 Okay, thank you everyone. Let's start. So as you probably might have noticed, I'm not Nick Fah. Nick Fah couldn't be here today. But he's in New York City right now and sends greetings to all of you. As you can see, greetings from New York City. I miss you. Yeah, very artistic picture of him wearing a hoodie, actually. Wait, wait. There's even more. So all of you talkers better be aware because he will be watching the streams from Times Square. Okay, for those of you, so let's start. For those of you who don't know what the session is about, the session is about so-called lightning talks, which are very short talks with a duration of five minutes. Every speaker gets five minutes and right afterwards, the next speaker continues. And to make sure that each speaker uses only his five minutes, we have this cool device called the Time Keeper, which is this one, Alex built and constructed it. It's a very cool thing. Big applause for him. So for the speaker to notice that his end is coming, we need the audience to tell him so. So how this works is the following. This thing goes up for the first four minutes, so everything is safe, it's green, goes up and up and up, four minutes passing. And after four minutes, so this is a bit faster now than four minutes, actually. And then when the last minute starts, it turns yellow and fills up the bar with yellow. And then it fills up the bar with red if the last 30 seconds come. And up to this point, we can start with a countdown. Do we know how that works? So we start from 10 and go down. Start from five. Okay, five, four, three, two, one. Yeah, okay. That was okay. I think you can do better because, as you know, Nick is watching and his face would probably look like this now. It actually starts blinking from five seconds on. I think we give it a short retry for the last five seconds. It wasn't that good anyway, so we have to be louder. So five seconds looks like this. Five, four, three, two, one. That was okay, Alex, yes? Nearly, okay. I think we can work on this a bit, but we have a lot of time and a lot of chance to do this. So we have 22 talks. We have lots of time to practice for tomorrow and the day after where the other lightning talk sessions will be. So how does this work? I would like to tell all the speakers that if you know that your talk is going to be next, please sit up front to be able to get up quickly. And then you exchange the clicker, which is this device that allows you to advance the slides yourself from the speaker before you. And then please talk into the mic. You don't have to turn around to see your slides because there will be a screen down there below the stage where you can see your slides. So I think that's it. Oh, okay, there's a translation available. So most of the talks are going to be in English and a German translation is available in the translation stream on the streaming page. Or if you are in the hall right now, you can listen to the translation calling DECT 8014. Then have a great session. Let's start with the first talk. Who was the first speaker? Yeah, there you are. Hello, my name is Leonie Tanza. I'm a PhD research student at the School of Politics, International Relations and Philosophy in Queens. I'm slightly defraud here. I'm not a hacker, as you probably can see. I'm a social scientist. And I'd like to talk about my current PhD research and a specific study I'm conducting, which is the secretization of hacking and hacktivism. And the reason for that is because you're actually looking at the research topic, especially in the field I'm working in, which is international security. And because I've already done research on the prior party and hacktivism and gender stereotypes in the past, my current research project is basically focusing on the issue how hacktivism or hacking has become seen as a security threat. And because I'm very unhappy with the current literature in my research field, which is mainly focusing on hacking as a malicious activity and to a certain extent even arguing hacktivism is a form that also argues that security is like an objective state, either being secure or insecure. I'd like to look into my PhD research if hacking could be seen as a technique or if it could be articulated in the current research field. Hacktivism is a form of political activism. And lastly, if security and that security should be seen as a social construction, which basically goes along with a current theory, which is called sacredization theory, which I'm using in my research. And the basic idea of that theory is basically security issues do not necessarily reflect the objective material circumstances of the world. To give a short explanation on to that is basically immigration issues have in the past been seen as a political issue and have been treated as such. But now with what we see with front-text on the European Union borders is basically that people are treated as a security issue and they're kept from basically being seeking asylum at refugee. The same I would basically apply to the issue of hacking and hacktivism, how it has become seen as a security threat. And as a researcher, my interest is to understand how and why the sacredization process so how you have become seen as a security threat has happened and to identify the effects of it. And so basically the whole thing is what makes a security issue. To investigate this, it's basically the idea to look at the sacredization moves as something has been shifted from a political sphere into security fear where we all run around and we're just checking and are completely frightened about you guys. There must be an audience, basically the public or the media which accepts that you have been perceived or hacktivists or hackers have been perceived as like a security issue and there needs to be a policy which we see with the current legislation processes. My Ph.D. research is split up into three parts whereby there are multiple levels I'm focusing on and also the aspects of resistance. So basically how people who will consider themselves a security threat and therefore I'm basically talking here today to announce my second study whereby I would be interested to talk with people who are being securitized. So the securitizing actors are normally policy level or in this case of hacking and hacktivism, the industries, where they are talking, oh, we need to deal something with the audience accepts that. So the second study is basically looking at how hackers and hacktivists deal with that current climate and therefore I would like to basically make you aware of my call for participants. So there is a link which I will be sending around through Twitter as well where you can find information on what I'm doing, how I'm doing that, I have ethical consent for that and what I'm basically investigating and basically the idea of that short talk should be basically to make you aware of that, to hopefully get some of you participate in an interview with me just spread the news and basically help science and please feel free to contact me and thank you very much. Thank you. Thank you very much. Now for the next talk you may start. Okay, oh, hello. I'm going to talk about the smart card reader. I'm Pepijn de Vos, freelance developer maker. I'll post code and slides and everything on the website later. Okay. On the website later. So I wrote this talk and then wrote on Twitter that I was going to give it and then security researcher contacted me and said we did the research a year ago and we actually found some security issues with the thing so then I updated my talk to include what they found as well. Actually one thing I want to point out is that you talk about things you don't understand because I don't understand anything about smart card readers really, but you get all sort of interesting contact with people and learn a lot. So the talk is also there. This is me and them compared to level of sophistication. They actually found some issues and I was just messing around. I'm going to talk about the identifier too, which is the deadline so for example I had a delivery for a delivery cabel which was from a bank reader from Dutch bank. You insert a card and log in and enter a pin pay. You can do the same with a USB cable which is in theory more secure but now you're having two black boxes and see exchanging binary data which is thing, which looked kind of bad to me. But the security researchers told me that it's this protocol and it's like the transaction counter that's incrementing and it's the most significant bits. So it's probably nothing to see here. Then I looked at the USB protocol because we're tired of typing all the hundred responses and codes. We've looked at Wireshark. You can see here there's all the steps that goes through and inserts the card. It shows your card number in decimal, in hexadecimal, which is kind of a weird representation, but whatever. And there's the signed data that's getting signed by your card and then some display text that's going to display on the screen and you press OK and then it confirms the transaction. So I just want to kind of replay this by USB and change the few bits of text, which you can see here. This is not my, this is like what the researchers found. They used like a Lego robot and machine learning of kind of awesome things. And they found that it's possible to get the signature and confirm the transaction before the user presses OK. So you could like show some things on the screen and just go do the transaction without their consent, which is kind of bad. They told the bank and they really used the firmware upgrade. So if you have this ABN MRO bank, you can tell if you have this vulnerability or not by holding five, inserting your card, if you see this 1.2 version, you are vulnerable and if you see 1.5 or higher, you're fine. Yeah, I think that's it. Thank you. Thank you very much. Now for the next talk. Go on. Can I start? Yeah, so I recently got interested in the genetics of Indo-European languages such as German, Latin, Persian, et cetera. Linguists say that all these share a common ancestor. They call Proto-Indo-European or PIE. It's reconstructed by analyzing similarities between these languages unlikely to arise from your accident or borrowing between neighbor cultures. Similarities that affect the core of a language such as its most basic vocabulary for body parts or its basic grammatical structure. Let's take two languages A and B that in their core share the same words for the same things. Here it's reasonable to assume that these derive from the same Proto words. And if A and B share a lot of such similarities that they derive from the same Proto language. Now in practice, such similarities are often more or less strong. The weaker such similarities, the more question marks we have to put into our Proto word reconstructions. And if there's lots of such question marks, these Proto word reconstructions become doubtful or even the existence of a common Proto language. Luckily, we usually have much larger data sets to track similarities and reducing the weight of individual deviations. Still, we somehow have to explain these deviations. This is usually done by positing certain regular language changes such as all A sounds becoming O sounds in some language or all B sounds becoming P sounds. These changes however need to be regular. They must affect all words borrowed from the Proto language or retained from the Proto language. And if we find for example some word from the Proto language that retains its B sound, then our rule is false and we have to refine it to for example affect only B sounds before A sounds. Now from such reconstructive work, we may derive entire chronologies of steps by which one language into certain order changed into another language. My own current interest in such chronologies of language change affects PIE grammar particles such as the different endings nouns may take with different grammatical cases, gender or number. That is the particles of the nominal inflection or declension. On this topic, I found no online resources that satisfied me. This Wikipedia table for example is as hard to grasp as it is imprecise in regards to the scientific literature. So I decided I wanted to build my own online resources on that topic, the evolution of PIE noun endings. So I got me some of the literature and I tried to draw from that data about the development of noun endings, put that into some XML format that I could then process with some XSLT code into fancy annotated HTML tables. Here is a simplified example of what my XML format currently looks like. There are sets of grammar table elements each of which fits a specific stage in language development. There are elements for different grammatical categories such as case or gender which are to be made into table header cells later on. Intersections of these categories are mapped by paradigm elements to specific noun endings and also to footnotes that describe where in the scientific literature this ending is attested for this language development stage. My XSLT code processes from that something like this. This table in the middle, the colorful table cells are noun endings mapped to specific grammatical cases. If you click on any of these noun endings, you jump to a footnote that tells you where in the literature it is attested or from which earlier language development stage and thereby linked grammar table it is retained into the current one. Now the colors, each color fits a specific noun ending, noun ending form which is mostly to highlight noun ending forms that occur more than once. So for an individual table that may be a bit of a visual overkill but it makes sense once you remember it is all about tracking the changing distribution of these endings throughout the entire chronology of language change so that one could for example jump step by step from an earlier stage to the next one and so on and so on and so on and thereby follow the distribution of these endings like frames of an animation. So if you are interested in these topics, up there is the current state of my beginning work on that on Github. You may also contact me under these addresses. I'd be especially happy to hear from people who have ideas on how to improve such tables or who are actually in contrast to me a bit more knowledgeable about linguistics because I'm just an amateur and may have overseen obvious mistakes or obvious prior art trying to solve the same problems. So and hi Nick Pharr, we all miss you very much. Thank you. Very nice, all keeping in time, very good. So the next talk. Hi, I drew this picture of the Congress. Some of you, how does this work? Okay. Okay. Yeah, some of you might have seen or even bought it because I printed them as posters and I wanted to tell you how I made them. First I sketched it on paper and when I decided that I wanted to change things, I have to save time just made notes on what to digitally alter later like this. Then I traced the entire thing until I had these outlines which I then filled with colors and even more colors, even more colors. Fewer things that I went to point out. The choice of perspective in this is on purpose because with this kind of picture, you don't want a specific focus on anything. The most common kind of perspective these days is the one using a vanishing point where objects in the front appear larger than the ones in the back, which draws attention to the object in the front. So you don't want that. Instead I use an isometric perspective where all the measurements stay the same and where an object is located is only indicated by its placement on the grid. Some other things I pay attention to. You can see that some of my characters basically all look the same. They're all bold and wear the same sweater just in different colors. That leads to an unfortunate effect. Featureless characters are usually read as male. When you got these thick figures and you want to make sure that people know there are other genders, you got to make that clear. In visual art what's not visible is not existing. Same goes for things like race and disability. But you got to be careful there because when you're illustrating and you have like five people and then they wind up looking like that. It's got these token minorities that are themselves offensive and also incredibly lame. I try to avoid that. Another thing about visibility is that it doesn't have to be a realistic percentage. It just has to be visible. So this example of disability in this case, the last time I counted, I might have miscounted, I drew 245 hackers and only six of them are visible, disabled, which is less than a general population. So it's not realistic in that sense. But I guess my point is just if you want something included, you have to show it in visual art. That's the point. And you can find both me and the poster at the No Drama Assembly as well. And Nick, if you send me your home address, I'll send you one. Thank you. Thank you. Okay, the next talk is going to start soon. Yeah, it should work now. Okay. Hi, I'm Swally, I code demos. I want to explain to you a simple effect called the plasma effect that's implemented by using Xenos tables and pseudo-color palettes. An interpretation from me, it's just one way. There's not the effect, it's the family of effects and I'm showing you just one way I did it. So some random notes. Last year I did a talk on why I'm demo coding. No, I'm still going to do how. This is an 8-bit implementation because of what's done on Atari 2600 VCS. What's the fastest way to do calculation is to use lookup tables. We're going to use this one for the sine wave function and for optimizing the pseudo-color palette that's available. This is just an example of what a pseudo-color palette would look like if you just use grayscales. This is not what I have in the hardware. In the hardware, this one, when I would be using NTSC, I'm using PAL. For technical reasons, this color palette got stripped down but I was lucky because the Zikam guys, they are screwed. So I want to optimize this one. For this one, I need a reference. I think the ordering of the colors from the NTSC looks quite nice so I try to replicate this one. I'm doing this by reordering just the colors. This looks like this. And filling in the grayscales with already used colors so I'm just throwing in some frock DNA. So short recap, something is still missing. This is what I started with. And this is where I'm now. But if you take a look at the bottom, this flashing still looks something, it could be improved. So we only have 128 colors there right now. So if we take the columns and all squash them together so it gets bright up to the middle and then gets dark to the end, it would look something like this. And I think this looks quite nice to use. And this is what the original color values are. So this is my Xenus table. I'm using only half of the available values from 00 to 7F because I want to add Xenus values and so I've got the option, I don't have to divide it afterwards by two. So this is what the Xenus looks like. The original one. I'm using two to add them together. One has a higher frequency and the other one has a lower amplitude. And if I add them together, they look something like this. Also looks quite nice. So let's turn it around by 90 degrees. Then it looks like something like this. And now, for each line, we don't use, we don't plot the color on the X position. I don't plot a dot on the X position but we're going to use the lookup table. I introduce for the colors. And then it looks something like this. I think this looks quite nice. This is what would look like with the example color table just using the gray scale. Okay, but I think this one is better. So, and this is what the original implementation on the Atari VCS looked like. I think it really did something. So now let's go to 2D implementation. These are also called the ruster bars because each ruster line, the color changes. Let's go with 2D. This is what I did. There's an example on how it could look like if you just add them in a two-dimensional array. But this looks rather like a moving plane. So to get it more effect-like, I'm going to divide this. I'm making it more blocky. Each color block will be 16 by 16 pixels. And the whole block will be colored by the color that would be used by the top left color of that area. Then it looks something like this. And from here, I have to take a shortcut. I cannot show you the whole implementation on how I did the 2D because I used a different algorithm for this one or different parameter sine waves. But the original implementation looks something like this. Also, I think, quite a nice effect. And to my conclusion, doing a dimmer effect is easier than you might think. Take a look at other stuff, other stuff, port it to other platforms. The Internet is your friend. There's a lot of stuff around there. And fool around just test it and you will surprise how easy it is and how easy it is to make something that looks nice. And even if it's just for some title screen, some logo of your software, your application, you're going to hack up. Try it. It's fun. And if you want to see the full demo, you can visit me at the Lightsteller at the Millie Waze. It's in between the Tirtris and the TARDIS. And if you want to start coding on this very ancient hardware, I'm doing a self-organized workshop on T3. So I sit tomorrow at 2100 in hall 13. So thank you. Just a short announcement. So if you are interested in the slides, most of the talkers have uploaded their slides to the Wiki. So look at the Wiki page of the Lightning Talks and you will find most of the talks. Otherwise, you can contact the speakers because they gave their email addresses. If you are really interested in what has been shown there, just ask them. Go on. Hello. My name is Lutto and I'm going to show you a project of ours, which is called the ASP. Ours is me and Robert Fischer, who looks like that on the Internet, but cannot be here today. So we both went to the same school in Vienna, and there they teach the students in the first year the assembly language just to grasp the basics of computing a little bit better. So for that they used this board, which is basically developed at the school and was like 10 years ago. It's hands-on and works generally really nice, but sometimes it breaks down and just eats up the time of the lessons. So we wanted to fix that. It's called USB master, by the way. So we did that. We moved the whole development process into the browser and basically wrote an emulator and assembler and a nice IDE for the whole thing. So you can see there just an editor and a list of labels to jump to and, of course, a run button. And yeah, some things you can do with it is, for example, just blinking an LED. So you see the assembly dialect is really easy so the students can easily understand what is going on and don't have to memorize complex commands and such. So basically here you see just an LED which is blinking. So you loop and delay. So you loop, turn the LED off, turn the LED on and repeat that. What you also can do here is interrupt. So you have got these two buttons at the button, the gray and the red one. And basically what happens here is we've got a main program with just as nothing. And an interrupt service routine which gets called if you press the button. So if you press the button, the LED just turns on. And another interesting thing we can do is parts with modulation. So in real life, if you turn an LED on and off a bunch of times, basically the LED gets a little bit dimmer, gets a little bit dimmed. And we have simulated that in our implementation. So if you do the exact same thing in our emulator, the LED will be a little bit less light depending on how much of the time it is on and how much time is it off. So you can see that here. And of course, if you write programs, you also need to debug them. So we want to debug it for the thing. What you can see here, normally the two parts which are, the two parts are next to each other, but they ran out of space on the slide. So they're under each other right now. And the whole thing, after we finished it, we put it on GitHub and it's a school project. There's lots and lots of documentation which you can find here and on the website. And maybe we want to take a look at it or maybe even contribute something, give us comments, what you like, what you would like to see in it. And yeah, basically that's it. The website is here. If you want to contact me right now, they're stacked. So if you want to speak to me here, you can just call me if you're a teacher and you want to use that. And there's some feature you are missing or you want to really see in there, just give me a call. And if not, any questions? Yeah, we still have time for questions. So yeah. Yes. Well, it's what architecture is it based on? So basically, the dialect is the same which the teacher came up with like 10 years ago. So I don't really know. We just wanted to replicate what was on the hardware. And it's just, I don't think it is based on anything specific, just to be simple. Anything else? Well then, thank you. Yeah, thank you. And the next speaker, please. Hello, I'm Thorsten and I'm working on something. And I want to talk about why it's important to now participate in political, political education, education against surveillance and what you can do against it. It's been a year and a half. We know from the total surveillance. Total surveillance is the attack on the people's sovereignty. Remember, democracy is the mechanism with which the people's will be implemented. With the total surveillance and the knowledge that the people choose who they trust, who they have to trust and ask them to act in their name. And with the total surveillance, with the knowledge about the secrets and the weaknesses of the politicians and the officials, small groups or foreign powers will succeed to expand the people, expand the people's interests and for their own interests. So that they don't serve the people, but the foreign powers. So that's the situation we know, but we're not quite sure. Our constitution knows some of the instances that should take off such an attack, for example, our secret services, for example, our government, for example, the parliament, our parliament. What I did there, if we look at it, is of course shocking. Our secret services have told us more than that they protect us. They have added the Five Eyes, instead of stopping the data flow right away, since they knew it. They knew it before Snowden. They have worked with XQ Score as well as with our government, since it is being delayed, it is being delayed in Switzerland. And passivity, it was put on public pressure, but in the meantime it was dropped again. And also our parliament has probably set up an NSA research institute, but it also became a laughing stock. So you almost have the impression that our instances that should attack democracy as well as if they have already been corrupted. But there is one thing that should work against it, and that is the people. We should all organize ourselves, and precisely in this case that we have now, we have our freedom rights that we should now need to articulate our choices, to organize ourselves, in order to implement that the measures against total surveillance are met. But there is also a unique passivity. There are hardly any governments in the country that are organizing themselves. And there is a need for action, but here I can't write down the responsibility of a foreign function trigger. Here I have to take my own nose and say, what have I actually done in the next one and a half years? For a year I didn't get my back up, but for a short time I am now there, to engage myself. And I have looked at the surveillance critical scene that is in Germany, which is very manageable. And there are two big layers. One is that we have to say that the solution is in politics. The two layers are actually superfluous. If you look at it closely, there are technologically enthusiastic people who have already developed a lot of interesting solutions with solutions. So technical solutions are actually in the range. But they haven't reached a spread. And especially our office leaders, our subordinates and secret leaders, they still don't use them. And the other layer, so this question of whether these solutions are spread, is of course no longer a technical question. It is the political question that is behind it. And we know that politics is still in the beginning in this question. That is, nothing has been developed yet. Although exactly there the requirements are to set up that these technical solutions that already exist or that can be developed in short time, that they will be obligated to be raised, legally. So the question of this layer is not technology or politics, but technology and politics. And we know technology is sustainable and politics, it is still in the beginning. And that is why, as the birth of the hour for us, we have to engage politically. And therefore it is important that we network. We have to form local groups and for example there is something to do with such a local group, but there is still support. There are many others. What do we do? We have a stand in the Neuse Square. We have set up a German map in which we have applied the local groups. If there is still a local group missing in your region where you want to engage, then we will still come to us and then we will see that we can network and create new local groups . The local groups can be the starting point for interests, for interests who want to engage in monitoring. That has to be built out. And the work can simply start with information, so that you can mobilize demonstrations to the federal government. You can participate in creative action protests. These are all the forms that you can do. So come to us and organize yourself and participate in the development of local groups. One last thing, monitoring is a very abstract concept. You can visualize it through the CAMHAT, a PUP camera, which you can easily build, real slow-tech. With this, you can deliver images that address people and address the media and visualize the protest. And if you want to, come to us. We have brought a lot of material. Bas is now his own camera and makes a small demonstration at the end of the conference. Thank you very much. So, we have a lot of technical angles. Here is the technical one. We fix the network shop. As you just heard, we should all be aware that technical solutions are urgently needed. I'm not quite agreeing that, oh, they are just around the corner. We just have to encrypt. The flying pick news of today might educate some more people on that. Currently, the internet does not serve civil liberal society. We want to serve mass surveillance and war, but instead, that can be used for private communication, for education and for responsible commerce. So, the workshop today where various projects present their angles, their ideas for how to improve or re-architect the internet is happening all day in Hall B. We're currently on lunch break, so you don't have to leave the lightning talks. You can meet hackers from C.G.N.S. You broke the internet last year. Tor, Net2O, I2P, Ethereum, Leap, Tails, Fenrir and more, and you're very welcome to join us. Also, in terms of you wanting to become active, we are all looking for more people to help out. I'm starting a new research team at Inria in France that's there on the map in Rennes, so far away, you know, we are somewhere here, right? And this is a new lab where we're going to develop free software solutions, so all free software to improve network security. In the context of the GnuNet project and the Tala project, we are looking for people to join us, so if you are currently lacking or having the excuse of not being paid to develop free software to improve the world, well, no more. If you have ethics, masters or doctoral degree, systems programming skills, user interface development skills, or something else that you think you can bring to the table, talk to me. We have lots of open positions and I would love to have a strong team to fix the Internet. Thank you. You still have a lot of time, so maybe we can do a quick Q&A. Is there a question? Yeah, over there. Is the stack only focused on security and privacy or are there other things I want to fix about the Net? Security and privacy are the main things, but of course by decentralizing we are also trying to take care of control issues that we have right now, where you have censorship, I would include that into security. So it's a question of what you mean by security and privacy. If you interpret these terms broadly, I think that is really our focus. Performance is not the focus, for example. But usability, for example, would be a focus because we're only going to get good security if you have lots of users. Right? Or you could say it's an availability goal because if you can't use it, it's not available to you. In that sense, interpret these terms broadly and I think this is the scope. This is the first one. There's a question over there? The question is, is this sponsored or also sponsored by the French military? Okay. I was told that the security center is going to be sponsored by 20 positions by the region of Britannia and by 1.5 positions by the French military. So they are somewhere in there. Then I immediately asked, so what do they want? And they said they want better free software to secure their systems. So they did not say, we want you to break into other people's systems or to mass surveillance. And then I said, well, okay, that could be fine. What do you expect from me to do? And they said, just build this GNU-NAT thing and build a better network. And that's fine with me as long as those are the requirements. So yes, there is government sponsorship and it's not even dominant at this point. And I do not know if I'm going to get any of these 1.5 positions from the French military. But the French military is somewhere in there. Okay, thank you very much. Next speaker, please. Hi. I want to talk to you about the Bolts Open Library for Technical Specifications. And where's this thing? Did the previous talker take the clicker with him? No. Did the previous talker still here? Is my clicker gone now? Reset the time, please. So Bolts an Open Library for Technical Specifications and it starts with digital fabrication. 3D printers, CNC, mills and laser cutters are super cool tools because you can basically build parts in almost arbitrary shapes which allow you to build basically anything. And computer aided design is a central ingredient to that process because you always start with a digital model of your design. But even though you can build arbitrary shaped parts using standard parts like nuts, bolts, bearings or profiles it's still a good idea because it allows you to make better, cheaper simpler designs. And there's the problem. There's excellent free and open source CAD software available but it doesn't come with a standard parts library where you can just easily insert standard parts like nuts, bolts and other stuff. Commercial software usually has this available so Bolts is an effort to try to fill this gap. It's a modular system to develop part libraries and it tries to target not only a single but many different CAD systems by leveraging parametric capabilities of the CAD systems to create from one parametric geometry that is specific to the CAD system and a big table with dimensions and parameters for all the different sizes and variations of a part to create from this the standard parts library. It is based on a human readable format for marking up these tables with parameters. It does automatic consistency checks to ensure that the data is somehow usable. We automatically track the license of geometries and data which allows us to build subsets of part libraries that are compatible with certain licenses. We support translations of the parts. Everything is managed in Git which makes it easy to contribute and currently CAD systems are supported OpenSCAD and FreeCAD. OpenSCAD is a scripting language for 3D modeling so you basically program your shapes which is very cool and powerful when you come from a programming background. There will be a lightning talk tomorrow I think about OpenSCAD so if you're interesting look at that. It looks like this it's very simple to use bolds with OpenSCAD. You just include the library and then call a module which is kind of like a function that tells the system to insert in this case a hexagon bold according to Dean 931. If you cannot remember all these names that's not a problem many of the parts you can also refer to by more easily rememberable names like the t-slot extrusion. FreeCAD is closer to the classical CAD software like AutoCAD or Catia and there bolds is included in the GUI so you can select the part you want and the parameters and click a button and there it is. The bolds website also has a nice list of all the parts drawings and all the tables and other information so if this sounds interesting to you I'm happy to talk about it, to discuss it so just drop me an email or contact me anyway I'm around. Check out the website, try it and tell me or tell us what works and what doesn't work you can also happily invite it to help with improving documentation or translation of the parts so at the moment the German translation is quite in good shape but other languages can always profit from more people helping out or by adding more parts to it to make it more useful or by helping with porting that to other CAD systems which should be easily possible so thank you. Thank you. Hi, I'm Marcus and I'm here to talk about information and interaction being combined so let's start with getting interactive a little bit. I would like you to guess how much Germans spend on newspapers every single month. Any idea? Just guess. Give me a number. Okay, let me tell you it's half a billion euro every month. Now let's spotlight the information part a little bit more. Two questions here how do we deal with information and what does it turn us into? Well, when it comes to newspapers or television we usually consume the information and we are doing it most of the times on our own. Now our reaction to consuming the information can be many fold but just three examples we could get angry about the information we could get apocetical, we could get depressed but again we do that when we are on our own so alone. Now if you look up the definition of idiot in its primordial sense it comes actually pretty close to our behavior when we consume and deal with information in the traditional way. How come? Well, I think one reason is that if you consume information it's typically a one way road. So the information channel communicate to us, not with us okay? So to some extent it's dead end. The whole setup of these information channels do not allow us to ask questions, to comment the information to discuss it with other people being interested in the topic which I think is also important to link the information ourselves to other information that is relevant to the topic in a convenient and timely manner. So isn't it nice that we nowadays have other opportunities and new channels available? Well, to some extent it is, but as you might all know, googling things has its own constraints. Some of the more simple constraints are it's time consuming to do the research ourselves and it costs a lot of energy so for many people being in day to day life it's just not affordable. There are other programs you could use I just highlighted two of them here Facebook Wikipedia which have really interesting features to deal with information but at the end of the day they do not really deliver what we need. So in my opinion it's important to get information discussion and action aligned in one single channel. I would like to take the best out of Wikipedia Facebook to supplement it with some additional and important features and create a new information channel. So my intention being here is to meet with talented and ambitious programmers to get this thing rolling and I would be interested in meeting with you outside after my talk. I will also be there at 3 o'clock at the elevator if you turn to the right when you exit this room and let's just discuss how we can get this thing rolling, okay? Thank you very much. You still have some time would you like some questions? Oh yeah, I'm happy to. Anyone has a question? I don't see any questions. Yeah, okay so then we'll just continue with the next talk, thank you very much. My name is Felix and I have just one slide on the right side is some kind of roadmap. I want to get to that in a minute. And on the left side you see a screenshot of the realitybuilder.com website which originally I wanted to show you but I cannot do it because you can only show slides. So what you see is an image of a construction site and on top of that image you see some kind of like augmented reality overlay and you can move around this virtual block with cursor keys here and then you click on make real and it actually gets built for example out of stone. I mean this is of course pre-recorded, this is not live. Well the core idea of this whole thing is that with the click of a mouse button you can change the physical world and another important aspect is that many people at the same time can build a construction collaboratively and the outcome is totally unclear. I think it's it's best not to think too much about if that makes sense or not it's just an experiment and not for the roadmap, there are three stages. There's something we can try today then the next step would be to do this on the Canary Islands and I've lived there for several months this year and last year and there's nice locations, one of them is the CHT hack base in Lanzarote where in Las Palmas we can do it where there's always mild weather make it with big blocks and then in the future I'm in a team with people and we want to build something big in Berlin but now let's get to what we want to do today and there's a session in the parking area today in hall 3 from 3 to 6 and I don't know maybe longer and maybe also tomorrow depends how fast we can set up all this and the idea is to make a low-tech solution we will just stream via Twitch and the channel RB31C3 and put some webcams and film this these Lego bricks 564 of these white bricks and then people can send coordinates and we will build in the coordinates this will take some time to set up and I would be glad if some people could join that know a bit about Twitch because I'm all new to Twitch and also the challenge is to get an audience so that people actually play this so please join offline at the hardware hacking area or online at the channel if you want to reach me I put my Twitter handle there and my telephone number I also have a GSM number here which is 6052 again, don't think too much if that makes sense or not it's really just a test what happens so we would have time for one question does anyone have a question on this project? yes, here what's on your head? on my head it's a panoramic camera I just was thinking I'm going to film my own talk okay we'll have to talk about that probably I just prefer I'm not going to put this online thanks any other questions? those are just the Lego bricks I have actually more they're nicely arranged like this I think it's easier to carry around yeah okay, thank you very much now we have a 15 minute break so if you want to leave for a short time period then you are free to do so and we'll see each other again at two o'clock please sit down, we can start so we are doing the next part of the first lightning talk session now and would the next speaker please come up to the stage? alright the speaker should be there yeah, it is go ahead which one should I press? right is the next slide left is the previous slide hi I'm Dan from CCC Munich and I've been in the IPv6 business for a few years now and I can tell you that we need more and better IPv6 software we need more alternatives that we can use from ideally open source and we need much better quality in this software so I accepted the challenge and designed an IPv6 router advertisement daemon to get used to writing IPv6 software I'm a network guy so I love CLIs therefore I decided to write two programs one daemon for the actual work and one CLI tool for configuring the system so what about the challenges of a modern router advertisement daemon this is an interface on a linux box all the things in red are subject to change during runtime and a router advertisement daemon should be able to handle these changes without breaking any client's connectivity so I ended up with a very dynamic software design I have a unique socket for the CLI a netlink socket to listen to the kernel for interface configuration changes and I have a few raw sockets for sending and receiving ICMP6 packets and raw data I maintained state and configuration data using an in-memory database and I used threads for the actual work today our eight tools come with a couple of ICMP6 options it also features a super easy to use module architecture that allows the implementation of new options in under an hour including the CLI definition given that you have a bit of basic C understandings this is a syntax example demonstrating how to create a new router advertisement on VLAN3000 on Ethernet interface 2 and this is taken from the currently running congress networks net64 configuration so this software is currently running and serving the net64 network this is how monitoring statistics look like I give you a couple of seconds to see it I have been working on this software for a year now and my conclusion is that there are a lot of misunderstandings on how to implement the RFCs maybe I got it wrong or maybe other vendors got it wrong maybe people programming just don't care enough about the RFC documents but we have some issues in other software which is probably also in mind which breaks IPv6 connectivity so this means if we have bad software quality we will lose our connectivity and once IPv4 is gone this is not an option that we have no connectivity so here are my conclusions I prepared a little checklist that may help you to detect non-optimal implementations many implementations cannot advertise admin defined source link layer which is some do not support the ICMP6 RDNS option which means that you have no DNS unless you use DHCP for V6 and without DNS the internet is broken few of them are not state keeping and some of them never heard of de-advertising so as soon as the software stops working for some reason maybe due to a configuration change it does not de-advertise the data so clients lose connectivity which I think is not an option yeah thanks for listening and use more of the NET64 share your experiences it's C3 knock on the twitter or you can use my handle if you want to contact me personally use more bandwidth and use more NET64 thank you next speaker please bitcoin mining anyone wants to talk about that oh there okay the clicker should be on the go ahead okay I'm going to briefly introduce one new service for bitcoin mining pools and the service is it's virgin coins so I'm going to explain what virgin coins are why would anyone want them and how did we actually make it happen okay so what are virgin coins it's basically never spent bitcoin it's bitcoin with no history whatsoever you pay a fee and you also pay the amount of virgin coin you want and give us your address and we will just make sure that the bitcoin is mined directly to your wallet it's very easy but why would anybody actually want virgin coins well the point is that bitcoin doesn't have exactly the best reputation and so there are many people that would like to use bitcoin but are actually afraid of the coins that have some not so great history so for that the coins without any history are probably ideal so you would avoid suspicious sources also you don't want to bother mining yourself as most people probably don't want to mine nowadays and the other thing is that it will definitely have collectible value maybe not now when still new coins are being mined but in the future when the mining stops you won't get any new coins anymore and the extra feature is that when you actually when you request a whole block at the moment it's 25 bitcoin you get to choose your message written in the blockchain and spread all over so now I very briefly describe some technical overview how we actually build it the service is another service on top of mining pool operation it's written in python it heavily uses the asynchronous server client architecture and relies on python twisted here the server creates custom coinbase or block template with the new virgin coin addresses to the coinbase to the miners and the miners do what they always do they mine but they mine for this new coinbase and finally we also need to verify the payments for the service and the success of the mining that coins, well virgin addresses are already in the blockchain and for that we use the normal bitcoin API we also use the BIP32 hierarchical deterministic wallets for generating the addresses the customers can pay us so we will soon going to actually deploy it and test it and find out how much do you want it thank you thank you very much can we please remind all speakers to be ready here at the podium and please return the clicker hello okay please the next speakers please come in front of the podium before your talk starts hello I want to tell you a bit about the fuzzing project I am using linux and free software and I think many of you do too I like my system to be secure and stable and of course you know linux is always secure and all free software projects are always stable because everyone can find bugs and fix them unfortunately at some point I learned that's not always true so I try to do something about it I don't know I mean many of you probably use a command line and may expect that a tool like less strings or file is secure and you can use it on untrusted input but that's not the case all of these tools had bugs recently that are probably security bugs and you can probably be exploited by them so what's fuzzing? fuzzing is very simple you just take some input for some software and then you add some errors to it let's say you take an image file a jpeg just flip some bits or turn some data around or truncate the file and then you feed it into an image parser and if it crashes then you probably have some bug and very often if it crashes it's some kind of memory access issue, memory corruption and that means you probably have a security bug and unfortunately the state of our software is very bad usually the common case is you take a random piece of software you run a fuzzer on it and you will find crashes just within seconds so we have some quite powerful tools to do fuzzing and to find bugs I want to mention two address sanitizer which adds some additional bound checking to your C programs it's part of LLVM and GCC so it's just a compiler flag because sometimes if you have an invalid memory access your program will not always crash sometimes it will just read or write to some invalid memory but still run so you don't detect the bugs and address sanitizer will take care of that and will always eliminate your program if you have an invalid memory access and then there's American Fuzzy Lop which is a very powerful fuzzing tool it adds some compile time instrumentation and can then detect code paths and it will do fuzzing and if it has a fuzzing sample which exposes a lot of code it will use that for further fuzzing this is very powerful and it found already bugs in a lot of important software packages especially for example one of the shell shock variants was found with this tool so yeah these tools are out there and you should use them to find bugs in software and I personally started the fuzzing project which is like mainly it's a web page it's just some kind of loose coordination of which software already was fuzzed by someone and where are open bugs that are not fixed yet and where are no developers available to fix anything there's a tutorial because I really want to tell people if you have some basic understanding of Linux and programming this is not hard this is something it's easy you can do it if you're a software developer and you should do it yeah and my personal goal is at least the easy to find bugs should be wiped out it would really be possible so if you're a software developer use fuzzing as a tool to develop and to find bugs if you want to improve the security of free software also use these tools you can meet me after the lightning talks near the gen2 table and if people are interested I can do a small workshop and show people how to do this that's basically it and if you're interested in this and want to invite me to have a longer talk or some workshop somewhere talk to me maybe we can handle something out thanks let me quickly deal with my drag and drop fail here this belongs to here all right go ahead test first hi to everyone my name is and I am one of the co-founders of food and game based project today I would like to make a small overview of our activities especially in the last year and the plans for the future so page number one who we are we are people from all around the world in food, drink and biohacking you can also think about experimenting coming together having a beer and doing also things which are a bit more specialized we like open source we like consensus collaboration within different hacker spaces and hacker movement around the world in our case we really like to stay within the hacker movement and not to split so far at the moment we are developing the direction of being more like an umbrella for people and organizations who would like to join and work on the project collaborate and yeah staying in the hacker movement very important now what did we accomplish in 2014 at the beginning of the year after 30 C3 we did a hacker tour around Europe which we really enjoyed around 40 hacker spaces both in the west and in the south and the east we can name teching house quest we have been at Brnlap, Novi Sad many places we promoted workshops we have promoted different social dinings things like that getting the community together and another thing which we did for example we started our web page presence in Brnl, nice wicket pages trying to build a forum that's actually for the next year definitely experimenting with gubater the ones who didn't try special project which we are trying to develop in the long term where you can use nice control environment for fermentations very interesting now next year projects we will prepare for CCC camp running and improving our crowdsourcing campaigns which we did several of them we are generally successful but definitely things has to be better we want to push more for the biotech and more I would say really specialized hacking food hacking you can imagine cultivating pure strains using them later on combining for different kind of polycultures there are many things now of course preparation for 32 C3s we want to be permanent active more and more not just on the congresses and camps if you want to learn more about that come downstairs whole age and the code next to you can talk to us you can taste what we are doing you can join our workshops food tasting we are basically open source you know open platform which is funded by the people it will be there now first food hacking base will be basically built this year in the island where I now live with my girlfriend Jejo we have a small fermentation facility we hope to have there also small biolab and hacker space with hacker residency so in the spring we will be basically running for that small crowdsourcing campaign to support that that's one of the kind of examples what we do and building really something in reality because so far we are based all around the world in this case basically we have small facility where we can really put things into the practice in a more easy way so this was the introduction thank you very much for giving me the opportunity to present and I hope to see you around the congress and downstairs when you have time pop in let's talk send me an email ok thank you very much next talk will be up in just like two seconds or something one so this one goes over here and then go ahead hi my name is Georg Stebner this talk will be in German because the platform I speak about is in German currently only so who of you is here on the congress to meet other people and do something with them my hands up for that the congress is there to meet people, to communicate with them and not only to listen to talks but also to really do something and I would like to also present this platform here help is nice its platform where you can share to network and help I just noticed we are here at the last photo this is not so good yes this is the first photo now you have all seen the next one is to the right yes so I would like to with the platform to bring people out of the comfort zone to come out and do something with crowdfunding it has become to get money for projects to realize something help is nice it is not about money but it is about to really do something what does that mean how exactly does it look it is a platform where everyone can set up a project you can say where it is about and there are tasks on the right side you see tasks that you can take over you can click on the button and say ok I take over this task I do such a project consists of a goal a place, a time and the tasks that everyone can take over but actually that is not the most important when it comes to such projects but the most important are the people just like here who can do something with equal sentences and move something together and to form that it is not possible to follow others what does that mean when I get someone a follow I get it when he is setting up a new project but I also get what tasks he takes over in another project and thus it will be much easier to do something with friends or with people that you think is cool or something like that you just see what people do and can do that together with the plan or certainly then participate and I think that brings a smaller hammer in because you already know who is there and what people do and I also know exactly what I have to do and it is just so complex no matter what we do we need more and more people to do something so collaboration is important and what you can already see a similar concept is Github Github is not about code but it is about people to see what they do it is very easy to change code to introduce yourself to do something a little Github for the real world again summarized why it is not helpful to help to share it you can share the project and network and the question is who does what when where and I hope Google Docs that are everywhere for every project you do not get if you do not know there is another Google Doc who has signed up to make it a little wider so that everyone somehow knows there are people who do something and I would like to do something with it you can support me if you are interested to participate in this project it is coded with Meteor and if you want you can join me thank you do something please leave the clicker on the desk next talk please you can start Hi, my name is Rihersche I am going to talk about how you do two factor decryption of your looks encrypted block devices so this is about myself I use full disk encryption on almost all my devices it used to be from earlier but nowadays it is more like a necessity and I hope it is the same with all of you guys and one thing I am most paranoid about is that when I type my passwords anybody can see it or they can interpret from my typing the same passwords for most of the machines because I really have to be careful not to forget the passwords for the full disk encryption I really want to use a two factor decryption when I try to decrypt these looks devices so I try to look around and to find how I can do this one way is to use a USB media as a USB stick to hold the key file and then encrypt and this media should support pin style decryption to enable access to the file or I can also similarly use a VGP smart card and have the same type of decryption but these two seem to be a bit difficult if I have to drive this process through the init ram first when I try to boot the system so what I found is that I can use something called a eubikey so this looks like this it is a USB device it connects like a keyboard what it does is it generates one time passwords it can have our RSA and it can also sorry there is a mistake it can hold an AES key and it can do a challenge response on this AES key so and this project is like in this project we ask for the user for a password so this is the first factor and then we derive a key and now we read a encrypted challenge from the Luke's header and now we decrypt this challenge with a simple XOR and we challenge the eubikey with this challenge and we get the response and this response unlocks your LUX partition so if you're doing it for the first time the flow takes towards the right part it generates a new challenge challenges the eubikey gets the response adds the response as a key to unlock your LUX and then encrypts the challenge stores the challenge in the LUX header and and stores the challenge in the LUX header so a bit of dirty things which we do here are that this is due to the reason of space limitation in the LUX header we only have space where we can tinker around in one of these key slots and this project assumes that we don't use key slots 6 and 7 that's like we give you options to use six key other key slots so in the last slot is where we store the encrypted challenge and the slot before key slot 6 is where we store the key which is actually corresponds to the response you receive from the eubikey and there's always you should also have a backup fast raise which we'll probably have for us 0 to 5 key slots and as always if you want to use this project you should always backup your LUX header before trying it yeah so this is actually not started by me I was just looking around on the internet and I found the first one but that didn't have the two factor authentication I wanted to have so I extended the one in the second one and it hasn't measured yet I have to contact the other to take a pull request and the third one so the first two currently do not support our they don't have much documentation of how to do this in a new RAM FS style boot up and the third one has that but it doesn't have the two factor authentication yeah so these are the things which have to be combined to get a good two factor of your LUX when you boot up your computer thank you thank you very much so the next talk please sensing proximity ah there you are okay so hi guys I'm Sam I'm here with Steven Patrick please get behind the mic so people hear you and our professor sent us here to do a weird experiment this experiment is sensing proximity so what is what does that mean anyway you have phones you have smart phones you have androids you have iPhones you have YOLA phones etc and then there is bluetooth on these phones the newer phones have bluetooth 4.0 bluetooth 4.0 supports bluetooth low energy and bluetooth low energy you can do many cool things you can make tiny beacons that send out a signal every one second this signal can be picked up by these phones in the background using low energy right and so what can you do with this you could make a map and that's what we are trying to do we're trying to make a map we're trying to make different maps a social graph so a map of relationships between people so if you're with a group of friends here you would appear as a cluster on this map and it would be interesting to see also how this cluster changes in time so if you meet new friends here we would theoretically be able to see that you're moving from one cluster to another there are many issues here but I'll go into them later so the beacon is picked up by two phones we get that sent to the server and we have kind of information on the location of this beacon out of the phones because we know the location of the beacon right so we're trying to do this with two apps they are really being overwhelmed by downloads at the moment we did not do any advertisement so it's really crashing our server at the moment but it's good, it's a good thing and we are really learning a lot here so when you download it now you will be uploading the proximity data of beacons around you so any beacons, beacons here in this box here or statically installed in the room will be picked up by this app and will be sent to a server and then collected this will also, the android app will also allow you to share some other data this is interesting because like I said before these clusters that form your friends your new friends they have different properties they have accelerometer data they have battery data, temperature and so you would see in a very noisy room maybe like this one when you all talk you would see like a very noisy cluster and you could assign a color to that noise say red is high noise and green is low noise and these beacons were manufactured by us with a 3D printer bluetooth module, the HM10 that basically you just configure it with AT commands and then it just works it just sends out the signal but it was a real real pain if you want to manufacture 120 beacons you gotta know what you're getting into so this is an example of how the graph will look like and maybe Sid and Patrick who are sitting there are showing you right now a real time graph of around 100 people in this conference right now if you go up closer later you'll see it in detail so issues again scalability we were overwhelmed by the people downloading this app and we had like 30 transactions per second on our tiny little MySQL server so if you can help please help, we need Python skills and MySQL skills the signal is also an interesting thing so when a lot of people are sitting in a room like this the signal propagation changes a lot so that we can see different locations of different phones even though they're at the same place exactly so we are having a discussion later on where we want to talk about this in more detail because we are collecting a lot of data and we don't want to be a data cracker we want your opinions on how to do this in a privacy preserving manner we want to know what feels not right for you and what is the way to go with this we've sort of also setting up a mesh net with the app to transmit the data but that seems to be a bit buggy in the moment so please come to our discussion and we will be giving out free beacons as well so if you want I could just throw this into the audience please be prepared don't die, sorry okay there you go okay thank you very much okay the next speaker please she's coming from there okay this is a service announcement to all speakers please be reminded to stay in the front row before the beginning of your talk it would be nice so that we can have continuous talks here thank you okay hi I'm Emily Hamas and I'm a scientific diver which is kind of a different side of I guess hacking than a lot of you guys are in one of the things I switch one of the problems with scientific diving that you run into a lot is there's a lot of sensor systems that are easy to create and hack and so on I'm trying to go underwater primarily because you have your electronics and you have your sensor so in this case those are my electronics and the sensor has to penetrate the case in order to be in contact with the water but you can't have your electronics get wet and you want to leave it down there for a week or two weeks or a month so it needs to be very watertight and so you also don't want to have a system permanently stuck to your encapsulation method so you need to have a gasket system so you can remove it and in this case the sensor penetrates with a gasket which is the green arrow so how does this gasket allow the device to be watertight basically each one of these screws has a force that goes down on this big plastic sheet and that puts force on the gasket which translates into a squishing into the sensor itself and that pressure causes a tight seal on the sensor system which then allows the device to be watertight for periods of weeks or more um and so why do I have so many screws that's another question that I keep having people ask me well basically I have two gaskets and they have different surface areas so because each one has a different surface area you can't have the same screw put force on each gasket because it will put way too much force on the red gasket and not enough force on the blue gasket to get a seal and in fact you can crack the plastic plate on the top so you have different sets of screws for each case and in this case those are the four screws the red screws correspond to the red gasket and the blue screws correspond to the blue gasket and that's really all I have okay thank you very much we still we still would have time for some questions if you would like so any scuba divers here having questions or non scuba divers could you please get behind the mic and repeat the question sorry what is it measuring and actually in that case it's measuring just temperature sensors are cheap and if it screws up we didn't want to waste a lot of money developing like a pH meter for example because those are very expensive it was more a because I just basically did my scientific diving license this was part of the training because we have to test something that we create and so we chose to do a temperature sensor because we were actually diving in a geothermal vent which is kind of like Yellowstone National Park only under the water near Stromboli which is north of Sicily the north part of Sicily and so temperature is actually important especially because that volcano is erupting right now another question that's not the case then thank you very much for your talk so next speaker please do you recognize your slide all right there he comes from the big row hello everybody my name is Michael Schommer I'm from Stuttgart next slide please the clicker should be on the desk there press the right button wonderful I would like to tell you what I have together with a few friends in this year two conferences are held the prism camp prism camp 1 and 2 we it was a bar camp on the subject of observation scandal that means a bar camp is a self-organized conference here you can come and join and present your own topics and ask your own questions we will do that next year next year on the 10th to 14th October in Stuttgart there will be the no spy conference third conference on the subject come join look discuss change things the title will be politics, society, technology hacking to prevent the surveillance of secret services to engage yourself change things regardless of the result of the first two prism camps have work groups the prism labs and the prism labs do things for example education materials for teachers or flyer, sticker graffiti stencils with our messages something like this sticker no, the NSA is closer to you than this sticker for example or the NSA films you thanks, the NSA is closer to you than this sticker or the NSA films you at the porn I left a few of them unfortunately they are not there yet maybe they will come until Tuesday exactly or what we also do are visits to politicians to sensitize the politicians I was at the Monday at a C.D.U. office in the mayor's meeting and I still didn't get a visit that's okay, thanks I'm really excited it's real, I'm glad this visit to politicians but maybe it really brings something I will talk about it I'll be over tomorrow, on day four I'll be over tomorrow on day four around 10.30 so stand up in hall A a slightly better organized presentation where I'll show you exactly what we do at the prism camps or in the future, it's called a no spy conference and what do we do in the prism labs for things and then I have stickers okay, last seconds so who is still over there tomorrow zettel zettel zettel day four 10.30 stand up hall A the long version of what I just told you and who doesn't have time but also in June in Stuttgart 10.00-14.00 6.00 Stuttgart 3.00 no spy conference it will cost 20 euros like a bar camp in the meantime with care you are all welcome and I'll be over thank you for your attention thank you then we'll go on with the next talk p2p value good morning afternoon p2p value p2p value is a project made up of these partners you can see here and it's funded by the EU and what it's trying to do is to investigate the value that's generated by commons based peer production which is a big term but basically means production of things like linux, wikipedia open street map has been the kind of biggest cases and also the kind of investigation and building of a software platform which would facilitate the kind of relationships that make up those organizations and their work methods so we've kind of defined commons based peer production as it's collaborative production it's got a peer to peer relationship it uses common resources and it's open access and the way we're doing this is basically through this diagram so research which feeds into the analysis and design which goes into the co-creation which is tested and the feedback is gained and this is actually by people by real communities not by researchers or whatever and then that goes again into the research and the whole process goes on so the project was launched officially in Barcelona in the 22nd of January 150 people were there it was involving all of the kind of communities we're looking at so researchers hackers, civic society, policymaking actors etc and one of the first parts of the project was an investigation into the kind of existing groups of commons based peer production but when we tried to do that we couldn't actually find any kind of registry or any place where we could actually find all of these groups so we had to build one so we built this directory which now features over 300 350 commons based peer production groups and as far as we know is the biggest directory anywhere so you can visit that you can explore it, you can download the information there and if you are in a group that is involved in commons based peer production please add yourself to that database as I say anybody can go in there the address is there it's a very straightforward simple interface you just log in and then put in all your data and information and we'll actually be building on this directory this year we'll be hosting two kind of data jams in Barcelona to use better this directory another thing that we're doing we're also hosting a public event calendar so if any commons based peer production groups because again we couldn't find any kind of central calendar of activities of groups that were involved we're hosting that ourselves on the website ptpvalue.eu one of the other things we've discovered is that the kind of communication around open source about commons based peer production is often very very bad so we've been trying to, we've done a set of posters which we hope are user friendly which are explaining for example this is one day in the life of collaborative communities, these are crazy things you can do and here's like a history of commons based peer production communities I've got a few here, I'm not going to throw them into the crowd but if you want some you can come and see me and I can give you some, they will be uploaded onto wiki media, they will be downloadable and they will be editable also so one of the things we've apart from doing the research we've been working on the actual platform itself and we were using Google Wave which became Apache Wave and we've built an API for Wave which is kind of fairly unique it's a decentralized alternative it's compatible with the Google real-time collaborative API and you can see that as an opportunity for building an ecosystem of other CBP apps at the moment it's JavaScript and soon it'll be for Android it's on GitHub if you want to check it out and the most important thing is that we're holding a workshop in London March the 16th and 17th which is basically to gather floss groups that are working on distributed platforms there'll be lightning talks, there'll be show and tell tutorials, there'll be an unconference and there'll be scholarships available so if you are interested in coming please look at that address, ptp-value, second floss, ptp-workshop, thank you thank you very much then we'll have our last talk for this session so please start hello, so we've been hearing a lot about information that was made more available, more accessible via journalism through news organizations and so I want to tell you about how you can join the news nerds bring your skills to journalism how you can apply those skills in this field so first hi, I'm Erika I am based in Philadelphia which is known for things like Rocky and the Liberty Bell but we also have a really active open source community, I got involved through being involved with Drupal we have a very active civic and open data community and that brought me to Night Mozilla Open News it's where I work now, we exist to support the journalism code community, that is the community of news nerds, we support this community in a lot of various ways and one of the first questions that people often ask is what is journalism code so journalism code is some of the code that actually drives a lot of what we access on the web, Django is a web framework that was developed in a small news organization in the middle of nowhere USA Backbone.js came out of a project called document cloud that news organizations use to deal with PDFs and make that information more accessible and these are technologies that are used far beyond what is happening in journalism but were developed within news organizations Journalism code also helps you understand the world, in addition to things like the NSA revelations, there's also projects like this which came out of a hack day that we organized in June which compared maps of disputed territories around the world so who creates this code kind of fun name for that community are news nerds so it's kind of the combination of news journalism not exactly nerd candy but it comes together to be a field of people who have an interest in journalism, they work in news organizations they do work supporting news organizations but they bring development skills technical skills, programming skills to that work so they solve problems through code these are a few particular examples Tabula is a tool that solves the problem of extracting tabular data from PDFs the grid is an example of analyzing metrics data to understand how people use interactives on a website and that's a picture of a little girl playing with an Arduino to figure out when the cicadas were going to come out in and around New York City last year so news nerds also work on really challenging important issues, a secure job is a really important project that's happening to help sources communicate with journalists more securely and there's also a lot of other topics and projects both with international relevance but also things going on in your local community so you can become a news nerd as well how? so getting involved in your local area is a great way to get started this is a map of local journalism hack-related events that open news has sponsored around the world you can definitely see a concentration in a few areas but we're very interested in supporting events that are happening related to this space all over the world there's organizations like HackTackers like the Open Knowledge Foundation data-driven journalism groups that are also doing work in this area and are working in your town you can also learn more on our website source source.opennews.org there are learning guides, there are code repos of journalism-related projects and there's even a job listing site if you're interested in working full-time in the field you can also find journalism-related projects to work on this site lists a lot of GitHub repos that are projects that are being developed in and around news organizations so if you just want to dive right into the code you can do that as well and you can also become a Night Mozilla fellow which is a program that we have where we embed developers, designers people who like solving problems through code with news organizations for 10 months for a paid fellowship and a couple of our former fellows are actually here at the congress and I'd be very happy to talk with you about this opportunity as well so please join the news nerds very happy to talk more there's some contact information there so thanks for your time very much so that concludes today's lightning talk session which was a very interesting session from my point of view and not only did we have a large diversity of topics, we also had every speaker on time so we didn't even have to buzz anyone out which is very great so please give a big hand to all of the talkers also thanks to the awesome translation team which is a very hard job especially in the lightning talk sessions there are so many different topics for translating all these talks into German and then let me quickly announce the sessions tomorrow and the day after that so at the same time in the same room there will be the lightning talk sessions 2 and 3 which are probably full by now so we have the same amount of talks tomorrow and the day after that see you