Chaos Computer Club talks 2019

Videos:
https://media.ccc.de/b/congress/2019

Event presentations and slides:
https://fahrplan.events.ccc.de/congress/2019/Fahrplan/index.html


#ccc #talks

Interview: Vincent Canfield from cock.li comments on his expulsion from the 36C3

In our conversation Vincent Canfield tells us how the violent expulsion from 36C3 happened from his point of view. Vincent is not exactly an undisputed personality, to put it objectively. He tells us how he came up with the idea of founding his e-mail service cock.li. We also learn about Vincent’s political view of the world or how seriously he thinks cock.li should be taken. Of course we also talk to him about the „unpleasant“ moments he unfortunately had to experience at this year’s Chaos Communication Congress (36C3) in Leipzig. The man from the National.Shitposting.Agency (NSA?)had to face some questions in our interview.

Vincent Canfield: a topic about which people elsewhere prefer to remain silent?

No year should end without the annual Chaos Communication Congress (36C3). Also this year, one headline quickly followed the next. As has been the case for many years, the media have taken up the topics of the Chaos Communication Congress. Whether it’s about hacking in general, data protection or autonomous driving, 5G networks or the final proof that Deutsche Bahn is indeed unpunctual. As every year, everything was reported in detail. Apparently, (almost) nobody wanted to report on just one topic until today: Vincent Canfield, the head of cock.li, has obviously been thrown out of this year’s 36C3 congress in a rather unpleasant way.

👉🏼 The interview in english:
https://tarnkappe.info/vincent-canfield-from-cock-li-comments-on-his-expulsion-from-the-36c3/

👉🏼 The interview in german:
https://tarnkappe.info/interview-vincent-canfields-meinung-zu-cock-li-und-ueber-den-ccc/

https://twitter.com/gexcolo/status/1214261610338037761

#Vincent #cockli #CCC #interview
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Chaos Colloquium #1 - Dr. Roland van Rijswijk-Deij on DNS privacy and security

Post-Snowden, privacy became a prime focus of the IETF, and let to the improvement of a number of Internet protocols. Among these protocols is the Domain Name System, which maps human readable names to machine readable addresses.

The original DNS protocol communicates mostly in plain text over UDP, making it highly susceptible to eavesdropping. Since knowing what names a person queries for is highly revealing about their Internet surfing behaviour, the IETF decided to address the privacy shortcomings of the DNS. Initially, this led to the standardisation of DNS-over-TLS (DoT), and more recently, the standardisation of DNS-over-HTTPS (DoH).

https://media.ccc.de/v/chaoscolloquium-1-dns-privacy-security

#ccc #Colloquium #DNS #privacy #security #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

What does Big Brother see, while he is watching? - Uncovering images from the secret Stasi archives

In the past years there has been a lot of discussion on the topic of state sponsored surveillance. But hardly any material can be accessed to support the general debate due to vaguely declared security concerns. So we are debating Big Brother with little knowledge about what he actually sees, while he is watching. Over the course of three years, I was able to research the archives left by East Germany's Stasi to look for visual memories of this notorious surveillance system and more recently I was invited to spend some weeks looking at the archive by the Czechoslovak StB.

https://media.ccc.de/v/32c3-7209-what_does_big_brother_see_while_he_is_watching

#CCC #32c3 #stasi #BigBrother #surveillance #why #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Hacking health

About hacking wheelchairs, building custom bicycles, adapters to use e-scooters as outboard motors: Empowering people with disablitities or healthcare needs through Open Hardware. Presentation on experiences and lessons learned in collecting and co-creating open personalized DIY healthcare solutions for replicability and adaptability in Makerspace worldwide.

https://vid.lelux.fi/videos/watch/5c2b56de-5e0c-4e9a-a299-52b2547c27cb

#CCC #36C3 #hacking #health #wheelchairs #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Quantum Hardening Cryptographic Protocols

This talk is an introduction to the field of quantum hardening. The introduction of practical quantum computers will render existing cryptographic protocols unsafe. At what point we need to start worrying and what can be done to remedy this problem is the focus of this talk. The talk begins with an introduction to the design of modern cryptographic protocols in general.

If you would like to skip the crypto introduction and cut to the quantum hardening part, jump to minute 29:00

📺 👉🏼 🇬🇧 https://media.ccc.de/v/DiVOC-19-quantum-en

📺 👉🏼 🇩🇪 https://media.ccc.de/v/DiVOC-19-quantum

#ccc #DiVOC #video #quantum #hardening
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

The ultimate Galaksija talk - Everything about a Yugoslavian microcomputer halfway between a TRS-80 and a ZX 80

#Galaksija was to be in #Yugoslavia what #Commodore and #Sinclair were in the west. Whether it succeeded or not, its deceptively simple design can still teach us a lot of interesting tricks on how to make a usable computer and operating system with as few transistors and bits as possible.

📺 👉🏼 https://cdn.media.ccc.de/congress/2012/mp4-h264-HQ/29c3-5178-en-the_ultimate_galaksija_talk_h264.mp4

🎧 👉🏼 https://cdn.media.ccc.de/congress/2012/mp3-audio-only/29c3-5178-en-the_ultimate_galaksija_talk_mp3.mp3

#29c3 #ccc #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

rC3 – remote Chaos Experience

This year, CCC hosts the Remote Chaos Experience (rC3) instead of an on-site event in Leipzig.

💡 This endeavor requires creativity, joy of experimentation and active support.

A face-to-face event with 17,000 people will be neither responsible nor legally feasible this year. But after this tedious and painful 2020, we really deserve a nice finale!

This is why the rC3 – Remote Chaos Experience will be held.
As much as virtually possible, we want to convey the joy, content, togetherness and wonderful madness that make up a Chaos Communication Congress.

Hackers are used to remote work and online meetings. This makes our annual face-to-face meetings all the more important. Of course, it will be difficult to re-enact online all the things that make Congress what it is for us.
But then someone said it would be impossible. Our ambition was aroused.
Just like every year, we want to see the concentrated energy and creativity of hackers with dedication.

👀 👉🏼 https://events.ccc.de/2020/09/04/rc3-remote-chaos-experience/#english

#rC3 #CCC #RemoteChaosExperience
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

When DevOps goes wrong - An observation story

In recent years, the DevOps movement has grown massively in popularity.
For some it made life easier, for others there were no changes and for others it has become "worse" since then.
If you belong to the latter group and have ever thought that you are alone in this respect, you are wrong. Obviously, some of these deteriorations are due to the fact that DevOps is implemented "wrong" or inconsistently in the workplace.
This talk will give an overview of real life observations made in DevOps environments.
It might include some of the nice, some of the bad and some of the ugly solutions you might encounter.

📺 👉🏼 https://media.ccc.de/v/froscon2020-2587-when_devops_goes_wrong

#froscon2020 #ccc #devops #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Surveilling the surveillers - About military RF communication surveillance and other activist art & technology projects

This talk will present relevant works in this field and will draw connections between critical art and regulatory power, warfare, surveillance, electronic waste, electronic self-defense and the re-appropriation of architectural and technological artifacts in militant ways.

📺 👉🏼 This Talk was translated into eng / deu / fra. 👇🏼
https://media.ccc.de/v/33c3-7978-surveilling_the_surveillers#t=70

#surveilling #surveillers #33c3 #ccc #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Democratizing and Decolonizing the Future - Grassroots Utopias from Indonesia

In this online podium discussion we will present the power of critical ideas and show examples of utopian futures in the making in Indonesia. The projects created by Indonesian hackers and makers use technology to solve one or more local problems, attempting to create more equitable and positive future for their communities. They will be streamed as they happen live: different projects from around Indonesia will show how they make social change happen.

📺 👉🏼 https://media.ccc.de/v/ds20-11322-democratizing_and_decolonizing_the_future

#ds20 #ccc #indonesia #utopias #democratizing #decolonizing #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

seccomp — Your Next Layer of Defense

Why should you allow all possible system calls from your application when you know that you only need some? If you have ever wondered the same then this is the right talk for you.

👉🏼 We are covering:

* What is seccomp in a nutshell and where could you use it.
* Practical example with Docker, Elasticsearch, and Beats.
* How to collect seccomp violations with Auditd.

Because your security approach can always use an additional layer of protection.

📺 👉🏼 https://media.ccc.de/v/froscon2020-2614-seccomp_your_next_layer_of_defense

#froscon2020 #ccc #seccomp #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

All Creatures Welcome

All Creatures Welcome sketches a utopian image of society in the digital era. Accompanied by the appeal to “use hacking as a mindset,” the viewers immerse themselves, together with the filmmaker, in a documentary adventure game and explore the world of digital communities at the events held by the Chaos Computer Club; a real-world reflection of the virtual spectrum. Together with the filmmaker and the slogan"use hacking as a mindset" we immerse in a documentary adventure game and explore the world of Komputerfrieks, as they used to call themselves at the inaugural meeting of the Chaos Computer Club in 1981.

📺 👉🏼 (German Subs)
https://media.ccc.de/v/all_creatures_welcome

#ccc #welcome #video #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

What The Fax?! - Hacking your network likes it's 1980 again

We all know what FAX is, and for some strange reason most of us need to use it from time to time. Hard to believe its 2018, right?

But can FAX be something more than a bureaucratic burden? Can it actually be a catastrophic security hole that may be used to compromise your entire network? Come watch our talk and find out …

👉🏼 📺 🇩🇪 🇬🇧 🇫🇷
https://media.ccc.de/v/35c3-9462-what_the_fax

💡 These file here contains multiple languages.
The file available for download contains all languages as separate audio-tracks.

#ccc #fax #security #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

The Elephant In The Background: Empowering Users Against Browser Fingerprinting

Tracking users is a ubiquitous practice in the web today. User activity is recorded on a large scale and analyzed by various actors to create personalized products, forecast future behavior, and prevent online fraud. While so far HTTP cookies have been the weapon of choice, new and more pervasive techniques such as browser fingerprinting are gaining traction. Hence, in this talk, we describe how users can be empowered against fingerprinting by showing them when, how, and who is tracking them using JavaScript fingerprinting.

https://media.ccc.de/v/rc3-113142-the_elephant_in_the_background

#ccc #rc3 #browser #fingerprinting #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag
📡@BlackBox

CIA vs. Wikileaks - Intimidation surveillance and other tactics observed and experienced

In this talk, I aim to report and show a collection of observations, physical, visual and other evidence of the last years incidents that strongly indicate a context of the US Central Intelligence Agency and/or potentially other entities of the US Government actions against Wikileaks and surrounding persons and organisations.

https://media.ccc.de/v/rc3-11512-cia_vs_wikileaks

💡 These file here contains multiple languages. (🇩🇪 🇬🇧)
The file available for download contains all languages as separate audio-tracks.

#ccc #rc3 #cia #wikileaks #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag
📡@BlackBox

Login To HELL: The nightmares of an infosec professional in South America

"In 2014, Alberto Daniel Hill, an expert in cybersecurity, found a security issue in a medical provider’s website. In reporting the issue, it led him to become the first person imprisoned in Uruguay for a computer-related crime—a crime he didn’t commit, and one that probably never even happened.

Alberto, a hacker, was the perfect target for a judicial system that doesn’t understand cybersecurity or cybercrimes. Through police misconduct and incompetence, his life was thrown into upheaval, and he is still recovering from a system where there are no guarantees of a fair trial.

https://media.ccc.de/v/rc3-625023-login_to_hell

🎙Darknetdiaries - EP 25: Alberto
https://t.me/BlackBox_Archiv/1678

#alberto #truecrime #darknetdiaries #rc3 #ccc #cybersecurity #cybercrime #podcast #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag