Almost a week ago we published the Camp Fahrplan (schedule). Follow this link for more information.
Posts Tagged ‘Lectures’
Camp Schedule Published
Monday, July 18th, 2011Crypto Talk at 27C3: Automatic Identification of Cryptographic Primitives in Software, Day1, 16:00, Saal 3
Monday, December 27th, 2010
Many applications, including closed source applications like malware or DRM-enabled multimedia players (you might consider them as malware too) use cryptography. When analyzing these applications, a first step is the identification and localization of the cryptographic building blocks (cryptographic primitives, for example AES, DES, RSA…) in the applications. When these blocks have been localized, the input and output of the cryptographic primitives and the key management can be observed and the application can be analyzed further. Fortunately, many cryptographic algorithms use special constants or have a typical fingerprint and there are only a few different public implementations of the algorithm. This allows us to automate this first, Felix Gröbert will show us how:
Using dynamic binary instrumentation, we record instructions of a program during runtime and create a fine-grained trace. We implement a trace analysis tool, which also provides methods to reconstruct high-level information from a trace, for example control flow graphs or loops, to detect cryptographic algorithms and their parameters.
Trace driven/dynamic analysis has some advantages of static analysis:
- Because the program is analyzed at runtime, it is immediately known which parts of the code are used at which time, so that they might be correlated with runtime decryption of the code or with network communication.
- Inputs and outputs of the primitives as well as the keys are recorded, even if the originate from a remote server or botnet. This allows us to immediately distinguish between long term keys and session keys, if multiple executions of the same program can be recorded.
- This is also highly interesting if private keys are included in an obfuscated binary, for example private RSA keys.
- Dead or unused code is automatically excluded, so that one can proceed with the main parts of the code first.
- If additional code is loaded from a server, it is included in the analysis. This would be hard to impossible using static analysis.
Of course, trace driven analysis has it disadvantages, for example if a malware needs to communicate with a command-and-control server, which has already been taken down or behaves differently on different systems or at different times.
Personally, I am interested in this talk because it might make ease up the analysis of closed source applications using cryptography. Even if the application, the DRM scheme, or the cryptographic primitive has no special weaknesses or bugs, just he recording of every input and output of all cryptographic building blocks in the application might be sufficient to extract a DRM free version of DRM protected digital content. Please also note that even if an application uses only well analyzed cryptographic primitives as AES and RSA, it might still be insecure, if these primitives are used in the wrong way.
See the talk at Day 1, 16:00, Saal 3!
Author: Erik Tews
Bring Your DVB-T receivers
Thursday, December 23rd, 2010Beim 27C3 werden alle Vorträge live und in Farbe im und um das bcc via DVB-T ausgestrahlt. Den Besuchern des 27C3 ist es damit möglich, Vorträge auch von außerhalb zu folgen und damit die überfüllten Vortragssäle zu vermeiden.
Zum Empfang eignet sich jeder PC oder Laptop mit DVB-T-Stick, Fernseher mit DVB-T-Tuner, Handy mit DVB-T-Funktion, etc. Im Wiki werden wir evtl. notwendige Konfigurationsdateien hinterlegen und eine Liste mit gut und weniger gut funktionierenden Empfängern pflegen.
Die Bundesnetzagentur hat uns Kanal 22 (482MHz) zugeteilt, auf dem wir mit 6 Watt ERP senden werden.
Zuletzt gab es DVB-T beim 24C3, wobei es damals an manchen Stellen im Gebäude zu Empfangsproblemen durch Abschattungen kam. Dem Problem begegnen wir heuer mit deutlich gesteigerter Sendeleistung und geschickterer Platzierung der Sende-Antenne sowie einem neuen, verbesserten Modulator.
Details gibts im Wiki unter http://events.ccc.de/congress/2010/wiki/DVB-T
—-
At 27C3 all lectures will be broadcast via DVB-T and reception will be possible in and around the bcc. Visitors can watch via TV if they want avoid overcrowded lecture rooms.
To receive the signal any PC with DVB-T-USB-Stick, TV set with DVB-T tuner or cellphone with DVB-T-function will work. We will publish all needed configuration files and a list of working and non-working receivers in the wiki.
The Bundesnetzagentur (German regulation body) has allocated channel 22 (482MHz) for us, where we will transmit with 6 watts ERP.
The last time DVB-T was available on Chaos Congress was at 24C3 where in some areas the signal was to much attenuated to be received properly. This year we come up against this with more transmission power, better
placement of the transmitter antenna and a new, better modulator.
Details are available at http://events.ccc.de/congress/2010/wiki/DVB-T
24 Hour Hardware Hacking Returns to 27c3
Thursday, December 16th, 2010
Hackers of all ages can (learn how to) make things at the Hardware Hacking Area of the 27c3!
The HHA is open to everyone and open the entire congress! Hackers of all ages and skill levels are welcome! Round-the-clock hands on workshops will be led by lots of experienced teachers like Mitch Altman, Jimmie P. Rodgers, fbz, Wim Vandeputte and…you!
Learn to solder, then help teach others! Make cool things with electronics, design and print 3D models on the Makerbot, break RFID, or give your own workshop on the projects you’ve been hacking on this year. Last year there was a Cantenna workshop, a Mikrocopter workshop, and a GSM workshop among many others.
Lots of kits for you to make will be available including Brain Machines, TV-B-Gones, Trippy RGB Waves, Mignonette Games, LEDcubes, LOL shields, Atari Punk Consoles…and there’s always room for yours!
To accommodate all this hardware hacking goodness, the HHA will be twice the size it was during the 26c3, but still conveniently located near the Hackcenter.
Even if you don’t have a ticket to Congress, you can stop by the HHA with a Night Pass good from Midnight to 6 AM. Night passes are only €5 and will be sold shortly before midnight each day of the 27c3.
Lightning Talks at the 27c3
Monday, December 13th, 2010
Want four minutes on stage at the 27c3? You can have it! Registration is now open for the Lightning Talk sessions at the 27c3.
Taking place at 12:45 in Saal 3 on Days 2, 3 and 4, these fast paced sessions are perfect for pitching new software or hardware projects, exploits, creative pranks or strange ideas you need to share with the world.
Lightning talks are also good for getting publicity for your workshop at the 27c3, or for recruiting people to join in on things like a high calorie flash mob.
In order to maximize the available time, registrations will be granted to presenters who submit their graphics (i.e. slides, background picture, contact info, etc.) in advance. Exceptions will be made very selectively on a case-by-case basis. Register soon, as we anticipate the available slots will go quickly. (Proposals started coming in a few minutes after we put up a draft of the wiki page!)
Read the Lightning Talks article on the 27c3 wiki for more information!
Photo Courtesy Matt Biddulph via flickr.
Content Meetings are over: Fahrplan released
Wednesday, November 10th, 2010-
- One card for each talk that was accepted for 27C3
-
- The Content Team is shuffling cards on the floor to plan 27C3
-
- Finished schedule for 27C3
For the English version, see below.
Vergangenen Sonntag ging das zweite und letzte Content-Meeting für den 27C3 zu Ende. Wir haben uns alle eingereichten 223 Submissions angesehen und 98 der besten Einreichungen für Euch ausgewählt. Vielen Dank für die zahlreichen interessanten Einreichungen, die allen Beteiligten die ehrenamtliche Arbeit versüßt haben!
Nachdem wir zuletzt noch hochmoderne Zettelchen auf dem Boden herumgeschoben haben, können wir ihn endlich präsentieren: den Fahrplan Version 0.1. Bitte beachtet: Das ist Version 0.1. Die Lücken werden nach und nach mit weiterem coolen Stuff gefüllt, sobald die Referenten confirmed sind. Änderungen wie immer vorbehalten, alle Angaben ohne Gewähr.
Dieses Jahr wird es auch Vorträge geben, die 30 Minuten lang sind. Damit wollen wir spannenden Themen einen angemessenen Rahmen geben, die zu komplex für einen Lightning Talk sind, aber keine Stunde füllen würden. Durch das Mehr an Vorträgen wird das Programm vielfältiger und die Aufmerksamkeitsspanne in den frühen Stunden des Congress-Tages nicht überstrapaziert.
Um Euch einen kleinen Ein- und Überblick zu geben, werden einige der angenommenen Vorträge demnächst hier vorgestellt. Stay tuned. :-)
SIGINT10 recordings available
Wednesday, July 28th, 2010Some of you might have already noticed that the biggest part of this year’s SIGINT recordings were published on ftp.ccc.de. These videos are also available for online viewing in your web browser in our media archive. (more…)
Chaos BBQ Weekend 2010 – Call for Papers
Thursday, April 15th, 2010Seid gegrüßt, liebe Geeks!
Wie ihr vielleicht schon aus den üblichen Quellen erfahren habt, wird der Chaostreff Dortmund auch in diesem Jahr wieder mit einem Chaos BBQ Weekend an den Start gehen. Unter dem Motto “construct, deconstruct!” wird es vom 16. bis 18. Juli neben dem obligatorischen Grillen wieder Vorträge, Lightning Talks und Workshops rund um den Stoff, aus dem die (Nerd-)Träume sind, geben.
Um ein möglichst buntes Angebot an interessanten Themen anbieten zu können, möchten wir Euch hiermit einladen, Euch mit Euren Themen am Call for Papers zu beteiligen.
Gewünscht sind Vorträge und Workshops rund um die Themen:
* Blackboxes, reverse engineering,
* Neue Technologien, Wissenschaft und Technik,
* Programmierworkshops,
* Elektro/Elektronik/Microcontroller Bastelfoo,
* Geek- und Nerdkultur.
Eure Vorschläge oder Beiträge sollten bei uns spätestens bis zum 1. Juli 2010 eingegangen sein, damit sie noch berücksichtigt werden können. Lightning Talks (kleine Vorträge von 15 bis 20 Minuten Länge) können auch noch während des Events spontan eingeschoben werden.
Um eine unproblematische Weiterverarbeitung gewährleisten zu können, sollten Eure Beiträge eine bestimmte Form einhalten.
Der Beitrag sollte:
* einen Projekttitel und aktuelle Kontaktdaten (nick, (Tel?), E-Mail) enthalten,
* ein bis zwei Seiten umfassen und in Deutsch oder Englisch verfasst sein,
* die ungefähre Dauer des Beitrags oder Workshops in Mikrosekunden beinhalten,
* eine kurze Zusammenfassung am Anfang enthalten,
* wenn nötig nähere Informationen in Form von Fotos/Tabellen/whatever mitbringen.
Eventuelle Terminwünsche können angegeben werden, aber es gibt keine Garantie, daß wir sie berücksichtigen können.
Bitte sendet Eure aussagekräftigen Beiträge rechtzeitig an bbq2010@chaostreff-dortmund.de
Unsere Hauptseite findet ihr unter http://bbq.ctdo.de
die BBQ Orga
Dear Speakers & Lightning-talkers,
Saturday, December 13th, 2008it’s time to glam up your lecture-descriptions!
Starting this year, every lecture’s long description will be printed in the Congress’ Proceedings. This was decided in the very last days.
So please try to enhance the abstract and description of your lecture in the particular Pentabarf-Record until:
Tomorrow, Sunday, 17:23:42 UTC
(9am PST; 12pm EST; 20pm MSK // 1am CNST; 3am AEST)
The long-description may even be one or two pages long, especially if you don’t submit a paper. Even your short-bio and, if given, a public photo will be printed.
If you are about to make a lightning-talk about your project, please fulfill the description and contact information on your talk in the wiki-page.