Theme
Conference my congress Visitors
You must be logged in to use the filter favorited.
You must be logged in to use the filter favorited.

Schedule

Theme
Der Hub wird spätestens Ende Januar archiviert, alle nutzerbezogenen Inhalte, Boards und auch einige Wiki-Seiten werden dabei entfernt. Alle öffentlichen Assemblies, Projekte und Veranstaltungen bleiben. // The hub will be archived by end of January. All user-provided content, boards and several wiki pages will be deleted. All public assemblies, projects and events will remain.
Schedule
all curated only assembly only self_organized only
Day 1 Day 2 Day 3 Day 4
recorded only not recorded only
Tracks
CCC & Community Hardware Security Art & Beauty Ethics, Society & Politics Science Live Performance DJ-Set Entertainment Clear track filter

 

Day 3
13:00

13:30

14:00

14:30

15:00

15:30

16:00

16:30

17:00

17:30

18:00

18:30

19:00

19:30

20:00

20:30

21:00

21:30

22:00

22:30

One
Schlechte Karten - IT-Sicherheit im Jahr null der ePA für alle (de)

Bianca Kastl

Seit Mitte 2025 steht die elektronische Patientenakte für alle zur Verfügung – nach ein paar kleineren oder größeren Sicherheitsproblemen im Vorfeld, sei es vor einem Jahr auf dem 38C3 oder Ende April zum deutschlandweiten Start. Zeit ein Fazit zu ziehen: Ist die ePA jetzt sicher? Wurden nachhaltige Veränderungen durchgeführt, die zu mehr Sicherheit führen? Kann der Umgang mit der IT-Sicherheit «eines der größten IT-Projekte der Bundesrepublik» für zukünftige Digitalprojekte hilfreich sein? Zeit, mit etwas Abstand auf das zu blicken, was war, was ist und was sich abzeichnet nicht nur bei der ePA, sondern auch beim Umgang mit IT-Sicherheit bei ähnlichen Vorhaben in Deutschland. Eine umfassende Analyse der Historie und der Ursachen einer der weitreichendsten Fehlentwicklungen im Bereich der IT-Sicherheit der letzten Jahre, die sich in weit mehr zeigt, als nur in schlechter Prüfung der Anwesenheit von Gesundheitskarten im Gesundheitswesen.
10 years of Dieselgate (en)

Felix Domke, Karsten Burger

Let's have a (hopefully) final look at Diesel emission cheating. This technical talk summarizes what I learned by reverse-engineering dozens of engine ECU software, how I found and characterized "interesting logic" which, more often than not, ended up being a court-approved "defeat device". What started as a "curious investigation" in 2015 to obtain a ground truth to widespread media reports of "VW being caught for cheating" ended up as a full-blown journey through the then-current state of the Diesel car industry. In this talk, Karsten and Felix will walk through the different implementation of defeat devices, their impact on emissions, and the challenges in documenting seemingly black boxes in court-proven expert reports.

Ground
There is NO WAY we ended up getting arrested for this (Malta edition) (en)

mixy1, Luke Bjorn Scerri, girogio

3 years ago, 3 Maltese students were arrested and charged with computer misuse after disclosing a vulnerability to a local company that developed a mobile app for students. Through persistent media pressure, the students managed to obtain a presidential pardon to drop the case and funding for their lawyers. However, through this journey, there were mentions of punishment for retaliating through media disclosure. The story has not concluded, and there will be no amendments to the Maltese computer misuse law for the foreseeable future.
Set-top box Hacking: freeing the 'Freebox' (en)

Frédéric Hoguin

The French ISP 'Free' was the first to introduce a set-top box in France in 2002, named the Freebox. Four years later, the fifth version of the Freebox was released and distributed to customers. It comprises two devices: a router, and a PVR called the Freebox HD, both running Linux. The Freebox HD had innovative features at the time, such as live television control and HD capabilities. Such a device has a lot of potential for running homebrew, so I decided to hack it. I present how I got arbitrary code execution on the Freebox HD and then root privileges, using a chain of two 0-day exploits, one of which is in the Linux kernel. I then analyze the device, run homebrew software, and explain the structure of the ISP's private network that I uncovered while exploring the device.
Build a Fake Phone, Find Real Bugs: Qualcomm GPU Emulation and Fuzzing with LibAFL QEMU (en)

Romain Malmain

Mobile phones are central to everyday life: we communicate, entertain ourselves, and keep vast swaths of our digital lives on them. That ubiquity makes high-risk groups such as journalists, activists, and dissidents prime targets for sophisticated spyware that exploits device vulnerabilities. On Android devices, GPU drivers have repeatedly served as the final escalation vector into the kernel. To study and mitigate that risk, we undertook a research project to virtualize the Qualcomm Android kernel and the KGSL graphics driver from scratch in QEMU. This new environment enables deep debugging, efficient coverage collection, and large-scale fuzzing across server farms, instead of relying on a handful of preproduction devices. This talk will highlight the technical aspects of our research, starting with the steps required to boot the Qualcomm mobile kernel in QEMU, all the way up to the partial emulation of the GPU. Then, we will present how we moved from our emulation prototype to a full-fledged fuzzer based on LibAFL QEMU.

Zero
Watch Your Kids: Inside a Children's Smartwatch (en)

Nils Rollshausen

Join us as we hack at a popular children's smartwatch and expose the secrets of every fifth child in Norway, their parents, and millions more.
Making the Magic Leap past NVIDIA's secure bootchain and breaking some Tesla Autopilots along the way (en)

Elise Amber Katze

The Tegra X2 is an SoC used in devices such as the Magic Leap One, and Tesla's Autopilot 2 & 2.5 promising a secure bootchain. But how secure really is the secure boot? In this talk I go over how I went from a secured Magic Leap One headset, to exploiting the bootloader over USB, to doing fault injection to dump the BootROM, to finding and exploiting an unpatchable vulnerability in the BootROM's USB recovery mode affecting all Tegra X2s.
APT Down and the mystery of the burning data centers (en)

Christopher Kunz, Sylvester

In August 2025 Phrack published the dump of an APT member's workstation. It was full of exploits and loot from government networks, cell carriers and telcos. The dump sparked a government investigation, and corpos like LG and Korea Telecom were asked to explain themselves. Hours before an onsite audit, the data center mysteriously caught fire, destroying almost a hundred servers. Then another data center burned - and unfortunately, there was even one death. The talk aims to revisit this mysterious sequence of tragic incidents. [TW: Suicide, self-harm]
Race conditions, transactions and free parking (en)

Benjamin W. Broersma

ORM's and/or developers don't understand databases, transactions, or concurrency.

Fuse
Learning from South Korean Telco Breaches (en)

Shinjo "peremen" Park, Yonghyu "perillamint" Ban

2025 was a bad year for South Korean mobile network operators. All three operators (SK Telecom, KT, LG U+) were affected by breach in some part of their respective network: HSS of SK Telecom, femtocells of KT. Meanwhile, handling of the breach by each operators and post-mortem analysis of each breaches have stark differences. The technical details and implemented mitigations are often buried under the vague terms, and occasionally got lost in translation to English. In this talk, I will cover the technical aspects of SK Telecom and KT's breach, and how the operators are coping to the breach and what kind of measurements have been performed to secure their network.
The Angry Path to Zen: AMD Zen Microcode Tools and Insights (en)

Benjamin Kollenda

EntrySign opened the door to custom microcode on AMD Zen CPUs earlier this year. Using a weakness in the signature verification we can load custom microcode updates and modify behavior of stock AMD Zen 1-5 CPUs. While AMD has released patches to address this weakness on some CPUs, we can still use unpatched systems for our analysis. In this talk we cover what we found out about microcode, what we saw in the microcode ROM, the tooling we build, how we worked to find out more and how you can write & test your own microcode on your own AMD Zen systems. We have our tools up on https://github.com/AngryUEFI for everyone to play around with and hopefully help us understand microcode more than we currently do.

Am Spätverkauf
Von Berlin ins Exil - Lieder der 20er und 30er Jahre (de)

Kurt Tucholsky, Bertolt Brecht, Friedrich Hollaender, Claire Waldoff: Sie alle waren feste Größen des Berliner Kulturlebens. Es war wild, es war queer, es war jüdisch. Dann kamen die Nationalsozialisten an die Macht. Wer anders dachte – und sang! – wurde systematisch aus dem Land getrieben. Wer konnte, flüchtete ins ungewisse Exil.
Der Untergang* (de)

Der Untergang*

Späti Punk Karaoke Special mit Der Untergang* Wir sind der Untergang*. Wir sind Julia Wilton (Das Bierbeben, Pop Tarts) und Thies Mynther (Das Bierbeben, Superpunk, Phantom Ghost, Chaos Communication Choir). Wir werden ein kleines Konzert spielen, tragen aber auch gern etwas zum sehr guten Punk Karaoke bei. Zum Mitsingen und Mikrophonhijacking wird unbedingt eingeladen. Eventuell schaut auch der Chaos Communication Choir dabei.
inPunkto (de)

Takakalle

Schrammelpunk aus Hamburg

Chaos Computer Music Club
Ninsn (de)

Nina

Soundcloud: https://soundcloud.com/ninsnberlin
Denise Frey Electro-Acoustic Ambient Music (de)

Denise Frey

Denise Frey macht elektroakustische Ambient-Musik – ruhig, vielschichtig, atmosphärisch. Mit Saxophon, MPC, Effektgeräten und einem feinen Gespür für Klang formt sie in ihren Konzerten Klanglandschaften, die einladen zum Loslassen, Lauschen, Entspannen. Ihre Musik entsteht live – improvisiert, organisch, unmittelbar.
Tinabel vs Nintendo DS - Chiptune punk and new-wave from Tina Belmont, using Rhythm Core Alpha 2 on Nintendo DSi and 3DS (en)

Tinabel

Tinabel (Tina Belmont) plays a set of her punky electronic rock songs using "Rhythm Core Alpha 2", software which she created herself, on the Nintendo DSi & 3DS game consoles. See http://www.tinabelmont.com and http://www.whitecollarpunk.com to hear the music, or http://rhythmcorealpha.com to learn about the software!

Chill Floor
Der feine Schliv (de)

Der feine Schliv

Zwischen Rap, Tanz und Poesie, erschließt Der feine Schliv neue Räume. In ihren Performances changiert sie zwischen provokanten Auf-die-Fresse-Ansagen an das Patriarchat und empathischen Erzählungen vom Versuchen und Scheitern. Sie tritt unter anderem mit dem serbischen Nachwuchs Duo “Slezga” sowie mit den Hamburger Gruppen “Fallbeil” und “Yummy Air”auf. An der Diverstität ihrer Begleitungen zeichnet sich ihr musikalisches Universum ab, von balladigen Conscious Raps, Chansons und Witchy Toasting.
Betontes Schonen (de)

Jeanette

Dj Set
Der verlängerte Atem pres. Ghost Processes (de)

Martin, Fiona, Jil

Der verlängerte Atem pres. Ghost Processes Seit 2020 sendet Der verlängerte Atem regelmäßig auf HALLO:Radio und tourt mit Gastauftritten auf Festivals und Veranstaltungen in und um Hamburg. Als offenes Radiolabor zwischen Musik, Redebeiträgen und thematisch passenden Audio-Snippets, verweben die Vinyl-DJs, Künstlerinnen und Radiomacherinnen Fiona Grassl, Jil Lahr und Martin Ramacher analoge Klänge, Stimmen und Gedanken zu thematischen Sendungen. Für den 39C3 fährt Der Verlängerte Atem das System herunter - und wieder hoch. Und findet dazwischen: Prozesse ohne Besitzer, Threads ohne Aufgaben, Routinen, die längst beendet sein sollten und doch weiterlaufen. Geisterprozesse flüstern im Hintergrund, aktualisieren sich selbst, verlieren den Takt oder schlafen zu tief, um je zurückzukehren. Zwischen knisterndem Vinyl, digitalem Summen, Glitches und verspielten Redebeiträgen entstehen live Sound-Landschaften, in denen nichts ganz verschwindet - und alles wiederkehrt. Spooky.
Cloud Management (de)

Cloud Management

Operating in a mode of Kluster via Pole, Dub Syndicate at Conny Plank's, or even fang-baring flashes of The Bug and Bryn Jones or Peak Oil modernism, the trio approach the project from the more oblique angles of respective projects Datashock, Phantom Horse and Love-Songs, to probe a more soft-centred, dematerialised and heady sound, but also reserve the right to go tuffer, more venomous, when they feel it.
kathadingsda (en)

dingsda

kathadingsda vereint treibende Beats und sanfte Grooves mit dubbigen Elementen und experimentellen Klängen. So entstehen warme, organische Soundwelten, die sich stetig verändern und in Bewegung bleiben.

Vorglühmarkt
lisaholic (live beatset) (en)

lisaholic

Lisaholic - breakbeat / bass / vocals liveloopset with a drum computer and a loopstation.
HolleLang (en)

HolleLang

HolleLang has been supplying the dance floor with his ever evolving personal blend of Dub infected Techno, rooted both in House and flashing Rave music alike. A seasoned vinyl dj HolleLang does not overestimate the medium but focuses on the music and atmosphere. No punishing jockey from the dark side, his sets are known to vibrate with well wishing force and sometimes fierce intensity though while keeping a good sexy groove going. Former resident of well received "No f**ing Day Can Destroy My Love" party series, and long running host of Gumbo Frisst Schmidt/Nachtschleifer radio live broadcast on Hamburg‘s decades old independent station FSK, HolleLang unites both ceremonial dj talent and activist attitude to serve the community. He loves music so much, especially house music ❤️ Look at https://soundcloud.com/hollelang.