Chaos Computer Club - 23C3: Who can you trust? (mp3)

Funkfeuer (0xFF), als freie Netzwerkinitiative in Wien eine Schwester von Freifunk, begann vor 2 Jahren damit ein "Community Serverhousing" aufzubauen. Wie beim Aufstellen von WLan Router, stoesst man dabei auf logistische, technische und soziale Aufgaben, die es zu loesen gilt um erfolgreich kostendeckend in Betrieb gehen zu koennen. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1593.en.html

In dem Vortrag sollen die Ergebnisse einer kulturwissenschaftlichen Forschungsarbeit vorgestellt und diskutiert werden. Dabei wird der Begriff Nerd eher als Konstrukt, und weniger als gegeben betrachtet. Vorgestellt werden vor allem die Ergebnisse aus Interviews, teilnehmender Beobachtung und einer qualitativen Umfrage. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1616.en.html

Virtualization is rocket science. In cooperation with the host operating system, VMware takes over complete control of the machine hundreds of times a second, handles pagetables completely manually, and may chose to wire (make-non-pageable) as much memory as it chooses. This talk explains why it still works. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1592.en.html

Throughout the world, major media companies are cutting their budgets for investigative reporting. Most journalists will soon be freelancers, losing their freedom to investigate the more controversial or difficult topics. Yet at the same time, podcasting as a form of citizen journalism has risen, free of the constraints of organizations and editors. But without the funding that the tradional media enjoyed, how are podcasting journalists carrying out their work, and what does it mean for the media consumer? about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1257.en.html

It is possible and desirable and fun to invent and create technologies that help our world. Have you ever wanted to shut off a TV that was annoying you in a public place? My extraordinarily popular invention, TV-B-Gone has made it fun to turn off TVs in restaurants, pubs, airports... about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1708.en.html

Botnets are one of the most buzzy buzzwords out there today in the computer security world. The presented approach allows us to take reliably care of these, such that managers hopefully will not react on ``botnet'' in 2008 any more. This technology allows for automated catching of malware with the now somewhat known nepenthes daemon, automated analysis with CWSandbox and other sandboxes, automated botnet snooping with the botsnoopd daemon and finally (semi-)automated mitigation using various weapons. Hopefully, our autonomous approach will never turn against the human race and begin the final war... about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1342.en.html

Discordianism is somewhere between a joke and a religion, and at the same time manages to be something else entirely: social bricolage. This presentation will cover the roots of culture jamming in early art and theatrical movements, and then move through the history of prankster groups and on to Discordianism where the pranksters are prophets. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1698.en.html

The explosion of internet traffic is leading to higher bandwidths and an increased need for high speed networks. To analyze and optimize such networks an efficient monitoring system is required. The sFlow standard describes a mechanism to capture traffic data in switched or routed networks. It uses a sampling technology to collect statistics from the device and is for this reason applicable to high speed connections (at gigabit speeds or higher). about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1644.en.html

Definition: Lightning Talks is a daily event. which consists in one hour of several short talks. Each talk is limited to five minutes. Goal: There is one slot for Lightning Talks each day of the congress. The goal is to present 10 talks within each slot. So this might be up to 40 interesting talks in total. See the Wiki page for current info. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1517.en.html

The challenge of designing reliable is managed different in every industry. This lecture will give an overview how safety critical and reliable software is designed and produced in the area of aerospace industry and why this could also be interesting for other applications (like web-design) about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1627.en.html

This talk will be held in German. Der Fnord-Jahresrückblick widmet sich der politischen und sozialen Entwicklung der Welt im letzten Jahr im Zeitraffer. Mainstream-Nachrichten finden dabei nur Beachtung, wenn sie besonders schöne Fnords enthalten. Strukturen, Verschwörungen und lustige neue Trends, die Euch sonst entgangen wären oder schon wieder vergessen sind. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1429.en.html

A talk medley from monochrom, a worldwide operating collective from Vienna dealing with technology, art, context hacking, and philosophy which was founded in 1993. They specialize in an unpeculiar mixture of proto-aesthetic fringe work, pop attitude, subcultural science, and political activism. Their mission is conducted everywhere, but first and foremost "in culture-archaeological digs into the seats (and pockets) of ideology and entertainment". about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1347.en.html

An Introduction into the structure and design of the congress network - featuring a description of hardware setup and focusing on the Backbone Network infrastructure and Wireless LAN. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1728.en.html

Security Nightmares - der jährliche Rückblick auf die IT-Sicherheit und der Security-Glaskugelblick für's nächste Jahr. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1682.en.html

Der Vortrag gibt einen Überblick über den rechtlichen Rahmen des WLAN-Surfens im Zivil- und Strafrecht mit aktueller Rechtsprechungsübersicht. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1416.en.html

Kritische Theorie, wie sie sich vor allem an Adorno festmachen lässt, und Diskordianismus, der als Philosophie des Chaos zum Namensgeber des veranstaltenden Vereins wurde, gehören zu den am weistesten verbreiteten Elementen des 'social hacking'. Jedoch ist gerade in den letzten Jahren des Adbusting und des Hacktivism unübersehbar geworden, daß von beiden Denktraditionen in der Hauptsache stark vereinfachte und oft auch ideologisch abgeschlossene Formen Verwendung finden: Kritische Theorie wird zumeist auf ein unbestimmtes Unbehagen an der Kulturindustrie, der Globalisierung und den technologischen Entwickungen reduziert, während Diskordianismus zur Illustration oft bedenklicher Parteinahmen für irrationale politische Auffassungen dient. Im Vortrag wird der Versuch unternommen, die Kritische Theorie dem diskordischen Witz auszusetzen und den Diskordianismus der Ideologiekritik. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1452.en.html

A detailed introduction to Cross Site Request Forgery. This talk presents the fundamental cause of this vulnerability class and examples of potential attack consequences. The second half of the talk is devoted to avoiding and countering CSRF: Implementing CSRF proof session handling, transparent retrofitting of legacy applications and methods for client side protection. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1560.en.html

In this presentation I'll present a series of unusual security bugs. Things that I've ran into at some point and went "There's gotta be some security consequence here". None of these are really a secret, and most of them are even documented somewhere. But apparently most people don't seem to know about them. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1456.en.html

about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1727.en.html

Als Orkut aufkam, gab es zwei Sorten Menschen: die einen wetteiferten um die meisten Invitations, die anderen schüttelten den Kopf ob der Bereitwilligkeit, eine Datenkrake zu füttern. Heute manifestiert sich das Phänomen als flickr, del.icio.us, upcoming.org und blog - kurz gesagt "soziale Web 2.0 Anwendungen". Wieso lassen wir uns alle so bereitwillig taggen, kommentieren und outen? about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1494.en.html

Xen bietet aufregende neue Sicherheitsfunktionen: Mandatory Access Control und virtuelle TPMs. Der Vortrag stellt diese Funktionen vor, berichtet von ersten Erfahrungen und zeigt ihre Grenzen auf. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1493.en.html

Arthur Meister erläutert das operative Vorgehen und die speziellen Werkzeuge zur Schlossöffnung, die von der Staatssicherheit der DDR verwendet wurden. Von der opartiven Vorbereitung, über die Erstöffnung bis zur Herstellung von Nachschlüsslen werden speziell von der STASI entwicklete Werkzeuge und deren Einsatz gezeigt. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1759.en.html

This presentation will introduce and demonstrate OpenPCD and OpenPICC. The purpose of those projects is to develop free hardware designs and software for 13.56MHz RFID reader and transponder simulator. OpenPICC can be used to e.g. simulate ISO 14443 or ISO 15693 transponders, such as those being used in biometric passports and FIFA worldcup tickets. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1566.en.html

Wer online lebt und arbeitet, tut dies unter den Augen der Strafverfolger. Der Vortrag schildert, wie Durchsuchungen, Vernehmungen und Ermittlungsverfahren ablaufen. Er erklärt, wie man sich gegenüber Polizei und Staatsanwaltschaft richtig verhält. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1346.en.html

Wie wirkt Überwachung? Was ändert es am Verhalten von Passanten? Wir haben Experimente im öffentlichen Raum durchgeführt und präsentieren die Ergebnisse. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1679.en.html

Civil disobedience is a fundamental human right in all democracies, and it has to be accessible for everyone. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1520.en.html

This talk will cover two rootkits used as reverse engineering tools, one rootkit support library, one IDA plugin, and talk setup material. The talk itself will be given over VOIP and VNC running over the Tor network to demonstrate a proof of concept on anonymous public speech. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1688.en.html

In einem Dokumentationsbericht über ein "Free Software Projekt" erzählt Alex Antener von seinen Reisen nach Malawi in Zentralafrika und berichtet über die Erfahrungen des kulturübergreifenden Engagements an der Universität in Malawi. Der Erfahrungsbericht zeigt Möglichkeiten, Einflüsse und mögliche Alternativlösungen zu den neoimperialistischen Machenschaften der Monopolisten in der dritten Welt. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1638.en.html

Most of today's long-range wireless mesh or point-to-point links suffer from a high overhead during channel access, frequent link failtures and the lack of taking a real advantage of the mesh network structure. This leads to a really bad performance for TCP-like traffic compared to UDP traffic over this links. We want to present your two different ideas for optimizing throughput and delay without breaking any wifi-standard (or at least not too much ;). about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1634.en.html

The introduction of radio in the USA and Germany is compared, the role amateurs played and how the respective authorities reacted to them. Questions arise as to how those reactions were models for the treatment of younger communications technologies, and the different approaches to uncontrolled communication will be sketched out. Is "everybody can listen in" a scary thing? about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1563.en.html

Smart phones are the new favorite target of many attackers. Also most current attacks are harmless, since these mostly rely on user mistake or lack of better knowledge. Current attacks are mostly based on logic errors rather then code inject and often are only found by accident. The talk will show some real attacks against smart phones and the kind of vulnerability analysis which lead to their discovery. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1545.en.html

Dieser Wettbewerb hat ein einfaches Prinzip: der Vortragende sieht die Folien seiner Präsentation bei Beginn seines Vortrages zum ersten Mal. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1683.en.html

We're surrounded by blackboxes containing digital technology nowadays. There are complex devices like cell phones as well as more simple ones that don't look very digital at all. This lecture shall motivate the listener to take more electronic things apart, examine the mode of operation and modify it. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1622.en.html

about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1760.en.html

We will discuss fuzzing uses by software vendors and in the corporate world, for security auditing ("fuzzing before release") and third party testing ("fuzzing before purchase"). We will look at what contributed to this change in the use of fuzzing tools from home-grown hacking tools to commercial products, as well as how these organizations implement fuzzing into their development cycle. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1758.en.html

MasterCard and Visa have jointly released the PCI Data Security Standard which defines security requirements for the processing of card data in face-to-face and card-absent transactions. This presentation will deal with the most critical security gaps. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1457.en.html

Definition: Lightning Talks is a daily event. which consists in one hour of several short talks. Each talk is limited to five minutes. Goal: There is one slot for Lightning Talks each day of the congress. The goal is to present 10 talks within each slot. So this might be up to 40 interesting talks in total. See the Wiki page for current info. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1516.en.html

Analysis of the MacOS X storage encryption technology FileVault. Having fun by reverse-engineering private Frameworks under MacOS X. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1642.en.html

The presentation will give an overview on SIP security issues and show possible weaknesses in current implementations using SIP (Hardphones, Softphones, Gateways). Further, an outlook on the security of future, serverless SIP systems (P2P-SIP) will be given. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1459.en.html

Hacking Bluetooth revisited - This talks goes into the depth of Bluetooth security, we'll show attacks on every possible bluetooth layer including Application Layer, lower layers. We'll break the drivers, the implementation, the applications and the _protocol itself_. At the end of this talk we hope we have achieved a Prardigm shift with regards on how you perceive Bluetooth Security in General. It's not only for toys. On the Operational side, we'll go into what risks BT poses for your company, why your policies fail and why your current Security Layers aren't enough. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1733.en.html

Pornography is an abstract phenomenon. It cannot exist without a medium to propagate it, and it has very little (if anything at all) to do with sex. The relationship between pornography, which is entirely fictional and sex, which is very real, very sweaty and mostly not a very aesthetic thing is something like the correlation of science-fiction literature and technological innovation: sometimes the ideas are bizarre, completely nuts and would never work without a Heisenberg Compensator - but sometimes some fragment lasts and is taken to the real world. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1422.en.html

Die Schachspieler und Musikautomaten des 18. Jahrhunderts sind bekannt: Weniger bekannt sind die Automaten der Antike und des Mittelalters. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1652.en.html

The Nintendo DS is a mobile gaming console. It was first introduced in 2004. Our talk will give a short introduction of the hardware and available games. The main focus however lies on homebrew software, DSLinux, alternative firmware, copy protection, flash cards and online gaming protocols. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1552.en.html

This talk will present an overview of traffic analysis techniques, and how they can be used to extract data from 'secure' systems. We will consider both state of the art attacks in the academic literature, but also practical attacks against fielded systems. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1478.en.html

Vorgestellt werden theoretische Grundlagen der Visualisierung und der menschlichen Wahrnehmung sowie einige Visualisierungstechniken. Im Anschluss wird exemplarisch dargestellt, wie leicht man durch geschickt gewählte Visualisierungen verfälschte Eindrücke suggerieren kann. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1418.en.html

As DVB-T is the key technology for terrestrial broadcasting for the next decades, this lecture tries to explain how it works: It covers the way of raw pixel data over MPEG2 video and audio encoding and via multiplexing of several streams and programs to the actual generation of the COFDM signal used for transmission. As the team has built a DVB-T transmitter, we will give a in-depth insight in how things are really done - including a demonstration of the transmitter. -> For that we plan to stream the content of the 23C3 lectures locally on Alexanderplatz using TV channel 22. Don't forget to bring your DVB-T stick. For more information look at the DVB-T project description. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1646.en.html

European digital television standards (both free-to-air broadcast and pay TV) developed by the DVB project are exemplary for including no digital rights management. But now DVB is rushing to change that and impose new restrictions on receiving equipment. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1699.en.html

Ajax and the new dynamic extensions leverage new threats that lead to innovative attack scenarios against web applications. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1602.en.html

The well known quizshow format, but of course covering topics not usually seen on television about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1567.en.html

This talk analyzes large-scale, countrywide Internet content filtering from a technical point of view and investigates the current situation in the People’s Republic of China. Additionally it discusses techniques to effectively defeat censorship and based on various tests conducted by the author, comments on their applicability in the Chinese part of the Internet. about this event: http://events.ccc.de/congress/2006/Fahrplan/events/1473.en.html