-
Notifications
You must be signed in to change notification settings - Fork 4
/
fahrplan.xml
2964 lines (2595 loc) · 237 KB
/
fahrplan.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<?xml version="1.0" encoding="UTF-8"?>
<schedule>
<conference>
<title>28th Chaos Communication Congress</title>
<subtitle>Behind Enemy Lines</subtitle>
<venue>bcc</venue>
<city>Berlin</city>
<start>2011-12-27</start>
<end>2011-12-30</end>
<days>4</days>
<release>Version 0.21a</release>
<day_change>04:00</day_change>
<timeslot_duration>00:15</timeslot_duration>
</conference>
<day date="2011-12-27" index="1">
<room name="Saal 1">
<event id="4721">
<start>00:15</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>pentanews_game_show_2k11</slug>
<title>Pentanews Game Show 2k11/3</title>
<subtitle>42 new questions, new jokers, same concept, more fun than last year!</subtitle>
<track>Show</track>
<type>contest</type>
<language>en</language>
<abstract>The Penta News Game Show rehashes a collection of absurd, day-to-day
news items of 2011 to entertain the audience, let the Net participate,
and make it's winners heroes.</abstract>
<description>Die coole Pentanews gameshow hat das Publikum schon auf zahlreichen (4) Chaos-Events zum lachen und mitdenken gebracht. In heiterer Runde geht es darum, details absurder News, die eh jeder schon bei fefe & co gelesen hat, zu ergänzen. Das is' aber dann doch immer gar nicht so einfach und deswegen stehen den Mitspielern hierfür mächtige Joker (wie z.B. aktuelles Meinungsbild aus dem IRC) zur Seite.</description>
<persons>
<person id="5">Alien8</person>
<person id="3307">_john</person>
<person id="879">klobs</person>
</persons>
<links>
</links>
</event>
<event id="4897">
<start>11:30</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>keynote</slug>
<title>Keynote</title>
<subtitle></subtitle>
<track>Society and Politics</track>
<type>lecture</type>
<language>en</language>
<abstract></abstract>
<description></description>
<persons>
<person id="3605">Evgeny Morozov</person>
</persons>
<links>
</links>
</event>
<event id="4876">
<start>12:45</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>die_spinnen_die_sachsen</slug>
<title>Die spinnen, die Sachsen</title>
<subtitle>On- und Offline-Überwachung: Weil sie es können</subtitle>
<track>Society and Politics</track>
<type>lecture</type>
<language>de</language>
<abstract>Die Meldungen aus Sachsen in diesem Jahr wirkten für alle, die nicht dort wohnen, ein bisschen, als kämen sie von einem sehr weit entfernten Stern. In regelmäßigen Abständen werden Dinge bekannt, die jeweils einzeln früher zum Rücktritt von Ministern geführt hätten. Funkzellenabfrage, §129-Verfahren, die Durchsuchung eines Pfarrers, Aberkennung der Immunität eines Fraktionsvorsitzenden wegen Rädelführerschaft: umfassende Kriminalisierung von Protesten gegen Nazis, und zwar weit bis in die "Mitte der Gesellschaft". Offline-Überwachung und -Drangsalierung sind in Sachsen Alltag. Der Talk gibt einen Überblick über den Stand der Dinge und warnt davor, sich (außerhalb Sachsens) gemütlich schaudernd zurückzulehnen. Denn: Wenn Sachsen damit durchkommt, setzt das Maßstäbe für andere Bundesländer.</abstract>
<description>Die Meldungen aus Sachsen in diesem Jahr wirkten für alle, die nicht dort wohnen, ein bisschen, als kämen sie von einem weit entfernten Stern. In regelmäßigen Abständen werden Dinge bekannt, die jeweils einzeln früher zum Rücktritt von Ministern geführt hätten. Die Funkzellenabfrage ("Handygate"), ein oder mehrere §129-Verfahren, die Durchsuchung eines Pfarrers, Aberkennung der Immunität eines Fraktionsvorsitzenden wegen Rädelführerschaft: umfassende Kriminalisierung von Protesten gegen Nazis, und zwar weit bis in die "Mitte der Gesellschaft". Inzwischen gibt es Klagen von Betroffenen gegen die Auswertung ihrer Handy-Daten, u.a. von JournalistInnen, RechtsanwältInnen, Abgeordneten.
Auf der Bundesebene wurden einzelne drastische Grundrechtseingriffe vom Verfassungsgericht korrigiert mit dem Ergebnis, dass bei vielen das beruhigende Gefühl blieb, dass irgendwie doch alles mit rechten Dingen zugeht. Ob die sächsischen Gerichte denselben Weg gehen, wird sich zeigen. Ganz offensichtlich ist jedenfalls, dass die sächsischen Behörden sich von Kritik nicht beeindrucken lassen.
Der Talk gibt einen Überblick über den Stand der Dinge und warnt davor, sich (außerhalb Sachsens) gemütlich schaudernd zurückzulehnen. Denn: Wenn Sachsen damit durchkommt, setzt das auch Maßstäbe für andere Bundesländer.</description>
<persons>
<person id="2218">Anne Roth</person>
</persons>
<links>
</links>
</event>
<event id="4732">
<start>14:00</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>datamining_for_hackers</slug>
<title>Datamining for Hackers</title>
<subtitle></subtitle>
<track>Hacking</track>
<type>lecture</type>
<language></language>
<abstract>shows you how to datamine huge piles of data and how to get some clue out of it.</abstract>
<description></description>
<persons>
<person id="3625">Stefan Burschka</person>
</persons>
<links>
</links>
</event>
<event id="4848">
<start>17:15</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>the_coming_war_on_general_computation</slug>
<title>The coming war on general computation</title>
<subtitle>The copyright war was just the beginning</subtitle>
<track>Society and Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>The last 20 years of Internet policy have been dominated by the copyright war, but the war turns out only to have been a skirmish. The coming century will be dominated by war against the general purpose computer, and the stakes are the freedom, fortune and privacy of the entire human race.</abstract>
<description>The problem is twofold: first, there is no known general-purpose computer that can execute all the programs we can think of except the naughty ones; second, general-purpose computers have replaced every other device in our world. There are no airplanes, only computers that fly. There are no cars, only computers we sit in. There are no hearing aids, only computers we put in our ears. There are no 3D printers, only computers that drive peripherals. There are no radios, only computers with fast ADCs and DACs and phased-array antennas. Consequently anything you do to "secure" anything with a computer in it ends up undermining the capabilities and security of every other corner of modern human society.
And general purpose computers *can* cause harm -- whether it's printing out AR15 components, causing mid-air collisions, or snarling traffic. So the number of parties with legitimate grievances against computers are going to continue to multiply, as will the cries to regulate PCs.
The primary regulatory impulse is to use combinations of code-signing and other "trust" mechanisms to create computers that run programs that users can't inspect or terminate, that run without users' consent or knowledge, and that run even when users don't want them to.
The upshot: a world of ubiquitous malware, where everything we do to make things better only makes it worse, where the tools of liberation become tools of oppression.
Our duty and challenge is to devise systems for mitigating the harm of general purpose computing without recourse to spyware, first to keep ourselves safe, and second to keep computers safe from the regulatory impulse.</description>
<persons>
<person id="3621">Cory Doctorow</person>
</persons>
<links>
<link href="http://craphound.com/bio.php">Bio Cory Doctorow</link>
</links>
</event>
<event id="4736">
<start>23:00</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug></slug>
<title>Defending mobile phones</title>
<subtitle></subtitle>
<track>Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>Cell phone users face an increasing frequency and depth of privacy intruding attacks. Defense knowledge has not scaled at the same speed as attack capabilities. This talk intends to revert this imbalance.</abstract>
<description>Most severe attack vectors on mobile phones are due to an outdated technology base that lacks strong cryptographic authentication or confidentiality. Given this discrepancy between protection need and reality, a number of countermeasures were developed for networks and phones to better protect their users.
We explain the most important measures and track their deployment. Furthermore, we will release tools to measure the level of vulnerability of networks. Sharing the results of these measurements will hopefully create problem awareness and demand for more security by phone users around the world.</description>
<persons>
<person id="1317">Karsten Nohl</person>
<person id="3341">Luca Melette</person>
</persons>
<links>
</links>
</event>
</room>
<room name="Saal 2">
<event id="4777">
<start>14:00</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>r0ket</slug>
<title>r0ket++</title>
<subtitle>The CCC-Badge</subtitle>
<track>Hacking</track>
<type>lecture</type>
<language></language>
<abstract>Now you've got that r0ket thing. What to do with it?</abstract>
<description>Besides being a shiny electronic name tag, the r0ket is an easy to use full featured microcontroller development board. We want to encourage you to tinker with your badge. Write your own software or build a pluggable hardware m0dul. Surprise us and the congress audience with your project!
</description>
<persons>
<person id="2856">lilafisch</person>
<person id="101">Stefan 'Sec' Zehl</person>
</persons>
<links>
<link href="http://r0ket.badge.events.ccc.de/">r0ket wiki</link>
</links>
</event>
<event id="4661">
<start>16:00</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>scade_and_plc_vulnerabilities_in_correctional_facilities</slug>
<title>SCADA and PLC Vulnerabilities in Correctional Facilities</title>
<subtitle>Tiffany Rad, Teague Newman, John Strauchs</subtitle>
<track>Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>Many prisons and jails use SCADA systems with PLCs to open and close doors. Using original and publically available exploits along with evaluating vulnerabilities in electronic and physical security designs, Newman, Rad and Strauchs have discovered significant vulnerabilities in PLCs used in correctional facilities by being able to remotely flip the switches to “open” or “locked closed” on cell doors and gates. This talk will evaluate and demo SCADA systems and PLC vulnerabilities in correctional and government secured facilities while recommending solutions. </abstract>
<description>We figured out how to remotely hack into prisons cell and gate control systems by using publically available Siemens PLC exploits as well as creating our own. Teague and Tiffany did a walk-through a jail in the southwest, USA, saw PLCs in use, took pictures and saw prison guards accessing Gmail from the Control Room computers. We will be presenting the results of this research with John Strauchs discussing electronic and physical security vulnerabilities in modern prison design. Our research was presented at Defcon 19, Las Vegas, NV.</description>
<persons>
<person id="3637">Teague</person>
<person id="3458">Tiffany Rad</person>
</persons>
<links>
<link href="http://www.coresecurity.com/files/attachments/PLC_White_Paper_Newman_Rad_Strauchs_July22_2011_Final.pdf">White Paper</link>
<link href="http://www.wired.com/threatlevel/2011/07/prison-plc-vulnerabilities/">Wired Magazine article about our work</link>
<link href="http://www.theregister.co.uk/2011/08/01/stuxnet_and_jails/">The Register article about our work</link>
<link href="http://www.spiegel.de/netzwelt/web/0,1518,777517,00.html">Der Spiegel article about our work</link>
</links>
</event>
<event id="4749">
<start>18:30</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>does_hacktivism_matter</slug>
<title>Does Hacktivism Matter?</title>
<subtitle>How the Btx hack changed computer law-making in Germany</subtitle>
<track>Society and Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>Do you remember those days when hackers were “real men?” When hacking was not yet a crime and the cyberspace an undiscovered land? Just before anti-hacking laws were introduced in Germany? Back in these days, the famous founding father of the CCC made the Bundespost (Germany's Federal Mail Service) meet its Waterloo, when they hacked Bildschirmtext (Btx)—the epitome of both technological utopias and dystopias at that time. But soon, hackers suffered a setback: new laws criminalized hacking in the name of fighting white-collar crimes. Simultaneously to the laws, things were getting rougher in the media and the public opinion. While being seen as a weird vanguard of technology before, hackers soon became pranksters and outlaws. Apparently hacktivism, the portmanteau word for hacking activism, had failed to shape the policies in the dawning information society. However, there are evidences that hacktivism had an impact on the new computer crime legislation—not in terms of having more, but less restrictions implemented in the law.</abstract>
<description>In my talk, I take a historian's point of view. First, I will show in which atmosphere of anxiety and excitement information technology evolved in Germany in the early 1980s. Then, I will give a very short description of the Btx hack, which is usually neglected in historical science. After giving this background, I will reconstruct the debates of white-collar crime law-making in context of the “2. WiKG” (Zweites Wirtschaftskriminalitätsbekämpfungsgesetz) in 1984-86. I will show, how different stakeholders demanded a strict law that penalized virtually every aspect of hacking while the politicians—even those from the conservative party—honored the guys who unveiled security flaws in Btx. This had led to the invention of “good” and “bad” hackers in juridical discourses. This distinction has been maintained in law journals, but likewise neglected in most court decisions. My talk will conclude by arguing that hacktivism matters in shaping policies by indirectly changing mind-sets, even if it fails to win every single battle. So, the impact of hacktivism is not part of a rational debate, but of a more complex strategic situation in which rational arguments only play a minor role.</description>
<persons>
<person id="2878">Kai Denker</person>
</persons>
<links>
</links>
</event>
<event id="4713">
<start>20:30</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>what_is_in_a_name</slug>
<title>What is in a name?</title>
<subtitle>Identity-Regimes from 1500 to the 2000s</subtitle>
<track>Society and Politics</track>
<type>lecture</type>
<language>en</language>
<abstract>Starting with the history of birth-registration an overview on the historical regimes of naming and identifying people from the 15th to the 20th century is given. the talk will show examples of the different identity media through time and their standardization with the rise of the westphalian nation state and the subsequent developments after the french revolution and during the 20th century. the goal of the talk is to show the complexity of the phenomenon of personal names and their media and the need for an informed debate on who and how naming and identification in the digital age is achieved.
</abstract>
<description>In July 2011 Google opened the social network named Google+, immediately spawning a fierce debate about its real-name policy barring users from opening accounts with pseudonyms. Just a few days later Facebooks Vice President Randi Zuckerberg echoed Google's sentiment, asserting: “(…) anonymity on the Internet has to go away.” Finally in early August Germanys minister of the interior demanded an end of anonymity on the Internet.
My proposed talk is not concerned with the relation of anonymity and pseudonymity and free speech, discrimination and empowerment that dominated the ‘real-name’ “nymwars” on the internet.
Instead it seeks to de-familiarize the notion of the ‘real name’ by exposing central aspects of the media-history of names, situating personal names in relation to the development of statehood and capitalism between the 1500 and the 2000s.
I thus will outline the history and function of birth-registration as introduced in the wake of the reformation in 1543 and its subsequent secularization during the rise of the Westaphalian nation state.
This includes an overview of the international standardization of both identity papers and personal naming regimes during the 19th century in the context of post-1789 development of statehood and colonization. Moving to the 2oth century I will provide examples of the development and standardization of the passport-system after WWI, and conclude my talk with a synopsis of administrative digital identity vision of the early nineties.
The goal of the talk is first de-familiarize the notion of the personal-name by showing its complex historical and material background, secondly to contextualize the current developments of digital identity regimes (Neuer Personalausweis, Google+, NSTIC etc) within the larger and longer-term developments of statehood and capitalist societies. Thirdly my talk will show that a name never was ones own but always an intersection of administrative, media-technical and personal interventions and as such is currently becoming a contested phenomenon again, requiring an informed debate about what is in a name.
Duration 40 mins, presentation style will be slides and accompanying talk, discussion afterwards.
Bio:
Christoph Engemann studied psychology at the University of Bremen and became a Ph.D fellow of the Bremen International Graduate School of Social Sciences in 2002. Between 2003 and 2006 he was named a Non-Residential-Fellow at the Center for Internet and Society Stanford Law School.
Christoph took part in the 2005 Doctoral Summer School of the Oxford Internet Institute and was a lecturer at the Science, Technology and Society Program at the University of Texas in 2007 and 2008. Since February 2010 he works as researcher and lecturer at the Internationales Kolleg für Kulturtechnikforschung und Medienphilosophie at the Bauhaus University Weimar. In 2011 Christoph was a faculty member at the Weimar-Princeton Summer School for Media Studies on the topic of surveillance.
Christoph is member of the DFG-research network "Digital Citizens and their Identity"
His main areas of research are Governmediality; Digital Identity/Media of Identification and their History; Electronic Government; Genealogy of the Transaction; Political Economy of Internet.</description>
<persons>
<person id="3488">Christoph Engemann</person>
</persons>
<links>
</links>
</event>
<event id="4844">
<start>21:45</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>eu_datenschutz_internet_der_dinge</slug>
<title>EU-Datenschutz und das Internet der Dinge</title>
<subtitle></subtitle>
<track>Society and Politics</track>
<type>lecture</type>
<language>de</language>
<abstract>Derzeit arbeitet die EU-Kommission an der Modernisierung der Datenschutzrichtlinie. Dieser Beitrag informiert über den Stand der Dinge.</abstract>
<description>Derzeit arbeitet die EU-Kommission an der Aktualisierung der Datenschutzrichtlinie, um den bestehenden Rechtsrahmen nach 15 Jahren an die neuen technischen und gesellschaftlichen Gegebenheiten anzupassen. Gleichzeitig werden in einer Expertengruppe der EU-Kommission die Herausforderungen an den Datenschutz erörtert, die sich im Zusammenhang mit dem Internet der Dinge ergeben.
Dieser Beitrag informiert über den aktuellen Stand der Dinge auf europäischer Ebene und diskutiert mit den TeilnehmerInnen die Positionen, die European Digital Rights (EDRi) in diesen Bereichen vertritt.
(Nach Verfügbarkeit wird dieser Beitrag gemeinsam mit anderen EDRi-AktivistInnen gestaltet; Arbeitssprache Englisch ist möglich.)</description>
<persons>
<person id="3562">Andreas Krisch</person>
</persons>
<links>
<link href="http://www.edri.org">European Digital Rights (EDRi)</link>
</links>
</event>
</room>
<room name="Saal 3">
<event id="4711">
<start>12:45</start>
<duration>01:00</duration>
<room>Saal 3</room>
<slug>the_atari_2600_video_computer_system_the_ultimate_talk</slug>
<title>The Atari 2600 Video Computer System: The Ultimate Talk</title>
<subtitle>The history, the hardware and howto write programs</subtitle>
<track>Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>Going more retro than the Commodore C-64: The Atari 2600 VCS was the breakthrough for video games in your own living room. This lecture will cover a bit of the history on how it came to live, describes the hardware used and shows how to write your own code for it.</abstract>
<description>The Atari 2600 Video Computer System (VCS for short) was the first wide-spread gaming console. It features 128 bytes of RAM, 4k bytes of addressable ROM. This was enough to keep it in production for 10 years.
This lecture divides in three parts:
The first part will cover the history on how it came to live. Learn why the Atari 2600 is technically half a Commodore creation.
Learn why Motorola was really. Can you imagine on how the software was created, since there were no PCs or workstations available at this time? Get to view the probably first easter egg in the history of video games.
The second part will provide an intern view of the chips used in the Atari 2600: the 6507 CPU, the 6532 RIOT (RAM-I/O-Timer) and the TIA (Television Interface Adapter). It will also show why "racing the beam" is so important.
The third part will show how to write your own code. Using emulators, the Harmony cartridge and a self-designed cart that will hopefully be finished by the time of the talk.
This will most probably include an overview on how to we created our own development cartridge using a Cortex M3 micro-controller. The lecture will conclude in showing a small self-coded demo running on real Atari 2600 hardware.</description>
<persons>
<person id="3514">Sven Oliver ('SvOlli') Moll</person>
</persons>
<links>
</links>
</event>
<event id="4799">
<start>14:00</start>
<duration>01:00</duration>
<room>Saal 3</room>
<slug>can_trains_be_hacked</slug>
<title>Can trains be hacked?</title>
<subtitle>Die Technik der Eisenbahnsicherungsanlagen</subtitle>
<track>Hacking</track>
<type>lecture</type>
<language></language>
<abstract>Warum sind Züge sicher unterwegs? Wie werden Zusammenstöße trotz der Gefahr eines menschlichen Fehlverhaltens vermieden? Und was hat das alles mit IT-Sicherheit zu tun?</abstract>
<description>Der Vortrag beleuchtet die mehr als 130-jährige Geschichte der Eisenbahn-Sicherungstechnik, diskutiert die Grundbegriffe des sicheren Eisenbahnbetriebs und erklärt die Funktionsweise der verschiedenen Stellwerkstypen, die im Netz der Deutschen Bahn verwendet werden. Neben den ältesten (jedoch immer noch in großer Stückzahl vorhandenen) rein mechanischen Bauformen besprechen wir sowohl die Gleisbildstellwerke, die auf Relaistechnik basieren, als auch die modernen rechnergestützten Stellwerke, die immer größere Verbreitung finden. (Und wir besprechen anhand von Untersuchungsberichten des Eisenbahnbundesamts warum doch hin und wieder Unfälle passieren).
Während mechanische und elektrische Sicherungsanlagen in sich geschlossene Systeme sind, nutzen künftige Anlagen zunehmend drahtlose Kommunikation. Die Sicherheit der Fahrgäste hängt daher auch von der Sicherheit der zugrundeliegenden Kommunikationsinfrastruktur ab. Im Vortrag gehen wir daher der Frage nach, wie die künftige Generation der Sicherungsanlagen abgesichert sein wird, welche neuen Bedrohungsszenarien entstehen und ob daher der "Zug der Zukunft" gehackt werden kann...</description>
<persons>
<person id="3165">Stefan Katzenbeisser</person>
</persons>
<links>
</links>
</event>
<event id="4753">
<start>18:30</start>
<duration>01:00</duration>
<room>Saal 3</room>
<slug></slug>
<title>The movements against state-controlled Internet in Turkey</title>
<subtitle>A short account of its history and future challenges</subtitle>
<track>Society and Politics</track>
<type>lecture</type>
<language></language>
<abstract>We are members of Alternatif Bilişim Derneği (Alternative Informatics Association)**, one of many organizations that oppose the ongoing efforts for state-controlled Internet in Turkey. We see that the problems with media control in Turkey and in Europe are increasingly becoming part of a global problem. The governments are working on their own view of a 'secure' Internet, and we have to articulate and suggest an alternative.
In our talk we want to give an account of our anti-censorship movement and the challenges we face in Turkey. We will first provide an overview of the political events; sanctions, censorship regulations and attempts of resistance in the country. Then, we will point out the main problems we face in making use of laws and technology against state control. We would also like to use our presentation as an opportunity to meet people at the CCC with similar affinities and to learn from their experience. We see a great need to create global networks and communities to articulate an alternative message; the Internet as the peoples’ media. </abstract>
<description>Ali Rıza Keleş*
Ayşe Kaymak
Işık Barış Fidaner
Seda Gürses
We are members of Alternatif Bilişim Derneği (Alternative Informatics Association)**, one of many organizations that oppose the ongoing efforts for state-controlled Internet in Turkey. We see that the problems with media control in Turkey and in Europe are increasingly becoming part of a global problem. The governments are working on their own view of a 'secure' Internet, and we have to articulate and suggest an alternative.
In our talk we want to give an account of our anti-censorship movement and the challenges we face in Turkey. We will first provide an overview of the political events; sanctions, censorship regulations and attempts of resistance in the country. Then, we will point out the main problems we face in making use of laws and technology against state control. We would also like to use our presentation as an opportunity to meet people at the CCC with similar affinities and to learn from their experience. We see a great need to create global networks and communities to articulate an alternative message; the Internet as the peoples’ media.
A short history
Despite its growing economy, democracy and fundamental rights have always been disputed in Turkey, where the shadow of the 1980 coup and still unresolved Kurdish problem is strongly felt, with the state persistently denying Kurdish citizens’ rights and repressing real political opposition to canalize the people’s consent to the authorized ‘official’ parties in the parliament. The coup in 1980 was mainly used to implement liberal policies, and this process is near completion: most state enterprises have been privatized in the last decade, including Türk Telekom, the phone company and the single ISP that owns the ADSL infrastructure in Turkey. In the same decade, the Internet use became widespread. Yet, the increasing popularity of the Internet has been accompanied by attempts to control it through criminal sanctions.
Until 2007, tens of thousands of websites had been blocked by courts as ‘precaution’, including sites like Wordpress and YouTube. After the Law 5651 in 2007, even more websites were censored directly by government administration. As a response to this law, Sansüre Karşı Platform (Platform Against Censorship) was organized. In the first anti-censorship rally in 17 July 2010, nearly 3000 people participated, including Internet youth, political parties, trade unions, etc.
Not long after the events in Tunisia and Egypt; the state institution for telecommunication, Bilgi Teknolojileri ve İletişim Kurumu (BTK) made a decision to force ISPs to provide unpaid Internet filters under the headings 'children', 'family' etc. This move created an enormous reaction, the culmination of which led to a nationwide Internet freedom rally in 15 May 2011 that took place in tens of cities. Alone in Istanbul 60 thousand people marched against the imposed censorship measures. What followed was a smearing campaign by controlled media (including state TV) against the protesters, and a pseudo-governance meeting with NGOs by BTK. After the general elections in June, the war with PKK escalated, suppressing the BTK decision out of media attention. Currently, DNS or IP blocking is used mostly for 'obscene' and in some cases for political websites.
National security has always functioned as an excuse for the Turkish state to introduce exceptions to a rule or to make the exception the rule itself. An example is 'Ulusal Kripto Yönetmeliği' (National Crypto By-law) that was put in order in 2010. This by-law necessitates ‘official authorization’ for any encrypted communication by any citizen, and also requires the citizens to give away their encryption mechanisms and private keys to BTK for ‘storage’.
In conclusion, we have reasons to believe that the government is currently developing infrastructure to utilize methods like deep packet inspection (DPI) as weapons in a 'cyberwar', possibly against its own people. These methods will include monitoring and labeling of Internet users as well as blocking communication. We made use of our 'right to information' to inquire about the plans for employing DPI, but were ‘informed’ that this is 'beyond the limits our right to information'.
Problems in using laws & technology against state control
The greatest problems with respect to guaranteeing fundamental rights in technology deployment and use currently are with how laws are made and how they are enforced. The lawmaking process is exclusionist, only including a few NGOs that can better be called QUANGOs (quasi-autonomous non-governmental organizations). There are several political parties and trade unions, but even their peaceful protests are occasionally declared ‘unauthorized’ and considered illegal. People in general do not trust the judiciary system, but are simply unorganized and do not believe in their power. The regime bases its legitimacy on ideology and not on lawful justice.
Türk Telekom (TT), privatized in 2005, monopolizes the ADSL infrastructure, making Internet services expensive and prone to state control. In 2007, a workers' strike in TT had triggered debates on this monopoly being protected by the government. The company also acts as a service provider in several domains, creating questions about net neutrality.
Another problem is with the limitation of how people can relate to technology. Computers, cellphones and other gadgets are aggressively marketed and widely used throughout the country, but the marketed forms of use mostly remain superficial, e.g., these gadgets are depicted as entertainment or as status symbols. We argue that the hegemony of these consumerist cultural connotations do hamper diverse uses of these products for a variety of motivations.
A small community of Linux promoters have emerged around universities. These groups could promote alternative approaches to technology. However, under the usual political fears, they only articulate their positions professionally. Their statements usually target Microsoft or other big proprietary software companies. This position is compatible with the officially accepted national pride and national security positions in Turkey, and hence is limited to politics of technology only (see Pardus project).
Leftist and Kurdish political organizations are in a position to benefit most from digital communication technologies. However, they still lack the capacity and enthusiasm to use it effectively. Alternative political media initiatives online exist, but they are mostly limited to standard uses and their technical quality reflect the lack of developers in the political community.
In Turkey, engineering education is praised and supported by families. Families make up for the lack of a financially strong social system. The society in general also praises technical knowledge. However, a strong barrier separates the 'educated people' who are supposed to know it, from 'regular people' who are only supposed to consume it. Under economic pressure and feeling indebted to their families, most white collar workers dedicate themselves to their work in private companies. There is some space in some universities for shared work and creativity, but such spaces are getting smaller as most universities are being turned into technical schools.
* Ali Rıza Keleş, Işık Barış Fidaner are software developers, Ayşe Kaymak is a lawyer from Istanbul. Seda Gürses is an Internet researcher from Brussels.
** Alternatif Bilişim is a social network that includes users, developers and researchers of digital technologies, studying and practicing alternative uses of technology. Ultimately, our objective is to diminish the alienation of people to technical knowledge. </description>
<persons>
<person id="3464">Barış</person>
</persons>
<links>
</links>
</event>
<event id="4813">
<start>21:45</start>
<duration>01:00</duration>
<room>Saal 3</room>
<slug>macro_dragnets</slug>
<title>Macro dragnets: Why trawl the river when you can do the whole ocean</title>
<subtitle>What happens when data collection goes awry in the 21st century</subtitle>
<track>Hacking</track>
<type>lecture</type>
<language></language>
<abstract>As governments increase their data collection capabilities software developers are stepping up to both utilize and augment surveillance capabilities. DNA databases, facial recognition, behavioral patterning, and geographic profiling are all in use today. Police are crowdsourcing identification of suspects and citizens are willingly participating. This talk will cover real technologies in place today as well as educated speculation of what is coming next. </abstract>
<description>Conspiracy theorists have been questioning the degree to which anyone truly has privacy for quite some time. State ID & fingerprints have given way to electronic passports & DNA analysis. With the increasing number of DIY BIO groups it isn't outside the realm of speculation to see clandestine collection & generation of genomic information by a state actor. Police agencies are engaging in genomic data collection of suspects, witnesses, and victims with no guarantee of the information safety of those individuals. The current scope of laws in the United States limits "genetic discrimination" to "health insurance and employment decisions" with no limitations on the implication of guilt or agency in a crime at the federal level. Similarly companies are collecting photographs of individuals from online services and using them as the corpus for facial recognition techniques which are then leased to government actors.
The goal of this talk is to:
Address the current vectors for public identification
Discuss potential countermeasures for identification dragnets
Analyze the role of genomic screening
Review case studies of individuals trying to avoid "the system" and crowdsourced attempts to identify the individuals
Imagine one was "erased" from these databases. How can one re-establish positive identification (and would they want to)?
</description>
<persons>
<person id="3506">Redbeard</person>
</persons>
<links>
<link href="http://math.scu.edu/~gmohler/crime_project.html">Santa Clara abstract on geographic profiling</link>
<link href="http://thomas.loc.gov/cgi-bin/bdquery/z?d110:h.r.00493:#">Text of the Genetic Information Nondiscrimination Act of 2008 (US Law)</link>
<link href="http://www.identifyrioters.com/">Attempt by Vancouver BC law enforcement to identify riots in the 15/06/2011 riots.</link>
<link href="http://www.lytro.com/cameras">Lightfield Cameras</link>
<link href="http://www.digitalsignalcorp.com/">Long range facial recognition</link>
</links>
</event>
<event id="4817">
<start>23:00</start>
<duration>01:00</duration>
<room>Saal 3</room>
<slug>string_oriented_programming</slug>
<title>String Oriented Programming</title>
<subtitle>Circumventing ASLR, DEP, and Other Guards</subtitle>
<track>Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>The protection landscape is changing and exploits are getting more and more
sophisticated. Exploit generation toolkits can be used to construct exploits for
specific applications using well-defined algorithms. We present such an
algorithm for leveraging format strings and introduce string oriented
programming.
</abstract>
<description>String oriented programming takes format string exploits to the next level and
turns an intrusion vector that needs hand-crafted exploits into arbitrary code
execution. Similar to return oriented programming or jump oriented programming
sting oriented programming does not rely on existing code but concatenates
gadgets in the application using static program analysis.
This talk presents an algorithm and a technique that takes a vulnerable
application that contains a format string exploit as a parameter and constructs
a format string exploit that can be used to inject a dynamic jump oriented
programming dispatcher into the running application. String oriented programming
circumvents ASLR, DEP, and ProPolice.</description>
<persons>
<person id="2574">Mathias Payer</person>
</persons>
<links>
</links>
</event>
</room>
</day>
<day date="2011-12-28" index="2">
<room name="Saal 1">
<event id="4775">
<start>00:15</start>
<duration>02:00</duration>
<room>Saal 1</room>
<slug></slug>
<title>Hacker Jeopardy</title>
<subtitle>Number guessing for geeks</subtitle>
<track>Show</track>
<type>contest</type>
<language>de</language>
<abstract>The Hacker Jeopardy is a quiz show.</abstract>
<description>The well known reversed quiz format, but of course hacker style. It once was entitled "number guessing for geeks" by a German publisher, which of course is an unfair simplification. It's also guessing of letters and special characters. ;)
Three initial rounds will be played, the winners will compete with each other in the final.
</description>
<persons>
<person id="933">Ray</person>
<person id="101">Stefan 'Sec' Zehl</person>
</persons>
<links>
</links>
</event>
<event id="4804">
<start>11:30</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>politik_hacken</slug>
<title>Politik hacken</title>
<subtitle>Kleine Anleitung zur Nutzung von Sicherheitslücken gesellschaftlicher und politischer Kommunikation</subtitle>
<track>Society and Politics</track>
<type>lecture</type>
<language>de</language>
<abstract>Klassischer Protest, konventionelle Demos, Online-Petitionen und Bürgerinitiativen werden seit einiger Zeit durch neue Instrumente der politischen Partizipation ergänzt. Deren Stärke liegt in dezentraler Organisation, Kommunikationsguerilla-Aktionen, diskursiver Intervention und kollaborativer Spontaneität. Der Vortrag stellt anhand von Beispielen ein Toolset an Möglichkeiten des regelverletzenden und gewaltfreien Mitmischens und Einmischens in Politik vor.</abstract>
<description>Anonymous, die Hedonistische Internationale, Telecomix oder die Space Hijackers sind einige der Netzwerke, die eine neue Art des Protests und der politischen Einmischung erproben. Ihnen ist gleich, dass sie mit ihren Aktionen immer auch in den medialen Diskurs eingreifen wollen – und auf eine Richtig- bzw. Weichenstellung für eine andere Wahrnehmung der Welt setzen. Das gilt sowohl für die Wahrnehmung der Medien als auch für die Wahrnehmung von Politik. Bilder und Images werden uminterpretiert, gesellschaftliche Codes geknackt, offene Flanken genutzt. Dabei setzt diese Form des Protests auf Regelverletzung und eine neue Interpretation der Zeichen.
Die Aktionen der Aktivistinnen können sehr unterschiedlich aussehen. So können Demos regelrecht gehackt werden, wie etwa eine Demonstration von Guttenberg-Anhängern. In diesem Fall war es der Hedonistischen Internationale (HI) gelungen, eine Pro-Guttenberg-Demonstration bei der Versammlungsbehörde anzumelden und die Mobilisierung der echten Guttenberg-Fans zu nutzen – und diese dann auf der Demonstration umzudeuten. Hierdurch wurde die Person Guttenberg zum Abgang noch einmal so lächerlich gemacht, dass eine Rückkehr des ehemaligen Verteidigungsministers zumindest heute unwahrscheinlich erscheint.
Um News-Hacking ging es in einer gemeinsamen Aktion der HI und "Der Partei". Hier nutzten die Aktivisten den klassischen "18 Uhr Wahlabend"-TV-Moment, um die Niederlage der Berliner FDP auf deren Wahlparty bei Freibier live im Fernsehen zu feiern.
Die Space Hijackers aus Großbritannien hingegen fahren mit einem Panzer vor der Bank of Scotland auf – und freuen sich diebisch als die Polizei diesen beschlagnahmt und dabei mehrere Gebäude beschädigt.
Oft reicht es auch, zum richtigen Zeitpunkt die Identität eines politischen oder ökonomischen Players zu übernehmen, um die mediale Darstellung der Welt mit der eigenen Realtät in Einklang zu bringen. Wenn nach Fukushima die deutsche Atomlobby auf einmal die zynische Wahrheit twittert oder Überwachungsfirmen wie DigiTask Twitter-Dialoghotlines einrichten, sorgt dies nicht nur für Verwirrung, Freude, medienträchtige juristische Androhungen, sondern trägt auch zu einer veränderten Wahrnehmung dieser Player selbst bei.
Die Politik zu hacken bedeutet die Sicherheitslücken der gesellschaftlicher Kommunikation zu nutzen, um auch in Zukunft genussvoll frei leben zu können.
All dies kann man selber machen. Wir sagen wie.</description>
<persons>
<person id="3629">Alexander Müller</person>
<person id="2737">Montserrat Graupenschläger</person>
</persons>
<links>
<link href="http://www.spacehijackers.org/">http://www.spacehijackers.org/</link>
<link href="http://hedonist-international.org">http://hedonist-international.org</link>
</links>
</event>
<event id="4738">
<start>12:45</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>echtes_netz</slug>
<title>Echtes Netz </title>
<subtitle>Kampagne für Netzneutralität</subtitle>
<track>Society and Politics</track>
<type>lecture</type>
<language>de</language>
<abstract>Im Herbst 2011 startet "Echtes Netz", die Kampagne für Netzneutralität, die vom Digitale Gesellschaft e.V. initiert und von der stiftung bridge gefördert wird. Die Kampagne macht sich zur Aufgabe, das Bewusstsein für den Wert eines echten Netzes zu steigern und mit Offline- und Onlineaktionen für eine gesetzliche Verankerung der Netzneutralität zu werben.
Der Vortrag gibt einen Überblick über die aktuelle Diskussion rund um die Netzneutralität in Deutschland und der EU, zeigt die bis zum Congress erfolgten ersten Schritte der Kampagne und gibt einen Ausblick auf die Debatte und den weiteren Verlauf der Kampagne.</abstract>
<description></description>
<persons>
<person id="2158">Falk Lüke</person>
<person id="1755">Markus Beckedahl</person>
</persons>
<links>
<link href="http://digitalegesellschaft.de">Digitale Gesellschaft e.V.</link>
<link href="http://www.echtesnetz.de">Echtes Netz - Kampagne für Netzneutralität</link>
<link href="http://www.nichtverfuegbar.de">Aktionsseite für Netzneutralität</link>
</links>
</event>
<event id="4680">
<start>14:00</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>effective_dos_attacks_against_web_application_platforms</slug>
<title>Effective Denial of Service attacks against web application platforms</title>
<subtitle></subtitle>
<track>Hacking</track>
<type>lecture</type>
<language></language>
<abstract>To run an effective Denial of Service attack against a web application, you do not need a botnet. Or that Gigabit uplink that you are dreaming about. Carefully crafted input data can go a long way, too.</abstract>
<description></description>
<persons>
<person id="2014">Alexander ‘alech’ Klink</person>
<person id="2022">Julian | zeri</person>
</persons>
<links>
</links>
</event>
<event id="4763">
<start>16:00</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>the_science_of_insecurity</slug>
<title>The Science of Insecurity</title>
<subtitle></subtitle>
<track>Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>Why is the overwhelming majority of common networked software still not secure, despite all effort to the contrary? Why is it almost certain to get exploited so long as attackers can craft its inputs? Why is it the case that no amount of effort seems to be enough to fix software that must speak certain protocols?
</abstract>
<description>The answer to these questions is that for many protocols and services currently in use on the Internet, the problem of recognizing and validating their "good", expected inputs from bad ones is either not well-posed or is undecidable (i. e., no algorithm can exist to solve it in the general case), which means that their implementations cannot even be comprehensively tested, let alone automatically checked for weaknesses or correctness. The designers' desire for more functionality
has made these protocols effectively unsecurable.
In this talk we'll draw a direct connection between this ubiquitous insecurity and basic computer science concepts of Turing completeness and theory of languages. We will show how well-meant protocol designs are doomed to their implementations becoming clusters of 0-days, and will show where to look for these 0-days. We will also discuss simple principles of how to avoid designing such protocols.
In memory of Len Sassaman</description>
<persons>
<person id="3541">Meredith L. Patterson</person>
</persons>
<links>
</links>
</event>
<event id="4871">
<start>17:15</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>hacking_mfps</slug>
<title>Hacking MFPs</title>
<subtitle>Part2 - PostScript: Um, you've been hacked</subtitle>
<track>Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>We have decided to continue our research onto PostScript realms - an old, very powerful and nicely designed programming language, where (as a coincidence or not, given it's numerous security flaws) Adobe owns most PostScript interpreters instances.
This time we demonstrate that PostScript language, given it's power, elegance and Turing-completeness, can be used more than just for drawing dots, lines and circles - and to a certain extent it can be a hacker's sweet delight if fully mastered.
We will be presenting a real-life implementation of unusual PostScript APIs (along with it's dissection and reconstructed documentation) that interact with various levels of OS and HW, implementation we have found in a TOP10 printer vendor product line.
Also, we will investigate whether a PostScript-based (hence platform-independent) virus (18+ years after first proposals of such theory) can be acomplished, thus giving theoretical hints and few building blocks in this direction.
We will also present some very constructive uses of the PostScript language in the creative (i.e. non-destructive) hacking direction.
In the end, we will try to summarize our conclusions and possible solution for all parties involved (vendors, users, sysadmins, security experts).
With this research we hope we can prove that entire printer industry (devices, printing software/drivers/subsystems, publishing and managed services) have to be rethought security-wise, so that it can withstand in the long run the current security landscape and threats.
</abstract>
<description>"Hacking MFPs (part2) - PostScript: Um, you've been hacked"
We started our research in early 2010 as a state-of-affairs investigation of the general security related to printers and printing protocols&subsystem.
We have concluded and demonstrated that using malicious documents and applets, it is possible using the PJL protocol to control certain printer functionality, including malicious content upload/download on printers' storage.
As a side effect of the research, several other directions in printers' industry shown prone to malicious attacks (XSS injection and execution, auth-bypass, unauthorized functionality and content access, etc.)
Incidentally, very same period, Stuxnet abused printing subsystems to spread itself and few other printer researches emerged in various directions (PJL password and hard disk abuse, confidential/password data harvesting, Linux-based firmware rev-eng).
All these apparently separate events, just come to prove once again that printers are not forgotten, they spark revived hacking interest and their (mis)use can be harmful and have long-standing effects on one's eneterprise security.
============================================
We have decided to continue our research onto PostScript realms - an old, very powerful and nicely designed programming language, where (as a coincidence or not, given it's numerous security flaws) Adobe owns most PostScript interpreters instances.
This time we demonstrate that PostScript language, given it's power, elegance and Turing-completeness, can be used more than just for drawing dots, lines and circles - and to a certain extent it can be a hacker's sweet delight if fully mastered.
We will be presenting a real-life implementation of unusual PostScript APIs (along with it's dissection and reconstructed documentation) that interact with various levels of OS and HW, implementation we have found in a TOP10 printer vendor product line.
Also, we will investigate whether a PostScript-based (hence platform-independent) virus (18+ years after first proposals of such theory) can be acomplished, thus giving theoretical hints and few building blocks in this direction.
We will also present some very constructive uses of the PostScript language in the creative (i.e. non-destructive) hacking direction.
In the end, we will try to summarize our conclusions and possible solution for all parties involved (vendors, users, sysadmins, security experts).
With this research we hope we can prove that entire printer industry (devices, printing software/drivers/subsystems, publishing and managed services) have to be rethought security-wise, so that it can withstand in the long run the current security landscape and threats.
</description>
<persons>
<person id="3584">Andrei Costin</person>
</persons>
<links>
</links>
</event>
<event id="4800">
<start>18:30</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>how_governments_have_tried_to_block_tor</slug>
<title>How governments have tried to block Tor</title>
<subtitle></subtitle>
<track>Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>Iran blocked Tor handshakes using Deep Packet Inspection (DPI) in January
2011 and September 2011. Bluecoat tested out a Tor handshake filter in
Syria in June 2011. China has been harvesting and blocking IP addresses
for both public Tor relays and private Tor bridges for years.</abstract>
<description>Roger Dingledine and Jacob Appelbaum will talk about how exactly these
governments are doing the blocking, both in terms of what signatures they
filter in Tor (and how we've gotten around the blocking in each case),
and what technologies they use to deploy the filters -- including the
use of Western technology to operate the surveillance and censorship
infrastructure in Tunisia (Smartfilter), Syria (Bluecoat), and other
countries. We'll cover what we've learned about the mindset of the censor
operators (who in many cases don't want to block Tor because they use
it!), and how we can measure and track the wide-scale censorship in these
countries. Last, we'll explain Tor's development plans to get ahead of
the address harvesting and handshake DPI arms races.</description>
<persons>
<person id="199">Roger Dingledine</person>
</persons>
<links>
</links>
</event>
<event id="4675">
<start>20:30</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>politik_neusprech_2011</slug>
<title>„Die Koalition setzt sich aber aktiv und ernsthaft dafür ein“</title>
<subtitle>Sprachlicher Nebel in der Politik</subtitle>
<track>Society and Politics</track>
<type>lecture</type>
<language>de</language>
<abstract>Aktuelle politische Texte (Reden, Interviews) werden auf Leerformeln, Füllsel und Übertreibungen untersucht, die den Text entlarven, selbst wenn der Autor versucht wird, die Hörer bzw. Leser einzulullen, bestimmte sprachliche Mittel verraten, welche eigentlichen Meinungen sich im Text verstecken. Auf diese Weise wird in den Texten sichtbar, was Wilson und Shea als „Fnord“ bezeichnen.</abstract>
<description>Der Sprachwissenschaftler Victor Klemperer hat festgestellt: „Was jemand willentlich verbergen will, sei es vor anderen, sei es vor sich selber, auch was er unbewusst in sich trägt: Die Sprache bringt es an den Tag.“ Besonders deutlich wird das an Ausdrucksmitteln, die als „Nebelsprech“ bezeichnet werden können: Es handelt sich dabei vor allem um sprachliche Füllsel (Pleonasmen), die im jeweiligen Kontext nichts zur Bedeutung eines Textes beitragen, sondern einer Aussage nur Nachdruck verleihen sollen, den die Aussage gar nicht benötigen würde, wenn sie ernstgemeint wäre. So heißt es im Koalitionskompromiss zum Weiterbau der A100 in Berlin: „Das Projekt des 16. Bauabschnitts der BAB 100 wird nicht grundsätzlich aufgegeben. Die Koalition setzt sich aber aktiv und ernsthaft dafür ein, dass eine Umwidmung der Bundesmittel ermöglicht wird." Die Adverbien „aktiv“ und „ernsthaft“ haben hier eine entlarvende Wirkung, denn ein passiver und scherzhafter Einsatz für eine Forderung ist ja gar nicht vorstellbar. In der Rhetorik spricht man in diesem Zusammenhang von einer Hyperbel, die allerdings im vorliegenden Fall misslungen ist, denn die hyperbolische Steigerung legt nahe, dass mit Aktivitäten in diesem Zusammenhang möglicherweise nicht zu rechnen ist. Auch wenn „vorbehaltlos, rückhaltlos und umfassend analysiert" wird (Merkel), sollte man hellhörig werden, denn was „völlig ungefährlich“ und „gänzlich unbedenklich“ ist, hat meist einen Haken.
Analysiert werden Texte zum „Atomausstieg“, zur Vorratsdatenspeicherung und zu weiteren aktuellen Themen, vor allem aus der Netzpolitik.</description>
<persons>
<person id="47">maha/Martin Haase</person>
</persons>
<links>
</links>
</event>
<event id="4676">
<start>21:45</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>apple_vs_google_client_platforms</slug>
<title>Apple vs. Google Client Platforms</title>
<subtitle>How you end up being the Victim.</subtitle>
<track>Hacking</track>
<type>lecture</type>
<language></language>
<abstract>We will discuss the two different approaches Apple and Google take for the
client platforms iPad and Chromebook, how they are similar and how they
are not. </abstract>
<description>From the security architecture and integrity protection details
to your account and identity that links you firmly back to the respective
vendor, we will provide the big picture with occasional close-up shots.
Here is what powers the vendor has over you, or what powers he gives to
arbitrary unwashed attackers at conferences through fails in logic, binary
or HTML.</description>
<persons>
<person id="3609">Bruhns</person>
<person id="134">FX of Phenoelit</person>
<person id="3479">greg</person>
</persons>
<links>
<link href="http://www.recurity-labs.com">Recurity Labs</link>
</links>
</event>
<event id="4766">
<start>23:00</start>
<duration>01:00</duration>
<room>Saal 1</room>
<slug>802_11_packets_in_packets</slug>
<title>802.11 Packets in Packets</title>
<subtitle>A Standard-Compliant Exploit of Layer 1</subtitle>
<track>Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>New to 2011, Packet-in-Packet exploits allow for injection of raw radio frames into remote wireless networks. In these exploits, an attacker crafts a string that when transmitted over the air creates the symbols of a complete and valid radio packet. When radio interference damages the beginning of the outer packet, the receiver is tricked into seeing only the inner packet, allowing a frame to be remotely injected. The attacker requires no radio, and injection occurs without a software or hardware bug.</abstract>
<description>This lecture presents the first implementation of Packet-in-Packet injection for 802.11B, allowing malicious PHY-Layer frames to be remotely injected. The attack is standards-compliant and compatible with all vendors and drivers.
Unlike the simpler implementations for 802.15.4 and 2FSK, 802.11B presents a number of unique challenges to the PIP implementer. A single packet can use up to three symbol sets and three data-rates, switching rates once within the header and a second time for the beginning of the body. Additionally, a 7-bit scrambler randomizes the encoding of each packet, so the same string of text can be represented 128 different ways at the exact same rate and encoding.
This lecture presents the first implementation of Packet-in-Packet injection for 802.11B, allowing malicious PHY-Layer frames to be remotely injected. The attack is standards-compliant and compatible with all vendors and drivers.
As a demo, we intend to present a malicious string which can be embedded in any file with lots of slack space, such as an ISO image. When this image is downloaded over HTTP on 802.11B, beacon frames will be injected. For the demo, we will be injecting the SSID stack buffer overflow frames from Uninformed Volume 6.</description>
<persons>
<person id="1978">Travis Goodspeed</person>
</persons>
<links>
<link href="http://travisgoodspeed.blogspot.com/2011/09/remotely-exploiting-phy-layer.html">Introduction to PIP</link>
<link href="http://www.usenix.org/events/woot11/tech/final_files/Goodspeed.pdf">PIP for 802.15.4 and 2FSK</link>
</links>
</event>
</room>
<room name="Saal 2">
<event id="4722">
<start>00:15</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>dick_size_war_for_nerds</slug>
<title>NPC - Nerds’ Pissing Contest</title>
<subtitle>Mein Ruby ist besser als dein urxvt!</subtitle>
<track>Show</track>
<type>contest</type>
<language></language>
<abstract>Hier geht es um die Gretchenfrage: „Welches Tool ist das beste?“ Dabei treten 2 Teams gegeneinander an und müssen live verschiedene $RANDOM_NERD_TASK auf ihren eigenen Rechnern lösen. Wer dabei zeigt, dass sein Tool das schnellere, schlankere, mächtigere, längere, größere^w^w^w^wist, gewinnt. Durch das Programm führen Jan „git-zsh-keynote-firefox“ Wulfes und Benjamin „bzr-fish-latexbeamer-chrome“ Kellermann.
</abstract>
<description>In der heutigen Ausgabe von DSW4nerds geht es darum herauszufinden, welcher Editor der beste ist. Zwei Teams (à 1-4 Teilnehmer) treten mit dem Editor ihrer Wahl gegeneinander an, um diese religiöse Frage zu beantworten.
Nach einer dreiminütigen Laudatio zum Editor ihrer Wahl müssen sie in der Pflicht vorgegebene Aufgaben vor den Augen des Publikums möglichst schnell und elegant lösen. Hierzu dürfen die Teams ihre Konfigurationsdateien verwenden.
In der Kür muss jedes Team von der Default-Konfiguration aus startend die Stärken seines Editors durch einen kleinen Stunt präsentieren, welcher dann vom jeweils anderen Team ebenfalls gestanden, oder sogar getoppt werden muss.</description>
<persons>
<person id="1725">Benjamin Kellermann</person>
<person id="879">klobs</person>
</persons>
<links>
</links>
</event>
<event id="4768">
<start>11:30</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>eating_in_the_anthropocene</slug>
<title>Eating in the Anthropocene</title>
<subtitle>Transgenic Fish, Mutagenic Grapefruits and Space Potatoes</subtitle>
<track>Culture</track>
<type>lecture</type>
<language>en</language>
<abstract>Over the last few years hackers have begun to take a larger interest in food, gastronomy and agriculture. For many in the community the ability to create DIY molecular gastronomy hardware and recipes is an obvious entry point. This talk extends some of these early investigations beyond the kitchen and the chemical properties of food by looking at specific cultivars, food technology organizations, and connections between food systems, ecosystems and planetary change.
Part 1 of the talk explores some of the more bizarre and interesting biotechnologies and genomes that make up the human food system on planet earth, including Chinese Space Potatoes, Mutagenic Grapefruits and Glowing Sushi.
Pat 2 of the talk presents ideas of food system redesign particularly relevant to hackers and food explorers: utopian cuisines, resilient biotechnologies and eaters as agents of selection.
In Part 3 we provide access to resources and propose interesting projects for black hat food hackers, DIY BIO foodies, and prospective food security researchers, such as mining the IAEA's database of radiation breeding, eating things that weren't meant to be eaten and defending agricultural biodiversity.
By introducing less known stories from the history of food and technology, and providing access to resources we hope to get more hackers curious about exploring, questioning and redesigning our human food systems.
BIO: Zack Denfeld & Cathrine Kramer run the Center for Genomic Gastronomy an independent research institute that studies the genomes and biotechnologies that make up the human food systems on the planet. They are currently in residence at Art Science Bangalore and a curating a show on the future of food at the Science Gallery in Dublin Ireland. </abstract>
<description></description>
<persons>
<person id="3623">Cathrine Kramer</person>
<person id="3494">Zack Denfeld</person>
</persons>
<links>
<link href="http://www.genomicgastronomy.com/">Our research group</link>
<link href="http://www.glowingsushi.com/">Our cooking show</link>
</links>
</event>
<event id="4652">
<start>12:45</start>
<duration>00:30</duration>
<room>Saal 2</room>
<slug>data_mining_the_israeli_census</slug>
<title>Data Mining the Israeli Census</title>
<subtitle>Insights into a publicly available registry</subtitle>
<track>Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>The entire Israeli civil registry database has been leaked to the internet several times over the past decade.
In this talk, we examine interesting data that can be mined and extracted from such database.
Additionally, we will review the implications of such data being publicly available in light of the upcoming biometric database.
</abstract>
<description>The Israeli census database has been freely available on the Internet since 2001. The database has been illegally leaked due to incompetent data security policies in the Ministry of Interior of Israel, which is responsible for the management of the Israeli census.
The data available includes all personal data of every Israeli citizen: name, ID number, date and location of birth, address, phone number and marital status, as well as linkage to parents and spouses.
In this talk we discuss various statistics, trends and anomalies that such data provides us with insight to.
Personal details will obviously be left out of the talk, though it is important to note that any person who wishes to retrieve such details can easily do so.
We will end the talk with a discussion about upcoming and relevant privacy issues in light of Israel's soon-to-be biometric database.</description>
<persons>
<person id="3428">Yuval Adam</person>
</persons>
<links>
<link href="http://y3xz.com">Yuval's Homepage</link>
</links>
</event>
<event id="4770">
<start>13:15</start>
<duration>00:30</duration>
<room>Saal 2</room>
<slug>dont_scan_just_ask</slug>
<title>Don't scan, just ask</title>
<subtitle>A new approach of identifying vulnerable web applications</subtitle>
<track>Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>For years, we tried to identify vulnerable systems in company networks by getting all the companies netblocks / ip addresses and scanning them for vulnerable services. Then with the growing importance of web applications and of course search engines, a new way of identifying vulnerable systems was introduced: "Google hacking".
However this approach of identifying and scanning companies ip addresses as well as doing some Google hacking for the (known) URLs of the company doesn't take all aspects into account and has some limitations. At first we just check the systems which are obvious, the ones that are in the companies netblocks, the ip addresses that were provided by the company and the URLs that are known or can be resolved using reverse DNS. However how about URLs and systems that aren't obvious? Systems maybe even the company in focus forgot? Second, the current techniques are pretty technical. They don't take the business view into account at any point.
Therefore we developed a new technique as well as framework to identify companies’ web pages based on a scored keyword list. In other words: From zero to owning all of a company’s existing web pages, even the pages not hosted by the company itself, with just a scored keyword list as input.</abstract>
<description>For years, we tried to identify vulnerable systems in company networks by getting all the companies netblocks / ip addresses and scanning them in order to identify vulnerable services that could be exploited by an malicious attacker. Then with the growing importance of web applications and of course search engines, a new way of identifying vulnerable systems was introduced: "Google hacking". Thereby we just googled for vulnerable applications using version banners or directories and files without proper access rights set.
However this approach of identifying and scanning companies ip addresses as well as doing some Google hacking for the (known) URLs of the company doesn't take all aspects into account and has some limitations. At first we just check the systems which are obvious, the ones that are in the companies netblocks, the ip addresses that were provided by the company and the URLs that are known or can be resolved using reverse DNS. However how about URLs and systems that aren't obvious? Systems that are hosted by third parties, web pages that were just released for a marketing campaign, maybe even by a third party marketing company but within the name of the company we want to check? Possibly not even the company does remember all the web applications and domains that are running under his name. These systems/applications won’t be detected using traditional techniques and thus impose a potential security risk for the company. Second, the current techniques are pretty technical. They don't take the business view into account. That means, we try to identify certain applications using technical information like version banner or the comapnies ip addresses in order to identify his systems. But how about the other way around, trying to identify applications and systems by using the company’s business data (e.g. product names, company names, tax identification numbers, contact persons, …) and then test the identified systems and applications for vulnerabilities?
That is what we did. The idea is to build up a scored keyword list for the company in focus. This list contains general keywords like the company name, product names, more detailed keywords like an address contained in imprints and very specific keywords like the companies tax number. Every keyword in that list is then rated by human intelligence. Which means specific keywords do have a higher scoring than general keywords. In the next step a spider uses these keywords to query search engines like bing, google, etc. for the keywords and stores all the web sites URLs identified in a database with their scoring. If a web site that already is in the database is found for another keyword, just the score of that entry is increased. At the end, we get a list of websites that contained one or more of the keywords, along with a scoring for each web site. Then the URL is taken and checked whether it contains one of the keywords (e.g. company name). If this is the case, the scoring of the page is increased again. Then for each entry the FQDN as well as the ip is resolved and a whois query is executed. If that whois record does contain the company name, the scoring is increased again. Furthermore the country codes are used to remove results which are not in the target country.
At the end of that process, we do have a list of URLs and FQDNs that could be found using company specific key words. Furthermore that list is scored. Since during that process you get (based on your keyword list) hundred thousands of unique hits, you have to minimize that list. Therefore we did some research on the results generated and found a decent way to minimize the results to an amount that can be checked manually by a human. Then those identified company web pages are passed to a crawler that just extracts external links from those pages, with the idea that correct company pages might link to other company pages, and integrates them to the results list. Using these technique in practice it is possible to identify a lot of web sites hosted (even by third parties) for one company.
During the crawling process not just external links are extracted but all forms, HTTP parameters as well as certain parts of the web content are stored. Thus besides a list, we do have a "mirror" of the web page as well as the forms and dynamic functions that pose an attack surface.
The information collected can then be used as input to special analysis modules. For some of our projects we integrated WAFP (Web Application Finger Printer), SQLMap and other well known tools as well as some other self written fuzzers and fingerprinters into that process. This way the whole process, from identifying web pages belonging to a certain company up to analyzing those for vulnerabilities can be totally automated.
In other words: From zero to owning all of a company’s existing web pages, even the pages not hosted by the company itself, with just a scored keyword list as input.
During our talk we will present our idea as well as our approach of identifying vulnerable web applications that belong to a certain company, based on business data. Furthermore we will explain how our framework is structured and how it does the searching as well as the vulnerability assessment in an automated way. So everybody who is interested will be able to implement his own version or adapt certain ideas for his projects. Besides just telling you how it could work, we will also present our framework that performs all of the steps described above automatically in a demo.
Fabian & Richard</description>
<persons>
<person id="3530">Fabian Mihailowitsch</person>
<person id="3619">Richard Sammet</person>
</persons>
<links>
</links>
</event>
<event id="4847">
<start>14:00</start>
<duration>00:30</duration>
<room>Saal 2</room>
<slug>reverse_engineering_usb_devices</slug>
<title>Reverse Engineering USB Devices</title>
<subtitle></subtitle>
<track>Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>While USB devices often use standard device classes, some do not. This talk is about reverse engineering the protocols some of these devices use, how the underlying USB protocol gives us some help, and some interesting patterns to look for. I'll also detail the thought processes that went into reverse engineering the Kinect's audio protocol.</abstract>
<description>This talk will narrate the process of reverse engineering the Kinect audio protocol – analyzing a set of USB logs, finding patterns, building understanding, developing hypotheses of message structure, and eventually implementing a userspace driver.
I'll also cover how the USB standard can help a reverse engineer out, some common design ideas that I've seen, and ideas for the sorts of tools that could assist in completing this kind of task more efficiently.</description>
<persons>
<person id="3499">Drew Fisher</person>
</persons>
<links>
</links>
</event>
<event id="4826">
<start>14:30</start>
<duration>00:30</duration>
<room>Saal 2</room>
<slug>a_brief_history_of_plutocracy</slug>
<title>A Brief History of Plutocracy</title>
<subtitle></subtitle>
<track>Society and Politics</track>
<type>lecture</type>
<language></language>
<abstract>This whistlestop re-telling of world economic history squeezes 12,000 years of history into 18 slides. Its focus is the changing nature of money and the rise of the monied class in US and Europe.</abstract>
<description>It outlines how the modern system of banking was instituted, how international organising allowed the power of the rich to gradually eclipse that of national governments, how war was managed for profit, and how the super-rich set about using the organs of the state in an effort to secure their position of control.</description>
<persons>
<person id="3543">Robin Upton</person>
</persons>
<links>
<link href="http://www.altruists.org/">Altruist International</link>
</links>
</event>
<event id="4706">
<start>16:00</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>power_gadgets_with_your_own_electricity</slug>
<title>Power gadgets with your own electricity</title>
<subtitle>escape the basement and make the sun work for you</subtitle>
<track>Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>This talk, consisting of five distinct parts, is intended to show the audience how to get electricity without needing a grid connection.
It will give information on
* Which energy sources to use
* What to power with them
* What equipment to get
* How to wire it up
* And some wishful thinking
Participants should be able to assemble their own small-scale energy-generating systems after listening.</abstract>
<description>Renewable energy isn't for wealthy investors only. You can have it, too.
In this talk we'll show you how to power your own stuff from the sun, wind and other sources of energy.
The talk is divided into 5 different parts:
1. A really short introduction into the available power sources like sun, wind etc. We'll show some pipe-dreams where more hacking is needed to make it work like salt-gradient energy or damming the mediterranean sea.
2. We'll show you how much power you can expect from which source. We'll also show you what affects power output for various technologies (example: Sun needs to be shining for solar power. We'll show you how much sunshine you can expect at your place.)
3. As a follow-up to part 2 we'll show you the amount of power various things need. You can do the math yourself afterwards to see what you can power from your balcony.
4. Building the system, the easy and fully-legal way: Build your own independent grid with optional storage. We'll show what you need for a small-scale solar system independent of the power network. Works well for caravans, camping, gardens and allotments. There will be real solar panels on stage. You will see schematics, parts lists and instructions. We'll give some hints where to aquire the necessary stuff without paying too much.
5. The difficult way: Put your own power into the public grid. We'll show you what you need to do this. This can either make your purse fill up automatically (big installations earning feed-in tariffs) or it can (in theory) make your electricity meter go backwards - but that's not actually allowed. Once the electrical company recognizes what you are doing (and German law requires you to tell them) unfortunately they will install a digial meter. Digital meters will not count backwards like the Ferraris counters do now...
The speakers have built and are operating various small-scale power systems and come from an engineering and commercial background.
</description>
<persons>
<person id="3511">Gunnar Thöle</person>
<person id="3630">Joerg Duerre</person>
</persons>
<links>
</links>
</event>
<event id="4669">
<start>17:15</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>bionic_ears</slug>
<title>Bionic Ears</title>
<subtitle>Introduction into State-of-the-Art Hearing Aid Technology</subtitle>
<track>Hacking</track>
<type>lecture</type>
<language>en</language>
<abstract>In many social situations being hearing impaired is a serious handicap, not only for elderly people. Today's hearing aids are tiny computers that do a decent job in signal processing. During the last years, the progress in this technology was significant, amongst other things by switching from analog to digital devices. Since this field becomes more and more related to computer technology, there is even more improvement to be expected. In particular, it turns into a more and more interesting playground for hackers.</abstract>
<description>Unfortunately, we are still quite far away from what was promised as the future in that 70es TV series "The Bionic Woman" [1]. Starting with a brief introduction about audiology, I will present current technical solutions (and political non-solutions) for hearing aids. Besides the hearing aids themselves, there exist a couple of interesting peripheral solutions for specific situations such as using the phone, listening to concerts and talks, or just consuming music with an mp3 player. All these not only enhance the user's life, they also open the door for creative hacks. Although the hearing-aid hacking community is still rather small, I will present some current projects and ideas for future ones.
[1] http://en.wikipedia.org/wiki/The_Bionic_Woman </description>
<persons>
<person id="2343">Helga Velroyen </person>
</persons>
<links>
</links>
</event>
<event id="4640">
<start>18:30</start>
<duration>01:00</duration>
<room>Saal 2</room>
<slug>time_is_on_my_side</slug>
<title>Time is on my Side</title>
<subtitle>Exploiting Timing Side Channel Vulnerabilities on the Web</subtitle>
<track>Hacking</track>
<type>lecture</type>
<language></language>
<abstract>Timing side channel attacks are non-intrusive attacks that are still widely ignored in day-to-day penetration testing, although they allow attackers to breach the confidentiality of sensitive information. The reason for this is, that timing attacks are still widely considered to be theoretical. In this talk, I present a toolkit for performing practical timing side channel attacks and showcase several timing attacks against real-world systems.
</abstract>
<description>Timing side channels are vulnerabilities in software applications that leak sensitive information about secret values such as cryptographic keys. They differ from common intrusive vulnerabilities such as Buffer Overflows or SQL-Injection because the attacker sends normally looking requests to the server and infers secret information just from the time it took to process the request.
In academia, timing side channel attacks are well researched, especially against cryptographic hardware, but in day-to-day penetration testing, they are still widely ignored. One reason for this is that the timing differences are often small compared to the jitter introduced in networked environments. This makes practical timing side channel attacks challenging, because the actual timing differences blend with the jitter.
In this talk, I will present methods and tools to accurately measure response times despite the jitter in networked environments. I will introduce a programming library that enables penetration testers to measure accurate response times of requests send over networks.
Furthermore, I will describe algorithms and statistical filters to reduce the jitter from measurements. For this, I will introduce a reporting tool that takes a dataset with network measurements as input, automatically applies the algorithms and filters, and produces a report with the results. This report enables even novice penetration testers to analyze a response time dataset for timing side channel vulnerabilities.
In the end, I will show that timing side channels are practical by showing several attacks. First, I show how to determine if a given user name is an administrative user in a productive installation of the popular CMS Typo3. Second, I show how to determine how many pictures are hidden in a private album of an online gallery. Third, I show how to perform an adaptive chosen cipher text attack against implementations of the XML Encryption standard. This attack allows to decrypt any Web Service message whose body was encrypted using XML Encryption only by measuring the response time of the Web Service.</description>
<persons>
<person id="3349">Sebastian Schinzel</person>
</persons>
<links>
</links>
</event>
<event id="4811">
<start>20:30</start>