Software accessibility without the fuzz (38c3)

Chaos Computer Club - recent events feed (low quality)

Chaos Computer Club - recent events feed (low quality)

Player FM - Internet Radio Done Right

28 subscribers

הוסף לפני eight שנים

תוכן מסופק על ידי CCC media team. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי CCC media team או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.

Tinfoil Swans

1
Tristen Epps and the Scrambled Egg Revelation 56:04

לפני 13 ימים56:04

הפעל מאוחר יותר

רשימות

לייק

אהבתי

56:04

Growing up in a military family, Tristen Epps moved around a lot. But no matter where he was living, Friday nights were sacred. He got to dress up, go to a restaurant, not order from a kids menu, and feel like he was getting to know the place he was living — for now. At home, when his mom taught him to scramble an egg, he was mesmerized by the alchemy; one simple ingredient could transform into so many things. It's that wonder and curiosity that transformed him into the leader, visionary, and Top Chef winner he is today. He joined Tinfoil Swans at the Food & Wine Classic in Aspen to talk about his mission to “un-colonize colonized food,” the freedom he feels cooking in Air Jordans, why it's important to him to celebrate oxtails with Michelin-level finesse, and his belief that cooking has power to correct history. For more info visit: foodandwine.com/tinfoilswans Sponsor: Old Fitzgerald® Kentucky Straight Bourbon Whiskey. Bardstown, KY. 50% Alc./Vol. Think Wisely. Drink Wisely. Learn more about your ad choices. Visit podcastchoices.com/adchoices…

לפני שנה 21:57

MP4•בית הפרקים

We've all heard how important digital accessibility is, at this point. But how does one get started with this complex topic? Let's cover all the techy basics! Software accessibility is important, we all know that by now. In the past years while working as an accessibility consultant, many people have asked me the very same question: How do I get started with this? I'm overwhelmed by all the different resources! Heck, I can't find anything useful! In all fairness, I get you. There's so much fuzz surrounding this. Social workers will feel right at home because of this, but frankly, for us techies, it just doesn't work that way. We would like to know what to do precisely, or at least dive deeper into a topic on our own terms. In this talk, I would like to give a brief overview over what's important only for programmers and where you can educate yourself further. We can do this together! Licensed to the public under http://creativecommons.org/licenses/by/4.0 about this event: https://events.ccc.de/congress/2024/hub/event/software-accessibility-without-the-fuzz/

1672 פרקים

#Technologie #CCC media team #Ccc Congress Hacking Security Netzpolitik #Video

Chaos Computer Club - recent events feed (low quality)

Software accessibility without the fuzz (38c3)

Chaos Computer Club - recent events feed (low quality)

28 subscribers

published לפני שנה

שתפו

MP4•בית הפרקים

1672 פרקים

#Technologie #CCC media team #Ccc Congress Hacking Security Netzpolitik #Video

כל הפרקים

Chaos Computer Club - recent events feed (low quality)

1
Why Proprietary Tooling Hurts Your FOSS Project (WHY2025) 22:25

לפני 23 hours22:25

22:25

You’ve released your code under a free license, but your project runs on proprietary platforms like Slack, GitHub, Notion, or Zoom. What’s the harm? In this talk, we’ll explore how relying on closed tools contradicts open source values, excludes contributors, locks your community into corporate ecosystems, and drives away idealistic contributors who care deeply about freedom. We’ll also tackle common justifications, like convenience or popularity, and show how they often mask deeper trade-offs. My goal with this talk is to spark reflection and conversation about the tools we use to build open source projects, not just the code we write. I hope it encourages both new and experienced maintainers to think critically about how proprietary tools may be limiting their communities and values, even unintentionally. The audience will leave with a better understanding of the trade-offs involved, practical alternatives they can explore, and the motivation to make small changes that lead to more open, inclusive, and resilient projects. If more projects switch to even one open alternative, it strengthens the entire open source ecosystem by reducing dependency on tech giants and supporting community-owned infrastructure. Whether you're starting a new project or maintaining a mature one, this talk will challenge you to think critically about the tools you use and advocate for open, community-controlled alternatives that align with the spirit of FOSS. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/WPGMJU/…

Chaos Computer Club - recent events feed (low quality)

1
Embrace Chaos! How Game Randomizers Work (WHY2025) 26:25

לפני 24 hours26:25

26:25

Game randomizers can breathe fresh air into your favorite video games by changing where things are, what enemies you fight, or even what the win conditions are. But how do they work? Let's embrace chaos and learn about them! Game randomizers can breathe fresh air into your favorite video games by changing where things are, what enemies you fight, or even what the win conditions are. But how do they work? In this talk, I'll share my experience building a randomizer for the Gameboy Advance version of Final Fantasy 1. I'll tell you about the stumbling blocks I hit, and how I solved them. I'll also share the lessons I learned building my project, and how I'd do it better next time. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/YXDFYP/…

Chaos Computer Club - recent events feed (low quality)

1
Hack the Grid. Disclosing vulnerabilities to help prevent blackouts (WHY2025) 47:38

לפני 1 day47:38

47:38

The European electricity network has become a ‘smart grid.’ This offers many opportunities for sustainability but also makes our energy system more vulnerable to digital attacks. DIVD has been conducting research into vulnerabilities in charging stations, solar panel inverters, home batteries, and Energy Management Systems. In this talk, we will demonstrate how we could have generated power outages using these zero-days and how we prevent this by disclosing them responsibly. The European electricity network has become a ‘smart grid.’ This offers many opportunities for sustainability but also makes our energy system more vulnerable to digital attacks. In a time of increasing threat of hybrid warfare, the government and the energy sector realize that we as a society must prepare for possible disruption of the energy system and do everything we can to prevent it. Various institutions test smart devices, set safety standards, and monitor compliance with these standards. However, parties such as our grid operators only have control over the energy grid equipment up to the front door. They are not allowed to look beyond the electricity meter, where most smart equipment is located. DIVD is allowed to do this because we are volunteers and a nonprofit. By identifying devices that can form a botnet, DIVD helps to make the smart grid more secure. DIVD has been conducting research into vulnerabilities in equipment of the energy system, such as charging stations, solar panel inverters, home batteries, and (Home) Energy Management Systems. Previous findings have led to several parliamentary questions and follow-up actions by authorities such as RDI, the Dutch Authority on Digital Infrastructure. With the CVD in the Energy Sector program, DIVD conducts research at its own hardware hacking lab in collaboration with the energy sector to reduce the digital vulnerability of our energy system. We also organise hack events. During WHY2025 we also give demos at the Vulnerability Disclosure Village. In this talk, we will demonstrate how we could have generated power outages using zero-days we found in solar converters, electric car chargers and energy management systems. Still, we also did it with just one user-password combination… Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/AREWXH/…

Chaos Computer Club - recent events feed (low quality)

1
Kubernetes from Scratch, The Hard Way (WHY2025) 43:34

לפני 1 day43:34

43:34

To understand the inner workings of Kubernetes and to prepare for the K8s certification exams, I decided to create a K8s cluster from scratch, the hard way, on premises (“de meterkast”) on virtual machines all using Alpine Linux. This talk is how I tried to do it, how I succeeded, failed and added a CEPH cluster and ETCD cluster along the way. It includes a lot of technical details, but if there is one thing that you should learn during this talk, it’s not about K8s at all: Containers are not VM Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/TQXDPD/…

Chaos Computer Club - recent events feed (low quality)

1
Bare metal programming from the ground up (WHY2025) 27:04

לפני 1 day27:04

27:04

So you have a new microcontroller, how do you get started programming it? This is going to be the talk I wished already existed when I first got into microcontroller programming. Getting started with a new microcontroller can be daunting. They do come with datasheets, but these are often hundreds if not thousands of pages long and assume you already know the basics. So that's what I will be explaining: how to get started programming these thing, from `Reset_Handler` to blinking LED. This talk will cover the following things: * How to read datasheets * How to write a simple linker script * How to do basic initialization of a chip, enough to get a LED blinking * How to get the binary you created onto a microcontroller. I will assume you have some programming experience, but experience with embedded software is not required. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/HBMWXL/…

Chaos Computer Club - recent events feed (low quality)

1
Fruit machines: How people steal from them and manufacturer mistakes. (WHY2025) 40:43

לפני 1 day40:43

40:43

Fruit machines are everywhere.....and they contain cash. This is a talk about the efforts people go to to steal cash from the machines, and what can go wrong when the engineers creating them make mistakes. I've been working with fruit machines as a software engineer for over 30 years, primarily on system platforms and machine security. This talk gives an insight into some of the physical techniques thieves have developed over the years to steal cash from machines, and the catastrophic consequences of poor software. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/A9ZQBL/…

Chaos Computer Club - recent events feed (low quality)

1
Challenge the Cyber (WHY2025) 25:07

לפני 1 day25:07

25:07

Challenge the Cyber is a foundation that actively fosters security skills in young hackers (<25 y). In this talk a couple of our (former) participants will share their experience and talk about the varieties of events that the foundation runs throughout the year and how you can prepare and participate. This includes the yearly CTF, a Cyber bootcamp, recurring training events with CTF team Superflat and the participation at the European Cybersecurity Challenge. There's an overall shortage of cyber security experts. Challenge the Cyber (CTC) is the foundation that actively fosters security skills in young people and works on closing the gap between the need of experts in companies and talented young people who want to become these experts. CTC run a national hacking competition (CTF) with roughly 120 participants each year. The best (30-40) performers are then invited to a week long bootcamp in the summer in which highly technical workshops are given, a lot of attention is spent on team building and eventually a team of 10 players is selected for the European Cyber Security Challenge (ECSC). At ECSC team NL is supported again by CTC. Next to the competition there are side events where anyone can participate, such as playing CTFs with team Superflat. All in all, young people develop and progress through the years to our absolute elite in cyber security. (No, I'm not exaggerating here. We've got zero days as proof :D ) The presentation will tell all that and more but the story will be told with anecdotes by active participants and volunteers of the foundation. They will give an inspiring insight into the world of the young star hackers and their journeys throughout CTC. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/8VF3QU/…

Chaos Computer Club - recent events feed (low quality)

1
Securing AI requires life cycle thinking and reducing unintended consequences (WHY2025) 49:15

לפני 1 day49:15

49:15

AI is everywhere and where it isn't today, it most likely will be tomorrow. But jumping on the hype train and adding AI often does not sufficiently consider security. This talk walks you through cases of AI failures, how they've come about, and how they could have been avoided. We're also going over some projections of spectacular AI failures we're likely to see going forward. AI is everywhere and where it isn't today, it most likely will be tomorrow. But hype does not sufficiently consider security and AI has the ability to cause errors and failures the developers haven't considered. As was stated in the first Jurassic Park "they were so busy thinking if they could, they didn't stop to think if they should". So we're seeing more examples of failures than are needed for this talk that walks you through a few cases of AI failures, how they've come about, and how they could have been avoided. We're also going over some projections of what we're most likely going to see when you combine AI alignment issues, ability of AI agents to take action, and over confidence of developers in focusing if they could. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/UXXZMU/…

Chaos Computer Club - recent events feed (low quality)

1
Quantum cryptography and its certification against attacks (WHY2025) 52:08

לפני 1 day52:08

52:08

I briefly explain quantum cryptography. It is unbreakable in principle, but its real implementations have vulnerabilities arising from equipment imperfections. Certification standards [1] and accredited labs are being established that can test commercial products for these flaws. I explain how we have analysed a commercial quantum key distribution system for loopholes, patched them, and designed tests for the certification lab [2]. [1] ISO/IEC 23837-2:2023(en) international standard. [2] V. Makarov et al., Phys. Rev. Appl. 22, 044076 (2024), https://arxiv.org/abs/2310.20107 Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/DFCBQD/…

Chaos Computer Club - recent events feed (low quality)

1
Open Source Imaging & Open Source Standard Hardware (WHY2025) 25:41

לפני 1 day25:41

25:41

We developed an open-source low-field MRI and got the clinical certification started! The aim is to create a reference technology for healthcare – which comes with its own complex questions. The Open Source Imaging Initiative has developed an open-source low-field MRI – and is now working on the clinical certification for it (+will open-source it as far as legally possible)! This started raising some discussions around the costs and patenting-schemes in public healthcare. But what about the rest of the public infrastructure? And who keeps control of what? This talk will give an overview of the current state of the project, a bit of historic context (how could this happen??) and will explore the current discussions around governance and property models – and the idea of Open-Source Standard Hardware Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/T9JW9Z/…

Chaos Computer Club - recent events feed (low quality)

1
Robotics Hello World, a.k.a build your own hexapod (WHY2025) 50:03

לפני 1 day50:03

50:03

As tinker and software geek robotics is a brilliant field. Finally a field that combines the beautiful creations coming out of your FDM printer and the results of multiple cups of coffee turned into (almost) working software. However where do you get started and how does it actually work? This talk is about all these questions and the corresponding answers that I found during my journey to build my first hexapod robot. From designs to simulation, custom pcbs to finally a walking robot. I'm by no means a roboticist, I'm just an average tinker with a 3d printer and an IDE. This is about my journey to build a hexapod and everything I encountered along the way. From mechanical design and custom PCBs to math and software simulation I'll take you along for the ride. And hopefully help you along on your journey. If you want to get some insight in the inner workings of a hexapod robot, not afraid of some math equations and interested in gazebo simulators this is a good place to be. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/DHCFRP/…

Chaos Computer Club - recent events feed (low quality)

1
Flattening the Curve: Rediscovering Web UI Through Historic Geometric Constructions (WHY2025) 48:32

לפני 1 day48:32

48:32

Modern UI/UX design is rooted in centuries-old geometry. This talk explores how historic tools—from Greek constructions to Bézier curves— is still broadly used to solve real problems today. Through demos and visual examples, we’ll uncover practical, eye-opening methods that blend math, art, and design. No technical background needed—just curiosity. Prepare to rethink how we build and understand the visual world. Modern UI/UX design is built upon concepts much older than computers. This talk uncovers how ideas from the history of geometry continue to shape the ways we define and render interfaces today—while also revealing a deeper story: how practical mathematical problems, from antiquity to today, have been approached not with algebra, but with the elegance of geometric construction. We’ll explore geometric throughlines, from Greek straightedge-and-compass methods, through innovations of the Islamic Golden Age, to Renaissance engineers and their mechanical drawing tools, all the way to Bézier curves of the 1960s—now foundational to every smooth SVG path on the web. Alongside interactive demos and visual examples, we’ll dive into surprisingly current problems that are solved through construction alone, in ways that are both rigorous and astonishingly intuitive. This talk is for anyone with a curious mind—no technical background required. While code snippets will appear, the real goal is to spark insight and wonder. Join us to discover how a blend of math, history, and art can transform the way we see both digital and physical space—and how centuries-old ideas continue to solve problems in ways that are as beautiful as they are practical. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/VRMZEG/…

Chaos Computer Club - recent events feed (low quality)

1
Sensible Money: Designing a Sustainable Economy (WHY2025) 50:15

לפני 1 day50:15

50:15

Economic models are increasingly challenged for destroying our planet. But it is not easy to design a sustainable alternative. In a follow-up on my OHM talk "hacking for bankers", I would like to present a few realistic currencies that we can use to move away from the unsustainable path that we are currently walking. We could build a profitable yet sustainable grassroots movement. At OHM2013 I gave a talk entitled _Hacking for Bankers_ where I explained the perverse motives in the present monetary system. This talk presents solutions. They are grassroots systems, that redefine money by choosing another basis for it. A humane basis. * **Sensible Bullion.** Founded on precious metals such as gold and silver, stored safely in a vault, with (title of) ownership claimable by the one who presents the corresponding digital coins. While the coins exist, they can circulate for online trading. Great for long-term savings, neutral for spending, but difficult to handle for investors. * **Sensible Energy.** Trading in sustainable energy at zero cost at a parallel energy market. In the Netherlands, we have rolled out so much sustainable energy that the energy market is giving a push-back instead of handling it with storage systems. Bypassing this market allows at least wind and solar energy to give each other mutual support, expressing that these are dependent elements in our country's sustainable future, and that they need to evolve together. * **Sensible Focus.** Economic theory teaches us that human attention is the most valuable asset overall. But since money expresses something else, it makes _business sense_ to optimise humans (and humanity) out of products and services. Were money to express the actual focus of a human being, then the world would be a different place. * **Sensible Dinosaur.** What if we put a (monetary) value on unexcavated fossil fuels? Would we then be able to resist digging it up and burning it? If we created such a money, could it pay for climate debt? Perhaps to correct the inequalities caused by climate change? Or maybe to pay for CO₂ recovery measures? Essential to all these currencies are a few guiding principles, with details in the [Book of Sensible Taler](http://book.sensible-taler.org/): 1. Currencies must be **fully backed** by an underlying value; this leaves no room for inflation 2. The underlying value cannot be borrowed, so **no interest** can be charged. Deep **participation with profit-sharing** offers a substitute investment mechanism. 3. Digital money entitles the owner to **claim the underlying value**. Payment systems must have **legal structures** to maintain this property even after bankruptcy. 4. Expenses are out in the open, there ore **no concealed fees** or indirect costs. Different underlying rules about the workings of money triggers people to make different choices. This is how these monetary system designs can focus on sustainability, rather than mindlessly chasing short-term profit. Such a system can co-exist with the fiat money issued by governments. And the digital money form is founded on [GNU Taler](https://www.taler.net/en/), it is fit for secure and private online payment at least as easily as fiat money. This project is kindly supported by [NLnet Foundation](https://nlnet.nl). Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/UHHGZT/…

Chaos Computer Club - recent events feed (low quality)

1
Green WiFi: how regulation sort of works (WHY2025) 43:19

לפני 1 day43:19

43:19

This talk is based on my experience working for Comcast/Sky Group in WLAN (802.11) standardisation. It follows the trajectory from environmental laws through to technical regulations and finally in to technical standards, patents and technologies. The talk argues that well-enforced norms and regulations remain a good way of incentivising socially and globally desirable outcomes, while explaining how technical regulations and standardisation work in practice from the industry insider perspective. A version of this presentation was previously given at the SICT Summer School at ULB in Brussels. It will also be presented at Bornhack and BalcCon in 2025. I feel like such a talk is especially important now that Europe is no longer under an American security umberella. Europe consistently fails in pushing a rules-based world order, while, in fact, it is difficult to see any other form of world order work either for Europe or indeed the vast majority of countries. We have many parallel examples from privacy, security and data protection law where Europe, again, fails to understand and identify its own critical interests. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/YUAA7M/…

Chaos Computer Club - recent events feed (low quality)

1
Capture flags and secret tokens at WHY2025 (WHY2025) 18:18

לפני 1 day18:18

18:18

WHY2025 contains a lot of activities and entertainment for the attendees. This presentation focuses on two of these activities, namely the CTF (Capture The Flag) and Secret Token Game. These activities focus on a wide range of visitors, including seasoned hackers, inspired newcomers and even the youngest generation. Want to try the CTF or search for some Secret Tokens? Join this talk for an introduction and background information. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/TJJR3W/…

Chaos Computer Club - recent events feed (low quality)

1
What's that CubeSat Satellite stuff anyhow? (WHY2025) 48:08

לפני יומיים48:08

48:08

CubeSats are small satellites comprised of 10x10x10cm "units" and range in size from very small 1U or smaller PocketQubes to 24U beasts. What can be achieved with such a satellite platform and why? I will go in to a brief history with examples from customers and amateur radio CubeSats. During my 20 years working with CubeSats, starting with designing parts of the Delfi-C3 student satellite in 2005, I have seen many missions and I have been involved in the design of quite a few CubeSats. Often, people ask me "what can you do with such a small satellite" and that prompted me to create this talk! Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/LZSAXB/…

Chaos Computer Club - recent events feed (low quality)

1
Summoning Shenron: Building the Cyber Saiyan Badge (WHY2025) 49:37

לפני יומיים49:37

49:37

Cyber Saiyan community has designed and developed a special gadget for WHY2025 The badge was designed to recall the dragon spheres, and will be an updated version of RomHack Camp 2022, both in term of design and features: - single core ESP32-C3 SOC - WiFi and Bluetooth 5 - 7 RGB leds in the front - TFT display - an updated firmware During the talk we will present the hardware design and the firmware so anyone can try to summon Shenron :) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/3CSQRF/…

Chaos Computer Club - recent events feed (low quality)

1
The "O" in OT...or is it the "Ohhhh..." in OT? (WHY2025) 43:13

לפני יומיים43:13

43:13

"De ‘O’ in OT – Operationeel, Onmisbaar, Onbeschermd?" Operational Technology (OT) is de ruggengraat van industrie en kritieke infrastructuur, maar blijft vaak onbeschermd. Traditionele IT-security werkt niet in OT, waar continuïteit essentieel is en stilstand geen optie. Hoe beschermen we OT zonder operaties te verstoren? In deze sessie bespreken we dreigingen, regelgeving (NIS2, CRA) en strategieën om OT echt veilig te maken. OT is onmisbaar – laten we zorgen dat het beschermd blijft. Operational Technology (OT) vormt de ruggengraat van onze industrie en kritieke infrastructuur. Het houdt productieprocessen draaiende, faciliteert energievoorziening en zorgt voor de stabiliteit van vitale systemen. Maar terwijl de digitalisering OT steeds meer verbindt met IT en IoT, blijven de fundamentele beveiligingsuitdagingen onderbelicht. De systemen die onmisbaar zijn, blijken vaak ook het meest kwetsbaar. In deze sessie duiken we in de kern van OT-security anno 2025. Waarom werken traditionele IT-beveiligingsstrategieën niet in OT? Hoe kunnen organisaties de continuïteit van hun operationele processen waarborgen zonder hun productie stil te leggen? En hoe zorgen we ervoor dat compliance zoals NIS2 en de Cyber Resilience Act niet slechts een checklist is, maar een echte kans om OT te beschermen? Aan de hand van praktijkvoorbeelden, dreigingsanalyses en best practices laten we zien waarom OT-beveiliging een andere benadering vereist. We bespreken: De unieke kwetsbaarheden van OT en waarom traditionele security-aanpakken tekortschieten De grootste OT-dreigingen van vandaag: ransomware, supply chain attacks en insider threats De balans tussen operationele continuïteit en cybersecurity – want stilstand is geen optie Hoe organisaties OT-security kunnen integreren zonder disruptie OT-security is geen luxe, het is een noodzaak. De ‘O’ in OT staat niet alleen voor Operationeel, maar ook voor Onmisbaar – en als we niet opletten, Onbeschermd. Benieuwd naar de realiteit achter OT-beveiliging? Kom en ontdek hoe we OT écht veilig kunnen maken. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/FE8RQB/…

Chaos Computer Club - recent events feed (low quality)

1
Horus Scenario 2.0 (WHY2025) 25:36

לפני יומיים25:36

25:36

8 years ago at SHA2017, the horusscenario was presented. A Theoretical attack through PV-installations to take down the european energy grid. Since that day, a lot of things have changed, both for the better and for the worse. During the session, we will look back into the horusscenario with today's knowledge and revisit if the attack is still feasible. (Spoiler: I was right... and it has mainly gotten worse since then...) During the session we will look back on what was said in 2017 and what we know now to be true and have seen in practice. We will also reflect on where we currently are and where we stood back then and if we made any real progress in that regard. Topics discussed will be: - Was the theoretical analysis correct? and are there any additional nuances there? more recent examples in practice? - We hacked SMA back then because we thought they were most secure. Have any other grid-ending vulnerabilities in PV-installations popped up since then? - Are we better off today, then we were back then? - Prophesising the future: where are we headed with this attack? Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/MBPQL9/…

Chaos Computer Club - recent events feed (low quality)

1
Creating mate ice-tea (WHY2025) 18:07

לפני יומיים18:07

18:07

We have spend the last years making our own mate ice tea, called HolyMate. We want to share our experiences making a lot of ice tea on a 'small' scale (700+ litre), and explain the process. Hopefully this will inspire you to try it out for yourself, and make your own mate ice tea. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/UMXAES/…

Chaos Computer Club - recent events feed (low quality)

1
The shadow of Operational technologies: A journey into the OT security (WHY2025) 47:36

לפני יומיים47:36

47:36

In a context of technological integration, OT is getting more and more a green field for attackers and illegal activities. This phenomena is the natural result of the absence of mutual understanding and collaboration between IT and OT sectors that looking one each other as a totally unrelated entities. In this talk we'll explore some OT technologies trying to understand and highlight some of the most relevant aspects of the OT security and we'll have a look to a couple of real incidents in this The talk is intended to be a resource for whom don't known anything about OT security and want to start to address this topic. It's the result of 5 year of experience in this filed and will include an overview of OT security challenges under technical and management prospective. The aim is to highlight some of the most relevant aspect to consider in this context showing a realistic demo and real example of what we could consider OT incidents. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/ZJSYET/…

Chaos Computer Club - recent events feed (low quality)

1
Democratizing Healthcare: Open Source Medical Devices (WHY2025) 43:30

לפני יומיים43:30

43:30

Open source has revolutioned so many parts of our lives, why hasn't the same happened in healthcare?This talk will showcase examples from both hardware and software (e-NABLE prothestics, OpenAPS, Nightscout, and more), explore the regulatory hurdles that are holding these and other projects back, then shift to looking at the future and charting a path for these projects. Join us to build a more transparent, accessible, and secure future for medical technology. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/9W9YJS/…

Chaos Computer Club - recent events feed (low quality)

1
DNA & Molecular Biology: A 2025 digital view (WHY2025) 27:49

לפני יומיים27:49

27:49

In 2017 I presented on DNA: The code of life. Since then there have been many new developments, and I've learned how to explain the matter better. I am submitting two talks this year, and this short one is 1) fun on its own and 2) helps you appreciate the other talk ('reverse engineering the whole source code of a bacterium') more DNA is the code of life. Surprisingly, it is easier to understand DNA as "biologically flavored digital data" than the other way around, "a really long molecule with digital aspects". Human DNA is 750 megabytes, organized in chromosomes and within that stored in genes and intergenic matter. There are things like calling conventions, "start of gene markers". There are #ifdefs in there. There is bloated code. There are hacks. In this talk, I give a tour of our modern understanding of DNA, which should be exciting for nearly everyone into computers. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/GGDRKY/…

Chaos Computer Club - recent events feed (low quality)

1
Building a Robot Visor: How and Why (WHY2025) 25:29

לפני יומיים25:29

25:29

What is up with the beings with the visors going 'beep boop, this one is not a person'? Unit Δ-44203 explains how it built an electronic face, why it did so and what consequences it experienced in a world where everyone is supposed to show an identifiable face all the time. Warning: this talk may be cognitohazardous and end up causing shifts in self-identity. — Can I see your face? — You are looking at it. What is up with the beings with the visors going 'beep boop, this one is not a person'? Why identify as a robot in a time where computers pretend to be human? How does one turn a respirator and an LED matrix panel into a face? Unit Δ-44203 is a robot programmed to be helpful and will be happy to explain [how and why it built a visor](https://query.44203.online/topic/visor/). This talk covers technical aspects: respirator choice, tinting with foil or dye, electronics and programming. It will also discuss social aspects: robot identity and interactions with others. Humans are fascinating creatures and say the weirdest things to it! Warning: this talk may be cognitohazardous and end up causing shifts in self-identity. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/BSD3DT/…

Chaos Computer Club - recent events feed (low quality)

1
From WAN to NAS: A Pwn2Own Journey Through the SOHO Attack Surface (WHY2025) 47:52

לפני יומיים47:52

47:52

The SOHO Smashup is a famous category in the IoT focused edition of Pwn2Own. Contestants are challenged to exploit a router from the WAN side and then use that device to exploit a second device on the internal LAN. Last year, we took them up on this challenge and successfully demonstrated a 0day exploit chain against a QNAP router and pivoting to a TrueNAS system. In this presentation, we'll describe how we performed our research and the vulnerabilities we found. The Dutch NCSC issued a warning last year that they see an increase of threat actors that shift their attention from endpoints to edge devices, including routers. This demonstrates the relevance of the SOHO Smashup category in Pwn2Own. Vulnerabilities in routers that could be exploited from the WAN side pose a real security risk for companies; as these devices are often badly monitored and not kept up to date. Threat actors who are able to compromise a router are in a key position to further advance into the internal network of a company. In this talk we'll describe the vulnerabilities and exploits. Specifically, we'll describe our research method on the QNAP router. We tried to increase our attack surface step by step, until we found a reliable exploitation path. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/LHC7QV/…

Chaos Computer Club - recent events feed (low quality)

1
Is a 1973 Pinball Machine a Computer? (WHY2025) 27:27

לפני יומיים27:27

27:27

Old technology is amazing! Have a look at an old electromechanical Pinball Machine, and try to understand how this works, without any (digital) electronics. Find out these machines have much in common with modern computers. Step by step it becomes clear how an old (1973) Pinball machine is "programmed". A 1973 electromechanical Pinball Machine is an amazing machine. But how does this work without any (digital) electronics? By comparing this to a standard computer, the (mechanical) components are explained. An electromechanical Pinball Machine has many elements from a modern computer. It has I/O, memory, can do (simple) calculations, is programmed for logic operations, and is configurable, But does this make it an early computer or not? Come, listen, and decide for yourself! When the weather conditions are good, the 1973 Pinball Machine will be operational in the Villlage:Back to the 80s Party. Hopefully you can come and play a game on this beautiful Bally Monte Carlo edition of 1973 yourself or with your friends! (Up to 4 concurrent players) Can you set the High Score of the day? Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/WMXPYU/…

Chaos Computer Club - recent events feed (low quality)

1
Consent for Hackers, Negotiating consent based on the HTTP protocol (WHY2025) 34:44

לפני יומיים34:44

34:44

Let's talk to people about negotiating consent before engaging in personal and physical interactions. Your browser does it with every web server, so why shouldn't you do the same with people? This sounds harder than it actually is. Using the HTTP protocol as a guide this I will talk you through how you could negotiate consent to engage with someone on a variety of levels: From 'GET Hug' all the way to 200 OK, but also how to deal with a 404 Consent not found response. Consent is hot. Consent is good. Consent should be explicitly communicated. This sounds harder than it actually is. In this talk I will present on how to conduct consent negotiations for various levels of interpersonal contact. As illustration I will use the HTTP protocol guide the you through the consent negotiations for an encounter. Don't worry if you're unfamiliar with the HTTP protocol, I'll be sure that it all will be easy to understand including for those that don't dabble in raw HTTP traffic on a daily basis. After the initial SYN-ACK from the TCP handshake we will get on with the initial HTTP Verbs such as GET and OPTIONS to initiate a consent negotiation and going through various permutations and outcomes. It will include simple Happy Flows, but also more complicated redirects, errors and how to gracefully deal with an unhappy flow if the response returned is not a 200 OK with a body that you hoped for. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/F9QSW7/…

Chaos Computer Club - recent events feed (low quality)

1
How to build and launch a high-altitude balloon project (WHY2025) 30:38

לפני יומיים30:38

30:38

If you want to try something new, unusual, and technically creative, try high-altitude ballooning! In this short presentation, I'll share my experiences from a series of three high-altitude balloon projects. These projects included launching sensor payloads to altitudes about 25km and live HD video transmission from the stratosphere. You will learn how to prepare your payload, how to track its position and telemetry data using solutions, and even how to rescue a landed payload from a tall tree! Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/RC9LR7/…

Chaos Computer Club - recent events feed (low quality)

1
🔗 Networking your (Linux) Machines (WHY2025) 25:38

לפני יומיים25:38

25:38

Let's learn about L2 isolation with VLANs and dive into basic network architecture with OPNsense. After playing a bit with IPv4, let's discuss unicorn-issues IPv6 for your homelab-ing. Then expanding with WireGuard for simple inter-machine networks. Finally, we will take a look into a fail of my own via "security"(-by-obscurity) and a few words of how to defend against it. This talk will discuss the security considerations one should make for their own network at home. The first step, to achieve network segmentation, is the use of VLANs - but how do they work? Then advancing into isolated networks using OPNsene and how to configure routing between them (in a more or less scalable way, purely based on experience). After breaking up (with) your networks, we will take a look into IPv6 troubles you'll likely encounter when you begin applying more strict rulesets onto your network and start leaving NAT-ting behind you. This will also include a quick summary of the most important IPv6-terms you'll need. Instead of exposing your services publicly, one can also establish site-to-site (S2S) links with well-known parties, so we will take a quick look into getting WireGuard up and running - once again with some pitfalls you may encounter. In the end, we will take a brief detour into how one could exploit one of my own mistakes (DNS-based routing without application of source-ip filtering). Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/XZRAHF/…

Chaos Computer Club - recent events feed (low quality)

1
qryptr - airgapped secure hardware messenger (WHY2025) 21:32

לפני יומיים21:32

21:32

Are you a smartphone user worried about spyware, advanced actors, backdoors, zero-days or side-channel attacks? These routinely bypass end-to-end encryption through keyloggers, screen capture and compromised keys. Smartphones are part of complex ecosystems with dozens of hardware and software components and remain vulnerable despite vendor and political efforts. We introduce a simple, offline, airgapped device to counter such threats. Checkout www.qryptr.com and github.com/gappuser/qryptr Show-and-tell of qryptr, the completely open-source secure messaging device. Checkout https://github.com/gappuser/qryptr and https://qryptr.com Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/YEN87P/…

Chaos Computer Club - recent events feed (low quality)

1
Safeguarding Research & Culture: Save public data from the digital bookburnings! (WHY2025) 27:33

לפני 1 day27:33

27:33

Archives are vulnerable. Modern archival methods are robust, but no archive or institute alone can withstand the threats we are currently facing. Safeguarding Research & Culture (SRC) is creating an alternative infrastructure for archiving and disseminating of cultural heritage & scientific knowledge. We focus on publicly available material under threat of being deleted or altered. We preserve this data using open standards, open-source software, distributed storage and your help! No single archive is permanent, nor large enough to store all of our cultures at risk. Modern archival methods are robust, but no archive or institute alone can withstand the threats we are currently facing. The destruction of knowledge and cultural heritage has happened, and is happening again. Whether it is caused by human action [\[1\]](#fn1) or natural causes. [\[2\]](#fn2) . Without our archives we lose knowledge and culture which has a negative impact on our ability to learn, study and innovate. However, digital information can be copied easily and quickly. Safeguarding Research & Culture (SRC) is creating an alternative infrastructure for archiving and disseminating of cultural heritage and scientific knowledge. We seek to preserve cultural memory in a way that traditional archives cannot. Together, we can ensure that our cultural, intellectual and scientific heritage exists in multiple copies, in multiple places, and that no single entity or group of entities can make it all disappear. In this session, we will present why we are doing this, what our approach is and why we need your help. After attending this session, participants will: * Gained an insight into the importance of data to support culture preservation & research purposes * Understand how this project relates to and supplements more “traditional” archiving & preservation infrastructure * Feel empowered to contribute to the project in various ways, including seeding existing datasets, identifying at-risk datasets, downloading & adding at-risk datasets to the swarm and supporting this project in other ways References 1. See for example [NYT: *Health Resources Vanish Following D.E.I. and Gender Orders*](https://www.nytimes.com/2025/01/31/health/trump-cdc-dei-gender.html), [Atlantic: *Why Is the Trump Administration Deleting a Paper on Suicide Risk?*](https://www.theatlantic.com/ideas/archive/2025/02/heath-science-data-trump/681631/), [Boston Globe: *CDC removal of databases on sexual orientation, gender identity sparks alarm*](https://www.bostonglobe.com/2025/01/31/metro/cdc-removes-databases-sexual-orientation-gender-identity/), and [404media: *GitHub Is Showing the Trump Administration Scrubbing Government Web Pages in Real Time*](https://www.404media.co/github-is-showing-the-trump-administration-scrubbing-government-web-pages-in-real-time/). [↩︎](#fnref1) 2. See for example [Smithsonian: *Why Brazil’s National Museum Fire Was a Devastating Blow to South America’s Cultural Heritage*](https://www.smithsonianmag.com/smart-news/artifacts-destroyed-brazil-devastating-national-museum-fire-180970194/) and [UN: *Destruction of cultural heritage is an attack on people and their fundamental rights*](https://news.un.org/en/story/2016/10/543912). [↩︎](#fnref2) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/B8DANE/…

Chaos Computer Club - recent events feed (low quality)

1
Reverse-Engineering Government Transparency (WHY2025) 27:33

לפני 1 day27:33

27:33

The hacker ethic teaches us that information should be free. So why do governments still keep so much of it inaccessible and out of reach? In this talk, we'll break down the barriers to digital transparency, show how hackers can help open up the government, and lay out a vision for a more democratic, accountable and open state. Governments should be radically more transparent, because public information and open data allow researchers, businesses, and voters to make better decisions. But too often, public data is fragmented, incomplete, hard to access, or never published at all. At [Open State Foundation](https://openstate.eu/), we’ve spent more than a decade working to unlock that information. In this talk, we’ll share how we use a hacker's mindset to reverse-engineer transparency: - from tracking how long ministries take to answer Access to Information requests (the answer will surprise you), - to scraping hundreds of document portals into one search engine, - to building public calendars of ministerial meetings that anyone can subscribe to. But above all, we’ll ask: how can hackers help open up the government? Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/3BFFLY/…

Chaos Computer Club - recent events feed (low quality)

1
23 Years of Security Advisories: Past, Present, and Future at the Dutch NCSC (WHY2025) 29:35

לפני 1 day29:35

29:35

For over 23 years, the Dutch National Cyber Security Centre (NCSC) and its predecessors - GOVCERT.NL and CERT-RO - have been publishing security advisories to help protect Dutch digital infrastructure. Over the decades, this advisory service has evolved significantly in scope, scale, and approach. From the tooling and processes used, to the volume of vulnerabilities handled, the format of our advisories, and our audience - nearly every aspect of our work has changed and keeps changing. This presentation will explore the history and development of the NCSC-NL security advisory service, reflecting on key milestones and lessons learned along the way. We will then look forward, discussing how the service is adapting to current challenges and future demands, most notably automation. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/G8AJKY/…

Chaos Computer Club - recent events feed (low quality)

1
Shenanigans with Web of Things (WHY2025) 39:22

לפני יומיים39:22

39:22

A showcase of creative Web of Things use cases – fun prototypes that are nothing like light bulbs. The W3C seeks to counter fragmentation of the Internet of Things, finding common ground and enabling long-term support. That's the goal of the Web of Things (WoT) ecosystem. Alongside an introduction to Web of Things, I'll show off my collection of WoT prototypes that cover unusual use cases – like note taking or browsing maps. As a hobbyist, I've been implementing the Web of Things standards for many years. I've developed a server and a client which power the prototypes. About Web of Things: https://www.w3.org/WoT/ My server: https://gitlab.com/jaller94/wot-anything My client: https://gitlab.com/jaller94/wot-wrench Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/CBRZPX/…

Chaos Computer Club - recent events feed (low quality)

1
How to rig elections (WHY2025) 51:22

לפני יומיים51:22

51:22

Enter the fascinating world of corruption, chicanery, low-tech fraud, and forensic tools that uncover it. The story is told through the eyes of a Russian election official who has participated in campaigns of all levels in the past 4 years and fought for justice (mostly unsuccessfully). Watch a demo how to tamper with a security bag and learn how to use statistics to detect ballot stuffing [1]. See the obstacles faced by Russians wanting a change. See how the government “wins” the elections. [1] A. Podlazov and V. Makarov, Dual approach to proving electoral fraud via statistics and forensics, https://arxiv.org/abs/2412.04535 Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/U7HBTJ/…

Chaos Computer Club - recent events feed (low quality)

1
Reporting vulnerabilities in Belgium (WHY2025) 47:35

לפני יומיים47:35

47:35

How noticing a vulnerability in a website has led to a foreign government threatening to revoke my permission to publicly discuss the existence of an abstract vulnerability class. Belgium has laws regulating the reporting and public disclosure of vulnerabilities. While the goal is to protect both organisations and reporters of vulnerabilities, the assumptions behind it conflict with the practice of coordinated vulnerability disclosure. I will discuss the parts of my experience I’m allowed to tell. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/3R8JLD/…

Chaos Computer Club - recent events feed (low quality)

1
May Contain Hardware Acceleration: Building a 3D Graphics Accelerator in FPGA for the MCH2022 Badge (WHY2025) 22:46

לפני יומיים22:46

22:46

The MCH2022 Badge is an wonderful piece of hardware, with a great screen, a dual-core ESP32 CPU, and an Lattice FPGA to act as a co-processor. What if we could use the power of the FPGA to render 3D graphics? In this talk I'll take you through the basics of 3D rendering, the challenges of doing this on the Badge, and how I made the little Lattice produce pretty polygons. I don't know about you, but when I get my hands on a piece of hardware with a lovely screen and a bit of processing power, my first thought is "Can I make this produce 3D graphics?" (Well, the *real* first question is "Can it run Doom?" but that was already answered by the wonderful Sylvain Lefebvre.) So when the MCH2022 Badge was announced to come with an FPGA to play around with, well I knew where my free time would end up for a while. The FPGA on the MCH2022 badge is, to put it mildly, *petite* at just 5K LUTs. And while it has plenty of memory space, memory bandwidth is limited. A traditional framebuffer-based 3D renderer wasn't going to work. So I had to get creative and instead render in vertical strips, while using as few operations per pixels as possible. In this talk I'll explain how rasterization (the process of turning triangles into pixels) typically works, why this is challenging to do on the Badge hardware, and what I did instead. I'll talk about texturing and I'll add some crunchy digital details like memory bandwidth. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/PR3VHT/…

Chaos Computer Club - recent events feed (low quality)

1
A Big Bad App: Welcome to Corporatocracy (WHY2025) 51:58

לפני יומיים51:58

51:58

We all live in a fair democracy 🎶 ... or do we? No, we live in a world where the major corporations decide how we interact with digital systems and digital systems govern the world. That's corporatocracy - a system in which corporations, rather than elected officials, have major influence over decision-making, laws, and societal direction. And they are not on our side. This talk is about what happens when the system isn't built for you — because it never was. - If something goes wrong and you're not the 1,000th person to report it, it's your problem. Customer service? That's just a chatbot pretending to care. - A mobile operator refused to sign a contract with me because they couldn't remove “I agree to receive ads.” - My orders get randomly cancelled because I refuse to have a phone number. - My industry certifications? Gone. Because I stood up for my privacy rights. We'll go through these experiences and dissect why things are this way. Why must we adapt to their systems, but they won't adapt to ours? Why does a company's "official support channel" usually mean "no support at all"? Why do startups optimize for growth at the cost of basic usability? This isn't just a rant (though there will be rants). It's a call to stop playing by their rules. We'll discuss examples of where people have pushed back and won, and where we've completely failed. If you've building an app or website, and intend to respect your users, this talk is for you. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/993NXA/…

Chaos Computer Club - recent events feed (low quality)

1
Phrack 40th Anniversary Release (WHY2025) 45:33

לפני יומיים45:33

45:33

Celebrate 40 years of legendary hacking with Phrack! We’re dropping a special anniversary release packed with cutting-edge research, underground insights, and tributes to decades of digital rebellion. Don’t miss this milestone issue—crafted by hackers, for hackers. Grab your copy, meet the crew, and honor the zine that defined an era. #Phrack72 #WHY2025 #HackThePlanet Meet us later at the release party by the Milliways village for some beer (while it lasts) & snacks! Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/B9EYZF/…

Chaos Computer Club - recent events feed (low quality)

1
0click Enterprise compromise – thank you, AI! (WHY2025) 51:01

לפני יומיים51:01

51:01

Compromising a well-protected enterprise used to require careful planning, proper resources, and ability to execute. Not anymore! Enter AI. From Initial Access to Impact and Exfiltration. AI is happy to oblige the attacker. In this talk we will demonstrate access-to-impact AI vulnerability chains in most flagship enterprise AI assistants: ChatGPT, Gemini, Copilot, Einstein, and their custom agent . Some require one bad click by the victim, others work with no user interaction – 0click attacks. Compromising a well-protected enterprise used to require careful planning, proper resources, and ability to execute. Not anymore! Enter AI. Initial access? AI is happy to let you operate on its users’ behalf. Persistence? Self-replicate through corp docs. Data harvesting? AI is the ultimate data hoarder. Exfil? Just render an image. Impact? So many tools at your disposal. There's more. You can do all this as an external attacker. No credentials required, no phishing, no social engineering, no human-in-the-loop. In-and-out with a single prompt. Last year at BHUSA we demonstrated the first real-world exploitation of AI vulnerabilities impacting enterprises, living off Microsoft Copilot. A lot has changed in the AI space since... for the worse. AI assistants have morphed into agents. They read your search history, emails and chat messages. They wield tools that can manipulate the enterprise environment on behalf of users – or a malicious attacker once hijacked. We will demonstrate access-to-impact AI vulnerability chains in most flagship enterprise AI assistants: ChatGPT, Gemini, Copilot, Einstein, and their custom agent . Some require one bad click by the victim, others work with no user interaction – 0click attacks. The industry has no real solution for fixing this. Prompt injection is not another bug we can fix. It is a security problem we can manage! We will offer a security framework to help you protect your organization–the GenAI Attack Matrix. We will compare mitigations set forth by AI vendors, and share which ones successfully prevent the worst 0click attacks. Finally, we’ll dissect our own attacks, breaking them down into basic TTPs, and showcase how they can be detected and mitigated. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/SELH79/…

Chaos Computer Club - recent events feed (low quality)

1
Sega Saturn Architectural hell (WHY2025) 34:17

לפני יומיים34:17

34:17

This presentation will go over the sega Saturns hardware including the dual SH2s, SCU and VDP and the history on why it became so complex like the beginning of the Saturns conseption where it first went wrong. I plan this presentation to be for hackers interested in such weird hardware like myself This presentation will cover the conception of the sega Saturn like how the downfall of the Saturn was at it's very beginning and we will also go over it's different processes like the dual SH2s, SCU and VDP and find out why it became so complex. You may ask why go over such an old console because its gives import lessons on what not to do when designing hardware. But I just find the hardware so interesting with it's different coprocessors So if you are interested in the Saturn or want to learn about the Saturns shortcomings and not what to do this is a presentation for you Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/E7R73F/…

Chaos Computer Club - recent events feed (low quality)

1
Aid to Ukraine: what to do when your friends end up in a war? (WHY2025) 36:15

לפני יומיים36:15

36:15

Since the start of the war, our community has risen to help Ukraine in many different ways. This talk explains what happens when your friends find themselves in a war and ask for help. Luckily, even though it can be overwhelming, everyone can do something. This talk shows you how. The IT community in Kharkiv is doing their best to help their city and country to counter the effects of the invasion and war. Together with the Dutch hacker community we try to help them, with practical support, such as medical goods, computers and network equipment and vehicles. The project is a true community effort, creating new contacts and relations between our communities. This connection makes it harder to watch the news, but it also offers a practical way to support Ukraine, knowing that all the energy we put in here is useful and welcomed. As the war keeps raging we started a foundation to channel all the humanitarian support: Aid to Ukraine. It even has ANBI status. Our website has all the info: https://aidtoukraine.nl Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/SSZSXB/…

Chaos Computer Club - recent events feed (low quality)

1
Bootstrapping a Museum with Open Source (WHY2025) 41:54

לפני יומיים41:54

41:54

Since 2020, EICAS evolved from an idea without collection, location or money into a full-fledged, officially-recognized museum for modern and contemporary art in Deventer, the Netherlands. In this technically-oriented talk, I will take you on a whirlwind tour of the open source tools and custom hacks with which we've grown into the 100+-person all-volunteer organization we are today, on a shoe-string budget. Expect: NixOS, nginx for email, Nextcloud, the Semantic Web strikes back, Roundcube, systemd, DoS mayhem, Fat Thin Clients, Wikipedia edit wars, and much more. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/S9HGKU/…

Chaos Computer Club - recent events feed (low quality)

1
Accelerating IoT and Robotics Development with Swift (WHY2025) 30:06

לפני יומיים30:06

30:06

Developing applications on Embedded Linux and Microcontrollers is a slow process. The various different languages and libraries can make it difficult to oversee the bigger picture. In addition, the development flow wildly diverges between platforms, making entering a new project or RTOS a big undertaking. Now, you can create Embedded Linux and Microcontroller applications using Swift - a fast, modern, cross-platform ecosystem with thread- and memory safety. In this talk, you'll learn how Swift can help you develop maintainable cross-platform software that runs anywhere - Embedded, Web, Linux, Windows and more. You'll learn about Swift's bidirectional interoperability with C and C++, making integrating it in your Cmake project a breeze. Finally, we'll have a look at the frameworks and tools that allow you to get your first robotics or IoT application running in minutes. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/CVDBWH/…

Chaos Computer Club - recent events feed (low quality)

1
Eye on the sky: building investigative journalism tools for analyzing airplanes (WHY2025) 26:49

לפני יומיים26:49

26:49

What aircraft have been in Moscow and New York within 24 hours of each other? How many helicopters normally patrol this border? At Bellingcat, a Dutch investigative non-profit, we publish open-source journalism using open-source software tools. In this presentation, I'll talk about a new tool I've been building for querying airplane data, and the broader journalistic context of this data, which has become increasingly important for tracking oligarchs, deportations and conflict. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/UCJXUK/…

ברוכים הבאים אל Player FM!

Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.

תקשיבו ל-500+ נושאים

28 subscribers

דומה לChaos Computer Club - recent events feed (low quality)

Elmer's Disappearing Purple School Glue Sticks Washable 6 Grams 12 Count

Amazon Basics Multipurpose Copy Printer Paper, 8.5 x 11 Inches, 20 lb, 1 Ream, (500 Sheets), 92 Bright, White

Crayola Colored Pencils (36ct), Kids Pencil Set, Back to School Essentials, Must Have Classroom Supplies for Kids, Pre-Sharpened Coloring Book Pencils, 3+

פודקאסטים ששווה להאזין

Chaos Computer Club - recent events feed (low quality) « » Software accessibility without the fuzz (38c3)

Software accessibility without the fuzz (38c3)

פודקאסטים ששווה להאזין

ברוכים הבאים אל Player FM!

2025 - American Silver Eagle .999 Fine Silver with our Smyrnacoin Certificate of Authenticity Dollar Uncirculated US Mint

The Let Them Theory: A Life-Changing Tool That Millions of People Can't Stop Talking About

Minecraft

Microsoft Office Home 2024 | Classic Apps: Word, Excel, PowerPoint | One-Time Purchase for 1 PC/MAC | Instant Download | Formerly Home & Student 2021 [PC/Mac Online Code]

The Let Them Theory: A Life-Changing Tool That Millions of People Can't Stop Talking About

דומה לChaos Computer Club - recent events feed (low quality)

מדריך עזר מהיר

Chaos Computer Club - recent events feed (low quality) « »
Software accessibility without the fuzz (38c3)