Chaos Computer Club - recent events feed

# Kalpa Desktop is a Plasma desktop derived from MicroOS, and Tumbleweed, providing a immutable system base, with a containerized workflow, through distrobox and podman, and Desktop applications via Flathub. ## Kalpa grew out of the initial work by Richard Brown, with MicroOS Desktop, but has diverged over the past three years. ## Kalpa's focus is on providing users with: - A well-tested and current Plasma-Wayland desktop - A minimal installation, without a bunch of applications you may not want or need - Robust stability, through the use of atomic updates, no more broken updates - Just a "Damn Good™" basic desktop installation, that's designed to *be* a desktop, and that's all # This presentation will present the current state of the Project, and examine the future roadmap for Kalpa Desktop. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

The current process of openSUSE membership application can be cumbersome and overall approval deem lengthy or inconsistent. This is due to way applications are made, some times information is lacking, there are back-and-forths, before membership officials can finalise an application. The current state of membership management has its limitations and it is not friendly, either for the members, the membership officials, or the election officials (who need the active membership info to run elections). In this lightning talk, I'll quickly go through some of the hurdles and possible solutions to ease the process. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

To ease the pain of testing container images, we’ve developed the `pytest_container` plugin for [pytest](https://pytest.org/). The plugin makes it possible to use pytest to perform tests on containers and software inside containers. You don’t have to take care of pulling images, building them, or picking ports on the host. You just describe your container setup and pass it to a test function. In return, the plugin gives you a connection to the container. Using the connection, you can verify the container’s state using the [testinfra](https://testinfra.readthedocs.io/) python framework. The plugin even cleans up after itself when you’re done. In short, `pytest_container` makes it possible to write tests in Python: no need to build your own framework from scratch or worry about the boring container plumbing tasks. Join this talk to see `pytest_container` in action and learn how it can make your life easier! Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

The Steam Deck has transformed mobile gaming — but in one crucial area, it still lags behind: security. Until now, no Steam Deck-focused Linux distribution has offered full disk encryption by default, leaving sensitive user data unprotected. In this talk, I present Yuga Linux, a distribution built on openSUSE technologies, tailored specifically for the Steam Deck with a strong focus on security, compatibility, and gaming performance. I will explain how Yuga Linux leverages openSUSE packages and the Open Build Service (OBS) to build a custom kernel and all essential components to fully support both SteamOS's gaming and desktop modes — while adding something no other Steam Deck distribution currently offers: secure, user-friendly encryption. You'll learn: - Why encryption matters for handheld gaming devices. - How I integrated tik, the installer from Aeon, to support TPM-backed full disk encryption. - How I built deckrypt, a custom tool that allows users to input passwords using the Steam Deck's gamepad when fallback manual unlocking is needed. - The challenges and key technical decisions behind building an openSUSE-based gaming distro for a new hardware category. The session will include a live demo of the boot process, unlocking the encrypted system, and running Steam Gamemode and Desktop Mode seamlessly on Yuga Linux. If you’re curious about gaming, Linux customization, TPM integration, or just want to see what the future of secure mobile gaming looks like, this talk is for you. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

In this session, a brief explanation about what Uyuni is and what it can achieve will be shared as an introduction for newbies or as a knowledge reminder for the part of the audience already knowing the product. This part of the session is mainly a summary of last year's session. Secondly, we will try to summarize the changes that have happened within the last year in Uyuni, in the period of time between the last openSUSE Conference and now. Last but not least, we will try to look forward and present what's coming next (what we know) and also gather feedback of where we want to move to (about what we don't know). Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

During the last year, I have spent several months on a project, that was sponsored by a grant from the NLnet NGI0 initiative. It is about an operating system, that only has packages that can be reproduced anywhere anytime bit-by-bit. I call it R-B-OS - the Reproducible-Builds-Operating-System. Last year when we had https://events.opensuse.org/conferences/oSC24/program/proposals/4378 , most of the work was still ahead. Now it is completed and I can tell how it went. I'll tell about the journey. And I'll tell about the result. RBOS has some unique properties: - The collection of sources are defined by a single hash, and so are the binaries produced from it. It is a 1->1 mapping. - When I change a toolchain package (e.g. gcc), I can let it rebuild and see exactly what changed in other places. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

An update on Aeon Desktop by Richard Brown. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

“Der moderne Faschismus kommt digital”, sagen manche. Wie funktionieren aber eigentlich KI oder LLMs (Large Language Model), was können sie und was können sie insbesondere nicht? Welche Ideologien von (rechten) Techbro-Oligarchen wie Elon Musk, Peter Thiel, Sam Altman und Co. stehen dahinter? Werden wir alle bald arbeitslos oder entscheidet KI sogar über Abschiebungen oder Gerichtsprozesse? Wie viel Energie und Wasser wird dafür verbraucht? Und wie wird dadurch Macht auf die konzentriert, die diese Systeme kontrollieren? Language: DE Translation: YES Recording: YES How do AI and LLMs (Large Language Model) work, what can they do, and what can't they do? What ideologies of techbro-oligarchs like Elon Musk, Peter Thiel, Sam Altman, and others are behind them? Are we all going to be unemployed soon? Will AI decide on deportations and court cases? How much energy and water will this consume? And how will this concentrate power in the hands of those who control these systems? Language: DE Translation: YES Recording: YES Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://c3voc.de

Psychedelisch Assistierte Psychotherapie (PAT) erlebt nach jahrzehntelanger Verdrängung ein erstaunliches Comeback. Forschende sprechen von einer Renaissance, Medien berichten von Durchbrüchen. Was einst als riskant galt, wird zunehmend ernst genommen. Doch kann ein Trip wirklich heilen? Der Vortrag verbindet Forschung mit Alltag und zeigt, wie Psychedelika im Gehirn wirken und in der Therapie helfen können. Turn on, tune in, drop by :) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://c3voc.de

SUSE Package Hub delivers open source packages to enterprise users in combination with SUSE Linux Enterprise Server. This talk covers the basic understanding how Package Hub is designed to work since it is sharing a collection of same sources with the corresponding openSUSE Leap version. Furthermore we will show the planned future, what is going to change, and how to contribute. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

Overview of Git package workflow with OBS Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

Open source software is powering global innovation. In less developed regions, it's not just technology but a catalyst for closing the digital divide and fueling economic and social progress. This session explores how open source software goes beyond just coding as it creates real opportunities and positive change in the world’s least developed areas. For software developers in underserved regions, open source software offers free access to advanced technologies. This empowers them to build innovative IT solutions tailored to their communities’ unique needs. I will highlight the many benefits of adopting and customizing open source software in developing countries. These include lower IT costs for small businesses and organizations, and the ability to repair and reuse older computers and devices. By extending the life of hardware, open source software helps reduce electronic waste and environmental harm caused by discarded proprietary technology. Open source also boosts digital literacy and encourages collaboration and contribution within local tech communities, helping to bridge technology gaps. Using real examples from Africa, this session will show how open source projects are transforming education, healthcare, and other vital sectors, while helping to close the digital divide. Attendees will learn how their open source projects and contributions can create meaningful economic and social impact, especially in underserved and remote communities. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

This session explores the utilization of parallelism and rolling updates within Ansible playbooks to expedite deployment processes and facilitate faster releases. As organizations strive for agility and efficiency in their software delivery pipelines, optimizing deployment strategies becomes crucial. By leveraging Ansible's parallel execution capabilities and implementing rolling updates, teams can reduce deployment times and minimize downtime, thereby enhancing overall release velocity. This session provides insights into the benefits and techniques of employing parallelism and rolling updates in Ansible playbooks to achieve swift deployment and accelerate software releases. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

Recent global political events have up ended the global order. Coupled with the EOL of Windows 10, does Desktop Linux have a shot at the mass replacement of Windows in the corporate and government sectors? This wide ranging talk will cover the reasons why I think it does, and how we might achieve this goal. I believe it is easier than we think. **#Endof10 event** Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

Do you want to detect threats real-time and easily search logs to find relevant information? By default, incoming log messages are treated in log management apps as one long string. This is good enough if you just want to store logs. However, if you also want to act on log messages, you need more structured information. Syslog-ng and other applications also let you parse log messages. While parsing structured logs, like JSON, is easy, unstructured logs need a lot of work. This is where sequence can help you: if you have enough logs to analyze, it can automatically generate parser rules for syslog-ng and LogStash. Name-value pairs (sometimes also called “macros”) are probably one of the most useful parts of syslog-ng. Macros have been a core feature of syslog-ng since the beginning: incoming log messages were parsed by syslog-ng and various fields (priority, facility, date, program, PID and message) were stored into name-value pairs. You could use these to reformat log messages or use these values in file names. Without additional parsing, syslog-ng treats the message part of a log message as one long string. While this might be valid in some use cases, many log messages look like an almost complete English sentence with some variable parts in it. Just think about SSH login messages: they include the username, the source IP and port, and the login method embedded in a sentence. You might want to create an alert in syslog-ng for such messages (for example, if a root user logs in). However, if the whole message is a single string, you cannot do that. PatternDB can find important information in unstructured log messages, like the above-mentioned SSH login message, and create name-value pairs from the information it finds. PatternDB rules are easier to write than regular expressions and also need less resources to run. There are various parsers for structured log messages as well, like the CSV, JSON and XML parsers. You can also combine these and build really complex parsers. Sometimes, the syslog header might be missing from log messages, so you need to create a parser for the whole message. Message parsing and name-value pairs give you a lot more flexibility when it comes to filtering or templating log messages. For example, you can send an alert to Slack when someone logged in as a root user through SSH, or you can forward two important fields from an extremely long log message to save network bandwidth and disk space. You can use it to hide sensitive information and send only what is required to various destinations. Sequence-RTG allows you to automatically generate parser rules for syslog-ng and LogStash. Creating parser rules from scratch is a painful process. However, if you have enough log messages to analyze, sequence can do the heavy lifting for you. Of course, you might need to rename some of the name-value pairs, but that is a lot easier. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

FragDenStaat, bekannt für ihre unermüdliche Arbeit für Transparenz und Gerechtigkeit, gegen Überwachung und Staatswillkür, bei uns im Zelt! Auch Umweltgerechtigkeit ist eine Frage der Informationsfreiheit, und Informationen sind Grundlage jeder guten Kampagne. Sei es zur Räumung in Lützerath, Wasserverschmutzung von Tesla, Lobbyarbeit, Braunkohle-Deals oder dem Wasserverbrauch der großen Konzerne. Kommt und lernt den KlimaHelpDesk kennen! Language: DE Translation: YES Recording: YES FragDenStaat, known for their tireless work for transparency and justice, against surveillance and state despotism, will be joining us in our tent! Climate justice is also a matter of freedom of information and information is the basis of every good campaign. Whether it's the eviction in Lützerath, water pollution by Tesla, lobbying, brown coal deals, or the water consumption of large corporations. Come and get to know the ClimateHelpDesk! Language: DE Translation: YES Recording: YES Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://c3voc.de

How is Slowroll doing? What happened in the last year? What challenges are ahead? Let me tell ya... Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

### Introduction: The Need for Secure and Reliable Booting In the ever-evolving landscape of Linux distributions, security and boot reliability have become paramount concerns. Traditionally, the boot process relied on separate kernel and initrd components, leading to potential vulnerabilities and complexities. This presentation delves into the journey of integrating a more robust and secure boot mechanism by leveraging the Unified Kernel Image (UKI). ### Static and Signed Initrd: Establishing a Foundation for Integrity We will begin by outlining the critical need for a static and signed initrd within modern Linux systems. The dynamic nature of traditional initrd generation can introduce vulnerabilities, as the contents are often generated at boot time, potentially exposing the system to tampering. By moving towards a static initrd, we achieve a higher level of predictability and security. Signing this static initrd ensures its integrity, preventing unauthorized modifications and bolstering the system's overall protection. ### Building and Distributing Static Initrd in openSUSE A brief overview of the practical steps involved in building a static initrd will be provided. We will explore the methods employed to streamline this process and integrate it seamlessly into the openSUSE distribution. ### The Unified Kernel Image (UKI): Definition and Advantages The core focus of this presentation will be the Unified Kernel Image (UKI). We will define what a UKI is, explaining its structure and the benefits it offers. This approach significantly simplifies the boot process, enhancing security and reducing the attack surface. ### Building in openSUSE: Challenges and Solutions for Enhanced Reliability We will then showcase the specific work undertaken within the openSUSE distribution to build and integrate UKIs. This includes the process to build from the open build service, and the necessary tooling to manage them and the bootloader configuration. We will discuss the challenges encountered and the solutions implemented to ensure a smooth distribution from the OBS to UKI-based booting system. But also features like addons, snapshots or profiles. This integration allows for efficient distribution and management of UKIs, ensuring consistent and reliable boot environments across various openSUSE installations. ### Future Directions and Conclusion: Towards More Robust Boot Environments Finally, we will discuss the future direction of UKI implementation in openSUSE, including potential enhancements. This conference aims to provide a comprehensive overview of the UKI implementation in openSUSE, offering valuable insights for system administrators, developers, and security enthusiasts alike. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

The Linux kernel scheduler is a critical component, profoundly impacting system performance and responsiveness. Traditionally, changing the scheduler has involved recompilation, rebooting, or complex kernel module management – a significant barrier for experimentation and fine-grained performance tuning. SchedKit dramatically simplifies this process, enabling users to dynamically switch between schedulers at runtime, without reboots or kernel modifications, opening up new possibilities in customizing kernel scheduling for the specific usecase. This talk introduces SchedKit, a new open-source project leveraging the power of eBPF and the sched_ext framework. SchedKit allows users to leverage custom Linux schedulers as standard OCI (Open Container Initiative) images. These scheduler containers are then launched and managed by the user's preferred container runtime (e.g., Docker, Podman, containerd). Through the magic of eBPF and sched_ext, SchedKit seamlessly attaches these containerized schedulers to the running kernel, changing the existing scheduling policy. Thanks to `schedctl` we can automatically download a new scheduler, run it, and have it attached to all the subsequent processes. ... and it's of course available on openSUSE! Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

openSUSE Leap is a "traditional" community distribution built on binary packages from SLES. In this session, we'll dive into the recently released openSUSE Leap 16.0 Beta, exploring its new features and changes. We'll also cover the migration process from Leap 15, including any challenges or considerations to keep in mind. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

Last three years I have talked at this conference about SUSE’s plans, the products to come, as well as the technology included. As over the time the plans are adjusted, this session will summarise the state of the matters, SUSE's plan for upcoming product releases and, most importantly, what it means for openSUSE Leap and Micro. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

Using configuration management like SALT or ansible for servers or more or less simple applications is standard practice in the industry. But, what if we talk about complex systems with special configurations and complex interactions? In the production industry we talk about "digital twins", which enables faster development and better integrations. For IT systems we talk now about a "digital blueprint" for our systems. Right now it's a vision we are evaluating - it should enable us to do "one-click-installations" of complex landscapes as well as generating a human readable description of the architecture. It hopefully shifts us from "define an architecture and implement something similar manually" or "sketch the architecture of an existing system" to a system synchronized with the architecture. A big part is the structured, templated description of the system and conventions or defaults how systems typically look like. We'll look at some already existing building blocks useful for implementing the vision, but we'll also sketch some missing parts or ideas to raise the full potential of our vision. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

When using tools like RPM or Zypper for updating packages, there is a risk of incomplete updates or breaking the running system. To overcome these challenges, we have developed **container-snap**, a prototype plugin designed to deliver **atomic OS updates** that are fully applied or rolled back without compromising the system's state. **container-snap** leverages OCI images as the source for updates and integrates seamlessly with openSUSE’s [tukit](https://github.com/openSUSE/transactional-update) for transactional OS updates. By utilizing **Podman’s btrfs storage driver**, it creates bootable btrfs subvolumes directly from OCI images, effectively turning them into atomic OS snapshots. This allows you to build OS images using familiar tools like Docker or Buildah and deploy the container image on your host. This lightning talk covers the following topics: - The `container-snap` architecture and implementation details - Main development challenges and solutions - Lessons learned in bridging container tech and OS updates - A live demo showcasing atomic updates in action Join this session to learn more about how to boot from an OCI image without bricking your system! Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

Are you in search of RPM-based CI for your project hosted on GitHub or GitLab? Allow us to introduce [Packit](https://packit.dev/), the upstream integration tailored specifically for RPM distributions. Initially conceived for Fedora, Packit now extends its capabilities to encompass the entire RPM family. In this presentation, we will explore Packit and how to use it for your project. Attendees can expect an examination of: * **RPM Builds and Testing**: Learn how Packit simplifies the process of running RPM builds and conducting tests directly on pull requests. * **RPM Repositories**: Discover how Packit allows you to provide your users with dependable RPM repositories, featuring builds sourced from every new commit or release. This functionality ensures users receive a consistent and up-to-date state of the project. * **Progress of Automated Upstream Version Updates**: As part of the [Google Summer of Code project last year](https://summerofcode.withgoogle.com/archive/2024/projects/dC93EbFr), we are also working on supporting the automatic syncing of new upstream versions to the Open Build Service (OBS). Uncover the benefits of this automated approach in simplifying package maintenance and ensuring alignment with upstream developments. Come and see! Feedback and collaboration are more than welcome! Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

In this presentation, I will give an introduction to the projects that the Future Technology team is working on and report on the current status. Some of the bigger topics are: - Update on Full Disk Encryption with TPM and Fido2 - Adding grub2-BLS support: - YaST2 - Images (including with full disk encryption) - Making it the default - Adding FDE+TPM support to YaST2 - New features for transactional-update and rework of /etc handling - systemd-sysext on MicroOS - systemd-pull and OBS - New tools (e.g. sndiff) - And much more Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

In this talk, I’ll share my personal experience using Linux as a student, from high school to university. I’ll talk about what it is like, what challenges I face, and how I manage day-to-day study tasks with Linux. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

When proprietary products are discontinued or bought up by competitors, your own (decision-making) freedom can quickly become precarious. A discontinued product forces you to migrate, incurs costs, and imposes unwelcome decisions. Not so with open source software: it offers me the freedom to develop the code further at any time, either on my own or with new partners, and to set up new support chains. The freedom not to have to migrate and the freedom not to have to work with an unpleasant service provider. Even drastic changes in product and business strategy can be avoided by taking matters into your own hands. At least that's the theory. But does it work in practice? This report is about a very recent case: about software that wasn't supposed to die, and a team that absolutely wanted to continue. It also shows where theory meets practice and the headwinds you have to face when you just go for it. But: a community has to do what a community has to do. And that can also mean: let's fork! Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

Uyuni offers two powerful APIs (XMLRPC and JSON) to integrate additional third-party applications. This talk demonstrates two integrations that allow users driving infrastructure automation: - an [Ansible collection](https://github.com/stdevel/ansible-collection-uyuni) that integrates Uyuni into Ansible and Event-driven Ansible. It allows controlling managed systems and enables users to continue using pre-existing Ansible environments such as AWX or Ansible Semaphore. Using this, fully automated patch management workflows are possible. - [a Terraform / OpenTofu provider MVP](https://github.com/svalabs/terraform-provider-uyuni) that can create resources within Uyuni I'd like to use this session to discuss how we can improve third-party integrations for Uyuni - e.g. by using the upcoming [OpenAPI](https://github.com/OAI/OpenAPI-Specification) / [Swagger](https://swagger.io/) functionality. This could speed-up development heavily. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

SELinux is a Mandatory Access Control (MAC) system that enhances a system's security by enforcing policy-based access control rules. For a long time openSUSE and SUSE have relied heavily on AppArmor as default MAC system. With the decision to switch to SELinux as default MAC on SLE 16 and openSUSE Tumbleweed, there are multiple challenges that we have to overcome to integrate SELinux into those distributions. This session will give an overview on the current state of SELinux in openSUSE and SUSE, the plans for the future and what it means for users. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

‘Public Money? Public Code!’ under this slogan thousands of individuals and hundreds of organisations come together and advocate for Free and Open Source Software in public institutions. Together with over 230 organisations the Free Software Foundation Europe (FSFE) is calling for public institutions to publish publicly financed software under a Free and Open Source Software license - If it is public money, it should be public code! The long-term goal of the initiative is to recognise and reduce the software dependency and vendor lock-in of public administration and to make public administrations digitally independent and sovereign. In this short talk, Bonnie Mehring introduces the "Public Money? Public code!" initiative by the FSFE and discusses how Free Software is the way to achieve digital sovereignty. Bonnie will discuss how public administrations can become digitally independent and benefit from Free Software. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

Rick Spencer has a passion for leading teams in the creation of amazing software. He strives to create clarity of vision, passion for quality, and user-centered decision making to both small and large software development teams. Rick is a General Manager with SUSE since January 2024. He has held positions at InfluxData, Canonical Ltd. and Microsoft Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

Join SUSE CEO Dirk-Peter van Leeuwen as he opens the openSUSE Conference 2025 in Nuremberg. In this brief welcome, DP will congratulate the community on its 20th anniversary - highlighting the critical role of open source collaboration and innovation in shaping the future of software innovation. He will specifically emphasize the immense importance of the European open source software developer community at this pivotal moment in time, recognizing its unique contributions and growing influence in a world of increasing geopolitical uncertainty. He will restate SUSE's commitment to the openSUSE project and its broader impact on the open source ecosystem. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de

Weltweit tobt ein Backlash zu Männerdominanz und rechter Ideologie. Woher kommt eigentlich toxische Männlichkeit? Schon in den 1970er Jahren analysierte Klaus Theweleit in Männerphantasien erstmalig die Verbindung von Männlichkeit, toxischer Sexualität und Faschismus. 45 Jahre später bringt Regisseurin Theresa Thomasberger das Werk auf die Bühne. Die drei Autorinnen Svenja Viola Bungarten, Ivana Sokola und Gerhild Steinbuch ergänzen das Stück um weibliche Perspektiven und zeigen, wie aktuelle Geschlechterbilder Gewalt, Ideologie und Identität prägen. Sonst auf der großen Theaterbühne, und jetzt exklusiv bei uns im Zelt! There is a global backlash toward male dominance and right-wing ideology right now. Where does toxic masculinity actually come from? Back in the 1970s, Klaus Theweleit analyzed the connection between masculinity, toxic sexuality, and fascism for the first time in his book Male Fantasies. Forty-five years later, director Theresa Thomasberger is bringing that work to the stage. Three authors complement the play with female perspectives and show how current gender images shape violence, ideology, and identity. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://c3voc.de

Walgesänge sind ein eindrucksvolles Beispiel tierischer Kultur. Sara Niksic ist Meeresbiologin, Musikerin und Geschichtenerzählerin und wir freuen uns sehr, dass sie uns einen Einblick in ihre Forschung und ihre Musik gibt. In ihrer preisgekrönten Arbeit zieht sie u.a. Parallelen zwischen der Musik der Buckelwale und der Entwicklung der menschlichen Musikkultur. Heute Nacht auch zu erleben bei Inner Child (dubstation). Language: EN Translation: YES Recording: YES Whale songs are an impressive example of animal culture. Sara Niksic is a marine biologist, musician, and storyteller, and we are delighted that she is giving us a glimpse into her research as well as her music. In her award-winning work, she draws parallels between the music of humpback whales and the evolution of human musical culture. You can experience her tonight also at Inner Child (dubstation). Language: EN Translation: YES Recording: YES Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://c3voc.de

So schnell ist es auch wieder vorbei. Hier gibt es ein kleines Rewind mit Daten und Fakten zur diesjährigen GPN. Vielen Dank, dass Du mitgemacht hast! <3 Zahlen, Daten, Fakten, Graphen. Aaaaahhhhh. Ooooooohhhhhhh. Uuuuuuuuuuhhhhhhhh. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/MWEYWE/

A while ago, I found a curious little processor and starting reverse-engineering it. Join me as I retell my journey through the Amlogic Video Decoder, from staring at bits over running hand-written instructions, to my own emulator and architecture manual. Disclaimer: "28-bit" isn't quite correct, but you'll see. Project homepage / Git repo: https://codeberg.org/neuschaefer/vicigol (will go live during GPN) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/KBQBE7/

Wir wollen in unserem Projekt Menschen mit ALS unterstützen, indem wir Eye-Tracking als Kommunikationshilfe zugänglicher und günstiger machen, und das in gemeinnützig und Open-Source. In unserem Vortrag werden wir unser Projekt, die Erkrankung sowie Eye-Tracking als Technologie vorstellen. ALS und MS sind Krankheiten, die Betroffenen nach und nach die Kontrolle über ihren Körper nehmen. Am Ende bleibt meist nur die Augenbewegung übrig. Eye-Tracker sind Geräte, die die Augenbewegung aufzeichnen und als Eingabemethode nutzbar machen. Sie können somit als Kommunikationshilfe eingesetzt werden, zum Beispiel in Form einer Bildschirmtastatur, wo auf die Buchstaben geschaut wird, um zu tippen. Die Geräte sind keine Neuheit, sind aber als Reha-Geräte extrem überteuert, oder auf Gaming oder Marktforschung ausgelegt und somit für Betroffene nicht praktikabel. Wir möchten Eye-Tracker für Betroffene zugänglicher machen, indem wir passende Software und Hardware finden oder selbst entwickeln, Wissen vermitteln, oder vor Ort bei der Einrichtung helfen. Wir möchten, dass Menschen weniger bis gar kein Geld für eine Lösung ausgeben müssen. ALS: https://de.wikipedia.org/wiki/Amyotrophe_Lateralsklerose Eye-Tracking: https://de.wikipedia.org/wiki/Eye-Tracking Unsere Webseite: https://eyes-on-disabilities.org/de/ Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/QXC9UX/

A short session for even shorter talks. Language: English or German -- english -- Wanna say something? The stage is yours. You have 10 minutes to talk about anything. A short talk about the mating behaviour of jellyfish; promoting your new open-source project; a small hack that you found; social commentary ... anything goes. Available infrastructure: A microphone, beamer and laptop with a USB-Stick to show slides (PDF format). If you want to use your own device to show your presentation, please come to the stage 15 minutes before the event so we can test the setup. If you want to have a talk, we'd like you to write a short e-mail to [email protected] or just call DECT 7063 (P0N3). However, spontaneous contributions are also welcome if there's still some time left at the end. -- german -- Du willst was sagen? Das Podium gehört dir. 10 Minuten hast du, dann wird gewechselt. Ein kurzer Vortrag über das Paarungsverhalten von Quallen, Werbung für dein neues Open-Source-Projekt, ein kleiner Hack den du neulich entdeckt hast, gesellschaftliche Kommentare ... alles geht. Zur Verfügung stehen Mikrophon, Beamer und ein Laptop mit USB-Stick, um Präsentationen im PDF-Format zu zeigen. Falls du eine Präsentation von deinem eigenen Gerät zeigen möchtest, würden wir dich bitten, 15 Minuten vor Beginn zu kommen, damit wir die Technik testen können. Am besten meldest du deinen Vortrag bei [email protected] oder DECT 7063 (P0N3) an. Spontane Beiträge sind aber auch gern gesehen, wenn am Ende noch Zeit ist. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/J7KDZG/

In diesem Vortrag möchte ich _"Lichtung"_ vorstellen -- eine kleine Server/Client-Anwendung, die einen simplen Micorblogging-Service zur Verfügung stellt und somit eine Lichtung in den dichten Internet-Wald schlägt. Sie ist entworfen, um innerhalb eines IP-Netzwerks einen deterministischen Feed von Beiträgen und verschlüsselte Chatrooms zwischen je zwei Parteien bereitzustellen. Besonderen Fokus lege ich dabei auf die möglichen **Einsatzgebiete eines lokalen Sozialen Netzwerks**, die **technische Umsetzbarkeit** von persistenten Nutzer-Identitäten über nicht-föderierte Serverinstanzen hinweg und die **Probleme**, die sichere Verschlüsselung und echte Anonymität **für Moderatoren** mit sich bringen. --- Aus technischer Sicht werden hier diverse spannende Themen rund um asymmetrische Verschlüsselung/Signaturen, generative Kunst und Netzwerk-Routing verbunden: - Wie könnte ein Client aussehen, der mehrere Server gleichzeitig anspricht? - Wie stellt man eine pseudonyme Identiät über mehrere voneinander getrennte Netzwerke hinweg dar? - Und wie konstruiert man ein sicheres Netzwerk, in dem Server und Client sich gegenseitig niemals gänzlich vertrauen können? Umgesetzt wird das über asymmetrische Kryptografie, bei der immer zwei zusammengehörige Schlüssel generiert werden: Ein geheimer zum Signieren und ein öffentlicher zum Verifizieren. Genauso beim Verschlüsseln von Direktnachtichten: Mit dem öffentlichen Schlüssel können Nachrichten verschlüsselt werden, die nur mit dem dazugehörigen, privaten Schlüssel wieder geöffnet werden können. Auf diesem Prinzip lässt sich ein Kommunikationssystem aufziehen, das die klassischen Funktionen eines sozialen Netzwerkes implementiert, ohne dass der Server Anmeldedaten halten muss. Dabei spielen Identicons eine große Rolle, die aus den maschinenlesbaren Hashes des kryptographischen Unterbaus hübsche, für den Menschen leicht wiedererkennbare Muster generieren. Sie machen die hidden patterns des asymmetrischen Signieren und Verschlüsselns somit deutlich und greifbar! --- Aber auch die gesellschaftliche Perspektive muss bei einem solchen Projekt betrachtet werden: - Wie kann und muss ein digitaler, sozialer Raum moderiert werden? - Was sind die Implikationen von voller Anonymität im Internet und wie sicher darf eine Verschlüsselung überhaupt sein? - Welche Überlegungen muss ich treffen, bevor ich Inhalte von Nutzern auf meiner eigenen Seite bereitstelle? - Und wie können wir technische Lösungen schaffen, um Content-Moderation angenehmer zu gestalten? Moderne soziale Netzwerke, wie Instagram, Twitter oder TikTok sind für datenschutz-bewusste Menschen nahezu vollkommen unbenuzbar geworden. Erst kürzlich kündigte Meta an, **alle Nutzerdaten in state-of-the-art Machine-Learning-Systeme** zu füttern, um damit möglichst realistisches Nutzerverhalten zu simulieren. Das Fediverse mit Mastodon, Pixelfed, Feddit und vielen anderen Anwendungen setzt dagegen einen gesunden, dezentralen Kontrapunkt. Doch was _alle diese Netzwerke_ gemein haben ist, dass sie global und für jeden Menschen mit Internetzugang verfügbar sind. Dabei ist das Anwengungs-Modell, kreative oder lustige Text- und Bildbeiträge in einen zeitlich sortierten Feed zu posten, auch für **kleinere lokale Netzwerke** interessant! In Hackspaces oder Vereinsräumen könnte ein solcher Feed als **gemeinschaftliches Gästebuch** genutzt werden; auf Messen oder Festivals könnte **lokale Kommunikation und Vernetzung** vereinfacht werden, aber auch im privaten Heimnetz könnte eine solche Anwendung z.B. als **WG-Tagebuch** genutzt werden. Natürlich spricht auch nichts dagegen, eine Instanz ins **öffentliche Internet** zu stellen, und einen herkömmlichen Microblogging-Dienst zu betreiben. _"Lichtung"_ ist eine kleine Server/Client-Anwendung, die einen simplen Microblogging-Service zur Verfügung stellt. Sie ist entworfen, um innerhalb eines IP-Netzwerks einen deterministischen Feed von Beiträgen und verschlüsselte Chatrooms zwischen je zwei Parteien bereitzustellen. **Dabei sollen Nutzer-Identitäten über verschiedene Server-Instanzen und Netzwerke hinweg persistent sein und gleichzeitig eine hohe Datendiskretion gewahrt bleiben.** Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/YE7PYL/

Der Traum der grenzenlosen Eisenbahn in Europa heißt SERA. Durch technische Standards für die Interoperabilität sollen Züge in Zukunft in jedem Land Europas fahren können. Ich versuche zu erklären, wie das klappen soll und warum es dabei auch um Security geht. Auf der GPN21 habe ich über das Problem grenzüberschreitender Zugfahrten berichtet. [1] Dieser Vortrag ist eine gute Fortsetzung um zu zeigen, woran auf europäischer Ebene gearbeitet wird. Damit in Zukunft Züge nicht von Grenzen aufgehalten werden, arbeitet die EU im Rahmen des Programms Europe's Rail [2] an abgestimmten Standards und Modellen, mit denen einheitliche Architekturen und Technologien festgelegt werden. Als Leiter der Domäne Cyber Security für die europäischen Eisenbahnen arbeite ich mit internationalen Kollegen an den europäischen Sicherheitsanforderungen für das harmonisierte Eisenbahnsystem. Ich stelle anhand der im April veröffentlichten Cyber Security Specifications die Arbeit an solchen internationalen Standards (und auch Normen) vor und versuche das recht komplexe Thema der europäischen Zusammenarbeit zwischen Herstellern und Betreibern im Eisenbahnsektor erfahrbar zu machen. [1] https://media.ccc.de/v/gpn21-198-warum-es-leichter-ist-auslndische-webseiten-aufzurufen-als-mit-dem-zug-ins-ausland-zu-fahren [2] https://rail-research.europa.eu/ Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/BLJLTV/

KISS (Keep it Simple, Stupid!) ist ein Prinzip der Software- und Systemarchitektur, nach welchem Systeme möglichst einfach gehalten werden sollen. In diesem Talk möchte ich an dieses Prinzip erinnern, Positiv- und Negativbeispiele aufzeigen, und ein Plädoyer dafür halten, Systeme so einfach wie möglich zu gestalten. Diese Idee der Einfachheit hat auch als Architekturprinzip des Internets zu dessen schnellen Wachstum beigetragen bzw. dieses überhaupt erst ermöglicht. Leider wird dieser Ansatz in der heutigen Zeit der Frameworks, Microservices und KI oft vergessen. Deshalb möchte ich darauf eingehen, wo Komplexität entsteht und wie Einfachheit sowohl Kosten als auch Wartungsaufwand einsparen kann, aber auch diskutieren, wann das Einführen von mehr Komplexität sinnvoll sein kann. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/DUHPQU/

Wenn man nur einen Hammer hat, sieht alles aus wie ein Nagel – so fühlt es sich manchmal an, wenn man die Begeisterung rund um „KI“ betrachtet. Gemeint ist dabei fast immer nur der Teilbereich generativer KI, die mit stochastischen Methoden plausible Ergebnisse produzieren soll. Links liegen bleibt dagegen „Good Old-Fashioned AI“, also regel- und logikbasierte Systeme, die mit semantischen Daten deterministische Schlüsse ziehen, ganz ohne Konfabulationen. Wer diesen Weg begeht, schafft gleichzeitig die Voraussetzungen für mehr Transparenz, Open Data und solide IT-Basisinfrastruktur. Prolog statt Chatbot, Daten statt Office-Dokumente – wir schlagen einen kleinen argumentativen Werkzeugkasten vor, wie wir als Community für solide, abgehangene IT-Lösungen auf dem Stand der Zeit bei Stadt, Land und Bund werben können anstatt für generativen KI-Budenzauber. Wer auf öffentlichen Bühnen „KI“ sagt, meint gerade viel zu häufig einfach nur das Teilgebiet der generativen Systeme, mit hohem Energieaufwand und einer Schleppnetzrunde durch die Inhalte des Web trainiert. Das User Interface und die Ergebnisse dieser Systeme wirken faszinierend, sie werden häufig anthropomorphisiert als seien sie Personen, und in der öffentlichen Debatte haben sie den Rang eingenommen, den vor sieben Jahren noch Blockchains haben – egal welches Problem, generative KI ist die Lösung. GenAI ist aber nur ein Teilgebiet von zwei historischen Strömungen im Forschungsfeld KI. Die andere Strömung, symbolische KI oder GOFAI („Good Old-Fashioned AI“) kommt vergleichsweise bescheiden daher: Daten und Wissensbestände sollen so aufbereitet werden, dass sie maschinell nach logischen Regeln ausgewertet werden können. Auch Prolog ist also „KI“, nur weiß das spätestens auf politischer Ebene kaum jemand mehr! Der einseitige Fokus auf generative Systeme hat aber absurde Seiteneffekte und Folgen vor allem für den Staat, der gerade genAI an allen möglichen passenden und vor allem unpassenden Stellen einzusetzen versucht. Denn ein heuristisches System ist zwar ausreichend, wenn es zum Beispiel darum geht, auf einem Bild einen Apfel zu erkennen. Für eine Verwaltung, die nach Regeln vorgehen und Gleiches stets gleich behandeln muss, sind regelmäßige stochastische Fehler aber nicht akzeptabel – ganz zu schweigen von den Seiteneffekten rund um Energieverbrauch und strategischen Abhängigkeiten. Wir möchten einen kleinen Werkzeugkasten vorschlagen, mit dem Du genAI-Projekte zerfragen und auf die strategischen Vorteile von Wissensgraphen und regelbasierten Systemen hinweisen kannst – und mit dem Du auch deine örtlichen GemeinderätInnen und Abgeordneten in die Lage bringen kannst, das zu tun. Denn vieles hängt einfach nur daran, Informationen nicht mehr in Office-Dokumenten (der „Käfighaltung für Daten“), sondern in Wissensgraphen zu speichern. Oder mit kleinen ETL-Skripten viel mehr Wiederverwendbarkeit und auch Open Data schaffen zu können als mit einem teuer beauftragten genAI-Projekt. Denn für viele vorgeschlagene Einsatzfelder gäbe es schon längst Lösungen, basierend auf abgehangener und bewährter Technologie – und gar nicht selten als Freie Software aus der digitalen Zivilgesellschaft entwickelt, die seither einfach ignoriert wurde. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/DJRHVX/

Der Vortrag zeigt, wie man zur eigenen Marke kommt. Mit etwas IT-Know-How und Grundlagenwissen aus diesem Vortrag steckt ein geneigter Nerd* so manche juristische Dienstleister bei der Recherche in die Tasche und hat anschließend eine Marke. Eine unklare Markenrechtslage ist für Vereine und auch freie Software öfter ein Problem, als man denkt. <a href="https://netzpolitik.org/2023/hackspace-in-ulm-verschwoerhaus-verliert-seinen-namen-an-die-stadt/">Der Fall des Hackerspaces „Verschwörhaus“</a>, in welchem die Stadt Ulm gegen den Verein geklagt hat und sich mit einer Markenanmeldung große Vorteile in der Auseinandersetzung verschaffte, sei hier als trauriges Beispiel genannt. Einige berühmte Marken-Fails und Kuriositäten am Ende des Vortrags sollten zudem ein wenig Unterhaltungswert liefern. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/FCXBSQ/

In our daily life, we often think of PDF documents as static and immutable. This mental model is wrong. In this presentation, we give a brief overview of PDF (in-)security and describe a novel kind of attack where a malicious PDF document can * change its displayed content with time (while the file stays the same) * display different content to different people We publish details and a proof of concept at https://github.com/vlkl-sap/perfidy-deception-fraud Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/G7FMP3/

Having looked at multiple implementations of DRAM initialization code for different platforms, both in binary and source form, I have started to see certain patterns occur. In this talk, we will focus on the binary form, since it is how that code is often distributed these days, and thus useful to gain an understanding of how modern DRAM controllers work and how they are integrated in contemporary platforms. We will walk through the process of finding data and data structures that are used in the code, and see how we can make sense of them, so that we can extract them as pure facts, or come up with simpler solutions for some of them when implementing our own initialization procedures. To assist us with different aspects of analysis, we will feature helpful tools and techniques for certain steps, and conclude with achievements made so far. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/CKHL93/

Früher wurde Strom vor allem aus Kohle-, Gas- und Kern-kraftwerken erzeugt. Da das aber extrem schädlich für Umwelt und Klima ist, setzen wir inzwischen deutlich mehr auf nachhaltig erzeugten Strom, wie Wind- und Sonnenenergie. Diese stehen jedoch leider nicht immer zur Verfügung. Bisher ist gerade mal die Hälfte der Stromerzeugung in Deutschland erneuerbar, in Zukunft müssen wir aber auf fast 100% kommen. Wie das funktionieren kann, was sich dafür schon geändert hat und was noch geändert werden muss, möchte ich euch in diesem Vortrag zeigen. Es wird unter anderem um folgendes gehen: - Ein gigantisches Optimierungsproblem - Batterien und grünen Wasserstoff - Flexibilität im Stromverbrauch - Wie das Übertragungsnetz besser genutzt werden kann - Was das Stromnetz mit dem Internet gemeinsam hat - Warum wir Open Source und Open Data brauchen - Politische Maßnahmen und Forderungen Vorwissen wird nicht benötigt Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/LTLM8U/

Augenschmaus, Bassmassage mit einer satten Beilage Unterhaltung und kunen. Wir servieren, wie jedes Jahr, eine Kollektion der feinsten Demos des vergangenen Jahres. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/UTMRPY/

A short session for even shorter talks. Language: English or German -- english -- Wanna say something? The stage is yours. You have 10 minutes to talk about anything. A short talk about the ultimate Tschunk recipe; promoting your new open-source project; a small hack that you found; social commentary ... anything goes. Available infrastructure: A microphone, beamer and laptop with a USB-Stick to show slides (PDF format). If you want to use your own device to show your presentation, please come to the stage 15 minutes before the event so we can test the setup. If you want to have a talk, we'd like you to write a short e-mail to [email protected] or just call DECT 7063 (P0N3). However, spontaneous contributions are also welcome if there's still some time left at the end. -- german -- Du willst was sagen? Das Podium gehört dir. 10 Minuten hast du, dann wird gewechselt. Ein kurzer Vortrag über das ultimative Tschunk-Rezept, Werbung für dein neues Open-Source-Projekt, ein kleiner Hack den du neulich entdeckt hast, gesellschaftliche Kommentare ... alles geht. Zur Verfügung stehen Mikrophon, Beamer und ein Laptop mit USB-Stick, um Präsentationen im PDF-Format zu zeigen. Falls du eine Präsentation von deinem eigenen Gerät zeigen möchtest, würden wir dich bitten, 15 Minuten vor Beginn zu kommen, damit wir die Technik testen können. Am besten meldest du deinen Vortrag bei [email protected] oder DECT 7063 (P0N3) an. Spontane Beiträge sind aber auch gern gesehen, wenn am Ende noch Zeit ist. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/GZMGEY/

Ever wondered how PC demos are made? What technologies are used and how people are working together in such a loose environment? Let's have a look together at how the demo "Grow Beyond", the invitation for Revision 2025 was made. In September 2024 a handful of people came together to create the invitation to the biggest demoscene event of the year. They only had a rough concept, no engine, no assets and most haven't worked together before - and the deadline for the release was only six months away. This is the story of how this demo was made - what we planned to do, what worked, what didn't and how we resolved the many issues along the way. We'll have a look at the custom tools, pipelines and workflows developed for this production as well as the organizational and creative challenges that we faced in this project. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/3PREZS/

Ein Spot-Roboterhund von Boston Dynamics ist euch zu teuer oder passt nicht in euren Hackerspace? Probiert es doch mit [dieser handlichen kleinen Roboterkatze](https://github.com/Windfisch/robocat) für unter 50 Euro Materialkosten. Bastel~~spass~~bedarf garantiert! :D Ich stelle mein Projekt eines vierbeinigen Roboters vor: Vom mechanischen Entwurf für den Lasercutter über die Steuerplatine mit Microcontroller, die verwendeten Servomotoren bis hin zur Software auf der Steuereinheit rede ich über die Tools, die ich genutzt habe, welche Probleme ich dabei hatte und wie ich sie lösen könnte. [Das Projekt ist Open-Source](https://github.com/Windfisch/robocat), ihr könnt es (wenn ihr Zugriff auf einen Lasercutter habt) für < 50 Euro Materialeinsatz selbst nachbauen. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://cfp.gulas.ch/gpn23/talk/LTYSW7/