In this talk, I will present a new version of my tool Tinfoleak, the most complete OSINT open-source tool for Twitter. I will show real examples of how to exploit the information in social networks for investigative tasks. The goal is to see, what kind of information can be extracted about a person or a location, and the purpose with which it can b…

In this talk you'll be given a very technical overview of DDoS and mitigation techniques; their effectiveness will be evaluated with real-life examples.#NetworkSecurityabout this event: https://c3voc.deCraig

History, relevance and future of penis imagery in culture.A radical way to deter hackers or just a stupid idea.Using your most private key in new and inventive ways.#Society #DeviceSecurityabout this event: https://c3voc.deAnus

Using encryption and onion routing is all fine and dandy, but both can be detected and both can, at the very least, be severely hampered or even be cut off. However, the Internet nowadays is full of services and systems that autonomously, and continuously, send data to users all over the world. These messages or interactions are seen as formalities…

USB connectivity has become ubiquitous. The sheer variety of usb-connected devices— ranging from computers and game consoles to resource-constrained embedded systems— has resulted in a wide variety of vendor-specific protocols and custom USB software stacks. Being able to fuzz, monitor, mitm, or emulate USB can often be a foot in the door for worki…

Although IoT is already embedded in our everyday lives, our security and privacy are sometime left behind for comfort and other reasons, despite the serious impact that IoT vulnerabilities may have on our digital and physical security.Bluetooth Low Energy (BLE), also known as Bluetooth Smart is the most popular protocol used for interfacing IoT and…

TLS can be limiting, OAuth is a (somewhat working) mess.What would happen if we redesigned things from scratch?Fenrir is a federated protocol built with both heavy security and high flexibility in mind, with lots of new and interesting security properties.#NetworkSecurityabout this event: https://c3voc.de…

The SHA2017 Badge overview.#Makingabout this event: https://c3voc.deNiek Blankers, Sebastius

about this event: https://c3voc.deEireann 'bsb' Leverett

The history of cryptography is a history of failures. Stronger ciphers replaced broken ones, to be in turn broken again. Quantum cryptography is offering a hope to end this replacement cycle, for its security premises on the laws of quantum physics and not on limitations of human ingenuity and computing. But, can our nascent quantum technology impl…

We use traceroutes to explore and visualise interconnectedness between devices on the internet (specifically: RIPE Atlas probes). This talk is about exploring the interconnectedness within a country ("are local paths local"), and also about exploring the interconnectedness between hackerspaces.#NetworkSecurityabout this event: https://c3voc.de…

India has rolled out a 'voluntary' biometric ID card to all of its billion-plus citizens. Which is fascinating from a social, technical and fundamental rights perspective. This talk is about both intended and unintended consequences of this grand experiment, with a focus on the (implicit) assumptions we tend to make about technology.#Society #Priva…

Infrastructure talk from Productiehuis, NOC and other interested teams. #Making #Sharing #NetworkSecurityabout this event: https://c3voc.deBix

A summary extraordinaire.#Communityabout this event: https://c3voc.deElger Jonker

What do design flaws, implementation errors, 0days etc. look like in physical locks?#PhysicalSecurity #Softwareabout this event: https://c3voc.deWalter Belgers

The blockchain invention allow us to take our freedom back and save the planet. This talk explains the fundamentals of blockchains, no fluffy talk and no unnecessary details. At the end of the talk you should be able to build your own stateful P2P network. We also demonstrate the Statebox system and some applications.#BlockchainTechabout this event…

Independent observers are noting a decrease in Freedom of speech worldwide. In its 2016 report, Reporter without Borders unveils a "climate of fear and tension combined with increasing control over newsrooms by governments and private-sector interests.", while Amnesty International's report on the State of the World Human Rights states that "2016 w…

A talk outlining the process of turning a personal electronic project into a successful kit business.#Makingabout this event: https://c3voc.deJenny List

The ultimate Hackerspace; From Panopticon-prison to Hackervillage-Castle-compound#Community #Makingabout this event: https://c3voc.dejos weyers, jos

Our vision is to increase transparency behind personalization algorithms. facebook.tracking.exposed, is two things: a web browser add-on that collects the stories visible in your Facebook Newsfeed, and a website that aggregates that data from all the users who have the addon installed.Our mission is to help researchers and users assessing how curre…

In this presentation I will present the cryptographic aspects of a newsecure filesystem called SEF. The goals of this project is to create afilesystem that is secure, robust and easy to understand. The goal of this presentation is two fold. One is to present cryptographic primitive that can be used to design secure filesystems as opposed to the cur…

What kind of work goes into implementing secure services? Service providers have to comply to the law, protect their users, worry about reputation, need to deal with vulnerability management, patch management and above all: business continuity. Researchers and attackers target the infrastructure for their own gain and suppliers have their own go-to…

Neurodiversity is the concept that neurological conditions are variations in the human genome. Therefore Autism, ADHD, and mood- and personality disorders are considered social categories intersecting with other social categories. While "Nerd" is very broadly defined, the number of neurodiverse people within our social group is much higher than in …

Open Networking or "Web scale networking" is the concept where you're no longer tied into a single vendor for a network solution. You're free to choose you're own hardware and software.#NetworkSecurityabout this event: https://c3voc.deAttilla de Groot

This presentation introduces "phishing spam", an open-source Spearphishing Toolkit, and has a surprising ending with an ethical + philosophical twist. This is the kindof story that only comes from the trenches..#Experimentalabout this event: https://c3voc.deMRieback

Helping participants to find the best and most secure tools and configurations to automate acquiring TLS certificates and deploying them to use. Bring your own infra ;)#NetworkSecurityabout this event: https://c3voc.dejoohoi

Off Grid is a different kind of hacking game, and it is fully moddable. The game logic runs on Lua under the hood, and all the computers you hack, whether desktop PCs or IoT devices are their own Lua VMs allowing modders and hackers to create their own LUA hackable devices, hacking tools, and data types. This flexibility allows anyone to model real…

This talk will show and compare different forms of political campaigns during election times, including Free Software tools. Best methods to be used for the different forms of campaigning will be explained in a way for you to pick it up and make it work for your topic. Let's put pressure bottom-up again!#Politicsabout this event: https://c3voc.de…

The Internet isn't global. Only half of the world is connected to the Internet, English is still the largest language in terms of content and knowledge is increasingly privatized either through patented code (owned mostly by Sillicon Valley companies) or via obscure trade agreements pushed by the United States. How is the Internet used in Latin Ame…

The complexity of implementing a policy (law) and related operational and technical procedures to regulate the uses of Trojan by Law Enforcement in a way that protect civil rights while not preventing investigations from going on with the right balance of juridical/technical implementation. #Legal #Politics #Societyabout this event: https://c3voc.d…

This talk is about the collaboration and Responsible Disclosure in a school environment by a high school hacker.#Sharing #Trainingabout this event: https://c3voc.deJurreJelle

about this event: https://c3voc.deEireann 'bsb' Leverett

When designing technologies, networked systems, and measurements on the Internet, we must be aware of their implications and consequences for the society and participants. As engineers, scientists, programmers and other experts, we have moral obligations towards our peers, users of technologies we create, and the wider communities.In this talk I wa…

Information sharing is a key element in detecting security breaches and proactively protecting information systems and infrastructures, but the practical aspect is often forgotten. Alexandre Dulaunoy offers an overview of MISP, a free software tool that supports information-sharing practices among communities, and shares some lessons learned while …

How do we know what good is. Are we creating something worth making? Are we lost in our own dogma? When do we step back and let the smoke clear before getting back to work? Important questions. Let's ask them out loudabout this event: https://c3voc.deBilal Ghalib

This talk will introduce a couple of less well known applications of cryptography. about this event: https://c3voc.deFJW

Legal lecture on Cybercrime for non-legal-experts#Society #Politicsabout this event: https://c3voc.deNoud van Gemert

CVE-2017-2636 is a 7-year old race condition in the Linux kernel that was fixed by Alexander Popov in March, 2017. This vulnerability affected all major Linux distributions. It can be exploited to gain a local privilege escalation. In this presentation Alexander will describe the PoC exploit for CVE-2017-2636. He will explain the effective method o…

This talk demonstrates how to make fake gemstones and related accessories using only a 3D printer and kitchen, as well as various pointers to make your own designs.#Makingabout this event: https://c3voc.de(Com)buster

The idea of how to transform brainwaves in images and sounds is not new, but with the new digital technologies, it becomes more accessible. During this lecture, will be present how to get this impulses from cheap sensors, and process it with free/open source tools.#Making #Sharingabout this event: https://c3voc.de…

In 2012 I released a DES cracking service with Moxie Marlinspike for cracking MSCHAPv2 and quickly started seeing it being used for cracking other things besides MSCHAPv2. In this presentation we'll take a look at some of the research we've done into other widely used protocols and services that still rely on DES for security and provide an quick i…

We can intentionally build and improve the sociotechnical systems of which we are a part, or we can be haphazard in the worlds we create. The things which we personally find fulfilling and useful may not hold true at scale. This talk lays a framework for approaching societal-level change through being scientifically minded and taking active steps t…

Your pentesting goal: getting the data. You decide to do it physically. How to go about?#PhysicalSecurityabout this event: https://c3voc.deWalter Belgers

At the moment of submitting this talk there are 500+ escape rooms in The Netherlands alone. By the time SHA takes place there might be over 600. However, not all rooms are equal, and there is a vast difference in escape room experiences and quality.This talk, presented by an experienced escape room designer, will go in to all the facets of designin…

Capitalist underpinnings of advanced technology development threatens individual agency and the notion of self-defined identity. As we are seen by an increasing number of image capture systems, this session will discuss prospects for the degrees of control do we exert over digital representations of our bodies as vision technology becomes more ubiq…

How does internet influence your life?This lecture will be about my ongoing project Life Needs Internet (2012-2017) which documents digital culture through handwritten letters. Recent letters came from Brazil, China, France, India, Ghana and Papua. All handwritten letters are translated and documented on www.lifeneedsinternet.com. Together these le…

When the Australian media use the word “clusterfuck” in headlines describing a Government data-matching program that’s sending people to debt collectors, you know you have a campaign the community will connect with.Lyndsey Jackson, instigator of Australia’s #notmydebt, introduces the approach behind this collaborative social media campaign, and dis…

Hackefuffel is a small indie game label of 8-bit-heads from Hamburg. In late 2016 we decided to build the (open) retro-gaming console we always wanted...modern hardware, but old scholl spirit, and that's when Hackeboy was born. The first prototype was built at 33c3 and it has come a long way since then. In this talk we'll show you what we've built,…

Many of us are reliant on the digital communication tools and reference platforms that are created by companies. These platforms - some with more users than the population of any country - are controlled by proprietary algorithms, governed through binding Terms of Services (ToS), allow for access to third-party services.This talk will take stock of…

From thieves to prison breaks to secret tools, the murky world of the criminal locksmith is explored. It will not be a practical lesson in theft (sorry).#PhysicalSecurityabout this event: https://c3voc.dehuxleypig