Let's all be welcome to 34C3 brand new TeaHouse! Let's sit down and tune in to the awesome schedule for sessions and workshops; Let us share some nerdy facts about being part of ensuring the tea flow while sharing the tea ritual itself.....
Let's all be welcome to 34C3 brand new TeaHouse! Let's sit down and tune in to the awesome schedule for sessions and workshops; Let us share some nerdy facts about being part of ensuring the tea flow while sharing the tea ritual itself... We'll discuss the numerous and diverse tea and herbal delights that compose our incredible TeaBox, and many other reasons and ways to "be excellent tea each other"! ;)
What has the Hackerfleet been up to, since last Camp? Riot, one of the cofounders, gives you an update and demonstrates the current state of our technology. This is relevant for maritime users, as well as people disliking all that cloud-stuff (like human rights organisations), since many of the already available packages integrate collaboration tools that you're used to using on other people's machines.
Come and learn how to hack one body (yours or somebody else's) to mitigate anxiety and panic attacks. A Hands-on (pun intended) workshop.
Presentation of ongoing, past and future works of Hacking with Care, with a focus on hacking anxiety. Anxiety is always multi-factored, but there are open channels in the body waiting to be understood and trained that can be efficiently used for self-care and other people's care, as to mitigate the effect of stress, panic, anxiety, and how to mediate crisis situations (panic attacks) Hacking With Care is a collective composed of hackers-activists, caregivers, artists, sociologist, growing quite literally by contact and affinity. Together we imagine, circulate, put in common resources and tools for care in accordance with hackers ethics and peer-to-peer philosophy. We create occasions for body & soul rejuvenation and collective (re)appropriation of care. We work with an understanding of the needs and requirements of specific contexts, as can be found in hacking and activism. Similarly, we like to transmit to caregivers some hackers-activists tools and best practices, for example in relation to privacy/data protection, technological independence, operational security. Other aspects we like are creativity in care, access to knowledge, interdisciplinarity, questioning of n...
Uninterrupted Mate drinking sessions during the first three days of the Congress during the day time. Whether you just want to drink a Mate between sessions, learn how to make one or take a fresh mate with hot water to a thermos. stop by. We wil...
Mate is the main fuel that the congress runs on and we would like to take it out of the bottle and offer everyone the chance to try a real mate in traditional style. Facilitating communication and sharing drinkers we recommend at least half an hour (either alone or with a friend) to really experience the Mate. The basic preparation techniques and rules will be explained and participants are welcome to drink together, try their hand at making one and see what other herbs can be mixed into the mate. Or just come and sit separately and enjoy the Mate .
Hackers portrayed in mainstream culture are almost exclusively black-hats or hacktivists, with the social dimension of the movement largely ignored. I started Glider Ink as a project aiming to create the first graphic novel about hackerspaces, introducing communities and their values to the wider audience. I would like to welcome you to a discussion about hacker culture and values in different instances of popular culture. Is it Mr Robot, Cory Doctorow's books, the Hacktivist comics, multiple instances of Anonymous or media reports on Makers.
Let's talk about practicalities of internet censorship circumvention, from the perspective of the reader/user, and from the perspective of the publisher. From the point of view of the reader/user, there is Tor, there are VPNs, there are proxies. While useful and effective, these tools are often illegal, and blocked, in a rising number of countries. Centralized appstores also are obviously revealing themselves as a problem (no surprise to many Internet activists) by blocking VPN apps in certain areas as requested by governments (like Apple in China). From the point of view of the publisher, a solution is needed that does not require the readers/users to install specific software. Requiring or expecting a large population of people to install Tor Browser has proved not to be a workable solution, for example. Domain fronting is in its infancy, browsers still do not support it, and we have seen SNI-based blocking of TLS traffic in the wild - not to mention, it relies on large, centralized providers to front for you. Again, this can mean a government has a way of pushing your content off of the Net simply by using the pressure points of a given large provider. Mobile apps mi...
This session is based on my ongoing collection of 50+ drawings from around the world representing "secure communications". I'll show some of the drawings and invite you to draw your own.
How do people represent "secure communications"? How do they represent an "adversary"? What can we learn about crypto from visual forms? This session is based on my ongoing collection of 50+ drawings from around the world representing encryption, key exchange, security flaws, surveillance, MITM and so on. I collected drawings done by a variety of folks: from high-risk activists from Ukraine, Russia, Middle East to well-know cryptographers, journalists or security experts. I will expose some of the drawings. I am inviting people to join the session and DRAW me how they see / feel "security" and "insecurity", how do they represent their adversaries, possible attacks, leaks and ways we can protect ourselves. KIDS FRIENDLY!!! This research is part of the NEXTLEAP project.
It's working. Algorithms turned over. What are the results? The Workshop is intended to provide space for deliberate exchange of chances and risks related to the full digitization and automation of social coordination. Though focus is given to law and politics, macro trends in related systems won’t be ignored. All creatures welcome.
To report on conflict, journalists need sources, verified information and visuals in order to accurately report what is happening in conflict zones. In the case of Sudan, there is not much visual evidence on social media available, which is different than the conflict in Syria where hours of conflict are published. People share information, photos and videos on more closed of channels: Radio Dabanga, a project of the Radio Darfur Network, a coalition of Sudanese journalists and international (media) development organizations, is one of the first to tap into this. In this talk, members of the Radio Dabanga team will provide an overview of Radio Dabanga’s work and a description of their daily struggles to report on the conflicts in Sudan. They will describe how they gather, analyze and share news on the conflict by using chat media extensively. Most reports are sent in and collected using a WhatsApp number which gets flooded with hundreds of messages every day. The solution Radio Dabanga came up with is using a chatbot that can filter messages and respond to information that people send. This chatbot will be used by Radio Dabanga's journalists to filter the most important info...
Lauryn Mannigel, based in Berlin, works as an artist, curator, and researcher at the intersection of art informed by the humanities and the sciences. Her passion for smell led her to co-found the Smell Lab Spektrum (2015, Berlin) and to organize t...
The XLterrestrials present an anarcho-feminist critique of the Blade Runner films, but not too get too nerdy about the films themselves ( and script debates), but as a starting point to dissect the Hollywood advertising machine and the spectacl...
CiTiZEN KiNO is a series and hybrid platform of cinema, interactive theater, media activism + analysis, and public forum. Our earliest episodes were inspired by the idea to counteract the passive download behaviors of traditional media formats and the invasive corporate screen-machine grabs + traps. And in 2012, we presented Electric Sheep Revisited ( v.1 ) as a tribute to PKD at the C-Base hacklab in Berlin, in collaboration with Telekommunisten and Mozilla Foundation.
Digital security training plays a very important role in securing activists and human rights defenders and increasing the efficiency of their work while they use the internet. However, a lot of the time, face-to-face security training is hard to organise, conduct and follow-up post training. Over the last several years, we have seen a variety of community developed toolkits, guides and other resources that help aid security trainers educating the human rights community on how to protect themselves and their peers from the multiple threats they face. As technology rapidly evolves, the digital threat landscape evolves with it. Digital security tools and tactics go outdated pretty quickly and it is becoming extremely important to create new sustainable approaches to help human rights defenders stay updated with the latest, efficient ways to improve their defense and minimise these threats. Some newer initiatives such as https://advocacyassembly.org/ and https://totem-project.org are trying to improve the efficiency of online learning by applying some of the best practices from traditional forms of online education such as MOOCs(massive open online course) and interactive t...
Google plans to implant a "Google Campus" in Kreuzberg, Berlin. We, as a decentralized network of people are committed to not letting our beloved city be taken over by this law- and tax-evading company that is building a dystopian future.
How the super-local politics of Kreuzberg, anchored in leftist, anarchist and anti-gentrification struggles can connect with the hyper-global fight against some data-based hyper-capitalism that Google represents, where data extraction, algorithmic governance and tax evasion becomes the norm, and individuals become subjects? What tactics can be experimented with to draw this perspective and enable the joyful participation of everyone: local anarchists, neighbors, artists, researchers, hackers, nerds, etc. Come and contribute and let's together make it clear that.. FUCK OFF GOOGLE!
Full disk encryption on Virtual Private Servers <p> These days, data storage using the ""cloud"" or virtual private servers (VPSs) on the Internet is extremely flexible and easy to setup. Anyone can boot a new VPS within seconds and start storing information on it. However, the ""cloud"" is just someone else's hard drive, which comes with certain security risks. Infrastructure providers can access ""your"" data stored on the cloud with extreme ease. But as managing your own infrastructure can be a nightmare for some, it comes with no surprise that virtual private servers have gained immense popularity over the last several years. </p> <p> Is it possible to use virtual systems and still make sure that all your data is stored encrypted, so only the user has access to the data and not the service provider? Existing solutions often rely on encryption keys being managed by the service providers themselves or the data being encrypted at the application level. </p> <p> CryptOps is a new, provider agnostic approach which makes full-disk encryption at the Virtual Machine layer more accessible and secure for the average user. Users can encrypt their VPSs by logging into a <a h...
Now on its 4th year, ""Breaking Bad Crypto"" is a hands-on cryptography attack workshop where you get to code your way into a broken cryptosystem. In previous years we've recovered plaintext with CBC padding oracles, forged API requests with hash extension attacks, and faked signatures with Bleichenbacher'06. You bring just a laptop and a Python interpreter, and with material, explanation and code-along we'll learn about a cryptosystem, about how it's broken, and how to attack it. No pre-existing cryptographic knowledge needed! 31c3: https://events.ccc.de/congress/2014/wiki/Session:Breaking_Bad_Crypto 32c3: https://twitter.com/filosottile/status/681463686586736640 33c3: https://events.ccc.de/congress/2016/wiki/Session:Breaking_Bad_Crypto HITB2015AMS: https://conference.hitb.org/hitbsecconf2015ams/sessions/lab-breaking-bad-crypto/ DC22 CryptoVillage: https://twitter.com/cryptovillage/status/762020519009017856
Hello, me and my fellow penguins could give a regular doctor's consulting slot where people can come with their political and social problems and we prescribe subversive ideas as medicine.
A short update on what has happened in the past year with Security in a Box and what the goals are for the next year. The major thing that has already happened is transitioning from Drupal to a fully static site made with Metalsmith. Most of the major goals for the next year relate to updating content, but we are also starting to think about what it would take to expand the network of content creators, how git might facilitating crediting contributors, and what is needed to keep resources like Security in a Box reasonably current.
εxodus is a privacy auditing platform meant to reveal trackers and collected data by various Android applications. During this talk, we will briefly present the Exodus Privacy non-profit organization and its motivations. Then, we will focus on the methods we use to statically and dynamically analyze an application without using decompilation. After that, we will present our first results based on static and network analysis. Next, we will tell what our road-map is and finally ask for help. Press articles about us:  1 - https://exodus-privacy.eu.org 2 - https://reports.exodus-privacy.eu.org 3 - http://www.lemonde.fr/pixels/article/2017/11/24/les-mouchards-des-applications-mobiles-nous-rapprochent-d-un-monde-a-la-minority-report_5219980_4408996.html 4 - https://www.nextinpact.com/news/105655-rencontre-avec-exodus-privacy-qui-revele-trackers-applications-android.htm 5 - https://theintercept.com/2017/11/24/staggering-variety-of-clandestine-trackers-found-in-popular-android-apps 6 - https://boingboing.net/2017/11/25/la-la-la-cant-hear-you.html 7 - https://www.theguardian.com/technology/2017/nov/28/android-apps-third-party-tracker-google-privacy-security...
A previous study about Twitter censorship in Turkey in 2015 showed that the numbers of withheld tweets reported by Twitter are one order of magnitude below the actual numbers: while Twitter reported 4,000 censored tweets, the authors collected 88,000 unique censored tweets (https://www.cs.rice.edu/~rst5/twitterTurkey/). In order to measure the number of censored tweets globally in Europe from June to August 2017, I collected tweets originating from the 50 largest European cities - including Russia and Turkey - and checked them 3 hours later to see if they were censored. +5,000 tweets censored in France, Germany, Russia, or Turkey were collected. Meanwhile Twitter reported 1,200 tweets censored in those 4 countries, thus confirming that the actual number of censored tweets is way above the reported numbers. In the censored tweets, we can also notice country specific patterns linked to geography, politics, etc. Using text mining and clustering, we can regroup tweets, identify topics, and further understand the mechanics behind governmental censorship. The software can easily be modified to collect and analyze censored tweets from other cities and thus could be used in further ...
want to talk about the new c.h.an.g.e. location, and plans for next year. :D #paradise