To see our schedule with full functionality, like timezone conversion and personal scheduling, please enable JavaScript and go here.
11:00
11:00
30min
Opening Event
Mitch, mc.fly

Welcome to Hacking in Parallel.

Lets fire this up.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
11:30
11:30
60min
Crushed by the Wheels Industry
pandzillophon

We'll look at the role IT and software play in modern manufacturing, with a twist on the semiconductor industry. Since I'm a security guy, we'll mostly focus on the sorry state of that.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
13:00
13:00
90min
CiP - Chatting in Parallel ... What's happening in the Matrix-Multiverses?
Yan 't' Minagawa

It gives an overview of the Matrix World. Showcasing and spotlightning projects and developments.
Goal of the workshop is to educate people enough to run their own matrix-homeserver and federate with others.

Workshop - E.T.I.
HDMI (room 3)
13:00
60min
Hide and seek ‒ über die Biometrie-Datenbank des US-Militärs
kantorkel, Starbug, snoopy

Das US-Militär hat massenhaft Geräte zur biometrischen Erfassung von Menschen in Afghanistan genutzt. Einige Geräte wurden beim hastigen Abzug der NATO-Truppen zurückgelassen. Wir haben bei Analysen solcher Geräte große Mengen an biometrischen und weiteren personenbezogenen Daten gefunden. In den falschen Händen bedeuten diese Daten Lebensgefahr für Menschen in Afghanistan und Irak.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
13:00
60min
How To: Legal Blockieren
Anne Herpertz

Nazis, Querdenken und andere verschwörungsideologische Aufmärsche - welche Möglichkeiten gibt es, in Einklang mit Versammlungsgesetzen und in Verhandlungen mit Polizei und Versammlungsbehörden legal zu blockieren? Ein How-To aus den Erfahrungen bei @QuerstellenDD.

Track 2 Room 2
HIP - Track 2 - Room 2
14:00
14:00
210min
Arduino For Total Newbies
Mitch

''Learn Arduino using TV-B-Gone as an example project''



You've probably heard lots about '''Arduino'''. But if you don't know what it is, or how you can use it to do all sorts of cool things, then this fun and easy workshop is for you. As an example project, we'll be creating a '''TV-B-Gone''' remote control out of an '''Arduino''' you can take home with you.

Workshop - E.T.I.
Soldering Workshop Room
14:30
14:30
90min
Regenerative Hacking : Ecosystemic design workshop for rural community hackspaces
Liam Kurmos

Workshop exploring Regenerative design in the context of a rural community art and hackerspace in the small Welsh speaking town of Caernarfon in rural North Wales.

Track 2 Room 2
HIP - Track 2 - Room 2
15:00
15:00
45min
IT Security: a game of counting the negatives, but can we do better?
Mate Soos

In IT security we have been preoccupied with failures, with things that go wrong, and so we count the negatives -- the times when we failed. How about we seriously started counting the positives? More importantly, what if by adding more and more constraints to avoid the holes we have found, we are also removing the positive capacities in the system, thereby hurting our chance of success more than we hurt our chance of failure? In this talk, I will try to highlight how IT security could be done differently, by trying to focus on what goes right, rather than only focusing on what goes wrong, learning from our successes, and reinforcing them, so when next time the storm comes, we will have enough positive slack in the system to withstand the attack.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
15:00
60min
Weaving, Old and New Technology: from Design Concept to Diva Fashion
chris lombardi

Have you ever wondered how fabric is actually woven? In this discussion i will take you along for the journey from initial concept to final wearable product of a high-fashion modern-designed wool scarf. Topics from the chemistry science of fiber and dyeing to the utilization of computer-assisted pattern design will be covered.

Workshop - E.T.I.
HDMI (room 3)
16:00
16:00
55min
50 years of C, the good, the bad and the ugly
Ilja van Sprundel

The C programming language first appeared in 1972 and became enormously popular. It has this magical combination of features that allows developers to quickly write portable code that can be reused and easily ported to different architectures. It has been the foundation of most operating systems and systems programming in the past 50 years.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
17:00
17:00
45min
Quantenverschlüsselung in einer Box
Tobias Schubert, Franz Sitzmann, Charlotte, Kasper Rothaus

Da zukünftige Quantencomputer besonders gut darin sind, klassische Verschlüsselungen zu knacken, werden andere Formen der Schlüsselgenerierung benötigt.
Eine mögliche Lösung ist die Erzeugung von sogenannten Quantenschlüsseln, die eine besondere Eigenheit der Quantenmechanik ausnutzen.
Statt mit einzelnen Photonen werden wir im Workshop einen Schlüssel mit dem extra dafür entwickelten Quantenschlüsselgenerator, kurz Qey-Gen, erzeugen. So kann jeder direkt hands-on das Verfahren ausprobieren und verstehen.

Workshop - E.T.I.
HDMI (room 3)
17:00
30min
What I learned from making an 1836 LED dodecahedron
davedarko

Going through the reasoning and design decisions made while creating pentagon shaped PCBs and a case for a 12 sided platonic solid.

Track 2 Room 2
HIP - Track 2 - Room 2
18:30
18:30
45min
US government demands direct police access to European biometric data
Matthias Monroy

The "Enhanced Border Security Partnership" poses an unprecedented threat to civil liberties in Europe.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
19:00
19:00
120min
Berlin Hack and Tell
ligi

stand up hacking - 8 dynamically allocated Slots(5min presentation + 5min conversation with the audience)
Past hacks here: https://berlinhackandtell.rocks

mainhall stage - c-base
c-base mainhall
19:00
120min
Introduction to C Programming
Leo (he/his) || Janis (she/her) || * (they/them)

In this workshop you will learn C through many hands on exercises of varying difficulty or bring-your-own projects. Everyone will be learning on their own time, the only requirement is motivation! Groups welcome as well, and if you already started a small project I can also provide you a small review and perhaps ideas on how to improve.

The platform will be mostly Linux and UNIX/POSIX (BSD, macOS, Solaris) due to personal experience there, but Windows is possible as well (with a bit more limited help). Alternatively the Windows Subsystem for Linux can be used to develop and target Linux from Windows.

Workshop - E.T.I.
HDMI (room 3)
19:45
19:45
60min
Update on Kubernetes Security in Critical Infrastructure
Thomas Fricke

We summarize howto secure Kubernetes clusters in critical infrastructure and give insights from the machine rooms.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
20:00
20:00
90min
Hacktivism - past, present and future
leon

In this panel, we'll bring current and former hacktivists together to discuss their experiences and their opinions on how this form of activism has evolved through the years and what space it'll have in the future of activism around the world.

Track 2 Room 2
HIP - Track 2 - Room 2
21:00
21:00
45min
Perimeter security is dead, get over it.
mc.fly

I wil talk why perimeter security is no longer a useful security principle, what could replace it and how to migrate

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
22:00
22:00
45min
Pacman can have the cookies and eat the ghosts too
David Runge

A look into present and upcoming binary package repository management tooling for pacman
based distributions such as Arch Linux, which can also be used by individuals
hosting their private repositories.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
23:00
23:00
45min
The train has left the station: Building systems for a +2C world
emerson

Following on from the failure of COP27 and recent events that seem to show that our models underestimated climate sensitivity to CO2 by at least an order of magnitude, it appears that climate chaos is unavoidable. How we build everything from now on will have to have resilience built in at its core, but this is very different to the way we have previously thought about technology. This talk aims to describe some of the problem space and how the presenters experience with disasters and crisis has shaped some of their work in the payments technology space.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
11:30
11:30
45min
Taping out a systolic array with an opensource PDK
Camilo

Introduction to open source PDKs for making custom Asics and the work involved in taping out a small systolic array using only open-source tooling, and also applications to systolic arrays

HIP - Track 1 - Room 5
12:00
12:00
17min
Of someone who went forth to find a flat in Berlin. An automation-drama in three acts — Act 3: In ultimate consequence
Clemens Schöll

Fully automated puppet theater, 17 minutes (starts on demand)
Clemens Schöll, 2020

In the "little automation theater" the story is told of the princess (who wants to move to Berlin after her art studies), Kasperle and the Wohnungsbot (apartment bot - who must realize that there are no technical solutions to social problems). The stage adaptation of the software success!

HDMI (room 3)
12:30
12:30
45min
Takeaways from the crypto-mines
will scott

It is useful to separate the economics and scams that surround cryptocurrencies from the systems being built within their auspices. This talk will provide a survey over the distributed systems and cryptographic advances over the last couple years that you may have missed within the hype.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
13:00
13:00
85min
How my video game project is helping me learn tech and conquer my mental health
yvmqznrm, DarioACG

A few years ago I came up with an idea to help myself that would later develop into a video game project. It has taught me more than I would have expected so far and I would really like to share those things with you!

DISCLAIMER: This talk may touch on some triggering topics. We will give a heads up before mentioning them within the talk so you can choose to leave the room or put some headphones on temporarily. We hope this works for you!

Track 2 Room 2
HIP - Track 2 - Room 2
13:30
13:30
30min
Librevents: “liberating” data from Big Tech
Joseph, Claudio Agosti

Librevent is a browser extension allowing any user to copy and republish (“scrape”) data about events posted on proprietary platforms onto free libre and open source decentralized networks.

For now, Librevents focuses on liberating events data (description, date and time, location) from Facebook onto Mobilizon, an event-management platform alternative part of the Fediverse*.

The intention behind Librevents is to feed alternative ethical platforms like Mobilizon with content, in order to help them counter the “network effect” (users staying on Facebook because the information is only available there). The concept of “data liberation” could later be applied to other types of contents and platforms.

The data we liberate is initially posted as a “public event” by the organizer. We make this data truly “public” and available on free platforms, without violating the organizer’s original intentions.

HIP - Track 1 - Room 5
14:00
14:00
150min
Learn to Solder - Digital Music Synthesis workshop with ArduTouch music synthesizer kit
Mitch

''Learn to solder by making a cool, powerful music synthesizer,
       and learn to generate cool music, sound, and noise! with computer chips -- for total newbies''

Workshop - E.T.I.
Soldering Workshop Room
14:30
14:30
120min
Binary Exploitation Beginner Workshop
Daniel (D_K), Felipe (localo), Nils Ole Timm

This workshop introduces basic concepts of x64 binary exploitation on Linux.

The workshop consists of a collection of increasingly difficult pwn challenges and is accompanied by a presentation and set of slides that first introduce basic concepts and then apply them to those challenges.

Workshop - E.T.I.
HDMI (room 3)
14:30
90min
Finding (state) malware: methods and tools for civil forensic analysis
Viktor, Janik Besendorf, Niclas Schwarzlose

Not only since the Pegasus Project, which exposed the surveillance of numerous activists, journalists and opposition figures by the NSO Group's Pegasus state malware, state malware have posed a threat to the privacy of those affected and their contacts. In order to make such attacks visible and provable, analyses are needed using methods and tools similar to those used by security agencies, but which should be open source and adhere to ethical standards of consensual forensics. In our workshop we want to give an overview of what approaches, methods, and tools are suitable for these analyses to best perform forensic data extraction in a civilian context and present what tools and scripts we have developed ourselves. We all work in civil forensics ourselves and want to share our experiences on what has worked for us and what has not.
The presented tools are of course not only suitable for the search of state malware, but also for any other malware such as stalkerware or ransomware.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
15:00
15:00
60min
Exploring social media reactions to conflicts in 2022
Bi3n3, Sabina

The aim of this talk is to explore public usage of social media and reactions to different hostilities in 2022 utilizing topic modeling and social network analysis.

Track 2 Room 2
HIP - Track 2 - Room 2
16:00
16:00
30min
CubeR - Mondforschung und –Erkundung und modularen Nanorovern
Maximilian von Unwerth, Igork Kolek

Matthias Maurer beschreibt den Mond als unser Sprungbrett zum Mars. Und nicht nur für Missionen zum nächsten Planeten, sondern auch für wesentlich weiter entfernte Ziele, wo nie ein Mensch zuvor gewesen ist, wird es unabdingbar sein, den Mond als Trainingsgelände zu nutzen. Mit Hilfe unserer CubeR soll die Oberfläche des Mondes sowohl für die Wissenschaft als auch für die Industrie zugänglich werden. Unsere nach einem offenen Standard entwickelten Nano-Rover stellen eine Grundlage für die Erforschung der unendlichen Weiten des Weltraums dar.

mainhall stage - c-base
c-base mainhall
16:15
16:15
85min
(mostly) homebrewn metal AM
Klapauzius

A short introduction into sinter based FFF/FDM metal additive manufacturing at home (as far as it can be done)

Track 2 Room 2
HIP - Track 2 - Room 2
16:15
30min
Reviving open-source projects: at the example of OpenTracks
Dennis Guse

Most open-source projects have limit lifetime: at some point in time development stops and the project becomes unmaintained. A lot of projects often do not even reach the stage, where they are used by a critical mass of users.

In this talk, I will go through the steps of continuing an open-source project using my lessons learned from forking Google's MyTracks and crafting it into OpenTracks.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
17:00
17:00
180min
Programming Games in Go for Pretty Much All Platforms
Nadim Kobeissi

Over the past couple of years, I've grown a new hobby of programming retro puzzle games in the Go programming language. This led to my first commercial puzzle adventure game, Dr. Kobushi's Labyrinthine Laboratory, being published on Nintendo Switch while being written fully in Go!

But isn't Go a network applications language? Can you really have fun creating all sorts of games in Go? Not only is the answer a resounding "yes", but you can then easily compile your game to ship it for Windows, Mac (including notarized, Universal apps), Linux, iPhone, Android and even Nintendo Switch!

In this workshop, we'll create a simple arcade game together using Go and the Ebitengine game library for Go. Basic knowledge of the Go programming language is recommended, but not much else!

Workshop - E.T.I.
HDMI (room 3)
17:00
30min
Subdomain takeover, the use after free of the internet
hanemile

Most bug bounty platforms list subdomain takeover as "not in scope", but could it be interesting anyways? Yes! This talk will show you what this kind of problem is and how it can be mitigated at scale (and where it isn't).

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
18:00
18:00
60min
IT Security for Activists
Viktor

The world is getting more digital and activism is as well.
But the world of It security can seem overwhelming and its easy to feel lost and helpless. In this talk I want to present the IT security guidelines that I am developing right now. They are meant to help for activists to find fitting security measures for a given activism project, without being 300 pages long or overly complex. Ideally they empower non technical individuals to protect their data better and make informed decisicions about their personal it security.

Track 2 Room 2
HIP - Track 2 - Room 2
19:00
19:00
40min
Introduction to Reverse Engineering with Frida
jiska

Want to learn reverse engineering? Looking for the tool assisting you in reversing almost everything? With Frida, you can reprogram software during runtime, so-called hooking, and view or change the program logic without source code access.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
19:30
19:30
30min
IKEA & pallet hacks!
Bart

From regular furniture to geodesic domes.
With an extra of: why you shouldn't repair your ceiling for free (and I did it anyway)

Track 2 Room 2
HIP - Track 2 - Room 2
20:00
20:00
60min
Why YOU should write a wayland compositor!
Victoria Brekenfeld

Ever wondered why the Linux Desktop shifts to the Wayland protocol? What exactly makes it "better", how do it's internals exactly work and how YOU could utilize it? I'll give you a quick rundown!

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
20:30
20:30
90min
Designing and making stencils
Marcin

In this workshop I'll walk you through the process of designing and making stencils using a laser/vinyl cutter. Come if you've ever wanted to cover something in paint. No arts skills needed!

Workshop - E.T.I.
HDMI (room 3)
20:45
20:45
30min
Connecting Networks in Global Maker Movements: the Africa Europe Maker Innovation Ecosystem
aprica

We're creating a network of maker networks – very meta indeed. Through this we want to leverage the potential of open hardware for digital innovation, skill building and job creation.

Track 2 Room 2
HIP - Track 2 - Room 2
21:30
21:30
150min
Lightning Talks Day 2
tig3rch3n

Lightning Talks Day 2 -- limited to 15 minutes

Track 2 Room 2
HIP - Track 2 - Room 2
21:30
50min
Zapps and Warping and Forging -- building towards portable, composable un-distros
Eric Myhre

Zapps are a portable packaging format for linux executables that works on every distro, ever -- and indeed, even on FreeBSD. Warpforge is a build sandboxing and package releasing tool based on hashes-go-in-hashes-come-out, hyperfocused on reproducibility and explainability. Both are part of a quest to build a more freely-composable story for how we work with our computers and share our software.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
23:00
23:00
60min
Never Mind the Gigwork - here's the Coffeebots
e-punc

Videorecording of a Sci-Fi Marionette-Theatre-Extravaganza that never happened

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
11:00
11:00
60min
An ontology of hope: cognitive and blind
Theodore Keloglou

We define and explore two versions of hope: blind and cognitive. What's the difference between them and do we need—or can we even have—a version of those? In other words: is there hope for this world?

Track 2 Room 2
HIP - Track 2 - Room 2
12:00
12:00
30min
DNS over CoAP: Securing Name Resolution in the Internet of Things
Martine Lenders

DNS over CoAP is a new Internet protocol that enables constrained IoT devices similar name resolution security as DNS over HTTPS. This talks presents the protocol and discusses its benefits over other DNS solutions.

HIP - Track 1 - Room 5
12:15
12:15
90min
Introduction to the Hare programming language
Drew DeVault

Hare is a new systems programming language for writing free software. This talk will introduce the language and share some of its essential ideas.

Workshop - E.T.I.
HDMI (room 3)
13:00
13:00
60min
Das ist globales Hardware Hacking in Parallel
aprica

Überall auf der Welt arbeiten Menschen in Makerspaces, Hackerspaces, offenen Werkstätten daran, Probleme ihrer Community zu lösen.

HIP - Track 1 - Room 5
13:30
13:30
55min
An Introduction to Scientific Journalism
Janine

The History, State, and Potential of Scientific Journalism, For a More Accountable and Reproducible Media Ecosystem.

Track 2 Room 2
HIP - Track 2 - Room 2
14:00
14:00
90min
LED Strips Everywhere for Everyone!
Mitch

''Learn how to program LED strips.
It's super easy and fun to make your life trippy and beautiful.
For total beginners.''

Workshop - E.T.I.
Soldering Workshop Room
14:30
14:30
60min
Are you old enough to buy this? (Zero-knowledge age restriction with GNU Taler)
oec

Today, age verification in e-commerce implies identity verification, one way or the other. In this talk, we first look at existing solutions for age restriction and their shortcomings. We then present a design for a privacy-friendly method that binds age restriction to the ability to pay (rather than identification) and that is aligned with the principle of subsidiarity. We show how this scheme is integrated with the GNU Taler payment system, making it the first fully privacy-friendly payment system with age restriction.

HIP - Track 1 - Room 5
16:00
16:00
45min
From idea to KiCad & beyond: How to design & build an LED project
Marco

Learn how to easily go from an idea to a professional-looking LED project. Including designing and creating your own PCBs and cases, why this is so much fun, and why all of this is easier than you expect.

HIP - Track 1 - Room 5
16:00
30min
OpenCloudTiles - Free vector maps for all
Michael Kreil

Many websites need interactive maps - be it for directions or interactive data visualisations. Commercial map services are very expensive and problematic from a data privacy perspective, and building your own vector map service often fails due to the very high technical complexity. With OpenCloudTiles, an open stack is being developed that is free of proprietary licences. It was designed from the beginning to be easy to use for beginners as well as flexible for experts. Michael Kreil presents the progress made, the next steps and the problems that still need to be solved.

HDMI (room 3)
16:45
16:45
90min
eduroam - eine Reise durch die Technik hinter der Föderation
Janfred

In diesem Vortrag wollen wir uns einmal auf eine kleine Reise durch die technischen Grundlagen des internationalen Hochschul-WLANs "eduroam" begeben.

Track 2 Room 2
HIP - Track 2 - Room 2
17:00
17:00
60min
"That wasn't me, my phone was hacked!" - Should evidence from phones be permitted in court?
Viktor

Trading of zero day vulnerabilities is still possible and common.
But what does that mean for their judicial admissibility? Can the analysis results of the phone's data be used in court if vulnerabilities for the device are available at Zero day vendors?

mainhall stage - c-base
c-base mainhall
17:00
30min
A beginner's guide to unexpected input 🧨
DysphoricUnicorn

Are you the kind of person who enjoys putting weird stuff into web forms and watching them try to handle that? Would you put yourself on the chaotic side of an alignment chart? Is your reaction to "there be dragons" to invite the dragons in?
In that case, this talk may be for you. I want to explain some of the most common kinds of unexpected input on a level that beginners should be able to understand.

HIP - Track 1 - Room 5
17:30
17:30
120min
Beginners workshop - How to plan & build your own LED project
Marco

Learn how to make LED strips glow and how to plan & build your own LED project!

Workshop - E.T.I.
Soldering Workshop Room
17:45
17:45
60min
B3 - BuntesBugBounty - den Hackerparagraphen Hacken
Little Detritus

Ein Plädoyer für anonyme, niedrigschwellige, rechtssichere und ethische Disclosure Prozesse

Wenn der Bund sagt: “Hack mich!” kann er Sicherheitsforscher:innen danach schlecht mit dem Hackerparagraphen zur Rechenschaft ziehen. Das ist die Kernidee des Bunten Bug Bountys.

Das Melden von Sicherheitslücken und Datenlecks ist in Deutschland aktuell ein riskantes und aufwändiges Unterfangen. Erfahrungsgemäß besteht 60 - 80% des Aufwandes darin, die Lücke und das Datenleck so zu dokumentieren, dass die Sicherheitsforscher:innen juristisch nicht angreifbar sind.
Sowohl von Seiten der EU [1] als auch die Deutsche Bundeswehr [2] gibt es hier bereits etablierte Angebote. Entsprechend haben wir im Rahmen des Cybersicherheitsdialog des BSI [3] im September diesen Jahres das Projekt “B3 - Buntes Bug Bounty” gestartet. Ziel des Projektes ist es einen ethischen, niedrigschwelligen und rechtssicherer Meldeprozess für Sicherheitslücken und Datenlecks zu entwickeln. Im Rahmen des Vortrags soll der aktuelle Stand der Diskussion vorgestellt und zur Teilnahme an der Diskussion eingeladen werden.

[1] https://joinup.ec.europa.eu/collection/eu-fossa-2/about
[2] https://www.bundeswehr.de/de/security-policy
[3] https://www.bsi.bund.de/DE/Themen/Verbraucherinnen-und-Verbraucher/Leistungen-und-Kooperationen/Digitaler-Verbraucherschutz/Projekt-Dialog-fuer-Cyber-Sicherheit/Dialog-fuer-Cyber-Sicherheit_node.html

Track 2 Room 2
HIP - Track 1 - Room 5
18:30
18:30
60min
Understanding Attacks On AI
David (0xdhf)

The field of AI security, or more specifically ML security, is only just developing. Although a growing number of attack types on ML training data, training, models, and deployments have been discovered, there is no agreement on a clear taxonomy yet. In this workshop we will look at different ML attack types and try to come up with a systematization and a mapping to cyber/infosec attack types and tools.

Workshop - E.T.I.
HDMI (room 3)
18:30
60min
abdoccungccecuencen - c-lang, die cprache einer raumstation
nerdbeere

ein vortrag über raumstationslinguistik.
und warum vieles nicht so ist wie es scheint.

mainhall stage - c-base
c-base mainhall
19:00
19:00
60min
No Fuzzer has been there yet: Finding Bugs in Linux Wireless Stacks
Sönke

Everything started with a Python script that helped discover a memory leak in the Linux Bluetooth stack. After expanding it to a rock-solid fuzzer targeting the Linux Bluetooth stack and discovering more bugs, we extend it to Wi-Fi. 💥 BOOM 💥! A heap overflow (CVE-2022-41674) and more severe vulnerabilities that do not require user interaction and also affect Android devices.

HIP - Track 1 - Room 5
19:30
19:30
60min
Impostor Syndrome

70% of all people experience "impostor syndrome" at least once in their life. In this workshop we will explore the phenomenon and the feeling in ourselves and in group setting by discussing and trying out some of the techniques that have been found useful in countering the paralyzing effects.

HDMI (room 3)
20:15
20:15
60min
Lightning Talks Day 3
tig3rch3n

Lightning Talks Day 3 -- limited to 15 minutes

Track 2 Room 2
HIP - Track 2 - Room 2
20:15
60min
Open Source und Cloud Native - Die Zielarchitektur der deutschen Verwaltungscloud
Thomas Fricke

Am 10. November hat der IT Planungsrat das Rahmenwerk für die deutsche Verwaltungscloud beschlossen. Wir schauen uns den Inhalt an und diskutieren die Konsequenzen für die Infrastruktur der IT in den Behörden.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
21:15
21:15
60min
Powerpoint karaoke

Dieser Wettbewerb hat ein einfaches Prinzip: der Vortragende sieht die Folien seiner Präsentation bei Beginn seines Vortrages zum ersten Mal.

HIP - Track 2 - Room 2
21:30
21:30
60min
Aktuelles zur Chatkontrolle
khaleesi, Konstantin Macher (Digitalcourage), Tom Jennissen

Seit Mai 2022 laufen die Verhandlungen über ein umfassendes neues Überwachungsprogramm der Europäischen Union, das als 'Chatkontrolle' bereits zu zweifelhaftem Ruhm gekommen ist. Nach den Plänen der EU-Kommission sollen unter dem Deckmantel des Kinder- und Jugendschutzes künftig Kommunikations- und Hostingdienste, ob verschlüsselt oder nicht, dazu verpflichtet werden sämtliche Inhalte zu durchleuchten und verdächtiges Material und 'Grooming' an eine eng an Europol angebundene zentrale Stelle weiterzuleiten. Das bundesweite Bündnis Chatkontrolle Stoppen! sowie die europäische Kampagne StopScanningMe.eu versuchen diese dystopischen Pläne zu verhindern.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
21:30
90min
Future Proofing my Printer with Reversing
Leo (he/his) || Janis (she/her) || * (they/them)

My printer is only supported through proprietary drivers using a custom CUPS filter to convert PDFs/Images/... into a printer-specific Page Description Language such as PJL or PCL. However, CUPS is to deprecate filter based printer drivers in favor of IPP which every new printer supports. Mine doesn't. However, CUPS/OpenPrinting have designed PAPPL, a library to turn old printer filters/drivers into "Printer Applications". These are self-contained (and thus sandboxable) small daemons that provide an IPP server on localhost for applications to interface with, and spit out the commands necessary to talk to the printer in question. My goal is to write such a printer application for my printer. I havehad no previous knowledge of printing in general and on Linux and UNIX/macOS specifically, so this is taking rather long (and is by no means finished).

HDMI (room 3)
22:00
22:00
50min
Eigenform (live)
Eigenform

Live music set by Eigenform, an electronic music and multimedia project.

mainhall stage - c-base
c-base mainhall
23:00
23:00
90min
Masking Threshold
e-punc

Screening of the horror movie "Masking Threshole" by Johannes Grenzfurthner

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
11:00
11:00
60min
The Mandelbot Ecotech Project and Ancientscan
Scott Beibin

Two projects on different timelines. Future Tech and Ancient Tech! Together at Last!

Track 2 Room 2
HIP - Track 2 - Room 2
12:30
12:30
60min
Weaving, Old and New Technology: from Design Concept to Diva Fashion
chris lombardi

Have you ever wondered how fabric is actually woven? In this discussion i will take you along for the journey from initial concept to final wearable product of a high-fashion modern-designed wool scarf. Topics from the chemistry science of fiber and dyeing to the utilization of computer-assisted pattern design will be covered.

Track 2 Room 2
HIP - Track 2 - Room 2
13:00
13:00
45min
Decentralised social media has a moderation problem
zaxtax

Decentralised social media services after spending decades in obscurity, are finally seeing mainstream adoption. While they offer
the promise of a communication platform without a corporate overlord, they struggle to be a safe place for many users. In this talk, I
explore the ways that decentralised social platforms struggle with moderation and harassment in a way that many previous platforms
didn't. I will explore the ways things like Mastodon struggle to protect its users from harassment, what people are doing there now to mitigate the problem, what past platforms did to address this problem, and possible solutions currently being explored.

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5
13:00
90min
Get started with hacking the badge
gooniesbro

Hacking the badge is not hard, once you get over the initial hump of setting up your system. We will show you a way to ge tup & running in minutes, to unleash your creative hacker powers.

Workshop - E.T.I.
HDMI (room 3)
14:00
14:00
45min
die Physik der Musik
Emilia Lilu Steinhauser

Eine Kunstform und eine Naturwissenschaft. Schwer vereinbare Gegensätze auf den ersten Blick, doch lohnt sich ein zweiter…

Track 2 Room 2
HIP - Track 2 - Room 2
14:30
14:30
60min
What if XSS was a browser bug?
Frederik Braun

Cross-Site Scripting (XSS) is still the most common security issue on the web - with no easy way to be prevented. The talk will provide the necessary background on XSS and where previous approaches failed. Then we will present the Sanitizer API, a new and upcoming browser API that solves this issue.

HIP - Track 1 - Room 5
17:30
17:30
30min
HiP Review & Closing
cven, pandora

Review & Closing done by crew

Theater Hall - E.T.I. (HiP main stage)
HIP - Track 1 - Room 5