Personal tools

Lightning Talks

Lightning Talks are 4-minute talks by *you*.
Your talk can be about a program, a system, a technique, some hardware - or about a cool project, or some strange idea. You may also give us an idea about your real talk, announce your workshop or tell us about your booth. Or you could simply ask people to join you for some DOS attack of the next food store, announcing a key signing party, or maybe a *real* party. Whatever it is... be brief. Four minutes is all you get, possibly five if the audience likes you!
New This Year: Pecha Kucha Round! : 20 slides, 20 seconds each: Get an extra two minutes by structuring your presentation as a Pecha Kucha presentation. This round will happen on Day 3
DO NOT REGISTER FOR A LIGHTNING TALK IF YOU DO NOT HAVE A TICKET. Lightning talks do not entitle any kind of entry.



Submit your proposal in an e-mail to
Please include ALL of the following information (or your talk may be rejected):
Language: DE (Deutsch,German)/EN (English)/Other
Title: What is your presentation called? (12 Words or Less)
Slides: Please submit slides or a background graphic with your contact information in PDF or PNG format
Keywords: (Optional, but helpful.)
Abstract: What are you talking about or presenting? (300 Words or Less)
Links/Other: Anything else you would like people to see
Time: What day/time would you like to present?
Language: English
Title: How to Present a Lightning Talk
Keywords: Lightning Talks, Presentation, Speaking, 27c3
Slides: How To Give a Lightning Talk
Abstract: This talk will cover the very basics of giving a lightning talk
Time: Anytime on Day 2, 3 or 4
Send an email to or find Nick Farr at the congress.

Tips for a good Lightning Talk

Contact (DECT, email, fon)
Links (project homepage)
Place of contact (booth, room, party)


All lightning talks are now available as singe videos per talk on youtube. Playlist with all lightning talks of 28c3

Please rate and comment there!

Day 2: 12:45 - 15:00

Playlist Day 2

Language Title Keywords Abstract Links/Contact/Other
12:45 0:02:03 EN Hardware Hacking Village Hardware Hacking, Soldering is Easy A quick intro to the Hardware Hacking Village by Mitch Altman and Jimmie P. Rodgers,,, www.
12:50 0:07:45 EN General introduction and status update on the development of the FreedomBox plug server, hostile regimes, privacy This presentation is a general introduction and a status update on the development of the FreedomBox project supported by the FreedomBox Foundation founded by Eben Moglen. The FreedomBox is a personal server running a free software operating system and free applications, designed to preserve personal privacy by providing a secure platform upon which federated social networks can be constructed. The software for FreedomBox is being assembled by volunteer programmers around the world who believe in Free Software and a Free Society. FreedomBox
12:55 0:13:19 EN How to enter a Linux-PC with a manipulated USB-Device Hardware Hacking, Microcontroller, Software-USB-Stack, Linux Kernel Security, Kernel Modules This talk will be about a programming mistake in a Kernelmodule which enables an attacker to denial of service a running and locked linux box with via USB-Port or execute Code in Kernelspace engelsberger aht
13:00 0:17:02 EN GNUnet for Network Neutrality Network Neutrality, p2p, Gnunet This talk will give a short introduction in the current developments in the GNUnet peer-to-peer framework to enhance network neutrality and reduce the possibilities of censorship.
13:05 Presentation No-Show
13:10 0:22:36 EN Visit to Brazil Hacker Culture Hackerspaces, Brazil, Cultura Digital I was in Brazil earlier this month to visit the hacker scene. It was only a short trip, but I wanna give you the impression I got in Rio de Janeiro and Sao Paulo.
13:15 0:27:50 EN CONFINE - a bold next step for wireless community mesh networks mesh, OLSR, freifunk, funkfeuer What do Athens Metropolitan Wireless Networks (, (Barcelona) and have in common? They are wireless community networks and they are part of the CONFINE project. The CONFINE project aims at building a wireless mesh testbed similar to planet lab ( It enables mesh researchers to experiment in a safe environment and work on the next generation wireless mesh networks. We want your input! FunkFeuer, CONFINE project (SLIDES NEEDED)
13:20 0:32:52 EN Inferring communication protocols with your Netzob reverse-engineering, inference, protocol, fuzzing Netzob is an open source tool which supports the expert in its operations of reverse engineering, evaluation and simulation of communication protocols. Its main goals are to help security evaluators to (1) assess the robustness of proprietary or unknown protocols implementation, (2) simulate realistic communications to test third-party products (IDS, firewalls, etc.), and (3) create an open source implementation of a proprietary or unknown protocol. Netzob handles different types of protocols : text protocols (like HTTP and IRC), fixed fields protocols (like IP and TCP) and variable fields protocols (like ASN.1 based formats) and provides modules dedicated to capture data in multiple contexts, including network, structured file, process and kernel data acquisition."
13:30 Presentation Postponed
13:35 0:38:47 EN OPSEC Top 10 ultramegaman A quick and (hopefully) funny list of good operational security practices that everyone should be doing. What to do, why you should be doing it, and the best way to do it. @ultramegaman
13:40 0:45:07 DE What to do about warrantless state-run wiretapping by trojan malware state-run trojan malware, surveillance, warrantless wiretapping, electronic eavesdropping, constitution, privacy Digital privacy can only be achieved by comprehensive protection of privacy in general. In this talk I will use the example of state-run wiretapping to point out that the legal steps to control electronic eavesdropping are not effective to control our privacy. Based on that I will present a political application to change our constitution that offers comprehensive protection of our privacy. 28c3 wikipage about this talk
13:45 0:50:22 DE Piraten im AGH von Berlin Pirates, Politics, OpenData, Open Source A short story about the Pirate Party Berlin entering the parliament of Berlin and what we want to do with our data Piraten Fraktion Berlin (SLIDES NEEDED)
13:50 0:58:05 EN Forget about Faceboogle! Join the Social Swarm! Facebook, Google+, Diaspora, Social Networks, Social Swarm Current social web platforms display a strong tendency towards centralization. Behind each of these platforms is a single company acting as a central authority. As we use the platform, we feed the central authority with our data – and what the company then does with our information is beyond our control. There are many projects trying to solve these issues. We need to come up with sensible requirements in order to find a solution that we can advance together. Social Swarm is an open think tank initiated by the German privacy and digital rights NGO FoeBuD. We want to put our social networks back in control of their own data. We want You to be able to choose which people see your data. We want to be independent from centralized infrastructures. We want a Social Swarm. Social Swarm @social_swarm
13:55 1:03:20 EN Tinkerforge Bricks - Open Source hardware building blocks open source, hardware, bricks, tinkerforge This talk is about a hardware project that aims to bring the spirit of phidgets and similar projects to the open source/open hardware community: tinker with hardware components by programming in your favorite language and without soldering. Another goal of this talk is to find new software and hardware developers. alex-28c3 aht alexanderweb dawt de
14:10 1:09:15 EN Code Hero: Primer Zero. A game that teaches you to make games and hack the meta stack unity3d, the primer, cyberwarfare, education, games, mono, virtual machines Live Demo on Code Hero Codehero
14:15 1:15:30 EN FAT Latest Hits hacking, art, creativity, copyleft, public domain, protest, decentralized Presentation of 10 latest projects of FAT, including Occupy the Internet FAT Labs
14:20 1:22:12 EN Hacking a Train's Intercom Bahn, insecure I tell about the little hack I did with the train intercom, and how badly this stuff is secured. Demo Video
14:25 1:26:00 EN Queer Geeks Panel queer, geeks Intro to the queer geeks panel mitch awt cornfieldelectronics dawt com
14:XX 1:32:00 EN Loveletter Nick Far
14:30 EN Odin MS – A Private Server odinms, private server, mmo Talk about making a mmorpg server compatible with a publically available korean mmo and problems with that serpendiem at
14:35 1:38:00 EN LaTeX Beamer + JavaScript = office like presentations LateX Beamer, Presentations This talk will present a modification to the notepage of LaTeX beamer, which uses JavaScript to display the remaining time and other cool stuff Beamernote homepage
14:50 Presentation Postponed
14:55 1:45:00 EN Securing the Servers: Privacy Policy for Providers Security, Privacy, Policy The PCP is a policy for communication service providers who seek to respect the privacy of their userbase. It includes a set of modules that cover various aspects of the server configuration and three levels in each module which provide more and more privacy.

Day 3 - Pecha Kucha Round: 12:45 - 15:00

Playlist Day 3

Language Title Keywords Abstract Links/Slides
12:45 0:00:15 EN Dead Drops USB, offline, filesharing, network, ‘Dead Drops’ is an anonymous, offline, peer to peer file-sharing network in public space. USB flash drives are embedded into walls, buildings and curbs accessable to anybody in public space. Everyone is invited to drop or find files on a dead drop. Plug your laptop to a wall, house or pole to share your favorite files and data. Each dead drop is installed empty except a readme.txt file explaining the project. ‘Dead Drops’ is open to participation. If you want to install a dead drop in your city/neighborhood follow the ‘how to’ instructions and submit the location and pictures.
12:53 0:08:12 EN -- Call for Participation mindhacking, psychology, mind, vulnerabilities is a project intended to expose the vulnerabilities of the human mind. Although our minds are not at all like computers, they can certainly be hacked. Modern psychology provides us with many methods that can serve as a basis for actual hacks. The goal of is to develop those hacks and make them open to the public. By exposing these hacks, we hope to inoculate people against them. We want to call for participation tomorrow to develop the website and its contents.
EN Top-Level Domains: Give me localhost. And I mean NOW top-level domains, human-computer interaction Top-level domains are going to change what people perceive as a docmain name. What's worse, developers are, in this sense, were just like regular users: until now, they could have assumed many things regarding domain names. This will change. However, software has already been developed and deployed with these assumptions. In this talk I will give examples how this could go very wrong. ICANN TLDs TLD @ Wikipedia soos at srlabs dot de
13:09 0:17:01 EN Low Cost Distributed Radio Direction Finding for the Masses Radio Direction Finding, Sound card based RDF, Digital Signal Processing Discussion of building a distributed radio direction finding network using simple hardware and a sound card. Uses include: emergency aid/rescue, locating jammers and interference, wildlife tracking, radio sport (locating transmitters for fun), tracking satellites, locating and tracking the trackers (i.e. cops/police/etc.), locating stolen devices, etc... Slides


zunkworks at gmail dot com

13:17 0:24:38 EN Brain Hacks: Retrofitting the Sixth Sense brain hack, science, DIY A brain hack is identifying a neuronal mechanism that was evolutionary (probably) developed to do one thing, and then exploiting or hijacking this mechanism to do another. If you google for "brain hacks" however you will find loads of "brain improvement tips", yet no satisfactory explanation how and why these so-called hacks shall work. In this talk, I will present one exemplary model mechanism, how we hacked it, and the surprising results we found.
13:25 0:34:20 EN - using Apple's locationgate for research crowdsourcing, apple, locationgate, iphone, gps, consolidated.db At we collected 1.500 iPhone location datasets (consolidated.db). We analyzed and visualized them and want to present some of our findings Michael Kreil Twitter
13:33 0:42:07 EN Art Hacks Everywhere art, hacks, hackathons, startups Hackathons have become a staple in New York's technology community. Art Hack Day NYC will be the first hackathon which begins in a mad rush of creativity and ends with a public gallery opening. It will bring together artists and technologists together to Do Epic Shit and will be totally rad. You should start an Art Hack Day in your city too. @huertanix
EN Grep for there is much to find in python! grep, python, security, bugs, fun "Python is a programming language that lets you work more quickly and integrate your systems more effectively". The python language itself is a fairly "safe". As an example, ignoring specific implementations of python, python does not "include" memory corruption bugs. While it maybe not be "hipster" cool any longer, it is still a really popular language. In this lightening talk I will demonstrate how trivial python bug finding can be today in many fairly "mature" open source projects with the help of a small 'grep' script. The bugs I will be reviewing were all found and or could easily be found with my grep script. Slides
14:05 1:11:05 EN Ultimate File Sharing Network file sharing, torrent Let's make file sharing productive (SLIDES TO BE POSTED LATER)
EN 0day press release PR, Communications, Media, Press release, leaking A brief outline of the process of planning and releasing a story to the media, highlighting several important aspects such as timing, choice of media and journalist, story prep and general tips on what to do and avoid in order to get printed.
14:21 1:20:00 EN BrokenLifts 28c3, Elevators, S-Bahn, BVG, Berlin, Public Services, Out Of Service Public transport operators in Europe must ensure that mobility impaired people can use their service. That's why more and more lifts are installed at train and subway stations. Broken lifts severly restrict the freedom of those people. Being stuck at a train platform not only makes a journey much longer, it is also disrespectful to the individual. Repository, Slides, @brokenlifts
(new) 1:28:05 EN WikipediaPlus
14:37 1:44:51 EN Open sourcing the engineering design process Hardware Design, Process, Workflow A brief run-through of the electrical hardware engineering process and why you should document more than just your final design. twitter: @kainzowa
14:45 1:35:10 EN One Key for a Gigabyte EURO tempelhof, keys How to buy an airport and party 365 days in tempelmaschine
13:25 2:00:34 EN Harvesting Boarding Passes intelligence gathering, data harvesting, privacy It’s clear that personal and sensitive data should be protected by all means. However it’s trully sad to see that people deliberately or unconsciously reveal very sensitive details about them, despite the fact that society is very concerned with “big brother” actions of 3rd-parties in the first place. (SLIDES NEEDED)

Day 4: 12:45 - 15:00

Playlist Day 4

Language Title Keywords Abstract Links/Contact/Other
12:45 (no-vid) EN Statement regarding unacceptable content during Lightning Talks
12:50 0:00:00 EN Introducing CrossBear - Hunting the TLS Men-in-the-middle SSL, X.509, Man-in-the-middle The sorry state of the X.509 PKI for the WWW is well-known, and in the past year several studies have been conducted, including our own work (the SSL Landscape). An interesting question is now how often users actually encounter Man-in-the-middle attacks on their SSL connections. There have been credible, yet often anecdotical reports from several sources. In this talk, we present CrossBeasr, a little tool that attempts not only to detect but also locate a Man-in-the-middle. Its primary purpose is to collect data about the MitM, so we can finally say whether we're dealing with a real problem or jumping at shadows. CrossBear combines independent and distributed certificate checks (like Moxie's Convergence or CMU's Perspectives) with a distributed setup that allows us to trace the Man-in-the-middle. Our tool is intended for the savvy user, especially the travelling hacktivist. The more users the system can attract, the better our data basis is going to be. Note: we cannot cover the privacy issues in this talk, but we're happy to have a chat at 28C3. Twitter: @crossbearteam,
12:55 0:05:45 EN iSniff - SSL man-in-the-middle tool targeting iOS devices CVE-2011-0228, SSL, MITM, iPhone, iOS A python implementation of sslsniff written to transparently intercept SSL traffic on devices running iOS 4.3.4 or older iSniff on GitHub
13:00 0:11:29 EN Easy bitcoin web apps with django-bitcoin bitcoin django web How to create your own bitcoin marketplace, webshop, escrow service or wallet app easily with django-bitcoin library. django-bitcoin webpage


13:05 0:15:58 EN WebFWD: Mozilla's Support Program for Open Source Projects & Participants WebFWD, Mozilla´s Support Network, Coaching, Feedback, Open Source, BigBlueButton, CASH Music, Open Photo, Meemoo, Synbiota, Verese, etc. In this intro Mozillas Support Program WebFWD, network of mentors & partners, the portfolio of supported OSS projects and mozilla´s ressources shall be presented. If your Open Source project is accepted, you may have access to Mozilla´s mentorship from industry experts, access to the Mozilla global network, infrastructure and other world-class resources. WebFWD Webpage (NO SLIDES)
EN Moonmission of Nerds - The Part-Time-Scientists hackers in space, the moon Short discription of Part-Time-Scientists Project and the their Participation at the Googlelunar-Xprize.
13:15 0:22:24 EN Driving High Power LEDs hardware, leds High power LEDs are exceptionally bright and getting cheaper by the day. But you can't just hook them up to a voltage supply. Here's some ways to drive them without burning them up, including the latest technology current source circuits and ICs.
13:20 0:29:12 EN The Free Software Song singing, nerds, RMS The Free Software song by Richard Stallman
13:25 0:33:05 EN Null Bytes Revived Null bytes, Java, Webapps An interesting glitch in how java webservers handle null bytes in headers, that might allow to truncate file extensions in uploaded files.
13:30 0:39:08 EN herbstluftwm herbstluftwm, window manager, tiling window manager, X11 This talk will explain the main features of the manual tiling window manager herbstluftwm. herbstluftwm (NO SLIDES)
13:35 0:45:44 EN Life Hacking: Personal Finance Logging for Fun and Profit money, finances, logging, life hacking, charts For 5 years, I have been logging all my spendings, incomes and transactions down to € 0,50 accuracy. I want to show how collecting this information is totally not tedious, but very much useful and fun. KMyMoney
13:40 0:55:15 EN Etherpad Lite Etherpad, Etherpad Lite Our goal is to make collaborative editing the standard on the web. I talk about real-time collaborative editing on text Etherpad Lite
13:45 1:02:08 EN Hackerfleet - cross sea scripting hackerfleet, ms0x00, split, nothing will happen, croatia, adriatic sea, adria, anrv, naval, robot, drone, boat, autonomous We hack the seven seas. The Hackerfleet develops opensource hardware and software for naval purposes. Our current workbench/prototype is the MS0x00. In August the Event "Cross Sea Scripting" will take place. We will hack and sail over the adriatic sea, sailing to the unconference "Nothing will happen" 2012 in Split.Hack the Seven Seas Hackerfleet
13:50 1:11:23 EN The European Parliament amendment app AT4AM European Parliament, amendment, democracy, law, Amending the definition of ‘pirated goods’ in the DRAFT OPINION of the Committee on Legal Affairs for the Committee on the Internal Market and Consumer Protection on the proposal for a Regulation of the European Parliament and of the Council concerning customs enforcement of intellectual property rights (COM(2011)0285 C7 – 0139/2011 – 2011/0137(COD)) AT4AM Demo
13:55 1:13:32 EN Homa fertilizes the atmosphere Atharvaveda, Homa Therapy, It's a big jump from the Vedas to a simple Instrument with which every one can fertilize the atmosphere. Best agricultural yields and healthy food without any use of chemical. Last choice. Homa
14:10 1:27:49 EN Implementing a massive multiplayer game using wireless remote controls like the r0ket r0ket, awesomeness, massively multiplayer r0ket
14:15 1:34:31 EN Live Demo: Controlling Paddles r0ket, awesomeness, massively multiplayer Learn how to play the game with your r0ket. Bring your r0kets! r0ket
14:20 1:39:50 EN Live Demo: Playing the game r0ket, awesomeness, massively multiplayer, fun Live Demo: Playing the game. Bring your r0kets! r0ket
14:25 1:47:13 EN okr0ket - a r0ket dating app r0ket, dating, technical solutions for social problems okr0ket is a dating app for the r0ket platform. you answer some questions and potential matches will show up on your r0ket. if the match score exceeds the threshold (of love) the red led will blink. r0ketstuff github
14:30 1:52:33 EN ARVER - distributed LUKS management luks automation, disk encryption We present arver - a tool to distribute and decentralize the administration of LUKS disk encryption. It provides per-admin access policy, supports secure key distribution and automates most tasks. ARVER Website

Man Page Explanation

14:35 1:58:17 EN Project "Memopol" Art, Interactive installation, Privacy, ID-card, Passport Memopol is an art project that maps person's personal information sphere. Wishes to work with German ID-card. Memopol
14:40 2:03:49 EN Unhosted – freedom from the web’s monopolies open web, web standard Web applications usually come with storage attached to it, users can not choose where their data is stored. Put plainly: You get their app, they get your data. We want to improve the web infrastructure by separating web application logic from per-user data storage: Users should be able to use web services they love but keep their life stored in one place they control – a »home folder« for the web. At the same time, application developers shouldn’t need to bother about providing data storage. We also believe that freedom on the web is not achieved by freely licensed web applications running on servers you can’t control. That’s why applications should be pure Javascript which runs client-side, all in the browser. It doesn’t matter if free or proprietary – everything can be inspected and verified. Technically speaking, we define a protocol stack called remoteStorage. A combination of WebFinger for discovery, either BrowserID or OAuth for authorization, CORS (Cross-Origin Resource Sharing) for cross-domain AJAX calls and GET, PUT, DELETE for synchronization. We also work on its adoption through patching apps and storage providers. @unhosted on Twitter
14:45 2:09:21 EN Food hacking base food hacking, fermentation, probiotics, hacker community Food hacking base project is focused on development of food and beverage hacking within the hacker scene. The goal is to bring high quality foods and beverages in to the lives of hackers, combining together traditional knowledge, scientific understanding and todays technology. During this talk I'll update you on my activities in the field of food hacking from 27c3 till now and brief you on the planed activities for 2012. Food Hacking Base @28c3
14:50 2:14:32 EN CONFidence Introduction CONFidence, Poland, Hackercon, awesomeness CONFIdence is entering its 10th edition in May of 2012. Come find out why hackers from all over the world come to Poland to network and party with some of the best hackers in the world. CONFidence Website
EN Mental Health Issues for Nerds suicide, mental health, panel discussion A panel discussion on Mental Health Issues in the Hacker Community Discussion to follow

How it Works in Detail

  1. Submit your talk in advance.
    • You must submit your slides or background graphic in advance to guarantee a spot on the schedule.
    • Exceptions will be made only for top secret demos and specialized hardware which MUST have a VGA out ready to go. You must bring your own VGA adapter.
  2. At the Session
    1. Be present in the room 15 minutes before the session starts
    2. Introduce yourself to the moderator and sit in the front row
    3. When called, get on stage
  3. On Stage
    1. Adjust the microphone.
    2. Check your slides or background graphic
    3. Say who you are
    4. Mention the title again.
    5. If you are using slides, say "next slide" when you want to advance your slide (Does not apply to Pecha Kucha, slide advances automatically.)
    6. Speak clearly and loud.
    7. Only say the most interesting stuff.
    8. Say everything else on your webpage.
    9. When you reach four minutes, you may ask the audience for a one minute extension. If they applaud for you, you get it. If not, the countdown begins. (Does not apply to Pecha Kucha)
    10. When you hear the audience start to countdown to "time!" say goodbye and leave the stage quickly.
  4. After your Talk
    1. Be prepared to meet interested people after the session.
    2. Have a flyer, handout and/or business card ready.
    3. Get back to them during the congress.

If you are bringing your own display hardware