Theme
Conference my congress Visitors
You must be logged in to use the filter favorited.
You must be logged in to use the filter favorited.

Schedule

Theme
Der Hub wird spätestens Ende Januar archiviert, alle nutzerbezogenen Inhalte, Boards und auch einige Wiki-Seiten werden dabei entfernt. Alle öffentlichen Assemblies, Projekte und Veranstaltungen bleiben. // The hub will be archived by end of January. All user-provided content, boards and several wiki pages will be deleted. All public assemblies, projects and events will remain.
Schedule
all curated only assembly only self_organized only
Day 1 Day 2 Day 3 Day 4
recorded only not recorded only
Tracks
CCC & Community Hardware Security Art & Beauty Ethics, Society & Politics Science Live Performance DJ-Set Entertainment Clear track filter

 

Day 4
11:00

11:30

12:00

12:30

13:00

13:30

14:00

14:30

15:00

15:30

One
CCC&T - Cosmic ray, the Climate Catastrophe and Trains. (en)

FantasticMisterFux

How can we predict soil moisture by measuring cosmic ray products and what have trains to do with it? Ever wondered how this Dürremonitor works, that you heared about in ther german news? These question and some more I will try to answer while I give an overview of some of the research that is done by the Helmholtz Centre for Environmental Research (UFZ).
Security of Cardiac Implantable Electronic Devices (en)

dilucide

Cardiac Implantable Electronic Devices (CIED), such as cardiac pacemakers and defibrillators, are a fairly niche target for security researchers, in part due to a lack of manufacturer cooperation and device accessibility. This talk aims to provide insights into the challenges in device development and methods with which to research device security. Data accessibility to patients will be touched upon.
Breaking BOTS: Cheating at Blue Team CTFs with AI Speed-Runs (en)

Leo Meyerovich, Sindre Breda

After we announced our results, CTFs like Splunk's Boss of the SOC (BOTS) started prohibiting AI agents. For science & profit, we keep doing it anyways. In BOTS, the AIs solve most of it in under 10 minutes instead of taking the full day. Our recipe was surprisingly simple: Teach AI agents to self-plan their investigation steps, adapt their plans to new information, work with the SIEM DB, and reason about log dumps. No exotic models, no massive lab budgets - just publicly available LLMs mixed with a bit of science and perseverance. We'll walk through how that works, including videos of the many ways AI trips itself up that marketers would rather hide, and how to do it at home with free and open-source tools. CTF organizers can't detect this - the arms race is probably over before it really began. But the real question isn't "can we cheat at CTFs?" It's what happens when investigations evolve from analysts-who-investigate to analysts-who-manage-AI-investigators. We'll show you what that transition already looks like today and peek into some uncomfortable questions about what comes next.
Security Nightmares (de)

Constanze Kurz, Ron

Was hat sich im Jahr 2025 im Bereich IT-Sicherheit getan? Welche neuen Methoden, Buzzwords und Trends waren zu sehen? Was waren die fiesesten Angriffe und die teuersten Fehler?

Ground
Atoms in Space (en)

manuel

*What are atoms doing in space anyways?* This talk will provide a brief overview of applications of quantum technologies in space ranging from precise timing and inertial measurements to fundamental physics.
CUII: Wie Konzerne heimlich Webseiten in Deutschland sperren (de)

Lina Lastname, Northernside

Stellt euch vor, eine private Organisation aus milliardenschweren Konzernen entscheidet, welche Webseiten ihr nicht besuchen dürft - ohne Richter, ohne öffentliche Kontrolle oder Transparenz. Genau das macht die CUII in Deutschland seit Jahren.
Who runs the www? WSIS+20 and the future of Internet governance (en)

Sophia Longwe

Abbreviations such as WSIS+20, IGF, IETF, DIEM, ICANN, PDP, ITU or W3C regularly appear in discussions about the Internet, yet often remain vague. This talk provides an update on the current state of Internet governance and explains why decisions made in United Nations processes have direct implications for technical standards, digital infrastructure, and power asymmetries.
Von Groschen und SpurLos - GNU Taler auch auf eurem Event! (de)

Mikolai Gütschow, signum

Willkommen in der Zukunft: Beim LUG Camp in Wipperfürth und bei den Datenspuren in Dresden wurde digital bezahlt - mit GNU Taler als Event-Bezahlsystem. Noch einfacher als Bargeld, billiger als Kartenzahlung und ohne Eingriff in die Privatsphäre der Besucher*innen. Wir zeigen euch, wie auch ihr das bei eurer nächsten (Chaos-)Veranstaltung anbieten könnt!

Zero
“End Of 10”: How the FOSS Community is Combatting Software-Driven Resource and Energy Consumption (en)

Joseph P. De Veaugh-Geiss, Carolina Silva Rode, Bettina Louis

The end of free support for Windows 10 was 14 October 2025. Well, sort of. Microsoft moved the date to 2026, one more year the FOSS community can introduce users to sustainable software. 14 October is also KDE's birthday, International E-Waste Day, with International Repair Day following on 18 October. The irony is deep, but what is not ironic is that millions of functioning computers will end up becoming security risks or discarded as e-waste. This means manufacturing and transporting new ones, the biggest waste of all: hardware production accounts for over 75% of a device's CO2 emissions over its lifespan. The FOSS community had an opportunity and we took it! In 2024, KDE Eco's Opt Green project began a global, unified campaign across FOSS and repair communities to upgrade unsupported Windows 10 computers to Linux. We held BoFs at SFSCon, CCC, and FOSDEM. We thought big and acted boldly. In this talk End Of 10 contributors will discuss the campaign, what has worked and what the challenges have been, and how FOSS provides a solution to software-driven resource and energy consumption.
Fossile Industrie liebt KI! (de)

Rike, Moritz Leiner

Der Hype um generative KI und die Gasindustrie bilden in Zeiten der Klimakrise eine bedrohliche Allianz für die Zukunft des Planeten.
We, the EU, and 1064 Danes decided to look into YouTube: A story about how the EU gave us a law, 1064 Danes gave us their YouTube histories, and reality gave us a headache (en)

David, LK Seiling

We explore what happens when Europe’s ambitious data access laws meet the messy realities of studying major digital platforms. Using YouTube as a central case, we show how the European Union’s efforts to promote transparency through the GDPR, the Digital Services Act (DSA), and the Digital Markets Act (DMA) are reshaping the possibilities and limits of independent platform research. At the heart of the discussion is a paradox: while these laws promise unprecedented access to the data that shape our digital lives, the information researchers and citizens actually receive is often incomplete, inconsistent, and difficult to interpret. In this talk, we take a close look at data donations from over a thousand Danish YouTube users, which at first glance did not reveal neat insights but sprawling file structures filled with cryptic data points. Still, if the work is put in, these digital traces offer glimpses of engagement and attention, and help us understand what users truly encountered or how the platform influenced their experiences. The talk situates this challenge within a broader European context, showing how data access mechanisms are set up in ways that strengthen existing power imbalances. Application processes for research data vary widely, requests are rejected or delayed without clear justification, and the datasets that do arrive frequently lack the granularity required for meaningful analysis. Yet the picture is not purely bleak. Citizens, researchers, and civil society already have multiple legal levers to demand greater transparency and accountability. The fundamental question is no longer whether democratic oversight is possible, but how we can use the tools at hand to make it real.
Infrastructure Review (en)

nicoduck

Infrastructure teams present what they did for this years congress and why they did it that way.

Fuse
How to keep Open Source open without leaving our communities open to threats (en)

Quintessence

The Four Freedoms (defined ~40 years ago) and the Four Opens (~15 years ago) for Open Source provided canonical definitions for what are the cornerstones of Open Source Software communities today. While the ethos still applies today, the cultural norms that blossomed to put it into practice are from an era with different challenges. To build a better world, we need to both keep and protect the value system of the Four Freedoms and Four Opens. To do that, we need to re-assess our risk and threat models to balance that allows beautiful minds to flourish as well as introduce responsible friction to prevent harm from coming to them.