media.ccc.de
34C3 - Social Bots, Fake News und Filterblasen
updated
derPUPE
Mullana
https://events.ccc.de/congress/2023/hub/event/37c3_feierlicher_abschluss/
#37c3 #CCC
Many teams work hard to arrange the event, this talk allows them to show what they did and who they are.
nicoduck et. all
https://events.ccc.de/congress/2023/hub/event/37c3_infrastructure_review/
#37c3 #CCC
Security Of Railway Communication Protocols
The railway communication network looks different from your standard corporate IT. Its hardware, software and protocols have many peculiarities since it is an old, distributed, fragmented and highly standardised system. This creates problems when trying to introduce state-of-the-art IT security, and then there is the mindset: "But we always have done it this way!"
Although railways are one of the safest means of travel, they are not the most secure. What are railway engineers and IT experts fighting about? We will elaborate on the terms: Sicherheit, safety, security, and funktionale Sicherheit; and their implications.
The first railways were closed systems where employees had visual contact with the equipment. With the increasing amount of software and network growth, IT security is becoming a major concern. On the other hand, railway systems are made from various components with real-time and dependability requirements, and proprietary protocols, resulting in some security via obscurity. The main difference from other systems is the high degree of standardisation necessary for obtaining a permit. Consequently, changes take time and effort, resulting in the longevity of protocols.
This talk explains railway-specific protocols, such as GSM-R, RaSTA, and ETCS/ERMTS, their security model and known attacks. Nothing of this is new, but still, it is widely unknown.
So, join the talk, have fun, and learn how to stop a train - which is much simpler than starting one.
Katja Assaf
https://events.ccc.de/congress/2023/hub/event/why_railway_is_safe_but_not_secure/
#37c3 #Security
Die rapide Entwicklung autonomer Waffensysteme wirft drängende ethische und rechtliche Fragen auf. Ihre Anwendung hat kann weitreichende Auswirkungen auf militärische und zivile Bereiche haben. Der Vortrag beleuchtet die Technologien hinter dieser tödlichen Autonomie und veranschaulicht, wie die Kunstfreiheit von der Industrie angeignet wird, um Überwachungs und Militärtechnologie voranzutreiben. Welche Verwantwortung haben wir als Künstler\*innen, wenn wir digitale Werkzeuge verwenden ? Müssen wir stärker denn je unser Werkzeug und die Partner hinterfragen, denen wir helfen könnten, ihre tötlichen Technologien voranzutreiben ?
Mit der raschen Entwicklung und Verbreitung von Roboterwaffen fangen Maschinen an, den Platz des Menschen auf dem Schlachtfeld einzunehmen. Einige Expertinnen aus Militär und Robotik schätzen, dass „Killerroboter" – vollständig autonome Waffen, die ganz ohne menschliches Eingreifen Ziele selektieren und angreifen können – innerhalb von 10 bis 15 Jahren entwickelt werden könnten. Aktuelle Beurteilungen des Militärs sagen aus, dass der Mensch immer eine gewisse Aufsicht über die Entscheidungen hat, tödliche Gewalt anzuwenden, jedoch lassen diese Aussagen oft die Möglichkeit offen, dass autonome Systeme eines Tages selbst die Fähigkeit haben, solche Entscheidungen aus eigener Kraft zu treffen, und somit der Mensch aus dem Entscheidungsprozess herausgenommen wird.
In diesem Zusammenhang ist es wahrscheinlich, dass autonome Systeme in naher Zukunft auch in Drohnen und Systemen zum Einsatz kommen, die auf hoher See, an Land und im Weltall autonom operieren können. Und während die Drohnentechnologie als solche keine völkerrechtlichen Probleme bereitet, ist es im Falle von autonomen Waffensystemen, bei denen Entscheidungen über Leben und Tod an Maschinen delegiert werden sollen, die Technik selbst, die grundlegende ethische und (völker-)rechtliche Fragen aufwirft.
Die Kriegssituation ist eine Welt der Algorithmen. Die Kunst ist der Anwalt der Gegen Algorithmen.
Durch die Entwicklunge in diesem Bereich haben sich durch eine vielzahl an Ereignissen Akteure in Stellung gebracht und versuchen unter anderem mit Hilfe der Kunstfreiheit ihre Technologien in Europa zu verbreiten. Der Vortrag möchte aufzeigen, welche Künstlerischen Möglichkeiten es gegen den "Krieg der Algorithmen" gibt und die Frage aufwerfen, welche Verantwortung wir als Künstler\*innen bei der Nutzung von Technologie haben. Wir müssen stärker den je unser Werkzeug und die Partner hinterfragen, denen wir helfen könnten, ihre Technologien voranzutreiben.
Simon Weckert
https://events.ccc.de/congress/2023/hub/event/zapfenstreich/
#37c3 #ArtBeauty
Mehr als nur Lärm: Ein Sprint vom kleinen Audio-Einmaleins bis zum Phasealignment mit FFT-Analyzer
Mehr als nur Lärm: Ein Sprint vom kleinen Audio-Einmaleins bis zum Phasealignment mit FFT-Analyzer
Von “Disco Dieter” bis zur ausgewachsenen Stadioninstallation - gegen physikalische Grundprinzipien kann man wenig tun. Manchmal kann man Sie für sich nutzen, meistens geht man Kompromisse ein. Oft lässt sich mit einfachen Mitteln Sound verbessern.
Was ist zu tun gegen störendes Brummen? Wie versteht man Sensitivity und Gainstruktur? Was bedeutet eigentlich 'Phase'? Und wie positioniert man Subwoofer optimal? In diesem Vortrag möchte ich solche und weitere häufig auftretende Probleme bei der Verwendung von Tontechnik und Lautsprechern beleuchten. Ziel ist es, praxisnahe Lösungen und Tipps zu präsentieren, um das Beste aus deinem nächsten Projekt herauszuholen und gängige Herausforderungen erfolgreich zu meistern.
Veit
https://events.ccc.de/congress/2023/hub/event/sonic_alchemy/
#37c3 #HardwareMaking
Breaking and fixing the Bluetooth standard. One More Time.
Ciao! We present the BLUFFS attacks (CVE-2023-24023), six novel attacks breaking Bluetooth's forward and future secrecy. Our attacks enable device impersonation and machine-in-the-middle across sessions by compromising and re-using one session key. We discuss the four vulnerabilities in the Bluetooth specification enabling the attacks, two of which are new and related to unilateral and repeatable session key derivation. We describe the toolkit we developed and open-sourced to test our attacks via firmware binary patching, our experiments where we exploited 18 heterogeneous Bluetooth devices, and the practical and backward-compliant session key derivation protocol we built to fix the attacks by design. We also cover related work like KNOB, BIAS, and BLUR, and educational Bluetooth security tips and tricks.
Bluetooth is a pervasive technology for wireless communication.
Billions of devices use it in sensitive applications and to exchange
private data. The security of Bluetooth depends on the Bluetooth
standard and its two security mechanisms: pairing and session establishment. No prior work, including the standard itself, analyzed the future and forward secrecy guarantees of these mechanisms, e.g., if Bluetooth pairing and session establishment defend past
and future sessions when the adversary compromises the current.
To address this gap, we present six novel attacks, defined as the
BLUFFS attacks, breaking Bluetooth sessions’ forward and future
secrecy. Our attacks enable device impersonation and machine-in-the-middle across sessions by only compromising one session key. The attacks exploit two novel vulnerabilities that we uncover in the Bluetooth standard related to unilateral and repeatable session key derivation. As the attacks affect Bluetooth at the architectural level, they are effective regardless of the victim’s hardware and software details (e.g., chip, stack, version, and security mode).
We also release BLUFFS, a low-cost toolkit to perform and automatically check the effectiveness of our attacks. The toolkit employs seven original patches to manipulate and monitor Bluetooth session key derivation by dynamically patching a closed-source Bluetooth firmware that we reverse-engineered. We show that our attacks have a critical and large-scale impact on the Bluetooth ecosystem, by evaluating them on seventeen diverse Bluetooth chips (eighteen devices) from popular hardware and software vendors and supporting the most popular Bluetooth versions. Motivated by our empirical findings, we develop and successfully test an enhanced key derivation function for Bluetooth that stops by-design our six attacks and their four root causes. We show how to effectively integrate our fix into the Bluetooth standard and discuss alternative implementation-level mitigations. We responsibly disclosed our contributions to the Bluetooth SIG.
Daniele Antonioli
https://events.ccc.de/congress/2023/hub/event/bluffs_bluetooth_forward_and_future_secrecy_attacks_and_defenses/
#37c3 #Security
Frühes digitales Kulturerbe aufbereiten für Forschung und Communities
Diskettenmagazine waren frühe elektronische Multimedia-Journale der 1980er und 1990er Jahre, die auf Diskette verbreitet wurden und nur auf den jeweils passenden Geräten benutzbar waren. Bibliotheken und Archive haben diese sogenannten „Diskmags" damals nicht berücksichtigt, mittlerweile stellen die ca. 2.500 Magazine aber eine wertvolle Quelle für die Forschung und die Diskmags-Communities dar. Das vorgestellte Projekt baut einen Katalog auf und macht Texte durchsuchbar.
Ein kleines Forschungsprojekt hat sich der großen Aufgabe gewidmet, einen internationalen und systemübergreifenden Katalog zu Diskettenmagazinen der 1980er und 1990er Jahre zu erarbeiten und außerdem eine zunächst deutschsprachige Textsammlung ihrer Inhalte zu erstellen. Es liefert damit eine Grundlage für die Erforschung der frühen digitalen Zine-Kultur und ermöglicht den verschiedenen Szenekreisen, ein Stück weit in ihre eigenen Geschichten einzutauchen. Der Katalog wuchs weit schneller als zunächst angenommen und umfasst inzwischen Nachweise zu 2.500 Magazinen und mehr als 20.000 Einzelausgaben. Bei der Textsammlung gilt es, unter anderem Kompressionsverfahren zu identifizieren und Character-Mappings herzustellen, um Unicode-kompatible Texte erzeugen zu können. Aber auch die Communities helfen mit. Wie lassen sich dabei die verschiedenen rechtlichen Fragen lösen, die Urheberschaft, Leistungsschutz und Persönlichkeitsschutz betreffen? Und wie kann die Langlebigkeit des Katalogs und der Textsammlung sichergestellt werden?
Torsten Roeder
https://events.ccc.de/congress/2023/hub/event/das_diskmags-projekt/
#37c3 #ArtBeauty
A gentle introduction to place & route algorithms for digital integrated circuits
After a brief introduction to digital circuits this talk will outline placement and routing algorithms used for creating digital integrated circuits.
This talk introduces the algorithms used for placement and routing of digital integrated circuits.
The talk does \*not\* cover:
\* high-level circuit design (The art of creating meaningful circuits. Often done with languages like Verilog, VHDL, SpinalHDL, Chisel, Amaranth, etc )
\* logic synthesis (Converts the high-level description into a graph-like circuit description, called netlist)
Place-and-route refers to the transformation of a graph-like circuit description (netlist) into a geometrical representation of the circuit (layout).
The netlist is typically produced by logic synthesis. The netlist consists of many sub-circuits, so called "standard-cells" but also "macro cells".
Standard-cells implement simple logic functions such as inverters, logical "and", "nand", "xor", and storage elements.
The netlist may also import larger pre-compiled macro cells such as SRAM blocks.
For a physical implementation of the circuit, the sub-circuits need to be placed on the chip surface and need to be connected (routed) using metal wires.
Transforming the netlist into a layout typically requires the following input data:
\* A netlist of the circuit, of course.
\* A set of constraints: For example the desired clock frequency and area of the circuit.
\* Design rules: A set of constraints required for successful fabrication. This typically involves geometrical constraints such as minimum width and spacing of metal wires.
\* A standard-cell library: This is a set of building-blocks usually used to assemble the circuit. The library contains the geometrical layout of the standard-cells and also information about their timing behavior.
Then the following steps convert the input data into a layout:
\* IO-planning: Decide where to put the input and output pins of the circuit.
\* Floor-planning: Decide how to geometrically arrange various parts of a larger system.
\* Power distribution: Insert regular rows of metallic power-rails which supply the standard-cells with energy
\* Global placement: Decide where to roughly place the standard-cells such that the wiring will short and possible
\* Tie-cell insertion: Provide constant 0 and 1 signals, where needed.
\* Clock-tree synthesis: Storage elements typically need a clock-signal. Often the clock signal needs to be distributed to a large number of storage elements.
\* Detail placement: Do fine-tuning, such as snapping the standard-cells to a grid
the signal propagation delay from the clock source to the storage elements should be more-or-less equally distributed.
\* Optimizations to meet timing requirements: Some signals might be too slow or to fast. There's a variety of techniques to improve this, such as amplifying signals with buffers.
\* Routing: The placed cells need to be connected with metal wires.
\* Filler insertion: fill unused space for example with capacitors to stabilize the supply voltage
\* Verification: Make sure all constraints are met. Otherwise, try to fix the circuit and repeat above steps in order to converge to a valid solution.
This talk will focus on a widely used algorithm for global placement and introduces basic principles of routing algorithms.
Thomas
https://events.ccc.de/congress/2023/hub/event/place_route_on_silicon/
#37c3 #HardwareMaking
How belarusian authoritarian regime is using technologies to repress it's population
With dropping costs of surveillance smaller authoritarian regimes are gaining easier access to different "out of the box" security solutions used mainly to further oppress people. On example of Belarus we will see the future that awaits people in many different parts of the world if things don't change fast.
Republic of Belarus is ruled for last 29 years by authoritarian president Alexander Lukashenko. From the deputy chief of collective farm in USSR to the longest president in Europe, he continues to navigate complicated political scene between Russia/EU/US for his own advantage.
Not even close to any technological sector through help of many Lukashenko turned Belarus into IT country with a lot western countries using developers from the dictatorship for their own project.
This presentation is about how the soviet modelled dictatorship managed to transform into technological authoritarian regime, where people are monitored and controlled of their loyalty to the regime, while also continuing a massive wave of repressions started from uprising against Alexander Lukashenko in 2020.
The presentation is made by a member of ABC-Belarus - a political solidarity organization from Belarus, working on supporting prisoners and developing security culture among street activists.
ABC Belarus
ABC-Belarus 2
https://events.ccc.de/congress/2023/hub/event/tractors_rockets_and_the_internet_in_belarus/
#37c3 #EthicsPoliticsSociety
beyond the trivial
In this talk, we delve into the captivating realm of TCP/IP stack fuzzing. As the backbone of internet communication, the TCP/IP stack is a prime target for cyber threats. This presentation will unravel the intricacies of fuzzing techniques applied to several TCP/IP stacks, shedding light on how these methodologies can uncover bugs, crashes and vulnerabilities. From the fundamentals of packet fuzzing to advanced mutation strategies, attendees will gain valuable insights into the proactive ways to fuzz a TCP/IP stack. Whether you're a seasoned cybersecurity professional or a curious enthusiast, this talk promises to be an enlightening journey into the heart of TCP/IP stack security and the crucial role of fuzzing in safeguarding our interconnected world.
Our exploration begins with an honest appraisal of traditional fuzzing methodologies that have been applied to TCP/IP stacks before, like ISIC, revealing their inherent limitations, e.g., they can't reach beyond the TCP initial state. Recognizing the need for a more evolved approach, we take a different approach, where we leverage a full-blow active network connection for fuzzing. A key revelation in this journey is the deliberate decision to sidestep the arduous task of constructing a custom TCP/IP stack, a choice rooted in practical considerations.
The reluctance to build a bespoke TCP/IP stack leads us to innovative strategies such as embedding hooks in the Linux kernel and tapping into userland TCP/IP stacks like PyTCP, Netstack (part of Google gVisor), and PicoTCP. PicoTCP takes center stage, offering a userland TCP/IP stack that becomes integral to our state fuzzing methodology. Attendees will gain a deeper understanding of its architecture, APIs, and documentation, appreciating its pivotal role in fortifying network security.
As the presentation unfolds, we navigate through the development of a powerful fuzzer, a core element in our approach to identifying vulnerabilities within the TCP/IP stack. The intricacies of driving traffic through the system, simulating real-world scenarios, and leveraging reproducibility and diagnostics techniques are revealed. The discussion expands to showcase tangible results, including trophies obtained, bugs reported, and the eventual release of the project on GitHub. The session concludes with an engaging Q & A, encouraging participants to delve into the intricacies of TCP/IP stack fuzzing and its profound implications for network security.
Ilja van Sprundel
https://events.ccc.de/congress/2023/hub/event/fuzzing_the_tcp_ip_stack/
#37c3 #Security
Mit Computern das Leben zum Schlechteren verändern
Digitale Bezahlkarten, Migrationsvorhersage mit sogenannter KI, digitalisierte Grenzen zur Festung Europa und immer mehr davon. Ein Überblick, wie Digitalisierung jenseits des öffentlichen Aufschreis genutzt wird, um den Pull-Faktor Menschlichkeit zu drücken.
In der Hackerethik steht: „Computer können dein Leben zum Besseren verändern." Aber viel zu oft werden sie für das Gegenteil genutzt. Vor allem im Bereich der digitalisierten Migrationskontrolle.
Mit dabei: das Ausländerzentralregister, eines der größten automatisierten Register der öffentlichen Verwaltung; die Idee für digitale Bezahlkarten, die mehr Freiheitsbeschränkung sind als Zahlungsmittel; die üblichen Verdächtigen unter den BAMF-IT-Assistenzsystemen; Vorhersage-Systeme für Migrationsbewegungen; die digitale Festung Europa. Und ganz neu: das Schneller-Abschieben- und das Datenübermittlungsvorschriftenanpassungsgesetz.
Die aktuelle Bundesregierung macht munter dabei mit, ihre digitalen Kontrollhelfer weiter auszuweiten. Und fast niemand schaut hin.
Anna Biselli
https://events.ccc.de/congress/2023/hub/event/glaserne_gefluchtete/
#37c3 #EthicsPoliticsSociety
Alles, was ihr immer über Social Engineering wissen wolltet, aber nie die Zeit hattet, zu erfragen.
In diesem Vortrag beschreibe ich die Geschichte und den Gegenstand des Social Engineerings über den Tech-Kontext hinaus und erkläre anhand relevanter Forschung, wie, warum und bei wem es wirkt. Die modernen technischen Herausforderungen werden ebenso erläutert wie Maßnahmen, die jetzt oder in der Zukunft gegen Social Engineering getroffen werden können – individuell oder in Gruppen bzw. Organisationen.
Über verschiedene Epochen hinweg hat sich Social Engineering stets in der kriminellen Nutzung hervorgetan. Professionelle Hochstapler, Trickbetrüger und Agenten nutzten Social Engineering erfolgreich für kriminelle Unterfangen, Datensammlung oder einfach weil es Spaß machte. Doch Social Engineering ist eigentlich ein sehr alltägliches Phänomen. Jeder Mensch ist mindestens in seiner Kindheit ein geschickter Social Engineer. Manche machen es sich zum Beruf, sei es als Verkäufer oder Red-Teamer. Denn Social Engineering ist in seinem Kern die Kunst der Überzeugung anderer Personen.
Die psychologische Forschung hat sich seit den 1970ern intensiv damit beschäftigt, wie andere Menschen sich überzeugen lassen und welche Methoden dafür geeignet sind. Die zentralen Modelle und Konzepte wie das ELM-Modell und verschiedene kognitive Verzerrungen (Biases) werden vorgestellt, es wird praktisch veranschaulicht, welche Rolle sie für Social Engineering spielen. Einige Mythen, die in Bezug auf Social Engineering im Umlauf sind, werden beschrieben und aufgeklärt, die ein oder anderen Fun Facts, die so vielleicht noch nicht allen bekannt sind, zur Sprache kommen. Im finalen Teil des Vortrags dreht sich alles um den größten Bereich von bösartigem Social Engineering, der heutzutage online stattfindet. Ich werde die grundlegenden Klassifizierungen von Social Engineering praktisch relevant anhand neuester Forschung erklären und Maßnahmen aufzeigen, die wirklich helfen - konträr zu dem, was einige Berater gerne verkaufen.
K4tana
https://events.ccc.de/congress/2023/hub/event/social_engineering_geschichte_wirkung_massnahmen/
#37c3 #Science
Über die Zukunft der digitalen Inklusion
Spätestens seit Ende 2022 sind generative KI-Systeme wie ChatGPT und Midjourney in aller Munde, und sie werden dabei nicht selten auch als Game-Changer für die digitale Barrierefreiheit postuliert. Doch wo stehen wir eigentlich gerade wirklich, was können diese Systeme bereits jetzt für uns tun, und was bringt uns die Zukunft? Es ist höchste Zeit für einen unverfälschten „Reality Check“ und einen authentischen Blick in den Alltag von Menschen mit Behinderung.
Es wird immer wieder behauptet, die Einführung generativer KI-Systeme wie ChatGPT und Midjourney habe eine neue Ära der Möglichkeiten eröffnet, insbesondere im Bereich der digitalen Barrierefreiheit. Diese Technologien und Unternehmen versprechen, den Alltag von Menschen mit Behinderungen durch innovative Lösungen zu erleichtern. Beispielsweise ermöglichen neue, multi-modale Large Language Models die Generierung von Alternativtexten, die visuelle Inhalte für sehbehinderte Nutzer\*innen zugänglicher machen könnten. Auch die Erstellung von Texten in Leichter Sprache kann durch diese Modelle vereinfacht werden, wodurch Informationen für Menschen mit Lernbehinderungen oder Nicht-Muttersprachler\*innen leichter verständlich werden können.
Doch die Integration von KI in unseren Alltag als behinderte Menschen bringt nicht nur Vorteile. Trotz der neuen Fähigkeiten von KI-Systemen kommen einige neue Herausforderungen hinzu. Dazu gehören unter anderem reproduzierter Ableismus, neue für uns unsichtbare Barrieren und der zunehmende gesellschaftliche Unwille, Barrierefreiheit und somit echte Inklusion zu schaffen, wenn Hilfsmittel immer besser werden. Unter Umständen werden Menschen mit Behinderung in einem gesellschaftlichen Kontext noch unsichtbarer, als sie es sowieso sind.
Bei meiner Arbeit als Beraterin für digitale Barrierefreiheit und als sehbehinderte Person spreche ich mittlerweile täglich über generative KI. Neben den vielen Möglichkeiten, die mir diese Systeme persönlich eröffnen, sehe ich aber auch viele Herausforderungen, denen wir in naher Zukunft entgegentreten müssen. Es ist daher unerlässlich, dass wir die Entwicklung von KI-Tools kritisch begleiten, um eine inklusive digitale Zukunft zu gestalten, in der technologischer Fortschritt Hand in Hand mit menschlicher Vielfalt geht. Im Vortrag werfe ich einen detaillierten Blick auf alle diese Punkte, ordne ein und diskutiere, was dafür notwendig ist.
Casey Kreer
https://events.ccc.de/congress/2023/hub/event/rettet_uns_die_ki/
#37c3 #EthicsPoliticsSociety
Unlearning & Radical Collective Change in Online Communities
Let's explore how online communities of activists can help to bring about forms of radical collective change, through decolonial practices of social (un)learning. What enabling conditions need to be put in place? And what counts as "radical change" in the first place?!
It's plain to see: modern societies need to undergo radical social, political, and cultural transformations if they are to truly evolve away from capitalist and neocolonial structures founded on egregious exploitation and injustice.
In a context of widespread epistemic fragmentation and echo chambers, we urgently need to become better at harnessing the generative power of socio-technical networks to unite our forces as we compost the harmful ways of being, knowing, and doing that are at the root of our our planetary predicament. But we must do so critically, and not view technology as a miracle solution to anything.
What could be the role of the internet, and of online communities in particular, in exploring how such deep changes might happen? And how may everyone's wisdom and skills come together in democratic and sophisticated social (un)learning systems, to figure out the way(s) forward?
In this talk, we will discuss the results of a 5-year participatory action research program which considered this topic within two different online communities of activists. This project led the researchers to tackle the idea of radical collective change as involving a decolonial approach to collaboration, knowledge, and community-building, and to consider the enabling and disabling conditions - both social and technological - that may influence whether change happens... or not.
In particular, this research highlighted the importance of enabling participants to engage on an equal footing and self-organise, while learning to "stay with the trouble" of confronting modern societies' fundamentally unsustainable and oppressive structures, and one's own implication in them. And it also showed some of the pitfalls that come with the use of digital communication tools, as we try to use them to create a better world.
Three of the many insights I will substantiate and examine in the talk are:
- that online communities have the potential to create deep changes in people when they are built in ways that foster deep relationships, criticality and conflict transformation, and emergent leadership;
- that changing socio-political structures must go together with joyful, liberating practices that can help us unlearn harmful cultural patterns that get in the way; and
- that perhaps we should be less interested in becoming experts, and rather find the courage and open hearts allowing us to be fearlessly and fiercely present to the world, with all its shit, its wonder, and its uncertainty.
Feeling curious? Join us for a chat on how to change the world!
Dorian Cavé
https://events.ccc.de/congress/2023/hub/event/seeds_of_change/
#37c3 #SustainabilityClimateJustice
Unleashed!
Presentation/introduction to the ongoing 37C3 art exhibition groupshow with Joachim Blank, Eva Davidova, Meredith Drum, exonemo, Jonas Lund, Sahej Rahal, Ingeborg Wie by panke.gallery (Sakrowski).
With ANIMAL()CITY we draw inspiration from the ghostly presence of foxes that roam the city at night – which nowadays is a common appearance in urban environments – evoking echoes of a pre-industrial era while at the same time drawing people’s attention to a layer of the city that completely eludes their perception in everyday life. In these moments we witness animals and plants forming their own realm and the city itself having its own life, acting like an entity, a ghost at times. Encounters with wild animals in the city make the parallel layers of the landscape momentarily tangible and remind us that we are part of these ‘non-human’ networks as well. On a darker note: urban wildlife not only echoes pre-industrial times but also projects an idea of what our cities will look like when all the people have disappeared due to the consequences of the climate catastrophe. However, the city may also be read analogous to the internet. Animals, humans and plants seldomly interact within the city, and while we might notice traces or encounter their phantoms we seem to live in parallel worlds. Similarly, online we are divided by platforms into threads and channels, living in multi-layered structures haunted by uncanny bots and AI agents.
We believe that AR sculptures highlight an ethereal quality of the digital; they appear to transcend from the realm of immateriality into the physical space – the so-called spatial internet that overlays our cities. AR layers possess a magical quality in that they exist as objects whose influence on our world is – on a first step – contingent to our acceptance and perception of them as physical objects.
ANIMAL()CITY is an aesthetic inquiry of the artists’ views on how AR may intercept different layers of perception and realities or completely superimpose them.
The exhibition presents a collection of animals that transcend their natural forms and assume various "non-natural" shapes; from fantastical mythical creatures to archetypical animal sculpture adhering to classical composition to the most basic 3D animal assets, taken from game engine templates. These AR-animals introduce elements of imagination to their representation, inviting viewers to explore their own interpretations and engage with the artworks on different levels.
Eva Davidova
Sakrowski
Sembo
https://events.ccc.de/congress/2023/hub/event/animal_city/
#37c3 #ArtBeauty
Wie man Stalkerware und Staatstrojaner auf Smartphones finden kann
Smartphones sind in den letzten zehn Jahren zu einem allseits beliebten Angriffsziel geworden, sei es für Stalkerware, Staatstrojaner oder Banking-Malware. In diesem Vortrag wollen wir einen Überblick geben, mit welchen Techniken und Open-Source-Tools man auf Smartphones (unter iOS und Android) auf die Jagd nach Malware gehen kann. Im Anschluss findet ein Workshop mit einem praktischen Teil zum Ausprobieren einiger dieser Techniken statt.
Die Qualität von Anleitungen und Einführungen zu Smartphone-Forensik im Internet ist leider sehr durchwachsen: Hier will dir jemand ein buntes Tool verkaufen, hier riecht es nach einem Scam, vielerorts geht es um das, was Strafverfolgungsbehörden machen, nämlich in den Daten fremder Leute wühlen.
Stattdessen möchten wir in diesem Vortrag einen strukturierten Überblick geben, welche (öffentlichen) Möglichkeiten es in der einvernehmlichen Smartphone-Forensik mit Open-Source-Tools gibt. Wir zeigen euch, wie man welche Arten von Malware finden kann, welche Spuren sie hinterlassen und wie sich Stalkerware und Staatstrojaner in der Praxis unterscheiden.
Um 14:15 findet ein praktischer Workshop statt indem gelerntes aus dem Vortrag umgesetzt werden kann:
https://events.ccc.de/congress/2023/hub/en/event/introduction-to-smartphone-malware-forensics-pract/
Viktor Schlüter
Janik Besendorf
https://events.ccc.de/congress/2023/hub/event/einfuhrung_in_smartphone_malware_forensik/
#37c3 #Security
a journey from emissions to exposure
High performance computing (HPC) in environmental science is usually associated with research on climate change, investigating the impact of atmospheric greenhouse gases (GHG) over the next century. Besides these GHGs, there are many other gases and aerosolos in the atmosphere, which have a much more direct and immediate impact on human health: air pollutants.
The World Health Organization (WHO) considers air pollution to be the world's single largest environmental health threat, accounting for approximately 7 million deaths worldwide every year. That's why in this talk we want to speak about how the problem of air pollution can be understood and predicted using HPC pollution modeling and its application based on general concepts and our own research.
We are Dr. Johannes Bieser and Dr. Martin Ramacher, both working at the Helmholtz Zentrum Hereon in the field of numerical pollution modelling. While Dr. Bieser wrote his Dissertation on emission modelling and its application, Dr. Ramacher wrote his Dissertation on pollutant transport and exposure modelling.
In our talk on numerical air quality modelling systems, we want to introduce basic principles and share our personal knowledge in the field of numerical pollution modelling, covering the entire pathway from emissions, transport, transformation and human exposure. Each of these steps relies heavily on large amounts of data from many different sources - satellite data, activity and meta data, measurements and many more - and skills in computer science. By default, environmental scientists are often not trained in computer science and high performance computing which implies a challenge of its own (and allows Nerds like us to excel).
Our talk will be enriched with practical, technical and partially political examples to demonstrate the difficulties scientist face during their quest to improve air quality for everyone: from TB of wasted data due to historically grown data formats to counterproductive policy decisions to „improve“ air quality. We’ve seen it all and after participating in the CCC for many years now, we decided to draw attention to some state-of-the science approaches for solving one of the world’s single largest environmental health threats: „air pollution“.
ottopaul
Johannes Bieser
https://events.ccc.de/congress/2023/hub/event/numerical_air_quality_modeling_systems/
#37c3 #Science
How to shrink deep learning models, and why you would want to.
This talk will give a brief introduction of deep learning models and the energy they consume for training and inference. We then discuss what methods currently exist for handling their complexity, and how neural network parameter counts could grow by orders of magnitude, despite the end of Moore's law.
Declared dead numerous times, the hype around deep learning is bigger than ever. With Large Language Models and Diffusion Models becoming a commodity, we ask the question of how bad their energy consumption *really* is, what we can do about it, and how it is possible to run cutting-edge language models on off-the-shelf GPUs.
We will look at the various ways that people have come up with to rein in the hunger for resources of deep learning models, and why we still struggle to keep up with the demands of modern neural network model architectures. From low-bitwidth integer representation, through pruning of redundant connections and using a large network to teach a small one, all the way to quickly adapting existing models using low-rank adaptation.
This talk aims to give the audience an estimation of the amount of energy modern machine learning models consume to allow for more informed decisions around their usage and regulations. In the second part, we discuss the most common techniques used for running modern architectures on commodity hardware, outside of data centers. Hopefully, deeper insights into these methods will help improve experimentation with and access to deep learning models.
etrommer
https://events.ccc.de/congress/2023/hub/event/what_is_this_a_machine_learning_model_for_ants/
#37c3 #SustainabilityClimateJustice
Digital-ökologische Zukunftsvorstellungen in der deutschsprachigen Diskurslandschaft
Supereffiziente digitale Technik als Lösung aller Probleme oder doch lieber die selbstgebaute ressourcensparsame Low-Tech-Variante? Die Zukunftsvorstellungen, die den Einsatz digitaler Technik und ökologische Fragen zusammendenken, sind in der deutschen Diskurslandschaft nicht gerade üppig gesät. Im Vortrag werden die Ergebnisse einer Kurzstudie präsentiert, bei der wir die Zukunftsvorstellungen digital-ökologischer Transformation bei gesellschaftspolitischen Akteuren gesucht, analysiert und zu Visionskategorien zusammengefasst haben.
Der Vortrag bietet einen Einblick in die Ergebnisse einer erstmaligen systematischen Untersuchung der im deutschsprachigen Diskurs präsenten Visionen zur digital-ökologischen Transformation und setzt diese in einer Landschaft an Vorstellungen von Transformation, Nachhaltigkeit und Technikgestaltung zueinander in Beziehung. Bei der Recherche wurden zivilgesellschaftliche, staatliche, wissenschaftliche und wirtschaftliche Akteure berücksichtigt. Das Ergebnis sind sechs verschiedene Typen an Visionskategorien: „Dematerialisierung", „Digital-ökologische Modernisierung", „Leitplanken einer zukunftsfähigen Digitalpolitik", „Digital-ökologischer TÜV", „Digitale Suffizienz" und „Low-Tech" bilden die Landschaft der Visionen digital-ökologischer Transformation im deutschsprachigen Raum.
Die Vorstellung, dass digitale Technik durch Effizienzsteigerungen zu einer Entkopplung von Wirtschaftswachstum und Ressourcenverbrauch beiträgt, kann unter dem Begriff „Dematerialisierung” gefasst werden. „Digital-ökologische Modernisierung” bezeichnet einen eher technokratischen Ansatz, in dem die ökologischen Kosten der Digitalisierung durch Sparsamkeit, Recycling und vor allem den flächendeckenden Einsatz von erneuerbaren Energien zu bewältigen sind. Vertreter\*innen des Visionstyps „Leitplanken einer zukunftsfähigen Digitalpolitik” geben statt einer scharf formulierten Vision eher Leitplanken für die zukünftige Gestaltung der Digitalisierung im Rahmen ökologischer Grenzen vor. Die Kategorie „Digital-ökologischer TÜV” beschreibt Ansätze, die eine Bewertung des Verhältnisses von Ökologie und digitaler Technik von einer fortlaufenden Überprüfung des Einsatzes digitaler Technik abhängig machen. Bei „Digitaler Suffizienz” wird das Konzept der Suffizienz auf den Bereich Digitalisierung übertragen und orientiert sich an dem Motto „so viel Digitalisierung wie nötig, so wenig wie möglich“. Zuletzt kann die Idee der Abkehr vom linearen Fortschrittsdenken und von damit einhergehenden ressourcenintensiven High-Tech-Infrastrukturen als „Low-Tech”-Vision bezeichnet werden.
Im Vortrag wird das Verhältnis der einzelnen Kategorien zueinander anhand von verschiedenen Dimensionen, wie ihr zugrundeliegendes Transformationsverständnis oder die Radikalität der beschriebenen Veränderungen, dargestellt sowie deren politische Bedeutung reflektiert. Welche Visionen erfüllen den Anspruch an eine global gerechte Digitalität der Zukunft?
Anja Höfner
Mascha Schädlich
https://events.ccc.de/congress/2023/hub/event/darf_s_noch_etwas_visionarer_sein/
#37c3 #SustainabilityClimateJustice
Following the failure and easy exploitation of the AACSv1 DRM on HD-DVD and Blu-ray, AACS-LA went back to the drawing board and announced the next generation AACSv2 DRM scheme, launching alongside 4K UHD Blu-ray in 2015. Since then, nearly no information has come out publicly about any vulnerabilities or even the algorithms themselves, owing in large part to software players requiring the use of Intel SGX secure enclave technology, which promises integrity and confidentiality of AACSv2 code and data through local and remote attestation mechanisms. Join us as we explore the broken history of AACS, describe practical side-channel attacks against SGX, and present the first look into the inner workings of AACSv2 DRM, culminating in a demonstration of the first full compromise of AACSv2 and unofficial playback of a UHD-BD disc.
The Advanced Access Content System (AACS) is a DRM scheme used to safeguard audio and visual content, particularly in high-definition formats like HD-DVD and Blu-ray. First introduced in 2005 following the failure of the Content Scramble System (CSS) used in DVDs, AACS was designed to be not only secure against regular piracy, but included multiple features intended to restrict the impact of a potential leak of cryptographic material such as revocation lists and traitor-tracing. The concepts and algorithms of AACS were described in a publicly-released whitepaper, relying on strong cryptography and secrecy of keys to maintain security. Unsurprisingly, less than a year after publication, the first unlicensed decryption tool was demonstrated using keys reverse-engineered from a software player binary. While AACS-LA was quick to revoke those keys, a cat-and-mouse game emerged with new keys being regularly extracted from sources such as software updates and PS3 firmware.
With AACS effectively broken and easily bypassed as described in Eckersley’s 24c3 presentation, AACS-LA would announce the introduction of AACSv2 for the next generation 4K UHD Blu-ray discs. This time, however, AACS-LA would not release the specifications of the DRM publicly, requiring strict NDAs for implementers and increased software/hardware security measures. Most notably, playback of legitimately purchased UHD-BDs on PC requires Cyberlink PowerDVD software running on Windows 10 and an SGX-capable 7th-10th generation Intel CPU. Since the DRM would run exclusively in the SGX secure enclave, no further information about its inner workings or vulnerabilities would be discovered publicly, until now.
In this presentation, we explore the security system of AACSv2 DRM and the Intel SGX trusted execution environment. We first analyze the principles of SGX and its promises of an isolated environment, protected from all software running on the machine. We also investigate the use of SGX local and remote attestation primitives intended to verify the integrity and confidentiality of AACSv2 key material and DRM code, and why it has resisted outside analysis for so many years. We then discover how hardware side-channel attacks can be used to undermine these guarantees of SGX, and craft an effective exploit to extract cryptographic material from the enclave and defeat the DRM code obfuscation.
Following that, we present the first public description of the inner workings of AACSv2, the key derivation process, and the updated revocation and traitor-tracing mechanisms. We studied BIOS updates from six motherboard vendors to show how SGX can be broken both easily and cheaply, and that vendors are now faced with a decision of security vs. usability in trusting unpatched machines. Finally, we conclude with the first demonstration of a UHD Blu-ray disc being decrypted and played back on a non-official platform.
Adam Batori
https://events.ccc.de/congress/2023/hub/event/full_aacsess_exposing_and_exploiting_aacsv2_uhd_drm_for_your_viewing_pleasure/
#37c3 #Security
How Astronomy Knew 6 Planets, Then Found 20 More, Then Went Back To 8 (For Now)
The Solar System has had 8 planets ever since Pluto was excluded in 2006. This has made a lot of people very angry and been widely regarded as a bad move. But did you know Neptune was discovered as the 12th planet? Or that, 80 years before Star Trek, astronomers seriously suspected a planet called Vulcan near the Sun? This talk will take you through centuries of struggling with the question: Do you even planet?!
In antiquity, scientists counted the 7 classical planets: the Moon, Mercury, Venus, the Sun, Mars, Jupiter and Saturn – but their model of the universe was wrong. Two thousand years later, a new model was introduced. It was less wrong, and it brought the number of planets down to 6: Mercury, Venus, Earth, Mars, Jupiter, Saturn. Since then, it's been a roller coaster ride of planet discoveries and dismissals.
In this talk, we stagger through the smoke and mirrors of scientific history. We meet old friends like Uranus and Neptune, forgotten lovers like Ceres, Psyche and Eros, fallen celebrities like Pluto, regicidal interlopers like Eris and Makemake as well as mysterious strangers like Vulcan, Planet X and Planet Nine.
Find out how science has been tricked by its own vanity, been hampered by too little (or too much!) imagination, and how human drama can make a soap opera out of a question as simple as: How Many Planets in Our Solar System?
Michael Büker
https://events.ccc.de/congress/2023/hub/event/how_many_planets_in_our_solar_system_glad_you_asked/
#37c3 #Science
Why do some people stay fit and healthy easier than others, even when following the same health advice? Why does the same medication work well in one person, but not in another? Some of our individuality in these regards may trace to which bacteria we carry in the soil of our intestinal gardens. In this talk, drawing on work by my own research lab at the Charité and on that by our collaborators and rivals elsewhere in the world, I outline what we know, what we speculate, and what obstacles remain in the way of widespread adoption of personalized health prevention through microbiome sequencing.
Despite our best efforts of finding the perfect regimen of diet, exercise and medication to keep any person fit and healthy, outcomes for different people vary widely for all of these measures, even when we comply with them fully. Some of this traces to our individual genetics, which remains difficult to change, but another source of variation in responses may come from differences between our gut microbiomes.
Human bodies are not sterile, and our skin, our mucosal surfaces and, in particular, our intestines are home to many more bacteria than there are human cells in our bodies, representing hundreds of different species in each person. These microbial ecosystems, or microbiomes, are found in all animals and have coevolved with their hosts. Therefore we rely on commensal ("friendly") bacteria for many functions, including breaking down nutrients, converting some medications into their active forms, producing certain crucial compounds for us from our diet, and helping our immune systems mature and remain tuned. The microbiota also contains temporary visitors and both transient and resident opportunistic pathogens, often kept in check by the immune system and by the commensals, but sometimes escaping such control to multiply and cause disease. Human gut microbiomes begin establishing at birth and evolve over a lifetime, but remain quite stable within each person throughout adulthood unless something serious like repeated antibiotic cures disrupt them. However, they can differ quite substantially between individuals as well as between populations, reflecting factors such as nutrition and environmental exposures.
It has been proposed, and to a degree already demonstrated, that differences between individuals in which gut bacteria they harbour may underlie differences in their susceptibility to disease, their resilience to stressors, and their responses to environmental stimuli. Thus the variation in responses to the same lifestyle between different people may reflect their gut microbiomes. This would open up several venues of personalized medicine, lifestyle advice and nutrition. Choice of medications, diets or interventions could be selected according to a person's specific microbiome to be most effective. It might also be possible to potentiate such interventions by altering the gut microbiome in different ways, such as through antibiotics, probiotics, nutrition or through microbiome transplantation from another person. Alternately put, by adapting the microbiome to a lifestyle intervention, and/or adapting a lifestyle intervention to the microbiome, we may be able to optimize how a given person can seek and achieve fitness and health.
In this talk, I will outline what we know on these topics so far, especially from studies using large-scale microbial (meta-)genome DNA sequencing. In this talk I will draw on work by my own lab at the Charité in Berlin, as well as that of our colleagues, rivals and collaborators elsewhere in the world. I will give examples of known gut microbial modulation of human responses to the external environment and introduce the most common strategies both for researching such effects and for their leverage as health-promoting tools. Where there are limits to our knowledge or obstacles to its practical application, I will identify those obstacles and suggest ways to overcome them.
Sofia Kirke Forslund-Startceva
https://events.ccc.de/congress/2023/hub/event/gut_feelings_can_we_optimize_lifestyle_diet_and_medication_according_to_our_respective_microbiota/
#37c3 #Science
They call it RFC 9420, we say MLS: A new IETF standard for end-to-end encryption was published in July and brings large improvements in performance and security compared to existing protocols. We are here to present Messaging Layer Security, its ecosystem and its roadmap.
The MLS protocol is already being used in production to end-to-end encrypt Webex conference calls and will soon provide encryption for Android messages and RCS 2.0 for billions of users. Other messaging tools (such as Discord, Matrix, Wire, etc.) are currently trialing MLS and are expected to follow.
Why was the protocol developed in the first place? How does it work? What are the next steps for MLS?
MLS improves upon existing protocols such as Signal in group messaging applications. We co-authored the protocol specification and will briefly talk about what motivated the creation of MLS, how it relates to other existing messaging protocols as well as its design process in general.
As a group messaging protocol, the security guarantees provided by MLS go beyond authentication and confidentiality. We will go into detail on what security properties users can expect and take a look under the hood on how MLS works.
While the MLS specification has only been published recently, more work is underway and an ecosystem is already forming around the standard. We’ll touch on topics like MLS implementations, metadata hiding, federation, and interoperability between messengers (also in the context of the new IETF MIMI working group [1]). And of course we’ll share insights into the future of Messaging Layer Security!
[1] datatracker.ietf.org/group/mimi/about
Konrad Kohbrok
Raphael Robert
https://events.ccc.de/congress/2023/hub/event/rfc_9420_or_how_to_scale_end-to-end_encryption_with_messaging_layer_security/
#37c3 #Security
Ever evolving mercenary spyware continues to threaten the safety of activists, journalist and human rights defenders around the world. Following the exposure of the Pegasus spyware scandal, this talk will be a technical deep dive into the tactics and techniques sold by the European-based spyware alliance Intellexa, which is used by governments to infect the devices and infrastructure we all depend on.
As part of the Predator Files investigation, Amnesty International, in partnership with European Investigative Collaborations, uncovered and documented for the first time how the Intellexa Alliance, a European-based surveillance vendor, has supplied advance spyware and surveillance technology to governments around the world, and where it has then been used to target journalists, leading politicians, and European institutions.
Technical specifications and marketing material from surveillance vendors is often kept secret. The resulting information asymmetry prevents defenders in the cybersecurity industry and at-risk civil society groups from understanding the full scope of the threats that they face. This talk will draw on leaked internal documents and technical material, obtained by the Predator Files consortium, which shed light on the evolving technical tactics used by surveillance actors to subvert network infrastructure and deliver digital attacks to targeted individuals.
This talk will conclude with recommendations on possible mitigations and detections which can help protect civil society targets and the wider internet ecosystem from some of the attack vectors offered by this company.
Donncha Ó Cearbhaill
https://events.ccc.de/congress/2023/hub/event/predator_files_how_european_spyware_threatens_civil_society_around_the_world/
#37c3 #Security
Ensuring the integrity of Integrated Circuits (ICs) against malicious hardware Trojans is paramount for secure electronic devices. One approach involves imaging the manufactured chips to compare them with their original design files. While such techniques for detecting Trojans are relatively well-known in the industry, there is a notable absence of comprehensive, publicly available case studies. To bridge this gap, we unveil a Red Team vs. Blue Team case study on hardware Trojan detection across four digital ICs in various modern feature sizes. We share our findings, algorithms, and image datasets, shedding light on the efficiency of these techniques, and offer insights into the impact of technology scaling on detection performance.
We love to put microcontrollers, systems-on-a-chip and many other Integrated Circuits (ICs) into all sorts of devices. As hardware backdoors can undermine software security, the integrity of these chips is becoming increasingly important. However, most of these microchips are manufactured in a complex global supply chain where not all parties can necessarily be trusted. Who guarantees that the chip we order is the chip we get delivered? While the European Union wants to ensure digital sovereignty through massive long-term investment in domestic IC production, we need a way to verify the integrity of microchips *today*.
In this talk, we will first briefly cover the basics of the IC design and production process. We will outline common attacks that enable the insertion of subtle malicious manipulations or backdoors, often called hardware Trojans. You don't need to have a hardware background to follow along!
We then introduce some techniques we can use to detect hardware manipulations by comparing the circuit within a microchip to its original design files by reverse engineering the chip using open-source image processing. While imaging an IC requires advanced laboratory equipment, commodity hardware is sufficient to analyze the captured images.
In the main part of our talk, we will present a case study on Trojan detection based on four different digital ICs using a Red Team vs. Blue Team approach, and give a live demonstration.
We will share what manipulations of our Red Team we are already able to find reliably, and where some work is still needed -- and we're calling on you to play with our algorithms and have a go at uncovering the Trojans that are still well-hidden. Of course, we have made our source code and entire image datasets available under a free and open license.
We'll conclude with an insight into the working process of our Blue Team -- what we learned, and how we failed -- and give an outlook on how we can lower the entry barrier into IC reverse engineering, unlocking the hardware security field for all.
René Walendy
e7p
Steffen Becker
https://events.ccc.de/congress/2023/hub/event/unlocking_hardware_security_red_team_blue_team_and_trojan_tales/
#37c3 #Security
Mit Milliarden leuchtenden Galaxien den dunklen Teil des Kosmos verstehen
„Euclid" ist ein neues Weltraumteleskop der Europäischen Weltraumbehörde mit Beteiligungen eines Wissenschaftskonsortiums aus vierzehn europäischen Ländern, den USA, Kanada und Japan. Euclid wurde am 1. Juli 2023 gestartet und beginnt bis Ende des Jahres seine auf 6 Jahre geplante wissenschaftliche Himmelsdurchmusterung. Euclid wird mit seinem Spiegel von 1,20 m Durchmesser und seinen zwei Kameras Bilder und Spektren von einem Drittel des gesamten Himmels aufnehmen. Das Ziel: mit der genauen Vermessung von insgesamt zwei Milliarden Galaxien der Natur von „Dunkler Materie" und „Dunkler Energie" im Universum auf den Grund zu gehen – die zwar zusammen 95 % der Gesamtenergie ausmachen, von denen wir aber nicht wissen, was sie sind und woraus sie bestehen. Euclid hat im November erste spektakuläre Bilder veröffentlicht. Ich werde die Mission vorstellen, die wissenschaftlichen Ziele, die Methoden und darauf eingehen, was in den 25 Jahren von Idee über Teleskop zu wissenschaftlicher Erkenntnis so alles zu erledigen war und ist.
Die Astronomie weiß aktuell von 95 % der Energie und Masse im Universum nicht, woraus sie bestehen. Neben 5 % „normaler“ Materie (Sterne, Gas, die Erde, CCC-Kongressteilnehmer\*innen, …) gibt es mindestens fünfmal so viel so genannte dunkle Materie und darüberhinaus sind die restlichen 70 % das, was dunkle Energie genannt wird. Bei beidem wissen wir bislang nicht, woraus sie bestehen – wir kennen nur deren Wirkung! Galaxien rotieren anders, als sie es nur mit normaler Materie tun würden. Und das Universum expandiert – seit dem Urknall – aber die Expansionsgeschwindigkeit nimmt zu und nicht ab, wie von anziehender Materie zu erwarten wäre. Irgendwas drückt den Raum an sich auseinander.
Euclid ist ein Teleskop, eine Mission und ein Konsortium aus mehreren tausend Menschen, von denen viele seit ca. 2008 an den Ideen zu dieser Mission arbeiten, viele hundert an der Planung und dem Bau zweier hoch empfindlicher Kameras mit insgesamt knapp 700 Millionen Pixel und jetzt ein- bis zweitausend Interessierten, welche die bald erwarteten wissenschaftlichen Bilder auswerten wollen.
Ich möchte die Ziele erläutern, wie man aus der Vermessung der Form von Galaxien unsichtbare dunkle Materie im Vordergrund aufspürt („schwacher Gravitationslinseneffekt“) und warum es einen „kosmischen Längenmaßstab“ gibt, mit dem man die Ausdehnung des Universums über zehn Milliarden Jahre in der Vergangenheit vermessen kann.
Schließlich möchte ich die ersten fünf Bilder zeigen, die von Euclid aufgenommen und von der ESA im November veröffentlicht wurden – und warum in denen so viel mehr drinsteckt, als man auf einem Computermonitor so sieht.
Knud Jahnke
https://events.ccc.de/congress/2023/hub/event/euclid_das_neue_weltraumteleskop/
#37c3 #Science
What We (Don't) Know About the Most Energetic Events in the Universe
In October 2022 a gamma-ray burst dubbed the 'Brightest Of All Times' smashed records. But what is that actually, a gamma-ray burst? How do we detect it? And why was the BOAT so special?
Gamma-ray bursts are the biggest explosions in our Universe since the Big Bang: In just a few seconds, they release as much energy as the Sun will radiate over its entire lifetime. Even though they occur in far-away galaxies, their emission dominates the high-energy astrophysical sky during their seconds-long duration. They come from the cataclysmic deaths of very massive stars or the mergers of two compact objects such as neutron stars and black holes. In both cases the energy is concentrated in an astrophysical jet moving at approximately the speed of light.
In October 2022, a once-in-a-lifetime gamma-ray burst smashed records and was dubbed the ‘Brightest of All Time,’ or the BOAT. In fact, it was so bright that it oversaturated the most sensitive gamma-ray burst monitors, posing a challenge for data reconstruction and analysis. But why was it so bright? And how long do we have to wait until the next one?
Using the BOAT as an example, we will give an introduction about the fascinating phenomena called gamma-ray bursts. From their accidental discovery during the Cold War to our still surprisingly limited understanding of their nature. The talk will revisit the state-of-the-art of theoretical modelling/interpretations (how are jets launched? what produces the gamma rays?), as well as current detector techniques (how do we catch a gamma-ray photon on Earth or in space?). Naturally, we will also discuss what we really learn from prominent, outstanding events such as the BOAT -- and the questions that still give scientists headaches.
Annika Rudolph
Sylvia Zhu
https://events.ccc.de/congress/2023/hub/event/about_gamma-ray_bursts_and_boats/
#37c3 #Science
how individuals are affected and how the release of e-evidence works technically. Who are the actors? Which types of information can be requested? How are individual rights protected?
Having worked on the cross border e-evidence dossier since it's inception in 2017, the talk aims to present an insider view on the proposed procedures and legal protections, the scope of the obligation on industry to promptly provide information to law enforcement as well as the status of the proposed technical implementation including the proposed authentication and encryption of requests as well as the response data provided.
As an industry representative participating in the official EU e-evidence implementation task force I am going to take a look at the current, up to date status of the proposed implementation as well as the numerous grey areas to still be addressed both legally as well as technically to make the e-evidence dossier even remotely workable/acceptable for all parties concerned.
Klaus Landefeld
https://events.ccc.de/congress/2023/hub/event/dissecting_eu_electronic_evidence/
#37c3 #EthicsPoliticsSociety
Entgegen der Auffassung, die schwule Subkultur hätte durch die digitale Vernetzung einen Aufschwung erhalten und sei in ihrem Aktivismus gestärkt worden, möchte ich eine gegenwärtige Krise der Subkultur markieren und ihren Entstehungskontext durch Onlinedating skizzieren. Schwule Onlineplattformen entstanden, um der Unterdrückung von homosexuellem Verhalten zu entgehen. Zynischerweise sorgen sie heute für eine unterschwellige, fesselnde Regulation homosexueller Menschen.
Der Vortrag arbeitet sich zwar vor allem an MSM-Personen (Männer, die Sex mit Männern haben) ab, richtet sich aber ausdrücklich an Hacker:innen jeglicher Sexualität.
Der Vortrag zeichnet erstens eine Kulturgeschichte der schwulen Subkultur und erklärt, warum Darkrooms und ähnliche Orte, an denen schwuler Sex in der semi-Öffentlichkeit vollzogen wird, konstitutiv für die schwule Szene waren. Zweitens werden die Effekte der Digitalisierung dieser Orte hin zu Plattformen wie früher GayChat oder heute Grindr aufgezeigt. Drittens wird gezeigt, warum homosexuelle Cruising-Apps wie Grindr kultur- und softwaretechnisch grundlegend anders aufgebaut sind als heterosexuelle Dating-Apps wie Tinder.
Mit dem Vortrag möchte ich einen Anstoß geben, Dualismen wie Homo- und Heterosexualität, Cruising und Dating, Promiskuität und Monogamie zu hacken. Ich möchte zeigen, dass Interaktivität auf *Datingplattformen* häufig eine Illusion ist, und versuchen, gemeinsam mit dem Publikum Wege zu finden, den „interpassiven”-Konsumstatus im Onlinedating aufzubrechen.
LustigerLeo
https://events.ccc.de/congress/2023/hub/event/vom_darkroom_in_die_blackbox/
#37c3 #EthicsPoliticsSociety
Vortrag und Lesung
Die zwölf Jahre seit der Selbstenttarnung des NSU haben gezeigt, dass auf den Staat bei der Aufklärung und Aufarbeitung von rechtem Terror kein Verlass ist. Deshalb haben Betroffene von rechter Gewalt, Antifaschist\*innen und Zivilgesellschaft diese Aufgabe wieder und wieder selbst in die Hand genommen. Die daraus gewonnenen Analysen, die Aufklärung und die entstandenen solidarischen Netzwerke sind vielfältiger, als sich viele am Anfang vorgestellt haben. Doch wir wollen fragen: Was können nächste Schritte sein? Wie können wir rechten Terror verhindern?
Das bundesweite antifaschistische Bündnis NSU-Watch hat im Sommer 2023 sein Buch „Aufklären und Einmischen. Der NSU-Komplex und der Münchener Prozess“ in der erweiterten Neuauflage herausgebracht. Es gibt einen Überblick über die bisherige Aufarbeitung des NSU-Komplexes. Auf dieser Grundlage wollen Vortrag und Lesung fragen: Was können nächste Schritte sein? Wie können wir rechten Terror verhindern? Die Antworten sind vielfältig und warten teilweise noch darauf, entdeckt zu werden. Und trotzdem bleibt die Gefahr rechten Terrors hoch, auch weil auf staatlicher, behördlicher und gesellschaftlicher Seite Konsequenzen noch ausstehen. Doch wir wissen bereits jetzt genug, um rechtem Terror aktiv entgegenzuwirken.
Caro Keller (NSU-Watch)
https://events.ccc.de/congress/2023/hub/event/gemeinsam_gegen_rechten_terror_aber_wie/
#37c3 #EthicsPoliticsSociety
What occurs when machines learn from one another and engage in self-cannibalism within the generative process? Can an image model identify the happiest person or determine ethnicity from a random image? Most state-of-the-art text-to-image implementations rely on a number of limited datasets, models, and algorithms. These models, initially appearing as black boxes, reveal complex pipelines involving multiple linked models and algorithms upon closer examination. We engage artistic strategies like feedback, misuse, and hacking to crack the inner workings of image-generation models. This includes recursively confronting models with their output, deconstructing text-to-image pipelines, labelling images, and discovering unexpected correlations. During the talk, we will share our experiments on investigating Stable-Diffusion pipelines, manipulating aesthetic scoring in extensive public text-to-image datasets, revealing NSFW classification, and utilizing Contrastive Language-Image Pre-training (CLIP) to reveal biases and problematic correlations inherent in the daily use of these models.
The talk will be conducted by sharing various experiments we've done under the umbrella of generative AI models. We will begin with a general idea of how we, as artists/programmers, perceive these models and our research on the workflow of these constructs. Then, we will further elaborate on our exploration of the Stable Diffusion pipeline and datasets. Throughout our investigation, we discovered that some essential parts are all based on the same few datasets, models, and algorithms. This causes us to think that if we investigate deeper into some specific mechanisms, we might be able to reflect on the bigger picture of some political discourses surrounding generative AI models. We deconstructed the models into three steps essential to understanding how they worked: dataset, embedding, and diffusions. Our examples are primarily based on Stable-Diffusion, but some concepts are interchangeable in other generative models.
As datasets and machine-learning models grow in scale and complexity, understanding their nuances becomes challenging. Large datasets, like the one for training Stable Diffusion, are filtered using algorithms often employing machine learning. To "enhance" image generation, LAION's extensive dataset underwent filtering with an aesthetic prediction algorithm that uses machine learning to score the aesthetics of an image with a strong bias towards water-color and oil paintings. Besides the aesthetic scoring of images, images are also scored with a not safe-for-work classifier that outputs a probability of an image containing explicit content . This algorithm comes with its own discriminatory tendencies that we explore in the talk and furthermore asks how and by whom we want our datasets to be filtered and constructed.
Many generative models are built upon Contrastive Language-Image Pre-training (CLIP) and its open-source version, Open-CLIP, which stochastically relates images and texts. These models connect images and text, digitize text, and calculate distances between words and images. However, they heavily rely on a large number of text-image pairs during training, potentially introducing biases into the database. We conducted experiments involving various "false labelling" scenarios and identified correlations. For instance, we used faces from ThisPersonDoesNotExist to determine "happiness" faces, explored ethnicities and occupations on different looks, and analyzed stock images of culturally diverse food. The results often align with human predictions, but does that mean anything?
In the third part, we take a closer look at the image generation process, focusing on the Stable Diffusion pipeline. Generative AI models, like Stable Diffusion, have the ability not only to generate images from text descriptions but also to process existing images. Depending on the settings, they can reproduce input images with great accuracy. However, errors accumulate with each iteration when this AI reproduction is recursively used as input. We observed that images gradually transform into purple patterns or a limited set of mundane concepts depending on the parameters and settings. This raises questions about the models' tendencies to default to learned patterns.
Ting-Chun Liu
Leon-Etienne Kühr
https://events.ccc.de/congress/2023/hub/event/self-cannibalizing_ai/
#37c3 #ArtBeauty
A look into pipelines ending in museums and not in the cloud
In the original Hacker Ethics, Steven Levy stated that "you can create art and beauty on a computer". That was 40 years ago, creating art and beauty is one thing, but how do you maintain or develop it as a gallery, archive or museum? You know all about CI/CD and deploying to "the cloud"? Well, let me show you how to deploy to a museum or art space. Important note: this talk is not about NFTs.
The preservation and presentation of software/computer-based art in museums presents unique challenges in the contemporary landscape. One prominent issue is the ephemeral nature of digital media, which includes websites, games, software and virtual reality art. Unlike traditional art forms, these works often rely on rapidly evolving technologies, making them vulnerable to obsolescence. Museums are faced with the task of preserving and restoring media art in a way that not only preserves the original intent of the artist, but also ensures accessibility for future audiences.
Another significant challenge is the dynamic and interactive nature of many media artworks. Unlike static paintings or sculptures, digital artworks often require specific hardware, software or immersive environments to be experienced. Museums need to invest in both the technological infrastructure and the expertise to recreate these conditions and provide visitors with an authentic encounter with the artwork.
In this talk we want to look at some solutions from the perspective of software developers who are motivated not only to preserve and present digital media art, but also to develop it with contemporary software development strategies.
obelix
https://events.ccc.de/congress/2023/hub/event/devops_but_for_artworks_in_museums/
#37c3 #ArtBeauty
Karl Lauterbach und die EU-Kommission haben eines gemeinsam. Beide wollen in Windeseile die Digitalisierung des Gesundheitssektors voranbringen. Die elektronische Patientenakte soll im Januar 2025 für alle Bundesbürger:innen kommen. Im gleichen Jahr ist der Start des sogenannten Europäischen Gesundheitsdatenraums geplant.
Beide Projekte zielen darauf ab, die Gesundheitsdaten von Millionen Menschen zu digitalisieren und diese Behandelnden, der Forschung und der Wirtschaft bereitzustellen.
In unserem Vortrag wollen wir entlang von sieben Thesen zentrale technische und gesellschaftspolitische Untiefen der geplanten Gesundheitsdigitalisierung in der Bundesrepublik und in der EU erkunden – und den Weg zu einer alternativen Digitalisierung des Gesundheitssektors aufzeigen.
Daniel Leisegang
bkastl
https://events.ccc.de/congress/2023/hub/event/von_der_epa_zum_ehds_7_thesen_zur_aktuellen_digitalen_gesundheitspolitik/
#37c3 #EthicsPoliticsSociety
Debitkarte/girocard geklaut? – Schnell sperren lassen … doch was, wenn die Sperrung nicht so wirksam ist, wie es scheint?
Im Rahmen des Vortrages werden Datenschutz- und IT-Sicherheitsmängel im KUNO-Sperrsystem vorgestellt. Das System ist bei > 90 % der Händler in Deutschland im Einsatz und soll seit einem Beschluss der Innenministerkonferenz im Jahr 2005 garantieren, dass das elektronische Lastschriftverfahren (ELV) vor Betrug sicher(er) ist.
Im Rahmen des Vortrages wird unter anderem aufgezeigt, wie es Unbefugten/Taschendieben (über Jahre) möglich war, gesperrte EC- & Debitkarten/ girocards für die ELV simpel zu entsperren. Darüber hinaus werden Streifzüge durch die Themen der IT-Sicherheit, des Datenschutzes und Payments vorgenommen – Vergnügen für alle Datenreisenden ist garantiert :)
Weitere Infos zu den Lücken (Ende des Jahres) unter: https://giroday.de
Das KUNO-Sperrsystem (Kriminalitätsbekämpfung im unbaren Zahlungsverkehr durch Nutzung nichtpolizeilicher Organisationen) wurde vor über 20 Jahren entwickelt, um Betrug mit EC-Lastschriftverfahren einzudämmen. 96 % aller Händler in Deutschland nutzen direkt oder indirekt die KUNO-Sperrdatei, um sich vor Betrug mittels gefälschter Lastschrift zu schützen. Das System wird vom EHI Retail Institute in Kooperation mit der deutschen Polizei und dem Hauptverband des Deutschen Einzelhandels betrieben. Pro Jahr laufen mehr als 120.000 Meldungen über das System.
Im Rahmen einer Untersuchung konnte nun ermittelt werden, dass Taschendiebe die entsprechende Sperrung von Girocards/Debitkarten simpel aufheben und weiter Betrug begehen konnten. Durch eine Meldung im Rahmen eines Responsible Disclosure-Verfahrens konnten zahlreiche Mängel im Bereich Datenschutz und IT-Sicherheit aufgedeckt und behoben werden.
Im Vortrag wird Tim Philipp Schäfers das KUNO-System genauer vorstellen und Streifzüge durch die Themen der IT-Sicherheit, des Datenschutzes und Payments vornehmen - Vergnügen für alle Datenreisenden (alle Level) ist garantiert :)
Weitere Infos zu den Lücken (Ende des Jahres) unter: https://giroday.de
Weitere Infos zum KUNO-Sperrsystem:
de.wikipedia.org/wiki/Kriminalit%C3%A4tsbek%C3%A4mpfung\_im\_unbaren\_Zahlungsverkehr\_durch\_Nutzung\_nichtpolizeilicher\_Organisationen
Tim Philipp Schäfers (TPS)
https://events.ccc.de/congress/2023/hub/event/oh_no_kuno_-_gesperrte_girocards_entsperren/
#37c3 #Security
A critical talk about sustainability, technology, society, growth and ways ahead
The aim of this talk is to critically analyse the use of digital technology in the current context of global ecological injustice and the collapse of ecosystems. But how can we strive for and promote a sustainable, just and democratic digital future? The challenges are huge and include the digital world's hunger for energy as well as the exploitative global practices of tech companies or the discussion of the current AI sustainability hype. But which digital tools make sense, which do not and how can we achieve global social emancipation from self-destructive structures and towards ecological sustainability and a and a just world?
Maja Göpel
https://events.ccc.de/congress/2023/hub/event/on_digitalisation_sustainability_climate_justice/
#37c3 #SustainabilityClimateJustice
Hacken geht auch ohne Ohren! In den letzten zwei Jahren haben wir am lebenden Objekt erforscht, wie man Hackspaces für Gehörlose öffnen kann, so dass wir alle gemeinsam an Projekten arbeiten und cooles Zeug bauen können. Kommt vorbei, schaut/lauscht, und nehmt was mit nach Hause!
Der Vortrag wird in der Österreichischen Gebärdensprache (ÖGS) gehalten und simultan zu Deutsch übersetzt (bzw. andersherum für Fragen).
Hackspaces sind für Gehörlose nicht zugänglich, um ihre Kreativität auszuleben sowie nachhaltige Techniknutzung eigenständig zu erlernen.
Das wissenschaftlich-künstlerische Projekt MACH’S AUF! setzt seinen Fokus auf die folgenden Fragen:
* Wie kann Technik gestaltet sein, damit sie besser von gehörlosen Menschen genutzt werden kann?
* Wie kann eine Zusammenarbeit zwischen Gehörlosen und Hörenden funktionieren?
* Wie können Barrieren abgebaut werden, ohne dass gesellschaftliche Randgruppen davon benachteiligt werden?
In den letzten zwei Jahren haben Oliver "fussel" Suchanek (es/ihm) und Franz "Stoni" Steinbrecher (er/ihm) viel Zeit, Aufwand und Sorgfalt in diverse Veranstaltungen, Workshops und Aufklärung gesteckt. Ermöglicht wurde das durch die finanzielle Unterstützung vom Chaos Computer Club.
Das Ergebnis kann sich sehen lassen:
Eine neue Community, in der Hörende und Gehörlose gemeinsam hacken, in der Gehörlose Maschinen bedienen, die vorher unzugänglich waren, und auch ganz neue Projekte wie zum Beispiel die ÖGS-Suchmaschine (http://suche.machs-auf.at/search).
Über die Arbeit der ersten zwei Jahre wird Oliver "fussel" Suchanek berichten, so dass ihr unsere Ansätze auch in anderen Spaces anwenden könnt.
Seid gespannt auf den Einblick … :)
Oliver 'fussel' Suchanek
https://events.ccc.de/congress/2023/hub/event/offnet_eure_spaces_fur_gehorlose/
#37c3 #CCC
The GB Interceptor
How do you capture a video from an 1989's Game Boy without modding the original hardware? With an adapter cartridge that spies on the memory bus!
Let's talk about how to reconstruct the Game Boy's memory state, emulate its graphics unit and then encode the image into an MJPEG stream for anyone to use as a USB video class device. In realtime. On an rp2040 microcontroller.
The original goal of the open source project "GB Interceptor" was to capture gameplay for one specific game: Tetris. In order to live stream a Tetris tournaments from the contestant's personal Game Boys, the idea was to create an adapter that goes between the Game Boy and the game module to analyze the communication on the memory bus and reconstruct the game state.
It turns out that it is actually possible to reconstruct the entire memory state of almost any game and in fact create an rp2040-based adapter that acts as a USB video class device offering the on-screen game footage in realtime. Players can simply put this adapter into their Game Boy and use it like a webcam without additional drivers or knowledge.
An essential aspect of this concept is that the Game Boy basically runs all of its code directly from the ROM module, which makes it possible to directly follow the program counter of its 8bit CPU regardless of how the code branches. An image can then be recreated by emulating the graphics unit (PPU).
However, there are many edge cases like interrupts, data from registers that are not visible on the bus, the link cable, DMA operations, synchronization of CPU and PPU, game bugs and even bugs in the Game Boy hardware itself.
In this talk I will show how all this is done just on an rp2040 with spare cycles to encode everything as a 60fps MJPEG stream. I will shine a light on the edge cases - those that were solved and those that might just be unsolvable with this approach. And I will take you on a sightseeing tour through the 8bit hell that drives our iconic handheld from 1989.
Sebastian Staacks
https://events.ccc.de/congress/2023/hub/event/reconstructing_game_footage_from_a_game_boy_s_memory_bus/
#37c3 #HardwareMaking
The Super Nintendo Entertainment System's sound coprocessor, the S-SMP, runs on the mostly-forgotten SPC700 architecture. To understand why the sound of Super Metroid or SMW was so ahead of its time, we will look at all the details of how this processor works and how it plays music.
The SPC700 by Sony is an 8-bit architecture that was developed and used as the S-SMP sound coprocessor in the Super Nintendo Entertainment System (SNES). A big leap ahead in sound synthesis capabilities, apart from these few years of glory in the 1990s the architecture enjoyed no further uses and has faded into obscurity outside SNES circles. This talk not only takes a look at the SPC700 architecture, which is both a usual and unusual 8-bit ISA, but also the sound and music capabilities of the SNES S-DSP that it was designed to control. The talk is designed to be approachable by anyone with a basic understanding of how a microprocessor works; in particular, it covers the basics of digital audio necessary to understand the S-DSP's sound synthesis features like ADPCM sample playback or echo buffers.
kleines Filmröllchen
https://events.ccc.de/congress/2023/hub/event/the_ultimate_spc700_talk/
#37c3 #HardwareMaking
The chairman of Europe's biggest furry conference explores the metaphysical and historical connection between furries and the information technology / hacker sphere through a bunch of war stories, anecdotes and drunken shower thoughts. Also a chance to ask a fandom veteran anything you can come up with you always (or never) wanted to know about furries.
The chairman of Europe's biggest furry conference explores the metaphysical and historical connection between furries and the information technology / hacker sphere through a bunch of war stories, anecdotes and drunken shower thoughts. Also a chance to ask a fandom veteran anything you can come up with you always (or never) wanted to know about furries.
CheetahSpottycat
#37c3 #Other
This lecture will cover many aspect of designing a RISC-V CPU, out-of-order execution, multi-core, memory coherency, security and running linux and debian on a FPGA.
This will be based on the recently developped NaxRiscv core, a free and opensource RISC-V softcore. I will cover many interresting aspect of the project/flow to provide a overview of many technical aspect in such project :
- Hardware description languages
- CPU design
- Information leak (spectre)
- Memory coherency
- Linux / Debian requirements
- Debugging / Simulation
Dolu1990
https://events.ccc.de/congress/2023/hub/event/open_cpu_soc_design_all_the_way_up_to_debian/
#37c3 #HardwareMaking
2023, Tariq Ben Zeyad Brigade (TBZ), a notorious East Libyan land-based militia, went maritime and completed the pullback regime which was installed by Italy and the EU from 2017. They were deeply involved in the failed passage of the boat that sank near Pylos, in which up to 500 people drowned. With the help of low-budget, open-source intelligence, we were the first to unveil how their new vessel operates in the Central Mediterranean and with which European actors they communicate. This talk provides you with the details.
After the "summer of migration", from 2017 the EU and Italy set up and equipped the "coastguard" in Libya, consisting of militias, to take back boats with refugees to North Africa and put the people in torture camps. Frontex and a EU military mission take over the aerial surveillance for these pullbacks. 2023, Tariq Ben Zeyad Brigade (TBZ), a notorious East Libyan land-based militia, went maritime and completed this pullback regime. They were deeply involved in the failed passage of the boat that sank near Pylos, in which up to 500 people drowned. For the first time, we unveiled how their new vessel, sponsored by UAE, operates in the Central Mediterranean. We could spot them, intercept communication, and record their crimes. We managed to do so through low-budget, open-source intelligence, voluntary work, and our civil monitoring flights. Our talk materializes at the crossroads of no-border activist nerdiness and broader geopolitical reflections. Starting with our first-hand material, we show TBZ's close ties with condemned war criminals, the smuggling business, the United Arab Emirates, the Frontex agency, and European governments, namely Greece, Italy, and Malta. We see the media being barely interested in the intricacies of Europe's proxy actors, such as TBZ, that help uphold fortress Europe. We will use CCC to discuss what has little space in our daily public work: weird details, daring predictions, and complex interlinkages.
Paul Wagner
Matthias Monroy
Felix Weiss
https://events.ccc.de/congress/2023/hub/event/a_libyan_militia_and_the_eu_-_a_love_story/
#37c3 #EthicsPoliticsSociety
Wave Terrain Synthesis - Contains Noise and Flashy Images
Eine audiovisuelle Performance, basierend auf Bild-zu-Ton-Umwandlung. Dynamisch wechselnde Bilder dienen als Realtime-Audiobuffer. Licht wird Sound.
Beinhaltet stroboskopische Bilder und Hörinhalte in breiten Spektren.
VRA ist eine audiovisuelle Performance (Projektion + Sound), die mithilfe eines eigens entwickelten Software-Instruments (in Max/MSP), das auf Bild-zu-Ton-Umwandlung basiert, aufgeführt wird. Auf der Projektion sind monochrome Texturen zu sehen, die aus teilweise simplen Formen wie Streifen oder Kreisen, aber auch aus komplexeren Strukturen wie Rauschen bestehen. Diese Bilder werden in Echtzeit in Sound umgewandelt, indem die Helligkeitswerte einer ausgewählten Pixelreihe als Audiobuffer dienen und eine Waveform beschreiben.
STURMHERTA
https://events.ccc.de/congress/2023/hub/event/vra/
#37c3 #ArtBeauty
Hardware hacking tooling for the new iPhone generation
Hardware hacking tooling for the new iPhone generation
If you've followed the iPhone hacking scene you probably heard about cables such as the Kanzi Cable, Kong Cable, Bonobo Cable, and so on: Special cables that allow access to hardware debugging features on Lightning-based iPhones such as UART and JTAG. However with the iPhone 15, all of those tools became basically useless: USB-C is here, and with that we need new hardware and software tooling.
This talk gives you a brief history of iPhone hardware hacking through the Lightning port, and then looks at the new iPhone 15, and how - using vendor defined messages, modifying existing tooling like the Central Scrutinizer, and a bit of hardware hacking - we managed to get access to the (unfortunately locked on production devices) JTAG interface exposed on the USB-C port on the new iPhone 15.
And how you can do it using open-source tooling too.
The iPhone's Lightning connector was a proprietary beast with a lot of hidden features: By sending custom SDQ commands there, it was possible to get it to expose hardware debugging features such as JTAG and UART. For a long time, this was only easily possible using either gray and black-market cables such as the Kanzi-Cable, or proprietary tools such as the Bonobo Cable. Last year, we released an open-source tool to get access to the iPhone debugging features called the Tamarin Cable - finally allowing anyone to get JTAG and UART on the iPhone for just a couple of $ in parts.
But then the iPhone 15 came along, and with that USB-C: All previous hardware and software tooling basically became useless, but that did not stop us from trying: We knew from the Apple Silicon macs and the work of t8012-team and the AsahiLinux project that Apple uses USB-C's VDM feature - Vendor Defined Messages - to allow access to features such as the UART console, and so chances were high that we could use something similar to get access to the hardware debugging features on the iPhone 15.
So we pre-ordered the iPhone 15, a couple of PCBs, a case of Club Mate and got started: And less than 48 hours after the launch we got JTAG working on the iPhone 15.
In this talk we will start by looking at the history of iPhone and Lightning hardware hacking, and then look at how USB-C is used for debugging on Apple Silicon devices, and what we had to do to get JTAG on the iPhone 15.
We will also use this talk to release the new version of the open-source Tamarin Cable firmware: Tamarin-C. A fully integrated, open-source debugging probe for the iPhone 15 and other Apple Silicon devices. Tamarin-C is also able to give access to a DFU mode that you can't access without sending VDMs.
Note: This talk will not contain any 0days or previously unknown vulnerabilities. Production iPhones are locked, and so while we get access to some of the device's busses we can't for example access the CPU core.
This talk is about building tooling for future work.
stacksmashing
https://events.ccc.de/congress/2023/hub/event/apple_s_iphone_15_under_the_c/
#37c3 #Security
The cybersecurity dark side of solar energy when clouds are involved
In this talk we will have a look at some cybersecurity challenges raised by the trend of decentralizing our energy production.
Our energy infrastructure is now changing from a centralized system based on big power plants to a more decentralized system based on renewable energy produced by smaller power plants (maybe yours). In Germany alone, [300.000 so called balcony power plants were in operation by August 2023](https://www.heise.de/hintergrund/Ueber-300-000-Balkonkraftwerke-in-Deutschland-in-Betrieb-Statistik-der-Woche-9285107.html). Most of these smaller power plants are / will be somehow connected to some cloud services.
To show that security hasn't been the biggest priority, we will examine the cybersecurity controls of different solar inverters. To put it mildly: there is room for improvement.
We will also discuss the need for better regulations and enforcement of cybersecurity for smaller connected power plants: altogether they probably produce more power than the bigger ones - and this trend is accelerating.
Protecting our infrastructure shall have - today more than ever before - a high priority.
Context: cybersecurity for future energy production systems
-----------------------------------------------------------
Cybersecurity for smaller solar power plants is a critical challenge: strong separation between operational, safety relevant network and internet is not present. Moreover, manufacturers do not invest enough in security; reason being high competition in terms of time to market, price pressure and lack of security knowledge.
These power plant systems need more or less an internet connection in order to fetch power & energy data from the plant with an app, perform firmware updates, and carry out maintenance remotely.
The central device, which is connected to the internet, is the inverter. Many companies provide inverters for solar power plants and include cloud connectivity. An inverter converts the energy from the solar panels to grid compatible energy. Since it handles high currents & voltages, the physical consequences of cybersecurity risks are arguably higher than for standard smart home devices.
Research results related to connected solar inverters (technical part)
----------------------------------------------------------------------
Out of curiosity, I tested different inverters from different manufacturers, including cloud connectivity. All devices have a license to be operated in Germany and are very popular. They are used in solar power plants of different sizes, from balcony size to bigger plants.
In this section some research results will be presented, we will especially focus on one system.
**Positive note: critical vulnerabilities have been patched by now.**
Vulnerabilities
---------------
* *Insecure Direct Object Reference* (IDOR) or similar vulnerabilities have been found, allowing an attacker with a simple account to execute commands on connected inverters remotely. This was an enabler for many further attacks.
* An attacker could trigger a firmware update process on connected inverters.
* The firmware update process was not properly secured: update images did not include a cryptographic signature.
* Most of the devices did not use the TLS protocol for cloud communication or did not use it correctly.
* Secure boot and secure debugging were not implemented.
* On the server side, there were insufficient sanity checks.
* Sensitive data (e.g. serial number) was easy to extract.
Exploitation
------------
* Commands could be executed on any connected devices (e.g. switch ON, switch OFF, change parameters).
* The power electronics and relays of devices could be manipulated remotely with a malicious firmware update.
* By manipulating many devices synchronously the stability of the grid could be endangered.
A proof of concept with a full (unlocked) exploit chain will be presented.
Conclusion and Discussion
-------------------------
Removing bureaucratic hurdles is an important step in order to democratize our energy production - and renewable energies are the future! On the other hand, if it comes at the cost of poorly-secured devices, this may be jeopardized.
In Germany, we have the Kritis Verordnung (decree) to protect for example the electricity infrastructure. It states that every power [plant with more than 104 MW capacity is required to have specific protections](https://www.gesetze-im-internet.de/bsi-kritisv/anhang_1.html). Individually, the small solar power plants are not in this category. However, summing up all devices connected to one cloud, we probably reach these numbers by now - and if not, tomorrow. Current projections point in that direction.
During this research, I realized how easy it is to take control of energy production devices and it scared me.
A Wearable for the Visually Impaired Translating 3D Vision into Haptic Stimuli
The Unfolding Space Glove transmits the relative position and distance of nearby objects as vibratory stimuli to the back of the hand, enabling blind people to haptically explore the depth of their surroundings. The talk will give a brief overview of the design research project, from the first prototypes to an empirical study and its publication, and provide insights into the underlying hardware and software.
Being born blind or losing sight is a major challenge, as it impairs the ability to acquire information about surroundings, to manage everyday life independently and, consequently, to participate equally in social, public and economic life. Technical aids developed to assist VIPs with certain tasks work well in the laboratory but regularly fail in practice because they are bulky or user-unfriendly. As a result, the target group resorts to traditional tools or simply lives with the shortcomings. Given the rapid changes in technology and low cost of digital tools, I saw great potential in addressing this issue as an interaction design project.
The result is an open-source Sensory Substitution device – the Unfolding Space Glove: it transmits the relative position and distance of nearby objects, detected by an on-board 3D camera, to the back of the hand in the form of vibratory stimuli. This allows the user to haptically explore the depth of the surrounding space and assists with navigation tasks such as object recognition and wayfinding. The prototype requires no external hardware, is highly portable, works in all lighting conditions, and provides continuous and immediate feedback – all while being visually unobtrusive.
The basic premise of the proposed concept of Sensory Substitution is that the function of a missing or impaired human sensory modality can be replaced by stimulating another sensory modality using the missing information. This only works because the brain is plastic enough to learn to associate the new stimuli with the missing modality, as long as they share the same basic characteristics. There have been a number of projects looking at this, but so far very few practical implementations have been proposed, which in turn are used by a negligible number of people. While the technology used is sometimes highly sophisticated, design and usability often suffer.
Taking into account the problems of existing devices and specifically addressing usability and interaction design requirements, the Unfolding Space Glove was designed and developed in a four-year interaction design research project. In 2021, the prototype was tested in an empirical study with 14 sighted and blind subjects, the results of which were published in a scientific, peer-reviewed paper in 2022.
I would like to introduce you to the field of Sensory Substitution, share this project with you, show pitfalls, problems (for me coming from a non-IT background) and some technical details and ask for your feedback and input. I will have the device with me if you want to have a closer look at it after the talk. Testing would only be possible in smaller groups by appointment.
Jakob Kilian
https://events.ccc.de/congress/2023/hub/event/the_unfolding_space_glove/
#37c3 #HardwareMaking
Mal ehrlich, was haben denn Atome je für uns getan, also außer der Materie im Allgemeinen und Mate im Besonderen? Wir kennen „Quantum Computing“ oder auch „Quantum Communication“. Aber wie sieht es aus mit „Quantum Sensing“ – also quantenbasierter Messtechnik? Lasst uns mit Lasern auf ein paar Atome schießen und sehen, wie schwer die Welt ist.
„Quantum“ macht ja alles besser, vielleicht auch die Messtechnik, mit der wir die Erde vermessen. In einem Beitrag auf dem 34C3 habe ich über die Vermessung des Schwerefeldes der Erde gesprochen, die uns einen Einblick in die Umverteilung von Massen auf und innerhalb der Erde ermöglicht. Mit Satelliten werden zum Beispiel die Massenveränderungen an den Eisschilden oder in kontinentalen Grundwasserspeichern beobachtet. Auf der Erdoberfläche selbst wird das Schwerefeld für Anwendungen in Geodäsie, Geophysik oder auch der Hydrologie lokal oder in kleinen Regionen mit Gravimetern am Boden, im Flugzeug oder auf Schiffen vermessen.
Im terrestrischen Einsatz werden bereits seit wenigen Jahren so genannte Quantengravimeter eingesetzt, die das Prinzip der Atominterferometrie nutzen. In diesen Instrumenten werden fallende Atome mittels Laser manipuliert, um die Beschleunigung zu messen, der die fallenden Atome unterliegen. Für Weltraumanwendungen ist die Technologie derzeit in der Entwicklung und noch nicht im Einsatz.
In diesem Beitrag gebe ich einen kurzen Überblick über das Thema „Quantum Sensing“ mit dem Fokus auf die Erdbeobachtung. Wir schauen uns die Technologie, Anwendungen und aktuelle Entwicklungen an und werfen einen Blick in die Förderlandschaft. Vielleicht starten wir ja auch noch SomeThingQT.
Manuel
https://events.ccc.de/congress/2023/hub/event/was_haben_atome_je_fur_uns_getan/
#37c3 #Science
Bringing the Hacker Mindset to the Space Ecosphere - The story behind the Libre Space Foundation (LSF)
Embark on Libre Space Foundation's journey into the world of open-source space exploration, where a passionate community of hackers and makers is challenging the traditional defense-driven approach to spacefaring. Discover how we are democratizing space by embracing open-source technologies, community collaboration, and a commitment to sustainability.
The current state of the space ecosystem is characterized by its reliance on defense-oriented policies and outdated systems, hindering the true potential of space exploration. Despite the promise of Space 4.0, the reality is that space remains largely inaccessible to the public at large.
Against this backdrop, a group of hackers and makers is revolutionizing the space industry. By promoting the hacker ethos of innovation, resourcefulness, and open-source principles, they are challenging the status quo and delivering creativity and accessibility into the space sector.
Driven by the hackerspace movement and the broader community, we, Libre Space Foundation, are actively building our own satellites, space technologies, sharing knowledge and resources, and pushing the boundaries of space exploration. Our mission is to democratize space, making it available to everyone, regardless of background or resources.
This emerging movement faces unique challenges, including working within a small, underfunded ecosystem, developing software and hardware, mapping out processes amidst complex space law and global politics, and ensuring long-term sustainability without relying on external funding.
To overcome these challenges and harness the full potential of this movement, we propose a manifesto with four pillars:
Open Source: All technologies developed for outer space shall be published and licensed using open source licenses.
Open Data: All data related to and produced in outer space shall be freely accessed, used and built upon by anyone, anywhere, and shall be shared and managed according to the principles above.
Open Development: All technologies for outer space shall be developed in a transparent, legible, documented, testable, modular, and efficient way.
Open Governance: All technologies for outer space shall be governed in a participatory, collaborative, direct, and distributed way.
By embracing these pillars, we can create a more open, inclusive, and sustainable space ecosystem that empowers individuals and communities to participate in the exploration of the cosmos.
Manthos Papamatthaiou
Alfredos (fredy) Damkalis
https://events.ccc.de/congress/2023/hub/event/how_to_hack_your_way_to_space/
#37c3 #HardwareMaking
Tech(no)fixes distract our minds and slow down necessary change. We will give examples, explain them and show you how to spot them.
The climate catastrophe is imminent and global injustice is rising. Now a lot of new (in part digital) tech (AI, blockchain, big data, fusion, quantum computing, genetic engineering) is supposed to help the transition to a sustainable society. Although some of them can actually help with parts of the transition, they are usually discussed not as tools to assist the broader societal change (economic, legal, social, political changes) but as replacement for the broader societal change. In effect they act as "change placebos" resulting in "placebo change", meaning no change at all.
Using concrete examples, this talk wants to 1) show in which ways technological fictions are misused as diversion from the necessary change or already existing other technologies, 2) present reasons and explanations for such misuse and 3) a simple method to spot tech(no)fixes. This talk underlines the necessity to design concrete technical use cases including their social conditions and limitations in order to create a fruitful debate for sustainability-assisting technologies and actually helpful implementations.
Friederike Hildebrandt
Rainer Rehak
https://events.ccc.de/congress/2023/hub/event/tech_no_fixes_beware/
#37c3 #SustainabilityClimateJustice
Der Einsatz von Palantir Gotham aus technischer und rechtlicher Sicht
Der Markt von Palantir ist der öffentliche Sektor, längst in Europa und auch in Deutschland. Der umstrittene US-Softwareanbieter verarbeitet strukturierte und unstrukturierte Informationen aus Polizeidaten oder Patientendaten und versucht, sich unverzichtbar zu machen für die Behörden, mit denen er Verträge hat. In Deutschland steht Palantir allerdings eine Entscheidung des Bundesverfassungsgerichts im Weg, das erstmals über den Einsatz von heute gern als KI gehypter Software für Polizeidaten entschieden hat.
Der Vortrag behandelt vier Schwerpunkte:
1.: In welchen Bundesländern und zu welchem Zweck wird die Palantir-Software Gotham eingesetzt oder soll in Zukunft eingesetzt werden?
2.: Wie funktioniert die Software und welche Risiken bringt ihr Einsatz mit sich?
3.: Welche rechtlichen Einschränkungen gelten und wie könnten sie technisch umgesetzt werden?
4.: Hessen hat sein Gesetz aufgrund der Entscheidung des Bundesverfassungsgerichts angepasst. Stellt die Neuregelung für die Gotham-Software unter dem Namen „Hessendata“ wirklich eine Verbesserung dar?
Über mit dem Einsatz der Software verbundene Risiken – darunter Diskriminierung, Stigmatisierung, Datenschutz, IT-Sicherheit, Kontrollierbarkeit – sprechen Constanze Kurz (CCC), Simone Ruf und Jürgen Bering (beide Gesellschaft für Freiheitsrechte, GFF). Beide Organisationen waren am Verfahren vor dem BVerfG beteiligt: Die GFF hatte das Verfahren initiiert und der CCC wirkte als Sachverständiger mit.
Simone Ruf
Jürgen Bering
Constanze Kurz
https://events.ccc.de/congress/2023/hub/event/der_sehende_stein_der_polizeibehorden/
#37c3 #EthicsPoliticsSociety
Rotary-dial analogue phones were once a necessity, but now they lay dormant on shelves or tucked away in attics. This is largely due to the replacement of traditional landlines with fibre-optic modems, rendering analogue phones obsolete.
In addition to their sentimental value, rotary dial phones provide several advantages, including reduced electrosmog emissions, protection against eavesdropping, repurposing outdated technology, and promoting a slower pace of life.
The contribution explains how to build a private telephone exchange for eight people using rotary dial phones. The exchange is powered by a Raspberry Pi and custom analogue electronics. The following themes are covered:
- The construction of a PBX which resembles telephone exchanges in various countries worldwide, giving users a realistic experience.
- Handling of call initiation, routing, full duplex voice transmission and human-machine communication.
- The software implementation on the Raspberry Pi running Linux.
- A study of enhancing the open-source software with additional functionalities.
Due to the readily available Raspberry Pi hardware and software programmability, this project invites everyone to participate.
Hans Gelke
https://events.ccc.de/congress/2023/hub/event/analog_rotary_phones_get_a_second_life_with_raspberry_pi/
#37c3 #HardwareMaking