Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

February 27 2012

Play fullscreen
28c3: Datamining for Hackers

Download high quality version: http://bit.ly/rBS7SW

Stefan Burschka: Datamining for Hackers
Encrypted Traffic Mining

This talk presents Traffic Mining (TM) particularly in regard to VoiP applications such as Skype. TM is a method to digest and understand large quantities of data.

Voice over IP (VoIP) has experienced a tremendous growth over the last few years and is now widely used among the population and for business purposes. The security of such VoIP systems is often assumed, creating a false sense of privacy. Stefan will present research into leakage of information from Skype, a widely used and protected VoIP application. Experiments have shown that isolated phonemes can be classified and given sentences identified. By using the dynamic time warping (DTW) algorithm, frequently used in speech processing, an accuracy of 60% can be reached. The results can be further improved by choosing specific training data and reach an accuracy of 83% under specific conditions
Tags: 28c3
Play fullscreen
28c3: What is in a name?

Download high quality version: http://bit.ly/vIB0xC

Christoph Engemann: What is in a name?
Identity-Regimes from 1500 to the 2000s

Starting with the history of birth-registration an overview on the historical regimes of naming and identifying people from the 15th to the 20th century is given. the talk will show examples of the different identity media through time and their standardization with the rise of the westphalian nation state and the subsequent developments after the french revolution and during the 20th century. the goal of the talk is to show the complexity of the phenomenon of personal names and their media and the need for an informed debate on who and how naming and identification in the digital age is achieved.

In July 2011 Google opened the social network named Google+, immediately spawning a fierce debate about its real-name policy barring users from opening accounts with pseudonyms. Just a few days later Facebooks Vice President Randi Zuckerberg echoed Google's sentiment, asserting: "(...) anonymity on the Internet has to go away." Finally in early August Germanys minister of the interior demanded an end of anonymity on the Internet.

My proposed talk is not concerned with the relation of anonymity and pseudonymity and free speech, discrimination and empowerment that dominated the 'real-name' "nymwars" on the internet.

Instead it seeks to de-familiarize the notion of the 'real name' by exposing central aspects of the media-history of names, situating personal names in relation to the development of statehood and capitalism between the 1500 and the 2000s.

I thus will outline the history and function of birth-registration as introduced in the wake of the reformation in 1543 and its subsequent secularization during the rise of the Westaphalian nation state.

This includes an overview of the international standardization of both identity papers and personal naming regimes during the 19th century in the context of post-1789 development of statehood and colonization. Moving to the 2oth century I will provide examples of the development and standardization of the passport-system after WWI, and conclude my talk with a synopsis of administrative digital identity vision of the early nineties.

The goal of the talk is first de-familiarize the notion of the personal-name by showing its complex historical and material background, secondly to contextualize the current developments of digital identity regimes (Neuer Personalausweis, Google+, NSTIC etc) within the larger and longer-term developments of statehood and capitalist societies. Thirdly my talk will show that a name never was ones own but always an intersection of administrative, media-technical and personal interventions and as such is currently becoming a contested phenomenon again, requiring an informed debate about what is in a name.

Duration 40 mins, presentation style will be slides and accompanying talk, discussion afterwards.


Christoph Engemann studied psychology at the University of Bremen and became a Ph.D fellow of the Bremen International Graduate School of Social Sciences in 2002. Between 2003 and 2006 he was named a Non-Residential-Fellow at the Center for Internet and Society Stanford Law School.

Christoph took part in the 2005 Doctoral Summer School of the Oxford Internet Institute and was a lecturer at the Science, Technology and Society Program at the University of Texas in 2007 and 2008. Since February 2010 he works as researcher and lecturer at the Internationales Kolleg für Kulturtechnikforschung und Medienphilosophie at the Bauhaus University Weimar. In 2011 Christoph was a faculty member at the Weimar-Princeton Summer School for Media Studies on the topic of surveillance.

Christoph is member of the DFG-research network "Digital Citizens and their Identity"

His main areas of research are Governmediality; Digital Identity/Media of Identification and their History; Electronic Government; Genealogy of the Transaction; Political Economy of Internet.
Tags: 28c3
Reposted by02mydafsoup-01readitlater

February 26 2012

Play fullscreen
28c3: The Atari 2600 Video Computer System: The Ultimate Talk

Download high quality version: http://bit.ly/rOSPGl

Sven Oliver ('SvOlli') Moll: The Atari 2600 Video Computer System: The Ultimate Talk
The history, the hardware and how to write programs

Going more retro than the Commodore C=64: The Atari 2600 VCS was the breakthrough for video games in your own living room. This lecture will cover a bit of the history on how it came to live, describes the hardware used and shows how to write your own code for it.

The Atari 2600 Video Computer System (VCS for short) was the first wide-spread gaming console. It features 128 bytes of RAM, 4k bytes of addressable ROM. This was enough to keep it in production for more than 13 years.

This lecture divides in three parts:

The first part will cover the history on how it came to live. Learn why the Atari 2600 is technically half a Commodore creation. Learn why Motorola was really angry about that deal. Can you imagine on how the software was created, since there were no PCs or workstations available at this time? Get to view the probably first easter egg in the history of video games.

The second part will provide an intern view of the chips used in the Atari 2600: the 6507 CPU, the 6532 RIOT (RAM-I/O-Timer) and the TIA (Television Interface Adapter). It will also show why "racing the beam" is so important.

The third part will show how to write your own code. What registers you have and how to use them. Using emulators, the Harmony cartridge and a self-designed cart that will hopefully be finished by the time of the talk.
Tags: 28c3
Play fullscreen
28c3: Building a Distributed Satellite Ground Station Network - A Call To Arms

Andreas -horn- Hornig, hadez: Building a Distributed Satellite Ground Station Network - A Call To Arms
Hackers need satellites. Hackers need internet over satellites. Satellites require ground stations. Let's build them!

As proposed by Nick Farr et al at CCCamp11, we - the hacker community - are in desperate need for our own communication infrastructure. So here we are, answering the call for the Hacker Space Program with our proposal of a distributed satellite communications ground station network. An affordable way to bring satellite communications to a hackerspace near you. We're proposing a multi-step approach to work towards this goal by setting up a distributed network of ground stations which will ensure a 24/7 communication window - first tracking, then communicating with satellites. The current state of a proof of concept implementation will be presented.
Tags: 28c3
Reposted byfoe05 foe05

January 30 2012

Play fullscreen
28c3: Quantum of Science

Download high quality version: http://bit.ly/so4U2B

Robert Helling: Quantum of Science
How quantum information differs from classical

Quantum systems can have very different properties from their classical analogues which allows them to have states that are not only correlated but entangled. This allows for quantum computers running algorithms more powerful than those on classical computers (represented by Turing machines) and for quantum cryptography whose safety is (in principle) guaranteed by the laws of nature.

I will explain key facts of quantum information theory from a physics perspective. In particular, I will focus on the fundamental difference between the quantum world and the classical world of everyday experience that in particular makes it provable impossible to simulate a quantum world by a classical world. This will then be applied to information processing tasks like quantum computing, quantum cryptography and possibly the human brain.

No background in theoretical physics is necessary but some familiarity with basic complexity theory and linear algebra (what is a vector? what is a matrix?) could be
Tags: 28c3
Play fullscreen
28c3: SCADA and PLC Vulnerabilities in Correctional Facilities

Download high quality version: http://bit.ly/vQ7Vpz

Teague & Tiffany: SCADA and PLC Vulnerabilities in Correctional Facilities
Tiffany Rad, Teague Newman, John Strauchs

Many prisons and jails use SCADA systems with PLCs to open and close doors. Using original and publically available exploits along with evaluating vulnerabilities in electronic and physical security designs, Newman, Rad and Strauchs have discovered significant vulnerabilities in PLCs used in correctional facilities by being able to remotely flip the switches to "open" or "locked closed" on cell doors and gates. This talk will evaluate and demo SCADA systems and PLC vulnerabilities in correctional and government secured facilities while recommending solutions.

We figured out how to remotely hack into prisons cell and gate control systems by using publically available Siemens PLC exploits as well as creating our own. Teague and Tiffany did a walk-through a jail in the southwest, USA, saw PLCs in use, took pictures and saw prison guards accessing Gmail from the Control Room computers. We will be presenting the results of this research with John Strauchs discussing electronic and physical security vulnerabilities in modern prison design. Our research was presented at Defcon 19, Las Vegas, NV.
Tags: 28c3

January 07 2012


January 01 2012

8130 9ae6 500
Tags: 28c3
Reposted frompylon pylon viastarbug starbug
Play fullscreen
28c3: NOC Review

Download high quality version: http://bit.ly/uXf4jp

Kay, Will Hargrave: NOC Review
NOC Review about the Camp 2011 and 28C3

A review about the camp and the congress network. Network layout, planning, setup, operation and finally the teardown.

This talk will review both the 28C3 and, due to popular demand, the Camp network.

First we would like to give you a review about our network at the camp, where we built a mid-sized carrier network in a few weeks at a camp ground with no infrastructure: Starting at the 4km fibre uplink and the roll out of fibre over the whole campground, you will learn how to build proper datenklos, deploy access switches and WLAN access points in them and also how to convert a shipping container into a sophisticated outdoor data center, in order to build a network that can deliver pictures of cute little cats to over 3000 users. We had some issues and challenging tasks, which we wish to report; we also have some graphs, diagrams, photos and graphics which we want to share with you.

The second part will be about the network of the 28C3, which is more or less the usual stuff like every year. You will see some graphs, infrastructure, and hopefully no reports about big issues. ;)
Tags: 28c3
Reposted byleyrern0g
Play fullscreen
28c3: Neue Leichtigkeit

Download in hoher Qualität: http://bit.ly/vSV7JH

"Neue Leichtigkeit"
when unconditional artistic freedom happens

Despite the vast new possibilities new medias offer to artists, musicians and composers, regulation authorities and governments are trimming creative minds in their freedom, introducing new laws, filters and limitations. On the example of "Europa: Neue Leichtigkeit" the immanence of unconditional artistic freedom in creativity is brought to the audience.

Artistic freedom Using the example of a young band, formed by musicians and composers, the misguidance of the copyright industry, imposing their values onto media society, is brought to you in form of a musical performance.

New Airiness (neue Leichtigkeit) The expression "new airiness" obviously is an analogy to the music of "new objectivity". Kurt Weills proclaiming quote "In our music we want to give the voice to the man of our days, and he should speak to many." is underlined by new airiness. If we want to achieve this, our music has to be different, because the humans and the time have changed. One of the key stylistic elements therefore is reaction. The first step in composition is the adaption of well known and accepted song-structures. Airiness manifests itself in the incoherent manipulation of existing song-material. - In an unusual way "Europa: Neue Leichtigkeit" comments the crisis of the post-modern society with seemingly simple love songs.

Gala der Neuen Leichtigkeit - Wie EUROPA 'Glanz & Gloria' hackt I. Auch im 21.Jh. ist und bleibt die Gala ein wichtiges Instrument, die Konsumgesellschaft bei Laune zu halten. Popstars werden als Ikonen inszeniert, Werte wie Beauty, Glanz und Geld werden vermittelt, Emotionen freien Lauf gelassen auf der endlosen Rennbahn des Gewinns. Die Gala ist Messe und Mysterienspiel des Kapitalismus. In liturgischer Form lenkt sie die irrationalen Wünsche der Masse in die geregelten Bahnen des Systems. (Dass der Versuch einer Monopolisierung und Einschränkung der künstlerischen Freiheit mittels © eine Analogie zur römisch-katholischen Vereinheitlichung der Liturgie in der Spätantike und somit des an-sich-freien Glaubens darstellt, sei hier nur am Rande erwähnt). II. Eine Gala verläuft nach Mustern. Es gibt Verhaltens- und Dresscodes; Formeln, die zu befolgen sind. Daher kann jede Gala auch gehackt werden. Wer sich in eine Gala hackt, kann mit ihr spielen, Unsinn mit ihr anstellen oder ihr gar empfindlichen Schaden zufügen. (In ähnlicher Weise hackt cc das ©-System, da es der Privation des Geistigen die Freiheit des Geistes entgegenstellt). III. Dementsprechend versucht die Neue Leichtigkeit die Codes der Gala zu knacken. EUROPA eignet sich mimetisch die Gebärden der Schlagerstars an. Ist dies gelungen, so wird mittels Verfremdung die Brüchigkeit der propagierten Werte fühlbar gemacht. Als Gegenmythos zur Exklusivität von Glanz & Gloria feiert die Neue Leichtigkeit eine öffentliche Eleganz, welche den direkten Dialog zwischen Gesellschaft und Individuum ermöglicht. Durch die Überschreitung der Grenzen der Pop-Sprache wird ihre Begrenztheit zum Thema gemacht. (Es stellt sich hier auch die Frage nach der Legitimation von Symbolen mit religiöser Konnotation im Kontext der Pop-Kultur. Sie sollten Allgemeingut werden und nicht mehr an eine monopolisierte Instanz gebunden sein; [you are]your own personal Jesus.)

Tags: 28c3

December 30 2011

Tags: 28C3
Reposted byrandy randy
Play fullscreen
28c3: Your Disaster/Crisis/Revolution just got Pwned

Download high quality version: http://bit.ly/sCkr9a

Herr Urbach, willowbl00: Your Disaster/Crisis/Revolution just got Pwned
Telecomix and Geeks without Bounds on Security and Crisis Response

Software is becoming more and more important in organizing response to all kinds of crises, whether that means activists responding to an unjust government or aid workers helping with the aftermath of a disaster. Security often isn't the first thing people think about in these situations -- they have work to get done, just like the rest of us, and many of these tools are built in the heat of the moment. In a crisis, a lack of security can make a small disaster into a big one. In this talk, we'll look at real world experiences of the security and privacy problems in the field, and how to fix them, at both large and small levels.

People are using technology to try to save the world, whether in the disaster response world, or in activist or revolutionary work. Many of the people involved are not technologists. Many of the people building tools for these situations do not understand security. This is a problem because: Privacy issues for disaster response Creepy uncle Creepy government agency Gaming the aid process with crowdsourced reports Activists and revolutionaries are subject to direct attack, coercion, harrassment, etc. A few problems: People are using generic tools that don't provide the guarantees they need People are writing special-purpose tools without understanding the problem People are writing tools which intentionally subvert their users People don't understand the problems they're causing with how they use tools To fix this: Build specialist tools with a deep understanding of the real problems Get the help you need to make tools secure Ask for help Help disaster/activist ICT projects if you know your security Build security into generic tools, even if you're not planning on revolutionaries using them, because you never know when you're going to need to overthrow a government on twittter. Learn/teach about security and what it takes to use existing tools well Build a security culture in your organization
Tags: 28c3

The logo of the congress at Saal1 on Day 2.

Camera: D5000
Objective: 35mm, 1.8
Tags: 28c3
Play fullscreen
28c3: Fnord-Jahresrückblick

Download in hoher Qualität: http://bit.ly/tDdgS0

Felix von Leitner, Frank Rieger: Fnord-Jahresrückblick
von Atomendlager bis Zensus

Auch dieses Jahr werden wir euch wieder mit den Fnords des Jahres zu unterhalten suchen.

Im Format einer lockeren Abendshow werden wir die Highlights des Jahres präsentieren, die Meldungen zwischen den Meldungen, die subtilen Sensationen hinter den Schlagzeilen. Kommen Sie, hören Sie, sehen Sie! Lassen Sie sich mitreißen!
Tags: 28c3
Reposted byphinmburger02mydafsoup-01
Play fullscreen
28c3: How governments have tried to block Tor

Download high quality version: http://bit.ly/v04Z25

Jacob Appelbaum, Roger Dingledine: How governments have tried to block Tor

Iran blocked Tor handshakes using Deep Packet Inspection (DPI) in January 2011 and September 2011. Bluecoat tested out a Tor handshake filter in Syria in June 2011. China has been harvesting and blocking IP addresses for both public Tor relays and private Tor bridges for years.
Tags: 28c3
Play fullscreen
28c3: Die Koalition setzt sich aber aktiv und ernsthaft dafür ein

Download hiqh quality version: http://bit.ly/utXTBy

maha/Martin Haase: „Die Koalition setzt sich aber aktiv und ernsthaft dafür ein"
Sprachlicher Nebel in der Politik

Aktuelle politische Texte (Reden, Interviews) werden auf Leerformeln, Füllsel und Übertreibungen untersucht, die den Text entlarven, selbst wenn der Autor versucht, die Hörer bzw. Leser einzulullen, bestimmte sprachliche Mittel verraten, welche eigentlichen Meinungen sich im Text verstecken. Auf diese Weise wird in den Texten sichtbar, was Wilson und Shea als „Fnord" bezeichnen.

Der Sprachwissenschaftler Victor Klemperer hat festgestellt: „Was jemand willentlich verbergen will, sei es vor anderen, sei es vor sich selber, auch was er unbewusst in sich trägt: Die Sprache bringt es an den Tag." Besonders deutlich wird das an Ausdrucksmitteln, die als „Nebelsprech" bezeichnet werden können: Es handelt sich dabei vor allem um sprachliche Füllsel (Pleonasmen), die im jeweiligen Kontext nichts zur Bedeutung eines Textes beitragen, sondern einer Aussage nur Nachdruck verleihen sollen, den die Aussage gar nicht benötigen würde, wenn sie ernstgemeint wäre. So heißt es im Koalitionskompromiss zum Weiterbau der A100 in Berlin: „Das Projekt des 16. Bauabschnitts der BAB 100 wird nicht grundsätzlich aufgegeben. Die Koalition setzt sich aber aktiv und ernsthaft dafür ein, dass eine Umwidmung der Bundesmittel ermöglicht wird." Die Adverbien „aktiv" und „ernsthaft" haben hier eine entlarvende Wirkung, denn ein passiver und scherzhafter Einsatz für eine Forderung ist ja gar nicht vorstellbar. In der Rhetorik spricht man in diesem Zusammenhang von einer Hyperbel, die allerdings im vorliegenden Fall misslungen ist, denn die hyperbolische Steigerung legt nahe, dass mit Aktivitäten in diesem Zusammenhang möglicherweise nicht zu rechnen ist. Auch wenn „vorbehaltlos, rückhaltlos und umfassend analysiert" wird (Merkel), sollte man hellhörig werden, denn was „völlig ungefährlich" und „gänzlich unbedenklich" ist, hat meist einen Haken.

Analysiert werden Texte zum „Atomausstieg", zur Vorratsdatenspeicherung und zu weiteren aktuellen Themen, vor allem aus der Netzpolitik.
Tags: 28c3
Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.
Get rid of the ads (sfw)

Don't be the product, buy the product!