den Koalitionsvertrag geschrieben und dazu gerade erste 'Eckpunkte' vorgelegt. Warum das völlig am Problem vorbeigeht und dazu möglicherweise für uns alle eine Gefahr darstellt, werde ich in diesem Talk erläutern. Das Justizministerium möchte nämlich nicht nur diejenigen identifizieren, die andere auf Social-Media-Plattformen bedrohen und beleidigen, sondern auch noch viele andere. Die Sicherheitsbehörden freuen sich schon. Aber vor allem: Das löst nicht die vielfältigen Probleme der digitalen Gewalt. Die findet nicht nur auf Plattformen statt, sondern in Partnerschaften und Ex-Partnerschaften, durch Bekannte und Unbekannte, unter Kolleg*innen, in Familien oder Nachbarschaften. Digitale Technologien werden für alle denkbaren Formen der Manipulation und Kontrolle benutzt: Mitlesen von E-Mails, sichtbare und unsichtbare Kameras in öffentlichen und privaten Räumen, AirTags in Spielzeug, Handtaschen, Fahrzeugen. Spyware wird nicht nur von autokratischen Regimes eingesetzt, sondern auch zur Überwachung der eigenen Familie. Was hat sich in den letzten vier Jahren verändert? Wer hilft den Betroffenen und wie können sie sich selbst helfen? Darum geht es in diesem Talk. about this event: https://pretalx.c3voc.de/camp2023/talk/Z9BF9L/

A short session for even shorter talks. Language: English or German -- german -- Du willst was sagen? Das Podium gehört dir. 10 Minuten hast du, dann wird gewechselt. Ein kurzer Vortrag über die Aerodynamik von Enten, Werbung für dein neues Open-Source-Projekt, ein kleiner Hack den du neulich entdeckt hast, gesellschaftliche Kommentare ... alles geht. Zur Verfügung stehen Mikrophon, Beamer und ein Laptop mit USB-Stick, um Präsentationen im PDF-Format zu zeigen. Falls du eine Präsentation von deinem eigenen Gerät zeigen möchtest, würden wir dich bitten, 15 Minuten vor Beginn zu kommen, damit wir die Technik testen können. Am besten meldest du deinen Vortrag bei [email protected] . Spontane Beiträge sind aber auch gern gesehen, wenn am Ende noch Zeit ist. -- english -- Wanna say something? The stage is yours. You have 10 minutes to talk about anything. A short talk about the aerodynamics of ducks; promoting your new open-source project; a small hack that you found; social commentary ... anything goes. Available infrastructure: A microphone, beamer and laptop with a USB-Stick to show slides (PDF format). If you want to use your own device to show your presentation, please come to the stage 15 minutes before the event so we can test the setup. If you want to have a talk, we'd like you to write a short e-mail to [email protected] . However, spontaneous contributions are also welcome if there's still some time left at the end. about this event: https://pretalx.c3voc.de/camp2023/talk/7ZXGUM/

In diesem Vortrag wollen wir euch einen Überblick geben über die digitale Sicherheitssituation von Journalismus weltweit. Spoiler: nicht so gut, und eher schlechte Aussichten. Außerdem erzählen wir ein bisschen was das Digital Security Lab bei Reporter ohne Grenzen anbietet, was wir tun und wie man Betroffene am besten an uns verweisen kann. about this event: https://pretalx.c3voc.de/camp2023/talk/EQKSYM/

We'll take a look at how DJI - dominating player for commercial and recreational drones - builds their software, specifically from a security angle. This talk will discuss DJI drones, most specifically the DJI Mini-series; looking at the hardware, discussing attack angles, up to a full compromise of a current drone for custom firmware purposes. Along the way, we'll look at a lot of security WTFs that allow to pwn these devices. The amount and quality of bugs sometimes feel like you're trapped in a very cool hardware CTF. We'll go from sniffing hardware busses, making fun of incorrect usage of SoC security features over to how DJI consistently and knowingly violates the GPL, into executing custom code on the flight controller and Linux system. about this event: https://pretalx.c3voc.de/camp2023/talk/PREGSS/

We‘re c3stoc - the CCC sticker operation center. After helping with the sticker distribution at 36c3 we had to find a solution to ensure new laptops wouldn‘t remain naked during the pandemic. During the last three years we organized remote sticker exchanges. Now it‘s time to share our learnings about exchanges and stickers! The idea was just to make sure CCC Congress doesn’t have one single sticker box with a one hour queue. And we actually still like that idea: A system of sticker boxes strategically placed in various assemblies, and a partnership with ChaosPost to ensure an even distribution of the stickers in the boxes. Year 1 - 36c3 - was a success and we were looking forward to doing it again. We didn‘t foresee that a year later we would be packing stickers in envelopes and sending them accross Germany and the world instead. December 2022 marked the third year of existence of the c3stoc remote exchange. In the last years we have designed, printed, received and sent a lot of stickers. We learned (almost) everything about paper quality, sticker sizes and shapes, about postage rules and how to pack stuff correctly, about which mistakes people make when creating stickers and about which designs communities around us love. We’re here to tell you how we organized the exchange, what we learned about sticker logistics and how to make really, really awesome stickers. about this event: https://pretalx.c3voc.de/camp2023/talk/VPL8WX/

Sharing experiences of two technical and educational projects that aimed to provide support for the decentralized grass movement in Sudan. showcase of two technical-sociopolitical projects ## Bid3a: The project aims to make socio-political interventions and creatively express themselves through the courage and symbolism of manipulating and artistically hacking tech devices around. At the core of their approach lies the intersection between art, technology, and political thought. Its strives to create something new and innovative by extensively exploring ready-made devices, operating systems, microcontrollers, and circuits. The objective is to expand their imagination, seeking to discover novel ways of socio-political existence and actively participate in the global discourse on cutting-edge technology, driven by the spirit of the ongoing Sudanese revolution. ## Sudan Civic Map: Sudan civic map is Counter-Militarisation Mapping project is a political statement that challenges the dominant narrative of the Sudan conflict. By foregrounding the experiences of civilian-led movements, the project aims to shift the focus from military-centric news towards the humanitarian efforts of these actors and alternative revolutionary practices. Through mapping and visual representation, the project asserts the importance of non-combatant actors in the Sudan conflict, subverting the conventional portrayal of the conflict as a two-party war. about this event: https://pretalx.c3voc.de/camp2023/talk/WHVPD3/

We will talk about the lately published Denail of Service attack abusing the Service Location Protocol. The research has shown that there are still protocols lurking in the dark to be explored and ab/used. The focus will be on basics of DoS attacks, then focus on SLP, the impact, defense mechanisms as well as the global attack surface. Furthermore, there will be some goodies in regard of other use-cases. Overview 1. Introduction to DoS attacks 2. Introduction to SLP 3. How is the attack working 4. Observations in the wild 5. Fun with SLP 6. Questions? 7. Finish about this event: https://pretalx.c3voc.de/camp2023/talk/NWDFBT/

[Delta Chat](https://delta.chat) is an e-mail based messenger that works on all platforms. Apart from an Whatsapp/Telegram-style user interface it features a security-audited [Rust-core library](https://github.com/deltachat/deltachat-core-rust), server [templates for setting up a state-of-the-art e-mail server](https://delta.chat/en/serverguide), many different bots, Matterbridge support and, last but not least, a way write standard web apps that can be shared in a chat (https://webxdc.org) which is now also experimentally supported by the XMPP Android messenger Cheogram. The talk will both discuss and demonstrate other unique features, among them QR-code based onboarding and support for protection against machine-in-the-middle attacks against end-to-end encryption, and we'll also provide glimpses in what's brewing for 2023/2024. about this event: https://pretalx.c3voc.de/camp2023/talk/UL7CQU/

Do you struggle at Attack/Defense style capture the flag (CTF)? Have you ever wondered how top teams can automatically steal tons and tons of flags and defend against attacks? Have you ever wondered what goes into succeeding at Attack/Defense? If so, this talk is for you. In this talk, we will take you behind the curtain of the top CTF team of 2022, the [‘organizers’](https://ctftime.org/team/42934). We will show you how we play Attack/Defense, what tools we use, our cursed strategies, and we will share some cool stories from our experience in major events like DEF CON CTF. about this event: https://pretalx.c3voc.de/camp2023/talk/YVGMLE/

Hidden inside basically every physical machine that needs precise control, PID loops are running the show. Quadcopters, self-balancing robots, and even the hot end of your 3D printer all use the same simple routines. Knowing how they work, deep down, and how to set their mystical three parameters is part art and part science, but it's nothing you can't pick up in a quick talk. Nothing explains complex math better than a few hands-on demos, and we'll definitely be tempting the fates here. By the end, you should be confident enough to code up your own PID routines from scratch and get started tuning. about this event: https://pretalx.c3voc.de/camp2023/talk/3HXEEC/

Die langjährigen CCC Badge Team Mitglieder schneider und Sec lassen sich von Andi auf der grauen Couch im C3VOC.tv Studio 1 ausfragen. about this event: https://pretalx.c3voc.de/camp2023/talk/1484/

Wetter, Verkehr, etc. about this event: https://pretalx.c3voc.de/camp2023/talk/3HFNWT/

Love it or hate it, blockchain has become a playground for technologists. Blockchain also fuels criminal ecosystems through major hacking incidents. In this talk, we aim to shed light on the most common bug types found in one of the main blockchain frameworks (Substrate) and provide insights and tools to find them. Blockchain bugs present unique challenges for developers and security testers. Drawing from several hundred blockchain security issues we reported, we identified five common issue types. We discuss the potential impact of each issue type and provide practical tips for testing blockchain systems. To promote accessibility to blockchain hacking, we release a fuzzer for Substrate-based chains. During the talk, we demo the fuzzer and showcase typical bugs, including arithmetic errors, reachable panics, and others. about this event: https://pretalx.c3voc.de/camp2023/talk/LMWGLZ/

## How can artificial intelligence support penetration testing? Most processes in for the penetration-testing cycle require detailed knowledge, time and human resources. While the are sophisticated scripts for the reconnaissance and various exploits, creating a detailed plan of the attack path can be complicated and laborious. The use of an enforcement learning algorithm can help penetration-testing identify the various attack vectors and provide a detailed overview of the system landscape. This can automate important aspects of the process and make it more efficient. We like show an overview, on how reinforcement learning can be integrated into the penetration testing process to gain automated access to a system landscape. To achieve this, we show approaches how an AI can be used for lateral movement within the system landscape to subject an entire landscape to the penetration-testing process. We like show an overview, on how reinforcement learning can be integrated into the penetration testing process to gain automated access to a system landscape. about this event: https://pretalx.c3voc.de/camp2023/talk/XBQFGK/

Cisco Meraki Ethernet switches are cloud-managed and require a license to function, or do they? In this talk I will discuss developing a FOSS firmware for various Meraki switch models and the challenges faced. This talk will include a hardware overview of various Cisco Meraki Ethernet switch models (past and present). We will look into the Cisco Meraki stock firmware, boot process, and switch management software. Finally, we will discuss the current state of support and what the future holds for open-source firmware on Cisco Meraki network devices. about this event: https://pretalx.c3voc.de/camp2023/talk/Z87KAX/

As the threat of ransomware continues to grow, many organizations look towards magnetic tape storage solutions to provide a last line of defense for their data. Tape has a number of interesting properties which set it apart from flash and spinning disk technology, such as an air-gap between the storage media and the reading/writing device, immutability of written data, and a long shelf life. These make it an attractive option for keeping data safe over longer periods of time. Doomsayers have long foretold the death of tape, yet there has never been more data stored on it than today. Tape system users include major financial institutions, government archives, and hyperscaler cloud providers, just to name a few. This presentation will give an introduction to data storage on tape media, potential attack vectors, and mitigations for these. This presentation will have two parts: A brief introduction to how magnetic tape works and is used in a data center, followed by security aspects from an operator's point of view. This presentation is of course just my thoughts on tape and in no way shape or form organized by, approved by, or representing the views of CERN the organization. about this event: https://pretalx.c3voc.de/camp2023/talk/CSYA7B/

Exploring the methodology and exploitation of physical security systems. Locks, access control and alarm systems with real life examples and the practical exploitation thereof. With digital security crossover. about this event: https://pretalx.c3voc.de/camp2023/talk/ADJX98/

How to hack the European Parliament by giving voters a voice in the decisions on the floor. Contacting your representative in Parliament is not as easy as it should be. What are their email addresses, phone numbers, social network profiles? Are they in Brussels or in Strasbourg right now? How much will it cost to call someone in France anyway? What should you even say to them? And does it even make sense to talk to that particular person, or are they so fundamentally opposed to your request that it would be a waste of time? The tool we are developing aims to bring citizens closer to their elected representatives. It empowers users to contact Members of the European Parliament (MEPs) efficiently and with a low entry barrier. The software takes the burden away from users to understand the EU and which MEPs are best to contact on a particular issue. It also knows how to contact them, and even allows the user to call them free of charge. DearMEP is being developed as a white label solution that can be applied to any EU level decision that has to be voted upon in the plenary of the European Parliament. NGOs that campaign around an EU decision can use the software to mobilize the public efficiently with the goal to influence particular plenary votes. Currently, the DearMEP software is tailored to address the whole European Parliament and to be used by citizens from all EU countries to contact MEPs from their countries. In this presentation, we would like to show you the current development state of this tool. We are planning to use DearMEP in the ongoing campaign against the chat control proposal. After that legislative file has concluded, we will release the software under the AGPL free software licence. During the CCCamp we will provide access to the current beta. We would love to hear your feedback. Drop us an email at [email protected]. about this event: https://pretalx.c3voc.de/camp2023/talk/7VSZTC/

In this talk, we will revisit some of the scariest stories we faced during more than 50 penetration testing and security research projects, with a twist. In the ever-emerging industry of automotive, with old and new OEMs trying to get a share of the pie, many things are at stake, with many things getting overlooked, forgotten, or even deliberately covered. We will go through a journey of critical findings in different targets and the constant battle between penetration testers, developers, and mid to upper management. This will help the audience get an understanding of how the industry behaves right now, what they (and what we) are doing wrong, and how the future of automotive security should be shaped, not only for the sake of security, but also for the sake of safety and reliability. This talk will try to raise awareness on the current state of automotive security, how does the industry behave in the whole spectrum of it (100-year-old OEMs to 2-year-old OEMs and Tier 1 suppliers) and ultimately try to propose a way forward for both the automotive and security industries, with the goal being a safer and more reliable future for everyone, in and out of the streets. Working with some of the biggest OEMs and Tier 1 suppliers on pre-production vehicles gave us an understanding and experience of the whole spectrum of developing a vehicle, from architectural design to homologation and sales. This led us in many realizations and pitfals that the automotive industry falls into, and in order to avoid another Miller/Valasek we have to educate the people of the industry. While most of the people/companies in this industry try to keep the gates closed for apparent reasons, we try to share as much as possible, with the hope of making a change to the industry that will have an impact on how and where it progresses in the future. about this event: https://pretalx.c3voc.de/camp2023/talk/UEHEVD/

Sex workers have always been at the vanguard of technology—in ways that protect and restrict their rights. Laws and policies that impact sex workers never stop at this population so it is imperative that these case studies reach general audiences concerned with human rights as a whole. This talk will include a history of surveillance mechanisms directed against sex workers and will focus on the ways and means that digital surveillance has been impacting sex worker rights of mobility and free expression in recent years. New laws enforcing the censorship of pornography and the collateral damages they levy on reproductive health and LGBTQ+ community building will be discussed as well as border crossing and payment processing. Information about how AI and facial recognition software target sex workers will be detailed as well as the tools, advocacy, social engineering strategies sex workers can use to fight back. This talk is not limited to sex workers and their allies. It will include a primer on why sex worker rights include all human rights and show evidence that these laws are not limited to sex workers at all. LGBTQI+ people and reproductive health activists will be immediately impacted as well as all people who believe in the freedom of information. about this event: https://pretalx.c3voc.de/camp2023/talk/8HF9X9/

Chiptune , 16 step looper, live performed on a NDSLite I make chiptune using Game Boys with the software called Nanoloop2. I will play for 1 hour. You might have heard my loops at Congress, GPN, SHA, CPU and MRMCD. I wrote a few new ones that I presented at GPN21 which can be heard here: https://www.youtube.com/watch?v=-VNmZGe2SN0 For other sound samples please visit my profile https://chaos.social/@bobo_pk or have a look at https://peertube.1312.media/w/cu1fPFfy49kgFhzs8NrgJp UPDATE: btr and nr4 will perform live visuals. I gave this workshop and am planning on doing it again on camp as SOS if you are interested. https://cfp.gulas.ch/gpn21/talk/L8CRA8/ about this event: https://pretalx.c3voc.de/camp2023/talk/MEMSEH/

Apple strongly emphasizes the security and privacy of its devices and services. I analyze the dual-hop architecture, deployed protocols, and inner workings of their privacy-centric, VPN/Tor-alike service iCloud Private Relay. I will talk about my reverse engineering process and falsify Apple's privacy by design and access control claims. Apple's iCloud Private Relay is a novel Internet privacy service allowing users to securely and privately browse the Internet. It is directly implemented into Apple's operating systems and included with all iCloud+ subscriptions. Compared to traditional VPN services, Private Relay's dual-hop architecture separates the knowledge of the user's IP address and their destination website between two different Relays. Apple operates the first Relay while the second one is by one of its four partners: Akamai, CloudFlare, or Fastly. Apple claims its architecture enforces enhanced protection of users' privacy ("privacy by design") while still providing a high-performance browsing experience. Their president of software engineering, Craig Federighi, even mentions that Apple does not want users to have trust in them. Further, the company claims its service incorporates anti-abuse and fraud prevention mechanisms. As Private Relay validates any connection at the account and device level, website operators can trust them. I reverse engineer Private Relay's macOS implementation, present its involved technical components and how they collaborate. With that gained knowledge, I analyze authentication and authorization mechanisms deployed by Private Relay regarding potential ways of abuse. Furthermore, I review the privacy claims regarding the architecture and its deployment. about this event: https://pretalx.c3voc.de/camp2023/talk/7RDPNH/

Rebuilding target files when source files have changed is seems easy, but is not. Commonly used build systems (make, ninja, etc.) are often unable to guarantee both that they rebuild only what needs to be rebuilt and that they do not rebuild what does not need to be rebuilt. I will show how to reliably encounter common build system failure modes and explain which architectural choices lead to those. Using DJB's “redo” design as an example, I will show how build system architecture determines if failure modes can be addressed at all. Lastly, I will speculate why many developers dismiss such issues before encountering them – and some even do afterwards. ”Listen Morty, I hate to break it to you, but what people call a build system is just a bunch of rules that compel computers to output garbage. It hits hard, Morty, then it slowly fades, leaving you stranded with a mis-compiled binary. I did it. Your friends are gonna do it. Break the cycle, Morty. Rise above. Focus on build correctness.” about this event: https://pretalx.c3voc.de/camp2023/talk/CFASNP/

Because a scheduled speaker didn't appear, BoboPK steps in and gives a short introduction und wrap up of the demoscene. The scene started with the home computer revolution of the early 1980s, and the subsequent advent of software cracking. Crackers altered the code of computer games to remove copy protection, claiming credit by adding introduction screens of their own ("cracktros"). They soon started competing for the best visual presentation of these additions. Through the making of intros and stand-alone demos, a new community eventually evolved, independent of the gaming: and software sharing scenes. about this event: https://pretalx.c3voc.de/camp2023/talk/ZHFJ7Q/

Logbuch:Netzpolitik (LNP) ist der Versuch, das netzpolitische Geschehen im deutschsprachigen Raum weitgehend neutral, unaufgeregt und meist gut gelaunt in einem regelmässigen Podcast einzufangen. Der Podcast soll Einblicke in die Themen aber auch Verständnis für die Hintergründe bieten. Aufzeichnung einer Live-Sendung auf dem Chaos Communication Camp 2023 in Mildenberg. Vor zahlreichen Gästen haben wir mit Julian Hessenthaler gesprochen, dem Initiator des Ibiza-Videos, das die Korruption der FPÖ-Eliten im allgemeinen und Heinz-Christian Strache im besonderen plastisch demonstriert hat und letztlich zum Scheitern der damaligen ÖVP-FPÖ-Koalition geführt hat. Wir sprechen mit Julian über seine Motivation, seine Erlebnisse, seine Erfahrungen, die Verfolgung, Anklage und Haft, die er letztlich erleiden musste und das System Österreich. about this event: https://logbuch-netzpolitik.de/lnp466-wodka-red-bull

Fireside Talk about the birth, life, death and rebirth of Hackerspaces about this event: https://pretalx.c3voc.de/camp2023/talk/8544/

Warum brauchen wir digitales (Bar-)geld? Welche Eigenschaften müsste eine gute digitale Währung haben? Wie könnte sich unser Alltag dadurch verändern? Und wie funktioniert das in der Praxis? Christian Grothoff (GNU Taler), Leena Simon (Digitalcourage) und padeluun (Digitalcourage) diskutieren, Publikumsbeteiligung erwünscht. Die etablierten bisherigen digitale Bezahlmethoden sind alles andere als anonym. Neben den klassischen nicht anonymen Bezahlmethoden durch Überweisung und Kreditkarte (die zunehmend nur noch über den Umweg großer Finanzdienstleister angeboten werden), gibt es privatwirtschaftliche Finanzdienstleister wie Paypal, Amazon Pay und Klarna, die jede Menge Daten sammeln und mit ihrer Marktmacht immer unausweichlicher werden. Darüber hinaus gibt es verschiedene Crypto-Währungen wie den Bitcoin, die aber auch nicht wirklich anonym sind. padeluun und Leena Simon erklären, wie sie sich digitales Bargeld vorstellen. Christian Grothoff ist einer der Erfinder des [GNU Taler](https://taler.net/de/index.html) und berichtet, welches Konzept hinter dem Freie Software-Bezahlsystem steckt und welche praktischen Feldversuche es damit bisher schon gab. about this event: https://pretalx.c3voc.de/camp2023/talk/CVYSWW/

. Chaos Family about this event: https://pretalx.c3voc.de/camp2023/talk/1852/

Since the last time, we were all at camp, several significant changes have happened within the Tor network ecosystem, both technically and socially. In this presentation, we will review some exciting recent updates to the Tor network and look into the world of bad relay tracking, general network health observations, and the situation where multiple extensive Denial of Service attacks have caused a slowdown of the overall network performance. We wish to guide the audience through a number of new technologies that have been added to the network. These innovations include a modern congestion control mechanism, our multi-path circuit feature, Conflux, and a Proof-of-Work (PoW) mechanism to help against Onion Services attacks. Additionally, we will discuss some upcoming changes to the current C Tor code base and our journey towards a Rust Tor relay implementation as part of our Arti re-implementation of Tor. Finally, in addition to the technology modifications, we also would like to talk about some of the social developments happening with the network, amongst others, a new mechanism for handling incoming technical and social proposals from the greater Tor community. about this event: https://pretalx.c3voc.de/camp2023/talk/SMB8SM/

Die Themen von Tag 3 about this event: https://pretalx.c3voc.de/camp2023/talk/W7LLWD/

Aus dem Leben und der Arbeit einer Bundestagsabgeordneten Nach kurzer Vorstellung und Intro könnt Ihr mich alles fragen. Als digitalpolitische Sprecherin der Linksfraktion im Bundestag beantworte ich gern Eure Fragen zum Geschehen im Bundestag, zu digitalpolitischen Themen oder zu allem, was Ihr mich schon immer mal fragen wolltet. about this event: https://fahrplan.alpaka.space/camp-2023/talk/SDESSA/

Freifunk Open-MPPT is an expanding Open-Hardware and Open-Software development project for efficient and resilient energy autonomous infrastructure like communication nodes, environment monitoring, irrigation – and more. The talk presents the currently available models, evolution, scope of current use and presents an outlook of what might follow in the future. The OpenMPPT development project was initiated by Freifunk in 2017 with the first design handling up to 50 Watt PV (solar) power. The intended application was to build cheap and effective solar WiFi mesh nodes with telemetry. At the time of the project's initiation, there were no small and low-cost solar charge controllers available that included maximum power point tracking. Maximum Power Point Tracking is a technique used in solar power systems to optimize the power output from the solar panels by tracking the point where the panels can deliver the maximum amount of power. The OpenMPPT project aimed to fill this gap and provide an open, cost-effective, and repairable DIY alternative for individuals and development NGOs who look for open hardware and software solutions. Initially, the idea was not to replace or compete with more powerful closed hardware and closed software Maximum Power Point Trackers on the market. However, people and development NGOs kept asking for more power and features like the possibility of adding sensors or building irrigation systems, because they want open hardware and software solutions. The development of the Freifunk-OpenMPPTs is following sue. The newer and expanded FF-ESP32 generations of OpenMPPT controllers are based on the ESP32 MCU by Espressif and can handle up to 400 Watt solar power. They can not only power communication nodes, but also solar powered servers in communities that live off-grid or have unstable power. However, people keep on asking for more power... about this event: https://pretalx.c3voc.de/camp2023/talk/EMBRHS/

Seit 2018 gilt in Europa die DSGVO. Doch kaum einer hält sich daran. Datengetriebenes Online-Marketing verstößt jeden Tag millionenfach gegen Datenschutzrecht. Nicht nur die bekannten Big Player wie Google und Meta handeln mit Profilen von Millionen von Menschen und analysieren jede Interaktion beim Surfen. Spätestens seit der Corona-Pandemie setzen auch öffentliche Stellen wie Universitäten im Zuge einer fehlgeleiteten Digitalisierung Werkzeuge ein, mit denen Menschen überwacht werden. Viele Unternehmen nutzen IT-Tools, deren Funktionsweise sie kaum durchsteigen und deren Sicherheit sie nicht gewährleisten können. So sorgen sie dafür, dass sensible Daten über Betroffene offengelegt werden. Behörden und die Zivilgesellschaft gehen seit mehreren Jahren gegen Verstöße gegen die DSGVO vor. Doch die behördliche Rechtsdurchsetzung verläuft schleppend. Es gibt einen weiteren Weg: Betroffene und Verbände können vor Zivilgerichten ihre Rechte einklagen. Zum Beispiel die Unterlassung einer Datenverarbeitung, die Löschung personenbezogener Daten und sogar Schadenersatz. Wie datenschutzrechtliche Gerichtsverfahren ablaufen, wie Tracking und Datenhandel im Zivilverfahren nachgewiesen werden können und wie man Richter:innen das Internet erklärt, berichten die Rechtsanwält:innen Elisabeth Niekrenz und Tilman Herbrich. about this event: https://pretalx.c3voc.de/camp2023/talk/S7DPYT/

Three years ago, I started what I thought would be a six month project to implement some CAM software for 3D printing purposes, without using any of the existing geometry kernels. How hard can it be, right? I made some choices that seem weird but were done for very good reasons, and ended up implementing some things that are actually new and exciting. Here’s the story of the adventure so far. As the adoptive maintainer of one piece of 3D printing toolchain (ImplicitCAD, a programmable 3D modelling tool), I made the possibly unwise decision to implement another part of the toolchain - HSlice, a slicer. For a number of reasons I’ll get into in detail later, I decided to not use any of the existing multi-million-LoC geometry kernels, to implement the whole thing from first principles in Haskell, and to use some exciting new mathematics. All of those decisions were made for good reasons, and all of them came back to bite me. I’m here to tell you about what I’ve built so far, how I ended up as the singular intersection of these technologies, and how much I hate floating point. Then, I’ll tell you what it’s like implementing things whose only documentation is research papers, with math developed this century and algorithms that are still in development now. I’ll tell you about some incredibly cool algorithms involving crashing Austrian motorcycles and attempt to recruit you to work on this stuff too, for free. about this event: https://pretalx.c3voc.de/camp2023/talk/7KRCLF/

Die Sondersendung ist ein Podcast-Format des Sendezentrums. Bei dieser Sondersendung wollen wie mit Jugendlichen über ihre Erlebnisse vom Camp sprechen. Wir (Simon, Ebu und Gero) vom [Sondersendung Podcast](https://das-sendezentrum.de/sondersendung) erklären erstmal, was **Live-Podcasting** von einem normalen Vortragsprogramm unterscheidet und wie wir Gero und Ebu von remote zuschalten und trotzdem unsere einzelnen Spuren aufnehmen können. Wir sprechen darüber, wie man Podcasts verwenden kann, um Wissen und Ideen zu verbreiten. Außerdem haben wir **auf der Bühne zwei Plätze frei**, auf die ihr Euch setzen und mit uns sprechen könnt (Achtung: ihr seid dann live und im Nachgang als Aufzeichnung offen im Internet zu sehen). Wir werden mit Euch über zwei Frage sprechen: 1. Hört Ihr Podcast? Wenn ja, welche und was sind Eure Lieblings-Podcasts? Habt ihr selber schon mal Podcasts gemacht? 1. Was habt ihr hier auf dem Camp schon gemacht? Habt ihr Tipps, was die anderen auf jeden Fall bis Samstag noch erleben sollten? Wer dann Fragen zu Podcasting hat, kann direkt auf uns zukommen, auf dem Camp ins [Sendezentrum Village](https://events.ccc.de/camp/2023/hub/camp23/de/assembly/sendezentrum/) kommen oder sich jederzeit in der [Sendegate-Community](https://sendegate.de) anmelden. about this event: https://fahrplan.alpaka.space/camp-2023/talk/EJVJ3P/

Stopping global heating does not just mean building solar panels and wind turbines, and switching to electric vehicles. Many industrial processes have carbon emissions that cannot be avoided with today's technology. Producing cement, steel, glass, plastics, aluminium, and many other products will require new production processes. In the talk, I will discuss some of these examples and the huge challenges that come with these changes. Some background: * https://industrydecarbonization.com/ * https://www.golem.de/news/die-fossilfreie-chemiefabrik-von-elektrischen-crackern-und-gruenen-olefinen-2204-163344.html * https://www.golem.de/news/industrie-wie-die-glasindustrie-vom-erdgas-abhaengt-2206-165969.html about this event: https://pretalx.c3voc.de/camp2023/talk/MRSFXH/

Space missions need data networks, and it's not exactly a TCP/IP world up there. This talk will give an introduction to space data networks. Challenges at the physical layer are not in scope. Instead I will illustrate protocols, routing algorithms, and other schemes that were designed for networking in space. Space Communication is, as many others, a fractured discipline, with many idiosyncratic solutions built for the needs of specific missions. Someone with decades of specialized industry experience could surely give a good picture of recurring problems and industry practices. Unfortunately I don't have those, but thankfully the people who do have been writing standards. (The presupposition becomes less and less true with time anyway, as agencies look towards inter-mission and inter-agency interoperability.) The primary basis for this talk are various documents, published by relevant working groups of the CCSDS and IETF. This talk will be about the protocol ecosystem used in space networking, highlighting some clever technical solutions, and ending on some visions and challenges for the future. I presuppose some knowledge of classic internet protocols and the ISO-OSI layer model, but you should be able to follow the talk without it. (also check out: https://pretalx.c3voc.de/camp2023/talk/YZQYW9/ (german)) about this event: https://pretalx.c3voc.de/camp2023/talk/7FHFZA/

Über die Konstruktion und den Bau eines Scanners, um die Überwachung durch die sogenannte Chatkontrolle zu verdeutlichen Regelmäßig gibt es politische Vorhaben, die Kommunikation von Bürger:innen massenhaft zu durchleuchten und auszuwerten. Wie verdeutlicht man Menschen die Gefahren, die derartige Systeme darstellen, wo die Technik dahinter sich doch so abstrakt anfühlt, nicht greifbar ist und "man ja sowieso nichts zu verbergen hat"? Anlässlich des neuesten Vorstoßes der EU-Kommission, der sogenannten Chatkontrolle, versucht Digitalcourage diese Überwachung greif- und sichtbar zu machen. Entstanden ist eine kleine Maschine, die die auf einem Smartphone gespeicherten Inhalte scannt und auswertet. In diesem Talk werden wir über die Idee, Planung und den eigentlichen Bau der Elektronik, Hard- und Software sprechen. Selbstverständlich ist auch jede:r eingeladen, sein mobiles Endgerät zum Schluss selbst auf illegales Material zu prüfen. about this event: https://pretalx.c3voc.de/camp2023/talk/KGKGBB/

A discussion with Jeremy Hammond and Gabriella Coleman on the evolution of digital resistance, from direct action hacking to whistleblowing. How can hacktivists synergize with street activism to enact revolution? Can the lulz beat back the techno-fascist dystopia and their infosec enablers? We'll present strategies to strengthen decentralized networks, challenge government repression, and practice international solidarity. A discussion on the evolution of digital resistance, from direct action hacking to whistleblowing. How can hacktivists synergize with street activism to enact revolution? Can the lulz beat back the techno-fascist dystopia and their infosec enablers? We'll present strategies to strengthen decentralized networks, challenge government repression, and practice international solidarity. about this event: https://pretalx.c3voc.de/camp2023/talk/CLKXXG/

about this event: https://pretalx.c3voc.de/camp2023/talk/8830/

Kurze Erklärung wie DNA bzw Phosphoramiditsynthese funktioniert. DNA ist der code des Lebens. Theoretisch kann jeder im Labor DNA synthetisieren. Die Technik dahinter heißt Phosphoramidit-Synthese und ist auch für Informatiker spannend. about this event: https://pretalx.c3voc.de/camp2023/talk/3YQS3E/

Politik und Verwaltung sind auf kompakte Informationen angewiesen. Ist die Wirklichkeit zu komplex, so wird sie auf Indikatoren reduziert. Dieser Talk beleuchtet den Digitalisierungsprozess am Beispiel des "Monitoring häufiger Brutvögel", dessen Zahlen in Indikatoren auf Bundes- und EU-Ebene eingehen. Die Erfassung von Rohdaten im Gelände war lange Handarbeit, seit letztem Jahr läuft sie fast automatisch. about this event: https://pretalx.c3voc.de/camp2023/talk/JECUTC/

We've all been there, we knocked a company offline while doing some well intended security testing. How many requests per second is considered ethical? How deep into a system can you go, dump the database or not? Reverse shell or touch /tmp/pwned? What are YOUR ethical boundaries? What is ethical? and why? Is buying credentials of the dark web ethical? Is fuzzing a server in a broom closet with millions of requests ethical? Did you know it was a raspberry pie in a broom closet? This talk discusses ethical boundaries, the existence and lack of them, but also the grey areas in between. The spark for this talk has been initiated from the need to ensure that all forms of security testing would be beneficial to all parties concerned and within some ethical boundaries. From secret hacking techniques to open blog posts and CVE's. Hopefully this talk will spark some discussions within the community so we can all go home with a clear conscience and preserve moral high ground. about this event: https://pretalx.c3voc.de/camp2023/talk/ANGUCW/