37C3 Here We Come!
We're sure we are not the only ones who are very happy that the offline version of Chaos Communication Congress will take place again after its three year hiatus. We hope to see you there to celebrate!
Come say hello at our session on open source funding
Together with Prototype Fund and Sovereign Tech Fund, NLnet will have a meetup about funding for free and open source projects. It will be in the Bits & Bäume / about:freedom assembly on Day 1 - 17.00-18.00 - Saal D
Stickerrrrrrrs
We'll bring stickers. Lot's of stickers.
See you there!
CCC is, well, chaotic, so we don't know exactly what else we'll be doing. But if something comes up we'll post it here and/or on the fediverse. That's also where you can contact us if you want to hang out.
NGI0 related talks and activities
Here is a non-exhaustive overview of activities by NGI Zero partners and projects at 37c3.
Place & route on silicon Day 1 - 11.00-11.40 - Saal Zuse
Speaker: Thomas
Abstract: After a brief introduction to digital circuits this talk will outline placement and routing algorithms used for creating digital integrated circuits.
Open CPU / SoC design, all the way up to Debian Day 1 - 12.00-12.40 - Saal Zuse
Speaker: Dolu1990
Abstract: This lecture will cover many aspect of designing a RISC-V CPU, out-of-order execution, multi-core, memory coherency, security and running linux and debian on a FPGA.
Build your own 37C3 Fahrplan app for Android Day 1 - 13.00 - 14.30 - Saal E
Speaker: tbsprs
Description: In this session you learn how build the 37C3 Fahrplan app for Android yourself. You customize colors, change code and bring your own ideas.
chatmail: self-hosting email servers, optimized for chatting with Delta Chat Day 1 -14.00-15.00 - SOS
Speaker: missytake
Description: This session shows how to use chatmail to run a simple mail server setup, optimized for using it for chatting with the email messenger Delta Chat. It has never been this easy to self-host your own decentralized chat server.
All cops are broadcasting Day 1 - 16.00-17.00 - Saal 1
Speakers: Jos Wetzels, Carlo Meijer and Wouter Bokslag
Abstract: This talk will present details of the TETRA:BURST vulnerablities - the result of the first public in-depth security analysis of TETRA (Terrestrial Trunked Radio): a European standard for trunked radio globally used by government agencies, police, military, and critical infrastructure relying on secret cryptographic algorithms which we reverse-engineered and published in August 2023. Adding to our initial disclosure, this talk will present new details on our deanonymization attack and provide additional insights into background and new developments.
p4p meetup Day 1 - 18.00-19.00 - Saal D
Speaker: BOREQ
Description: A p4p meetup, we are going to discuss technologies such as SSB, p2panda, earthstar, cabal, willow, ppppp, dat etc. We want to talk about how to make decentralized tech more popular, update each other on the current state of the community and so on. Expect a lot of anarchy. We probably want to structure this as a short intro + free form loosely structured discussion around the topics we pick at the start of the meeting. The exact form is dependent on how many people will come.
GNUnet e.V. annual meeting Day 2 - 09.00-10.00 - SoS
Description: Annual meeting of GNUnet e.V.
MNT Reform Laptop OSHW CPU Module/Adapter Design in KiCAD Day 2- 12.00-14.00 - Saal D
Speaker: minute
Description: I (Lukas "minute" Hartmann of MNT Research) will give a walk through of how I designed the RCM4/RX8PLUS/RKX7 processor modules/adapters for the MNT Reform family of open hardware computers/laptops with the goal of knowledge transfer and lowering entry barriers into designing your own modules. The idea is to spend around an hour looking at the KiCAD designs together and showing how to get started creating your module. If there is enough interest, I can also talk about the Linux/device tree side of things in the second hour, or change focus to detail topics the attendees are most interested in.
REUSE - Der Goldstandard für die Vermittlung von Lizenz- und Urheberrechtsinformationen Day 2 - 17.00 - 17.45 - SoS
Speaker: BAVATAR
Description: Das Entwickeln, Benutzen und Wiederverwenden von Freier Software macht Spaß, aber die Angabe von Lizenz- und Copyright-Informationen nicht. REUSE (https://reuse.software/) ändert das. In drei einfachen Schritten macht es die Angabe von Lizenz- und Copyright-Informationen eindeutig und perfekt lesbar für Menschen und Maschinen. In diesem Workshop werden wir einen kurzen Überblick über die REUSE-Spezifikation geben und erläutern, wie REUSE die Nachhaltigkeit von Projekten verbessern kann. Anschließend werden wir die neuesten Erkenntnisse aus großen Projekten vorstellen, die vor kurzem auf REUSE umgestellt wurden. Außerdem stellen wir die neuesten Funktionen des REUSE CLI Tools vor.
RFC 9420 or how to scale end-to-end encryption with Messaging Layer Security Day 3 - 15.45-16.30 - Saal Zuse
Speaker: Konrad Kohbrok and Raphael Robert
Description: MLS improves upon existing protocols such as Signal in group messaging applications. We co-authored the protocol specification and will briefly talk about what motivated the creation of MLS, how it relates to other existing messaging protocols as well as its design process in general. As a group messaging protocol, the security guarantees provided by MLS go beyond authentication and confidentiality. We will go into detail on what security properties users can expect and take a look under the hood on how MLS works. While the MLS specification has only been published recently, more work is underway and an ecosystem is already forming around the standard. We’ll touch on topics like MLS implementations, metadata hiding, federation, and interoperability between messengers (also in the context of the new IETF MIMI working group [1]). And of course we’ll share insights into the future of Messaging Layer Security!
Adventures in the Design of Anti-Surveillance Technology (Katzenpost) Day 3 - 18.30-19.10 - Saal E
Speaker: DRQUAITHE
Description: This will be presented by Eva Infeld and Leif Ryge. We hope for an interactive discussion. In a world with state and corporate surveillance actors of immense power, building anonymity technology is an exercise in trade-offs, and few guarantees. But anonymity technology is badly needed. We introduce Katzenpost, a project that enables individuals and communities to build their own mixnets for anonymous communication. It has the eventual goal of resistance to attacks by large-scale passive and active adversaries, and to expected advancements in cryptanalysis such as attacks by cryptographically relevant quantum computers. We will explain our motivations, protocol design choices, and discuss the resulting protocol properties from several perspectives. This talk will also introduce the namenlos network, an instantiation of a mixnet using the Katzenpost software which may be used for experimentation today. Launched in 2022, namenlos consists of servers run by volunteers in several different countries. While we do not currently set security and privacy expectations, namenlos is the first hybrid post-quantum mixnet designed to resist large-scale adversaries built entirely with Free Software.
Mobile reverse engineering to empower the gig economy workers and labor unions Day 4 - 11.00-14.00 - Saal Zuse
Speakers: Claudio Agosti and Gaetano Priori
Abstract: [Reversing.works](https://reversing.works) will outline five years of experience linking trade unions, gig economy workers, GDPR and mobile app reverse engineering. Goal: to replicate an effective form of resistance.
Friends of Rosenpass Meeting Day 4 - 12.00-14.00 - Stage H
Description: Meetup der Interessierten und Freunde am Projekt Rosenpass Project Rosenpass Meetup.
(More) Secure P2P Messaging with Noise and Tox Day 4 - 15.00-16.00 - Bits & Bäume Workshop Space
Speaker: Tobias Buchberger
Description: This talk takes a look at Tox, a distributed/P2P and E2EE messaging solution and its FOSS implementation (toxcore). Tox utilizes state-of-the-art cryptography. However, it is vulnerable to key compromise impersonation (KCI) attacks. KCI is explained and also how this issue can be fixed by using the Noise Protocol Framework. Noise is used to design and implement E2EE messaging with formally-verified security in Tox - by utilizing libsodium. This enables more secure P2P communication with Tox and serves as enabler for Noise adoption in other projects.
Assemblies
NixOS assembly & event: wiki planning Day 1 - 16.00-17.00 - Nixos assembly
Description: We currently are preparing to deploy NixOS wiki under the nixos org foundation. During this event we want to make plans on how to distribute work for content moderation and administration. The meeting will take place at the NixOS assembly
Bits & Bäume / about:freedom assembly.
Description: As with the Chaos Camp, a community area will be created for the Bits & Bäume and about:freedom community. We are creating a place where people, groups and organisations from the fields of digitalisation, sustainability, technology for the common good and freedom rights can present themselves and meet up. Find out more from the organisations, take part in workshops or get in touch in our lounge area. Community meetups will also take place daily for joint dialogue and networking.
XMPP is an open protocol for decentralized and secure real-time communication. Using XMPP, you can chat with your friends and family without relying on a single company or provider. You can use any of the public servers or host one yourself to take part in the network. XMPP is an extensible protocol that is continuously updated with new features and technologies via an open standards process. It supports what you expect from any chat application; group chats, file sharing, end-to-end encryption and much, much more! Our assembly consists of XMPP enthusiasts and of server and client developers. Join or visit us for questions or discussions!
tba
Demo of VPN over the NYM mixnet decentralised infrastructure.
Image attribution: Chaos Communication Congress, 2015. Published by Metercast. This work is licensed under a CC BY-NC-SA 3.0 Deed License.