PLAY PODCASTS
Chaos Computer Club - archive feed

Chaos Computer Club - archive feed

14,494 episodes — Page 77 of 290

Guardians of the Dutch healthcare (MCH2022)

In 2017 (just before SHA2017) the Dutch healthcare sector came together to create Stichting Z-CERT, the Zorg Computer Emergency Response Team. A nonprofit to protect and advise the Dutch Healthcare sector. What started as a small startup has now grown into a scaleup with the ambitions to match. The COVID-19 pandemic restarted the discussion about whether or not healthcare is vital infrastructure. With NIS2 the role and importance of Z-CERT will only grow from here on. This talk is not to intended to be a corporate “Look how great we are and what kind of sexy products we have. BUY OUR STUFF.” No, we want to simply show what we do and what we learned in 5 years of being a CERT. This might help our (future) fellow CERT’s and the community. This talk is not to intended to be a corporate “Look how great we are and what kind of sexy products we have. BUY OUR STUFF.” No, we want to simply show what we do and what we learned in 5 years of being a CERT. These lessons include: - how to startup a sectoral CERT - How to build a community of members of your constituency - Connecting with fellow CERT organizations - Tools of the trade This might help our (future) fellow CERT’s and the community. about this event: https://program.mch2022.org/mch2022/talk/RHXDFR/

Jul 26, 202226 min

SSH Configuration, Intermediate Level (MCH2022)

So, you know how to "use" the ssh command line? You enter connection parameters like username, hostname or private key every time you need to connect? You manually log into the jump/bastion host when connecting to your target host? Then come to this session and learn how you can make your life easier and your work more efficient by using custom config files and a tiny little bit of preparation. So, you know how to "use" the ssh command line? You enter connection parameters like username, hostname or private key every time you need to connect? You manually log into the jump/bastion host when connecting to your target host? Then come to this session and learn how you can make your life easier and your work more efficient by using custom config files and a tiny little bit of preparation. In addition, we will also cover common best practices and improvements to your current SSH setup. You will benefit the most from this talk, if you have used SSH before. SSH novices are welcome as well, SSH experts may drop by for the bad jokes. The target audience for this talk is people with a beginner/intermediate understanding of SSH. about this event: https://program.mch2022.org/mch2022/talk/KHWLR9/

Jul 26, 202248 min

Computing within Limits (MCH2022)

The LIMITS workshop concerns the role of computing in human societies affected by real-world limits*. As an interdisciplinary group of researchers, practitioners, and scholars, we seek to reshape the computing research agenda, grounded by an awareness that contemporary computing research is intertwined with ecological limits in general and climate- and climate justice-related limits in particular. LIMITS 2022 solicits submissions that move us closer towards computing systems that support diverse human and non-human lifeforms within thriving biospheres. For example, limits of extractive logics, limits to a biosphere's ability to recover, limits to our knowledge, or limits to technological "solutions". The LIMITS workshop concerns the role of computing in human societies affected by real-world limits*. As an interdisciplinary group of researchers, practitioners, and scholars, we seek to reshape the computing research agenda, grounded by an awareness that contemporary computing research is intertwined with ecological limits in general and climate- and climate justice-related limits in particular. LIMITS 2022 solicits submissions that move us closer towards computing systems that support diverse human and non-human lifeforms within thriving biospheres. For example, limits of extractive logics, limits to a biosphere's ability to recover, limits to our knowledge, or limits to technological "solutions". The LIMITS workshop concerns the role of computing in human societies affected by real-world limits*. As an interdisciplinary group of researchers, practitioners, and scholars, we seek to reshape the computing research agenda, grounded by an awareness that contemporary computing research is intertwined with ecological limits in general and climate- and climate justice-related limits in particular. LIMITS 2022 solicits submissions that move us closer towards computing systems that support diverse human and non-human lifeforms within thriving biospheres. * For example, limits of extractive logics, limits to a biosphere's ability to recover, limits to our knowledge, or limits to technological "solutions". https://computingwithinlimits.org/2022/ about this event: https://program.mch2022.org/mch2022/talk/FSYNES/

Jul 26, 202243 min

What to do when someone close to you takes their life and you are not Tech-Savvy (MCH2022)

My son Jurre and I got involved in helping less Tech-Savvy people find answers and recover precious data after someone close to them took their own life. This lecture describes our challenging and emotional journey as we hope to inspire others to follow our path. <a href="https://www.flickr.com/photos/dvanzuijlekom/24004514008/in/album-72157687649725580/">Picture of Jurre and Jilles</a> by <a href="https://www.flickr.com/photos/dvanzuijlekom/">Dennis van Zuijlekom</a> is licensed under <a href="https://creativecommons.org/licenses/by-sa/2.0/">CC BY SA 2.0</a> After several talks about Hardware Hacking this talk will be one on a more serious matter. After someone takes their life and the police closes their case, the next of kin may still have questions that are left unanswered. This talk is about our journey from being nerds helping out with computer problems to specialists trying to help the next of kin find answers to questions they might still have. And as this talk will be hosted for computer specialist who spend quite some effort making sure they are protected from external threat ask yourself this question; Will your loved ones be able to control the infrastructure or even have access to the family photo's when you pass away? about this event: https://program.mch2022.org/mch2022/talk/7PZANM/

Jul 26, 202233 min

What can AI learn from your face? (MCH2022)

HowNormalAmI.eu is an interactive documentary that showcases how algorithms judge your beauty, age, gender, weight, life expectancy and emotions by simply looking at your face. The project not only shows how face recognition technology is entering our everyday lives, but it lets you experience these judgements yourself in a safe and privacy friendly way. This talk will zoom in on one algorithm that tries to deduce your Body Mass Index (BMI). The 'making of' will discuss the ethical questions it raised, the dubious science behind it, the dodgy data sources, and the surprising companies that are playing around with this technology. HowNormalAmI.eu is an interactive documentary that showcases how algorithms judge your beauty, age, gender, weight, life expectancy and emotions by simply looking at your face. The project not only shows how face recognition technology is entering our everyday lives, but it lets you experience these judgements yourself in a safe and privacy friendly way. Dutch artist Tijmen Schep has created this interactive experience to reveal how we are increasingly being judged on our face. For example, dating websites like Tinder uses beauty scoring algorithms to match people who are about equally attractive. Services like HireVue claims to find the optimal job applicants based on their 'micro expressions'. This talk will zoom in on one algorithm that tries to deduce your Body Mass Index (BMI) from your face. The 'making of' will discuss the ethical questions it raised, the dubious science behind it, the dodgy data sources, and the surprising companies that are playing around with this technology. Since its launch in september of 2020 the project has been viewed over 185.000 times. If you want to find out if you're more attractive than the Spice girls, make sure you visit www.hownormalami.eu about this event: https://program.mch2022.org/mch2022/talk/TKPHQJ/

Jul 26, 202230 min

Introduction to MQTT, Node-RED & Tasmota (MCH2022)

A demonstration of the power of MQTT in combination with Node-RED. We'll also take a look at the "universal" Tasmota firmware for ESP8266 and ESP32-based devices. This all to hopefully make you enthusiastic to start building your own projects with these building blocks. A demonstration of the power of MQTT in combination with Node-RED. We'll also take a look at the "universal" Tasmota firmware for ESP8266 and ESP32-based devices. This all to hopefully make you enthusiastic to start building your own projects with these building blocks. MQTT is a very light message transport mechanism that uses a standard network connection and a subscribe-publish protocol to get messages from one device to one or more others in the network in a structured manner. Node-RED is a programming tool for wiring together hardware devices, APIs and online services very suited for working with MQTT messages. Tasmota started as a universal firmware for ESP8266/8285 IoT-devices, now with added support for the ESP32 and it comes with MQTT-support out of the box. With these tools, a raspberry pi and a few lines of script, we can start building home automation or whatever you want. about this event: https://program.mch2022.org/mch2022/talk/B3REPR/

Jul 26, 202233 min

Where did all the parts go - the 202x component availability trashfire (MCH2022)

Since early 2021, it has been impossible to buy most integrated circuits and various other components. I'll explain how and why this happened, why it's going to keep happening, and where the fragility of the electronics manufacturing ecosystem comes from. A terrible miscalculation by one unrelated industry (car manufacturing) caused the entire electronics market to fall apart in a spectacular way, meaning that for over a year now it's been impossible to buy many important electronic components, including most ICs. I'll talk about how the electronics component ecosystem is structured, why it's inherently fragile, and how everyone acting in their own best interest has made the problem worse. I'll also share some stories about working around supply issues at various companies and projects I've been involved with during this period. Come hear a fireside chat about how car companies are trash, how you can build a world economy on shortsightedness, and how two conference calls can bring down the entire world's supply of essential parts. about this event: https://program.mch2022.org/mch2022/talk/QKKTTH/

Jul 26, 202230 min

Sensor.Community - Global Open Environmental Data Platform (MCH2022)

Sensor.Community - Global platform for Open Environmental Data We invite you to become part of Sensor.Community. The worldwide largest Air Quality sensor network run by contributors generating Open Data. Build a sensor, collect Open Data, share it in a continuous stream with the global network and join forces in local Sensor.Community groups. Sensor.Community is the global platform for environmental open data. We provide the software and assembly guide for the DIY sensor kits for citizen empowerment. Mission Statement: Sensor.Community is a contributors driven global sensor network that creates Open Environmental Data. Our mission is to inspire and enrich people’s lives by offering a platform for the collective curiosity in nature that is genuine, joyful and positive. Sensor.Community started 2015 in Stuttgart / South Germany as a local project. The goal then was the deployment of 300 low cost Air-Quality sensors in Stuttgart. These devices should be easy to build for everyone. Until now the platform has grown to more than 14.000 sensors in over 70 countries (January 2022). These sensors are measuring environmental data as Air-Quality, temperature, pressure and relative humidity. You can see the live values on the live map at Maps.Sensor.Community. Everything ever measured is available as Open Environmental Data. You can download all historical Open Data. To participate you can join a local group which you can discover on the community layer of the map where live values are displayed. -> https://maps.sensor.community/#2/0.0/0.0 We invite you to become part of the community. Build a sensor, generate Open Data, share it in a continuous stream with the network and join forces in local Sensor.Community groups to analyse it. Find like-minded people which care about the environment and the implications on our health. Stay informed and exchange with your neighbours. Once the sensor tube is connected to the network its measured values are available live on the map at Sensor.Community. These values are refreshed every 2 ½ minutes and enable all citizens to see how the situation is around them. The available historical Open Data of all ever measured values enable other projects to serve citizens with other specific services and functionality. Sensor.Community is here to serve citizens on a global layer with environmental Open Data. Our focus is to add further sensor methods, collaborate with institutions as RIVM.nl on data standards and better integrations in their daily work. One great example here is the integration of the Open Data from Sensor.Community into the Data-portal of the National Institute for Public Health and the Environment in the Netherlands at RIVM.nl about this event: https://program.mch2022.org/mch2022/talk/GNVPXC/

Jul 26, 202248 min

hack your brain (MCH2022)

Food affects your body, food affects your mind. This talk describes how the performance of my brain has decreased over time and has returned by changing my diet. Basic food is not enough for your brain to deliver exceptional performance. Come with us and open your mind. Let your remedies be your food and your food be your remedies. Just think about it, I'm eating all day and losing weight. To be wide awake and in your right mind without "Club Mate" or coffee. Great recipes with three ingredients in a blender in seconds. Step by step with food to healing. Can you imagine a tasty gourmet cleansing cure? Results are better appearance, feel reborn, more powerful, mentally more stable, stress-resistant. Hack your food. A report of personal experience and feelings. about this event: https://program.mch2022.org/mch2022/talk/ZZVHAL/

Jul 26, 202243 min

A Smart Light Hacking Journey (MCH2022)

Smart lights have become pervasive in many homes, but they are often designed in such a way that makes them completely reliant on the manufacturer's servers and connectivity to the Internet. However, we would much rather be fully in control of our own devices. As a target, we took on the cheap and popular Tuya white-label smart lights, which can be commonly found under many different brand names. In this talk, we'll take you on a trip through our 1-year journey of hacking these devices, including the details of finding and remotely exploiting a vulnerability in the firmware for devices based on the custom BK7231 SoC. Smart lights have become pervasive in many homes, but they are often designed in such a way that makes them completely reliant on the manufacturer's servers and connectivity to the Internet. However, for people who want full control of their own devices, there weren't many affordable and easily usable options. One such option became available near the end of 2018 when a vulnerability was discovered in the firmware of smart devices manufactured by Tuya Smart. Shortly after the discovery of said vulnerability, a project by the name of tuya-convert popped up. It allowed its users to remotely flash Tuya devices with custom firmware by exploiting the - at the time - new vulnerability. By 2020, however, tuya-convert stopped working for an increasing number of new devices. The manufacturer had patched the vulnerability, and unexploitable devices have begun showing up on the market. That's when we decided to look for the next vulnerability for Tuya's smart devices in order to allow remote custom firmware flashing once more. We spent some time hacking on early devices which were based on the ESP8266 platform, and a while later switched to the newer devices based on the custom BK7231 SoC. During the course of our research, we found issues in firmware on both platforms and rediscovered some helpful reversing techniques. In this talk, we'll cover our research journey with its ups and downs on both platforms, as well as the details of a memory corruption vulnerability which we exploited on the BK7231-based devices. about this event: https://program.mch2022.org/mch2022/talk/WKJKEY/

Jul 26, 202248 min

How to Secure the Software Supply Chain (MCH2022)

Open source code makes up 90% of most codebases. How do you know if you can trust your open source dependencies? Do you know what’s really going on in your node_modules folder? It is critical to manage your dependencies effectively to reduce risk but most teams have an ad-hoc process where any developer can introduce dependencies. Software supply chain attacks have exploded over the past 12 months and they’re only accelerating in 2022. We’ll dive into examples of recent supply chain attacks targeting the JavaScript, Node.js, and npm ecosystems, as well as concrete steps you can take to protect your apps, projects, and teams from this emerging threat. Open source code makes up 90% of most codebases. How do you know if you can trust your open source dependencies? Do you know what’s really going on in your node_modules folder? It is critical to manage your dependencies effectively to reduce risk but most teams have an ad-hoc process where any developer can introduce dependencies. Software supply chain attacks have exploded over the past 12 months and they’re only accelerating in 2022. We’ll dive into examples of recent supply chain attacks targeting the Node.js, JavaScript, and npm ecosystems, as well as concrete steps you can take to protect your apps, projects, and teams from this emerging threat. Takeaways for this talk: 1. Understand the scope of the supply chain threats against the open source ecosystem, specifically with a focus on JavaScript, Node.js, and npm. 2. Review of our work to audit every open source package on npm to detect the following types of attacks: malware, typo-squats, hidden code, misleading packages, permission creep 3. Specific examples and code walk-throughs of actual malware that was found on npm 4. Discussion of existing methods and tools for detecting supply chain attacks against open source, including limitations 5. Introduction of new open source tool which helps detect supply chain attacks in real-time about this event: https://program.mch2022.org/mch2022/talk/VWGMEH/

Jul 26, 202247 min

Reproducible Builds for Trustworthy Binaries (MCH2022)

Reproducible Builds is a technique that can be used to secure the software delivery pipeline. For open source software, they even allow independently auditing published binaries, removing a single point of trust from the distribution process. This can be used by individual projects or even complete Linux distributions. The software delivery pipeline is an increasingly popular attack vector: even when your project source code is known-good (audited), an attacker can inject malware by gaining access to the machine used to build (and sign) the binaries. Reproducible Builds provides a mechanism to counter such attacks: by building the same source code on independently-administered machines and comparing their outcome. Several Linux distributions (Debian, Arch, openSUSE, NixOS, OpenWrt, ...) are working towards using Reproducible Builds to make their binary packages independently verifiable, but also individual projects use it to verify their deliverables. This talk will give an overview of progress, results and next steps. about this event: https://program.mch2022.org/mch2022/talk/E33B8K/

Jul 25, 202231 min

illumos SmartOS, specialized Type 1 Hypervisor (MCH2022)

Overview of **SmartOS** - an illumos based distribution with **focus of virtualization**. Must be named technologies used by SmartOS: ZFS, Crossbow, Zones, DTrace, Bhyve. The talk will show you the benefits of SmartOS; Configuration and management of SmartOS virtualization technologies; Tooling on top of SmartOS. SmartOS is a specialized Type 1 Hypervisor platform based on illumos. It supports two types of virtualization: - OS Virtual Machines (Zones): A light-weight virtualization solution offering a complete and secure userland environment on a single global kernel, offering true bare metal performance and all the features illumos has, namely dynamic introspection via DTrace - Hardware Virtual Machines (KVM, Bhyve): A full virtualization solution for running a variety of guest OS's including Linux, Windows, *BSD, Plan9 and more Virtualization in SmartOS builds on top of the foundational illumos technologies inherited from OpenSolaris, namely: - ZFS for storage virtualization - Crossbow (dladm) for network virtualization - Zones for virtualization and containment - DTrace for introspection - SMF for service management - RBAC/BSM for auditing and role based security - And more about this event: https://program.mch2022.org/mch2022/talk/SNNLNX/

Jul 25, 202227 min

Payment terminals as general purpose (game-)computers (MCH2022)

What is inside a Verifone VX820 payment terminal and how can we run our own code (i.e. Doom) on it? This is a story of a software guy messing around with an interesting embedded device. It includes some reverse engineering, *interesting* security practices, proprietary executable formats, and a game of bootloader hopscotch. Starting with an overview of the Verifone VX820 payment terminal's hardware and software, we will follow my curious exploration with the final goal of arbitrary code execution. We will see how such seemingly single-purpose devices actually allow for general purpose computing under the hood, and even contain all the peripherals needed for a fun (retro-)gaming experience. I will show the struggles and practicalities of turning a (previously found and published) bootloader vulnerability into a practical exploit. This includes some reverse-engineering of bootloaders, kernel code, communication protocols and file headers. Following this I will cover the "engineering" part: how to construct a minimum viable "toolchain" to be able to port a codebase like Doom. There will be demos of the exploit and some programs that have been ported :) about this event: https://program.mch2022.org/mch2022/talk/PBTBJG/

Jul 25, 202242 min

Introducing CSIRT.global: if you love the internet, we need your help (MCH2022)

The Dutch Institute for Vulnerability disclosure goes international. We’re building a community of enthusiasts to help stop the downward spiral of the internet, we’re calling it CSIRT.global. It’s aimed at international collaboration. Trust and communication, balanced with a sense of reality about the sensitive information we deal with, are key. Here’s how you can help, one vulnerability at a time. The internet is wonderful. It is also broken and spiralling downward. Governments and big tech often don’t serve the interests of internet enthusiasts. Some people decided to “be the change”. In 2019, The Dutch Institute for Vulnerability was founded, and now it has over 70 volunteers. You have likely heard of our work, like Citrix and Kaseya. Communication is key in disclosing and informing organizations. Internationally, this can pose a real challenge. Therefore, we are building an international community, and we’re calling it CSIRT.global. Trust and communication are key. In this talk, you will learn why we’re expanding, what our challenges are, how we deal with sensitive information, and why it’s logical a volunteer organisation takes the lead. Finally, you’ll learn how you can help. about this event: https://program.mch2022.org/mch2022/talk/ZY39UT/

Jul 25, 202224 min

Successfully building and programming sound field control systems (MCH2022)

We will walk through the basics of sound field control systems and what you would need to build your own Wave Field Synthesis and Beamforming enabled system. We will unveil some of the challenges we faced at HOLOPLOT and what solutions power our tech stack. Most of us are very familiar with multiple ways of manipulating or creating audio content; filters, effects, synthesizers, etc., and most certainly don’t think about where the audio content is going to be reproduced. What if I told you your creativity could go further, and you can also control how sound is being reproduced? In this talk, we will learn about sound field generation and control systems, their benefits, and everything you need to build your own Wave Field Synthesis and Beamforming system. Additionally, we will unveil some of the implementation and infrastructure challenges we faced and solved at HOLOPLOT and then let you hear what a HOLOPLOT Matrix Array can actually do. about this event: https://program.mch2022.org/mch2022/talk/JN39DH/

Jul 25, 202249 min

Knock knock, who’s there? (MCH2022)

One of the most used video entry systems is analysed for this talk. Severe security implications that range from passive, information gathering, attacks to active attacks where unauthorised access to buildings can be gained. During the talk the technical details of the bus system will be discussed and multiple attackvectors will be demonstrated. At the end of the talk the disclosure procedure to high value targets and the manufacturer are also discussed. Feeling safe at home and at work is one of the most basic requirements for living. Part of being, and feeling, safe is the physical access system of the building. For this talk the video intercom system designed and manufactured by one of the most used brands in building access control and video entry technology is… evaluated. In order to paint a picture of the magnitude of the security implications it is good to mention that this system is not just used in apartment buildings but also in government offices such as the probation office in The Netherlands. The talk will discuss the technical aspects of the bus system and how and why this has major security implications. Not only passive attacks will be shown but also more active attacks that can compromise physical security in the buildings where the system is used. The talk will also include how disclosure to some potential targets was done. The reaction from the manufacturer will also be discussed in the talk. about this event: https://program.mch2022.org/mch2022/talk/NV9RBY/

Jul 25, 202222 min

Single Sign-On: A Hacker's Perspective (MCH2022)

This talk gives an introduction in how single sign-on protocols (such as SAML, OAuth 2, and Open ID Connect) work. Subsequently, I will talk about the most commonly found vulnerabilities in these protocols. Finally, I will show various ways to resolve these vulnerabilities. Single sign-on remains a hot topic in 2022. Many organisations are in the process of moving identity management and authentication out of of their application, and offload it to an identity provider. By doing so, application owners hope to avoid the challenges that come with identity management. However, the application will still needs to obtain the user’s identity from the identity provider, which is done using a single sign-on protocol. Unfortunately (or fortunately?), single sign-on protocols are difficult to get right. Flaws in the implementation of single sign-on protocols can have serious consequences. In the worst case, such flaws allow hackers to log into the application as an arbitrary user. And this is not just a theoretical risk, but something I encounter in my work as ethical hacker on a regular basis. I will start this talk by giving an introduction to some of the protocols that are commonly used to achieve single-sign on. Such protocols include SAML, OAuth 2, and Open ID Connect. Subsequently, I will talk about the state of single-sign on applications as I encounter them as an ethical hacker. I will demonstrate which vulnerabilities I encounter in the real world, and what the consequences of such vulnerabilities could be. At the end of this talk, you should have a good overview of how single sign-on protocols work, what types of vulnerabilities typically occur in them, and how to protect against such vulnerabilities. about this event: https://program.mch2022.org/mch2022/talk/MTTAXV/

Jul 25, 202245 min

Censoring the internet & how to bypass it (MCH2022)

In recent times, internet censorship has increased throughout the world. With governments realising the potential of the internet in spreading information as well as misinformation. To curb or rather control this, governments around the globe have taken to censoring parts of the internet by directing major ISPs to block access to those websites. The ISPs around the globe have used different methods to block the access. Some resulting in DNS filtering to others doing SNI ( Server Name Information ) inspection. There have been ways to bypass these restrictions, like DoH ( DNS over HTTPS ) and eSNI ( encrypted SNI ), now ECH ( Encrypted Client Hello ), supported by TLS 1.3. To counter these, some authoritarian regimes ( like China ) have blocked eSNI traffic altogether, to be able to sniff the traffic and block the websites accordingly on their ‘Great Firewall’. I will be talking about how these different mechanisms of blocking user traffic works, by doing a live demo of packet analysis using wireshark. Later on in the talk, I will show a comparative study of the different ISPs around the globe and what their approaches are at blocking the internet ( if any ). After understanding how the technologies work, I will show ways to bypass the censorship by some open source tools, DIY solutions and finally some paid/managed alternatives. What are the things that one should look for when choosing one such paid solution. Towards the end, I will announce the open source repo for the tool used to conduct this project, where people can contribute and use it for their own research purposes. I am analysing some of the major ISPs 'around the globe' and how they’re blocking websites and easy + cost-effective ways to bypass them. There has been some previous research into this, but that has included some limited dataset, back in 2020. From then to now a few things have changed including the way ISPs are blocking websites. With this project, I am trying to : 1. Analyse the global censorship of internet 1. Globally, how different ISPs block the network traffic 2. Distribute the client globally and ask volunteers to run this at least once 2. Release the client and server code as open source 3. Publish all the data, country wise on a github repo for everyone to consume The talk would be in two parts : - First : Where I talk about the technical nitty-gritties as to how censoring in modern times work. - Second : After understanding how the technologies work, we will try to bypass those by some open source tools, some DIY solutions and finally some paid/managed alternatives, what are the things to look for when choosing one such provider. Hence, even for folks who aren't much into the technical details of censorship, would have some arsenal of tools to bypass it, by the end of the talk. Starting with the famous question : “What happens when you type a (https) URL in your browser and press enter ?” I will cover all the aspects, starting with 1. DNS lookup 2. TLS Handshake - ClientHello,TLS negotiation, ServerHello etc 3. Encrypted Data Transfer All of these would be shown a live demo of in wireshark, alongwith decrypting the traffic using certificates. Explaining these stages are important because each of these involve ISPs tampering with to censor the internet. Once we know how it’s done, we will figure out how to resolve this privacy issue. Like : Stage How ISPs censorConfirmation TestBypass DNS Lookup Their own DNS as default DNS filtering Check on dnsleaktest.com Use DoH ( DNS over HTTPS ) dnscrypt TLS Handshake SNI Inspection Use the tool Check on wireshark Use VPN eCH Further move on to ECH ( Encrypted Client Hello ) and why China hates it . Show a comparative analysis of the different ISPs I’ve tested using the tool. Towards the end talk about the open source tool, the client and server code themselves. The tool, client app : 1. Sends request to alexa top 1M domains 2. Records packet response and to find what kind of filtering is in place ( if any ) 3. Sends data to central dashboard server for generating heatmaps and graphs The tool, server app : 1. Will consume all the JSON data and validate its findings. 2. Generate heat maps for all the ISPs and different websites that are blocked. Talk about solutions to bypassing the censorship : 1. Open source tools & solutions - DoH, changing default DNS etc 2. DIY things - self hosted 1-click VPN, ephemeral on-demand sshtunnel etc 3. Paid solutions - Things to look for when choosing one such paid solution about this event: https://program.mch2022.org/mch2022/talk/VYSFLR/

Jul 25, 202249 min

Rocking the Web Bloat: Modern Gopher, Gemini and the Small Internet (MCH2022)

The web is a mess, bloated with data-gathering trackers, predatory UX, massive resource loads, and it is absorbing everything it touches. The Small Internet is a counter-cultural movement to wrangle things back under control via minimalism, hands-on participation, and good old fashioned conversation. At its heart are technologies like the venerable Gopher protocol or the new Gemini protocol offering a refuge and a place to dream of a better future. Join me and be reintroduced to Gopher in 2021 and learn what this old friend has to offer us in a world full of web services and advertising bombardment. We will also explore the new Gemini protocol and how it differs from Gopher and HTTP. We will explore the protocols themselves, their history, and what the modern ecosystems are like. I will briefly review the technical details of implementing servers or clients of your own, and how to author content as a user. Discussion will cover limitations, grey-areas, and trade-offs in exchange for speed and simplicity. Through these alternative protocols we'll see the small internet in action. about this event: https://program.mch2022.org/mch2022/talk/RPVQD8/

Jul 25, 202247 min

OpenKAT: Looking at security with cat eyes (MCH2022)

During crises – like COVID19 – software is made under immense pressure in a volatile environment. Security should focus on anything that makes one vulnerable. OpenKAT does this with real forensic proof, with the right context and useful in real life. The COVID19-crisis forced to build dozens of software solutions rapidly with too few people under immense pressure. Meanwhile the threat level as well as the stakes are high. Failure is not an option yet guaranteed. You can no longer afford vague questions like are we secure? You need to find what makes you vulnerabilities before that hit you as well as soon as they hit you. With dozens COVID-testing organizations to monitor, three countries to help, 17 projects to help come to life and to guard during operation security is an impossible job with the tools and people available. The options are simple: drown or find a trick to survive.The COVID19-crisis forced to build dozens of software solutions rapidly with too few people under immense pressure. Meanwhile the threat level as well as the stakes are high. Failure is not an option yet guaranteed. You can no longer afford vague questions like are we secure? You need to find what makes you vulnerabilities before that hit you as well as soon as they hit you. With dozens COVID-testing organizations to monitor, three countries to help, 17 projects to help come to life and to guard during operation security is an impossible job with the tools and people available. The options are simple: drown or find a trick to survive. The OpenKAT-project was started to fill in that gap to take a radical different approach on security while not discarding what we have already. KAT (cat in Dutch) delivers information on vulnerabilities in a forensic accurate manners, monitors environments and more over proves how things change over time. The OpenKAT-project was started to fill in that gap to take a radical different approach on security while not discarding what we have already. Just like a cat you see more while looking at the same information just by interpreting it differently. KAT (cat in Dutch) delivers information on vulnerabilities in a forensic accurate manners, monitors environments and more over proves how things change over time. about this event: https://program.mch2022.org/mch2022/talk/UB3SGY/

Jul 25, 202244 min

Scanning and reporting vulnerabilities for the whole IPv4 space. (MCH2022)

The Dutch Institute for Vulnerability Disclosure scans the internet for vulnerabilities and reports these to the people who can fix them. Our researchers will go into some of our recent cases, our board members will describe how we professionalise vulnerability disclosure and why we are allowed to somewhat break laws on computer crime and privacy. The Dutch Institute for Vulnerability Disclosure scans the internet from our own AS (50.559) for vulnerabilities and reports these to the people who can fix them. In this session our board members will describe how we professionalise vulnerability disclosure with an independent foundation, a Code of Conduct, a common identity, a collaboration platform for independent researchers and a CSIRT to report vulnerabilities to owners of vulnerable systems. Our researchers will go into some of our more known cases, ranging from Citrix 2020, to KaseyaVSA and Log4j in 2021 and others which commenced between filing this proposal and the conference. They will demonstrate how to scan, validate data, report to users and how they responded. By doing this, we kind of break several laws on computer crime and privacy protection. Still, we are allowed to as we serve to make the internet more secure. Moreover, we also guide young security researchers to the responsible path of vulnerability disclosure. And we do it Dutch style: open, direct and for free. Chris and Astrid will go into the way we work, Frank and Lennaert will do the cases. about this event: https://program.mch2022.org/mch2022/talk/9LMTLA/

Jul 25, 202249 min

Ethics does not belong on the wall! Ethical framework for the use of location data (MCH2022)

The use of data is accelerating, not only owing to increasing technical possibilities like AI and earth observation, but also as a result of crises such as COVID-19 and climate change which accelerate the deployment of data and technology. This is happening on a small and local scale, as well as on a large and global one. Precisely because these data are potentially personal, and its use is becoming commonplace, it is urgent to internalize shared principles for the responsible use of data to achieve greater common value, better data and better products. These are preferably intrinsic principles that guarantee the safety and privacy of people, our social values and human dignity. In this talk we discuss an ethical framework for the use of location data. Together with the crowd we will investigate several dilemma's in which location data play an important role. How far can you go? Which values are more important? These are the kind of questions we will present and discuss. The ethical framework is designed for the use of (personal) location data. How do we ensure that the technology we develop is at the service of society? How do we respect shared public values and the individual rights when developing applications made possible by location data? With the discussions that have erupted around apps for monitoring the COVID-19 pandemic, it is clear that the answers to these questions are not crystal clear. The purpose of the ethical reference is to inspire data users, but also policy makers and decision makers to help them collect, use and apply personal location data responsibly. Location data are all data that show where people are located and how they move, whether or not they can be traced. This data can, for example, be collected via mobile apps. In this talk we discuss the different values that are conflicting in the use of location data. We present several dilemma's and cases and will involve the public actively in discussing these dilemma's. You can find a concept of the ethical framework at https://www.geonovum.nl/themas/geo4covid/ethical-framework In our work looking for responsible use of spatial data we are working together with W3C: https://w3c.github.io/sdw/responsible-use/ about this event: https://program.mch2022.org/mch2022/talk/VJVH9E/

Jul 25, 202246 min

macOS local security: escaping the sandbox and bypassing TCC (MCH2022)

"SomeApp would like to access files in your Documents folder." Anyone who has used macOS recently will be familiar with these prompts. But how do they work? What happens if you deny the access? Are they an effective defense against malware? This talk will give an up to date overview of the local security measures of macOS and describe some ways they can be defeated in practice. Sandboxing on macOS was introduced 13 years ago, but Apple didn't leave it at that. Starting with the release of macOS Catalina in 2019, even non-sandboxed apps need to deal with sandbox-like restrictions for files: all apps now need to ask permission to access sensitive files, like those in the user's documents or desktop folder. Features such as the camera and geolocation already needed user approval from a permission prompt. This system of user controlled permissions is known as Transparency, Consent, and Control (TCC). Any new security measure like this will also mean the introduction of new security boundaries, with new classes of vulnerabilities. Many parts of the system have to be re-examined to check for these vulnerabilities. For example, apps can now try to attack other apps in order to "steal" the permissions granted by the user to those apps. Apple has taken steps to allow apps to defend themselves against this, such as the hardened runtime. Ultimately, however, it is up to the developer of an app to safeguard its permissions. Many developers are not aware of this new responsibility or do not take it seriously. Developers who are used to the security model of Windows or Linux often do not know that these boundaries even exist. To make matters worse, Apple's documentation and APIs for these features are not as clear and easy to use as they should be. This talk will start with an overview of local security restrictions on the latest version of macOS, Mojave. Then, it will cover some ways these protections might be bypassed in third-party applications. Finally, we will show some vulnerabilities we found in software that allowed escaping the macOS sandbox, stealing TCC permissions and privilege escalation, such as CVE-2021-30688, CVE-2020-10009 and CVE-2020-24428. about this event: https://program.mch2022.org/mch2022/talk/WEBRZC/

Jul 25, 202250 min

A CISO approach to pentesting; why so many reports are never used (MCH2022)

Pentesting can provide vital information to organisations about their security. However, many reports end up never being used or not being used to their full potential. That is partly due to the pentesters and their writing skills. But in large part is also to be attributed to CISO's lack of guidance and involvement. I am not a spokesperson for all CISOs, but I do have quite a bit of experience in the pentesting field as a CISO. As such; I would like to share my thoughts about how a CISO can lead the pentesting process as effectively as possible, as well as what I as a CISO like to see in my pentesting reports. I will also highlight why some reports don't get used and why I think we struggle with this as much as we sometimes do. I think this information is usefull for pentesters and CISO's alike, because it shows both sides how the other one works and thinks. Many pentesting reports are never followed up on, which is a shame, because a lot of hard work goes into them a lot of the time. In this talk I will try to explain why this happens and will try to clarify how we can make some changes to the practice, reporting and follow up to make pentests more effective. I will also talk about some of the things that have gone wrong during pentests I've been involved in. Scoping is important y'all! If you're interested in what managers generally think certain jargon means (what's a checksum?), come check out the talk and you'll find out ;). p.s. I can't find where to edit my personal profile, but I'm currently no longer CISO for DIVD. Since the beginning of this year I've joined the Board instead. about this event: https://program.mch2022.org/mch2022/talk/QXRYJH/

Jul 25, 202249 min

Nuggets of Shannon Information Theory (MCH2022)

In his 1948 [scientific article](https://en.wikipedia.org/wiki/A_Mathematical_Theory_of_Communication) entitled ["A mathematical theory of communication"](https://people.math.harvard.edu/~ctm/home/text/others/shannon/entropy/entropy.pdf), Claude E. Shannon introduced the word “bit”. The article laid down the foundations for the field of information theory which in turn opened up the way to digital information processing. In this overview talk, I will present in an accessible way three nuggets from Shannon information theory: 1. Shannon entropy, a mathematical quantification of uncertainty of a probability distribution. 2. Information Compression: Shannon entropy provides a fundamental lower bound on how much information from a source can be compressed so that it can later be recovered. 3. Error correction: when digital information is transmitted over a noisy channel, the methods of error-correction provide ways to protect this information from noise. Yet again, Shannon entropy provides the fundamental quantity of how much information can be transmitted over a noisy channel. While the content of this talk is of mathematical nature, I will try my best to make it accessible to anybody with (very) basic knowledge of probabilities and programming. **All material (including presentation, Jupyter notebooks etc.) for this talk are available at https://github.com/cschaffner/ITNuggets** Since 2014, I have been teaching a yearly master course about information theory at the University of Amsterdam. Together with my PhD student Yfke Dulek, we have written [lecture notes](https://github.com/cschaffner/InformationTheory/blob/master/Script/InfTheory3.pdf) on the topic and developed some additional learning tools based on these notes. I love the mathematical beauty of Shannon’s information theory, and I believe that the three concepts above can be appreciated by a much wider audience that does not regularly read scientific papers of the mathematical kind. While I will focus on making the fundamental theoretical aspects accessible to the audience, all of these concepts also have some interesting (and challenging) programming aspects to them that can be explored further after my talk. about this event: https://program.mch2022.org/mch2022/talk/8DFDSE/

Jul 25, 202249 min

Cyber crises and what you can do to face the challenge (MCH2022)

Your organization suffers from a serious system compromise from a cyber-crime ring, state-actor or both. The cyber inferno is raging through your organisation. In this talk I’d like to walk you through a situation which escalated quickly. The talk is intended to inspire people to take preventative measures, keep their heads as cool as possible, and keep a grip on the situation. Your organisation suffers from a serious system compromise from a cyber-crime ring, state-actor or both. The cyber inferno is raging through your organisation. The problems are countless. A neighbouring organisation is looking at your problems and wondering about the potential of spillovers. What if these spillovers escalate beyond your grasp? How and what do you communicate internally and externally? In this talk I’d like to walk you through a situation which escalated quickly. The talk is intended to inspire people to take preventative measures, keep their heads as cool as possible, and keep a grip on the situation regardless of the size of the challenge. about this event: https://program.mch2022.org/mch2022/talk/CVGHG9/

Jul 25, 202244 min

Project TEMPA - Demystifying Tesla's Bluetooth Passive Entry System (MCH2022)

The security of Tesla's cars has been a hot topic in recent months. In addition to being one of the safest cars on the road, it is also well-protected from hacks and attacks. But how does Tesla make sure their vehicles are safe and secure? This case study sheds light on the inner workings of Tesla's Passive Entry System and core VCSEC protocol, and reveals possible attack vectors. The security of Tesla's cars has been a hot topic in recent months. In addition to being one of the safest cars on the road, it is also well-protected from hacks and attacks. But how does Tesla make sure their vehicles are safe and secure? Tesla is a company that has been innovating in the automobile industry for many years. They have been designing and manufacturing electric vehicles which are environmentally friendly and sustainable. Tesla has also been pioneering and implementing new technologies in the automotive industry. One of these innovations is their Bluetooth interface which is used for locking and unlocking vehicles and can be used to uniquely identify cars, as well as to track them in real-time with apps like "Tesla Radar". The introduction of Tesla's Bluetooth passive entry system, previously only used by model 3 and model y, into new product lines like the Tesla 2021 Model S/X facelift variant, shows the strategic importance of this technology for Tesla in the years to come. This case study sheds light on the inner workings of Tesla's Passive Entry System and core VCSEC protocol, and reveals possible attack vectors. about this event: https://program.mch2022.org/mch2022/talk/DCTJDE/

Jul 25, 202251 min

Lightning Talks Monday (MCH2022)

Lightning talks are a 5 to 10 minute quick talk on an interesting subject. They can be with or without slides, and with or without proper preparation. if you weren't accepted in the main CfP, this is also a great opportunity to give an abridged version of your talk. These sessions will be available to sign up to later on, with details on the wiki: https://wiki.mch2022.org/Static:Lightning_Talks Lightning talks are a 5 to 10 minute quick talk on an interesting subject. They can be with or without slides, and with or without proper preparation. if you weren't accepted in the main CfP, this is also a great opportunity to give an abridged version of your talk. These sessions will be available to sign up to later on, with details on the wiki.Lightning talks are a 5 to 10 minute quick talk on an interesting subject. They can be with or without slides, and with or without proper preparation. if you weren't accepted in the main CfP, this is also a great opportunity to give an abridged version of your talk. These sessions will be available to sign up to later on, with details on the wiki: https://wiki.mch2022.org/Static:Lightning_Talks about this event: https://program.mch2022.org/mch2022/talk/LGUFFZ/

Jul 25, 20221h 2m

TASBot OoT ACE: (MCH2022)

TASBot has appeared at multiple charity events raising more than $1.3M to date by hacking classic video game consoles through controller ports. In this talk, dwangoAC will show how TASBot, with help from a human speedrunner, can use a Stale Reference Manipulation exploit in the N64 game Legend of Zelda: Ocarina of Time to achieve persistent Arbitrary Code Execution to obtain the Triforce and many other surprising outcomes that have to be seen to be believed. The TASBot community, led by dwangoAC, has exploited glitches in a variety of creative ways leading to Twitch chat streamed through a Super Game Boy, Super Mario Bros. being played inside Super Mario World, and many more. Most of these exploits were on older NES and SNES consoles, but what could be done if Arbitrary Code Execution could be achieved on an N64? This talk aims to show the beautiful results that can ensue after taking complete control of Legend of Zelda: Ocarina of Time, including obtaining the Triforce itself! The talk will cover controller protocol evil maid attacks, Stale Reference Manipulation (Use After Free) exploitation, a four stage bootstrap chain to attain high speed data transfer, and more with audiovisual elements that are sure to be a surprise. about this event: https://program.mch2022.org/mch2022/talk/CNYE7A/

Jul 25, 202248 min

Plotting the Pandemic... (MCH2022)

Only three years ago you wouldn't have had a chance to get this so-called reality past any decent editor. Now, plotting a book or movie has become increasingly hard and the next years in publishing will be interesting, since our standards in what is scary or believable or how dumb can one be to do XY as a book character, to get into whatever problems, have tremendously changed. I'm an author, writing crime novels and scifi and during the last three years, some collegues and I have often said the phrase "if this was a book, you wouldn't get that past an editor". But it seems, our standards on what is real, believable or doable have changed somewhat over the pandemic. This does not only afflict society itself (fake news, mobs, conspiracy myths etc.), but also (pop) culture and the its creators like authors of books or movie scripts. I have no forecast, on where we might end up or if movies and books will return to story worlds of our old believes, but I can share musings about society, tech and humanity's deepest desire in stories and authors who have to face a different kind of basic understanding of the world to start from when writing stories. about this event: https://program.mch2022.org/mch2022/talk/CPT3CD/

Jul 25, 202250 min

Hope : It is too late to be pessimistic (about climate change) (MCH2022)

We know that we are in trouble as a human society, so what are we going to do about it? Showcase projects that do good things What can you do? Tension between system-level problems and the massive powers that be and the scope of individual impact. How do you leverage your privilege? imagining yourself in 2050 narratives. We know that we are in trouble as a human society, so what are we going to do about it? Showcase projects that do good things What can you do? Tension between system-level problems and the massive powers that be and the scope of individual impact. How do you leverage your privilege? imagining yourself in 2050 narratives. about this event: https://program.mch2022.org/mch2022/talk/KFEEZ7/

Jul 25, 20221h 32m

PolyCoin - A game played across MCH (MCH2022)

PolyCoin - A distributed game across MCH. The history at EMF Camp 2018 and 2022, and how it was made and works. See what is on the inside of the PolyCoin crypto miner devices, and why they were designed the way they were and what had to be compromised along the way, what can be improved, and plans for future versions. PolyCoin - is a game being deployed at MCH 2022, you'll see the PolyCoin crypto miner units installed throughout the site. This game involves "capturing" the crypto miners using an RFID card to collect the fictional crypto currency PolyCoin. Each player selects one of four fictional global corporations to support, and captures the crypto miners for their chosen company producing PolyCoins for them. The company with the most PolyCoins wins! Delving in to the brief history of the game at EMF Camp 2018 and 2022, and then explaining how it works and the various bits hang together to create the overall game. Covering PICmicro, ESP8285 (micropython), DFR0299, RC522 RFID, MQTT, Python on Raspberry Pi, and the hidden features of the game waiting to be discovered. I'll cover the problems with the original game deployed in EMF 2018 and how they were addressed with the PolyCoin game in 2022. Then the problems encountered in 2022 at EMF camp (far less issues!). This would ideally be suited to having this presentation followed by a hands-on session to see the parts that make the game. I should have enough bits to run a workshop as well to build a PolyCoin crypto miner unit, including surface mount and hand soldering all the parts and assembling the units themselves. about this event: https://program.mch2022.org/mch2022/talk/CRHHCU/

Jul 25, 202236 min

The War in Ukraine: Cyberfront (MCH2022)

When the pandemic was declared over, Europe went into a war. This was the first major conflict in Europe where an important part of the war was waged online. Anonymous, disBalancer, IT ARMY, and the western governments. These are stories from the cyber front lines. Welcome to a panel of speakers from Ukraine and EU. We will discuss what happened on the front, how it helped to turn the war in Ukraine's favor, the international cooperation, the cyber offensive, and the how and why of it. We will discuss, DDoS, information disclosures, backdooring, psyops, and propaganda. Chris Kubecka, CEO and Founder of HypaSec, Anastasiia Voitova, security software engineer at Cossack Labs, and Peter van den Heuvel, Security analyst from Saxion, are joining us to share their stories. https://twitter.com/SecEvangelism https://twitter.com/vixentael https://twitter.com/pvdheuvel_ https://twitter.com/KirilsSolovjovs about this event: https://program.mch2022.org/mch2022/talk/PL3FTM/

Jul 25, 20221h 24m

Threat modeling mechanical locking systems, by analyzing puzzles? (MCH2022)

Mechanical locks are everywhere and come in all shapes and flavors. But choosing the right lock can be rather difficult. For example, what is better? A lock that is hard to pick, or a lock with hard to duplicate keys. This talk will not give you the answers, but it will help you understand the trade-offs. Furthermore, we will have fun threat modeling our locks. Is lockpicking a threat you should be concerned about, or is the brick the tool you should care for? Jan-Willem, from The Open Organization of Lockpickers (Toool), will share his ideas on mechanical security and threat modeling. We will make it fun and use several case studies, starting with defining a lock, threat modeling mechanical puzzles, and use several case studies where the threat was overrated. Simply put, attacks against locks range from the trivial to mastery. I'll share multiple failed attempts of attacks that should be trivial, but were not in practice, and we will analyze them together. about this event: https://program.mch2022.org/mch2022/talk/T8MCQW/

Jul 25, 202235 min

First Privacy, Now Safety: (MCH2022)

As of today, most discussions on cyber security focus on privacy and the implications of incidents involving data. However, those of us in cyber physical security often see things differently as we study actors attempting to use computers to impact the physical world (e.g. critical infrastructure and industrial controls). Geopolitical conflicts and accessible offensive security tools make defending against these threats increasingly complex. The anthology I bring for you illustrates the evolution of cyber physical threats through several stories with topics that span from non-fiction espionage and crime thrillers to politically-motivated intrusions and master tinkerers’ ill-fated creations. By focusing on the different players involved and their motivations, I intend not to hype up the scenario, but instead to accurately describe what we observe daily in the cyber physical threat intelligence community. “First Privacy, Now Safety: An Anthology of Tales from the Front Lines of Cyber Physical Security” will consist of a series of real stories to illustrate the evolution of cyber physical threats related to topics that span from non-fiction espionage and crime thrillers to politically-motivated intrusions and master tinkerers’ ill-fated creations. The selection of topics results from my personal experience as a member of the cyber threat intelligence community in Washington, D.C. with a very pacifist perspective of life. Some example stories include: • The Unwilling Pawn – How our infrastructure gets swept up in geopolitical conflicts • Everybody Be Cool, This is a Robbery! – How criminals can make more money by getting physical. • What if I Click Here? – Errant tales from hackers learning about cyber physical systems. (And sometimes erring in the process). All of the stories I will talk about can be verified by the audience in open sources and specialized publications, although they may not appear in any popular books or videos until a couple years from now. about this event: https://program.mch2022.org/mch2022/talk/QYAUZT/

Jul 25, 202242 min

Tech didn’t cause misinformation, and it won’t solve it (by itself) (MCH2022)

There’s no quick fix for the misinformation, disinformation, and lies were seeing in the world these days, and its natural for hackers want to work on the problems with the skills at hand. I’m going to talk about why, for hackers, that’s not necessarily a good move to do solo. I’ll go over mistakes I’ve seen way too many technologists and academics make when approaching the subject, where misinformation *really* comes from, and where the audience can harness what they’re good at. It is deceptively easy to see misinformation as a data problem, as a societal issue of algorithms run amok on soulless social media platforms. However, just because the delivery of misinformation is purely technical, it doesn’t mean that the cause, or solution, is also technical. In the more than half a decade I have been working on factchecking misinformation and disinformation I have see this point lost over and over to technologist, hackers, hobbyists and academics. This is a huge waste of talented resources, and in this talk I will go over why this is the case and explain the most serious problems that journalists, fact-checkers and politicians are facing. Hackers have been addressing large-scale issues for decades, and my talk will lay a framework down for how the MCH community and beyond can work on the lies that are propagated across the internet and the world. There’s never been more of a need for help, and I will explain how to get the most bang for your buck. about this event: https://program.mch2022.org/mch2022/talk/MLVGMM/

Jul 25, 202250 min

drand: publicly verifiable randomness explained (MCH2022)

drand is an opensource project allowing anybody to run a “randomness beacon”. Its goal? Providing a trustable, verifiable source of public randomness that would enable full transparency in online lotteries, leader election or blockchain smart contracts. This talk is about what distributed randomness is, what it means for developers, and users, and why you’d want to use it. I will also present to you the current ecosystem around drand, and what it enables you to do differently and why it is desirable in a distributed, decentralized web to have public, verifiable randomness. Don’t worry though: we will first go through an easy overview of how it works without diving too much into the gory cryptographic details. In addition, I’ll demo how drand works in practice, and explain you how you can easily use it in your applications since drand nodes can be queried by anybody. Disclaimer: this is NOT a blockchain talk, but rather a distributed system one. [drand](https://drand.love/) (pronounced "dee-rand") is a distributed randomness beacon daemon written in Golang. It has been used by Cloudflare, EPFL, Kudelski Security, UCL and other partners to setup a distributed randomness project that was unveiled in June 2019: the ["League of Entropy"](https://blog.cloudflare.com/league-of-entropy). Since then even more members have joined the league. Servers running drand can be linked with each other to produce collective, publicly verifiable, unbiasable, unpredictable random values at fixed intervals using bilinear pairings and threshold cryptography. Drand nodes can also serve locally-generated private randomness to clients. Generating public randomness is the primary functionality of drand. Public randomness is generated collectively by drand nodes and publicly available. The main challenge in generating good randomness is that no party involved in the randomness generation process should be able to predict or bias the final output. Additionally, the final result has to be third-party verifiable to make it actually useful for applications like lotteries, sharding, or even "nothing up my sleeves" parameter generation for security protocols. drand relies on the following cryptographic constructions: - Pairing-based cryptography and Barreto-Naehrig curves. - Pedersen's distributed key generation protocol for the setup. - Threshold BLS signatures for the generation of public randomness. - ECIES for the encryption of private randomness. These are well known, while still relatively cutting edge cryptographic schemes. Why do we need such randomness? A lot of reasons actually: - Lotteries, jury selection, election event, random sampling for audits, ... - Protocols & cryptography: - Verifiable gossip: randomly choosing peers in a verifiable way in a network to disseminate information - Parameters: Nonces & IV for symmetric encryptions, composite or prime numbers for selecting a field for RSA, or even ECC - Schemes: Diffie Hellman exchange, Schnorr signatures, more generally for zero knowledge proofs, - Protocols: Tor (e.g. path selection), sharding (Omniledger), leader election for consensus - Statistics: verifiable random sampling, reducing bias e.g. in controlled trials in medicine, etc. Now, drand is a software ran by a set of independent nodes that collectively produce randomness and whose long term goal is to implement Randomness-as-a-Service: - Fetching randomness should be as simple as fetching time from NTP servers. - Nodes can serve both private randomness and public randomness: - Unpredictable and bias-resistant - Publicly Verifiable - Decentralized service using threshold cryptography, with high availablity, reliability and trust. This talk will NOT be about just the cryptography behind drand, but I will cover some of the basics in a simple way in order to tease the people that could be interested, while introducing cool cryptographic constructions to the rest. It will NOT be about how drand is built, but it will really be about the **practical use-cases for drand**, how to use it, its kind of randomness, what it means and why you might want to use it. about this event: https://program.mch2022.org/mch2022/talk/YWHF7Z/

Jul 25, 202238 min

Intro to OSINT and Geolocation (MCH2022)

The talk is on Introduction to opens source investigations. Aiganysh will explain what "open source" is, what kind of research you can do with it, and the challenges it entails from Bellingcat's experience. The presentation will be full of case studies and exercises such as geolocating ISIS supporters from Twitter and identifying neo-nazi criminals in the US. Bellingcat has conducted open source investigations into the downing of MH17, syrian chemical attacks, high level poisonings, corruption investigations, ecological research, war monitoring and etc. So what is open source investigations, how can you do it and what challenges come with it? To learn more about that join the talk by Aiganysh Aidarbekova, Bellingcat's researcher and trainer. The talk will also have case studies and exercises such as geolocating ISIS supporters from Twitter and identifying neo-nazi criminals in the US. about this event: https://program.mch2022.org/mch2022/talk/RSAY8Q/

Jul 25, 202251 min

How to sneak past the Blue Team of your nightmares (MCH2022)

If the perfect Blue Team exists, does that mean the Red Team doesn’t stand a chance against it or is there still a way to sneak their phish in the mailbox of their target? Well in this talk we investigate how a Red Team could sneak past even the best Blue Team imaginable. We analyse how a perfect Blue Team would detect malicious domains targeting their organization, how they would correlate these to other threat infrastructure to burn the whole campaign and how they would block a successful initial foothold in case they did not detect the phish campaign before its launch. By assuming the perfect adversary, we discuss techniques and important OPSEC measures Red Teams need to use to get a successful and undetected initial foothold in their targeted organization. Through practical demos and real-life examples, attendees will learn invaluable techniques and OPSEC measures to improve their Blue or Red Team tradecraft. If the perfect Blue Team exists, does that mean the Red Team doesn’t stand a chance against it or is there still a way to sneak their phish in the mailbox of their target? Well in this talk we will investigate how a Red Team could sneak past the best Blue Team imaginable. By analyzing techniques the perfect Blue Team would use, we define OPSEC measures and techniques to remain undetected and accomplish a successful initial foothold. How would a perfect Blue Team detect malicious domains targeting their organization? o BLUE: By dissecting patterns of adversaries and resulting OPSEC mistakes, we specify how domain and Certificate Transparency Log monitoring can unveil domains impersonating your organization. o RED: We explain measures the Red Team can take to avoid being caught through domain and CTL monitoring by using wildcard SSL certificates and avoiding typosquatting. How would a perfect Blue Team correlate detected malicious domains to related threat infrastructure? o BLUE: Once a suspicious domain is identified, we can correlate this to other threat infrastructure using NetLoc intelligence techniques. Through correlation, Blue Teams can leverage OPSEC mistakes to uncover and potentially burn the whole campaign. o RED: We explain measures the Red Team can take to avoid the correlation between their threat infrastructure and avoid the detection of one domain leading to the whole threat infra being burned. How would the perfect Blue Team attempt to block undetected phishing campaigns during their launch. o BLUE: We analyze how the use of reputational scoring based on IP, Domain and Mail server, can block many phishing campaigns during the launch itself. o RED: We explain how Red Teams can age and categorize their domains to pass IP/Domain/Mail based reputation detections. What if a phishing mail sneaks by the Blue Team and lands in the inbox of one of their employees, has Red Team won? Not yet: o BLUE: The perfect Blue Team has hardened employee endpoints to make a successful exploitation after a click almost impossible. We discuss several defensive techniques on how to block successful initial foothold through Macro execution hardening, Applocker, Exploit Guard and endpoint security solutions. o RED: Assuming a fully hardened system, we discuss strategies that could bypass all off these hardening measures and have been proven to be successful in past engagements We conclude with a summary of techniques both Blue and Red Teamers can use to perfect their tradecraft. about this event: https://program.mch2022.org/mch2022/talk/HKJCGA/

Jul 25, 202245 min

Audio networks and their security implications (MCH2022)

We will take a cursory look at the protocols that underpin audio over IP from studios to stages and on to broadcast. Focusing on AES67 the you will gain a basic understanding of what it is, how it works and how it is inherently vulnerable to attack. At a high level this talk should be accessible and entertaining to all, although to grasp the more nuanced details a rudimentary knowledge of IP networking and audio digitisation will be helpful. Description: In the professional audio space the heavy and expensive XLR snakes of old have largely been replaced with audio over IP. Operationally this move to audio over IP has provided many benefits, such as being able to use the same equipment for audio as they use for video and lighting rather than special sets of gear for each aspect of a production. However with the increased use of commodity IT hardware in this operational technology (OT) environment comes an increase in attack surface from more software, easier access and less segmentation. As with many places where IT components get re-purposed for OT the administration practices and development practices of the vendors haven’t necessarily caught up with the with the best practices of there IT counterparts. There are some hard problems to solve for audio over IP such as multicast encryption and authentication but also much simpler but more cultural things like updating a working system. It is hoped that by presenting this topic to the broader community of hackers that more talented people get interested in the hard bits, and perhaps we can even reach the folks on the operational technology side to see what measures can be taken to improve the security of existing systems. about this event: https://program.mch2022.org/mch2022/talk/JKSE7N/

Jul 25, 202241 min

Live streaming 360° video with your own infrastructure (MCH2022)

Panoramic 360° video offers more immersion, but has unique challenges. There are plug and play solutions, however they use centralized services such as Facebook and YouTube. In this talk (live streamed in 360° video) i will explain how to setup your own 360° live stream using your own streaming servers and viewing the 360° stream on desktops, mobile devices and VR headsets in the browser. The pandemic has brought live streaming video to the masses. Panoramic 360° video offers more immersion, but has unique challenges. There are plug and play solutions, however they use centralized services such as Facebook and YouTube that invade our privacy and spam us with ads. In this talk (live streamed in 360° video) i will explain how to setup your own 360° live stream using your own free software streaming servers and viewing the 360° stream on desktops, mobile devices and VR headsets in the browser. If you want to setup your own stream you'll need a camera (i tested with Insta360 One R and HumanEyes Vuze). The talk will cover all parts: 1. Camera setup 2. Setting up the RTMP streaming server 3. Adding HTML5 Live Streaming (HLS) 4. Setting up browser based clients for desktop, mobile and VR about this event: https://program.mch2022.org/mch2022/talk/EBKZRV/

Jul 25, 202235 min

Meta-Press.es (MCH2022)

Meta-Press.es is a WebExtention to help you exploring the online press, with no middlemen between the newspapers and your web browser. It allows you to discover millions of results within seconds and lists the last ones of each sources. Searches can be scheduled and results can be selected and exported. Meta-Press.es is a free software project built as a decentralized alternative to Google News. It is developed by Simon Descarpentries, ex-member of La Quadrature du Net, treasurer of the Fund for Defense of Net Neutrality FDN2.org and web artisan with 20 years of experience. Meta-Press.es runs entirely from your web browser and requires nothing else than online newspapers with internal search features to run. It supports currently more than 500 sources (newspapers, scientific press, online agendas…) but everything is made to help users contributing more sources. Using Meta-Press.es, there is no data sent to third parties (including our servers). We're not asking the users to believe us about the respect of their privacy, it's a matter of verifiable fact. No Meta-Press.es servers also means that Meta-Press.es is not a single point of failure, surveillance or censorship, like GAFAM are. Meta-Press.es helps you evading the swamp of third-party trackers and it works great from a Tor Browser. about this event: https://program.mch2022.org/mch2022/talk/ZRSJMG/

Jul 25, 202249 min

Fault Injection on a modern multicore System on Chip (MCH2022)

Hardware attacks on security relevant components, such as fault injection, have been known for decades and have been shown to be successful on a wide range of devices ranging from general purpose microcontrollers to dedicated security engines. In this work we give an overview of different methods used for fault injection and the effectiveness of these methods. We discuss electromagnetic fault injection in more detail. Most of the published research focuses on attacking low performance secure devices. However, we present the results of electromagnetic fault injection on a modern multicore system on chip running at gigahertz speed and discuss its effectiveness. In this presentation we discuss hardware attacks in general, their use cases, and real-world examples. We then discuss electromagnetic fault injection in detail. We compare the results of the previous research on microcontrollers and secure elements to more modern high performance system on chip devices. We discuss relevant features of modern Arm systems on chip and answer the two main questions of this research. Are electromagnetic fault injection attacks applicable and efficient when applied to software running at gigahertz speed on a modern multicore system on a chip? And to what extent does the operating frequency change the effectiveness of electromagnetic fault injection attacks? about this event: https://program.mch2022.org/mch2022/talk/9NZHED/

Jul 24, 202251 min

Gigatron - creating a hobby kit (MCH2022)

The Gigatron is a microcomputer without a microprocessor. It was made into a DIY electronics kit and sold over 1000 pieces from 2018 to 2020. It is now open source. In this talk, I will not go into the working of the kit, but explain what you need to think about when creating a kit and keeping it manageable. Think of what to design, sourcing components, testing, preventing too many support calls and more. The Gigatron is a microcomputer without a microprocessor. During the design phase, a decision was made to maybe make it into a Do-It-Yourself electronics kit. Many design decisions have been influenced by that decision, as creating a unique prototype is a lot different from creating a succesful kit. In this talk, I will go over some of these design decisions. I think the majority of them worked out very well, as over 1000 kits were sold between 2018 and 2020, before the Gigatron becoming open source. These design decisions were influenced by other kit builders, who had already gone through that process, like the people behind the PiDP-8 and Enigma-E. I would like to share some of that knowledge, so you can also stand on the shoulders of the giants before me. And of course to also stimulate the attendees to make their hobby project into a kit. No previous knowledge is needed. The talk is aimed at people wanting to turn their hobby project into a kit project. about this event: https://program.mch2022.org/mch2022/talk/33EPHD/

Jul 24, 202250 min

Democracy: Eventually Digitally Transparent? (MCH2022)

Governments should be radically more transparent. While calls for more open data and initiatives like the Open Government Partnership have existed for more than a decade, there is still much to be desired. Where do we stand? And, fun to imagine, where could and should we go? It is hard to have a perfect overview of the status of open government across the world. We at [Open State Foundation](https://openstate.eu/) focus mostly on accelerating digital transparency in the Netherlands. We will explain things like: - Why is the **Handelsregister** (company register) still only fully accessible for those with a lot of money? - Why are **Wob-verzoeken** (Freedom of Information requests) on average not answered within the legal deadline? - How transparent are the **external meetings of ministers** and who do they talk to? On the other hand we show why the Netherlands is a great place if you want to know how your municipalities spend their money or want to access national statistics. Still there is much to learn from other countries: - **How does Norway manage their information so well** that they respond to Freedom of Information requests much faster? - What country has **a minister that deals in the most open way with lobbyists**? - Can governments produce **modern open source software**? These examples can show us a future of a digitally transparent democracy. We end the talk by opening up the floor to the audience and love to hear about positive examples of transparent forms of governments around the world. about this event: https://program.mch2022.org/mch2022/talk/LFVBN3/

Jul 24, 202245 min

World in Vectors - Cross-platform Map Rendering using Rust (MCH2022)

Digital maps are ubiquitous tools in our everyday life. In the early 90s, the idea of browsing the world digitally and visiting any place was groundbreaking. The first solution to this problem is known as "TerraVision", which was breathtaking at that time. Today, the idea of exploring your surroundings using digital maps has become pretty normal. But how do these maps work? In this talk, I want to provide an overview of the foundations of digital mapping solutions. Differences between maps which use vector data and rasterized satellite imaginary will be outlined. Furthermore, a new and open-source map renderer called [maplibre-rs](https://github.com/maplibre/maplibre-rs) will be presented, which is created using Rust and modern web technologies like WebWorkers and WebAssembly. Lastly, I want to show differences between commercial solutions and free and open-source ones. A lot of mobile and web applications depend on customizing and displaying maps. There are not many cross-platform solutions available. Some only work in the web. Some only work on mobile devices. Furthermore, there are only a few truly free and open-source mapping stacks available. I want to explain how [maplibre-rs](https://github.com/maplibre/maplibre-rs) can solve current challenges by leveraging a modern rendering stack. Last year I had a lot of spare time and decided to kick-start a project which combines different areas of interest: Rust, 3D rendering, Geo data This project was adopted recently by the [MapLibre](https://maplibre.org/) project and is now known as [maplibre-rs](https://github.com/maplibre/maplibre-rs). The [maplibre-rs](https://github.com/maplibre/maplibre-rs) library is a proof of concept which showed me the complexity of mapping solutions. It takes a lot of steps until edits from OpenStreetMap contributors are finally rendered in consumer applications. With this task I want to take listeners on a journey from drawing changes in the OpenStreetMap editor all the way until vectors are uploaded to from memory to GPUs. Like outlined in the abstract, I want to cover multiple topics: * Foundations of digital maps (How to determine which data should be loaded? What are vector and raster tiles?) * Show the technology stack which allows us to design and develop a cross-platform map renderer (Web, Mobile, Desktop) Lastly, I want to provide a software developer perspective on mapping technologies. about this event: https://program.mch2022.org/mch2022/talk/BRHLYE/

Jul 24, 202221 min

IRMA's Idemix core: (MCH2022)

IRMA is a system in which you are in control of sharing specific personal properties (aka attributes) such as your age, address and gender which are stored in the IRMA app on your phone. Technically, IRMA is a set of free and open source software projects implementing the Idemix attribute-based credential scheme. Although the Idemix credential system has been around for a while it is still relevant today. In this talk, we walk you through the crypto behind Idemix, explain how it works, why it is safe and give you the means to understand Gabi, the Go implementation of Idemix that is used in IRMA. Presentations on privacy products often focus on the principles of why we should want to protect our privacy and how the product does this from a birds-eye or user perspective. In case of IRMA, this focus would be on storing your attributes on your local device and on the information flow when the IRMA app is used. However, in this talk we want to dig deeper, demonstrate the crypto behind the curtains and give you the means to reason why IRMA is a neat solution. Note that the talk is very technical. We will cover the theory of the zero-knowledge proofs, the Camenisch-Lysyankaya signature and the Idemix credential verification, all so you can understand the Go implementation of the Gabi library. If time allows, we'll also cover IRMA-specific solutions such as the keyshare protocol and revocation. We will cover a lot of ground very quickly but after this talk you will have an excellent starting point for truely understanding this anonymous credential system. Of course we'll provide you with follow-up material and are happy to chat some more after the talk with a beer or two. Background knowledge that will help in understanding this talk: - General understanding of public key cryptography, especially RSA (https://www.youtube.com/watch?v=MsqqpO9R5Hc, https://www.youtube.com/watch?v=SL7J8hPKEWY) - Basic algebra, namely the laws of exponentiation - Some context on IRMA (https://irma.app/docs/overview/) about this event: https://program.mch2022.org/mch2022/talk/AFD3XT/

Jul 24, 202250 min

Automatically Suspicious - Predictive policing in the Netherlands (MCH2022)

Predictive policing is hip and happening. In the last few years we have seen a number of experiments with predictive policing in The Netherlands. How does that technology work? What were the outcomes of the experiments? And what is the legal status of a suspicion generated by a computer? "Predictive policing" is the name of a family of technology that use historical crime data to make predictions about future crimes (cue Minority Report). Police departments all over the world are very interested in this technology because it promises better results (more crimes prevented) at lower cost. In the Netherlands we have seen a number of experiments with predictive policing, and one of these systems (CAS) is currently being rolled out throughout the country. But how do these systems work? And how _well_ do they work? And what is actually the legal status of a suspicion generated by a computer? This talk will give discuss relevant predictive policing experiments in the Netherlands and abroad and will discuss the results of these experiments. The talk will also cover the legal status of suspicions generated by this technology in the Netherlands. about this event: https://program.mch2022.org/mch2022/talk/DJ8FCY/

Jul 24, 202246 min

Hacking with Microbes (MCH2022)

Microbes are everywhere. They are part of nature, both around us and inside of us. When you provide their desired niche, you can make them do something for you, in a mutually beneficial arrangement. This talk will take you into their realm, and show a few practical examples and hacking opportunities. Our climate is on fire, but we are still reaching for an Ultimate Solution. We don't move until we get a drop-in replacement to sustain current habits, at no extra cost. Our cognitive dissonance makes us trust politicians to deliver on promises, and energy vendors to withstand lucrative green washing. But it is both interesting and profitable to be part of the solution, and not of the problem. I have a long-standing fascination with microbial processes. They are adaptive and resilient while they modestly take on chores that pull things back to nature's standards. I think many problems that we are facing now can be solved locally and efficiently with clever combinations of technology and microbiology. Not always complete solutions and not everything is simple, but they certainly add to resilience and taking ownership of problem *and* solution. In a perfect situation, energy is harvested when&where it is abundant and moved to when&where it is needed. This talk demonstrates ways of doing at least some of that with the help of microbial systems. We will demonstrate overlap and connections, and conditions under which they may be hacked: Outline: * Beer. Vinegar. Innoculation. Permaculture. * Gut. Fiber or Fat. SCFA. Immune system. Epigenetics. * Biogas. Acetate. Sulphur and ammonia. Garbage in, garbage out. * Microbial fuel cell. Clay and carbon. Training. * Pee. Urea. Energy calculations for a Raspberry Pee. * Poo. Phosphate. Energy calculations for iPoo mobility. * Compost. Worms. Energy calculations for heat generation. * Climate change & zoonose. Cramming sick animals. Antibiotics. Government ignorance. Summary: * Making beer uses yeast to turn sugar to alcohol. Yeast can flexibly adapt from/to glucose via DNA switching to generate different enzymes. Let fruit flies in, and they bring along Acetobacter that reduce alcohol to vinegar. Wild fermentation is more natural, and yields a lambic beer. Save work by going for stable, naturally mixed processes. * Our gut processes whatever we can't. Two rough kinds of colonies co-exist. One consumes cholesterol/bile and the other plants/fiber. They tune our body via SCFA, the immune system and epigenetics. You can hack by changing your food (and after a few weeks, the microbes are thought to hack you by asking for more; so much for free will?!?) * Biogas works like a gut. It forms/consumes acetate CH₃COOH to produce CO₂ and methane CH₄ with byproducts hydrogen H₂, hydrosulphide H₂S and ammonia NH₃. Local cycles can process known sludge and produce usable liquid output, but large-scale anonymity destroys that. Some influences are possible, but the process is basically difficult, smelly and a bit dangerous. * Microbes can live in a fuel cell, which then accepts electrons and passes H+ through a membrane. Urine can be broken down with just clay and carbon -- and a culture. What are researchers doing? A variant to produce hydrogen H₂. And the potential of driving microbes by passing in a current. * Pee contains urea (NH₂)CO(NH₂), a hydrogen carrier. Urea is stable when dried, but otherwise reduces to ammonia NH₃. Soil microbes normally turn ammonia into atmospheric N₂ and water. But we can also use urea in a fuel cell to extract electricity or hydrogen. * Poo contains many microbes, some of which are pathogenic. But it is also our disposal channel for phosphorous (which we mine to grow food) and nitrogen. Troubled hygiene, but can this be safe? Is it a good idea? * Compost is incredibly straightforward and safe. The nutrient cycle is so short that nature could have invented it... oh wait, it did. Spring brings a gradual start, Summer collects energy, Autumn sheds it off and Winter benefits from the captured energy. Because composting generates heat, and has been used for heating homes, or parts of homes. Though mostly self-controlled, there are broad requirements for heat retention, moisture, oxygenation and C:N ratio. Working with these, you can have some degree of control over this process. * Microbes mutate if we force them into another environment. Like a sick animal. Or 3000 of them. Antibiotics form a bonus challenge. Many animal farmers carry resistent microbes. Zoonoses are on the rise due to climate change, and they are the common source of infectious diseases. Government practices [best effort management](https://www.rijksoverheid.nl/binaries/rijksoverheid/documenten/wob-verzoeken/2020/10/28/besluit-wob-verzoek-prognoses-ziektekiemen-uit-dierhouderijen/Besluit+Wob-verzoek+prognoses+ziektekiemen+uit+dierhouderijen.pdf) by chasing for *known* diseases; they are generally clueless about possible future zoonoses and any involved risk to humans. [S

Jul 24, 202252 min