Mona
In this talk, I will describe how my team and I systematically exploited around a dozen home-rolled network encryption protocols used by popular mobile apps like RedNote, Alipay, and some of the most popular mobile browsers in China to encrypt sensitive information. I'll demonstrate how network eavesdroppers could access users' browsing history and mobile activity. This is a systemic issue; despite our work on the above protocols and the resulting vulnerability disclosures, this plague of home-rolled and proprietary encryption is still at large. I will end by discussing how we got here, re-affirm the age-old adage, “Don’t roll your own crypto!”, and call on hackers around the world to help us move towards HTTPS everywhere.
Shipei Qu, Zikai Xu, Xuangan Xiao
We present a comprehensive security assessment of Unitree's robotic ecosystem. We identified and exploited multiple security flaws across multiple communication channels, including Bluetooth, LoRa radio, WebRTC, and cloud management services. Besides pwning multiple traditional binary or web vulnerabilities, we also exploit the embodied AI agent in the robots, performing prompt injection and achieve root-level remote code execution. Furthermore, we leverage a flaw in cloud management services to take over any Unitree G1 robot connected to the Internet. By deobfuscating and patching the customized, VM-based obfuscated binaries, we successfully unlocked forbidden robotic movements restricted by the vendor firmware on consumer models such as the G1 AIR. We hope our findings could offer a roadmap for manufacturers to strengthen robotic designs, while arming researchers and consumers with critical knowledge to assess security in next-generation robotic systems.
Cory Doctorow
Trump has staged an unscheduled, midair rapid disassembly of the global system of trade. Ironically, it is this system that prevented all of America's trading partners from disenshittifying their internet: the US trade representative threatened the world with tariffs unless they passed laws that criminalized reverse-engineering and modding. By banning "adversarial interoperability," America handcuffed the world's technologists, banning them from creating the mods, hacks, alt clients, scrapers, and other tools needed to liberate their neighbours from the enshittificatory predations of the ketamine-addled zuckermuskian tyrants of US Big Tech. Well, when life gives you SARS, you make sarsaparilla. The Trump tariffs are here, and it's time to pick the locks on the those handcuffs and set the world's hackers loose on Big Tech. Happy Liberation Day, everyone!
Max, Julian
In this talk, we will give an introduction into the project (i.e. how it all started at 38c3 and why we are here now), provide an in-depth review of how the development process of our pager worked and what our future goals are. In our introduction, we will talk about the origin and exploration phase of the inital pager idea (i.e. how we went from the idea of bringing POCSAG Pager transmitter to 38c3, over a cable-bound prototype, to a first working pager on a proper PCB). We will also present our plans of connecting our POCSAG transmitter infrastructure to THOT (CERTs own dispatch software). For our in-depth review about the project, we explain how we encountered major reception problems, how we analyzed them at easterhegg22 and conducted experiments there, and why we are opting for a custom HF frontend design instead of an already-made one from chinese vendors. Moreover, we provide an overview of our transmitter devices and give some advice on how to replicate those. Lastly, we will discuss further challenges and what our next goals are. If we are reaching our milestone until 39c3, we will also give a live demo of the system.
Henri Jäger
This talk presents Apple's link-layer protocol Low-Latency WiFi and how it achieves its real-time capabilities to enable Continuity features like Sidecar Display and Continuity Camera. We make more kernel logging available on iOS and build a log aggregator that combines and aligns system- and network-level log sources from iOS and macOS.
Constanze Kurz, khaleesi, Matthias Marx, Linus Neumann, erdgeist
Das war nicht das Jahr 2025, das wir bestellt hatten.
Mustafa Mahmoud Yousif
The session title is fashioned after the Kenyan movement building rhetoric “Hatupangwingwi” which is Kenyan slang meant as a call to action to counter anti-movement building techniques by the political class and resist infiltration and corruption. This is true for the organisation and movement building towards inclusive identity regimes in Kenya. The session seeks to explore the lessons from Kenya’s journey to digitalization of public services and the uptake of Digital Public infrastructure. It digs deeper on the power of us and how civil society could stop a destructive surveillance driven digitalisation thus protecting millions of Kenyans.
Lori Roussey, Celia/Irídia
In 2022, CitizenLab contacted a member of the Spanish non-profit Irídia to tell them that one of their members had likely been hacked with Pegasus spyware. The target, a lawyer, had been spied on by the Spanish government in 2020 because he represented a Catalan politician who was in prison. His phone was infected with Pegasus during the COVID-19 lockdown, on the same day he was having an online meeting with other lawyers working on the case. Irídia and the lawyer (Andreu) decided to take the case to court. A few years later, he met with Data Rights and invited them to join forces and bring in partners from across Europe to increase the impact. This collaboration led to the creation of the PEGA coalition in May 2025. This talk goes over the status of the case and work we have done across Europe to bring spyware use in court.
Paul Koetter
It is 1976 and the USA long stopped going to the Moon when a Soviet automatic landing station called Luna 24 descends to the Lunar surface. It touches down on 3.3 Billion year old rock formations at a place no mission has ever gone before. What exactly happened remains a mystery to this day, but the space probe managed to take a 2.3 m long drill core from the Lunar regolith, packaged the sample in a genius way and launched it for its voyage to Earth. Some days later the sample entered earths atmosphere and landed in remote Siberia and ended up in our hands more than 50 Years later. We tell the story of the sample, the people that brought it to Earth and how we analyzed it with the newest methods including µm sized high intensity X-ray beams, 30kV electron beams and LN2 cooled infrared spectrometers.
Anne Lüscher
**Over the past few decades, nucleic acids have increasingly been investigated as alternative data storage media and platforms for molecular computing. This talk builds on past research and introduces another branch to the field: DNA cryptography based on random chemistry. This technology provides a platform for conceiving new security architectures that bridge the physical with the digital world.**
tomate, jinxx
*Der deutsche Buchmarkt gegen den Rest der Welt oder auch: Enshittification des Buchmarkts und keine API für ein Halleluja* Es gibt unzählige wundervolle Geschichten und das Internet hat über die letzten Jahrzehnte viele großartige Autor*innen hervorgbracht. Doch Verlage haben begrenzte Kapazitäten und sind außerdem zumeist sehr konservativ in ihren Programmen. Die Lösung für beides: Selfpublishing. Neue und gewitzte, genre-übergreifende Bücher an neugierige Lesende zu bringen, könnte so einfach sein; wären da nicht Barsortimente, fehlende APIs und ein insgesamt schreckliches Ökosystem, die Indie-Autor:innen (und alle, die versuchen, auf dem deutschpsprachigen Buchmarkt irgend etwas Innovatives für Indies zu machen) das Leben schwer machen.
Philo
What does knitting have to do with espionage? Can embroidery help your mental health? This talk shows how the skills to create textile art have enabled people to resist and to persist under oppressive regimes for centuries. And it offers ways to keep doing so.
Leonard
The character of drone wars has changed. The large, cumbersome long-range drones have been complemented with small and low-budget drones. Moreover, more and more states are developing, deploying and selling them. Ten years ago at least 50 states were developing them. At the top are USA, Israel, Turkey, China, Iran and Russia. Russia's attack on Ukraine has unleashed a drone war unlike any seen before. In short time the Ukraine has build significant drone production capabilities and announcement that it will increase its own production of quadcopters and kamikaze drones to one million units per year. German defense companies and startups are now promoting a “drone wall on NATO's eastern flank.” Moreover, despite their vulnerability to air defenses, large drones are also being further developed. They are intended to accompany next generation fighter jets in swarms. In this talk, past and current developments are discussed. What are the perspectives now?
Bonnie, keldo, Andi Bräu
Lightning Talks - Tag 2
Johann Rehberger
This talk demonstrates end-to-end prompt injection exploits that compromise agentic systems. Specifically, we will discuss exploits that target computer-use and coding agents, such as Anthropic's Claude Code, GitHub Copilot, Google Jules, Devin AI, ChatGPT Operator, Amazon Q, AWS Kiro, and others. Exploits will impact confidentiality, system integrity, and the future of AI-driven automation, including remote code execution, exfiltration of sensitive information such as access tokens, and even joining Agents to traditional command and control infrastructure. Which are known as "ZombAIs", a term first coined by the presenter as well as long-term prompt injection persistence in AI coding agents. Additionally, we will explore how nation state TTPs such as ClickFix apply to Computer-Use systems and how they can trick AI systems and lead to full system compromise (AI ClickFix). Finally, we will cover current mitigation strategies and forward-looking recommendations and strategic thoughts.
Klaus Landefeld
Both within the EU as well as nationally in Germany, there exists a renewed drive to implement data retention, a practice struck down by the ECJ and discontinued in many national legislations. In parallel, cross-border access to stored data has been mandated within the EU as “e-evidence”, and will soon be extended to 90+ countries under the umbrella of the EU cybercrime convention. In principle, all data stored by service providers will be available to law enforcement as part of a criminal investigation. The timing of both initiatives is not coincidental, as access to data naturally relies on the availability of data. The talk will address the state of play on data retention in various legislations, and introduce the practice of cross border access to stored data by law enforcement as well as its shortcomings and threats to privacy and confidentiality.
akira25, flx, Gato
Wir geben Einblicke in zwei intensive Wochen Planung, Koordination und Aufbau, den Betrieb einer (improvisierten) Bodenstation, sprechen über technische Hürden, Antennendesign und Organisation – und wie wir schließlich mit Astronautin Rabea Rogge im Weltraum gefunkt haben.
Jan Pleskac
The talk will be about our experience from building an open-architecture secure element from the ground up. It explains why openness became part of the security model, how it reshaped design and development workflows, and where reality pushed back — through legal constraints, third-party IP, or export controls. It walks through the secure boot chain, attestation model, firmware update flow, integration APIs, and the testing framework built for external inspection. Real examples of security evaluations by independent researchers are presented, showing what was learned from their findings and how those exchanges raised the overall security bar. The goal is to provoke discussion on how open collaboration can make hardware more verifiable, adaptable, auditable and while keeping secure.
Bernd
A brief history of typographic misbehavior or intended and unintended uses of variable fonts. Nine years after the introduction of variable fonts, their most exciting uses have little to do with what variable fonts originally were intended for and their original promise of smaller file sizes. The talk looks at how designers turned a pragmatic font format into a field for experimentation — from animated typography and uniwidth button text to pattern fonts and typographic side effects with unintended aesthetics. Using examples from projects such as TypoLabs, Marjoree, Kario (the variable font that’s used as part of the 39C3 visual identity), and Bronco, we’ll explore how variable fonts evolved from efficiency tools into creative systems — and why the most interesting ideas often emerge when technology is used in unintended ways.
Jakob Sponholz, Kathrin Klapper, Lena Christina Müller
Könntest du jetzt noch sagen, was du heute online gemacht hast? Für viele ist das Internet so selbstverständlich, dass sie es kaum noch merken, wenn sie es benutzen. Dennoch sind viele Menschen unfreiwillig aus der digitalen Welt ausgeschlossen. Wie könnte das Internet für alle nutzbar werden?
Erwin Ernst "eest9" Steinhammer, lasii, Daniel, Niklas
Auf der Insel Rügen und in Österreich tut sich was - und zwar neue Chaos Events. Wir möchten über Anforderungen, Herausforderungen, Hürden, Erfahrungen und Glücksmomente aus unserer Sicht der Orga erzählen. Das InselChaos fand im LaGrange e.V. im September 2025 statt und bildet den Auftakt für weitere kreative, informative und chaotische Events auf der Insel Rügen. Das Håck ma’s Castle wird mit etwas Humor auch über Herausforderungen sprechen, welche unter anderem durch dezentrale Teams aus diversen Hackspaces entstehen.
Andreas family & friends Hamburg, Birgit family & friends Hamburg
Mit den Prozessen im Budapest-Komplex wird ein Exempel statuiert - nicht nur gegen Einzelne, sondern gegen antifaschistische Praxis insgesamt. Die Behauptung einer kriminellen Vereinigung mit Mordabsichten stellt eine absurde juristische Eskalation des staatlichen Vorgehens gegen Antifaschist*innen dar und steht in keinem Verhältnis zu den verhandelten Vorkommnissen. Die Verfahren in dieser Weise zu verfolgen, lässt vor allem auf ein hohes Ausforschungs- und Einschüchterungsinteresse schließen. Mit dieser Prozesswelle und den Repressionen gegen Freund*innen und Angehörige wird antifaschistisches Engagement massiv kriminalisiert und ein verzerrtes Bild von politischem Widerstand gezeichnet - während gleichzeitig rechte Gewalt europaweit zunimmt und faschistische Parteien erstarken. Wir sehen, dass Angriffe auf Rechtsstaatlichkeit und Zivilgesellschaft immer weiter zunehmen. Die Art und Weise, wie gegen die Antifas im Budapest-Komplex und im Antifa-Ost Verfahren vorgegangen wird ist ein Vorgeschmack darauf, wie politische Opposition in einer autoritären Zukunft behandelt werden könnte. Wir sind alle von der rechtsautoritären Entwicklung, von Faschisierung betroffen. Die Kriminalisierung von Antifas als "terroristische Vereinigung" ist Teil einer (weltweiten) Entdemokratisierung und Zersetzung von Rechtsstaatlichkeit.
Kohlenpod, kater, Stephan
Aus einem Barwitz wurde ein Projekt! Blumenthal7 ist die letzte vollständig erhaltene Schachtanlage des ehemaligen Steinkohlebergwerks General Blumenthal in Recklinghausen im nördlichen Ruhrgebiet. Nach diversen Startschwierigkeiten ist aus einer im Dornröschenschlaf liegenden Industriebrache ein Projekt geworden, das bereits jetzt einer Vielzahl von Entitäten und Gruppen eine Heimat und einen großen, nahezu grenzenlosen Spielplatz bietet. Begleitet uns gerne beim Power Cycle B7…!
Hendrik Ballhausen
Der Trend geht dahin, aus Gesundheitsdaten große zentralisierte Datenbanken aufzubauen. Eine datensparsame Alternative dazu ist, in einem verschlüsseltem Netzwerk gemeinsam auf verteilten privaten Daten zu rechnen, ohne sie miteinander teilen zu müssen. Perspektivisch können so demokratischere Datenströme geschaffen werden, die Patient:innen als aktiv Teilhabende statt als passive Datenquellen einbinden. Kommt mit auf eine Reise, die vor sechs Jahren in Deutschland gestartet ist und jetzt die erste europäische klinische Studie mit Secure Multiparty Computation (SMPC) realisiert hat.
Marco Wähner
Der Vortrag diskutiert Herausforderungen dezentraler Netzwerke aus soziologischer Perspektive. Als dezentrale Netzwerke werden technische Infrastrukturen verstanden, die nicht von einer zentralen Autorität, sondern verteilt über Instanzen zur Verfügung gestellt werden. Nutzer:innen profitieren von dieser Infrastruktur, nutzen beispielsweise das Fediverse oder das Tor-Netzwerk, ohne zur Infrastruktur beizutragen. Zugleich können dezentrale Netzwerke nur dann bestehen, wenn hinreichende Ressourcen von Personen oder Organisationen mobilisiert werden, um das Netzwerk überhaupt zur Verfügung zu stellen. Dies führt zur originären Instabilität dezentraler Netzwerke, wenn nicht der Weg der Kommodifizierung des Nutzer:innenverhaltens eingeschlagen wird. Aufbauend auf dieser Zustandsbeschreibung, werden Bedingungen erörtert, um Kollektivgüter wie dezentrale Netzwerke organisatorisch (und nicht technisch) herzustellen. Hierzu zählen Partizipation oder die Idee einer öffentlichen Grundfinanzierung. Der Vortrag wird neben soziologischen Ideen und harten Zahlen auch durch eine ordentliche Portion Idealismus zu Fragen der Souveränität und Autonomität in der Digitalisierung motiviert.
Mike Perry
HostileShop is a python-based tool for generating prompt injections and jailbreaks against LLM agents. I created HostileShop to see if I could use LLMs to write a framework that generates prompt injections against LLMs, by having LLMs attack other LLMs. It's LLMs all the way down. HostileShop generated prompt injections for a winning submission in OpenAI's GPT-OSS-20B RedTeam Contest. Since then, I have expanded HostileShop to generate injections for the entire LLM frontier, as well as to mutate jailbreaks to bypass prompt filters, adapt to LLM updates, and to give advice on performing injections against other agent systems. In this talk, I will give you an overview of LLM Agent hacking. I will cover LLM context window formats, LLM agents, agent vulnerability surface, and the prompting and efficiency insights that led to the success of HostileShop.
Alex Thurow
A time travel DJ set back to the times of the millennium change… … to the times of the prevented [Y2K apocalypse](https://en.wikipedia.org/wiki/Year_2000_problem) … to the times of the [Dot-com bubble](https://en.wikipedia.org/wiki/Dot-com_bubble) (… it’s about time AI, isn’t it?) … to the times of a [VERY problematic seed being planted](https://en.wikipedia.org/wiki/2000_Russian_presidential_election) … but most importantly to the times of the glorious: [| G.--. || R.--. || Ü.--. || N.--. || S.--. || P.--. || A.--. || N.--. |](https://www.gruenspan.de/) Back when ROCK was alive and kickin’ in „Hamburg meine Perle“! So, if you want to get a LOUD blast from the past - come join us and bring your [Pommesgabel](https://de.wikipedia.org/wiki/Mano_cornuta) with you! Live long and prosper, [DJ Alex](https://mstdn.social/@alexthurow/110279531725018974) (AKA: [https://onmoderndev.de](https://onmoderndev.de))
Sassi
Straßen aus Zucker lädt ein zur Frage: Sind linke Utopien tot – oder nötiger denn je? Spoiler: Aufgeben ist keine Option.
w1ntermute
Aktivistis haben das Problem, dass sie sich Hauptsächlich um ihre Aktion kümmern wollen. Da bleibt oft keine Zeit zu entscheiden, wie eine sichere Infrastruktur gestaltet werden kann. Ich möchte einmal vorstellen, was unsere Gruppe als Idee hat um dieses Problem zu lösen. Der Code hierfür ist noch nicht fertig, das ist eine Konzept vorstellung.
Magnus Ahltorp, Maria Skeppstedt
Climatepoetry.org started as a project for writing and collecting songs about climate change. The songs have been used in sing-along events and climate protests, but during the three years the project has existed, the political climate in Sweden has changed. Peaceful singing has been met with hateful rhetoric from the government and repression from the police. It became clear that anti-fascist activism has to be an integrated part of the Climatepoetry.org project, and not a separate activity.
chaeza + doc
Dj Set
Lila-Zoé Krauß
L Twills aka Lila-Zoé Krauß ist Musikerin, Performerin und Multimedia-Künstlerin. In ihrer Arbeit entwickelt sie eine transdisziplinäre Opernpraxis, um Fragen zur (post-)moderner Subjektivität und ihrer Beziehung zu Medien, Trauma und Erinnerung zu thematisieren. Sie studierte Bildende Kunst an der HFBK Hamburg und dem CalArts Los Angeles sowie Sound Studies an der UdK Berlin. In ihrer Musik kombiniert sie Elemente aus Downtempo, Experimentalmusik, Breakbeat und Oper mit eigens entwickelten Sounddesign-Techniken. Krauß veröffentlichte 2020 und 2024 die Vinylalben [Freedom/Fiction] und [After her Destruction] und performte auf diversen Bühnen, u.a.: Documenta Fifteen (Kassel), Kampnagel (Hamburg), Volkstheater (Wien), Montez-Press Radio (NYC), NAVEL (Los Angeles).
Weebz
WEEBZ likes to move between the odds, the rough and the soft: Breakbeat, dissonances, noise and sounds of deep dungeons belong to their mixes as well as the hymns of our hearts Most of the time the genres are mixed to an eclectic collection mirroring own confusions in the spirit of making the unmatching matching xx