{"acronym":"mrmcd101b","aspect_ratio":"4:3","updated_at":"2025-04-05T23:55:32.034+02:00","title":"MRMCD 101b","schedule_url":"","slug":"conferences/mrmcd/mrmcd101b","event_last_released_at":"2009-09-28T02:00:00.000+02:00","link":"","description":"","webgen_location":"conferences/mrmcd/mrmcd101b","logo_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b/MRMCD_2006-Logo.svg","images_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","recordings_url":"https://cdn.media.ccc.de/events/mrmcd/mrmcd101b","url":"https://api.media.ccc.de/public/conferences/mrmcd101b","events":[{"guid":"import-16b81408b8ec72018e","title":"Hacking fingerprint recognition systems","subtitle":"","slug":"mrmcd101b_-_Hacking_fingerprint_recognition_systems","link":"https://mrmcd101b.metarheinmain.de/fahrplan/events/1471.en.html","description":"Today biometric systems are becoming mainstream. They can be·\r\nfound everywhere. In mobile phones, computers, entrance systems even in ATMs.\r\nBecause of the low costs, small sizes and the alleged maturity mostly\r\nfingerprint sensors are used. But contrary to the assurance of the\r\nmanufacturers they are still very easy to hack with techniques invented\r\nthree years ago (see\r\nhttp://www.ccc.de/biometrie/fingerabdruck_kopieren?language=en).\r\nThe capacitive sensors built into the new generation of Thinkpad\r\ncomputer from IBM / Lenovo were one of the first implementing countermeasures·\r\nagainst this type of dummies. But counter measures only lead to new types of·\r\ndummies!·\r\nUsing this fingerprint system as an Example I want to explain the different\r\ntechniques of hacking biometric systems, from the attack on the\r\ncommunication and the stored reference data to the direct hack of the sensor·\r\nitself. The talk will present tools and ways to extract communication data to\r\nenhance dummy materials and a step by step approach to the final dummy finger·\r\nthat will defeat the sensor.","original_language":"eng","persons":["starbug"],"tags":["mrmcd"],"view_count":0,"promoted":false,"date":"2007-01-01T01:00:00.000+01:00","release_date":"2009-09-28T02:00:00.000+02:00","updated_at":"2021-01-02T20:31:30.438+01:00","length":3305,"duration":3305,"thumb_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b/mrmcd101b - Hacking fingerprint recognition systems.jpg","poster_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","timeline_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","thumbnails_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","frontend_link":"https://media.ccc.de/v/mrmcd101b_-_Hacking_fingerprint_recognition_systems","url":"https://api.media.ccc.de/public/events/import-16b81408b8ec72018e","conference_title":"MRMCD 101b","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd101b","related":[]},{"guid":"import-0d8239451007504f65","title":"The Hash Disaster","subtitle":"Recent Results on Cryptanalysis and their Implications on System Security","slug":"mrmcd101b_-_The_Hash_Disaster","link":"https://mrmcd101b.metarheinmain.de/fahrplan/events/1490.en.html","description":"A lot of actual results show that all widely used hash functions (MD4,MD5,SHA,SHA-1) are broken in a cryptographic sense.\r\n\r\nEven worse because of some internal design properties even practical attacks against MD*-based hash functions security systems could be shown. In this talk we discuss the cryptographic status and some first-aid workarounds. We also show the impossibility to establish a \"Trusted\" infrastructure based on a untrustable cryptographic function.","original_language":"eng","persons":["Rüdiger Weis"],"tags":["mrmcd"],"view_count":0,"promoted":false,"date":"2007-01-01T01:00:00.000+01:00","release_date":"2009-09-28T02:00:00.000+02:00","updated_at":"2021-01-02T20:29:11.238+01:00","length":3638,"duration":3638,"thumb_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b/mrmcd101b - The Hash Disaster.jpg","poster_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","timeline_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","thumbnails_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","frontend_link":"https://media.ccc.de/v/mrmcd101b_-_The_Hash_Disaster","url":"https://api.media.ccc.de/public/events/import-0d8239451007504f65","conference_title":"MRMCD 101b","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd101b","related":[]},{"guid":"import-08a6d7fa4984bc8a7f","title":"hackers int","subtitle":"der blick ueber den tellerrand - hacker auserhalb von deutschland","slug":"mrmcd101b_-_Hackers_Int","link":"https://mrmcd101b.metarheinmain.de/fahrplan/events/1408.en.html","description":"Der Blick über den Tellerrand - Hacker außerhalb von Deutschland.\r\n","original_language":"eng","persons":["mc.fly","Jens Ohlig","b9punk","Raoul Chiesa"],"tags":["mrmcd"],"view_count":0,"promoted":false,"date":"2007-01-01T01:00:00.000+01:00","release_date":"2009-09-28T02:00:00.000+02:00","updated_at":"2021-01-02T20:32:57.106+01:00","length":5950,"duration":5950,"thumb_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b/mrmcd101b - Hackers Int.jpg","poster_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","timeline_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","thumbnails_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","frontend_link":"https://media.ccc.de/v/mrmcd101b_-_Hackers_Int","url":"https://api.media.ccc.de/public/events/import-08a6d7fa4984bc8a7f","conference_title":"MRMCD 101b","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd101b","related":[]},{"guid":"import-3936e1a286f3d9ffb2","title":"Comparison of WAN IGP protocols","subtitle":"RSTP+flooding/learning for Ethernet, OSPFv2 for IPv4, and IS-IS for CLNP","slug":"mrmcd101b_-_Comparison_of_WAN_IGP_protocols","link":"https://mrmcd101b.metarheinmain.de/fahrplan/events/1400.en.html","description":"Most companies with large WANs use either RSTP+flooding/learning or OSPFv2·\r\nfor two purposes: to route around network link failures, and to\r\nautomatically find the correct path to a destination address on a\r\nlarge network with many hops.  Including RSTP in the comparison is a\r\nrealistic acknowledgement of the way L2 switching is abused these·\r\ndays.  Including OSI in the comparison should reveal some habitually\r\nirritating aspects of switched IP networks that are mere accidents of\r\nhistory, and others that are more fundamental.\r\n\r\nI'll provide background about how Ethernet switching works, what is an\r\nIGP, and what the now mostly-abandoned supposed-future OSI world feels\r\nlike.\r\n\r\nIGP's are not just for fault-resilience.  They also function as a network\r\nmanagement protocol: like SNMP, it's impractical to deal with a very\r\nlarge network without using an IGP.\r\n\r\nThe talk will not discuss EGP's, exterior gateway protocols like BGP.\r\nAll these IGP's are used within one administrative domain.  They are\r\nnever used between one ISP and another, nor between a customer and his\r\nISP.\r\n\r\nI say ``loosely about'' because I'll be introducing three protocols,\r\nonly one of which is an IGP in common use on today's Internet:\r\n\r\n * RSTP + flooding/learning.  L2 switches use a combination of RSTP\r\n   and the flooding/learning system to route Ethernet frames.  They\r\n   can route traffic around a failed link, and they can direct traffic\r\n   toward a wireless user that's roaming among access points.\r\n\r\n * OSPF.  This is the standard routing protocol for IPv4.  There are\r\n   other important/popular ones like 'Integrated IS-IS' and 'EIGRP',\r\n   but OSPF is the best example and probably the most popular.  ISP's\r\n   and big companies use this protocol to route around the failure of\r\n   WAN links within their own networks, and to manage their large\r\n   networks.\r\n\r\n * IS-IS.  This is _the_ routing protocol for the ISO/OSI CLNP\r\n   (ConnectionLess Network Protocol).  OSI networking was designed\r\n   many years ago through expensive necktie conferences in mountain·\r\n   resort towns, and proposed as the replacement for\r\n   IP on the future Internet.  It included CLNP which was analagous to\r\n   IP.  No one fell for it.  At least, no one uses it at the edge,\r\n   although it's still used ubiquitously, I'm not sure how exactly, on\r\n   most Sonet/SDH rings.  More importantly, almost everything\r\n   complicated and difficult at the core of the modern Internet right\r\n   now is a simplified/adapted version of some earlier OSI Master\r\n   Vision which you can find referenced in the bibliography of the\r\n   relevant IETF RFC.  The difficult algorithmic and conceptual pieces·\r\n   in BGP, OSPF, LDAP, and many other things, are borrowed from OSI·\r\n   standards.\r\n\r\nI want to teach people about these three protocols for two reasons.··\r\nFirst, what's similar and what's different about\r\nthe three types of routing?  How, and with what limitations, do small\r\nand large networks route around failures?  Second, which limitations\r\nare abstract, essential problems of network routing, and which are\r\nquirks of a particular implementation that has become overwhelmingly\r\ndominant, like IP or L2 switching.\r\n\r\nI think most people don't really understand how L2 switches\r\nwork---they just think ``they're like hubs, only better.''  Switches\r\nunfortunately fall a bit short of that ideal lego-networking model.··\r\nNow that such a bastard hack has attained such prominence in large·\r\nnetworks, I think we should have a second look at switches with the·\r\naim of borrowing ideas from them, like how most of the modern Internet's·\r\nnew ideas are borrowed from OSI.\r\n\r\nAlso, we've become accustomed to IPv4 networks where there is a strict·\r\nrule: if you move to a different part of the L3 network, you have to·\r\nchange your end system's IP address to match the new subnet.  OSI CLNP·\r\ndoes not work that way.  I think this will surprise and interest many·\r\npeople, as it did me.\r\n\r\nI think the talk will broaden people's minds by introducing three\r\nstandards central to our Internet heritage of which most people have\r\nvaguely heard, but have no idea how they work or even exactly what\r\nthey are.  Optimistically it'll help them think about new\r\npossibilities for how to design large networks and protocols, and will\r\nhelp them do it in a more historically grounded way than the usual\r\ncreativity-heavy bikeshed moment of ``I've just invented this great·\r\nidea for a new kind of peer-to-peer filesharing network!  see, it's·\r\nshaped like a tetrahedron, and when one node `drops out', then·\r\nthere's the `discovery phase,' to replace it, and...''","original_language":"eng","persons":["Miles Nordin"],"tags":["mrmcd"],"view_count":0,"promoted":false,"date":"2007-01-01T01:00:00.000+01:00","release_date":"2009-09-28T02:00:00.000+02:00","updated_at":"2021-01-02T20:34:52.810+01:00","length":6233,"duration":6233,"thumb_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b/mrmcd101b - Comparison of WAN IGP protocols.jpg","poster_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","timeline_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","thumbnails_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","frontend_link":"https://media.ccc.de/v/mrmcd101b_-_Comparison_of_WAN_IGP_protocols","url":"https://api.media.ccc.de/public/events/import-3936e1a286f3d9ffb2","conference_title":"MRMCD 101b","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd101b","related":[]},{"guid":"import-b17c23649737fcc712","title":"3 ... 2 ... 1 .... meins","subtitle":"Hacken fuer Jedermann","slug":"mrmcd101b_-_3_____2_____1_____meins","link":"https://mrmcd101b.metarheinmain.de/fahrplan/events/1468.en.html","description":"","original_language":"eng","persons":["Lexi Pimendis"],"tags":["mrmcd"],"view_count":0,"promoted":false,"date":"2007-01-01T01:00:00.000+01:00","release_date":"2009-09-28T02:00:00.000+02:00","updated_at":"2021-01-02T20:35:59.702+01:00","length":1723,"duration":1723,"thumb_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b/mrmcd101b - 3 ... 2 ... 1 ... meins.jpg","poster_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","timeline_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","thumbnails_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","frontend_link":"https://media.ccc.de/v/mrmcd101b_-_3_____2_____1_____meins","url":"https://api.media.ccc.de/public/events/import-b17c23649737fcc712","conference_title":"MRMCD 101b","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd101b","related":[]},{"guid":"import-996cfd6dac2af3492c","title":"Abschlussveranstaltung","subtitle":"Wie war's, was ist passiert...","slug":"mrmcd101b_-_Abschlussveranstaltung","link":"https://mrmcd101b.metarheinmain.de/fahrplan/events/1264.en.html","description":"","original_language":"eng","persons":["mc.fly","Flex"],"tags":["mrmcd"],"view_count":0,"promoted":false,"date":"2007-01-01T01:00:00.000+01:00","release_date":"2009-09-28T02:00:00.000+02:00","updated_at":"2021-01-02T20:35:32.618+01:00","length":908,"duration":908,"thumb_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b/mrmcd101b - Abschlussveranstaltung.jpg","poster_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","timeline_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","thumbnails_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","frontend_link":"https://media.ccc.de/v/mrmcd101b_-_Abschlussveranstaltung","url":"https://api.media.ccc.de/public/events/import-996cfd6dac2af3492c","conference_title":"MRMCD 101b","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd101b","related":[]},{"guid":"import-7f543007ea360a56e4","title":"Sicherheit und Angreifbarkeit heutiger Applikationen","subtitle":"","slug":"mrmcd101b_-_Sicherheit_und_Angreifbarkeit_heutiger_Applikationen","link":"https://mrmcd101b.metarheinmain.de/fahrplan/events/1465.en.html","description":"","original_language":"eng","persons":["FX of Phenoelit"],"tags":["mrmcd"],"view_count":0,"promoted":false,"date":"2007-01-01T01:00:00.000+01:00","release_date":"2009-09-28T02:00:00.000+02:00","updated_at":"2021-01-02T20:27:17.571+01:00","length":3081,"duration":3081,"thumb_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b/mrmcd101b - Sicherheit und Angreifbarkeit heutiger Applikationen.jpg","poster_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","timeline_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","thumbnails_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","frontend_link":"https://media.ccc.de/v/mrmcd101b_-_Sicherheit_und_Angreifbarkeit_heutiger_Applikationen","url":"https://api.media.ccc.de/public/events/import-7f543007ea360a56e4","conference_title":"MRMCD 101b","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd101b","related":[]},{"guid":"import-6f6b1744f703730b42","title":"Eröffnungsveranstaltung","subtitle":"Willkommen zu den metarheinmain chaosdays","slug":"mrmcd101b_-_Eroeffnungsveranstaltung","link":"https://mrmcd101b.metarheinmain.de/fahrplan/events/1263.en.html","description":"Eroeffnungsveranstaltung der mrmcd101b.\r\n","original_language":"eng","persons":["mc.fly","Flex","Julian 'codemonk'"],"tags":["mrmcd"],"view_count":0,"promoted":false,"date":"2007-01-01T01:00:00.000+01:00","release_date":"2009-09-28T02:00:00.000+02:00","updated_at":"2021-01-02T20:34:04.502+01:00","length":1300,"duration":1300,"thumb_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b/mrmcd101b - Eroeffnungsveranstaltung.jpg","poster_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","timeline_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","thumbnails_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","frontend_link":"https://media.ccc.de/v/mrmcd101b_-_Eroeffnungsveranstaltung","url":"https://api.media.ccc.de/public/events/import-6f6b1744f703730b42","conference_title":"MRMCD 101b","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd101b","related":[]},{"guid":"import-288c74343fbab81c89","title":"Geek Mafia","subtitle":"Rick Dakan liest aus seinem Buch Geek Mafia","slug":"mrmcd101b_-_Geek_Mafia","link":"https://mrmcd101b.metarheinmain.de/fahrplan/events/1407.en.html","description":"","original_language":"eng","persons":["Rick Dakan"],"tags":["mrmcd"],"view_count":0,"promoted":false,"date":"2007-01-01T01:00:00.000+01:00","release_date":"2009-09-28T02:00:00.000+02:00","updated_at":"2021-01-02T20:33:19.691+01:00","length":2135,"duration":2135,"thumb_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b/mrmcd101b - Geek Mafia.jpg","poster_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","timeline_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","thumbnails_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","frontend_link":"https://media.ccc.de/v/mrmcd101b_-_Geek_Mafia","url":"https://api.media.ccc.de/public/events/import-288c74343fbab81c89","conference_title":"MRMCD 101b","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd101b","related":[]},{"guid":"import-2772630a4ef636c476","title":"Nintendo DS","subtitle":"Fakten und Anderes","slug":"mrmcd101b_-_Nintendo_DS","link":"https://mrmcd101b.metarheinmain.de/fahrplan/events/1467.en.html","description":"Nintendo DS vorstellen, Flashen, Hacken.  Bringt euren NDS mit!","original_language":"eng","persons":["Marcel Klein","Mario Manno"],"tags":["mrmcd"],"view_count":0,"promoted":false,"date":"2007-01-01T01:00:00.000+01:00","release_date":"2009-09-28T02:00:00.000+02:00","updated_at":"2021-01-02T20:30:22.924+01:00","length":2564,"duration":2564,"thumb_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b/mrmcd101b - Nintendo DS.jpg","poster_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","timeline_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","thumbnails_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","frontend_link":"https://media.ccc.de/v/mrmcd101b_-_Nintendo_DS","url":"https://api.media.ccc.de/public/events/import-2772630a4ef636c476","conference_title":"MRMCD 101b","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd101b","related":[]},{"guid":"import-ea934ea3b0194459a1","title":"Hacktivismus und die Möglichkeiten politischer Einflussnahme","subtitle":"","slug":"mrmcd101b_-_Hacktivismus_und_die_Moeglichkeiten_politischer_Einflussnahme","link":"https://mrmcd101b.metarheinmain.de/fahrplan/events/1399.en.html","description":"\r\n","original_language":"eng","persons":["fukami"],"tags":["mrmcd"],"view_count":0,"promoted":false,"date":"2007-01-01T01:00:00.000+01:00","release_date":"2009-09-28T02:00:00.000+02:00","updated_at":"2021-01-02T20:31:01.825+01:00","length":3529,"duration":3529,"thumb_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b/mrmcd101b - Hacktivismus und die Moeglichkeiten politischer Einflussnahme.jpg","poster_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","timeline_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","thumbnails_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","frontend_link":"https://media.ccc.de/v/mrmcd101b_-_Hacktivismus_und_die_Moeglichkeiten_politischer_Einflussnahme","url":"https://api.media.ccc.de/public/events/import-ea934ea3b0194459a1","conference_title":"MRMCD 101b","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd101b","related":[]},{"guid":"import-c1895fa3f2553ad9fe","title":"X.25 (in)security in 2006: having phun with it","subtitle":"Actual present, next future \u0026 field experiences analysis of an underestimated (and still actual) security issue.","slug":"mrmcd101b_-_X_25_(in)security_in_2006:_having_phun_with_it","link":"https://mrmcd101b.metarheinmain.de/fahrplan/events/1364.en.html","description":"The presentation will focus on X.25 security issues, positioned in nowadays’ contest and problems. The main intention is to bring personal and professional know-hows, backgrounds and X.25 penetration testing experiences to the auditorium, with real-life case studies. You will discover how an airplane flying over the Atlantic Ocean uses X.25 packet switching to communicate with the outside world, as well as why many government institutions around the world still uses the reliable frame-relay X.25 networks.","original_language":"eng","persons":["Raoul Chiesa"],"tags":["mrmcd"],"view_count":0,"promoted":false,"date":"2007-01-01T01:00:00.000+01:00","release_date":"2009-09-28T02:00:00.000+02:00","updated_at":"2021-01-02T20:29:47.604+01:00","length":6708,"duration":6708,"thumb_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b/mrmcd101b - X.25 (in)security in 2006: having phun with it.jpg","poster_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","timeline_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","thumbnails_url":"https://static.media.ccc.de/media/conferences/mrmcd/mrmcd101b","frontend_link":"https://media.ccc.de/v/mrmcd101b_-_X_25_(in)security_in_2006:_having_phun_with_it","url":"https://api.media.ccc.de/public/events/import-c1895fa3f2553ad9fe","conference_title":"MRMCD 101b","conference_url":"https://api.media.ccc.de/public/conferences/mrmcd101b","related":[]}]}