{"acronym":"36c3","aspect_ratio":"16:9","updated_at":"2026-04-04T15:45:05.899+02:00","title":"36C3: Resource Exhaustion","schedule_url":"","slug":"congress/2019","event_last_released_at":"2021-01-26T00:00:00.000+01:00","link":"","description":"","webgen_location":"congress/2019","logo_url":"https://static.media.ccc.de/media/congress/2019/logo.png","images_url":"https://static.media.ccc.de/media/congress/2019","recordings_url":"https://cdn.media.ccc.de/congress/2019","url":"https://api.media.ccc.de/public/conferences/36c3","events":[{"guid":"df93bf36-c048-4dea-ad2b-898ac3255cfa","title":"Let’s play Infokrieg","subtitle":"Wie die radikale Rechte (ihre) Politik gamifiziert","slug":"36c3-10639-let_s_play_infokrieg","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10639.html","description":"Manche Spiele will man gewinnen, andere will man einfach nur spielen. Bei vielen Spielen will man beides. Spielen macht Spaß. Gewinnen auch. Warum also nicht immer und überall spielen? Warum nicht Politik spielen wie einen Multiplayer-Shooter? Mit motivierten Kameraden und ahnungslosen Gegnern? Mit zerstörbarer Umgebung, erfolgreichen Missionen und zu erobernden Flaggen? Teile der radikalen Rechten tun das mit Erfolg. Der Vortrag schaut sich einige Beispiele aus Deutschland und den USA näher an.\n\nWir sprechen von “Spielifizierung”, wenn typische Elemente von Spielmechaniken genutzt werden, um in spielfremden Kontexten motivationssteigernd zu wirken. Während diese Strategie vor allem wirtschaftlich genutzt wird, um Kundenbindung und Mitarbeiterproduktivität zu erhöhen, ist sie auch zu einem zunehmend wichtigen Teil politischer Kultur geworden. Insbesondere Online-Communities verwenden Spielelemente, Memes/Lore und spielnahe Unterhaltungsformate, um ihre sozialen Beziehungen und jene zur Realität zu gestalten und zu strukturieren. \n\nInnerhalb solcher Beziehungen war es nur eine Frage der Zeit, bis archetypische NPCs wie der gewöhnliche Troll sich zu Lone-Wolf-Spielercharakteren entwickeln, Rudel bilden und sich in einem stetig wachsenden und ausdifferenzierenden System von Gilden und meritokratischen Jagdverbänden organisieren würden. Die Politisierung solcher neuer Stammesgesellschaften ist eine logische Konsequenz dieser Evolution.\n\nDer Vortrag beleuchtet einerseits den US-kulturellen Hintergrund des Feldes: von der Spielmetapher als legitimierenden Rahmen in der “Manosphere”, “#Gamergate” und Operationen der chan-übergreifenden /pol/-Community. Andererseits sucht er Strategien, die darauf abzielen, Teile des politischen Diskurses zu “gamen”, zu kapern und zu verstärken, auch in deutscher Trollkultur auf, vom genreprägenden “Drachengame” bis zu explizit politischen Initiativen wie “Reconquista Germanica”... und dem live gestreamten Terror einer neuen faschistischen Subkultur.","original_language":"deu","persons":["Arne Vogelgesang"],"tags":["36c3","10639","2019","Ethics, Society \u0026 Politics","Main"],"view_count":47288,"promoted":false,"date":"2019-12-27T23:30:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-04-03T11:30:07.491+02:00","length":2769,"duration":2769,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10639-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10639-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10639-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10639-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10639-let_s_play_infokrieg","url":"https://api.media.ccc.de/public/events/df93bf36-c048-4dea-ad2b-898ac3255cfa","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"333a8580-79d9-4a01-800b-f958612636e6","title":"Breaking Microsoft Edge Extensions Security Policies","subtitle":null,"slug":"36c3-11186-breaking_microsoft_edge_extensions_security_policies","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11186.html","description":"Browsers are the ones who handle our sensitive information. We entirely rely on them to protect our privacy, that’s something blindly trusting on a piece of software to protect us. Almost every one of us uses browser extensions on daily life, for example, ad-block plus, Grammarly, LastPass, etc.\n\nBut what is the reality when we talk about security of browser extensions.\n\nEvery browser extensions installed with specific permissions, the most critical one is host access permission which defines on which particular domains your browser extension can read/write data.\n\nYou might already notice the sensitivity of host permissions since a little mistake in the implementation flow would lead to a massive security/privacy violation.\n\nYou can think of this way when you install an extension that has permission to execute JavaScript code on https://www.bing.com, but indeed, it allows javaScript code execution on https://mail.google.com. Which means this extension can also read your google mail, and this violates user privacy and trust.\n\nDuring the research on edge extensions, we noticed a way to bypass host access permissions which means an extension which has permission to work on bing.com can read your google, facebook, almost every site data.\n\nwe noticed using this flow we can change in internal browser settings, Further, we ware able to read local system files using the extensions. Also in certain conditions, it allows you to execute javaScript on reading mode which is meant to protect users from any javaScript code execution issues.\n\nThis major flaw in Microsoft Edge extension has been submitted responsibly to the Microsoft Security Team; as a result, CVE-2019-0678 assigned with the highest possible bounty.\n\nOutline\n\n1. Introduction to the browser extension\nThis section is going to cover what is browser extensions, and examples of browser extensions that are used on a daily basis.\n\n2. Permission model in browser extensions\nThis section details about the importance of manifest.json file, further details about several permissions supported by edge extensions and at last it describes different host access permissions and the concept of privileged pages in browsers.\n\n3. Implementation of sample extension\nIn this section, we will understand the working of edge extensions and associated files.\n\n4. Playing with Tabs API\nThis section includes the demonstration of loading external websites, local files and privileged pages using the tabs API.\n\n5. Forcing edge extensions to load local files and privileged pages\nHere we will see how I fooled edge extensions to allow me to load local files and privileged pages as well.\n\n6. Overview of javascript protocol\nThis section brief about the working and the use of JavaScript protocol.\n\n7. Bypassing host access permission\nThe continuing previous section, here we will discuss I was able to bypass host access permission of edge extensions using the javascript URI’s.\n\n8. Stealing google mails\nOnce we bypassed the host access permission, we will discuss how edge extension can read your Google emails without having permission.\n\n9. Stealing local files\nThe continuing previous section, here we will discuss how an edge extension can again escalate his privileges to read local system files.\n\n10. Changing internal edge settings\nThis section details how I was able to change into internal edge settings using edge extensions, this includes enabling/disabling flash, enabling/disabling developer features.\n\n11. Force Update Compatibility list\nThis section details how an extension can force update Microsoft compatibility list\n\n12. javascript code execution on reading mode?\nHere we will dicuss about the working of reading mode and CSP issues associated with it.\n\n13. Escalating CSP privileges.\nThis section describes how edge extensions provides more privilages to the user when dealing with content security policy","original_language":"eng","persons":["Nikhil Mittal"],"tags":["36c3","11186","2019","Security","Main"],"view_count":619,"promoted":false,"date":"2019-12-28T17:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2025-10-04T12:45:04.900+02:00","length":1816,"duration":1816,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11186-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11186-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11186-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11186-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11186-breaking_microsoft_edge_extensions_security_policies","url":"https://api.media.ccc.de/public/events/333a8580-79d9-4a01-800b-f958612636e6","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"4f4901d9-d5fa-594d-b367-532933de3d02","title":"Achtung Vorratsdatenspeicherung: Es wird ernst","subtitle":null,"slug":"36c3-114-achtung-vorratsdatenspeicherung-es-wird-ernst","link":"https://fahrplan.chaos-west.de/36c3/talk/S9XFSM/","description":"Untertitel:\n\nWie Europol und die Innenminister der EU-Länder Massenüberwachung legalisieren wollen und was dagegen zu tun ist.\n\n–– \n\nZusammenfassung:\n\nTrotz klarer Gerichtsurteile gegen anlasslose Massenüberwachung wird in Arbeitsgruppen, Ausschüssen und Spezialgerichten an neuen Rechtsgrundlagen für eine EU-weite Vorratsdatenspeicherung gearbeitet. Es geht um Hintertüren in der ePrivacy-Verordnung, einen Fahrplan von EU-Rat und EU-Kommission, ein Überwachungskonzept von Europol und Versuche, den EU-Gerichtshof zu einer Revidierung vorheriger, grundrechtefreundlicher Urteile zu bewegen, während zur selben Zeit in Deutschland die CDU den Terror-Angriff von Halle/Saale instrumentalisiert.\n\n––\n\nAusführliche Beschreibung:\n\nIn diesem Vortrag möchte ich erklären, wie sogenannte Sicherheitspolitiker auf drei Ebenen an mehreren neuen Rechtsgrundlagen für die massenhafte und anlasslose Überwachung unserer Kommunikations- und Aktivitätsdaten arbeiten. In diesem Zusammenhang möchte ich die Reaktion der deutschen CDU auf den Terror-Angriff in Halle/Saale im Oktober diesen Jahres als geschichtsvergessen kritisieren.\n\nZum Referenten: Mein Name ist Friedemann Ebelt, ich arbeite seit fünf Jahren bei der deutschen Grundrechteorganisation Digitalcourage, die im Jahr 2006 eine Verfassungsbeschwerde gegen das deutsche Gesetz zur Vorratsdatenspeicherung eingereicht hat. Die Klage ist mit anderen Beschwerden anhängig beim Bundesverfassungsgericht, dessen Urteil eine EU-weite Signalwirkung haben wird.\n\nDigitalcourage beobachtet die aktuellen Überwachungsbestrebungen unter anderem mit Hilfe von Anfragen auf Grundlage des Informationsfreiheitsgesetzes, die wir auf fragdenstaat.de stellen. Was uns die Dokumente zeigen, ist aus unserer Sicht eine Kampagne für Vorratsdatenspeicherung, die auf drei Ebenen stattfindet:\n\n(1)\nIm geplanten EU-Gesetz zur ePrivacy-Verordnung wird über eine riesige Hintertür für eine private Vorratsdatenspeicherung verhandelt. Das ist absurd, denn das Ziel dieser Verordnung ist der Schutz sensibler Kommunikationsdaten. (Siehe Artikel 6 des Entwurfs einer ePrivacy-Verordnung)\n→ Mehr dazu:\nhttps://digitalcourage.de/blog/2019/eprivacy-private-vorratsdatenspeicherung-durch-hintertuer\n\n(2)\nEU-Rat und EU-Kommission haben einen Fahrplan für eine neue EU-weite Vorratsdatenspeicherung beschlossen. Die Hauptgefahr aus unserer Sicht ist, dass ausschließlich Vorschläge für anlasslose Massenüberwachung diskutiert werden, wie die Überwachungs-Matrix aus dem Europol Data Retention Matrix Workshops. \nIn einer 45-seitigen Tabelle breitet Europol aus, welche Daten sie für relevant für eine neue, EU-weite Vorratsdatenspeicherung halten. Von Standortdaten über IP-Adressen bis hin zu Verbindungsdaten sind nahezu sämtliche Informationen aufgeführt, die Provider demnach längerfristig speichern müssten. Diskutiert wird aber auch über die Speicherung der Länge von Antennen und über Klingeltöne.\nEs gibt keine Vorschläge für verhältnismäßige Optionen wie Quick Freeze, Sonderermittlungsdezernate oder ähnliches.\n→ Mehr dazu:\nhttps://digitalcourage.de/blog/2019/eu-vorratsdatenspeicherung-diese-daten-sollen-gespeichert-werden\nhttps://digitalcourage.de/blog/2019/beschraenkte-vorratsdatenspeicherung\n\n(3)\nMehrere EU-Mitgliedsstaaten verlangen vom EU-Gerichtshof eine Revidierung vorheriger, grundrechtefreundlicher Urteile. Anstatt die grundrechlichen Grenzen für Massenüberwachung zu akzeptieren, greifen die Regierungen der EU-Länder diese Grenzen an.\n→ Mehr dazu:\nhttps://digitalcourage.de/blog/2019/achtung-vorratsdatenspeicherung-es-wird-ernst\n\nIn Verbindung mit der geplanten E-Evidence-Verordnung, massiv verschärften Polizeigesetzen und dem derzeitigen Wettbewerb zur Einschränkung von Grundrechten, den sich die Regierungen der EU-Länder aktuell liefern, sind die Pläne für eine flächendeckende Vorratsdatenspeicherung als toxisch für Rechtsstaat und Demokratie zu bewerten.\nBezeichnend für eine grundrechtevergessene Politik sind die jüngsten Ereignisse in Deutschland:\n\nÜberwachung über Ethik: \nCDU in Deutschland nutzt den Terror von Halle/Saale \nNur einen Tag nach dem Terror-Angriff in Halle/Saale im Oktober diesen Jahres sagte CDU-Innenpolitiker Mathias Middelberg im Deutschlandfunk, dass gegen rechte Hetze im Internet und im Bildungssystem vorgegangen werden müsse. Konkret handeln er und seine Partei jedoch in eine ganz andere Richtung: Sie nutzen den rechten Terror, um Massenüberwachung voranzubringen. Zentral ist dabei die Vorratsdatenspeicherung. Geplant ist aber auch, den in die NSU-Morde verstrickten sogenannten Verfassungsschutzes mit mehr Befugnisse auszustatten sowie der Einsatz von Staatstrojanern, die für den Einsatz von Staatstrojanern benötigt werden.\n→ Mehr dazu: Hallo CDU: Vorratsdatenspeicherung und Verfassungsschutz sind nicht die Lösung \nhttps://digitalcourage.de/Blog/2019/hallo-cdu-vorratsdatenspeicherung-und-verfassungsschutz-sind-nicht-die-loesung\n\nMit unserer Kritik an dieser Politik, wenden wir uns an deutsche Parlamentarier und argumentieren: Eine anlasslose Vorratsdatenspeicherung erfasst alles – auch, wer wann in eine Synagoge, eine Moschee, in eine Kirche, in ein Gewerkschaftshaus oder auf eine Demonstration geht.  \nWir dürfen nicht vergessen, was schon einmal bitter gelernt wurde: Datensammlungen können tödlich sein. Eine Lehre aus den Verbrechen des deutschen Nationalsozialismus ist, dass die Bevölkerung vor Übergriffen des Staates geschützt werden muss. \nAus diesem Grund darf es in Deutschland keinen zentralen Katalog geben, in dem erfasst ist, wer welcher Religion angehört. Das selbe gilt für Parteimitgliedschaften oder die sexuelle Orientierung. Folglich darf es in Rechtsstaaten keine Vorratsdatenspeicherungen von Kommunikationsdaten geben.\nDie 1933 gewählte nationalsozialistische Regierung hat auf Vorrat gesammelte Daten genutzt, um gezielt Menschen zu verfolgen, zu inhaftieren und zu töten. Die technisch-organisatorische Grundlage für die systematische Vernichtung von Juden war eine umfangreiche  Datenverarbeitung von Informationen, die kein Staat über die Bürgerinnen und Bürger erfassen darf.\n\nDie Gefahr von Massenüberwachung lässt sich nicht beschränken\nEinschränkungen für den Zugriff auf Vorratsdaten, wie Richtervorbehalte oder minimal beschränkende Vorgaben für Maximal- und Mindestspeicherfristen können die Bevölkerung langfristig vor den Gefahren dieser Massenüberwachung nicht schützen. Denn Überwachungsgesetze werden stets verschärft, aber so gut wie nie zurückgefahren. Eine Partei, die diese Daten nutzen will, wird die Schutzschranken einreißen.\n\nGibt es auch gute Nachrichten?\nDank der existierenden Transparenzgesetze, engagierter Parlamentarier.innen und Aktivist.innen ist die aktuelle Kampagne für Massenüberwachung durchschaubar, ebenso die Ausnutzung von Terror-Angriffen. Unserer Auffassung nach, muss sie als Sicherheitstheater enttarnt werden, denn das Ziel ist Überwachung und nicht Sicherheit. Belegt ist diese Interpretation bereits dadurch, dass grundrechtsfreundliche Optionen für die Verbesserung von Ermittlungs- und Aufklärungsarbeit weder geprüft noch diskutiert werden. Eine Rechtgrundlage für ein Quick-Freeze-Verfahren könnte längst existieren und bei der Kriminalitätsbekämpfung helfen, wird aber von Politiker.innen, denen es um Überwachung geht, blockiert. \n\nWas ist zu tun?\n\nIch hoffe, an dieser Stelle aktuelle Beispiele aus unseren kommenden Aktionen präsentieren zu können.\n\nAus unserer Sicht, kann viel gegen Überwachungspolitik getan werden:\n\n(1) Sicherheitstheater bei jeder Gelegenheit entlarven\n→ mehr dazu unter: „So können Sie auf Sicherheitstheater reagieren“\nhttps://digitalcourage.de/sicherheitstheater\n\n(2) Immer wieder gegen Vorratsdatenspeicherungen argumentieren, beispielseise: im Netz, in der eigenen Partei, Politiker.innen freundlich und sachlich kontaktieren. \n\n(3) Juristische Arbeit gegen Vorratsdatenspeicherung unterstützen.","original_language":"deu","persons":["Friedemann"],"tags":["36c3-chaoswest","114","2019","Nicht Computers","ChaosWest"],"view_count":2026,"promoted":false,"date":"2019-12-29T12:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-22T14:30:06.143+01:00","length":2878,"duration":2878,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/114-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/114-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/114-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/114-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-114-achtung-vorratsdatenspeicherung-es-wird-ernst","url":"https://api.media.ccc.de/public/events/4f4901d9-d5fa-594d-b367-532933de3d02","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"479cc703-bacb-49e2-b364-e16f5ba000b9","title":"Plundervolt: Flipping Bits from Software without Rowhammer","subtitle":null,"slug":"36c3-10883-plundervolt_flipping_bits_from_software_without_rowhammer","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10883.html","description":"We present the next step after Rowhammer, a new software-based fault attack primitive: Plundervolt (CVE-2019-11157).\n\nMany processors (including the widespread Intel Core series) expose privileged software interfaces to dynamically regulate processor frequency and operating voltage. We show that these privileged interfaces can be reliably exploited to undermine the system's security.\nIn multiple case studies, we show how the induced faults in enclave computations can be leveraged in real-world attacks to recover keys from cryptographic algorithms (including the AES-NI instruction set extension) or to induce memory safety vulnerabilities into bug-free enclave code.\n\nFault attacks pose a substantial threat to the security of our modern systems, allowing to break cryptographic algorithms or to obtain root privileges on a system. Fortunately, fault attacks have always required local physical access to the system. This changed with the Rowhammer attack (BlackHat USA 2015, CCC 2015), which for the first time enabled an attacker to mount a software-based fault attack. However, as countermeasures against Rowhammer are developed and deployed, fault attacks require local physical access again.\n\nIn this CCC talk, we present the next step, a long-awaited alternative to Rowhammer, a second software-based fault attack primitive: Plundervolt.\n\nDynamic frequency and voltage scaling features have been introduced to manage ever-growing heat and power consumption in modern processors. Design restrictions ensure frequency and voltage are adjusted as a pair, based on the current load, because for each frequency there is only a certain voltage range where the processor can operate correctly. For this purpose, many processors (including the widespread Intel Core series) expose privileged software interfaces to dynamically regulate processor frequency and operating voltage.\n\nIn this talk, we show that these privileged interfaces can be reliably exploited to undermine the system's security. We present the Plundervolt attack, in which a privileged software adversary abuses an undocumented Intel Core voltage scaling interface to corrupt the integrity of Intel SGX enclave computations.\nPlundervolt carefully controls the processor's supply voltage during an enclave computation, inducing predictable faults within the processor package. Consequently, even Intel SGX's memory encryption/authentication technology cannot protect against Plundervolt.\n\nIn multiple case studies, we show how the induced faults in enclave computations can be leveraged in real-world attacks to recover keys from cryptographic algorithms (including the AES-NI instruction set extension) or to induce memory safety vulnerabilities into bug-free enclave code. We finally discuss why mitigating Plundervolt is not trivial, requiring trusted computing base recovery through microcode updates or hardware changes.\n\nWe have responsibly disclosed our findings to Intel on June 7, 2019. Intel assigned CVE-2019-11157 to track this vulnerability and refer to mitigations. The scientific paper on Plundervolt will appear at the IEEE Security \u0026 Privacy Symposium 2020. The work is the result of a collaboration of Kit Murdock (The University of Birmingham, UK), David Oswald (The University of Birmingham, UK), Flavio D. Garcia (The University of Birmingham, UK), Jo Van Bulck (imec-DistriNet, KU Leuven, Belgium), Daniel Gruss (Graz University of Technology, Austria), and Frank Piessens (imec-DistriNet, KU Leuven, Belgium).","original_language":"eng","persons":["Daniel Gruss","Kit Murdock"],"tags":["36c3","10883","2019","Security","Main"],"view_count":7839,"promoted":false,"date":"2019-12-27T17:30:00.000+01:00","release_date":"2019-12-27T01:00:00.000+01:00","updated_at":"2026-03-31T17:00:05.579+02:00","length":2987,"duration":2987,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10883-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10883-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10883-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10883-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10883-plundervolt_flipping_bits_from_software_without_rowhammer","url":"https://api.media.ccc.de/public/events/479cc703-bacb-49e2-b364-e16f5ba000b9","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"cc3e9b8a-14e3-425a-b683-4eab463ed1bd","title":"Degrowth is coming - be ready to repair","subtitle":null,"slug":"36c3-11030-degrowth_is_coming_-_be_ready_to_repair","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11030.html","description":"Der Diskurs um die \"Digitalisierung\" kann vor allem eines: Verheißen. Roboter befreien uns von mühsamer Arbeit, Effizienzsteigerungen sorgen von ganz allein für den Schutz von Umwelt und Ressourcen und Algorithmen erleichtern uns den Alltag. Dass diese Verheißungen vor allem Tech-Konzernen in die Tasche spielen und wir dank der datenraff(inier)enden Geschäftsmodelle des digitalen Kapitalismus auf ökologische und soziale Katastrophen zusteuern, soll in dem Vortrag gezeigt werden. \nKann die Wirtschaft dank effizienterer Technologien weiter wachsen ohne dabei Ressourcen zu verbrauchen? Oder merken wir bei unseren immer voller werdenden Leben gar nicht, dass uns in Wahrheit die Rohstoffe ausgehen? Wenn wir schon sehr bald kein Material mehr haben, um Technik zu bauen, die alle Verheißungen erfüllt - was machen wir dann? Ist die Antwort dann  reparieren, selber machen, vielleicht sogar kreativ werden?\n\nDer Vortrag zeigt Daten und Grafiken zum aktuellen und prognostizierten Ressourcen- und Energieverbrauch digitaler Technologien. Der Mechanismus des Rebound-Effekts kann dabei helfen, die komplexen Folgen der aktuellen technischen Entwicklung z.B. in Bezug auf Wachstum zu verstehen.\nDegrowth ist eine politische Bewegung von Wissenschaftler*innen und Aktivist*innen, die gegen die Steigerungs- und Wachstumszwänge moderner Gesellschaften kämpfen. Mit welchen Argumenten begegnet die Degrowth Bewegung Wachstum aus einer ökologischen Perspektive? Und welche Anknüpfungspunkte für Ressourcenschonung gibt es in der Tech- und Maker-Bewegung?","original_language":"deu","persons":["Anja Höfner","Nicolas Guenot"],"tags":["36c3","11030","2019","Resilience \u0026 Sustainability","Main"],"view_count":1882,"promoted":false,"date":"2019-12-29T16:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-15T01:45:05.145+01:00","length":3559,"duration":3559,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11030-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11030-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11030-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11030-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11030-degrowth_is_coming_-_be_ready_to_repair","url":"https://api.media.ccc.de/public/events/cc3e9b8a-14e3-425a-b683-4eab463ed1bd","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"6a32cb72-a69d-423c-91b5-60d88eb8e6c7","title":"Opening Ceremony","subtitle":"","slug":"36c3-11223-opening_ceremony","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11223.html","description":"Welcome!","original_language":"deu","persons":["bleeptrack","blinry"],"tags":["36c3","11223","2019","CCC","Main"],"view_count":28560,"promoted":false,"date":"2019-12-27T11:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-25T16:00:05.165+01:00","length":824,"duration":824,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11223-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11223-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11223-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11223-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11223-opening_ceremony","url":"https://api.media.ccc.de/public/events/6a32cb72-a69d-423c-91b5-60d88eb8e6c7","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"070c97b2-3ce2-44e9-b2e0-711055b3c7d5","title":"Identifying Multi-Binary Vulnerabilities in Embedded Firmware at Scale","subtitle":null,"slug":"36c3-10891-identifying_multi-binary_vulnerabilities_in_embedded_firmware_at_scale","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10891.html","description":"Low-power, single-purpose embedded devices (e.g., routers and IoT devices) have become ubiquitous. While they automate and simplify many aspects of our lives, recent large-scale attacks have shown that their sheer number poses a severe threat to the Internet infrastructure, which led to the development of an IoT-specific cybercrime underground. Unfortunately, the software on these systems is hardware-dependent, and typically executes in unique, minimal environments with non-standard configurations, making security analysis particularly challenging. Moreover, most of the existing devices implement their functionality through the use of multiple binaries. This multi-binary service implementation renders current static and dynamic analysis techniques either ineffective or inefficient, as they are unable to identify and adequately model the communication between the various executables.\n\nIn this talk, we will unveil the inner peculiarities of embedded firmware, we will show why existing firmware analysis techniques are ineffective, and we will present Karonte, a novel static analysis tool capable of analyzing embedded-device firmware by modeling and tracking multi-binary interactions. Our tool propagates taint information between binaries to detect insecure, attacker-controlled interactions, and effectively identify vulnerabilities.\n\nWe will then present the results and insights of our experiments. We tested Karonte on 53 firmware samples from various vendors, showing that our prototype tool can successfully track and constrain multi-binary interactions. In doing so, we discovered 46 zero-day bugs, which we disclosed to the responsible entities.  We performed a large-scale experiment on 899 different samples, showing that Karonte scales well with firmware samples of different size and complexity, and can effectively and efficiently analyze real-world firmware in a generic and fully automated fashion.\n\nFinally, we will demo our tool, showing how it led to the detection of a previously unknown vulnerability.\n\nPresentation Outline\n1. Introduction to IoT/Embedded firmware [~7 min]\n* A brief intro to the IoT landscape and the problems caused by insecure IoT devices.\n* Overview of the peculiarities that characterize embedded firmware. \n   * Strong dependence from custom, unique environments.\n   * Firmware samples are composed of multiple binaries, in a file system fashion (e.g., SquashFS).\n* Example of how a typical firmware sample looks like.\n\n\n2. How to Analyze Firmware? [~5 min]\n* Overview on the current approaches/tools to analyze modern firmware and spot security vulnerabilities.\n* Description of the limitations of the current tools.\n   * Dynamic analysis is usually unfeasible, because of the different, customized environments where firmware samples run.\n   * Traditional, single-binary static analysis generates too many false positives because it does not take into account the interactions between the multiple binaries in a firmware sample.\n\n\n3. Modeling Multi-Binary Interactions [~5 min]\n* Binaries/processes communicate through a finite set of communication paradigms, known as Inter-Process Communication (or IPC) paradigms.\n* An instance of an IPC is identified through a unique key (which we term a data key) that is known by every process involved in the communication.\n* Data keys associated with common IPC paradigms can be used to statically track the flow of attacker-controlled information between binaries.\n\n\n4. Karonte: Design \u0026 Architecture [~15 min]\n* Our tool, Karonte, performs inter-binary data-flow tracking to automatically detect insecure interactions among binaries of a firmware sample, ultimately discovering security vulnerabilities (memory-corruption and DoS vulnerabilities). We will go through the steps of our approach.\n* As a first step, Karonte unpacks the firmware image using the off-the-shelf firmware unpacking utility binwalk.\n* Then, it analyzes the unpacked firmware sample and automatically retrieves the set of binaries that export the device functionality to the outside world. These border binaries incorporate the logic necessary to accept user requests received from external sources (e.g., the network), and represent the point where attacker-controlled data is introduced within the firmware itself.\n* Given a set of border binaries, Karonte builds a Binary Dependency Graph (BDG) that models communications among those binaries processing attacker-controlled data. The BDG is iteratively recovered by leveraging a collection of Communication Paradigm Finder (CPF) modules, which are able to reason about the different inter-process communication paradigms.\n* We perform static symbolic taint analysis to track how the data is propagated through the binary and collect the constraints that are applied to such data. We then propagate the data with its constraints to the other binaries in the BDG.\n* Finally, Karonte identifies security issues caused by insecure attacker-controlled data flows.\n\n\n5. Evaluation \u0026 Results [~10 min]\n* We leveraged a dataset of 53 modern firmware samples to study, in depth, each phase of our approach and evaluate its effectiveness to find bugs.\n   * We will show that our approach successfully identifies data flows across different firmware components, correctly propagating taint information.\n   * This allowed us to discover potentially vulnerable data flows, leading to the discovery of 46 zero-day software bugs, and the rediscovery of another 5 n-days bugs.\n   * Karonte provided an alert reduction of two orders of magnitude and a low false-positive rate.\n* We performed a large-scale experiment on 899 different firmware samples to assess the scalability of our tool. We will show that Karonte scales well with firmware samples of different size and complexity, and thus can be used to analyze real-world firmware.\n\n\n6. Demo of Karonte [~5 min]\n* We will show how Karonte analyzes a real-world firmware sample and detects a security vulnerability that we found in the wild.\n* We will show the output that Karonte produces and how analysts can leverage our tool to test IoT devices.\n\n\n7. Conclusive Remarks [~3 min]\n* A reprise of the initial questions and summary of the takeaways.","original_language":"eng","persons":["Nilo Redini"],"tags":["36c3","10891","2019","Security","Main"],"view_count":714,"promoted":false,"date":"2019-12-28T16:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-02-11T12:00:10.159+01:00","length":2195,"duration":2195,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10891-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10891-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10891-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10891-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10891-identifying_multi-binary_vulnerabilities_in_embedded_firmware_at_scale","url":"https://api.media.ccc.de/public/events/070c97b2-3ce2-44e9-b2e0-711055b3c7d5","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"fe422b75-92b5-5d69-a3ba-0fad356de0aa","title":"X11 and Wayland: A tale of two implementations","subtitle":null,"slug":"36c3-87-x11-and-wayland-a-tale-of-two-implementations","link":"https://fahrplan.chaos-west.de/36c3/talk/WYZGGQ/","description":"In this talk I will outline my journey implementing my X11 window manager `hikari` and the corresponding Wayland compositor shortly after. `hikari` is a stacking window manager/compositor with some tiling capabilities. It is still more or less work in progress and currently targets FreeBSD only but will be ported to Linux and other operating systems supporting Wayland once it has reached some degree of stability and feature completeness.\n\n     \nThis talk covers:     \n     \n* a brief explanation regarding differences between X and Wayland     \n* some of `hikari`'s design goals and motivation     \n* choice of programming language     \n* an overview of libraries that were used     \n* tools for ensuring code quality and robustness     \n* obstacles     \n* resources that helped me to implement the whole thing","original_language":"eng","persons":["raichoo"],"tags":["36c3-chaoswest","87","2019","All about computers","ChaosWest"],"view_count":3596,"promoted":false,"date":"2019-12-29T16:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-23T17:30:07.017+01:00","length":1282,"duration":1282,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/87-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/87-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/87-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/87-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-87-x11-and-wayland-a-tale-of-two-implementations","url":"https://api.media.ccc.de/public/events/fe422b75-92b5-5d69-a3ba-0fad356de0aa","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"7bdf7688-8620-4170-93bf-3c2adfd30030","title":"It’s alive! – Nach den Protesten gegen die Polizeigesetze ist vor den Protesten gegen die autoritäre Wende","subtitle":null,"slug":"36c3-10983-it_s_alive_nach_den_protesten_gegen_die_polizeigesetze_ist_vor_den_protesten_gegen_die_autoritare_wende","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10983.html","description":"Das Jahr 2018 stand ganz im Zeichen der bundesweiten Proteste gegen die Polizeigesetze. Und 2019? Es ist leiser geworden um noPAG, noPolGNRW \u0026 Co. Aber das Biest lebt!\n\nWir blicken zurück auf die Proteste, geben einen kurzen Überblick über Erfolge und Niederlagen unseres Widerstands und eine Vorschau auf die Schrecken, die sich am Horizont der Inneren Sicherheit abzeichnen. Außerdem erklären wir, warum die Bewegung gegen die Polizeigesetze auf keinen Fall sterben darf – und warum sie sich neuen Themen wie Klimaschutz, Antifaschismus und Antirassismus widmen muss.\n\nAuf dem 3C35 rief Constanze Kurz dazu auf, auch 2019 gegen die bundesweit erfolgenden Verschärfungen der Polizeigesetze vorzugehen. Und tatsächlich sind dieses Jahr viele Menschen gegen die Gesetzesnovellierungen auf die Straße gegangen – aber das eigentliche Jahr der Proteste war 2018. Trotz der über Monate anhaltenden Demonstrationen und Aktionen in der gesamten Republik sind die Novellierungen in den wenigsten Bundesländern zurückgenommen wurden, und dort, wo Gesetzespassagen gestrichen und geändert wurden, handelte es sich meist um kosmetische Korrekturen. Dem allgemeinen Trend hin zu einer autoritären Wende in Sachen Innerer Sicherheit hat das keinen Abbruch getan, so unsere Ausgangsthese. Gleichzeitig sind viele der Bündnisse zerfallen, die Demonstrationen kleiner geworden, und auch der Großteil der Presse schenkt Polizei- und Sicherheitsgesetzen nur noch gelegentlich Aufmerksamkeit. \nDabei kann die Bedeutung der Debatte um eine angebliche Versicherheitlichung unserer Gesellschaft gar nicht hoch genug bewertet werden: Es gibt starke Anzeichen dafür, dass die Institution Polizei, aber auch Militär und private Sicherheitsdienste, immer mehr an Macht gewinnen – was nicht zuletzt mit Blick auf die zahlreichen Skandale der letzten Monate und die Frage, wie strukturell rechts diese Institutionen eigentlich sind, von immenser gesellschaftlicher Tragweite ist.\n\nUnd auch wenn politischer Protest häufig aufmerksamkeits-ökonomischen Logiken unterworfen ist, glauben wir, dass das Zerfallen der Bündnisse gegen die Polizeigesetze besonders bedauerlich ist. Zum ersten Mal seit langem nämlich sind hier Gruppen Seite an Seite auf die Straße gegangen, die lange Zeit nicht gemeinsam im Widerstand waren: Datenschützer*innen und Fußballfans, linksliberale Parteien und Antifaschist*innen, soziale Bewegungen und migrantische Organisationen – Gruppen, deren gegenseitige Solidarität großer Gewinn und wichtige Voraussetzung für erfolgreiche emanzipatorische Politik ist.\n\nWas sind also die großen Herausforderungen in Sachen Innere Sicherheit, die auf uns warten? Was haben die Polizeigesetze mit Racial Profiling, Ende Gelände und NSU 2.0 zu tun? Warum brauchen wir auch weiterhin die im Zuge der Proteste entstandenen Allianzen zwischen Datenschützer*innen und anderen sozialen Bewegungen? Und welche Themen müssen wir in den Blick nehmen, wenn wir verstehen wollen, was autoritäre Wende heißt?\n\nDie Referent*innen kommen selbst aus unterschiedlichen linken sozialen Bewegungen und haben sich im Zuge der Proteste gegen das neue bayerische Polizeiaufgabengesetz im noPAG-Bündnis kennengelernt. Laura Pöhler ist Antifaschistin und Sprecherin des noPAG-Bündnisses. Johnny Parks war in der noPAG-Jugend aktiv, ist Pressesprecher für Ende Gelände und engagiert sich als PoC gegen Rassismus. Sie beide kämpfen für eine Rücknahme der Gesetzesnovellierungen in Bayern.\n\nDie Idee, gemeinsam beim CCC-Kongress zu sprechen, entsprang nicht zuletzt dem Wunsch, im Kontakt mit denjenigen Menschen zu bleiben, welche die Proteste gegen das PAG maßgeblich mitgestaltet haben: Datenschützer*innen.","original_language":"deu","persons":["Laura Pöhler","Johnny Parks"],"tags":["36c3","10983","2019","Ethics, Society \u0026 Politics","Main"],"view_count":1474,"promoted":false,"date":"2019-12-28T23:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-25T14:30:07.143+01:00","length":3891,"duration":3891,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10983-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10983-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10983-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10983-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10983-it_s_alive_nach_den_protesten_gegen_die_polizeigesetze_ist_vor_den_protesten_gegen_die_autoritare_wende","url":"https://api.media.ccc.de/public/events/7bdf7688-8620-4170-93bf-3c2adfd30030","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"a5d6dd63-ef24-4686-9a89-e06cb179d531","title":"NGI Zero: A treasure trove of IT innovation","subtitle":"Resilient. Trustworthy. Sustainably Open.","slug":"36c3-10795-ngi_zero_a_treasure_trove_of_it_innovation","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10795.html","description":"\u003cp\u003eThe \u003ca href=\"https://ngi.eu\"\u003eNext Generation Internet\u003c/a\u003e initiative is the first concerted effort in Europe to put significant public funding to hands-on work to really fix the internet. The long term \u003ca href=\"https://ngi.eu\"\u003evision\u003c/a\u003e of the initiative is to make the internet what we need and expected it to be in the first place: \u003cstrong\u003eResilient\u003c/strong\u003e. \u003cstrong\u003eTrustworthy\u003c/strong\u003e. \u003cstrong\u003eSustainable\u003c/strong\u003e. The concrete mission of the Next Generation Internet initiative is to \"re-imagine and re-engineer the Internet for the third millennium and beyond\". With new projects starting all the time, the density of awesome open source, open hardware, new science and new standards in-the-making is already intense: about 200 projects are currently on their way. These range from encrypted synchronisation for calendars and address books to symbolical protocol verification, from an open hardware RISC-V SoC to removing binary seeds from operating systems, from ethical search to the Fediverse etc.\n\n\u003cp\u003eNGI Zero offers funding to independent researchers and FOSS developers working on free and open projects in the area of privacy and trust enhancing technologies and on search, discovery and discoverability. It also offers an elaborate 'pipeline' of supporting activities that live up to high standards (sometimes called 'walk the talk') in terms of security, privacy, accessibility, open source licensing, standardisation, packaging, etc. The talk will provide an overview of the awesome R\u0026D that is now in the pipeline, how the programme is organised and everything you need to know about the various opportunities to 'come and work for the internet'. \u003c/p\u003e\n\n\u003cp\u003e\u003ca href=\"https://nlnet.nl/discovery\"\u003eNGI Zero Discovery\u003c/a\u003e and \u003ca href=\"https://nlnet.nl/PET\"\u003eNGI Zero PET\u003c/a\u003e are a significant effort and ambitious effort by a large group of organisations led by \u003ca href='https://nlnet.nl/foundation' rel=\"me\"\u003eNLnet foundation\u003c/a\u003e (that was instrumental in \u003ca href=\"https://nlnet.nl/foundation/history\"\u003epioneering the early internet in Europe\u003c/a\u003e):\n\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://accessibility.nl/english\"\u003eAccessibility Foundation\u003c/a\u003e - Center of expertise on accessibility of internet and other digital media for all people, including the elderly and people with disabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://apc.org\"\u003eAssociation for Progressive Communications\u003c/a\u003e - A global network and organisation that strives towards easy and affordable access to a free and open internet to improve the lives of people and create a more just world\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://techcultivation.org/\"\u003eCenter for the Cultivation of Technology\u003c/a\u003e - A charitable non-profit host organization for international Free Software projects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://commonscaretakers.com\"\u003eCommons Caretakers\u003c/a\u003e - A not-for-profit service provider for the development of Commons\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.netsec.ethz.ch/\"\u003eNetwork Security Group\u003c/a\u003e of \u003ca href=\"https://www.netsec.ethz.ch/\"\u003eEidgenössische Technische Hochschule Zürich\u003c/a\u003e - Academic research institute focused on building secure and robust network systems\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://fsfe.org\"\u003eFree Software Foundation Europe\u003c/a\u003e - Association charity that aims to empower users to control technology.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://www.ifross.org/\" class=\"external\" target=\"_blank\"\u003eifrOSS\u003c/a\u003e - Provides not-for-profit legal services and studies in the context of free and open source software\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://nixos.org/nixos/foundation.html\"\u003eNixOS Foundation\u003c/a\u003e - Foundation supporting development and use of purely functional configuration management tools, in particular NixOS and related projects\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://nlnet.nl\"\u003eNLnet Foundation (NL)\u003c/a\u003e - Grantmaking public benefit organisation founded by pioneers of the early European internet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://ps.zoethical.com/\"\u003ePetites Singularit\u0026eacute;s\u003c/a\u003e - Non profit organisation working with free sofware and focusing on collective practices\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://radicallyopensecurity.com\"\u003eRadically Open Security\u003c/a\u003e - Not-for-profit open source security company\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://securesoftware.nl\" class=\"external\" target=\"_blank\"\u003eTIMIT\u003c/a\u003e - Experts in secure software\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"http://translatehouse.org/\" class=\"external\" target=\"_blank\"\u003eTranslate House\u003c/a\u003e - Develops and implements open source localization solutions\u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cp\u003eThe budget for the effort is kindly provided by the European Commission.\u003c/p\u003e","original_language":"eng","persons":["Michiel Leenaars"],"tags":["36c3","10795","2019","Resilience \u0026 Sustainability","Main"],"view_count":752,"promoted":false,"date":"2019-12-30T12:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-19T19:00:07.666+01:00","length":2474,"duration":2474,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10795-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10795-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10795-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10795-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10795-ngi_zero_a_treasure_trove_of_it_innovation","url":"https://api.media.ccc.de/public/events/a5d6dd63-ef24-4686-9a89-e06cb179d531","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"0bc48f52-1052-4db9-a4e9-a38fb71e65e4","title":"Wohnungsbot: An Automation-Drama in Three Acts","subtitle":"A media-art project which automates the search for flats in Berlin and challenges automation narratives","slug":"36c3-10988-wohnungsbot_an_automation-drama_in_three_acts","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10988.html","description":"At the center of Clemens Schöll's latest art project is the \"Wohnungsbot\" (flat-bot), which automates flat searching in Berlin. But it doesn't only try to search flats for everybody, it fundamentally questions power-relationships in (flat-searching) online platforms. Where are the utopias about public automation? Who should be able to automate what, and how?\n\n\u003cp\u003eWith increasing urbanization and financial speculation on the housing market the search for a flat in any big city has become an activity that consumes a lot of resources for people in need of housing: beyond the emotional load a significant share of your supposed leisure time is being consumed by repetitive tasks. Online platforms force us to refresh pages, scroll, click here, click there, look at a few pictures and eventually copy-paste our default text over and over again. If you're ambitious you maybe adjust the lessor's name or the street. But honestly, why do we do this? It could be so easily automated.\u003c/p\u003e\n\n\u003cp\u003eThe 'automation drama in three acts' by media artist Clemens Schöll titled \u003ci\u003e\"Von einem der auszog eine Wohnung in Berlin zu finden\" (Of someone who went forth to find a flat in Berlin)\u003c/i\u003e speculates about alternative strategies and narratives for both the housing market as well as automation itself. At the center of the multi-exhibition project stands the Wohnungsbot (literally: flat-bot), a free open source software to automate flat-searching and applications in Berlin, released to the public in June 2019.\u003c/p\u003e\n\n\u003cp\u003eBut the Wohnungsbot is about much more than just rejecting the out-of-control housing situation. There are no technological fixes for social problems. By reclaiming de-facto working time a fundamental utopia of automation is opened once again. Who should be able to automate, what should they be able to automate, and how?\u003cbr/\u003e\nBut even if these tools are publicly available – who is aware of them and who is able to use them?\u003c/p\u003e\n\n\u003cp\u003eLooking back in history we find that automation has always been accompanied with struggles of power and labor. How have we reached a state where only institutions, be it private companies (usually for-profit) and the state, are allowed or able to automate? Why has automation become a synonym to nightmares of many people, such as mass unemployment? If we're not asked for consent (or don't want to give it) to being dehumanized by automated processes, how can we oppose these practices?\u003c/p\u003e\n\n\u003cp\u003eUltimately, we can look at ourselves (at Congress) and ask: where do we stand in this? With many of us being \u003ci\u003e\"people who write code\"\u003c/i\u003e (title of a previous artistic research project by Clemens Schöll) we must reflect if and how we shape this tension with our work and existence.\u003c/p\u003e","original_language":"eng","persons":["Clemens Schöll"],"tags":["36c3","10988","2019","Art \u0026 Culture","Main"],"view_count":2323,"promoted":false,"date":"2019-12-30T13:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-31T10:15:04.957+02:00","length":2428,"duration":2428,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10988-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10988-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10988-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10988-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10988-wohnungsbot_an_automation-drama_in_three_acts","url":"https://api.media.ccc.de/public/events/0bc48f52-1052-4db9-a4e9-a38fb71e65e4","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"842d97a6-9b53-4f40-aaaf-4e447ad101e8","title":"SigOver + alpha","subtitle":"Signal overshadowing attack on LTE and its applications","slug":"36c3-10801-sigover_alpha","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10801.html","description":"As Long-Term Evolution (LTE) communication is based on over-the-air signaling, a legitimate signal can potentially be counterfeited by a malicious signal. Although most LTE signaling messages are protected from modification using cryptographic primitives, broadcast messages and some of the unicast messages are unprotected. In this talk, we would like to introduce a signal injection attack that exploits the fundamental weakness of unprotected messages in LTE and modifies a transmitted signal over the air.\nThis attack, which is referred to as signal overshadowing (named SigOver) overwrites a portion of the legitimate signal to inject manipulated signal into the victim while the victim is connected to a legitimate cellular network. In most aspects, SigOver attack is superior to FBS (Fake Bas Station) and MitM (Man-in-the-Middle) attack, in terms of Efficiency, Effectiveness, and Stealthiness. Thus, Sigover results in new attacks exploiting broadcast channel and unicast channel. For example, SigOver attack on the broadcast messages can affect a large number of nearby UEs simultaneously such as signaling storm, Denial-Of-Service, downgrading attack, location tracking, and fake emergency alert. SigOver attack on unicast channel can silently hand over victims to FBS and perform MitM attack.\nSigover attack is currently zero-day. Since it exploits the fundamental problems in LTE physical signal, it will remain effective until 3GPP standards change.\n\nIn detail, we talk about the implementation of the SigOver, the first practical realization of the signal overshadowing attack on the LTE broadcast signals, using a low-cost Software Defined Radio (SDR) platform and open-source LTE library. The SigOver attack was tested against 10 smartphones connected to a real-world network, and all were successful. The experimental result shows that the SigOver overshadows the target signal and causes the victim device to decode it with 98% success rate with only 3 dB power difference from a legitimate signal. On the other hand, attacks utilizing an FBS have only 80% success rate even with 35 dB power difference. This implies that the SigOver can inconspicuously inject any LTE message and hand over victims to FBS for the Man-in-the-Middle attack.\nPresentation Snapshot :\n1. Overview on LTE Architecture including structure, security aspects, and types of messages. Broadcast messages and some of the unicast messages are unprotected; thus they have a fundamental weakness.\n2. Introduction of SigOver Attack, attack vectors, detailed implementational design, and issues on performing the attack. SigOver attack can manipulate unprotected LTE signals.\n3. Comparison with FBS (Fake Base Station) Attacker and MitM (Man-in-the-Middle) Attacker, in terms of Efficiency, Effectiveness, and Stealthiness. In most aspects, SigOver is superior than FBS and MitM attacker.\n4. Possible exploitations of broadcast channel using SigOver Attacks, such as signaling storm, Denial-Of-Service, downgrading attack, location tracking, and fake emergency alert.\n5. Possible exploitations of unicast channel using SigOver Attacks. An attacker can manipulate every individual unprotected downlink messages. As the whole injection process is silent, this results in whole new types of attacks.\n6. For example, an attacker can silently hand over victims to the fake base station. Once the victim is connected to the FBS, attacks including Man-in-the-Middle attack are possible.","original_language":"eng","persons":["CheolJun Park","Mincheol Son"],"tags":["36c3","10801","2019","Security","Main"],"view_count":1218,"promoted":false,"date":"2019-12-28T12:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-26T12:30:05.682+01:00","length":3315,"duration":3315,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10801-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10801-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10801-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10801-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10801-sigover_alpha","url":"https://api.media.ccc.de/public/events/842d97a6-9b53-4f40-aaaf-4e447ad101e8","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"415adc17-f5d6-5ad3-9989-ca0fcf723090","title":"WRINT Politikunterricht - Die Lernzielkontrolle","subtitle":null,"slug":"36c3-113-wrint-politikunterricht-die-lernzielkontrolle","link":"https://fahrplan.das-sendezentrum.de/36c3/talk/KLQW7G/","description":"Nach vielen Jahren Politikunterricht wird Holger und das Publikum nun von Thomas zu den grundlegenden Inhalten geprüft.\n\nDer Politikunterricht lief dieses Jahr aus, und bevor Holger versetzt werden kann, muss er eine Lernzielkontrolle über sich ergehen lassen.","original_language":"deu","persons":["Advi"],"tags":["36c3-sendezentrum","113","2019","DLF- und Podcast-Bühne","Sendezentrum"],"view_count":2634,"promoted":false,"date":"2019-12-28T23:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-12-28T23:31:02.828+01:00","length":4697,"duration":4697,"thumb_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/113-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/113-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/113-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/113-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-113-wrint-politikunterricht-die-lernzielkontrolle","url":"https://api.media.ccc.de/public/events/415adc17-f5d6-5ad3-9989-ca0fcf723090","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"f055d2f8-10df-4f62-971f-b17a9b31f951","title":"Security Nightmares 0x14","subtitle":"Was Sie schon immer nicht über darüber wissen wollten wer Ihre Geräte wirklich kontrolliert.","slug":"36c3-11164-security_nightmares_0x14","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11164.html","description":"Was hat sich im letzten Jahr im Bereich IT-Sicherheit getan? Was werden die nächsten Buzzwords sein und welche neuen Trends sind schon heute absehbar?\n\nWie immer wagen wir den IT-Security-Alptraum-Ausblick auf das Jahr 2020 und darüber hinaus. Denn was wir wirklich wissen wollen, ist ja schließlich: Wer hat sich letztes Jahr mit seiner AI gestritten? Und wie entwickelt sich das Berufsbild des Blockchain-Exorzisten weiter? Gibt es bald IT-Sicherheits-Wettervorhersagen im Fernsehen?","original_language":"deu","persons":["frank","Ron"],"tags":["36c3","11164","2019","Entertainment","Main"],"view_count":31089,"promoted":false,"date":"2019-12-30T16:10:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-30T14:00:07.413+02:00","length":4237,"duration":4237,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11164-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11164-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11164-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11164-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11164-security_nightmares_0x14","url":"https://api.media.ccc.de/public/events/f055d2f8-10df-4f62-971f-b17a9b31f951","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"8cd18c98-4e30-4f3c-ab82-90178e7076ad","title":"HAL - The Open-Source Hardware Analyzer","subtitle":"A dive into the foundations of hardware reverse engineering and our netlist analysis framework HAL","slug":"36c3-10879-hal_-_the_open-source_hardware_analyzer","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10879.html","description":"Since the Snowden revelations the fear of stealthy hardware manipulations is no longer regarded as far fetched.\nThis fear is also reflected in the massive discussions sparked by last year's Bloomberg allegations on a supposed hardware spy implant on Supermicro serverboards or the recent USA ban on Huawei telecommunication equipment.\n\nHardware reverse engineering (HRE) is a promising method to detect such manipulations or hidden backdoors.\nHowever, HRE is a highly complex and cumbersome task.\nIt takes months of work as well as expensive equipment to even obtain the netlist of a chip, the equivalent to the binary in software reverse engineering (SRE).\nIn contrast to SRE where various paid or open-source tools for binary analysis exist, e.g., IDA Pro or Ghidra, in HRE simply no tool for netlist analysis were available - neither commercial, nor free.\nTo close this gap, researchers from the Ruhr University Bochum developed HAL, the first open-source netlist analysis framework.\n\nIn this talk, we start with a basic introduction into the challenges of HRE.\nThen, we demonstrate the capabilities of HAL before giving a brief overview on our current research with HAL.\n\nHardware reverse engineering (HRE) is an important technique for analysts to understand the internals of a physical system.\nUse cases range from recovering interface specifications of old chips, over detection of malicious manipulations or patent infringements, to straight up counterfeiting.\nHowever, HRE is a notably complex and cumbersome task which consists of two phases:\nIn the first phase the netlist, i.e., circuit description of a chip, has to be extracted from the physical device.\nSuch a netlist is equivalent to the binary in software reverse engineering (SRE).\nIn the second phase, the analyst then processes the netlist in order to understand (parts of) its functionality.\n\nHowever, obtaining a netlist from a chip can take several months and requires professional and costly equipment as well as expertise.\nEven with a recovered netlist, understanding its functionality is an enormously challenging task.\nThis is partly due to the lack of proper tools for netlist analysis:\nWhile in SRE various commercial or open-source tools for binary analysis exist, e.g., IDA Pro or Ghidra, in HRE simply no tool for netlist analysis was available, neither commercial, nor free.\nTo close this gap, researchers from the Embedded Security group of the Horst-Görtz Institute for IT-Security at the Ruhr University Bochum developed HAL, the first open-source netlist analysis framework.\nInspired by the modularity of its SRE equivalents, HAL can be extended through optimized C++ plugins or directly used as a Python library, while at the same time offering a GUI for explorative and interactive analysis.\nThe project is supposed to give hardware analysts a common platform for the development of new algorithms with a portable design, ultimately aiding both professionals in their daily work as well as researchers in their efforts to publish reproducible results.\n\nIn this talk, we will first introduce the foundations and main challenges of HRE, before giving a live demonstration of HAL and some of its capabilities on selected case studies.\nWe conclude the talk with a glimpse at our associated research at the university that spans both, technical research as well as cross-disciplinary work with psychologists.\n\nOur talk requires only minimum prior knowledge on digital hardware.","original_language":"eng","persons":["Max Hoffmann"],"tags":["36c3","10879","2019","Hardware \u0026 Making","Main"],"view_count":1547,"promoted":false,"date":"2019-12-30T11:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-31T14:30:07.475+02:00","length":3652,"duration":3652,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10879-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10879-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10879-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10879-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10879-hal_-_the_open-source_hardware_analyzer","url":"https://api.media.ccc.de/public/events/8cd18c98-4e30-4f3c-ab82-90178e7076ad","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"c98a6986-b4bb-5503-9985-d1d754db2da9","title":"FSK Modems","subtitle":null,"slug":"36c3-86-fsk-modems","link":"https://fahrplan.chaos-west.de/36c3/talk/JQMCLL/","description":"FSK Modems sind die einfachste praktikable Form von Modems. Sie sind so einfach, dass mit relativ wenig Aufwand bauen kann. Dabei kann man sie unterschiedlich realisieren von relativ einfachen von einfachen Digitalschaltungen bis hin zu einfachen Softwarelösungen. Auch wenn heute die Übertragung von Daten über Telefonleitungen nicht mehr so relevant ist, gibt es immer noch Anwendungen wie beispielsweise im Funkbereich oder wenn man Daten über Kopfhörerausgänge transportieren möchte.\nIn diesem Talk möchte ich einige der Wege aufzeichnen wie man solche Modems realisiert hat.\n\nDieser Talk soll auch dazu inspirieren selbst mal ein paar Zeilen Code zu schreiben oder den Lötkolben zu schwingen um diese Technologie auch heute noch zu verwenden. Gleichzeitig wird es auch noch zeigen wie schön komplexe Zahlen sein können und wofür die eigentlich gut sind.","original_language":"deu","persons":["Christian Berger"],"tags":["36c3-chaoswest","86","2019","The real basic about Bits and Nibbles","ChaosWest"],"view_count":815,"promoted":false,"date":"2019-12-28T18:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-13T23:30:07.252+01:00","length":1051,"duration":1051,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/86-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/86-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/86-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/86-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-86-fsk-modems","url":"https://api.media.ccc.de/public/events/c98a6986-b4bb-5503-9985-d1d754db2da9","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"4b6a36ca-e734-5ae2-99cb-e08f3557d1e3","title":"Encrypted DNS? D'oh! - The Good, Bad and Ugly of DNS-over-HTTPS (DoH)","subtitle":null,"slug":"36c3-128-encrypted-dns-d-oh-the-good-bad-and-ugly-of-dns-over-https-doh-","link":"https://fahrplan.chaos-west.de/36c3/talk/HBQRZE/","description":"Old school DNS is unencrypted and thus prone to MITM-Attacks or DNS-Hijacking. DNS-over-HTTPS (DoH) is trying to solve this finally by encrypting DNS-requests between the client and the resolver. \n\nThere have been previous (failed) attempts of encrypting DNS, but DoH seems to be the most promising so far, because browser makers such as Mozilla and Google are pushing the adoption and plan to roll this technology out to all Firefox and Chrome users. Microsoft ist planning to support DoH in natively in Windows 10.\n\nBut there are a lot of people that are pretty angry and vocal about that move. This includes ISPs and Ad-Companies all over the world. \n\nThis talk will give an overview how DoH came to be, what problems it is trying to solve and what obstacles are hindering the adoption. You'll learn about DNS, encryption, the work on _proposed_ internet standards, how fake news work and why your ISP is tracking you and provides you with falsified information. And you'll learn how to use encrypted DNS.","original_language":"eng","persons":["Sebastian"],"tags":["36c3-chaoswest","128","2019","All about computers","ChaosWest"],"view_count":2269,"promoted":false,"date":"2019-12-28T21:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-15T01:45:04.111+01:00","length":3071,"duration":3071,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/128-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/128-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/128-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/128-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-128-encrypted-dns-d-oh-the-good-bad-and-ugly-of-dns-over-https-doh-","url":"https://api.media.ccc.de/public/events/4b6a36ca-e734-5ae2-99cb-e08f3557d1e3","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"2fb147d5-27be-49a4-a85c-998940f3ae46","title":"#NoPNR – Let’s kill the next Data Retention Law","subtitle":"How to Stop the Dubious Use of Passenger Name Records by Law Enforcement","slug":"36c3-10919-nopnr_let_s_kill_the_next_data_retention_law","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10919.html","description":"The talk will address how passenger name records (PNR) of flight passengers are currently used by law enforcement throughout the European Union to track and identify suspects of a variety of crimes, how this is likely to be only a first step by the security state to surveil our every movement. Two NGOs have joined forces to stop this new form of indiscriminate mass surveillance in the courts and build safeguards against future infringements of our fundamental right to privacy. \n\nThe PNR directive obliges all EU member states to process and save for five years all PNR data of passengers entering or exiting the European Union by plane. All member states have agreed to voluntarily extend this practice to all intra-EU flights as well. Subsequently, the data of hundreds of millions flight passengers are being checked against databases, generating vast amounts of false positives and futile infringements on passengers’ right to privacy. The data are also processed against “pre-determined criteria” which allows law enforcement to define “suspicious flight patterns”. The goal of this profiling of our travel movements is to find suspects among flight passengers that the authorities have never even heard of before. The system has no effective safeguards to prevent vast numbers of people from being falsely labeled as potential terrorists. \n\nMember states are already planning to extend this practice to international buses, trains and ferries – even though the effectiveness of processing flight passengers’ PNR data has yet to be proven. By this logic, the next step would be to track rental cars, then all cars, then mobile phones, and finally getting rid of the criterion “international”, enabling the state to surveil our every movement and to identify those of us who seemingly move around in suspicious patterns. \n\nBut there is hope. The Court of Justice of the European Union (CJEU) has proven before to be critical of indiscriminate mass surveillance affecting people that are not even on the authorities’ radar yet. Therefore, the Gesellschaft für Freiheitsrechte, a German NGO focused on strategic litigation, and epicenter.works, an Austrian NGO focused on protecting human rights in the digital age, have started legal proceedings against the PNR directive, aiming to have German and/or Austrian courts ask the CJEU whether the PNR directive and national transposition laws violate the Charta of Fundamental Rights. \n\nThis talk will explain how law enforcement currently processes PNR data, how this violates fundamental rights, how these surveillance systems may soon extended to other means of transportation, and what strategy civil society is pursuing to stop this from happening.","original_language":"eng","persons":["Walter Hötzendorfer","Bijan Moini"],"tags":["36c3","10919","2019","Ethics, Society \u0026 Politics","Main"],"view_count":573,"promoted":false,"date":"2019-12-30T12:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-12-28T01:15:10.121+01:00","length":2617,"duration":2617,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10919-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10919-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10919-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10919-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10919-nopnr_let_s_kill_the_next_data_retention_law","url":"https://api.media.ccc.de/public/events/2fb147d5-27be-49a4-a85c-998940f3ae46","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"d1d0c29a-a8c3-4c96-b98e-3823b3d27902","title":"The KGB Hack: 30 Years Later","subtitle":"Looking back at the perhaps most dramatic instance of hacking of the 1980s and the role it had in shaping the public image of the CCC.","slug":"36c3-11031-the_kgb_hack_30_years_later","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11031.html","description":"This spring marked the 30th anniversary of the public uncovering of the so-called KGB Hack, bringing with it a number of new articles remembering the event and forging bridges to the present.\n\nThis spring marked the 30th anniversary of the public uncovering of the so-called KGB Hack, bringing with it a number of new articles remembering the event and forging bridges to the present. \nThe 36C3 seems an excellent opportunity to take a look back at the instance of hacking which, even more so than previous events like the BTX and NASA Hacks, brought the CCC into the focus of the (West-)German public – and, additionally, the Federal Office for the Protection of the Constitution (Verfassungsschutz) and the Federal Intelligence Service (Bundesnachrichtendienst). \n\nThis talk aims to focus on the uncovering of the KGB Hack, which began in 1986 when Clifford Stoll, a systems administrator at the University of California in Berkeley, noticed an intruder in his laboratory’s computer system – and, unlike other admins of the time, decided to do something about it. It took three more years of relentless investigation on Stoll’s part and laborious convincing of the authorities of the United States and the Federal Republic of Germany to trace back the intruder to a group of young men loosely connected to the CCC who worked with the KGB, selling information gained from breaking into US military computers to the Soviet Union.  \n\nIn March of 1989, the widely watched West-German television news program \"ARD Im Brennpunkt\" informed the public of the “biggest instance of espionage since the Guillaume affair”. It presented a new quality of high tech espionage, undertaken by “computer freaks”, somewhat shady-seeming young men connected to the Chaos Computer Club. \n\nThe reporting on the KGB Hack had a tremendously negative effect on the public image of hackers in general and the CCC in particular. Now the “computer freaks” were no longer seen as benevolent geeks who pointed out flaws in computer systems - they were criminals, working with the Russians, harming their own country. Sounds familiar? It’s an image which has been lingering until today. ","original_language":"eng","persons":["Anja Drephal"],"tags":["36c3","11031","2019","Ethics, Society \u0026 Politics","Main"],"view_count":18238,"promoted":false,"date":"2019-12-27T22:10:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-30T17:45:08.123+02:00","length":2866,"duration":2866,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11031-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11031-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11031-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11031-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11031-the_kgb_hack_30_years_later","url":"https://api.media.ccc.de/public/events/d1d0c29a-a8c3-4c96-b98e-3823b3d27902","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"35cda8cc-6647-5a55-b87f-2e65057ef9e5","title":"Freifunk Super Node und Firmware Build Server aufsetzen und Provider werden","subtitle":null,"slug":"36c3-oio-182-freifunk-super-node-und-firmware-build-server-aufsetzen-und-provider-werden","link":"https://talks.oio.social/36c3-oio/talk/P9BACD/","description":"Ein howto für Dummis, Freifunk Infrastruktur selber zu betreiben.\n\nEs ist gut, wenn viele Menschen Freifunk Router einrichten können. Doch es ist besser, wenn auch Leute selber einen Super Node betreiben können. Es gibt viele Wege, dies umzusetzen. Ich möchte zeigen, wie ich in letzter Zeit es umgesetzt habe mit mittleren Kenntnissen. Und es wird gezeigt, wie man Provider werden kann.","original_language":"deu","persons":["Matthias Schmidt"],"tags":["36c3-oio","182","2019","Hardware \u0026 Making","OpenInfrastructureOrbit"],"view_count":764,"promoted":false,"date":"2019-12-28T17:15:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-11-30T13:00:02.683+01:00","length":2278,"duration":2278,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/182-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/182-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/182-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/182-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-182-freifunk-super-node-und-firmware-build-server-aufsetzen-und-provider-werden","url":"https://api.media.ccc.de/public/events/35cda8cc-6647-5a55-b87f-2e65057ef9e5","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"c6410063-47d5-592d-8474-ca86c5b22713","title":"Operation Mindfuck Vol. 3","subtitle":null,"slug":"36c3-66-operation-mindfuck-vol-3","link":"https://cfp.verschwoerhaus.de/36c3/talk/9BS3FB/","description":"Wir präsentieren zum dritten Mal einen bunten Blumenstrauß aus Nerdsniping-Themen – einige unserer Lieblingsfakten über Computer, Kunst und Kuriositäten! Wir ziehen viel Inspiration aus neuen und absurden Ideen, und möchten diese Begeisterung mit euch teilen!\n\nEs gibt Aufzeichnungen von [Vol. 1](https://morr.cc/operation-mindfuck/) und [Vol. 2](https://morr.cc/operation-mindfuck-2/)!","original_language":"deu","persons":["blinry","bleeptrack"],"tags":["36c3-wikipakawg","66","2019","Art \u0026 Culture","WikiPakaWG"],"view_count":4995,"promoted":false,"date":"2019-12-29T21:00:00.000+01:00","release_date":"2020-01-04T01:00:00.000+01:00","updated_at":"2026-03-12T20:45:07.275+01:00","length":3957,"duration":3957,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/66-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/66-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/66-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/66-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-66-operation-mindfuck-vol-3","url":"https://api.media.ccc.de/public/events/c6410063-47d5-592d-8474-ca86c5b22713","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"ec7f954e-db31-560e-ab47-0c2e57bd18ed","title":"Free access to substitution plans – Deobfuscation adventures","subtitle":null,"slug":"36c3-79-free-access-to-substitution-plans-deobfuscation-adventures","link":"https://cfp.verschwoerhaus.de/36c3/talk/PMD8TF/","description":"Many schools in Germany choose to distribute their substitute plans via a proprietary platform. The provided client software is not very pleasurable to use and inconveniences users with its dependency on Google Play Services. That's why I develop a free client for Android called DSBDirect, which is able to display plans in a nice, filtered way.\n\nMany schools in Germany choose to distribute their substitute plans via the proprietary [[DSB platform]](https://heinekingmedia.de/education/digitales-schwarzes-brett). The provided client software is not very pleasurable to use and inconveniences users with its dependency on Google Play Services. That's why I develop a free client for Android called DSBDirect, which is able to display plans in a nice, filtered way. Since they noticed my app, the company operating DSB has been obfuscating their various endpoints more and more in an attempt to prevent my app from working, while on the other hand not being very competent at security. It's a cat-and-mouse game.","original_language":"eng","persons":["Fynn"],"tags":["36c3-wikipakawg","79","2019","Ethics, Society \u0026 Politics","WikiPakaWG"],"view_count":521,"promoted":false,"date":"2019-12-29T17:00:00.000+01:00","release_date":"2020-01-22T00:00:00.000+01:00","updated_at":"2025-10-16T10:45:06.230+02:00","length":1889,"duration":1889,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/79-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/79-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/79-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/79-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-79-free-access-to-substitution-plans-deobfuscation-adventures","url":"https://api.media.ccc.de/public/events/ec7f954e-db31-560e-ab47-0c2e57bd18ed","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"53f01da7-4793-4f96-a158-c375966b8068","title":"Reducing Carbon in the Digital Realm","subtitle":"How to understand the environmental impact of the digital products you build, and take measurable steps to “green your stack”","slug":"36c3-11113-reducing_carbon_in_the_digital_realm","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11113.html","description":"In this talk, you'll learn about the environmental impact of the digital products and services you build, why this matters. You’ll be introduced to a mental model, known as Platform, Packets, Process,  for measuring and identifying emissions hotspots in digital products, and the steps you can take to reduce them.\n\n\nYou might have heard stories about how bitcoin, or the internet itself, is responsible for an ever-growing share of global carbon emissions. \n\nBut it doesn’t need to be this way.\n\nDid you know that just by switching AWS regions in the US, you can wipe out a huge chunk of the carbon footprint from running your tech infrastructure? Most people don't, and we need stuff like this to be common knowledge in our industry - we need to know how to build digital products without needing to emit carbon, the same way we expect people in automotive industries to how to build cars with without needing lead in the fuel.\n\nIn this talk, you'll learn about the environmental impact of the digital products and services you build, and a about a mental model, known as Platform, Packets, Process,  for measuring and identifying emissions hotspots in the way you build them.\n\nYou’ll also see how to use skills you already have to make meaningful, measurable improvements to the environmental impact of the digital products and services you build, and the open source tools available to support you in your efforts to green your stack.\n","original_language":"eng","persons":["Chris Adams"],"tags":["36c3","11113","2019","Resilience \u0026 Sustainability","Main"],"view_count":1683,"promoted":false,"date":"2019-12-28T12:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2025-11-21T17:45:05.321+01:00","length":3713,"duration":3713,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11113-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11113-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11113-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11113-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11113-reducing_carbon_in_the_digital_realm","url":"https://api.media.ccc.de/public/events/53f01da7-4793-4f96-a158-c375966b8068","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"1416acfc-d57c-5e6a-b2a4-958bc28154ff","title":"Oh no, not I, I will survive!  - Wie man eine (...-)Prüfung überlebt","subtitle":null,"slug":"36c3-145-oh-no-not-i-i-will-survive-wie-man-eine-jahresabschluss-revisions-zertifikats-prfung-berlebt","link":"https://fahrplan.chaos-west.de/36c3/talk/AWGLR9/","description":"Früher oder später kommen viele in die Situation, dass ihre Arbeitsergebnisse geprüft werden. Sei es von der Compliance, der internen Revision, im Rahmen der Jahresabschlussprüfung oder aufgrund einer ISO 27001 Zertifizierung. Dennoch ist einmal immer das erste Mal – und auch mit der Zeit kann so eine Situation unangenehm sein, wenn man z.B. nicht genau weiß was einen erwartet, welche Informationen benötigt werden oder worauf das Gegenüber achtet.\n\nIch möchte euch einen kleinen Einblick geben, wie eine Prüfung üblicherweise abläuft, welche Fragen-Arten auftauchen können und was Mensch tun kann, um darauf vorbereitet zu sein. Dies ist ein Einführungs-Talk für Anfänger*innen, ihr müsst also weder in so einer Situation gewesen sein, noch wissen was die Inhalte des ISO 27001 sind.","original_language":"deu","persons":["Diula"],"tags":["36c3-chaoswest","145","2019","The real basic about Bits and Nibbles","ChaosWest"],"view_count":855,"promoted":false,"date":"2019-12-28T14:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-09-25T01:45:03.314+02:00","length":1331,"duration":1331,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/145-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/145-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/145-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/145-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-145-oh-no-not-i-i-will-survive-wie-man-eine-jahresabschluss-revisions-zertifikats-prfung-berlebt","url":"https://api.media.ccc.de/public/events/1416acfc-d57c-5e6a-b2a4-958bc28154ff","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"299489a2-2c7f-4b61-afba-587ecb457c56","title":"Polizei-Datenbanken und Minderheiten: Staatliche Stigmatisierung und Diskriminierung von Sinti und Roma","subtitle":null,"slug":"36c3-10828-polizei-datenbanken_und_minderheiten_staatliche_stigmatisierung_und_diskriminierung_von_sinti_und_roma","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10828.html","description":"Für Sinti*zze und Roma*nja gehören Anfeindungen zum Alltag. Auch bei Ermittlungsbehörden stehen sie unter Generalverdacht: Es steht zu befürchten, dass die Polizei in unterschiedlichen Bundesländern rechtswidrig Daten zu ethnischer Herkunft erhebt und veröffentlicht.\n\nWarum ist es so gefährlich, ethnische Herkunft in Polizeidatenbanken zu erfassen? Und was für Konsequenzen hat es, sie in Berichterstattung zu erwähnen? Wann darf die Polizei überhaupt Daten zu ethnischer Herkunft erheben? Und wann und mit welchen Methoden tut sie es vielleicht trotz Verbots? \n\nFür Sinti*zze und Roma*nja gehören auch in Deutschland Anfeindungen in allen Lebenslagen zum Alltag. Auch bei Ermittlungsbehörden stehen sie unter Generalverdacht: Es steht zu befürchten, dass die Polizei in unterschiedlichen Bundesländern rechtswidrig Daten zu ethnischer Herkunft erhebt und veröffentlicht. In Pressemitteilungen der Polizei tauchen immer wieder Hinweise auf die ethnische Herkunft auf, vor allem bei Tatverdächtigen, seltener bei Opfern oder Zeug*innen. Die Berliner Polizei hat in der Kriminalstatistik 2017 den Hinweis veröffentlicht, dass die Mehrheit der Tatverdächtigen von „Trickdiebstahl in Wohnungen“ Angehörige der Volksgruppe Sinti und Roma seien: Dass es rechtswidrig ist, wenn die Polizei die zugrunde liegenden Daten tatsächlich erhebt, ist unstreitig. \n\nIn Kooperation mit dem Zentralrat hat die Gesellschaft für Freiheitsrechte e.V. (GFF) im Fall der Berliner Polizeikriminalstatistik bei der Berliner Landesdatenschutzbeauftragten ein Beschwerdeverfahren wegen des Verdachts auf Diskriminierung von Sinti*zze und Roma*nja lanciert. Beide Organisationen prüfen gemeinsam weitere rechtliche Möglichkeiten.\n\nWarum ist es so gefährlich, ethnische Herkunft in Polizeidatenbanken zu erfassen? Und was für Konsequenzen hat es, sie in Berichterstattung zu erwähnen? Wann darf die Polizei überhaupt Daten zu ethnischer Herkunft erheben? Und wann tut sie es vielleicht trotz Verbots? Und mit welchen Methoden erhebt die Polizei überhaupt die ethnische Herkunft? \n\nDie Gesellschaft für Freiheitsrechte e.V. (GFF) und der Zentralrat Deutscher Sinti und Roma wollen diese Fragen gemeinsam mit dem Publikum diskutieren. \n\nAnja Reuss ist Politische Referentin des Zentralrats Deutscher Sinti und Roma, der politischen Interessenvertretung der deutschen Sinti und Roma mit Sitz in Heidelberg. Als Dachverband setzt sich der Zentralrat auf nationaler und internationaler Ebene für eine gleichberechtigte Teilhabe von Sinti und Roma in Politik und Gesellschaft sowie für die Auseinandersetzung mit und Bekämpfung von Antiziganismus ein.\n\nLea Beckmann ist Juristin und Verfahrenskoordinatorin der Gesellschaft für Freiheitsrechte e.V. (GFF). Die GFF ist eine NGO, die durch strategische Prozesse Grund- und Menschenrechte stärkt und zivilgesellschaftlichen Partnerorganisationen rechtlich unterstützt. In ihren Verfahren setzt sich die GFF dabei immer wieder kritisch mit polizeilichen Ermittlungsbefugnissen auseinander, sei dies im Zusammenhang mit dem Einsatz von Späh-Software oder bei der Datenerhebung. \n","original_language":"deu","persons":["Lea Beckmann","Anja Reuss"],"tags":["36c3","10828","2019","Ethics, Society \u0026 Politics","Main"],"view_count":2529,"promoted":false,"date":"2019-12-28T16:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-23T21:45:07.256+01:00","length":2410,"duration":2410,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10828-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10828-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10828-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10828-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10828-polizei-datenbanken_und_minderheiten_staatliche_stigmatisierung_und_diskriminierung_von_sinti_und_roma","url":"https://api.media.ccc.de/public/events/299489a2-2c7f-4b61-afba-587ecb457c56","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"6f9aaed7-537d-50b6-a5e8-25ef1f65583d","title":"SaveTheInternet - Die Urheberrechtsreform als Zündfunke demokratischer Teilhabe","subtitle":null,"slug":"36c3-oio-170-savetheinternet-die-urheberrechtsreform-als-zndfunke-demokratischer-teilhabe","link":"https://talks.oio.social/36c3-oio/talk/VSV8Y8/","description":"Eine kurze Erzählung von den Anfängen der Protestbewegung bis heute und darüber hinaus. Wenn eine spontan gebildete Menge an Menschen beginnt die Werkzeuge der Demokratie zu nutzen ist das vorläufige Ergebnis eine der größten Petitionen weltweit und über 200.000 kreativ Protestierende auf den Straßen Europas. War es das schon oder kommt da noch etwas? Welche Auswirkungen haben demokratische Werkzeuge wie Petitionen und Demonstrationen? Kann man die nächsten Proteste voraussehen oder wie entstehen Wellen der Aufmerksamkeit? Hat sich eine neue Empörung zum ersten oder zum letzen Mal aufgetan? Von vernetzen Livestreams während der Proteste bis zu Community Aktionen wie Meme-Events und Briefraids.","original_language":"deu","persons":["segal","Thomas Knebl"],"tags":["36c3-oio","170","2019","Ethics, Society \u0026 Politics","OpenInfrastructureOrbit"],"view_count":509,"promoted":false,"date":"2019-12-27T20:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-02-05T11:15:09.870+01:00","length":1551,"duration":1551,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/170-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/170-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/170-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/170-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-170-savetheinternet-die-urheberrechtsreform-als-zndfunke-demokratischer-teilhabe","url":"https://api.media.ccc.de/public/events/6f9aaed7-537d-50b6-a5e8-25ef1f65583d","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"af7b586c-8221-4371-91d2-3641497710a9","title":"The Large Hadron Collider Infrastructure Talk","subtitle":null,"slug":"36c3-10760-the_large_hadron_collider_infrastructure_talk","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10760.html","description":"The Large Hadron Collider (LHC) is the biggest particle accelerator on Earth. It was built to study matter in more detail than ever before and prove physical theories like the Standard Model of Particle Physics. This talk will focus on the engineering aspects of LHC. How was it built? What makes it tick? Which technologies are needed to create a such powerful machine? This talk will take you on a journey to explore how the most complex machine ever built by humans works.\n\nDuring previous CCCs, several talks described what kind of data the experiments of LHC look out for, how the data is stored, how physicists are analysing data and how they extract their huge discoveries. Often times though, the presence of the particle accelerator itself is taken for granted in light of these findings. \nThat's why this talk will give an in-depth engineering summary about that 'particle accelerator'. We'll shed light on the big technology and engineering problems that had to be solved before being able to build a machine that we take for granted these days. Among other things, we will describe how to cool down several thousand tons of magnets to -271.25°C, how to safely dissipate ~500 MegaJoule of energy in just a fraction of a second, or how to bend a beam of particles around a corner while it's moving along with ~99,9999991% of the speed of light. Of course, we'll also touch on the bits that make collecting the data gathered in all the physics detectors possible in the first place.","original_language":"eng","persons":["sev","thasti"],"tags":["36c3","10760","2019","Science","Main"],"view_count":3644,"promoted":false,"date":"2019-12-27T16:10:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-04T21:00:10.539+01:00","length":3500,"duration":3500,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10760-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10760-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10760-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10760-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10760-the_large_hadron_collider_infrastructure_talk","url":"https://api.media.ccc.de/public/events/af7b586c-8221-4371-91d2-3641497710a9","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"53015074-4e23-5385-8857-0b6613990693","title":"Rechter Feminismus in der 'Identitären Bewegung' ? How to red pill a woman","subtitle":"","slug":"36c3-115-rechter-feminismus-in-der-identitren-bewegung-oder-how-to-red-pill-a-woman","link":"https://fahrplan.chaos-west.de/36c3/talk/M8NMW7/","description":"\u003cp\u003eDer Feminismus ist Feindbild der rechten Szenen. So auch in der \u0026sbquo;Identit\u0026auml;ren Bewegung\u0026lsquo;. Neben Praktiken des Otherings und Diffamierungen gegen Feminist*innen und andere Akteur*innen des Gender-Diskurses behaupten die \u0026sbquo;Identit\u0026auml;ren\u0026lsquo;, sich f\u0026uuml;r Frauen viel gewissenhafter einzusetzen als \u0026bdquo;die Linken\u0026ldquo; es t\u0026auml;ten: Denn Feminismus mache Frauen ungl\u0026uuml;cklich und mache sie langfristig zu unfrei. Frauen lie\u0026szlig;en sich von \u0026bdquo;linksgr\u0026uuml;nversifften\u0026ldquo; Mainstreammedien und der Politik unwissentlich emotional erpressen und w\u0026auml;hlten darum Parteien\u0026not;, die in der Lesart der IB Frauen nur Ungl\u0026uuml;ck br\u0026auml;chten. Die \u0026Uuml;berzeugungsstrategien, die genutzt werden, um Frauen auf die \u0026bdquo;rechte Seite\u0026ldquo; zu ziehen, wird in der Szene als \u0026bdquo;red pilling\u0026ldquo; bezeichnet \u0026ndash; eine Metapher von misogynen M\u0026auml;nnerrechtlern, die durch \u0026bdquo;Gamergate\u0026ldquo; auch andere Szenen erreichte. Ich werde die vermeintlich \u0026sbquo;harmlos\u0026lsquo; erscheinenden Social-Media-Darstellungen der \u0026sbquo;Identit\u0026auml;ren\u0026lsquo; \u0026ndash; wie das \u0026bdquo;private\u0026rsquo; Instagramfoto einer Schwangeren im Kornfeld \u0026ndash; analysieren, und zeigen, welche mehr oder weniger subtilen Reproduktion von stereotypischen, antifeministischen Rollenbildern transportiert werden, die vordergr\u0026uuml;ndig als \u0026bdquo;frauenfreundlich\u0026ldquo; angeboten werden.\u003c/p\u003e","original_language":"deu","persons":["Marie Rodewald"],"tags":["36c3-chaoswest","115","2019","Antifaschismus","ChaosWest"],"view_count":2214,"promoted":false,"date":"2019-12-28T16:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-31T23:30:08.272+02:00","length":1577,"duration":1577,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/115-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/115-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/115-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/115-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-115-rechter-feminismus-in-der-identitren-bewegung-oder-how-to-red-pill-a-woman","url":"https://api.media.ccc.de/public/events/53015074-4e23-5385-8857-0b6613990693","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"f01cfe55-1ef7-4c9f-84be-276730cdbef8","title":"Nutzung öffentlicher Klimadaten","subtitle":"Früher war mehr Schnee","slug":"36c3-10571-nutzung_offentlicher_klimadaten","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10571.html","description":"'In meiner Jugend war mehr Schnee!' oder 'Früher war es auch schon heiß!' könnte man so glauben, je nach Vehemenz des Ausrufs, oder man schaut halt nach. \u003cinsert old man jells at cloud meme\u003e\n\nModerne Klimamodelle werden aus den lokalen Beobachtungen des Wetters gespeist. Durch die Verwendung historischer Daten vergangener Jahrzehnte werden aktuelle Modelle auch auf diesen Zeitraum ausgedehnt. Wir können also nachsehen, wie heiß es war oder wie tief der Schnee auf dem Weg zur Schule denn wirklich war. Dies ist auch dann möglich wenn die lokalen Aufzeichnungen selbst nicht immer online verfügbar sind. Zahlreiche staatliche und überstaatliche Organisationen stellen inzwischen die Produkte ihrer Klimamodelle, mit Einstiegshürden unterschiedlicher Höhe, für die Öffentlichkeit bereit. Der Verbreitungsweg dieser Daten variiert irgendwo zwischen csv Dateien auf öffentlichen FTP Servern, API Schnittstellen zum maßgeschneiderten Datenabruf (auch gerne mal von Magnetband) und thematisch fertig aufbereiteten Visualisierungen. \n\nDieser Beitrag zeigt eine kleine Auswahl an Diensten (z.B. Opendata des Deutschen Wetterdienstes, Land Data Assimilation System der NASA), die den Zugang zu globalen Klimadaten ermöglichen. Am Beispiel des European Centre for Medium-Range Weather Forecasts (ECMWF) und des Copernicus Climate Change Service werden sowohl API Zugriff zum Download der Daten als auch die Möglichkeit der Onlineberechung über ein Webinterface dargestellt.\n\nSchauen wir mal, was wir so finden.","original_language":"deu","persons":["manuel"],"tags":["36c3","10571","2019","Science","Main"],"view_count":2108,"promoted":false,"date":"2019-12-29T21:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-02-03T16:15:10.012+01:00","length":2463,"duration":2463,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10571-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10571-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10571-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10571-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10571-nutzung_offentlicher_klimadaten","url":"https://api.media.ccc.de/public/events/f01cfe55-1ef7-4c9f-84be-276730cdbef8","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"7f7de0de-2955-40be-8df1-fabe740b0b83","title":"Climate Modelling","subtitle":"The Science Behind Climate Reports","slug":"36c3-10896-climate_modelling","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10896.html","description":"When climate activists say you should listen to the science they usually\r\nrefer to reports by the Intergovernmental Panel on Climate Change (IPCC). The IPCC is an Intergovernmental organization (IGO) providing an objective summary of scienctific results regarding climate change, its impacts and its reasons. The simulation of future climate is one\r\nfundamental pillar within climate research. But what is behind it? How does the science sector look like? How do we gain these insights, what does it mean?\r\n\r\nThis lecture aims at answering these questions. In particular, it\r\nprovides an overview about some basic nomenclature for\r\na better understanding of what climate modelling is about.\u003cbr\u003e\r\n\r\nThe following topics will be addressed:\r\n\u003cul\u003e\r\n\u003cli\u003eWho does climate modelling?\u003cbr\u003e\r\nWhich institutes, infrastructures, universities, initiatives are\r\nbehind it and which are the conferences climate scientists go to. What\r\nbackground do climate scientists have?\r\n\u003c/li\u003e\r\n\r\n\u003cli\u003eWhat is the difference between climate projections and weather\r\npredictions? Why is it called a climate projection\r\nand not climate prediction? While climate scientists are not able to\r\npredict weather at a specific date in a decade, why does it\r\nstill make sense to propose general trends under certain conditions?\r\n\u003c/li\u003e\r\n\r\n\u003cli\u003eWhat is a climate model, what is an impact model and what is the\r\ndifference between these? What are components and features\r\nof the different kind of models? Here, some examples will be shortly\r\npresented (e.g.atmosphere, ocean, land, sea ice).\r\n\u003c/li\u003e\r\n\r\n\u003cli\u003eQuite a few models are open source and freely accessible. If there is\r\ntime I will shortly show you how you\r\ncould install an impact model (example mHM) on your local PC. How\r\naccessible is the data used for the projections\r\nfor the IPCC reports?\u003c/li\u003e\r\n\r\n\u003cli\u003eOverview over the used infrastructure (for example JUWELS, a\r\nsupercomputer in Jülich), programming languages, software components\r\n\u003c/li\u003e\r\n\u003c/ul\u003e","original_language":"eng","persons":["skalabyrinth"],"tags":["36c3","10896","2019","Science","Main"],"view_count":2773,"promoted":false,"date":"2019-12-27T17:30:00.000+01:00","release_date":"2020-01-04T01:00:00.000+01:00","updated_at":"2026-03-29T09:15:03.273+02:00","length":2789,"duration":2789,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10896-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10896-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10896-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10896-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10896-climate_modelling","url":"https://api.media.ccc.de/public/events/7f7de0de-2955-40be-8df1-fabe740b0b83","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"35f647fc-1849-5194-a354-2e855e7a642d","title":"Raumfahrtantriebe","subtitle":null,"slug":"36c3-oio-157-raumfahrtantriebe","link":"https://talks.oio.social/36c3-oio/talk/SHDVXB/","description":"Wie kommt man eigentlich in den Weltraum und was ist an so ein bisschen Schub so kompliziert *?\n\nWarum sehen Raumfahrtantriebe so aus wie sie sind und was wird sich mit \"New Space\" alles ändern?\n\n\n(*)insert rocket science joke here\n\nPreview\n1. Wie erzeugt man Schub?\n-\tWas ist eine Raketenmotor -triebwerk?\n-\tWarum fliegen Flaschenraketen mit Wasser höher?\n\n2. Feststoffraketen\n-\tFeuerwerk, Modellbau oder Shuttle Booster\n-\tBrennprofile\n\n3. Flüssigraketen\n-\tGoddards erste Versuche\n-\tKomplex, teuer, fehleranfällig und warum wir trotzdem Flüssigtreibstoffe nutzen\n3.1. Brennkammer\n-\tAufbau und Eigenschaften\n3.2. Turbopumpen\n-\tWie kommt der Treibstoff und Oxidator in die Brennkammer\n3.3. Düsen\n-\twarum überhaupt Düsen und warum sehen sie so aus wie sie sind\n-\tAerospike\n3.4. Treibstoffe\n-\tEin wenig Chemie.  Mono-, Bi- und Tritreibstoff \n3.5. 5,4 all engines running,2,1,0 lift off\n-\tWie man eine Rakete startet Soyuz, Titan II, Delta 4 und das Space-Shuttle\n4. Hybridraketen\n-\tDie Komplexität einer Flüssigrakete mit den Nachteilen einer Feststoffrakete\n5. Ionenantrieb\n-\tWenig Schub aber hoher Impuls \n-\tAufbau und Eigenschaften\n6. Solar Sail\n-\tEin Segel spannen und mit dem Sonnenwind dahingleiten\n7. Nuklearantriebe\n-\tEin fliegender Kernreaktor, was kann da schon schief gehen?\n-\tin 200 Tagen zum Mars und zurück","original_language":"deu","persons":["Äpex"],"tags":["36c3-oio","157","2019","Hardware \u0026 Making","OpenInfrastructureOrbit"],"view_count":3676,"promoted":false,"date":"2019-12-29T13:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-23T14:30:08.299+01:00","length":2611,"duration":2611,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/157-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/157-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/157-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/157-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-157-raumfahrtantriebe","url":"https://api.media.ccc.de/public/events/35f647fc-1849-5194-a354-2e855e7a642d","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"c3faf993-7f9c-473e-8a86-57adf6b0fd2a","title":"Framing digital industry into planetary limits and transition policies","subtitle":"The environmental costs of digital industry and pathways to sustainability","slug":"36c3-11237-framing_digital_industry_into_planetary_limits_and_transition_policies","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11237.html","description":"A lecture on the environmental impacts of digital industry today and how to think about and design digital tools with limited energy and resources.\n\nIn his lecture Gauthier Roussilhe  summarises what we know today about the environmental impacts of digital industry. He addresses the sustainability of the current trajectory and how to think differently about digital industry.\n\nContesting the myths of dematerialisation and of the global village, he gives examples of digital web design based on CO2/energy budget rather than monetary budget. He also gives examples of digital tools that accept the materiality of their territory (geographical, infrastructures) to think of new digital uses.","original_language":"eng","persons":["Gauthier Roussilhe"],"tags":["36c3","11237","2019","Resilience \u0026 Sustainability","Main"],"view_count":445,"promoted":false,"date":"2019-12-28T18:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2025-08-02T14:08:00.949+02:00","length":2497,"duration":2497,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11237-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11237-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11237-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11237-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11237-framing_digital_industry_into_planetary_limits_and_transition_policies","url":"https://api.media.ccc.de/public/events/c3faf993-7f9c-473e-8a86-57adf6b0fd2a","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"b6905252-7db6-5e9a-a2a0-dfc04b2fd6a2","title":"Emergency VPN: Analyzing mobile network traffic to detect digital threats","subtitle":null,"slug":"36c3-155-emergency-vpn-analyzing-mobile-network-traffic-to-detect-digital-threats","link":"https://fahrplan.chaos-west.de/36c3/talk/EARPZB/","description":"The access to surveillance technology by governments and other powerful actors has increased in the last decade. Nowadays malicious software is one of the tools to-go when attempting to monitor and surveil victims. In contrast, the target of these attacks, typically journalists, lawyers, and other civil society workers, have very few resources at hand to identify an ongoing infection in their laptops and mobile devices. \n\n In this presentation we would like to introduce the Emergency VPN, a solution we developed at the Czech Technical University as part of the CivilSphere project. The Emergency VPN is designed to provide a free and high quality security assessment of the network traffic of a mobile device in order to early identify mobile threats that may jeopardize the security of an individual. \n\n The presentation will cover the design of the Emergency VPN as a free software project, the instructions of how a user can work with it, and some success cases where we could detect different infections on users.\n\n We expect attendees will leave this session with a more clear overview of what the threat landscape looks like, what are the options for users that suspect their phone is infected, and how the Emergency VPN can help in those cases.\n\n More information about the Emergency VPN can be found at CivilSphere's website: https://www.civilsphereproject.org","original_language":"eng","persons":["Sebastian Garcia","Veronica Valeros"],"tags":["36c3-chaoswest","155","2019","All about computers","ChaosWest"],"view_count":752,"promoted":false,"date":"2019-12-27T17:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-20T22:00:08.805+01:00","length":1320,"duration":1320,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/155-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/155-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/155-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/155-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-155-emergency-vpn-analyzing-mobile-network-traffic-to-detect-digital-threats","url":"https://api.media.ccc.de/public/events/b6905252-7db6-5e9a-a2a0-dfc04b2fd6a2","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"9cbacaba-92e8-452b-8878-be42881f3cd1","title":"KTRW: The journey to build a debuggable iPhone","subtitle":null,"slug":"36c3-10806-ktrw_the_journey_to_build_a_debuggable_iphone","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10806.html","description":"Development-fused iPhones with hardware debugging features like JTAG are out of reach for many security researchers. This talk takes you along my journey to create a similar capability using off-the-shelf iPhones. We'll look at a way to break KTRR, a custom hardware mitigation Apple developed to prevent kernel patches, and use this capability to load a kernel extension that enables full-featured, single-step kernel debugging with LLDB on production iPhones.\n\nThis talk walks through the discovery of hardware debug registers on the iPhone X that enable low-level debugging of a CPU core at any time during its operation. By single-stepping execution of the reset vector, we can modify register state at key points to disable KTRR and remap the kernel as writable. I'll then describe how I used this capability to develop an iOS kext loader and a kernel extension called KTRW that can be used to debug the kernel with LLDB over USB.","original_language":"eng","persons":["Brandon Azad"],"tags":["36c3","10806","2019","Security","Main"],"view_count":1411,"promoted":false,"date":"2019-12-28T20:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-15T15:45:08.148+01:00","length":3291,"duration":3291,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10806-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10806-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10806-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10806-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10806-ktrw_the_journey_to_build_a_debuggable_iphone","url":"https://api.media.ccc.de/public/events/9cbacaba-92e8-452b-8878-be42881f3cd1","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"8adb2800-bbf6-4a58-8d3d-a95ef0dab5de","title":"Das nützlich-unbedenklich Spektrum","subtitle":"Können wir Software bauen, die nützlich /und/ unbedenklich ist?","slug":"36c3-10608-das_nutzlich-unbedenklich_spektrum","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10608.html","description":"Eine Software ist unbedenklich, wenn man sie auf ungefilterte Daten aus einem Webformular aufrufen kann, ohne prüfen zu müssen, ob dann etwas schlimmes passieren kann. In der Praxis lässt sich ein Kontinuum zwischen Nützlichkeit und Unbedenklichkeit als Kontrahenten beobachten. Software fängt häufig eher unbedenklich an, und wird dann immer bedenklicher, je mächtiger sie wird. Dieser Vortrag will a) diese Beobachtung beschreiben und b) fragen, wie man die Unbedenklichkeit beibehalten kann. Gibt es da Abstufungen? Metriken? Kriterien, die bei einer konkreten Entscheidung helfen können?\n\nDie Kernidee dieses Vortrages ist es, von reaktiver Security (\"wir packen einfach alles in eine VM / einen Container / eine Sandbox\") wegzukommen hin zu einer vertrauenswürdigen Software-Infrastruktur, der man auch ohne Einsperren trauen kann.\u003cp\u003e\nDie offensichtliche Frage ist, wie man sowas konstruieren würde. Noch wichtiger ist aber die Frage, woran wir vertrauenswürdige Software überhaupt erkennen können.\u003cp\u003eDiese Metrik wäre dann auch hilfreich, um zu erkennen, ob unsere Einsperr-Methode überhaupt vertrauenswürdig war.","original_language":"deu","persons":["Fefe"],"tags":["36c3","10608","2019","Security","Main"],"view_count":16592,"promoted":false,"date":"2019-12-28T14:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-04-01T03:45:03.101+02:00","length":3819,"duration":3819,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10608-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10608-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10608-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10608-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10608-das_nutzlich-unbedenklich_spektrum","url":"https://api.media.ccc.de/public/events/8adb2800-bbf6-4a58-8d3d-a95ef0dab5de","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"81b0de17-dbef-5da7-80e8-4d9ae563a4fd","title":"Freifunk und die Haftungsprivilegierung des Telemediengesetzes","subtitle":null,"slug":"36c3-oio-188-freifunk-und-die-haftungsprivilegierung-des-telemediengesetzes","link":"https://talks.oio.social/36c3-oio/talk/MPCRC8/","description":"Seit Jahren kämpfen wir um die Haftungsprivilegierung für Freifunker. Als Zugangsvermittler in das Internet hat der Gesetzgeber den Freifunker als Diensteanbieter von Ansprüchen Dritter freigestellt. Nach dem Gesetz ist der Freifunker für die Handlungen Dritter im Internet nicht verantwortlich. Wie die Rechtssprechung die gesetzliche Regelung anwendet, möchte ich Euch in meinem Vortrag berichten.\n\nIch würde gerne den Vortrag in meinen Bericht über die einzelnen Freifunk-Verfahren gegen die Rechteinhaber einbetten. Ich weiß noch nicht recht, wie ich den Zusammenhang gestalte. Mit wem könnte ich darüber sprechen?","original_language":"deu","persons":["Beata Hubrig"],"tags":["36c3-oio","188","2019","Ethics, Society \u0026 Politics","OpenInfrastructureOrbit"],"view_count":747,"promoted":false,"date":"2019-12-29T19:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-01-14T16:00:09.617+01:00","length":2772,"duration":2772,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/188-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/188-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/188-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/188-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-188-freifunk-und-die-haftungsprivilegierung-des-telemediengesetzes","url":"https://api.media.ccc.de/public/events/81b0de17-dbef-5da7-80e8-4d9ae563a4fd","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"27405d5b-3715-5b98-977a-6e9319f1c0a3","title":"Aufregen oder Abregen?!","subtitle":null,"slug":"36c3-109-aufregen-oder-abregen-","link":"https://fahrplan.das-sendezentrum.de/36c3/talk/9ASKAV/","description":"Der Einmischen Podcast ist für ein paar Rant und sich eher Aufregen bekannt unser Politiklehrer Thomas ist da eher der zynische Pol der Podcastszene. Beide versuchen in dem kleinen Jahresrückblick mal die Aufreger auf ein Minimum zu senken. Unterhaltung garantiert.\n\nDer Einmischen Podcast ist für ein paar Rant und sich eher Aufregen bekannt unser Politiklehrer Thomas ist da eher der zynische Pol der Podcastszene. Beide versuchen in dem kleinen Jahresrückblick mal die Aufreger auf ein Minimum zu senken. Unterhaltung garantiert.","original_language":"deu","persons":["Jenny","Advi"],"tags":["36c3-sendezentrum","109","2019","DLF- und Podcast-Bühne","Sendezentrum"],"view_count":845,"promoted":false,"date":"2019-12-27T20:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-06-09T13:15:07.252+02:00","length":3702,"duration":3702,"thumb_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/109-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/109-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/109-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/109-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-109-aufregen-oder-abregen-","url":"https://api.media.ccc.de/public/events/27405d5b-3715-5b98-977a-6e9319f1c0a3","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"16fa19a5-66a8-5104-9804-44ac491f4936","title":"Measuring Code Contributions in Wikimedia's Technical Community","subtitle":null,"slug":"36c3-89-measuring-code-contributions-in-wikimedia-s-technical-community","link":"https://cfp.verschwoerhaus.de/36c3/talk/V378DD/","description":"A lightning talk about technical contributions in Wikimedia projects that we can currently measure and the challenges that we face.\n\nStatistics can help to better understand communities and their needs. This lightning talk shows how Wikimedia uses the free and open source software \"GrimoireLab\" to get some data about its technical contributor base, and also covers some of the challenges that we face when it comes to measuring.","original_language":"eng","persons":["Andre Klapper"],"tags":["36c3-wikipakawg","89","2019","Hardware \u0026 Making","WikiPakaWG"],"view_count":199,"promoted":false,"date":"2019-12-28T14:10:00.000+01:00","release_date":"2020-01-22T00:00:00.000+01:00","updated_at":"2026-01-29T22:45:10.198+01:00","length":887,"duration":887,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/89-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/89-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/89-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/89-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-89-measuring-code-contributions-in-wikimedia-s-technical-community","url":"https://api.media.ccc.de/public/events/16fa19a5-66a8-5104-9804-44ac491f4936","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"9af057bd-eb94-41f6-8005-f322ecf66662","title":"Art against Facebook","subtitle":"Graffiti in the ruins of the feed and the party-info-capital is emigrating","slug":"36c3-11178-art_against_facebook","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11178.html","description":"There is graffiti in the ruins of the feed and the event-info-capital is emigrating.\n\nCurrently Facebook has a tight grip on the cultural scene with its events-calendar and with Instagram as a spectacular image feed. \u003cbr\u003e\nBut an opposition is rising. Graffiti and net-art are merging with hacking. Activists are using facebook graffiti, through circulating UTF-8 textbombs that cross the layout of the feed.\u003cbr\u003e\nThe Berlin network Reclaim Club Culture meanwhile is calling for a Facebook Exodus. They want to motivate the club and cultural scene to support free alternatives, by moving their biggest information capital, which are the event announcements. ","original_language":"eng","persons":["el","Rosa Rave"],"tags":["36c3","11178","2019","Art \u0026 Culture","Main"],"view_count":1504,"promoted":false,"date":"2019-12-29T21:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-01T15:00:07.914+01:00","length":2436,"duration":2436,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11178-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11178-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11178-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11178-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11178-art_against_facebook","url":"https://api.media.ccc.de/public/events/9af057bd-eb94-41f6-8005-f322ecf66662","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"18ce862e-36e1-5df6-803b-38f82b2ef327","title":"WiFi-Hotspot-Abos - Wie viel Freifunk steckt drin?","subtitle":null,"slug":"36c3-oio-183-wifi-hotspot-abos-wie-viel-freifunk-steckt-drin-","link":"https://talks.oio.social/36c3-oio/talk/L7MBH8/","description":"Im Internet offerieren diverse Anbieter WiFi Hardware inklusive VPN für 10€.\n\nDieser Talk behandelt, wie sehr sich die verkaufte Hardware sowie Software von den meisten Freifunk Setups unterscheidet.","original_language":"deu","persons":["blocktrron"],"tags":["36c3-oio","183","2019","Ethics, Society \u0026 Politics","OpenInfrastructureOrbit"],"view_count":587,"promoted":false,"date":"2019-12-28T22:25:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-08-15T16:00:05.152+02:00","length":1245,"duration":1245,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/183-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/183-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/183-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/183-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-183-wifi-hotspot-abos-wie-viel-freifunk-steckt-drin-","url":"https://api.media.ccc.de/public/events/18ce862e-36e1-5df6-803b-38f82b2ef327","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"05b80d17-217d-412c-8a1f-0bedbc7d39e4","title":"Was hat die PSD2 je für uns getan?","subtitle":"Pleiten, Pech und Pannen in der Zahlungsdiensteregulierung","slug":"36c3-10717-was_hat_die_psd2_je_fur_uns_getan","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10717.html","description":"Seit dem 14. November ist die letzte Schonfrist zur Umsetzung der Europäischen Richtline 2015/2366 über Zahlungsdienste im Binnenmarkt (neudeutsch PSD2) verstrichen. Das hat erst vielen Banken viel Arbeit gemacht, und macht jetzt vielen Kunden viel Ärger. Warum eigentlich?\n\nDieser Vortrag gibt einen Überblick über die Hintergründe der Zahlungsdiensterichtlinie, das was sie bewirken sollte, und das was sie tatsächlich bewirkt. Der Sicht aus der Regulierungsperspektive wird die tatsächliche Erfahrung als Anwender, und als Entwickler von Open-Source-Software gegenübergestellt.","original_language":"deu","persons":["Henryk Plötz"],"tags":["36c3","10717","2019","Ethics, Society \u0026 Politics","Main"],"view_count":26416,"promoted":false,"date":"2019-12-27T16:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-22T03:45:02.829+01:00","length":3631,"duration":3631,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10717-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10717-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10717-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10717-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10717-was_hat_die_psd2_je_fur_uns_getan","url":"https://api.media.ccc.de/public/events/05b80d17-217d-412c-8a1f-0bedbc7d39e4","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"c7af7833-e274-4e67-adf1-e29b807ea343","title":"Linux on Open Source Hardware with Open Source chip design","subtitle":null,"slug":"36c3-10549-linux_on_open_source_hardware_with_open_source_chip_design","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10549.html","description":"Want to run Linux on open hardware?  This talk will explore Open Source Hardware projects capable of that task, and explore how RISC-V and free software FPGA projects can be leveraged to create libre systems.\n\nThis talk will explore Open Source Hardware projects relevant to Linux, including boards like BeagleBone, Olimex OLinuXino, Giant board and more. Looking at the benefits and challenges of designing Open Source Hardware for a Linux system, along with BeagleBoard.org’s experience of working with community, manufacturers, and distributors to create an Open Source Hardware platform.\n\nDrew will also talk about the importance of the RISC-V instruction set and free software FPGA toolchains.  He will explore the options for running Linux on open source chip designs.","original_language":"eng","persons":["Drew Fustini"],"tags":["36c3","10549","2019","Hardware \u0026 Making","Main"],"view_count":1906,"promoted":false,"date":"2019-12-29T23:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-13T12:45:08.880+01:00","length":2476,"duration":2476,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10549-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10549-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10549-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10549-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10549-linux_on_open_source_hardware_with_open_source_chip_design","url":"https://api.media.ccc.de/public/events/c7af7833-e274-4e67-adf1-e29b807ea343","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"b10c47dd-cd48-49cb-ad5c-723c6cbdc201","title":"Der netzpolitische Jahresrückblick","subtitle":"War alles schon mal besser","slug":"36c3-10963-der_netzpolitische_jahresruckblick","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10963.html","description":"IT-Sicherheitsgesetz 2.0, Staatstrojaner für den Verfassungsschutz, Uploadfilter und Leistungsschutzrecht, Plattformregulierung und Terrorpropaganda-Verordnung, dazu die Suche nach der künstlichen Intelligenz in der Blockchain – 2019 war ein ereignisreiches Jahr in der Netzpolitik.\n\nWas waren die Highlights aus digitaler Grundrechtsperspektive und wo gab es Einschnitte? Was haben wir im kommenden Jahr zu erwarten und auf welche Debatten und Gesetzesprozesse sollten wir uns als digitale Zivilgesellschaft konzentrieren?\n\nUrsula von der Leyen ist jetzt EU-Kommissionspräsidentin und hat bereits in ihrer Bewerbung verschiedene netzpolitische Gesetzesprozesse angekündigt, die nicht nur aufgrund ihres Track-Records beachtenswert sind. Was erwartet uns bei der Debatte um eine Reform der Haftungsprivilegien und welche Möglichkeiten gibt es zur Plattformregulierung, ohne das offene Netz mit kaputt zu machen?","original_language":"deu","persons":["Markus Beckedahl"],"tags":["36c3","10963","2019","Ethics, Society \u0026 Politics","Main"],"view_count":3987,"promoted":false,"date":"2019-12-29T20:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-25T05:30:04.207+01:00","length":2405,"duration":2405,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10963-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10963-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10963-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10963-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10963-der_netzpolitische_jahresruckblick","url":"https://api.media.ccc.de/public/events/b10c47dd-cd48-49cb-ad5c-723c6cbdc201","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"77078359-ac9b-4839-8b5b-bd4114903d1c","title":"All wireless communication stacks are equally broken","subtitle":null,"slug":"36c3-10531-all_wireless_communication_stacks_are_equally_broken","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10531.html","description":"Wireless connectivity is an integral part of almost any modern device. These technologies include LTE, Wi-Fi, Bluetooth, and NFC. Attackers in wireless range can send arbitrary signals, which are then processed by the chips and operating systems of these devices. Wireless specifications and standards for those technologies are thousands of pages long, and thus pose a large attack surface.\n\nWireless exploitation is enabled by the technologies any smartphone user uses everyday. Without wireless connectivity our devices are bricked. While we can be more careful to which devices and networks we establish connections to protect ourselves, we cannot disable all wireless chips all the time. Thus, security issues in wireless implementations affect all of us.\n\nWireless chips run a firmware that decodes wireless signals and interprets frames. Any parsing error can lead to code execution within the chip. This is already sufficient to read data passing the chip in plaintext, even if it would be encrypted while transmitted over the air. We will provide a preview into a new tool that enables full-stack Bluetooth fuzzing by real-time firmware emulation, which helps to efficiently identify parsing errors in wireless firmware.\n\nSince this kind of bug is within the wireless chips' proprietary firmware, patching requires assistance of the manufacturer. Often, fixing this type of security issue takes multiple months, if done at all. We will tell about our own responsible disclosure experiences, which are both sad and funny.\n\nAnother risk are drivers in the operating system, which perform a lot of operations on the data they receive from the wireless chip. Most drivers trust the input they get from a wireless chip too much, meaning that wireless exploitation within the chip can easily escalate into the driver.\n\nWhile escalating directly into the operating system is the commonly known option, it is also possible to escalate into other chips. This is a new attack type, which cannot be filtered by the operating system.\n\nFor everyone who is also concerned during our talk, there will be fancy tin foil hats.","original_language":"eng","persons":["jiska"],"tags":["36c3","10531","2019","Security","Main"],"view_count":9660,"promoted":false,"date":"2019-12-28T17:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-27T18:00:05.312+01:00","length":2287,"duration":2287,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10531-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10531-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10531-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10531-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10531-all_wireless_communication_stacks_are_equally_broken","url":"https://api.media.ccc.de/public/events/77078359-ac9b-4839-8b5b-bd4114903d1c","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"d2e0871c-129f-4058-a2c8-d17b236edac1","title":"What the World can learn from Hongkong","subtitle":"From Unanimity to Anonymity ","slug":"36c3-10933-what_the_world_can_learn_from_hongkong","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10933.html","description":"The people of Hong Kong have been using unique tactics, novel uses of technology, and a constantly adapting toolset in their fight to maintain their distinctiveness from China since early June. Numerous anonymous interviews with protesters from front liners to middle class supporters and left wing activists reveal a movement that has been unfairly simplified in international reporting. The groundbreaking reality is less visible because it must be - obfuscation and anonymity are key security measures in the face of jail sentences up to ten years. \n\nInstead of the big political picture, this talk uses interviews with a range of activists to help people understand the practicalities of situation on the ground and how it relates to Hongkong's political situation. It also provides detailed insights into protestors' organisation, tactics and technologies way beyond the current state of reporting. Ultimately, it is the story of how and why Hongkongers have been able to sustain their movement for months, even faced with an overwhelming enemy like China. \n\nThis is the story of how and why Hongkongers have been able to sustain their movement so long, even faced with an overwhelming enemy like China. The protestors have developed a range of tactics that have helped them minimise capture and arrests and helped keep the pressure up for five months: They include enforcing and maintaining anonymity, both in person and online, rapid dissemination of information with the help of the rest of the population, a policy of radical unanimity to maintain unity in the face of an overwhelming enemy and Hongkongers’ famous “be water” techniques, through which many of them escaped arrest. ","original_language":"eng","persons":["Katharin Tai"],"tags":["36c3","10933","2019","Ethics, Society \u0026 Politics","Main"],"view_count":27181,"promoted":false,"date":"2019-12-27T20:50:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-13T06:45:05.058+01:00","length":5485,"duration":5485,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10933-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10933-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10933-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10933-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10933-what_the_world_can_learn_from_hongkong","url":"https://api.media.ccc.de/public/events/d2e0871c-129f-4058-a2c8-d17b236edac1","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"1bf01a7d-2c24-491e-ab2b-4455339ea7d3","title":"Messenger Hacking: Remotely Compromising an iPhone through iMessage","subtitle":null,"slug":"36c3-10497-messenger_hacking_remotely_compromising_an_iphone_through_imessage","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10497.html","description":"So called “0-click” exploits, in which no user interaction is required to compromise a mobile device, have become a highly interesting topic for security researchers, and not just because Apple announced a one million dollar bug bounty for such exploits against the iPhone this year. This talk will go into the details of how a single memory corruption vulnerability in iMessage was remotely exploited to compromise an iPhone. The insights gained from the exploitation process will hopefully help defend against such attacks in the future.\n\nThis talk will dive into the internals of an iMessage exploit that achieves unsandboxed remote code execution on vulnerable devices (all iPhones and potentially other iDevices up to iOS 12.4) without user interaction and within a couple of minutes. All that is necessary for a successful attack in a default configuration is knowledge of the target’s phone number or an email address. Further, the attack is also possible without any visible indicators of the attack displayed to the user.\n\nFirst, an overview of the general iMessage software architecture will be given, followed by an introduction of the exploited vulnerability. Next, a walkthrough of the exploitation process, including details about how the various exploit mitigations deployed on iOS were bypassed, will be presented. Some of the exploitation techniques are rather generic and should be applicable to exploit other vulnerabilities, messengers, and even other platforms such as Android. Along the way, some advice will be shared with the audience on how to bootstrap research in this area. The talk concludes with a set of suggestions for mobile OS and messenger vendors on how to mitigate the demonstrated exploit techniques effectively and hopefully make these kinds of attacks significantly more difficult/costly to perform in the future. While previous experience with iOS userland exploitation will not be required for this talk, some basic background knowledge on memory corruption vulnerabilities is recommended.\n\n","original_language":"eng","persons":["Samuel Groß"],"tags":["36c3","10497","2019","Security","Main"],"view_count":30070,"promoted":false,"date":"2019-12-27T14:10:00.000+01:00","release_date":"2019-12-27T01:00:00.000+01:00","updated_at":"2026-03-30T19:15:08.225+02:00","length":3709,"duration":3709,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10497-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10497-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10497-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10497-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10497-messenger_hacking_remotely_compromising_an_iphone_through_imessage","url":"https://api.media.ccc.de/public/events/1bf01a7d-2c24-491e-ab2b-4455339ea7d3","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"4b1df5b6-5436-456f-936b-77ccfd26698f","title":"How to Design Highly Reliable Digital Electronics","subtitle":null,"slug":"36c3-10575-how_to_design_highly_reliable_digital_electronics","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10575.html","description":"There's a variety of places - on Earth and beyond - that pose challenging conditions to the ever-shrinking digital circuits of today. Making those tiny transistors work reliably when bombarded with charged particles in the vacuum of space, in the underground tunnels of CERN or in your local hospital's X-ray machine is not an easy feat. This talk is going to shed some light on what can be done to keep particles from messing up your ones and zeroes, how errors in digital circuits can be detected and corrected, and how you may even re-purpose those flipped bits in your RAM as a particle detector.\n\nThis talk will introduce the audience to the class of problems that digital circuits are faced with in challenging radiation environments. Such environments include satellites in space, the electronics inside particle accelerators and also a variety of medical applications. After giving an overview of the various effects that may cause malfunctions, different techniques for detection and mitigation of such effects are presented. Some of these techniques concern the transistor-level design of digital circuits, others include triple modular redundancy (TMR) and correction codes. Some open source software solutions that aid in the design and verification of circuits hardened against such problems are presented, and of course a 'lessons learned' from our experiences in the field of particle detector electronics will be shared.","original_language":"eng","persons":["thasti","Szymon"],"tags":["36c3","10575","2019","Hardware \u0026 Making","Main"],"view_count":3778,"promoted":false,"date":"2019-12-28T11:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-30T19:15:07.102+02:00","length":3749,"duration":3749,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10575-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10575-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10575-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10575-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10575-how_to_design_highly_reliable_digital_electronics","url":"https://api.media.ccc.de/public/events/4b1df5b6-5436-456f-936b-77ccfd26698f","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"cfcdac00-62af-412f-a03b-ca5f11d2b64d","title":"Uncover, Understand, Own - Regaining Control Over Your AMD CPU","subtitle":null,"slug":"36c3-10942-uncover_understand_own_-_regaining_control_over_your_amd_cpu","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10942.html","description":"The AMD Platform Security Processor (PSP) is a dedicated ARM CPU inside your AMD processor and runs undocumented, proprietary firmware provided by AMD.\n\nIt is a processor inside your processor that you don't control. It is essential for system startup. In fact, in runs before the main processor is even started and is responsible for bootstrapping all other components.\n\nThis talk presents our efforts investigating the PSP internals and functionality and how you can better understand it. \n\nOur talk is divided into three parts:\n\nThe first part covers the firmware structure of the PSP and how we analyzed this proprietary firmware. We will demonstrate how to extract and replace individual firmware components of the PSP and how to observe the PSP during boot.\n\nThe second part covers the functionality of the PSP and how it interacts with other components of the x86 CPU like the DRAM controller or System Management Unit (SMU). We will present our method to gain access to the, otherwise hidden, debug output.\n\nThe talk concludes with a security analysis of the PSP firmware.\nWe will demonstrate how to provide custom firmare to run on the PSP and introduce our toolchain that helps building custom applications for the PSP. \n\nThis talk documents the PSP firmware's proprietary filesystem  and provides insights into reverse-engineering such a deeply embedded system. It further sheds light on how we might regain trust in AMD CPUs despite the delicate nature of the PSP.\n","original_language":"eng","persons":["Robert Buhren","Alexander Eichner","Christian Werling"],"tags":["36c3","10942","2019","Security","Main"],"view_count":6389,"promoted":false,"date":"2019-12-27T22:10:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-04-02T16:15:04.763+02:00","length":3396,"duration":3396,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10942-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10942-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10942-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10942-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10942-uncover_understand_own_-_regaining_control_over_your_amd_cpu","url":"https://api.media.ccc.de/public/events/cfcdac00-62af-412f-a03b-ca5f11d2b64d","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"efc7d11d-bea7-4225-91b7-c50349742d99","title":"The One Weird Trick SecureROM Hates","subtitle":null,"slug":"36c3-11238-the_one_weird_trick_securerom_hates","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11238.html","description":"Checkm8 is an unfixable vulnerability present in hundreds of millions of iPhones' SecureROM. This is a critical component in Apple's Secure Boot model and allows security researchers and jailbreakers alike to take full control over the application processor's execution. \n\nThis talk will detail how we built an iOS jailbreak from the ground up - quite literally - by using an use-after-free in Apple's SecureROM. This is key code which is designed to bring up the application processor during boot but also exposes a firmware update interface over USB called DFU. \nBy abusing this vulnerability it is possible to unlock full control of the application processor, including enabling debugging functionalities such as JTAG, helping security researchers look for security vulnerabilities in Apple devices more effectively. \nWe will analyse the root-cause and techniques used for exploitation, as well mention some of the hurdles we encountered while trying to turn this into a reliable jailbreak and plans for the future of this project.","original_language":"eng","persons":["qwertyoruiop"],"tags":["36c3","11238","2019","Security","Main"],"view_count":4072,"promoted":false,"date":"2019-12-29T20:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-04-03T12:15:07.739+02:00","length":2331,"duration":2331,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11238-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11238-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11238-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11238-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11238-the_one_weird_trick_securerom_hates","url":"https://api.media.ccc.de/public/events/efc7d11d-bea7-4225-91b7-c50349742d99","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"438cc24b-db67-497d-94a3-55fd8692123a","title":"Build you own Quantum Computer @ Home - 99% of discount -  Hacker Style !","subtitle":null,"slug":"36c3-10808-build_you_own_quantum_computer_home_-_99_of_discount_-_hacker_style","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10808.html","description":"Quantum technologies are often only over-hyped showed as threat for cybersecurity … But they also offer some opportunities to enhance the cybersecurity landscape . As an example, you may know that a quantum computer will be able to break RSA keys but Quantum communication technologies can also provide a new way to exchange securely a cipher key. More, with Quantum networking technologies, communication eavesdropping are , by design, detectable and thus this could lead to some good opportunities to use them to enhance cybersecurity. Some even begins to build a Quantum internet ! We may also solve main security issues face by cloud computation (privacy, confidentiality etc) via the use of \"Blind quantum computation\" in the cloud.\n\nHowever few people understand \u0026 explain how such machines \u0026 technologies work. Even fewer people trying to build one. I’m one of this crazy people.\n\nIn this talk, we aim to explain how this new type of much powerful digital processing works and how we build our own Quantum computer …without a Phd in quantum physic. We will describe our plan to build the Quantum computer's hardware with hacker’s style. Through our own experiments, we will discuss our failures, our success, our progress around this challenging goal !\n\nCome to see  part of the hardware we build at the moment. We use the \"Trapped ion technology\". We trap atoms to make powerful calculation \u0026 computing task! Be prepared to unlock your quantum brain as this new domain is really different for classical computation ;-) but it can enhance the Cybersecurity world\n\nOur goal : Bring the knowledge that Quantum computing works, explain how they make such power calculation at hardware level, is doable at home and will provide a new way to do secure computing and communication for the best of the humanity\n\nProposal Agenda \n-Quantum computer 101 (one slide to be able to understand the basic of quantum mechanic w/o FUD)  \n-Why those Quantum computer are so powerful  \n-How to break things with quantum computers\n-How to improve the security level of modern network with quantum technologies (Networking, blind quantum computing for 100%privacy in the cloud, cipher key security, quantum internet \u0026 more)\n-How a Quantum computer based on Trapped ions technology works to do their magic super powerful calculation (at hardware level)  \n-How we build our own quantum computer hardware at home (in our military grade High Tech...Garage!) with hacker style \u0026 open source software\n(Contain full video of the buildings of our Quantum computer)","original_language":"eng","persons":["Yann ALLAIN"],"tags":["36c3","10808","2019","Hardware \u0026 Making","Main"],"view_count":10036,"promoted":false,"date":"2019-12-29T12:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-28T18:30:05.441+01:00","length":3301,"duration":3301,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10808-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10808-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10808-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10808-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10808-build_you_own_quantum_computer_home_-_99_of_discount_-_hacker_style","url":"https://api.media.ccc.de/public/events/438cc24b-db67-497d-94a3-55fd8692123a","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"aa7b077e-6de3-5bbf-aefd-1e6da636adbf","title":"Extending the lifetime of smartphones with Replicant, a fully free Android distribution","subtitle":"","slug":"36c3-oio-169-extending-the-lifetime-of-smartphones-with-replicant-a-fully-free-android-distribution","link":"https://talks.oio.social/36c3-oio/talk/LU3JNL/","description":"\u003cp\u003eAfter a very quick introduction on Replicant and the smartphones ecosystem, we will look at what affects smartphones' and tablets' lifetime and how to increase it by making Replicant more sustainable.\u003c/p\u003e","original_language":"eng","persons":["segal","Denis 'GNUtoo' Carikli"],"tags":["36c3-oio","169","2019","Hardware \u0026 Making","OpenInfrastructureOrbit"],"view_count":3007,"promoted":false,"date":"2019-12-28T20:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2025-12-28T01:15:06.204+01:00","length":1032,"duration":1032,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/169-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/169-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/169-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/169-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-169-extending-the-lifetime-of-smartphones-with-replicant-a-fully-free-android-distribution","url":"https://api.media.ccc.de/public/events/aa7b077e-6de3-5bbf-aefd-1e6da636adbf","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"353a6553-2fcf-56d4-81e3-93c0b7bcff4a","title":"Welches Betriebssystem hat der Bundestag und wie kann man es hacken?","subtitle":null,"slug":"36c3-106-welches-betriebssystem-hat-der-bundestag-und-wie-kann-man-es-hacken-","link":"https://fahrplan.chaos-west.de/36c3/talk/PDFWDW/","description":"Wäre der Staat ein Betriebssystem, würden wir uns natürlich wünschen, dass er nach den Prinzipien freier Software verwaltet wird. Die Prozesse sollten möglichst transparent ablaufen, sodass jeder nachprüfen kann, wenn irgendwo was schief läuft. Natürlich sollte die Gestaltung der Prozesse nicht in einer Blackbox passieren und der Code sollte zum Verändern und Mitmachen einladen. Ich bin der Meinung, dass Politik transparent und nachvollziehbar sein sollte. Es sollte Beteiligungsmöglichkeiten geben, die für alle offen stehen. Leider laufen die Prozesse im Bundestag nicht mal transparent, geschweige denn besonders partizipativ ab. Das Interface ist so unübersichtlich, dass selbst die Leute mit Adminrechten (Regierung) zum Teil Schwierigkeiten haben, den Überblick zu behalten. Als Bundestagsabgeordnete wurde mir zwar ein dickes Manual ausgehändigt, zum Durcharbeiten war aber keine Zeit. Die Lernkurve, bis man das System halbwegs effizient nutzen kann, ist sehr lang. Die Abläufe sind analoger, als man ohnehin vermutet, mit absurden, historisch gewachsenen Abläufen und unvorstellbaren Papierbergen. Es gibt wenig Transparenz und Mitmachmöglichkeiten sind rar.\nIn dieser Session gebe ich Insider Einblicke in den Alltag als netzpolitische Sprecherin der Linksfraktion im Bundestag mit netzaktivistischem Hintergrund, zeige die Handlungsmöglichkeiten einer Oppositionspolitikerin und wie ich versuche, meine eigenen Handlungsspielräume für mehr Transparenz und Beteiligungsmöglichkeiten auszureizen, aber auch wie ihr als Netzcommunity mich als Eure Volksvertreterin nutzen könnt, um z.B. auf offiziellen Kanälen Informationen abzufragen, an die man sonst nicht kommt, denn Wissen ist Macht. \nAls Netzaktivistin im Bundestag möchte ich dort ganz besonders Sprachrohr der Netzcommunity sein. In meiner Rolle als Abgeordnete einer Oppositionspartei kann ich Themen setzen und Informationen beschaffen, ich kann fiese Fragen stellen – in langen und kurzen Formaten und die Bundesregierung muss darauf antworten. In 22 Monaten hielt ich 20 Reden, stellte 43 schriftliche Fragen, 33 Kleine Anfragen, 5 Anträge und reichte einen eigenen Gesetzentwurf ein. Es ging um Überwachung am Südkreuz, Open Source, das NetzDG, Hackbacks, IPv6, Künstliche Intelligenz, DNA Analysen in der Stammbaumforschung, Uploadfilter, IT Sicherheit, Impressumpflichten, barrierefreie Notrufe, Whistleblower, Mobilfunk, Open Data, KfZ Scanning, Funkzellenabfragen und stille SMS, digitale Gewalt gegen Frauen, Bundeswehr bei re:publica, Verschlüsselung, Lobbyregister, social Innovation, Open Justice und vieles mehr.\nIn dieser Session werde ich konkrete Beispiele dazu vorstellen, über meine Pläne reden und Euch fragen, was Ihr schon immer von der Bundesregierung in Netzfragen wissen wolltet, damit ich die GroKo weiter nerven kann und wir alle besser wissen, was sie tun. Lasst uns gemeinsam das intransparente und wenig partizipative System Bundestag hacken, denn Demokratie lebt vom Mitmachen!","original_language":"deu","persons":["Anke Domscheit-Berg"],"tags":["36c3-chaoswest","106","2019","All about computers","ChaosWest"],"view_count":4022,"promoted":false,"date":"2019-12-28T22:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-18T00:00:06.556+01:00","length":3143,"duration":3143,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/106-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/106-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/106-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/106-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-106-welches-betriebssystem-hat-der-bundestag-und-wie-kann-man-es-hacken-","url":"https://api.media.ccc.de/public/events/353a6553-2fcf-56d4-81e3-93c0b7bcff4a","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"21bfbba9-ccd3-5430-85fb-cc7226e5349a","title":"UA Podcast Berlin","subtitle":null,"slug":"36c3-99-ua-podcast-berlin","link":"https://fahrplan.das-sendezentrum.de/36c3/talk/LZ8SR8/","description":"Im Podcast UA Pod Berlin fassen wir das Sitzungsgeschehen im Untersuchungsausschuss zum Terroranschlag am Breitscheidplatz zusammen. Tagesaktuell binden wir Abgeordneten-Statements zum Geschehen mit ein. Die Kanzlerin versprach den Hinterbliebenen und Opfern Aufklärung. Wir zeigen im Podcast wie weit wir davon entfernt sind.\n\nPodcast über den Untersuchungsausschuss zum Anschlag am Breitscheidplatz, Berlin. Diesmal ein offener Podcast mit Diskussion. \nWird der Ausschuss wahrgenommen? Wie ist der Eindruck der Behörden? Wieviel Courage braucht eine Zeugin / ein Zeuge?","original_language":"deu","persons":["Stellla Yäger"],"tags":["36c3-sendezentrum","99","2019","DLF- und Podcast-Bühne","Sendezentrum"],"view_count":382,"promoted":false,"date":"2019-12-28T19:15:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-07-04T02:30:03.067+02:00","length":3483,"duration":3483,"thumb_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/99-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/99-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/99-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/99-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-99-ua-podcast-berlin","url":"https://api.media.ccc.de/public/events/21bfbba9-ccd3-5430-85fb-cc7226e5349a","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"0827f402-aba2-519d-bf62-d54be7d7ea05","title":"\"Hello, I'm your Edge Case!\"","subtitle":null,"slug":"36c3-143--hello-i-m-your-edge-case-or-no-seriously-how-do-you-ask-people-for-their-gender-on-the-internet-","link":"https://fahrplan.chaos-west.de/36c3/talk/NN8XZY/","description":"In an increasingly digital age, input forms for personal data (like name, gender, sexuality, and more), while sometimes necessary, are also increasingly becoming a barrier to entry. Especially for bodies and experiences that do not fit an arbitrary norm the designer might have had in mind. \n\nWhether you are traveling abroad, signing up with a health care provider, filling out a scientific study or ordering food, these forms not only factor into your experience but can even make or break the whole endeavour.\n\nThis talk will feature some of the most glaring fails in input form design, discussion about what exactly went wrong and some ideas on how it could be improved to be more accurate and inclusive, both in the particular as well as the general.","original_language":"eng","persons":["lambdaTotoro"],"tags":["36c3-chaoswest","143","2019","Queer","ChaosWest"],"view_count":1676,"promoted":false,"date":"2019-12-28T16:00:00.000+01:00","release_date":"2020-12-28T00:00:00.000+01:00","updated_at":"2026-01-17T23:00:09.252+01:00","length":1351,"duration":1351,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/143-0827f402-aba2-519d-bf62-d54be7d7ea05.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/143-0827f402-aba2-519d-bf62-d54be7d7ea05_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/143-0827f402-aba2-519d-bf62-d54be7d7ea05.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/143-0827f402-aba2-519d-bf62-d54be7d7ea05.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-143--hello-i-m-your-edge-case-or-no-seriously-how-do-you-ask-people-for-their-gender-on-the-internet-","url":"https://api.media.ccc.de/public/events/0827f402-aba2-519d-bf62-d54be7d7ea05","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"7581590f-0f77-5766-94d6-a4f3a0c43a2f","title":"Build and fly your own rockets in Kerbal Space Program","subtitle":null,"slug":"36c3-oio-199-build-and-fly-your-own-rockets-in-kerbal-space-program","link":"https://talks.oio.social/36c3-oio/talk/X9JPVH/","description":"Kerbal Space Program - Build. Fly. Dream.\nEinmal ein eigenes Raumfahrtprogramm leiten? Mit KSP ist das möglich.","original_language":"deu","persons":["Kilian Schauer","Luca Horn"],"tags":["36c3-oio","199","2019","Science","OpenInfrastructureOrbit"],"view_count":484,"promoted":false,"date":"2019-12-29T12:58:00.000+01:00","release_date":"2020-01-12T01:00:00.000+01:00","updated_at":"2026-01-19T10:45:13.917+01:00","length":3063,"duration":3063,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/199-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/199-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/199-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/199-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-199-build-and-fly-your-own-rockets-in-kerbal-space-program","url":"https://api.media.ccc.de/public/events/7581590f-0f77-5766-94d6-a4f3a0c43a2f","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"2b1e7aea-237f-533a-8e7b-022a81ba81dc","title":"Ubuntu Touch \u0026 Co - GNU/Linux in der Hosentasche","subtitle":null,"slug":"36c3-oio-171-ubuntu-touch-co-gnu-linux-in-der-hosentasche","link":"https://talks.oio.social/36c3-oio/talk/E77J8R/","description":"Der Markt für Mobilgeräte wird dominiert von Android und der Anteil freier Komponenten wird merklich kleiner. Einige Projekte versuchen das zu ändern und bringen GNU/Linux auf Handies und Tablets zu bringen. Wir schauen uns verschiedene solche Projekte an und sprechen über die Notwendigkeit, den aktuellen Stand und die Zukunftsaussichten von GNU/Linux auf Mobilgeräten. Am Beispiel von Ubuntu Touch gehen wir auf besondere Herausforderungen ein.","original_language":"deu","persons":["segal","Jan Sprinz"],"tags":["36c3-oio","171","2019","Hardware \u0026 Making","OpenInfrastructureOrbit"],"view_count":4982,"promoted":false,"date":"2019-12-28T12:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-10-02T01:30:02.820+02:00","length":1595,"duration":1595,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/171-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/171-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/171-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/171-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-171-ubuntu-touch-co-gnu-linux-in-der-hosentasche","url":"https://api.media.ccc.de/public/events/2b1e7aea-237f-533a-8e7b-022a81ba81dc","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"181feefc-1651-5425-ad94-08d34e5696d4","title":"Wie man ein klimafreundliches Haus baut","subtitle":null,"slug":"36c3-158-wie-man-ein-klimafreundliches-haus-baut","link":"https://fahrplan.chaos-west.de/36c3/talk/M8WDGC/","description":"Description: Heizung von Häusern ist für etwa ein Drittel der Treibhausgasemissionen Deutschlands verantwortlich. Dabei gibt es bessere Möglichkeiten als einfach irgendeinen Brennstoff anzuzünden. Dieses Problem muss und kann gelöst werden. Der Vortrag beschreibt Möglichkeiten, komfortabel zu bewohnende Häuser fast ohne Heizung zu bauen. In diesem Vortrag werden nur neu zu bauende Gebäude betrachtet. Die gezeigten Methoden sind für Wohn- und Nichtwohngebäude aller Größen verwendbar.\n\nEs geht um folgende Details:\n* Wärmeverluste: Wo geht die Wärme raus? Wo müssen wir also ran?\n* Zuerst isolieren: Wände, Fenster, Dach, Boden\n* Dann Wärme zurückgewinnen: Maschinelle Lüftung mit Wärmerückgewinnung\n* Vorhandene Wärme nutzen: Solare und innere Gewinne\n* Restwärmebedarf und Warmwasser erzeugen\n* Wie lebt es sich darin? Thermoskannengefühl oder komfortabel?, Langzeiterfahrungen\n* Standards: KfW-Effizienzhaus, Passivhaus, Efffizienzhaus-Plus\n* \"Free Money\": Heizkosten, Mehrkosten und Zuschüsse beim Bau in Deutschland\n* Warum nicht einfach erneuerbare Energie für die Wärmeerzeugung nehmen?","original_language":"deu","persons":["Gunnar Thöle"],"tags":["36c3-chaoswest","158","2019","Klimakatastrophe","ChaosWest"],"view_count":2637,"promoted":false,"date":"2019-12-29T13:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-25T15:30:06.810+01:00","length":1287,"duration":1287,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/158-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/158-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/158-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/158-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-158-wie-man-ein-klimafreundliches-haus-baut","url":"https://api.media.ccc.de/public/events/181feefc-1651-5425-ad94-08d34e5696d4","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"d3c6b3a2-08ae-4208-9002-332d237ef88e","title":"Das Bits\u0026Bäume-Sporangium","subtitle":"8 Mikrokosmen, 8 Expert*innen, je 8 Minuten zu Digitalisierung und Nachhaltigkeit","slug":"36c3-10682-das_bits_baume-sporangium","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10682.html","description":"So wie Farnpflanzen ihre Sporen aus der Kapsel mit bis zu 10m/s heraus in die Welt katapultieren, auf dass sie dort auf fruchtbaren Boden fallen, werden unsere 8 Expert*innen ihr Nerd- und Fach-Wissen weitergeben – spektakulär, wirkungsvoll und unterhaltsam. So bunt wie die besten Slams, so dicht wie die besten Lightning Talks: 8 Antworten auf die Frage, warum Techies und Ökos zusammengehören.\n\nBei der Bits\u0026Bäume 2018 kamen Aktivist*innen der Tech-Community und jene der Nachhaltigkeitsrichtungen zusammen, um einander ihre Fragen und Lösungsansätze zu erklären, sie zu diskutieren und gemeinsam eine bessere Zukunft zu erdenken. Wichtiger Teil war dabei auch einzutauchen in die jeweilig anderen Mikrokosmen, einander abzuholen und die Schnittstellen zu finden. Das erste „Sporangium“ hat in diesem Sinne wichtige Themen beider Bereiche aufgegriffen. Für den C3 liegt nun der Fokus auf der Verbindung von Technologie und Nachhaltigkeit: Wie kann digitale Nachhaltigkeit, wie nachhaltige Digitalisierung aussehen?\n\nSpeaker*innen (A-Z...äh...V!):\n* Anja Höfner – Das Märchen von der Dematerialisierung durch Technik \n* Carina Haupt: Nachhaltige Softwareentwicklung (für weniger explodierende Raketen) \n* Elenos Manifesti \u0026 der Chor der Vermummten: Wir fordern! Das Bits\u0026Bäume-Manifest \n* Isabella Hermann: Utopia Outer Space? Die Zukunft der Menschheit in Science-Fiction-Filmen \n* joliyea – Raum für Wissen. Wo wir uns treffen, um die Welt zu retten \n* Kathrin Henneberger – Ja, Klimakrise! Immernoch!!\n* Lisa Passing: Ökostrom != Ökostrom. Down the green energy rabbit hole \n* Viktor Schlüter: Datenschutz? Klimaschutz? Zukunft! \n\n* Durchs Sporangium katapultieren wie immer julika \u0026 Rainer","original_language":"deu","persons":["Rainer Rehak","julika","lislis","Isabella Hermann","Elenos Manifesti","joliyea","Viktor Schlüter","Carina Haupt","Kathrin Henneberger ","Anja Höfner"],"tags":["36c3","10682","2019","Entertainment","Main"],"view_count":1087,"promoted":false,"date":"2019-12-29T22:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-01-05T22:30:26.391+01:00","length":6795,"duration":6795,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10682-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10682-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10682-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10682-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10682-das_bits_baume-sporangium","url":"https://api.media.ccc.de/public/events/d3c6b3a2-08ae-4208-9002-332d237ef88e","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"19e3abdd-59d0-4fbf-8b08-6054ccb6791b","title":"Fridays for Future (de)","subtitle":"Schule schwänzen für das Klima","slug":"36c3-11227-fridays_for_future_de","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11227.html","description":"Der Diskurs hat sich von Klimaschutz als Aufgabe von Individuen hinzu einer strukturellen, systemischen Frage verschoben. Welche Veränderungen brauchen wir und warum lohnt es gemeinsam und aktivistisch gegen fossile Energieträgern und Co. vorzugehen. Viele Bereiche der Digitalsierung heizen die Klimakrise momentan an. Ich möchte eine aktivistische Perspektive darauf geben, welche Rolle Digitalisierung beim Ende des Ressourcenraubbaus spielen kann. Eine Energieversorgung ausschließlich aus erneuerbaren Energien ist ohne Digitalisierung nicht möglich. Digitale Kommunikation ist entscheidend bei der Organisation von Fridays For Future, wie sie aktuell gestaltet wird verbrennt sie viele persönliche Ressourcen.\n\n\nNach einem Jahr Klimastreik redet die Gesellschaft in einem Ausmaß wie nie zuvor über die Klimakrise. Lösungsansätze dieser Krise werden auch in der Öffentlichkeit immer öfter auf einer strukturelle und systemischen Ebene diskutiert. 1,4 Millionen Menschen waren am 20. September beim Global Climate Strike in Deutschland auf der Straße. Die institutionalisierte Politik, Parteien \u0026 vor allem die Bundesregierung machen weiterhin nur mit ihrer Blockadehaltung auf sich aufmerksam. Welche Rolle spielt eigentlich die Digitalisierung beim Ausstoß von Treibhausgasen und welche bei der Reduzierung dieses Ausstoß. Mit anderen Worten, welche Digitalsierung ist klimazerstörend und wie müssen wir sie gestalten in Zeiten der Klimakrise.\n Die wöchentlichen Streiks und viele weitere Veranstaltungen sowie die Organisation des Ganzen prägten viele junge Menschen das vergangenge Jahr. Digitale Kommunikation spielt in der Vernetzung der einzelnen Arbeits- und Ortsguppen eine essentielle Rolle. Diese Organisationsform bedeutet nicht nur schnelle Reaktionsfähigkeit, sondern oft auch die Verbrennung sämtlicher personeller Ressourcen. \nDie Digitalisierung sorgt in vielen Bereichen für mehr Emissionen. Allein die Organisation der Klimagerechtigkeitsproteste zeigt, dass sie nicht nur Teil des Problems ist, sondern auch Teil der Lösung. Die planetaren Grenzen \u0026 Menschenrechte lassen sich nicht verhandeln, alle anderen Grenzen können wir zu Gunsten der Menschen aufweichen oder abschaffen. Der Kampf für digitale Freiheit erleichtert Aktivismus für Klimagerechtigkeit, beides geht uns alle etwas an. \n","original_language":"deu","persons":["Tom Patzelt"],"tags":["36c3","11227","2019","Ethics, Society \u0026 Politics","Main"],"view_count":1770,"promoted":false,"date":"2019-12-28T16:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-02-21T13:45:07.334+01:00","length":2516,"duration":2516,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11227-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11227-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11227-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11227-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11227-fridays_for_future_de","url":"https://api.media.ccc.de/public/events/19e3abdd-59d0-4fbf-8b08-6054ccb6791b","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"691ce532-5162-40b4-ae2f-4b0d7f85f726","title":"Das Mauern muss weg","subtitle":"Best of Informationsfreiheit","slug":"36c3-10496-das_mauern_muss_weg","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10496.html","description":"Mit immer neuen Gesetzen gewinnt die Exekutive in Deutschland an Macht und Ressourcen. Die öffentliche Kontrolle von Ministerien und Geheimdienste gerät ins Hintertreffen. Wir sprechen darüber, warum dank Anfragen und Klagen nach dem Informationsfreiheitsfreiheitsgesetz in diesem Jahr der Kampf noch nicht verloren ist, wie wir gegen den BND vor Gericht gewonnen haben und wann das Zensurheberrecht endlich abgeschafft wird. Plus: Das Beste aus 100.000 Anfragen über FragDenStaat in diesem Jahr.\n\nError 451","original_language":"deu","persons":["Arne Semsrott"],"tags":["36c3","10496","2019","Ethics, Society \u0026 Politics","Main"],"view_count":8883,"promoted":false,"date":"2019-12-30T15:10:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-29T19:30:05.038+02:00","length":2436,"duration":2436,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10496-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10496-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10496-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10496-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10496-das_mauern_muss_weg","url":"https://api.media.ccc.de/public/events/691ce532-5162-40b4-ae2f-4b0d7f85f726","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"948d94d8-64fe-4db9-ba3c-88d30111015d","title":"Hirne Hacken","subtitle":"Menschliche Faktoren der IT-Sicherheit","slug":"36c3-11175-hirne_hacken","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11175.html","description":"Die überwältigende Mehrheit der erfolgreichen Hacks in freier Wildbahn setzen auf menschliche Faktoren. Wie können wir Systeme und Interfaces gestalten, um diese Schwachstellen zu mindern?\n\nOb Ransomware oder Phishing, APT-Angriffe oder Stalking: Die am häufigsten ausgenutzte Schwachstelle ist der Mensch.\n\nEin Problem, das nur wenig Forschung tatsächlich angehen will. Stattdessen begnügen wir uns damit, den Usern Dummheit zu unterstellen und menschliche Faktoren der IT-Sicherheit \"out of scope\" zu sehen.\n\nZeit, anders über das Problem nachzudenken, denn es gibt einige Interessante Erkenntnisse zu entdecken.\n\nNeumann, Linus (2017): „Menschliche Faktoren in der IT-Sicherheit“ in: Ferri Abolhassan (Hg.) „Security Einfach Machen: IT-Sicherheit als Sprungbrett für die Digitalisierung“, p. 85-98\nNeumann, Linus (2019): „Wenn Hacker Menschen hacken“ in: Report Psychologie 11/12.2018, p. 462-464","original_language":"deu","persons":["Linus Neumann"],"tags":["36c3","11175","2019","Security","Main"],"view_count":51593,"promoted":false,"date":"2019-12-29T21:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-04-02T14:45:06.643+02:00","length":2627,"duration":2627,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11175-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11175-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11175-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11175-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11175-hirne_hacken","url":"https://api.media.ccc.de/public/events/948d94d8-64fe-4db9-ba3c-88d30111015d","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"9d1e4d14-ba73-5f28-a184-77520d894dfa","title":"Infrastructure of Wikipedia","subtitle":null,"slug":"36c3-73-infrastructure-of-wikipedia","link":"https://cfp.verschwoerhaus.de/36c3/talk/RT7UWJ/","description":"We will tell you how to serve a hundred thousand requests per second, for fun and non-profit\n\nWikipedia is one of the most visited websites on earth and runs on donations only. All of our infra is in-house to make sure we protect our users' privacy. This is not easy but it's possible.\n\nIf you want to know how we do that, come to our talk. We will explain our system architecture, tell you about our database setup, the caching layers, and all the other bits and pieces.","original_language":"eng","persons":["Amir Sarabadani","Lucas Werkmeister","Daniel"],"tags":["36c3-wikipakawg","73","2019","Hardware \u0026 Making","WikiPakaWG"],"view_count":2462,"promoted":false,"date":"2019-12-29T19:30:00.000+01:00","release_date":"2020-01-24T00:00:00.000+01:00","updated_at":"2026-04-01T15:15:10.016+02:00","length":3120,"duration":3120,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/73-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/73-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/73-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/73-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-73-infrastructure-of-wikipedia","url":"https://api.media.ccc.de/public/events/9d1e4d14-ba73-5f28-a184-77520d894dfa","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"099b9161-902b-50ca-a308-d86e2825ce27","title":"Free Software for Open Science","subtitle":null,"slug":"36c3-68-free-software-for-open-science","link":"https://cfp.verschwoerhaus.de/36c3/talk/3CHBWG/","description":"This talk provides an overview of the state of Free and Open Source Software (FOSS) within the various European \nscientific communities. Based on this we will try to identify stakeholders, common goals and potential policy proposals.\n\nThe principles of Free and Open Source Software (FOSS) are\nwell aligned with the core tenets of science, i.e., the sharing of knowledge \nand the demand for reproducibility of results. Nevertheless, FOSS is still \nrather the exception than the rule for the majority of scientific domains.\nIn this session we will discuss the state of FOSS within the various European \nscientific communities. Based on this we will try to identify stakeholders, \ncommon goals and potential policy proposals.","original_language":"eng","persons":["purine:bitter"],"tags":["36c3-wikipakawg","68","2019","Science","WikiPakaWG"],"view_count":704,"promoted":false,"date":"2019-12-29T12:45:00.000+01:00","release_date":"2020-01-23T00:00:00.000+01:00","updated_at":"2026-02-27T22:00:06.514+01:00","length":1639,"duration":1639,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/68-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/68-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/68-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/68-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-68-free-software-for-open-science","url":"https://api.media.ccc.de/public/events/099b9161-902b-50ca-a308-d86e2825ce27","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"cbaeb1aa-fb02-465b-b6f7-04106c7245f2","title":"5G \u0026 Net Neutrality","subtitle":"Status of the Net Neutrality Reform in Europe","slug":"36c3-10711-5g_net_neutrality","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10711.html","description":"Three and a half years after Europe enshrined net neutrality in law, the protections for the open internet are being renegotiated. Europe finds itself in the middle of an immense lobbying battle about the legality of internet blocking, zero-rating and the internet as a common carrier for everyone. All this while the EU is also the first world region trying to fit the next mobile network standard 5G into the net neutrality framework as we currently know it. This talk will give a brief summary about the past years of regulatory enforcement, how the internet has developed in Europe and what to expect from the ongoing reform. \n\nThe Body of European Regulators for Electronic Communication (BEREC) is currently reforming the net neutrality framework of the EU. The reform started in late 2018 and will come to a conclusion in March 2020. The talk will outline the full reform process and explain the issues the digital rights community is fighting for. A particular focus will be on the challanges that the next mobile network standard 5G brings to the net neutrality debate and what to expect from new technology aspects like network slices and edge computing. \n\nAdditionally, we will give insights into net neutrality enforcement throughout the European Union in the past three and a half years. This section of the talk is based on a comprehensive study which epicenter.works has conducted in 2019. \n\nThe Austrian digital rights NGO epicenter.works is a leading net neutrality advocate in the EU. Their campaign www.savetheinternet.eu followed the policy debate to enshrine net neutrality in law in the European Union and lasted from 2013 until 2016. Since then, the organisation has become a public watchdog on the regulatory enforcement of the rules and published extensive legal and technical analysis on net neutrality violations. They try to shape the regulatory and public debate by speaking at annual shareholder meetings of Deutsche Telekom and participate in expert consultations from telecom regulators. \n\nWith the ongoing reform, the net neutrality debate in Europe is heating up once again, with an uncertain outcome. ","original_language":"eng","persons":["Thomas Lohninger"],"tags":["36c3","10711","2019","Ethics, Society \u0026 Politics","Main"],"view_count":1210,"promoted":false,"date":"2019-12-29T23:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-26T01:15:05.112+01:00","length":2561,"duration":2561,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10711-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10711-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10711-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10711-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10711-5g_net_neutrality","url":"https://api.media.ccc.de/public/events/cbaeb1aa-fb02-465b-b6f7-04106c7245f2","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"b600081b-88f8-41b2-b0d2-f790e3e7d6ea","title":" Welcome Pattern - Theorie und Praxis ","subtitle":"(Eine Gemeinschaftsproduktion der Haecksen, der tuwat-Gruppe Bildung und Chaos Siegen)","slug":"36c3-10890-welcome_pattern_-_theorie_und_praxis","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10890.html","description":"In diesem Beitrag stellen wir die von der tuwat Gruppe Bildung erarbeiteten \"Welcome Pattern\" zum Empfang und Integration von Neuankömmlingen und ihre Anwendung in Siegens Hackspace \"HaSi\"  vor.\n\n\n\nDas Chaos setzt sich für Informationsfreiheit ein und behandelt die Auswirkungen von Technologie auf die Gesellschaft. Dabei machen wir sie zum Beispiel erfahrbar, testen ihre Grenzen und erklären unseren Mitmenschen und Interessierten, was gut und nicht so gut funktioniert. Zwischenzeitlich kommt da aber auch der Besucher mit dem kaputten Windows Vista, die neue Person, die schon beim ersten Besuch den Lasercutter anschmeißen will oder jemand, der den feinen Unterschied zwischen \"cool\" und \"gar nicht mal so geil\" nicht ganz verstanden hat.\nWir versuchen auf der einen Seite offen für neue Mitstreiter*nnen zu sein, müssen aber auch bestimmt auf unsere Regeln und ethischen Grundsätze hinweisen. Die tuwat Gruppe Bildung hat 2018 aus diesem Grund sogenannte 'Welcome Pattern' entwickelt. Schnell zu lesen sollen sie das Chaos unterstützen, sich offen zu zeigen, ohne davon überlastet zu werden. Sie sollen aber auch eine bessere Integration von Neuankömmlingen ermöglichen, ohne die Komplexität hinter der Hackerethik und Informationsfreiheit auszusparen. In diesem Vortrag stellen wir diese Muster vor und besprechen relevante Teile davon anhand ihre Anwendung im Chaos Siegen und seinen assoziierten Hackspaces. Chaos Siegen beschäftigt sich seit Anfang 2019 mit den Mustern. Sie legen sie zum Beispiel als zusätzliches Informationsmaterial aus. Außerdem führen sie einen 'Hodge Podge', eine Kontaktliste verschiedener Gruppen, um Neulinge peu-a-peu ins Chaos zu führen. Die bekannte Diskussion wie viel Ahnung von Technik man im Chaos mitbringen soll wird verkürzt, aber auch schwere Themen, wie die Homogenität in der Gruppe, können addressiert werden. Eure konkreten Fragen könnt ihr am Endes des Vortrags mitbringen. Vielleicht können wir euch in Richtung eines entspannteren Clubleben weiterhelfen.","original_language":"deu","persons":["melzai","nanooq"],"tags":["36c3","10890","2019","CCC","Main"],"view_count":843,"promoted":false,"date":"2019-12-29T20:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-11T13:00:08.872+01:00","length":2411,"duration":2411,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10890-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10890-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10890-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10890-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10890-welcome_pattern_-_theorie_und_praxis","url":"https://api.media.ccc.de/public/events/b600081b-88f8-41b2-b0d2-f790e3e7d6ea","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"d59d30e9-5db5-5941-9b23-92bd9cc9f316","title":"Verbrannte Wörter – Sprache des Nationalsozialismus","subtitle":"","slug":"36c3-85-verbrannte-wrter-sprache-des-nationalsozialismus-gestern-und-heute","link":"https://fahrplan.chaos-west.de/36c3/talk/CAVFZP/","description":"\u003cp\u003eSprache schafft Bewusstsein. Als ein Gegenpol zum rechten \"Das wird man doch wohl noch sagen d\u0026uuml;rfen\"-Narrativ soll es in diesem Vortrag um verbrannte W\u0026ouml;rter gehen. W\u0026ouml;rter, die durch die Nationalsozialisten derart negativ besetzt wurden, dass ihr Gebrauch wohl \u0026uuml;berlegt sein will. Dieser Vortrag wird den historischen Kontext zu bestimmten Worten oder Wendungen erkl\u0026auml;ren, sei es zum Beispiel die \"Aktion\", \"asozial\", die \"\u0026Uuml;berfremdung\" oder \"versifft\". Den Zuh\u0026ouml;renden soll hier dabei geholfen werden, bestimmte nationalsozialistische Denkmuster durch ihre Sprache nicht aktiv zu reproduzieren und dabei helfen, eine geschichtsbewusstere Sprache zu etablieren. An einigen Stellen wird die Analyse von Worten oder Wendungen auch einen klaren Bezug zur Sprache der neuen Rechten in Deutschland enthalten. Der Vortrag ist als Pr\u0026auml;sentation konzipiert und wird schrittweise verschiedene Worte genauer analysieren, der Vortrag kann dann im Abschluss aber gerne durch einen etwas l\u0026auml;ngeren Fragenteil abgerundet werden.\u003c/p\u003e","original_language":"deu","persons":["Bianca Kastl"],"tags":["36c3-chaoswest","85","2019","Antifaschismus","ChaosWest"],"view_count":3534,"promoted":false,"date":"2019-12-30T12:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-30T19:30:06.544+02:00","length":2927,"duration":2927,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/85-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/85-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/85-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/85-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-85-verbrannte-wrter-sprache-des-nationalsozialismus-gestern-und-heute","url":"https://api.media.ccc.de/public/events/d59d30e9-5db5-5941-9b23-92bd9cc9f316","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"5eed96a6-5814-5798-a584-9581c8dd23ea","title":"SNAC - The only way to beat Facebook","subtitle":null,"slug":"36c3-oio-164-snac-the-only-way-to-beat-facebook","link":"https://talks.oio.social/36c3-oio/talk/BBL8YL/","description":"The current social media situation is catastrophic. A single megacorporation controls the entire digital life of large parts of the world's population. Together with the rapidly improving methods for processing this data, a power that not only concerns experts is being bundled here. And Facebook's monopoly secures itself. On the one hand, users cannot leave Facebook(/ Instagram/WhatsApp) without being cut off from the social life of their friends. On the other hand, alternatives fail because they can't reach a critical mass. It seems impossible that a single application will ever replace Facebook. The freedom of the Internet is fundamentally threatened. Breaking the power of Facebook is probably one of the greatest challenges of our time. And in order to solve this task, we did come up with a detailed concept that we want to present to the public for the first time at 36c3.\nSNAC - Social Network Application Cluster - is the name of the protocol used to standardise data exchange between different social media applications. Just as email protocols enable users to choose their provider freely, this protocol should also enable greater diversity in this area. It is easy to see that a single application isn't able to satisfy the needs of every single user. With SNAC we enable a decentralized structure, where each user can choose his server, but also his client application, from a broad spectrum. By developing our pilot application Open Source, we make it easy for other developers to integrate their own applications into the network.\nBut the decentralized Open Source dream alone is not enough to revolutionize the social media world. In order for the new applications emerging in SNAC to be able to run, an appropriate economic environment is needed to cover the operating costs. If the user accesses many different servers while surfing through the decentralized network, the question arises who is responsible for the access costs caused. There is a lack of a corresponding micropayment service with which it is possible to pay very small amounts easy and securely. At first glance, this seems like a project of its own, but it is closely linked to the operation of a decentralised social network. And there are several  advantages emerging by linking social networks with a micropayment system. For example, users can donate a few cents to the creators of content they value, which then adds up to a fair reward for the creators. And this is done directly, independently and without forced ads for the users. But the mental alarm bell of data security rightly rings here when one tries to link financial and private communication data. Therefore, it is all the more important to hand over data sovereignty to the user when planning the protocols and to leave the server operators only the task for which they are fairly paid - the operation of the servers.\nWe are currently putting this concept into protocols that enable secure transactions and protect the user's data. The aim is to create an environment where everyone has the chance to honestly and transparently pay the costs they incur instead of filling the pockets of corporations with their data. \nOur project is quite daring, that is clear to us. And yet we are sure that this is exactly what we want to do in the coming years. Because there is a chance that we will find 15 crazy people who want to develop this utopia together with us. There's a chance we'll find 50,000 people supporting us with an average of 1€ a month to feed our 15 crazy developers. There's a chance that we can create an environment where many small subnets with cool innovative applications can trigger a movement that's going to be so big it will overcome Facebook's monopoly. And above all, we can create an environment where technology benefits people again, rather than the other way around. \nIf 36c3 isn't the right place for a project like this, what else is? We will give a talk in which we will discuss a better world and the difficulties that lie on the path there. We want to encourage listeners to think and participate, but above all we are also there to initiate a discussion. We want to hear all the concerns and mistakes that we overlook and we need the expertise from all the different angles that only the CCC brings together.\n\nHi! We're offeringa bit of a different talk, where we want to present a project that might bring a renaissance to the independence and freedom of the internet. We want to dream together of a better world, but then also talk about the concrete steps that need to be done to get there.","original_language":"eng","persons":["Steffen"],"tags":["36c3-oio","164","2019","Resilience \u0026 Sustainability","OpenInfrastructureOrbit"],"view_count":917,"promoted":false,"date":"2019-12-30T14:29:00.000+01:00","release_date":"2020-01-02T01:00:00.000+01:00","updated_at":"2026-02-04T03:30:04.922+01:00","length":2953,"duration":2953,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/164-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/164-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/164-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/164-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-164-snac-the-only-way-to-beat-facebook","url":"https://api.media.ccc.de/public/events/5eed96a6-5814-5798-a584-9581c8dd23ea","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"8aef09de-ff38-533d-b9e7-ff0e3a437031","title":"DOT. The LED Cube","subtitle":null,"slug":"36c3-oio-191-dot-the-led-cube","link":"https://talks.oio.social/36c3-oio/talk/3L7Q7W/","description":"Ein Würfel der einem Jahre seines Lebens kostet... und hübsch leuchtet... :D\n\nEin Würfel der auf allen Seiten mit LEDs bestückt ist. Mit insgesamt 24.576 davon lassen sich nicht nur coole Animationen anzeigen sondern auch Laufschriften, Grafiken und vieles mehr. Zudem kann man auf dem Würfel Spiele spielen oder Programmieren lernen und seiner Kreativität freien Lauf lassen. \nWie entstand die Idee, was steckt alles drin, was könnt ihr damit machen, wo soll's hin gehen, wie könnt ihr mitmachen,... klären wir alles dann. :)","original_language":"deu","persons":["Hannes Vatter"],"tags":["36c3-oio","191","2019","Hardware \u0026 Making","OpenInfrastructureOrbit"],"view_count":2059,"promoted":false,"date":"2019-12-29T21:20:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-04-01T10:00:04.303+02:00","length":1186,"duration":1186,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/191-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/191-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/191-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/191-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-191-dot-the-led-cube","url":"https://api.media.ccc.de/public/events/8aef09de-ff38-533d-b9e7-ff0e3a437031","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"d7287f76-3369-5017-89f7-35101cc72a18","title":"Hacking health","subtitle":null,"slug":"36c3-oio-184-hacking-health","link":"https://talks.oio.social/36c3-oio/talk/UYCLAE/","description":"About hacking wheelchairs, building custom bicycles, adapters to use e-scooters as outboard motors: Empowering people with disablitities or healthcare needs through Open Hardware. Presentation on experiences and lessons learned in collecting and co-creating open personalized DIY healthcare solutions for replicability and adaptability in Makerspace worldwide.\n\nCareables are open source solutions that aim to improve the quality of life for people with unmet particular needs or facing physical limitations. Careables are often co-designed, replicable, accessible, adjustable and shareable online using digital technologies.","original_language":"eng","persons":["Sandra GIG"],"tags":["36c3-oio","184","2019","Hardware \u0026 Making","OpenInfrastructureOrbit"],"view_count":618,"promoted":false,"date":"2019-12-29T17:10:00.000+01:00","release_date":"2020-01-01T01:00:00.000+01:00","updated_at":"2026-02-04T02:30:04.823+01:00","length":1285,"duration":1285,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/184-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/184-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/184-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/184-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-184-hacking-health","url":"https://api.media.ccc.de/public/events/d7287f76-3369-5017-89f7-35101cc72a18","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"da8f10ec-5c27-4b39-9209-191b7d865eca","title":"Psychedelic Medicine - Hacking Psychiatry?! ","subtitle":"Psychedelic Therapy as a fundamentally new approach to mental health issues","slug":"36c3-10661-psychedelic_medicine_-_hacking_psychiatry","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10661.html","description":"Psychedelic research constitutes a challenge to the current paradigm of  mental healthcare. But what makes it so different? And will it be able to meet the high expectations it is facing? This talk will provide a concise answer.\n\nPsychedelic Therapy is evolving to be a game changer in mental healthcare. Where classical antidepressants and therapies e.g. for Posttraumatic Stress Disorder often have failed to provide relief, substance assisted psychotherapies with Psilocybin, LSD and MDMA show promising results in the ongoing clinical trials worldwide.\n\nA challenge to the current paradigm: Unlike the conventional approach of medicating patients with antidepressants and other psychotropic drugs on a daily basis for months and years at a time, Psychedelic Therapy offers single applications of psychedelics or emotionally opening substances such as Psilocybin, LSD and MDMA within the course of a limited number of therapeutic sessions. The clinical trials conducted in this kind of setting are currently designed around depression, substance abuse, anxiety and depression due to life threatening illnesses, PTSD, anorexia and social anxiety in Autism.\nThough the results look promising, it is important not to take these therapies for a “magic bullet cure” for all and very patient will mental issues. This talk will outline the principles of psychedelic therapy and research and provide a concise overview of what psychedelic therapy can and cannot offer in the future.\n","original_language":"eng","persons":["Andrea Jungaberle"],"tags":["36c3","10661","2019","Science","Main"],"view_count":2212,"promoted":false,"date":"2019-12-28T16:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-29T09:30:05.437+02:00","length":2458,"duration":2458,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10661-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10661-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10661-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10661-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10661-psychedelic_medicine_-_hacking_psychiatry","url":"https://api.media.ccc.de/public/events/da8f10ec-5c27-4b39-9209-191b7d865eca","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"ffe32913-e2ff-4331-b3e6-7f8f180cbd72","title":"The Ultimate Acorn Archimedes talk","subtitle":"Everything about the Archimedes computer (with zero 'Eureka!' jokes)","slug":"36c3-10703-the_ultimate_acorn_archimedes_talk","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10703.html","description":"This talk will cover everything about the Acorn Archimedes, a British computer first released in 1987 and (slightly) famous for being the genesis of the original ARM processor.\n\n\nThe Archimedes was designed by Acorn in the UK in the mid-1980s, and was released in late 1987 with massive performance for its medium price (and, with the first OS, a hangover-coloured GUI).  The machine isn't widely known outside Europe.  Even in the UK, it was released just as the IBM PC was taking over, so remained niche.  It was built from scratch with four purpose-designed chips, the ARM, the VIDC, the MEMC and the IOC.  Looking at each chip, we'll take a hardware and software tour through what is one of the most influential yet little-known modern computers.  The talk will detail the video, sound, IO and memory management hardware, alongside the original ARM processor which is quite different to what we have today.  The Arc was a pleasure to program, both simple and fast, and we'll look at its software including the quirky operating systems that made the Arc tick, from Arthur to RISC OS and Acorn's mysterious BSD4.3 UNIX, RISCiX.  The first models were followed by the lower-end A3000 in 1989, which looked similar to the the Amiga 500 or Atari STE but had around eight times the CPU performance:  no sprites, no blitter, no Copper, no problem! ;-)  This talk will also share insights from the original chipset designers, with a tour of prototype hardware and unreleased Archimedes models.\n\nThe audience will get an appreciation for the Arc's elegant design, the mid-1980s birth of RISC processors, and the humble origins of the now-omnipresent ARM architecture.\n","original_language":"eng","persons":["Matt Evans"],"tags":["36c3","10703","2019","Hardware \u0026 Making","Main"],"view_count":18178,"promoted":false,"date":"2019-12-27T12:50:00.000+01:00","release_date":"2019-12-27T01:00:00.000+01:00","updated_at":"2026-03-31T03:30:04.391+02:00","length":3527,"duration":3527,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10703-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10703-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10703-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10703-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10703-the_ultimate_acorn_archimedes_talk","url":"https://api.media.ccc.de/public/events/ffe32913-e2ff-4331-b3e6-7f8f180cbd72","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"81908e34-0cd2-5bf1-ad77-6825d8f96b56","title":"Wikimedia Cloud Services introduction","subtitle":null,"slug":"36c3-77-wikimedia-cloud-services-introduction","link":"https://cfp.verschwoerhaus.de/36c3/talk/ENN7EF/","description":"Find out what kind of free services Wikimedia provides for you.\n\nWikimedia Cloud Services is a collection of services that the Wikimedia Foundation offers, free of charge, to anyone who can use them for furthering the goals of the Wikimedia movement. This includes Toolforge, a hosting service for tools written in various languages; Cloud VPS, full virtual private servers for advanced development beyond the capabilities of Toolforge; convenient access to Wikimedia project data; and more!\n\nLink and other useful information: https://www.wikidata.org/wiki/User:Lucas_Werkmeister/36c3-wmcs-intro","original_language":"eng","persons":["Lucas Werkmeister","Amir Sarabadani"],"tags":["36c3-wikipakawg","77","2019","Hardware \u0026 Making","WikiPakaWG"],"view_count":1230,"promoted":false,"date":"2019-12-27T18:00:00.000+01:00","release_date":"2020-01-14T01:00:00.000+01:00","updated_at":"2026-03-30T14:00:07.945+02:00","length":864,"duration":864,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/77-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/77-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/77-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/77-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-77-wikimedia-cloud-services-introduction","url":"https://api.media.ccc.de/public/events/81908e34-0cd2-5bf1-ad77-6825d8f96b56","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"c644a511-f6dd-448e-b492-fb577ddb72c1","title":"Finfisher verklagen","subtitle":"Rechtsbrüche beim Export von Überwachungssoftware","slug":"36c3-11217-finfisher_verklagen","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11217.html","description":"Die GFF hat gemeinsam mit Reporter ohne Grenzen (ROG), dem European Center for Constitutional and Human Rights (ECCHR) und netzpolitik.org Strafanzeige gegen die Geschäftsführer der Unternehmen FinFisher GmbH, FinFisher Labs GmbH und Elaman GmbH erstattet.\n\nEs liegen dringende Anhaltspunkte dafür vor, dass das Münchener Firmenkonglomerat die Spionagesoftware FinSpy ohne Genehmigung der Bundesregierung an die türkische Regierung verkauft und so zur Überwachung von Oppositionellen und Journalist*innen in der Türkei beigetragen hat.","original_language":"deu","persons":["Thorsten Schröder","Ulf Buermeyer"],"tags":["36c3","11217","2019","Ethics, Society \u0026 Politics","Main"],"view_count":12742,"promoted":false,"date":"2019-12-29T16:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-28T23:30:09.131+01:00","length":3556,"duration":3556,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11217-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11217-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11217-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11217-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11217-finfisher_verklagen","url":"https://api.media.ccc.de/public/events/c644a511-f6dd-448e-b492-fb577ddb72c1","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"2f4ba23c-de8a-5fd9-9829-fa4445eccc74","title":"Amateurfunk, wasn das?","subtitle":null,"slug":"36c3-64-amateurfunk-wasn-das-","link":"https://cfp.verschwoerhaus.de/36c3/talk/UAUKWZ/","description":"Kurze Zusammenfassung über ein extrem vielfältiges Hobby.\n\nBeim Amateurfunk geht es grundlegen darum, mit eigener Technik Funkverbindungen herzustellen. Dieses Hobby ist aber noch deutlich vielfältiger. Dazu gehört ein besonderer Amateurfunksport, Wettbewerbe, Not- und Katastrophenfunk oder der Selbstbau von Funkgeräten und Antennen. Auch der Funkkontakt an sich ist immer wieder spannend. So kann man bis nach Neuseeland, mit der Internationalen Raumstation, mit Satelliten oder auch mit dem Mond funken. Manche Funkamateure wandern auf Berge oder fahren auf unbewohnte Inseln um von dort funken zu können.","original_language":"deu","persons":["Janek","Noah"],"tags":["36c3-wikipakawg","64","2019","Hardware \u0026 Making","WikiPakaWG"],"view_count":4324,"promoted":false,"date":"2019-12-28T14:30:00.000+01:00","release_date":"2020-01-01T01:00:00.000+01:00","updated_at":"2026-03-23T14:30:07.753+01:00","length":940,"duration":940,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/64-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/64-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/64-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/64-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-64-amateurfunk-wasn-das-","url":"https://api.media.ccc.de/public/events/2f4ba23c-de8a-5fd9-9829-fa4445eccc74","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"83e0c501-6a60-555f-80af-36b22a440fd4","title":"NPR70 - \"WLAN\" auf 430MHz","subtitle":null,"slug":"36c3-oio-168-npr70-wlan-auf-430mhz","link":"https://talks.oio.social/36c3-oio/talk/EW8MBQ/","description":"Da A.25 mit 9k6 baud irgend wann einfach nicht mehr cool ist um Daten auf 430 Mhz zu übertragen, musste ein neues Protokoll mit passender Hardware her. Herausgekommen ist ein open source Projekt von F4HDK mit 500kbit/s nutzdaten, multiuser und schnellen Rundlaufzeiten.\n\nNachdem das nötige Hintergrundswissen zu dem Thema Drahtlose Übertragungsprotokolle vermittelt wurde. Wird das Protokoll und die dazugehörende Hardware ausführlich vorgestellt und mit alternativen wie z.B. LORA verglichen.\nAußerdem soll rund um den OIO im laufe des Kongresses ein Demo-Netzwerk aufgebaut werden hierfür können auch noch Kits vorort gelötet werden, meldet euch dafür einfach bei mir.","original_language":"deu","persons":["Lars Rokita"],"tags":["36c3-oio","168","2019","Hardware \u0026 Making","OpenInfrastructureOrbit"],"view_count":1406,"promoted":false,"date":"2019-12-28T14:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-11-20T11:15:03.424+01:00","length":2428,"duration":2428,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/168-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/168-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/168-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/168-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-168-npr70-wlan-auf-430mhz","url":"https://api.media.ccc.de/public/events/83e0c501-6a60-555f-80af-36b22a440fd4","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"d1b8ed3f-2c22-47d2-9aca-0f9d3cf48eb8","title":"Hacker Jeopardy","subtitle":"Zahlenraten für Geeks","slug":"36c3-11177-hacker_jeopardy","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11177.html","description":"The Hacker Jeopardy is a quiz show.\n\nThe well known reversed quiz format, but of course hacker style. It once was entitled „number guessing for geeks“ by a German publisher, which of course is an unfair simplification. It’s also guessing of letters and special characters. ;)\n\nThree initial rounds will be played, the winners will compete with each other in the final.\n\nThe event will be in German, we hope to have live translation again.","original_language":"deu","persons":["Sec","Ray"],"tags":["36c3","11177","2019","Entertainment","Main"],"view_count":10739,"promoted":false,"date":"2019-12-28T00:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-02-06T00:15:06.123+01:00","length":6918,"duration":6918,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11177-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11177-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11177-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11177-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11177-hacker_jeopardy","url":"https://api.media.ccc.de/public/events/d1b8ed3f-2c22-47d2-9aca-0f9d3cf48eb8","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"ce9f0e1e-38e9-43db-a936-90e433e1b047","title":"TrustZone-M(eh): Breaking ARMv8-M's security","subtitle":"Hardware attacks on the latest generation of ARM Cortex-M processors.","slug":"36c3-10859-trustzone-m_eh_breaking_armv8-m_s_security","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10859.html","description":"Most modern embedded devices have something to protect: Whether it's cryptographic keys for your bitcoins, the password to your WiFi, or the integrity of the engine-control unit code for your car.\n\nTo protect these devices, vendors often utilise the latest processors with the newest security features: From read-out protections, crypto storage, secure-boot up to TrustZone-M on the latest ARM processors.\n\nIn this talk, we break these features: We show how it is possible to bypass the security features of modern IoT/embedded processors using fault-injection attacks, including breaking TrustZone-M on the new ARMv8-M processors.\n\nWe are also releasing and open-sourcing our entire soft- and hardware toolchain for doing so, making it possible to integrate fault-injection testing into the secure development lifecycle.\n\nModern devices, especially secure ones, often rely on the security of the underlying silicon: Read-out protection, secure-boot, JTAG locking, integrated crypto accelerators or advanced features such as TrustZone are just some of the features utilized by modern embedded devices.\n\nProcessor vendors are keeping up with this demand by releasing new, secure processors every year. Often, device vendors place a significant trust into the security claims of the processors. In this talk, we look at using fault-injection attacks to bypass security features of modern processors, allowing us to defeat the latest chip security measures such as TrustZone-M on the new ARMv8 processors.\n\nAfter a quick introduction into the theory of glitching, we introduce our fully open-source FPGA platform for glitching: An FPGA-based glitcher with a fully open-source toolchain \u0026 hardware, making glitching accessible to a wider audience and significantly reducing the costs of getting started with it - going as far as being able to integrate glitch-testing into the Secure Development Lifecycle of a product.\n\nThen, we look at how to conduct glitching attacks on real-world targets, beyond academic environments, including how to prepare a device for glitching and how to find potential glitch targets.\n\nAfterwards, we demonstrate fault-injection vulnerabilities we found in modern, widely-used IoT/embedded processors and devices, allowing us to bypass security features integrated into the chip, such as:\n\n- Re-enabling locked JTAG\n- Bypassing a secure bootloader\n- Recovering symmetric crypto keys by glitching the AES implementation\n- Bypassing secure-boot\n- Fully bypassing TrustZone-M security features on some new ARMv8M processors\n\nWe will also demonstrating how to bypass security features and how to break the reference secure bootloader of the Microchip SAM L11, one of the newest, TrustZone-M enabled ARM Cortex-M processors, using roughly $5 of equipment.\n\nAfter the talk, PCBs of our hardware platform will be given out to attendees.","original_language":"eng","persons":["Thomas Roth"],"tags":["36c3","10859","2019","Hardware \u0026 Making","Main"],"view_count":3581,"promoted":false,"date":"2019-12-28T14:10:00.000+01:00","release_date":"2019-12-31T01:00:00.000+01:00","updated_at":"2026-04-02T15:00:07.373+02:00","length":3441,"duration":3441,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10859-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10859-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10859-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10859-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10859-trustzone-m_eh_breaking_armv8-m_s_security","url":"https://api.media.ccc.de/public/events/ce9f0e1e-38e9-43db-a936-90e433e1b047","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"8db548a2-dec0-411f-97b3-a22c416b7111","title":"Server Infrastructure for Global Rebellion","subtitle":null,"slug":"36c3-11008-server_infrastructure_for_global_rebellion","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11008.html","description":"In this talk Julian will outline his work as sysadmin, systems and security architect for the climate and environmental defense movement Extinction Rebellion. Responsible for 30 server deployments in 11 months, including a community hub spanning dozens of national teams (some of which operate in extremely hostile conditions), he will show why community-owned free and open source infrastructure is mission-critical for the growth, success and safety of global civil disobedience movements. \n\nAn extension of an earlier talk at C-Base Berlin, Julian will give an overview of his own discoveries, platform choices, successes and mistakes meeting the needs of 5-figure at-risk server memberships, from geo-political and legal challenges, to arrest opsec and uptime resilience in the face of powerful adversaries driving attacks on  infrastructure and seized activist devices spanning many countries before and during periods of mass civil disobedience. In particular the talk is a call for all sysadmins, opsec and infosec professionals and enthusiasts to rise up and join the fight for current and future generations of all life.","original_language":"eng","persons":["Julian Oliver"],"tags":["36c3","11008","2019","Resilience \u0026 Sustainability","Main"],"view_count":18891,"promoted":false,"date":"2019-12-27T17:30:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-04-02T00:30:05.150+02:00","length":3791,"duration":3791,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11008-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11008-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11008-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11008-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11008-server_infrastructure_for_global_rebellion","url":"https://api.media.ccc.de/public/events/8db548a2-dec0-411f-97b3-a22c416b7111","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"330c672b-9ec1-4416-ab28-4c808aa4ad76","title":"Boot2root","subtitle":"Auditing Boot Loaders by Example","slug":"36c3-10706-boot2root","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10706.html","description":"The Achilles heel of [your secure device] is the secure boot chain. In this presentation we will show our results from auditing commonly used boot loaders and walk through the attack surface you open yourself up to. You would be surprised at how much attack surface exists when hardening and defense in depth is ignored. From remote attack surface via network protocol parsers to local filesystems and various BUS parsing, we will walk through the common mistakes we've seen by example and showcase how realistic it is for your product's secure boot chain to be compromised. ","original_language":"eng","persons":["Ilja van Sprundel","Joseph Tartaro"],"tags":["36c3","10706","2019","Security","Main"],"view_count":1918,"promoted":false,"date":"2019-12-29T18:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-09T05:45:03.857+01:00","length":3733,"duration":3733,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10706-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10706-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10706-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10706-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10706-boot2root","url":"https://api.media.ccc.de/public/events/330c672b-9ec1-4416-ab28-4c808aa4ad76","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"0886b5ea-6e90-4619-8f9c-038ebf9b4241","title":"Infrastructures in a horizontal farmers community","subtitle":"Human agreements, comunication infrastructures, services in Campi Aperti, Bologna, Italy","slug":"36c3-10858-infrastructures_in_a_horizontal_farmers_community","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10858.html","description":"We will analyze the approach to tecnology (decisional method, mesh network and cloud) of a farming community near Bologna: Campi Aperti.\n\nSpeaking about: human organization, connectivity, managing of a server, resources and incidents handler, femminism, maintaining and growing in a non-gerarchical organization. Technologies involved: humans, antennas, orchestrator of containers.\n\nSummarize the experience of this last 15 years of a group of farmers, the strong political impact about take care of the near territory, decide what grow and what eat and share this decisions with the consumers in the city, settled a method that is called \"shared warranty\", garanzia partecipata, for the organic vegetables, refuse the big distribution of the food and how this principles, with also some femminist ideas, can bring  us to think in a different way our tech organizations and our tools. In the last 3 years the group Campiaperti and Genuino Clandestino, the italian network of self-managed farmers, started to make questions and solution about tecnologies and started slowly to mantain their services.","original_language":"eng","persons":["Andrea Zappa"],"tags":["36c3","10858","2019","Resilience \u0026 Sustainability","Main"],"view_count":883,"promoted":false,"date":"2019-12-29T20:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-03T02:00:04.180+01:00","length":2433,"duration":2433,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10858-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10858-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10858-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10858-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10858-infrastructures_in_a_horizontal_farmers_community","url":"https://api.media.ccc.de/public/events/0886b5ea-6e90-4619-8f9c-038ebf9b4241","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"b1f5ca8d-78ff-5e80-b301-4e8ae0ae6c8b","title":"The challenges of Protected Virtualization","subtitle":null,"slug":"36c3-107-the-challenges-of-protected-virtualization","link":"https://fahrplan.chaos-west.de/36c3/talk/73DECY/","description":"Firmware protection for Virtual Machines against buggy or malicious\nhypervisors is a rather new concept that is quickly gaining traction\namong the major CPU architectures; two years ago AMD introduced Secure Encrypted Virtualization (AMD SEV), and now IBM is introducing Protected Virtualization for the s390x architecture.\n\nThis talk will present the motivations and the overall architecture of\nProtected Virtualization, the general challenges for Linux both as a guest and as a hypervisor with KVM and Qemu.\n\nThe main challenges presented will be, among others:\n* secure VM startup\n* attestation\n* I/O\n* interrupts\n* Linux guest support\n* KVM and Qemu changes\n* swap and migration\n\nWhile the talk will have some technical content, it should be enjoyable for anyone who tinkers with KVM and virtualization.\n\nKnowledge of the s390x architecture is not required.","original_language":"eng","persons":["Janosch Frank","Claudio Imbrenda"],"tags":["36c3-chaoswest","107","2019","All about computers","ChaosWest"],"view_count":555,"promoted":false,"date":"2019-12-27T18:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-21T06:00:02.837+01:00","length":2441,"duration":2441,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/107-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/107-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/107-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/107-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-107-the-challenges-of-protected-virtualization","url":"https://api.media.ccc.de/public/events/b1f5ca8d-78ff-5e80-b301-4e8ae0ae6c8b","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"06a9bcc8-c716-43eb-9e17-1cfad4072dbe","title":"The Internet of rubbish things and bodies","subtitle":"A review of the best art \u0026 tech projects from 2019. With a focus on e-waste","slug":"36c3-11236-the_internet_of_rubbish_things_and_bodies","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11236.html","description":"Once you start looking at electronic trash you see it everywhere: in laptops of course but also increasingly in cars, fridges, even inside the bodies of humans and other animals. The talk will look at how artists have been exploring the e-junk invasion.\n\nRégine Debatty is a curator, critic and founder of http://we-make-money-not-art.com/, a blog which has received numerous distinctions over the years, including two Webby awards and an honorary mention at the STARTS Prize, a competition launched by the European Commission to acknowledge \"innovative projects at the interface of science, technology and art\".\nRégine writes and lectures internationally about the way artists, hackers, and designers use science and technology as a medium for critical discussion. She also created A.I.L. (Artists in Laboratories), a weekly radio program about the connections between art and science for Resonance104.4fm in London (2012–14), is the co-author of the “sprint book” New Art/Science Affinities, published by Carnegie Mellon University (2011) and is currently co-writing a book about culture and artificial intelligence.","original_language":"eng","persons":["Régine Débatty"],"tags":["36c3","11236","2019","Art \u0026 Culture","Main"],"view_count":10464,"promoted":false,"date":"2019-12-27T18:50:00.000+01:00","release_date":"2019-12-27T01:00:00.000+01:00","updated_at":"2026-01-12T13:45:19.846+01:00","length":3124,"duration":3124,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11236-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11236-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11236-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11236-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11236-the_internet_of_rubbish_things_and_bodies","url":"https://api.media.ccc.de/public/events/06a9bcc8-c716-43eb-9e17-1cfad4072dbe","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"4a4bb36e-70fa-4ee2-aa7e-1d0a4ccd74c1","title":"Intel Management Engine deep dive","subtitle":"Understanding the ME at the OS and hardware level","slug":"36c3-10694-intel_management_engine_deep_dive","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10694.html","description":"Reverse engineering a system on a chip from sparse documentation and binaries, developing an emulator from it and gathering the knowledge needed to develop a replacement for one of the more controversial binary blobs in the modern PC.\n\nThe Intel Management Engine, a secondary computer system embedded\nin modern chipsets, has long been considered a security risk \nbecause of its black-box nature and high privileges within the\nsystem. The last few years have seen increasing amounts of \nresearch into the ME and several vulnerabilities have been found.\n\nAlthough limited details were published about these vulnerabilities,\nreproducing exploits has been hard because of the limited information\navailable on the platform. \n\nThe ME firmware is the root of trust for the fTPM, Intel Boot Guard\nand several other platform security features, controlling it allows\noverriding manufacturer firmware signing, and allows implementing \nmany background management features.\n\nI have spent most of past year reverse engineering the OS, hardware\nand links to the host (main CPU) system. This research has led me \nto create custom tools for manipulating firmware images, to write\nan emulator for running ME firmware modules under controlled \ncircumstances and allowed me to replicate an unpublished exploit to\ngain code execution.\n\nIn this talk I will share the knowledge I have gathered so far, document\nmy methods and also explain how to go about a similar project.\n\nI also plan to discuss the possibility of an open source replacement \nfirmware for the Management Engine. \n\nThe information in this talk covers ME version 11.x, which is found in 6th and 7th generation chipsets (Skylake/Kabylake era), most of the hardware related information is also relevant for newer chipsets.","original_language":"eng","persons":["Peter Bosch"],"tags":["36c3","10694","2019","Security","Main"],"view_count":6715,"promoted":false,"date":"2019-12-27T18:50:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-04-04T11:15:06.532+02:00","length":3607,"duration":3607,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10694-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10694-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10694-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10694-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10694-intel_management_engine_deep_dive","url":"https://api.media.ccc.de/public/events/4a4bb36e-70fa-4ee2-aa7e-1d0a4ccd74c1","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"95eba607-f3bd-4ee6-b822-57a0efb3cf2f","title":"Fairtronics","subtitle":"A Tool for Analyzing the Fairness of Electronic Devices","slug":"36c3-10592-fairtronics","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10592.html","description":"Electronic gadgets come not just with an ecological footprint, but also a human cost of bad working conditions and human rights violations. To support hardware makers who want to design fairer devices, we are building a software tool to easily discover social risk hotspots and identify measures for improvement.\n\nThe issue of human rights violations in the supply chains of electronics products is nowadays being broadly discussed. However, from the point of view of a hardware maker, it is difficult to exclude the possibiltiy of harm being done to workers in their supply chains due to their complexity and lack of transparency. At the same time, projects such as Fairphone and NagerIT demonstrate that improvements are, in fact, possible.\n\nAt FairLötet and the Fairtronics project, we try to support those who would like to improve the social impact of their products in taking the first step towards improvement. To this end, we are building a software tool which will provide a first estimate of the risks contained within a given design: circuit diagram in, analysis out.\n\nThe analysis shows the main social risks associated with the product, due to which components and materials they arise, and in what regions of the world the risks are located. This enables the user to understand where efforts towards sustainability should be concentrated, e.g. by making informed purchasing decisions or engaging with suppliers.\n\nIn this talk, you will learn about the risks associated with electronics, how they are estimated, and what data we gather to compute them. No deep background in sustainability or hardware is required.","original_language":"eng","persons":["Andreas Fritsch","xian","tamdrx"],"tags":["36c3","10592","2019","Resilience \u0026 Sustainability","Main"],"view_count":651,"promoted":false,"date":"2019-12-30T11:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-10T13:30:08.613+01:00","length":2333,"duration":2333,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10592-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10592-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10592-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10592-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10592-fairtronics","url":"https://api.media.ccc.de/public/events/95eba607-f3bd-4ee6-b822-57a0efb3cf2f","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"95c2bf57-087f-5fb0-9ce8-a3210a585f9c","title":"Interactively Discovering Implicational Knowledge in Wikidata","subtitle":null,"slug":"36c3-95-interactively-discovering-implicational-knowledge-in-wikidata","link":"https://cfp.verschwoerhaus.de/36c3/talk/HMMPQQ/","description":"The ever-growing Wikidata contains a vast amount of factual knowledge. More complex knowledge, however, lies hidden beneath the surface: it can only be discovered by combining the factual statements of multiple items. Some of this knowledge may not even be stated explicitly, but rather hold simply by virtue of having no counterexamples present on Wikidata. Such implicit knowledge is not readily discoverable by humans, as the sheer size of Wikidata makes it impossible to verify the absence of counterexamples. We set out to identify a form of implicit knowledge that is succinctly representable, yet still comprehensible to humans: implications between properties of some set of items. Using techniques from Formal Concept Analysis, we show how to compute such implications, which can then be used to enhance the quality of Wikidata itself: absence of an expected rule points to counterexamples in the data set; unexpected rules indicate incomplete data. We propose an interactive exploration process that guides editors to identify false counterexamples and provide missing data. This procedure forms the basis of [The Exploration Game](https://tools.wmflabs.org/teg/), a game in which players can explore the implicational knowledge of set of Wikidata items of their choosing. We hope that the discovered knowledge may be useful not only for the insights gained, but also as a basis from which to create entity schemata.\n\nThe talk will introduce the notions of Implicational Knowledge, describe how Formal Context Analysis may be employed to extract implications, and showcase the interactive exploration process.","original_language":"eng","persons":["Maximilian Marx","Tom Hanika"],"tags":["36c3-wikipakawg","95","2019","Science","WikiPakaWG"],"view_count":417,"promoted":false,"date":"2019-12-28T16:00:00.000+01:00","release_date":"2020-01-22T00:00:00.000+01:00","updated_at":"2026-01-13T20:45:10.734+01:00","length":1871,"duration":1871,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/95-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/95-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/95-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/95-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-95-interactively-discovering-implicational-knowledge-in-wikidata","url":"https://api.media.ccc.de/public/events/95c2bf57-087f-5fb0-9ce8-a3210a585f9c","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"4b80f175-0c42-53e6-911d-2445cc25fd59","title":"Sexualisierter Gewalt und die Verantwortung von Ges. und Comm.","subtitle":null,"slug":"36c3-148-sexualisierter-gewalt-und-die-verantwortung-von-gesellschaft-und-communities","link":"https://fahrplan.chaos-west.de/36c3/talk/R33ZSA/","description":"Sexualisierte Gewalt ist Alltag in Deutschland. Leider. „Laut einer deutschlandweiten Repräsentativstudie erlebt jede 7. Frau in Deutschland im Lauf ihres Lebens strafrechtlich relevante sexualisierte Gewalt. 60% aller Frauen in Deutschland haben sexuelle Belästigung erlebt.\" schreibt der Bundesverbands Frauenberatungsstellen und Frauennotrufe. \" Jährlich werden der Polizei 11.000 Fälle sexuellen Missbrauchs von Kindern bekannt. Die Dunkelziffer im Bereich sexualisierter Gewalt ist hoch.“ (https://www.frauen-gegen-gewalt.de/de/was-ist-das-187.html) Sexualisierte Gewalt geht in den seltensten Fällen von Fremden aus, meist wird sie durch Personen aus dem Bekannten- und Familienkreis ausgeübt.\nViel zu kurz kommt hingegen die Auseinandersetzung mit dieser Thematik, mit den Folgen für Betroffene, Möglichkeiten der Prävention und der Unterstützung von Betroffenen. Auf gesellschaftlicher Ebene, aber auch in Communities. Das Ausmaß sexualisierter Gewalt ist seit Jahrzehnten unverändert. Sexualisierte Gewalt ist nach wie vor ein Tabuthema - und das macht es so schwierig, etwas zu verändern. Es ist wichtig, das Schweigen zu durchbrechen und Betroffenen* Angebote zur Unterstützung zu machen. Hier stehen wir alle in der Verantwortung, auch in der Chaos-Community.\nIndem wir eine Atmosphäre schaffen, in der über Erfahrungen mit sexualisierter Gewalt geredet werden kann, können wir Betroffene in der Bearbeitung unterstützenund insgesamt zur Sensibilisierung beitragen. Gruppen zur Unterstützung Betroffener und Awarenessgruppen sind eine Möglichkeit, um Betroffene von sexualisierter Gewalt zu stärken und ein Bewusstsein für Veränderung zu schaffen. Professionelle Organisationen klären auf, beraten und begleiten Betroffene.  \nHacken ist nicht ausschließlich eine technische, sondern auch eine politische und soziale Aktion und ebenso eine interaktive Handlung. Lasst uns die Tabuisierung des Themas sexualisierte Gewalt hacken und zusammen daran arbeiten, unsere Community zu einem besseren Ort zu machen.","original_language":"deu","persons":["Ann"],"tags":["36c3-chaoswest","148","2019","Nicht Computers","ChaosWest"],"view_count":640,"promoted":false,"date":"2019-12-29T17:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-01-02T05:45:06.514+01:00","length":3121,"duration":3121,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/148-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/148-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/148-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/148-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-148-sexualisierter-gewalt-und-die-verantwortung-von-gesellschaft-und-communities","url":"https://api.media.ccc.de/public/events/4b80f175-0c42-53e6-911d-2445cc25fd59","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"60936beb-b15d-44ec-a9ca-9dc0807fd889","title":"Digitalisierte Migrationskontrolle","subtitle":"Von Handyauswertung, intelligenten Grenzen und Datentöpfen","slug":"36c3-10766-digitalisierte_migrationskontrolle","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10766.html","description":"Die sogenannten digitalen Assistenzsysteme des BAMF, „intelligente Grenzen“ in der EU und immer größer werdende Datenbanken: Wer ins Land kommt und bleiben darf, wird immer mehr von IT-Systemen bestimmt. Davon profitiert die Überwachungsindustrie, während Menschen von automatisierten Entscheidungen abhängig werden.\n\nDeutschland hat in den letzten Jahren massiv in Technik investiert, um Asylverfahren zu digitalisieren. Biometrische Bilder mit Datenbanken abgleichen, Handys ausgelesen und analysieren, Sprache durch automatische Erkennungssysteme schleifen. Ganz abgesehen von der Blockchain, die alles noch besser machen soll. Doch nicht nur in Deutschland werden zum Zweck der Migrationskontrollen immer mehr Daten genutzt. In Norwegen werden Facebook-Profile Geflüchteter ausgewertet, in Dänemark sogar USB-Armbänder. Die Grenzagentur Frontex soll für „intelligente Grenzen“ sorgen, Datenbanken werden EU-weit ausgebaut und zusammengelegt. Rechtschutzmechanismen versagen größtenteils. Worum es dabei geht? Schnellere Abschiebungen. Wer davon profitiert? Die Überwachungsindustrie.\n\nIn Vorbereitung von Klageverfahren bringt die Gesellschaft für Freiheitsrechte e.V. (GFF) gemeinsam mit der Journalistin Anna Biselli im Laufe des Dezembers eine Studie heraus, die sich diesem Thema genauer widmet. Die Ergebnisse der Studie wollen Lea Beckmann und Anna Biselli gemeinsam vorstellen und kontextualisieren.\n\nAnna Biselli ist Informatikerin und Journalistin und arbeitet seit Jahren zu Fragen der Digitalisierung von Migrationskontrolle. \nLea Beckmann ist Juristin und Verfahrenskoordinatorin der Gesellschaft für Freiheitsrechte e.V. (GFF). Die GFF ist eine NGO, die durch strategische Gerichtsverfahren Grund- und Menschenrechte stärkt und zivilgesellschaftliche Partnerorganisationen rechtlich unterstützt. In vielen ihrer Verfahren setzt sich die GFF dabei für Datenschutz und einen verantwortungsvollen Einsatz von Technologie und gegen Diskriminierung ein. ","original_language":"deu","persons":["Anna Biselli","Lea Beckmann"],"tags":["36c3","10766","2019","Ethics, Society \u0026 Politics","Main"],"view_count":5135,"promoted":false,"date":"2019-12-27T20:50:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-02-24T22:30:07.910+01:00","length":3350,"duration":3350,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10766-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10766-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10766-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10766-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10766-digitalisierte_migrationskontrolle","url":"https://api.media.ccc.de/public/events/60936beb-b15d-44ec-a9ca-9dc0807fd889","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"b0fdc339-c0d7-4576-950f-0770b458f084","title":"The Eye on the Nile","subtitle":"Egypt's Civil Society Under Attack","slug":"36c3-10561-the_eye_on_the_nile","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10561.html","description":"What happens when we come across a surveillance operation targeting Egypt’s civil society? And what happens when the attackers expose all of their backend code by mistake? This is The Eye on the Nile.\n\nEgyptian activists and journalists report and fight against human rights violations, only to face human rights violations themselves: they are often silenced, detained, tortured and imprisoned. Practicing their freedom of expression becomes especially dangerous under a regime that is constantly wary of attempts to spark a second revolution. Therefore, it would not be surprising to see surveillance-motivated attacks trying to go after those targets.\n\nThis talk will discuss how an opsec mistake made by a state actor gave us a rare insight into their long-term malicious activity, and the methods they were using to keep a close eye on possible internal threats within Egypt. Among our findings were attempts to gain access to victims' inboxes and monitor their correspondences, mobile applications hosted on Google's Play Store and used to track victims' communications or location, and more.\n\nWe will start by reviewing our investigation into the attackers' infrastructure, and will then go over the different attack vectors and previously undisclosed malicious artifacts used in this operation. Lastly, we will share how we were able to find and reveal the identities of this campaign's high-profile targets, and the location of the headquarters which we suspect the attackers are operating from.","original_language":"eng","persons":["Aseel Kayal"],"tags":["36c3","10561","2019","Ethics, Society \u0026 Politics","Main"],"view_count":918,"promoted":false,"date":"2019-12-29T21:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-12-22T21:00:07.309+01:00","length":2368,"duration":2368,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10561-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10561-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10561-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10561-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10561-the_eye_on_the_nile","url":"https://api.media.ccc.de/public/events/b0fdc339-c0d7-4576-950f-0770b458f084","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"f5910185-f9b5-5d5a-b2df-fdfce6b8a8b9","title":"Episode VIII - Die letzten Freifunker?","subtitle":null,"slug":"36c3-oio-150-episode-viii-die-letzten-freifunker-","link":"https://talks.oio.social/36c3-oio/talk/CJFWMY/","description":"Freifunk steht für freie Kommunikation in digitalen Datennetzen. Reicht dieser Slogan aus, um die Communities wachsen und die Marke Freifunk bei den Menschen in unserem Land bekannt zu machen? Was können wir tun, um nicht bald die letzten Freifunker zu sein und insbesondere eine engagierte junge Generation anzusprechen, die Informationen ganz anders filtert und verarbeitet als GenX oder Baby Boomers? In diesem interaktiven Talk mit einer Marketingexpertin aus der IT Branche, geht es um die Identität von Freifunk und warum 8 Sekunden entscheidend sind.\n\nFreie Kommunikation in digitalen Datennetzen - ein wichtiges Gut, für das Freifunk steht. Aber wie steht es um die Marke Freifunk in Städten, Gemeinden, Kommunen und der Bevölkerung? Gibt es Nachwuchssorgen in den Communities und könnten wir nicht schon viel weiter sein mit unserem 'Netzausbau'? In diesem Talk möchte ich mit Euch gemeinsam einen kritischen Blick auf Freifunk von der Marketingseite her werfen und Ideen entwickeln, wie wir viele Menschen einladen können mitzumachen sodass Freifunk zu einem wichtigen Bestandteil ihres digitalen Lebens wird. Je mehr aktive Mitglieder unsere communities haben, desto eher können wir das umsetzen, worüber Politik und etablierte Wirtschaft primär nur reden: Digitalisierung und digitale Transformation vorantreiben - in Stadt und Land.","original_language":"deu","persons":["Glitzi"],"tags":["36c3-oio","150","2019","Ethics, Society \u0026 Politics","OpenInfrastructureOrbit"],"view_count":790,"promoted":false,"date":"2019-12-29T18:42:00.000+01:00","release_date":"2020-01-02T01:00:00.000+01:00","updated_at":"2025-08-28T09:00:04.212+02:00","length":1571,"duration":1571,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/150-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/150-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/150-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/150-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-150-episode-viii-die-letzten-freifunker-","url":"https://api.media.ccc.de/public/events/f5910185-f9b5-5d5a-b2df-fdfce6b8a8b9","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"26251c91-724e-4a28-b0fd-f5116fb339fb","title":"Jahresrückblick der Haecksen","subtitle":null,"slug":"36c3-10903-jahresruckblick_der_haecksen","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10903.html","description":"In  diesem Vortrag nehmen wir euch mit auf eine Reise durch das Haecksenjahr 2019. \n\nWir streifen kurz die deutsche Statistik über Femizide in Deutschland, bei der Deutschland sechst-schlechtestes Land im europäischen Vergleich ist. Femizide führen direkt zur Hexenverbrennung um ca. 1550. Viele Belege weisen darauf hin, dass die Verfahren zur Unterdrückung von Aufständen in der Bevölkerung gedacht und nicht einfach Effekte von Massenhysterien waren. Dann schwenken wir auf die positive Seite unseres Jahres um.\nWir geben euch eine Führung durch unsere Kunstgalerie (Briefmarken, Postkarten Memorials und mehr), zeigen Einblicke in ein Haecksen-Geekend und wie wir unsere 100 neuen von 292 Haecksen insgesamt integrieren und aktivieren.\nAußerdem verraten wir euch, in welchen Chaos-nahen Gruppen sich Haecksen-Gruppen befinden und was sie dort in 2019 gemacht haben. Zusätzlich dazu haben sich Haecksen dezentral zu den Themen Klimawandel und die Effekte von Bias in Trainigsdatensätzen zusammengeschlossen.\nWir schließen mit der Vorstellung von NIFTI http://nifti.org als der neue zentrale Knotenpunkt der Gemeinschaft aller FNIT-Gruppen mit Interesse an Technik.\nUnd wir werden dabei unser 30jähriges Jubiläum feiern.","original_language":"deu","persons":["melzai"],"tags":["36c3","10903","2019","CCC","Main"],"view_count":1484,"promoted":false,"date":"2019-12-30T13:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-10T09:45:07.999+01:00","length":1770,"duration":1770,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10903-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10903-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10903-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10903-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10903-jahresruckblick_der_haecksen","url":"https://api.media.ccc.de/public/events/26251c91-724e-4a28-b0fd-f5116fb339fb","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"d274ccf9-c5ed-4b88-a641-7ca8d5b4cedc","title":"Warum die Card10 kein Medizinprodukt ist","subtitle":"Was müssen Medizinproduktehersteller einhalten (und was nicht)?","slug":"36c3-10950-warum_die_card10_kein_medizinprodukt_ist","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10950.html","description":"\u003cp\u003eEs soll grundlegend erkl\u0026auml;rt werden, nach welchen Kriterien Medizinprodukte entwickelt werden. Dazu werden die wichtigsten Regularien (Gesetze, Normen, ...) vorgestellt die von den Medizinprodukteherstellern eingehalten werden m\u0026uuml;ssen. Diese regeln, was die Hersteller umsetzen m\u0026uuml;ssen (und was nicht). Hier wird auch die Frage beantwortet, warum beispielsweise die Apple-Watch (oder genauer gesagt nur zwei Apps) ein Medizinprodukt sind aber die card10 nicht. Dieser Vortrag gibt Antworten auf die folgenden Fragen:\u003c/p\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eWas ist denn \u0026uuml;berhaupt ein Medizinprodukt?\u003c/li\u003e\r\n\u003cli\u003eWas steht dazu im Gesetz?\u003c/li\u003e\r\n\u003cli\u003eWas haben Normen damit zu tun?\u003c/li\u003e\r\n\u003cli\u003eWas tun die Hersteller \u0026uuml;berlicherweise um diese Anforderungen umzusetzen?\u003c/li\u003e\r\n\u003cli\u003eWie sieht ein typischer Entwicklungsprozess aus?\u003c/li\u003e\r\n\u003cli\u003eWie sieht es mit Security und Safety aus?\u003c/li\u003e\r\n\u003cli\u003eWarum sind Innovationen so schwer?\u003c/li\u003e\r\n\u003cli\u003eWas passiert nach der Entwicklung?\u003c/li\u003e\r\n\u003cli\u003eWer \u0026uuml;berwacht das alles?\u003c/li\u003e\r\n\u003c/ul\u003e\r\n\u003cp\u003eEs wird Schwerpunktm\u0026auml;\u0026szlig;ig die EU betrachtet um die Dauer des Vortrags nicht zu sprengen.\u003c/p\u003e","original_language":"deu","persons":["Phil"],"tags":["36c3","10950","2019","Hardware \u0026 Making","Main"],"view_count":7296,"promoted":false,"date":"2019-12-27T22:10:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-04-03T14:00:05.484+02:00","length":3750,"duration":3750,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10950-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10950-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10950-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10950-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10950-warum_die_card10_kein_medizinprodukt_ist","url":"https://api.media.ccc.de/public/events/d274ccf9-c5ed-4b88-a641-7ca8d5b4cedc","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"6a8a2bfc-cc63-4938-8895-8ea84ba1544f","title":"The Planet Friendly Web","subtitle":"Warum unser Web nachhaltiger werden muss und wie wir das anstellen!","slug":"36c3-10506-the_planet_friendly_web","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10506.html","description":"Wo beginnt unsere Verantwortung bei der Gestaltung und Entwicklung einer Website und wo endet sie? Wusstest Du, dass die durch das Internet hervorgerufenen CO2-Emissionen die der Flugindustrie überschritten haben? Beim Design einer Website oder Web-App denken die wenigsten an CO2-Emissionen. So ist auch dieser Fakt weitgehend unbekannt. Warum wir uns dringend über ein nachhaltigeres Web Gedanken machen sollten und wie wir das in unserem Alltag umsetzen können, erfahrt Ihr in diesem Vortrag.\n\nAuf unserer Erde gibt es viele Probleme, die es für unsere und zukünftige Generationen zu lösen gilt: Die globale Erwärmung und weltweiter Hunger sind nur einige davon.\n\nIn unserem privaten Alltag beschäftigen sich viele von uns schon sehr ausgiebig mit dem Thema Nachhaltigkeit und dem verantwortungsvollen Umgang mit Ressourcen. Wir achten darauf, dass unsere Schokolade FairTrade ist, dass unser Apfel vom Bauern aus der Region kommt oder das Fleisch aus verantwortungsvoller Tierhaltung stammt.\n\nAber wer weiß schon, dass für ein modernes Smartphone über 80 Kilogramm Natur verbraucht wird? Und wie viele von euch, die aktiv das Web gestalten, beschäftigen sich damit, es auch nachhaltiger zu machen? Oder wusstet ihr, dass die durch das Internet hervorgerufenen CO2-Emissionen die der Flugindustrie überschritten haben?\n\nIn meinem Vortrag möchte ich euch zeigen, wie ihr auch im beruflichen Alltag, bspw. beim Konzipieren, Entwicklen, Designen oder Managen einer Website oder App, auf verantwortungsvollen Ressourcenverbrauch, besonders in Bezug auf den Energiebedarf, achten könnt. Auch die Fragen, wie ihr helfen könnt, das Web nachhaltiger zu machen, und was die Anforderungen an moderne Websites und Apps sind, damit sie nicht zu Lasten unserer Umwelt gehen, möchte ich euch beantworten.","original_language":"deu","persons":["Niklas Jordan"],"tags":["36c3","10506","2019","Resilience \u0026 Sustainability","Main"],"view_count":1591,"promoted":false,"date":"2019-12-29T20:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-03T20:15:07.015+01:00","length":2310,"duration":2310,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10506-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10506-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10506-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10506-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10506-the_planet_friendly_web","url":"https://api.media.ccc.de/public/events/6a8a2bfc-cc63-4938-8895-8ea84ba1544f","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"eaeae62b-555d-4c70-9ea0-5a32d5993489","title":"Weichenstellung","subtitle":"In welcher digitalen Welt werden wir leben?","slug":"36c3-11218-weichenstellung","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11218.html","description":"Wir müssen jetzt entscheiden, in welcher digitalen Welt wir leben wollen.\n\nIm Bereich des Datenschutzes und der Informationsfreiheit werden schwer umkehrbare Weichenstellungen vorgenommen, die weitreichende Konsequenzen für unsere Zukunft haben.\nAls Bundesdatenschutzbeauftragter setze ich mich mit der Durchsetzung der Datenschutz-Grundverordnung, der Regulierung von Verbraucher-Scoring und -Profiling und der Weiterentwicklung des europäischen Datenschutzrechts auseinander.\n\nBesonders beschäftigen mich dabei auch die Debatten um digitale Überwachung und massiv ausgeweitete Befugnisse der Sicherheitsbehörden.","original_language":"deu","persons":["Ulrich Kelber"],"tags":["36c3","11218","2019","Ethics, Society \u0026 Politics","Main"],"view_count":3470,"promoted":false,"date":"2019-12-30T13:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-13T13:15:10.906+01:00","length":3713,"duration":3713,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11218-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11218-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11218-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11218-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11218-weichenstellung","url":"https://api.media.ccc.de/public/events/eaeae62b-555d-4c70-9ea0-5a32d5993489","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"7668e889-63d6-5dbe-8a5b-e81d54731b10","title":"Software tools for wikis beyond MediaWiki and its extensions","subtitle":null,"slug":"36c3-88-software-tools-for-wikis-beyond-mediawiki-and-its-extensions","link":"https://cfp.verschwoerhaus.de/36c3/talk/LKSJUL/","description":"A showcase of software implemented outside of the MediaWiki and MediaWiki extensions code repositories.\n\nWikimedia's communities have diverse interests, use cases and technical needs. Volunteer developers experiment with new ideas, build solutions and bridge workflow gaps across our software stack.\n\nThis session is a showcase of a variety of impressive software solutions implemented outside of the MediaWiki and MediaWiki extensions code repositories.","original_language":"eng","persons":["Andre Klapper"],"tags":["36c3-wikipakawg","88","2019","Hardware \u0026 Making","WikiPakaWG"],"view_count":393,"promoted":false,"date":"2019-12-28T18:00:00.000+01:00","release_date":"2020-01-22T00:00:00.000+01:00","updated_at":"2025-06-16T00:45:04.640+02:00","length":1831,"duration":1831,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/88-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/88-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/88-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/88-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-88-software-tools-for-wikis-beyond-mediawiki-and-its-extensions","url":"https://api.media.ccc.de/public/events/7668e889-63d6-5dbe-8a5b-e81d54731b10","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"272dedf6-32ce-4020-af81-395eab2e5009","title":"Hack_Curio","subtitle":"Decoding The Cultures of Hacking One Video at a Time","slug":"36c3-10875-hack_curio","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10875.html","description":"Hacking and hackers can be hard to visualize. In the popular imagination, the figure alternates between a menacing, hooded figure or some sort of drugged-out and depressed juvenile hero (or perhaps a state-sponsored hacker).  To counter such images, a group of us have spearheaded a new digitally-based video project, Hack_Curio that features hacker-related videos, culled from a range of sources, documentary film, newscasts, hacker conference talks, advertising, and popular film. In this talk, the Hack-Curio creators and builders will briefly discuss the purpose and parameters of Hack_Curio and spend most of the talk featuring our funniest, most compelling videos around hacking from around the world. We will use these to reflect on some of the more obscure or less commented on cultural and political features of hacking--features that will address regional and international dimensions of the craft and its impacts around the world. \n\nHacking and hackers can be hard to visualize. In the popular imagination, the figure alternates between a menacing, hooded figure or some sort of drugged-out and depressed juvenile hero (or perhaps a state-sponsored hacker).  To counter such images, a group of us (Chris Kelty, Gabriella Coleman, and Paula Bialski) have spearheaded a new digitally-based video project, Hack_Curio that features hacker-related videos, culled from a range of sources, documentary film, newscasts, hacker conference talks, advertising, and popular film. In this talk, the Hack-Curio creators and builders, will briefly discuss the purpose and parameters of Hack_Curio and spend most of the talk featuring our funniest, most compelling videos around hacking from around the world. We will use these to reflect on some of the more obscure or less commented on cultural and political features of hacking--features that will address regional and international dimensions of the craft and its impacts around the world. \n\nWe will begin our talk by telling the audience what drove to build this website and what we learned in the process of collaborating with now over fifty people to bring it into being. After our introduction, we will showcase about 7-10 videos drawn from quite different sources (ads, parodies, movie clips, documentary film, and talks) and from different parts of the world (Mexico, Germany, South Africa, France) in order to discuss the cultural significance of hacking in relation to regional and international commonalities and differences. \n\nFinally, we will finish with a short reflection on why such a project, based on visual artifacts, is a necessary corollary to text-based discussions, like books and magazines, covering the history and contemporary faces of hacking. ","original_language":"eng","persons":[" Gabriella \"Biella\" Coleman","Paula Bialski"],"tags":["36c3","10875","2019","Art \u0026 Culture","Main"],"view_count":3939,"promoted":false,"date":"2019-12-27T23:30:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-13T12:45:11.454+01:00","length":3532,"duration":3532,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10875-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10875-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10875-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10875-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10875-hack_curio","url":"https://api.media.ccc.de/public/events/272dedf6-32ce-4020-af81-395eab2e5009","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"d84a392d-0680-584c-8a35-358977418a13","title":"“Computer says no”: Worüber sollen Algorithmen entscheiden dürfen","subtitle":null,"slug":"36c3-oio-173--computer-says-no-worber-sollen-algorithmen-entscheiden-drfen","link":"https://talks.oio.social/36c3-oio/talk/A8GQTE/","description":"Richtlinien für den ethischen Einsatz von Algorithmen gibt es langsam wirklich genug. Konzerne und Organisationen    übertrumpfen sich geradezu damit zu betonen, dass der Mensch bei allen maschinellen Entscheidungen im Mittelpunkt stehen soll, dass die Systeme fair und nachvollziehbar arbeiten müssen. Aber egal, ob sie nun direkt von Google und IBM stammen, von Normungsorganisationen wie IEEE oder der OECD – gemeinsam ist all diesen Richtlinien: Sie sind rechtlich nicht bindend. Die Frage ist also: Wem dienen solche Ansätze der unternehmerischen und    staatlichen Selbstregulierung? Und wollen wir uns auf sie verlassen oder brauchen wir klare gesetzliche Auflagen? Welche Regeln sollten für Unternehmen gelten, welche für den Staat? Und wer soll darüber wachen, dass sie eingehalten werden?","original_language":"deu","persons":["segal","Chris Köver"],"tags":["36c3-oio","173","2019","Ethics, Society \u0026 Politics","OpenInfrastructureOrbit"],"view_count":1189,"promoted":false,"date":"2019-12-28T16:45:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-25T15:45:08.126+01:00","length":1350,"duration":1350,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/173-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/173-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/173-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/173-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-173--computer-says-no-worber-sollen-algorithmen-entscheiden-drfen","url":"https://api.media.ccc.de/public/events/d84a392d-0680-584c-8a35-358977418a13","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"d8b2af5e-29da-4cc7-9d72-8329df1411b1","title":"An ultrashort history of ultrafast imaging","subtitle":"Featuring the shortest movies and the largest lasers","slug":"36c3-10902-an_ultrashort_history_of_ultrafast_imaging","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10902.html","description":"Did you ever wonder what happens in the time period it takes light to cross the diameter of your hair? This is the femtosecond, a millionth of a billionth of a second. It is the time scale of electron and nuclear motion, and therefore the most fundamental processes in atomic and molecular physics, chemistry and biology start here. In order to take movies with femtosecond time resolution, we need ultrafast cameras – flashes of light that act faster than any camera shutter ever could. And imaging ultrafast motion is only the first step: We aim to control dynamics on the femtosecond time scale, ultimately driving chemical reactions with light.\n\nInvestigating ultrafast processes is challenging. There simply are no cameras that would be fast enough to image a molecule in motion, so we need to rely on indirect measurements, for example by ultrashort light pulses. Such ultrashort pulses have been developed for several years and are widely applied in the study of ultrafast processes by, e.g., spectroscopy and diffraction. Depending on the specific needs of the investigation, they can be generated either in the laboratory or at the most powerful light sources that exist today, the x-ray free-electron lasers.\n\nWith ultrafast movies, a second idea comes into play: once we understand the dynamics of matter on the femtosecond time scale, we can use this knowledge to control ultrafast motion with tailored light pulses. This is promising as a means to trigger reactions that are otherwise not accessible.\n\nIn my talk, I will give a brief introduction to the rapidly developing field of ultrafast science. I will summarize main findings, imaging techniques and the generation of ultrashort pulses, both at lab-based light sources and large free-electron laser facilities. Finally, I will give an outlook on controlling ultrafast dynamics with light pulses, with the future goal of hacking chemical reactions.\n","original_language":"eng","persons":["Caroline"],"tags":["36c3","10902","2019","Science","Main"],"view_count":2016,"promoted":false,"date":"2019-12-28T12:50:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2025-12-07T22:00:03.699+01:00","length":3612,"duration":3612,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10902-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10902-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10902-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10902-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10902-an_ultrashort_history_of_ultrafast_imaging","url":"https://api.media.ccc.de/public/events/d8b2af5e-29da-4cc7-9d72-8329df1411b1","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"669e8ad4-d0a0-501d-aebd-c1a8c8423291","title":"System Transparency","subtitle":null,"slug":"36c3-139-system-transparency","link":"https://fahrplan.chaos-west.de/36c3/talk/D9BFMN/","description":"The ever increasing usage of cloud-based software forces us to face old questions about the trustworthiness of our software. While FLOSS allows us to trust software running on our platforms, System Transparency establishes the same level of trust in SaaS and IaaS scenarios.\n\nIn a System Transparency context, all parties that depend on the services of a particular server can retrieve the complete source code of firmware and OS running on it. They can reproduce all binaries and verify remotely that these were run as part of the boot process. This gives every user the ability to verify claims of the service provider like the absence of logs or lack of backdoor access.\n\nSystem Transparency accomplishes this by \n - giving every server a unique, cryptographic identity that is kept in a hardware trust anchor,\n - using a provisioning ritual to associate this identity with a particular hardware,\n - running the FLOSS firmwares coreboot and LinuxBoot instead of proprietary UEFI implementations,\n - building firmware and OS images are reproducible,\n - retrieving all OS images from the network, keeping only minimal state on the disk,\n - signing all OS images as well as listing them in a public append-only log and\n - minimizing administrator access to prevent invisible changes to the OS after it has been booted.\n\nThis talk introduces System Transparency and details the platform security features we implemented as part of our reference system. We also describe our reference implementations’ custom bootloader based on LinuxBoot. It verifies that boot artifacts are signed by the server owner and are in the transparency log before continuing. This makes sure that 3rd parties can audit past and present artifacts booted on the platform. Finally, we demo a modern x86 server platform running our prototype coreboot/LinuxBoot stack.","original_language":"eng","persons":["seu"],"tags":["36c3-chaoswest","139","2019","All about computers","ChaosWest"],"view_count":962,"promoted":false,"date":"2019-12-28T13:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-27T19:15:07.771+01:00","length":1153,"duration":1153,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/139-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/139-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/139-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/139-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-139-system-transparency","url":"https://api.media.ccc.de/public/events/669e8ad4-d0a0-501d-aebd-c1a8c8423291","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"1994b28a-5725-4b4a-a289-e759eb647dd8","title":"Human Rights at a Global Crossroads","subtitle":"Whistleblowers and the Cases of The Snowden Refugees and Edward Snowden","slug":"36c3-10574-human_rights_at_a_global_crossroads","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10574.html","description":"An update on the circumstances of Mr Snowden and the Snowden Refugees will be provided at the 36C3 event and venue in December 2019. There have been many significant events and incidents during 2019.\n\nOf these significant events is the major success of Vanessa Rodel and her daughter Keana being granted refugee status by Canada and resettled in Montreal, Canada in late March 2019. Vanessa’s journey to Canada will be discussed. \n\nMore significantly the issue of  the Canadian government having left Supun and his family and Ajith behind in Canada has split up a family namely Keana in Montreal from her father Supun and siblings Sethumdi and Dinath in Hong Kong.  \n\nIn further context of the emerging police state that Hong Kong has become and its arbitrary and disproportionate use of violence against protesters and innocent civilian bystanders and breaches of constitutional rights and under international law, this has re-traumatized The Snowden Refugees in Hong Kong and has put them all at heightened risk. \n\nThe lecture will cover the current global erosion and dismantling of international refugee and constitutional law by increasingly authoritarian democracies and loss of international protection for whistleblowers and those who protect whistleblowers. It will be discussed how this has impacted upon the cases of Mr Snowden and The Snowden Refugees.","original_language":"eng","persons":["Robert Tibbo","Edward Snowden"],"tags":["36c3","10574","2019","Ethics, Society \u0026 Politics","Main"],"view_count":3115,"promoted":false,"date":"2019-12-29T17:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-01-13T01:30:18.691+01:00","length":3804,"duration":3804,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10574-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10574-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10574-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10574-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10574-human_rights_at_a_global_crossroads","url":"https://api.media.ccc.de/public/events/1994b28a-5725-4b4a-a289-e759eb647dd8","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"bfe5b7b4-8b06-4cce-b979-5a6c0b4995f3","title":"Technical aspects of the surveillance in and around the Ecuadorian embassy in London","subtitle":"Details about the man hunt for Julian Assange and Wikileaks","slug":"36c3-11247-technical_aspects_of_the_surveillance_in_and_around_the_ecuadorian_embassy_in_london","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11247.html","description":"The talk explains and illustrates the procedural and technical details of the surveillance in and around the Ecuadorian embassy in London during the time Julian Assange stayed in there from June 2012 until April 2019. \n\nIn the aftermath of Assange's expel from the ecuadorian embassy in London and his arrest based on a US extradition warrant evidence appeared that the \"Security\" measures of the embassy had at some point switched from protecting Assange and the embassy to an extremely detailled surveillance operation both against Assange and his visitors. The Spanish company \"Undercover Global\" that has been in charge of the embassy between 2015 and April 2018 and its owner and CEO is under investigation for spying on behalf of the CIA. Material from the second company that has taken over the embassy \"Security\" in April 2018 has found its way into an attempted extortion and is also subject to a legal investigation.\n\nThe talk will contain material both documenting the surveillance measures installed as well as audio and video material obtained by the surveillance gear. It will also briefly touch on surveillance measures experienced elsewhere by friends, lawyers, media partners and associates of Assange and Wikileaks in the context of the ongoing man hunt.","original_language":"eng","persons":["andy"],"tags":["36c3","11247","2019","Ethics, Society \u0026 Politics","Main"],"view_count":9925,"promoted":false,"date":"2019-12-30T12:30:00.000+01:00","release_date":"2020-01-03T01:00:00.000+01:00","updated_at":"2026-04-01T03:00:04.107+02:00","length":3854,"duration":3854,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11247-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11247-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11247-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11247-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11247-technical_aspects_of_the_surveillance_in_and_around_the_ecuadorian_embassy_in_london","url":"https://api.media.ccc.de/public/events/bfe5b7b4-8b06-4cce-b979-5a6c0b4995f3","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"b7fa2545-0034-52d7-802b-fd756c97c5cb","title":"2. Podcast-Selbstkritiktreffen","subtitle":null,"slug":"36c3-115-2-podcast-selbstkritiktreffen","link":"https://fahrplan.das-sendezentrum.de/36c3/talk/Y3VESL/","description":"Jenny Günther, Moritz Klenk, Nicolas Wöhrl und Stefan Schulz laden alle anwesenden Podcaster und Podcasthörer zum 2. Podcast-Selbstkritiktreffen ein.\n\nJenny Günther, Moritz Klenk, Nicolas Wöhrl und Stefan Schulz laden alle anwesenden Podcaster und Podcasthörer zum 2. Podcast-Selbstkritiktreffen ein. Im vergangenen Jahr haben wir die eher schweren Themen diskutiert - Formate \u0026 Finanzen. Dieses Jahr rücken wir etwas näher an den Alltag am Aufnahmegerät heran: Wir möchten über Workflows reden, die Organisation von Sendungen, den Umgang mit Gästen und Publikum. Auf der Bühne wird wieder ein leerer Stuhl stehen. Alle, die gehört werden wollen, werden gehört.\n\nJenny Günther ist Politpodcasterin mit Herz, Moritz Klenk ist Monologpodcaster mit Doktortitel, Nicolas Wöhrl ist Spaßpodcaster mit Feuertornado, Stefan Schulz ist Fernsehpodcaster ohne Sendeschluss.","original_language":"deu","persons":["Stefan Schulz","Jenny","Nicolas","Moritz Klenk"],"tags":["36c3-sendezentrum","115","2019","DLF- und Podcast-Bühne","Sendezentrum"],"view_count":1777,"promoted":false,"date":"2019-12-27T23:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-16T10:00:10.921+01:00","length":5355,"duration":5355,"thumb_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/115-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/115-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/115-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/115-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-115-2-podcast-selbstkritiktreffen","url":"https://api.media.ccc.de/public/events/b7fa2545-0034-52d7-802b-fd756c97c5cb","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"e82ff951-9420-54a2-afd1-3596d9cfed4e","title":"Die #36c3 Wisskomm-Gala","subtitle":null,"slug":"36c3-116-die-36c3-wisskomm-gala","link":"https://fahrplan.das-sendezentrum.de/36c3/talk/P3M9YV/","description":"Das Wissenschaftskommunikations-Assembly trifft sich auf dem 36c3 um über Wissenschaftskommunikation zu sprechen. Und über andere Themen die ihnen am Herzen liegen.\n\nWir kommunizieren über den einen oder anderen Weg Wissenschaft. Physik, Chemie, Biologie, Pharmazie... Doch schauen wir uns das viele Unwissen in der Welt an, dann scheint das noch nicht auszureichen. Wie können wir Wissenschaft noch besser an die Frau oder den Mann bringen? Wie können wir überhaupt das Interesse dafür wecken?\nIn der Politik gibt es zwar bereits Pläne, die Kommunikation zu verbessern, das Grundsatzpapier des Bundesministeriums für Bildung und Forschung (BMBF) über Wissenschaftskommunikation ist nur ein Beispiel dafür. Nur wirft dies auch die Befürchtung auf, dass Kommunikation dann von eh schon überlasteten, drittmittelfinanziert-prekären Doktorandinnen aufgeladen wird. Oder, dass sie als Freizeitvergnügung betrachtet wird. Oder, dass die hohen Anforderungen für gute Kommunikation unterschätzt werden. Oder, dass Wissenschaftskommunikation als Instrument der Akzeptanzbeschaffung verwendet wird. \nRichtig ist aber, dass alle von Wissenschaftskommunikation profitieren könnten.\nWir möchten uns darüber austauschen, wie Wissenschaft unserer Meinung nach kommuniziert werden sollte. Und auch, welche Themen gerade jetzt mehr Aufmerksamkeit finden sollten. Eine Betrachtung von Wissenschaftler*innen, die gleichzeitig Wissenschaftskommunikator*innen sind - eine Kombination die immer noch recht selten ist.","original_language":"deu","persons":["Anna Müllner","André Lampe","Nicolas"],"tags":["36c3-sendezentrum","116","2019","DLF- und Podcast-Bühne","Sendezentrum"],"view_count":688,"promoted":false,"date":"2019-12-28T00:40:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-12-29T23:30:18.821+01:00","length":3708,"duration":3708,"thumb_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/116-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/116-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/116-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/116-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-116-die-36c3-wisskomm-gala","url":"https://api.media.ccc.de/public/events/e82ff951-9420-54a2-afd1-3596d9cfed4e","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"0968ef0d-4e19-5751-94f4-f24b8b9758a3","title":"Aus Sicherheitsgründen muss das Grundgesetz leider abgeschafft werden - Schluss mit dem Sicherheitstheater","subtitle":"","slug":"36c3-99-aus-sicherheitsgrnden-muss-das-grundgesetz-leider-abgeschafft-werden-schluss-mit-dem-sicherheitstheater","link":"https://fahrplan.chaos-west.de/36c3/talk/83YJMS/","description":"\u003cp\u003eDie Gleichsetzung von Sicherheit und Repression ist gef\u0026auml;hrlich. Erstens werden damit Grundrechtseinschnitte gerechtfertigt, die uns in Gefahr bringen. Zweitens unterbleiben wichtige Ma\u0026szlig;nahmen, die wirklich der Sicherheit dienen w\u0026uuml;rden. Was in Politik und Wirtschaft als \u0026bdquo;Sicherheit\u0026ldquo; verkauft wird, ist reines Puppentheater. Menschen wird Angst eingeredet, um diese Angst sodann mit Repression und \u0026Uuml;berwachung zu \u0026bdquo;beruhigen\u0026ldquo;. Sicherheit und Freiheit bedingen sich gegenseitig. Eine Politik, die Freiheit angreift und scheibchenweise verh\u0026ouml;kert, verdient nicht \u0026bdquo;Sicherheitspolitik\u0026ldquo; genannt zu werden. Sie ist reines Theater und einer Demokratie nicht w\u0026uuml;rdig. Schlimmer noch: Sie leistet einem autorit\u0026auml;ren Gedankengut Vorschub, das uns garantiert nicht sicher macht. Der Vortrag widmet sich einerseits der Erkl\u0026auml;rung, weshalb diese Gleichsetzung gef\u0026auml;hrlich ist: \u0026Uuml;berwachung hilft gar nicht, hat gef\u0026auml;hrliche Nebenwirkungen und zersetzt den gr\u0026ouml;\u0026szlig;ten Garanten f\u0026uuml;r unsere Sicherheit, die Freiheit. Zum anderen geht es um die Frage, welche Ma\u0026szlig;nahmen wirklich sinnvoll w\u0026auml;ren. Das f\u0026auml;ngt bei einem echten Kampf gegen den Faschismus an, geht \u0026uuml;ber unabh\u0026auml;ngige Kontrolle der Polizei, Klimaschutz, Verkehrspolitik und endet nicht erst in der Forderung nach einer besseren Regulierung von Antibiotika. Es ist wichtig, dass der Wunsch nach Sicherheit nicht weiter instrumentalisiert wird. Repression ist gef\u0026auml;hrlich und dient nun wirklich nicht der Sicherheit. Besonders w\u0026uuml;tend sollte uns das machen, wenn gleichzeitig lange n\u0026ouml;tige Ma\u0026szlig;nahmen, beispielsweise beim Kampf gegen Rechts oder gegen digitale Gewalt unterbleiben. Denn hier sind wir wirklich in Gefahr. Dieses ewige \"aus Sicherheitsgr\u0026uuml;nden\" muss endlich ein Ende haben. Wir k\u0026ouml;nnen mithelfen, indem wir uns einen Spa\u0026szlig; machen und die Begr\u0026uuml;ndung genau so inflation\u0026auml;r benutzen, wie die Politik. Einfache Begr\u0026uuml;ndungen k\u0026ouml;nnen wir schlie\u0026szlig;lich alle gebrauchen. Und wenn es um Sicherheit geht, wird ja wohl niemand diskutieren wollen. Wir \u0026uuml;ben das mal gemeinsam: Aus Sicherheitsgr\u0026uuml;nden sollten sich alle diesen Vortrag ansehen.\u003c/p\u003e","original_language":"deu","persons":["Leena Simon"],"tags":["36c3-chaoswest","99","2019","Antifaschismus","ChaosWest"],"view_count":2359,"promoted":false,"date":"2019-12-29T20:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-31T12:15:05.312+02:00","length":3110,"duration":3110,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/99-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/99-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/99-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/99-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-99-aus-sicherheitsgrnden-muss-das-grundgesetz-leider-abgeschafft-werden-schluss-mit-dem-sicherheitstheater","url":"https://api.media.ccc.de/public/events/0968ef0d-4e19-5751-94f4-f24b8b9758a3","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"dc142f44-4b82-42da-b2a4-bb7d6775fda6","title":"The Case Against WikiLeaks: a direct threat to our community ","subtitle":"How to understand this historic challenge and what we can do to defend ourselves","slug":"36c3-11090-the_case_against_wikileaks_a_direct_threat_to_our_community","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11090.html","description":"The unprecedented charges against Julian Assange and WikiLeaks constitute the most significant threat to the First Amendment in the 21st century and a clear and present danger to investigative journalism worldwide. But they also pose significant dangers to the technical community. This panel will explain the legal and political issues we all need to understand in order to respond to this historic challenge. \n\n\u003cp\u003eWe've been warning you about it for years, and now it's here. The talk will dissect the legal and political aspects of the US case against Wikileaks from an international perspective. It will describe the threats this prosecution poses to different groups and the key issues the case will raise. Most importantly, we will explain how we are still in time to act and change the course of history. \u003c/p\u003e\n\n\u003cp\u003eThe unprecedented charges against Julian Assange and WikiLeaks constitute the most significant threat to the First Amendment in the 21st century and a clear and present danger to investigative journalism worldwide. But they also pose significant dangers to the technical community, the trans community, to human rights defenders and anti-corruption campaigners everywhere.\u003c/p\u003e \n\n\u003cp\u003eIf we don't take action now, the ramifications of this case will be global, tremendously damaging and potentially irreversible in times when the need to hold the powerful to account has never been more obvious. This is a historic moment and we need to rise to its challenge.\u003c/p\u003e \n\n\u003cp\u003eThis talk will explain the legal and political aspects of the case against WikiLeaks, the reasons why Chelsea Manning and Jeremy Hammond have been imprisoned again, the governmental interests for and against prosecution, the dynamics of UK/US extradition and what it means to prosecute Assange as Trump runs for re-election.\u003c/p\u003e \n\n\u003cp\u003eThis is a case with destructive potential like no other, with profound implications for the future of dissent, transparency, accountability and our ability to do the work we care about.\u003c/p\u003e \n\n\u003cp\u003eThe situation is frightening but it isn't hopeless: we will conclude with a guide to an effective strategy against the lawfare the journalist and technical communities are now facing courtesy of Donald Trump's DOJ. \u003c/p\u003e\n","original_language":"eng","persons":["renataavila"," Naomi Colvin","Angela Richter"],"tags":["36c3","11090","2019","Ethics, Society \u0026 Politics","Main"],"view_count":2587,"promoted":false,"date":"2019-12-28T20:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2025-12-29T15:45:19.366+01:00","length":3787,"duration":3787,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11090-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11090-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11090-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11090-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11090-the_case_against_wikileaks_a_direct_threat_to_our_community","url":"https://api.media.ccc.de/public/events/dc142f44-4b82-42da-b2a4-bb7d6775fda6","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"7d650f95-ad4f-4c07-9109-5e3cbd2523f6","title":"High-assurance crypto software","subtitle":null,"slug":"36c3-10893-high-assurance_crypto_software","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10893.html","description":"Software bugs and timing leaks have destroyed the security of every Chromebook ECDSA \"built-in security key\" before June 2019, ECDSA keys from several popular crypto libraries, the Dilithium post-quantum software, the Falcon post-quantum software, and more. Will we ever have trustworthy implementations of the cryptographic tools at the heart of our security systems?\n\nStandard testing and fuzzing catch many bugs, but they don't catch all bugs. Masochists try to formally prove that crypto software does its job. Sadists try to convince you to do your own proof work and to let them watch. After years of pain, a team of fifteen authors has now proudly announced a verified crypto library: fast but unportable implementations of a few cryptographic functions specifically for CPUs that aren't in your smartphone. This is progress, but the progress needs to accelerate.\n\nThis talk will highlight a way to exploit the power of modern reverse-engineering tools to much more easily verify crypto software. This relies on the software being constant-time software, but we want constant-time software anyway so that we can guarantee security against timing attacks. Constant-time software is also surprisingly fast when cryptosystems are selected carefully.\n\nThis talk is meant as an introduction for a general audience, giving self-contained answers to the following questions: What are timing attacks? What is constant-time software? What are some examples of constant-time crypto? How can we be sure that code is constant-time? What do these reverse-engineering tools do? How does constant-time code help these tools? How do we get from reverse engineering to guaranteeing correctness?\n  \nThe talk will be given as a joint presentation by Daniel J. Bernstein and Tanja Lange.","original_language":"eng","persons":["djb","Tanja Lange"],"tags":["36c3","10893","2019","Security","Main"],"view_count":2428,"promoted":false,"date":"2019-12-29T17:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-17T21:00:09.995+01:00","length":3666,"duration":3666,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10893-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10893-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10893-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10893-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10893-high-assurance_crypto_software","url":"https://api.media.ccc.de/public/events/7d650f95-ad4f-4c07-9109-5e3cbd2523f6","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"c95ae46b-dc34-55fd-bff7-026a9d252de9","title":"Code for Germany. Gute Taten mit offenen Daten","subtitle":null,"slug":"36c3-93-code-for-germany-gute-taten-mit-offenen-daten","link":"https://cfp.verschwoerhaus.de/36c3/talk/EGBN8W/","description":"Seit fünf Jahren setzen sich innerhalb des Netzwerks [„Code for Germany“](https://codefor.de) in ganz Deutschland rund 300 Ehrenamtliche für offene Daten ein und bauen damit Anwendungen für alle. Auch 2019 ist bei uns einiges passiert, was wir euch hier vorstellen wollen. Wir haben uns beispielsweise mit Daten zu Umwelt, Politik und jeder Menge Kartenmaterial beschäftigt und viele neue Projekte am Start. Manche glänzen schon richtig, andere suchen noch Unterstützung. Im Talk erklären wir, was offene Daten eigentlich sind, was man daraus bauen kann und wie man bei uns mitmachen kann.\n\n[Code for Germany](https://codefor.de) ist ein Netzwerk von Gruppen ehrenamtlich engagierter Freiwilliger. Wir nutzen unsere Fähigkeiten, um unsere Städte und das gesellschaftliche Miteinander positiv zu gestalten. Wir setzen uns für mehr Transparenz, Offene Daten und Partizipation in unseren Städten ein. Wir vermitteln insbesondere zwischen Zivilgesellschaft, Verwaltung und Politik und nutzen unsere Fähigkeiten, um die Kommunikation zwischen diesen zu verbessern und notwendige Impulse zu setzen, damit die Möglichkeiten der offenen und freien Digitalisierung so vielen Menschen wie möglich zugute kommen.","original_language":"deu","persons":["Julia"],"tags":["36c3-wikipakawg","93","2019","Community","WikiPakaWG"],"view_count":1749,"promoted":false,"date":"2019-12-27T21:00:00.000+01:00","release_date":"2020-01-22T00:00:00.000+01:00","updated_at":"2026-01-06T11:30:14.733+01:00","length":1832,"duration":1832,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/93-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/93-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/93-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/93-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-93-code-for-germany-gute-taten-mit-offenen-daten","url":"https://api.media.ccc.de/public/events/c95ae46b-dc34-55fd-bff7-026a9d252de9","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"1a12a734-c498-535b-9292-831e529a14c2","title":"Rosa Listen","subtitle":null,"slug":"36c3-101-rosa-listen","link":"https://fahrplan.chaos-west.de/36c3/talk/GZGQK3/","description":"\"Eine Regierung hat auch die Pflicht uns vor zukünftigen Regimen zu schützen.\" Anhand der Rosa Liste möchte ich aufzeigen weshalb das ein wichtiger Grundsatz moderner Demokratien ist.\n\nIn der Weimarer Republik und der Ersten Republik Österreich wurden Listen angelegt in denen zahlreiche Daten über tatsächliche oder vermeintliche Homosexuelle gesammelt und auf Vorrat gespeichert wurden. In der NS-Diktatur wurden diese Listen genutzt, um eine möglichst große Anzahl Homosexueller in Konzentrationslager (KZ) zu bringen. In diesen bekamen sie den berühmten Rosa Winkel als Kennzeichnung, wodurch sie auch Repressalie von anderen Insassen ausgesetzt waren. Noch heute gilt die Rosa Liste als eines der schlimmsten Beispiele wie auf Vorrat gespeicherte Daten missbraucht werden können.\n\nAls Datenschützer und Bisexueller möchte ich näher auf diesen besonderen Teil der Geschichte eingehen und aufzeigen was daraus lernen sollten.","original_language":"deu","persons":["Erwin Ernst 'eest9' Steinhammer"],"tags":["36c3-chaoswest","101","2019","Queer","ChaosWest"],"view_count":714,"promoted":false,"date":"2019-12-27T21:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-17T12:15:06.116+01:00","length":2048,"duration":2048,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/101-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/101-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/101-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/101-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-101-rosa-listen","url":"https://api.media.ccc.de/public/events/1a12a734-c498-535b-9292-831e529a14c2","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"7d85c7cf-6c84-490f-b78d-ef3ecfab2b4c","title":"Harry Potter and the Not-So-Smart Proxy War","subtitle":"Taking a look at a covert CIA virtual fencing solution","slug":"36c3-10642-harry_potter_and_the_not-so-smart_proxy_war","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10642.html","description":"In this talk we will take a look at the 'Vault 7' Protego documents, which have received very little attention so far, and challenge the assertion that Protego was a 'suspected assassination module for [a] GPS guided missile system ... used on-board Pratt \u0026 Whitney aircraft' based on system block diagrams, build instructions and a few interesting news items. In addition, we will discuss hypothetical weaknesses in systems like it.\n\nIn March 2017, WikiLeaks published the 'Vault 7' series of documents detailing 'cyber' activities and capabilities of the United States' Central Intelligence Agency (CIA). Among a wide variety of implant \u0026 exploit frameworks the final documents released as part of the dump, related to a project code-named 'Protego', stood out as unusual due to describing a piece of missile control technology rather than CNO capabilities. As a result, these documents have received comparatively little attention from the media and security researchers.\n\nWhile initially described by WikiLeaks as a 'suspected assassination module for [a] GPS guided missile system ... used on-board Pratt \u0026 Whitney aircraft', a closer look at the documents sheds significant doubt on that assertion. Instead, it seems more likely that Protego was part of an arms control solution used in covert CIA supply programs delivering various kinds of weapons to proxy forces while attempting to counteract undesired proliferation.\n\nIn this talk we will take a look at the Protego documents and show how we can piece quite a bit of information together from a handful of block diagrams, some build instructions and a few news articles. \n\nFinally, we will discuss the potential weaknesses of such 'lockdown' systems which have been proposed for and are deployed in everything from theft prevention solutions and livestock management to firearms control and consumer UAVs.","original_language":"eng","persons":["Jos Wetzels"],"tags":["36c3","10642","2019","Security","Main"],"view_count":6952,"promoted":false,"date":"2019-12-28T18:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-04-04T11:00:05.421+02:00","length":2153,"duration":2153,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10642-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10642-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10642-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10642-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10642-harry_potter_and_the_not-so-smart_proxy_war","url":"https://api.media.ccc.de/public/events/7d85c7cf-6c84-490f-b78d-ef3ecfab2b4c","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"c6250135-e22e-5951-be50-4710f1064ed6","title":"Buying Snacks via NFC with GNU Taler","subtitle":null,"slug":"36c3-oio-186-buying-snacks-via-nfc-with-gnu-taler","link":"https://talks.oio.social/36c3-oio/talk/MMB78C/","description":"##### Motivation\nIn the digital age the privacy has become an important matter. But with\nthe current digital payment methods the privacy of the user is not\nguaranteed. To avoid the data sharing, the Taler team implemented a\ndigital form of cash.\n\n##### Project\nTo demonstrate the payment system we developed an interface for a snack\nmachine based on GNU Taler. This implementation allows the customer to\npay with a smartphone app via NFC or QR-Code.\n\n##### Team\nThe project was realized by Taler in cooperation with two students from\nBern University of Applied Sciences.\n\nIn the talk the audience will become a little insight into the GNU Taler Project and the aim of the developed Snack Machine Interface. The approach to develop an interface between the Taler Backend and the snack machine will be explained as well as the challenges which come with such a project. Further the implemented hard- and software stacks are presented.","original_language":"eng","persons":["Dominik Hofer"],"tags":["36c3-oio","186","2019","Hardware \u0026 Making","OpenInfrastructureOrbit"],"view_count":1092,"promoted":false,"date":"2019-12-27T21:20:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-21T01:15:04.705+01:00","length":1038,"duration":1038,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/186-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/186-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/186-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/186-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-186-buying-snacks-via-nfc-with-gnu-taler","url":"https://api.media.ccc.de/public/events/c6250135-e22e-5951-be50-4710f1064ed6","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"4385a0b5-c8e5-406c-8b19-70b0dab9ca4d","title":"Hackers \u0026 makers changing music technology","subtitle":null,"slug":"36c3-10548-hackers_makers_changing_music_technology","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10548.html","description":"I will explore the ways in which music is influenced by making and hacking, including a whistle-stop tour of some key points in music hacking history.\n\nThis starts with 1940s Musique Concrete and Daphne Oram’s work on early electronic music at the BBC, and blossoms into the strange and wonderful projects coming out of the modern music hacker scenes in London and Berlin, including a pipe organ made of Furbies, a sound art marble run, robotic music machines, gesture controlled moon cellos, and singing circuit sculptures. I'll also be sharing some of own work, plus my favourite new ways to make embedded instruments, including plenty of amazing Open Source hardware and software.","original_language":"eng","persons":["Helen Leigh"],"tags":["36c3","10548","2019","Art \u0026 Culture","Main"],"view_count":1378,"promoted":false,"date":"2019-12-30T14:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-04T11:30:11.034+01:00","length":2639,"duration":2639,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10548-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10548-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10548-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10548-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10548-hackers_makers_changing_music_technology","url":"https://api.media.ccc.de/public/events/4385a0b5-c8e5-406c-8b19-70b0dab9ca4d","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"d9efd4c6-fbd8-45c3-b3cd-74dcd37dc03d","title":"Connected Mobility hacken: digital.bike.23","subtitle":" Von E-Bikes in der Connected Mobility zur Entstehung eines nachhaltigen Open-Source-E-Bike-Projekts","slug":"36c3-10990-connected_mobility_hacken_digital_bike_23","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10990.html","description":"Was haben E-Bikes mit Connected Mobility zu tun? Und ist so was wie LineageOS auch für Bike Computer möglich? Außerdem: wie lassen sich Cradle to Cradle Prinzipien auf E-Bikes anwenden? Der Vortrag gibt einen Einblick in die Rolle von E-Bikes in der Connected Mobility und umreißt ihren Stand der Technik. Zudem berichtet er von den Herausforderungen, ein nachhaltiges Open-Source-E-Bike zu entwickeln. Last but not least möchte er die Idee eines Open-E-Bike-Wiki vorstellen.\n\nDank Vernetzung auf allen Ebenen soll Mobilität sicherer, umweltfreundlicher, humancentered etc. werden. Fokus ist natürlich der Automotive Bereich. Da wird entwickelt, was das Zeug hält. Aber was ist mit E-Bikes? Sie haben durch ihre On-Board-Komponentenvernetzung perfekte Voraussetzungen für Connected und Smart. Deshalb jagt ein Hardware- und Sofwareupgrade inzwischen das nächste. Detaillierte Userdaten landen auf den Servern der Hersteller, dank proprietärer Software aller relevanten Komponenten. \nDer Vortrag beschäftigt sich im ersten Teil mit Connected Mobility und dem Stand der Technik bei E-Bikes - ein Fokus: Ihre Konnektivitätsoptionen und die Sensorvielfalt. Und es geht um Sinn und Unsinn des Technikeinsatzes. \nIm zweiten Teil geht es um das eigentliche e-Bike-Projekt. Der Vortrag erzählt von den Eigenheiten der Fahrzeugkonstruktion inspiriert von Cradle to Cradle und den Stand der Dinge der IT – Open Source, Open Embedded und Open IoT - aus der Sicht einer Produktdesignerin, die keine Hackerin ist und gern alles offen und transparent entwickeln würde und anwender*innenfreundliche Applikationen sucht. Und er erzählt von der Idee den IT-Dschungel zu lichten: der Erstellung eines Open-E-Bike-Wikis.","original_language":"deu","persons":["Jo Tiffe"],"tags":["36c3","10990","2019","Resilience \u0026 Sustainability","Main"],"view_count":935,"promoted":false,"date":"2019-12-29T11:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2025-04-30T02:30:03.670+02:00","length":3042,"duration":3042,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10990-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10990-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10990-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10990-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10990-connected_mobility_hacken_digital_bike_23","url":"https://api.media.ccc.de/public/events/d9efd4c6-fbd8-45c3-b3cd-74dcd37dc03d","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"ca958208-abe7-4840-b938-193780eafca0","title":"Unpacking the compromises of Aadhaar, and other digital identities inspired by it","subtitle":"Governments around the world are implementing digital identity programs that don't work","slug":"36c3-10885-unpacking_the_compromises_of_aadhaar_and_other_digital_identities_inspired_by_it","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10885.html","description":"Aadhaar is India's national biometric identity database, with over one billion records comprising fingerprints, iris scans and basic demographic information. It is presented as identity technology, allowing an individual to identify themselves, but also as an identification technology, allowing the state to see an individual, identify fraudulent welfare beneficiaries, and thus realise savings. These claims are not complementary. They are in fact contradictory, compromising each other. If one must be true, the other must somehow be false, and this is the reality of Aadhaar.\n\nThis talk will demonstrate how Aadhaar's attempt to be a cure for all kinds of ailments has in fact resulted in large scale exclusion and fraud. We will look at a series of design assumptions in Aadhaar's architecture, the gaps in them, and then examples of how these gaps were exploited, from public news reports.\n\nAadhaar is often touted as a revolutionary technology that has simultaneously given identity to billions and realised substantial savings from fraud for the government. These utopian visions are finding buyers around the world. Jamaica, Morocco and Kenya have all adopted projects inspired by Aadhaar, and more countries are following suit.\n\nUnfortunately, Aadhaar is not magic, and there is now an urgent need for a sober understanding to be taken worldwide.\n\nThe Kaarana project began in 2017 as a collaboration between programmers and lawyers, to document architectural assumptions and their impact on human rights. The project's findings were presented as evidence to the Supreme Court of India in 2018, and are acknowledged in a scathing dissent by Justice Chandrachud (September 2018). This dissent was in turn cited by the Supreme Court of Jamaica to shut down a biometric identity program in that country (April 2019). In September 2019, Kaarana member Anand Venkatanarayanan also appeared as a witness in the Supreme Court of Kenya in a petition against Huduma Namba, the Kenyan biometric identity program.\n\nWe hope that this presentation at CCC will help public interest technologists from around the world prepare for a critical examination of similar programs in their countries.","original_language":"eng","persons":["Kiran Jonnalagadda"],"tags":["36c3","10885","2019","Ethics, Society \u0026 Politics","Main"],"view_count":665,"promoted":false,"date":"2019-12-30T13:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-11-10T10:45:04.727+01:00","length":2309,"duration":2309,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10885-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10885-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10885-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10885-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10885-unpacking_the_compromises_of_aadhaar_and_other_digital_identities_inspired_by_it","url":"https://api.media.ccc.de/public/events/ca958208-abe7-4840-b938-193780eafca0","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"6cc4edbc-3a34-50f6-b4eb-470226e10e5a","title":"Chaosradio 255","subtitle":null,"slug":"36c3-117-chaosradio-255","link":"https://fahrplan.das-sendezentrum.de/36c3/talk/EF7D3Z/","description":"Auf dem 36c3 macht das Chaosradio endlich das Byte voll! Marcus Richter redet mit Leuten, die auf diesem Congress interessante Dinge berichtet, zerforscht oder aufgefahren haben.\n\nDas Chaosradio ist ein Podcast des Chaos Computer Club Berlin (CCCB). In dem zweistündigen Format informieren wir über technische und gesellschaftliche Themen – und das seit 1995.","original_language":"deu","persons":["Marcus Richter","Anne Roth","robbi5","ubahnverleih","1komona","fluepke"],"tags":["36c3-sendezentrum","117","2019","DLF- und Podcast-Bühne","Sendezentrum"],"view_count":1926,"promoted":false,"date":"2019-12-29T23:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-05T10:00:12.719+01:00","length":7092,"duration":7092,"thumb_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/117-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/117-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/117-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/117-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-117-chaosradio-255","url":"https://api.media.ccc.de/public/events/6cc4edbc-3a34-50f6-b4eb-470226e10e5a","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"8157d5e6-d04e-457e-87ef-9124a7284ec6","title":"Wie klimafreundlich ist Software? ","subtitle":"Einblicke in die Forschung und Ausblick in die Umweltzertifizierung! ","slug":"36c3-10852-wie_klimafreundlich_ist_software","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10852.html","description":"Das Umweltbundesamt hat in 2012 mit der Forschung der Umweltrelevanz von Software begonnen. Ziel der Forschung war es, die gegenseitige Beeinflussung von Hard- und Software zu erfassen, zu bewerten und geeignete Maßnahmen zu entwickeln, die es ermöglichen, die Inanspruchnahme von natürlichen Ressourcen durch Software zu reduzieren. \nIm Vortrag wollen Marina Köhn (Umweltbundesamt) und Dr. Eva Kern (Umwelt-Campus Birkenfeld) die Messergebnisse aus dem Labor der Forschung präsentieren und die entwickelte Methode des Forschungsprojektes erläutern. Weiterhin möchten wir die Inhalte des geplanten Umweltzeichens für Software vorstellen. \n\nDas Zusammenwirken von Hard- und Software, also zum Beispiel von Computer und Betriebssystem, ist vergleichbar mit einem Buch und dem Inhalt des Buches. Fehlt ein Teil dieser Einheit, ist der Bestimmungszweck nicht mehr gegeben. Ein Computer ist zusammengesetzt aus verschiedenen Komponenten, die unterschiedliche Aufgaben wahrnehmen. Die Software ist die Logik, die das Ausführen dieser Aufgaben ermöglicht. Zwar ist Software, ähnlich wie Wissen, immateriell, jedoch benötigt sie die Hardwareressourcen, um existieren zu können. Softwareprodukte sind somit ein wesentlicher Bestandteil der Informations- und Kommunikationstechnik (IKT). \nIn den letzten Jahren wurden einige Anstrengungen unternommen, um die IKT nachhaltiger zu gestalten. Beispielsweise wurden die Energieeffizienz der IKT-Produkte gesteigert, Anforderungen an das Energiemanagement der Geräte gestellt und neue ressourcenschonende Hardwarearchitekturen entwickelt. Konkrete Anforderungen an das Design und die Programmierung von Soft-ware, die die Energieeffizienz der Hardware unterstützen, sind bisher nicht vorhanden. Obwohl Hardware und Software, wie oben erläutert, eine Einheit bilden und die Art und Weise der Softwarearchitektur und -programmierung große Auswirkung auf den entsprechenden Hardwarebedarf haben, fehlen konkrete Anforderungen. Das Fehlen der Anforderungen an Softwareprodukten hat zur Folge, dass die Energieeffizienzgewinne der Hardware durch ineffiziente Software oder schlechte Softwarekonzepte nicht oder nur teilweise zum Tragen kommen. \nVor diesem Hintergrund hat das Umweltbundesamt in 2012 mit der Forschung der Umweltrelevanz von Software begonnen. Ziel der Forschung war es, die gegenseitige Beeinflussung von Hard- und Software zu erfassen, zu bewerten und geeignete Maßnahmen zu entwickeln, die es ermöglichen, die Inanspruchnahme von natürlichen Ressourcen durch Software zu reduzieren. \nIm Forschungsprojekt „Entwicklung und Anwendung von Bewertungsgrundlagen für ressourceneffiziente Software unter Berücksichtigung bestehender Methodik“ des Umweltbundesamtes  (UBA 2018) wurde zusammen mit dem Öko-Institut, den Umwelt-Campus Birkenfeld und der ETH Zürich eine Bewertungsmethodik entwickelt, anhand derer der Energiebedarf, die Inanspruchnahme von Hardware-Ressourcen sowie weitere umweltbezogene Eigenschaften von Softwareprodukten ermittelt werden können. \nDer Vergleich verschiedener Softwareprodukte mit gleicher Funktionalität macht deutlich, dass es teils erhebliche Unterschiede zwischen den Produkten gibt. \nBei der Ausführung eines Standardnutzungsszenario werden die Unterschiede der Energieeffizienz zwischen den Softwareprodukten erkennbar. Dies ist vor allem vor dem Hintergrund relevant, dass die übermäßige Beanspruchung von Hardware dazu führt, dass die Pro-grammausführung länger dauert und es im schlimmsten Fall dazu führt, dass diese vermeintlich langsame Hardware ausgemustert und durch neue, schnellere Hardware ersetzen wird.\nLabels und Zertifizierungen, wie es sie seit langem schon für den Bereich der Hardware existieren, gibt es im Softwarebereich jedoch nicht. Das ändert sich demnächst! Wir haben erfolgreich Kriterien für das Umweltzeichen Blauer Engel für energie- und ressourcensparende Software entwickelt. Wir hoffen, dass wir mit dem Umweltzeichen eine Debatte über umweltverträgliche Software auslösen werden und wir hoffen, dass viele Software-Entwickler*innen und Hersteller von Software sich zukünftig an diese Kriterien orientieren. \n","original_language":"deu","persons":["Marina Köhn","Eva Kern"],"tags":["36c3","10852","2019","Resilience \u0026 Sustainability","Main"],"view_count":2538,"promoted":false,"date":"2019-12-27T12:50:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-23T16:45:08.087+01:00","length":3520,"duration":3520,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10852-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10852-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10852-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10852-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10852-wie_klimafreundlich_ist_software","url":"https://api.media.ccc.de/public/events/8157d5e6-d04e-457e-87ef-9124a7284ec6","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"43a6348b-a644-49c3-95e6-0b3be36f74ed","title":"Aus dem Schimpfwörterbuch der neuen Rechten","subtitle":null,"slug":"36c3-10935-aus_dem_schimpfworterbuch_der_neuen_rechten","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10935.html","description":"Der Vortrag gibt auf der Basis umfangreicher korpuslinguistischer Analysen einen Überblick über den Fundus herabwürdigender und ausgrenzender Ausdrücke, die in rechten und rechtsextremen Onlinediskursen geprägt wurden. In den tiefensemantischen Strukturen des invektiven Wortschatzes der neuen Rechten wird ein stark schematisiertes Weltbild sichtbar, das von der grundlegenden Verachtung nicht nur des Fremden, sondern auch des eigenen Landes, seiner Institutionen, seiner Werte und seiner Bevölkerung geprägt ist. \n\nDas gesteigerte Maß an Ausgrenzung und gesellschaftlicher Polarisierung, das seit dem Wiedererstarken rechter Parteien und Denkweisen in Deutschland zu verzeichnen ist, ist nicht die einzige Errungenschaft, die wir den neuen Rechten zu verdanken haben. Sie haben auch den Wortschatz um ein schier unerschöpfliches Repertoire an Schimpfwörtern bereichert. Deren Spektrum reicht von unüblichen Verknüpfungen von Wortbestandteilen wie bei \"Journhalunke\" oder \"GEZStapo\", über die produktive Verfremdung von Eigennamen wie im Fall von \"K(r)amp(f)-K(n)arrenbauer\" oder \"Merkill\", Hyperbolisierungen wie \"Superübergutbestmenschen\" oder Satzkomposita wie \"IchseheauswieeinkonservativerCSUKatholikundwerdedeshalbvondenganzenDeppengewähltweildasjanichtsoeinGrünerist\" (Winfried Kretschmann) bis hin zu Gleichsetzungen zur Denunziation von Kritik wie in \"Waffen=Rassismus=rächtz=Nazi=Gefahr=Erderwärmung\". \n\nIm Vortrag sollen zunächst die wichtigsten sprachlichen Strategien zur Bildung herabwürdigender Ausdrücke vorgestellt werden, ehe in einem zweiten Schritt der invektive Wortschatz zu einzelnen Politik- und Gesellschaftsbereichen in Auswahl präsentiert wird. Basis der Untersuchung bildet eine umfangreiche korpuslinguistische Analyse einschlägiger rechter und rechtsextremer \"Nachrichten\"-Seiten, Blogs, Kommentarspalten und Foren aus den Jahren von 2012 bis 2019, die mehr als 25.000 Schimpfwörter zutage färderte.\n\nDer Vortrag will nicht nur das Offensichtliche zeigen: Dass für die neuen Rechten herabwürdigendes und ausgrenzenden Sprechen zentrales Medium der politischen Auseinandersetzung ist. Vielmehr wird in den vielfältigen Formen herabwürdigenden Sprechens ein Weltbild sichtbar, das von wenigen Grundunterscheidungen geprägt ist. Auch wird sich zeigen, dass die neuen Rechten sich als eine Schmähgemeinschaft konstituieren und das Land, in dem sie leben, seine Bürger_innen und seine Institutionen nachhaltig verachten. \n","original_language":"deu","persons":["josch"],"tags":["36c3","10935","2019","Science","Main"],"view_count":7893,"promoted":false,"date":"2019-12-29T23:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-30T18:30:06.411+02:00","length":2462,"duration":2462,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10935-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10935-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10935-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10935-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10935-aus_dem_schimpfworterbuch_der_neuen_rechten","url":"https://api.media.ccc.de/public/events/43a6348b-a644-49c3-95e6-0b3be36f74ed","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"4936d1ae-70a7-4588-9a7b-3538f3b07fae","title":"No source, no problem! High speed binary fuzzing","subtitle":null,"slug":"36c3-10880-no_source_no_problem_high_speed_binary_fuzzing","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10880.html","description":"Modern grey-box fuzzers are the most effective way of finding bugs in complex code bases, and instrumentation is fundamental to their effectiveness. Existing instrumentation techniques either require source code (e.g., afl-gcc, ASan) or have a high runtime performance cost (roughly 10x slowdown for e.g., afl-qemu).\nWe introduce Retrowrite, a binary rewriting framework that enables direct static instrumentation for both user-mode binaries and Linux kernel modules. Unlike dynamic translation and trampolining, rewriting code with Retrowrite does not introduce a performance penalty. We show the effectiveness of Retrowrite for fuzzing by implementing binary-only coverage tracking and ASan instrumentation passes. Our binary instrumentation achieves performance similar to compiler-based instrumentation.\n\nFuzzing is the method of choice for finding security vulnerabilities in software due to its simplicity and scalability, but it struggles to find deep paths in complex programs, and only detects bugs when the target crashes. Instrumentation greatly helps with both issues by (i) collecting coverage feedback, which drives fuzzing deeper into the target, and (ii) crashing the target immediately when bugs are detected, which lets the fuzzer detect more bugs and produce more precise reports. One of the main difficulties of fuzzing closed-source software is that instrumenting compiled binaries comes at a huge performance cost. For example, simple coverage instrumentation through dynamic binary translation already incurs between 10x and 100x slowdown, which prevents the fuzzer from finding interesting inputs and bugs.\n\nIn this talk we show how we used static binary rewriting for instrumentation: our approach has low overhead (comparable to compile-time instrumentation) but works on binaries. \nThere are three main techniques to rewrite binaries: recompilation, trampoline insertion and reassembleable assembly. Recompilation is the most powerful but it requires expensive analysis and type recovery, which is an open/unsolved problem. Trampolines add a level of indirection and increase the size of the code, both of which have a negative impact on performance. Reassembleable assembly, the technique that we use, suffers from neither problem. In order to produce reassembleable assembly, we first disassemble the binary and then symbolize all code and data references (replacing offsets and references with references to unique labels). The output can then be fed to a standard assembler to produce a binary. Because symbolization replaces all references with labels, we can now insert instrumentation in the code and the assembler will fix the references for us when reassembling the binary.\nSymbolization is possible because references to code and global data always use RIP-relative addressing in the class of binaries that we support (position-independent x86_64 binaries). This makes it easy to distinguish between references and integer constants in the disassembly.\n\nWe present Retrowrite, a framework for static binary rewriting that can add efficient instrumentation to compiled binaries and scales to real-world code. Retrowrite symbolizes x86_64 position-independent Linux binaries and emits reassembleable assembly, which can be fed to instrumentation passes. We implement a binary version of Address Sanitizer (ASan) that integrates with the source-based version. Retrowrite’s output can also be fed directly to AFL’s afl-gcc to produce a binary with coverage-tracking instrumentation. RetroWrite is openly available for everyone to use and we will demo it during the presentation.\n\nWe also present kRetrowrite, which uses the same approach to instrument binary kernel modules for Linux. While many devices can be used with open-source drivers, some still require binary drivers. Device drivers are an inviting target for attackers because they run at the highest privilege level, and a buggy driver could result in full system compromise. kRetrowrite can instrument binary Linux modules to add kCov-based coverage tracking and KASan instrumentation.","original_language":"eng","persons":["Nspace","gannimo"],"tags":["36c3","10880","2019","Security","Main"],"view_count":1947,"promoted":false,"date":"2019-12-29T16:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-27T20:45:05.572+01:00","length":3568,"duration":3568,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10880-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10880-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10880-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10880-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10880-no_source_no_problem_high_speed_binary_fuzzing","url":"https://api.media.ccc.de/public/events/4936d1ae-70a7-4588-9a7b-3538f3b07fae","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"1c7eab0e-c799-49cd-b0f3-46acf5e1ab60","title":"Confessions of a future terrorist","subtitle":"A rough guide to over-regulating free speech with anti-terrorist measures","slug":"36c3-11045-confessions_of_a_future_terrorist","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11045.html","description":"We will examine the European Commission’s proposal for a regulation on preventing the dissemination of terrorist content from as a radical form of censorship. Looking at the rationale and arguments of policy-makers in Brussels, we will discuss normalisation of a “do something doctrine” and “policy-based evidence”. How can citizens and activists influence that legislative process? And what does it mean if they won’t?\n\nFear of terrorism as a tool for dissent management in the society is utilised almost everywhere in the world. This fear facilitates the emergence of laws that give multiple powers to law enforcement, permanently raising threat levels in cities around the world to “code yellow”. A sequel of that show is now coming to a liberal democracy near you, to the European Union. The objective of the terrorist content regulation is not to catch the bad guys and girls, but to clean the internet from images and voices that incite violence. But what else will be cleaned from in front of our eyes with this law with wide definitions and disproportionate measures? \n\nIn the Brussels debate, human rights organisations navigate a difficult landscape. On one hand, acts of terrorism should be prevented and radicalisation should be counteracted; on the other, how these objectives can be achieved with such a bad law? Why are Member States ready to resign from judicial oversight over free speech and hand that power to social media platforms? Many projects documenting human rights violations are already affected by arbitrary content removal decisions taken by these private entities. Who will be next?\n\nIn the digital rights movement we believe that the rigorous application of principle of proportionality is the only way to ensure that laws and subsequent practices will not harm the ways we exercise the freedom of speech online. Reaching to my experience as a lobbyist for protection of human rights in the digital environment, I want to engage participants in the conversation about the global society of the near future. Do we want laws that err on the side of free speech and enable exposure to difficult realities at the risk of keeping online the content that promotes or depicts terrorism? Or do we “go after the terrorists” at the price of stifling citizen dissent and obscuring that difficult reality? What can we do to finally have that discussion in Europe now that there is still time to act? \n","original_language":"eng","persons":["Anna Mazgal"],"tags":["36c3","11045","2019","Ethics, Society \u0026 Politics","Main"],"view_count":1322,"promoted":false,"date":"2019-12-28T22:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-01-24T01:15:09.288+01:00","length":3522,"duration":3522,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11045-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11045-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11045-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11045-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11045-confessions_of_a_future_terrorist","url":"https://api.media.ccc.de/public/events/1c7eab0e-c799-49cd-b0f3-46acf5e1ab60","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"8909a42b-c36a-58b3-af07-39f671ac9351","title":"Chaos-West Stage: Opening","subtitle":null,"slug":"36c3-164-chaos-west-stage-opening","link":"https://fahrplan.chaos-west.de/36c3/talk/U3SAXX/","description":"","original_language":"deu","persons":["Chaos-West"],"tags":["36c3-chaoswest","164","2019","ChaosWest"],"view_count":120,"promoted":false,"date":"2019-12-27T10:45:00.000+01:00","release_date":"2020-03-02T00:00:00.000+01:00","updated_at":"2026-01-05T22:15:21.852+01:00","length":238,"duration":238,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/164-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/164-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/164-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/164-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-164-chaos-west-stage-opening","url":"https://api.media.ccc.de/public/events/8909a42b-c36a-58b3-af07-39f671ac9351","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"a5a2ed60-072f-49b0-9193-2a6e1ea36ffa","title":"Hacking (with) a TPM","subtitle":"Don't ask what you can do for TPMs, Ask what TPMs can do for you","slug":"36c3-10564-hacking_with_a_tpm","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10564.html","description":"Trusted Platform Modules (TPMs) are nowadays included in all consumer-grade devices. Whilst \"the Trusted Platform Modules available for PCs are not dangerous, and there is no reason not to include one in a computer or support it in system software\" (Richard Stallman, GNU) they have yet to gain wide-ranged adoption, especially for the daily needs of your average nerd.\n\nThis talk will introduce OpenSource software and use cases that are already supported and how your everyday nerd can benefit from those by security your personal credentials, securing your system credentials, encrypting your storage and detecting BIOS manipulations. This talk is based on the https://tpm2-software.github.io contributions. It will also give a quick rundown to debunk some myths and call for participation in the OpenSource efforts for supporting more use cases via TPMs.\n\nTPMs provide several features. Most talked about are the capabilities to perform \"attestations\", i.e. to reliably determine the software (BIOS, OS, applications) that are running on a given system. Most commonly useful are its capabilities to act similar to a \"built-in smartcard\". It provides storage for keys and secrets on the device that can be protected by PINs, i.e. that are protected against bruteforce attacks. It further provides an encrypted swapping mechanism for such keys, enabling almost infinitely large storage for said keys.\n\nWith this range of features available at your average nerd's disposal, it would be a shame not to use them.\n\n1. Securing your personal credentials\nThe most frequent application of TPMs stems from logging into other system. This includes ssh client logins or browser based https client certificates and becomes even more frequent when put into context with git+ssh, git+https, sftp or webdav. All these technologies and mostly all implementation support PKCS11 to allow storage of secrets on a smartcard. But SmartCards or Yubikeys require extra readers, occupy USB-slots, have to be carried around.\n\nThe tpm2-pkcs11 library allows anyone to seamlessly use the TPM instead of an external smartcard. This approach provides much higher convenience compared to smartcards and even compared to passwords, since you merely need a short pin instead of a username+vErys3cur3passwor! combinations. It maps the smartcards property of possession to possession of the device, i.e. notebook.\n\n2. Securing your system credentials\nHeartbleed is old but the principle problem of having keys lay around in RAM and disk is as relevant as it used to be. This is where the tpm2-tss-engine for OpenSSL comes into play. It allows the use of TPM-based keys for authentication via TLS (server and client side). Of course, if your system get's owned, it's owned, but once the attacker is gone (reboot, update, etc), you can be sure that he could not have copied the private key. Thus, no revocation or similar action is needed.\n\n3. Encrypting your storage\nBasically \"BitLocker for Linux\" is the keyword. By extending LUKS(2) and cryptsetup, we're enabling anyone to encrypt their disk and protect there data from bruteforce password guessing if the device or disk ever got stolen. This even provides a lot more convenience, since the TPM operations can be faster than the typical KDF'ing and you can work with PINs and short passwords instead of vErys3cur3passwor! ones.\n\n4. Detecting BIOS manipulations\nTalks and news about evil maids, government trojans installed at airport inspections and BIOS-based backdoors are present anywhere. The tpm2-totp project is a clone of Matthew Garrets tpm-totp that he presented at 32c3. It enable the user to authenticate not only the device to be theirs, but also if the BIOS and kernel are still in the same state as they were when they left it.\n\nMost use cases are actually running code shipping with more and more distros.\nThe talk will give some deeper explanations into each of these and possibly some live demos.","original_language":"eng","persons":["Andreas Fuchs"],"tags":["36c3","10564","2019","Security","Main"],"view_count":3428,"promoted":false,"date":"2019-12-29T21:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-27T10:00:04.725+01:00","length":2267,"duration":2267,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10564-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10564-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10564-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10564-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10564-hacking_with_a_tpm","url":"https://api.media.ccc.de/public/events/a5a2ed60-072f-49b0-9193-2a6e1ea36ffa","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"223072ad-66d0-4fea-ac7a-0cf6c384d3b0","title":"Vom Ich zum Wir","subtitle":"Gesellschaftlicher Wandel in den Reden im Bundestag","slug":"36c3-10993-vom_ich_zum_wir","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10993.html","description":"Ein von Zeit Online entwickeltes Tool macht es möglich, die Plenarprotokolle des Bundestags grafisch und inhaltlich auszuwerten, und zwar seit seiner ersten Sitzung 1949 bis heute. In den 200 Millionen Wörtern zeigen sich historische Zäsuren, sie machen gesellschaftliche und sprachliche Entwicklungen sichtbar: Wie ernst nahm der Bundestag in den vergangenen Jahren den Klimawandel? Wie häufig redeten die Abgeordneten über Datenschutz, über Arbeitslosigkeit, über Rechtsextremismus, über Geflüchtete? Es wird sichtbar und vergleichbar, zu welchem Zeitpunkt welche Themen debattiert wurden, wie sich die politische Aufmerksamkeit über die Jahre verändert hat. Und die Daten belegen, wie die Sprache selbst sich verändert, nicht nur weil neue Themen aufkommen, sondern auch weil sich der Sprachgebrauch wandelt. Am Ende kann das Publikum selbst Wörter vorschlagen und versuchen, die entsprechenden Graphiken zu interpretieren.\n\nDie Protokolle des Bundestags decken einen Zeitraum von siebzig Jahren ab. In dieser Zeit hat sich die Bundesrepublik stark verändert und damit natürlich auch die im Bundestag verwendete Sprache. Manche Dinge sind trivial, z.B. dass Flüchtlinge einst Vertriebene waren oder dass mit Computernetzen zusammenhängende Wörter erst in neuerer Zeit auftauchen. Andere überraschen, z.B. dass seit der Wiedervereinigung mehr von Ostdeutschen als von Westdeutschen gesprochen wird. Anhand von einschlägigen Beispielen wollen wir erläutern, wie sich Sprache und mit ihr Politik verändert hat. Wir untersuchen die Rhetorik alter und neuer Rechter, die Rhetorik des \"Marktes\", der Krisen und natürlich auch die des gepflegten Beschimpfens.\n\nMit dem Tool lässt sich zeigen, welche Debatten groß und wortreich geführt wurden, welche klein und unbedeutend blieben, obwohl es vielleicht wichtig gewesen wäre, über die Themen zu debattieren. Die Sprache ist somit der Zugang zur Analyse der Politik des Parlaments.\n\nWoher stammen unsere Daten? \nWir haben die Protokolle aller Sitzungen des Deutschen Bundestages analysiert: 4.217 Protokolle aus 19 Legislaturperioden, insgesamt rund 200 Millionen Wörter. Sie stammen aus dem Open Data Portal des Bundestages. Jede Sitzung wird dort von Stenografen genau dokumentiert und auf diesem Portal veröffentlicht. Unsere Auswertung beginnt mit der ersten Sitzung am 7. September 1949 und endet mit der letzten Sitzung vor der Sommerpause 2019 — der Sondersitzung zur Vereidigung von Annegret Kramp-Karrenbauer als Verteidigungsministerin am 24. Juli 2019.","original_language":"deu","persons":["maha","Kai Biermann"],"tags":["36c3","10993","2019","Ethics, Society \u0026 Politics","Main"],"view_count":7584,"promoted":false,"date":"2019-12-27T14:10:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-02-23T18:30:08.056+01:00","length":3180,"duration":3180,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10993-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10993-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10993-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10993-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10993-vom_ich_zum_wir","url":"https://api.media.ccc.de/public/events/223072ad-66d0-4fea-ac7a-0cf6c384d3b0","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"3615eddc-bf2c-4c32-9f98-ba4738c82c90","title":"Gerechtigkeit 4.0","subtitle":"Makroökonomische Auswirkungen der Digitalisierung auf den Globalen Süden","slug":"36c3-11035-gerechtigkeit_4_0","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11035.html","description":"In den gegenwärtigen Debatten um die Digitalisierung werden systemische und strukturelle Auswirkungen der Digitalisierung auf Entwicklungs- und Schwellenländer und damit verbundene potentielle Risiken und Herausforderungen bislang kaum betrachtet und diskutiert. Ein schwerwiegendes Versäumnis, hatte doch bereits die Weltbank, einer der größten Förderer von IKT in den Ländern des Globalen Südens, in ihrem Weltentwicklungsbericht ‚Digital Dividende‘ (2016) selbstkritische eingeräumt, der digitale Wandel bleibe nicht nur hintern, sondern verschärfe die soziale Ungleichheit. \nDer Vortrag setzt sich mit der Frage auseinander, inwiefern die Digitalisierung zur Überwindung von Armut und sozialer Ungleichheit in den Ländern des Südens beitragen können. Erweitern sie die Chancen auf gesellschaftliche und ökonomische Teilhabe von benachteiligten Menschen oder verengen sie diese? \nSchwerpunkt der Analyse bildet die Auseinandersetzung mit dem digitalen Handel. Fast unbemerkt hat sich in der Handelspolitik eine neue Dynamik entwickelt. Führende Tech-Konzerne, allen voran die aus dem Silicon Valley, instrumentalisieren zunehmend das Handelsrecht für ihre Interessen. Dabei geht es längst nicht mehr nur um die Reduzierung von Zöllen auf digitale Produkte wie Software oder einheitliche Standards für Telekommunikationsdienste. Patente auf Künstliche Intelligenz sowie die (Nicht)Regulierung von Datenflüssen sind inzwischen auch Bestandteil handelsrechtlicher Regelungen und Gegenstand kontroverser Debatten in der Welthandelsorganisation WTO. Für die Länder des Globalen Südens – aber nicht nur für sie – steht dabei viel auf dem Spiel, einschließlich der Gefahr eines neuen, digitalen Kolonialismus. \nIm Vortrag zeigt zudem erste Ansätze zum Aufbau einer fairen und menschenwürdigen Digitalisierung auf. \n\n\nVom E-Commerce zum digitalen Handel\nVor 25 Jahren kaufte ein Internetnutzer aus Philadelphia, mit seiner Kreditkarte am Computer eine Audio-CD des Musikers Sting. Der elektronische Handel war geboren. Ein Jahr später ging Amazon mit seinem ersten Buch an den Start. Während in der Frühphase des E-Commerce vor allem materielle Güterverkauft wurde, kamen in der Folgezeit, aufgrund technischer Fortschritte, neue Produkte und Vermittlungswege hinzu. Eine Welt ohne digitale Dienstleistungen (wie der Fahrkartenkontrolle per App) und digital übermittelt Produkte (wie z. B. Video-Streaming) ist heutzutage nicht mehr vorstellbar. Mit der Verlagerung der gehandelten Güter von materiellen Produkten zu immateriellen wandelte sich auch die Begrifflichkeit. So verdrängte der Terminus des „digitalen Handels“ zunehmend den des „elektronischen Handels“. \n\nAsymmetrische Einbindung des globalen Südens \nMit dem digitalen Handel und der Digitalwirtschaft werden häufig große Hoffnungen für den Globalen Süden verknüpft. Die Schaffung neuer, digitaler Märkte sei mit hohen Wachstumsraten verbunden, einhergehend mit einer Steigerung des Wohlstandes, behaupten nicht nur Tech-Konzerne, sondern auch Akteure aus der Entwicklungszusammenarbeit.\n\nEin Bericht der Vereinten Nationen kommt jedoch zu einem anderen Ergebnis. Demnach verteilt sich der Handel mit digitalen, immateriellen Gütern noch ungleicher, als beim traditionellen, analogen Handel. Auch beim Handel mit IT-Produkten, wie Laptops oder GPS-Geräten, geraten die Entwicklungsländer ins Hintertreffen. Die ökonomischen Folgen für die Länder des Südens sind schwerwiegend: Viele Entwicklungsländer leiden unter (1) Handelsbilanzdefiziten, (2) geringeren Staatseinnahmen und (3) erschwerten Bedingungen zum Aufbau einer eigenen, lokalen Digitalwirtschaft. \n\nDaten – Der Zankapfel in neuen Handelsabkommen\nEin Anfang 2019 in Kraft getretenes Mega-regionales Handelsabkommen, dem elf Staaten angehören, darunter wichtige OECD-Länder (Japan, Kanada, Neuseeland, Australien, Chile, Mexiko), geht weit über bisherige Verträge zum digitalen Handel hinaus. Gleiches gilt für das von Trump vor drei Monaten abgeschlossene Handelsabkommen mit Japan. Beide verfolgen die Nicht-Regulierungsagenda des Silicon Valley, die seit 2000 zur offiziellen Handelspolitik der USA erklärt wurde. Demnach sollen in Handelsabkommen der USA folgenden Verbote hineinverhandelt werden:\n•\tVerbot von Zöllen\n•\tVerbot einer Digitalsteuer\n•\tVerbot lokaler Datenspeicherung\n•\tVerbot Quellcodes zu öffnen\n\nDigitalisierung von Wertschöpfungsketten\nNeben den hohen Wachstumsraten beim digitalen Handel, setzen viele Akteure aus der Entwicklungszusammenarbeit auch große Hoffnungen auf die Digitalisierung globaler Lieferketten. Sie versprechen sich davon gleich mehrere positive Impulse: Eine verbesserte Effizienz, mehr Produktivität und Transparenz sowie dem, aus entwicklungspolitischer Perspektive entscheidenden Faktor: Eine erhöhte Wertschöpfung für jene Menschen, die am Anfang der Lieferkette stehen, wie beispielsweise Kleinbauern in Kamerun\n\nErste Untersuchungen, u. a. am Beispiel ostafrikanischer Teeproduzenten, bestätigen diese Hoffnungen, allerdings nur zum Teil. Durch die Anbindung an das Internet hat sich die Kommunikation der Teepflücker mit anderen Akteuren aus der Lieferkette verbessert; auch können sie ihre Arbeit effizienter und transparenter gestalten. Trotz dieser Fortschritte hat sich jedoch die Einkommenssituation der Teepflücker*innen nicht verbessert, da die Anzahl potentieller Lieferant*innen mit gleichwertiger Qualitätsteigt an, wodurch diese verstärkt miteinander in Konkurrenz treten. \n\nFaire Gestaltung der Digitalisierung\n„There is no time to lose in taming the power of the digital. We can either surrender our digital future, or we can take ownership of it.” (‘Digital Justice Manifesto’, Just Net Coalition, November 2019).\nZum Schluss stell ich die einige Eckpfeiler für die Gestaltung einer Digitalisierung zugunsten der Menschen im Globalen Süden vor. ","original_language":"deu","persons":["Sven Hilbig"],"tags":["36c3","11035","2019","Ethics, Society \u0026 Politics","Main"],"view_count":736,"promoted":false,"date":"2019-12-30T11:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2024-10-21T20:15:04.085+02:00","length":2309,"duration":2309,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11035-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11035-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11035-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11035-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11035-gerechtigkeit_4_0","url":"https://api.media.ccc.de/public/events/3615eddc-bf2c-4c32-9f98-ba4738c82c90","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"50655a17-864e-4c33-beab-4996b8825565","title":"How to Break PDFs","subtitle":"Breaking PDF Encryption and PDF Signatures","slug":"36c3-10832-how_to_break_pdfs","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10832.html","description":"PDF is the most widely used standard for office documents. Supported by many desktop applications, email gateways and web services solutions, are used in all sectors, including government, business and private fields. For protecting sensitive information, PDFs can be encrypted and digitally signed. Assumed to be secure for 15 years, our talk reveals how to break PDF Encryption and how to break PDF Signatures. We elaborated novel attacks leading to critical vulnerabilities in all PDF viewers, most notably in Adobe, Foxit, and Okular. As a result, an attacker can retrieve the plaintext of encrypted PDFs without knowing the password and manipulate the content of digitally signed PDFs arbitrarily while a victim is unable to detect this.\n\nThe Portable Document Format (PDF) is the de-facto standard for document exchange worldwide. It is used to store sensitive information like contracts and health records. To protect this information PDF documents can be encrypted or digitally signed. Thus, confidentiality, authenticity, integrity, and non-repudiation can be achieved. In our research, we show that none of the PDF viewers achieve all of these goals by allowing an attacker to read encrypted content without the password or to stealthily modify the signed content. \n\nWe analyze the PDF encryption specification and show two novel techniques for breaking the confidentiality of encrypted documents. First, we abuse the PDF feature of partially encrypted documents to wrap the encrypted part of the document within attacker-controlled content and therefore, exfiltrate the plaintext once the document is opened by a legitimate user. Second, we abuse a flaw in the PDF encryption specification to arbitrarily manipulate encrypted content. The only requirement is that a single block of known plaintext is needed, and we show that this is fulfilled by design. Our attacks allow the recovery of the entire plaintext of encrypted documents by using exfiltration channels which are based on standard compliant PDF properties. \n\nIn addition, we present the first comprehensive security evaluation on digital signatures in PDFs. We introduce three novel attack classes which bypass the cryptographic protection of digitally signed PDF files allowing an attacker to spoof the content of a signed PDF. We analyzed 22 different PDF viewers and found 21 of them to be vulnerable, including prominent and widely used applications such as Adobe Reader DC and Foxit. We additionally evaluated eight online validation services and found six to be vulnerable.  \n\nAll findings have been responsibly disclosed, and the affected vendors were supported during fixing the issues. Our research on PDF security is also available online at https://www.pdf-insecurity.org/. ","original_language":"eng","persons":["Fabian Ising","Vladislav Mladenov"],"tags":["36c3","10832","2019","Security","Main"],"view_count":7495,"promoted":false,"date":"2019-12-27T16:10:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-12T22:30:07.714+01:00","length":3522,"duration":3522,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10832-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10832-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10832-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10832-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10832-how_to_break_pdfs","url":"https://api.media.ccc.de/public/events/50655a17-864e-4c33-beab-4996b8825565","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"8b2e0ac2-3c75-50d3-86bf-f171eb4f1dd9","title":"Look at ME! - Intel ME Investigation","subtitle":null,"slug":"36c3-149-look-at-me-intel-me-investigation","link":"https://fahrplan.chaos-west.de/36c3/talk/EZU78C/","description":"Look at ME! - Intel ME Investigation\n\nWith Intel's Firmware Support Package (FSP) and the recent release of a\n[redistributable firmware binary](https://edk2.groups.io/g/devel/message/50920/eml)\nfor the Management Engine, it has become possible to share full firmware images\nfor modern x86 platforms and potentially audit the binaries. Yet, reverse\nengineering, decompilation and disassembly are still not permitted. However,\nthanks to previous research, we can have a closer look at the binary data and\ncome to a few conclusions. This talk briefly summarizes the fundamentals of\ndeveloping custom and open source firmware, followed by a quick guide through\nthe process of analyzing the binaries without actually violating the terms to\nunderstand a few bits, and finally poses a statement on the political issues\nthat researchers, repair technicians and software developers are facing.","original_language":"eng","persons":["CyReVolt"],"tags":["36c3-chaoswest","149","2019","All about computers","ChaosWest"],"view_count":1235,"promoted":false,"date":"2019-12-27T17:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-04-04T11:45:03.669+02:00","length":1498,"duration":1498,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/149-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/149-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/149-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/149-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-149-look-at-me-intel-me-investigation","url":"https://api.media.ccc.de/public/events/8b2e0ac2-3c75-50d3-86bf-f171eb4f1dd9","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"d16de585-1439-4939-a309-7913c7d840a2","title":"Email authentication for penetration testers","subtitle":"When SPF is not enough","slug":"36c3-10730-email_authentication_for_penetration_testers","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10730.html","description":"Forget look-alike domains, typosquatting and homograph attacks. In this talk we will discuss ways of forging perfect email counterfeits that (as far as recipients can tell) appear to be coming from well-known domain and successfully pass all checks on their way. Prime focus of this talk will be modern anti-spoofing strategies and the ways around them. Join us as we try to figure out answers to questions such as \"Isn't SPF enough?\", \"Do I *really* need DMARC?\" and \"Does ticking all three (SPF, DKIM, DMARC) provide the best protection possible?\" (answers to these questions are \"no\", \"yes\", \"no\" by the way).\n\nEmail security is poorly covered by a contemporary penetration testing curricula. In this talk I will argue that it leads to underreporting of email-related security issues during regular penetration tests or red team assignments. Getting clicks from (at least some) users is usually fairly easy, even with obviously fake domain names and email addresses, so penetration testers rarely need to do anything more fancy in order to achieve their objective.\n\nWhile this highlights the need for user education, it misses common misconfiguration issues that might lead to much more devastating compromises and could instill false sense of security in (rare) cases that regular phishing attacks fail. Technically inclined users (such as developers, tech support or even SIEM analysts) are less likely than others to fall for phishing email originating from fake domain, but they are actually more likely to fall for email seemingly originating from real known-good source due to overconfidence.\n\nIn this talk we will see just how easy is it to send spoofed mail from arbitrary source address due to lack of protection for this scenario in original SMTP spec. We won't stop there however and our next object of focus will be contemporary anti-spoofing technologies (SPF, DKIM and DMARC). We will discuss motivation behind them, their technical limitations, weaknesses discovered in recent years as well as common misconfigurations. Attendees will gain knowledge about relevant protocols and technologies that should be applicable for identifying weaknesses in the architecture of their own email systems.","original_language":"eng","persons":["Andrew Konstantinov"],"tags":["36c3","10730","2019","Security","Main"],"view_count":3658,"promoted":false,"date":"2019-12-29T14:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-29T16:00:05.665+02:00","length":3712,"duration":3712,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10730-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10730-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10730-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10730-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10730-email_authentication_for_penetration_testers","url":"https://api.media.ccc.de/public/events/d16de585-1439-4939-a309-7913c7d840a2","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"a3b07fa5-e8bd-49ba-9263-b7626d51b0eb","title":"Lightning Talks Day 3","subtitle":null,"slug":"36c3-10525-lightning_talks_day_3","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10525.html","description":"Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick!\n\nTo get involved and learn more about what is happening please visit the Lightning Talks page in the 36C3 wiki.","original_language":"eng","persons":["gedsic","bigalex"],"tags":["36c3","10525","2019","CCC","Main"],"view_count":1697,"promoted":false,"date":"2019-12-29T11:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-02-23T17:15:06.413+01:00","length":7150,"duration":7150,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10525-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10525-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10525-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10525-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10525-lightning_talks_day_3","url":"https://api.media.ccc.de/public/events/a3b07fa5-e8bd-49ba-9263-b7626d51b0eb","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"797c2897-5903-57ae-9ad2-f5d4a9b5a79c","title":"Internet access and VoIP as Open/Commons Infrastructure","subtitle":null,"slug":"36c3-oio-145-internet-access-and-voip-as-open-commons-infrastructure","link":"https://talks.oio.social/36c3-oio/talk/BFEFPM/","description":"Some Initiatives are trying to provide internet access and VoIP dial-out in a user-owned (Commons Economy) or completely open infrastructure. We will present the state of affairs and invite to a discussion on the possible perspectives.","original_language":"eng","persons":["Sumy"],"tags":["36c3-oio","145","2019","Ethics, Society \u0026 Politics","OpenInfrastructureOrbit"],"view_count":195,"promoted":false,"date":"2019-12-30T13:58:00.000+01:00","release_date":"2020-01-22T00:00:00.000+01:00","updated_at":"2025-07-07T20:30:04.993+02:00","length":1115,"duration":1115,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/145-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/145-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/145-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/145-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-145-internet-access-and-voip-as-open-commons-infrastructure","url":"https://api.media.ccc.de/public/events/797c2897-5903-57ae-9ad2-f5d4a9b5a79c","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"78f23d24-3e17-53a6-8cbc-5ffc5fd0226c","title":"Reichlich Randale – Der feministische Jahresrückblick","subtitle":null,"slug":"36c3-110-reichlich-randale-der-feministische-jahresrckblick","link":"https://fahrplan.das-sendezentrum.de/36c3/talk/78BJ3S/","description":"Von antifeministischen Hasskampagnen bis zu Mental Load, von unangemessenen Preisvergaben bis zu intersektionalen Fragezeichen, von Megan Rapinoe bis zu Greta Thunberg – es gibt viel zu besprechen. Zeit für einen empowernden feministischen Jahresrückblick!\n\n„Reichlich Randale“ ist ein Personal-Pöbel-Podcast – inklusive exklusiver Becci-Rants.\n„Reichlich Randale“ ist feministisch, fußballverliebt, immer unterwegs, cinephil, laut, politisch, offen. Weil ich es bin.\n„Reichlich Randale“ erzählt euch ein bisschen aus meinem Leben, aber es fühlt sich gleichzeitig nach viel mehr an.\n\nHi, ich bin Becci (@genderbeitrag) und veranstalte mittlerweile traditionell auf dem Congress im Rahmen meines Podcasts „Reichlich Randale“ einen feministischen Jahresrückblick mit tollen Gäst*innen. Von antifeministischen Hasskampagnen bis zu Mental Load, von unangemessenen Preisvergaben bis zu intersektionalen Fragezeichen, von Megan Rapinoe bis zu Greta Thunberg – es gibt viel zu besprechen. Ich freue mich darauf, mich mit euch über empowernde Gedanken und Strukturen auszutauschen. Für intersektionale Solidarität und Freund:innenschaft!","original_language":"deu","persons":["Becci (@genderbeitrag)"],"tags":["36c3-sendezentrum","110","2019","DLF- und Podcast-Bühne","Sendezentrum"],"view_count":1146,"promoted":false,"date":"2019-12-28T21:45:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-05-13T11:00:05.652+02:00","length":3756,"duration":3756,"thumb_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/110-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/110-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/110-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/110-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-110-reichlich-randale-der-feministische-jahresrckblick","url":"https://api.media.ccc.de/public/events/78f23d24-3e17-53a6-8cbc-5ffc5fd0226c","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"b854982f-d696-40be-a2d2-15dc64a1f421","title":"What's left for private messaging?","subtitle":null,"slug":"36c3-10565-what_s_left_for_private_messaging","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10565.html","description":"It is easier to chat online securely today than it ever has been. Widespread adoption of signal, wire, and the private mode of WhatsApp have led a broader recognition of the importance of end-to-end encryption. There's still plenty of work to be done in finding new designs that balance privacy and usability in online communication.\n\nThis introduction to secure messaging will lay out the different risks that are present in communications, and talk about the projects and techniques under development to do better.\n\nThe talk will begin with a threat modeling exercise to be able to concretely talk about the different actors and potential risks that a secure messaging system can attempt to address. From there, we'll dive into end-to-end encryption, OTR and deniability, and then the axolotl construction used by Signal (and now the noise framework).\n\nThe bulk of the talk will focus on the rest of the problem which is more in-progress, and in particular consider the various metadata risks around communication. We'll survey the problems that can arise around contact discovery, network surveillance, and server compromise. In doing so, we'll look at the forays into communication systems that attempt to address these issues. Pond offered a novel design point for discovery and a global network adversary. Katzenpost adapts mixnets to limit the power of network adversaries and server compromise in a different way. Private Information Retrieval (PIR) trades off high server costs for a scheme that could more realistically work with mobile clients. Others, for instance Secure Scuttlebutt attempt to remove the need for infrastructural servers entirely with gossip and partial views of the network, a whole other set of tradeoffs.","original_language":"eng","persons":["Will Scott"],"tags":["36c3","10565","2019","Security","Main"],"view_count":42004,"promoted":false,"date":"2019-12-27T12:50:00.000+01:00","release_date":"2020-01-11T01:00:00.000+01:00","updated_at":"2026-03-28T01:00:04.533+01:00","length":3603,"duration":3603,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10565-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10565-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10565-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10565-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10565-what_s_left_for_private_messaging","url":"https://api.media.ccc.de/public/events/b854982f-d696-40be-a2d2-15dc64a1f421","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"775735a3-126f-43bc-be9e-ec0ed63ae438","title":"The Great Escape of ESXi","subtitle":"Breaking Out of a Sandboxed Virtual Machine","slug":"36c3-10505-the_great_escape_of_esxi","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10505.html","description":"VMware ESXi is an enterprise-class, bare-metal hypervisor developed by VMware for deploying and serving virtual computers. As the hypervisor of VMware vSphere, which is the world's most prevailing, state-of-the-art private-cloud software, ESXi plays a core role in the enterprise's cloud infrastructure. Bugs in ESXi could violate the security boundary between guest and host, resulting in virtual machine escape. While a few previous attempts to escape virtual machines have targeted on VMware workstation, there has been no public VMware ESXi escape until our successful demonstration at GeekPwn 2018. This is mainly due to the sandbox mechanism that ESXi has adopted, using its customized filesystem and kernel. In this talk, we will share our study on those security enhancements in ESXi, and describe how we discover and chain multiple bugs to break out of the sandboxed guest machine.\n\nDuring the presentation, we will first share the fundamentals of ESXi hypervisor and some of its special features, including its own customized bootloader, kernel, filesystem, virtual devices and so on. Next, we will demonstrate the attack surfaces in its current implementations and how to uncover security vulnerabilities related to virtual machine escape. In particular, we will anatomize the bugs leveraged in our escape chain, CVE-2018-6981 and CVE-2018-6982, and give an exhaustive delineation about some reliable techniques to manipulate the heap for exploitation, triggering arbitrary code execution in the host context. Meanwhile, due to the existence of sandbox mechanism in ESXi, code execution is not enough to pop a shell. Therefore, we will underline the design of the sandbox and explain how it is adopted to restrict permissions. We will also give an in-depth analysis of the approaches leveraged to circumvent the sandbox in our escape chain. Finally, we will provide a demonstration of a full chain escape on ESXi 6.7.","original_language":"eng","persons":["f1yyy"],"tags":["36c3","10505","2019","Security","Main"],"view_count":6068,"promoted":false,"date":"2019-12-27T20:50:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-26T19:15:06.887+01:00","length":2417,"duration":2417,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10505-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10505-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10505-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10505-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10505-the_great_escape_of_esxi","url":"https://api.media.ccc.de/public/events/775735a3-126f-43bc-be9e-ec0ed63ae438","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"67cb8a49-14b0-4448-a224-95a15d8f30a6","title":"15 Jahre deutsche Telematikinfrastruktur (TI)","subtitle":"Die Realität beim Arztbesuch nach 15 Jahren Entwicklung einer medizinischen Digitalstrategie","slug":"36c3-10895-15_jahre_deutsche_telematikinfrastruktur_ti","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10895.html","description":"Seit spätestens 2005 wird in Deutschland an der Einführung der Telematik Infrastruktur, kurz die TI, gearbeitet. Diese soll nicht weniger als die komplette Digitalisierung der deutschen Medizinbranche bedeuten. Vom Arzt, Krankenhaus, Psychotherapeut bis hin zum Apotheker sollen alle Heilberufler miteinander vernetzt werden. Der Patient soll dabei die Datenhoheit behalten, und seine Daten mittels elektronischer Gesundheitskarte, sowie alternativ per mobiler Smartphone App steuern.\n\nMit Gründung der Gematik GmbH am 11. Januar 2005 begann die offizielle Entwicklung der Telematik-Infrastruktur (TI). Ziel war die Einführung einer elektronischen Gesundheitskarte mitsamt einer Infrastruktur, die langfristig alle Teilnehmer der Medizinischen Versorgung miteinander vernetzen sollte.\nDer Arzt speichert alle Befunde samt Röntgen Bilder in der elektronischen Patientenakte (ePA) ab, kommuniziert verschlüsselt mit anderen Ärzten über die „Sichere Kommunikation zwischen Leistungserbringer“ (KOM-LE), der Medikationsplan ist digital verfügbar (eMP), das Rezept wird beim Apotheker digital eingelöst (E-Rezept) und im Notfall sind relevante Gesundheitsdaten (NFDM) auf der elektronischen Gesundheitskarte (eGK) des Patienten abgespeichert. So soll der digitale Arztbesuch der Zukunft aussehen.\nAllerdings ist nach 15 Jahren Entwicklung und 2 Milliarden Euro Investitionen nur ein Dienst der TI online, das Versichertenstammdatenmanagement (VSDM). Damit können die Stammdaten des Patienten, bspw. Adresse und Krankenkasse online beim Arzt aktualisiert werden, ohne Austausch der elektronischen Gesundheitskarte.\nNachdem dieser Dienst nun eingeführt wurde sollen zeitnah die nächsten oben aufgeführten Dienste online gehen. Die Spezifikationen, Zulassungsunterlagen sowie Feldtestkonzepte für diese Dienste sind dafür weitestgehend fertig.\nParallel zu der von der Politik und Gematik getriebenen Entwicklung setzten sich technik-affine Personen wie bspw. Thomas Maus mit der Technik auseinander und zeigten potentielle Probleme und ungelöste Fragestellungen. Nachdem die TI nun größtenteils online ist und die ersten Dienste in der Praxis genutzt werden ist es an der Zeit sich die konkrete Umsetzung anzuschauen, zu evaluieren und bei Bedarf entsprechend zu verbessern.\n\nDieser Vortrag soll einen aktuellen Überblick auf die Telematikinfrastruktur geben. Es werden die bestehenden Dienste (VSDSM) sowie die schon spezifizierten Dienste wie KOM-LE oder ePA vorgestellt. Insbesondere wird auf die Sicherheit der verschiedenen Systeme eingegangen. Die Schutzziele sowie die spezifizierten Methoden um diese Ziele zu erreichen werden dargestellt und grob analysiert. \nDabei zeigt sich dass die TI vor allem ein sehr komplexes System mit aktuell knapp 8000 Seiten Spezifikationen plus gute 1000 Seiten Konzepten ist.\nDazu ist das Projekt ein sogenanntes Running Target mit regelmäßigen Updates der Spezifikationen. Diese werden entweder durch Änderungen der Stand der Technik, oder durch Wünsche von Seiten der Politik, meist durch Gesetzte, in das Projekt hereingetragen.","original_language":"deu","persons":["Christoph Saatjohann"],"tags":["36c3","10895","2019","Security","Main"],"view_count":4385,"promoted":false,"date":"2019-12-29T22:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-29T01:00:03.723+01:00","length":2506,"duration":2506,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10895-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10895-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10895-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10895-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10895-15_jahre_deutsche_telematikinfrastruktur_ti","url":"https://api.media.ccc.de/public/events/67cb8a49-14b0-4448-a224-95a15d8f30a6","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"0f020c49-a754-5758-b794-25d84e0ac19a","title":"Freedombone - DIY Soziale Veränderung in Zeiten des Überwachungskapitalismus","subtitle":null,"slug":"36c3-144-freedombone-diy-soziale-vernderung-in-zeiten-des-berwachungskapitalismus","link":"https://fahrplan.chaos-west.de/36c3/talk/KPKBDU/","description":"Was wäre, wenn das Internet nicht wie ein feudaler Besitz regiert würde? Was\nwäre, wenn es von und für Leute, die es benutzen, betrieben würde?\n\nIch benutze Freedombone um der Geselschaft sowie auch allen Individuen zu\nermöglichen, die Datensouveränität aus dem free-to-use Model des\nÜberwachungskapitalismus zurück zu gewinnen. Durch die Möglichkeit [\"Server\nApps\"] ohne technisches Wissen mit 4 Klicks über einer Web UI zu installieren,\nist es möglich, dass Hobby-Admins ohne viel Zeit, sowie auch in Umgang mit\nServern und Hosting unerfahrene Menschen nicht bei der Inbetriebnahme scheitern.\n\nSomit kann jede Einzelperson oder eine Community das Internet als freies\nKommunikationmiittel wieder nutzen.Bei diesem Talk liegt der Fokus auf dem\nFediverse, die Vernetztung sozialer Bewegungen und dem nutzen Dienstprogramme.\n[\"Server Apps\"](https://freedombone.net/apps.html)\n\n\nEs ist eine Tatsache, dass Mainstream-Software kaputt ist und die Unternehmen,\ndie sie entwickeln, unzuverlässig und datenhungrig sind.\n\nDaher ist zu folgern, dass wir einen Bruchpunkt in der Gesichte des menschlichen\nInformationsaustausches erreicht haben. Die Rückgewinnung der Datensouveränität\nist bei Freedombone ein Selbstverständnis. **Du willst also deine eigenen\nInternetdienste betreiben, aber hast keine Zeit dies umzusetzen?**\n\n\nDie Konfiguration von Diensten wie E-Mail, Chat, VoIP, Websiten,\nDateisynchronisation, Wikis, Blogs, soziale Netzwerken (pleroma, zap, pixelfeed,\nua.), Medienhosting, Backups, VPN sind an sich schon ein nicht triviales\nUnterfangen. Das Ziel von \\[Freedombones\\](https://freedombone.net/) ist es die\nKonfiguration zu übernehmen. Freedombone ist ein Home-Server-System, mit dem du\nall diese Dinge von deinem Wohn- oder Hackerzimmer hosten kannst. Für die\nEinrichtung wird eine .img.xz [Image] auf einen USB Stick geladen. Nach dem\nersten Boot ist ein Email Server schon funktionsfähig. Standartmässig sind alle\nDienste im Internet über DNS im Clearnet aber auch im Darknet über TOR\nerreichbar.\n\nFreedombone ist ein AGPLv3 Open Source Projekt.\n[Git](https://code.freedombone.net/bashrc/freedombone)\n\nMein aktuelles Ziel, in diesem Jahr, war die Einbindung von Freifunk. Die\nWeboberfläche zeigt alle öffentlich bekannten Freifunk Nodes einer lokalen\nFreifunk Gruppe auf einer Karte an. Der Admin wählt den Konfig einer Freifunk\nGruppe. Seit Frühjahr arbeite ich auch an an einem GitlabCI System, welches das\nZiel hat die Wartung der Software des Projektes zu erleichtern.","original_language":"deu","persons":["Sw0rdDoom"],"tags":["36c3-chaoswest","144","2019","The real basic about Bits and Nibbles","ChaosWest"],"view_count":1119,"promoted":false,"date":"2019-12-27T14:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-21T13:30:06.446+01:00","length":1760,"duration":1760,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/144-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/144-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/144-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/144-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-144-freedombone-diy-soziale-vernderung-in-zeiten-des-berwachungskapitalismus","url":"https://api.media.ccc.de/public/events/0f020c49-a754-5758-b794-25d84e0ac19a","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"3617ab07-b4ec-422e-a5df-a6ca16d8f3c1","title":"Der Deep Learning Hype","subtitle":"Wie lange kann es so weitergehen?","slug":"36c3-11006-der_deep_learning_hype","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11006.html","description":"Deep Learning ist von einem Dead End zur ultimativen Lösung aller Machine Learning Probleme geworden - und einiger anderer auch. Aber wie gut ist dieser Trend wirklich? Und wie nachhaltig?\n\nWir setzen uns mit wissenschaftlicher Nachhaltigkeit, sozialen Auswirkungen, und den Folgen für unsere Ressourcen, unseren Energieverbrauch, und damit unseren Planeten auseinander.\n\nDeep Learning ist von einem Dead End zur ultimativen Lösung aller Machine Learning Probleme geworden. Die Sinnhaftigkeit und die Qualität der Lösung scheinen dabei jedoch immer mehr vom Buzzword Bingo verschluckt zu werden. \n\nIst es sinnvoll, weiterhin auf alle Probleme Deep Learning zu werfen? Wie gut ist sind diese Ansätze wirklich? Was könnte alles passieren, wenn wir so weiter machen? Und können diese Ansätze uns helfen, nachhaltiger zu leben? Oder befeuern sie die Erwärmung des Planetens nur weiter?\n\nWir setzen uns im Detail mit drei Fragestellungen auseinander:\n\n1. Wissenschaftliche Nachhaltigkeit: Wie gut sind die Ergebnisse wirklich? Was können die modernen neuronalen Netze und was können sie nicht? Und vor allem: Wo werden sie eingesetzt und wie sinnvoll ist das? KI Systeme, deren Beschreibung beeindruckend sind, produzieren nicht immer die besten Ergebnisse, und Reproduzierbarkeit, Evaluation, und Reflexion leiden unter Konkurrenzdruck und dem Publikationszyklus. Außerdem, welche Lösungen und Ansätze gehen im Deep Learning Hype unter? Dafür, dass sich so viele Forscher*innen mit dem Thema beschäftigen, zahlen wir damit, dass andere Themen, Ideen und Ansätze ignoriert werden - obwohl sie nützlich sein könnten.\n\n2. Gesellschaftliche Auswirkungen: Was macht das mit unserer Gesellschaft? Insbesondere die Maschinen, die auf irgendeiner Ebene versuchen, Menschen zu imitieren, aber auch viele Anwendungen, die wir alltäglich verwenden, haben einen grundlegenden Einfluss auf uns, der nicht immer ausreichend reflektiert wird. Maschinen können auch diskriminieren, unsere Entscheidungen beeinflussen, uns in falscher Sicherheit wiegen und Aufgaben übernehmen, denen sie überhaupt nicht gewachsen sind.\n\n3. Umwelteinfluss: Welche Ressourcen investieren wir? Rechenzentren, riesige Data Warehouses, Kryptocurrency-Berechnung und Compute Cluster haben einen nicht mehr vernachlässigbaren Einfluss auf unsere endlichen Ressourcen und den CO2-Haushalt, direkt und indirekt. Die Menge an Strom, Zeit, Platz und Material, die wir investieren, sind in den letzten Jahren massiv gewachsen. Wollen wir wirklich so weiter machen?","original_language":"deu","persons":["Nadja Geisler","Benjamin Hättasch"],"tags":["36c3","11006","2019","Resilience \u0026 Sustainability","Main"],"view_count":20265,"promoted":false,"date":"2019-12-28T14:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-29T17:45:05.589+02:00","length":3882,"duration":3882,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11006-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11006-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11006-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11006-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11006-der_deep_learning_hype","url":"https://api.media.ccc.de/public/events/3617ab07-b4ec-422e-a5df-a6ca16d8f3c1","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"cface55d-a792-55e0-9eda-d2e4a72b43fb","title":"FF-ESP32-OpenMPPT - New Freifunk-ISEMS-MPPT-Solar-Controller with integrated WiFi","subtitle":null,"slug":"36c3-oio-166-ff-esp32-openmppt-new-freifunk-isems-mppt-solar-controller-with-integrated-wifi","link":"https://talks.oio.social/36c3-oio/talk/G3LD3P/","description":"The Independent Solar Mesh System has a new hardware that will bring the power consumption, space and cost requirements of low cost WiFi relay stations down: FF-ESP32-.OpenMPPT\n\nIn order to build the cheapest energy autonomous WiFi relay possible, we have designed an update to the previous Freifunk-Open-MPPT-Solarcontroller. It has now integrated WiFi and Bluetooth, so it doesn't need an external WiFi router anymore, but you can still connect one. Technical data is preliminary at the moment, but power consumption will be between ~0.3 at low load and ~0.6 Watt at maximum load. So a 20 Watt Solar panel and a 12V 7Ah battery will be more than enough to keep the system running and relaying traffic all year.","original_language":"eng","persons":["Elektra Wagenrad"],"tags":["36c3-oio","166","2019","Hardware \u0026 Making","OpenInfrastructureOrbit"],"view_count":868,"promoted":false,"date":"2019-12-28T16:10:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-12-31T05:45:07.717+01:00","length":1007,"duration":1007,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/166-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/166-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/166-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/166-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-166-ff-esp32-openmppt-new-freifunk-isems-mppt-solar-controller-with-integrated-wifi","url":"https://api.media.ccc.de/public/events/cface55d-a792-55e0-9eda-d2e4a72b43fb","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"c2a08c53-3f8b-533e-8ec3-764a7ef9c5bb","title":"The dire Reality of the Climate Crisis","subtitle":null,"slug":"36c3-131-the-dire-reality-of-the-climate-crisis","link":"https://fahrplan.chaos-west.de/36c3/talk/ZQP3NG/","description":"Heat waves, wildfires and new movements like Fridays for Future and Extinction Rebellion have brought the climate crisis back into the news. If the world continues to emit greenhouse gases like today, the world will heat up by at least 3 degree celsius, potentially much more. Yet despite increased attention for the climate crisis no political action even remotely sufficient to tackle the problem is in sight.\n\nThe talk will give a brief overview of the state of the science of climate change, the politics and the scale of the challenge. It'll also give an overview of some - more or less scientific - worst case predictions that sometimes lead to claims that it's just \"too late to do something\", which may become a new form of justification for not doing anything.","original_language":"eng","persons":["Hanno Böck"],"tags":["36c3-chaoswest","131","2019","Klimakatastrophe","ChaosWest"],"view_count":1087,"promoted":false,"date":"2019-12-30T13:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-12-29T18:00:24.540+01:00","length":3104,"duration":3104,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/131-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/131-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/131-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/131-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-131-the-dire-reality-of-the-climate-crisis","url":"https://api.media.ccc.de/public/events/c2a08c53-3f8b-533e-8ec3-764a7ef9c5bb","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"5b826432-aae7-5fae-9fd0-85985b8b71cc","title":"The technical is political – tech’s role in oppression and what technicians can do against it","subtitle":"","slug":"36c3-150-the-technical-is-political-tech-s-role-in-oppression-and-what-technicians-can-do-against-it","link":"https://fahrplan.chaos-west.de/36c3/talk/QT7EV7/","description":"\u003cp\u003eWhere did all the nice things go? The World Wide Web had plenty. Everyone had Neopets, Geocities and Tom from MySpace as their top friend. Where did all the women go? Computing had plenty of them. The first computers were women. This talk is going to answer these and more questions. Starting with the technical underpinnings of the internet \u0026ndash; explained on a beginner-friendly level. It takes you through the history of the web and computing, focussing on the exclusion of women out of the work sphere. It will illustrate that the tech industry as a whole has been complicit in oppression for far too long, but also show recent examples of organised workers, trying to change things for the better. In the second part, it will use these learnings to make the case for building and promoting inclusive, accessible communities and websites. It\u0026rsquo;s time to take back the web. PSA: There might be occurrences of cats, trance dolphins and other mystical creatures of the digital sphere along the way.\u003c/p\u003e","original_language":"eng","persons":["Oscar"],"tags":["36c3-chaoswest","150","2019","Antifaschismus","ChaosWest"],"view_count":566,"promoted":false,"date":"2019-12-28T17:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-12T02:00:04.231+01:00","length":3181,"duration":3181,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/150-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/150-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/150-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/150-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-150-the-technical-is-political-tech-s-role-in-oppression-and-what-technicians-can-do-against-it","url":"https://api.media.ccc.de/public/events/5b826432-aae7-5fae-9fd0-85985b8b71cc","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"84ed569f-8e4b-5539-8151-3e53c7b7d184","title":"SearchWing - Rettungsdrohne im Mittelmeer","subtitle":null,"slug":"36c3-oio-189-searchwing-rettungsdrohne-im-mittelmeer","link":"https://talks.oio.social/36c3-oio/talk/T7XNAT/","description":"SearchWing baut eine Rettungsdrohne für die zivilen Rettungsorganisationen im Mittelmeer wie Sea-Watch, Sea-Eye und Resqship. Wir beschreiben den Aufbau, die Tests auf dem Mittelmeer, die Herausforderungen beim Bau und beim Einsatz des autonomen Flugzeugs und werfen einen Blick auf die verwendeten Bilderkennungsalgorithmen.\n\nWir helfen zivilen Rettungsorganisationen im Mittelmeer bei der Suche nach Schiffbrüchigen. In diesem Talk berichten wir von den Schwierigkeiten und Herausforderungen beim Bau einer autonomen Drohne, die für Einsatz im Mittelmeer geeignet ist. Wenn beispielsweise die Akkus auf dem Flughafen Hamburg im sicheren Schrank verbleiben, weil einer vergessen hat die Akkus für den Flug anzumelden... Wir erläutern den technischen Aufbau mit PixRacer Hardware, Mini Talon EPO Rumpf und den anderen Komponenten. Ungewöhnlich im Vergleich zum klassischen Modellflug ist der Long Range Telemetrie Funk, der große Akku (10000 mAh bei 2kg Fluggewicht) und das ganze Salzwasser :-(. Im Februar 2019 waren wir für Tests auf Malta und im Mai 2019 hat Björn dann den ersten Einsatz im Mittelmeer in Zusammenarbeit mit ResQShip e.V. gemacht. Deshalb können wir auch die Einsatzerfahrungen schildern - wie man das Flugzeug auf dem Schiff startet und landet. Zum Einstieg geben wir auch eine Zusammenfassung der Situation der Seenotrettung im Mittelmeer.\nUnser Flugzeug sammelt im Flug Bilder, die im Anschluss vom Flugzeug geladen und analysiert werden. Um diese manuelle Bildanalyse zu beschleunigen entwickelen wir auch Computer Vision Algorithmen - auch davon werden wir auf dem Talk einen Überblick geben. Eine Person aus dem Computervision-Team (Petrosilius) hatte bereits letztes Jahr auf der Freifunkbühne dazu einen Vortrag gehalten.","original_language":"deu","persons":["Friedrich Beckmann","KingBBQ"],"tags":["36c3-oio","189","2019","Ethics, Society \u0026 Politics","OpenInfrastructureOrbit"],"view_count":817,"promoted":false,"date":"2019-12-27T14:45:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-01-05T18:15:25.403+01:00","length":1688,"duration":1688,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/189-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/189-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/189-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/189-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-189-searchwing-rettungsdrohne-im-mittelmeer","url":"https://api.media.ccc.de/public/events/84ed569f-8e4b-5539-8151-3e53c7b7d184","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"7c4d240d-bdd2-4441-a044-83651b62068d","title":"Chaos Communication Slam","subtitle":null,"slug":"36c3-11242-chaos_communication_slam","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11242.html","description":"Chaos meets Poetry Slam. \nDer humoristische Dichterwettstreit mit Informatikhintergrund. Mitmachen ausdrücklich erwünscht.\n\nUnd keine Sorge, ein Poetry Slam hat nichts mit dem Ingeborg-Bachmann-Preis zu tun. Hierbei geht es um einen Wettkampf bei dem selbstgeschriebene Texte live vorgetragen werden. Prosa, Lyrik, lustige Geschichte, das ist eure Wahl. Erzählt von euren Sysadmin Lovestorys, WebDev-f*ckUps oder was auch immer euch auf der Seele liegt. \nFür Kurzentschlossene bieten wir euch davor noch einen Crash Kurs in Slam Poetry an, damit auch ihr das Publikum begeistern könnt und mit in das Finale einzieht. Die Session findet ihr zeitnah im Event-Wiki. Auf dieser Seite findet ihr auch eine Adresse, um euch für das große Event anzumelden.\nDurch den Abend begleitet euch das Slam-erfahrene Team der \"Slamigans\" aus dem Umfeld des Chaostreff Flensburg. Moderiert von Thorben Dittmar, früherer U20-Local aus dem Kühlhaus und ewiger zweiter Platz, stimmt das Publikum zusammen über die besten Beiträge ab. Das Siegertreppchen darf sich schon auf tolle Preise freuen. \nAlso schnell anmelden!","original_language":"deu","persons":["Thorben Dittmar"],"tags":["36c3","11242","2019","Entertainment","Main"],"view_count":2033,"promoted":false,"date":"2019-12-29T00:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2025-12-03T23:00:08.132+01:00","length":3996,"duration":3996,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11242-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11242-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11242-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11242-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11242-chaos_communication_slam","url":"https://api.media.ccc.de/public/events/7c4d240d-bdd2-4441-a044-83651b62068d","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"1a8d5fce-a813-5272-83d2-8c21a54a6516","title":"\"Unvorstellbare Einzelfälle\" und \"neue Phänomene\"? - Kontinuitäten des rechten Terrors","subtitle":"","slug":"36c3-121--unvorstellbare-einzelflle-und-neue-phnomene-kontinuitten-des-rechten-terrors","link":"https://fahrplan.chaos-west.de/36c3/talk/CBGVT9/","description":"\u003cp\u003eChristchurch, El Paso, Walter L\u0026uuml;bcke, Halle \u0026ndash; seit 2019 verbinden wir diese Orte und Namen mit rechtem Terror. Auf jeden Anschlag folgte auch in diesem Jahr eine \u0026ouml;ffentliche Debatte, in der rechter Terror meist als neues Ph\u0026auml;nomen erscheint. Je gr\u0026ouml;\u0026szlig;er jedoch die H\u0026auml;ufung der Anschl\u0026auml;ge, desto absurder erscheinen die Worte von \u0026bdquo;unvorstellbaren Einzelf\u0026auml;llen\u0026ldquo;, begangen von \u0026bdquo;verr\u0026uuml;ckten Einzelt\u0026auml;tern\u0026ldquo;. Diese Erz\u0026auml;hlungen haben einen anderen Zweck, als rechten Terror die Grundlage zu entziehen. Sie sollen sagen: \u0026sbquo;Wir h\u0026auml;tten es nicht wissen k\u0026ouml;nnen, h\u0026auml;tten nichts tun k\u0026ouml;nnen und werden auch zuk\u0026uuml;nftig nichts verhindern\u0026lsquo;. Dabei ist das Gegenteil der Fall: Rechter Terror hat auch nach 1945 nie aufgeh\u0026ouml;rt und obwohl an jedem Fall etwas Spezielles ist, so gibt es doch Gemeinsamkeiten und Kontinuit\u0026auml;tslinien. Rechtsterroristen und Rechtsterroristinnen wie etwa der NSU oder Anders Breivik k\u0026auml;mpften immer mit den Mitteln der Zeit f\u0026uuml;r die Umsetzung ihrer Ziele: Der Umsturz der Gesellschaft durch massive Gewalt, um ihre wahlweise autorit\u0026auml;re, heteronormative, v\u0026ouml;lkische Vision einer Volksgemeinschaft verwirklichen zu k\u0026ouml;nnen. Aus dieser Geschichte des rechten Terrors und den gesellschaftlichen Reaktionen darauf k\u0026ouml;nnen wir lernen ihnen etwas entgegenzusetzen. Caro Keller von NSU-Watch wird anhand exemplarischer F\u0026auml;lle die wichtigen Kontinuit\u0026auml;tslinien herausarbeiten. Vor diesem Hintergrund nimmt sie auch den aktuellen rechten Terror, Ph\u0026auml;nomene wie toxische M\u0026auml;nnlichkeit oder \u0026bdquo;Gamification of Terror\u0026ldquo; in den Blick. Es wird aufgezeigt, ob und wie wir als Antifaschist*innen und Gesellschaft dieses Wissen gegen rechten Terror einsetzen k\u0026ouml;nnen.\u003c/p\u003e","original_language":"deu","persons":["Caro Keller"],"tags":["36c3-chaoswest","121","2019","Antifaschismus","ChaosWest"],"view_count":1972,"promoted":false,"date":"2019-12-27T19:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-09T19:15:07.258+01:00","length":3106,"duration":3106,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/121-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/121-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/121-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/121-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-121--unvorstellbare-einzelflle-und-neue-phnomene-kontinuitten-des-rechten-terrors","url":"https://api.media.ccc.de/public/events/1a8d5fce-a813-5272-83d2-8c21a54a6516","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"386e040f-9f63-4f55-82cc-08aea9ced7c2","title":"phyphox: Using smartphone sensors for physics experiments","subtitle":"An open source project for education, research and tinkering","slug":"36c3-11195-phyphox_using_smartphone_sensors_for_physics_experiments","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11195.html","description":"Modern smartphones offer a whole range of sensors like magnetometers, accelerometers or gyroscopes. The open source app \"phyphox\", developed at the RWTH Aachen University, repurposes these sensors as measuring instruments in physics education.\n\nWhen put into a salad spinner, the phone can acquire the relation of centripetal acceleration and angular velocity. Its barometer can be used to measure the velocity of an elevator. And when using two phones, it is easy to determine the speed of sound with a very simple method.\n\nIn this talk, I will show these possibilities in demonstration experiments, discuss available sensors and their limitations and introduce interfaces to integrate phyphox into other projects.\n\nIn this talk, the developer of the app \"phyphox\" at the RWTH Aachen University will first introduce how sensors in smartphones can be used to enable experimentation and data acquisition in physics teaching with several demonstrations on stage. Available sensors and their limitations will be discussed along with interfaces allowing the integration of phyphox into other project, either as a means to access sensor data or to display data from other sources.\n\nThe app is open source under the GNU GPLv3 licence and available for Android (\u003e=4.0) and iOS (\u003e=8.0). It is designed around experiment configurations for physics education at school and university, allowing for a quick setup with a single tap. At the same time, these configurations may be modified by any user to set up customized sensor configurations along with data analysis and data visualization, defined in an XML format. These configurations are Turing complete and can easily be transferred via QR codes, so an experienced user (teacher) can create a specific configuration and allow less experienced users (students) to use it with ease.","original_language":"eng","persons":["Sebastian Staacks"],"tags":["36c3","11195","2019","Hardware \u0026 Making","Main"],"view_count":4002,"promoted":false,"date":"2019-12-27T14:10:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-29T12:15:05.841+02:00","length":3383,"duration":3383,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11195-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11195-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11195-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11195-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11195-phyphox_using_smartphone_sensors_for_physics_experiments","url":"https://api.media.ccc.de/public/events/386e040f-9f63-4f55-82cc-08aea9ced7c2","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"a8867501-5c89-48b5-9308-58413fd998a9","title":"How (not) to build autonomous robots","subtitle":"Fables from building a startup in Silicon Valley","slug":"36c3-10601-how_not_to_build_autonomous_robots","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10601.html","description":"Over the past 2 years we've been building delivery robots - at first thought to be autonomous. We slowly came to the realization that it's not something we could easily do; but only after a few accidents, fires and pr disasters.\n\nWe've all seen the TV show Silicon Valley, but have you actually peered underneath the curtain to see what's happening? In this entertaining talk, Sasha will share his first hand experience at building (and failing) a robotics delivery startup in Berkeley.\n\nOver the course of 2.5 years this startup built hundreds of robots, delivered thousands of orders, and had one robot stolen. The talk will look over the insanity that's involved with building an ambitious startup around a crazy vision; sharing the ups and downs of the journey. It will also touch up lightly on the technology that drives it and the simplistic approach to AI/machine learning this company took.","original_language":"eng","persons":["Sasha"],"tags":["36c3","10601","2019","Ethics, Society \u0026 Politics","Main"],"view_count":14819,"promoted":false,"date":"2019-12-27T17:30:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-21T00:15:06.279+01:00","length":3299,"duration":3299,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10601-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10601-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10601-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10601-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10601-how_not_to_build_autonomous_robots","url":"https://api.media.ccc.de/public/events/a8867501-5c89-48b5-9308-58413fd998a9","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"a8ea9881-0e74-5dc4-8ce4-74abadf19030","title":"Ein Teil davon. Wie feministische Hackspaces Gemeinschaft herstellen.","subtitle":null,"slug":"36c3-130-ein-teil-davon-wie-feministische-hackspaces-gemeinschaft-herstellen-","link":"https://fahrplan.chaos-west.de/36c3/talk/XFXE9Q/","description":"In den vergangenen Jahren haben sich immer mehr feministische Hackspaces in den verschiedensten Formen gegründet. Warum eigentlich? Was bewegt Menschen dazu, was macht einen feministischen Hackspace überhaupt aus und wie können wir alle davon lernen? Das habe ich in meiner Masterarbeit untersucht und bin dafür durch Deutschland gereist, um mit Mitgliedern feministischer Hackspaces zu sprechen. Im Ergebnis werden die Funktionen feministischer Hackspaces beleuchtet und analysiert, warum diese Räume für ihre Mitglieder so wichtig sind.\n\nUm das herauszufinden, habe ich mit dem qualitativen Forschungsstil der „Grounded Theory“ in einem zirkulären Verfahren Interviews geführt und ausgewertet. So habe ich ein Modell entwickelt, das zeigen kann, welche Kernfunktionen Hackspaces haben, welche Faktoren Menschen davon abhalten, in ihrem lokalen Hackspace aktiv zu werden, und wie feministische Hackspaces versuchen, diese Defizite auszugleichen.","original_language":"deu","persons":["Julia"],"tags":["36c3-chaoswest","130","2019","Nicht Computers","ChaosWest"],"view_count":942,"promoted":false,"date":"2019-12-27T16:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-10-19T15:15:03.381+02:00","length":2456,"duration":2456,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/130-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/130-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/130-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/130-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-130-ein-teil-davon-wie-feministische-hackspaces-gemeinschaft-herstellen-","url":"https://api.media.ccc.de/public/events/a8ea9881-0e74-5dc4-8ce4-74abadf19030","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"3ea84afe-51cf-5219-b658-79f331cdc381","title":"Storing energy in the 21st centruy","subtitle":null,"slug":"36c3-157-storing-energy-in-the-21st-centruy","link":"https://fahrplan.chaos-west.de/36c3/talk/RUCJJQ/","description":"The 21st century will be powered by electricity. I'm a journalist in the field of science and technology reporting. I followed the development of electricity storage and generation for over 10 years. In this talk I will outline the current state of electricity storage technology and its limitations. There is a gap between the intermittent availability of electricity generation and demand for it.\n\nCobalt and Lithium are increasingly limited in supply and their production is often produced using unsustainable means. Alternatives are being development and will be presented. Some of these technologies are in the form of chemical batteries and some use very surprisingly simple technologies.\n\nI will be giving an introduction into future technologies for electricity storage currently in development. Some of these are batteries without rare materials and others are not batteries at all.","original_language":"eng","persons":["Frank Wunderlich-Pfeiffer"],"tags":["36c3-chaoswest","157","2019","Nicht Computers","ChaosWest"],"view_count":1139,"promoted":false,"date":"2019-12-27T22:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-06T18:30:12.862+01:00","length":3155,"duration":3155,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/157-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/157-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/157-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/157-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-157-storing-energy-in-the-21st-centruy","url":"https://api.media.ccc.de/public/events/3ea84afe-51cf-5219-b658-79f331cdc381","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"e0cc4db9-1ca6-5ded-a3db-1625a22f27dd","title":"Refactoring qaul.net in Rust (Internet independent mesh communication App)","subtitle":null,"slug":"36c3-oio-143-refactoring-qaul-net-in-rust-internet-independent-mesh-communication-app-","link":"https://talks.oio.social/36c3-oio/talk/C33LPX/","description":"Concepts, goals, implementations and the lessons learned from rewriting qaul.net decentralized messenger in rust.\n\nqaul.net is a Internet independent wifi mesh communication app with fully decentralized messaging, file sharing and voice chat. At the moment we are rewriting the entire application in rust, implementing our experience of 8 years off the grid peer2peer mesh communication, with a mobile first approach and a network agnostic routing protocoll wich can do synchronous as well as delay tolerant messaging. \n\nWe are currently rewriting qaul.net 2.0 in rust with a new network agnostic routing protocol, identity based routing and delay tolerant messaging. The talk will show our learnings and the journey ahead of us at the alpha stage of the rewrite.\n\n* Homepage: https://qaul.net\n* Code Repository: https://git.open-communication.net/qaul/qaul.net","original_language":"eng","persons":["Mathias Jud"],"tags":["36c3-oio","143","2019","Hardware \u0026 Making","OpenInfrastructureOrbit"],"view_count":507,"promoted":false,"date":"2019-12-27T17:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-12T00:15:06.029+01:00","length":1552,"duration":1552,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/143-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/143-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/143-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/143-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-143-refactoring-qaul-net-in-rust-internet-independent-mesh-communication-app-","url":"https://api.media.ccc.de/public/events/e0cc4db9-1ca6-5ded-a3db-1625a22f27dd","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"3029ab5c-df83-48e5-9de6-69d3c222592f","title":"Understanding millions of gates ","subtitle":"Introduction to IC reverse engineering for non-chip-reverse-engineers. ","slug":"36c3-10976-understanding_millions_of_gates","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10976.html","description":"Reverse Engineering of integrated circuits is often seen as something only companies can do, as the equipment to image the chip is expensive, and the HR costs to hire enough reverse engineers to then understand the chip even more so. This talk gives a short introduction on the motivation behind understanding your own or someone else’s chip (as a chip manufacturing company), and why it might be important for the rest of us (not a chip manufacturing company). The focus is on understanding what millions of logical gates represent, rather than the physical aspect (delayering, imaging, image processing…), because everyone can do this at home. I will introduce some proposed countermeasures (like logic encryption) and explain if, how and why they fail. \n\n\nThe talk will give a general overview of the research field and explain why companies are interested in reverse engineering ICs (IP overproduction, Counterfeits, Hardware Trojans), as well as why it’s important for an end user (IC trust, chip failure). Then, I will very shortly introduce the reverse engineering workflow, from decapsulating, delayering, imaging, stitching, image processing and then come to the focus: netlist abstraction. The idea is to show some methods which are currently used in research to understand what netlists represent. Some theory will be explained (circuit design, formal verification of circuits, graph theory…), but I want to keep this to a minimum. Finally, I will show some current ideas on how to make reverse engineering difficult, as well as some attacks on these ideas. The talk does not give insights into how large companies do reverse engineering (i.e. throw money at the problem), but rather show the research side of things, with some of the methods published in the last couple of years, which is something everyone can do at home. \n","original_language":"eng","persons":["Kitty"],"tags":["36c3","10976","2019","Hardware \u0026 Making","Main"],"view_count":1979,"promoted":false,"date":"2019-12-30T12:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-18T00:45:06.158+01:00","length":2152,"duration":2152,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10976-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10976-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10976-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10976-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10976-understanding_millions_of_gates","url":"https://api.media.ccc.de/public/events/3029ab5c-df83-48e5-9de6-69d3c222592f","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"8dce9793-e9a7-47cd-b3f9-31ce288b5a10","title":"Algorithm | Diversion","subtitle":null,"slug":"36c3-11310-algorithm_diversion","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11310.html","description":"Before media art has emerged, traditional art and dance are already applying algorithms to make sophisticated patterns in their textures or movements. Hieda is researching the use of algorithm through creation of media installations and dialog with artists, dancers, choreographers and musicians. He also presents his current interest in machine learning and art which potentially exclude (or already excluding) some populations due to the dataset and modality.","original_language":"eng","persons":["Naoto Hieda"],"tags":["36c3","11310","2019","Art \u0026 Culture","Main"],"view_count":674,"promoted":false,"date":"2019-12-28T20:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2025-12-06T17:15:05.281+01:00","length":3352,"duration":3352,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11310-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11310-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11310-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11310-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11310-algorithm_diversion","url":"https://api.media.ccc.de/public/events/8dce9793-e9a7-47cd-b3f9-31ce288b5a10","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"9b04791e-1dac-5cdc-a8d1-c09496b584b8","title":"Was ist Zeit?","subtitle":null,"slug":"36c3-oio-195-was-ist-zeit-","link":"https://talks.oio.social/36c3-oio/talk/RUXX3H/","description":"Dort wo sich Physik und Philosophie treffen ist es Zeit, über Zeit zu sprechen.","original_language":"deu","persons":["Steini"],"tags":["36c3-oio","195","2019","Science","OpenInfrastructureOrbit"],"view_count":27169,"promoted":false,"date":"2019-12-28T23:00:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-29T01:00:05.483+01:00","length":3498,"duration":3498,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/195-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/195-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/195-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/195-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-195-was-ist-zeit-","url":"https://api.media.ccc.de/public/events/9b04791e-1dac-5cdc-a8d1-c09496b584b8","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"fecad3ac-349d-4363-b9c6-2516b77fdfb2","title":"Leaving legacy behind","subtitle":"Reducing carbon footprint of network services with MirageOS unikernels","slug":"36c3-11172-leaving_legacy_behind","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11172.html","description":"\u003cp\u003eIs the way we run services these days sustainable? The trusted computing base -- the lines of code where, if a flaw is discovered, jeopardizes the security and integrity of the entire service -- is enormous. Using orchestration systems that contain millions of lines of code, and that execute shell code, does not decrease this. This talk will present an alternative, minimalist approach to secure network services - relying on OCaml, a programming language that guarantees memory safety - composing small libraries (open source, permissively licensed) to build so-called MirageOS unikernels -- special purpose services. Besides web services, other digital infrastructure such as VPN gateway, calendar server, DNS server and resolver, and a minimalistic orchestration system, will be presented. Each unikernel can either run as virtual machine (KVM, Xen, BHyve, virtio), as a sandboxed process (seccomp which whitelists only 8 system calls), or in smaller containments (GenodeOS, muen separation kernel) -- even a prototypical ESP32 backend is available. Starting with an operating system from scratch is tough, lots of engineering hours have been put into the omnipresent ones. Reducing the required effort by declaring certain subsystems being out of scope -- e.g. hardware drivers, preemptive multitasking, multicore -- decreases the required person-power. The MirageOS project started as research project more than a decade ago at the University of Cambridge, as a minimal guest for Xen written in the functional programming language OCaml. Network protocols (TCP/IP, DHCP, TLS, DNS, ..), a branchable immutable store (similar and interoperable with git) are available. The trusted computing base is roughly two orders of magnitude smaller than contemporary operating systems. The performance is in the same ballpark as conventional systems. The boot time is measured in milliseconds instead of seconds. Not only the binary size of a unikernel image is much smaller, also the required resources are smaller: memory usage easily drops by a factor of 25, CPU usage drops by a factor of 10. More recently we focused on deployment: integration of logging, metrics (influx, grafana), an orchestration system (remote deployment via a TLS handshake, offers console access and an event log) for multi-tenant systems (policies are encoded in the certificate chain). We are developing, mostly thanks to public funding, various useful services: a CalDAV server storing its content in a remote git repository, an OpenVPN client and server, DNS resolver and server (storing zone files in a remote git repository) with let's encrypt integration, a firewall for QubesOS, image viewer mainly for QubesOS, ... The experience while developing such a huge project is that lots of components can be developed and tested by separate groups - and even used in a variety of different applications. The integration of the components is achieved in a type-safe way with module types in OCaml. This means that lots of errors are caught by the compiler, instead of at runtime.\u003c/p\u003e","original_language":"eng","persons":["Hannes Mehnert"],"tags":["36c3","11172","2019","Security","Main"],"view_count":10658,"promoted":false,"date":"2019-12-27T11:30:00.000+01:00","release_date":"2019-12-27T01:00:00.000+01:00","updated_at":"2026-04-02T17:15:05.113+02:00","length":3131,"duration":3131,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11172-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11172-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11172-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11172-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11172-leaving_legacy_behind","url":"https://api.media.ccc.de/public/events/fecad3ac-349d-4363-b9c6-2516b77fdfb2","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"1cc57eb1-b131-5ea5-b970-d4af83ceb573","title":"Hamnet – introduction into a wireless backbone","subtitle":null,"slug":"36c3-oio-165-hamnet-introduction-into-a-wireless-backbone","link":"https://talks.oio.social/36c3-oio/talk/JDASEQ/","description":"We take a quick dive into the Highspeed Amateurradio Multimedia NETwork the wireless backbone of the European Amatuerradio Community. It’s uses mostly commercial hardware on it’s own frequencies beneath the 2,4 and 5 GHz wifi bands. The net is routed with it’s own ipv4 private network consisting of multiple 44.xxx.000.000/16 blocs.\n\nA short overview on what the Hamnet is and how it came to be. Not forgetting all the challenges of technical and legal kind that come with running and building the Net.","original_language":"eng","persons":["Lars Rokita"],"tags":["36c3-oio","165","2019","Hardware \u0026 Making","OpenInfrastructureOrbit"],"view_count":772,"promoted":false,"date":"2019-12-27T16:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-10T19:45:11.681+01:00","length":1471,"duration":1471,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/165-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/165-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/165-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/165-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-165-hamnet-introduction-into-a-wireless-backbone","url":"https://api.media.ccc.de/public/events/1cc57eb1-b131-5ea5-b970-d4af83ceb573","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"c49cf6de-d9f4-50ba-aba2-cb326e3bd385","title":"Ansible all the Things","subtitle":null,"slug":"36c3-90-ansible-all-the-things","link":"https://fahrplan.chaos-west.de/36c3/talk/MXQBWP/","description":"In diesem Talk wird es um die Grundlagen von Ansible gehen, warum es für den Vortragenden das beste Werkzeug ist und welche alternativen es noch gibt.\nVom ersten Host Inventory im YAML Format über die kleine Rollen (NTP/Fail2Ban) und Playbooks bis hin zum ersten kompletten Einrichten des Rasberry Pi oder Servers mit eigenen Dotfiles und den Basic Paketen die man so braucht.\nAuch wird drauf eingegangen, wie und warum reproduzierbare Infrastruktur Builds das Leben eines Admins erleichtern können und im Alltag der händischen Arbeit vorzuziehen sind. Abschließen wird der Talk mit dem Thema \"Ansible Playbooks aus dem Internet herunterladen oder selbst machen?\" und worauf man achten sollte, wenn man Playbooks für mehrere unterschiedliche Linux Distributionen baut.","original_language":"deu","persons":["Heiko Borchers"],"tags":["36c3-chaoswest","90","2019","The real basic about Bits and Nibbles","ChaosWest"],"view_count":3200,"promoted":false,"date":"2019-12-27T14:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-17T08:45:04.186+01:00","length":804,"duration":804,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/90-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/90-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/90-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/90-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-90-ansible-all-the-things","url":"https://api.media.ccc.de/public/events/c49cf6de-d9f4-50ba-aba2-cb326e3bd385","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"07d665c5-5009-59fa-965d-1345a2822db5","title":"Linux auf dem Desktop","subtitle":null,"slug":"36c3-80-linux-auf-dem-desktop","link":"https://fahrplan.chaos-west.de/36c3/talk/AFYZ3V/","description":"2019 ist das Jahr des Linux auf dem Desktop!\n\nIch zeichne gerne Architekturdiagramme auf Whiteboards während dem [Pythonfoo](https://wiki.chaosdorf.de/Pythonfoo) im [Chaosdorf](https://chaosdorf.de). Weil daran anscheinend allgemeines Interesse besteht, habe ich in den letzten Monaten unregelmäßig die aktuellen Konzepte von modernen Desktop-Linux-Distributionen erklärt im Rahmen des [Freitagsfoo](https://wiki.chaosdorf.de/Freitagsfoo).\n\nDies richtet sich hauptsächlich an Leute, die Linux oder irgendein BSD benutzen - ich habe von Windows oder macOS leider wenig Ahnung und werde in die Richtung daher wohl eher weniger Querverweise machen können. Ich hoffe, das ist trotzdem interessant - oder es dauert wenigstens nicht zu lange.\n\nLeute, die vollständige moderne Desktopumgebungen benutzen, erfahren wie das eigentlich hinter den Kulissen alles funktioniert. Leute mit Arch+i3 lernen, was ihnen fehlt bzw. wie sie das nachrüsten können.","original_language":"deu","persons":["ytvwld"],"tags":["36c3-chaoswest","80","2019","The real basic about Bits and Nibbles","ChaosWest"],"view_count":4437,"promoted":false,"date":"2019-12-29T18:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-23T16:15:05.613+01:00","length":2269,"duration":2269,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/80-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/80-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/80-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/80-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-80-linux-auf-dem-desktop","url":"https://api.media.ccc.de/public/events/07d665c5-5009-59fa-965d-1345a2822db5","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"a01886bc-c6f6-5598-bdef-59d89b73def5","title":"Opening Session","subtitle":null,"slug":"36c3-oio-179-opening-session","link":"https://talks.oio.social/36c3-oio/talk/DQ3DBL/","description":"Eröffnung des OIO, der Bühne und Vorstellung aller Assemblies auf dem OIO","original_language":"deu","persons":["Peter"],"tags":["36c3-oio","179","2019","OIO","OpenInfrastructureOrbit"],"view_count":496,"promoted":false,"date":"2019-12-27T13:00:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-01-02T17:30:17.064+01:00","length":2234,"duration":2234,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/179-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/179-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/179-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/179-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-179-opening-session","url":"https://api.media.ccc.de/public/events/a01886bc-c6f6-5598-bdef-59d89b73def5","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"059f517a-6650-5cd5-82df-ece4f7b0adae","title":"NOTH1NG T0 HID3: go out and fix privacy!","subtitle":null,"slug":"36c3-78-noth1ng-t0-hid3-go-out-and-fix-privacy-","link":"https://fahrplan.chaos-west.de/36c3/talk/EMK8WQ/","description":"After the highly-successful presentation \"Toll of personal privacy in 2018\" at Chaos-West 35C3 where I talked about my personal experiences with trying to protect my privacy, this year I return with a completely* different talk that tries to convince the audience — you should care about privacy too!\n\nThis talk revisits the theme of personal privacy in the digital world, this time centring around the \"I've got nothing to hide\" argument. A beam of intensive light is shed upon the motivation behind caring about one's privacy. We go in depth into what we can do to stay private and should we even try to do it at all. We talk about where we as an global society were able to fix privacy and where we have failed. New topics previously not covered are discussed, such as herd immunity and certification programs.\n\n\\* 97%+","original_language":"eng","persons":["Kirils Solovjovs"],"tags":["36c3-chaoswest","78","2019","Nicht Computers","ChaosWest"],"view_count":1083,"promoted":false,"date":"2019-12-28T12:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-30T14:30:05.614+02:00","length":3189,"duration":3189,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/78-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/78-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/78-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/78-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-78-noth1ng-t0-hid3-go-out-and-fix-privacy-","url":"https://api.media.ccc.de/public/events/059f517a-6650-5cd5-82df-ece4f7b0adae","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"bc077e28-eeed-4852-a2b9-f5b4d8af714e","title":"(Post-Quantum) Isogeny Cryptography","subtitle":null,"slug":"36c3-10543-post-quantum_isogeny_cryptography","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10543.html","description":"There are countless post-quantum buzzwords to list: lattices, codes, multivariate polynomial systems, supersingular elliptic curve isogenies. We cannot possibly explain in one hour what each of those mean, but we will do our best to give the audience an idea about why elliptic curves and isogenies are awesome for building strong cryptosystems.\n\nIt is the year 2019 and apparently quantum supremacy is finally upon us [1,2]. Surely, classical cryptography is broken? How are we going to protect our personal communication from eagerly snooping governments now? And more importantly, who will make sure my online banking stays secure?\n\nThe obvious sarcasm aside, we should strive for secure post-quantum cryptography in case push comes to shove. Post-quantum cryptography is currently divided into several factions. On the one side there are the lattice- and code-based system loyalists. Other groups hope that multivariate polynomials will be the answer to all of our prayers. And finally, somewhere over there we have elliptic curve isogeny cryptography.\n\nUnfortunately, these fancy terms \"supersingular\", \"elliptic curve\", \"isogeny\" are bound to sound magical to the untrained ear. Our goal is to shed some light on this proposed type of post-quantum cryptography and bring basic understanding of these mythical isogenies to the masses. We will explain how elliptic curve isogenies work and how to build secure key exchange and signature algorithms from them. We aim for our explanations to be understandable by a broad audience without previous knowledge of the subject.\n\n[1] https://www.quantamagazine.org/john-preskill-explains-quantum-supremacy-20191002/\n[2] https://www.nature.com/articles/d41586-019-02936-3\n","original_language":"eng","persons":["naehrwert"],"tags":["36c3","10543","2019","Security","Main"],"view_count":5292,"promoted":false,"date":"2019-12-27T18:50:00.000+01:00","release_date":"2020-01-04T01:00:00.000+01:00","updated_at":"2026-01-28T15:00:10.808+01:00","length":3142,"duration":3142,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10543-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10543-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10543-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10543-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10543-post-quantum_isogeny_cryptography","url":"https://api.media.ccc.de/public/events/bc077e28-eeed-4852-a2b9-f5b4d8af714e","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"7d03fd50-1926-5de2-88c7-35a0403ef079","title":"KDE Itinerary - A privacy by design travel assistant","subtitle":null,"slug":"36c3-59-kde-itinerary-a-privacy-by-design-travel-assistant","link":"https://cfp.verschwoerhaus.de/36c3/talk/MH3WTA/","description":"Getting your itinerary presented in a unified, well structured and always up to date fashion rather than as advertisement overloaded HTML emails or via countless vendor apps has become a standard feature of digital assistants such as the Google platform. While very useful and convenient, it comes at a heavy privacy cost. Besides sensitive information such as passport or credit card numbers, the correlation of travel data from a large pool of users exposes a lot about people's work, interests and relationships. Just not using such services is one way to escape this, or we build a privacy-respecting alternative ourselves!\n\nStanding on the shoulders of KDE, Wikidata, Navitia, OpenStreetMap and a few other FOSS communities we have been exploring what it would take to to build a free and privacy-respecting travel assistant during the past two years, resulting in a number of building blocks and the \"KDE Itinerary\" application. In this talk we will look at what has been built, and how, and what can be done with this now. In particular we will review the different types of data digital travel assistants rely on, where we can get those from, and at what impact for your privacy.\n\nThe most obvious data source are your personal booking information. Extracting data from reservation documents is possible from a number of different input formats, such as emails, PDF files or Apple Wallet passes, considering structured annotations and barcodes, but also by using vendor-specific extractors for unstructured data. All of this is done locally on your own devices, without any online access.\n\nReservation data is then augmented from open data sources such as Wikidata and OpenStreetMap to fill in often missing but crucial information such as timezones or geo coordinates of departure and arrival locations. And finally we need realtime traffic data as well, such as provided by Navitia as Open Data for ground-based transport.\n\nShould the author fail to show up to this presentation it might be that his Deutsche Bahn ticket rendering code still needs a few bugfixes ;-)","original_language":"eng","persons":["Volker Krause"],"tags":["36c3-wikipakawg","59","2019","Science","WikiPakaWG"],"view_count":586,"promoted":false,"date":"2019-12-27T16:00:00.000+01:00","release_date":"2020-01-12T01:00:00.000+01:00","updated_at":"2025-10-12T17:15:06.865+02:00","length":2005,"duration":2005,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/59-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/59-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/59-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/59-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-59-kde-itinerary-a-privacy-by-design-travel-assistant","url":"https://api.media.ccc.de/public/events/7d03fd50-1926-5de2-88c7-35a0403ef079","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"1582b215-d610-4b56-83af-71cdb54e557c","title":"Grow your own planet","subtitle":"How simulations help us understand the Universe","slug":"36c3-10607-grow_your_own_planet","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10607.html","description":"This year the Nobel prize in physics was awarded to three astronomers changing the understanding of the Universe and finding the first exoplanet. This is a good reason to dive into astronomy,  numerics, and programming and to learn how modern astronomy creates the pictures and models of the reality we observe in the night sky.\nLet’s find out together how we can simulate the Universe and grow new planets – computationally!\n\nIn all ages people have gazed at the stars and tried to grasp the dimensions of the Universe and of the teeny-tiny marble we call our planet and wondered how unique it actually is. From the ancient geeks to Johannes Kepler to modern times we slowly advanced our understanding of the sky and the laws necessary to describe the orbits and evolution of all its objects. Nowadays computational power has greatly increased. So we can further our understanding of the Universe from basic, analytically computable orbits to the challenge of turbulent gas flows – only accessible with numerical simulations.\n\nLet's go on a journey through space and compare the data we observe with breath-taking accuracy using instruments like ALMA, VLT, Gaia, and Hubble Space Telescope to numerical simulations now possible due to computer clusters, multi-core CPU and GPU-calculations. We want to explore the physics and numeric algorithms we need to comprehend the Universe and travel to the unexplained territory of problems we can not quite solve yet.\n\nWe present three state-of-the-art hydrodynamics programs:\nPLUTO (by A. Mignone), FARGO3D (by P. Benítez Llambay and F. Masset) and AREPO (by V. Springel). All of them are free open source software and commonly used in research worldwide. Using their example, we demonstrate how hydrodynamics recreates many of the things we see in the sky, including planets.\n\nSimulations teach us how rare the formation of Earth was and show that there is no alternative planet in reach. In modern times we humans continue to gaze at the stars. Even without Planet B in sight, we are still fascinated with what we see. Numerical methods help us satisfy our thirst for knowledge and accelerate the research of the Universe.","original_language":"eng","persons":["miosta","caro"],"tags":["36c3","10607","2019","Science","Main"],"view_count":798,"promoted":false,"date":"2019-12-29T18:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2025-11-09T23:30:04.253+01:00","length":3689,"duration":3689,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10607-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10607-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10607-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10607-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10607-grow_your_own_planet","url":"https://api.media.ccc.de/public/events/1582b215-d610-4b56-83af-71cdb54e557c","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"5fa63167-2620-46ec-a34a-d7c11ce6c71f","title":"Open Source is Insufficient to Solve Trust Problems in Hardware","subtitle":"How Betrusted Aims to Close the Hardware TOCTOU Gap","slug":"36c3-10690-open_source_is_insufficient_to_solve_trust_problems_in_hardware","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10690.html","description":"\u003cp\u003eWhile open source is necessary for trustable hardware, it is far from sufficient. This is because \u0026ldquo;hashing\u0026rdquo; hardware \u0026ndash; verifying its construction down to the transistor level \u0026ndash; is typically a destructive process, so trust in hardware is a massive time-of-check/time-of-use (TOCTOU) problem. This talk helps us understand the nature of the TOCTOU problem by providing a brief overview of the supply chain security problem and various classes of hardware implants. We then shift gears to talk about ways to potentially close the TOCTOU gap, concluding with a curated set of verifiable components that we are sharing as an open source mobile communications platform \u0026ndash; a kind of combination hardware and software distribution \u0026ndash; that we hope can be useful for developing and deploying all manner of open platforms that require a higher level of trust and security. The inconvenient truth is that open source hardware is precisely as trustworthy as closed source hardware. The availability of design source only enables us to agree that the designer\u0026rsquo;s intent can be trusted and is likely correct, but there is no essential link between the hardware design source and the piece of hardware on your desk. Thus while open source is necessary for trustable hardware, it is far from sufficient. This is quite opposite from the case of open source software thanks to projects like Reproducible Builds, where binaries can be loaded in-memory and cryptographically verified and independently reproduced to ensure a match to the complete and corresponding source of a particular build prior to execution, thus establishing a robust link between the executable and the source. Unfortunately, \u0026ldquo;hashing\u0026rdquo; hardware \u0026ndash; verifying its construction down to the transistor level \u0026ndash; is typically a destructive process, so trust in hardware is a massive time-of-check/time-of-use (TOCTOU) problem. Even if you thoroughly inspect the design source, the factory could modify the design. Even if you audit the factory, the courier delivering the hardware to your desk could insert an implant. Even if you carried the hardware from the factory to your desk, an \u0026ldquo;evil maid\u0026rdquo; could modify your machine. This creates an existential crisis for trust \u0026ndash; how can we know our secrets are safe if the very hardware we use to compute them could be readily tainted? This talk addresses the elephant in the room by helping us understand the nature of the TOCTOU problem by providing a brief overview of the supply chain security problem and various classes of hardware implants. We then shift gears to talk about ways to potentially close the TOCTOU gap. When thinking about hardening a system against supply chain attacks, every component \u0026ndash; from the CPU to the keyboard to the LCD \u0026ndash; must be considered in order to defend against implanted screen grabbers and key loggers. At every level, a trade-off exists between complexity and the feasibility of non-destructive end-user verification with minimal tooling: a system simple enough to be readily verified will not have the equivalent compute power or features of a smartphone. However, we believe that a verifiable system should have adequate performance for a select range of tasks that include text chats, cryptocurrency wallets, and voice calls. Certain high-risk individuals such as politicians, journalists, executives, whistleblowers, and activists may be willing to use a device that forgoes bells and whistles in exchange for privacy and security. With this in mind, the \u0026lt;https://betrusted.io\u0026gt;Betrusted project brings together a curated set of verifiable components as an open source mobile communications platform - a combination open source hardware and software distribution. We are sharing Betrusted with the community in the hopes that others may adopt it as a reference design for developing and deploying all manner of open platforms that require a higher level of trust and security.\u003c/p\u003e","original_language":"eng","persons":["bunnie","Sean \"xobs\" Cross","Tom Marble"],"tags":["36c3","10690","2019","Hardware \u0026 Making","Main"],"view_count":14229,"promoted":false,"date":"2019-12-27T11:30:00.000+01:00","release_date":"2019-12-27T01:00:00.000+01:00","updated_at":"2026-03-20T00:45:04.661+01:00","length":3645,"duration":3645,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10690-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10690-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10690-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10690-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10690-open_source_is_insufficient_to_solve_trust_problems_in_hardware","url":"https://api.media.ccc.de/public/events/5fa63167-2620-46ec-a34a-d7c11ce6c71f","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"c4b8c3d3-6a28-4137-a532-e61a742b9e64","title":"Thrust is not an Option: How to get to Mars really slow","subtitle":null,"slug":"36c3-10918-thrust_is_not_an_option_how_to_get_to_mars_really_slow","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10918.html","description":"\u003cp\u003eIn this talk we will see how chaos can be used to find very peculiar trajectories for space crafts within the Solar System. To understand this, we will also have a short look at the basics of orbital mechanics as well as three-body problems.\u003c/p\u003e \n\n\u003cp\u003eWhen traveling to Mars in a space craft, you want to find a compromise between flight duration and fuel consumption. One common trajectory for achieving this is the so-called Hohmann transfer which takes about 9 months from Earth and needs two maneuvers, both of which are accelerations!\u003c/p\u003e\n\n\u003cp\u003eUsually, when modeling movement of space crafts, one uses the Kepler model of two massive bodies attracting each other via gravitation. In case you have more time available for a space journey, however, you might consider a third body in your calculations. This introduces a very chaotic behavior, which you can use in turn to find very special trajectories that allow you to get to various places spending a lot less fuel. Unfortunately this will be much slower.\u003c/p\u003e\n\n\u003cp\u003eThese special trajectories are called low-energy transfers and form a part of the so-called interplanetary transport network. There have been a handful of missions already using these trajectories, e.g. JAXA’s Hiten probe in 1990 and ESA’s BepiColombo which is en route to Mercury right now.\u003c/p\u003e\n\n\u003cp\u003eIn this talk we will have a short introduction to the ever-surprising world of orbital mechanics followed by a discussion of the three-body problem including Lagrangian points. We will then see what the so-called weak stability boundary is and how chaos can help us understand why these strange trajectories exist. No math knowledge required!\u003c/p\u003e","original_language":"eng","persons":["sven"],"tags":["36c3","10918","2019","Science","Main"],"view_count":1699,"promoted":false,"date":"2019-12-29T17:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2025-02-24T14:00:06.435+01:00","length":3605,"duration":3605,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10918-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10918-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10918-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10918-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10918-thrust_is_not_an_option_how_to_get_to_mars_really_slow","url":"https://api.media.ccc.de/public/events/c4b8c3d3-6a28-4137-a532-e61a742b9e64","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"66bbe840-baea-4ccf-af25-f81a3ae3dd44","title":"Quantum Computing: Are we there yet?","subtitle":"An introduction to quantum computing and a review of the progress we made in the last 5 years.","slug":"36c3-11039-quantum_computing_are_we_there_yet","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11039.html","description":"Five years ago I spoke about my work in quantum computing, building and running a tiny two qubit processor. A few weeks ago, Google announced a potentially groundbreaking result achieved with a 53 qubit quantum processor. I will therefore review the state of experimental quantum computing and discuss the progress we made in the last 5 years. I will explain quantum supremacy, surface code architecture and superconducting quantum processors and show which challenges we still have to overcome to build large scale quantum computers.\n\nWe will first dive into the basics of quantum computing and learn about quantum gates, fidelities, error correction and qubit architecture. We will then go through Google’s experiment and try to understand what they actually did and why it matters. We will then see what else we need to build a useful quantum computer, and discuss when that might happen.","original_language":"eng","persons":["Andreas Dewes"],"tags":["36c3","11039","2019","Science","Main"],"view_count":2396,"promoted":false,"date":"2019-12-29T16:10:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-21T05:00:05.439+01:00","length":3687,"duration":3687,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11039-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11039-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11039-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11039-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11039-quantum_computing_are_we_there_yet","url":"https://api.media.ccc.de/public/events/66bbe840-baea-4ccf-af25-f81a3ae3dd44","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"8e581acd-efbb-5bd7-a5a8-b32a75eca8ec","title":"Die Ereignisse in Hong Kong - Der Versuch einer Zusammenfassung","subtitle":null,"slug":"36c3-154-die-ereignisse-in-hong-kong-der-versuch-einer-zusammenfassung","link":"https://fahrplan.chaos-west.de/36c3/talk/MAFMDL/","description":"Was passiert überhaupt, wo und warum eigentlich? Diese Frage habe ich mir im Frühsommer diesen Jahres gestellt und da Twitter sich zwar \nsehr gut zur schnellen Verbreitung von Nachrichten, aber nicht zur längeren Archivierung eignet, habe ich angefangen für mich \nInformationen zu sammeln. Daraus entstanden ist eine relativ große Sammlung an Fotos, Tweets, Vides/Livestreams und aufgeschriebenen \nErfahrungen und Meinungen, von Menschen, die da waren oder noch sind zu vielen verschiedenen Themen. Was waren eigentlich die Auslöser der Proteste? Aus welchen gesellschaftlichen und politischen Gruppierungen speisen sich die Proteste? Wie lief die Mobilisierung? Was gab es für Probleme und wie wurde mit ihnen umgegangen? Dieser Vortrag wird ein, sehr grober und garantiert unvollständiger, Versuch eines Überblicks um Menschen den Einstieg in die Thematik zu erleichtern und ein kleiner Appell, sich in Zeiten in denen immer mehr Menschen nach rechts rücken und die Welt immer unfreier wird, sich auch mal mit Ereignissen zu beschäftigen, die einen vermeintlich nicht betreffen (Kleiner Spoiler: tun sie meißtens doch, weil die Errosion von Grund-, Menschen-, und Freiheitsrechten uns halt doch alle angehen auch, wenn es in knapp 9000 Kilometern Entfernung passiert.).","original_language":"deu","persons":["raketenlurch"],"tags":["36c3-chaoswest","154","2019","Nicht Computers","ChaosWest"],"view_count":1103,"promoted":false,"date":"2019-12-29T19:00:00.000+01:00","release_date":"2020-03-04T00:00:00.000+01:00","updated_at":"2026-02-16T19:00:07.583+01:00","length":1364,"duration":1364,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/154-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/154-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/154-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/154-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-154-die-ereignisse-in-hong-kong-der-versuch-einer-zusammenfassung","url":"https://api.media.ccc.de/public/events/8e581acd-efbb-5bd7-a5a8-b32a75eca8ec","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"7f3817cf-bab4-42f3-b4d8-95cfb1cee28b","title":"Listening Back Browser Add-On Tranlates Cookies Into Sound ","subtitle":"The Sound of Surveillance","slug":"36c3-10855-listening_back_browser_add-on_tranlates_cookies_into_sound","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10855.html","description":"‘Listening Back’ is an add-on for the Chrome and Firefox browsers that sonifies internet cookies in real time as one browses online. By translating internet cookies into sound, the ‘Listening Back’ browser add-on provides an audible presence for hidden infrastructures that collect personal and identifying data by storing a file on one’s computer. Addressing the proliferation of ubiquitous online surveillance and the methods by which our information flows are intercepted by mechanisms of automated data collection, ‘Listening Back’ functions to expose real-time digital surveillance and consequently the ways in which our everyday relationships to being surveilled have become normalised. This lecture performance will examine Internet cookies as a significant case study for online surveillance with their invention in 1994 being historically situated at the origins of automated data collection, and the commercialisation of the World Wide Web. I will integrate online browsing to demonstrate the ‘Listening Back’ add-on and explore it’s potential to reveal algorithmic data capture processes that underlie our Web experience.\n\n‘Listening Back’ is an add-on for the Chrome and Firefox browsers that sonifies internet cookies in real time as one browses online. Utilising digital waveform synthesis, ‘Listening Back’ provides an audible presence for hidden infrastructures that collect personal and identifying data by storing a file on one’s computer. By directing the listener’s attention to hidden processes of online data collection, Listening Back functions to expose real-time digital surveillance and consequently the ways in which our everyday relationships to being surveilled have become normalised. Our access to the World Wide Web is mediated by screen devices and ‘Listening Back’ enables users to go beyond the event on the screen and experience some of the algorithmic surveillance processes that underlie our Web experience.  This project therefore explores how sound can help us engage with complex phenomena beyond the visual interface of our smart devices by highlighting a disconnect between the graphical interface of the Web, and the socio-political implications of background mechanisms of data capture. By sonifying a largely invisible tracking technology ‘Listening Back’ critiques a lack of transparency inherent to online monitoring technologies and the broader context of opt in / default cultures intrinsic to contemporary modes of online connectivity. By providing a sonic experiential platform for the real-time activity of Internet cookies this project engages listening as a mode of examination and asks what is the potential of sound as a tool for transparent questioning? ","original_language":"eng","persons":["Jasmine Guffond"],"tags":["36c3","10855","2019","Art \u0026 Culture","Main"],"view_count":1907,"promoted":false,"date":"2019-12-28T19:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-07T06:15:03.942+01:00","length":2250,"duration":2250,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10855-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10855-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10855-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10855-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10855-listening_back_browser_add-on_tranlates_cookies_into_sound","url":"https://api.media.ccc.de/public/events/7f3817cf-bab4-42f3-b4d8-95cfb1cee28b","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"9da34e1b-b51c-5c43-9769-a71ae015028b","title":"Technische Kompetenzen vermitteln - nur wie?","subtitle":null,"slug":"36c3-76-technische-kompetenzen-vermitteln-nur-wie-","link":"https://fahrplan.chaos-west.de/36c3/talk/GVQMJW/","description":"Während Marketingabteilungen mit Buzzwords wie \"KI\", \"IoT\" und \"Blockchain\" um sich werfen, schütteln die meisten hier den Kopf. Und womit? Mit Recht. Vielen Anwender*innen und polizischen Entscheidungsträger*innen fehlt es aber schlicht an technischer Kompetenz, um Probleme wie Stalkerware, politische Einflussnahme durch soziale Medien und Algorithmen(ethik) im Kern zu begreifen.\n\nAber wie können wir die Erfahrungen und das Wissen in dieses Draußen vermitteln, um den Menschen eine Chance zu geben, nicht bei jeder kleinsten Gelegenheit auf die Dummschwätzer reinzufallen? Wie können wir positiv Einfluss nehmen auf die Gesellschaft, damit informierte Entscheidungen überhaupt möglich sind? Wie kriegen wir vermittelt, was technisch bereits alles möglich ist und was (noch) nicht?\n\nIn vier Jahren PrivacyWeek haben wir die Themenbreite der \"Digitalisierung\" (BINGO!) mehrfach durchgearbeitet und gemeinsam mit den Vortragenden kommen wir immer wieder zum selben Schluss: Es braucht mehr Aufklärung und technische Kompetenz in der Bevölkerung, um die Probleme, die die weltweite Vernetzung mit sich bringt, überhaupt zu begreifen und ihnen begegnen zu können. Und letztlich bleibt die Frage, wo wollen wir als CCC letztlich hin? Wie können wir einen Informationstransfer forcieren, der über einige im eigenen Saft kochenden Initiativen hinausgehnt? Und wollen wir das überhaupt?\n\nEine Zusammenstellung der inhaltlichen Learnings von vier Jahren PrivacyWeek.","original_language":"deu","persons":["jinxx"],"tags":["36c3-chaoswest","76","2019","The real basic about Bits and Nibbles","ChaosWest"],"view_count":1632,"promoted":false,"date":"2019-12-30T14:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-01-26T22:30:10.504+01:00","length":3111,"duration":3111,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/76-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/76-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/76-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/76-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-76-technische-kompetenzen-vermitteln-nur-wie-","url":"https://api.media.ccc.de/public/events/9da34e1b-b51c-5c43-9769-a71ae015028b","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"f08d3915-e3e2-5ffe-a0a7-f8358c74aada","title":"Fernostwärts: Digitale Widerstandsstrategien in Hongkong","subtitle":null,"slug":"36c3-119-fernostwrts-digitale-widerstandsstrategien-in-hongkong","link":"https://fahrplan.das-sendezentrum.de/36c3/talk/AAYM3Q/","description":"Deutschlands bester Asienpodcast präsentiert einen Überblick über sechs Monate Protest in Hongkong mit Fokus auf die strategische Nutzung von digitalen Tools und Memes.\n\nWir berichten seit Beginn der Proteste in Hongkong im Juni immer wieder mit Gästen oder aus unserer eigenen Berichterstattung über die politischen Entwicklungen in der Stadt. Beim Sendezentrum wollen wir auf sechs Monate Protest zurückblicken - mit besonderem Fokus auf die digitalen Strategien der Protestierenden und die politische und strategische Rolle von Memes und Protestart: Warum ist Telegram so wichtig, dass es einem Hackerangriff des chinesischen Staates ausgesetzt war? Wie entkommen viele Demonstrierende immer wieder Festnahmen der Polizei? Wo kommt die ganze Protestkunst her, die ununterbrochen weltweit und in der Hongkonger U-Bahn verteilt wird? Und welche neuen chinesischen Zeichen haben die Demonstrierenden kreiert, um ihre politischen Forderungen zu vermitteln?\n\nEine unserer Moderator*innen, Katharin, wird direkt von ihren Recherchen für journalistische Berichterstattung und ihren Talk auf dem 36C3 zu Hongkong berichten. Gegen Ende des Podcasts planen wir, Gäste mit Expertise zu Protesten in anderen Teilen der Welt (voraussichtlich Irak und Libanon, eventuell Indonesien oder Chile) mit an den Tisch zu holen, um uns über darüber auszutauschen, welche Strategien Demonstrierende international voneinander kopieren und wie Demonstrierende in aller Welt sich miteinander identifizieren und versuchen, transnationale Solidarität aufzubauen.","original_language":"deu","persons":["Katharin Tai"],"tags":["36c3-sendezentrum","119","2019","DLF- und Podcast-Bühne","Sendezentrum"],"view_count":1232,"promoted":false,"date":"2019-12-29T21:45:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-01-21T10:45:11.834+01:00","length":3443,"duration":3443,"thumb_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/119-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/119-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/119-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/119-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-119-fernostwrts-digitale-widerstandsstrategien-in-hongkong","url":"https://api.media.ccc.de/public/events/f08d3915-e3e2-5ffe-a0a7-f8358c74aada","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"43ecd44e-8450-42f6-829e-7bda680ad54a","title":"ZombieLoad Attack","subtitle":"Leaking Your Recent Memory Operations on Intel CPUs","slug":"36c3-10754-zombieload_attack","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10754.html","description":"The ZombieLoad attack exploits a vulnerability of most Intel CPUs, which allows leaking data currently processed by other programs. ZombieLoad is extremely powerful, as it leaks data from user-processes, the kernel, secure enclaves, and even across virtual machines. Moreover, ZombieLoad also works on CPUs where Meltdown is fixed in software or hardware.\n\nThe Meltdown attack published in 2018 was a hardware vulnerability which showed that the security guarantees of modern CPUs do not always hold. Meltdown allowed attackers to leak arbitrary memory by exploiting the lazy fault handling of Intel CPUs which continue transient execution with data received from faulting loads. With software mitigations, such as stronger kernel isolation, as well as new CPUs with this vulnerability fixed, Meltdown seemed to be solved. \n\nIn this talk, we show that this is not true, and Meltdown is still an issue on modern CPUs. We present ZombieLoad, an attack closely related to the original Meltdown attack, which leaks data across multiple privilege boundaries: processes, kernel, SGX, hyperthreads, and even across virtual machines. Furthermore, we compare ZombieLoad to other microarchitectural data-sampling (MDS) attacks, such as Fallout and RIDL. The ZombieLoad attack can be mounted from any unprivileged application, without user interactions, both on Linux and Windows. \n\nIn the talk, we present multiple attacks, such as monitoring the browsing behavior, stealing cryptographic keys, and leaking the root-password hash on Linux. In a live demo, we demonstrate that such attacks are not only feasible but also relatively easy to mount, and difficult to mitigate. \n\nWe show that Meltdown mitigations do not affect ZombieLoad, and consequently outline challenges for future research on Meltdown attacks and mitigations. Finally, we discuss the short-term and long-term implications of Meltdown attacks for hardware vendors, software vendors, and users. ","original_language":"eng","persons":["Michael Schwarz","Moritz Lipp","Daniel Gruss"],"tags":["36c3","10754","2019","Security","Main"],"view_count":1472,"promoted":false,"date":"2019-12-28T23:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-22T19:45:04.884+01:00","length":3359,"duration":3359,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10754-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10754-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10754-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10754-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10754-zombieload_attack","url":"https://api.media.ccc.de/public/events/43ecd44e-8450-42f6-829e-7bda680ad54a","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"04a2ab95-c74a-58d7-93ac-e65046a56866","title":"A Hacker's Guide to Healthcare: How to Improve Lives with Data","subtitle":null,"slug":"36c3-98-a-hacker-s-guide-to-healthcare-how-to-improve-lives-with-data","link":"https://fahrplan.chaos-west.de/36c3/talk/AQSTLX/","description":"Health related personal data is highly sensitive -- and yet it promises an outright methodology shift for the surprisingly conservative healthcare system. This talk provides an overview of beneficial uses of health data, and formulates ways to get involved to make sure the benefits are reaped in a conscientious manner.\n\nHealthcare is rapidly becoming digital: security and data privacy call for active participation. But so do questions of quantified fairness and certification of digital medical devices. Hackers can play a crucial part to ensure this benefits patients and citizens, by championing data transparency and standards of evidence. My talk will outline ways to get creative with data beyond scrutinizing governments on information security.\n\nFor the past year I worked for the German Ministry of Health's in-house think tank (hih) as an advisor on artificial intelligence. I will present my personal views, not those of the Federal Government.","original_language":"eng","persons":["Lars Roemheld"],"tags":["36c3-chaoswest","98","2019","Nicht Computers","ChaosWest"],"view_count":1072,"promoted":false,"date":"2019-12-28T11:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-01-31T15:30:09.414+01:00","length":3152,"duration":3152,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/98-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/98-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/98-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/98-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-98-a-hacker-s-guide-to-healthcare-how-to-improve-lives-with-data","url":"https://api.media.ccc.de/public/events/04a2ab95-c74a-58d7-93ac-e65046a56866","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"c25397e4-6f44-5cdb-a39d-1a52562ac656","title":"Modernizing Wikipedia","subtitle":null,"slug":"36c3-69-modernizing-wikipedia","link":"https://cfp.verschwoerhaus.de/36c3/talk/XM97YV/","description":"What does Wikimedia do to modernize WIkipedia's user experience, and why does it take so long?\n\nEditing Wikipedia feels like a blast from the past, and even just reading articles feels a bit dusty. Why is that? And how can it be fixed? And how can you help?","original_language":"eng","persons":["Daniel"],"tags":["36c3-wikipakawg","69","2019","Hardware \u0026 Making","WikiPakaWG"],"view_count":1961,"promoted":false,"date":"2019-12-30T12:00:00.000+01:00","release_date":"2020-01-01T01:00:00.000+01:00","updated_at":"2026-02-13T02:30:03.342+01:00","length":2319,"duration":2319,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/69-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/69-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/69-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/69-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-69-modernizing-wikipedia","url":"https://api.media.ccc.de/public/events/c25397e4-6f44-5cdb-a39d-1a52562ac656","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"949200f1-fa20-4a53-a981-50074957d6ba","title":"Vehicle immobilization revisited","subtitle":"Uncovering and assessing a second authentication mechanism in modern vehicle immobilization systems","slug":"36c3-11020-vehicle_immobilization_revisited","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11020.html","description":"Modern road vehicles are fitted with an electronic immobilization system, which prevents the vehicle from starting unless an authorized transponder is present. It is common knowledge that the security transponder embedded in the key fob should be secure, and quite some work has been published on the (in)security of such transponders. However, we identify another crucial part of the immobilizer system, that has not yet received any academic attention. We investigated three vehicles, and found that the security transponder does not communicate with the ECM (Engine Control Module) but with the BCM (Body Control Module). After succesful authentication of the key, the BCM will then authenticate towards the ECM, after which immobilization is deactivated and the vehicle may start. If either the security transponder or this ECM-BCM authentication protocol is weak, vehicles may be started without presence of a valid security transponder. \n\nWe present three case studies of such ECM-BCM protocols on vehicles from Peugeot, Fiat and Opel. The protocols are shown to be used in many different models, and also by other brands owned by the same group. We show how two of the protocols are completely broken, while the third one is derived directly from a 1995 security transponder. Both attacks can be carried out through the standardized OBD-II connector, present and conveniently located in all modern vehicles. Bottom line: cryptographic protocols used in the ECM-BCM authentication are not on par when compared with the crypto embedded in the transponder.\n\nNowadays, immobilizers play an essential role in the prevention of vehicle theft. Intended to raise the complexity of theft through the introduction of non-mechanical safety measures, immobilizers have always worked by the same basic principle: to disallow ignition until some secret is presented to the vehicle. Immobilizers gained popularity in the 1990s, as a consequence of legislation: the European Union, Australia and Canada adopted regulation in the nineties, mandating the use of electronic immobilization systems in passenger cars. \n\nImmobilizers have shown to be highly effective in the effort to reduce theft rates. According to a 2016 study, the broad deployment of immobilization devices has lead to a reduction in car theft of an estimated 40% on average during 1995-2008. However, various tools are on the market to bypass electronic security mechanisms. Deployment of insecure immobilizer systems has real-world consequences: multiple sources report cars being stolen by exploiting vulnerabilities in electronic security, sometimes to extents where insurance companies refuse to insure models unless additional security measures are taken.\n\nIn modern cars, the ECM (Engine Control Module) is responsible for operating the car engine, and is also responsible for starting the engine. A common misconception about immobilizer systems is that the car key always authenticates directly to the ECM, and that the ECM will only allow the car to start when it has established an authorized 125KHz RFID security transponder is present. In practise, the security transponder in the key fob authenticates towards the BCM (Body Control Module), which in turn authenticates towards the ECM. \n\nWe have selected three cars from different major Original Equipment Manufacturers (OEMs) and identified immobilizer protocol messages from CAN-bus traffic, which can be accessed through the conveniently located OBD-II connector. We made traces of CAN-traffic when the ignition lock is switched to the ON position. Immobilizer related messages can be easily recognized when searching for high-entropy messages that strongly differ between traces. Confidence that the messages are indeed related to immobilizer can be increased by removing the security transponder from the key, which should result in different protocol messages.\n\nAfter identification of related messages, we dumped ECM and BCM micro-controller firmwares, either by leveraging existing software functions, or by using micro-controller debug functionality such as JTAG and BDM. We derived the immobilizer protocol through reverse-engineering. In all three cases, we established the same protocol is used in several different models from the same OEMs, including currently manufactured ones. We then analyzed the protocols for cryptographic strength. Two turn out to be completely broken, while the last one is directly derived from a 1995 security transponder. While it exhibits no obvious weaknesses, it is used in conjunction with current AES security transponders, and as such, we still recommend the manufacturer to replace it.  ","original_language":"eng","persons":["Wouter Bokslag"],"tags":["36c3","11020","2019","Security","Main"],"view_count":1822,"promoted":false,"date":"2019-12-28T23:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-09T05:45:02.492+01:00","length":3319,"duration":3319,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11020-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11020-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11020-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11020-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11020-vehicle_immobilization_revisited","url":"https://api.media.ccc.de/public/events/949200f1-fa20-4a53-a981-50074957d6ba","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"9f137ade-314d-5531-9e55-e0020824464a","title":"Closing Session","subtitle":null,"slug":"36c3-oio-180-closing-session","link":"https://talks.oio.social/36c3-oio/talk/GM9RV3/","description":"Verabschiedung und Details zum Abbau","original_language":"deu","persons":["Andreas Bräu"],"tags":["36c3-oio","180","2019","OIO","OpenInfrastructureOrbit"],"view_count":532,"promoted":false,"date":"2019-12-30T17:30:00.000+01:00","release_date":"2019-12-31T01:00:00.000+01:00","updated_at":"2025-09-19T21:45:14.046+02:00","length":335,"duration":335,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/180-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/180-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/180-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/180-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-180-closing-session","url":"https://api.media.ccc.de/public/events/9f137ade-314d-5531-9e55-e0020824464a","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"3be4da1b-7efd-4ab3-9f51-297c42c06d6a","title":"Wifibroadcast","subtitle":"How to convert standard wifi dongles into digital broadcast transmitters","slug":"36c3-10630-wifibroadcast","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10630.html","description":"This talk is about modifying cheap wifi dongles to realize true unidirectional broadcast transmissions that can transport digital data like HD drone video with guaranteed latency over a range of tens of kilometers. The talk will show the necessary changes to the firmware and kernel of the wifi dongle, the forward error correction and software diversity (fuse several receivers in software) that is added to improve reliability and the most prominent use case: Flying a remote controlled drone at a distance of tens of kilometers.\n\nWifi as it is implemented in the 802.11 standard tries (as best as it can) to guarantee to a user the delivery of data and the correctness of the data.\nTo increase the chance of delivery, the standard includes techniques like automatic retransmission, automatic rate reduction, CSMA/CA. To guarantee correctness, the packets are using CRC sums. These measures are very useful in a typical 1-to-1 communication scenario. However, they do not adapt very well to a 1-to-n scheme (broadcast). Even in case of a 1-to-1 scenario the techniques mentioned above make it impossible to guarantee a latency and throughput of a transmission.\n\nWifibroadcast uses the wifi hardware in a mode that is very similar to the classic analog broadcast transmitters. Data will immediately be sent over the air, without any association of devices, retransmissions and rate reductions.\nThe data can be picked up by an arbitrary number of receivers that decode the data stream, repair damaged packages via software diversity and repair damaged bits via forward error correction.\n\nThe Wifibroadcast software is an easy to use Linux program into which arbitrary data can be piped. The same data will then appear on the receiving program on standard output and can thus be piped into further programs.\n\nAll software developed has been made available under the GPL license.\n\n\nA prominent use case for Wifibroadcast is the transmission of live video from a drone. Compared to standard wifi this offers the following advantages:\n\n * Guaranteed latency\n * No association (that might get lost)\n * Multiple receivers work out of the box\n * True unidirectional communication allows to use asymmetrical antenna setups\n * Slow breakup of connection instead of complete communication loss\n\n\nThe talk will show the details of the Wifibroadcast protocol, the changes to the firmware \u0026 driver, the forward error correction, software diversity and finally will show the HD video transmission over tens of kilometers as an application example.","original_language":"eng","persons":["befi"],"tags":["36c3","10630","2019","Hardware \u0026 Making","Main"],"view_count":3822,"promoted":false,"date":"2019-12-29T14:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-04-04T15:45:05.896+02:00","length":2530,"duration":2530,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10630-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10630-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10630-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10630-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10630-wifibroadcast","url":"https://api.media.ccc.de/public/events/3be4da1b-7efd-4ab3-9f51-297c42c06d6a","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"05930be8-d978-4499-ad35-6068d0575666","title":"Creating Resilient and Sustainable Mobile Phones","subtitle":"Be prepared for the coming Digital Winter. And play Impossible Mission.","slug":"36c3-10800-creating_resilient_and_sustainable_mobile_phones","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10800.html","description":"Civil society depends on the continuing ability of citizens to communicate with one another, without fear of interference, deprivation or eavesdropping. As the international political climate changes alongside that of our physical climatic environment, we must find ways to create mobile communications systems that are truly resilient and sustainable in the face of such shocks. We have therefore identified a number of freedoms that are required for resilient mobile phones: Energy, Communications, Security, Innovation, Maintenance and Scale-Dependency. These can be summarised as making it possible for people to create, maintain and develop mobile communications solutions, without requiring the capital and resources of a large company to do so. In this lecture I will explain why each of these is necessary, as well as describing how we are incorporating these principles into the MEGAphone open, resilient and secure smart-phone project.\n\nIn the humanitiarian sector we talk about how without energy there is no communications, and without communications there is no organisation, and how without organisation people die.  As we see increasing frequency of natural disasters, man-made disasters like wars and unrest, and the distressing intersection of these events, we have been convinced that we need to be able to create mobile communications devices that can not only survive in such events, but be sustained in the long term, and into what we call the coming Digital Winter. \n\nThe Digital Winter is the situation where the freedoms to create and innovation digital systems will become impossible or highly limited due to any of various interrelated factors, such as further movement towards totalitarian governments, the failure of international supply systems (or their becoming so untrustworthy to be usable), the failure of various forms of critical infrastructure and so on.\n\nFortunately the Digital Winter has not yet arrived, but the signs of the Digital Autumn are already upon us: The cold winds chilling our personal freedoms can already be felt in various places.  Thus we have the imperative to act now, while the fruit of summer and autumn still hangs on the trees, so that we can make a harvest that will in the least sustain us through the Digital Winter with resilient, secure and sustainable communications systems, and hopefully either stave off the onset of the winter, bring it to a sooner end, and/or make the winter less bitter and destructive for the common person.\n\nIt is in this context that we have begun thinking about what is necessary to achieve this, and have identified six freedoms that are required to not merely create digital solutions that can survive the Digital Winter, but hopefully allow such solutions to continue to be developed during the Digital Winter, so that we can continue to react to the storms that will come and the predators that will seek to devour our freedoms like hungry wolves.  The six freedoms are:\n\n1. Freedom from Energy Infrastructure, so that we cannot be deprived of the energy we need to communicate.\n2. Freedom from Communications Infrastructure, so that we cannot be deprived of the communications we need to organise and sustain communities.\n3. Freedom from depending on vendors for the security of our devices, so that we can patch security problems promptly as they emerge, so that we can sustain communications and privacy.\n4. Freedom to continue to innovate and improve our digital artefacts and systems, so that we can react to emergy threats and opportunities.\n5. Freedom to maintain our devices, both their hardware and software, so that our ability to communicate and organise our communities cannot be easily eroded by the passage of time.\n6. Freedom from Scale-Dependency, so that individuals and small groups can fully enjoy the ability to communicate and exercise the preceding freedoms, without relying on large corporations and capital, and also allowing minimising of environmental impact.\n\nIn this lecture I will explore these issues, as well as describe how we are putting them into practice to create truly resilient and sustainable mobile phones and similar devices, including in the MEGAphone open-source/open-hardware smart phone.","original_language":"eng","persons":["Paul Gardner-Stephen"],"tags":["36c3","10800","2019","Resilience \u0026 Sustainability","Main"],"view_count":1700,"promoted":false,"date":"2019-12-28T22:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-04-02T12:45:05.265+02:00","length":2953,"duration":2953,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10800-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10800-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10800-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10800-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10800-creating_resilient_and_sustainable_mobile_phones","url":"https://api.media.ccc.de/public/events/05930be8-d978-4499-ad35-6068d0575666","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"626da982-aac8-5eca-9577-826e0a825049","title":"Public Money? Public Code! A campaign framework to promote software freedom","subtitle":null,"slug":"36c3-151-public-money-public-code-a-campaign-framework-to-promote-software-freedom","link":"https://fahrplan.chaos-west.de/36c3/talk/LF3YYH/","description":"Do you want to promote Free Software in public administrations? Then the campaign framework of \"Public Money? Public Code!\" might be the right choice for you; no matter if you want to do it as an individual or as a group; no matter if you have a small or large time budget. \n\nMore than 170 organisations, and more than 26,000 individuals demand that publicly financed software should be made publicly available under Free Software licenses. Together we contacted politicians and civil servants on all levels -- from the European Union and national governments, to city mayors and the heads of public libraries about this demand. This did not just lead to important discussions about software freedom with decision makers, but also already to specific policy changes.\n\nIn the talk, we will explain how the campaign framework including the website publiccode.eu, the videos, the open letter, the expert brochure,and example letters can be used to push for the adoption of Free Software friendly policies in your area; be it your public administration, your library, your university, your city, your region, or your country.","original_language":"eng","persons":["Bonnie Mehring","Matthias Kirschner"],"tags":["36c3-chaoswest","151","2019","The real basic about Bits and Nibbles","ChaosWest"],"view_count":424,"promoted":false,"date":"2019-12-29T14:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-01-19T13:15:09.136+01:00","length":3022,"duration":3022,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/151-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/151-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/151-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/151-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-151-public-money-public-code-a-campaign-framework-to-promote-software-freedom","url":"https://api.media.ccc.de/public/events/626da982-aac8-5eca-9577-826e0a825049","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"b43cb1c3-0dbf-451f-82a0-e93b32c7222b","title":"Hacking the Media: Geflüchtete schmuggeln, Nazis torten, Pässe fälschen","subtitle":"Warum wir zivilen Ungehorsam und Subversion mehr brauchen denn je","slug":"36c3-10541-hacking_the_media_gefluchtete_schmuggeln_nazis_torten_passe_falschen","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10541.html","description":"Ein lustiger Rückblick über die Aktionen des Peng Kollektivs.\n\nCop Map zu Polizeigewalt, MaskID zum Überwachungsstaat und Gesichtserkennung, Adblocker zur Werbeindustrie, CFRO zum Finanzsystem, Deutschland geht klauen zu Lieferketten und der Aufbau der Bewegung Seebrücke zur Entkriminalisierung der Seenotrettung sind nur ein Bruchteil der Aktionen, die seit dem letzten Besuch 2015 hier noch nicht präsentiert wurden. \n\nEine Tour de Force durch Momente zivilen Ungehorsams und Subversion, wobei wir uns selbst nicht zu ernst nehmen und vor allem darauf abzielen, mit den sozialen Bewegungen zusammen zu arbeiten.\n\nEine Stunde geballte Kommunikationsguerilla, lustige Medienaktionen, aber auch ein Einblick in mögliche Denkweisen und Aktionsmöglichkeiten, die andere machen können. Was ist heutzutage möglich und was ist vor allem nötig?","original_language":"deu","persons":["Conny Runner","Ronny Sommer"],"tags":["36c3","10541","2019","Ethics, Society \u0026 Politics","Main"],"view_count":8158,"promoted":false,"date":"2019-12-29T14:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-01-18T00:00:08.666+01:00","length":3847,"duration":3847,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10541-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10541-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10541-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10541-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10541-hacking_the_media_gefluchtete_schmuggeln_nazis_torten_passe_falschen","url":"https://api.media.ccc.de/public/events/b43cb1c3-0dbf-451f-82a0-e93b32c7222b","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"1227e67b-fe22-5065-ac6b-5677b64b0971","title":"Querying Linked Data with SPARQL and the Wikidata Query Service","subtitle":null,"slug":"36c3-60-querying-linked-data-with-sparql-and-the-wikidata-query-service","link":"https://cfp.verschwoerhaus.de/36c3/talk/AMPBFW/","description":"An introduction to querying linked data, using the SPARQL query language and the free knowledge base Wikidata.\n\nWhich films starred more than one future head of government? What’s the largest city with a female mayor? And when did women finally outnumber Johns in the House of Commons? These are the kinds of questions that **linked data** can answer.\n\nThis workshop will give an introduction to the SPARQL query language, showing how it can be used to answer these and other questions, using the free knowledge base **Wikidata** as the data source.","original_language":"eng","persons":["Lucas Werkmeister"],"tags":["36c3-wikipakawg","60","2019","Hardware \u0026 Making","WikiPakaWG"],"view_count":290,"promoted":false,"date":"2019-12-27T12:00:00.000+01:00","release_date":"2020-01-12T01:00:00.000+01:00","updated_at":"2025-10-06T11:30:09.700+02:00","length":3054,"duration":3054,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/60-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/60-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/60-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/60-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-60-querying-linked-data-with-sparql-and-the-wikidata-query-service","url":"https://api.media.ccc.de/public/events/1227e67b-fe22-5065-ac6b-5677b64b0971","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"75423a6d-f926-5ae9-b905-68c22c275d90","title":"Was geht alles schief in der Elektromobilität","subtitle":"Och Menno - Resistor","slug":"36c3-98-och-menno-resistor-was-geht-alles-schief-in-der-elektromobilitt-ein-gesprch-mit-roddi","link":"https://fahrplan.das-sendezentrum.de/36c3/talk/UDRLSJ/","description":"\u003cp\u003eEin gem\u0026uuml;tlicher Schnack unter Ingenieuren warum die Elektromobilit\u0026auml;t nicht ins Rollen kommt und warum Wasserstoff noch nicht so richtig in Deutschland explodiert ist. Wir werden aus unseren Erfahrungen mit Elektromobilit\u0026auml;t, der Freude der Wartezeit auf ein Auto und anderen Problemchen schnacken. Sollten wir nicht von einem E-Roller oder Sofa \u0026uuml;berfahren worden sein vorher ^^ Wer auch ein E Auto hat oder sich \u0026uuml;ber ERoller aufregen will darf gerne dazukommen. Das gro\u0026szlig;e Och Menno Special zur Elektromobilit\u0026auml;t.\u003c/p\u003e","original_language":"deu","persons":["ochmenno","roddi"],"tags":["36c3-sendezentrum","98","2019","DLF- und Podcast-Bühne","Sendezentrum"],"view_count":3431,"promoted":false,"date":"2019-12-27T21:45:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-04-01T01:15:05.329+02:00","length":3388,"duration":3388,"thumb_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/98-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/98-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/98-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/98-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-98-och-menno-resistor-was-geht-alles-schief-in-der-elektromobilitt-ein-gesprch-mit-roddi","url":"https://api.media.ccc.de/public/events/75423a6d-f926-5ae9-b905-68c22c275d90","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"c73debf0-e6be-4bde-84b5-afaddbe0e3fa","title":"\"Hacker hin oder her\": Die elektronische Patientenakte kommt!","subtitle":null,"slug":"36c3-10595-hacker_hin_oder_her_die_elektronische_patientenakte_kommt","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10595.html","description":"Herzstück der digitalen Gesundheitsversorgung für 73 Millionen Versicherte ist die hochsichere, kritische Telematik-Infrastruktur mit bereits 115.000 angeschlossenen Arztpraxen. Nur berechtigte Teilnehmer haben über dieses geschlossene Netz Zugang zu unseren medizinischen Daten. Ein \"Höchstmaß an Schutz\" also, wie es das Gesundheitsministerium behauptet? Bewaffnet mit 10.000 Seiten Spezifikation und einem Faxgerät lassen wir Illusionen platzen und stellen fest: Technik allein ist auch keine Lösung. Braucht es einen Neuanfang?\n\nSchon in 12 Monaten können 73 Millionen gesetzlich Versicherte ihre Gesundheitsdaten in einer elektronischen Patientenakte speichern lassen. Dazu werden zurzeit alle Arztpraxen, Krankenhäuser und Apotheken Deutschlands über die neu geschaffene kritische Telematik-Infrastruktur verbunden.\n\nDieses hochverfügbare Netz genügt \"militärischen Sicherheitsstandards\", bietet ein \"europaweit einzigartiges Sicherheitsniveau\" und verspricht ein \"Höchstmaß an Schutz für die personenbezogenen medizinischen Daten\" wie Arztbriefe, Medikamentenpläne, Blutbilder und Chromosomenanalysen.\n\n\"Wir tun alles, damit Patientendaten sicher bleiben.\"\n\n\"Selbst dem Chaos Computer Club ist es nicht gelungen, sich in die Telematik-Infrastruktur einzuhacken.\"\n\n\"Nach den Lehren aus PC-Wahl, Ladesäulen und dem besonderen elektronischen Anwaltspostfach brauchen wir kein weiteres Exempel.\"","original_language":"deu","persons":["Martin Tschirsich","cbro - Dr. med. Christian Brodowski","Dr. André Zilch"],"tags":["36c3","10595","2019","Security","Main"],"view_count":27453,"promoted":false,"date":"2019-12-27T16:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-04-04T08:00:03.602+02:00","length":3659,"duration":3659,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10595-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10595-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10595-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10595-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10595-hacker_hin_oder_her_die_elektronische_patientenakte_kommt","url":"https://api.media.ccc.de/public/events/c73debf0-e6be-4bde-84b5-afaddbe0e3fa","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"6bacef9b-6bf0-572d-82bc-cdd5c254c2c1","title":"Autocomplete Texting","subtitle":null,"slug":"36c3-oio-177-autocomplete-texting","link":"https://talks.oio.social/36c3-oio/talk/QSKPAM/","description":"Mitmachspass mit Autocomplete: Entdecke KI-Seele deines Smartphones\n\nEin Spiel mit dem Publikum: \nMenschen nutzen die Autocomplete/Predict-Funktion ihres Mobilgerätes, um basierend auf einem (wechselnden) vorgegebenen ersten Wort Sätze zu bilden, also immer nur das nächste vorgeschlagene Wort zu bestätigen. \nDie Ergebnisse werden mehr oder minder live und total willkürlich ausgewählt verlesen.\nAuch wenn's erstmal sinnlos erscheint: Und auch wenn den Absendenden Anonymität zugesichert wird und im Gegensatz Schummeln verboten ist: Die Art der Sätze, die die trainierte/konditionierte Maschine dabei hervorbringt  offenbaren mindestens einen eigenen Charakter oder sagen zumindest etwas über die bevorzugte Nutzung des Gerätes.","original_language":"deu","persons":["Adorfer"],"tags":["36c3-oio","177","2019","Entertainment","OpenInfrastructureOrbit"],"view_count":921,"promoted":false,"date":"2019-12-29T00:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-10-24T20:30:06.118+02:00","length":2537,"duration":2537,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/177-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/177-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/177-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/177-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-177-autocomplete-texting","url":"https://api.media.ccc.de/public/events/6bacef9b-6bf0-572d-82bc-cdd5c254c2c1","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"7f29cf66-de8b-59c8-8df9-0fefa9a24364","title":"Off The Record","subtitle":"Der Hintergrundpodcast von netzpolitik.org","slug":"36c3-112-off-the-record-der-hintergrundpodcast-von-netzpolitik-org","link":"https://fahrplan.das-sendezentrum.de/36c3/talk/ZYJXVP/","description":"\u003cp\u003eGeheime Einsch\u0026auml;tzungen des Verfassungsschutzes zur AfD, ung\u0026uuml;nstiges Framing bei der ARD, intransparente Moderation bei Tiktok: In diesem Jahr haben wir mit so mancher Recherche Schlagzeilen gemacht. Hier wollen wir auf einige interessante Geschichten aus 2019 schauen und einen Blick hinter die Kulissen von netzpolitik.org geben. \u0026bdquo;Off The Record\u0026ldquo; gibt monatlich Einblicke in den Maschinenraum von netzpolitik.org: Die wichtigsten Recherchen, die sch\u0026ouml;nsten Erfolge, die gr\u0026ouml;\u0026szlig;ten Schwierigkeiten und die spannendsten Geschichten hinter den Geschichten. Dieses Mal mit einer Sonderausgabe, in der wir unser Jahr 2019 zusammenkehren.\u003c/p\u003e","original_language":"deu","persons":["netzpolitik.org"],"tags":["36c3-sendezentrum","112","2019","DLF- und Podcast-Bühne","Sendezentrum"],"view_count":739,"promoted":false,"date":"2019-12-28T20:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2023-01-13T00:15:03.259+01:00","length":3530,"duration":3530,"thumb_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/112-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/112-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/112-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/112-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-112-off-the-record-der-hintergrundpodcast-von-netzpolitik-org","url":"https://api.media.ccc.de/public/events/7f29cf66-de8b-59c8-8df9-0fefa9a24364","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"30bf682c-ab5e-4680-9c49-bec93e7804cd","title":"Energiespeicher von heute für die Energie von morgen","subtitle":"Wohin eigentlich mit all der erneuerbaren Energie?","slug":"36c3-11119-energiespeicher_von_heute_fur_die_energie_von_morgen","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11119.html","description":"Wir verlassen uns in unserem Alltag permanent auf die Verfügbarkeit von elektrischer Energie. Aber wenn wir vom dauerhaften Betrieb von Kraftwerke, die fossile Energieträger verbrennen, wie stellen wir die Versorgung sicher, wenn nachts kein Wind weht? \nElektrolyse oder Pumpspeicherkraftwerk? Superkondensatoren oder mechanische Speicher? Was geht heute überhaupt schon?\n\nÄhnlich unklar ist die Zukunft der Mobilität, wenn Verbrennungsmotoren von unseren Straßen verschwinden sollen. Batteriefahrzeug oder Wasserstoffauto? Und bekommt man sein Fahrzeug überhaupt so schnell vollgetankt wie heute mit Benzin?\n\nAls eins der größeren Probleme stellt sich die Bereitstellung elektrischer Energie für unsere hoch technologisierte Welt dar. Der Beitrag der aus erneuerbaren Energiequellen gewonnenen elektrischen Energie ist in den letzten Jahrzehnten beständig gestiegen, aber dennoch bleibt ein Problem: wie stellen wir Energie bereit, wenn keine Sonne scheint und kein Wind weht?\nEin Überblick über bekannte und weniger bekannte Energiespeicher soll erleichtern, aktuelle Diskussionen der Energie- und Klimapolitik zu verstehen und einzuordnen.\nBatterien und Akkus liefern seit vielen Jahrzehnten den Strom für vor allem tragbare Geräte: Die allgegenwärtige, nicht wiederaufladbare  Alkali-Mangan-Batterie speist Uren, Fernbedienungen, Taschenlampen und Geräte  aller Art. Speziell die wiederaufladbare Lithium-Ionen-Batterie hat unsere moderne Welt revolutioniert, aus gutem Grund wurde diese Entwicklung dieses Jahr mit dem Nobelpreis in Chemie ausgezeichnet. Wird diese Technologie die Zukunft der Elektromobilität sein, und den überschüssigen Solarstrom speichern, um ihn nachts wieder zur Verfügung zu stellen?\nOder sollte die kaum bekannte Natriumsulfid Batteriechemie der bessere Kandidat sein? Wie macht man aus Solarstrom Wasserstoff, und wie speichert man diesen? Lohnt sich das überhaupt, und wenn ja, wie bekommt man daraus wieder elektrische Energie erzeugt?\n\nAktuell tobt eine erbitterte Debatte, ob die Elektromobilität in Zukunft nun auf reinen Batteriebetried setzen sollte, oder doch das Wasserstoffauto das Rennen machen soll. Gibt es eine klare Antwort darauf, und wie sind die jeweiligen Beiträge von Wissenschaft, Wirtschaft, Politik und Ethik?\n\n","original_language":"deu","persons":["Sebastian Pischel"],"tags":["36c3","11119","2019","Science","Main"],"view_count":19276,"promoted":false,"date":"2019-12-27T14:10:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-01-20T13:45:09.909+01:00","length":3492,"duration":3492,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11119-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11119-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11119-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11119-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11119-energiespeicher_von_heute_fur_die_energie_von_morgen","url":"https://api.media.ccc.de/public/events/30bf682c-ab5e-4680-9c49-bec93e7804cd","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"8ad18f3f-5283-44e7-9db8-0d67915b4c4e","title":"From Managerial Feudalism to the Revolt of the Caring Classes","subtitle":"David Graeber","slug":"36c3-11241-from_managerial_feudalism_to_the_revolt_of_the_caring_classes","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11241.html","description":"One apparent paradox of the digitisation of work is that while productivity in manufacturing is skyrocketing, productivity in caring professions (health, education) is actually declining - sparking a global wave of labour struggle. Existing economic paradigms blind us to understanding how economies have come to be organised. We meed an entirely new discipline, based on a different set of values.","original_language":"eng","persons":["David Graeber"],"tags":["36c3","11241","2019","Art \u0026 Culture","Main"],"view_count":12256,"promoted":false,"date":"2019-12-27T17:30:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-04-03T17:00:05.172+02:00","length":3550,"duration":3550,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11241-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11241-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11241-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11241-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11241-from_managerial_feudalism_to_the_revolt_of_the_caring_classes","url":"https://api.media.ccc.de/public/events/8ad18f3f-5283-44e7-9db8-0d67915b4c4e","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"049a34da-5074-499e-a388-dab768f9e032","title":"No Body's Business But Mine, a dive into Menstruation Apps","subtitle":" The Not-So Secret Data Sharing Practices Of Menstruation Apps","slug":"36c3-10693-no_body_s_business_but_mine_a_dive_into_menstruation_apps","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10693.html","description":"In September 2019, Privacy International released exclusive research on the data-sharing practices of menstruation apps. Using traffic analysis, we shed lights on the shady practices of companies that shared your most intimate data with Facebook and other third parties.\n\nIn this talk we will go over the findings of this research, sharing the tools we have used and explaining why this is not just a privacy problem, but also a cybersecurity one. This talk will also be a call to action to app developers whose tools have concrete impact on the lives of their users.\n\nDoes anyone – aside from the person you had sex with – know when you last had sex? Would you like them to know if your partner used a condom or not? Would you share the date of your last period with them? Does that person know how you feel on any particular day? Do they know about your medical history? Do they know when you masturbate? Chances are this person does not exist, as there is only so much we want to share, even with our most intimate partner. Yet this is all information that menstruation apps expect their users to fill. \n\nWith all this private information you would expect those apps to uphold the highest standards when it comes to handling the data they collect. So, Privacy International set out to look at the most commonly used menstruation apps to find out if that was the case. Using traffic analysis, we wanted to see if those apps were sharing data with third parties and Facebook in particular, through the Facebook SDK.\n\nOur research shed light on the horrific practices of some menstruation apps that shared their users’ most intimate data – about their sexual life, their health and lifestyle – with Facebook and others.\n\nIn this talk, we will take you through the research we have conducted by using Privacy International’s publicly available and free testing environment. We will briefly explain how the testing environment work and we will showcase the menstruation apps that have the most problematic practices to show you how very granular and intimate data is shared with third parties and security implications.","original_language":"eng","persons":["Eva Blum-Dumontet","Christopher Weatherhead"],"tags":["36c3","10693","2019","Ethics, Society \u0026 Politics","Main"],"view_count":2671,"promoted":false,"date":"2019-12-29T18:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-22T01:00:06.402+01:00","length":3127,"duration":3127,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10693-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10693-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10693-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10693-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10693-no_body_s_business_but_mine_a_dive_into_menstruation_apps","url":"https://api.media.ccc.de/public/events/049a34da-5074-499e-a388-dab768f9e032","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"5ef93193-8ad9-4cb3-8804-548bbd6faf24","title":"Tales of old: untethering iOS 11","subtitle":"Spoiler: Apple is bad at patching","slug":"36c3-11034-tales_of_old_untethering_ios_11","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11034.html","description":"This talk is about running unsigned code at boot on iOS 11. I will demonstrate how you can start out with a daemon config file and end up with kernel code execution.\n\nThis talk is about achieving unsigned code execution at boot on iOS 11 and using that to jailbreak the device, commonly known as \"untethering\". This used to be the norm for jailbreaks until iOS 9.1 (Pangu FuXi Qin - October 2015), but hasn't been publicly done since. I will unveil a yet unfixed vulnerability in the config file parser of a daemon process, and couple that with a kernel 1day for full system pwnage. I will run you through how either bug can be exploited, what challenges we faced along the way, and about the feasibility of building a kernel exploit entirely in ROP in this day and age, on one of the most secure platforms there are.","original_language":"eng","persons":["littlelailo"],"tags":["36c3","11034","2019","Security","Main"],"view_count":8500,"promoted":false,"date":"2019-12-27T12:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-04-03T18:30:04.647+02:00","length":2354,"duration":2354,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11034-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11034-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11034-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11034-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11034-tales_of_old_untethering_ios_11","url":"https://api.media.ccc.de/public/events/5ef93193-8ad9-4cb3-8804-548bbd6faf24","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"3359ab2c-635c-5cce-af51-07b302314a4b","title":"Programmieren Lernen für Kids - in Minecraft","subtitle":null,"slug":"36c3-104-programmieren-lernen-fr-kids-in-minecraft","link":"https://fahrplan.chaos-west.de/36c3/talk/JUK87C/","description":"Viele Kinder lieben „Minecraft“ – sie sind oft richtige Experten in der Welt von Alex und Steve! Diese Begeisterung kann man nutzen, um Neues zu lernen! Das geht nämlich dann am besten, wenn man gar nicht merkt, dass man was lernt, sondern einfach nur etwas Tolles baut und dabei Spaß hat!\nInspiriert von dem Talk \"Programmieren in Minecraft\" auf der GPN 2019 habe ich mit dieses Jahr mit über 40 Kindern Workshops durchgeführt, in dem man die Grundkenntnisse des Programmierens in der bunten Klötzchen-Welt von Alex und Steve lernen kann. In meinen Talk möchte ich von Erfahrungen aus diesen Kursen berichten, wie man solche Kurse am besten aufbaut und strukturiert, was gut funktioniert, wie man Aufgaben spielerisch gestalten kann und das ganze auch technisch einfach im Griff haben kann.","original_language":"deu","persons":["Gregor Walter"],"tags":["36c3-chaoswest","104","2019","All about computers","ChaosWest"],"view_count":2311,"promoted":false,"date":"2019-12-29T13:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-15T23:00:06.439+01:00","length":1239,"duration":1239,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/104-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/104-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/104-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/104-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-104-programmieren-lernen-fr-kids-in-minecraft","url":"https://api.media.ccc.de/public/events/3359ab2c-635c-5cce-af51-07b302314a4b","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"87f4774e-f5db-5cee-b053-89219329c2de","title":"DC/DC Converters: Everything You Wanted To Know About Them","subtitle":null,"slug":"36c3-134-dc-dc-converters-everything-you-wanted-to-know-about-them","link":"https://fahrplan.chaos-west.de/36c3/talk/YYJGCZ/","description":"# Non-isolated DC/DC converters\n\nDC-to-DC converters are cheap and ubiquitous, but many still feel uncomfortable using them. In this talk I will talk about step-down (buck) and step-up (boost) converters, covering the basics in an easy-to-understand form, and touching on the knowledge you need to build your own.\n\nThis talk will be enjoyable for you if you have basic electronics knowledge: you understand what voltage, resistance, and current mean.\n\n##Outline\n- Theory of operation explained with illustrations\n- Synchronous and asynchronous converters: advantages and disadvantages\n- How to chose and evaluate cheap DC/DC converter modules you can buy online\n- Efficiency and sources of energy loss\n- Features you might want: Enable, Current Limiting, Undervoltage Protection\n- Control modes: voltage mode, current mode, and hysteretic mode\n- Unstable converters, and how to fix them\n- Switching noise, and how to deal with it\n- What if you need more voltage? Boost converters!","original_language":"eng","persons":["Zoé Bőle"],"tags":["36c3-chaoswest","134","2019","Nicht Computers","ChaosWest"],"view_count":1704,"promoted":false,"date":"2019-12-28T23:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-01-06T22:30:20.961+01:00","length":2309,"duration":2309,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/134-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/134-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/134-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/134-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-134-dc-dc-converters-everything-you-wanted-to-know-about-them","url":"https://api.media.ccc.de/public/events/87f4774e-f5db-5cee-b053-89219329c2de","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"031fc5c8-09c3-5490-ad8e-3858d391763b","title":"Observations on societal and technological changes in the DPRK","subtitle":null,"slug":"36c3-oio-158-observations-on-societal-and-technological-changes-in-the-dprk","link":"https://talks.oio.social/36c3-oio/talk/GWFPXV/","description":"The Democratic People's Republic of Korea (North Korea) is a hot topic in the media. The peninsula is changing rapidly, but how is that reflected in life on the ground? What is it like to live in Pyongyang? Are the externally reported societal changes and developments in technology also visible in everyday life? This talk will describe modern urban life in Pyongyang, and the recent forces driving change.\n\nThe talk will particularly focus on observations around the state of youth mindset towards change and technology. For example, what are the future elites' attitudes towards entrepreneurship in an officially communist country? What small signals of changing attitudes can we observe that might influence the opening of the county? Presenting the realities of this environment leads us to the demo of consumer technology, and presented that opportunities for both societal change and technological development might be broader than we often see. We will present this deep dive to North Korea from the perspective of two foreigners who have been spending months at a time in Pyongyang and have been studying it since 2012.","original_language":"eng","persons":["Jukka-Pekka Heikkilä"],"tags":["36c3-oio","158","2019","Ethics, Society \u0026 Politics","OpenInfrastructureOrbit"],"view_count":578,"promoted":false,"date":"2019-12-27T16:45:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-08T01:15:06.695+01:00","length":3191,"duration":3191,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/158-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/158-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/158-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/158-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-158-observations-on-societal-and-technological-changes-in-the-dprk","url":"https://api.media.ccc.de/public/events/031fc5c8-09c3-5490-ad8e-3858d391763b","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"a0e6927b-ae7f-412d-b494-06dcc76911db","title":"Die Zukunft grenzüberschreitenden Datenzugriffs und politischer Verfolgung","subtitle":null,"slug":"36c3-10762-die_zukunft_grenzuberschreitenden_datenzugriffs_und_politischer_verfolgung","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10762.html","description":"In Brüssel wird über eine Verordnung verhandelt, die es allen EU-Staaten ermöglichen soll, Provider zur Herausgabe von Inhalten oder Metadaten zu verpflichten – egal wo die Daten gespeichert sind, egal ob die Tat, um die es geht, dort eine Straftat ist. Werden CLOUD-Act, e-Evidence und ähnliche Kodifikationen bald dafür sorgen, dass Strafverfolgungsbehörden aller Länder Daten von Providern weltweit abgreifen können?\n\nStrafverfolger hierzulande würden gern möglichst schnell alle möglichen Daten von allen möglichen Online-Diensten über ihre Kunden erhalten. Juristisch stehen dem bisher einige Hürden im Weg, wenn die Anbieter nicht im Inland sitzen oder wenn sie Daten auf Servern im Ausland speichern. Hinter der  Auskunft, mit welcher IP eine Morddrohung auf Facebook gepostet wurde, verbergen sich Diskussionen über die großen Themen des Völkerrechts: Souveränität und Territorialität. Weil Daten oft auf der ganzen Welt gespeichert werden, wird das etablierte System der gegenseitigen Rechtshilfe in Frage gestellt.\n\nWährend die EU noch über die eEvidence-Verordnung berät, haben die USA schon mit UK ein Abkommen für unbegrenzten Direktzugriff geschlossen und verhandeln mit Australien. \n\nWarum diesen neuen Regeln jeder Grundrechtsschutz fehlt und wie grenzüberschreitende Repression politische Verfolgung verändern könnte, erfahrt ihr in diesem Talk.","original_language":"deu","persons":["Elisabeth Niekrenz"],"tags":["36c3","10762","2019","Ethics, Society \u0026 Politics","Main"],"view_count":986,"promoted":false,"date":"2019-12-28T17:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-30T08:15:05.769+02:00","length":2418,"duration":2418,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10762-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10762-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10762-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10762-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10762-die_zukunft_grenzuberschreitenden_datenzugriffs_und_politischer_verfolgung","url":"https://api.media.ccc.de/public/events/a0e6927b-ae7f-412d-b494-06dcc76911db","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"622f1d31-5900-4cbc-b274-770e1a172898","title":"Verkehrswende selber hacken","subtitle":null,"slug":"36c3-10881-verkehrswende_selber_hacken","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10881.html","description":"Der Talk wird eine wilde Fahrt, vorbei an umfallenden Rollern, etwas Kunst mit Sharing-Daten, einer Shoppingtour aus Recherchegründen auf asiatischen Großhandelsplattformen, Sicherheitslücken in Fahrradschlössern, welche einen deutschen Bikesharer dazu bringen, seine 6000 Räder weltweit wieder einzusammeln, der Analyse von risikokapitalgetriebenen Sharingsystemen bis hin zum Gegenentwurf: Wie angewandte Lobbyarbeit für mehr offene Mobilitätsdaten aussieht. Und wie man es selbst in die Hand nehmen kann.\n\nDer Markt der Mobilitätsangebote ist in den letzten Jahren immer schneller immer größer geworden.\nVon einfachen Bikesharing-Rädern über E-Bikes, Lastenrädern hin zu Scootern bekommen wir in Großstädten immer mehr Möglichkeiten, ohne eigenes Gefährt trotzdem mobil zu sein.\n\nAber warum nur in Großstädten? Wie nachhaltig ist das? Warum brauche ich immer noch 20 Apps für jede Stadt? Wie sehen diese Sharingsysteme eigentlich technisch aus? Was passiert mit den Daten und was lässt sich mit ihnen anfangen? Und warum sollten wir Mobilität eigentlich risikokapitalgetriebenen Technologieunternehmen überlassen?\n\nDaher bauen wir ein Open Source Bikesharingsystem: nicht profitorientiert und offen für alle, erprobt auf dem CCCamp19.","original_language":"deu","persons":["robbi5","ubahnverleih"],"tags":["36c3","10881","2019","Resilience \u0026 Sustainability","Main"],"view_count":14080,"promoted":false,"date":"2019-12-30T13:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-30T08:30:04.454+02:00","length":3175,"duration":3175,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10881-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10881-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10881-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10881-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10881-verkehrswende_selber_hacken","url":"https://api.media.ccc.de/public/events/622f1d31-5900-4cbc-b274-770e1a172898","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"c2619236-c88d-40ee-9d9d-9dfffd5212ef","title":"Offene Sensordaten für Jedermann - Ein Citizen Science Projekt basierend auf Open Source und Open Hardware","subtitle":null,"slug":"36c3-10862-offene_sensordaten_fur_jedermann_-_ein_citizen_science_projekt_basierend_auf_open_source_und_open_hardware","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10862.html","description":"Der Talk soll die Geschichte der senseBox von Beginn bis jetzt wiedergeben. Dabei möchte ich vor allem auf unsere Arbeit im Bereich Open Source, Open Data, Open Hardware und Open Educational Resources eingehen. Die Motivation von Teilnehmern des senseBox Projekts möchte ich basierend auf einer Nutzerstudie kurz wiedergeben. Außerdem möchte ich auf aktuelle Probleme sowie technische Hürden und die Genauigkeit der Daten eingehen. Zu guter Letzt gebe ich einen kurzen Ausblick in die Zukunft des Projekts.\n\nMithilfe der senseBox, einem DIY Citizen Science Baukasten, kann jeder an der Forschung und Wissenschaft teilnehmen. Sei es durch die Messung von Umweltdaten, Analyse und Auswertung dieser Daten oder durch die Teilnahme an Diskussionen einer großen Community. Außerdem können Schülerinnen und Schüler durch die Nutzung von Open Educational Resources und einer visuellen Entwicklungsumgebung das Programmieren spielend erlernen. Dadurch wird nicht nur das Umweltverständnis, sondern auch die digitale Bildung gefördert.\nDie Hardware der senseBox basiert auf dem Konzept von Arduino und enthält neben dem Microcontroller noch weitere Umweltsensoren. Jegliche Projekte, von einer einfachen Wetterstation über ein intelligentes Bewässerungssystem für den Garten bis hin zu einer Wasserqualität-Boje in der Nordsee, sind durch die offene Arduino Plattform umsetzbar. Das Rückgrat der senseBox ist die openSenseMap. Das Backend sammelt die gesendeten Daten der senseBoxen aber auch anderer Geräte. Sensoren zur Luftqualität von Luftdaten.info oder HackAIR sowie alle anderen Geräte können ihre Sensordaten zur offenen API der openSenseMap senden. Die Webanwendung ermöglicht Visualisierungen und Analysemöglichkeiten. Die Daten sind über die API für jeden frei verfügbar und können somit unter anderem für die Klimaforschung genutzt werden. \nDas Projekt startete vor einigen Jahren als Studienprojekt an der Universität Münster. Nach mehreren Abschlussarbeiten, Projektwochen, Workshops und Förderperioden entstand aus einer einfachen Idee ein umfangreiches Toolkit. Die openSenseMap, auf welcher anfänglich einige Dutzend senseBoxen registriert waren, verzeichnete in den letzten 5 Jahren steigende Nutzerzahlen mit aktuell rund 5300 registrierten senseBoxen. Daraus resultieren Probleme, welche zu Beginn des Projekts nicht absehbar waren: die Webanwendung läuft inzwischen in der Cloud und fordert viel Rechen- und Speicherkapazität. Die Messdaten werden ineffizient in Datenbanken gespeichert, dadurch benötigt die Anwendung starke virtuelle Server.\nDer Talk soll die Geschichte der senseBox von Beginn bis jetzt wiedergeben. Dabei möchte ich vor allem auf unsere Arbeit im Bereich Open Source, Open Data, Open Hardware und Open Educational Resources eingehen. Die Motivation von Teilnehmern des senseBox Projekts möchte ich basierend auf einer Nutzerstudie kurz wiedergeben. Außerdem möchte ich auf aktuelle Probleme sowie technische Hürden und die Genauigkeit der Daten eingehen. Zu guter Letzt gebe ich einen kurzen Ausblick in die Zukunft des Projekts.","original_language":"deu","persons":["Felix Erdmann"],"tags":["36c3","10862","2019","Resilience \u0026 Sustainability","Main"],"view_count":1538,"promoted":false,"date":"2019-12-28T18:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2025-11-06T10:00:07.815+01:00","length":1801,"duration":1801,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10862-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10862-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10862-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10862-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10862-offene_sensordaten_fur_jedermann_-_ein_citizen_science_projekt_basierend_auf_open_source_und_open_hardware","url":"https://api.media.ccc.de/public/events/c2619236-c88d-40ee-9d9d-9dfffd5212ef","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"7e748a07-89f3-51bb-927a-f8560617f180","title":"NSU-Watch: Aufklären \u0026 Einmischen","subtitle":"Der NSU-Watch Jahresrückblick 2019","slug":"36c3-114-nsu-watch-aufklren-einmischen-der-nsu-watch-jahresrckblick-2019","link":"https://fahrplan.das-sendezentrum.de/36c3/talk/HSYE8L/","description":"\u003cp\u003eNSU-Watch: Aufkl\u0026auml;ren \u0026amp; Einmischen. Der Podcast \u0026uuml;ber den NSU-Komplex, rechten Terror und Rassismus https://www.nsu-watch.info/podcast/ Das Netzwerk des NSU wurde nicht aufgedeckt und rechtem Terror nicht die Grundlage entzogen. Diese beiden Fakten hatten 2019 massive Konsequenzen und kosteten Menschenleben. Im Juni wurde der Kasseler Regierungspr\u0026auml;sident Walter L\u0026uuml;bcke von einem Neonazi hingerichtet und im Oktober wurden Jana L. und Kevin S. bei einem antisemitischen und rassistischen Anschlag in Halle ermordet. Recherchen deckten weitere Details zu den rechten Netzwerken in Polizei und Bundeswehr, bekannt unter Namen wie \"Nordkreuz\" oder \"NSU 2.0\", auf. Weltweit verloren dutzende Menschen ihr Leben, weil Rassisten einen \"Gro\u0026szlig;en Austausch\" herbei phantasieren, den sie stoppen wollen. Sie alle werden angeheizt durch eine gesellschaftliche rechte Mobilisierung. Und was wird medial und von Politiker*innen diskutiert? Der Verfassungsschutz soll besser ausgestattet werden und nebenbei kehrte die l\u0026auml;ngst \u0026uuml;berwunden geglaubte \"Killerspiel-Debatte\" zur\u0026uuml;ck. Die AfD, auch bekannt als \"parlamentarischer Arm des Rechtsterrorismus\" sitzt in allen Parlamenten und Talkshows. Im Jahresr\u0026uuml;ckblick des Podcasts \"NSU-Watch: Aufkl\u0026auml;ren\u0026amp;Einmischen\" wollen wir auf dieses von rechtem Terror gepr\u0026auml;gte Jahr zur\u0026uuml;ckblicken und auch fragen: Womit haben wir es zu tun? Wie k\u0026ouml;nnen wir dagegen angehen? Wir blicken auch auf das Jahr 2020, in dem viele dieser Ereignisse weiterhin uns aber auch die Gerichte besch\u0026auml;ftigen werden.\u003c/p\u003e","original_language":"deu","persons":["Caro Keller"],"tags":["36c3-sendezentrum","114","2019","DLF- und Podcast-Bühne","Sendezentrum"],"view_count":878,"promoted":false,"date":"2019-12-29T20:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-12-31T17:00:18.003+01:00","length":3663,"duration":3663,"thumb_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/114-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/114-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/114-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/114-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-114-nsu-watch-aufklren-einmischen-der-nsu-watch-jahresrckblick-2019","url":"https://api.media.ccc.de/public/events/7e748a07-89f3-51bb-927a-f8560617f180","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"f1c9fa52-2bad-5841-ac57-4efad8263c6c","title":"Crackhouse -die KochRadioShow-","subtitle":null,"slug":"36c3-oio-194-crackhouse-die-kochradioshow-","link":"https://talks.oio.social/36c3-oio/talk/BE9QSA/","description":"Crackhouse , die RadioKochShow auf FSK83.0 in Hamburg mit Fabse und Felix. 60 Minuten pure Leidenschaft fürs Kochen.\nGeht mit unser Einkaufsliste los, ladet euch Freunde ein und kocht gemeinsam mit uns.\n\nHoffentlich ihr seid bereit euch der Herausforderung einer neuen Kocherfahrung zu stellen, für die unter Euch die Alkoholtrinken empfehlen wir einen Riesling...,\n \nwir hätten uns sehr über unsere hochprominente Gästin Christine Ebeling, Kulturschafferin, Kuratorin und Künstlerin gefreut, die leider nicht kommen kann :-(\nstattdessen wird es einen Gast geben, der uns alle überaschen wird!\n\nDas sollte ihr einkaufen wenn ihr Zuhause sitzt und mit uns Kochen wollt:\n \nalle vegetarischen Zutaten der Einkaufsliste lassen sich selbstverständlich durch vegane Alternativen ersetzen!\n \n400 g Mehl (wichtig 550er mehl) info siehe unten\n250 ml Warmes Wasser\n1 Eßlöffel Salz\n4 El Öl\n250 g Ziegenfrischkäserolle\n200g würzigen Bergkäse\n3-4 zweige frischen Rosmarin\n400g Creme Fraiche oder Schmand oder halb und halb\n4-6 Esslöffel flüssigen Honig\n4-6 rote Zwiebeln je nach Größe\n1 Bund Frühlingszwiebeln ( kommen nach dem backen frisch drüber)\n \nvon Rita Rosenzweig wird es auch endlich die Auflösung Ihrer Abwesenheit geben und über die sozialen Medien ein veganes SauerRahm-Rezept,\nwer soziale Medien verweigert kann uns gerne eine Mail schreiben (kochradio@gmx.de) und wir senden Euch das Rezept von Rita Rosenzweig  :-)\nJeden 2. Sonntag im Monat (am 12.Januar2020) von 19Uhr - 20Uhr\nauf FSK Radio 93,0 MHz im Kabel 101,4 MHz. oder\nim Livestream unter www.Fsk-hh.org/livestream.\nFacebook: https://www.facebook.com/Crackhaus/\nInsta: https://www.instagram.com/crackhouse_kochradio/","original_language":"deu","persons":["Felix \u0026 Fabse"],"tags":["36c3-oio","194","2019","Entertainment","OpenInfrastructureOrbit"],"view_count":601,"promoted":false,"date":"2019-12-29T23:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-12-30T17:00:21.166+01:00","length":3580,"duration":3580,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/194-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/194-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/194-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/194-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-194-crackhouse-die-kochradioshow-","url":"https://api.media.ccc.de/public/events/f1c9fa52-2bad-5841-ac57-4efad8263c6c","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"584c5682-c1a6-4149-9572-04e44cf44645","title":"It's not safe on the streets... especially for your 3DS!","subtitle":"Exploring a new attack surface on the 3DS","slug":"36c3-10796-it_s_not_safe_on_the_streets_especially_for_your_3ds","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10796.html","description":"The 3DS is reaching end of life but has not revealed all its weaknesses yet. This talk will go through the process of reverse engineering an undocumented communication protocol and show how assessing hard-to-reach features yields dangerous results, including remote code execution exploits!\n\n\u003cp\u003eEmbedded Devices are all around us, talking to each other in ways we often don't even realize. In this talk, we discuss how one such communication mechanism in the 3DS remained unexplored for over seven years as well as the vulnerabilities that were lying dormant as a result.\u003c/p\u003e\n\u003cp\u003eWe will explore specific features of the 3DS and talk about their low-level implementation details and about why they were not tested before. Besides, we will walk through the (lengthy) dev process involved in putting together this exploit, and the significant risks involved in devices (even game consoles) having this kind of vulnerability.\u003c/p\u003e\n\u003cp\u003eFinally, we will demonstrate the attack in action.\u003c/p\u003e\n\u003cp\u003eSince the talk will be a bit technical some basic knowledge about network protocols and software exploitation techniques is recommended, but it is aimed to be enjoyable for non-technical audiences as well.\u003cbr\u003eOne might also take a look at previous talks (32c3 and 33c3) about the 3ds for more in-depth background knowledge.\u003c/p\u003e","original_language":"eng","persons":["nba::yoh"],"tags":["36c3","10796","2019","Security","Main"],"view_count":3113,"promoted":false,"date":"2019-12-27T14:10:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-31T00:30:05.810+02:00","length":2788,"duration":2788,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10796-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10796-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10796-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10796-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10796-it_s_not_safe_on_the_streets_especially_for_your_3ds","url":"https://api.media.ccc.de/public/events/584c5682-c1a6-4149-9572-04e44cf44645","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"fd76380b-0ee4-407a-8452-de93525c4342","title":"The sustainability of safety, security and privacy","subtitle":null,"slug":"36c3-10924-the_sustainability_of_safety_security_and_privacy","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10924.html","description":"What sort of tools and methodologies should you use to write software for a car that will go on sale in 2023, if you have to support security patches and safety upgrades till 2043?\n\nNow that we’re putting software and network connections into cars and medical devices, we’ll have to patch vulnerabilities, as we do with phones. But we can't let vendors stop patching them after three years, as they do with phones. So in May, the EU passed Directive 2019/771 on the sale of goods. This gives consumers the right to software updates for goods with digital elements, for the time period the consumer might reasonably expect.  In this talk I'll describe the background, including a study we did for the European Commission in 2016, and the likely future effects. As sustainable safety, security and privacy become a legal mandate, this will create real tension with existing business models and supply chains. It will also pose a grand challenge for computer scientists.","original_language":"eng","persons":["Ross Anderson"],"tags":["36c3","10924","2019","Security","Main"],"view_count":7343,"promoted":false,"date":"2019-12-28T19:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-18T03:15:03.555+01:00","length":2631,"duration":2631,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10924-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10924-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10924-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10924-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10924-the_sustainability_of_safety_security_and_privacy","url":"https://api.media.ccc.de/public/events/fd76380b-0ee4-407a-8452-de93525c4342","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"4d3166b6-77ec-47b2-b70f-d7f656ea9427","title":"Don't Ruck Us Too Hard - Owning Ruckus AP Devices","subtitle":"3 different RCE vulnerabilities on Ruckus Wireless access points devices.","slug":"36c3-10816-don_t_ruck_us_too_hard_-_owning_ruckus_ap_devices","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10816.html","description":"Ruckus Networks is a company selling wired and wireless networking equipment and software. This talk presents vulnerability research conducted on Ruckus access points and WiFi controllers, which resulted in 3 different pre-authentication remote code execution. Exploitation used various vulnerabilities such as information leak, authentication bypass, command injection, path traversal, stack overflow, and arbitrary file read/write. Throughout the research, 33 different access points firmware examined, and all of them were found vulnerable. This talk also introduces and shares the framework used in this research. That includes a Ghidra script and a dockerized QEMU full system emulation for easy cross-architecture research setup.\nHere's a fun fact: BlackHat USA 2019 used Ruckus Networks access points.\n\nPresentation Outline: \nThis talk demonstrates 3 remote code executions and the techniques used to find and exploit them.\nIt overviews Ruckus equipment and their attack surfaces. Explain the firmware analysis and emulation prosses using our dockerized QEMU full system framework. \n-Demonstrate the first RCE and its specifics. Describe the webserver logic using Ghidra decompiler and its scripting environment. \n-Demonstrate the second RCE using stack overflow vulnerability.\n-Lastly, demonstrate the third RCE by using a vulnerability chaining technique.\nAll Tools used in this research will be published. ","original_language":"eng","persons":["Gal Zror"],"tags":["36c3","10816","2019","Security","Main"],"view_count":910,"promoted":false,"date":"2019-12-28T23:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2025-12-03T04:00:01.872+01:00","length":2919,"duration":2919,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10816-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10816-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10816-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10816-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10816-don_t_ruck_us_too_hard_-_owning_ruckus_ap_devices","url":"https://api.media.ccc.de/public/events/4d3166b6-77ec-47b2-b70f-d7f656ea9427","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"98591fc6-852a-5251-bba5-12436614c1f3","title":"Exploring and empowering participatory culture communities with the use of online ethnography platform","subtitle":null,"slug":"36c3-oio-159-exploring-and-empowering-participatory-culture-communities-with-the-use-of-online-ethnography-platform","link":"https://talks.oio.social/36c3-oio/talk/BJQTYA/","description":"We explore the potential of scalable online ethnography to study the rapidly growing phenomenon of participatory culture communities and discuss the potential benefits and challenges of using an online platform in hacker communities. The presentation shares views, with a demo, on how to build participatory online communities from a pilot that focused on the global Burning Man community.\n\nThe talk is grounded on the collaboration of two high-impact research projects, Burning Stories and Edgeryders. Firstly the aim of Burning Stories, by combining science and arts, is to study the global Burning Man community and seek to explain the processes through which community membership of Burning Man participants evolves across time and space, and how this, in turn, affects the society. By combining the Burning Stories research project with an online ethnography tool from Edgeryders, who use it for multiple Horizon 2020 funded project, the talk aims to present novel ways of disrupting the traditional ways of conducting ethnography in order to understand the emergence of a new cultural phenomenon and apply new, participatory methodology, in order to advance social sciences and community building. The presentation particularly focuses on lessons learnt from these two research projects and with the combination of the projects, explores the potential future use of the co-creative templates for hacker communities.","original_language":"eng","persons":["Jukka-Pekka Heikkilä"],"tags":["36c3-oio","159","2019","Ethics, Society \u0026 Politics","OpenInfrastructureOrbit"],"view_count":191,"promoted":false,"date":"2019-12-28T13:45:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-04-12T21:30:02.900+02:00","length":1566,"duration":1566,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/159-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/159-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/159-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/159-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-159-exploring-and-empowering-participatory-culture-communities-with-the-use-of-online-ethnography-platform","url":"https://api.media.ccc.de/public/events/98591fc6-852a-5251-bba5-12436614c1f3","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"47606612-c3c3-4a07-a2f5-fee3c83a6ddb","title":"No roborders, no nation, or: smile for a European surveillance propagation","subtitle":"How an agency implements Fortress Europe by degrading Non-Europeans to second-rate people","slug":"36c3-10994-no_roborders_no_nation_or_smile_for_a_european_surveillance_propagation","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10994.html","description":"Robots, Satellites and biometrical traps - more than a Billion Euro will be spent in 2021 for what they call \"Border Security.\" The European Border and Coastguard, formerly Frontex, dreams of a fully automomus border surveillance system.\n\nAs a humanitarian \u0026 human rights organisation involved in sea rescue, we recognise however that the shift towards new technologies correlates with a shift away from basic human rights standards. The robots, satellites \u0026 co. are not used to make society safer \u0026 life easier but to spy on us and to deport people to torture in Libya.\n\nAt Sea-Watch e.V. we are involved in a non-profit initiative dedicated to the civilian rescue of refugees at sea. In view of the humanitarian disaster on the Mediterranean Sea-Watch provides emergency aid, demands and forces at the same time the rescue by the responsible European institutions and stands publicly for legal escape routes and open borders. We are politically and religiously independent and finance ourselves exclusively through donations.\n\nAt sea, we formerly cooperated with Frontex ships in rescues when they were still involved in live saving operations. Now we regularly observe them actually being involved in illegal refoulements, especially with our surveillance aircraft Moonbird.\n\nFrontex was formerly an agency that advised governments on border control and did risk assessments on border crossings, it had basically a coordinating role within the European framework. They were called \"European Agency for the Management of Operational Cooperation at the External Borders\". In 2016, during the so-called refugee crisis, the European Commission proposed to strengthen them and they became the European Border and Coast Guard Agency.\n\nFrontex is working and developing satellite observation, the development of drone capabilities and other surveillance technologies like IMSI-Catchers with the help of European universities and companies like EADS and esri. All this happens right now without a lot of public or transparency from the site of the agency. While they provide national authorities with equipment and justify their yearly growing budget with out border security there are no sources to measure the effectivity of their methods.\n\nWhile they present themselves as the friendly boarderguard next door it has evolved into an engency which is developing capabilities in all kinds of surveillance technologies with pilot projects which sound like they are taken out of a science fiction movie:\n\nSMILE\n\"SMILE proposes a novel mobility concept, using privacy by design principles, that will enable low cost secure exchange and processing of biometric data, addressing in parallel the aforementioned challenges by designing, implementing and evaluating in relevant environments (TRL6) prototype management architecture, for the accurate verification, automated control, monitoring and optimization of people’ flows at Land Border Infrastructures.\"\n    \nRoborder\n\"ROBORDER aims at developing and demonstrating a fully-functional autonomous border surveillance system with unmanned mobile robots including aerial, water surface, underwater and ground vehicles, capable of functioning both as standalone and in swarms, which will incorporate multimodal sensors as part of an interoperable network.\"\nhttp://btn.frontex.europa.eu/projects/external/roborder    \n    \niBorderCtrl\n\"iBorderCtrl envisages to enable faster thorough border control for third country nationals crossing the borders of EU, with technologies that adopt the future development of the Schengen Border Management.\nThe project will present an optimal mixture of an enhanced, voluntary form of a Registered Traveller Programme and an auxiliary solution for the Entry/Exit System based on involving bona fide travellers\"\nhttp://btn.frontex.europa.eu/projects/external/iborderctrl\n\nWhile the people in charge do not manage to organize a proper search- and rescue program, Europe is setting up and spending more and more on a massive surveillance agency for border protection which has a big focus in surveillance and \"protecting\" the European external borders while no one ever evaluated the effectivity of this massive border militarization.","original_language":"eng","persons":["alina","niczem"],"tags":["36c3","10994","2019","Ethics, Society \u0026 Politics","Main"],"view_count":834,"promoted":false,"date":"2019-12-28T18:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-02-02T11:30:11.652+01:00","length":2413,"duration":2413,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10994-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10994-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10994-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10994-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10994-no_roborders_no_nation_or_smile_for_a_european_surveillance_propagation","url":"https://api.media.ccc.de/public/events/47606612-c3c3-4a07-a2f5-fee3c83a6ddb","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"ee8463d4-e930-445e-ab84-0bd02e777e5b","title":"Mensch - Kunst – Maschine","subtitle":"Mit künstlicher Intelligenz zu neuer Kunst zum kybernetischen Verstand","slug":"36c3-10704-mensch_-_kunst_maschine","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10704.html","description":"Kann künstliche Intelligenz Kunst erzeugen? \nKönnen Menschen von künstlich intelligenten Systemen erzeugte Kunst verstehen? Ist Kunst ein Weg zu neuen Stufen eines kybernetischen Verstandes? \nDer Stand der KI-Kunst ist keine Kunst oder keine KI.\nAber wir werden mit unserer menschlichen Eitelkeit konfrontiert werden, nicht die Einzigen zu sein, die schöpferisch und auch künstlerische Relevanz in Betrachtern auslösen. Dies liegt mitunter an unseren bisherigen Kunstbegriffen und -verständnissen, die oftmals mit Intentionalität assoziiert sind.\nEliza: Warum?\nSimon Hegelich widmen sich diesen Fragen und zeigt eigene (?) Werke (Videos, Bilder, Gedichte), die mit KI erzeugt wurden, wobei er seine großen Leidenschaften;- Kunst, maschinelles Lernen, Hegelsche Dialektik, Science Fiction, Kybernetik und Transhumanismus- der Erweiterung durch Diskurs unterzieht.\n\nKünstlich intelligente Systeme werden seit den 70er Jahren zunehmend  in künstlerischen Schaffensprozesse einbezogen. Ob Computer auch autonom Kunst generieren können, ist keine Frage der Leistungsfähigkeit solcher Systeme, es wirft vielmehr die Frage auf, inwieweit tradierte Kunstbegriffe neu gedacht werden können. Die Beschäftigung mit KI und Kunst birgt im Vergleich zu laufenden KI-Debatten eine Reihe zusätzlicher Denkfreiheitsgrade: Sie ist erfahrbar! Gerade weil Kunst als Konzept schwierig zu fassen ist, uns gleichzeitig Künstlerisches inspiriert, zum Spekulieren, Träumen und Empfinden anregt, lässt sich vor diesem Hintergrund ganz anders über KIs und ihre Potentiale diskutieren. Unter Einbezug des technischen Standes derzeitiger Deep Learning Systeme und der eigenen künstlerischen Erfahrung werden diese Potentiale aufgefächert.\nWir stellen den Diskurs um Grundfragen zum Verhältnis Mensch-KI-Kunst neue Fragen diametral gegenüber: \nKann künstliche Intelligenz Kunst erzeugen?\nWie können wir Kunst von künstlich intelligenten Systemen verstehen?\nKann Kunst KI erzeugen und versteht das noch jemand?\n\nSimon Hegelich (KI-Entwickler, Philosoph, Professor für Political Data Science, Videoartist und Synthinerd) widmet sich diesen Fragen in eine Präsentation und schmeißt seine großen Leidenschaften zusammen: Kunst, maschinelles Lernen, Hegelsche Dialektik, Science Fiction, Kybernetik und Transhumanismus. Es könnte explosiv werden.","original_language":"deu","persons":["Simon Hegelich"],"tags":["36c3","10704","2019","Art \u0026 Culture","Main"],"view_count":1051,"promoted":false,"date":"2019-12-29T16:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-11T10:00:11.462+01:00","length":3754,"duration":3754,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10704-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10704-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10704-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10704-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10704-mensch_-_kunst_maschine","url":"https://api.media.ccc.de/public/events/ee8463d4-e930-445e-ab84-0bd02e777e5b","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"325622ae-8785-47f3-81f5-fe62db3209e7","title":"Wandel im Braunkohlerevier: Lithium-Ionen-Batterierecycling","subtitle":"Eine industrielle Perspektive für die Lausitz?","slug":"36c3-10666-wandel_im_braunkohlerevier_lithium-ionen-batterierecycling","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10666.html","description":"Weltweit verlaufen die Entwicklungstrends des Markthochlaufs der Elektromobilität und die Weiterentwicklung relevanter Batteriefertigungs- und Recyclingtechnologien hoch dynamisch. Maßgebliche Faktoren für die Entstehung eines industriellen Batterierecycling-Marktes nehmen dabei erst langsam Gestalt an, der regulatorische Rahmen ist noch modellierbar. Zugleich ist der Technologiepfad Elektromobilität als eingeschlagen zu begreifen - die Notwendigkeit einer Verkehrswende zur Reduzierung des CO2-Ausstoßes begründet Umbrüche in der Automobilbranche, die mittelfristig zu steigenden Verkehrsanteilen von Fahrzeugen mit rein elektrischem oder hybridem Antrieb an den PKW-Neuzulassungen führen werden. Damit steigt der Bedarf an geeigneten Traktionsbatterien und die Nachfrage nach den zu ihrer Herstellung erforderlichen, endlichen Rohstoffen.\n\nIm Energiesektor stellt der Beschluss zum Kohleausstieg 2038 eine Zäsur dar:  Mit der Zielstellung, die Lausitz – bislang Braunkohlerevier -  als Energieregion zu erhalten und die Angleichung der Lebensverhältnisse in der strukturschwachen Region zu schaffen, gehen wir der Frage nach, ob durch die Errichtung einer Recyclingstrecke für Traktionsbatterien der Elektro-Mobilität ein Beitrag zur Gestaltung einer „Energieregion der Zukunft“ geleistet werden kann. Dies einerseits im Hinblick auf die Schaffung von Beschäftigung, um die im Kontext des Braunkohleausstiegs drohenden Verluste von Industriearbeitsplätzen zu kompensieren. Andererseits unter Maßgabe der Etablierung einer nachhaltigen, regional verankerten Kreislaufwirtschaft.\n\n\nUm nachhaltige Entwicklungschancen für die Lausitz im Zuge des Aufschwungs der Elektro-Mobilität abzuleiten, werden \n•\tdie endogenen Potentiale der Region analysiert, \n•\tdas zukünftige Altbatterie-Aufkommen und der technologische Entwicklungsstand des Li-Io-Batterierecycling aufgezeigt sowie\n•\tdie regulatorischen Rahmenbedingungen auf den Prüfstand gestellt.\nWir zeigen die offenen Flanken der Lithium-Ionen-„Batterierevolution“ auf, indem wir auch ihre Risiken diskutieren: Das Recycling der Lithium-Ionen-Batterien stellt sich demnach zukünftig als dringliche Notwendigkeit dar, denn  \n\n•\tdie zu ihrer Herstellung erforderlichen Rohstoffe sind endlich, \n•\tsie werden zum Teil unter Menschen unwürdigen Arbeitsbedingungen und mit erheblichen ökologischen Folgeschäden abgebaut,    \n•\tes ist eine sichere und verantwortungsvolle Entsorgung bzw. Wiederverwertung der Batterien, die hochgiftige Substanzen enthalten, zu gewährleisten.\n\nSchließlich werden Handlungsempfehlungen für ein integriertes Entwicklungskonzept formuliert, die auf die Etablierung einer Kreislaufwirtschaft und Bottom-up Partizipation der Bevölkerung abstellen. Sie vermitteln Ideen, wie sich die Ansiedlung einer Zukunftstechnologie – wie des industriellen Batterierecycling - in „Regionen mit hohen Zukunftsrisiken“ unterstützen lässt und wie sich Strukturwandel so gestalten lässt, dass ökologische und soziale nicht gegen ökonomische Interessen ausgespielt werden.\n","original_language":"deu","persons":["Katrin Nicke"],"tags":["36c3","10666","2019","Science","Main"],"view_count":1763,"promoted":false,"date":"2019-12-30T15:10:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-11-29T00:15:11.696+01:00","length":2476,"duration":2476,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10666-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10666-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10666-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10666-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10666-wandel_im_braunkohlerevier_lithium-ionen-batterierecycling","url":"https://api.media.ccc.de/public/events/325622ae-8785-47f3-81f5-fe62db3209e7","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"3d0170ed-e233-545f-87f7-f50d126ddbe6","title":"Reading politics of the supposedly neutral","subtitle":null,"slug":"36c3-94-reading-politics-of-the-supposedly-neutral","link":"https://cfp.verschwoerhaus.de/36c3/talk/TNSGB8/","description":"Algorithms bear the image of their makers, and toil like their servants.  Technology of any sort cannot be neutral, as it is embedded in a social matrix of why it was created and what work it performs.  An algorithm, its context, and what it lacks should be understood as a political statement carrying great consequences, and as a society we should respond to each as needed, engaging the purveyors of these algorithms on a political level as well as legal and economic.\n\nThree algorithmic systems are revealed to embody various class interests.  First, a population ecology modeled simply by a pair of predator-prey equations leads one to conclude that socialist revolution and compulsory leisure are the only routes to avoiding civilizational collapse.  Second, a formula for labor supply reduces us to lazy drones who work as little as possible to support our choice of lifestyle.  Finally, advertising on Wikipedia could yield a multi-billion-dollar fortune—shall we put it up for sale or double-down on radical equality among all people?\n\n(1) The [Human and Nature Dynamics](https://www.sciencedirect.com/science/article/pii/S0921800914000615) (HANDY) model is the first to pair environmental resource consumption with class conflict, each as a predator-prey cycle.  In one cycle we overrun and out-eat the other species on Earth, who grow back slowly, and in the other cycle elites out-compete commoners in their consumption, to the point of even causing commoners to die of hunger.  One can say that socialist revolution is embedded in a statement like this.  Indeed, something must be done about the growing power of over-consuming elites before they doom us all.  I will give a tour using this [interactive explorer](https://adamwight.github.io/handy-explorer/).\n\n(2) A second example is a run-of-the-mill, capitalist formula for labor supply, to explain our collective decision to go to work in the morning.  Loosely, it is to`optimize(Consumption, hours worked)` for the constraint `Consumption ≤ wage x hours + entitlement`.  In other words, this formula assumes we are lazy, greedy, individual agents, each motivated only by obtaining the greatest comfort for the least labor.  The worker who internalizes this formula will fight for fewer hours of work and higher wages for themself, will find shortcuts to spend less money to increase purchasing power, and in this idealized world can be expected to vote in favor of social democratic minimum incomes.  A company following this formula, on the other hand, will fight against all of these worker gains, and will act to depress government welfare or minimum incomes until workers are on the edge of starvation in order to squeeze longer hours out of them.  What's missing from this formula is, all the ways out of the trap.  Mutual aid and connections among ourselves to protect the most vulnerable individuals, pooling resources, and any other motivation to work besides mortal fear and hedonism.—One can easily imagine a radically different paradigm for work, in which labor is dignified and fulfilling.  To understand this world in formulas, labor supply is measured in education levels, self-direction, and other positive feedback loops which raise productivity.\n\n(3) Wikipedia and its sister projects have never worn the shackles of paid advertising, although they sit on a potential fountain of revenue in the tens of billions of dollars per year—not to mention the value of the influence over public opinion that such a propaganda machine might achieve.  `Revenue = Ads per visit x Visits`  Analyzed venally, Wikipedia becomes an appealing portfolio acquisition, which would jeopardize the entire free-open movement.  From a different perspective, that of an organizer in an editor’s association, slicing pageview and (non)-advertising data might allow for more effective resource-sharing among the many chapter organizations.  In a third analysis using a flow of labor, power, and funds, we can see the Wikimedia Foundation as engaged in illegitimate expropriation, turning editors into sharecroppers and suppressing decentralized growth.  These twists all come about through variations on an equation.  Which shall we choose?","original_language":"eng","persons":["Adam Wight"],"tags":["36c3-wikipakawg","94","2019","Ethics, Society \u0026 Politics","WikiPakaWG"],"view_count":547,"promoted":false,"date":"2019-12-27T19:30:00.000+01:00","release_date":"2020-01-15T01:00:00.000+01:00","updated_at":"2025-02-10T20:45:05.912+01:00","length":1307,"duration":1307,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/94-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/94-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/94-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/94-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-94-reading-politics-of-the-supposedly-neutral","url":"https://api.media.ccc.de/public/events/3d0170ed-e233-545f-87f7-f50d126ddbe6","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"37638658-f5e8-4eb2-8248-b601d0c6b35b","title":"36C3 Infrastructure Review","subtitle":null,"slug":"36c3-11235-36c3_infrastructure_review","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11235.html","description":"36C3 is run by teams of volunteers. In this event, they will provide some insight into the challenges they faced while building the GSM, DECT and IP networks, running video streams, or organizing ticket sales. All graphs will be pointing up and to the right.","original_language":"eng","persons":["Leon"],"tags":["36c3","11235","2019","CCC","Main"],"view_count":7846,"promoted":false,"date":"2019-12-30T16:10:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-04-02T22:30:05.563+02:00","length":3502,"duration":3502,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11235-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11235-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11235-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11235-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11235-36c3_infrastructure_review","url":"https://api.media.ccc.de/public/events/37638658-f5e8-4eb2-8248-b601d0c6b35b","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"8fb9096f-bcb7-5d8b-833c-4a275bee17b3","title":"Don't trust your vendors - $ecurity can't be bought","subtitle":null,"slug":"36c3-117-don-t-trust-your-vendors-ecurity-can-t-be-bought","link":"https://fahrplan.chaos-west.de/36c3/talk/XEUGGK/","description":"The comprehensive, seamless, real-time, IoT capable, AI Intelligence Next-Gen Sandbox Platform Cyber Security Solution with Blockchain, Big Data and Deep learning. Nowadays tons of security buzzwords like these are used to sell products into corporate environments. \n\nAll this technologies have something in common: They probably cost a fortune and unfortunately often ending up as \"shelfware\". Or nobody is understanding them anymore. Resulting in high expenses, but no improvement of security because of misconfiguration or lack of interest.\n\nThis is not a talk against security solution vendors - It is talk about promoting to keep an eye on the fundamentals. Ideas and hints provided here are not only the base layer of defense, but also low-cost, low-technology and heck effective against the majority of threats. The talk is not about security management, but will include suggestion how to organize a security team.\n\nThis is a foundation talk for the many of our ordinary companies running Active Directory/Windows and mostly on-prem infrastructure. The ones which security requirements are not military or high-technology. And it is exactly these companies which are often victims of shotgun approach attacks. It is a talk for SMEs and for companies who simply want to improve their security defense, do their fundamentals and not break the bank for it. \n\nCut the bullshit bingo, let's start improving security defense in an ordinary company. Low-cost, low-technology and heck effective against the majority of threats.\nThis is a security defense \u0026 security foundation talk.","original_language":"eng","persons":["marides"],"tags":["36c3-chaoswest","117","2019","All about computers","ChaosWest"],"view_count":801,"promoted":false,"date":"2019-12-28T13:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-09-11T12:15:04.121+02:00","length":1235,"duration":1235,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/117-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/117-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/117-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/117-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-117-don-t-trust-your-vendors-ecurity-can-t-be-bought","url":"https://api.media.ccc.de/public/events/8fb9096f-bcb7-5d8b-833c-4a275bee17b3","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"18a492b2-6219-5b95-a48d-b03944b75739","title":"Delta Chat: e-mail based messaging, the Rustocalypse and UX driven approach [YBTI/wefixthenet session]","subtitle":null,"slug":"36c3-oio-154-delta-chat-e-mail-based-messaging-the-rustocalypse-and-ux-driven-approach-ybti-wefixthenet-session-","link":"https://talks.oio.social/36c3-oio/talk/WSLWVM/","description":"Delta Chat is an e-mail instant messenger that is just becoming available on all platforms. \nUnlike other offerings, Delta Chat is no platform and operates no own servers. \nInstead it uses existing SMTP/IMAP servers to send and receive messages.\nWe'll talk about the current development status on all platforms, our new \nRust-core based approach, our decentralized e2e-encryption facilities (not requiring \nkeyservers, and safe against active attacks) and how we are generally driving\ndevelopments from UX and security perspectives.  We also aim to showcase\n\"burner accounts\", a new concept that we are developing and discussing\nwith activists in eastern european countries and asian cities.","original_language":"eng","persons":["dvn"],"tags":["36c3-oio","154","2019","Resilience \u0026 Sustainability","OpenInfrastructureOrbit"],"view_count":857,"promoted":false,"date":"2019-12-29T17:40:00.000+01:00","release_date":"2020-01-02T01:00:00.000+01:00","updated_at":"2026-02-24T13:45:06.200+01:00","length":2016,"duration":2016,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/154-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/154-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/154-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/154-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-154-delta-chat-e-mail-based-messaging-the-rustocalypse-and-ux-driven-approach-ybti-wefixthenet-session-","url":"https://api.media.ccc.de/public/events/18a492b2-6219-5b95-a48d-b03944b75739","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"d3bf066e-5bac-568c-ab7b-b5a282813cc7","title":"Grundlagen Urheberrecht - Schwerpunkt CC-Lizenzen","subtitle":null,"slug":"36c3-71-grundlagen-urheberrecht-schwerpunkt-cc-lizenzen","link":"https://cfp.verschwoerhaus.de/36c3/talk/3VX9J3/","description":"Grundlagenwissen zum Urheberrecht\n\nCC-Lizenzen und das Urheberrecht.\nKurze Einführung wie CC-Lizenzen im Urheberrecht verankert sind.","original_language":"deu","persons":["John"],"tags":["36c3-wikipakawg","71","2019","Ethics, Society \u0026 Politics","WikiPakaWG"],"view_count":325,"promoted":false,"date":"2019-12-28T17:00:00.000+01:00","release_date":"2020-01-22T00:00:00.000+01:00","updated_at":"2026-02-24T20:15:06.589+01:00","length":3352,"duration":3352,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/71-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/71-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/71-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/71-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-71-grundlagen-urheberrecht-schwerpunkt-cc-lizenzen","url":"https://api.media.ccc.de/public/events/d3bf066e-5bac-568c-ab7b-b5a282813cc7","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"5f38b716-e18c-44a3-b9fd-8f3eb593605c","title":"SIM card technology from A-Z","subtitle":null,"slug":"36c3-10737-sim_card_technology_from_a-z","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10737.html","description":"Billions of subscribers use SIM cards in their phones. Yet, outside a relatively small circle, information about SIM card technology is not widely known. This talk aims to be an in-depth technical overview.\n\n\u003cp\u003eToday, billions of subscribers use SIM cards in their phones. Yet, outside a relatively small circle, information about SIM card technology is not widely known. If at all, people know that once upon a time, they were storing phone books on SIM cards.\u003c/p\u003e\n\u003cp\u003eEvery so often there are some IT security news about SIM card\nvulnerabilities, and SIM card based attacks on subscribers.\u003c/p\u003e\n\u003cp\u003eLet's have a look at SIM card technology during the past almost 30 years and cover topics like\n\u003cul\u003e\n\u003cli\u003eQuick intro to ISO7816 smart cards\u003c/li\u003e\n\u003cli\u003eSIM card hardware, operating system, applications\u003c/li\u003e\n\u003cli\u003eSIM card related specification bodies, industry, processes\u003c/li\u003e\n\u003cli\u003efrom SIM to UICC, USIM, ISIM and more\u003c/li\u003e\n\u003cli\u003eSIM toolkit, proactive SIM\u003c/li\u003e\n\u003cli\u003eeSIM\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/p\u003e","original_language":"eng","persons":["LaForge"],"tags":["36c3","10737","2019","Hardware \u0026 Making","Main"],"view_count":24786,"promoted":false,"date":"2019-12-27T23:30:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-04-01T18:30:05.103+02:00","length":3802,"duration":3802,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10737-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10737-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10737-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10737-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10737-sim_card_technology_from_a-z","url":"https://api.media.ccc.de/public/events/5f38b716-e18c-44a3-b9fd-8f3eb593605c","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"110bffee-288c-48df-948f-05cdca65b2b5","title":"Extinction Rebellion ","subtitle":"Jahresrückblick 2019","slug":"36c3-10738-extinction_rebellion","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10738.html","description":"Extinction Rebellion (XR) ist eine global agierende, schnell wachsende, klimaaktivistische Graswurzel-Bewegung, die mit gewaltfreien Aktionen zivilen Ungehorsams auf die drohende Klimakatastrophe hinweist und Regierungen zum Handeln bewegen will. Die Ortsgruppe Berlin präsentiert in einer Art Jahresrückblick eine Auswahl an aktuellen Aktionen und stellt vor, wo wir als Bewegung gerade stehen, was wir bislang erreicht haben und was weiterhin gebraucht wird, um ein dringend notwendiges politisches Umsteuern einzuleiten. Let's act now.\n\nExtinction Rebellion (XR) hat ein turbulentes erstes Jahr hinter sich. Im letzten Herbst wurden in London die fünf wichtigsten Brücken über die Themse besetzt und die drohende Klimakatastrophe begann – endlich! – ins öffentliche Bewusstsein zu rücken. In diesem Herbst gab es koordinierte Aktionen und Blockaden mit Zehntausenden Teilnehmer:innen bereits in über 60 Metropolen auf der ganzen Welt. Über zweitausend Menschen sind dabei verhaftetet worden.\n\nKlimapolitisch hat sich dennoch so gut wie nichts getan. Während Regierungen entweder regungslos verharren oder aber den Klimanotstand ausrufen und zugleich neue Infrastruktur für fossile Brennstoffe bewilligen, arbeitet die Leugner:innenmaschinerie auf Hochtouren und bemüht sich um die Konstruktion alternativer Fakten. \n\nGleichzeitig erleben wir immer wieder, dass unsere wissenschaftlichen Prognosen nicht stimmen und sich der Klimawandel in seinem Verlauf schneller und heftiger vollzieht als vorhergesagt. Hitzewellen, Waldbrände, Dürren, Ernteausfälle, Wasserknappheit sind nicht mehr zu ignorieren.\n\nEs ist daher unumgänglich, den politischen Druck zu erhöhen, indem mehr Aktionen an mehr Orten mit noch viel mehr Menschen und auf vielen verschiedenen Ebenen durchgeführt werden. XR kann jede Art von Unterstützung gut gebrauchen – egal ob es um Nachhilfe in puncto Privacy geht, um Operational Security, um Soft- und Hardware oder um eigenständigen Hacktivismus. Wichtig ist nur: Wir müssen uns jetzt aufraffen, zusammentun und aktiv werden. The time is now.","original_language":"deu","persons":["Maria","Lu Yen Roloff","sina"],"tags":["36c3","10738","2019","Ethics, Society \u0026 Politics","Main"],"view_count":3209,"promoted":false,"date":"2019-12-28T17:10:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-01T23:30:08.913+01:00","length":2473,"duration":2473,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10738-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10738-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10738-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10738-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10738-extinction_rebellion","url":"https://api.media.ccc.de/public/events/110bffee-288c-48df-948f-05cdca65b2b5","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"4cdbb51b-59ac-418b-be8e-b40b9d7df872","title":"Cryptography demystified","subtitle":"An introduction without maths","slug":"36c3-10627-cryptography_demystified","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10627.html","description":"This talk will explain the basic building blocks of cryptography in a manner that will (hopefully) be understandable by everyone. The talk will not require any understanding of maths or computer science.\nIn particular, the talk will explain encryption, what it is and what it does, what it is \u003cem\u003enot\u003c/em\u003e and what it \u003cem\u003edoesn't\u003c/em\u003e do, and what other tools cryptography can offer.\n\nThis talk will explain the basic building blocks of cryptography in a manner that will (hopefully) be understandable by everyone, in particular by a non-technical audience. The talk will not require any understanding of maths or computer science.\nThis talk will cover the following topics:\n\u003cul\u003e\n  \u003cli\u003eWhat is encryption and what does it do?\u003c/li\u003e\n  \u003cli\u003eWhat are the different kinds of encryption?\u003c/li\u003e\n  \u003cli\u003eWhat is authenticity? Are authenticity and encryption related?\u003c/li\u003e\n  \u003cli\u003eHow can authenticity be achieved?\u003c/li\u003e\n  \u003cli\u003eWhat are certificates for?\u003c/li\u003e\n  \u003cli\u003eWhat is TLS and what does it do?\u003c/li\u003e\n\u003c/ul\u003e\nWhile covering the above topcis, I will \u003cem\u003enot\u003c/em\u003e explain the technical details of common cryptographic schemes (like RSA, AES, HMAC and so on), in order to avoid keep this talk accessible to a broad audience.","original_language":"eng","persons":["oots"],"tags":["36c3","10627","2019","Security","Main"],"view_count":3383,"promoted":false,"date":"2019-12-29T14:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-23T12:00:07.614+01:00","length":3204,"duration":3204,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10627-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10627-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10627-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10627-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10627-cryptography_demystified","url":"https://api.media.ccc.de/public/events/4cdbb51b-59ac-418b-be8e-b40b9d7df872","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"dd49cd68-a630-5565-8e82-e397d89f900d","title":"DevelopersForFuture","subtitle":null,"slug":"36c3-140-developersforfuture","link":"https://fahrplan.chaos-west.de/36c3/talk/YDMJLP/","description":"### Code für den Aktivismus\n\nAls wir im Frühjahr diese Gruppe gegründet haben, konnten wir nicht ahnen, dass wir derart viele Anfragen zu bearbeiten geben könnte. Von Wissenschaftlern bis Förstern – jeder mit anderen Bedürfnissen. Dazu stehen wir in engem Kontakt mit den Entwicklern der diversen Friday For Future Projekte, sodass wir hier inzwischen auch als fester Bestandteil der Bewegung gelten\n\nDurch die Fülle an Organisationen und kleinen Projekten, können fast auf ein Jahr Coding zurückblicken. An diesen Beispielen möchte ich euch teilhaben lassen und so auch das Projekt Developers For Future vorstellen und es vor allem in den Kontext der Klima-Protest-Bewegung einordnen. Es geht los bei einem kleinen Einschreibeformular und endet bei ganzen Applikationen, die dabei helfen sollen die Anliegen der Bewegung zu transportiern.","original_language":"deu","persons":["Maximilian Berghoff"],"tags":["36c3-chaoswest","140","2019","Klimakatastrophe","ChaosWest"],"view_count":457,"promoted":false,"date":"2019-12-28T18:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2024-04-26T22:15:05.257+02:00","length":1491,"duration":1491,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/140-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/140-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/140-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/140-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-140-developersforfuture","url":"https://api.media.ccc.de/public/events/dd49cd68-a630-5565-8e82-e397d89f900d","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"88a7a303-c577-4a7b-80eb-c96e344c1db2","title":"A systematic evaluation of OpenBSD's mitigations","subtitle":null,"slug":"36c3-10519-a_systematic_evaluation_of_openbsd_s_mitigations","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10519.html","description":"OpenBSD markets itself as a secure operating system, but doesn't provide much evidences to back this claim. The goal of this talk is to evaluate how effective OpenBSD's security mitigation are, in a systematic, rational and comprehensive way.\n\n\u003ca href=\"https://openbsd.org\"\u003eOpenBSD's website\u003c/a\u003e advertises a secure and modern operating system, with cool and modern mitigations. But no rational analysis is provided: are those mitigations effective? what are their impacts on performances, inspectability and complexity? against what are they supposed to defend? how easy are they to bypass? where they invented by OpenBSD or by others? is OpenBSD's reputation warranted?\n\nThis talk aims at answering all those questions, for all OpenBSD's mitigations, because, in the words of \u003ca href=\"https://twitter.com/ryiron/status/1150924668020203521\"\u003eRyan Mallon\u003c/a\u003e:\n\n\u003cquote\u003eThreat modelling rule of thumb: if you don’t explain exactly what you are securing against and how you secure against it, the answers can be assumed to be: “bears” and “not very well”.\u003c/quote\u003e\n\nFor example, OpenBSD added last year a \u003ca href=\"https://man.openbsd.org/mmap.2#MAP_STACK\"\u003eMAP_STACK\u003c/a\u003e flag to its \u003ccode\u003emmap\u003c/code\u003e function, and branded it as a security measure against \"ROPchains\". But this mitigation used to be part of Windows until 2012, and was removed because of at least generic public bypasses. It's also implemented on Linux since 2008, but for other reasons :)\n\nAll the research done for this talk is available on \u003ca href=\"https://isopenbsdsecu.re\"\u003eisopenbsdsecu.re\u003c/a\u003e","original_language":"eng","persons":["stein"],"tags":["36c3","10519","2019","Security","Main"],"view_count":10080,"promoted":false,"date":"2019-12-29T11:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-04-04T11:30:05.237+02:00","length":3181,"duration":3181,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10519-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10519-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10519-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10519-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10519-a_systematic_evaluation_of_openbsd_s_mitigations","url":"https://api.media.ccc.de/public/events/88a7a303-c577-4a7b-80eb-c96e344c1db2","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"47f6e51b-54ca-4c72-844f-ffd0f979279a","title":"Boeing 737MAX: Automated Crashes","subtitle":"Underestimating the dangers of designing a protection system","slug":"36c3-10961-boeing_737max_automated_crashes","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10961.html","description":"Everybody knows about the Boeing 737 MAX crashes and the type's continued grounding. I will try to give some technical background information on the causes of the crash, technical, sociological and organisational, covering pilot proficiency, botched maintenance, system design and risk assessment, as well as a deeply flawed certification processes.\n\nOn the surface of it, the accidents to two aircraft of the same type (Boeing 737 MAX), which eventually led to the suspension of airworthiness of the type, was caused by faulty data from one of the angle-of-attack sensors. This in turn led to automatic nose-down trim movements, which could not be countered effectively by the flight crew. Eventually, in both cases, the aircraft became uncontrollable and entered a steep accelerated dive into terrain, killing all people on board on impact.\n\nIn the course of the investigation, a new type of flight assistance system known as the Maneuvering Characteristics Augmentation System (MCAS) came to light. It was intended to bring the flight characteristics of the latest (and fourth) generation of Boeing's best-selling 737 airliner, the \"MAX\", in line with certification criteria. The issue that the system was designed to address was relatively mild. A little software routine was added to an existing computer to add nose-down trim in situations of higher angles of attack, to counteract the nose-up aerodynamic moment of the new, much larger, and forward-mounted engine nacelles.\n\nApparently the risk assessment for this system was not commensurate with its possible effects on aircraft behaviour and subsequently a very odd (to a safety engineer's eyes) system design was chosen, using a single non-redundant sensor input to initiate movement of the horizontal stabiliser, the largest and most powerful flight control surface. At extreme deflections, the effects of this flight control surface cannot be overcome by the primary flight controls (elevators) or the manual actuation of the trim system. In consequence, the aircraft enters an accelerated nose-down dive, which further increases the control forces required to overcome its effects.\n\nFinally I will take a look at certification processes where a large part of the work and evaluation is not performed by an independent authority (FAA, EASA, ...) but by the manufacturer, and in many cases  is then simply signed off by the certification authority. In a deviation from common practice in the past, EASA has announced that it may not follow the FAA (re-) certification, but will require additional analyses and evidence. China, which was the first country to ground the \"MAX\", will also not simply adopt the FAA paperwork.","original_language":"eng","persons":["Bernd Sieker"],"tags":["36c3","10961","2019","Science","Main"],"view_count":27055,"promoted":false,"date":"2019-12-29T18:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-04-01T16:45:05.776+02:00","length":3647,"duration":3647,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10961-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10961-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10961-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10961-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10961-boeing_737max_automated_crashes","url":"https://api.media.ccc.de/public/events/47f6e51b-54ca-4c72-844f-ffd0f979279a","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"1c610210-9c06-5d79-b7dd-d4aa89cd608e","title":"Hacking an NFC toy with the ChameleonMini","subtitle":"","slug":"36c3-108-hacking-an-nfc-toy-with-the-chameleonmini","link":"https://cfp.verschwoerhaus.de/36c3/talk/VD7ARK/","description":"\u003cp\u003e\u003cspan style=\"font-family: 'Helvetica Neue', Helvetica, Helmet, Freesans, sans-serif; font-size: 12.806402206420898px; background-color: #fafafa;\"\u003eThe Toniebox plays songs or reads stories to your kids when they put a little figurine\u0026nbsp;\u003c/span\u003e\u003cspan class=\"more\" style=\"margin: 0px; padding: 0px; font-size: 12.807682991027832px; font-family: 'Helvetica Neue', Helvetica, Helmet, Freesans, sans-serif; display: inline;\"\u003eon top of it.\u003cbr style=\"margin: 0px; padding: 0px; font-size: 12.808963775634766px;\" /\u003eWe show how to create a backup of it and use the ChameleonMini in place of it in case your kid ate it.\u003c/span\u003e\u003c/p\u003e","original_language":"eng","persons":["fptrs","ceres-c"],"tags":["36c3-wikipakawg","108","2019","Security","WikiPakaWG"],"view_count":12022,"promoted":false,"date":"2019-12-30T13:15:00.000+01:00","release_date":"2020-01-01T01:00:00.000+01:00","updated_at":"2026-04-04T13:15:06.187+02:00","length":831,"duration":831,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/108-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/108-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/108-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/108-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-108-hacking-an-nfc-toy-with-the-chameleonmini","url":"https://api.media.ccc.de/public/events/1c610210-9c06-5d79-b7dd-d4aa89cd608e","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"422a606e-59d3-4d80-ac98-671a0fec67d7","title":"Reflections on the New Reverse Engineering Law","subtitle":null,"slug":"36c3-11089-reflections_on_the_new_reverse_engineering_law","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11089.html","description":"Individuals conducting reverse engineering for research purposes face several legal issues arising from IP and competition law. The legislation has reacted by introducing a new law on trade secrets specifically allowing reverse engineering. While the new law is certainly an improvement, many questions still remain as to conflicts with opposing domestic laws as well as other possibilities to waive the permission. In this talk, we provide guidance through the jungle of the current legal situation from a techno-legal perspective.\n\nHardware Reverse Engineering (HRE) is common practice for security researchers in order to detect vulnerabilities and assure integrity of microchips. Following last years talk “Mehr schlecht als Recht: Grauzone Sicherheitsforschung” and from the standpoint of a research group regularly applying HRE, we asked ourselves about potential negative legal implications for our personal lives. Therefore, we consulted an expert who assesses the legal implications of our work.\n\nFor a long time, our law has solely protected the inventor of a product. Discovering the underlying technical details and mechanisms of, e. g. microchips, has been deemed illegal due to intellectual property (IP) protection laws. Only lately, the legislation has recognized the importance of cybersecurity that heavily relies on reverse engineering to find security gaps and malfunctions. Subsequently, Germany introduced a new trade secret allowing for the “observation, study, disassembly or testing of a product or object” in 2018. However, at this stage, several questions remain unanswered: Is it possible to  restrict this freedom by, e. g. contractual agreements? How may the gained knowledge (not) be used? How do claims from IP holders from other legal systems such as the US influence our case?\n\nThe talk will shed light on these questions from a techno-legal perspective. Ultimately, it will give guidance for reverse engineers, demonstrating the boundaries of such new developments and highlighting the legal uncertainties in need of clarifications by literature and practice.","original_language":"eng","persons":["Steffen Becker","Stephan Koloßa"],"tags":["36c3","11089","2019","Ethics, Society \u0026 Politics","Main"],"view_count":739,"promoted":false,"date":"2019-12-28T19:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-31T00:45:03.911+02:00","length":2442,"duration":2442,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11089-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11089-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11089-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11089-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11089-reflections_on_the_new_reverse_engineering_law","url":"https://api.media.ccc.de/public/events/422a606e-59d3-4d80-ac98-671a0fec67d7","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"10f3b750-aaca-4819-85e4-0a0ef4c7cccd","title":"Lightning Talks Day 2","subtitle":"","slug":"36c3-10524-lightning_talks_day_2","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10524.html","description":"Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick!\r\n\r\n\r\n\u003ctable\u003e\r\n\u003ctbody\u003e\u003ctr\u003e\r\n\u003cth\u003eTime\u003c/th\u003e\r\n\u003cth\u003eTitle (Language)\u003c/th\u003e\r\n\u003cth\u003eAbstract\u003c/th\u003e\r\n\u003cth\u003eAuthor\r\n\u003c/th\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e\u003ca href=\"#t=18\"\u003e0:18\u003c/a\u003e\u003c/td\u003e\r\n\u003ctd\u003eLightning Talks Introduction Day 2 (en)\u003c/td\u003e\r\n\u003ctd\u003eA short introduction to the Lightning Talks Day 2 session\u003c/td\u003e\r\n\u003ctd\u003egedsic\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e\u003ca href=\"#t=45\"\u003e0:45\u003c/a\u003e\u003c/td\u003e\r\n\u003ctd\u003efreewvs - a free web vulnerability scanner (en)\u003c/td\u003e\r\n\u003ctd\u003efreewvs is a little tool that allows to locally scan filesystems for known vulnerable web applications.\u003c/td\u003e\r\n\u003ctd\u003eHanno B\u0026ouml;ck\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e\u003ca href=\"#t=271\"\u003e4:31\u003c/a\u003e\u003c/td\u003e\r\n\u003ctd\u003ePocket Science Lab (en)\u003c/td\u003e\r\n\u003ctd\u003ePSLab is a small USB powered open hardware extension for your Android phone or PC that lets you measure all kinds of things.\u003c/td\u003e\r\n\u003ctd\u003eMarc Nause\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e8:25\u003c/td\u003e\r\n\u003ctd\u003eJMAP \u0026amp; Ltt.rs (en)\u003c/td\u003e\r\n\u003ctd\u003eAn introduction to the JSON Meta Application Protocol, a spiritual successor to IMAP \u0026amp; Submission, and into Ltt.rs one of the first clients to use it.\u003c/td\u003e\r\n\u003ctd\u003eDaniel Gultsch\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e13:52\u003c/td\u003e\r\n\u003ctd\u003eBadge Magic (en)\u003c/td\u003e\r\n\u003ctd\u003eMagically Create Text and Cliparts on LED Name Badges using Bluetooth\u003c/td\u003e\r\n\u003ctd\u003eMario Behling\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e19:33\u003c/td\u003e\r\n\u003ctd\u003ePathAuditor: finding privilege escalation bugs with dynamic instrumentation (en)\u003c/td\u003e\r\n\u003ctd\u003ePathAuditor is a tool to detect file accesses in which an unprivileged user might have messed with the path. The impact can range from DoS to LPE.\u003c/td\u003e\r\n\u003ctd\u003etsuro\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e24:44\u003c/td\u003e\r\n\u003ctd\u003eAxolotl -  A crossplatform signal client (en)\u003c/td\u003e\r\n\u003ctd\u003eAxoltol is a signal client written in go and  vuejs. This talk is about the history of the project, difficulties and future.\u003c/td\u003e\r\n\u003ctd\u003enanu-c/Aaron Kimmig\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e29:28\u003c/td\u003e\r\n\u003ctd\u003eCongress Design on an Oscilloscope (en)\u003c/td\u003e\r\n\u003ctd\u003eHow to connect JavaScript with an analoge oscilloscope\u003c/td\u003e\r\n\u003ctd\u003equanten\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e33:32\u003c/td\u003e\r\n\u003ctd\u003eAre You ready to sustain IT? (de)\u003c/td\u003e\r\n\u003ctd\u003eAfter decades of taking exponentially growing resources for granted, IT   finally has to content with zero growth.  Can you cope with that?\u003c/td\u003e\r\n\u003ctd\u003e0x4c.de\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e38:40\u003c/td\u003e\r\n\u003ctd\u003eFree Pascal - An Open Source, Cross Platform, Object Pascal Compiler (en)\u003c/td\u003e\r\n\u003ctd\u003eThis talk will provide a short overview of Free Pascal, an open source, cross platform, Object Pascal compiler.\u003c/td\u003e\r\n\u003ctd\u003ePascalDragon\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e43:44\u003c/td\u003e\r\n\u003ctd\u003eTelnet-Challenge A.K.A Winkekatzen-Challenge (de)\u003c/td\u003e\r\n\u003ctd\u003eAnnouncement and short introduction to the \\\\ Telnet-Challenge A.K.A Winkekatzen-Challenge. \\\\ WIN A FREE SHIRT\u003c/td\u003e\r\n\u003ctd\u003edondario\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e47:04\u003c/td\u003e\r\n\u003ctd\u003eUncoventional tactics for online campaigning (en)\u003c/td\u003e\r\n\u003ctd\u003eAre there alternatives for petitions? A creative approach to online campaigning.\u003c/td\u003e\r\n\u003ctd\u003eLena Rieger\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e51:20\u003c/td\u003e\r\n\u003ctd\u003eTSDB mal anders (de)\u003c/td\u003e\r\n\u003ctd\u003eWas kann man abseits von Monitoring mit Grafana und Time series databases machen?\u003c/td\u003e\r\n\u003ctd\u003ezivillian\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e55:37\u003c/td\u003e\r\n\u003ctd\u003eFive Easy Things to fix Machine Learning (en)\u003c/td\u003e\r\n\u003ctd\u003eThere are five simple rules to follow when researching in Machine Learning. They make your work easier to verify.\u003c/td\u003e\r\n\u003ctd\u003e2martens\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e59:06\u003c/td\u003e\r\n\u003ctd\u003eAccessibility for (adult) autistics at larger events (en)\u003c/td\u003e\r\n\u003ctd\u003eBasic guide how to care for autistics at larger events\u003c/td\u003e\r\n\u003ctd\u003eBenjamin Wand\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e1:02:18\u003c/td\u003e\r\n\u003ctd\u003eDelay/Disruption-Tolerant Networking with dtn7-go (en)\u003c/td\u003e\r\n\u003ctd\u003eIntroducing Delay/Disruption-Tolerant Networking (DTN) through the dtn7-go software to be used for ad hoc networks with no or limited infrastructure.\u003c/td\u003e\r\n\u003ctd\u003eAlvar Penning\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e1:07:58\u003c/td\u003e\r\n\u003ctd\u003eTesla Radar (en)\u003c/td\u003e\r\n\u003ctd\u003eTesla vehicles with 'Phone Key' transmit a unique ID.Tesla Radar tracks these IDs and creates a heat-map in order to raise awareness for the issue.\u003c/td\u003e\r\n\u003ctd\u003eMartin Herfurt @mherfurt\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e1:13:35\u003c/td\u003e\r\n\u003ctd\u003eOpen Source Licenses: Where they come from (en)\u003c/td\u003e\r\n\u003ctd\u003eIntroduction to Open Source Initiative's license review process.\u003c/td\u003e\r\n\u003ctd\u003eHong Phuc Dang\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e1:17:30\u003c/td\u003e\r\n\u003ctd\u003eSoldering Workshops at the Hardware Hacking Area (en)\u003c/td\u003e\r\n\u003ctd\u003eI will give an overview of the workshops taught at the Hardware Hacking Area.\u003c/td\u003e\r\n\u003ctd\u003eEmily Hammes\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e1:21:50\u003c/td\u003e\r\n\u003ctd\u003eExciting developments around Linux on Phones (en)\u003c/td\u003e\r\n\u003ctd\u003eThere have been countless attempts to dethrone Android. Many tried, many failed. But 2020 might be the year we finally see this change!\u003c/td\u003e\r\n\u003ctd\u003eJan Sprinz\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e1:26:50\u003c/td\u003e\r\n\u003ctd\u003eHacking Ecology - Four projects where you can help! (de)\u003c/td\u003e\r\n\u003ctd\u003eFour projects are presented where you can help nature and people. Later we meet at Wikipaka (2019-12-29, 19:00–22:00) for a small hackathon.\u003c/td\u003e\r\n\u003ctd\u003eMario\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e1:30:57\u003c/td\u003e\r\n\u003ctd\u003eMake peace \u0026amp; time with accounting (en)\u003c/td\u003e\r\n\u003ctd\u003eAccounting is not very fun and is not taught at school, yet this talk will try to convince you that it is as important as brushing your teeth.\u003c/td\u003e\r\n\u003ctd\u003eLouis Opter\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e1:37:50\u003c/td\u003e\r\n\u003ctd\u003eDo-ocracy done well (en)\u003c/td\u003e\r\n\u003ctd\u003eLessons learned from five years of experimenting with do-ocracy. How to solve internal conflict and give power to the people who do stuff!\u003c/td\u003e\r\n\u003ctd\u003eMerlijn Sebrechts\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e1:43:05\u003c/td\u003e\r\n\u003ctd\u003eOpen Laser Tag (en)\u003c/td\u003e\r\n\u003ctd\u003eWe are building a easy to build open source laser tag system. \u003ca rel=\"nofollow\" class=\"external free\" href=\"https://github.com/open-laser-tag/\"\u003ehttps://github.com/open-laser-tag/\u003c/a\u003e\u003c/td\u003e\r\n\u003ctd\u003ezeud, Florian\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\u003ctr\u003e\r\n\u003ctd\u003e1:48:40\u003c/td\u003e\r\n\u003ctd\u003eFree Binary Analysis Course (en)\u003c/td\u003e\r\n\u003ctd\u003eDo you want to analyse malware, but are you unsure how? Do you want to learn more, but do you not know where? Follow this course to get a head start!\u003c/td\u003e\r\n\u003ctd\u003eMax 'Libra' Kersten\r\n\u003c/td\u003e\u003c/tr\u003e\r\n\r\n\u003c/tbody\u003e\u003c/table\u003e","original_language":"eng","persons":["gedsic","bigalex"],"tags":["36c3","10524","2019","CCC","Main"],"view_count":3283,"promoted":false,"date":"2019-12-28T11:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-04-03T18:00:04.855+02:00","length":6918,"duration":6918,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10524-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10524-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10524-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10524-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10524-lightning_talks_day_2","url":"https://api.media.ccc.de/public/events/10f3b750-aaca-4819-85e4-0a0ef4c7cccd","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"56e58bc1-1a30-4eae-a81b-78cf86732865","title":"BahnMining - Pünktlichkeit ist eine Zier","subtitle":null,"slug":"36c3-10652-bahnmining_-_punktlichkeit_ist_eine_zier","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10652.html","description":"Seit Anfang 2019 hat David \u003ci\u003ejeden\u003c/i\u003e einzelnen Halt \u003ci\u003ejeder\u003c/i\u003e einzelnen Zugfahrt auf \u003ci\u003ejedem\u003c/i\u003e einzelnen Fernbahnhof in ganz Deutschland systematisch gespeichert. Inklusive Verspätungen und allem drum und dran. Und die werden wir in einem bunten Vortrag erforschen und endlich mal wieder ein bisschen Spaß mit Daten haben.\n\n\u003ci\u003eRechtlicher Hinweis: Es liegt eine schriftliche Genehmigung der Bahn vor, von ihr abgerufene Rohdaten aggregieren und für Vorträge nutzen zu dürfen. Inhaltliche Absprachen oder gar Auflagen existieren nicht.\u003c/i\u003e\n\nDie Bahn gibt ihre Verspätungen in \"Prozent pünktlicher Züge pro Monat\" an. Das ist so radikal zusammengefasst, dass man daraus natürlich nichts interessantes lesen kann. Jetzt stellt euch mal vor, man könnte da mal ein bisschen genauer reingucken.\n\nStellt sich raus: Das geht! Davids Datensatz umfasst knapp 25 Millionen Halte - mehr als 50.000 pro Tag. Wir haben die Rohdaten und sind in unserer Betrachtung völlig frei. \n\nDer Vortrag hat wieder mehrere rote Fäden.\n\n\u003cb\u003e 1) Wir vermessen ein fast komplettes Fernverkehrsjahr der deutschen Bahn.  \u003c/b\u003e Hier etwas Erwartungsmanagement: Sinn ist keinesfalls Bahn-Bashing oder Sensationsheischerei - wer einen Hassvortrag gegen die Bahn erwartet, ist in dieser Veranstaltung falsch. Wir werden die Daten aber nutzen, um die Bahn einmal ein bisschen kennenzulernen. Die Bahn ist eine riesige Maschine mit Millionen beweglicher Teile. Wie viele Zugfahrten gibt es überhaupt? Was sind die größten Bahnhöfe? Wir werden natürlich auch die unerfreulichen Themen ansprechen, für die sich im Moment viele interessieren: Ist das Problem mit den Zugverspätungen wirklich so schlimm, wie alle sagen? Gibt es Orte und Zeiten, an denen es besonders hapert? Und wo fallen Züge einfach aus?\n\n\u003cb\u003e 2) Es gibt wieder mehrere Blicke über den Tellerrand\u003c/b\u003e, wie bei Davids vorherigen Vorträgen auch. Ihr werdet wieder ganz automatisch und nebenher einen \u003ci\u003eallgemeinverständlichen\u003c/i\u003e Einblick in die heutige Datenauswerterei bekommen. (Eine verbreitete Verschwörungsheorie sagt, euch zur Auswertung öffentlicher Daten zu inspirieren, wäre sogar der Hauptzweck von Davids Vorträgen. :-) )Die Welt braucht Leute mit Ratio, die Analyse wichtiger als Kreischerei finden. Und darum beschreibt davod auch, wie man so ein durchaus aufwändiges Hobbyprojekt technisch angeht, Anfängerfehler vermeidet, und verantwortungsvoll handelt.","original_language":"deu","persons":["David Kriesel"],"tags":["36c3","10652","2019","Ethics, Society \u0026 Politics","Main"],"view_count":101142,"promoted":false,"date":"2019-12-28T22:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-04-04T15:00:05.227+02:00","length":3709,"duration":3709,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10652-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10652-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10652-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10652-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10652-bahnmining_-_punktlichkeit_ist_eine_zier","url":"https://api.media.ccc.de/public/events/56e58bc1-1a30-4eae-a81b-78cf86732865","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"1fa314fd-c59a-450b-8347-05224b473972","title":"Schweiz: Netzpolitik zwischen Bodensee und Matterhorn","subtitle":"E-ID, E-Voting, Netzsperren und andere netzpolitische Schauplätze","slug":"36c3-10892-schweiz_netzpolitik_zwischen_bodensee_und_matterhorn","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10892.html","description":"Die Intensität des Kampfes um die Freiheit im digitalen Raum lässt auch in der Schweiz nicht nach. Wir blicken auf das netzpolitische Jahr 2019 zwischen Bodensee und Matterhorn zurück. Wir behandeln jene Themen, die relevant waren und relevant bleiben.\n\nWeiter zeigen wir, was von der Digitalen Gesellschaft in der Schweiz im neuen Jahr zu erwarten ist.\n\n\u003cstrong\u003eThemen sind unter anderem:\u003c/strong\u003e\n\n\u003cstrong\u003eElektronische Identifizierung (E-ID):\u003c/strong\u003e Das Gesetz, welches die elektronische Identifizierung regelt, ist verabschiedet worden. Der digitale Ausweis soll von privaten Unternehmen herausgegeben werden. Wir haben das Referendum gegen das Gesetz ergriffen.\n\n\u003cstrong\u003eE-Voting:\u003c/strong\u003e Ein öffentlicher Test des letzten sich im Rennen befindenden Systems war vernichtend. Wie es nun weitergeht im Kampf für das Vertrauen in die direkte Demokratie in der Schweiz.\n\n\u003cstrong\u003eNetzsperren:\u003c/strong\u003e Das erste Gesetz, in dem Netzsperren explizit verankert sind, ist dieses Jahr in Kraft getreten. Wie es in der Umsetzung aussieht\n\n\u003cstrong\u003eLeistungsschutzrecht:\u003c/strong\u003e Was es ins neue Urheberrechtsgesetz geschafft hat - und wie das Leistungsschutzrecht bezwungen wurde.\n\n\u003cstrong\u003eDatenschutz:\u003c/strong\u003e Wo in der Schweiz besonders viel «Datenreichtum» zu beobachten war und was es mit der Login- bzw. Tracking-Allianz auf sich hat.\n\n\u003cstrong\u003eNetzneutralität:\u003c/strong\u003e Nach einem langen Kampf erhält die Schweiz eine gesetzlich verankerte Netzneutralität. Im kommenden Jahr wird das Gesetz in Kraft treten.\n\n\u003cstrong\u003eDigitale Gesellschaft in der Schweiz:\u003c/strong\u003e Winterkongress, Big Brother Awards und andere Aktivitäten.\n\nNach dem Vortrag sind alle interessierten Personen eingeladen, die Diskussion in einem \u003ca href=\"https://events.ccc.de/congress/2019/wiki/index.php/Session:Follow-up_meeting_to_the_Netzpolitik_in_der_Schweiz_talk\"\u003eTreffen\u003c/a\u003e fortzusetzen. Es werden Aktivistinnen und Aktivisten von verschiedenen Organisationen der Netzpolitik in der Schweiz anwesend sein (Digitale Gesellschaft, CCC-CH, CCCZH, Piratenpartei Schweiz).","original_language":"deu","persons":["Patrick \"packi\" Stählin","Kire","Ganti"],"tags":["36c3","10892","2019","CCC","Main"],"view_count":1274,"promoted":false,"date":"2019-12-28T14:10:00.000+01:00","release_date":"2020-01-01T01:00:00.000+01:00","updated_at":"2026-01-08T18:00:29.319+01:00","length":3518,"duration":3518,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10892-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10892-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10892-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10892-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10892-schweiz_netzpolitik_zwischen_bodensee_und_matterhorn","url":"https://api.media.ccc.de/public/events/1fa314fd-c59a-450b-8347-05224b473972","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"bfd7bf40-e201-41ca-b794-d70df9a01164","title":"Katastrophe und Kommunikation am Beispiel Nord-Ost-Syrien","subtitle":"Humanitäre Hilfe zwischen Propaganda, Information und Spendenwerbung","slug":"36c3-10957-katastrophe_und_kommunikation_am_beispiel_nord-ost-syrien","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10957.html","description":"Katastrophen, Krisen \u0026 Kriege lassen sich heute live mitverfolgen. Wir erleben eine kaum überblickbare Quellendiversität in den sozialen Medien – jeder wird zur Quelle. Welchen Einfluss hat das darauf, wie ein Konflikt wahrgenommen wird, wie setzen Konfliktparteien aber auch Helfende die sozialen Medien ein und was bedeutet das für Diejenigen, die vor Ort humanitäre Hilfe leisten. Wir diskutieren dies anhand des türkischen Überfalls auf Nord-Ost-Syrien gemeinsam mit Fee Baumann von Heyva Sor A Kurd, live aus Nord-Ost-Syrien\n\nKatastrophen, Krisen \u0026 Kriege lassen sich heute live mitverfolgen. Wir erleben eine kaum überblickbare Quellendiversität in den sozialen Medien – jeder wird zur Quelle. Welchen Einfluss hat das darauf, wie ein Konflikt wahrgenommen wird, wie setzen Konfliktparteien aber auch Helfende die sozialen Medien ein und was bedeutet das für Diejenigen, die vor Ort humanitäre Hilfe leisten. Wir diskutieren dies anhand des türkischen Überfalls auf Nord-Ost-Syrien.\n\nFand Live-Berichterstattung aus Kriegsgebieten zu Zeiten des 2. Golfkrieges noch überwiegend durch ein paar wenige Journalist*innen, oft “embedded” statt, die für CNN\u0026Co im grünlichen Nachtsicht-Look aus dem Panzer berichteten, kann in den sozialen Medien heute jede*r zur Quelle werden. Auf diese Weise gelangt die Öffentlichkeit an Informationen die vorher nur sehr schwer zu bekommen gewesen wären \u0026 schon gar nicht in Echtzeit.\n\nDie Quellenvielfalt birgt große Chancen für die Bewertung einer Lage und auch zur Überprüfung von Informationen durch mehrere Quellen oder Image Reverse Suche. Gleichzeitig verbreiten sich Gerüchte und Falschinformationen ebenfalls sehr viel schneller. Zudem können soziale Medien auch gezielt, etwa von Kriegsparteien manipuliert werden. Die Türkei setzte neben Deutschen Panzern etwa auch Bot-Armeen ein, im Ergebnis: Zwar verurteilte ein großteil der Welt den türkischen Einmarsch in Nord-Ost-Syrien, aber Twitter-Hashtags zeichneten zeitweilig ein ganz anderes Bild. Gleichzeitig kann es schon auch mal passieren, dass Türkei nahe Djihadistische Gruppen ausversehen selbst Videos ihrer Kriegsverbrechen prahlerisch ins Netz stellen.\n\nWas bedeutet all das für humanitäre Helfende vor Ort, die Twitter \u0026 co mittlerweile nicht nur zur Spendenwerbung sondern auch zur Lagebewertung nutzen: Wie kann man in der Praxis damit umgehen, dass sich auf Twitter gegebenenfalls ein ganz anderes Bild zeichnet als vor Ort und vor allem: Welches davon ist näher an der Realität?\n\nDarum geht es in diesem Talk am Beispiel des Türkischen Überfalls auf Nord-Ost-Syrien, von Sebastian Jünemann und Ruben Neugebauer von der Hilfsorganisation Cadus, die vor Ort mit mehreren, im wesentlichen medizinischen Projekten aktiv war, sowie Fee Baumann von der Organisation Heyvasor a Kurd, dem kurdischen roten Halbmond. Außerdem werden wir klären wie man sich per Selfie bequem ins Jenseits befördern kann und was sonst noch so für die persönliche Sicherheit zu beachten ist, im Umgang mit modernen Medien in Kriegsgebieten.\n\n\n","original_language":"deu","persons":["Ruben Neugebauer","Sebastian Jünemann"],"tags":["36c3","10957","2019","Ethics, Society \u0026 Politics","Main"],"view_count":2411,"promoted":false,"date":"2019-12-27T12:50:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-02-18T16:45:11.176+01:00","length":3646,"duration":3646,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10957-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10957-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10957-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10957-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10957-katastrophe_und_kommunikation_am_beispiel_nord-ost-syrien","url":"https://api.media.ccc.de/public/events/bfd7bf40-e201-41ca-b794-d70df9a01164","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"032d1724-b643-4fa0-9435-3410e9ad333a","title":"Megatons to Megawatts","subtitle":"Military warheads as a source of nuclear fuel","slug":"36c3-10517-megatons_to_megawatts","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10517.html","description":"Can nuclear warheads be used as energy sources instead of exhausting resources? And if, how does this even work? \n\nConcerns during the cold war era mainly focused on the diversion of Uranium intended for commercial nuclear power towards usage in weapons. During the 1990s, these concerns gave way to a focus on the role of military Uranium as a major source of fuel for commercial nuclear power. \n\nCan nuclear warheads be used as energy sources instead of exhausting resources? And if, how does this even work? \n\nIn the late 1980s the United States and countries of the former Soviet Union signed a series of disarmament treaties to reduce the world's nuclear arsenals. Since then, lots of nuclear materials have been converted into fuel for commercial nuclear reactors. \n\nHighly-enriched uranium in US and Russian weapons and other military stockpiles amounts to about 1500 tonnes, equivalent to about seven times the annual world Uranium mine production. These existing resources can be used instead of exploiting natural Uranium reserves, which are as limited as all other non-renewable energy sources. Uranium mining is a dirty, polluting, hazardous business which possibly could be stopped altogether if existing resources would be used instead.\n\nThis talk is a primer in nuclear physics with focus on conversion of weapon grade Uranium and Plutonium into fuel for civil nuclear power plants.","original_language":"deu","persons":["Julia Riede"],"tags":["36c3","10517","2019","Science","Main"],"view_count":1459,"promoted":false,"date":"2019-12-28T20:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-02-03T19:00:17.517+01:00","length":3578,"duration":3578,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10517-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10517-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10517-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10517-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10517-megatons_to_megawatts","url":"https://api.media.ccc.de/public/events/032d1724-b643-4fa0-9435-3410e9ad333a","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"1773b17c-3598-4d09-a7b9-6023bb282fb9","title":"Was tun bevor es brennt - wie gründe ich eigentlich einen Betriebsrat?","subtitle":"Wie gründe ich einen Betriebsrat, bevor die Kacke dampft?","slug":"36c3-10600-was_tun_bevor_es_brennt_-_wie_grunde_ich_eigentlich_einen_betriebsrat","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10600.html","description":"Aktiv werden zur rechten Zeit - Stand up for Your Right!\n\nBetriebsrat - klingt für viele IT-ler*innen doch nach letztem Jahrtausend. Dabei ist dies ein hart erkämpftes und wichtiges Instrument, um der Stimme der Beschäftigten bei der Geschäftsleitung Ausdruck zu verleihen. Wir  schildern anhand eines konkreten Beispiels, wie ein Betriebsrat gegründet wird, ohne dass die Chefetage zwischendurch schon den Stecker zieht. \n\nDas deutsche Arbeitsrecht in Form des Betriebsverfassungsgesetzes garantiert die Mitsprache der Belegschaft in jeder Firma mit mehr als fünf Arbeitnehmer*innen. Dabei ist vieles zu beachten - und ohne eine professionelle Begleitung z.B. durch eine Gewerkschaft kaum zu schaffen.\n\nIn unserer Firma geht es ab: Massenentlassungen aufgrund ökonomischer Turbulenzen. Die Geschäftsleitung spielt dirty und schaut, womit sie durchkommt. Höchste Zeit für einen Betriebsrat! \n\n• Um zu erfahren, dass man gemeinsam stark sein kann.\n• Um der Gechäftsleitung klarzumachen. was geht und was nicht. \n• Um bei Einstellungen und Entlassungen Fairplay zu gewährleisten. \n• Um die verbrieften Rechte  der Beschäftigten durchzusetzen. \n\nAm Beispiel einer Berliner Großraumdiskothek und einem ebenso in Berlin ansässigen Musikinstrumenteherstellers, welches kürzlich einem Fünftel seiner Belegschaft betriebsbedingt gekündigt hat, zeigen wir wie das geht mit der Betriebsratsgründung, worauf unbedingt zu achten ist und wo Interessierte professionelle Unterstützung für dieses organisatorischen Kraftakt finden können. \n\nDen Talk halten wir zu viert: eine Beschäftigte der Diskothek, ein Beschäftigter des Musikinstrumenteherstellers, ein Vertreter der IG Metall und ein Vertreter von ver.di. \n\nAm besten geht das von der Hand, bevor es ungemütlich wird. \n","original_language":"deu","persons":["Hüpno","Lissim","Ole ","Thomas Weber"],"tags":["36c3","10600","2019","Ethics, Society \u0026 Politics","Main"],"view_count":3365,"promoted":false,"date":"2019-12-28T11:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-21T23:15:06.911+01:00","length":3835,"duration":3835,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10600-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10600-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10600-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10600-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10600-was_tun_bevor_es_brennt_-_wie_grunde_ich_eigentlich_einen_betriebsrat","url":"https://api.media.ccc.de/public/events/1773b17c-3598-4d09-a7b9-6023bb282fb9","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"658728fa-dce0-4c6b-ab80-cd513ee1f0ac","title":"Kritikalität von Rohstoffen - wann platzt die Bombe?","subtitle":"Ein nicht nuklearer Blick auf das Ende der Welt ","slug":"36c3-10598-kritikalitat_von_rohstoffen_-_wann_platzt_die_bombe","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10598.html","description":"Einführung in das Forschungsfeld der Kritikalitätsanalysen. Anhand der Rohstoffe Tantal, Wolfram, Zinn und Gold werden exemplarisch die quantitativen und qualitativen Indikatoren für eine Versorgungsengpassanalyse vorgestellt.\n\nModerne High-Tech-Produkte benötigen chemische Elemente, die in spezifischen Rohstoffen (z. B. Erze) vorkommen. Dabei unterliegen Verfügbarkeit und Preis dieser Rohstoffe in hohem Maße den Einflussfaktoren der Konzentrationsrisken, politischen Risiken, Angebotsreduktions- und Nachfrageanstiegsrisiken. Da Unternehmen oftmals über Jahre hinweg an bestimmte Rohstoffe gebunden sind, müssen sie den Unsicherheiten mit vielfältigen Strategien begegnen. Vom Abbau und der Verarbeitung bis zur Nutzung und Entsorgung wird die gesamte Wertschöpfungskettenkritikalität bewertet. Dadurch können Verwundbarkeiten von Unternehmen und Ländern durch Rohstoffengpässe objektiv identifiziert und Handlungsempfehlungen definiert werden. Die Kritikalitätsanalyse wird am Beispiel der 3TG-Materialien (Tantal, Wolfram, Zinn und Gold) veranschaulicht.","original_language":"deu","persons":["Martin Hillenbrand"],"tags":["36c3","10598","2019","Science","Main"],"view_count":9334,"promoted":false,"date":"2019-12-27T22:10:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-01-07T08:30:12.255+01:00","length":3836,"duration":3836,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10598-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10598-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10598-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10598-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10598-kritikalitat_von_rohstoffen_-_wann_platzt_die_bombe","url":"https://api.media.ccc.de/public/events/658728fa-dce0-4c6b-ab80-cd513ee1f0ac","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"27300e0d-e9a3-4e59-8261-c1b67cc0d86d","title":"Inside the Fake Like Factories","subtitle":"How thousands of Facebook, You Tube and Instagram pages benefited from purchased likes and how we reverse engineered facebooks user IDs","slug":"36c3-10936-inside_the_fake_like_factories","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10936.html","description":"This talk investigates the business of fake likes and fake accounts: In a world, where the number of followers, likes, shares and views are worth money, the temptation and the will to cheat is high. With some luck, programming knowledge and persistence we obtained thousands of fanpages, You Tube and Instagram account, where likes have been bought from a Likes seller. We were also able to meet people working behind the scenes and we will prove, that Facebook is a big bubble, with a very high percentage of dead or at least zombie accounts. The talk presents the methodology, findings and outcomes from a team of scientists and investigative journalists, who delved into the parallel universe of Fake Like Factories.\n\nWhen you hear about fake likes and fake accounts, you instantly think of mobile phones strung together in multiple lines in front of an Asian woman or man. What if we tell you, that this is not necessarily the whole truth?  That you better imagine a ordinary guy sitting at home at his computer? In a longterm investigation we met and talked to various of these so called “clickworkers” - liking, watching, clicking Facebook, You Tube and Instagram for a small amount of money the whole day in their living room.\nFortuitously we could access thousand campaigns, Facebook Fanpages, You Tube videos or Instagram accounts. Thousands of websites and accounts, for which somebody bought likes in the past years.\nBut we did not stop the investigation there: We dived deeper into the Facebook Fake Accounts and Fake Likes universe, bought likes at various other Fake Likes sellers. To get the big picture, we also developed a statistical method to calculate the alleged total number of Facebok User IDs, with surprising results.","original_language":"eng","persons":["@sveckert","Dennis Tatang","pkreissel"],"tags":["36c3","10936","2019","Ethics, Society \u0026 Politics","Main"],"view_count":32806,"promoted":false,"date":"2019-12-27T23:30:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-29T07:00:03.211+02:00","length":3615,"duration":3615,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10936-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10936-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10936-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10936-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10936-inside_the_fake_like_factories","url":"https://api.media.ccc.de/public/events/27300e0d-e9a3-4e59-8261-c1b67cc0d86d","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"7efbe48e-7673-4c72-b990-cb9db88f57b9","title":"Von Menschen radikalisiert: Über Rassismus im Internet","subtitle":null,"slug":"36c3-11097-von_menschen_radikalisiert_uber_rassismus_im_internet","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11097.html","description":"Seit Jahren wird über den Einfluss des Internets auf die Gesellschaft diskutiert. Desinformationskampagnen in den sozialen Medien, russische Bots und Empfehlungs-Algorithmen hätten die Gesellschaft gespalten. Doch viele Unterstellungen lassen sich einfach widerlegen.\n\nDieser Vortrag gibt einen Überblick und schlägt Ansätze vor, wie sich die Phänomene des Rechtsrucks zu einem konsistenten Bild zusammenfügen lassen.","original_language":"deu","persons":["Michael Kreil"],"tags":["36c3","11097","2019","Ethics, Society \u0026 Politics","Main"],"view_count":6186,"promoted":false,"date":"2019-12-29T11:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-02-01T19:15:09.034+01:00","length":3339,"duration":3339,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11097-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11097-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11097-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11097-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11097-von_menschen_radikalisiert_uber_rassismus_im_internet","url":"https://api.media.ccc.de/public/events/7efbe48e-7673-4c72-b990-cb9db88f57b9","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"a3f9136b-fa32-504d-a762-438d5141ac74","title":"Treating IS - Humanitäre Prinzipien im Konflikt","subtitle":null,"slug":"36c3-oio-163-treating-is-humanitre-prinzipien-im-konflikt","link":"https://talks.oio.social/36c3-oio/talk/VPUTHL/","description":"Frank Dörner von Ärzte ohne Grenzen und Sebastian Jünemann von CADUS diskutieren die jüngsten Angriffe auf humanitäre Prinzipien in verschiedenen Kontexten, wie beispielsweise während der medizinischen Nothilfe in Nordost-Syrien.\n\nEigentlich sollte es klar sein: Menschen die medizinische Hilfe benötigen sollen sie auch bekommen, Punkt. Doch in Medienkommentaren wird der humanitären Hilfsorganisation CADUS, die ein Feldkrankenhaus im Camp Al Hol in Nordost-Syrien betreibt, längst nicht nur Respekt ausgesprochen. Manche Kommentator*innen schlagen vor, humanitäre Prinzipien auszusetzen sobald es sich bei den Hilfesuchenden um mutmaßliche Angehörige des sogenannten Islamischen Staates (IS) handelt. Schließlich, so die Argumentation, missachte diese Organisation systematisch eben solche Prinzipien. \n\nIn vielen Konflikten werden humanitäre Grundsätze heute zunehmend missachtet. Helfende werden zu Feinden erklärt und damit legitime Ziele für jedwede Aggression. Krankenhäuser und Ambulanzen können gezielt angegriffen werden, ohne dass es Konsequenzen hat. Afghanistan, Syrien, Yemen – die Liste ist lang. Und aus der jüngsten Geschichte der Seenotrettung wissen wir: auch von staatlichen Stellen werden immer wieder humanitäre Grundsätze mit Füßen getreten. \n\nFrank Dörner von Ärzte ohne Grenzen und Sebastian Jünemann von CADUS geben einen Einblick was es bedeutet, in gesellschaftlich und politisch stark umstrittenen Kontexten Hilfe zu leisten, in denen humanitäre Prinzipien immer wieder aus verschiedensten Richtungen angegriffen werden.","original_language":"deu","persons":["Sebastian Jünemann","Frank Dörner"],"tags":["36c3-oio","163","2019","Ethics, Society \u0026 Politics","OpenInfrastructureOrbit"],"view_count":604,"promoted":false,"date":"2019-12-29T16:10:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-18T23:30:10.601+01:00","length":3281,"duration":3281,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/163-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/163-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/163-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/163-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-163-treating-is-humanitre-prinzipien-im-konflikt","url":"https://api.media.ccc.de/public/events/a3f9136b-fa32-504d-a762-438d5141ac74","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"46015fa7-8746-5997-9cae-3aee08dca254","title":"Feierliche Verlesung des gesammelten Ärgers","subtitle":null,"slug":"36c3-112-feierliche-verlesung-des-gesammelten-rgers","link":"https://fahrplan.chaos-west.de/36c3/talk/PGHLLG/","description":"**Anger Exchange Point — MIT ÄRGER-GARANTIE!** \n\nWir halten, was wir versprechen!\n\nHaben Sie sich geärgert?\nKein Klopapier mehr da? Zu viele Menschen? Versehentlich etwas dummes gesagt? Die Klimakatastrophe rollt unaufhaltsam auf uns zu und niemand tut etwas? \n\nÄrgerlich, oder?\nAber es ist doch viel schöner, wenn sich jemand anderes ärgert! Am AEP in der Haecksen-Assembly gibt es die ÄRGER-GARANTIE! Wir garantieren: Über jeden Ärger wird sich einmal¹ geärgert! \n\nIn dieser eigens für Sie konzipierten Veranstaltung lösen wir unser Versprechen an Sie ein: Die übriggebliebenen Ärger werden verlesen und professionell zerärgert.\n**Hier wird Ihr Ärger gewürdigt!** Für allen übriggebliebenen Ärger haben die Haecksen zwei international führende Ärgerinnen engagiert, um speziell auf Ihren Ärger einzugehen! \n\nMit Zeit-Zurück-Garantie²!\n\n\n*****\n\n¹ Abweichungen innerhalb einer Größenordnung vorbehalten.\n\n² investierte Zeit wird vom 01. bis zum 06.01.2020 auf dem Messegelände Leipzig zurückerstattet oder für die Verwendung des AEP vom 10. bis zum 13.04.2020 gutgeschrieben.","original_language":"deu","persons":["Piko"],"tags":["36c3-chaoswest","112","2019","Spiele sind wichtig für die Revolution!","ChaosWest"],"view_count":1535,"promoted":false,"date":"2019-12-29T21:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-01-06T10:30:09.367+01:00","length":2810,"duration":2810,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/112-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/112-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/112-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/112-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-112-feierliche-verlesung-des-gesammelten-rgers","url":"https://api.media.ccc.de/public/events/46015fa7-8746-5997-9cae-3aee08dca254","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"3aae5c0a-9c9b-483a-8c09-b4402d749a82","title":"The Case for Scale in Cyber Security","subtitle":"Security Track Keynote","slug":"36c3-11220-the_case_for_scale_in_cyber_security","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11220.html","description":"The impact of scale in our field has been enormous and it has transformed the tools, the jobs and the face of the Infosec community. In this talk we discuss some of the ways in which defense has benefitted from scale, how the industry might be transitioning to a new phase of its growth and how the community will have to evolve to stay relevant.","original_language":"eng","persons":["Vincenzo Iozzo"],"tags":["36c3","11220","2019","CCC","Main"],"view_count":3298,"promoted":false,"date":"2019-12-27T11:30:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-21T00:30:06.028+01:00","length":1938,"duration":1938,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11220-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11220-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11220-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11220-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11220-the_case_for_scale_in_cyber_security","url":"https://api.media.ccc.de/public/events/3aae5c0a-9c9b-483a-8c09-b4402d749a82","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"22cc3c48-9a16-453a-88a3-38abda6b148a","title":"Hackerparagraph § 202c StGB // Reality Check","subtitle":"Cybercrime-Ermittlungen: Vorsicht vor der Polizei! Oder: Nicht im falschen Forum posten","slug":"36c3-10977-hackerparagraph_202c_stgb_reality_check","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10977.html","description":"Der Hackerparagraph § 202c StGB ist seit August 2007 in Kraft. Das Bundesverfassungsgericht nahm eine dagegen gerichtete Verfassungsbeschwerde nicht an, wies aber darauf hin, dass er verfassungskonform auszulegen sei. Wie ist also die Rechtslage? Und wie sieht die Realität der Strafverfolgung aus? Reality Check!\n\nWie war das nochmal mit diesem umstrittenen Hackerparagraphen? Welche Rolle spielt er in der Praxis der Strafverfolgung? Kann mich so ein Ermittlungsverfahren am  Ende selber betreffen?\nUnd wie gehen die Strafverfolgungsbehörden bei Ermittlungen wegen des Verdachts auf Straftaten nach § 202c StGB vor? Dies wird anhand eines von einer Schwerpunktstaatsanwaltschaft für Cybercrime geführten Strafverfahrens beantwortet. Der Vortrag stellt Rechtslage und Realität gegenüber. Um es vorweg zu nehmen: Sowas kann man sich gar nicht ausdenken.","original_language":"deu","persons":["RA Ulrich Kerner"],"tags":["36c3","10977","2019","Ethics, Society \u0026 Politics","Main"],"view_count":5413,"promoted":false,"date":"2019-12-28T17:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-31T00:30:05.073+02:00","length":2543,"duration":2543,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10977-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10977-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10977-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10977-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10977-hackerparagraph_202c_stgb_reality_check","url":"https://api.media.ccc.de/public/events/22cc3c48-9a16-453a-88a3-38abda6b148a","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"c0a8c771-f942-41da-bdc8-f031ae53a353","title":"Content take-downs: Who cleans the internet?","subtitle":"EU plans to swipe our freedom of expression under the carpet","slug":"36c3-10968-content_take-downs_who_cleans_the_internet","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10968.html","description":"The quest towards a “cleaner” internet continues – with “censorship machines” included in the EU Copyright Directive, upload filters proposed in the Terrorist Content Regulation, and numerous other initiatives to push dominant platforms to police online content. This talk will present the next big battles for free speech online at the European level.\n\nThe next important battle for our rights and freedoms in the digital sphere is looming on the horizon. Policymakers wage war against “harmful” speech online, relying on the centralisation of the web around few platforms that function as “walled gardens”. Heated debates on upload filters recently took place around the copyright reform and the fight against online terrorist propaganda. \n\nThe next challenge for our freedom of expression online is a planned update to rules that deal with illegal and “harmful” content: E-Commerce Directive. E-Commerce was adopted two decades ago, but the way the internet looks like has drastically changed since. The amount of user-uploaded content has exploded, and few dominant platforms have an increasing impact on people’s rights and freedoms. \nHow does the current online landscape look like? What are the policy options the EU is facing in terms of platform regulation? How can we achieve human rights-compliant content moderation rules?","original_language":"eng","persons":["Chloé Berthélémy","Thomas Lohninger"],"tags":["36c3","10968","2019","Ethics, Society \u0026 Politics","Main"],"view_count":804,"promoted":false,"date":"2019-12-29T22:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-24T02:30:03.143+01:00","length":2334,"duration":2334,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10968-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10968-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10968-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10968-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10968-content_take-downs_who_cleans_the_internet","url":"https://api.media.ccc.de/public/events/c0a8c771-f942-41da-bdc8-f031ae53a353","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"85314c6e-7df5-443b-b684-f13ab25749b0","title":"Getting software right with properties, generated tests, and proofs","subtitle":"Evolve your hack into robust software!","slug":"36c3-10768-getting_software_right_with_properties_generated_tests_and_proofs","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10768.html","description":"How do we write software that works - or rather, how do we ensure it's correct once it's written?  We can just try it out and run it, and see if it works on a few examples.  If the program was correct to begin with, that's great - but if it's not, we're going to miss bugs.  Bugs that might crash our computer, make it vulnerable to attacks, stop the factory, endanger lives, or \"just\" leave us unsatisfied.  This talk is about techniques every programmer can use to avoid large classes of bugs.  You think about general properties of the things in your code, verify them through automatically generated tests, and (when it's particularly critical) proofs.  This is a surprisingly fun and satisfying experience, and any programmer can do it.  You need just a bit of high school math (which we'll refresh in the talk) to get started.\n\n\nThis talk is specifically about accessible techniques: Almost any program, function, or entity has a few interesting properties, and teasing them out will enhance your understanding of what is going on in your software.  The next trick is to write out the property in your programming language.  People with lots of time and budget can write down enough properties to form a complete specification of the security- and safety-critical parts of a system and prove that they hold for their system.  In the talk, we'll instead focus on a dead-simple technique called \u003cb\u003eQuickCheck\u003c/b\u003e.  (Your programming language almost certainly has a QuickCheck library you can use.)  QuickCheck - from the code describing the property - will automatically generate as many test cases as you want, run them, and produce counterexamples for failures.  QuickCheck is amazingly effective at flushing out those corner cases that elude traditional unit tests.  Finally, for simple properties of pure functions, we can also attempt a proof using simple algebra.  The results are a wonderful feeling of satisfaction, and a sound sleep.\n","original_language":"eng","persons":["Mike Sperber"],"tags":["36c3","10768","2019","Resilience \u0026 Sustainability","Main"],"view_count":1398,"promoted":false,"date":"2019-12-29T12:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-18T01:30:03.940+01:00","length":3767,"duration":3767,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10768-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10768-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10768-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10768-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10768-getting_software_right_with_properties_generated_tests_and_proofs","url":"https://api.media.ccc.de/public/events/85314c6e-7df5-443b-b684-f13ab25749b0","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"03d76db0-ea48-516b-94f2-b731cccf47de","title":"Ethische Grenzen im Making","subtitle":null,"slug":"36c3-oio-181-ethische-grenzen-im-making","link":"https://talks.oio.social/36c3-oio/talk/7WUGHV/","description":"Machbarkeit im Making wird vornehmlich von physikalischen Gesetzen bestimmt. Doch wie sieht es mit ethischen Grenzen aus? Vor allem im Gesundheitsbereich stellt sich die Frage, ob alles das was reverse engineered und selbst gebaut werden kann tatsächlich auch von der maker community diesem Prozess unterzogen werden sollte. Über diese Frage diskutieren Steini und Seb (CADUS).\n\n„Tut mir leid, alle von offiziellen Stellen geprüften und zertifizierten Medizingeräte sind kaputt, aber wir überwachen Sie während der OP einfach mit diesem selbst zusammengebauten open source Patienten-Monitor, kein Problem.“\n\nMachbarkeit im Making wird vornehmlich von physikalischen Gesetzen bestimmt. Doch wie sieht es mit ethischen Grenzen aus? Vor allem im Gesundheitsbereich stellt sich die Frage, ob alles das was reverse engineered und selbst gebaut werden kann tatsächlich auch von der maker community diesem Prozess unterzogen werden sollte. Über diese Frage diskutieren Steini und Seb (CADUS).","original_language":"deu","persons":["Sebastian Jünemann","Steini"],"tags":["36c3-oio","181","2019","Ethics, Society \u0026 Politics","OpenInfrastructureOrbit"],"view_count":1131,"promoted":false,"date":"2019-12-29T22:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-12-08T05:30:02.585+01:00","length":3466,"duration":3466,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/181-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/181-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/181-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/181-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-181-ethische-grenzen-im-making","url":"https://api.media.ccc.de/public/events/03d76db0-ea48-516b-94f2-b731cccf47de","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"252da3e6-cdd0-42fe-8882-a0da51762d27","title":"TamaGo - bare metal Go framework for ARM SoCs.","subtitle":"Reducing the attack surface with pure embedded Go.","slug":"36c3-10597-tamago_-_bare_metal_go_framework_for_arm_socs","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10597.html","description":"TamaGo is an Open Source operating environment framework which aims to allow deployment of firmware for embedded ARM devices by using 0% C and 100% Go code. The goal is to dramatically reduce the attack surface posed by complex OSes while allowing unencumbered Go applications.\n\nTamaGo is a compiler modification and driver set for ARM SoCs, which allows bare metal drivers and applications to be executed with pure Go code and minimal deviations from the standard Go runtime.\n\nThe presentation explores the inspiration, challenges and implementation of TamaGo as well as providing sample applications that benefit from a pure Go bare metal environment.\n\nTamaGo allows a considerable reduction of embedded firmware attack surface, while maintaining the strength of Go runtime standard (and external) libraries. This enables the creation of HSMs, cryptocurrency stacks and many more applications without the requirement for complex OSes and libraries as dependencies.","original_language":"eng","persons":["Andrea Barisani"],"tags":["36c3","10597","2019","Security","Main"],"view_count":1256,"promoted":false,"date":"2019-12-28T12:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-01-14T21:00:14.634+01:00","length":3558,"duration":3558,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10597-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10597-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10597-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10597-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10597-tamago_-_bare_metal_go_framework_for_arm_socs","url":"https://api.media.ccc.de/public/events/252da3e6-cdd0-42fe-8882-a0da51762d27","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"9e71d30b-a863-5ab2-a16b-599200aba5f1","title":"Live querying: let’s explore Wikidata together!","subtitle":"","slug":"36c3-75-live-querying-let-s-explore-wikidata-together","link":"https://cfp.verschwoerhaus.de/36c3/talk/VN8MEQ/","description":"\u003cp\u003eYou can find a lot of interesting, useful or amusing information on Wikidata \u0026ndash; let\u0026rsquo;s spend half an hour writing some queries together! This will be an interactive session to explore the possibilities of Wikidata, the free knowledge base, and its query service. Participants can suggest queries, and I\u0026rsquo;ll do my best to implement them.\u003c/p\u003e","original_language":"eng","persons":["Lucas Werkmeister"],"tags":["36c3-wikipakawg","75","2019","Hardware \u0026 Making","WikiPakaWG"],"view_count":285,"promoted":false,"date":"2019-12-27T13:00:00.000+01:00","release_date":"2020-01-12T01:00:00.000+01:00","updated_at":"2026-03-16T10:15:06.351+01:00","length":1809,"duration":1809,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/75-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/75-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/75-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/75-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-75-live-querying-let-s-explore-wikidata-together","url":"https://api.media.ccc.de/public/events/9e71d30b-a863-5ab2-a16b-599200aba5f1","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"0ca86585-29d6-4662-bb8a-c4d830ad3b35","title":"Hacking Sony PlayStation Blu-ray Drives","subtitle":null,"slug":"36c3-10567-hacking_sony_playstation_blu-ray_drives","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10567.html","description":"Xbox 360 video game console had a number of widely known hacks for firmware of its optical disc drives. However, it was never the case with Blu-ray disc drives of Sony PlayStation video game consoles. In fact, up until recently there was no much information available on this subject publicly.\n\nIn this presentation, I would like to share my journey of delving deep into internals and security of Sony PlayStation Blu-ray disc drives. As games are distributed within optical media, those embedded devices were intended to contain the best security possible. I will demonstrate a multiple hardware hacks and several software vulnerabilities that allowed to dump firmware and get code execution on multiple models of Sony PlayStation Blu-ray disc drives.\n\nIn this presentation, I will share the following:\n1)\tI will provide in-depth analysis of vulnerabilities and their exploitation to achieve code execution on multiple models of Sony PlayStation Blu-ray disc drives\n2)\tI will discuss problems that I’ve encountered while reverse engineering the firmware and how I solved (some of) them\n3)\tI will talk about security features of Sony PlayStation Blu-ray disc drives\n4)\tI will explain what engineers did right and how achieving code execution on the drive doesn’t lead to full compromise of security","original_language":"eng","persons":["oct0xor"],"tags":["36c3","10567","2019","Security","Main"],"view_count":4131,"promoted":false,"date":"2019-12-28T22:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-20T19:00:10.614+01:00","length":2950,"duration":2950,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10567-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10567-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10567-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10567-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10567-hacking_sony_playstation_blu-ray_drives","url":"https://api.media.ccc.de/public/events/0ca86585-29d6-4662-bb8a-c4d830ad3b35","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"56a5c6da-625b-55e0-a919-647418670069","title":"CTF in a box","subtitle":null,"slug":"36c3-74-ctf-in-a-box","link":"https://fahrplan.chaos-west.de/36c3/talk/PQALSP/","description":"A situation loads of passionate CTF players will recognize: You are bored and looking up some CTF on ctftime. You finally find one and it's hosted on some fork of CTFd running on what feels like a raspberry pi 1. Notherless, you decide to play, but the first web challenge you look at has a conveniently placed php shell in the webroot. Yay! one shared web service!. After we had the same issue with multiple platforms, we decided that this had to change. The main problems we noticed were that all players compete on one service or receive a static challenge and that the platforms don't always scale well. We solved this in a new project: CIRCUS. This is the story of what can break when unleashing a lot of people on a service allowing them to spawn containers on demand and what can be done to counteract those problems.","original_language":"eng","persons":["hanemile"],"tags":["36c3-chaoswest","74","2019","All about computers","ChaosWest"],"view_count":784,"promoted":false,"date":"2019-12-29T16:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-14T21:30:05.195+01:00","length":919,"duration":919,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/74-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/74-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/74-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/74-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-74-ctf-in-a-box","url":"https://api.media.ccc.de/public/events/56a5c6da-625b-55e0-a919-647418670069","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"67cb6b14-8d5d-46b3-be5c-09574be7bbef","title":"Der dezentrale Jahresrückblick des CCC","subtitle":null,"slug":"36c3-11225-der_dezentrale_jahresruckblick_des_ccc","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11225.html","description":null,"original_language":"deu","persons":["Holger Klein"],"tags":["36c3","11225","2019","CCC","Main"],"view_count":12088,"promoted":false,"date":"2019-12-28T18:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-18T08:15:04.866+01:00","length":6958,"duration":6958,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11225-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11225-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11225-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11225-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11225-der_dezentrale_jahresruckblick_des_ccc","url":"https://api.media.ccc.de/public/events/67cb6b14-8d5d-46b3-be5c-09574be7bbef","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"90f17f11-0bd2-52ae-b2db-b3c4fa7ca298","title":"Mehr als ein Hobby? ","subtitle":"Deutschsprachige Podcaster*innen im Fokus psychologischer Forschung.","slug":"36c3-108-mehr-als-ein-hobby-deutschsprachige-podcaster-innen-im-fokus-psychologischer-forschung-","link":"https://fahrplan.das-sendezentrum.de/36c3/talk/NZR3VR/","description":"\u003cp\u003eIn diesem Talk werden erstmalig Ergebnisse einer Online-Studie mit 653 Podcastproduzierenden vorgestellt. Seitdem vor etwa 15 Jahren die ersten Podcasts im deutschsprachigen Raum produziert und ver\u0026ouml;ffentlicht wurden, ist die Zahl podcastender Personen enorm gestiegen \u0026ndash; ein Ende des Wachstums ist nicht abzusehen. Dennoch sind Podcaster_innen bisher kaum Gegenstand psychologischer Forschung geworden. Wie lassen sich deutschsprachige Podcastproduzierende charakterisieren? Was sind die zentralen Motive, die dazu f\u0026uuml;hren, mit dem Podcasten zu beginnen? Gibt es Geschlechterunterschiede? Auf Basis einer Stichprobe von 653 Podcaster_innen sollen diese Fragen erstmals f\u0026uuml;r den deutschsprachigen Raum beantwortet werden.\u003c/p\u003e","original_language":"deu","persons":["Christiane Attig"],"tags":["36c3-sendezentrum","108","2019","DLF- und Podcast-Bühne","Sendezentrum"],"view_count":1057,"promoted":false,"date":"2019-12-27T19:15:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-22T16:30:06.231+01:00","length":2574,"duration":2574,"thumb_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/108-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/108-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/108-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/108-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-108-mehr-als-ein-hobby-deutschsprachige-podcaster-innen-im-fokus-psychologischer-forschung-","url":"https://api.media.ccc.de/public/events/90f17f11-0bd2-52ae-b2db-b3c4fa7ca298","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"41e88ad7-8504-4e69-b312-f125d62240bd","title":"Aufbau eines Sensornetzes für die Messung von Stickstoffdioxid","subtitle":null,"slug":"36c3-10948-aufbau_eines_sensornetzes_fur_die_messung_von_stickstoffdioxid","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10948.html","description":"Ausgehend von den behördlichen Messnetz für Stickoxide soll der Aufbau einer preisgünstigen Open Source Messstation für Stickstoffdioxid, inklusive Kalibrierung und der behandlung von Störenden einflüssen behandelt werden. Zusätzlich soll eine Webanwendung vorgestellt werden welche die Daten aus einem Messnetz der NO2-Messstationen sammelt, auf Karten visualisiert und somit dem Citizen Science Ansatz Rechnung trägt.\n\nSpätestens seit dem Abgasskandal (Dieselgate) und den daraus resultierenden Fahrverboten für Dieselfahrzeuge ist eine öffentliche Debatte um Stickoxide (insbesondere Stickstoffdioxid (NO2))  als Luftschadstoff entstanden. Die Stickstoffdioxidbelastung in Städten und Gemeinden verunsichert viele Bürgerinnen und Bürger, denn  einerseits ist der Schadstoff nicht wahrnehmbar und andererseits kann Stickstoffdioxid eine erhebliche Gefahr für die Gesundheit darstellen. In Deutschland existieren derzeit nur ca. 350 offizielle Messstationen für Stickstoffdioxid, so dass ortsspezifische oder sogar flächendeckende Angaben zur Luftschadstoffbelastung nicht möglich sind. Ein flächendeckendes Messnetz ist laut Gesetz auch nicht vorgesehen. Folglich können politische oder gerichtlich durchgesetzte Maßnahmen zur Verbesserung der Luftqualität auch nur dort stattfinden, wo Messwerte existieren. Da es gegenwärtig keine Bestrebungen gibt das öffentliche Netz an Messstationen auszuweiten, möchten wir mit diesem Vortrag einen Vorstoß unternehmen, die technischen Grundlagen zur Errichtung eines bürgerschaftlichen Messnetzes zu eruieren und für diesen Zweck konkrete Bauanleitungen und Informationsdienste vorstellen. Im Gegensatz zu den mehrere tausend Euro teuren und eignungsgeprüften Messstationen zeigen wir eine hinreichend akkurate und preisgünstige (\u003c50 Euro) Alternative auf.\n\nIn dem Vortrag erklären wir euch zunächst wie Stickstoffdioxid durch offizielle Stellen gemessen wird und wie die Grenzwerte definiert sind. Anhand des Status Quo der Datenerhebung erläutern wir bestehende Defizite und Potentiale für eine genauere und flächendeckendere Messung von  Luftschadstoffen wie Stickstoffdioxid.\n\nIm zweiten Teil des Vortrags beschreiben wir den Aufbau einer preisgünstigen Open Source Messstation für Stickstoffdioxid. Dabei werden Kriterien für die Auswahl von Komponenten und die Durchführung einer Vergleichsuntersuchung mit einem eignungsgeprüften Messgerät vorgestellt. Außerdem werden Kalibrierungsmethoden und die Behandlung von störenden Einflüssen durch Luftfeuchtigkeit und Temperaturschwankungen thematisiert.\n\nIm dritten Teil des Vortrags wird eine Web-Anwendung vorgestellt, die Daten aus einem Messnetz der NO2-Messstationen sammelt, auf Karten visualisiert und somit dem Citizen Science Ansatz Rechnung trägt. Dabei diskutieren wir auch Vor- und Nachteile unterschiedlicher kartenbasierten Darstellungsformen von Luftschadstoffmesswerten.\n\n\n","original_language":"deu","persons":["Patrick Römer"],"tags":["36c3","10948","2019","Hardware \u0026 Making","Main"],"view_count":984,"promoted":false,"date":"2019-12-30T14:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-01-01T10:15:08.880+01:00","length":2296,"duration":2296,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10948-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10948-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10948-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10948-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10948-aufbau_eines_sensornetzes_fur_die_messung_von_stickstoffdioxid","url":"https://api.media.ccc.de/public/events/41e88ad7-8504-4e69-b312-f125d62240bd","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"3bb36130-4ae2-482d-9dde-7c1295269ed8","title":"Hebocon","subtitle":"The sumo robot fight for the technically ungifted","slug":"36c3-10776-hebocon","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10776.html","description":"Let's build funny robots and let them fight each other as long as we are superior to them :) Please let's dishonor high tech and celebrate everything made out of stuff we usually throw away (and blinks).\n\n\nJoin with your derpy bot to fight your nemesis! Push it off the table or knock the enemy over. No weapons. No advanced controllers. No tears. Don't take it serious. \n\nEveryone is invited to compete with a self-made robot, especially if you've never done that before. High-tech is penalized, creativity encouraged. \n\nIf you are interested, please send me a quick \"sounds cool, maybe i'll build one\" mail to honky@defendtheplanet.net or contact @honky in RocketChat.\n\nWe need at least 8 Robots to participate, if we have more, we'll bring this to the battlefield.","original_language":"eng","persons":["honky"],"tags":["36c3","10776","2019","Entertainment","Main"],"view_count":2662,"promoted":false,"date":"2019-12-30T00:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-18T17:00:12.847+01:00","length":3049,"duration":3049,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10776-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10776-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10776-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10776-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10776-hebocon","url":"https://api.media.ccc.de/public/events/3bb36130-4ae2-482d-9dde-7c1295269ed8","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"12f679e6-bf32-486f-a730-ef88c468375f","title":"SELECT code_execution FROM * USING SQLite;","subtitle":"--Gaining code execution using a malicious SQLite database","slug":"36c3-10701-select_code_execution_from_using_sqlite","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10701.html","description":"SQLite is one of the most deployed software in the world. However, from a security perspective, it has only been examined through the narrow lens of WebSQL and browser exploitation. We believe that this is just the tip of the iceberg.\nIn our long term research, we experimented with the exploitation of memory corruption issues within SQLite without relying on any environment other than the SQL language. Using our innovative techniques of Query Hijacking and Query Oriented Programming, we proved it is possible to reliably exploit memory corruptions issues in the SQLite engine. We demonstrate these techniques a couple of real-world scenarios: pwning a password stealer backend server, and achieving iOS persistency with higher privileges.\n\nEveryone knows that databases are the crown jewels from a hacker's point of view, but what if you could use a database as the hacking tool itself? We discovered that simply querying a malicious SQLite database - can lead to Remote Code Execution. We used undocumented SQLite3 behavior and memory corruption vulnerabilities to take advantage of the assumption that querying a database is safe.\n\nHow? We created a rogue SQLite database that exploits the software used to open it.Exploring only a few of the possibilities this presents we’ll pwn password stealer backends while they parse credentials files and achieve iOS persistency by replacing its Contacts database…\n\nThe landscape is endless (Hint: Did someone say Windows 10 0-day?). This is extremely terrifying since SQLite3 is now practically built-in to any modern system.\n\nIn our talk we also discuss the SQLite internals and our novel approach for abusing them. We had to invent our own ROP chain technique using nothing but SQL CREATE statements. We used JOIN statements for Heap Spray and SELECT subqueries for x64 pointer unpacking and arithmetics. It's a new world of using the familiar Structured Query Language for exploitation primitives,laying the foundations for a generic leverage of memory corruption issues in database engines.","original_language":"eng","persons":["OmerGull"],"tags":["36c3","10701","2019","Security","Main"],"view_count":9659,"promoted":false,"date":"2019-12-27T23:30:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-12T16:45:07.597+01:00","length":2806,"duration":2806,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10701-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10701-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10701-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10701-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10701-select_code_execution_from_using_sqlite","url":"https://api.media.ccc.de/public/events/12f679e6-bf32-486f-a730-ef88c468375f","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"af7bc6b8-d310-46de-b90a-b4bb04112579","title":"Open Code Verlesung","subtitle":"Lesung des öffentlichen Sourcecodes","slug":"36c3-10677-open_code_verlesung","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10677.html","description":"Kommet zusammen Ihr Jüngerinnen der Bits und Bytes und hörtet die frohe Kunde des offenen Sourcecodes. Halleluhjaz!\n\nAm Anfang stand das NOP.\nAm Ende steht das NOPE.\nLasst euch verwirren von Interpunktion und Kommentaren.\nSeid stark im Anblicke der zweiköpfigen Schlange!\n\nDie Zeit ist reif den offenen Sourcecode zu predigen. \nKommet in Scharen! Bringet Kind und Kegel. \nFür alle Altergruppen (geboren vor Greased Weasel, über Erotic Pickel Hering bis hin zu Sheep on Meth)","original_language":"deu","persons":["Foaly","Tofu","Trollofix","DrLuke"],"tags":["36c3","10677","2019","Entertainment","Main"],"view_count":2450,"promoted":false,"date":"2019-12-28T23:30:00.000+01:00","release_date":"2020-01-03T01:00:00.000+01:00","updated_at":"2026-01-27T13:15:10.497+01:00","length":2685,"duration":2685,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10677-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10677-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10677-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10677-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10677-open_code_verlesung","url":"https://api.media.ccc.de/public/events/af7bc6b8-d310-46de-b90a-b4bb04112579","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"d30a38e6-2db7-592d-9283-73dc445f9c89","title":"Helping WordPress users build climate-friendly websites","subtitle":null,"slug":"36c3-91-helping-wordpress-users-build-climate-friendly-websites","link":"https://cfp.verschwoerhaus.de/36c3/talk/FFGWSW/","description":"greenerWP is dedicated to help WordPress site owners making their sites and blogs more environmentally sustainable.\n\ngreenerWP wants to help WordPress site owners making their sites more environmentally sustainable. The non-profit free/libre open source project consists of a website scanner, a WordPress plugin which provides guidance and optimizations, a lightweight WordPress theme that is optimized for sustainability, and guides and tools for setting up a solar powered single board computer running WordPress. The talk will give a short overview of the project and its development state.","original_language":"deu","persons":["Christian Neumann"],"tags":["36c3-wikipakawg","91","2019","Resilience \u0026 Sustainability","WikiPakaWG"],"view_count":578,"promoted":false,"date":"2019-12-28T13:50:00.000+01:00","release_date":"2020-01-23T00:00:00.000+01:00","updated_at":"2025-10-17T15:30:04.228+02:00","length":1032,"duration":1032,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/91-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/91-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/91-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/91-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-91-helping-wordpress-users-build-climate-friendly-websites","url":"https://api.media.ccc.de/public/events/d30a38e6-2db7-592d-9283-73dc445f9c89","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"9c139fdf-f96b-4957-865c-565cfc04d476","title":"p2panda","subtitle":"Social, artistic \u0026 theoretical experiments with decentralized festivals","slug":"36c3-10756-p2panda","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10756.html","description":"Festivals and events are organized by a small group of deciders. But what would Eris do? (chaos!) We will look at some of our experiences with decentralised festivals where every participant can truly participate, reflect on how they influence our way of discussing and producing art and technology and discuss p2panda, an idea of a p2p protocol for (self-)organising resources, places and events, which is based on the SSB protocol.\n\n\u003cp\u003eThis is a technical, artistic, theoretical reflection on how we use technology to run and experiment with decentralised festivals. VERANTWORTUNG 3000 (2016), HOFFNUNG 3000 (2017) and now p2panda are platforms and protocols to setup groups, festivals, gatherings, events or spaces in a decentralised, self-organised manner which allow us to raise questions on how we organise ourselves in our social, artistic \u0026 theoretical communities.\u003c/p\u003e\n\n\u003cp\u003eIn this presentation we want to:\u003c/p\u003e\n\n\u003cul\u003e\n\u003cli\u003eShow work and reflection processes of BLATT 3000 and Liebe Chaos Verein e. V. i. G. in Berlin on how technology informs art production and how these systemic \"meta\"-questions can be made the actual means of art, theory and discussion.\u003c/li\u003e\n\n\u003cli\u003eIntroduce some technical key-concepts of the p2panda protocol and how offline-first, append-only data-types, user authorization through cryptographic keys are interesting for ephemerality, self-organization, non-individuality, decentralization and anonymity in art and theory production.\u003c/li\u003e\n\n\u003cli\u003ePresent fictional ideas for festivals of the future.\u003c/li\u003e\n\n\u003cli\u003eTalk about pandas.\u003c/li\u003e\n\u003c/ul\u003e","original_language":"eng","persons":["adz","sophiiistika","cafca"],"tags":["36c3","10756","2019","Art \u0026 Culture","Main"],"view_count":621,"promoted":false,"date":"2019-12-29T18:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-28T14:00:04.745+01:00","length":3735,"duration":3735,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10756-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10756-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10756-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10756-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10756-p2panda","url":"https://api.media.ccc.de/public/events/9c139fdf-f96b-4957-865c-565cfc04d476","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"51a9f476-22d9-5844-ace2-a9078540bec5","title":"Swiss Cybervoting PIT(falls)","subtitle":null,"slug":"36c3-88-swiss-cybervoting-pit-falls-","link":"https://fahrplan.chaos-west.de/36c3/talk/LBLBJT/","description":"The Swiss democracy is one of it's kind.\nDigitization is starting to affect even our most critical processes, such as voting.\n\nWhen a piece of code suddenly gets responsible for democracy, it's only natural that the voices get loud and many questions get raised:\nIs our democracy at stake? Do we have to fear for our privacy? Is electronic voting even feasible in Switzerland? Is such a solution secure?\n\nAs part of a mandatory Public Intrusion Test (PIT), the Swisspost released their e-voting source code to the world and started a heated debate - far beyond the Swiss borders.\n\nNot only the codebase revealed several problems during the PIT. \nInteresting scoping, redefining the term \"open source\" and unreleased security audits were only some of the issues that security researchers faced and caused controversy.\n\nIn this talk we will have a look at many technical and non-technical aspects of the e-voting solution and PIT from the view of a participating security researcher.","original_language":"eng","persons":["Jannis Kirschner"],"tags":["36c3-chaoswest","88","2019","All about computers","ChaosWest"],"view_count":458,"promoted":false,"date":"2019-12-27T11:30:00.000+01:00","release_date":"2020-03-03T00:00:00.000+01:00","updated_at":"2025-10-26T07:15:02.796+01:00","length":1109,"duration":1109,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/88-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/88-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/88-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/88-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-88-swiss-cybervoting-pit-falls-","url":"https://api.media.ccc.de/public/events/51a9f476-22d9-5844-ace2-a9078540bec5","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"725733e7-b96f-400d-a2d5-769d967236c1","title":"Der Pfad von 4G zu 5G","subtitle":" Die Luftschnittstelle und das Core im Wandel der Zahlen","slug":"36c3-10542-der_pfad_von_4g_zu_5g","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10542.html","description":"Mit 4G wurde gegenüber früheren Mobilfunktechnologien das Air-Interface komplett neu gestaltet. Mit 5G wird dieses nun auf mögliche Zukunftstechnologien erweitert. Wir stellen die Neuerungen und die Möglichkeiten auf dem 5G-Air-Interface und im Core-Netz gegenüber 4G vor.\n\nDie folgenden Themen werden behandelt:\n\nDie 5G-Luftschnittstelle:\n\n- Subcarrier, Subcarrierspacing, Symbolzeit\n- OFDMA bei 4G\n- Guard Period\n- Resource Block und Referenzsignal\n- Resource Grid und die Aufgaben der physikalischen Kanäle\n- Grenzen von 4G und Möglichkeiten mit 5G\n- Kanalbandbreiten und Frequenzbereiche 5G\n- Subcarrier-Spacing und Änderungen im Resource Block (MBMS, NBIoT, Data, Low Latency, etc.)\n- Beispiele von Resource Grids\n- 5G auf 3,5 GHz und 700 MHz\n- Berechnung der maximalen Datenrate\n- TDD und dessen Vorteile und Einschränkungen (Sync, Laufzeit)\n- Massive MIMO, Multi-User MIMO\n- statische Beams und Traffic Beams\n- Mixed Mode - Dynamic Spectrum Sharing\n- Messung von Antennen bei 5G\n\nNetzarchitektur:\n\n- Aktueller Stand von 5G (NSA, Anker bei 4G, TDD, CA mit 4G)\n- 5G NSA und SA\n- Core-Netzelemete, Schnittstellen und deren Aufgaben\n- Radionetzwerk, eNB, gNB, Schnittstellen ((e)CPRI, S, X, ...)\n- Backhaul, 10 Gbit/s Fiber und Richtfunk\n- Vorstellung 3GPP Specs\n","original_language":"deu","persons":["Peter Schmidt","Heurekus"],"tags":["36c3","10542","2019","Science","Main"],"view_count":5803,"promoted":false,"date":"2019-12-28T11:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-01T16:45:06.131+01:00","length":3635,"duration":3635,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10542-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10542-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10542-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10542-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10542-der_pfad_von_4g_zu_5g","url":"https://api.media.ccc.de/public/events/725733e7-b96f-400d-a2d5-769d967236c1","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"890b2813-ef91-586d-a738-ce01b4b93861","title":"Open Source Hardware in industry – meet DIN SPEC 3105","subtitle":null,"slug":"36c3-oio-192-open-source-hardware-in-industry-meet-din-spec-3105","link":"https://talks.oio.social/36c3-oio/talk/V7HNKR/","description":"Compared to software, the open source approach is relatively new to most actors in the field of (mechanical) hardware. Plus Open Source Hardware faces some special issues. A yet missing definition of its \"source code\" is one of them (+ patent law, liability, engineers that do not know how to work with git, costly prototyping…).\nDIN SPEC 3105 will be/is the first official standard for Open Source Hardware and also the first official standard ever published under a free license (CC-BY-SA 4.0; that was a lot of lobby work ;) ). It defines the technology-specific \"source\" of Open Source Hardware and aims to build a bridge between research institutes, public authority, industry and the worldwide open source community.\n\nIn this talk I won't explain why Open Source (Hardware) is great. I assume, you all know that (if not, still feel free to ask me in the Q\u0026A part or after the talk). I'll describe what's the standard for, how it works and why its great _for_ Open Source Hardware.","original_language":"eng","persons":["Martin Häuer"],"tags":["36c3-oio","192","2019","Resilience \u0026 Sustainability","OpenInfrastructureOrbit"],"view_count":1102,"promoted":false,"date":"2019-12-29T14:45:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-26T17:15:09.791+01:00","length":1512,"duration":1512,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/192-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/192-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/192-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/192-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-192-open-source-hardware-in-industry-meet-din-spec-3105","url":"https://api.media.ccc.de/public/events/890b2813-ef91-586d-a738-ce01b4b93861","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"9ca25e43-bcd8-541c-b79c-bfb6db1c2789","title":"A dozen more things you didn't know Nextcloud could do","subtitle":null,"slug":"36c3-oio-160-a-dozen-more-things-you-didn-t-know-nextcloud-could-do","link":"https://talks.oio.social/36c3-oio/talk/8D7DBP/","description":"With Nextcloud you can sync, share and collaborate on data, but you don't need to put your photos, calendars or chat logs on an American server. Nope, Nextcloud is self-hosted and 100% open source! Thanks to hundreds of apps, Nextcloud can do a lot and in this talk, I will highlight some cool things.\n\nConsider this a follow-up from my talk about 200 things Nextcloud can do last year! An update on what's new and some cool new stuff. What, what is `Nextcloud`? Let's see. A private cloud is one way to put it, though that's a contradiction of course. It is a way to share your data, sync your files, communicate and collaborate with others - without giving your data to GAFAM! Keep it on your own server, or something close (like a local hosting provider or data center). Nextcloud is a PHP app that does all that, and more! Easy to use, secure (really) and fully open source of course.","original_language":"eng","persons":["Jos Poortvliet"],"tags":["36c3-oio","160","2019","Hardware \u0026 Making","OpenInfrastructureOrbit"],"view_count":3909,"promoted":false,"date":"2019-12-28T18:15:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-18T21:45:07.756+01:00","length":2972,"duration":2972,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/160-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/160-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/160-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/160-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-160-a-dozen-more-things-you-didn-t-know-nextcloud-could-do","url":"https://api.media.ccc.de/public/events/9ca25e43-bcd8-541c-b79c-bfb6db1c2789","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"20e8e532-a5c8-5c46-b1e8-ee648ca653a9","title":"Risky Business?! – Rechte und Pflichten von IT-SicherheitsforscherInnen","subtitle":null,"slug":"36c3-91-risky-business-rechte-und-pflichten-von-it-sicherheitsforscherinnen","link":"https://fahrplan.chaos-west.de/36c3/talk/RKMAKL/","description":"In einem Gespräch über die Hackertool-Paragraphen des Strafgesetzbuches in LNP 296 sagte Frank zu Linus: „Damals haben wir juristisch noch ein bisschen was dazugelernt, nämlich dass die Begründung bzw. Erläuterung des Gesetzes in der deutschen Jurisprudenz mit herangezogen wird.“ Diese Kenntnis reicht für das Lesen von Gesetzen und Gerichtsurteilen aus. Für die IT-Sicherheitsforschung und die Analyse beispielsweise leicht auffindbarer Login-Daten bedarf es aber umfangreicherer Kenntnisse. Fragt man dazu einen Juristen, ist die Antwort oft komplex und führt zum \"buffer overflow\" und einer \"brain resource exhaustion\" des Fragenden.\n\nDamit ForscherInnen beider Gebiete und Interessierte \"ressourcenschonender\" kommunizieren können und um das juristische Verständnis zu erweitern, fasst dieser Vortrag in einem Überblick die wichtigsten Punkte verständlich zusammen. Betrachtet werden das hauptsächlich Datenschutz- und IT-Sicherheitsrecht, am Rande auch erwähnte,  relevante Strafrechtsnormen. Die (prozessuale) Thematik der Hausdurchsuchung bleibt wegen des Talks vom 35c3 (https://media.ccc.de/v/35c3-10018-verhalten_bei_hausdurchsuchungen) außen vor.","original_language":"deu","persons":["Oliver Vettermann"],"tags":["36c3-chaoswest","91","2019","All about computers","ChaosWest"],"view_count":909,"promoted":false,"date":"2019-12-27T13:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-26T03:30:03.415+01:00","length":3034,"duration":3034,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/91-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/91-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/91-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/91-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-91-risky-business-rechte-und-pflichten-von-it-sicherheitsforscherinnen","url":"https://api.media.ccc.de/public/events/20e8e532-a5c8-5c46-b1e8-ee648ca653a9","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"9f41c673-8915-526c-b968-84759271cee8","title":"LilyPond: programming beautiful musical scores","subtitle":null,"slug":"36c3-74-lilypond-programming-beautiful-musical-scores","link":"https://cfp.verschwoerhaus.de/36c3/talk/TGQBME/","description":"Find out what lies at the intersection of music and programming with this brief look at LilyPond, the free programmable musical typesetter!\n\n[LilyPond](http://lilypond.org/) is a musical typesetting program. While it aims to produce beautiful scores by default, its output is also extensively configurable and programmable. This makes it an attractive hobby for people at the intersection of programming and music, some of whom I hope to captivate with this talk.","original_language":"eng","persons":["Lucas Werkmeister"],"tags":["36c3-wikipakawg","74","2019","Hardware \u0026 Making","WikiPakaWG"],"view_count":1390,"promoted":false,"date":"2019-12-29T20:45:00.000+01:00","release_date":"2020-01-23T00:00:00.000+01:00","updated_at":"2026-03-19T00:15:05.123+01:00","length":612,"duration":612,"thumb_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/74-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/74-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/74-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/wikipakawg/74-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-74-lilypond-programming-beautiful-musical-scores","url":"https://api.media.ccc.de/public/events/9f41c673-8915-526c-b968-84759271cee8","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"b546675d-5ca9-5891-9d63-6de8ad98e637","title":"Datacenter - was wir wissen sollten","subtitle":null,"slug":"36c3-126-datacenter-was-wir-wissen-sollten-und-trotzdem-oft-nicht-erfahren-","link":"https://fahrplan.chaos-west.de/36c3/talk/CHBLH8/","description":"**Eine Reise zu den Fundamenten der digitalen Welt**. \n\nWas ist eigentlich ein **Rechenzentrum** und wie funktioniert es? Welche Bedeutung haben **Datacenter** für das Internet und den ganzen digitalen Rest?\n**Strom**, **Kühlung** und **Sicherheit** im Überblick. Was muss alles passieren, damit Server, Storages und Netzwerke immer laufen können. \nWarum werden die Datacenter immer größer, wo doch die Elektronik immer kleiner wird? Welche Konsequenzen ergeben sich daraus?\nWieviel Strom verbraucht eine Suchanfrage oder ein Videostream und warum ist das relevant? \nIst Deutschland ein guter Standort für (neue) Rechenzentren und warum?\nUnd was hat das alles mit **Klimawandel** und **Nachhaltigkeit** zu tun? \nKann es *GreenIT* ohne grüne Datacenter geben? Wie sollten die aussehen? Was muss in den kommenden Jahren geändert werden, damit auch Rechenzentren ihrer Rolle beim globalen CO2-Ausstoß gerecht werden? \n\nÜberraschende Einblicke in *Planung*, *Bau* und *Betrieb* von großen Rechenzentren.","original_language":"deu","persons":["Günter Eggers"],"tags":["36c3-chaoswest","126","2019","The real basic about Bits and Nibbles","ChaosWest"],"view_count":3225,"promoted":false,"date":"2019-12-30T11:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-04-01T18:00:05.603+02:00","length":2835,"duration":2835,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/126-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/126-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/126-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/126-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-126-datacenter-was-wir-wissen-sollten-und-trotzdem-oft-nicht-erfahren-","url":"https://api.media.ccc.de/public/events/b546675d-5ca9-5891-9d63-6de8ad98e637","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"693d16cf-a258-5c00-a9b4-64ba49317708","title":"Datengewerkschaften im Kampf gegen Facebook, Google und Co.","subtitle":"","slug":"36c3-147-datengewerkschaften-im-kampf-gegen-facebook-google-und-co-","link":"https://fahrplan.chaos-west.de/36c3/talk/Q7LV9G/","description":"\u003cp\u003eNone Die Datenverarbeitung auf Basis von Einwilligungen macht uns zu Klickrobotern und gibt uns gegen\u0026uuml;ber \u0026uuml;berm\u0026auml;chtigen Anbietern keine wirklich freie Wahl. Wir zeigen eine Alternative auf, mit der wir unser Grundrecht auf informationelle Selbstbestimmung gegen\u0026uuml;ber den Gro\u0026szlig;konzernen wieder durchsetzen k\u0026ouml;nnten. Ausgehend von den Nachteilen der meistens alternativlosen Einwilligung, die Facebook, Google und Co. f\u0026uuml;r die Nutzung ihrer Services verlangen, wird das Modell von Datengewerkschaften erl\u0026auml;utert, ein Zusammenschluss von datenerzeugenden Einzelpersonen. Die B\u0026uuml;ndelung der Interessen vieler Betroffener zur Schaffung einer ernstzunehmenden Verhandlungsposition und die damit verbundene Erm\u0026ouml;glichung von differenzierten und wirklich freiwilligen Einwilligungen k\u0026ouml;nnten zu einer besseren Balance der Interessen f\u0026uuml;hren, ohne die einzelnen Betroffenen dabei zu bevormunden. Eine erste Datengewerkschaft wurde bereits 2018 in den Niederlanden gegr\u0026uuml;ndet, deren erkl\u0026auml;rtes Ziel es ist, direkt mit den Anbietern zu verhandeln, um den Erzeuger*innen der Daten auch einen fairen Anteil an den Gewinnen zu verschaffen.\u003c/p\u003e","original_language":"deu","persons":["Jörn Erbguth","Deanna","Andreas Diehl"],"tags":["36c3-chaoswest","147","2019","All about computers","ChaosWest"],"view_count":702,"promoted":false,"date":"2019-12-29T11:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-12-27T19:45:10.135+01:00","length":3228,"duration":3228,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/147-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/147-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/147-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/147-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-147-datengewerkschaften-im-kampf-gegen-facebook-google-und-co-","url":"https://api.media.ccc.de/public/events/693d16cf-a258-5c00-a9b4-64ba49317708","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"a86ef320-5bed-4539-aa3f-a6e8586f452d","title":"On the insecure nature of turbine control systems in power generation","subtitle":"A security study of turbine control systems in power generation","slug":"36c3-10689-on_the_insecure_nature_of_turbine_control_systems_in_power_generation","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10689.html","description":"A deep dive into power generation process, industrial solutions and their security implications. Flavoured with vulnerabilities, penetration testing (security assessment) methodology and available remediation approaches.\n\nThe research studies a very widespread industrial site throughout the world – power generation plants. Specifically, the heart of power generation – turbines and its DCS – control system managing all operations for powering our TVs and railways, gaming consoles and manufacturing, kettles and surveillance systems. We will share our notes on how those systems are functioning, where they are located network-wise and what security challenges are facing owners of power generation. A series of vulnerabilities will be disclosed along with prioritisation of DCS elements (hosts) and attack vectors. Discussed vulnerabilities are addressed by vendor of one of the most widespread DCS on our planet. During the talk we will focus on methodology how to safely assess your DCS installation, which security issues you should try to address in the first place and how to perform do-it-yourself remediation. Most of the remediation steps are confirmed by vendor which is crucial for industrial owners.","original_language":"eng","persons":["repdet","@_moradek_","c0rs"],"tags":["36c3","10689","2019","Security","Main"],"view_count":4358,"promoted":false,"date":"2019-12-28T11:30:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-16T03:30:03.955+01:00","length":3612,"duration":3612,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10689-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10689-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10689-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10689-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10689-on_the_insecure_nature_of_turbine_control_systems_in_power_generation","url":"https://api.media.ccc.de/public/events/a86ef320-5bed-4539-aa3f-a6e8586f452d","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"1b9a0283-c1d3-4c62-8e64-258f25ff29d7","title":"Closing Ceremony","subtitle":"","slug":"36c3-11224-closing_ceremony_de","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11224.html","description":"","original_language":"deu","persons":["bleeptrack","blinry"],"tags":["36c3","11224","2019","CCC","Main"],"view_count":2935,"promoted":false,"date":"2019-12-30T17:20:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-20T21:30:06.002+01:00","length":783,"duration":783,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11224-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11224-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11224-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11224-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11224-closing_ceremony_de","url":"https://api.media.ccc.de/public/events/1b9a0283-c1d3-4c62-8e64-258f25ff29d7","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"3e0a51f5-f60a-4a90-a78a-3a311c6ffe41","title":"The ecosystem is moving","subtitle":"Challenges for distributed and decentralized technology from the perspective of Signal development","slug":"36c3-11086-the_ecosystem_is_moving","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11086.html","description":"Considerations for distributed and decentralized technologies from the perspective of a product that many would like to see decentralize.\n\nAmongst an environment of enthusiasm for blockchain-based technologies, efforts to decentralize the internet, and tremendous investment in distributed systems, there has been relatively little product movement in this area from the mobile and consumer internet spaces.\n\nThis is an exploration of challenges for distributed technologies, as well as some considerations for what they do and don't provide, from the perspective of someone working on user-focused mobile communication. This also includes a look at how Signal addresses some of the same problems that decentralized and distributed technologies hope to solve.","original_language":"eng","persons":["Moxie Marlinspike"],"tags":["36c3","11086","2019","Ethics, Society \u0026 Politics","Main"],"view_count":2564,"promoted":false,"date":"2019-12-28T16:10:00.000+01:00","release_date":"2021-01-26T00:00:00.000+01:00","updated_at":"2026-03-28T09:45:06.539+01:00","length":2582,"duration":2582,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11086-3e0a51f5-f60a-4a90-a78a-3a311c6ffe41.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11086-3e0a51f5-f60a-4a90-a78a-3a311c6ffe41_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11086-3e0a51f5-f60a-4a90-a78a-3a311c6ffe41.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11086-3e0a51f5-f60a-4a90-a78a-3a311c6ffe41.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11086-the_ecosystem_is_moving","url":"https://api.media.ccc.de/public/events/3e0a51f5-f60a-4a90-a78a-3a311c6ffe41","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"ba5874d0-d12e-4878-b929-69be90c5dab4","title":"Mathematical diseases in climate models and how to cure them","subtitle":null,"slug":"36c3-11155-mathematical_diseases_in_climate_models_and_how_to_cure_them","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11155.html","description":"Making climate predictions is extremely difficult because climate models cannot simulate every cloud particle in the atmosphere and every wave in the ocean, and the model has no idea what humans will do in the future. I will discuss how we are using the Julia programming language and GPUs in our attempt to build a fast and user-friendly climate model, and improve the accuracy of climate predictions by learning the small-scale physics from observations.\n\nClimate models are usually written in Fortran for performance reasons at the expense of usability, but this makes it hard to hack and improve existing models.\n\nBigger supercomputers can resolve smaller-scale physics and help improve accuracy but cannot resolve all the small-scale physics so we need to take a different approach to climate modeling.\n\nIn this talk I will discuss why modeling the climate on a computer is so difficult, and how we are using the Julia programming language to develop a fast and user-friendly climate model that is flexible and easy to extend.\n\nI will also discuss how we can leverage GPUs to embed high-resolution simulations within a global climate model to resolve and learn the small-scale physics allowing us to simulate the climate more accurately, as the the laws of physics will not change even if the climate does.","original_language":"eng","persons":["Ali Ramadhan","Valentin Churavy"],"tags":["36c3","11155","2019","Science","Main"],"view_count":4491,"promoted":false,"date":"2019-12-27T18:50:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-02-17T00:00:08.175+01:00","length":2990,"duration":2990,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11155-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11155-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11155-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11155-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11155-mathematical_diseases_in_climate_models_and_how_to_cure_them","url":"https://api.media.ccc.de/public/events/ba5874d0-d12e-4878-b929-69be90c5dab4","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"4e309838-fedd-55f3-a48b-835c928cc1c0","title":"a home among the stars: Galina Balashova, architect of the soviet space programme","subtitle":null,"slug":"36c3-oio-201-a-home-among-the-stars-galina-balashova-architect-of-the-soviet-space-programme","link":"https://talks.oio.social/36c3-oio/talk/UZAKPR/","description":"Galina Balashova was the main architect and designer for the soviet space programme. She designed the interieurs and visual identity of spacecrafts such as the Soyuz, Buran, and Mir.\n\n»Space stations are not only technical structures but architecture built amidst zero gravity.«\n\nGalina Balashova (b. 1931) is a self-described \"architect-engineer\" who spent almost 30 years working in the Soviet Space Programme. She designed the ergonomics, the colours \u0026 style and the typography of most soviet spacecrafts, including the Soyuz, the Salyut space stations, the Buran shuttle and the Mir space station.\nHer pioneering work in the field of zero-gravity architecture is still referenced today in the ISS and other spacecrafts.","original_language":"eng","persons":["Aurora"],"tags":["36c3-oio","201","2019","Science","OpenInfrastructureOrbit"],"view_count":720,"promoted":false,"date":"2019-12-30T15:33:00.000+01:00","release_date":"2020-01-21T00:00:00.000+01:00","updated_at":"2026-04-02T10:15:05.798+02:00","length":2692,"duration":2692,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/201-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/201-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/201-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/201-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-201-a-home-among-the-stars-galina-balashova-architect-of-the-soviet-space-programme","url":"https://api.media.ccc.de/public/events/4e309838-fedd-55f3-a48b-835c928cc1c0","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"cdb743e5-86b0-4ca9-a9a0-e2ffe90918f5","title":"Lightning Talks Day 4","subtitle":null,"slug":"36c3-10526-lightning_talks_day_4","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10526.html","description":"Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick!\n\nTo get involved and learn more about what is happening please visit the Lightning Talks page in the 36C3 wiki.","original_language":"eng","persons":["gedsic","bigalex"],"tags":["36c3","10526","2019","CCC","Main"],"view_count":808,"promoted":false,"date":"2019-12-30T11:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-08T18:30:06.165+01:00","length":6584,"duration":6584,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10526-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10526-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10526-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10526-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10526-lightning_talks_day_4","url":"https://api.media.ccc.de/public/events/cdb743e5-86b0-4ca9-a9a0-e2ffe90918f5","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"cb6cfce4-9db9-4ddc-9730-36c883c39aed","title":"LibreSilicon's Standard Cell Library (de)","subtitle":"show + tell","slug":"36c3-10784-libresilicon_s_standard_cell_library_de","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10784.html","description":"(en) We make Standard Cells for LibreSilicon available, which are open source and feasible. And we like to talk and demonstrate what we are doing.\n\n(de) Wir machen Standardzellen für LibreSilicon verfügbar, welche Open Source und nutzbar sind. Wir möchten darüber sprechen und vorführen, was wir tun.\n\n(en) LibreSilicon develops a free and open source technology to fabricate chips in silicon and provides all information to use them - or technical spoken - a Process Design Kit (PDK).\nOn one abstraction level higher, user always using with their design compile tools a Standard Cell Library (StdCellLib) with basic blocks like logic gates, latches, flipflops, rams, and even pad cells.\nFrom a programmers point of view, as a PDK is comparable to a language like C, the Standard Cell Library becomes comparable to libc.\nAll commercial available Standard Cell Libraries containing a small subset of all useful cells only, limited just by the manpower of the vendor. They are hand-crafted and error-prone. Unfortunately Standard Cell Libraries are also commercial exploited with Non-disclosure agreement (NDAs) and heavily depend on the underlying PDKs. Our aim is to become the first free and open source Standard Cell Library available.\nThe lecture shows, how far we are gone, with makefile controlled press-button solution which generates a substantial number of Standard Cells by automated processing and respecting the dependencies in the generated outputs.\n\n(de) LibreSilicon entwickelt eine freie und offene Technologie um Siliziumchips herstellen zu können. Dies umfasst alle notwendigen Informationen dies zu tun, oder technisch gesagt, ein Process Design Kit (PDK - engl: Prozessbauskasten).\nDie Anwender nutzen überwiegend auf einer Abstraktionsebene höher mit ihren Design Compiler meist jedoch die Standardzellenbibliothek (StdCellLib) mit Basisblöcken wie Logikgattern, Latches, FlipFlops, Speicherzellen oder auch Padzellen.\nAus Sicht eines Programmierers wäre das PDK vergleichbar einer Sprachdefinition wie C, die darauf aufsetzende Standardzellbibliothek (StdCellLib) dann vergleichbar mit der libc.\nNun enthalten alle nur kommerziell verfügbaren Standardzellenbibliotheken lediglich eine kleine Teilmenge aller nützlichen Zellen, limitiert durch die Arbeitskräfte beim Hersteller. Sie sind handgemacht und fehlerträchtig. Unglücklicherweise sind die kommerziellen Standardzellbibliotheken stark vom PDK abhängig und mit Geheimhaltungsvereinbarungen gepflastert. Unser Ziel ist es, die erste freie und offene Standardzellbibliothek zu werden.\nDieser Talk zeigt, wie weit wir bereits gekommen sind, mit Hilfe der Makefile-gesteuerten Lösung eine beachtliche Anzahl an Standardzellen und deren Ausgabeformate als Abhängigkeiten automatisiert zu generieren.","original_language":"deu","persons":["chipforge"],"tags":["36c3","10784","2019","Hardware \u0026 Making","Main"],"view_count":2070,"promoted":false,"date":"2019-12-27T20:50:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-02-03T21:45:12.686+01:00","length":3639,"duration":3639,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10784-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10784-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10784-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10784-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10784-libresilicon_s_standard_cell_library_de","url":"https://api.media.ccc.de/public/events/cb6cfce4-9db9-4ddc-9730-36c883c39aed","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"63410ac1-263b-5327-9c4b-ba3b0098228c","title":"Broken Beyond Repair - No Patch for Verfassungsschutz: Kritische Analyse der Verfassungsschutzberichte","subtitle":"","slug":"36c3-100-broken-beyond-repair-no-patch-for-verfassungsschutz-kritische-analyse-der-verfassungsschutzberichte","link":"https://fahrplan.chaos-west.de/36c3/talk/RAFTCU/","description":"\u003cp\u003eDer deutsche Inlandsgeheimdienst bietet seit Jahrzehnten mit seinen Berichten eine interessante Propaganda an. Dieser wollen wir in diesem Talk auf den Zahn f\u0026uuml;hlen. Dazu ordnen wir die Erw\u0026auml;hnungen von linken und antifaschistischen Akteur:innen kritisch ein. Dabei legen wir die Ideologie des sog. Verfassungsschutzes offen. Die Verfassungsschutz\u0026auml;mter ver\u0026ouml;ffentlichen j\u0026auml;hrlich Berichte \u0026uuml;ber ihre Arbeit \u0026ndash; auch im Netz. Doch die Berichte wurden zumeist nach 5 Jahre depubliziert. Wir sammeln alte und neue Berichte auf [Verfassungschutzberichte.de](https://vsberichte.de). Mit diesem digitalen Archiv vereinfachen wir die Recherche. Neben einer Suche lassen sich so z. B. Erw\u0026auml;hnungen von Begriffen oder Organisationen im zeitlichen Verlauf betrachten. Einige interessante Resultate stellen wir in dem Vortrag vor.\u003c/p\u003e","original_language":"deu","persons":["Andreas Krämer","Johannes Filter"],"tags":["36c3-chaoswest","100","2019","Antifaschismus","ChaosWest"],"view_count":1629,"promoted":false,"date":"2019-12-27T23:00:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-25T21:15:07.758+01:00","length":2984,"duration":2984,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/100-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/100-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/100-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/100-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-100-broken-beyond-repair-no-patch-for-verfassungsschutz-kritische-analyse-der-verfassungsschutzberichte","url":"https://api.media.ccc.de/public/events/63410ac1-263b-5327-9c4b-ba3b0098228c","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"df22758d-4c2a-59e7-b4fb-c4309e176f63","title":"Fundamentals of EEG based Brain-Computer Interfaces","subtitle":null,"slug":"36c3-124-fundamentals-of-eeg-based-brain-computer-interfaces","link":"https://fahrplan.chaos-west.de/36c3/talk/ANUQNX/","description":"The availability of consumer grade EEG headsets and open EEG hardware platforms makes it easier for everyone to develop a Brain-Computer Interface (BCI).  \nThe talk will explain the basics of Electroencephalography (EEG) and how information can be extracted from the Electroencephalogram, which is basically a noise signal. This covers Event Related Potentials (ERP) and their application in common BCI paradigms and biometric schemes. Standard approaches for the experimental setup and for EEG signal processing will be discussed. \nAs an example an EEG based authentication system will be presented that uses the P300 component of the ERP and images as a password. \nThis talk will give an overview of the issues of performance, usability, privacy and security in BCIs and how far the technology is from reading the mind or connecting us to the matrix.","original_language":"eng","persons":["gnoedi"],"tags":["36c3-chaoswest","124","2019","All about computers","ChaosWest"],"view_count":665,"promoted":false,"date":"2019-12-28T14:30:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-01-17T12:30:07.653+01:00","length":1253,"duration":1253,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/124-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/124-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/124-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/124-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-124-fundamentals-of-eeg-based-brain-computer-interfaces","url":"https://api.media.ccc.de/public/events/df22758d-4c2a-59e7-b4fb-c4309e176f63","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"170c8a30-2d88-406a-8b6e-4575a2cf156d","title":"Science for future?","subtitle":"What we can and need to change to keep climate change low - the scientist view","slug":"36c3-10991-science_for_future","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10991.html","description":"This talk is to show the current state of the discussion on climate change and the necessary and possible changes from a scientific perpesctive. It is to give some typical relevant answers and to foster the resiliance against climate sceptic questioning. This is one of the main tasks the scientist for future are trying to tackle.\n\nThe climate crisis is already existing and it is going to become worse. Looking at the pure facts of the changing climate, the acidication of the oceans, the slowly but steady rising of the sea level and the strengthening earth response effects, which make thing worse, it is hard to stay optimistic on the development of human kind on this planet. This lead to the largest social movement in Germany since the second world war fighting for a limitation of climate change to a maximum average temperature increase of 1.5°C.\nOn the other hand, this movement is often disputed. Since the necessary changes are not liked by everyone, the engagement of especially students was attacked also by politicians – even declaring that they should leave such issues to the professionals. At this point scientist for future joined together to support the demands of the students and declare, „they are right“.\nThis support is urgently needed. People have many open questions. The necessary changes are involving all societies in the world. In Germany, one of the most disputed topics is the field of energy, its generation, distribution and use. Is it actually possible to go for 100% renewable energies? What would this lead to? These are typical questions – which are not easy to answer. \nOther typical questions are more fundamental, since climate sceptics are increasing in their relevance and their social media outreach. Thus a lot of people encouter questions, they cannot answer.\nThis talk is to show the current state of the discussion on climate change and the necessary and possible changes from a scientific perpesctive. It is to give some typical relevant answers and to foster the resiliance against climate sceptic questioning. This is one of the main tasks the scientist for future are trying to tackle.","original_language":"eng","persons":["Bernhard Stoevesandt"],"tags":["36c3","10991","2019","Science","Main"],"view_count":11146,"promoted":false,"date":"2019-12-27T20:50:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-28T15:15:04.965+01:00","length":3813,"duration":3813,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10991-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10991-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10991-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10991-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10991-science_for_future","url":"https://api.media.ccc.de/public/events/170c8a30-2d88-406a-8b6e-4575a2cf156d","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"06928e7a-4459-4b07-8752-6f9a7697cd8b","title":"Speaking Fiction To Power","subtitle":"Strategies and tactics to ‘hack’ public spaces and social conventions","slug":"36c3-11234-speaking_fiction_to_power","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11234.html","description":"Louise Ashcroft will talk through strategies and tactics she uses to ‘hack’ public spaces and social conventions in order to suggest new ways of living which challenge rules and hierarchies. \n\nLouise Ashcroft is a performance artist and filmmaker whose playfully disruptive fieldwork in public spaces like shopping centres, trade fairs and the street) seek to challenge the socio-economic status-quo and reveal the absurdity of the power systems that govern how we live. For example, mailing boxes of soil from former public land to its new overseas owners, leading 'backwards shopping' workshops, smuggling strange products into supermarkets and attempting to buy them, or running conceptual cleaning services for people's hopes and dreams. Such public interventions are humorously retold in the form of stage performances. Louise has exhibited widely including at Arebyte Gallery, BQ Berlin, Latitude Festival, Supernormal Festival, Wellcome Collection, Museum of London and on BBC radio; residencies include Tate Learning, Camden Arts Centre, and Z.U.T Lisbon. Louise cofounded the free art school AltMFA and teaches art at Goldsmiths College. She hates capitalism but loves sneakers. ","original_language":"eng","persons":["Louise Ashcroft"],"tags":["36c3","11234","2019","Art \u0026 Culture","Main"],"view_count":668,"promoted":false,"date":"2019-12-29T22:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-12-12T05:00:05.889+01:00","length":2599,"duration":2599,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11234-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11234-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11234-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11234-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11234-speaking_fiction_to_power","url":"https://api.media.ccc.de/public/events/06928e7a-4459-4b07-8752-6f9a7697cd8b","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"fbfe920f-c312-4829-893b-1f68bddc80d9","title":"Protecting the Wild","subtitle":"Conservation Genomics between Taxonomy, Big Data, Statistics and IT-Security","slug":"36c3-11010-protecting_the_wild","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11010.html","description":"Conservation genomic approaches are crucial for establishing long-term sustainable conservation and management strategies for the protection of biodiversity and natural ecosystems. In this talk, the diverse and disparate fields of expertise and activism are presented, which are involved in building effective conservation genomic reference datasets and their infrastructures, analytical inference/prediction environments and operational tools for practical application. \n\nNatural ecosystems and biodiversity are lost at an alarming and accelerating rate due to anthropogenic (over-) exploitation, habitat destruction and climate change.\n\nConservation genomics promises to provide reliable and detailed insights into the current state of species and their interactions, as well as, the processes shaping their reactions to change. Such knowledge is urgently needed for forecasts of species’ responses under quickly and potentially unpredictably changing climatic and environmental conditions, as well as, sociopolitical changes and shifting patterns of economic (over-) exploitation. Conservation genomic insights will allow societies in dynamic contexts to come to adequate decisions and effective action in time.\n\nReliable, decisive and useful practical tools that are robust under real-world operational conditions are, for example, needed for genetic inventory and monitoring campaigns, by certification initiatives, for example in fisheries or forestry, and in forensic genetic case work enforcing legal protection. \n\nThe development and implementation of the building blocks for conservation genetic tools will involve the cooperation of experts, activists and citizen enthusiasts from many and, so far, often unconnected backgrounds and communities. These extensive projects will bring together experts from biodiversity science, bioinformatics, statistical genetics, machine learning and IT-security, as well as, citizen scientists and volunteers, conservation activists, stewards and managers of natural “resources”, and local communities.\n","original_language":"eng","persons":["Jutta Buschbom"],"tags":["36c3","11010","2019","Science","Main"],"view_count":289,"promoted":false,"date":"2019-12-29T11:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2025-12-16T17:00:06.700+01:00","length":3475,"duration":3475,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11010-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11010-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11010-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11010-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11010-protecting_the_wild","url":"https://api.media.ccc.de/public/events/fbfe920f-c312-4829-893b-1f68bddc80d9","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"cd883979-ca0a-4183-8052-aeace1115f99","title":"Geheimdienstliche Massenüberwachung vs. Menschenrechte","subtitle":null,"slug":"36c3-11141-geheimdienstliche_massenuberwachung_vs_menschenrechte","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11141.html","description":"Der Europäische Menschenrechtsgerichtshof beschäftigt sich nun schon seit Jahren mit der Frage, ob die durch Edward Snowden öffentlich bekanntgewordene geheimdienstliche Massenüberwachung mit der Europäischen Menschenrechtskonvention kompatibel ist. Wie ist der Stand der Dinge?\n\nDieses Jahr gab es zwei neuerliche Anhörungen in Straßburg, die sich mit der britischen und schwedischen Massenüberwachung durch die Geheimdienste auseinandersetzten. Im Vortrag werden die bisher gefällten Urteile und die neuen vorgetragenen Argumente beleuchtet.\n\nInsbesondere der britische Fall ist das erste Mal, dass der Gerichtshof nicht nur die Massenüberwachung an der Menschenrechtskonvention misst, sondern auch das Datenkarussell zwischen den Geheimdiensten, namentlich dem GCHQ und der NSA.\n\nWegen der schon Mitte Januar vom Bundesverfassungsgericht anberaumten mündlichen Anhörung zum BND-Gesetz wird sich ein Teil des Vortrags auch mit der deutschen geheimdienstlichen Massenüberwachung beschäftigen. Der CCC hat eine Stellungnahme zur Ausland-Ausland-Fernmeldeaufklärung abgegeben, deren Inhalt kurz zusammengefasst wird.\n\nOffenlegung: Ich bin eine der Beschwerdeführerinnen in dem britischen Fall.","original_language":"deu","persons":["Constanze Kurz"],"tags":["36c3","11141","2019","Ethics, Society \u0026 Politics","Main"],"view_count":16749,"promoted":false,"date":"2019-12-27T18:50:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-03-20T22:30:06.643+01:00","length":3744,"duration":3744,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11141-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11141-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11141-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11141-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11141-geheimdienstliche_massenuberwachung_vs_menschenrechte","url":"https://api.media.ccc.de/public/events/cd883979-ca0a-4183-8052-aeace1115f99","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"1f817e1c-c8cc-4d48-8215-a0d016360fd7","title":"A Deep Dive Into Unconstrained Code Execution on Siemens S7 PLCs","subtitle":null,"slug":"36c3-10709-a_deep_dive_into_unconstrained_code_execution_on_siemens_s7_plcs","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10709.html","description":"A deep dive investigation into Siemens S7 PLCs bootloader and ADONIS Operating System.\n\nSiemens is a leading provider of industrial automation components for critical infrastructures, and their S7 PLC series is one of the most widely used PLCs in the industry. In recent years, Siemens integrated various security measures into their PLCs. This includes, among others, firmware integrity verification at boot time using a separate bootloader code. This code is baked in a separated SPI flash, and its firmware is not accessible via Siemens' website. In this talk, we present our investigation of the code running in the Siemens S7-1200 PLC bootloader and its security implications. Specifically, we will demonstrate that this bootloader, which to the best of our knowledge was running at least on Siemens S7-1200 PLCs since 2013, contains an undocumented \"special access feature\". This special access feature can be activated when the user sends a specific command via UART within the first half-second of the PLC booting. The special access feature provides functionalities such as limited read and writes to memory at boot time via the UART interface. We discovered that a combination of those protocol features could be exploited to execute arbitrary code in the PLC and dump the entire PLC memory using a cold-boot style attack. With that, this feature can be used to violate the existing security ecosystem established by Siemens. On a positive note, once discovered by the asset owner, this feature can also be used for good, e.g., as a forensic interface for Siemens PLCs. The talk will be accompanied by the demo of our findings.","original_language":"eng","persons":["Ali Abbasi","Tobias Scharnowski"],"tags":["36c3","10709","2019","Security","Main"],"view_count":3659,"promoted":false,"date":"2019-12-27T16:10:00.000+01:00","release_date":"2020-01-01T01:00:00.000+01:00","updated_at":"2026-04-01T12:30:05.550+02:00","length":3747,"duration":3747,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10709-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10709-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10709-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10709-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10709-a_deep_dive_into_unconstrained_code_execution_on_siemens_s7_plcs","url":"https://api.media.ccc.de/public/events/1f817e1c-c8cc-4d48-8215-a0d016360fd7","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"2c870588-7b9e-4530-a352-f1e871252cec","title":"#mifail oder: Mit Gigaset wäre das nicht passiert!","subtitle":"DECT is korrekt.","slug":"36c3-10576-mifail_oder_mit_gigaset_ware_das_nicht_passiert","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10576.html","description":"Seit 2018 betreibt Eventphone ein neues Telefonsystem auf den chaosnahen Events. Natürlich wird neue Soft- und Hardware sofort zum Forschungsgegenstand. Schnell gab es die üblichen Fragen: Wie funktioniert das genau? Ist das alles an Features? Kann man das updaten? Kann man nicht kompatible Geräte vielleicht kompatibel machen? Was kann man noch verbessern? Ist das sicher?\n\nNatürlich haben wir Antworten und möchten unser Wissen mit euch teilen. Es gibt einen Überblick über DECT, kaputte Crypto™ und was man mit Kreativität daraus machen kann. Unser Anspruch ist, dass wir es so erklären, dass alle Zuschauerinnen und Zuschauer ein bisschen mehr über DECT wissen und mindestens einmal gelacht haben.\n\nSeit dem Easterhegg 2018 betreibt Eventphone das PoC (Phone Operation Center) mit neuer Hard- und Software. Wer ist Eventphone bzw. das PoC und was machen die? Neben vielen selbst entwickelten Komponenten nutzen wir eine DECT-over-IP-Lösung des kanadischen Telekommunikationsunternehmens Mitel. Wir geben euch eine Architekturübersicht der neuen Anlage und sprechen über Antennen, Software sowie Lizenzierung. Nachdem wir die größten Probleme, die wir mit dem alten System hatten, vollständig gelöst haben, schauten wir etwas genauer unter die Haube. Bei den ersten Analysen entdeckten wir einen unkritischen, aber witzigen Fehler, den wir euch zeigen wollen. Unser primäres Ziel war es, die Kompatibilität zu erhöhen, denn es gab einige Geräte, die trotz DECT-Standard nicht mit der Anlage funktionierten oder sich sehr sonderlich verhielten. Warum eigentlich? Wir fingen an, die Kommunikation der Geräte zu analysieren, und fanden heraus: Wer ein Byte verliert, hat acht Bit zu wenig. Es folgt: eine DECT-Anmeldung als Theaterstück. Aber halt! Ist das nicht alles verschlüsselt? Woher wisst ihr das? Es folgt: die Geschichte der Mitel Crypto und was daraus entstand: rfpproxy. Es folgt: eine DECT-Anmeldung mit rfpproxy als Theaterstück. Dann sammelten wir Metadaten und löschten sie wieder, mit Unterstützung der Feuerwehr. Und dann? Dann haben wir viel gespielt, analysiert und entwickelt. Weil die Zeit knapp ist zeigen wir euch 3 kleine Beispiele. Musik während des Telefonats über Vanity Number, die Akte AVM und Telefonbuchfunktionen. Am Ende geben wir euch Informationen zum Weitermachen sowie einen Ausblick. Außerdem wollen wir euch motivieren uns zu helfen. Wir hätten gern einen Wireshark Dissector. Stay connected!","original_language":"deu","persons":["zivillian","ST Kambor-Wiesenberg","LaForge"],"tags":["36c3","10576","2019","Hardware \u0026 Making","Main"],"view_count":3667,"promoted":false,"date":"2019-12-29T17:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-04-03T18:15:05.038+02:00","length":3246,"duration":3246,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10576-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10576-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10576-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10576-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10576-mifail_oder_mit_gigaset_ware_das_nicht_passiert","url":"https://api.media.ccc.de/public/events/2c870588-7b9e-4530-a352-f1e871252cec","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"6f45a5e7-d103-4011-b4d2-378c4f72a984","title":"Practical Cache Attacks from the Network and Bad Cat Puns","subtitle":null,"slug":"36c3-10884-practical_cache_attacks_from_the_network_and_bad_cat_puns","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10884.html","description":"Our research shows that network-based cache side-channel attacks are a realistic threat. Cache attacks have been traditionally used to leak sensitive data on a local setting (e.g., from an attacker-controlled virtual machine to a victim virtual machine that share the CPU cache on a cloud platform). With our attack called NetCAT, we show this threat extends to untrusted clients over the network, which can now leak sensitive data such as keystrokes in a SSH session from remote servers with no local access. The root cause of the vulnerability is a recent Intel feature called DDIO, which grants network devices and other peripherals access to the CPU cache. Originally, intended as a performance optimization in fast networks, we show DDIO has severe security implications, exposing servers in local untrusted networks to remote side-channel attacks.\n\nIncreased peripheral performance is causing strain on the memory subsystem of modern processors. For example, available DRAM throughput can no longer sustain the traffic of a modern network card. Scrambling to deliver the promised performance, instead of transferring peripheral data to and from DRAM, modern Intel processors perform I/O operations directly on the Last Level Cache (LLC). While Direct Cache Access (DCA) instead of Direct Memory Access (DMA) is a sensible performance optimization, it is unfortunately implemented without care for security, as the LLC is now shared between the CPU and all the attached devices, including the network card.\n\nIn this talk, we present the first security analysis of DDIO. Based on our analysis, we present NetCAT, the first network-based cache attack on the processor’s last-level cache of a remote machine. We show that NetCAT can break confidentiality of a SSH session from a third machine without any malicious software running on the remote server or client. The attacker machine does this by solely sending network packets to the remote server. netcat is also a famous utility that hackers and system administrators use to send information over the network. NetCAT is a pun on being able to read data from the network without cooperation from the other machine on the network. However, we received very mixed reactions on that pun. More details on this in the talk. \n\nThe vulnerability was acknowledged by Intel with a bounty and CVE-2019-11184 was assigned to track this issue. The public disclosure was on September 10, 2019. ","original_language":"eng","persons":["Michael Kurth"],"tags":["36c3","10884","2019","Security","Main"],"view_count":1072,"promoted":false,"date":"2019-12-27T22:30:00.000+01:00","release_date":"2019-12-28T01:00:00.000+01:00","updated_at":"2026-01-17T02:00:06.739+01:00","length":2535,"duration":2535,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10884-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10884-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10884-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10884-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10884-practical_cache_attacks_from_the_network_and_bad_cat_puns","url":"https://api.media.ccc.de/public/events/6f45a5e7-d103-4011-b4d2-378c4f72a984","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"1dc2e3b8-8437-4b1e-8252-412be2b6ec5a","title":"HUMUS sapiens","subtitle":"Open Soil Research","slug":"36c3-11043-humus_sapiens","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11043.html","description":"\u003cp\u003eHUMUS sapiens represents a compilation of soil explorations emerging from the networks of mikroBIOMIK, Hackteria, and Gasthaus – with the ambition to bring DIY (do-it-yourself) and DIWO(do-it-with-others) approaches as well as an open-source-based “hacker spirit” into soil ecology. Participants are invited to reflect on current scientific discourses and critical societal challenges through hands-on tinkering and curiosity-driven research.\u003c/p\u003e\n\n\u003cp\u003eFar more than just the dirt under our feet, soil is a truly complex and dynamic ecosystem. It is a constantly changing mix of minerals, living organisms, decaying organic matter, air, and water. It is the living skin of our planet, allowing new forms of life to come into being, incorporating the nutrients left there by organisms of the past. Soil is bursting with life and can be vastly different from one square centimeter to the next. From plants, earthworms, insects, and fungi to invisible amoeba, nematodes, algae, and bacteria – each creature provides their own essential role in the soil ecosystem. The shared nature of the soil habitat manifests not only through the highly interconnected so-called “soil food web” – which is mainly driven by microbial metabolism – but also in regard to humans and their dependence on the productivity of edible plants. It is this dependency that motivates Homo sapiens to manipulate natural ecosystems, while at the same time failing to understand them. Human impact on the soil, especially intensive agricultural practices (deforestation, overgrazing, use of agrochemicals, etc.) and urbanization, leads to compaction, loss of soil structure, nutrient degradation,and contamination – ultimately, the breaking down of these ecosystems and eroding of the soil to infertile desert.\u003c/p\u003e\n\n\u003cp\u003eHUMUS sapiens aims to reexamine these problems from an ecosystem's viewpoint and to support the paradigm shift from an anthropocentric ideology to a more biocentric philosophy of life.\u003c/p\u003e\n","original_language":"eng","persons":["Julian mikroBIOMIK.org","Moritz Chollet","Malte Larsen","Maya Minder"],"tags":["36c3","11043","2019","Resilience \u0026 Sustainability","Main"],"view_count":981,"promoted":false,"date":"2019-12-29T14:10:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-02-28T18:15:07.485+01:00","length":3771,"duration":3771,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11043-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11043-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11043-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11043-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11043-humus_sapiens","url":"https://api.media.ccc.de/public/events/1dc2e3b8-8437-4b1e-8252-412be2b6ec5a","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"2264aaad-2df6-545f-918c-cc5caea4e507","title":"Building Nextcloud Flow","subtitle":null,"slug":"36c3-oio-174-building-nextcloud-flow","link":"https://talks.oio.social/36c3-oio/talk/3JU7Y9/","description":"Nextcloud Flow is the overhauled workflow engine in upcoming Nextcloud 18. This talk describes how it evolved, how it works internally, and especially how own components can be built, so you can set up automatized tasks  in your Nextcloud.","original_language":"eng","persons":["Blizzz"],"tags":["36c3-oio","174","2019","Hardware \u0026 Making","OpenInfrastructureOrbit"],"view_count":3192,"promoted":false,"date":"2019-12-28T12:40:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-03-30T09:00:04.295+02:00","length":2192,"duration":2192,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/174-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/174-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/174-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/174-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-174-building-nextcloud-flow","url":"https://api.media.ccc.de/public/events/2264aaad-2df6-545f-918c-cc5caea4e507","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"da4cf268-c340-4f54-9498-19625cae3f03","title":"Die Affäre Hannibal","subtitle":"Eine erste Bilanz","slug":"36c3-11114-die_affare_hannibal","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/11114.html","description":"Sie sollen den Staat schützen, sind aber selbst eine Gefahr: Soldaten und Polizisten, die sich in Chat-Gruppen organisieren und auf den „Tag X“ vorbereiten. Mit aufwändigen Recherchen hat ein Team der taz ein bundesweites konspiratives Netzwerk aus Preppern und Staatsbediensteten aufgedeckt. Kopf war „Hannibal“, Elitesoldat beim Kommando Spezialkräfte – und Auskunftsperson für den Militärischen Abschirmdienst. Hier geben die ReporterInnen Einblick in die Recherche und zeigen, was aus ihren Berichten folgte. Oder auch nicht.\n\nEin Elitesoldat des Kommando Spezialkräfte, der bundesweit Chatgruppen und einen Verein namens „Uniter e.V.“ gründet, in dem paramilitärische Trainings abgehalten werden.\n\nEin SEK-Polizist und Prepper, der knapp 60.000 Schuss Munition hortet, die aus Polizeibeständen entwendet wurden.\n\nMänner, die Feindeslisten anlegen und offenbar planen, an einem „Tag X“ politische Gegner umzubringen.\n\nDrei Schlaglichter auf die mehr als zwei Jahre andauernde „Hannibal“-Recherche der taz. Sie führte in viele Felder: Hinein in Verfassungsschutzbehörden und Bundeswehr; hinaus aufs Land zwischen Mecklenburg-Vorpommern und Baden-Württemberg; auf Facebook-Profile philippinischer Politiker und in Telegram-Chats deutscher Verschwörer.\n\nAuf die Recherchen folgte Bestürzung, aber – zunächst – auch Belächeln. Sind diese Leute wirklich gefährlich oder doch bloß harmlose Spinner? \n\nIn diesem Talk geben zwei der ReporterInnen des taz-Teams einen Einblick in ihre Arbeit, berichten von Begegnungen mit Preppern mit Umsturzfantasien und Verfassungsschutzmitarbeitern, die im schwarzen Porsche Cayenne vorfahren. Sie berichten von Erfolgen bei der Online-Recherche und warum Hinfahren und an Türen klingeln am Ende doch unerlässlich ist.\n\nDie Journalisten schildern, was nach ihren Veröffentlichungen passiert ist: Im politischen Raum, in der Justiz – und welche Fragen noch offen sind. Warum etwa wird nicht wegen Bildung einer terroristischen Vereinigung ermittelt?\n\nVortrag von:\nSebastian Erb, Redakteur der taz am Wochenende \nDaniel Schulz, Leiter des Ressorts Reportage \u0026 Recherche der taz","original_language":"deu","persons":["Sebastian Erb","Daniel Schulz"],"tags":["36c3","11114","2019","Ethics, Society \u0026 Politics","Main"],"view_count":9539,"promoted":false,"date":"2019-12-29T12:50:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-04-01T22:15:05.134+02:00","length":3760,"duration":3760,"thumb_url":"https://static.media.ccc.de/media/congress/2019/11114-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/11114-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/11114-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/11114-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-11114-die_affare_hannibal","url":"https://api.media.ccc.de/public/events/da4cf268-c340-4f54-9498-19625cae3f03","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"4b6379f9-a6d9-5c3e-8af9-a9c1b1c04e95","title":"CloudCalypse 2: Social network with net2o [YBTI/wefixthenet session]","subtitle":null,"slug":"36c3-oio-162-cloudcalypse-2-social-network-with-net2o-ybti-wefixthenet-session-","link":"https://talks.oio.social/36c3-oio/talk/GUZH7V/","description":"Building a social network on top of net2o, and importing your existing data\n\nI've a dream: A peer-to-peer network, where services like search engines or social networks aren't offered by big companies, who in turn need to make money by selling the privacy of their users. Where all data is encrypted, so that access is only possible for people who have the key and really are authorized. Which layman can use without cryptic user interfaces. Where the browser is a platform for running useful applications without the mess of Flash and JavaScript. Without the lag of “buffer bloat” and without the speed problems of a protocol not designed to be assisted by hardware.\n\nThis dream is coming to reality: This talk will show how far I got, and what challenges still are ahead. The talk is in three parts:\n\n1. a short overview over net2o\n2. a demonstration of how the social network stuff looks like\n3. and an outlook over what needs to be done to make it a polished product","original_language":"eng","persons":["dvn","Bernd Paysan"],"tags":["36c3-oio","162","2019","Hardware \u0026 Making","OpenInfrastructureOrbit"],"view_count":362,"promoted":false,"date":"2019-12-28T21:20:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-03-09T09:30:07.028+01:00","length":3006,"duration":3006,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/162-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/162-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/162-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/162-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-162-cloudcalypse-2-social-network-with-net2o-ybti-wefixthenet-session-","url":"https://api.media.ccc.de/public/events/4b6379f9-a6d9-5c3e-8af9-a9c1b1c04e95","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"97f475af-aa2f-4be4-a17d-9f211d59d42f","title":"On the Edge of Human-Data Interaction with the Databox","subtitle":null,"slug":"36c3-10912-on_the_edge_of_human-data_interaction_with_the_databox","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10912.html","description":"In this talk I will report on Databox, the focus of a UK-based research collaboration between the University of Cambridge, the University of Nottingham, and Imperial College, with support from industrial partners including the BBC. Databox is an open-source software platform that seeks to embody the principles of Human-Data Interaction by enabling individuals to see and exercise dynamic control over what is done with their personal data. The research project has melded computer systems design with ethnomethodological approaches to Human-Computer Interaction to explore how such a platform can make use of personal data accountable to individuals. \n\n\n\nWe are all the subjects of data collection and processing systems that use data generated both about and by us to support many services. Means for others to use such data -- often referred to possessively as \"your data\" -- are only increasing with the long-heralded advent of the Internet of Things just the latest example. Simultaneously, many jurisdictions have regulatory and statutory instruments to govern the use of such data. Means to enable personal data management is thus increasingly recognised as a pressing societal issue.\n\nIn thinking about this complex space, we formulated the notion of Human-Data Interaction (HDI) which resulted in the Databox, a platform enabling an individual data subject to manage, log and audit access to their data by others. The fundamental architectural change Databox embodies is to move from copying of personal data by others for central processing in the cloud, to distribution of data analysis to a subject-controlled edge platform for execution. After briefly introducing HDI, I will present the Databox platform design, implementation and current status.\n","original_language":"eng","persons":["mort"],"tags":["36c3","10912","2019","Resilience \u0026 Sustainability","Main"],"view_count":261,"promoted":false,"date":"2019-12-29T17:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2025-02-24T19:30:03.970+01:00","length":3189,"duration":3189,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10912-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10912-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10912-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10912-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10912-on_the_edge_of_human-data_interaction_with_the_databox","url":"https://api.media.ccc.de/public/events/97f475af-aa2f-4be4-a17d-9f211d59d42f","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"afd7efb3-f594-4938-aa7f-5a42e54fbec7","title":"Warum 3D-gedruckte Kleidung NICHT die Zukunft ist","subtitle":null,"slug":"36c3-10672-warum_3d-gedruckte_kleidung_nicht_die_zukunft_ist","link":"https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10672.html","description":"3D-gedruckte Kleidungsstücke finden sich mittlerweile auf immer mehr Laufstegen in der Modebranche. Der Herstellungsprozess erlaubt gänzlich neue Abläufe und die Chance, durch mehrfache Materialverwendung und Abfallreduzierung nachhaltiger zu produzieren. Aber wie alltagstauglich und bequem sind diese Teile eigentlich? Wann ist ein Kleidungsstück überhaupt bequem? Welche Funktionen können 3D-gedruckte textile Flächen übernehmen – und welche nicht?\n\nDie Bekleidungsbranche ist eine der schädlichsten Industrien für unseren Planeten und unsere Gesellschaft. Additive Fertigungsverfahren scheinen eine Alternative zu umweltschädlicher Massenfertigung zu sein. Der Talk beantwortet Fragen nach Qualität und Nutzen 3D-gedruckter textiler Flächen und ob diese tatsächlich das Potential haben, die Bekleidungsindustrie nachhaltiger zu gestalten. Und ist es wirklich realistisch, dass wir bald alle zuhause einen 3D-Drucker stehen haben und uns morgens einen Pullover drucken?","original_language":"deu","persons":["Kurfuerstin"],"tags":["36c3","10672","2019","Hardware \u0026 Making","Main"],"view_count":2761,"promoted":false,"date":"2019-12-29T22:50:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2026-02-19T09:45:06.695+01:00","length":2445,"duration":2445,"thumb_url":"https://static.media.ccc.de/media/congress/2019/10672-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/10672-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/10672-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/10672-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-10672-warum_3d-gedruckte_kleidung_nicht_die_zukunft_ist","url":"https://api.media.ccc.de/public/events/afd7efb3-f594-4938-aa7f-5a42e54fbec7","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"eba30f37-4ed3-5e32-8654-b9840bc81228","title":"Bahn API Chaos","subtitle":null,"slug":"36c3-73-bahn-api-chaos","link":"https://fahrplan.chaos-west.de/36c3/talk/YDBKTM/","description":"Bahn API Chaos  \nWir schauen uns mal wieder Bahn APIs an.  \nDiesmal mehr Wagenreihungs Fakten und interessante unregelmäßigkeiten in den verschiedenen APIs.\nWarum zum Beispiel gibt es bei marudor.de ein \"isActuallyIC\" wenn doch eigentlich die Zuggattung mitkommt.  \nWarum gibt es \"realFahrtrichtung\" wenn es auch eine \"fahrtrichtung\" property gibt.\n\nUnregelmäßigkeiten in den Bahn APIs zwangen mich erfinderisch zu sein.  \nGleichzeitig ist es teils Abenteuerlich wie ich die unregelmäßigkeiten fand - die sind oft gar nicht so ersichtlich.  \n\nAuch versuchen wir zu erörtern warum die Sachen so sind, ist es ein technisches Problem? Ist es ein Datenproblem? Was könnte ein Auslöser sein? Wer ist dafür verantwortlich?\n\nGrundlage für alles ist marudor.de und die Entwicklung daran. Das bedeutet für mich mindestens 3 Jahre Erfahrung in Bahn APIs reverse engineeren und deuten wie gut die Qualität einzelner APIs ist. Dabei wurde nicht nur die Deutsche Bahn sondern auch verschiedene Verkehrsverbünde und Ausländische Bahnen angeschaut.","original_language":"deu","persons":["marudor"],"tags":["36c3-chaoswest","73","2019","The real basic about Bits and Nibbles","ChaosWest"],"view_count":2141,"promoted":false,"date":"2019-12-28T19:00:00.000+01:00","release_date":"2020-03-02T00:00:00.000+01:00","updated_at":"2026-02-18T11:45:08.316+01:00","length":3055,"duration":3055,"thumb_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/73-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/73-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/73-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/chaoswest/73-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-73-bahn-api-chaos","url":"https://api.media.ccc.de/public/events/eba30f37-4ed3-5e32-8654-b9840bc81228","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"61ab92a1-92e5-56ff-9fa8-bb1156c73988","title":"re:claimID - Self-sovereign, Decentralised Identity Management and Personal Data Sharing [YBTI/wefixthenet session]","subtitle":null,"slug":"36c3-oio-161-re-claimid-self-sovereign-decentralised-identity-management-and-personal-data-sharing-ybti-wefixthenet-session-","link":"https://talks.oio.social/36c3-oio/talk/XHLTUD/","description":"In this talk we present re:claimID, a decentralized, self-sovereign identity\nmanagement system. re:claimID allows users to reclaim authority over their\nidentities and personal data. The system is built on top if a\nstate-of-the-art, decentralized directory service: The GNU Name System.\nBuilt-in cryptographic mechanisms allow users to selectively disclose\npersonal data and the directory service ensures that this data is accessible\nto authorized parties even if the user is offline. Through OpenID Connect,\nintegration and use of re:claimID is straight-forward and authorization\nflows are familiar. In this talk, we present the current state of re:claimID\nas well as a future roadmap.\n\nToday, users are often required to share personal data, like email\naddresses, to use services on the web. As part of normal service operation,\nsuch as notifications or billing, services require access to -- ideally\nfresh and correct -- user data. Sharing attributes in the Web today is often\ndone via centralized service providers to reduce data redundancy and to give\nservices access to current, up-to-date information even if the user is\ncurrently offline. Abuse of this power is theoretically limited by local\nlaws and regulations. But, the past has shown that even well-meaning\nidentity providers struggle to keep user data safe as they become major\ntargets for hackers and nation state actors while striving for monetizing\nanonymized statistics from these data. We advocate for a new, decentralized\nway for users to manage their identities for the following reasons:\n\n*       The current state of omniscient identity providers is a significant\nthreat to the users' privacy.\n\n*       Users must completely trust the service provider with respect to\nprotecting the integrity and confidentiality of their identity in their\ninterest.\n\n*       The service provider itself is facing substantial liability risks\ngiven the responsibility of securely managing potentially sensitive personal\ndata of millions of users.\n\n \n\nWe present re:claimID, a decentralized identity service with the following\nproperties:\n\n*       Self-sovereign: You manage your identities and attributes locally on\nyour computer. No need to trust a third party service with your data.\n\n*       Decentralized: You can share your identity attributes securely over\na decentralized name system. This allows your friends to access your shared\ndata without the need of a trusted third party. \n\n*       Standard-compliant: You can use OpenID Connect to integrate reclaim\nin your web sites.","original_language":"eng","persons":["dvn"],"tags":["36c3-oio","161","2019","Ethics, Society \u0026 Politics","OpenInfrastructureOrbit"],"view_count":611,"promoted":false,"date":"2019-12-27T18:30:00.000+01:00","release_date":"2019-12-29T01:00:00.000+01:00","updated_at":"2026-01-17T16:00:11.916+01:00","length":2681,"duration":2681,"thumb_url":"https://static.media.ccc.de/media/congress/2019/oio/161-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/oio/161-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/oio/161-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/oio/161-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-oio-161-re-claimid-self-sovereign-decentralised-identity-management-and-personal-data-sharing-ybti-wefixthenet-session-","url":"https://api.media.ccc.de/public/events/61ab92a1-92e5-56ff-9fa8-bb1156c73988","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]},{"guid":"eaf59e9c-e60e-5a80-bd3b-b99ee146282e","title":"Gala Be Need Inn","subtitle":null,"slug":"36c3-94-gala-be-need-inn","link":"https://fahrplan.das-sendezentrum.de/36c3/talk/YNP9VN/","description":"Die Podcast Quizshow deren Name ein Anagram des Originals ist!\n\nIn dieser Show geht es um die Lösung hinter Fragen wie was ist ein Alarmstuhl, was ist Spritzgeld oder warum haben Züge aus Deutschland nach Frankreich Knallerbsen an Board! \n\nFür die ZuschauerInnen gibt es Spaß, für das Rate Team Alkohol.","original_language":"deu","persons":["MacSnider"],"tags":["36c3-sendezentrum","94","2019","DLF- und Podcast-Bühne","Sendezentrum"],"view_count":461,"promoted":false,"date":"2019-12-29T19:15:00.000+01:00","release_date":"2019-12-30T01:00:00.000+01:00","updated_at":"2025-01-14T09:45:03.635+01:00","length":3462,"duration":3462,"thumb_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/94-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/94-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/94-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2019/sendezentrum/94-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/36c3-94-gala-be-need-inn","url":"https://api.media.ccc.de/public/events/eaf59e9c-e60e-5a80-bd3b-b99ee146282e","conference_title":"36C3: Resource Exhaustion","conference_url":"https://api.media.ccc.de/public/conferences/36c3","related":[]}]}