38C3 Here We Come!
We're going to Chaos Communication Congress we hope to see you there!
The 38th Chaos Communication Congress (38C3) is the 2024 edition of the annual four-day conference on technology, society and utopia organized by the Chaos Computer Club (CCC) and volunteers. It takes place in Hamburg on 27–30 Dec 2024.
Come say hello at our session on FOSS funding
Together with the Prototype Fund and the Sovereign Tech Agency, NLnet will have a meetup about funding for free and open source projects. Come by if you have questions about funding, have suggestions or remarks or just like to say hi. It will take place on Day 2 at 15.00 at Saal D
Stickerrrrrrrs
We'll bring hex stickers.
NGI0 related talks and activities
Here is a non-exhaustive overview of activities by NGI Zero partners and projects at 38c3.
IRIS: Non-Destructive Inspection of Silicon Day 1 23:00 – 2024-12-28 00:00, Saal GLITCH
Speaker: Andrew 'bunnie' Huang
Abstract: IRIS (Infra-Red, in situ) is a technique for non-destructively inspecting the construction of a select but common type of chip. It can improve visibility into our hardware and provide supporting evidence of its correct construction, without desoldering chips or expensive analytical gear. This talk covers the theory behind IRIS, as well as some embodiments of the technique. I will also frame the relevance of IRIS in the face of various threat scenarios. Time permitting, I’ll also show how you can do it at home by peeking around a few chips as a demo.
Meet the Funders: Sovereign Tech Agency, NLnet, Prototype Fund Day 2 15.00 - 16.00 Saal D
Speakers: From NLnet: Gerben, Marc, Lwenn & Tessel
Are you looking for funding for your project? Unsure if your new idea would be likely to get support? Interested in applying for a grant, in getting to know who ensures funds run smoothly or simply curious? Come say hi! We're here to answer all your questions about our funds.
At this meetup team members from NLnet, the Prototype Fund and the Sovereign Tech Agency will be present to answer questions. The Prototype Fund supports software developers, designers and other creatives in transforming their ideas from a concept into a software prototype. Together with its grantees it explores and tests new ways for technical and social innovations as open source software from society and for society.
The Sovereign Tech Agency supports the development, improvement and maintenance of open digital infrastructure. Its goal is to sustainably strengthen the open source ecosystem. It has a focus on security, resilience, technological diversity, and the people behind the code.
The Design Decisions behind the first Open-Everything FABulous FPGA Day 3 14:45, Saal GLITCH
Speaker: Dirk
With the availability of robust silicon-proven open-source tools, IPs, and process design kits (PDKs), it is now possible to build complex chips without industry tools. This is exactly what we did to design our first open-everything FABulous FPGA, which is an example of open silicon that is designed and programmed entirely with open tools. Produced in the Skywater 130nm process node, our chip features 672 LUTs (each with 4 inputs and a flop), 6 DSP blocks (8x8 bit multipliers with 20-bit accumulators), 8 BRAMs (with 1KB each), and 12 register file primitives (each having 32 4-bit words with 1 write and 2 read ports). The resources are sufficient to run, for instance, a small RISC-V system on the fabric. The FPGA comes with a small board that is designed to fit into an audio cassette case and that can be programmed directly via an USB interface. Moreover, the FPGA supports partial reconfiguration, which allows us to swap the logic of parts of the FPGA while continuing operation in the rest of the chip. The chip was designed with the help of the versatile FABulous framework, which integrates several further open-source projects, including Yosys, nextpnr, the Verilator, OpenRAM, and the OpenLane tool suite. FABulous was used for various embedded FPGAs, including multiple designs manufactured in the TSMC 28nm process node. The talk will discuss and analyze differences and similarities with industry FPGAs and dive into design decision taken and optimizations applied to deliver good quality of results (with respect to area cost and performance). The talk will highlight state-of-the-art in open-source FPGA chip design and provide a deeper than usual discussion on the design principles of these devices.
TETRA Algorithm set B - Can glue mend the burst? Day 3 17:35, Saal ZIGZAG
Speaker: Wouter Bokslag & Jos Wetzels
In August 2023, we published the TETRA:BURST vulnerabilities - the result of the first public in-depth security analysis of TETRA (Terrestrial Trunked Radio): a European standard for trunked radio globally used by government agencies, police, military, and critical infrastructure. Authentication and encryption within TETRA were handled by proprietary cryptographic cipher-suites, which had remained secret for over two decades through restrictive NDAs until our reverse-engineering and publication. This talk is not TETRA:BURST, but dives into the latest TETRA revision introduced in 2022. Most notably, it contains a new suite of cryptographic ciphers. Of course the cipher available for critical infrastructure and civilian use (TEA7) is intentionally crippled, and of course these ciphers were to be kept secret, but this decision was overruled due to public backlash following our publication last year. In this talk we will present a practical attack on the TEA7 cipher, which while taking a 192-bit key, only offers 56 bits of security. Furthermore, we point out improvements and shortcomings of the new standard, and present an update on TEA3 cryptanalysis, where we previously found a suspicious feature, and draw a parallel with its successor TEA6. All in all, in this short and relatively crypto-forward talk, we assess with all-new material whether the new TETRA standard is fit for its intended purpose. This crucial technology seeks to once again take a very central role in our society for decades to come, and its cryptographic resilience is of fundamental importance - for emergency networks, but possibly even more for our critical infrastructure and associated processes.
Assemblies
NixOS assembly & event: wiki planning Day 1 - 16.00-17.00 - Nixos assembly
Description: This is about NixOS, an open-source Linux distribution.
Bits & Bäume / about:freedom assembly.
Description: As with the Chaos Camp, a community area will be created for the Bits & Bäume and about:freedom community. We are creating a place where people, groups and organisations from the fields of digitalisation, sustainability, technology for the common good and freedom rights can present themselves and meet up. Bits & Bäume has many habitat members some of which are NGI0 related such as FSFE, KDE and OpenStreetMap.
Bits & Bäume / about:freedom assembly.
Description: komona is a queer-feminist and anarchist do-it-together community space. This habitat is organized by different anarchist groups and is happy to include other like-minded people. We want to provide a space for activist communities to meet up, exchange ideas, organize and create together. komona has many habitat members some of which are NGI0 related such as Delta Chat and [tbd].
Linux on Mobile
GNU(-like)/Linux on Smartphones - remember the N900? It's a thing again! Projects like Mobian, postmarketOS and Ubuntu Touch offer longer term support for devices that can go well beyond the usual 3-5 years of support. Also: It's fun - come by and talk to us!
Replicant
Replicant is a fully free software Android distribution that puts emphasis on freedom, privacy and security. Replicant's assembly will feature demos of the current Replicant 6 as well as the upcoming Replicant releases. It is the place to come by if you are keen on learning the (sometimes dirty) internals of smartphones and Android. If you are a smartphone hacker please visit us. Replicant is always looking for new contributors on the several work fronts we have going on: modem and GPS protocol reverse-engineering, 3D and 2D graphics acceleration, bootloader unlocking, adding supported for new devices, and many more. Don't be afraid to show up even if you are a novice on these matters. We can assist you installing Replicant or give general advice regarding software freedom on smartphones and tablets.
Rosenpass
Rosenpass is a collective of developers, scientists, researchers, scientific illustrators, LaTeX experts, and cryptography and (usable) security enthusiasts. We develop a post-quantum-secure Virtual Private Network (VPN) protocol, as an open science protocol, and an open source software implementation written in Rust. During 38c3, we will host two self-organised sessions: 1) an install party where we explain how to set up Rosenpass and guide interested people during installation and configuration, and 2) a discussion workshop around the topic of “socially responsible cryptography”. We might have stickers. And you might recognise us by our bunny ears.
Self Organized Sessions
Delta Chat intro/onboarding Day 1 17:00, Komona Table Space (hall H)
Speaker: missytake
Delta Chat, from secure e-mail messaging to Peer-to-Peer realtime networking Day 1 18:00
Speaker: hpk
Delta Chat p2p/realtime/iroh Day 2 21:00, Komona Table Space (hall H)
Speaker: missytake
Delta Chat 2025 roadmap and discussions Day 3 17:00, Komona Table Space (hall H)
Speaker: missytake
Chatmail-server for activists (real-life and upcoming usage) Day 3 19:00, Komona Table Space (hall H)
Speaker: missytake
Image attribution: Ode to old CCH by blinry, 2016. Published by blinry. This work is licensed under a CC BY-SA 4.0 License.
