Cleanup

4 files changed, 25 insertions, 7 deletions

diff --git a/fullnarp.py b/fullnarp.py
index 24c5dc6..c03de45 100644
--- a/fullnarp.py
+++ b/fullnarp.py
@@ -122,6 +122,7 @@ async def handle_client(websocket):
                         message = {
                             "property": "fullnarp",
                             "current_version": newest_version,
+                            "version_url": fullnarp_path + "versions/fullnarp_" + str(newest_version) + ".json",
                             "data": current_version,
                         }
                     await websocket.send(json.dumps(message))
@@ -200,7 +201,7 @@ async def main():
     )
     args = parser.parse_args()
 
-    global engine, SessionLocal
+    global engine, SessionLocal, fullnarp_path
 
     with open(args.config, mode="r", encoding="utf-8") as json_file:
         config = json.load(json_file)
diff --git a/static/fullnarp.js b/static/fullnarp.js
index a6cef96..c4e24f4 100644
--- a/static/fullnarp.js
+++ b/static/fullnarp.js
@@ -395,7 +395,8 @@ function signalFullnarpConnect(state) {
 
 function getFullnarpData() {
     signalFullnarpConnect('fullnarp-connecting');
-    ws = new WebSocket('wss://content.events.ccc.de/fullnarp/ws/');
+    connect = window.location.href.replace('http', 'ws') + '/ws/';
+    ws = new WebSocket(connect);
 
     ws.onopen = () => {
         console.log('Connected to WebSocket server');
diff --git a/static/style_38c3.css b/static/style_38c3.css
index 33bb0f3..4ccdc70 100644
--- a/static/style_38c3.css
+++ b/static/style_38c3.css
@@ -309,6 +309,16 @@ header {
     top: 4px;
     right: 4px;
 }
+.fullnarp-connected .version:before {
+    content: '\1F7E2\a0';
+}
+.fullnarp-connecting .version:before {
+    content: '\1F7E1\a0';
+}
+.fullnarp-disconnected .version:before {
+    content: '\1F534\a0';
+}
+
 .trashbin {
     position: absolute;
     top 4px;
@@ -420,11 +430,16 @@ header {
     position: absolute;
     text-align: center;
     z-index: -1;
-    opacity: 0.25;
+    color: rgba(0, 0, 0, 0.5);
+}
+
+.in-drag .grid {
+    font-weight: bold !important;
+    color: black;
 }
 
 .grid.possible {
-    background: blue;
+    background: rgba(0,0,255, .25);
 }
 
 .wholeday {
@@ -434,7 +449,7 @@ header {
     font-size: 2em;
     top: 350px;
     opacity: 0.3;
-    z-position: -3;
+    z-index: -3;
 }
 .wholeday.uneven {
     background-color: cyan;
@@ -444,7 +459,7 @@ header {
     position: absolute;
     background-color: yellow;
     opacity: 0.4;
-    z-position: -3;
+    z-index: -3;
 }
 .in-calendar.onlyday1 .wholeblock,
 .in-calendar.onlyday2 .wholeblock,
@@ -486,7 +501,7 @@ hr.guide {
     text-align: center;
     left: 0;
     right: 0;
-    z-position: -1;
+    z-index: -1;
 }
 
 .size-large .pause {
diff --git a/var/talks_local b/var/talks_local
index e69de29..5bc6ec6 100644
--- a/var/talks_local
+++ b/var/talks_local
@@ -0,0 +1 @@
+[{"title": "Wie wird gleich?", "duration": 2400, "event_id": "TEAHVC", "language": "de", "track_id": 1, "speaker_names": "kathia", "abstract": "<p>Welchen Einfluss hat die Form der Dinge? Wie wirken wir durch die Gestaltung unseren kulturellen Praxen, Architekturen, Sprachen und Strukturen auf uns und die uns umgebende Zukunft ein? Und warum findet sich in zeitgen\u00f6ssischer Design Theorie ein Verb wie <em>Futuring</em>?</p>", "room_id": 2, "start_time": "2024-12-27T22:05:00+01:00"}, {"title": "Vectors, Pixels, Plotters and Public Participation", "duration": 3600, "event_id": "Q98U7B", "language": "en", "track_id": 1, "speaker_names": "Niklas Roy a.k.a. royrobotiks", "abstract": "<p>The talk introduces technology-driven urban art projects that emphasize public participation and creativity. Each project employs a DIY machine to transform public spaces and create art collaboratively. How were these machines built? How do ideas evolve, and how can creative machines foster community connections? Find the answers and get some inspirations in this entertaining and insightful talk by Niklas a.k.a. royrobotiks.</p>", "room_id": 3, "start_time": "2024-12-28T20:30:00+01:00"}, {"title": "Robot Uprising: a story-driven AI robotics experience", "duration": 2400, "event_id": "9RPH7S", "language": "en", "track_id": 1, "speaker_names": "Karim Hamdi, Katarina Partti, Juho Kostet", "abstract": "<p>It's the 2040\u2019s. The dusty skyline of Helsinki is covered with vertical buildings reaching for the clouds. Autonomous drones deliver messages and items from layer to layer while robots maintain the aerial pathways across buildings. A sense of tension hangs in the air.</p> <p>Somewhere beneath the surface, hackers and corporates wage war over AI. Will they be able to master it, or will the City succumb to a dark technology? </p> <p><strong>Perhaps you can change the fate of things?</strong></p>", "room_id": 1, "start_time": "2024-12-29T12:00:00+01:00"}, {"title": "High energy physics aside the Large Hadron Collider", "duration": 2400, "event_id": "H8QNQX", "language": "en", "track_id": 5, "speaker_names": "Christian Wessel", "abstract": "<p>What are we, and where do we come from? - Searching for flavour in beauty</p> <p>Nowadays the Large Hadron Collider (LHC) at CERN is the best known high energy physics research facility. However, there are other facilities around the world performing cutting edge high energy physics research. Some of these are the so called flavour factories which have a long tradition in high energy physics. Two of these are currently in operation: BES III in China and Belle II in Japan. Collecting huge amounts of data, the goal of these experiments is to measure free parameters of the standard model of particle physics with very high precision to find deviations from predictions by theory. Such deviations can hint to new physics, and physicists are still searching for the reasons of our very existence as by our best knowledge nothing but light should have remained after the big bang. But testing the standard model is challenging. Huge data sets in the order of tera bytes need to be analysed requiring advanced analysis software and techniques. By now these analyses usually employ machine learning and artificial intelligence in various kinds, while using custom hardware and software, and a world spanning computing infrastructure. All of this is only possible with more than 1000 people working together in a collaboration. Part of the work in high energy physics nowadays would not be possible anymore without the groundbreaking research by this year's Nobel laureates for physics. In this talk I will present what flavour physics is, the reasons why flavour physics is interesting and why it matters, and which challenges we are facing, using the Belle II experiment as an example. Most of the challenges are not unique to Belle II but to high energy physics in general, so I will also set this into the bigger context and take a look to what is ahead of us in the field of high energy physics.</p>", "room_id": 3, "start_time": "2024-12-29T17:35:00+01:00"}, {"title": "KI-Karma next Level: Spiritueller IT-Vertrieb", "duration": 2400, "event_id": "LUW3YS", "language": "de", "track_id": 3, "speaker_names": "Katharina Nocun", "abstract": "<p>Der IT-Vertrieb ist ein Feld voll dorniger Chancen. Ein Grund mehr, gemeinsam von innovativen Branchen in Form von \"Neuen Religi\u00f6sen Bewegungen\" (Sekten) zu lernen, um unseren erwachten beruflichen Neustart zu pitchen.</p>", "room_id": 1, "start_time": "2024-12-28T23:55:00+01:00"}, {"title": "Der Th\u00fcring-Test f\u00fcr Wahlsoftware", "duration": 2400, "event_id": "MDN3PU", "language": "de", "track_id": 7, "speaker_names": "Linus Neumann, Thorsten (THS) Schr\u00f6der", "abstract": "<p>W\u00e4hle Dein Risiko!</p>", "room_id": 1, "start_time": "2024-12-27T20:15:00+01:00"}, {"title": "A Competitive Time-Trial AI for Need for Speed: Most Wanted Using Deep Reinforcement Learning", "duration": 2400, "event_id": "TPGRNN", "language": "en", "track_id": 4, "speaker_names": "Sebastian \"Schw4rz\" Schwarz", "abstract": "<p>All challenges and achievements in creating a competitive time-trial AI in NFS:MW.</p>", "room_id": 2, "start_time": "2024-12-28T00:15:00+01:00"}, {"title": "KI nach dem Kapitalismus: Hat ChatGPT in der besseren neuen Welt einen Platz?", "duration": 2400, "event_id": "8UUJVJ", "language": "de", "track_id": 7, "speaker_names": "Malte Engeler, Sandra Sieron", "abstract": "<p>Unsere Welt funktioniert nur, wenn sich immer neue Bereiche finden, in denen Profite erbeutet werden k\u00f6nnen. Nach Blockchain, Metaverse und Web3 ist \"K\u00fcnstliche Intelligenz\" die neueste Wette der Tech-Investoren auf kr\u00e4ftige Gewinne. Ob \"KI\" tats\u00e4chlich irgendeinen gesellschaftlichen Wert hat, ist dabei v\u00f6llig nebens\u00e4chlich. Was tun wir also mit \"KI\" nach dem Kapitalismus? Brauchen wir Large Language Models \u00fcberhaupt in einer Welt, die radikal auf Kooperation statt Konkurrenz, auf Bed\u00fcrfniserf\u00fcllung statt Profit und auf Solidarit\u00e4t statt Privateigentum basiert?</p>", "room_id": 1, "start_time": "2024-12-29T17:35:00+01:00"}, {"title": "Beyond BLE: Cracking Open the Black-Box of RF Microcontrollers", "duration": 2400, "event_id": "YC8L8L", "language": "en", "track_id": 4, "speaker_names": "Adam Batori, Robert Pafford", "abstract": "<p>Despite the recent popularity and breadth of offerings of low-cost RF microcontrollers, there is a shared absence of documentation for the internal workings of their RF hardware. Vendors might provide an API for their supported protocols, such as BLE, but their documentation will only provide as much detail as necessary to use these libraries. For practically every BLE MCU available to hobbyists, interfacing with the on-chip radio is limited to secret ROMs or binary blobs. In this talk, we will finally peel back the curtain on one of these RF MCUs, giving the ability to understand and unlock the full potential of the hardware to operate in new modes.</p>", "room_id": 3, "start_time": "2024-12-29T15:45:00+01:00"}, {"title": "0, 1 oder 2 - Hackerei und Cyberbrei", "duration": 5400, "event_id": "9QB89V", "language": "de", "track_id": 3, "speaker_names": "Erisvision", "abstract": "<p>Der Quizshow-Klassiker f\u00fcr die ganze Chaosfamilie: Bei uns sind nicht nur pfiffige Hacker:innen, sondern auch flinke Beine gefragt. 0, 1 oder 2? Wer es wei\u00df, ist dabei! Nur echt mit dem Kamera-Nerd!</p>", "room_id": 1, "start_time": "2024-12-29T00:55:00+01:00"}, {"title": "Digitalisierung mit der Brechstange", "duration": 2400, "event_id": "MWGDZZ", "language": "de", "track_id": 7, "speaker_names": "Anne Roth", "abstract": "<p>F\u00fcnf Prozent der Bev\u00f6lkerung im Alter von 16 bis 74 Jahren in Deutschland sind offline. Daf\u00fcr gibt es verschiedenen Gr\u00fcnde: Manche wollen nicht ins Netz und manche k\u00f6nnen nicht. Dennoch gibt es zunehmend auch \u00f6ffentliche Dienstleistungen nur noch digital.</p> <p>Das w\u00e4re kein Problem, wenn gew\u00e4hrleistet w\u00e4re, dass alle Zugang zu Ger\u00e4te, zum Netz und die n\u00f6tige Unterst\u00fctzung haben, um die Angebote nutzen zu k\u00f6nnen. Und wenn wir darauf vertrauen k\u00f6nnten, dass unsere Daten dort sicher sind. </p> <p>Solange beides nicht gegeben ist, darf niemand ausgeschlossen werden, weil der Zugang fehlt.</p>", "room_id": 1, "start_time": "2024-12-28T12:00:00+01:00"}, {"title": "38C3: Infrastructure Review", "duration": 4500, "event_id": "XKW9LG", "language": "en", "track_id": 2, "speaker_names": "nicoduck", "abstract": "<p>This talks gives a behind the scenes on how the infrastructure side of the event is done.</p>", "room_id": 3, "start_time": "2024-12-30T16:40:00+01:00"}, {"title": "Autorit\u00e4re Zeitenwende im Zeitraffer", "duration": 3600, "event_id": "XDWNRG", "language": "de", "track_id": 7, "speaker_names": "anna, Chris K\u00f6ver", "abstract": "<p>Die mittlerweile zerbrochene \u201eFortschrittskoalition\u201c hat zuletzt mit dem Bohrhammer Grundrechte abgetragen, als g\u00e4be es einen Preis zu gewinnen. Wer als n\u00e4chstes das Land regiert, ist offen. Aber progressiver wird es wohl kaum. Warum das keine pl\u00f6tzliche Entwicklung ist und was wir jetzt dagegen tun m\u00fcssen.</p>", "room_id": 3, "start_time": "2024-12-28T19:15:00+01:00"}, {"title": "Correctiv-Recherche \"Geheimplan gegen Deutschland\" \u2013 1 Jahr danach", "duration": 2400, "event_id": "8ZPHSP", "language": "de", "track_id": 7, "speaker_names": "Jean Peters", "abstract": "<p>Vor einem Jahr ver\u00f6ffentlichte Correctiv die Recherche \u201cGeheimplan gegen Deutschland\u201d, die ein geheimes Treffen von Rechtsextremen, AfD-Funktion\u00e4ren und CDU-Mitgliedern enth\u00fcllte. Diese Enth\u00fcllung f\u00fchrte zu massiven Demonstrationen, w\u00e4hrend rechtsextreme Gruppen versuchten, das Geschehen zu relativieren. Die politische Reaktion blieb jedoch verhalten, und die AfD setzte die demokratischen Parteien weiter unter Druck. In diesem Vortrag gibt Jean Peters, leitender Reporter der Recherche, einen \u00dcberblick \u00fcber die Recherchemethoden, analysiert den medialen Diskurs und zeigt zuk\u00fcnftige Perspektiven zur Berichterstattung \u00fcber Rechtsextremismus auf.</p>", "room_id": 1, "start_time": "2024-12-27T11:00:00+01:00"}, {"title": "A policy black hole. How Europol and Frontex anticipated their high tech future and why this matters to you.", "duration": 2400, "event_id": "YWU87Y", "language": "en", "track_id": 7, "speaker_names": "Apostolis Fotiadis", "abstract": "<p>This is the story of how a group of journalists and researchers started examining how the transformative introduction of novel technologies was reshaping the policy priorities of EU's law enforcement agencies. Very early on, this was like diving deep into the ocean without an underwater flashlight. And it didn't get much easier with time. What are the risks for civil liberties and privacy that lie in the dark while this agenda is unfolding and how hard is it to make them more transparent?</p>", "room_id": 2, "start_time": "2024-12-28T12:55:00+01:00"}, {"title": "\"Nat\u00fcrlich bin ich 18!\" - Alterspr\u00fcfungen im Netz aus Datenschutzperspektive", "duration": 2400, "event_id": "SJ8PGD", "language": "de", "track_id": 7, "speaker_names": "Aline Sylla, Dr. Carsten Adrian", "abstract": "<p>\u201eUm nach diesem Begriff zu suchen, dich auf dieser Website anzumelden oder dieses Video anzuschauen, halte bitte deinen Personalausweis bereit, damit wir dein Alter \u00fcberpr\u00fcfen k\u00f6nnen.\u201c</p> <p>Solche Aufforderungen k\u00f6nnten uns in Zukunft h\u00e4ufiger begegnen, denn immer mehr Websites wollen unser Alter wissen. Doch woher kommt dieses Interesse und ist das eigentlich zul\u00e4ssig? Gemeinsam setzen wir die Datenschutzbrille auf und gehen folgenden Fragen auf den Grund: Welche Methoden der Alterspr\u00fcfung gibt es und wie funktionieren sie? K\u00f6nnen oder sollten Methoden der Alterspr\u00fcfungen eingesetzt werden und gibt es F\u00e4lle, in denen sie sogar eingesetzt werden m\u00fcssen? Sind Datenschutz und Kinderschutz tats\u00e4chlich Gegens\u00e4tze oder haben sie doch mehr gemeinsam, als oft vermutet wird? Und was sagt eigentlich die Bundesbeauftragte f\u00fcr den Datenschutz und die Informationsfreiheit (BfDI) dazu?</p>", "room_id": 1, "start_time": "2024-12-27T12:00:00+01:00"}, {"title": "libobscura: Cameras are difficult", "duration": 2400, "event_id": "QSC7YF", "language": "en", "track_id": 4, "speaker_names": "DorotaC", "abstract": "<p>I'm not big-brained enough to use cameras on Linux, so I decided to write my own camera stack (based on a real story).</p>", "room_id": 3, "start_time": "2024-12-27T11:00:00+01:00"}, {"title": "Hacking yourself a satellite - recovering BEESAT-1", "duration": 3600, "event_id": "DSQ9FN", "language": "en", "track_id": 4, "speaker_names": "PistonMiner", "abstract": "<p>In 2013, the satellite BEESAT-1 started returning invalid telemetry, rendering it effectively unusable. Because it is projected to remain in orbit for at least another 20 years, recovering the satellite and updating the flight software would enable new experiments on the existing hardware. However, in addition to no access to telemetry, the satellite also has no functional software update feature. This talk will tell the story of how by combining space and computer security mindsets, the fault was correctly diagnosed without telemetry, software update features were implemented without having them to begin with, and the satellite was recovered in September of 2024.</p>", "room_id": 1, "start_time": "2024-12-28T19:15:00+01:00"}, {"title": "Klimasch\u00e4dlich by Design\u00a0\u2013 die \u00f6kologischen Kosten des KI-Hypes", "duration": 2400, "event_id": "LVVRLL", "language": "de", "track_id": 7, "speaker_names": "Friederike Karla Hildebrandt, Constanze Kurz", "abstract": "<p>Sogenannte Generative KI hat einen hohen Rechenbedarf und braucht damit automatisch viel Energie. Wir wollen zeigen, was die AI-Bubble uns alle bisher an Ressourcen gekostet hat. Wer verdient sich daran dumm und dusslig? Und wer tr\u00e4gt die \u00f6kologischen und sozialen Kosten?</p>", "room_id": 3, "start_time": "2024-12-29T21:10:00+01:00"}, {"title": "38C3: Opening Ceremony", "duration": 1800, "event_id": "HQCCYH", "language": "en", "track_id": 2, "speaker_names": "Gabriela Bogk, Aline Blankertz", "abstract": "<p>Glad you could make it! Take a seat and buckle up for a ride through four days of chaotic adventures.</p>", "room_id": 1, "start_time": "2024-12-27T10:30:00+01:00"}, {"title": "Von Augustus bis Trump \u2013 Warum Desinformation ein Problem bleibt und was wir trotzdem dagegen tun k\u00f6nnen", "duration": 2400, "event_id": "GAWZXM", "language": "de", "track_id": 5, "speaker_names": "Hendrik Heuer, Josephine Schmitt", "abstract": "<p>Trotz intensiver Forschung hinken wir aktuellen Entwicklungen im Bereich Desinformation oft hinterher. In diesem Vortrag erkl\u00e4ren wir, warum der Umgang mit Desinformation so herausfordernd ist und welche konkreten L\u00f6sungsans\u00e4tze es gibt.</p>", "room_id": 3, "start_time": "2024-12-29T12:00:00+01:00"}, {"title": "Was lange w\u00e4hrt, wird endlich gut? Die Modernisierung des Computerstrafrechts", "duration": 2400, "event_id": "7GVNYD", "language": "de", "track_id": 7, "speaker_names": "Florian Hantke, Prof. Dr. Dennis-Kenji Kipker", "abstract": "<p>Die Reform des Computerstrafrechts ist l\u00e4ngst \u00fcberf\u00e4llig. Die bestehende Gesetzgebung ist zunehmend veraltet und entspricht nicht mehr den Anforderungen unserer digitalen Welt. Sp\u00e4testens seit der Ver\u00f6ffentlichung des aktuellen Koalitionsvertrags hat sich die Bundesregierung die Modernisierung dieses vielfach kritisierten Rechtsbereichs auf die Fahnen geschrieben. Doch was ist seitdem wirklich passiert? Wie sieht der aktuelle Stand der Reformbem\u00fchung aus? Was wird sich konkret \u00e4ndern und welche Auswirkungen wird dies auf die Hacker-Community und die Sicherheitsforschung haben? Und wird das endlich gut?</p>", "room_id": 1, "start_time": "2024-12-27T13:50:00+01:00"}, {"title": "From Silicon to Sovereignty: How Advanced Chips are Redefining Global Dominance", "duration": 2400, "event_id": "ANJUV8", "language": "en", "track_id": 4, "speaker_names": "Thorsten Hellert", "abstract": "<p>Recent breakthroughs in machine learning have dramatically heightened the demand for cutting-edge computing chips, driving advancements in semiconductor technologies. At the forefront of this progress is Extreme Ultraviolet (EUV) lithography\u2014a transformative method in microchip fabrication that enables the creation of ultra-small, high-performance devices. However, the path from raw materials to these state-of-the-art chips navigates a complex global supply chain riddled with technical challenges and geopolitical tensions. As nations vie for dominance in computing power, control over this supply chain has emerged as a strategic priority, featuring prominently in a high-stakes competition with global implications. Designed for all audiences, this talk explores the critical intersection of science, technology and global affairs shaping our future.</p>", "room_id": 2, "start_time": "2024-12-27T19:15:00+01:00"}, {"title": "Die Geschlechter denen die sie hacken: Selbstbestimmungsgesetz, Pinke Listen, \u00dcberwachungsstaat", "duration": 2400, "event_id": "FSZBSE", "language": "de", "track_id": 7, "speaker_names": "Jyn, Nephthys, Luce deLire", "abstract": "<p>Selbstbestimmung ein grundlegendes Prinzip des Hacken, ob technologisch oder geschlechtlich. Doch was wenn Selbstbestimmung nur bedingt umsetzbar ist- im besten Fall und mit staatlicher Repression als Standard? Selbstbestimmung selbst gemacht ist eine trans, inter, nonbin\u00e4re Aktionsgruppe deren Name Programm ist. Wir wollen das System hacken um wir selbst zu sein, \u00dcberwachungsfrei und mit (Kranken)Versicherung. Ob m\u00f6gliche Informationsweitergabe/Offenbarungsgebot, f\u00fcr alle Menschen, ob Cis oder TIN*, das in letzter Minute f\u00fcr die Bezahlkarte aus dem mangelhaften \u201eSelbstbestimmungs\u201cGesetz (SBSG) genommen wurde oder die Sabotage und Unm\u00f6glichmachung von geschlechtaffirmierender Gesundheitsversorgung- wir stehen wie migrantische Menschen im Mittelpunkt von staatlicher \u00dcberwachungsliebe und faschistischer Ausl\u00f6schungsfantasien, jedoch unbeachtet im Chaos. Wir wollen dies \u00e4ndern- hier, dieses Jahr und f\u00fcr alle Zeit. Wir werden den Prozess des SBSG ergr\u00fcnden, den Zusammenhang von (Un)Sicherheitspaket, \u00dcberwachungsma\u00dfnahmen und Transsein herstellen wie auch ganz nebenbei illegalisierte Praktiken versichern, durch die Geschlechts-zusatzversicherung. Nur eure B\u00fchne wird gebraucht und die Tastaturen unser aller Geschwister.</p>", "room_id": 2, "start_time": "2024-12-27T12:55:00+01:00"}, {"title": "Geschredderte Gutachten: Wie nicht nur der Staat bei digitaler Barrierefreiheit versagt", "duration": 2400, "event_id": "VY3FKQ", "language": "de", "track_id": 7, "speaker_names": "Casey Kreer", "abstract": "<p>Ein riesiger Teil der digitalen Leistungen der Bundesrepublik sind nicht inklusiv und f\u00fcr alle zug\u00e4nglich. Eklatante Rechtsbr\u00fcche werden ignoriert und es gibt absolut nichts, was wir tun k\u00f6nnen, au\u00dfer dar\u00fcber zu reden.</p>", "room_id": 3, "start_time": "2024-12-29T12:55:00+01:00"}, {"title": "Police 2.0: Peaceful activism is terrorism and fakenews are facts", "duration": 2400, "event_id": "MJYTSS", "language": "en", "track_id": 7, "speaker_names": "Lori Roussey, Frank van der Linde", "abstract": "<p>On 23 October 2019 peaceful activist Frank van der Linde found out the Dutch Police was associating him with terrorism to other countries' law enforcement.</p> <p>This talk goes over the bizarre, worrying and, frankly, quite funny journey that Frank van der Linde has embarked on, hoping on a litigation frenzy to seek justice and fight back against the institutional intimidation of activists.</p>", "room_id": 2, "start_time": "2024-12-27T12:00:00+01:00"}, {"title": "Kn\u00e4ste hacken", "duration": 2400, "event_id": "99SLE3", "language": "de", "track_id": 7, "speaker_names": "Lilith Wittmann", "abstract": "<p>In Deutschland sitzen \u00fcber 40.000 Menschen im Knast. Weitgehend ohne Zugang zu digitaler Infrastruktur - au\u00dfer einem Telefon. Wir schauen uns die Systeme an, die sie nutzen d\u00fcrfen und in denen sie verwaltet werden.</p>", "room_id": 1, "start_time": "2024-12-29T19:15:00+01:00"}, {"title": "Chatbots im Schulunterricht!?", "duration": 2400, "event_id": "73Q3KX", "language": "de", "track_id": 7, "speaker_names": "Rainer M\u00fchlhoff, Marte Henningsen", "abstract": "<p>Was k\u00f6nnen die Tools wirklich, was machen sie mit der \u201cBildung\u201d, und sollten wir daf\u00fcr Steuergelder ausgeben?</p> <p>Sp\u00e4testens seit dem Hype um ChatGPT werden KI-Tools als magische Technofixes f\u00fcr Lehrkr\u00e4ftemangel und soziale Segregation im Bildungswesen angepriesen. Mehrere Bundesl\u00e4nder haben zum Beispiel Fl\u00e4chenlizenzen f\u00fcr alle Lehrkr\u00e4fte bei dem Hamburger Unternehmen \"Fobizz\" erworben. Das Unternehmen bietet auf Basis gro\u00dfer Sprachmodelle (meist GPT-3/4) und verschiedener bildgenerierender KIs eine ganze Reihe von Bots sowohl f\u00fcr Sch\u00fclerInnen als auch f\u00fcr LehrerInnen an: Tools zur automatisierten Korrektur und Bewertung von Hausaufgaben, Chatbot-basierte individuelle Lern-Coaches, Avatare zur Gespr\u00e4chssimulation (\"mit Angela Merkel chatten\"), oder Bots zur Erstellung von individualisiertem Unterrichtsmaterial. Wir haben das Fobizz-Tool zur automatisierten Korrektur von Hausaufgaben und Pr\u00fcfungsleistungen detailliert unter die Lupe genommen. Funktioniert das wirklich? Wie wirkt sich das auf die Qualit\u00e4t des Unterrichts aus? Kann man LehrerInnen und Sch\u00fclerInnen guten Gewissens darauf loslassen? \u2013 Unsere Antwort ist schockierend eindeutig: nein! Und es ist ein Skandal, dass Steuergelder daf\u00fcr ausgegeben werden. Im Vortrag berichten wir von frustrierenden Irrfahrten wenn Sch\u00fclerInnen den Korrekturen des KI-Tools folgen; von quasi ausgew\u00fcrfelten Bewertungen (nach dem Motto: wenn dir die Note f\u00fcr diese Person nicht passt, dr\u00fcck einfach auf \"re-generate\"), und von der impliziten Botschaft an die Sch\u00fclerInnen: Ihr m\u00fcsst ChatGPT verwenden, sonst k\u00f6nnt ihr nicht gut abschneiden.</p>", "room_id": 2, "start_time": "2024-12-29T11:00:00+01:00"}, {"title": "Net Neutrality: Why It Still Matters (More Than Ever!)", "duration": 2400, "event_id": "UZXTXJ", "language": "en", "track_id": 7, "speaker_names": "Thomas Lohninger, Raquel Renno Nunes, J\u00fcrgen Bering", "abstract": "<p>Net Neutrality is a core pillar of the open internet. But we witness a coordinated, world-wide attack from the telecom industry on the very foundation that ties the internet together. The interconnection of autonomous parts of the internet used to be a non-political and non-commercial field that not many paid attention to. But through heavy lobbying activity we are on the brink of regulating interconnection in the EU, Brazil and India to establish a new payment obligation that would force everyone who wants to send a significant amount of data to customers. Telecom companies would end up being paid twice for the same traffic, from their customers and the content and cloud providers that want to reach them.</p>", "room_id": 3, "start_time": "2024-12-29T00:55:00+01:00"}, {"title": "EU's Digital Identity Systems - Reality Check and Techniques for Better Privacy", "duration": 2400, "event_id": "QR7CRG", "language": "en", "track_id": 6, "speaker_names": "Anja Lehmann, Thomas Lohninger", "abstract": "<p>Digital identity solutions, such as proposed through the EU's eIDAS regulation, are reshaping the way users authenticate online. In this talk, we will review the currently proposed technical designs, the impact such systems will have, and provide an outlook on how techniques from modern cryptography can help to improve security and privacy.</p>", "room_id": 3, "start_time": "2024-12-27T20:15:00+01:00"}, {"title": "Microbes vs. Mars: A Hacker's Guide to Finding Alien Life", "duration": 2400, "event_id": "F7MSNF", "language": "en", "track_id": 5, "speaker_names": "Anouk Ehreiser", "abstract": "<p>Mars is famously the only planet (we know of) that is entirely inhabited by robots. And these robots are working hard on looking for something that would be one of the most significant discoveries in the history of science: Alien life. But how do you look for something that no one has ever seen? And would we recognize it if we find it? Join me on a journey through Mars\u2019 ancient past and Earth\u2019s most extreme environments, where scientists hunt for strange microbes that defy all our expectations: Organisms thriving in salt lakes, breathing metal, and building bizarre microbial \u2018cities\u2019 out of rock. Are they the blueprint of what alien life might look like? I will introduce you to the cutting-edge technology we use to analyse and understand them, and how we detect their \u201cbiological fingerprints\u201d that might one day help us to find Martian life. This talk will not only give you a deep look behind the scenes of the search for life on Mars, but also a new appreciation for the strange and wonderful life on our own planet.</p>", "room_id": 3, "start_time": "2024-12-30T13:50:00+01:00"}, {"title": "Gef\u00e4hrliche Meinung \u2013 Wenn W\u00e4lder brennen und Klimaaktivist*innen im Knast sitzen", "duration": 2400, "event_id": "WGGVDK", "language": "de", "track_id": 7, "speaker_names": "Samuel Bosch, Kiki K\u00f6ffle", "abstract": "<p>Eine Geschichte \u00fcber den Kampf f\u00fcr Walderhalt in der Klimakrise, die unn\u00f6tige Erweiterung eines klimasch\u00e4dlichen Stahlwerks und einer vermutlich illegalen Genehmigung f\u00fcr eine vorgezogene Rodung. Wie wir daf\u00fcr ins Gef\u00e4ngnis kamen. Und wie das Bundesverfassungsgericht die Gef\u00e4ngnisleitung zwang, mich vorzeitig wieder zu entlassen.</p> <p>Aktivistische Kritik buchst\u00e4blich an der zust\u00e4ndigen Bezirksregierung endete in einem Gerichtskrimi durch die AugsburgerJustiz, die sich nach wie vor entschlossen zeigt, die laut Bundesverfassungsgericht besonders gesch\u00fctzte Machtkritik der Aktivist*innen m\u00f6glichst hart zu bestrafen. Ein Vortrag \u00fcber den kreativen Umgang mit Repressionen mit Einblicken hinter die Gef\u00e4ngnismauern. Vom Kampf der Augsburger Justiz gegen kreativen Protest f\u00fcr den Erhalt der Lebensgrundlagen. Memes inklusive. \ud83e\uddee</p>", "room_id": 1, "start_time": "2024-12-29T11:00:00+01:00"}, {"title": "Hacking Victorian Bodies: From Grid to Vector Space", "duration": 2400, "event_id": "M733LV", "language": "en", "track_id": 1, "speaker_names": "Marcin Ratajczyk", "abstract": "<p>This performative lecture by SOLID FLESH Collective explores how generative AI can reshape historical body representations into tools for imagining new bodily futures. Drawing from Muybridge\u2019s chronophotography, which fixed bodies into a rigid scientific grid, we investigate AI\u2019s capacity for fluid, multidimensional embodiment. Using open-source AI models to \u2018resurrect\u2019 Muybridge\u2019s subjects and defy commercial censorship, we reveal speculative possibilities for bodily motion and identity. Our work positions the \u2018vector body\u2019\u2014a digitally-mediated form of self-imagination\u2014within a broader conversation on identity fluidity, algorithmic embodiment, and liberating futures beyond conventional body ideals.</p>", "room_id": 2, "start_time": "2024-12-30T00:15:00+01:00"}, {"title": "The master key", "duration": 3600, "event_id": "ADE7AG", "language": "en", "track_id": 6, "speaker_names": "segher, Wanda", "abstract": "<p>This is the story of the HDCP master key that we derived back in 2010.</p>", "room_id": 2, "start_time": "2024-12-28T19:15:00+01:00"}, {"title": "From Convenience to Contagion: The Libarchive Vulnerabilities Lurking in Windows 11", "duration": 2400, "event_id": "YLNEYH", "language": "en", "track_id": 6, "speaker_names": "NiNi Chen", "abstract": "<p>In the October 2023 update, Windows 11 introduced support for 11 additional compression formats, including RAR and 7z, allowing users to manage these types of files natively within File Explorer. The enhancement significantly improves convenience; however, it also introduces potential security risks. To support these various compression formats, Windows 11 utilizes the libarchive library, a well-established open-source library used across multiple operating systems like Linux, BSD, and macOS, and in major projects such as ClickHouse, Homebrew, and Osquery.</p> <p>The libarchive has been continuously fuzzed by Google\u2019s OSS-Fuzz project, making it a time-tested library. However, its coverage in OSS-Fuzz has been less than ideal. In addition to the two remote code execution (RCE) vulnerabilities disclosed by Microsoft Offensive Research &amp; Security Engineering (MORSE) in January, we have identified several vulnerabilities in libarchive through code review and fuzzing. These include a heap buffer overflow vulnerability in the RAR decompression and arbitrary file write and delete vulnerabilities due to insufficient checks of libarchive\u2019s output on Windows. Additionally, in our presentation, we will reveal several interesting features that emerged from the integration of libarchive with Windows.</p> <p>And whenever vulnerabilities are discovered in widely-used libraries like libarchive, their risks often permeate every corner, making it difficult to estimate the potential hazards. Moreover, when Microsoft patches Windows, the corresponding fixes are not immediately merged into libarchive. This delay gives attackers the opportunity to exploit other projects using libarchive. For example, the vulnerabilities patched by Microsoft in January were not merged into libarchive until May, leaving countless applications exposed to risk for four months. The worst part is that the developers might not know the vulnerability details or even be aware of its existence. To illustrate this situation, we will use the vulnerabilities we reported to ClickHouse as an example to demonstrate how attackers can exploit the vulnerabilities while libarchive remains unpatched.</p>", "room_id": 2, "start_time": "2024-12-30T13:50:00+01:00"}, {"title": "Going Long! Sending weird signals over long haul optical networks", "duration": 2400, "event_id": "WCUKHB", "language": "en", "track_id": 4, "speaker_names": "Ben Cartwright-Cox", "abstract": "<p>Computer network operators depend on optical transmission everywhere as it is what glues together our interconnected world. But most of the industry is running the same kinds of signals down the optical transceivers.</p> <p>As part of my need to \"Trust, but verify\" I wanted to check my assumptions on how the business end of modern optical modules worked, so join me in a adventure of sending weird signals many kilometres, and maybe set some records for the most wasteful bandwidth utilisation of optical spectrum in 2024!</p>", "room_id": 3, "start_time": "2024-12-30T12:55:00+01:00"}, {"title": "Clay PCB", "duration": 2400, "event_id": "XNB7SG", "language": "en", "track_id": 1, "speaker_names": "Patr\u00edcia J. Reis, Stefanie Wuschitz", "abstract": "<p>We built an Ethical Hardware Kit with a PCB microcontroller made of wild clay retrieved from the forest in Austria and fired on a bonfire. Our conductive tracks use urban-mined silver and all components are re-used from old electronic devices. The microcontroller can compute different inputs and outputs and is totally open source.</p>", "room_id": 2, "start_time": "2024-12-27T13:50:00+01:00"}, {"title": "Der Milliarden-Steuerraub Cum/Ex \u2013 wie sch\u00e4dlich ist Wirtschaftskriminalit\u00e4t f\u00fcr unsere Gesellschaft?", "duration": 2400, "event_id": "87CFYP", "language": "de", "track_id": 7, "speaker_names": "Anne Brorhilker", "abstract": "<p>Nachdem kurz erkl\u00e4rt wird, was Cum/Ex eigentlich ist, widmet sich der Vortrag zun\u00e4chst der Frage, wie die Aufkl\u00e4rung in diesem international organisierten Fall schwerer Steuerhinterziehung \u00fcberhaupt gelingen konnte und was noch zu tun ist. Wer sind die Akteure auf Seiten der Finanzbranche und wie ticken die T\u00e4ter? Anschlie\u00dfend wird der generelle Umgang des Staates mit Wirtschaftskriminalit\u00e4t dargestellt und L\u00f6sungsans\u00e4tze entwickelt. Dabei geht es auch um die Frage, was jeder Einzelne tun kann und warum die NGO Finanzwende ein wichtiger Ort sein kann, um politische Ver\u00e4nderungen bei finanzpolitischen Themen zu bewirken.</p>", "room_id": 1, "start_time": "2024-12-29T16:40:00+01:00"}, {"title": "Feelings are Facts: Love, Privacy, and the Politics of Intellectual Shame", "duration": 2400, "event_id": "3UWT9A", "language": "en", "track_id": 2, "speaker_names": "Meredith Whittaker", "abstract": "<p>A debut of new research and analysis, focused on emotions and the affective register\u2014love! shame! intimacy!</p>", "room_id": 1, "start_time": "2024-12-27T21:10:00+01:00"}, {"title": "Junghacker:innentag Einf\u00fchrung", "duration": 2400, "event_id": "H79XHC", "language": "de", "track_id": 2, "speaker_names": "", "abstract": "<p>Zu unserer Freude haben sich in den letzten Jahren immer mehr Junghacker:innen auf dem Congress eingefunden. Daher bieten wir auch diesmal, wie schon in den Vorjahren, einen speziell auf Kinder und Jugendliche zugeschnittenen Junghacker:innentag an. Am zweiten Congresstag, dem 28. Dezember 2024, organisieren Freiwillige aus vielen Assemblies von etwa 10 bis 17 Uhr ein vielseitiges Workshop-Programm f\u00fcr angehende Hacker:innen.</p>", "room_id": 3, "start_time": "2024-12-28T10:00:00+01:00"}, {"title": "ACE up the sleeve: Hacking into Apple's new USB-C Controller", "duration": 2400, "event_id": "RUBQ88", "language": "en", "track_id": 6, "speaker_names": "stacksmashing", "abstract": "<p>With the iPhone 15 &amp; iPhone 15 Pro, Apple switched their iPhone to USB-C and introduced a new USB-C controller: The ACE3, a powerful, very custom, TI manufactured chip.</p> <p>But the ACE3 does more than just handle USB power delivery: It's a full microcontroller running a full USB stack connected to some of the internal busses of the device, and is responsible for providing access to JTAG of the application processor, the internal SPMI bus, etc.</p> <p>We start by investigating the previous variant of the ACE3: The ACE2. It's based on a known chip, and using a combination of a hardware vulnerability in MacBooks and a custom macOS kernel module we managed to persistently backdoor it - even surviving full-system restores.</p> <p>On the ACE3 however, Apple upped their game: Firmware updates are personalized to the device, debug interfaces seem to be disabled, and the external flash is validated and does not contain all the firmware. However using a combination of reverse-engineering, RF side-channel analysis and electro-magnetic fault-injection it was possible to gain code-execution on the ACE3 - allowing dumping of the ROM, and analysis of the functionality.</p> <p>This talk will show how to use a combination of hardware, firmware, reverse-engineering, side-channel analysis and fault-injection to gain code-execution on a completely custom chip, enabling further security research on an under-explored but security relevant part of Apple devices. It will also demonstrate attacks on the predecessor of the ACE3.</p>", "room_id": 3, "start_time": "2024-12-27T12:00:00+01:00"}, {"title": "From Simulation to Tenant Takeover", "duration": 2400, "event_id": "MCGKUA", "language": "en", "track_id": 6, "speaker_names": "Vaisha Bernard", "abstract": "<p>All I wanted was for Microsoft to deliver my phishing simulation. This journey took me from discovering trivial vulnerabilities in Microsoft's Attack Simulation platform, to a Chinese company to which Microsoft outsourced its support department that wanted all my access tokens. I finally ended up hijacking remote PowerShell sessions and obtaining all data from random Microsoft 365 tenants, all the while reeling in bug bounties along the way.</p>", "room_id": 1, "start_time": "2024-12-30T11:00:00+01:00"}, {"title": "Guardians of the Onion: Ensuring the Health and Resilience of the Tor Network", "duration": 3600, "event_id": "WQ9SLQ", "language": "en", "track_id": 6, "speaker_names": "Hiro, Gus", "abstract": "<p>Millions of internet users around the world rely on Tor to protect themselves from surveillance and censorship. While Tor-powered applications and the Tor protocol are widely known, the community behind it much less so. This talk will highlight the efforts to maintain a healthy and resilient Tor network, emphasizing the crucial role of a diverse, engaged community of relay operators.</p> <p>We\u2019ll discuss some recent news, the current state of the network, how we determine its health, and the strategies to strengthen its resilience, addressing challenges around sustainability and governance. If you're interested in understanding the inner workings of the Tor network, this talk is for you.</p>", "room_id": 2, "start_time": "2024-12-28T20:30:00+01:00"}, {"title": "Das IFG ist tot \u2013 Best of Informationsfreiheit, Gefangenenbefreiung & Macht\u00fcbernahmen", "duration": 2400, "event_id": "F7SPPL", "language": "de", "track_id": 7, "speaker_names": "Arne Semsrott", "abstract": "<p>Die Versprechungen waren gro\u00df: Bl\u00fchende Transparenz-Landschaften, Mitbestimmung, Korruptionspr\u00e4vention, De-mo-kra-tie! Das Informationsfreiheitsgesetz sollte den deutschen Staat besser machen. Nach Jahren schlechter Verwaltungspraxis, schlechter Gerichtsurteile und schlechter Politik ist es in wichtigen Teilen aber nutzlos geworden. Das zeigt sich vor allem, wenn man sich Szenarien einer antidemokratischen Regierungs\u00fcbernahme vorstellt - die Transparenz w\u00e4re als erstes hin\u00fcber, der Boden daf\u00fcr ist schon bereit. Was tun?</p>", "room_id": 1, "start_time": "2024-12-29T20:15:00+01:00"}, {"title": "Fake-Shops von der Stange: BogusBazaar", "duration": 3600, "event_id": "VPZWZK", "language": "de", "track_id": 6, "speaker_names": "Matthias Marx, Kai Biermann", "abstract": "<p>Du bestellst im Internet? Nat\u00fcrlich bestellst Du im Internet. Aber dieses Mal wird Deine Ware nicht geliefert. Stattdessen sind Dein Geld und Deine Kreditkartendaten nun in China. Das ist BogusBazaar. Wir teilen unsere Einblicke in die Arbeitsweise dieser Bande.</p>", "room_id": 1, "start_time": "2024-12-28T20:30:00+01:00"}, {"title": "Ten Years of Rowhammer: A Retrospect (and Path to the Future)", "duration": 2400, "event_id": "33YLTY", "language": "en", "track_id": 6, "speaker_names": "Daniel Gruss, Martin Heckel, Florian Adamsky", "abstract": "<p>The density of memory cells in modern DRAM is so high that disturbance errors, like the Rowhammer effect, have become quite frequent. An attacker can exploit Rowhammer to flip bits in inaccessible memory locations by reading the contents of nearby accessible memory rows. Since its discovery in 2014, we have seen a cat-and-mouse security game with a continuous stream of new attacks and new defenses. Now, in 2024, exactly 10 years after Rowhammer was discovered, it is time to look back and reflect on the progress we have made and give an outlook on the future. Additionally, we will present an open-source framework to check if your system is vulnerable to Rowhammer.</p>", "room_id": 1, "start_time": "2024-12-30T12:00:00+01:00"}, {"title": "State of Surveillance: A year of digital threats to civil society", "duration": 3600, "event_id": "LR3GTU", "language": "en", "track_id": 6, "speaker_names": "Jurre van Bergen", "abstract": "<p>The digital arms race between activists and government spies continues to shift and evolve. Through a series of cases studies, researchers from Amnesty International's Security Lab will share surveillance wins, the ongoing challenges, and the new threats on the digital horizon.</p>", "room_id": 2, "start_time": "2024-12-28T14:45:00+01:00"}, {"title": "Life in the Lager: How it is & how to support", "duration": 2400, "event_id": "7KYFDQ", "language": "de", "track_id": 7, "speaker_names": "Hafid Shaaib", "abstract": "<p>Was ist ein Lager und warum ist es so schrecklich und unmenschlich? Wir werden einen \u00dcberblick \u00fcber betroffene Perspektiven mit Selbst\u00aderfahrungen geben, wie man in Lagern (Wohnheimen, EAE) lebt.</p> <p>Wir geben einen \u00dcberblick \u00fcber die rassistische Bezahlkarte, sowie die Einschr\u00e4nkung der Freiheit wie schwer ist und \u00fcber das Leben von Jugendliche in Lagern. Was machen wir? Wie k\u00f6nnen wir unterst\u00fctzen und worauf sollte man achten?</p>", "room_id": 3, "start_time": "2024-12-27T13:50:00+01:00"}, {"title": "Kein Spa\u00df am Ger\u00e4t auf 'nem toten Planet(en)!", "duration": 2400, "event_id": "8Q9JXV", "language": "de", "track_id": 2, "speaker_names": "Rainer Rehak, Anja H\u00f6fner", "abstract": "<p>Seit Jahren k\u00e4mpft das Bits-&amp;-B\u00e4ume-B\u00fcndnis, dem auch der CCC seit Beginn angeh\u00f6rt, f\u00fcr eine \u00f6kologische und sozial gerechte Digitalpolitik \u2013 2024 war dabei ein Jahr voller Hochs und Tiefs. Wir k\u00e4mpfen emsig weiter und stellen unsere gemeinsame Arbeit vor.</p>", "room_id": 2, "start_time": "2024-12-29T00:55:00+01:00"}, {"title": "IRIS: Non-Destructive Inspection of Silicon", "duration": 3600, "event_id": "P9WRAY", "language": "en", "track_id": 4, "speaker_names": "Andrew 'bunnie' Huang", "abstract": "<p>IRIS (Infra-Red, <em>in situ</em>) is a technique for non-destructively inspecting the construction of a select but common type of chip. It can improve visibility into our hardware and provide supporting evidence of its correct construction, without desoldering chips or expensive analytical gear. This talk covers the theory behind IRIS, as well as some embodiments of the technique. I will also frame the relevance of IRIS in the face of various threat scenarios. Time permitting, I\u2019ll also show how you can do it at home by peeking around a few chips as a demo.</p>", "room_id": 3, "start_time": "2024-12-27T23:00:00+01:00"}, {"title": "Wir wissen wo dein Auto steht - Volksdaten von Volkswagen", "duration": 2400, "event_id": "Q8ZAV9", "language": "de", "track_id": 6, "speaker_names": "Fl\u00fcpke, Michael Kreil", "abstract": "<p>Bewegungsdaten von 800.000 E-Autos sowie Kontaktinformationen zu den Besitzern standen ungesch\u00fctzt im Netz. Sichtbar war, wer wann zu Hause parkt, beim BND oder vor dem Bordell.</p>", "room_id": 1, "start_time": "2024-12-27T22:05:00+01:00"}, {"title": "Erpressung aus dem Internet - auf den Spuren der Cybermafia", "duration": 2400, "event_id": "SSEEUQ", "language": "de", "track_id": 7, "speaker_names": "Svea Eckert, Ciljeta Bajrami", "abstract": "<p>Manchmal sind es tausende, manchmal sind es zehntausende von Euros, um die vor allem junge M\u00e4nner aus Deutschland bei Onlinescams betrogen werden. Die Scham ist zu gro\u00df, um dar\u00fcber zu sprechen, schlie\u00dflich ist \u201eMann\u201c selbst schuld daran. Es geht um Erpressung mit Nacktfotos, Liebes-Fallen und zweifelhafte Investments, die auf dem Vormarsch sind. Der Vortrag folgt den Spuren der T\u00e4ter:innen und enth\u00fcllt eine prosperierende Scam-Industrie in Asien, fest in den H\u00e4nden der chinesischen Mafia.</p>", "room_id": 1, "start_time": "2024-12-28T12:55:00+01:00"}, {"title": "Als die Kommentarspalten brannten \u2013 11 Monate Einsatz in Gaza", "duration": 3600, "event_id": "KNG7P3", "language": "de", "track_id": 7, "speaker_names": "Sebastian J\u00fcnemann, Anna-Lea G\u00f6hl, Nic Zemke", "abstract": "<p>Der Krieg in Gaza als Reaktion auf die Terrorattacke vom 7. Oktober l\u00e4uft mittlerweile \u00fcber ein Jahr. Cadus ist seit Februar diesen Jahres in Gaza im Einsatz. Auch seit Februar diesen Jahres teilen wir wie so viele andere die Erfahrung, das vor dem Hintergrund unseres Einsatzes fernab von Gaza sich leidenschaftlich \u201epolitisch\u201c auseinandergesetzt wird. Nicht \u00dcBER unseren Einsatz wohlgemerkt, sondern dar\u00fcber, ob wir jetzt die eine oder andere Seite genug verurteilen w\u00fcrden f\u00fcr die Art und Weise wie der Krieg gef\u00fchrt wird. In unserem Talk \u201eAls die Kommentarspalten brannten \u2013 11 Monate Einsatz in Gaza\u201c sprechen wir \u00fcber die Herausforderungen, die unseren Einsatz tats\u00e4chlich begleiten.</p>", "room_id": 3, "start_time": "2024-12-27T16:00:00+01:00"}, {"title": "TETRA Algorithm set B - Can glue mend the burst?", "duration": 2400, "event_id": "9G97SZ", "language": "en", "track_id": 6, "speaker_names": "Wouter Bokslag, Jos Wetzels", "abstract": "<p>In August 2023, we published the TETRA:BURST vulnerabilities - the result of the first public in-depth security analysis of TETRA (Terrestrial Trunked Radio): a European standard for trunked radio globally used by government agencies, police, military, and critical infrastructure. Authentication and encryption within TETRA were handled by proprietary cryptographic cipher-suites, which had remained secret for over two decades through restrictive NDAs until our reverse-engineering and publication.</p> <p>This talk is not TETRA:BURST, but dives into the latest TETRA revision introduced in 2022. Most notably, it contains a new suite of cryptographic ciphers. Of course the cipher available for critical infrastructure and civilian use (TEA7) is intentionally crippled, and of course these ciphers were to be kept secret, but this decision was overruled due to public backlash following our publication last year. In this talk we will present a practical attack on the TEA7 cipher, which while taking a 192-bit key, only offers 56 bits of security. Furthermore, we point out improvements and shortcomings of the new standard, and present an update on TEA3 cryptanalysis, where we previously found a suspicious feature, and draw a parallel with its successor TEA6.</p> <p>All in all, in this short and relatively crypto-forward talk, we assess with all-new material whether the new TETRA standard is fit for its intended purpose. This crucial technology seeks to once again take a very central role in our society for decades to come, and its cryptographic resilience is of fundamental importance - for emergency networks, but possibly even more for our critical infrastructure and associated processes.</p>", "room_id": 2, "start_time": "2024-12-29T17:35:00+01:00"}, {"title": "Eat the Rich!  Die Menschen wollen soziale Sicherheit, aber kriegen \u201eDeutschland den Deutschen\u201c.  Holt das Geld bei den Reichen!", "duration": 2400, "event_id": "PSHBNA", "language": "de", "track_id": 7, "speaker_names": "Helena Steinhaus", "abstract": "<p>Bezahlkarte bald auch f\u00fcr B\u00fcrgergeld-Empf\u00e4nger*innen, versch\u00e4rfte Sanktionen, Pauschale f\u00fcr die Kosten der Unterkunft, weniger Regelsatz, Umzugszwang, versch\u00e4rfte Zumutbarkeitsregelungen f\u00fcr Arbeitsangebote und Komplett-\u00dcberwachung: Die Debatte \u00fcber das B\u00fcrgergeld ist v\u00f6llig durchgedreht. Was kommt noch auf uns zu? Und wie kommen wir aus der Hetz-Spirale wieder heraus?</p>", "room_id": 1, "start_time": "2024-12-29T14:45:00+01:00"}, {"title": "10 years of emulating the Nintendo 3DS: A tale of ninjas, lemons, and pandas", "duration": 3600, "event_id": "UVYCZZ", "language": "en", "track_id": 4, "speaker_names": "neobrain", "abstract": "<p>How is 3DS preservation faring 10 years after the release of the first emulator? What technical obstacles have we overcome, which ones remain? What hidden gems have we discovered beyond games? Join us on a journey through the struggles, the successes, and the future of 3DS emulation!</p>", "room_id": 3, "start_time": "2024-12-28T16:00:00+01:00"}, {"title": "The Design Decisions behind the first Open-Everything FABulous FPGA", "duration": 2400, "event_id": "UDBPYF", "language": "en", "track_id": 4, "speaker_names": "Dirk", "abstract": "<p>With the availability of robust silicon-proven open-source tools, IPs, and process design kits (PDKs), it is now possible to build complex chips without industry tools. This is exactly what we did to design our first open-everything FABulous FPGA, which is an example of open silicon that is designed and programmed entirely with open tools.</p> <p>Produced in the Skywater 130nm process node, our chip features 672 LUTs (each with 4 inputs and a flop), 6 DSP blocks (8x8 bit multipliers with 20-bit accumulators), 8 BRAMs (with 1KB each), and 12 register file primitives (each having 32 4-bit words with 1 write and 2 read ports). The resources are sufficient to run, for instance, a small RISC-V system on the fabric. The FPGA comes with a small board that is designed to fit into an audio cassette case and that can be programmed directly via an USB interface. Moreover, the FPGA supports partial reconfiguration, which allows us to swap the logic of parts of the FPGA while continuing operation in the rest of the chip.</p> <p>The chip was designed with the help of the versatile FABulous framework, which integrates several further open-source projects, including Yosys, nextpnr, the Verilator, OpenRAM, and the OpenLane tool suite. FABulous was used for various embedded FPGAs, including multiple designs manufactured in the TSMC 28nm process node.</p> <p>The talk will discuss and analyze differences and similarities with industry FPGAs and dive into design decision taken and optimizations applied to deliver good quality of results (with respect to area cost and performance). The talk will highlight state-of-the-art in open-source FPGA chip design and provide a deeper than usual discussion on the design principles of these devices.</p>", "room_id": 3, "start_time": "2024-12-29T14:45:00+01:00"}, {"title": "Fearsome File Formats", "duration": 3600, "event_id": "QS9AXX", "language": "en", "track_id": 6, "speaker_names": "Ange Albertini", "abstract": "<p>Specifications are enough, they say...</p> <p>10 years after 31c3's \"Funky File Formats\" ...</p> <p>Have things improved?</p>", "room_id": 1, "start_time": "2024-12-28T14:45:00+01:00"}, {"title": "We've not been trained for this: life after the Newag DRM disclosure", "duration": 3600, "event_id": "HTWLCG", "language": "en", "track_id": 4, "speaker_names": "Micha\u0142 Kowalczyk, q3k, Jakub Stepniewicz", "abstract": "<p>You've probably already heard the story: we got contracted to analyze a bunch of trains breaking down after being serviced by independent workshops. We reverse engineered them and found code which simulated failures when they detected servicing attempts. We presented our findings at 37C3... and then shit hit the fan.</p>", "room_id": 1, "start_time": "2024-12-27T23:00:00+01:00"}, {"title": "Bl\u00e5mba! \u260e\ufe0f Behind the scenes of a 2000s-style ringtone provider", "duration": 2400, "event_id": "JKACDE", "language": "en", "track_id": 1, "speaker_names": "Manawyrm", "abstract": "<p>A Deep Dive into WAP, SMS, monophonic ringtones and 1-bit graphics.</p>", "room_id": 3, "start_time": "2024-12-28T00:15:00+01:00"}, {"title": "Hacker's Guide to Meshtastic: Off-Grid, Encrypted LoRa Meshnets for Cheap!", "duration": 2400, "event_id": "ZJFPSS", "language": "en", "track_id": 4, "speaker_names": "Kody Kinzie", "abstract": "<p>Beginners can now create off-grid, encrypted mesh networks for cheap, with applications in emergency communication, sensor monitoring, and more! These mesh networks have been popping up in cities all over the world, and this talk will go over everything a beginner needs to run or build their own nodes.</p>", "room_id": 2, "start_time": "2024-12-29T22:05:00+01:00"}, {"title": "Sacrificing Chickens Properly: Why Magical Thinking is Both the Problem and the Solution.", "duration": 2400, "event_id": "PR8EGC", "language": "en", "track_id": 7, "speaker_names": "Senana", "abstract": "<p>As an Anthropologist, magical thinking is a normal fact of life. Rather than dismissing it outright, our job is to look at its function and yes, rationality, for groups at hand.</p> <p>Starting out with a story about actual chickens being sacrificed to ensure the harvest, this talk explores the prevalence of useful magical thinking in our own community. Using metaphors, or even personifications, doesn\u2018t make a person irrational. It\u2018s applying a principle implicitly onto a subject matter which works completely differently, that would be the problem. After all, unless you are a strict vegetarian, it\u2018s not the killing of a chicken as such you\u2018d object to, it\u2018s the idea that this act makes rain. </p> <p>With LLMs, our public sphere has run into a problem where experts are at loss explaining a very complicated thing to a general public, which often lacks the basic terms with which to understand how this mechanism works. The instant personification of LLMs can lead to vast mismatches between their actual capabilities and what those stories imply. Rather than dismissing them outright, the question posed would be, what\u2018s the alternative?</p> <p>The talk is intended to be a light-hearted overview of some examples of both useful and dangerous constructions used to simplify complexity. It aims to touch upon some of the mechanisms that should be heeded in order to be able to tell a better story.</p>", "room_id": 3, "start_time": "2024-12-29T11:00:00+01:00"}, {"title": "BioTerrorism Will Save Your Life with the 4 Thieves Vinegar Collective", "duration": 2400, "event_id": "ASBXWW", "language": "en", "track_id": 7, "speaker_names": "Dr. Mix\u00e6l Swan Laufer", "abstract": "<p>Governments have criminalized the practice of managing your own health. Despite the fact that for most of human history bodily autonomy, and self-managed health was the norm, it is now required that most aspects of your health must be mediated by an institution deputized by the state. Taking those rights back for yourself is then labeled \"BioTerrorism\". So be it. Let's learn how.</p>", "room_id": 1, "start_time": "2024-12-27T19:15:00+01:00"}, {"title": "Pirouette Machines. Fluid Components", "duration": 2400, "event_id": "WFHKTR", "language": "en", "track_id": 1, "speaker_names": "Ioana Vreme Moser", "abstract": "<p>This lecture follows the path of an ex-ballerina through fluid computers, handmade semiconductors, and cosmetic synthesisers. We will tackle the seductive side and hidden narratives of circuitry to natural systems, salty fluids, and minerals and discuss the importance of alternative hardware morphologies.</p>", "room_id": 2, "start_time": "2024-12-28T13:50:00+01:00"}, {"title": "Auracast: Breaking Broadcast LE Audio Before It Hits the Shelves", "duration": 2400, "event_id": "7C8KRZ", "language": "en", "track_id": 6, "speaker_names": "Frieder Steinmetz, Dennis Heinze", "abstract": "<p>Auracast, the new Bluetooth LE Broadcast Audio feature has gained some publicity in the last few months. The Bluetooth SIG has been working on the specification of this feature set in the past few years and vendors are only now starting to implement it. Auracast enables broadcasting audio to multiple devices. These broadcasts can also be encrypted. Unfortunately, the security properties of the protocol are vague and insufficient. It has already been shown that these broadcasts can be hijacked by anyone when unencrypted.</p> <p>We explain the state of (in)security of the protocol and add to it by showing that even when encrypted, broadcasts can often be cracked easily. We also show that once equipped with the passcode, attackers can eavesdrop and hijack even encrypted broadcasts. Alongside the talk, we will release our toolkit to brute-force authentication codes, decrypt dumped Auracast streams, and hijack encrypted broadcasts.</p>", "room_id": 2, "start_time": "2024-12-29T13:50:00+01:00"}, {"title": "arafed futures - An Artist Dialogue on Chip Storage and AI Accelerationism", "duration": 3600, "event_id": "Z7TFKB", "language": "en", "track_id": 1, "speaker_names": "Ting-Chun Liu, Leon-Etienne K\u00fchr", "abstract": "<p>The global chip shortage during the COVID-19 pandemic brought semiconductor production into focus, sparking accelerated efforts to meet the surging demand for digital infrastructure. This phenomenon not only expanded AI capabilities but also introduced unexpected computational artifacts. One such artifact is the word \u201carafed\u201d, a term absent from any dictionary yet mysteriously appears across contexts from image prompts to Amazon product descriptions. Such unintended linguistic artifacts, born from transformer-based AI models, exemplify how digital artifacts emerge into realities with which we cohabitate. The talk investigates how supply-chains break and AI-words spread from an artistic research perspective. Mapping both the abstract landscapes of embedding spaces, that are filled with emergent words and images, and the tangible, geopolitical realities of global semiconductor supply chains.</p>", "room_id": 2, "start_time": "2024-12-28T17:15:00+01:00"}, {"title": "Fnord-Nachrichtenr\u00fcckblick 2024", "duration": 5400, "event_id": "GUFA37", "language": "de", "track_id": 3, "speaker_names": "Fefe, atoth", "abstract": "<p>Wir zeigen euch die Fnords in den Nachrichten des Jahres.</p>", "room_id": 1, "start_time": "2024-12-28T01:10:00+01:00"}, {"title": "Von Ionen zu Daten: Die Funktionsweise und Relevanz von (Quadrupol-)Massenspektrometern", "duration": 2400, "event_id": "PRLP7M", "language": "de", "track_id": 5, "speaker_names": "Sally", "abstract": "<p>Massenspektrometer sind unverzichtbare Analysewerkzeuge in der Chemie und zudem hochinteressante und verbl\u00fcffende Instrumente. In diesem Talk wird die Massenspektrometrie mit Schwerpunkt auf Quadrupolmassenspektrometer anschaulich vorgestellt.</p>", "room_id": 3, "start_time": "2024-12-30T14:45:00+01:00"}, {"title": "Role Play as Resistance: Challenging Securitization Through Activism in a place in EastAfrica", "duration": 2400, "event_id": "XR9FGQ", "language": "en", "track_id": 7, "speaker_names": "Wawan", "abstract": "<p>Using role playing, we shall explore the movements who are proactively fighting back the impact of surveillance and challenges Internet-related rights.</p>", "room_id": 2, "start_time": "2024-12-28T11:00:00+01:00"}, {"title": "Hacking the RP2350", "duration": 3600, "event_id": "39HFD9", "language": "en", "track_id": 6, "speaker_names": "Aedan Cullen", "abstract": "<p>Raspberry Pi's RP2350 microcontroller introduced a multitude of new hardware security features over the RP2040, and included a Hacking Challenge which began at DEF CON to encourage researchers to find bugs. The challenge has been defeated and the chip is indeed vulnerable (in at least one way). This talk will cover the process of discovering this vulnerability, the method of exploiting it, and avenues for deducing more about the relevant low-level hardware behavior.</p>", "room_id": 2, "start_time": "2024-12-27T23:00:00+01:00"}, {"title": "An open-source guide to the galaxy: Our journey with Ariane 6", "duration": 3600, "event_id": "BMDSF7", "language": "en", "track_id": 4, "speaker_names": "Manthos Papamatthaiou, Paul Koetter", "abstract": "<p>The 530 tons and 63 meter tall Ariane 6 rocket finally launched on July 9th 2024 carrying our open-source developed payloads \u2013 the SIDLOC experiment and the satellite Curium One \u2013 into space. SIDLOC tested a new, open, low-power standard for identifying and precisely locating spacecraft whilst our satellite Curium One established an open-source baseline for larger CubeSat systems and allowed us to test a bunch of new technologies. From sourcing a launch opportunity to the final integration onto the rocket at the spaceport in French Guiana we tell you about our biggest challenges and exceptional experiences of this adventure.</p>", "room_id": 3, "start_time": "2024-12-27T17:15:00+01:00"}, {"title": "All Brains are Beautiful! \u2013 The Biology of Neurodiversity", "duration": 2400, "event_id": "NJXH8N", "language": "en", "track_id": 5, "speaker_names": "Marcello", "abstract": "<p>How do you think? People can experience thoughts, feelings, and sensory inputs very differently. While context and substances are known to promote changes in perception and thinking, the biological basis is very diverse, contrary to what is often assumed. Brain cells come in extraordinary varieties in size, shape, and complexity. Their synaptic connectivity provides the foundation of all our sensory input, motor output, cognitive functions, and thoughts. In short: They shape us. This talk gives an introduction about the extent of variability in neuronal patterns that underlies neurodiversity and critically discusses the idea of neurodivergence, diagnosis criteria in Autism and ADHD from a biological and first person-perspective. We find that biological variability of brains is an evolutionary feature that helps us to adapt to our environment but comes with certain risks and downsides in our modern society. While many things are still unknown, scientists have identified genes and environmental impacts that shape our network architecture during brain development and which help to explain why we think and experience the world so differently.</p>", "room_id": 1, "start_time": "2024-12-30T12:55:00+01:00"}, {"title": "Attack Mining: How to use distributed sensors to identify and take down adversaries", "duration": 3600, "event_id": "9SSMGL", "language": "en", "track_id": 6, "speaker_names": "Lars K\u00f6nig", "abstract": "<p>Ever wondered why your web server seems to be under constant attack from what feels like everyone on the internet? Me too! Join me in this session where we'll explore the data of millions of attacks from hundreds of sensors around the world, to identify who is attacking us from where and why. Additionally, we will have a look into how we can use that data to get abusive systems taken down, and how successful this approach actually is.</p> <p>Buckle up for a deep dive into the constant battle to protect systems on the internet against adversaries gaining access, and how you can help make the internet a safer place!</p>", "room_id": 2, "start_time": "2024-12-29T23:00:00+01:00"}, {"title": "5 Jahre nach Ibiza", "duration": 2400, "event_id": "RUXQDR", "language": "de", "track_id": 7, "speaker_names": "Julian Hessenthaler", "abstract": "<p>Wie Rechtspopulisten in \u00d6sterreich innerhalb von 5 Jahren zur\u00fcck zu alter Gr\u00f6\u00dfe kamen und sogar die Wahl gewannen.</p>", "room_id": 1, "start_time": "2024-12-29T22:05:00+01:00"}, {"title": "\u201eKonnte bisher noch nie gehackt werden\u201c: Die elektronische Patientenakte kommt - jetzt f\u00fcr alle!", "duration": 3600, "event_id": "SRXRMA", "language": "de", "track_id": 6, "speaker_names": "Martin Tschirsich, Bianca Kastl", "abstract": "<p>In wenigen Wochen werden die Gesundheitsdaten von rund 73 Millionen in Deutschland Krankenversicherten ohne deren Zutun \u00fcber Praxis- und Krankenhausgrenzen hinweg zentral in einer Akte zusammengef\u00fchrt - in der <a href=\"https://www.bundesgesundheitsministerium.de/themen/digitalisierung/elektronische-patientenakte/epa-fuer-alle.html\">\u201eelektronischen Patientenakte f\u00fcr alle\u201c</a>.</p> <p>Fortsetzung von 36C3 - <a href=\"https://media.ccc.de/v/36c3-10595-hacker_hin_oder_her_die_elektronische_patientenakte_kommt\">\u201eHacker hin oder her\u201c: Die elektronische Patientenakte kommt!</a></p>", "room_id": 1, "start_time": "2024-12-27T14:45:00+01:00"}, {"title": "GLAM zwischen LOD und \u00af\\_(\u30c4)_/\u00af. Museumskritik f\u00fcr Hacker*innen", "duration": 2400, "event_id": "WU87FV", "language": "de", "track_id": 5, "speaker_names": "Lukas Fuchsgruber", "abstract": "<p>Habt ihr euch immer schon gefragt wie Museumssammlungen ins Netz kommen, warum online Sammlungen meist immer noch aussehen wie Kataloge seit dem 19. Jahrhundert, was f\u00fcr Strategien und F\u00f6rderprogramme dahinter stecken, welche Firmen hier quasi-Monopole haben, und warum Museen so viele Hoffnungen (Zugang! Partizipation! Demokratie!) mit der Digitalisierung verbinden? Der Talk ist eine Einladung an Hacker*innen sich an der kritischen Weiterentwicklung, \u00d6ffnung und Reflexion von Museen zu beteiligen.</p>", "room_id": 2, "start_time": "2024-12-30T12:55:00+01:00"}, {"title": "Moving with feelings: Behind the scenes of a one man show mobile & fiber operator in Spain", "duration": 2400, "event_id": "HFPUYT", "language": "en", "track_id": 4, "speaker_names": "Edgar Saumell Oechsle", "abstract": "<p>How to run an MVNO with values: What are the requirements? Do you need a government license, maybe a lot of investment? There are different types of MVNOs. We will talk about how to do business as an MVNO while respecting users' privacy, supporting free software, believing in the right to repair and making your customers technologically sovereign.</p>", "room_id": 2, "start_time": "2024-12-30T12:00:00+01:00"}, {"title": "Wann klappt der Anschluss, wann nicht und wie sagt man Chaos vorher?", "duration": 2400, "event_id": "MUZZ7C", "language": "de", "track_id": 5, "speaker_names": "Theo D\u00f6llmann", "abstract": "<p>Gut 1 Mrd. Datenpunkte zu Zugfahrten, wie kann man damit das Zugfahren verbessern? Wir versuchen, die Zuverl\u00e4ssigkeit von Zugverbindungen vor der Buchung zu prognostizieren.</p>", "room_id": 1, "start_time": "2024-12-28T13:50:00+01:00"}, {"title": "Ultrawide archaeology on Android native libraries", "duration": 2400, "event_id": "STEVPR", "language": "en", "track_id": 6, "speaker_names": "Luca Di Bartolomeo (cyanpencil), Rokhaya Fall", "abstract": "<p>A bug in a scraper script led to us downloading every single native library in every single Android app ever published in any market (~8 million apps). Instead of deleting this massive dataset and starting again, we foolishly decided to run some binary similarity algos to check if libraries and outdated and still vulnerable to old CVEs. No one told us we were opening Pandora's box. A tragic story of scraping, IP-banning circumvention, love/hate relationships with machine learning, binary similarity party tricks, and an infinite sea of vulnerabilities.</p>", "room_id": 3, "start_time": "2024-12-29T20:15:00+01:00"}, {"title": "Wie fliegt man eigentlich Flugzeuge?", "duration": 2400, "event_id": "TJ8QVD", "language": "de", "track_id": 5, "speaker_names": "Christian L\u00f6lkes, kleinsophie", "abstract": "<p>Etwas wie die \"Sendung mit der Maus\", daf\u00fcr mit tiefer fachlicher Ausf\u00fchrung und allen Details. Es handelt vor allem um Technik und Abl\u00e4ufe, die man als Laie oder Fluggast nicht sehen und wissen kann.</p>", "room_id": 1, "start_time": "2024-12-28T23:00:00+01:00"}, {"title": "Drawing with circuits \u2013 creating functional and artistic PCBs together", "duration": 2400, "event_id": "XUE8CS", "language": "en", "track_id": 1, "speaker_names": "Kliment, Morag Hickman", "abstract": "<p>We are a professional electronics designer and a professional artist. We'd like to share our experience of integrating an artist into the design workflow for EMF's 2022 and 2024 event badges, how we ensured that form and function grew together, and how you might make a board so fancy it crashes your PCB vendor\u2019s CAM software.</p>", "room_id": 3, "start_time": "2024-12-29T19:15:00+01:00"}, {"title": "Liberating Wi-Fi on the ESP32", "duration": 2400, "event_id": "C38ZK7", "language": "en", "track_id": 4, "speaker_names": "Frostie314159, Jasper Devreker", "abstract": "<p>Reverse engineering the Wi-Fi peripheral of the ESP32 to build an open source Wi-Fi stack.</p>", "room_id": 1, "start_time": "2024-12-27T12:55:00+01:00"}, {"title": "How to Spec - Fun with dinosaurs", "duration": 2400, "event_id": "WFEH8C", "language": "en", "track_id": 1, "speaker_names": "Joschua Kn\u00fcppe", "abstract": "<p>The public image of dinosaurs is largely shaped by art. While paleontology is a dynamic and productive science, it is primarily through paleoart that our perception of prehistoric life takes form. By combining informed speculation with a deep understanding of anatomy, ecology, and geology, paleoartists continuously reimagine extinct organisms in innovative ways.</p>", "room_id": 3, "start_time": "2024-12-27T21:10:00+01:00"}, {"title": "Mushroom-DJs, Strong AI & Climate Change: Connecting the Dots with Artistic Research", "duration": 2400, "event_id": "JLJGB8", "language": "en", "track_id": 1, "speaker_names": "twena", "abstract": "<p>The exploratory nature of artistic research can aide in the production of knowledge. Sometimes, this takes a detour through music-making mushrooms and making moonshine, sometimes it deals with societal reverberations of AI usage or how lithium extraction affects the planet. This talk gives an insight on how we do technology-assisted artistic research at ZKM | Hertzlab, the artistic research &amp; development department of the Center for Art and Media, Karlsruhe.</p>", "room_id": 3, "start_time": "2024-12-29T22:05:00+01:00"}, {"title": "Let's build dodos! How generative AI is upturning the world of synthetic biology and hopelessly overwhelming traditional governance instruments.", "duration": 2400, "event_id": "GNZG8R", "language": "en", "track_id": 5, "speaker_names": "Margret Engelhard", "abstract": "<p>Have you always wanted to build an egg-laying woolly milk sow or bring the legendary dodo back to life? The dream of some biologists to not only understand organisms, but also to redesign, build or bring living beings back to life is accelerating towards reality with the convergence of synthetic biology and generative AI in \u2018generative biology\u2019. For example, large language models are now being used to write genes and proteins, while complex laboratory tests are being replaced by machine vision and automation. The pace of these developments is so fast that they are barely noticed by the public, politicians or related experts such as environmental scientists. Questions about the reliability and safety of these new biodigital methods and applications are not yet being asked and research into risk assessment methods is not keeping pace. At the same time, this shift of generative AI systems from generating text and images to generating protein, bacteria, viruses and organisms could transform many areas of life, from medicine and the environment to bioweapons. So let's talk about it and discuss it.</p>", "room_id": 2, "start_time": "2024-12-29T15:45:00+01:00"}, {"title": "AI Meets Git: Unmasking Security Flaws in Qodo Merge", "duration": 2400, "event_id": "XXXSWE", "language": "en", "track_id": 6, "speaker_names": "Nils Amiet", "abstract": "<p>The whole world is talking about AI, and developers are no exception. When a developer hears about a tool that can help them handle git pull requests using AI, it is likely that they will start using it for their open source project.</p> <p>This is precisely what's happening with Qodo Merge (formerly PR-Agent), an open source tool that can help review and handle git pull requests by using AI to provide feedback and suggestions to developers. It is getting adopted by more and more open source projects, including popular ones.</p> <p>It is so easy to add new features by relying on external tools, yet the consequences on security can be catastrophic.</p> <p>Indeed, if the tool contains security vulnerabilities, the project using it may become vulnerable too and may grant anyone permissions to perform unexpected actions without realizing it. But everyone wants to use AI so security may be overlooked.</p> <p>We found multiple vulnerabilities in Qodo Merge that may lead to privilege escalation on Gitlab, getting write access to Github repositories and leaking Github repository secrets. Additionally we found multiple high profile Github repositories using Qodo Merge with a configuration that makes them vulnerable, such as highly popular projects, government official repositories, self-driving automotive industry projects, blockchains and more.</p> <p>In this talk we go through what Qodo Merge is, how it can be used, how it works, how it can be exploited, what projects are affected and what are the impacts. We also mention remediation steps to fix these issues.</p>", "room_id": 2, "start_time": "2024-12-29T12:00:00+01:00"}, {"title": "Euclid, das Weltraumteleskop - 180 Millionen Galaxien sind ein guter Anfang", "duration": 2400, "event_id": "GYAZK8", "language": "de", "track_id": 5, "speaker_names": "Knud Jahnke", "abstract": "<p>\u201eEuclid\" ist seit 2023 das neue Weltraumteleskop der Europ\u00e4ischen Weltraumbeh\u00f6rde mit Beteiligungen eines Wissenschaftskonsortiums aus vierzehn europ\u00e4ischen L\u00e4ndern, den USA, Kanada und Japan. Gestartet vor knapp eineinhalb Jahren, l\u00e4uft jetzt seit gut 9 Monaten die wissenschaftliche Himmeldurchmusterung. Auf dem 37C3 konnte ich die ersten f\u00fcnf \"Early Release Observation\" Bilder vorstellen, seitdem ist viel passiert. Vor allem l\u00e4uft nach ein paar Anlaufschwierigkeiten die Mission richtig gut und viele hundert Quadratgrad des Himmels sind bereits fertig kartiert - die Datenbearbeitung und Auswertung l\u00e4uft. Ich werde weitere Bilder und einen kleinen Blick hinter die Kulissen zeigen.</p>", "room_id": 3, "start_time": "2024-12-29T13:50:00+01:00"}, {"title": "Die Elektronische Patientenakte (ePA)\u2013 a legal instruction trap?", "duration": 2400, "event_id": "TKWN7X", "language": "de", "track_id": 7, "speaker_names": "cbro", "abstract": "<p>Kaum ein IT-Gesundheitsprojekt bleibt so hinter den Erwartungen und Versprechen zur\u00fcck wie die Elektronische Patientenakte (ePA). Sie wird in 2025 zur Pflicht. Jede gesetzlich versicherte Person die nicht widerspricht, bekommt eine mit Abrechnungsdaten bef\u00fcllte ePA kostenlos. Da nichts kostenlos ist, bist Du auch in diesem Fall nicht Kunde sondern Ware und bezahlst bestenfalls nur mit Deinen Daten ...</p>", "room_id": 2, "start_time": "2024-12-29T21:10:00+01:00"}, {"title": "Can We Find Beauty in Tax Fraud?", "duration": 2400, "event_id": "YTE8AH", "language": "en", "track_id": 1, "speaker_names": "martin", "abstract": "<p>What do Olaf Scholz, blue ikea bags, Moldova, Deutsche Bank, fine art, and Butyrka Prison have in common?</p> <p>Join us for a brief stroll through the hidden, shady world of large-scale tax fraud, cross-border financial crime, money laundering, and corruption. We\u2019ll examine both common and lesser-known financial exploits, drawing on revelations from journalists, activists, and investigators over the last few decades.</p>", "room_id": 1, "start_time": "2024-12-29T15:45:00+01:00"}, {"title": "Ein unmoralisches Angebot: Wie wir unsere Communities vor ideologischen Zugriffen sch\u00fctzen", "duration": 2400, "event_id": "PN3TE3", "language": "de", "track_id": 7, "speaker_names": "elenos", "abstract": "<p>In beschleunigten Krisenzeiten w\u00e4chst mit der \u00dcberforderung auch die Sehnsucht nach einer klaren Ordnung: Weltbilder, die das Chaos auf ein moralisch aufgeladenes \"Entweder-Oder\" reduzieren. </p> <p>Mit dieser bin\u00e4ren Logik werden alle L\u00f6sungen, die das \"Sowohl-als-auch\" denken, abgem\u00e4ht. Die verheerende Folge: zwischen aufgeheiztem Lagerdenken, Positionierungsdruck und Rhetorik von individueller Schuld und Scham ist kein kollektives Handeln mehr m\u00f6glich.</p> <p>Der Talk macht das unmoralische Angebot eines universalistischen und anwender*innenfreundlichen \u201eSecurity-Updates\". Eine Empfehlung, auf was wir dringend achten sollten, um unser Netzwerk handlungsf\u00e4hig zu halten.</p>", "room_id": 1, "start_time": "2024-12-29T13:50:00+01:00"}, {"title": "Die Faszination des echten Kugelspiels", "duration": 2400, "event_id": "ALAJNW", "language": "de", "track_id": 1, "speaker_names": "Gunther", "abstract": "<p>Der Vortrag ist ein pers\u00f6nlicher Blick auf die Geschichte, Vielfalt und Entwicklung im Bereich der Flipperautomaten und ist motiviert durch die eigene Begeisterung f\u00fcr diese Form von Unterhaltungstechnik. Geschichte und Geschichten der Ger\u00e4te wird anhand eigener Erfahrungen, Sammlung und Recherche sowie Geschehnissen und eigene Anwendungen der Ger\u00e4te (Kauf, Reparatur, Restauration, Modifikation, ...) pr\u00e4sentiert und soll die Faszination und das Interesse daf\u00fcr wecken oder Interessierte zusammenbringen. Es ist geplant, auch Ger\u00e4te zum Kongress mitzubringen, die bespielt und/oder im Detail erkl\u00e4rt werden k\u00f6nnen und vielleicht sogar ein Ger\u00e4t zum Basteln bereit zu stellen.</p>", "room_id": 3, "start_time": "2024-12-28T23:55:00+01:00"}, {"title": "RadioMining - Playlist-Scraping und Analyse", "duration": 3600, "event_id": "8U8ARN", "language": "de", "track_id": 5, "speaker_names": "Stefan Magerstedt", "abstract": "<p>Seit einigen Jahren hat Stefan von etwa vierzig regul\u00e4ren deutschen (Pop-)Radiosendern die Playlisten gespeichert. Welche Meta-Informationen sich daraus ergeben und welche Abh\u00e4ngigkeiten von Jahreszeiten, Charts und Ereignissen sich abzeichnen, wird in einem unterhaltsamen Vortrag zum Besten gegeben.</p>", "room_id": 3, "start_time": "2024-12-28T21:45:00+01:00"}, {"title": "Automation and Empathy: Can We Finally Replace All Artistic Performers with Machines?", "duration": 2400, "event_id": "JQS3KA", "language": "en", "track_id": 1, "speaker_names": "moritz simon geist", "abstract": "<p>In this talk, artist and robotic musician Moritz Simon Geist explores whether robots and avatars can establish an emotional connection with a human audience, and examines the implications this has for arts and culture.</p>", "room_id": 3, "start_time": "2024-12-28T23:00:00+01:00"}, {"title": "Dead Man\u2019s Switch. An art shield to protect the life of Julian Assange", "duration": 2400, "event_id": "XCLUY7", "language": "en", "track_id": 1, "speaker_names": "Andrei Molodkin, Arianna Mondin", "abstract": "<p>Artist Andrei Molodkin held $45million of art hostage to free Julian Assange. He vowed to dissolve Picasso, Rembrandt, Warhol and other masterpieces in acid using a dead man\u2019s switch device inside a 29-tonne Grade 5 Safe Room if Julian Assange was to die in prison. The talk will explain the process and methodology.</p>", "room_id": 3, "start_time": "2024-12-27T19:15:00+01:00"}, {"title": "Transparency? Not from the European Commission", "duration": 2400, "event_id": "7L7TBY", "language": "en", "track_id": 7, "speaker_names": "Kris Shrishak", "abstract": "<p>The European Commission is the executive branch of the European Union with the duty to uphold the law. The transparency of the Commission \u0301s actions and decisions range from questionable to abysmal. Attempts by the public to access information are often thwarted. This talk will cover the Commission \u0301s lack of transparency, challenges faced by the public in accessing information, Commission \u0301s tactics and examples of the European Ombudsman \u0301s interventions to improve the situation. Whether you are interested in ChatControl, AI or public procurement, this talk will have you covered.</p>", "room_id": 3, "start_time": "2024-12-27T12:55:00+01:00"}, {"title": "Feelings of Structure in Life, Art, and Neural Nets", "duration": 3600, "event_id": "VL9VZ9", "language": "en", "track_id": 1, "speaker_names": "Peli Grietzer", "abstract": "<p>One of the basic ways we navigate the world is through \u2018feelings of structure\u2019 -- our experience of the inner logic of a system or a situation as a tone, a vibe, a mood. I argue that building a technical analogy between \u2018feelings of structures\u2019 and autoencoder neural networks lets us construct a kind of theory of vibe: a theory that lets us see how sets of material (/digital) objects express a worldview and vice versa, and that can explain the deep role art plays in expressing, developing, and challenging our understanding of the world.</p>", "room_id": 2, "start_time": "2024-12-28T21:45:00+01:00"}, {"title": "From Pegasus to Predator - The evolution of Commercial Spyware on iOS", "duration": 3600, "event_id": "CUFLJP", "language": "en", "track_id": 6, "speaker_names": "Matthias Frielingsdorf", "abstract": "<p>My talk explores the trajectory of iOS spyware from the initial discovery of Pegasus in 2016 to the latest cases in 2024.</p> <p>The talk will start with an analysis how exploits, infection vectors and methods of commercial spyware on iOS have changed over time.</p> <p>The second section of the talk is all about advances in detection methods and the forensic sources which are available to discover commercial spyware. This talk will also include a Case Study about the discovery and analysis of BlastPass (one of the latest NSO Exploits).</p> <p>The third part will discuss technical challenges and limitations of the detections methods and data sources.</p> <p>Finally, I will conclude the talk with open research topics and suggestions what Apple or we could technically do to make the detection of commercial spyware better.</p>", "room_id": 3, "start_time": "2024-12-28T13:30:00+01:00"}, {"title": "identity theft, credit card fraud and cloaking services \u2013 how state-sponsored propaganda makes use of the cyber criminal toolbox", "duration": 2400, "event_id": "3QG7TT", "language": "en", "track_id": 7, "speaker_names": "Alexej Hock, Max Bernhard", "abstract": "<p>The Russian disinformation campaign Doppelg\u00e4nger is considered to be technically highly sophisticated. Research by CORRECTIV and Qurium has revealed that the Russian state relies on the toolbox of internet fraudsters for the dissemination of propaganda and fakes. A talk on the state's possible alliance with the criminal world - and on possibilities and limitations of countering it.</p>", "room_id": 1, "start_time": "2024-12-30T13:50:00+01:00"}, {"title": "Spatial Interrogations Or the Color of the Sky", "duration": 2400, "event_id": "WADJP3", "language": "en", "track_id": 1, "speaker_names": "Artur Neufeld", "abstract": "<p>Modern 3D capture through Gaussian Splatting and human memory reveal parallel landscapes \u2013 where precise centers fade into probabilistic smears at the edges, and gaps hold as much meaning as detail. This is about the preservation of an ephemeral present in digital amber, an interrogation of how we reconstruct both digital and remembered spaces.</p>", "room_id": 2, "start_time": "2024-12-27T20:15:00+01:00"}, {"title": "What the PHUZZ?! Finding 0-days in Web Applications with Coverage-guided Fuzzing", "duration": 3600, "event_id": "MAUBFS", "language": "en", "track_id": 6, "speaker_names": "Sebastian Neef (gehaxelt)", "abstract": "<p>PHUZZ is a framework for Coverage-Guided Fuzzing of PHP Web Applications</p> <p>Fuzz testing is an automated approach to vulnerability discovery. Coverage-guided fuzz testing has been extensively researched in binary applications and the domain of memory corruption vulnerabilities. However, many web vulnerability scanners still rely on black-box fuzzing (e.g., predefined sets of payloads or basic heuristics), which severely limits their vulnerability detection capabilities. In this talk, we present our academic fuzzing framework, \"PHUZZ,\" and the challenges we faced in bringing coverage-guided fuzzing to PHP web applications. Our experiments show that PHUZZ outperforms related works and state-of-the-art vulnerability scanners in discovering seven different vulnerability classes. Additionally, we demonstrate how PHUZZ uncovered over 20 potential security issues and two 0-day vulnerabilities in a large-scale fuzzing campaign of the most popular WordPress plugins.</p>", "room_id": 2, "start_time": "2024-12-27T16:00:00+01:00"}, {"title": "Hacker Jeopardy", "duration": 7200, "event_id": "8C7KKR", "language": "en", "track_id": 3, "speaker_names": "Sec, Ray", "abstract": "<p>The Hacker Jeopardy is a quiz show.</p>", "room_id": 1, "start_time": "2024-12-30T00:15:00+01:00"}, {"title": "Der CCC-Jahresr\u00fcckblick", "duration": 7200, "event_id": "LE7FJL", "language": "de", "track_id": 2, "speaker_names": "erdgeist, Matthias Marx, khaleesi, Linus Neumann, Constanze Kurz", "abstract": "<p>Wir geben einen \u00dcberblick \u00fcber die Themen, die den Chaos Computer Club 2024 besch\u00e4ftigt haben.</p> <p>Neben der Zusammenfassung und der R\u00fcckschau auf das vergangene Jahr wollen wir aber auch \u00fcber zuk\u00fcnftige Projekte und anstehende Diskussionen reden.</p>", "room_id": 1, "start_time": "2024-12-28T16:00:00+01:00"}, {"title": "Escaping Big Brother (or Your Ex) - counter surveillance for women's shelters", "duration": 2400, "event_id": "DTH9RS", "language": "en", "track_id": 7, "speaker_names": "erlern", "abstract": "<p>Maintaining privacy and security when those closest to you is exploiting the worst of surveillance capitalism and patriarchy to pwn you is a user case no one planned for. Or should Big Tech have known better? Gender-based violence has existed in all societies and centuries, but in the 21st one the digital arena is proving to be especially tricky for victims. When (primarily) women leave their abusive (primarily) male partners or family members they often have to leave behind everything and make a clean break - including from their digital identities. This is way easier said than done. (Ever tried unsubscribing from.. anything?) Surveillance capitalism has further exacerbated this challenge, as stalker-ware is becoming increasingly prevalent and easy to use, if not a default feature. Stalking As A Service is of course already a thing, and why should you watch someones house in the rain all night when you can let your Tesla do it for you? Lost your wife? Hide an AirTag in the lining of her bag and have two billion iPhones keep track of her across the planet. Apple won't tell.</p> <p>It's almost like society is fundamentally misogynistic and internet accelerated the opportunity for patriarchal control..?</p> <p>This talk shares experiences working with women's shelters and training victims as well as activists and professionals in cyber security and opsec. The situation's bad and it's getting worse, fast.</p>", "room_id": 2, "start_time": "2024-12-28T23:55:00+01:00"}, {"title": "From fault injection to RCE: Analyzing a Bluetooth tracker", "duration": 2400, "event_id": "YM3UTV", "language": "en", "track_id": 6, "speaker_names": "Nicolas Oberli", "abstract": "<p>The Chipolo ONE is a Bluetooth tracker built around the Dialog (now Renesas) DA14580 chip. This talk will present the research made on this device, from extracting the firmware from the locked down chip using fault injection up to getting remote code execution over Bluetooth. The talk will also present the disclosure process and how the vendor reacted to an unpatchable vulnerability on their product.</p>", "room_id": 2, "start_time": "2024-12-27T17:15:00+01:00"}, {"title": "Projekt Bucketchallenge", "duration": 2400, "event_id": "ETSHKS", "language": "de", "track_id": 6, "speaker_names": "Kaspar", "abstract": "<p>S3 Buckets mit k\u00fcbelweise privaten Daten: Finden, melden, kein Problem. Aber grundlegend was \u00e4ndern? Denkste!</p>", "room_id": 2, "start_time": "2024-12-28T23:00:00+01:00"}, {"title": "Hacking Life: How to decode and manipulate biological cells with AI", "duration": 2400, "event_id": "UBWU9D", "language": "en", "track_id": 5, "speaker_names": "Moritz Schaefer", "abstract": "<p>AI methods are advancing biological research in diverse directions. In this talk, you will learn how we decode the fundamental building blocks of life with AI, and how it will help us to hack cells to cure diseases and beyond.</p>", "room_id": 2, "start_time": "2024-12-29T20:15:00+01:00"}, {"title": "How election software can fail", "duration": 3600, "event_id": "UR9CYP", "language": "en", "track_id": 6, "speaker_names": "Benjamin W. Broersma", "abstract": "<p>Experiences from a hacker working at the Election Council of The Netherlands.</p>", "room_id": 3, "start_time": "2024-12-29T23:00:00+01:00"}, {"title": "Azubi-Tag Einf\u00fchrung", "duration": 2400, "event_id": "PSX7FY", "language": "de", "track_id": 2, "speaker_names": "", "abstract": "<p>Siehe <a href=\"https://events.ccc.de/congress/2024/infos/azubi-tag.html\">https://events.ccc.de/congress/2024/infos/azubi-tag.html</a></p>", "room_id": 3, "start_time": "2024-12-29T09:30:00+01:00"}, {"title": "Longtermismus \u2013 der \u201eGeist\u201c des  digitalen Kapitalismus", "duration": 2400, "event_id": "RWD9LP", "language": "de", "track_id": 7, "speaker_names": "Max Franz Johann Schnetker", "abstract": "<p>Der Vortrag wirft einen sozialwissenschaftlichen Blick auf die Ideologie des Longtermismus. Seine Funktion im digitalen Kapitalismus wird analysiert. Mithilfe von Klassikern der Soziologie wird dargestellt, warum sich diese Ideologie in eine faschistische Richtung entwickelt.</p>", "room_id": 2, "start_time": "2024-12-30T11:00:00+01:00"}, {"title": "Databroker Files: Wie uns Apps und Datenh\u00e4ndler der Massen\u00fcberwachung ausliefern", "duration": 2400, "event_id": "XBE87S", "language": "de", "track_id": 7, "speaker_names": "Sebastian Meineck, Ingo Dachwitz, Rebecca Ciesielski", "abstract": "<p>Databroker verschleudern unsere Daten. \u00dcber einen Datenmarktplatz konnten wir 3,6 Milliarden Handy-Standortdaten aus Deutschland ergattern. Darin fanden wir detaillierte Bewegungsprofile, unter anderem von Geheimagent:innen, Soldat:innen und hochrangigen Regierungsbeamt:innen. Hier h\u00f6rt ihr die absurde Geschichte, wie einfach solche Daten zu haben sind, was den z\u00fcgellosen Datenhandel so gef\u00e4hrlich macht \u2013 und wie wir gemeinsam f\u00fcr eine L\u00f6sung k\u00e4mpfen k\u00f6nnen.</p>", "room_id": 1, "start_time": "2024-12-29T12:55:00+01:00"}, {"title": "KLARHEIT ALS WAFFE", "duration": 3600, "event_id": "HWSQQG", "language": "de", "track_id": 1, "speaker_names": "Luzius Bernhard, lizvlx (UBERMORGEN)", "abstract": "<p>UBERMORGEN infiltriert Kunst, Medien und digitale Monokulturen mit subversiver Affirmation. Wie Donald Trump auch, zerst\u00f6ren sie t\u00e4glich ihr Gesch\u00e4ftsmodell, um daraus radikal neue L\u00f6sungen zu schaffen. Anhand von Projekten wie Vote-Auction, Google Will Eat Itself und PMC Wagner Arts dokumentieren sie ihre k\u00fcnstlerische Evolution im Never-Ending Now. Chaos ist ihre Methode, Kunst ihre Neue Ehrlichkeit, Klarheit ihre Waffe.</p>", "room_id": 1, "start_time": "2024-12-27T17:15:00+01:00"}, {"title": "Dude, Where's My Crypto? - Real World Impact of Weak Cryptocurrency Keys", "duration": 2400, "event_id": "PEN9QU", "language": "en", "track_id": 6, "speaker_names": "John Naulty", "abstract": "<p>We present Milksad, our research on a class of vulnerabilities that exposed over a billion dollars worth of cryptocurrency to anyone willing to 'crunch the numbers'. The fatal flaw? Not enough chaos. Learn how we found and disclosed issues in affected open source wallet software, brute-forced thousands of individual affected wallets on a budget, and traced over a billion US dollars worth of prior transactions through them.</p>", "room_id": 3, "start_time": "2024-12-30T11:00:00+01:00"}, {"title": "Pyrotechnik \u2013 ist doch kein Verbrechen!?", "duration": 3600, "event_id": "NA9SF8", "language": "de", "track_id": 4, "speaker_names": "felix, bijan", "abstract": "<p>Feuerwerk erregt die Gem\u00fcter - und das seit mehreren hundert Jahren. Gemeinsam beleuchten wir technische, kulturelle und gesellschaftspolitische Aspekte eines der faszinierenderen und gleicherma\u00dfen umstritteneren Ph\u00e4nomene unserer Zeit.</p> <p><strong>Hinweis:</strong> W\u00e4hrend des Vortrags kommt es zu Blitzen und Knallen.</p>", "room_id": 1, "start_time": "2024-12-29T23:00:00+01:00"}, {"title": "io_uring, eBPF, XDP and AF_XDP", "duration": 3600, "event_id": "LNDJX3", "language": "en", "track_id": 6, "speaker_names": "Harald Welte", "abstract": "<p>Modern high-performance networking APIs on Linux - beyond the classic BSD sockets API.</p>", "room_id": 3, "start_time": "2024-12-28T17:15:00+01:00"}, {"title": "Is Green Methanol the missing piece for the Energy Transition?", "duration": 2400, "event_id": "BQFULL", "language": "en", "track_id": 5, "speaker_names": "Hanno B\u00f6ck", "abstract": "<p>In an accelerating climate crisis, renewable energy and electrification are the most important tools to reduce greenhouse gas emissions. However, in sectors where electrification is infeasible or impossible, other solutions will be needed. While hydrogen gets a lot of attention, it suffers from challenges like being difficult to transport and store. While it does not receive nearly as much attention as hydrogen, another molecule, methanol, could play a crucial role in bringing down emissions in challenging sectors like shipping, aviation, or the chemical industry.</p>", "room_id": 3, "start_time": "2024-12-30T12:00:00+01:00"}, {"title": "Biological evolution: writing, rewriting and breaking the program of life", "duration": 2400, "event_id": "7YDWFB", "language": "en", "track_id": 5, "speaker_names": "Enrico Sandro Colizzi, Renske Vroomans", "abstract": "<p>Biological evolution is a great inventor. Over 4 billion years, it has generated an astonishing diversity of lifeforms, from the tiniest bacteria to the tallest trees. Each new organism inherits a genetic program from its parents - a set of instructions to \u201cbuild\u201d the organism itself. Random mutations in this program can alter the organism\u2019s traits, affecting its ability to survive in its environment. But how do these small changes combine over thousands of generations to yield the vast complexity we see in present-day lifeforms?</p> <p>In this talk, we discuss examples from our research, using computer simulations to model the early evolution of animals, from single-celled microbes to complex multicellular organisms. We show that evolution behaves a bit like a hacker, repurposing the programs it previously built in unexpected ways to create new functions and structures. </p> <p>Understanding how evolution continually innovates is one of biology\u2019s grand challenges. We also hope that uncovering these processes in biological systems will provide new perspectives on current debates about the generative and creative capabilities of AI.</p>", "room_id": 3, "start_time": "2024-12-29T16:40:00+01:00"}, {"title": "Lightning Talks Day 2", "duration": 7200, "event_id": "NAGY9B", "language": "de", "track_id": 2, "speaker_names": "", "abstract": "<p>Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick!</p>", "room_id": 3, "start_time": "2024-12-28T11:00:00+01:00"}, {"title": "BlinkenCity: Radio-Controlling Street Lamps and Power Plants", "duration": 3600, "event_id": "HSNZGR", "language": "en", "track_id": 6, "speaker_names": "Fabian Br\u00e4unlein, Luca Melette", "abstract": "<p>A significant portion of Europe's renewable energy production can be remotely controlled via longwave radio. While this system is intended to stabilize the grid, it can potentially also be abused to destabilize it by remotely toggling energy loads and power plants. </p> <p>In this talk, we will dive into radio ripple control technology, analyze the protocols in use, and discuss whether its weaknesses could potentially be leveraged to cause a blackout, or \u2013 more positively \u2013 to create a city-wide Blinkenlights-inspired art installation.</p>", "room_id": 1, "start_time": "2024-12-28T21:45:00+01:00"}, {"title": "38C3: Return to legal constructions", "duration": 2400, "event_id": "VZCYSX", "language": "en", "track_id": 2, "speaker_names": "Gabriela Bogk, Aline Blankertz", "abstract": "<p>Let's join in a quiet moment to bid farewell to the chaotic wonderland that has been 38C3 and prepare ourselves for the harsh reality outside.</p>", "room_id": 1, "start_time": "2024-12-30T18:00:00+01:00"}, {"title": "Typing Culture with Keyboard: Okinawa - Reviving the Japanese Ryukyu-Language through the Art and Precision of Digital Input", "duration": 2400, "event_id": "FQESP3", "language": "en", "track_id": 1, "speaker_names": "Daichi Shimabukuro", "abstract": "<p>In a world dominated by digital communication and the drive toward linguistic unification, the simple act of 'typing' varies significantly across languages and writing systems. For European languages like English and German, typing typically involves a set of about 100 letters and symbols. In contrast, Japanese\u2014and by extension, Okinawan\u2014requires three distinct scripts: hiragana, katakana, and kanji. Each of these adds layers of complexity and cultural depth to written expression.</p> <p>This presentation delves into the development of an input method engine (IME) for Okinawan, an endangered language spoken in Japan's Ryukyuan archipelago. Moving beyond technical challenges, this project reveals how modern digital \u2018calligraphy\u2019 intersects with language preservation. Every keystroke becomes a deliberate cultural choice, as the IME reflects the aesthetic and linguistic essence of Okinawan language.</p> <p>Highlighting linguistic expression, cultural significance, and the urgent need for language preservation, this talk presents a model for future digital tools that empower endangered languages and cultures to thrive in the digital realm.</p>", "room_id": 2, "start_time": "2024-12-27T11:00:00+01:00"}, {"title": "Find My * 101", "duration": 2400, "event_id": "EAT3WZ", "language": "en", "track_id": 6, "speaker_names": "Henryk Pl\u00f6tz", "abstract": "<p>I'll introduce the technology underlying bluetooth trackers from Apple and Google, and will describe and show what can actually be seen on the air (using a hackrf/rad1o for example).</p> <p>This is part demonstration of what is possible right now, part explanation of the underlying principles, and part invitation to would-be hackers to make creative use of this technology.</p>", "room_id": 1, "start_time": "2024-12-30T14:45:00+01:00"}, {"title": "corebooting Intel-based systems", "duration": 2400, "event_id": "WHDXXH", "language": "en", "track_id": 4, "speaker_names": "aprl, elly", "abstract": "<p>Gaining a reasonable level of trust on the firmware that runs your everyday activities</p>", "room_id": 2, "start_time": "2024-12-30T14:45:00+01:00"}, {"title": "Mal was mit Holz", "duration": 2400, "event_id": "WDCRSE", "language": "de", "track_id": 4, "speaker_names": "Metal_Warrior", "abstract": "<p>Bildervortrag zum Thema \"Nachhaltige Inneneinrichtung\" mit Mitbringseln zum Anfassen sowie Tipps &amp; Tricks zu Konstruktion, Gestaltung und Durchf\u00fchrung</p>", "room_id": 3, "start_time": "2024-12-30T00:15:00+01:00"}, {"title": "Investigating the Iridium Satellite Network", "duration": 3600, "event_id": "GDPEUA", "language": "en", "track_id": 4, "speaker_names": "Sec, schneider", "abstract": "<p>The Iridium satellite (phone) network is evolving and so is our understanding of it. Hardware and software tools have improved massively since our last update at 32C3. New services have been discovered and analyzed. Let's dive into the technical details of having a lot of fun with listening to satellites.</p>", "room_id": 1, "start_time": "2024-12-27T16:00:00+01:00"}, {"title": "Gemeinwohlorientierte Forschung mit KI: Missbrauch eind\u00e4mmen durch Zweckbindung f\u00fcr KI-Modelle", "duration": 2400, "event_id": "MGSXPN", "language": "de", "track_id": 5, "speaker_names": "Rainer M\u00fchlhoff, Hannah Ruschemeier", "abstract": "<p>Trainierte KI-Modelle sind m\u00e4chtige Werkzeuge, die in Wissenschaft und Forschung oft f\u00fcr gute Zwecke gebaut werden. Aber wie alle Werkzeuge k\u00f6nnen sie auch zweckentfremdet werden \u2013 in Bereichen, f\u00fcr die sie nicht gedacht waren, in denen sie profitgierigen Interessen dienen und gesellschaftlichen Schaden anrichten. Vor dem Hintergrund des Trends von \"open source\" AI ist die Gefahr der unkontrollierten Zweckentfremdung von KI-Modellen enorm gestiegen. Wir zeigen: Das Risiko einer missbr\u00e4uchlichen Sekund\u00e4rnutzung von f\u00fcr Forschungszwecke trainierten KIs ist aktuell die gr\u00f6\u00dfte regulatorische L\u00fccke, trotz DSGVO und AI-Act. Zugleich erm\u00f6glicht das Zweckentfremden von Modellen die immer weiter wachsende Machtposition von Big Tech. Um das Problem zu bek\u00e4mpfen, muss das Prinzip \"Zweckbindung\" f\u00fcr das Zeitalter der KI geupdated werden.</p>", "room_id": 2, "start_time": "2024-12-28T12:00:00+01:00"}, {"title": "Security Nightmares", "duration": 3600, "event_id": "SDFDUW", "language": "de", "track_id": 2, "speaker_names": "Ron, Constanze Kurz", "abstract": "<p>Der IT-Sicherheitsalptraum-R\u00fcck\u00adblick: Manchmal belustigend, zuweilen beunruhigend, aber mit Ausblick.</p>", "room_id": 1, "start_time": "2024-12-30T16:40:00+01:00"}, {"title": "Proprietary silicon ICs and dubious marketing claims? Let's fight those with a microscope!", "duration": 2400, "event_id": "CMQST8", "language": "en", "track_id": 4, "speaker_names": "giulioz", "abstract": "<p>Custom silicon chips are black boxes that hold many secrets, like internal ROMs, security features and audio DSP algorithms. How does one start reverse engineer them? Let's look at the basics of silicon reverse engineering, what gate array chips are, and how some tooling can generate Verilog code automatically from a die shot.</p>", "room_id": 3, "start_time": "2024-12-27T22:05:00+01:00"}, {"title": "Vom Betrieb bis ins Netz: Gewerkschaften als Vorbild f\u00fcr modernen Widerstand?", "duration": 2400, "event_id": "CHDQRA", "language": "de", "track_id": 7, "speaker_names": "Joana Starck, Laurent Kuffert", "abstract": "<p>Von kreativen Strategien und Herausforderungen aus der Gewerkschaftsarbeit im Kampf f\u00fcr Arbeiter*innenrechte</p>", "room_id": 2, "start_time": "2024-12-29T12:55:00+01:00"}, {"title": "Brauchbare Illegalit\u00e4t \u2013 Organisationen f\u00fcr menschenfeindliche Diskurse wappnen", "duration": 2400, "event_id": "8CZXCG", "language": "de", "track_id": 7, "speaker_names": "Johannes Fertmann", "abstract": "<p>Organisationen und die in ihnen stattfindenden Gespr\u00e4che und Debatten haben einen gro\u00dfen Einfluss auf ihre Mitglieder und ihr Umfeld. Es ist daher bedeutsam und beunruhigend, wenn in diesen Diskursen Grunds\u00e4tze unseres gesellschaftlichen Zusammenlebens in Frage gestellt werden. Was tun? </p> <p>Luhmanns Begriff der \" Brauchbaren Illegalit\u00e4t \" beschreibt elegant und kraftvoll funktionale Regelabweichungen in Organisationen. In diesem Talk werden ausgehend von diesem Begriff Gestaltungsm\u00f6glichkeiten f\u00fcr Strukturen, Praktiken und Hacks vorgestellt. Diese Anregungen zeigen, wie die ausgesprochenen und unausgesprochenen Regeln einer Organisation so ver\u00e4ndert werden k\u00f6nnen, dass sie eine demokratische und fortschrittliche Gesellschaft st\u00e4rken.</p>", "room_id": 2, "start_time": "2024-12-29T16:40:00+01:00"}, {"title": "Philosophical, Ethical and Legal Aspects of Brain-Computer Interfaces", "duration": 2400, "event_id": "DFATXZ", "language": "en", "track_id": 5, "speaker_names": "Christoph Bublitz", "abstract": "<p>This talk examines philosophical, legal, and ethical questions of the merging of human minds with intelligent machines through Brain-Computer-Interfaces, provides an overview of current debates and international regulatory development - and what might be at stake when technologies increasingly access the human brain.</p>", "room_id": 3, "start_time": "2024-12-30T15:45:00+01:00"}, {"title": "Illegal instructions by legals - Anweisungen f\u00fcr den anwaltlich begleiteten Rechtsbruch", "duration": 2400, "event_id": "S3WJCS", "language": "de", "track_id": 7, "speaker_names": "Vivian Kube, Vera Magali Keller", "abstract": "<p>Tracker an Tiertransporter, Kameras vor einer Steueroase, Ver\u00f6ffentlichungen von Verschlusssachen, Frontex verpetzen oder sich selbst verpetzen lassen, Menschen in Seenot retten. Zwei Anw\u00e4ltinnen, die Recht(sbruch) studiert haben, teilen mit euch ihre Erfahrungen aus juristischer out of Action preparation, Whistleblowing-Schutz und Anti-Repressions-Arbeit.</p>", "room_id": 1, "start_time": "2024-12-28T11:00:00+01:00"}, {"title": "Breaking NATO Radio Encryption", "duration": 3600, "event_id": "KETTLY", "language": "en", "track_id": 6, "speaker_names": "Lukas Stennes", "abstract": "<p>We present fatal security flaws in the HALFLOOP-24 encryption algorithm, which is used by the US military and NATO. HALFLOOP-24 was meant to safeguard the automatic link establishment protocol in high frequency radio, but our research demonstrates that merely two hours of intercepted radio traffic are sufficient to recover the secret key. In the talk, we start with the fundamentals of symmetric key cryptography before going into the details of high frequency radio, HALFLOOP-24, and the foundation of our attack.</p>", "room_id": 2, "start_time": "2024-12-27T14:45:00+01:00"}, {"title": "MacOS Location Privacy Red Pill: A Rabbit Hole Resulting in 24 CVEs", "duration": 3600, "event_id": "DJR7VP", "language": "en", "track_id": 6, "speaker_names": "Adam M.", "abstract": "<p>User location information is inherently privacy sensitive as it reveals a lot about us: Where do we work and live? Which cities, organizations &amp; institutions do we visit? How does our weekly routine look like? When are we on a vacation and not at home? MacOS has introduced multiple layers of security mitigations to protect sensitive user location information from attackers and malicious applications over the years \u2014 but are these enough?</p>", "room_id": 3, "start_time": "2024-12-28T14:45:00+01:00"}, {"title": "Was macht ein IT-Systemadministrator in einem Alu-Schmelzwerk (Schafft die Deutsche Industrie die Digitalisierung)", "duration": 2400, "event_id": "7RBKND", "language": "de", "track_id": 7, "speaker_names": "Johannes Bernstein", "abstract": "<p>In diesem Vortrag ziehe ich ein schonungsloses Res\u00fcmee aus meinen mittlerweile fast drei Jahren in der Deutschen Industrielandschaft. Ich erz\u00e4hle \u00fcber katastrophale und gef\u00fchlt un\u00fcberwindbare R\u00fcckst\u00e4nde, \u00fcber l\u00e4cherlich hohe Anforderungen bei Zertifizierungen, aber auch \u00fcber gro\u00dfe Hoffnungen, Bem\u00fchungen und eine gef\u00fchlt vollst\u00e4ndige Abwesenheit des Staats und was das bedeutet.</p>", "room_id": 2, "start_time": "2024-12-27T21:10:00+01:00"}, {"title": "Desiring Technology. \u00dcber Porno, Abh\u00e4ngigkeit und Fortschritt", "duration": 2400, "event_id": "9C3JXS", "language": "de", "track_id": 3, "speaker_names": "Arne Vogelgesang", "abstract": "<p>Eine wachsende Zahl von Menschen eignet sich ihre empfundene Abh\u00e4ngigkeit von digitaler Pornografie als mystischen Fetisch an \u2013 sie konsumieren ihren Konsum. Was ist Gooning, wie hat es sich entwickelt und was kann es uns \u00fcber unser Verh\u00e4ltnis zu Medientechnologie im weiteren Sinn erz\u00e4hlen?</p>", "room_id": 1, "start_time": "2024-12-28T00:15:00+01:00"}, {"title": "Postpartum Punk: make space for unfiltered creativity", "duration": 2400, "event_id": "N3FZQD", "language": "en", "track_id": 1, "speaker_names": "Ania Poullain-Majchrzak", "abstract": "<p>After years as a journalist and filmmaker covering topics like crypto, holocaust and showbiz, everything changed for me 3 years ago after the birth of my daughter. </p> <p>While I haven't planned to be a mother, I decided to keep this pregnancy at 41, however this grass turn out to be too high for lawn mower \u2013 I was ready to go for a rave, not to be locked in a baby dark room for 3 years. </p> <p>I felt like my brain had been reprogrammed overnight. The analytical mindset I once relied on\u2014quick to analyse, explore, and understand complex topics\u2014seemed to vanish, replaced by a simpler, instinct-driven state that prioritized pure survival and nurturing yet mixed with unhinged chaos, aux naturelle psychedelic downloads plus no sense of inhibition or fear of being seen. </p> <p>Hand cuffed to a rainbow I was gazing at the black clouds. </p> <p>Despite the shock at this involuntarily IQ transplant, I quickly realised this new mind-tool-set was all in all fulfilling and liberating.</p> <p>I became my own fire brigade with an alternative emergency strap-on.</p> <p>Without the pressure to think analytically, I began channelling this raw energy into my joke band PUShY PUShY PUShY, creating what I now call postpartum punk movement. </p> <p>The idea caught on \u2013 this summer we have been featured in the Guardian and The New Yorker. </p> <p>This fuels my missionarism towards another level: how can we embrace this wild, intuitive mindset, not only as parents but as people? And could new technologies help us experience or even learn from this state?</p>", "room_id": 1, "start_time": "2024-12-29T21:10:00+01:00"}, {"title": "Demystifying Common Microcontroller Debug Protocols", "duration": 3600, "event_id": "8MSZTT", "language": "en", "track_id": 4, "speaker_names": "Sean \"xobs\" Cross", "abstract": "<p>Many developers know that the answer to \"How do I debug this microcontroller\" is either \"JTAG\" or \"SWD\". But what does that mean, exactly? How do you get from \"Wiggling wires\" to \"Programming a chip\" and \"Halting on breakpoints\"? This talk will cover how common debug protocols work starting from signals on physical wires, cover common mechanisms for managing embedded processors, and ending up at talking to various common microcontrollers.</p>", "room_id": 3, "start_time": "2024-12-27T14:45:00+01:00"}, {"title": "Self Models of Loving Grace", "duration": 3600, "event_id": "3TSPQW", "language": "en", "track_id": 5, "speaker_names": "Joscha Bach", "abstract": "<p>Artificial Intelligence is not just an engineering discipline, but also the most fascinating and important philosophical project ever attempted: the explanation of the mind, by recreating it. This part of the series \"From Computation to Consciousness\" focuses on the nature of the self, agency and identity.</p>", "room_id": 2, "start_time": "2024-12-28T16:00:00+01:00"}, {"title": "May the forest be with you \u2013 B\u00e4ume pflanzen gegen die Klimakrise?", "duration": 2400, "event_id": "CEJZ9E", "language": "de", "track_id": 5, "speaker_names": "Kirsten Kr\u00fcger", "abstract": "<p>Der Harz wurde von Borkenk\u00e4fern gefressen, nur jeder vierte Baum in Deutschland gilt als gesund und in Russland sowie Nordamerika brennen die W\u00e4lder in einem enormen Ausma\u00df. Gleichzeitig gelten W\u00e4lder als eine der L\u00f6sungen in der Klimakrise, als CO2-Speicher und Produzent von nachhaltigen, nachwachsenden Rohstoffen. Sind W\u00e4lder in Gefahr auf Grund von D\u00fcrre, Borkenk\u00e4fer und Feuer? Und k\u00f6nnen wir mit Wiederaufforstungen der Klimakrise was entgegensetzten? Kirsten Kr\u00fcger forscht an der Technischen Universit\u00e4t M\u00fcnchen zu St\u00f6rungsdynamiken in W\u00e4ldern und erkl\u00e4rt in ihrem Vortrag, was W\u00e4lder eigentlich alles f\u00fcr uns leisten, warum St\u00f6rungen ein nat\u00fcrlicher Bestandteil von W\u00e4ldern sind und B\u00e4ume pflanzen allein keine akkurate Antwort auf die Klimakrise ist.</p>", "room_id": 2, "start_time": "2024-12-29T19:15:00+01:00"}, {"title": "Dialing into the Past: RCE via the Fax Machine \u2013 Because Why Not?", "duration": 2400, "event_id": "KBSSG9", "language": "en", "track_id": 6, "speaker_names": "Rick de Jager, Carlo Meijer", "abstract": "<p>Remember the days when faxes were the pinnacle of office tech, and the sound of a paper getting pulled in was as satisfying as a fresh cup of coffee? Well, it's time to dust off those memories and reintroduce ourselves to the quirky world of printers and their forgotten fax interfaces \u2013 yes, those relics that make us all feel like we're in an '80ies sci-fi movie \u2013 and specifically, how they can unlock a new frontier in printer security exploits!</p>", "room_id": 2, "start_time": "2024-12-29T14:45:00+01:00"}]
\ No newline at end of file