Schedule
Schedule
Ange Albertini
Specifications are enough, they say… 10 years after 31c3's "Funky File Formats" … Have things improved?
kantorkel, Kai Biermann
Du bestellst im Internet? Natürlich bestellst Du im Internet. Aber dieses Mal wird Deine Ware nicht geliefert. Stattdessen sind Dein Geld und Deine Kreditkartendaten nun in China. Das ist BogusBazaar. Wir teilen unsere Einblicke in die Arbeitsweise dieser Bande.
Fabian Bräunlein, Luca Melette
A significant portion of Europe's renewable energy production can be remotely controlled via longwave radio. While this system is intended to stabilize the grid, it can potentially also be abused to destabilize it by remotely toggling energy loads and power plants. In this talk, we will dive into radio ripple control technology, analyze the protocols in use, and discuss whether its weaknesses could potentially be leveraged to cause a blackout, or – more positively – to create a city-wide Blinkenlights-inspired art installation.
Matthias Frielingsdorf
My talk explores the trajectory of iOS spyware from the initial discovery of Pegasus in 2016 to the latest cases in 2024. The talk will start with an analysis how exploits, infection vectors and methods of commercial spyware on iOS have changed over time. The second section of the talk is all about advances in detection methods and the forensic sources which are available to discover commercial spyware. This talk will also include a Case Study about the discovery and analysis of BlastPass (one of the latest NSO Exploits). The third part will discuss technical challenges and limitations of the detections methods and data sources. Finally, I will conclude the talk with open research topics and suggestions what Apple or we could technically do to make the detection of commercial spyware better.
Adam M.
User location information is inherently privacy sensitive as it reveals a lot about us: Where do we work and live? Which cities, organizations & institutions do we visit? How does our weekly routine look like? When are we on a vacation and not at home? MacOS has introduced multiple layers of security mitigations to protect sensitive user location information from attackers and malicious applications over the years — but are these enough?
LaF0rge (He/him)
Modern high-performance networking APIs on Linux - beyond the classic BSD sockets API.
Jurre van Bergen
The digital arms race between activists and government spies continues to shift and evolve. Through a series of cases studies, researchers from Amnesty International's Security Lab will share surveillance wins, the ongoing challenges, and the new threats on the digital horizon.
segher, Wanda
This is the story of the HDCP master key that we derived back in 2010.
Hiro, Gus
Millions of internet users around the world rely on Tor to protect themselves from surveillance and censorship. While Tor-powered applications and the Tor protocol are widely known, the community behind it much less so. This talk will highlight the efforts to maintain a healthy and resilient Tor network, emphasizing the crucial role of a diverse, engaged community of relay operators. We’ll discuss some recent news, the current state of the network, how we determine its health, and the strategies to strengthen its resilience, addressing challenges around sustainability and governance. If you're interested in understanding the inner workings of the Tor network, this talk is for you.
Kaspar
S3 Buckets mit kübelweise privaten Daten: Finden, melden, kein Problem. Aber grundlegend was ändern? Denkste!