Category: 25C3 (page 1 of 6)

Das 14. Türchen der #35C3 Memory Lane: Vom Mythos der biometrischen Hochsicherheit

35c3-calendar 14

Das vierzehnte Türchen.

Der Chaos Communication Congress widmet sich mit Vorliebe den Chancen und Risiken des Hackens biometrischer Systeme. Schon vor zehn Jahren ging es um Gesichtsbilder und Fingerabdrücke in Pässen und Ausweisen. Diese ganze Reihe an Biometrie-Vorträgen hat ihren eigenen Charme und außerdem einen wiederkehrenden Protagonisten, gefürchtet bei Herstellern, beliebt beim Publikum: starbug.

35c3-calendar 14, starbug

starbug beim #31C3.

Ihm fielen beispielsweise schon Ursula von der Leyens Fingerabdrücke zum Opfer. Und auch die Iris-Scanner eines bekannten Mobiltelefonanbieters mussten schon dran glauben:

Wir können uns ausweislich des Fahrplans dieses Jahres auf eine Fortsetzung der Reihe über den Mythos der biometrischen Hochsicherheit freuen: Venenerkennung hacken. Und die Ankündigung klingt verlockend:

Die Venenerkennung ist eine der letzten Bastionen biometrischer Systeme, die sich bisher der Eroberung durch Hacker widersetzt hat. […] In diesem Talk machen wir die Verteidigungsanlagen dem Erdboden gleich.

Es ist natürlich völliger Zufall, dass in der gerade bezogenen BND-Zentrale in der Chausseestraße in Berlin-Mitte Venenerkennungssysteme zum Einsatz kommen.

Um beim Warten auf den 35C3 die Erinnerung an vorangegangene Jahre ein wenig aufzufrischen, empfiehlt sich folgender Vortrag von starbug:

Streaming & Recording the Conference

Time (2008-12-29) & Number of Streamers

Time (2008-12-29) & Number of Streamers

More than 3500 hackers enjoyed this year’s hacker jeopardy through our network of streaming servers. During the course of 25C3 our friends at FeM ran an array of 6 wmv streaming servers supplemented by 3 ogg theora relays provided by the Chaos family in Ulm and elsewhere. Over 1500 people watched the theora streems, which is almost as many as the wmv streams.

Additionally, we had a number of experimental streams in various other formats.

Streaming and recording the whole conference was only possible thanks to our helpers and angels who ran the live streams and edited the recordings in almost no time. So, if you missed the live events, check out the recordings.

We need your feedback

As usual, we ask you to give your opinion on the lectures held at 25C3. Just go to the “Fahrplan”, click on the lectures you attended (or watched on video), click the feedback button, and tell us your impression. It is interesting and possibly helpful for the speakers to know your (anonymous) thoughts about their talks, and it is very important for the organizers to know what you liked and what you didn’t, when planning the next event. So, please, take your time to evaluate this year’s program.

Moreover, general feedback on all aspects of the event is welcome. Feel free to contribute to the feedback page in the wiki or to the Photo Documentation, and if there is something you want to tell everybody, blog about it and publish a link in the wiki, or just write it here.

Day 4 Schedule Updates

Sadly, we’re on the last day of the 25C3. The good news is that your printed schedule is accurate with one very notable exception. All we have for you today is the addition of two really great talks in Saal 2:

  • 14:00: Vertex Hacking: Reverse Engineering von 3D-Dateiformaten: “Es geht um die Methoden beim Umgang mit unbekannten Dateiformaten, speziell im Bereich der 3D-Modelle. Vorgestellt werden sollen die Werkzeuge, die Vorgehensweise, ein paar mögliche Fallstricke, interessante Implementierungsdetails und schlussendlich auch das Ergebnis in Form der Bibliothek libg3d.”
  • 15:15: Mining social contacts with active RFID: “We describe the implementation of a distributed proximity detection firmware for the OpenBeacon RFID platform. We report on experiments performed during conference gatherings, where the new feature of proximity detection was used to mine and expose patterns of social contact. We discuss some properties of the networks of social contact, and show how these networks can be analyzed, visualized, and used to infer the underlying social structure.”

In addition, Security Nightmares 2009 will be translated into English and simulcast in Saal 3.

The cat is out of the bag …

The title of the talk “Making the theoretical possible” has been changed to “MD5 considered harmful today: Creating a rogue CA certificate”. The speakers will be Alexander Sotirov, Marc Stevens and Jacob Appelbaum.

Dag Arne Osvik, David Molnar, Arjen Lenstra and Benne de Weger will also be in the audience.

From left to right: Benne de Weger, Arjen Lenstra, Marc Stevens, Jacob Appelbaum, David Molnar, Alexander Sotirov. Photo: Alexander Klink (CC-BY)

Formica Swarm Robot Kits

Fornicating Formica robots

Fornicating Formica robots

I gave the talk on the Formica project; thanks to all who watched. We had not realised the demand for kits. We started a mailing list at the end, but too late! So if you’re interested, please email me. If demand is sufficiently high we’ll sort something out. More information is available at:

Space aliens from the future spotted at 25C3!

Power to the People Fundraiser at the c-base tonight!

The Raumstation needs your help! Tonight, is bringing together hackerspaces, lockpickers, makers, crafters and other hacker groups from around the world to help the c-base. Please join us for an evening of foodhacking, fundraising and friendship to help secure the continued exploration of the space station under Berlin! Relax with food, chill music and have a quiet night before Silvester!

Here is the lineup of events going on tonight at the c-base:

  • 18:00: Aktivismus im digitalen Zeitalter: Markus Beckedahl (de): Markus zeigt auf, wie Politik und politische Kamapagnen im Internetzeitalter jenseits zentraler Steuerung als Mitmachprojekte im Open-Source-Stil bereits funktionieren und in Zukumft funktionieren können. (Note: This event is in German)
  • 19:00: Semantic Food Engine: Join the hacker chefs from as they go through the night’s gastronomy food technology, and enjoy a fresh dinner prepared by fellow congress attendees.
  • 20:30: Das Snafu-Prinzip: Daniel Kulla (de): Eine Einführung in das Sanfu-Prinzip und wie es sich auswirkt und was dagegen hilft, gerade für sehr flache und informelle Informationshierachien wie den CCC. (Note: This event is in German)
  • 22:00: The Power to the People Auction: This is your chance to directly support the c-base and walk away with really cool stuff! Come find out what SSD eV, NYCResistor, HacDC, Noisebridge, OpenAMD, Metalab, RepRap and many others have donated really cool things to help raise money for the c-base. Nick Farr and Astera from will be continuing a grand North American hacker conference tradition of fundraising and storytelling through hacker memorabilia. You might even walk away with a certain hacker’s suit, leaving him with nothing but jeans and a t-shirt to wear. ;)

More awesome photos from Day 2!

Thanks to tef, netwalkerz_net, kap4001, and Security4all. Don’t forget to tag your photos “25C3” and if possible, license your photos with a Creative Commons license. If there’s a particular picture you would like to see, leave a comment in this post!

Older posts

© 2019 CCC Event Blog

Theme by Anders NorenUp ↑