Description
Lightning Talks are short lectures (almost) any congress participant may give!
Content
Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick!

The Lightning Talks at the 30c3 were the best yet! We need your help to make them even better next year. Please e-mail 30c3@nickfarr.org to get in touch with the coordinators who put together next year's session.

Schedule

Day 2

HH:MM Title Presenter Lang Abstract Links Slides
01:58 Be a Chaos Mentor Nick Farr EN A quick discussion about the awesome Chaos Mentor program! Chaospatinnen on the Wiki Slides
Hacking With Care Emily EN Hacking (with) care is a versatile, collaborative initiative which purpose is to bring balance, embodiment, body & soul awareness and care to the hackers' communities, living by the shared ethics of goodness for all, joyful creativity, freedom and sharing of knowledge.


Hacking (with) care explores questions relative to hackers' psychological and physical well-being and health, and looks at how a sense of freedom in the technological realms can relate to a sense of freedom in one's life. We seek to encourage vitality and (data)love potentialities to blossom both on and away from keyboards. We also feel we want to return the favor to those who, often behind their computers, care for all of us by engaging everyday in straining battles for freedom.

Hacking with Care, Hacking (with) care, 30c3 LQSN Assembly Slide
Wir werden alle überwacht. Und nun? Mspro DE Der Fall ist eingetreten, mit dem viele von uns gerechnet haben. Wir werden ständig und allumfassend überwacht und es sieht nicht so aus, als könnten uns Crypto oder Politiker davor bewahren.

Diese Tatsache hat auch schwerwiegende Auswirkungen auf den Aktivismus gegen Überwachung. Wie können wir gegen Überwachung kämpfen, wenn eh alle wissen, dass sie überwacht werden? Werden sich die Menschen zum Beispiel trotz NSA noch gegen die Vorratsdatenspeicherung mobilisieren lassen?

Die Überwachungsdebatte tritt in eine neue Phase ein, in der es nicht mehr um das Bit "überwacht/nicht überwacht" gehen kann, sondern wo Überwachung differenziert betrachtet und qualitativ eingeordnet werden muss. Dazu will ich ein paar Vorschläge machen.

mspr0.de Slides
Snake: a privacy-aware online social network providing anonymity of data at rest Aleclm EN An end-to-end encrypted social network that is easy to use and protects your privacy from evil hackers, storage providers and overly curious government agencies. Website Fundraising campaign Full design document Slides
Secure eMail Storage with qpsmtpd + GPG Byterazor EN Because of the current actions against secure eMail providers in the USA (for example Lavabit) eMail security gets more and more important in the world. The current implementations of MTAs, POP3 and IMAP Servers do not provide a secure eMail storage. Adding such a secure storage is not trivial, because the encryption keys have to be stored at the eMail provider, enabling organizations to get hold of this key and decrypt the eMail. To prevent this, an asymmetric encryption standard has to be used. The eMail provider encrypts incoming eMail with the recipients public key and the recipient, after downloading the eMail, decrypts it with his private key. This talk presents a plugin for the QPSMTPD SMTP server, which does exactly this. Every incoming email is encrypted with the recipients PGP public key in the PGP-Mime standard, if this key is locally available and trusted. After encryption the eMail is forwarded by SMTP to the backend Mailserver. This method can easily be adapted to any other queuing plugin for the QPSMTPD daemon. QPSMTPD GPG Plugin Slides
Online Footprint - An experiment in privacy Hiromipaw EN While social media are increasingly opening up new possibilities for users to share and interact with people and content online, it has also become apparent that, as networking systems evolve and online interactions become more frequent and complex, it is always more difficult to retain control over our online footprint.

This work is hence concerned with the modelling the user online footprint as a result of the aggregate activity collected across different services online, calculating the risk that a user can be subjected to a particular attack, hence profiling known attacks, and finally helping the user to maintain a desired online footprint by adopting certain privacy enhancing techniques.

Slides
Web 3.0 - reconquest of freedom on the Internet - a social movement? Klaus Wallenstein DE The protest against the total surveillance on the Internet fizzles been ineffective. Still, data are skimmed off by intelligence agencies and Internet companies masse.

Why it has not yet come to political progress? What should change in the future so that society and politics finally respond appropriately to the problem?

Wagnis Demokratie Slides
Getting more out of Java Stacktraces Snakebyte EN This talk presents a database which allows to use Java stacktraces for web application and framework version fingerprinting TBA Slides
Investor-to-state Dispute Settlement: A Threat To Democracy Ante EN Investor-to-state dispute settlement (ISDS) gives multinationals the right to sue states before special tribunals if changes in law may lead to lower profits than expected. Multinationals can challenge environmental policies, health policies and reform of copyright and patent law. A growing number of civil society groups see ISDS as a threat to democracy. ISDS Project Page Slides
hPDB - the fastest Protein Databank parser is written in Haskell Miga EN hPDB is a parallel Protein Databank parser written in a lazy functional language Haskell. According to current benchmarks it is among the top three parser when used on a single core, and outclasses other parsers when used on quad-core. Is it sign of a new future for both Haskell, and parsing? GitHub, biohaskell.org, BioHacking Assembly Slides
DIY Bookscanner everywhere Benjamin EN I will present the DIY Bookscanner of Dan Reetz, along with the book scanning communities of the world.

We will show how the machine works, why you should build your own, how you can spread knowledge and culture all over the world Come to La Quadrature du Net's tea house for a demonstration, and to scan your own books !

30c3 BookScanner Project, diybookscanner.org (en), bookscanner.fr (fr) Slides
How to organize a (traveling) conference Yana, Krokodilerian EN How to organize a traveling conference in a small country (Bulgaria) on IT/hacking topics, with a very low budget, with the idea to educate the people, to show new things, to give them something to research and advance their own projects. Everything was recorded and streamed in real time. [1], [2], [3], [4], [5] Slides
Holy $417! Watch these ordinary people encrypt their emails. Kinko EN Kinko provides email encryption
...that is easy to use.
...that works with all your devices.
...in your home. Or your office.

Kinko believes: What is in your email concerns only you and the persons you write to. Period. Even in times of NSA and Tempora surveillance programs strong crypto still works - whenever we use it. Let's build the tools to make it a breeze to use -- for everyone!

kinko.me, Kinko Project Page Slides
Take action on digital human rights! Amnesty EN This is (as far as we know) the first time Amnesty International is present at the Chaos Communication Congress. In the past, Amnesty has been a bit hesitant to approach the issue of human rights in the digital world in a consistent manner. We at Digital@Amnesty, an evolving new task force, would like to finally change that and use the opportunity of being here to briefly introduce the concept of our work. At the same time, we want to get in touch with all those of you who feel a need to take action, and call upon other NGO's active in this field to join forces with us. Day 3 Talk, Amnesty International, Amnesty International - Take Action on Digital Human rights Slides
Light Painting with LED Stripes Bigalex EN Light painting with LED stripes is fun! This talk presents a light painting tool based on the LightScythe by The Mechatronics Guy. Some improvements were added to provide easier setup and handling in the field, e.g. a web interface to control settings with mobile devices and on-device image preprocessing. The intention of this talk is to lure some photographers into a light painting session outside the CCH. Self Organized Session, GitHub Page Slides
Bitford, a streaming BitTorrent client for Chrome Astro EN This talk will present Bitford, a BitTorrent client with novel features. Piggybacked on Chrome, it runs on many OS platforms. Because browsers feature A/V playback capabilities, it turns BitTorrent into a true YouTube killer by allowing playback while still downloading. GitHub, Bitford on Chrome Web Store N/A
palava: Encrypted P2P conferences on the web Farao EN palava is a complete free & open source software stack for video and audio conferences with an instance running on

palava.tv - for everybody to use and hack on!

palava.tv, Blog github Slides
ScreenInvader. Social TV. Kallaballa EN Ever wished you could play media content from your laptop or smart phone on a TV set, screen or projector in just an instant? This is what ScreenInvader helps you do: browse the web, watch videos or flip through images together with your friends on a big screen with just a few simple clicks. Github, Main Site Slides
KittenGroomer: The agnostic USB sanitizer Rafiot EN This project aims to be used by someone receiving a USB key from an untrusted source and who want to see the content you do not know what is on it without opening the original and potentially malicious files. KittenGroomer, GitHub, Project Page Slides
A/I kaos translation! it.de Hlg EN The italian tech collective and media activism group A/I has written down its history in a book. We are about to translate the book straight into german language. The talk presents the translation project and woos further contributors. Main Site Slides
Why is anything the way it is? Srinivas EN Before we change how our societies work, shouldn't we first understand how they actually work? Those who benefit from the structure of the present system seek to limit public comprehension of the social system. Let's use the tools we used to understand physical systems to understand, and then to change how our social systems work. srinivas.gs Slides
GNU Naming System Key Exchange Party @ 30C3 Docmalloc EN GNS, the GNU Naming System, is a decentralized, censorship resistant and secure naming system. Every user manages his own namespace and can access other users name using a delegation system. In the context of the "Youbroketheinternet" workshop and the panel discussion about secure naming systems we provide the possibility to directly get to know GNS. We organize a GNS key exchange party at 30C3 where users can get business cards containing their GNS information and exchange with other GNS users. GNS project page, You broke the internet! Slides

Day 3

HH:MM Title Presenter Lang Abstract Links Slides
HOPE X in NYC mlc EN Why you should come to HOPE X in New York City July 18-20 Website Slides
uProxy Keroserene EN uProxy is an experiment allowing users to easily and securely proxy through or for their friends. Available as a browser extension and eventually on mobile devices, uProxy seeks to improve the current state of proxies via trust, scalability, and most importantly, usability. The project was seeded by Google Ideas and currently in development. It will be open source.


Let's chat about the most relevant aspects of what uProxy does and does not do, and more.

uproxy.org Slides
cctvmap - mapping the surveillance Dp EN Let's build a wiki map for people to collect with an android app the surveillance in your neighborhood Alpha map version, cctvmap.org, coming soon, Cctvmap Slides
rpi smartMetering - how raspberry pis and nerds will save the world Docjoe EN I bought an raspberry pi at 29c3 and built my own smart meter. I learned that my house consumes too much energy when doing nothing. And I learned, that now everybody can check how many slices I toast in the morning (reality). All of this inspired me to cook up my own homegrown micro-powerplant (just an idea yet). Then I started thinking about a simple need driven decentralized electric prower grid. Then I thought about a new world currency coupled to energy rather than gold and now I'd like to talk about it before someone silences me... Ahoj Senn Slides
r0ket-based wireless keyboard sniffing Sec EN Playing around with the nrf24l01p, the rf chip of the r0ket which is also used by the MS wireless keyboard. r0ket.de, r0ket GitHub Slides
How can regulators and hackers cooperate to strengthen Internet privacy? Achim EN Data protection authorities, other regulators and legislators invest considerably in defining and interpreting legal rules for the protection of individuals’ fundamental rights of personal data protection and privacy. At the same time, developers of internet tools and applications unaware of the risks to privacy and data. If these two trends continue to diverge, there is an increased risk that the actual privacy of individuals will become substantially less protected. This talk is meant as an invitation to developers to discuss how this separation can be overcome. European Data Protection Supervisor Homepage Slides
Hacker Culture Noise Cancellation Stitch EN Dare to look at yourself differently, this can be fun, confronting and educational. Slides
Firebird/interbase database engine hacks or RTFM Gifts EN Couple techniques to exploit remote command execution in Firebird with exposed port Slides
So I discovered that my HP laptop…broadcasts Shinji EN We took a look at some HP Elitebooks Slides
Einigkeit für Recht und Freiheit - Für eine gemeinsame Bewegung gegen Überwachung Ramses DE Seit Edward Snowden seine Enthüllungen begonnen hat, gibt es auch in Deutschland eine breite Front von Organisationen, Initiativen und Einzelpersonen, die sich gegen die zunehmende Überwachung wenden. Dieser breite Protest ist jedoch sehr zersplittert. Es gibt viele Einzelinitiativen, die zu großen Teilen nicht zusammenarbeiten. Vielmehr gibt es sogar erhebliche Differenzen zwischen den Gruppierungen, obwohl die Ziele oft nahezu deckungsgleich sind. Aktionen der anderen werden kritisiert, man streitet über unwesentliche Details. In diesem Lightning Talk Rant möchte ich aufzeigen, dass das anders werden muss und die verschiedenen Initiativen und Organisationen vereint auftreten müssen, wenn wir das erreichen wollen, worum es uns letztlich allen geht: Recht und Freiheit. Einigkeit fuer Recht und Freiheit!, StopWatchingUs Heidelberg Slides
Open Source Redaktion Pingunine DE Anforderungen an ein modernes Open Source Redaktionssystem Slides
3D printer & Art: More Than Just a Tool Obelix EN Some ideas and examples on how to make art with a 3D printer/scanner where the printer/scanner is more than a simple tool for creating objects. Because of the unique possibilities and characteristics the 3d printer becomes itself part of the artwork it is creating. Example project: Exhibition in Moscow Slides
Fenrir: Transport, Encryption & Authentication Luker EN Fenrir is a UDP-based transport protocol which combines ideas from SCTP, QUIC and other protocols, adds encryption (not based on SSL), uses DNSSEC for trust and pubkey management, implements federated authentication and much more. fenrirproject.org Slides
Unboxing the Fairphone Henk EN We will unbox one of the first fairphones, a seriously cool smartphone that puts social values first, based on open design principles/fairtech. fairphone.com Slides
Maximizing the speed of time based SQL injection data retrival Arnim EN This talk features several new ideas on how to speed up data retrieval using time based blind SQL injection (SQLi). It's important to realize the difference between boolean based SQLi and time base SQLi. and why the later has more in common with “What's My Line?” aka “Heiteres Beruferaten” than binary search. Just applying this knowledge to sqlmap resulted in a speed increase of 20% with a patch of 10 lines of code. Password hashes can be retrieved even faster by narrowing down to hex-digits. (Some presented ideas will go into sqlmap.org) Slides
pribook.com: The most easiest way to encrypted communication Finn EN Most people fail to establish secure communications. Therefore pribook.com is an approach to gain asymmetric encryption from user to user, without the need for installing a program or store keys. It is a social network service with build-in RSA encryption which is executed in the web browser. In this lightning talk I will give a brief summit to gain attraction for our self-organized-session. We are looking forward to find some people who want to join us, to start this idea as a non-profit open-source project. pribook.com, Self Organized Assembly Slides
DetecTor.IO Kaie EN DetecTor is an open source project to implement client side SSL/TLS MITM detection, compromised CA detection and server impersonation detection, by making use of the Tor network. detector.io Slides
"Yeah, it looks nice... but why are you doing this?" or "Why Demo Coding?" SvOlli EN Showing a friend of mine a demo I was working on, I got the question: "Yeah, it looks nice... but why are you doing this?". I'll try to find at least three different answers in five minutes. Atari 2600 VCS Hacking Slides
PHDays Labyrinth: The Hacker Disneyland Yuri Goltsev EN The Labyrinth at Positive Hack Days is a real life hacking attraction. During only one hour the participants of the competition are to get over the laser field and motion detectors, pick some locks, clear the room of bugs, defeat artificial intelligence, and disarm the bomb. To get through the Labyrinth, you will need some skills in dumpster diving, lock picking, application vulnerabilities detection, social engineering, and of course, there is no way without mother wit and physical fitness. PHDays III on YouTube Available afterwards
Associated Whistle-Blowing Press: First release of files Hieroph4nt EN AWP's first release of sensitive materials providing evidence of corruption and malpractice. Associated Whistle-Blowing Press Available afterwards

Day 4

HH:MM Title Presenter Lang Abstract Links Slides
DHCXSSP Momorientes EN I'll show you how to break webinterfaces of multiple (enterprise) access points using dhcp as my only tool. Pwnage Slides
Email encryption for the masses Ciphersheep EN Encrypted email has been around for ages, but most people still don't use it. One problem is that Google, Microsoft, Yahoo, and others want to keep mining your inbox for juicy data, and are thus not interested in pushing proper email encryption. Another important problem is that current solutions are difficult to use. We will look at how get email encryption ready for the masses. TU Darmstadt Staff Page Slides (final)
180 SECOND EXPRESS ROUND BEGIN!
The Free Software Song Mquintus EN Abstract: Join us now and share the software; You’ll be free, hackers, you’ll be free. Join us now and share the software; You’ll be free, hackers, you’ll be free. Free Software Song Session, YouTube Link, gnu.org Slides
BalCCon 2k14 Jelena EN BalCCon 2k14 - : Balkan Computer Congress has been conceptualized as a two day gathering of the international hacker community in the organization of LUGoNS – Linux users of Novi Sad. The first part of the program has been envisaged to be a set of presentations, workshops and lectures on the current topics regarding privacy, technology, software development, free software & socio-political issues. Our goal is to gather all the communities from the region, continent and the World in an effort to hack, play, learn, pass knowledge and exchange experience. balccon.org Slides
The freedom of total control? Nakaha EN Never before in history surveillance of public and private space and thoughts was so comprehensive like nowadays but oddly enough never before people cared less about being surveilled. I want to introduce a provocative idea that might explain this observation: total control leads to total freedom. I hope that further discussion may result in a better understanding of public ignorance and in better ways to mobilize people against their surveillance. Slides
Octoprint: An RPi printserver for 3D printers Obelix EN Octoprint gives you a web-based control and monitor interface for your 3d printer. You're sitting on the couch too lazy to get up? Use Octoprint with a mobile device over WiFi... octoprint.org Slides
How to Write an Open Textbook over a Weekend JoonasD6 EN A group of Finnish mathematics enthuasiasts hooked together a year ago write a Creative Commons high school textbook over a weekend. The concept was a success and has since extended into a charming project where we've begun to set our sights into writing all the necessary school books - freely available for everyone to use, modify and distribute. Wanna know how it worked? Wanna duplicate our textbook hackathon in your country? Here's how. Creative Commons Blog, oppikirjamaraton on Facebook, Finnish Link Slides
MSH (MPI-Shell) SreeTotakura EN MSH is a project for providing remote access between nodes of high performance computing systems where SSH is often unavailable or restricted by the administrators. MSH Documentation, Slides
Foundation of the European Pirate Party (PPEU) Zombb EN Purpose, agenda and foundation process of the PPEU ppeu.net Slides
cape: Component Architecture for Python Environments Riot EN A flashtalk about Hackerfleet's cape project, which is an opensource, component-based and flow oriented architecture for Python programmers. IRC, Trac Slides
$417 Appens Johnjohndoe EN The $417 Appens project aims to track the state of restrooms. Our goal is to instantly see which toilet is used, and which is free. Is the toilet paper nearly gone? Send a push message to the responsible person. Three toilets - which toilet is the most visited toilet? What is the average toilet time? How much cost a toilet visit? Any many more statistics. github Slides
Hacking your car dashboard LCD Derpston EN Taking control of the general purpose LCD on your car dashboard - reverse engineering, decoding existing data, generating new data, tidying it up into a reusable package for others. Audi radio DIS reader github, Linux RPI Audi DIS github Slides
Fairnopoly: The online marketplace for all. Tschakki DE As a social enterprise Fairnopoly want a fair alternative to the existing major online marketplaces offer. Our Marketplace virtually any kind of articles and services offered be. Fairnopoly is organized as a cooperative and is characterized thanks to three core elements:
  1. A Fair business model
  2. The promotion of responsible consumption
  3. A contribution to the fight against corruption
Marketplace, Blog, github, Current crowdfunding campaign Slides
Hvernig gengur Islandi Tvo (What's the status Iceland 2) W03 EN It's been one year since we last looked at the situation in Iceland, some things have changed some things have gotten better, some worse, come hear the truth or a close approximation to it. Slides
Source: Internet? There must be a better way Leena Simon EN Imagine you could take an image licensed under an open license such as Creative Commons, insert it into your work, and have attribution and license information be automatically included in your work. This would save you from having to keep track of this information yourself, to make using openly licensed works as easy as publishing them. Commons Machinery Slides
Easy PGP Key Sharing Bnvk EN The sharing of public keys is hard, verifying them is even harder- especially for average people. The goal is to make the process as easy exchanging business cards or sending a friend requests on Facebook. Utilizing PGP fingerprints and QR codes we may propose a simple and elegant solution! mailpile.is Slides
So you want to write a Tor pluggable transport N/A EN How to get started writing censorship-resistant transports for Tor. Pluggable transports home page, Tor wiki page Slides
Umweltzone / Low emission zone Johnjohndoe EN The Umweltzone app for Android allows to look up the actual position and path of the low emission zone for individual cities. The open source project uses data published by the government as well as crowdsourced OpenStreetMap data. The app is published in German in the current version 1.1.0 but will be localized soon. Umweltzone Slides
CONFidence Introduction Jabss EN An introduction and invitation to a CONFidence Conference held annually in Krakow. CONFidence Slides
180 SECOND EXPRESS ROUND END!
Awesome Retro: Retrogaming Community and your Donations Stitch EN Looking what the Awesome Retro community does and how you can help. Awesome Retro Dot Com Slides
P.O.S.T.: Physical Objects Sneaker Transport Inj4n EN I will present an ongoing project to establish digital support for crowd-based transportation of physical objects on co-presence networks. The project applies communication network protocols to the world of physical objects, essentially creating anonymous, hard to censor transportation. P.O.S.T. Project Slides
Iteratees in C Pesco EN "Iteratee I/O" is a concept for structuring the processing of data streams in a fashion that makes it modular, cleanly composable, and amenable to reasoning while not significantly impacting. As such it helps program robustness and security.


I present an early proof-of-concept for implementing iteratee I/O in C. This is somewhat complicated by limited support for working with functions as first-class objects.

A successful full-scale implementation would open the technique to a wide range of security-critical code.

POC repo Slides
tor2tcp Mzeltner EN or … <erno> hm. I've lost a machine.. literally _lost_. it responds to ping, it works completely, I just can't figure out where in my apartment it is. poum.niij.org Slides
Bitcoinproof: Digital notary, secured by the bitcoin network Vog EN Bitcoinproof creates a forgery-proof timestamp for your data, secured by the bitcoin network. This enables you to prove that a certain event happened before a certain point in time, without trusting any central authority. So you can use the bitcoin network as a digital notary service! Bitcoinproof demo page Slides
Teckids: Why children need an open source community Natureshadow EN Community projects settled around free standards, privacy and security have been taking rapid movement throughout the last years. But why is it also important to bring this movement to kids and teenagers? teckids.org, Teckids Slides
bettercrypto.org: The definitive guide to applied crypto hardening MacLemon EN Deploying good crypto correctly is complex. This guide gives you all the details you want and the config to copy/paste. It's creation process is completely transparent and the the contents are heavily peer reviewed by experts in the field. bettercrypto.org, 30c3 Project Page Slides
NSA-like Surveillance by a Third World Country Musalbas EN A look into how the Tunisian government surveilled the social media and email accounts of its citizens during the Tunisian revolution of 2011. Pastebin Remove Tunisian government phishing scripts Slides
sharingsecrets: a tool for sharing and distributing passwords someName EN A call for paticipation for further development of a passwordmanager, which allows to share and distribute passwords Website Slides
ddserver: A server-side dynamic DNS service Major EN ddserver is a server-side application for dynamic DNS management. It allows you to specify hostnames (subdomains) inside a dynamic DNS zone, and to update the IP address of those hostnames using a dynamic update protocol (no-ip protocol). This enables you to access hosts with dynamic IP addresses by a static domain name, even if the IP address changes. ddserver Slides
The Legislative Process: How It Is Failing Everyone But the Rich Valkyrie EN After a dramatic event that shook the hacker community in January, I began a quest to change draconian computer laws. In our effort to bring the bring the hacker community together, I encountered surprising obstacles. In this talk, I will cover the obstacles that we encountered and will briefly cover ideas that we've put together to address some of these obstacles. forkthelaw.org Slides