30C3

The last four days I was at the 30th Congress of the Chaos Computer Club, or 30C3 for short. This took place for the second time at the CCH in Hamburg and had over 9000 visitors this year. I was one of them and it was my first time there.

Despite the huge crowds, I felt very comfortable and never cramped. I found the friendliness of one another and the peace and quiet in the Congress Center fascinating. It was wonderful how naturally every seat was used during the often very well-attended lectures. For example, people would raise their hands if there was a free seat next to them so that they could help people looking for a seat in the large room more quickly. Another popular practice is "defragmentation" at the beginning of a lecture: all free seats within a row are closed by everyone already sitting in the rows sliding to the middle and freeing up the outer seats. This way, latecomers can find a free seat quickly and without causing too much disruption. Of course, you could also listen to the lectures outside the halls, because all lectures were streamed using the free WiFi in the CCH. Some were even translated. In total, there were 170 lectures and over 120 hours of content. I was able to discover a lot of new things and I will briefly present my personal highlights to you here - although not all lectures are available as videos to watch.

From a photography perspective, the introduction to Magic Lantern was very interesting, even if it doesn't make me switch to Canon. Some enthusiasts have found a way to add additional functions - mainly in the video area - to many Canon cameras. The firmware is only slightly changed in one place, but the actual extensions are stored as a software package on the memory card. The functions are gone when the memory card is no longer in the camera. More Info on their website.

Trevor Paglen uses photography to visualize things that no one should see. Actually. Fascinating lecture by an artist.

I also found it very exciting to learn more about the processing of SD cards. The presentation “Exploration and Exploitation of an SD Memory Card” was actually about whether the microcontrollers on the flash memories can be used to do other things with memory cards than just storing data on the cards. Very technical and very hardware-heavy and here read – I was actually only able to follow the first 10 minutes. From a photographic perspective, the information about the production process was exciting. SD cards are so inexpensive that everything has to be used in manufacturing to make it an SD card. A chip is then installed that could perhaps store 16GB, but is so bad that the SD card is ultimately sold as a 2GB card. To do this, software checks the quality of individual sectors of the flash memory and calculates whether the sector will survive a certain number of read/write cycles. Since the lecture I feel very confirmed to only take more expensive cards also replace these every yearAs it was said so beautifully at the beginning of the presentation: "Flash memory does not store the user's data, but a mishmash from which the user's data can be reconstructed." Ultimately, what I took away from the presentation was that the sectors not shown could be used for malware. Access to these sectors is of course particularly easy with so-called WiFi cards that have these additional intelligent chips on the card. That's why I will never put a WiFi-enabled card in my camera.

Yes, the conference can lead to becoming quite suspicious. After all, everything in our lives is now surrounded by software. And that brings me to the part of 30C3 that deals with surveillance etc.

I hope the video of the lecture by historian Josef Foschepoth will be put online. (Edit: now it is online.) “The Federal Republic – the most monitored country in Europe” provided historical foundations of surveillance in East and West. Apart from the fact that in addition to the Gauck authority for the Stasi files, there should actually be something similar for Western people under surveillance, the lecture exposed all the partial truths of German politicians since the beginning of the revelations by Edward Snowden. Absolutely recommended viewing - I wouldn't have thought that I would say that after a lecture by a historian.

Well, two people showed on the first day how easy it is to add additional programs to a phone's SIM card. Without the owner of the phone noticing, a program installed unnoticed can, for example, ensure that an SMS with your current GPS data is sent every 5 minutes - and you don't even see that you have sent an SMS. Watch this video – even if you have as little technical understanding as I do, the core problems are easy to understand. The telephone companies are around 10 years behind in development when it comes to security mechanisms for GSM SIM cards.

And when you think: well, no one is going to do that, you see on the fourth day based on official NSA documents that exactly this loophole is being used by the secret services. In his packed lecture (unfortunately no longer online) within an hour, Jacob Applebaum showed a lot of detailed options that the NSA and other secret services use to enable comprehensive surveillance. Applebaum also worked on one SPIEGEL article collaborated, which vividly presents these methods. At the end of the lecture there was a minute-long standing ovation. Rightly so.

In any case, it has become clear to me over the course of the days that the secret services are really trying to get all the information. Whether they can do something with it or not. In any case, I will now focus a little more on encryption or the Tor network, which it also includes a good presentation to introduce the project gave, employ. I already have a PGP key, but I need to make it a little more understandable for myself. By the way, my impulse to focus more on this doesn't come because I've become overly cautious or because I think I have something to hide. On the contrary, the people who are up to no good are certainly too intelligent to use the Internet. Rather, I now know that encryption and anonymization can save lives. Not all of us live in a world in which freedom of expression can be lived quite generously. But if only those people who have to in order to survive in certain regimes (Syria as a current example) communicate in code, they are too easy to find and identify. If you still need a good resolution for 2014: get a PGP key. It's really not difficult to at least secure your email traffic.

But don’t believe the advertising promises of De-Mail. That is “Bullshit – Made in Germany“ – another great talk with incredible revelations.

My text is a little longer and has only touched on the variety of topics. All videos can be seen at this address. The 30C3 was as colorful as Tamagotchis, whose inner workings I have now learned a lot about. Speaking of colorful: Guys, these light displays were wonderful. I hardly took any photos, but I couldn't resist the color play with the light 🙂

I will definitely try to be a participant again next year. The 30C3 was an entertaining and educational event that I can really recommend with a clear conscience. For people with even less technical understanding, there are also sponsors who can help you understand the event.

My thanks go to everyone who took part in the event. After all, the congress is voluntary…

  1. I'm always impressed by the meticulous tracking and uncovering of topics that should actually interest everyone - but don't - and the high quality of the contributions.
    I could certainly see this enthusiasm in your apt words. 🙂
    A nice summary that makes me curious to visit the event again. Unfortunately I've missed it for years. Hamburg is so close now... 🙂

Leave a Comment

Your e-mail address will not be published. Required fields are marked with * marked