From Boot to Root: Identifying and Mitigating Security Issues in Bootloaders (glt25)

Chaos Computer Club - recent events feed (low quality)

Player FM - Internet Radio Done Right

28 subscribers

הוסף לפני seven שנים

תוכן מסופק על ידי CCC media team. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי CCC media team או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.

Silver Linings with The Old Gays

1
Our Chosen Family: "The gay community is much bolder today." 33:19

לפני 24 ימים33:19

הפעל מאוחר יותר

רשימות

לייק

אהבתי

33:19

What’s the secret to lasting friendships? How does queer community show up through the ebbs and flows of life? And what’s the REAL story behind the “YMCA” song? In the first episode of Silver Linings, The Old Gays dive into an essential part of queer life: chosen family. They discuss the vital love, support, and sense of belonging that community provides, especially during life's toughest moments. They open up about what “queer” means to them, how chosen family has impacted their lives, and how to maintain close bonds over time–including their love for each other! “We’ve come a long way, baby.” Family isn’t just what you’re born with; it’s the people who show up, shape you, and stick around. See omnystudio.com/listener for privacy information.…

לפני שנה 26:31

MP4•בית הפרקים

With the advent of verified/secure boot, bootloaders have become critical components in the chain of trust for embedded Linux systems. This talk will explore common security issues in verified boot implementations and provide an in-depth analysis of vulnerabilities found in popular bootloaders. Attendees will learn about the implications of these vulnerabilities and practical mitigation strategies to enhance device security. Over decades, the role of bootloaders has been rather straightforward, loading an operating system kernel and starting it, optionally with some configuration or visual enhancements. However, with the rise of verified, or secure boot, bootloaders now find themselves at the beginning of the chain of trust. Being a member of the chain of trust comes with significant responsibility. Bugs or misconfigurations are no longer just unpleasant; they now undermine the entire security concept of a device. In this talk, Richard will highlight common problems he has encountered in verified boot implementations of embedded Linux systems. He will also provide a deep dive into some vulnerabilities he has discovered in popular bootloaders and discuss how to mitigate them. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.linuxtage.at/glt25/talk/JBLASG/

1540 פרקים

#Technologie #CCC media team #Ccc Congress Hacking Security Netzpolitik #Video

From Boot to Root: Identifying and Mitigating Security Issues in Bootloaders (glt25)

Chaos Computer Club - recent events feed (low quality)

28 subscribers

published לפני שנה

שתפו

MP4•בית הפרקים

1540 פרקים

#Technologie #CCC media team #Ccc Congress Hacking Security Netzpolitik #Video

Усі епізоди

Chaos Computer Club - recent events feed (low quality)

1
Closing session (lgm2025) 34:49

לפני 5 ימים34:49

34:49

Goodbye. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.c3voc.de/lgm25-upstream-2025/talk/1063027656/

Chaos Computer Club - recent events feed (low quality)

1
Ink/Stitch (lgm2025) 28:39

לפני 5 ימים28:39

28:39

Machine embroidery is becoming increasingly popular. It is more durable than other customization methods for textiles and it adds a whole new artistic dimension to the design. What makes it so beautiful, also adds a new layer of complexity to the machine embroidery design creation process. In this brief introduction we will learn a few basic essentials on how to create machine embroidery designs using the Open Source vector graphic software Inkscape along with the Ink/Stitch extension. ## Links * [Ink/Stitch](https://inkstitch.org/) * [Inkscape](https://inkscape.org/) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.c3voc.de/lgm25-upstream-2025/talk/2052117469/…

Chaos Computer Club - recent events feed (low quality)

1
How to Run a Film Festival on Libre Graphics (lgm2025) 22:24

לפני 5 ימים22:24

22:24

Organising a film festival is 90% communication. The FOSS and Libre Graphics toolbox is well-equipped for this. However, for many of the tasks that a festival entails (video formats, subtitles), we needed to dig a little deeper. Hear about the challenges we faced and the solutions we came up with! ## Links * [website: LusOFest](https://www.lusofest.de) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.c3voc.de/lgm25-upstream-2025/talk/2743934851/…

Chaos Computer Club - recent events feed (low quality)

1
Printing Maps with Spot Colors (lgm2025) 31:20

לפני 6 ימים31:20

31:20

… using Qgis and Scribus with a little help from Inkscape, and Ghostscript. ### A happy-ending story about finding out the tips and tricks along the way. Last November, we've been comissioned to produce a small series of printed maps for a cultural center in Lessines, Belgium, to celebrate memories of Louis Scutenaire and René Magritte. We aimed for a project using three colors, and decided to go for spot color printing - using libre graphics tools, mainly QGIS for the design of the map, and Scribus for layout elements and to prepare the pdfs for printing. We also used Inkscape to vectorize some small illustrations, as well as Ghostscript to check and sometimes fix the resulting PDFs. Then, once we decided that it would be spot color printing, we had to find out a workflow from QGIS to Scribus in order to produce PDFs for spot-color printing. It was not without a few obstacles that we encountered, as both QGIS and Scribus present limitations in terms of color processing or vector rendering. We will present our productive investigation into both QGIS and Scribus, describe how we use QGIS functionalities to optimize the maps for spot color printing and show the tips and tricks we learned along the way - and share the results, hoping to inspire other mapmakers around to give it a try. ![A](https://libregraphicsmeeting.org/2025/img/events/printing_maps_with_spot_colors-feYCQ39ktaCeaGSR.png) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.c3voc.de/lgm25-upstream-2025/talk/1308567759/…

Chaos Computer Club - recent events feed (low quality)

1
TypeRoof —Type Tooling Infrastructure (lgm2025) 22:02

לפני 6 ימים22:02

22:02

TypeRoof is **type tooling infrastructure**. It provides type proofing applications, initially based on Video Proof and Variable Type Tools. Now it also explores the world of general animation with type as a principal actor, and document creation with general typography in mind and typographical automations based on expert knowledge. TypeRoof is **intended as a host** for all kinds of type related tools, providing advanced methods of resource loading (i.e. fonts, data files) saving and restoring state etc. – features which ad-hoc developed tools typically miss out, as they are hard to do right on limited time. TypeRoof is **Free/Libre Open Source Software and web based**, build mainly with vanilla JavaScript and a few specialized dependencies. We are looking for a community of users and developers who are interested in shaping its future. ## Links * [website: TypeRoof](https://fontbureau.github.io/TypeRoof/docs/) * [git](https://github.com/FontBureau/TypeRoof) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.c3voc.de/lgm25-upstream-2025/talk/622685393/…

Chaos Computer Club - recent events feed (low quality)

1
Inkscape UI Vision Going Forward (lgm2025) 21:02

לפני 6 ימים21:02

21:02

This presentation explores UI improvements for Inkscape, aiming to make it more welcoming for newcomers while enhancing efficiency for experienced users. It showcases design concepts, feedback from the UX team, and discusses how UI refinements can strengthen Inkscape's community. ## Links * [Inkscape](https://inkscape.org/) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.c3voc.de/lgm25-upstream-2025/talk/2407556856/…

Chaos Computer Club - recent events feed (low quality)

1
Libre Designers and the Software Apocalypse (lgm2025) 29:10

לפני 6 ימים29:10

29:10

So, is LGM all about libre tools that software developers make that designers and artists use to make creative work … ? At previous LGMs we’ve talked about open-source design feeding back into improving the look, feel and usability of creative software. But what about the tools used to write those tools? Can we link things back another step? Coding environments have barely changed in decades. Yet the complexity of software produced in them has risen exponentially. The disconnect from cause to effect has become ever greater. All software has bugs, most bugs involve software doing exactly what it was told to do. Sometimes they eat your work, sometimes they kill people. The title of this talk is partly “borrowed” from an article that appeared in The Atlantic in 2017. But is it all hyperbole? This talk was originally proposed for the cancelled LGM in 2020 - the landscape may have evolved since then, such as in the growth of AI, but has it improved? Let’s consider some of the issues. And ongoing experiments in user interaction, liveness and design in various open-source tools that are seeking to change coding for the better. This talk may cover some of the ideas in play. But it certainly won’t have the right answers. It probably hasn’t even found the right questions. But just maybe it’s time to help save the world from code. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.c3voc.de/lgm25-upstream-2025/talk/2351779594/…

Chaos Computer Club - recent events feed (low quality)

1
From Printer Dust Till Graphics Dawn (lgm2025) 20:07

לפני 6 ימים20:07

20:07

In this presentation, we partly follow this year's topic "RE:imagination" and will explore old but not old-fashioned printer control languages such as HP-GL (1970s and 1980s) and PostScript (1980s) and device-specific commands for dot matrix printers (1980s) to better understand how we relate to printers and printing today. What can we learn from these languages from current graphic practices and perspectives? What context were these languages developed in? Which aesthetics can be created with them today and which tools are needed to do so? How can the sharing culture of the FLOSS/LGM community be applied to such old "closed source" devices? This artistic, media archeological, and auto-ethnographic research is part of the Master Experimental Publishing (XPUB) in Rotterdam, where we, students and teachers, studied these languages together in the first 3 months of this year on the most obsolete and almost discarded printing devices of our university. Expect a presentation about frustrations with serial connections, dust removal with compressed air, porous plastic that disintegrates into small pieces, glitch aesthetic with PostScript and the practice of working within the obstacles of dying devices. Watch out for undead pen plotters & printers and their obscure languages! Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.c3voc.de/lgm25-upstream-2025/talk/621783192/…

Chaos Computer Club - recent events feed (low quality)

1
3000 % FasterFile Saving With Time Travel (lgm2025) 20:39

לפני 6 ימים20:39

20:39

A developer talk about coming up with a new file format for [Drawpile](https://drawpile.net/) with the focus being on the findings and ideas that would be useful for other programs as well. Some of those ideas are already implemented and have brought a massive speedup in file saving and loading, some wilder ideas like continuous autosave with history-altering time-travel are in various states of currently still being worked on, but sufficiently cool to talk about anyway. ## Links * [Drawpile](https://drawpile.net/) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.c3voc.de/lgm25-upstream-2025/talk/2882617605/…

Chaos Computer Club - recent events feed (low quality)

1
Lightning Talks Friday (lgm2025) 52:07

לפני 6 ימים52:07

52:07

Five 10 minute slots for lightning talks. Sign-up on location! Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.c3voc.de/lgm25-upstream-2025/talk/2582991739/

Chaos Computer Club - recent events feed (low quality)

1
Introduction to Usability/UX Evaluation Methods (lgm2025) 27:12

לפני 7 ימים27:12

27:12

The session will start with an introduction to the topic of usability and user experience (UX), including the human centered design process (HCD) and design thinking (DT). After having laid out the foundation, a brief overview of different usability evaluation methods is given. The main part of the presentation is about introducing two often used methods: On the one hand the heuristic evaluation as an example of a usability inspection method, and usability testing on the other hand. Both methods can be used to find (potential) usability problems in a software. Whereas a heuristic evaluation is conducted by an expert following a check-list, a usability test needs end users who fulfill tasks to be conducted. After describing how both methods can be used individually, also a practical way to combining them is presented. The session will conclude with an overview of the advantages and disadvantages of each method. ### Three takeaways of this session will be: * A basic awareness for usability/UX and the importance of evaluating it * An overview of the two major usability/UX evaluation methods heuristic evaluation and usability testing * A first idea how to use these methods for your/a software project ## Target group * UX/usability laymen * Contributors to software Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.c3voc.de/lgm25-upstream-2025/talk/4264988911/…

Chaos Computer Club - recent events feed (low quality)

1
Fontra —The Browser-Based Font Editor (lgm2025) 18:25

לפני 7 ימים18:25

18:25

Fontra is a novel, libre, browser-based, cross-platform, variable-first font editor. ## Links * [website: Fontra](https://fontra.xyz/) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.c3voc.de/lgm25-upstream-2025/talk/64122622/

Chaos Computer Club - recent events feed (low quality)

1
Making Waterfalls (lgm2025) 21:11

לפני 7 ימים21:11

21:11

Come learn about some ways to create waterfalls for video games! Inspired by a variety of waterfalls in the Pacific Northwest of the USA, Tom has been playing around with different ways to create waterfalls in the open source Godot game engine, with the help of other open source software such as Blender, Krita, and Gimp. Video game fluid flow is a complex subject, and this talk will outline various methods to cheat so that you don't really have to know complex math to make something acceptable. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.c3voc.de/lgm25-upstream-2025/talk/3330112692/…

Chaos Computer Club - recent events feed (low quality)

1
Re:Imagining a 3D and Interactive Internet (lgm2025) 20:18

לפני 7 ימים20:18

20:18

Hubs is an open-source interactive browser based 3D meeting space. It is now fully integrated in Blender 3D, which is using an extended version of the gltf format. An extension allows you to attach all the basic components to objects, like particles, UV animations, water and much more. But you can also share links, videos and audio right inside your 3D rooms. Soon another feature was added to the gtlf exporter, the Behavior Graph. It enables interactivity via node-based logic and is only available in Blender 3D. It is the very feature we would like to present to you. If you are used to Blender’s nodes graphs, you might feel right at home. However managing interactivity creates a distinct difference, since every node needs to get triggered by events, be it player interaction or just timer based. ![BehaviorGraph Logo Illustration](https://libregraphicsmeeting.org/2025/img/events/re-imagining_3D_interactive_internet-BehaviorGraph.png) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.c3voc.de/lgm25-upstream-2025/talk/3725599921/…

Chaos Computer Club - recent events feed (low quality)

1
Hyper 8 Video System (lgm2025) 20:17

לפני 7 ימים20:17

20:17

[Hyper 8](https://simonrepp.com/hyper8) is a static site generator for video, developed since 2023 and first released in 2024. It uses a file-based, modular building block system for authoring video sites ranging from single videos, to playlists, to video collections of arbitrary hierarchical complexity. Sites can be created and edited using Hyper 8's graphical user interface, but also using nothing more than a terminal, file explorer and text editor (or both). Due to their static nature, Hyper 8 sites are inherently fast, maintenance-free, long-term archivable (also working offline without a server, directly off disk) and compatible with pretty much every webhost (thereby easy to publish and move). In this talk I want to take you on a whirlwind tour around the project: Who is this for? What was the motivation? How does this relate to PeerTube? What is being developed at the moment? Where is it going in the future? What are the challenges, learnings, anecdotes so far? And so on. And of course also: Your questions! ## Links * [Hyper 8 Video System](https://simonrepp.com/hyper8) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://pretalx.c3voc.de/lgm25-upstream-2025/talk/1785153121/…

ברוכים הבאים אל Player FM!

Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.

תקשיבו ל-500+ נושאים

28 subscribers

דומה לChaos Computer Club - recent events feed (low quality)

Mighty Patch™ Original patch from Hero Cosmetics – The #1 Hydrocolloid Acne Pimple Patch for Shrinking Zits and Whiteheads in 1 use; Nighttime Spot Stickers for Face and Skin (36 Count)

Count on Me

Dr. Elsey's Ultra UnScented Clumping Clay Cat Litter 40 lb. Bag

פודקאסטים ששווה להאזין

Chaos Computer Club - recent events feed (low quality) « » From Boot to Root: Identifying and Mitigating Security Issues in Bootloaders (glt25)

From Boot to Root: Identifying and Mitigating Security Issues in Bootloaders (glt25)

פודקאסטים ששווה להאזין

ברוכים הבאים אל Player FM!

The Let Them Theory: A Life-Changing Tool That Millions of People Can't Stop Talking About

The Let Them Theory: A Life-Changing Tool That Millions of People Can't Stop Talking About

2025 Topps Series 1 Baseball - Factory Sealed - Value Box

2025 - American Silver Eagle .999 Fine Silver with our Smyrnacoin Certificate of Authenticity Dollar Uncirculated US Mint

The Let Them Theory: A Life-Changing Tool That Millions of People Can't Stop Talking About

דומה לChaos Computer Club - recent events feed (low quality)

מדריך עזר מהיר

Chaos Computer Club - recent events feed (low quality) « »
From Boot to Root: Identifying and Mitigating Security Issues in Bootloaders (glt25)