*hypf*

No, this is not one of the numerous Hacks performed during this year's Chaos Communication Congress but rather a collection of interesting talks.

I wasn't there in person (I plan to be there next year) but followed the streams and present here a selection of talks I really enjoyed.

Day 4 is currently missing, as well as a few links. This will change shortly.

Day 1

Der Bundestrojaner (de)

[description] [MKV] [MP4]

A quite funny talk about the 'Federal Trojan' as it is usually called around here. Mixed with interview answers of Dr. Schäuble himself which leave a quite uneasy feeling of him not quite understanding what he is really talking about.

What is terrorism? (en)

[description] [MKV] [MP4]

A deeply depressing view on how Germany's law enforcement deals with suspected terrorists. The partner of the presenter was arrested and she was put under surveillance. Reasons for suspecting her partner a terrorist were some writings, being a political activist and not always taking his mobile phone with him.

Design Noir (en)

[description] [MKV] [MP4]

A nice look at some unusual projects of electronic engineering, including an electrocuting jacket, the TV-B-Gone and a device that jams GSM, WiFi or Bluetooth signals. Projects like these reflect an interesting culture, called Design Noir of electronic device design that is meant to fulfill the 'real human needs' opposed to the industry's needs by "using misusing a simple electronic product that challenges the conformity of everyday life." And that Wave Bubble surely looks interesting enough that I want to build one (though I should inform me beforehand on how legal that might be around here, considering that during C3 one person was charged for using a TV-B-Gone at Media Markt [although I don't think the charges will hold]).

Programming DNA (en)

[description]

DNA is, essentially, a programming language for biological beings. By changing or adding certain genes you can alter behaviour of cells. Currently this is at least being done with viruses which have a rather simple structure and can be modified in such a way that we understand what the genes do (reverse engineering DNA is pretty ugly so best try to avoid it). The presenter told about a pretty elaborate component architecture with genes they devised in which you can simple plug together something you like and get the DNA printed (well, sort of). It's still a process of several months but it certainly sounded cool, especially the part with a open database of these building blocks and the ability to simply combine them. Although the thought of some day hacking humans is a bit scary.

DNS Rebinding And More Packet Tricks (en)

[description] [MKV] [MP4]

Dan Kaminsky has a track record of rather cool, but ugly hacks as well as a presentation style that is downright entertaining to watch. After last year's visual bindiff he now presents a reimplementation of TCP in JavaScript, Flash/Java and IFrames. And yes, it is as weird as it sounds. Maybe this is yet another reason to avoid having any browser plugins that display active content and if Silverlight provides sockets and is scriptable from the outside via JavaScript it has the same problems as well. He even performed a live demo of that stuff and it worked (with Firefox and Flash).

Day 2

Elektronische Dokumente und die Zukunft des Lesens (de)

[description] [MKV] [MP4]

An interesting tour through the history of devices for electronic reading and why they failed or are still unusable. It was the first talk of the second day and thus quite early (a.k.a. in the middle of the night or 11 am) but it was funny and interesting.

Absurde Mathematik (de)

[description] [MKV] [MP4]

A short talk about some mathematical paradoxes. Nothing too fancy but might be interesting to some. Main drawback was that it was too short (in my opinion). Another problem was that the presenter was not that firmly rooted in mathematics and didn't even know that much more besides what he presented (a person from the audience asked about the Banach-Tarski paradox and he didn't even grasp the problem).

Toying with barcodes (en)

[description] [MKV] [MP4]

A nice overview about what barcodes, scanners and the inherent security risks. I certainly didn't hear before about barcode SQL Injection. But scanners themselves are usually also vulnerable, regardless of the software behind it. Since barcode scanners can usually be reconfigured using barcodes this is also an easy attack vector as those configuration barcodes can easily be obtained from the vendor. But for most scenarios this isn't necessary as you can more often than not exploit vulnerabilities within the software which most of the time doesn't check the data it gets.

Spiel, Freude, Eierkuchen? (de)

[description] [MKV]

A quite interesting talk about the neverending debate about killer games (mostly first-person shooters) that came under attack after an incident at a school in Erfurt. Most media usually cited the killer playing games like Counterstrike as the reason for running amok. There were some TV segments about the subject, mostly riddled with incorrectness and inconsistencies and one of the speakers was actually the one who made a few of those segments and answered most of the questions of the audience.
One person from the audience was actually a representative of the German Bundestag and had a few interesting words to say about the whole issue. I laud that such people attend events like 24C3.

DIY Survival (en)

[description] [MKV]

A quite funny talk about ways of the world to end and what to do in such an event. But behind its tongue-in-cheek presentation were some nice things to build for oneself, maybe not only in the event of a robot uprising or nuclear attack, such as for example an EMP emitter.

Day 3

What can we do to counter the spies?

[description] [MKV]

The speaker has been with Britains MI5 for several years and felt increasingly dissatisfied with their actions which sometimes even led to attacks being carried out instead of prevented. MI5 and MI6 seemed to operate outside the laws numerous times and this led to Annie's and her partner's departure from MI5. They went into hiding in France for two years and she wrote a book which the British intelligence didn't want to be published. Now she is a political activist. Her talk includes many interesting anecdotes on how the intelligence agencies worked in the 90s.

Wahlchaos (de)

[description] [MKV]

A short look at some not entirely clear paradoxes and weirnesses of the German voting system. Also trying to discover what could have been changed by carefully manipulating votes in certain districts.

Die Wahrheit und was wirklich passierte (de)

[description] [MKV]

I didn't watch this talk to the end, but I will certainly do so. Basically each story has four versions: Your version, their version, the truth and what really happened. The talk mentioned a concept named major concensus narrative which is the version of an event that is remembered by people. This is most often granted for the truth, although it does not need to have anything in common with it. An interesting look into how we think and handle perception.

Meine Finger gehören mir (de)

[description] [MKV]

A talk about biometric security measures in the new electronic passport and their weaknesses. Most security gains (which aren't that great) are reduced to nothing because of obvious holes in the law texts. If you are fine with getting a new preliminary passport every year you can get away without ever having your fingerprints taken. And of course, terrorists can't do anything damaging within the timespan of a year ...
The whole protocol also leaves enough room for faking your fingerprints which is fairly easy with transparencies, a laser printer and glue.

Hacker Jeopardy (de)

[description] [MKV]

Well, not much to say about it, weird as ever and very entertaining. Although the questions, erm answers this year were pretty hard, at least for me.