We’re selling tickets for the Camp now. For more information, please read the Tickets page in our wiki.
Although the advance sale will be available until July 20th 2011, please order your tickets early. That helps us, because it tells us something about the number of participants and thus enables us to scale infrastructure to your needs.
Die Revision 2011 ist gerade erst vorbei, doch das Thema Demoszene ist noch lange nicht erschöpft.
Das backup_festival 2011 in Weimar ist ein Kurzfilmfestival mit Schwerpunkt auf Experimentalfilmen. Der Demoszene wird dieses Jahr ein Sonderprogramm gewidmet, um sie einem interessierten Publikum außerhalb der Szene vorzustellen.
Die Demoszene steht für eine der schillerndsten Facetten digitaler Kultur. Musiker, Graphiker und Programmierer finden sich in Gruppen zusammen und arbeiten an einem Demo in Form eines Computerprogramms, einer möglichst eindrucksvollen Demonstration des eigenen …
4 Tage. Du. Wir. Zeug. Auf der 11. Gulaschprogrammiernacht vom 23. bis 26. Juni in Karlsruhe — wie immer mit Hackcenter, Abendprogramm, Programmierspiel, Lockpicking, Party, Lasern, Arcade, Beats, Kunst, interessanten Leuten und Tschunk.
Du machst die GPN: Wir haben viel Platz für deine Ideen, Projekte, Workshops und Vorträge. Auch längere Coding- und Bastelprojekte sind dank langem Wochenende möglich. Melde dich per Mail an gpn-content@entropia.de.
Auf https://entropia.de/gulasch/ kannst du dich freiwillig unverbindlich anmelden und uns damit bei der Planung helfen. Dort kannst du auch …
We invite everybody to join us for a public visit to the location of the Chaos Communication Camp 2011 at Luftfahrtmuseum Finowfurt 1. Everybody who wants to do a project, put up a really big tent, build a village or do anything special in one way or the other should come.
The visit takes places at Saturday, May 7th, 2011 at 14:00h CEST. We will spend around two to three hours at the site depending on interest. Be careful to be on time as we won’t explain things twice.
If you plan to come, please drop your name in the wiki [2]. There you will also find driving instructions, aerial photographs …
Preparations for this year’s Chaos Communication Camp have started.
If you don’t know about the Camp in general have a look at the 2007, 2003, and 1999 web sites. You should also watch these great videos in order to get a first impression: Camp 2007 and Camp 2003
Actually, we’ve been working on Chaos Communication Camp 2011 – Project Flow Control – for quite some time, but finally there is a web site now. Since we’re a bit late already, we really need your support.
First and foremost we need your help in distributing the Call for Participation and the Call for a Space Program of the Hacker …
After receiving some concerned inquiries we want to state again:
Yes, the Chaos Communication Camp 2011 will take place. It will be from August 10th thru August 14th 2011 in Finowfurt near Berlin. There will be enough tickets for everybody. You may start your travel preparations by booking flights, applying for visas, charging your transcontinental teleporter’s capacitors, etc. We will be there.
The RC4 Stream Cipher could be the most common stream cipher used on the Internet. RC4 is the only Stream Cipher which is standardized for the SSL/TLS protocol, it is also used for WEP and WPA protected wireless networks. Initially, RC4 was designed to be a closed source commercial product, with the core algorithm kept secret. In 1994, the source code for RC4 was posted on the internet and the algorithm could be analyzed.
The first attack on RC4 was published by Fluhrer, Mantin, and Shamir in 2001. The attack is very effective, but can only be used against certain keys starting with a special …
As a general attack against encryption software on a computer, the cold boot attack was presented at 25C3. To encrypt data on a PC, many programs store the encryption key in RAM. The key is usually derived from a password or loaded from the hard disk where it is protected by a password too. The key resists as least as long as the encryption operation take in RAM. For many applications like Full-Disk-Encryption or Email Signatures, it is convenient to keep the key permanently in RAM, once it has been loaded, so that the user doesn’t need to enter his password again and again.
To protect the key …
SSL/TLS is the standard when it comes to securing HTTP traffic on the internet. The authenticity of a web server is usually secured using a X.509 certificate digitally signed by a trusted certification authority (CA). All major web browsers come with a list of CAs preinstalled they assume as trustworthy. Every website can be signed by any of these CAs, so no web browser would show a warning, if www.dod.gov would be signed by a Chinese certification authority or the Deutsche Telekom.
To examine the usage of X.509 certificates for SSL/TLS, the EFF installed a SSL Observatory:
The SSL …
The new national id card Neuer Personalausweis (NPA) was one of the biggest IT projects in the German government in the last years. Compared to the old id card, the new id card is a RFID smart card, which can also be used on the internet to prove your identify to a remote party (Ebay, Paypal, or Amazon for example) and to sign binding contracts. For example, you can use the card to buy a new house or car, or open up a bank account or apply for a credit.
When using the card over the internet, the card is connected to a reader, which is connected to a (potentially insecure) PC, which is …
Thanks to the Mission Angels, you’ll be able to interact with the talks going on at the 27c3 and more! While you watch the streams from one of many Peace Missions throughout the world, Mission Angels will be monitoring IRC and Twitter for questions to be asked in selected events during the 27c3.
To ask a question in a session on IRC join #27c3-Saal-1, #27c3-Saal-2, #27c3-Saal-3 on Freenode or use the corresponding terms as a Twitter hashtag to put your question to the session.
If you’re in a Peace Mission, you can even sign up to give a Lightning Talk!
See the Peace Missions entry on the 27c3 …
Many applications, including closed source applications like malware or DRM-enabled multimedia players (you might consider them as malware too) use cryptography. When analyzing these applications, a first step is the identification and localization of the cryptographic building blocks (cryptographic primitives, for example AES, DES, RSA…) in the applications. When these blocks have been localized, the input and output of the cryptographic primitives and the key management can be observed and the application can be analyzed further. Fortunately, many cryptographic algorithms use special …
