2.0 -//Pentabarf//Schedule #<Conference_release::Row:0x38150e8ff010>//EN 26C3 Schedule Release #<Conference_release::Row:0x38150e8ff010> 26C3 Schedule PUBLISH 3672@26C3@pentabarf.org 3672 advanced_microcontroller_programming Advanced microcontroller programming Getting deeper into AVR programming English en 20091228T171500 20091228T181500 01H00M00S

Advanced microcontroller programming- Getting deeper into AVR programming

A lecture showing the result of one year of intense programming with the AVR microcontroller family, showing language tricks, showcasing devices like the at90usb* and the xmega families, and lots of entertaining war stories and grizzly technical details. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3672.en.html Saal3 wesen PUBLISH 3547@26C3@pentabarf.org 3547 after_the_hype After the Hype The current state of One Laptop per Child and Sugar Labs English en 20091228T113000 20091228T123000 01H00M00S

After the Hype- The current state of One Laptop per Child and Sugar Labs

While One Laptop per Child is a widely known and much discussed and often heavily critized project little is actually known about the current state of its efforts. So it may come as a surprise to many that almost a million children around the world use their Linux powered XO-1 laptop in school on a daily basis. This talk will shed some light on this and other interesting developments and look at how FLOSS and global grassroot communities can make a difference in ICT-supported education around the world. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3547.en.html Saal2 ChristophD PUBLISH 3540@26C3@pentabarf.org 3540 hackers_utopia A Hacker’s Utopia What's There and What's Missing English en 20091227T230000 20091228T000000 01H00M00S

A Hacker’s Utopia- What's There and What's Missing

The lecture will explore hacker ideology as a utopian idea. Drawing on utopian theory and technology assessment, it will investigate within which terms hacking can be acknowledge as a utopia, what might be missing for a full-blown societal vision and - most importantly - how technology could actually help to realize utopian ideas (and how not). PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3540.en.html Saal3 Sandro Gaycken PUBLISH 3332@26C3@pentabarf.org 3332 part_time_scientists_getting_to_the_moon A part time scientists' perspective of getting to the moon presenting the first German Team participating in the GoogleLunarXPrize English en 20091228T124500 20091228T150000 02H15M00S

A part time scientists' perspective of getting to the moon - presenting the first German Team participating in the GoogleLunarXPrize

We want to use the opportunity the 26C3 presents as a venue to introduce our team. The Part-Time-Scientists are the first German team participating in the Google Lunar X PRIZE. Our presentation would kick off with a quick explanation of what the X PRIZE is, the challenges and gains. The main part of the presentation will then focus on our progress. That includes a showcase of some hard- and software we're using. Additionally pictures and videos specifically created for the 26C3. And a brief overview of the GoogleLunarXPrize and it's overall progress. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3332.en.html Saal1 Arne Reiners Juergen Brandner Michael Mussler Robert Boehme PUBLISH 3670@26C3@pentabarf.org 3670 blackbox_jtag_reverse_engineering Blackbox JTAG Reverse Engineering Discovering what the hardware architects try to hide from you English en 20091230T140000 20091230T150000 01H00M00S

Blackbox JTAG Reverse Engineering- Discovering what the hardware architects try to hide from you

JTAG is an industry standard for accessing testmode functionality in almost any complex microchip. While the basics of JTAG are standardized, the exact implementation details are usually undocumented. Nevertheless, JTAG often allows you to interact with the chip very deeply, which makes it very interesting since it is often easily accessible thanks to the small pincount. This talk covers reverse engineering of JTAG interfaces when no or only limited documentation is available. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3670.en.html Saal1 Felix Domke PUBLISH 3658@26C3@pentabarf.org 3658 black_ops_of_pki Black Ops Of PKI English en 20091229T230000 20091230T000000 01H00M00S

Black Ops Of PKI

PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3658.en.html Saal1 Dan Kaminsky PUBLISH 3490@26C3@pentabarf.org 3490 building_a_debugger Building a Debugger Open JTAG with Voltage Glitching English en 20091228T113000 20091228T123000 01H00M00S

Building a Debugger- Open JTAG with Voltage Glitching

The GoodFET is an open source tool for programming microcontrollers and memories by SPI, I2C, JTAG, and a slew of vendor-proprietary protocols. In this lecture, the design of the GoodFET will be explained in detail, and various semi-proprietary protocols will be discussed in depth. Leading toward the future, methods of packet sniffing proprietary protocols will be discussed. Finally, the BadFET – a voltage glitching variant of the GoodFET – will be introduced. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3490.en.html Saal3 Travis Goodspeed PUBLISH 3596@26C3@pentabarf.org 3596 cat_proc_sys_net_ipv4_fuckups cat /proc/sys/net/ipv4/fuckups English en 20091227T230000 20091228T000000 01H00M00S

cat /proc/sys/net/ipv4/fuckups

We will be presenting a number of previously undisclosed network-related design errors, ranging from data-link-layer bugs in Ethernet-drivers across issues in TCP/IP stacks all the way up to communication infrastructure components on layer 5. Our focus is on subtle mistakes, which do not fall into the memory-corruption category and yet in combination provide an attacker with a powerful bag of tricks. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html Saal1 Fabian Yamaguchi PUBLISH 3690@26C3@pentabarf.org 3690 jahresrueckblick_2009 CCC-Jahresrückblick German de 20091229T113000 20091229T134500 02H15M00S

CCC-Jahresrückblick

Auch aus dem Jahr 2009 gibt es wieder über ein wahres Mammutprogramm zu berichten. Wir werden – in aller gebotenen Kürze – erzählen, was für Aktivitäten wir entfaltet haben. Wir rechnen ab. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3690.en.html Saal1 Andy Müller-Maguhn Constanze Kurz Frank Rieger maha/Martin Haase PUBLISH 3550@26C3@pentabarf.org 3550 chaos_familien_duell Chaos-Familien-Duell German de 20091228T000000 20091228T020000 02H00M00S

Chaos-Familien-Duell

Zwei Chaos-Familien treten gegeneinander an, doch es kann nur eine geben. Team-Anmeldungen sind begrenzt! Meldet Euch im Event-Wiki an: http://events.ccc.de/congress/2009/wiki/Chaos-Familien-Duell PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3550.en.html Saal1 Alexander Brock Marcel Ackermann PUBLISH 3647@26C3@pentabarf.org 3647 ckan_apt_get_for_the_debian_of_data CKAN: apt-get for the Debian of Data English en 20091228T214500 20091228T224500 01H00M00S

CKAN: apt-get for the Debian of Data

Componentization – or the atomization of a given resource into 'packages' – has greatly contributed towards the ease with which software developers are able to re-use and build upon each other's work. We argue that this kind of approach is becoming significantly more important in knowledge development. This talk will discuss the Open Knowledge Foundation's Comprehensive Knowledge Archive Network (CKAN) – a registry for open data, from sonnets to statistics, genes to geodata. CKAN has recently been used in the UK Government's beta for a 'data.gov.uk' site. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3647.en.html Saal2 Daniel Dietrich Rufus Pollock PUBLISH 3717@26C3@pentabarf.org 3717 closing_event Closing Event English en 20091230T183000 20091230T190000 00H30M00S

Closing Event

PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3717.en.html Saal1 Frank Rieger Ron PUBLISH 3711@26C3@pentabarf.org 3711 computer_spiele_politik Computer.Spiele.Politik. Die Computerspieldebatte und wie man darin überlebt German de 20091227T140000 20091227T150000 01H00M00S

Computer.Spiele.Politik.- Die Computerspieldebatte und wie man darin überlebt

Beim Thema Computerspiele scheiden sich die Geister. Während einige beim Gedanken an spielesüchtige arbeitslose männliche Soziopathen den Untergang des Abendlands proklamieren, sehen andere Computerspiele als das Normalste auf der Welt an, als Wirtschaftsfaktor und soziale Instanz, und sprechen jedem Spieler ein Höchstmaß an Mündigkeit zu. Beim Streit um das Kulturgut Computerspiel geht es aber um mehr, als nur um das Spiel oder den Spieler. Dieser Vortrag soll die Hintergründe, Konfliktlinien und Nebenkriegsschauplätze beleuchten. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3711.en.html Saal2 Bastian Dietz PUBLISH 3520@26C3@pentabarf.org 3520 conlanging_101 Conlanging 101 I make languages (and you can too) English en 20091228T183000 20091228T193000 01H00M00S

Conlanging 101- I make languages (and you can too)

Learn about the art/craft of language creation ("conlanging"), and participate in making up a new language on the spot. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3520.en.html Saal2 Sai Emrys PUBLISH 3661@26C3@pentabarf.org 3661 coreboot_2009 coreboot: Adding support for a system near you Working with the open source BIOS replacement and getting a PC to boot English en 20091227T230000 20091228T000000 01H00M00S

coreboot: Adding support for a system near you- Working with the open source BIOS replacement and getting a PC to boot

The BIOS and it's successor EFI are considered by many to be the final frontier for open source software in commodity PCs. This talk briefly describes the BIOS replacement coreboot (formerly LinuxBIOS) and then focuses on what is required to bring up a PC from power on to where an operating system can run, and how coreboot approaches the problem. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3661.en.html Saal2 Peter Stuge PUBLISH 3592@26C3@pentabarf.org 3592 cybernetic_cannibalism Cybernetic Cannibalism Why is Brazil the country of the future? English en 20091228T160000 20091228T170000 01H00M00S

Cybernetic Cannibalism- Why is Brazil the country of the future?

What is there in common between The Cannibalist Manifesto, written by the Brazilian poet Oswald de Andrade, in 1928, and online file sharing in the 21st century? What is the cultural diversity of Brazil – a society in constant formation – able to offer us to analyze the remix culture in the digital age? This work aim to investigate why is Brazil’s culture revealed as an inspiration for concepts as Free Culture and how the country was transformed in a laboratory of experimentation of new roads for the intellectual property debate. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3592.en.html Saal2 Cristiano Marinho Helena Klang PUBLISH 3551@26C3@pentabarf.org 3551 streetphotography Das Recht am eigenen Bild und das Ende der "Street Photography" German de 20091227T203000 20091227T213000 01H00M00S

Das Recht am eigenen Bild und das Ende der "Street Photography"

Die immer stärkere Inanspruchnahme des Rechtes am eigenen Bild führt nicht nur zu einem souveräneren Bürger, sondern auch zum Tod eines fotografischen Sujets. Aus der Sicht eines Fotografen und Mitarbeiters der deutschen Nachrichtenagentur ddp soll hier berichtet werden. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3551.en.html Saal3 Axel Schmidt PUBLISH 3495@26C3@pentabarf.org 3495 zugangserschwerungsgesetz Das Zugangserschwerungsgesetz German de 20091227T183000 20091227T193000 01H00M00S

Das Zugangserschwerungsgesetz

Das Zugangserschwerungsgesetz soll einer umfassenden polizei- und verfassungsrechtlichen Analyse und Kritik unterzogen werden. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3495.en.html Saal3 Matthias Bäcker PUBLISH 3536@26C3@pentabarf.org 3536 ddos_botnet_mitigation_hosting_online_communities DDoS/botnet mitigation & hosting online communities English en 20091229T160000 20091229T170000 01H00M00S

DDoS/botnet mitigation & hosting online communities

Many years of hosting BBS's, ISP's, websites, game servers, forums, irc networks, and online communities. I've accrued experience dealing with the negative influences of DoS/DDoS, botnets, trolls, flooders, spammers, phishers, and the whole lot. I want to talk about the challenges, and victories. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3536.en.html Saal3 rodent PUBLISH 3648@26C3@pentabarf.org 3648 dect_part_two DECT (part II) What has changed in DECT security after one year English en 20091229T140000 20091229T150000 01H00M00S

DECT (part II)- What has changed in DECT security after one year

After dedected.org was published on 25C3, lots has changed in DECT security. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3648.en.html Saal1 Erik Tews PUBLISH 3494@26C3@pentabarf.org 3494 defending_the_poor Defending the Poor Preventing Flash Exploits English en 20091228T203000 20091228T213000 01H00M00S

Defending the Poor- Preventing Flash Exploits

The talk will discuss a class of in-the-wild malware and exploits, reasons for it's success as well as reasons why protecting against it in common ways is not effective. This will be done by examining the internals of the attacked subject. Following this, the second part of the talk will present an alternative protection mechanism, which the presenter believes prevents large parts of this class of attacks. The mechanisms and code to do this will be presented and released. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3494.en.html Saal1 FX of Phenoelit PUBLISH 3674@26C3@pentabarf.org 3674 hackerparagraph_beim_bverfg Der Hackerparagraph beim Bundesverfassungsgericht German de 20091227T124500 20091227T134500 01H00M00S

Der Hackerparagraph beim Bundesverfassungsgericht

Das Bundesverfassungsgericht hat mit seiner Entscheidung vom 18. Mai 2009 drei gegen den Hackerparagraphen (§§ 202c i.V.m. 202a StGB) gerichtete Verfassungsbeschwerden als unzulässig verworfen. In dem ablehnenden Beschluss wird allerdings eine ausführliche Begründung für diese Entscheidung gegeben. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3674.en.html Saal2 Dominik Boecker PUBLISH 3705@26C3@pentabarf.org 3705 ereignisse_des_12_september Die Ereignisse des 12.9. und ihre Folgen Watching them watching us: Videoüberwachung staatlichen Handelns German de 20091229T230000 20091230T000000 01H00M00S

Die Ereignisse des 12.9. und ihre Folgen- Watching them watching us: Videoüberwachung staatlichen Handelns

Im Rahmen der Demonstration gegen Überwachungswahn, Vorratsdatenspeicherung und die Einschränkung bürgerlicher Freiheitsrechte am 12. September 2009 kam es in den frühen Abendstunden zu gewalttätigen Ausschreitungen von Polizisten gegen Demonstrationsteilnehmer. Den proaktiv gewalttättig agierenden Beamten war dabei offenbar nicht bewußt, daß sie sich den falschen Ort ausgesucht hatten: In unmittelbarer Nähe des CCC-Wagens entstand dabei eine beeindruckend gute Videodokumentation durch mehrere Teilnehmer und ihre mitgebrachten Gerätschaften. Das Video landete noch am Abend im Netz und kurzfristig auch in den konventionellen Medien. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3705.en.html Saal3 Andy Müller-Maguhn PUBLISH 3622@26C3@pentabarf.org 3622 neokonservative_thinktanks_in_der_brd Die neokonservativen Thinktanks in der BRD Wie SPD und CDU die gelenkte Demokratie einführen wollen German de 20091228T124500 20091228T134500 01H00M00S

Die neokonservativen Thinktanks in der BRD- Wie SPD und CDU die gelenkte Demokratie einführen wollen

Putin ist ein "lupenreiner Demokrat", so Gerhard Schröder 2004 bei Beckmann. Wie sehr das dem Demokratieverständnis der abgewählten SPD und der immer noch nicht ausreichend weggewählten CDU entspricht, zeigt dieser Vortrag. Er beleuchtet dabei Gedankengut und Arbeit von Thinktanks wie des "Frankfurter Zukunftsrats", der "Initiative Neue Marktwirtschaft" und des "Konvents für Deutschland" und die Auswirkungen auf die aktuelle Politik. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3622.en.html Saal2 Volker Birk PUBLISH 3708@26C3@pentabarf.org 3708 schlacht_um_die_vds Die Schlacht um die Vorratsdatenspeicherung Der Stand der Debatte nach der Anhörung beim Bundesverfassungsgericht German de 20091228T183000 20091228T193000 01H00M00S

Die Schlacht um die Vorratsdatenspeicherung- Der Stand der Debatte nach der Anhörung beim Bundesverfassungsgericht

Das Bundesverfassungsgericht berät derzeit über die Verfassungsbeschwerden gegen die Vorratsdatenspeicherung. Nachdem das Gericht im letzten Jahr bereits mit dem neuen Grundrecht auf eine digitale Intimsphäre einen dicken Pflock eingeschlagen hat, wird das Urteil zur Vorratsdatenspeicherung erneut Grundsätzliches im Spannungsverhältnis zwischen Bürgerrechten und Strafverfolgung klären. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3708.en.html Saal1 Constanze Kurz Frank Rieger PUBLISH 3533@26C3@pentabarf.org 3533 digitaler_steuerbuerger Die Verwaltung rüstet auf - der digitale Steuerbürger Gefahren, Nutzen, Risiken für Jedermann German de 20091228T171500 20091228T181500 01H00M00S

Die Verwaltung rüstet auf - der digitale Steuerbürger- Gefahren, Nutzen, Risiken für Jedermann

Automatisierter Kontenabruf, digitale Außenprüfung, Benford-Test, Chi-Quadrat-Test, Bußgeld für GDPdU-Verweigerer: Die Steuerverwaltung hat in den letzten Jahren digital aufgerüstet. Wo wann werden wie welche Daten eingesammelt und verwertet? PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3533.en.html Saal2 Kai Kobschätzki (/bengoshi) Keune PUBLISH 3523@26C3@pentabarf.org 3523 eine_zensur_findet_statt Eine Zensur findet statt Eine Rundreise durch die Welt der Zensur – Wo, Was und Wie? German de 20091227T124500 20091227T134500 01H00M00S

Eine Zensur findet statt- Eine Rundreise durch die Welt der Zensur – Wo, Was und Wie?

Der Vortrag stellt die Zensurmaßnahmen in ausgewählten Ländern der Welt vor. Wir sagen Euch, wo welche Inhalte zensiert werden und wie die Technik hierzu aussieht. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3523.en.html Saal1 Jens Kubieziel PUBLISH 3721@26C3@pentabarf.org 3721 etsi_data_retention ETSI-Vorratsdatenspeicherung 2009 und andere Sockenpuppen der GCHQ German de 20091228T230000 20091229T000000 01H00M00S

ETSI-Vorratsdatenspeicherung 2009- und andere Sockenpuppen der GCHQ

Die ETSI startete als Ingenieursgremium zum Festschreiben von technischen Standards und hat sich über die Jahre zu einer Tochterfirma der GCHQ entwickelt, des englischen Geheimdienstes für Fernmeldeaufklärung. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3721.en.html Saal3 Erich Möchel PUBLISH 3590@26C3@pentabarf.org 3590 europaeische_biometriestrategien Europäische Biometriestrategien Die Automatisierung von Personenidentifizierung an der Grenze und die damit einhergehenden kontrollpolitischen Veränderungen German de 20091229T183000 20091229T193000 01H00M00S

Europäische Biometriestrategien- Die Automatisierung von Personenidentifizierung an der Grenze und die damit einhergehenden kontrollpolitischen Veränderungen

Der Vortrag beschäftigt sich mit der Frage der technischen und gesellschaftlichen Implikationen von Identifizierungstechniken, die Prozesse der In- und Exklusion von Menschen in Nationen zu automatisieren suchen. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3590.en.html Saal3 kosmo_k PUBLISH 3652@26C3@pentabarf.org 3652 exciting_tales_of_journalists_getting_spied_on Exciting Tales of Journalists Getting Spied on, Arrested and Deported How their own data was taken and used against them English en 20091228T230000 20091229T000000 01H00M00S

Exciting Tales of Journalists Getting Spied on, Arrested and Deported- How their own data was taken and used against them

Stories of journalists who while doing their work and researching stories in countries throughout the world were spied on, arrested, and in some cases had their own data used against them. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3652.en.html Saal1 Bicyclemark PUBLISH 3703@26C3@pentabarf.org 3703 exposing_crypto_bugs_through_reverse_engineering Exposing Crypto Bugs through reverse engineering English en 20091227T183000 20091227T193000 01H00M00S

Exposing Crypto Bugs through reverse engineering

Breaking good crypto is hard. It takes a genius to find a flaw in AES or Blowfish. On the other hand, it is also difficult to program cryptography correctly. Thus the simpler way of breaking a cryptographic software is often to reverse engineer it and find the crypto errors that were made by the programmers. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3703.en.html Saal1 Philippe Oechslin PUBLISH 3631@26C3@pentabarf.org 3631 finding_the_key_in_the_haystack Finding the key in the haystack A practical guide to Differential Power Analysis English en 20091230T124500 20091230T134500 01H00M00S

Finding the key in the haystack- A practical guide to Differential Power Analysis

The power consumtion of a microcontroller depends on the actual data being processed. This renders current-based side channel attacks possible: By recording and analyzing the current consumption of a microcontroller, one can recover secret keys. This can be done using Differential Power Analysis (DPA). PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3631.en.html Saal2 hunz PUBLISH 3613@26C3@pentabarf.org 3613 fnord_jahresrueckblick Fnord-Jahresrückblick 2009 Von Abwrackprämie bis Zensursula German de 20091229T214500 20091229T224500 01H00M00S

Fnord-Jahresrückblick 2009- Von Abwrackprämie bis Zensursula

Auch dieses Jahr werden wir Euch wieder aus den Fnords des Jahres eine beschauliche Abendveranstaltung konstruieren, auf dass ihr Euch daran delektiert. 2009 war wieder ein ergiebiges Jahr. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3613.en.html Saal1 Felix von Leitner Frank Rieger PUBLISH 3496@26C3@pentabarf.org 3496 fussgaengernavigation_mit_augmented_reality Fußgängernavigation mit Augmented Reality Navit - Navigationssystem German de 20091229T171500 20091229T181500 01H00M00S

Fußgängernavigation mit Augmented Reality- Navit - Navigationssystem

Augmented Reality oder Erweiterte Realität (ER) beschreibt die Synthese von detailreichen realen Bilddaten mit virtuellen Routeninformationen. Der Vorteil besteht in der klaren und unmissverständlichen Darstellung der Anweisungen, so dass ER besonders für Fußgänger geeignet ist. Um die Darstellung von Kamerabildern und Virtuellem Modell nahezu deckungsgleich zu überlagern, werden verschiedene Sensoren benötigt. So wird neben GPS ein elektronischer Kompass und ein Bewegungssensor verwendet. Damit ausgestattet ist das Gerät in der Lage, die Position und die Ausrichtung zu erkennen und in die Anzeige anzupassen. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3496.en.html Saal3 Martin Schallaer PUBLISH 3507@26C3@pentabarf.org 3507 yo_dawg_phone_in_phone Fuzzing the Phone in your Phone English en 20091228T183000 20091228T193000 01H00M00S

Fuzzing the Phone in your Phone

In this talk we show how to find vulnerabilities in smart phones. Not in the browser or mail client or any software you could find on a desktop, but rather in the phone specific software. We present techniques which allow a researcher to inject SMS messages into iPhone, Android, and Windows Mobile devices. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3507.en.html Saal3 Collin Mulliner PUBLISH 3654@26C3@pentabarf.org 3654 gsm_srsly GSM: SRSLY? English en 20091227T203000 20091227T213000 01H00M00S

GSM: SRSLY?

The worlds most popular radio system has over 3 billion handsets in 212 countries and not even strong encryption. Perhaps due to cold-war era laws, GSM's security hasn't received the scrutiny it deserves given its popularity. This bothered us enough to take a look; the results were surprising. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3654.en.html Saal1 Chris Paget Karsten Nohl PUBLISH 3669@26C3@pentabarf.org 3669 hacker_jeopardy_2009 Hacker Jeopardy Number guessing for geeks German de 20091229T000000 20091229T020000 02H00M00S

Hacker Jeopardy- Number guessing for geeks

The Hacker Jeopardy is a quiz show. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3669.en.html Saal1 Ray Stefan 'Sec' Zehl PUBLISH 3266@26C3@pentabarf.org 3266 hacking_the_universe Hacking the universe When strings are super and not made of characters English en 20091230T160000 20091230T170000 01H00M00S

Hacking the universe- When strings are super and not made of characters

String theory is our best candidate for a "Theory of Everything". In this final theory, we begin to understand the nature of space and time. This is a light introduction to these ideas for the general nerd. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3266.en.html Saal3 Robert Helling PUBLISH 3688@26C3@pentabarf.org 3688 haste_ma_nen_netblock "Haste ma'n netblock?" Layer 8 based IP Address hijacking in the end of the days of IPv4 English en 20091228T214500 20091228T224500 01H00M00S

"Haste ma'n netblock?"- Layer 8 based IP Address hijacking in the end of the days of IPv4

In times of the omnipresent scare of IPv4 address shortage and price tags on Internet resources that are raised on a yearly basis some people look for creative means of securing themselves parts of "pre-owned" IP space. This space comes from the various early birds on the net. From major corporations to the US Military: Nobody is safe of getting his unused IP assets nicked. This talk will explain the ways IP assignments are made and how clever and not so clever, greedy and not so greedy IP thieves can get into the possession of valuable IP assets. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3688.en.html Saal3 nibbler PUBLISH 3700@26C3@pentabarf.org 3700 here_be_dragons Here be dragons Keynote German de 20091227T113000 20091227T123000 01H00M00S

Here be dragons- Keynote

PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3700.en.html Saal1 Frank Rieger PUBLISH 3452@26C3@pentabarf.org 3452 here_be_electric_dragons Here Be Electric Dragons Preparing for the Emancipation of Machines English en 20091227T171500 20091227T181500 01H00M00S

Here Be Electric Dragons- Preparing for the Emancipation of Machines

Unnoticed by average Joe we are currently experiencing the advent of autonomous machines. This development will undoubtedly result in epochal change of our way of live. Naturally this has the potential to cause enormous problems. Two key issues will be how to tame the risks these autonomous machines pose and how to deal with the impact their wide proliferation will have on societies. A few years ago these questions were only important in science fiction. Today “killer” applications are no longer an academic topic. Now it is on us to start thinking about this questions and to preemptively develop new practices. Curiously, what might be a large part of the solution has already been central to the hacker community for decades: hacker ethic. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3452.en.html Saal3 Lorenz PUBLISH 3664@26C3@pentabarf.org 3664 homewreckery Homewreckery Electrifying the Thread out of Clothing English en 20091228T140000 20091228T150000 01H00M00S

Homewreckery- Electrifying the Thread out of Clothing

Integrating technology into fiber arts continues to be an intensely popular subject – in the words of an old teacher: "Fashion will always be a good market, because everyone loves clothes." With the creation of things like Lilypad Arduinos and flex resistors the medium is moving forward in leaps and bounds. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3664.en.html Saal2 eli skipp PUBLISH 3576@26C3@pentabarf.org 3576 quantum_cryptosystem_eavesdropper How you can build an eavesdropper for a quantum cryptosystem hardware demo during the lecture English en 20091227T214500 20091227T224500 01H00M00S

How you can build an eavesdropper for a quantum cryptosystem- hardware demo during the lecture

This presentation will show the first experimental implementation of an eavesdropper for quantum cryptosystem. Although quantum cryptography has been proven unconditionally secure, by exploiting physical imperfections (detector vulnerability) we have successfully built an intercept-resend attack and demonstrated eavesdropping under realistic conditions on an installed quantum key distribution line. The actual eavesdropping hardware we have built will be shown during the conference. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3576.en.html Saal2 Qin Liu Sebastien Sauge PUBLISH 3302@26C3@pentabarf.org 3302 i_internet I, Internet We are more Borg than we thought English en 20091229T183000 20091229T193000 01H00M00S

I, Internet- We are more Borg than we thought

The actions of a highly-networked group of individuals cannot be explained as the sum of actions of individuals. Let's explore how far we are along with evolving collective consciousnesses and what's on their minds. With the Internet, the individual's ability for inward and especially outward communication is unprecendented in history. Millions of individuals are sharing thoughts and observations through social networks. The faster and more efficient the information flows within such a network, the harder it becomes to distinguish these processes from the activity in a biological neural network (brain). PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3302.en.html Saal2 Christiane Ruetten PUBLISH 3685@26C3@pentabarf.org 3685 medien_hacken Im Herz der Bestie Medien hacken German de 20091230T160000 20091230T170000 01H00M00S

Im Herz der Bestie- Medien hacken

Was haben Friedrich Engels und die Yes Men gemeinsam? Was ist Kommunikationsguerilla und wie unterscheidet sie sich von der Medienguerilla? Wie kann ich den Botschafter der USA mit einer kleinen lancierten Fotomontage zur Absage eines öffentlichen Auftritts zwingen? Medienguerilla kann Aktienkurse rutschen lassen oder einfach nur Spaß machen. Anhand von unterhaltsamen Beispielen werden verschiedene Methoden und Techniken gezeigt, mit denen Mainstream-Medien gehackt werden können. Dabei werden Sicherheitslücken und Einfallstore für Medienhacking demonstriert und Möglichkeiten für Hacks in der Zukunft aufgezeigt. Denn Medienguerilla lebt vom Mit- und Selbermachen... PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3685.en.html Saal2 Monty Cantsin victor dornberger PUBLISH 3594@26C3@pentabarf.org 3594 internetsperren Internetsperren #zensursula and beyond German de 20091227T171500 20091227T181500 01H00M00S

Internetsperren- #zensursula and beyond

In dem Vortrag werden kurz die Geschichte und Argumente gegen die Sperren zusammengefasst. Es sollen außerdem konkrete Forderungen an Politik und Gesellschaft gestellt werden. Den Abschluss soll eine Diskussion über die Entwicklung von nicht zensierbaren Protokollen und der dazugehörigen Software bilden. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3594.en.html Saal2 MOGiS PUBLISH 3572@26C3@pentabarf.org 3572 kunstfreiheit_statt_hackerparagraph Kunstfreiheit statt Hackerparagraph German de 20091229T140000 20091229T150000 01H00M00S

Kunstfreiheit statt Hackerparagraph

Wie viel Ethik steckt tatsächlich im Hacken? Sind die populären Vorurteile gegenüber Hackern berechtigt? Wir wollen zeigen, was genau beim Hacken vor sich geht und wie aus dem Hacken soziale Verantwortung entsteht – die sowohl das ‚Conscience of a Hacker’ erklärt als auch auf das Wohl der Gesamtgesellschaft gerichtet ist. Für die Rechtsprechung oder zukünftige Ethikkodizes, die nachhaltig wirken sollen, ist diese Diskussion unumgänglich. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3572.en.html Saal2 Lexi Pimendis Miriam Ommeln PUBLISH 3709@26C3@pentabarf.org 3709 legic_prime_obscurity Legic Prime: Obscurity in Depth English en 20091228T214500 20091228T224500 01H00M00S

Legic Prime: Obscurity in Depth

Legic Prime is an artifact from the time when proprietary cryptography in RFID was considered secure enough. We will demonstrate a break for basically any aspect of Legic Prime's claimed security features. If you rely on Legic Prime's security for anything, start migrating. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3709.en.html Saal1 Henryk Plötz Karsten Nohl PUBLISH 3481@26C3@pentabarf.org 3481 leyenrhetorik Leyen-Rhetorik German de 20091227T140000 20091227T150000 01H00M00S

Leyen-Rhetorik

Ursula von der Leyen machte Wahlkampf mit dem Zugangserschwerungsgesetz. Dabei bediente sie sich vor allem einer Reihe von Scheinargumenten und verschiedener anderer rhetorischer Mittel, um ihr Publikum auf ihre Seite zu ziehen. Ihr Vorgehen soll hier näher beleuchtet werden. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3481.en.html Saal1 maha/Martin Haase PUBLISH 3563@26C3@pentabarf.org 3563 lightning_days_1 Lightning Talks - Day 1 4 minutes of fame English en 20091227T124500 20091227T150000 02H15M00S

Lightning Talks - Day 1- 4 minutes of fame

4 minutes for every speaker. Learn about the good, the bad, and the ugly - in software, hardware, projects, and more. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3563.en.html Saal3 Oliver Pritzkow Sven Guckes PUBLISH 3642@26C3@pentabarf.org 3642 lightning_days_2 Lightning Talks - Day 2 4 minutes of fame English en 20091228T124500 20091228T150000 02H15M00S

Lightning Talks - Day 2- 4 minutes of fame

4 minutes for every speaker. Learn about the good, the bad, and the ugly - in software, hardware, projects, and more. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3642.en.html Saal3 Oliver Pritzkow Sven Guckes PUBLISH 3644@26C3@pentabarf.org 3644 lightning_days_3 Lightning Talks - Day 3 4 minutes of fame English en 20091229T124500 20091229T150000 02H15M00S

Lightning Talks - Day 3- 4 minutes of fame

4 minutes for every speaker. Learn about the good, the bad, and the ugly - in software, hardware, projects, and more. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3644.en.html Saal3 Oliver Pritzkow Sven Guckes PUBLISH 3645@26C3@pentabarf.org 3645 lightning_days_4 Lightning Talks - Day 4 4 minutes of fame English en 20091230T124500 20091230T150000 02H15M00S

Lightning Talks - Day 4- 4 minutes of fame

4 minutes for every speaker. Learn about the good, the bad, and the ugly - in software, hardware, projects, and more. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3645.en.html Saal3 Oliver Pritzkow Sven Guckes PUBLISH 3464@26C3@pentabarf.org 3464 liquid_democracy Liquid Democracy Direkter Parlamentarismus – gemeinsam verbindlich entscheiden German de 20091228T203000 20091228T213000 01H00M00S

Liquid Democracy- Direkter Parlamentarismus – gemeinsam verbindlich entscheiden

Wir arbeiten an einer Umsetzung der Liquid-Democracy-Idee. Dabei ist es für uns wichtig, keine Ja/Nein-Demokratie, sondern eine diskursorientierte Basisdemokratie zu etablieren: Alle können Parlamentarierinnen sein und mit allen anderen Ideen entwickeln, diskutieren, streiten, Bündnisse eingehen, Kompromisse schließen und Konsens finden. Im direkten Parlamentarismus setzt sich die beste Idee, das beste Argument durch; die verbindliche Entscheidung entsteht aus dem gemeinsamen Diskurs. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3464.en.html Saal2 Daniel Reichert dwt PUBLISH 3600@26C3@pentabarf.org 3600 location_tracking_skyhook_wireless Location tracking does scale up How skyhook wireless tracks you continously English en 20091229T203000 20091229T213000 01H00M00S

Location tracking does scale up- How skyhook wireless tracks you continously

For a long time we warned of the perils of full scale, permanent tracking of persons by the state or corporations. Cell phones, data retention laws and other surveillance techniques close the freedoms of the net. But none can be as pervasive as the permanent location updates sent to Apple and Google via your Smartphone and laptop. With a precision of 10 m to 20 m, BSSID based location tracking has become the ultimative and global tracking of persons. This talk will describe weaknesses and trends in current location tracking methods. The internet learned to locate you in 2009! PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3600.en.html Saal3 L. Aaron Kaplan PUBLISH 3350@26C3@pentabarf.org 3350 milkymist Milkymist An open hardware video synthesis platform English en 20091228T160000 20091228T170000 01H00M00S

Milkymist- An open hardware video synthesis platform

An FPGA-based open-hardware video synthesis platform. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3350.en.html Saal3 Sébastien Bourdeauducq PUBLISH 3671@26C3@pentabarf.org 3671 built_a_raetsel Nougatbytes - Ein Wortspiel, bunt und in stereo Die geekige Bilderrätselspielschau German de 20091230T000000 20091230T013000 01H30M00S

Nougatbytes - Ein Wortspiel, bunt und in stereo- Die geekige Bilderrätselspielschau

Eine geekige Bilderrätselgameshow mit Publikumsbezug Anmeldung bitte unter <26c3_ichwill@laryllian.de> PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3671.en.html Saal1 Ben Rainer PUBLISH 3657@26C3@pentabarf.org 3657 optimised_to_fail Optimised to fail Card readers for online banking English en 20091229T171500 20091229T181500 01H00M00S

Optimised to fail- Card readers for online banking

The Chip Authentication Programme (CAP) has been introduced by banks in Europe to deal with the soaring losses due to online banking fraud. A handheld reader is used together with the customer's debit card to generate one-time codes for both login and transaction authentication. The CAP protocol is not public, and was rolled out without any public scrutiny. We reverse engineered the UK variant of card readers and smart cards and here provide the first public description of the protocol. We found numerous design errors, which could be exploited by criminals. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3657.en.html Saal2 Steven J. Murdoch PUBLISH 3504@26C3@pentabarf.org 3504 our_darknet_and_its_bright_spots our darknet and its bright spots building connections for spaces and people English en 20091227T160000 20091227T170000 01H00M00S

our darknet and its bright spots- building connections for spaces and people

Building a private network to connect your neighbourhood. Why we feel common solutions are terrible on resources and what we think is better. Get on board. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3504.en.html Saal3 aestetix equinox Eric Michaud mc.fly PUBLISH 3637@26C3@pentabarf.org 3637 peanutbutter Peanut Butter and Plastic: Industrial Revolution Decentralized Manufacturing and Desktop Fabrication English en 20091229T203000 20091229T213000 01H00M00S

Peanut Butter and Plastic: Industrial Revolution- Decentralized Manufacturing and Desktop Fabrication

The future of manufacturing will purring next to your computer and plasticizing digital designs into 3D objects. We're at the dawn of the diamond age with portable 3D printers, decentralized manufacturing, digital design and the rise of personal fabrication. Now is the time to join Industrial Revolution 2 and make that dream a reality. Accompanying this presentation will be a digital design workshop to show designers how to go from digital designs to physical objects. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3637.en.html Saal1 Bre PUBLISH 3579@26C3@pentabarf.org 3579 photography_and_the_art_of_doing_it_wrong Photography and the Art of Doing it Wrong English en 20091230T160000 20091230T170000 01H00M00S

Photography and the Art of Doing it Wrong

At its heart, photography is a ridiculous hack to make pictures from light. In the 170 years since Talbot and Daguerre, techniques have been cleaned up and simplified. A field that once demanded experimentation and had no clear way of doing it right, now attracts many who haven't a clue why it all works. Innovation and new techniques occur on the edges - they are the beautiful fragments scattered in disaster, the sloppy chaos of the unknown. Discovery happens by doing it wrong. Beyond the traditions, beyond the rules, there be dragons, and they are the best teachers of all. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3579.en.html Saal1 Audrey PUBLISH 3573@26C3@pentabarf.org 3573 playing_with_the_built_city Playing with the Built City English en 20091229T113000 20091229T123000 01H00M00S

Playing with the Built City

Architecture and urban planning play a huge role in our lives, to a degree not always obvious. The city, however, can be seen as just another system&mdash;like any other, it can be hacked, illuminating and subverting existing power structures and creating spaces that allow us to be more human and to live richer lives. In this talk, we'll see a bunch of the challenges of the modern city and look at possible responses. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3573.en.html Saal2 Eleanor Saitta PUBLISH 3608@26C3@pentabarf.org 3608 playing_with_gsm_rf_interface Playing with the GSM RF Interface Doing tricks with a mobile phone English en 20091229T160000 20091229T170000 01H00M00S

Playing with the GSM RF Interface- Doing tricks with a mobile phone

This talk will show what can be done by taking control of the GSM RF part of a mobile phone, for example performing a DoS attack to the GSM network or using the phone as a sniffing device. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3608.en.html Saal2 Dieter Spaar PUBLISH 3577@26C3@pentabarf.org 3577 privacy_enhanced_event_scheduling Privacy-Enhanced Event Scheduling English en 20091229T214500 20091229T224500 01H00M00S

Privacy-Enhanced Event Scheduling

Event schedulers, well-known from groupware and social software, typically share the problem that they disclose detailed availability patterns of their users. This talk distinguishes event scheduling from electronic voting and proposes a privacy-enhanced event scheduling scheme. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3577.en.html Saal2 Benjamin Kellermann PUBLISH 3722@26C3@pentabarf.org 3722 privacy_openness_trust_transparency_on_wikipedia Privacy, openness, trust and transparency on Wikipedia How the free encyclopedia project deals with sockpuppets English en 20091227T160000 20091227T170000 01H00M00S

Privacy, openness, trust and transparency on Wikipedia- How the free encyclopedia project deals with sockpuppets

Wikipedia's enormous growth during this decade, which has made it a "poster child of Web 2.0", has been enabled by its "anyone can edit" philosophy – external credentials are not required, and one still doesn't even need to set up a user account to change the content of one of the planet's most visited websites. This radical openness created unsurprising vulnerabilites (to vandalism, libel, copyright violations, introduction of bias, organized PR activities, etc.), but it is balanced by an equally radical transparency, where even minuscule actions of editors are recorded indefinitely. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3722.en.html Saal2 HaeB PUBLISH 3468@26C3@pentabarf.org 3468 privacy_stylometry Privacy & Stylometry Practical Attacks Against Authorship Recognition Techniques English en 20091228T160000 20091228T170000 01H00M00S

Privacy & Stylometry- Practical Attacks Against Authorship Recognition Techniques

Authorship recognition based on linguistics (known as Stylometry) has contributed to literary and historical breakthroughs. These successes have led to the use of these techniques in criminal investigations and prosecutions. Stylometry, however, can also be used to infringe upon the privacy of individuals who wish to publish documents anonymously. Our research demonstrates how various types of attacks can reduce the effectiveness of stylometric techniques down to the level of random guessing and worse. These results are made more significant by the fact that the experimental subjects were unfamiliar with stylometric techniques, without specialized knowledge in linguistics, and spent little time on the attacks. This talk will also examine the ways in which authorship recognition can be used to thwart privacy and anonymity and how these attacks can be used to mitigate this threat. It will also cover our current progress in establishing a large corpus of writing samples and attack data and the creation of a tool which can aid authors in preserving their privacy when publishing anonymously. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3468.en.html Saal1 Mike Brennan PUBLISH 3353@26C3@pentabarf.org 3353 reverse_engineering_displaylink_devices Reverse-Engineering DisplayLink devices USB to DVI for Hackers English en 20091228T203000 20091228T213000 01H00M00S

Reverse-Engineering DisplayLink devices- USB to DVI for Hackers

DisplayLink produces nice, useful USB graphics adapters. Unfortunately, they had no real Linux support. In this talk, we'll describe how we first reverse-engineered the encryption and basic protocol, prompting DisplayLink to actually release a Linux driver on their own. However, their driver still doesn't support compression. In the second part, we'll therefore describe how we reverse-engineered the compression algorithm. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3353.en.html Saal3 Florian Echtler PUBLISH 3555@26C3@pentabarf.org 3555 sccp_hacking SCCP hacking, attacking the SS7 & SIGTRAN applications one step further and mapping the phone system Back to the good old Blue Box? English en 20091228T230000 20091229T000000 01H00M00S

SCCP hacking, attacking the SS7 & SIGTRAN applications one step further and mapping the phone system- Back to the good old Blue Box?

SS7 is like TCP/IP in the 1990s. It used to be quite a secure network because nobody outside the organizations (here, the mobile operators and telecom companies) were connected to it. Now it's getting interconnected to new actors which are not that trustworthy. Somehow, hackerdom made SS7 come into existence thanks to the massive use of Blue Boxes. Now, hackerdom is getting its toy back! SS7 is nowaday more and more accessible, and as such increasingly vulnerable. So we're getting exposed to a totally new set of protocols, as secure as TCP/IP in the 1980s. This looks like the Blue Box is coming back to life, in a very different form. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3555.en.html Saal2 Philippe Langlois Vanessa Brunet PUBLISH 3515@26C3@pentabarf.org 3515 secubt secuBT Hacking the Hackers with User-Space Virtualization English en 20091230T113000 20091230T123000 01H00M00S

secuBT- Hacking the Hackers with User-Space Virtualization

In the age of coordinated malware distribution and zero-day exploits security becomes ever more important. This paper presents secuBT, a safe execution framework for the execution of untrusted binary code based on the fastBT dynamic binary translator. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3515.en.html Saal2 Mathias Payer PUBLISH 3687@26C3@pentabarf.org 3687 security_nightmares_2009 Security Nightmares German de 20091230T171500 20091230T181500 01H00M00S

Security Nightmares

Was hat sich im letzten Jahr im Bereich IT-Sicherheit getan? Welche neuen Entwicklungen haben sich ergeben? Welche neuen Buzzwords und Trends waren zu sehen? PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3687.en.html Saal1 Frank Rieger Ron PUBLISH 3723@26C3@pentabarf.org 3723 fnord_jahresrueckblick_steam Stream: Fnord-Jahresrückblick 2009 German / English version of the Fnord-Jahresrückblick 2009. English en 20091229T214500 20091229T224500 01H00M00S

Stream: Fnord-Jahresrückblick 2009- German / English version of the Fnord-Jahresrückblick 2009.

This will be a stream of the Fnord-Jahresrückblick 2009, as it will be too crowded in Saal 1. We try to get a translation, but there is no guarantee yet, so a German version might be possible, too. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3723.en.html Saal3 guide PUBLISH 3725@26C3@pentabarf.org 3725 security_nightmares_2009_en Stream: Security Nightmares in english!!11oneeleven (translated on the fly) English en 20091230T171500 20091230T181500 01H00M00S

Stream: Security Nightmares- in english!!11oneeleven (translated on the fly)

What has happened during the last year in IT-Security? Which things did develop newly? Which new buzzwords and trends appeared? PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3725.en.html Saal3 Public Viewing PUBLISH 3510@26C3@pentabarf.org 3510 technik_des_neuen_epa Technik des neuen ePA German de 20091229T203000 20091229T213000 01H00M00S

Technik des neuen ePA

Brave new eID world: PACE, TA/CA, RI, eID, younameit. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3510.en.html Saal2 Henryk Plötz PUBLISH 3710@26C3@pentabarf.org 3710 critical_thinking The Lost Cosmonauts Critical Thinking English en 20091229T160000 20091229T170000 01H00M00S

The Lost Cosmonauts- Critical Thinking

I'm going to talk about the benefits of applying critical thinking stories that we hear in the popular media, and the example I'll be focusing on is the story of the Lost Cosmonauts: Soviet Cosmonauts supposed to have died in space, but who were erased from history. We have audio recordings, allegedly from these dying Cosmonauts, and we'll apply critical thinking to learn what the real source was. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3710.en.html Saal1 Brian Dunning PUBLISH 3554@26C3@pentabarf.org 3554 tor_lessons_learned Tor and censorship: lessons learned English en 20091227T203000 20091227T213000 01H00M00S

Tor and censorship: lessons learned

Tor was originally designed as a civil liberties tool for people in the West. But if governments can block connections *to* the Tor network, who cares that it provides great anonymity? A few years ago we started adapting Tor to be more robust in countries like China. We streamlined its network communications to look more like ordinary SSL, and we introduced "bridge relays" that are harder for an attacker to find and block than Tor's public relays. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3554.en.html Saal2 Roger Dingledine PUBLISH 3713@26C3@pentabarf.org 3713 unbild UNBILD – Pictures and Non-Pictures Reterritorialisierung und Globalisierung German de 20091227T214500 20091227T224500 01H00M00S

UNBILD – Pictures and Non-Pictures- Reterritorialisierung und Globalisierung

Mit seinen Projekten arbeitet Christoph Faulhaber an einer Fortschreibung von Konzeptkunst, Performance und Sozialer Skulptur. In "Ich wie es wirklich war" berichtet Faulhaber über die Folgen des Projektes Mister Security. „Der Ausgangspunkt für Mister Security ist die Frage, ob es verboten ist, die amerikanische Botschaft zu fotografieren.“ Verkleidet als Angestellter einer Sicherheitsfirma observierte Faulhaber mit seinem Künstlerkollegen Lukasz Chobrok verschiedene Botschaften und gab auf Nachfrage an, den öffentlichen Raum zu überwachen, um die Sicherheit zu erhöhen. Tatsächlich führte die erhöhte Sicherheit zu großen Verunsicherungen. Sie wurde gar als Bedrohung wahrgenommen, wie die Ausweisung des Künstlers aus den USA, mit der das Projekt einen vorläufigen Höhepunkt erlebte, zeigt. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3713.en.html Saal1 Christoph Faulhaber PUBLISH 3706@26C3@pentabarf.org 3706 understanding_telecommunication_interception_intelligence_support_systems Understanding Telecommunication Interception: Intelligence Support Systems The Big Brother Services Industry and their tools English en 20091230T140000 20091230T150000 01H00M00S

Understanding Telecommunication Interception: Intelligence Support Systems- The Big Brother Services Industry and their tools

"Intelligence Support Systems" stand for a wide range of hard- and softwareproducts made to intercept and analyze data from telecommunication- and other datastreams as well as data from surveillance technology. The talk will give a brief overview of how this industry works, to whom these products are available and what the capabilities are. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3706.en.html Saal2 Andy Müller-Maguhn PUBLISH 3535@26C3@pentabarf.org 3535 using_openbsc_for_fuzzing_of_gsm_handsets Using OpenBSC for fuzzing of GSM handsets English en 20091229T171500 20091229T181500 01H00M00S

Using OpenBSC for fuzzing of GSM handsets

With the recent availability of more Free Software for GSM protocols such as OpenBSC, GSM protocol hacking is no longer off-limits. Everyone can play with the lower levels of GSM communications. It's time to bring the decades of TCP/IP security research into the GSM world, sending packets incompatible with the state machine, sending wrong length fields and actually go all the way to fuzz the various layers of the GSM protocol stack. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3535.en.html Saal1 Harald Welte PUBLISH 3691@26C3@pentabarf.org 3691 vier_faeuste_fuer_ein_halleluja Vier Fäuste für ein Halleluja Geschichten aus dem API-und Protokollkrieg von zwei glorreichen Halunken German de 20091228T171500 20091228T181500 01H00M00S

Vier Fäuste für ein Halleluja- Geschichten aus dem API-und Protokollkrieg von zwei glorreichen Halunken

Wenn die API Aushängeschild eines Softwareprojekts ist, ist es um die Open-Source-Szene schlecht bestellt. openssl, X11, gnupg, BSD sockets, HTTP, racoon, ldap, errno – die Liste gewachsener und letztendlich mißglückter APIs ist lang. Wir stellen haarsträubende Beispiele vor, zeigen Spätfolgen in abhängigen Projekten und versuchen zu ergründen, wie es dazu kommen konnte. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3691.en.html Saal1 Erdgeist Felix von Leitner PUBLISH 3557@26C3@pentabarf.org 3557 vom_kreationismus_zum_kollektivismus Vom Kreationismus zum Kollektivismus Fehlende Einsicht in die Leistung komplexer Systeme German de 20091229T124500 20091229T134500 01H00M00S

Vom Kreationismus zum Kollektivismus- Fehlende Einsicht in die Leistung komplexer Systeme

Das Anwachsen des Kreationismus und das Vordringen kreationistischer Thesen ist eine traurige Realität dieser Tage. Trotz überwältigender Evidenz beharren Kreationisten auf einem Weltbild und Erklärungszusammenhängen, die nicht in Einklang mit Ergebnissen der naturwissenschaftlichen Forschung und daher der physikalischen Realität zu bringen sind. Diese Haltung ist das Resultat aktiven Leugnens oder passiver Unfähigkeit, selbstemergente Eigenschaften von komplexen Systemen zu erkennen und zu akzeptieren. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3557.en.html Saal2 Kay Hamacher PUBLISH 3570@26C3@pentabarf.org 3570 culturalviruses Weaponizing Cultural Viruses A Manual For Engaged Memetic Resistance on The Front Lines of The Culture Wars English en 20091229T230000 20091230T000000 01H00M00S

Weaponizing Cultural Viruses- A Manual For Engaged Memetic Resistance on The Front Lines of The Culture Wars

What does it mean to fight a culture war? How does culture propagate through a population? What is a meme? And why are some cultural memes more virulent than others? As the capitalist corporate monoculture further asserts its global hegemony, it is vital that individuals become more skillful in their resistance to it. In a hyper-connected world, the most powerful vector of resistance is that of memetics, the core unit of cultural belief. A culture war is, fundamentally, a memetic war. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3570.en.html Saal2 Aaron Muszalski PUBLISH 3714@26C3@pentabarf.org 3714 why_germany_succeeded_where_america_has_failed Why Germany Succeeded Where America Has Failed in Achieving Meaningful Voting Computer Changes And Why All Democracies Should Follow English en 20091228T113000 20091228T123000 01H00M00S

Why Germany Succeeded Where America Has Failed in Achieving Meaningful Voting Computer Changes- And Why All Democracies Should Follow

The decision made by the German Constitutional Court is THE definition of what election reform really is and that all democracies (and not just America) should use the basis of this decision in making the case for banning computerized voting. No more arguing security issues with the experts and accepting compromises that still leave citizens on the sidelines. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3714.en.html Saal1 Kathleen Wynn PUBLISH 3501@26C3@pentabarf.org 3501 why_net_neutrality_matters Why Net Neutrality Matters? Status update on current legislation, campaigns and actions English en 20091227T160000 20091227T170000 01H00M00S

Why Net Neutrality Matters?- Status update on current legislation, campaigns and actions

Net neutrality is an essential safeguard for competition, innovation, and fundamental freedoms. The debate is high in the US with the announce of FCC non discrimination principles (even if they sound irremediably bound to the interests of Hollywood industry). In the EU, the "Telecoms Package" has been the ground of intense debates on the issue. Dangerous provisions were voted, yet a very high level of awareness was raised, giving hope into further positive outcome of the debate. Why one shall care? What one can do about it? PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3501.en.html Saal1 Jérémie Zimmermann PUBLISH 3567@26C3@pentabarf.org 3567 wikileaks_release WikiLeaks Release 1.0 Insight into vision, motivation and innovation English en 20091227T171500 20091227T181500 01H00M00S

WikiLeaks Release 1.0- Insight into vision, motivation and innovation

During the last 12 months WikiLeaks representatives have been talking at numerous conferences, from technology via human rights to media focused, in an effort to introduce WikiLeaks to the world. WikiLeaks has had major document releases that have spawned attention in all major newspapers by now, it has triggered important reform and has established itself as part of the accepted media reality. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3567.en.html Saal1 wikileaks PUBLISH 3699@26C3@pentabarf.org 3699 wikipedia_wegen_irrelevanz_geloescht Wikipedia - Wegen Irrelevanz gelöscht German de 20091230T113000 20091230T134500 02H15M00S

Wikipedia - Wegen Irrelevanz gelöscht

Die Wikipedia wurde einst als Erfolgsmodell des Internets und des freien Zugangs zu Wissen gefeiert. Doch immer öfter regt sich Kritik wegen ausufernder Löschungen: Alte und neue Autoren werden verprellt, sogar der Vorwurf des Revisionismus wird laut. Ist die Zukunft der Wissensgesellschaft an Gartenzwergzüchtern gescheitert? Wir diskutieren. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3699.en.html Saal1 Andreas Bogk Kurt Jansson maha/Martin Haase Mathias Schindler Tim Weber PUBLISH 3696@26C3@pentabarf.org 3696 wireless_power_transfer Wireless power transfer Forgotten knowledge: Tesla invented wireless power English en 20091227T214500 20091227T224500 01H00M00S

Wireless power transfer- Forgotten knowledge: Tesla invented wireless power

Wireless power is a most wanted technology. It has already been invented by Nikola Tesla in 1888. The speaker read the papers, reproduced the theoretical and practical results. The theoretical idea to get highly efficient wireless power transmission is to separate the electric from the magnetic field, because magnetic field lines are closed curves near the device, while the electric field lines reach to infinity and receiver only needs common ground (the earth). This is done by special requirements to the sender and receiver antennas (form of the coil). The antenna form has been modeled in the software nec2 (variant xnec2c on debian). A lowcost PET bottle serves as the hull of the coil. Around 200 windings of insulated copper wire are manually applied to the bottle. A transmission in the range of 10 meters was reached, the power used is 100mW, from signal generator amplitude 10V and 1 MHz frequency. This will be shown. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3696.en.html Saal3 Davor Emard PUBLISH 3509@26C3@pentabarf.org 3509 wofuer_offenes_internet__managment_oder_diskriminierung Wofür offenes Internet? Warum wir klare Regeln für Netzneutralität brauchen German de 20091229T113000 20091229T123000 01H00M00S

Wofür offenes Internet?- Warum wir klare Regeln für Netzneutralität brauchen

Die Diskussion um Netzneutralität steht auch in Europa auf der politischen Agenda. Doch was ist Netzneutralität wirklich? Wofür wird sie gebraucht, wer darf darüber entscheiden? Der Vortrag soll einen Überblick über Problemlage, Player und praktische Politik geben. PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3509.en.html Saal3 Falk Lueke Markus Beckedahl PUBLISH 3340@26C3@pentabarf.org 3340 wolpertinger_ein_verteilter_portscanner Wolpertinger. Ein verteilter Portscanner. Schneller scannen! German de 20091230T113000 20091230T121500 00H45M00S

Wolpertinger. Ein verteilter Portscanner.- Schneller scannen!

Wolpertinger ist ein Portscanner. Allerdings kein gewöhnlicher Portscanner, sondern entwickelt um hunderte oder tausende von Adressen schnell scannen zu können. Dazu kann er sowohl "Dronen" zur Aufgabenverteilung verwenden als auch von einem einzelnen System aus sehr schnell fertig werden. Wolpertinger ist ein reiner TCP-Portscanner, der die Verarbeitung der Ergebnisse anderen überlässt. Dazu speichert er die Resultate in einer relationalen Datenbank, und wer auch immer sie entweder anderen Werkzeugen übergeben will und in l33tspeak, Excel oder Kuchengrafiken umwandeln will kann das gerne tun. Wolpertinger basiert auf mehreren Ansätzen, um Portscans zu beschleunigen und gleichzeitig präzise Ergebnisse zu erhalten, welche im Vortrag vorgestellt werden. Quelle: http://sourceforge.net/projects/wolpertinger Wolpertinger is a portscanner. However, not your uncle's portscanner. It has been created to scan either very large networks or a lot of small ones in short time. Very short time. In order to achieve this necessary goal, it can distribute the scanning-work between several drones, controlled by the "Wolpermaster". However it is also very fast when scanning from a single system. These and other measures to make a fast and reliable scanners are presented in the talk (in german). Sourceforge: http://sourceforge.net/projects/wolpertinger PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3340.en.html Saal3 AltesWecken PUBLISH 3702@26C3@pentabarf.org 3702 yes_we_cant_kleptography_and_cryptovirology “Yes We Can’t!” - on kleptography and cryptovirology English en 20091229T183000 20091229T193000 01H00M00S

“Yes We Can’t!” - on kleptography and cryptovirology

In this talk I will survey some of the results (with Adam Young) on Cryptovirology (the art of employing public key cryptography maliciously as part of a malware attack, such as in ransomware) and the related Kleptography (the art of embedding cryptographic Trojans inside tamper-proof cryptosystems). PUBLIC CONFIRMED Lecture http://events.ccc.de/congress/2009/Fahrplan/events/3702.en.html Saal1 Moti Yung