Tag: Fahrplan (page 2 of 2)

Camp Schedule Published

Almost a week ago we published the Camp Fahrplan (schedule). Follow this link for more information.

GPN11: Vorläufiger Fahrplan

Ab Donnerstag 23.6. bis Sonntag 26.6. findet in Karlsruhe die GPN11 statt.
Der vorläufige Fahrplan ist nun online.


Der Workshop zu alternativer Gulasch­erwärmung, der Gamejam und der Laut­sprecher­bau­workshop finden über mehrere Tage hinweg statt – zu letzterem bitte bis 31.5. anmelden. Samstagnacht Party mit Live-DJs.

Crypto Talk at 27C3: Automatic Identification of Cryptographic Primitives in Software, Day1, 16:00, Saal 3

FingerprintMany applications, including closed source applications like malware or DRM-enabled multimedia players (you might consider them as malware too) use cryptography. When analyzing these applications, a first step is the identification and localization of the cryptographic building blocks (cryptographic primitives, for example AES, DES, RSA…) in the applications. When these blocks have been localized, the input and output of the cryptographic primitives and the key management can be observed and the application can be analyzed further. Fortunately, many cryptographic algorithms use special constants or have a typical fingerprint  and there are only a few different public implementations of the algorithm. This allows us to automate this first, Felix Gröbert will show us how:

Using dynamic binary instrumentation, we record instructions of a program during runtime and create a fine-grained trace. We implement a trace analysis tool, which also provides methods to reconstruct high-level information from a trace, for example control flow graphs or loops, to detect cryptographic algorithms and their parameters.

Trace driven/dynamic analysis has some advantages of static analysis:

  • Because the program is analyzed at runtime, it is immediately known which parts of the code are used at which time, so that they might be correlated with runtime decryption of the code or with network communication.
  • Inputs and outputs of the primitives as well as the keys are recorded, even if the originate from a remote server or botnet. This allows us to immediately distinguish between long term keys and session keys, if multiple executions of the same program can be recorded.
  • This is also highly interesting if private keys are included in an obfuscated binary, for example private RSA keys.
  • Dead or unused code is automatically excluded, so that one can proceed with the main parts of the code first.
  • If additional code is loaded from a server, it is included in the analysis. This would be hard to impossible using static analysis.

AnalysisOf course, trace driven analysis has it disadvantages, for example if a malware needs to communicate with a command-and-control server, which has already been taken down or behaves differently on different systems or at different times.

Personally, I am interested in this talk because it might make ease up the analysis of closed source applications using cryptography. Even if the application, the DRM scheme, or the cryptographic primitive has no special weaknesses or bugs, just he recording of every input and output of all cryptographic building blocks in the application might be sufficient to extract a DRM free version of DRM protected digital content. Please also note that even if an application uses only well analyzed cryptographic primitives as AES and RSA, it might still be insecure, if these primitives are used in the wrong way.

See the talk at Day 1, 16:00, Saal 3!

Author: Erik Tews

24 Hour Hardware Hacking Returns to 27c3

Hackers of all ages can (learn how to) make things at the Hardware Hacking Area of the 27c3!

The HHA is open to everyone and open the entire congress! Hackers of all ages and skill levels are welcome! Round-the-clock hands on workshops will be led by lots of experienced teachers like Mitch Altman, Jimmie P. Rodgers, fbz, Wim Vandeputte and…you!

Learn to solder, then help teach others! Make cool things with electronics, design and print 3D models on the Makerbot, break RFID, or give your own workshop on the projects you’ve been hacking on this year. Last year there was a Cantenna workshop, a Mikrocopter workshop, and a GSM workshop among many others.

Lots of kits for you to make will be available including Brain Machines, TV-B-Gones, Trippy RGB Waves, Mignonette Games, LEDcubes, LOL shields, Atari Punk Consoles…and there’s always room for yours!

To accommodate all this hardware hacking goodness, the HHA will be twice the size it was during the 26c3, but still conveniently located near the Hackcenter.

Even if you don’t have a ticket to Congress, you can stop by the HHA with a Night Pass good from Midnight to 6 AM. Night passes are only €5 and will be sold shortly before midnight each day of the 27c3.

Lightning Talks at the 27c3

Picture of a lightning storm over Berlin

Want four minutes on stage at the 27c3? You can have it! Registration is now open for the Lightning Talk sessions at the 27c3.

Taking place at 12:45 in Saal 3 on Days 2, 3 and 4, these fast paced sessions are perfect for pitching new software or hardware projects, exploits, creative pranks or strange ideas you need to share with the world.

Lightning talks are also good for getting publicity for your workshop at the 27c3, or for recruiting people to join in on things like a high calorie flash mob.

In order to maximize the available time, registrations will be granted to presenters who submit their graphics (i.e. slides, background picture, contact info, etc.) in advance. Exceptions will be made very selectively on a case-by-case basis. Register soon, as we anticipate the available slots will go quickly. (Proposals started coming in a few minutes after we put up a draft of the wiki page!)

Read the Lightning Talks article on the 27c3 wiki for more information!

Photo Courtesy Matt Biddulph via flickr.

Content Meetings are over: Fahrplan released

For the English version, see below.

Vergangenen Sonntag ging das zweite und letzte Content-Meeting für den 27C3 zu Ende. Wir haben uns alle eingereichten 223 Submissions angesehen und 98 der besten Einreichungen für Euch ausgewählt. Vielen Dank für die zahlreichen interessanten Einreichungen, die allen Beteiligten die ehrenamtliche Arbeit versüßt haben!

Nachdem wir zuletzt noch hochmoderne Zettelchen auf dem Boden herumgeschoben haben, können wir ihn endlich präsentieren: den Fahrplan Version 0.1. Bitte beachtet: Das ist Version 0.1. Die Lücken werden nach und nach mit weiterem coolen Stuff gefüllt, sobald die Referenten confirmed sind. Änderungen wie immer vorbehalten, alle Angaben ohne Gewähr.

Dieses Jahr wird es auch Vorträge geben, die 30 Minuten lang sind. Damit wollen wir spannenden Themen einen angemessenen Rahmen geben, die zu komplex für einen Lightning Talk sind, aber keine Stunde füllen würden. Durch das Mehr an Vorträgen wird das Programm vielfältiger und die Aufmerksamkeitsspanne in den frühen Stunden des Congress-Tages nicht überstrapaziert.

Um Euch einen kleinen Ein- und Überblick zu geben, werden einige der angenommenen Vorträge demnächst hier vorgestellt. Stay tuned. :-)

Continue reading

Easterhegg 2010: Fahrplan veröffentlicht

Inzwischen wurde der Fahrplan in einer ersten Version veröffentlicht. Traditionell haben wir auf dem Easterhegg wieder einen starken Fokus auf Hands-On-Projekten, dadurch sind es wie immer auch sehr viele Workshops und weniger reine Vorträge. Leider ist die Anmeldung aufgrund der hohen Nachfrage bereits geschlossen – bitte wende Dich an “backoffice (at) eh2010.muc.ccc.de”, falls Du einen Platz auf der Warteliste haben möchtest.

Die großen Workshops werden vor allem am Samstag und am Sonntag sein, aber auch am Montag wartet noch ein interessantes Angebot zum Thema “Multitouch” auf Euch.
Am Freitag begrüßt Euch unter anderem zunächst Christian Heller mit einem Vortrag zu Identitätskriegen sowie Florian Schiessl, stellvertretender Leiter des LiMux-Projekts, der Linuxumstellung der Clients der Stadt München.
Am Samstag stehen die großen Workshops rund um Ethersex und Open-Source-Strommanagement im Mittelpunkt. Außerdem eine große Session zum Projekt “Chaos macht Schule” sowie einen ausführlichen Vortrag zum Rapid Prototyping. Neben unserem eigenen RepRap wird auch ein Makerbot vorgestellt – und kann auch direkt ausprobiert werden.
Sonntagmittag gehts u. a. los mit den Lightning Talks (weitere Speaker sind jederzeit willkommen). Außerdem wird an diesem Tag Wolfgang ‘Datenwolf’ Draxinger seine Nachforschungen zur Stereoskopie teilen. Du wolltest schon immer Dein eigenes 3D-Kino zuhause haben? Dann bist Du hier richtig.

Neben den hier genannten gibt es natürlich noch eine Vielzahl an kleinen Talks und anderen, vielfältigen Workshops. Schau Dich einfach im Fahrplan um: http://eh2010.muc.ccc.de/fahrplan/

Wir freuen uns auf ein paar schöne Tage zu Ostern!

Fahrplan: A small gift for today …

… some already asked for it: The Fahrplan (schedule) as a handy A4-sized PDF for print-outs (fold it in the middle). So you can now use the lonely moments under the christmas tree to figure out what lectures to attend – even without using a computer.

But there is no need to get your printer-drivers back to working – a print-out will be waiting for you at the entrance of 25C3.

25C3: Preliminary schedule

The very first version of our schedule (we call it “Fahrplan”) is out. Have a look.

The conference will present talks ranging from eVoting, a discussion of Methods for Understanding Targeted Attacks with Office Documents, to an overview about RepRap in the talk Objects as Software: The Coming Revolution. Phones and micro controllers will be a very big topic this year, but not all talks are fixed by now.

You will see a lot of empty slots, but it basically means that these talks are not 100% confirmed. The good thing: You still have something to wait for in the next couple of days.

Newer posts

© 2019 CCC Event Blog

Theme by Anders NorenUp ↑