22nd Chaos Communication Congress (22C3)
Once every year the Chaos Computer Club hosts the Chaos Communication Congress at the Berlin Congress Center and this year, it was the 22C3, I finally managed to go there... at least one of the four days, Friday, the last and shortest day :(
I heard five pretty cool and motivating lectures, "A discussion about modern disc encryption systems" by Jacob Appelbaum, who woke me up on the fact that Germany is one of the few western countries (unlike USA or England), where police cannot force you to hand out the password to your computer, you actually do still have the right to remain silent. This right should motivate any of us to encrypt our hard drives to secure any data that thieves, police or the RIAA ;) should never get. I will check out the system he favored, loop-AES, soon.
"Quantum Entanglement" was another lecture, with interesting aspects about secure Key generation using quantum bits. Unfortunately I was busy eating grandma's awesome herring salad, so I didn't catch all of it.
"Covert Communication in a Dark Network" was held by Oskar Sandberg and Ian Clarke. Clarke started the Freenet project (the peer-to-peer network, not the German Internet provider) in 1999 and proposed a new evolutionary step to make Freenet even more anonymous. Currently anyone logged in to Freenet (or other peer-to-peer networks) is able to do scans on the network to find out who else is participating. A new friends/trust architecture will ensure that in the new version of Freenet (Dark Network) any participant will only see his friends and can also only communicate with them. A Greedy Routing will ensure that still any resource within the net can be reached.
Most impressive to me was the lecture "Bluetooth Hacking - The State of the Art". The Trifinite Group introduced their Bluetooth hacks and tools, old and new ones, and even hacked some mobile phones in the audience, downloaded a picture from one of them. Adam Laurie (aka Major Malfunction) described how he could use a hacked mobile to - from then on - track the carrier.
- he got access to the phone using one of their bluetooth hacks
- he used the phone to send himself a sms, that way he got the phone number
- using the phone number, he signed up for an online phone tracking service and used the hacked phone to send an acknowledgment sms to that service
- now he could see the position of the phone on the online map of the tracking service...
Also impressing was their tool called Car Whisperer which allows to hook up to the bluetooth enabled handsfree set of the car next to you. Once you got in you can listen to any conversation inside the car or even cooler, you can send audio to that car. Did you ever want to tell the car in front of you to get out of your way? Or warn the car behind you that you will slam your breaks if it doesn't get off your bumper? ... awesome stuff.
"Blackberry: call to arms, some provided" was the last lecture, showing how insecure standard blackberry installations are, only that I'm not soo interested in Blackberries, so I forgot most of it already, oh well.