- Lightning Talks are short lectures any congress participant may give!
- Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick!
The Lightning Talks were a huge hit at the 29c3! For the first time since we introduced the new Lightning Talk format, every slot was completely booked by Day 2. There were three packed sessions and over seven hours of Lightning Talks. There is a possibility that Lightning Talk slots will be gone by the time the Congress starts, so submit your idea as soon as possible!
How to Apply
Send an e-mail to email@example.com with the following information in this order:
- Presentation Title
- 30c3 Wiki Username
- Language of your Presentation
- Relevant Links (Project Page, 30c3 Wiki Page, etc.)
- Slides in PDF, ODP or PNG format OR link to a Video. Submissions without at least one slide, background graphic or video will be automatically put in the 120 Second Express round.
- Do we have your permission to upload your slides to the wiki? (Before my talk/After My Talk/Not at all)
- What kind of LT? (180 Second / 5 Minute)
Got questions? See the FAQ
How it Works
The 30c3 Lightning Talks are 5 minutes each, given on a first-come, first-served basis to presenters who provide complete submissions. There is no curation on content or message, however, no submission which violates the core principles of the CCC will be accepted.
- Speakers take the podium as the moderator brings up their slides on the beamer.
- Once slides are ready, the speaker is given a "Go" to proceed.
- Speakers introduce themselves
- To move to the next slides, the speaker will say "slide"
- With one minute left to go, the moderator will give a "One Minute" warning over the microphone
- The moderator will give another warning with 30 seconds left
- At 10 seconds, the moderator will signal the audience to count down.
- When the speaker is finished, or five minutes are up, the audience applauds and the next speaker takes the stage.
180 Second Express Round
Is 5 minutes too much? What can you do in 180 seconds or less?
In order to make room for more participants, ease the submission requirements, and create a dumping ground for people who cannot follow directions, we're trying this special 3 minute round on Day 4. The application process is the same!
|12:45||How to give a good Lightning Talk||Nick Farr||EN||This is a brief Lightning Talk explaining the basics of how the Lightning Talks work.||Lightning Talks on Wikipedia||Available soon|
|12:50||TBA - Currently DND|
|12:55||Wir werden alle überwacht. Und nun?||Mspro||DE|| Der Fall ist eingetreten, mit dem viele von uns gerechnet haben. Wir werden ständig und allumfassend überwacht und es sieht nicht so aus, als könnten uns Crypto oder Politiker davor bewahren.
Diese Tatsache hat auch schwerwiegende Auswirkungen auf den Aktivismus gegen Überwachung. Wie können wir gegen Überwachung kämpfen, wenn eh alle wissen, dass sie überwacht werden? Werden sich die Menschen zum Beispiel trotz NSA noch gegen die Vorratsdatenspeicherung mobilisieren lassen?
Die Überwachungsdebatte tritt in eine neue Phase ein, in der es nicht mehr um das Bit "überwacht/nicht überwacht" gehen kann, sondern wo Überwachung differenziert betrachtet und qualitativ eingeordnet werden muss. Dazu will ich ein paar Vorschläge machen.
|mspr0.de||Will not be uploaded|
|13:00||Secure eMail Storage with qpsmtpd + GPG||Byterazor||EN||Because of the current actions against secure eMail providers in the USA (for example Lavabit) eMail security gets more and more important in the world. The current implementations of MTAs, POP3 and IMAP Servers do not provide a secure eMail storage. Adding such a secure storage is not trivial, because the encryption keys have to be stored at the eMail provider, enabling organizations to get hold of this key and decrypt the eMail. To prevent this, an asymmetric encryption standard has to be used. The eMail provider encrypts incoming eMail with the recipients public key and the recipient, after downloading the eMail, decrypts it with his private key. This talk presents a plugin for the QPSMTPD SMTP server, which does exactly this. Every incoming email is encrypted with the recipients PGP public key in the PGP-Mime standard, if this key is locally available and trusted. After encryption the eMail is forwarded by SMTP to the backend Mailserver. This method can easily be adapted to any other queuing plugin for the QPSMTPD daemon.||QPSMTPD GPG Plugin||Available afterwards|
|13:05||Snake: a privacy-aware online social network providing anonymity of data at rest||Aleclm||EN||The enormous amount of sensitive information available to Online Social Networks is highly attractive for criminals, therefore adequate security measures are needed. So far, in most cases, OSN providers have had complete control over user data: the only restrictions came from the OSN’s Terms of Service and the regulations of the various countries where the service was available. The aim of this work is to allow OSNs’ end users to have as much control as possible over the data they post and to design a service provider storing as little information as strictly necessary to offer the intended service.||Forthcoming||Available afterwards|
|13:10||Online Footprint - An experiment in privacy||Hiromipaw||EN|| While social media are increasingly opening up new possibilities for users to share and interact with people and content online, it has also become apparent that, as networking systems evolve and online interactions become more frequent and complex, it is always more difficult to retain control over our online footprint.
This work is hence concerned with the modelling the user online footprint as a result of the aggregate activity collected across different services online, calculating the risk that a user can be subjected to a particular attack, hence profiling known attacks, and finally helping the user to maintain a desired online footprint by adopting certain privacy enhancing techniques.
|13:15||Web 3.0 - reconquest of freedom on the Internet - a social movement?||Klaus Wallenstein||DE|| The protest against the total surveillance on the Internet fizzles been ineffective. Still, data are skimmed off by intelligence agencies and Internet companies masse.
Why it has not yet come to political progress? What should change in the future so that society and politics finally respond appropriately to the problem?
|Wagnis Demokratie||Available afterwards|
|13:20||Getting more out of Java Stacktraces||Snakebyte||EN||This talk presents a database which allows to use Java stacktraces for web application and framework version fingerprinting||TBA||Available afterwards|
|13:25||Investor-to-state Dispute Settlement: A Threat To Democracy||Ante||EN||Investor-to-state dispute settlement (ISDS) gives multinationals the right to sue states before special tribunals if changes in law may lead to lower profits than expected. Multinationals can challenge environmental policies, health policies and reform of copyright and patent law. A growing number of civil society groups see ISDS as a threat to democracy.||ISDS Project Page||Slides|
|13:30||hPDB - the fastest Protein Databank parser is written in Haskell||Miga||EN||hPDB is a parallel Protein Databank parser written in a lazy functional language Haskell. According to current benchmarks it is among the top three parser when used on a single core, and outclasses other parsers when used on quad-core. Is it sign of a new future for both Haskell, and parsing?||GitHub, biohaskell.org, BioHacking Assembly||Unknown|
|13:35||DIY Bookscanner everywhere||Benjamin||EN|| I will present the DIY Bookscanner of Dan Reetz, along with the book scanning communities of the world.
We will show how the machine works, why you should build your own, how you can spread knowledge and culture all over the world Come to La Quadrature du Net's tea house for a demonstration, and to scan your own books !
|30c3 BookScanner Project, diybookscanner.org (en), bookscanner.fr (fr)||Slides|
|13:40||How to organize a (traveling) conference||Yana, Krokodilerian||EN||How to organize a traveling conference in a small country (Bulgaria) on IT/hacking topics, with a very low budget, with the idea to educate the people, to show new things, to give them something to research and advance their own projects. Everything was recorded and streamed in real time.||, , , , ||Slides|
|13:45||Holy $417! Watch these ordinary people encrypt their emails.||Kinko||EN|| Kinko provides email encryption
Kinko believes: What is in your email concerns only you and the persons you write to. Period. Even in times of NSA and Tempora surveillance programs strong crypto still works - whenever we use it. Let's build the tools to make it a breeze to use -- for everyone!
|kinko.me, Kinko Project Page||Available afterwards|
|13:50||Take action on digital human rights!||Amnesty||EN||This is (as far as we know) the first time Amnesty International is present at the Chaos Communication Congress. In the past, Amnesty has been a bit hesitant to approach the issue of human rights in the digital world in a consistent manner. We at Digital@Amnesty, an evolving new task force, would like to finally change that and use the opportunity of being here to briefly introduce the concept of our work. At the same time, we want to get in touch with all those of you who feel a need to take action, and call upon other NGO's active in this field to join forces with us.||Day 3 Talk, Amnesty International, Amnesty International - Take Action on Digital Human rights||Available afterwards|
|13:55||Light Painting with LED Stripes||Bigalex||EN||Light painting with LED stripes is fun! This talk presents a light painting tool based on the LightScythe by The Mechatronics Guy. Some improvements were added to provide easier setup and handling in the field, e.g. a web interface to control settings with mobile devices and on-device image preprocessing. The intention of this talk is to lure some photographers into a light painting session outside the CCH.||GitHub Page||Available afterwards|
|14:00||10 MINUTE BREAK|
|14:10||Bitford, a streaming BitTorrent client for Chrome||Astro||EN||This talk will present Bitford, a BitTorrent client with novel features. Piggybacked on Chrome, it runs on many OS platforms. Because browsers feature A/V playback capabilities, it turns BitTorrent into a true YouTube killer by allowing playback while still downloading.||GitHub, Bitford on Chrome Web Store||Available afterwards|
|14:25||ScreenInvader. Social TV.||Kallaballa||EN||Ever wished you could play media content from your laptop or smart phone on a TV set, screen or projector in just an instant? This is what ScreenInvader helps you do: browse the web, watch videos or flip through images together with your friends on a big screen with just a few simple clicks.||Github, Main Site||Available afterwards|
|14:30||KittenGroomer: The agnostic USB sanitizer||Rafiot||EN||This project aims to be used by someone receiving a USB key from an untrusted source and who want to see the content you do not know what is on it without opening the original and potentially malicious files.||KittenGroomer, GitHub, Project Page||Slides|
|14:35||A/I kaos translation! it.de||Hlg||EN||The italian tech collective and media activism group A/I has written down its history in a book. We are about to translate the book straight into german language. The talk presents the translation project and woos further contributors.||Main Site||Available afterwards|
|14:40||Why is anything the way it is?||Srinivas||EN||Before we change how our societies work, shouldn't we first understand how they actually work? Those who benefit from the structure of the present system seek to limit public comprehension of the social system. Let's use the tools we used to understand physical systems to understand, and then to change how our social systems work.||srinivas.gs||Available afterwards|
|14:45||GNU Naming System Key Exchange Party @ 30C3||Docmalloc||EN||GNS, the GNU Naming System, is a decentralized, censorship resistant and secure naming system. Every user manages his own namespace and can access other users name using a delegation system. In the context of the "Youbroketheinternet" workshop and the panel discussion about secure naming systems we provide the possibility to directly get to know GNS. We organize a GNS key exchange party at 30C3 where users can get business cards containing their GNS information and exchange with other GNS users.||GNS project page, You broke the internet!||Slides|
|12:45||How to give a good Lightning Talk||Nick Farr||EN||This is a brief Lightning Talk explaining the basics of how the Lightning Talks work.||Lightning Talks on Wikipedia||Available soon|
|12:50||TBA - Currently DND|
|12:55||cctvmap - mapping the surveillance||Dp||EN||Let's build a wiki map for people to collect with an android app the surveillance in your neighborhood||Alpha map version, cctvmap.org, coming soon, Cctvmap||Available afterwards|
|13:00||rpi smartMetering - how raspberry pis and nerds will save the world||Docjoe||EN||I bought an raspberry pi at 29c3 and built my own smart meter. I learned that my house consumes too much energy when doing nothing. And I learned, that now everybody can check how many slices I toast in the morning (reality). All of this inspired me to cook up my own homegrown micro-powerplant (just an idea yet). Then I started thinking about a simple need driven decentralized electric prower grid. Then I thought about a new world currency coupled to energy rather than gold and now I'd like to talk about it before someone silences me...||Ahoj Senn||Slides|
|13:05||r0ket-based wireless keyboard sniffing||Sec||EN||Playing around with the nrf24l01p, the rf chip of the r0ket which is also used by the MS wireless keyboard.||r0ket.de, r0ket GitHub||Available afterwards|
|13:10||How can regulators and hackers cooperate to strengthen Internet privacy?||Achim||EN||Data protection authorities, other regulators and legislators invest considerably in defining and interpreting legal rules for the protection of individuals’ fundamental rights of personal data protection and privacy. At the same time, developers of internet tools and applications unaware of the risks to privacy and data. If these two trends continue to diverge, there is an increased risk that the actual privacy of individuals will become substantially less protected. This talk is meant as an invitation to developers to discuss how this separation can be overcome.||European Data Protection Supervisor Homepage||Slides|
|13:15||NymRights and NymWrongs||Aestetix||EN||This talk will be a brief introduction to the world of names and nyms-- pseudonyms, polynyms, anonyms, and more! We'll cover some fundamentals of how names work and why, and then explore the challenges we're encountering as we try to bring name-related systems into technology. We'll also take a look at the National Strategy for Trusted Identities in Cyberspace, a US-government group tasked with solving many of today's challenges, and see how they are doing.||nymrights.org||Available afterwards|
|13:20||Firebird/interbase database engine hacks or RTFM||Gifts||EN||Couple techniques to exploit remote command execution in Firebird with exposed port||Available afterwards|
|13:25||So I discovered that my HP laptop…broadcasts||Shinji||EN||We took a look at some HP Elitebooks||Available afterwards|
|13:30||Einigkeit für Recht und Freiheit - Für eine gemeinsame Bewegung gegen Überwachung||Ramses||DE||Seit Edward Snowden seine Enthüllungen begonnen hat, gibt es auch in Deutschland eine breite Front von Organisationen, Initiativen und Einzelpersonen, die sich gegen die zunehmende Überwachung wenden. Dieser breite Protest ist jedoch sehr zersplittert. Es gibt viele Einzelinitiativen, die zu großen Teilen nicht zusammenarbeiten. Vielmehr gibt es sogar erhebliche Differenzen zwischen den Gruppierungen, obwohl die Ziele oft nahezu deckungsgleich sind. Aktionen der anderen werden kritisiert, man streitet über unwesentliche Details. In diesem Lightning Talk Rant möchte ich aufzeigen, dass das anders werden muss und die verschiedenen Initiativen und Organisationen vereint auftreten müssen, wenn wir das erreichen wollen, worum es uns letztlich allen geht: Recht und Freiheit.||Einigkeit fuer Recht und Freiheit!, StopWatchingUs Heidelberg||Slides|
|13:35||Open Source Redaktion||Pingunine||DE||Anforderungen an ein modernes Open Source Redaktionssystem||Slides|
|13:40||3D printer & Art: More Than Just a Tool||Obelix||EN||Some ideas and examples on how to make art with a 3D printer/scanner where the printer/scanner is more than a simple tool for creating objects. Because of the unique possibilities and characteristics the 3d printer becomes itself part of the artwork it is creating.||Example project: Exhibition in Moscow||Available afterwards|
|13:45||How the American legislative process has failed everyone but the rich||Valkyrie||EN||After a dramatic event that shook the hacker community in January, I began a quest to change draconian computer laws. In our effort to bring the bring the hacker community together, I encountered surprising obstacles. In this talk, I will cover the obstacles that we encountered and will briefly cover ideas that we've put together to address some of these obstacles.||forkthelaw.org||Available afterwards|
|14:00||10 MINUTE BREAK|
|14:10||Fenrir: Transport, Encryption & Authentication||Luker||EN||Fenrir is a UDP-based transport protocol which combines ideas from SCTP, QUIC and other protocols, adds encryption (not based on SSL), uses DNSSEC for trust and pubkey management, implements federated authentication and much more.||fenrirproject.org||Available afterwards|
|14:25||"What the fox say?"||gmc||EN||After a number of death threats, a direct and public call to commit suicide and lots of abuse I have reached a point where I will no longer stand for bullies who believe I am evil because of my employment with Fox-IT. In this short presentation I will give insight into what my work actually is, what other work we do and why this is not evil or against my hacker ideals.||Available afterwards|
|14:40||Necessary Introduction to SQL injection attacks||Arnim||EN||Necessary background on SQL injection attacks to make following presentation more relevant for not-so-techie types.||Available afterwards|
|14:45||Maximizing the speed of time based SQL injection data retrival||Arnim||EN||This talk features several new ideas on how to speed up data retrieval using time based blind SQL injection (SQLi). It's important to realize the difference between boolean based SQLi and time base SQLi. and why the later has more in common with “What's My Line?” aka “Heiteres Beruferaten” than binary search. Just applying this knowledge to sqlmap resulted in a speed increase of 20% with a patch of 10 lines of code. Password hashes can be retrieved even faster by narrowing down to hex-digits.||(Some presented ideas will go into sqlmap.org)||Available afterwards|
|14:50||PHDays Labyrinth: The Hacker Disneyland||Yuri Goltsev||EN||The Labyrinth at Positive Hack Days is a real life hacking attraction. During only one hour the participants of the competition are to get over the laser field and motion detectors, pick some locks, clear the room of bugs, defeat artificial intelligence, and disarm the bomb. To get through the Labyrinth, you will need some skills in dumpster diving, lock picking, application vulnerabilities detection, social engineering, and of course, there is no way without mother wit and physical fitness.||PHDays III on YouTube||Available afterwards|
|15:00||Associated Whistle-Blowing Press: First release of files||Hieroph4nt||EN||AWP's first release of sensitive materials providing evidence of corruption and malpractice.||Associated Whistle-Blowing Press||Available afterwards|
|12:45||Come to HOPE X||Maltman23||EN||A preview of HOPE X, taking place in New York City from July 18-20||x.hope.net||Available soon|
|180 SECOND EXPRESS ROUND BEGIN!|
|12:48||BalCCon 2k14||Jelena||EN||BalCCon 2k14 - : Balkan Computer Congress has been conceptualized as a two day gathering of the international hacker community in the organization of LUGoNS – Linux users of Novi Sad. The first part of the program has been envisaged to be a set of presentations, workshops and lectures on the current topics regarding privacy, technology, software development, free software & socio-political issues. Our goal is to gather all the communities from the region, continent and the World in an effort to hack, play, learn, pass knowledge and exchange experience.||balccon.org||Slides|
|12:51||The freedom of total control?||Nakaha||EN||Never before in history surveillance of public and private space and thoughts was so comprehensive like nowadays but oddly enough never before people cared less about being surveilled. I want to introduce a provocative idea that might explain this observation: total control leads to total freedom. I hope that further discussion may result in a better understanding of public ignorance and in better ways to mobilize people against their surveillance.||Available afterwards|
|180 SECOND EXPRESS ROUND END!|
|13:30||10 MINUTE BREAK|
|14:10||tor2tcp||Mzeltner||EN||or … <erno> hm. I've lost a machine.. literally _lost_. it responds to ping, it works completely, I just can't figure out where in my apartment it is.||poum.niij.org||Available afterwards|
|14:15||Bitcoinproof: Digital notary, secured by the bitcoin network||Vog||EN||Sometimes you want to prove that a certain event happened before a certain point in time. Maybe you want to prove that the damage in your flat already existed when you settled in. Or that you were in possession of this great artwork before it was published, proving you are the author.
So what can you do? Traditionally, you would consult a trusted authority such as a notary. However, that's quite costly and takes a lot of time. You could also use a digital trusted timestamping service, which is fast but still very costly due to the special hardware and expensive audits that such a company needs in order to stay trustworthy. Or you could simply use the bitcoin network, which is cheap and doesn't require you to trust anyone. There's just one issue: The bitcoin network is designed to protect payment transactions, not arbitrary data.
Curation of Content
Q: How do you choose which Lightning Talks to put in? What topics do you not accept?
- A: Lightning Talks are first-come, first-served. There is no curation of content, only curation against incomplete submissions. In addition to incomplete submissions, talks that advocate beliefs which are racist, sexist or otherwise constitute harassment or include points of view or symbols that are not permissible by Law will not be contemplated. Aside from that, you're free to give as crazy a talk as you want.
Q: I'm so nervous! I've never been on stage before. I couldn't possibly give a lightning talk!
- A: Yes, you can! LTs are not about being polished or professional, they're for people with passion for their ideas. It's very natural to be nervous, but that fades quickly once you're on stage talking about your ideas. Many people who gave a good Lightning Talk went on to submit a successful lecture at a future congress.
Slides: Why it's a requirement
Q: Why are slides required?
- A: TL;DR: It shows that you can both read directions and take the de minimis effort to prepare your talk.
Reading directions and minimally preparing are both critical steps to assuring that the talk goes well for you and that session is enjoyable for everyone. This step alone weeds out many people who simply want to get on stage and talk without thinking through their ideas or arranging them in a manner than takes them no more than 5 minutes to explain. People who can't prepare will be mercilessly placed into the 180 second round.
Q: I want to reserve a slot, but I won't have my slides prepared until the congress.
- A: You need to provide at least a title slide or background graphic to confirm your place on the schedule. The deadline for final slides is Day 1 of the 30c3 at 23:00 CET. No slides? You're in the 180 second round.
Q: Why do I have to submit slides in advance?
- A: Because switching from laptop to laptop wastes a lot of time and breaks the flow of the session. Constantly switching laptops previously plagued the flow of the lightning talks. At the 29c3, using this format, we were able to present nearly six hours of talks and achieve nearly standing-room only crowds with only 2-3 display failures. Most LT presenters find it far better to reach many more people with a solid, concise message than give a flashy presentation to a handful of people.
Q: What if I don't want to use slides at all?
- A: That's fine, but if you want a full 5 minute talk you must provide some kind of background graphic to say who you are and what you're talking about. This is for the audience's benefit. If they really like what you're saying, you should give them some way of getting a hold of you. Otherwise, the 180 second round is an option for you.
Q: What should I include in my last (or only) slide?
- A: The following things should be in your last slide (however, they are not mandatory):
- Your Name (handle, etc.)
- Contact (DECT, email, fon)
- Links (project homepage)
- Place of contact (assembly, room, party)
Q: But I have a really cool animation/presi/flashytime presentation that I must give on my own hardware!
Q: What if I absolutely must give a demo on my own hardware?
- A: There are only a very small number of slots where this will be possible, at the beginning and at the break for most sessions. You must test your hardware in advance and any delays in getting your laptop on the beamer will come out of your five minutes. Why not try a video instead?
Q: I can't possibly give my talk in 5 minutes! Will there be any 15 minute (i.e. FOSDEM style) slots?
- A: There are a small number of slots for 15 minute talks. With your submission, write in greater detail why you really need 15 minutes to fully deliver your talk.
Q: Ich spreche nicht sehr gut Englisch. Kann präsentiere ich meine Vortrags auf Deutsch?
- A: Ja, genau. Bitte habe Geduld mit dem Moderator, ist sein deutscher wirklich schrecklich.
Q: Can I pitch my crowd funding project in a Lightning Talk?
- A: Yes you can! We strongly recommend using the last minute of your talk to mention your fundraising website, as well as adding a very visible link to your crowdfunding page from your main project site. Of course, this is most helpful if you've added a link to your main project site in your application.
Q: Will there be milk and cookies?
- A: Yes.
Q: How do I get an answer to a question that is not answered here?
- A: E-mail firstname.lastname@example.org