 All right, everybody, apologies for the late start, but Mitch has got a short presentation, so hopefully we'll be able to catch up with the time. The way this works, as soon as I find my timer on my cell phone, every speaker has five minutes from the point where I say, basically, from the point that the next speaker ends, all of the slides are preloaded on my machine. If you have a live demo, the time it takes for you to set up your laptop actually takes away from your time. So the best part about Lightning Talks is if you don't like the one that's on right now, well, there'll be another one in five minutes. There's also audience participation. Everybody is actually scheduled for four minutes, and what each speaker has to do is for that extra minute if they need it, I will ask, call for time. And if you like what the speaker's doing, give a quick round of applause, say yay, woo, woo, and they'll get an extra minute. But if they don't get that, I will start counting down from 10, and I'm gonna go like this, eight, seven, six, five. And when I hit five, that's your job to go, no, no, no, go, you can do that if the talk sucks. That's perfectly allowed. But countdown in the audience, go five. Okay, hopefully you'll get into it a little bit more, but the audience is actually the buzzer when time goes. So we've got a bunch of really great talks slated for today. So without any further ado, let's get this kicked off. Give a huge round of applause for Mitch and Jimmy talking about the hardware hacking area. Time starts now. Great. So it's gonna be a fantastic lightning talk session. So I'm Mitch Altman, this is Jimmy Rogers, and we go all over the world setting up hardware hacking areas, teaching people how to solder and make cool things with electronics. We also set up areas like this every year at Congress, at camp, so that it's a community resource. Anyone who wants to come and make something, fix something, create something, work with others, learn something, they can come here. And it's not just electronics, it's anything you can make. Yeah, and the hardware hacking area, if you've not been there, is one of the most active areas I've seen, just even at four o'clock in the morning, people are taking things apart and soldering and doing all kinds of crazy stuff. Next slide, Link. Yeah, we have a ton of workshops. With any thought. Sorry. There we go. So people actually have a lot of fun. It creates a temporary community and it's all ages, anyone can learn to do this stuff. It's very useful and it's a lot of fun. Look at the smiles on these happy people soldering away. And even kids like four years old, it's no problem to learn this stuff. Another slide. There's lots of cool kits that we brought to teach people who have never soldered or made anything or even sewn a button in their life to complete successfully. These are just some projects. There's another slide with more projects. We've got games, we've got blinkin' lights, we've got noise makers, we've got arduinos, we've got chargers, we've got all sorts of cool things. And we also have a lot of workshops planned. This is one I'm gonna do today at two o'clock for people who don't know Arduino. It's a computer chip platform that is designed for non-geeks to be able to use and learn within an hour and a half. So in a three hour workshop, we're gonna go through all of this, learn to solder, learn to use Arduino, learn to do everything you need to know about electronics. And we'll use a TV be gone as an example because TV be gone is so simple and it's so useful to turn off TVs everywhere you go in public. My co-author for the book I'm writing on how to make cool things with microcontrollers for people who know nothing, made this Geiger counter kit and he'll be doing a workshop on that three times. Today, tomorrow, the next day. Next Nick, Jimmy. I'll be doing a circuit bending workshop sometime tomorrow. The time will be on the wiki. Basically modifying toys and other electronic instruments, effects pedals, et cetera, et cetera, to make them do other crazy things and additional sounds. Make it noise. Yeah, pretty much. So everyone's invited. You can all come and learn to make cool things. I also didn't have a slide here, but we also have a brain, computer interface workshop happening. We have a hacked knitting machine which will be printing out all sorts of cool things including mate cosies. Yeah, the rocket badge folks are down there so whenever you wanna talk to them about some of the more advanced stuff like getting the GCC installed on your computer, et cetera, stuff like that, it's all down there and tons of stuff. Yeah, and this is a picture from Noisebridge the last time I did the Arduino for Total Newbies workshop. Oh, and we're also gonna have some of those little rocket launchers. They're gonna be moved down into the hardware hacking area. So there's like 140 USB rocket launchers that are busted. Somebody donated. Yeah, I think Geek donated here for people to hack on. So we'll have those down there as well so people can come by and grab one. Yeah, so come down and play and next slide is our contact info. You can contact me or Jimmy any time for any reason including if you wanna be talked into quitting your job so you can do something more useful. One minute. Okay. You guys are done? Okay. And by the way, it's a 20 Euro cents for a Nick Far-Head rub. Pay me. Actually Mitch, I did forget to mention one critical thing. Could I get you to come up and demonstrate something? What you're supposed to do and yeah, the next speaker should be getting ready. We've got the general introduction and status update on the development of the freedom box. So take the podium please. One thing, when critical thing I forgot to mention since I don't know the timing of your slides is to say slide with emphasis when I'm supposed to switch slides. So Mitch, demonstrate saying slide with emphasis. Little bit faster. Slide. Little bit less enthusiastic. Slide. Okay, a little bit faster but without as much emphasis as the last time. A little bit louder. Slide. Okay, you've only got two more slides left so let's make this one count. All right, thank you Mitch. Also my screw ups do not take away from your time so no need to worry about that. I will get better at this eventually. So without any further ado, you ready to go? Yep. All right, time starts now. Yeah, thank you Nick. I'd like to introduce you to the idea of the freedom box. I don't know if anybody's heard of the freedom box but it's a social networking solution actually. If you recall how in the days of email we had internet relay chat and listserv there were always multiple providers and later on with instant messaging and ICQ there was more lock-in down to fewer providers and now today what do we have left? We have one provider Facebook and another provider Google. We have a serious situation of oligopolistic power and the solution that we proposed from the Freedom Box Foundation, I should say James Vassil to whom these ideas are to be attributed. The solution would be distributed social networking instead of everybody being on one social network. The general idea is to have user data on user hardware. In 2009 then such hardware became popular. They're called plug computers. They use very, very, very little current so a large number of users could have them on 24 hours a day, seven days a week and have all the data on the user hardware. The operating system would be a Debian and there's at Debian org the best source of information is a mailing list to which you can also see the archives if you don't want to subscribe right away on Debian org the mailing list for the Freedom Box. It's all actually a response of the Debian community and others there are hundreds on the mailing list to a challenge pronounced by a professor of law named Eben Moglin. He's famous for actually his work on pretty good privacy but now he's taken up the idea of equipping a plug computer with Debian software to present a social networking challenge. It would be also based on PGP and a web of trust. There are questions now. Basically it would be Jabber and XMPP. There's work going on to see if Jabber couldn't be developed for the web to serve beyond instant messaging. Monkey Sphere is a question. Buddy Cloud which had a big event at the CCC event last summer is also in the running as is Privoxy. My own particular experience has been with Pagekite which is a service run from Iceland which makes it easy to break through a router or break through a firewall where subscribers might not be expected to be offering content. Internet service providers think of their subscribers as people who are supposed to consume not produce and Pagekite makes it easy to break through that barrier. I have a couple of dream plugs with me which is the hardware anticipated to be used and at the smaller workshop we'll do a demonstration this afternoon of how the dream plug can be set up using Pagekite to get through and show what is now possible. The big remaining issues are certificates, how one Freedom Box can identify it to other Freedom Boxes and of course the big issue of the user interface because the idea is to make this so easy to use for the average consumer. One minute, extend time. The web interface, establishing the web interface is the big challenge. The Freedom Box Foundation won some money from Kickstarter but now we may have to be paying people to develop the web interface. It's such a huge challenge. So I'd be glad to take any questions to know what you're really interested in in the little time I have. 30 seconds. Yeah, Pagekite, P-A-G-E-K-I-T-E. It's like a kite that shows where your page is located. How much does it cost? The dream plug costs $130 and JTAG is maybe another 10 and FedEx from California is $30. All right, good job with that. It's always hard being one of the first people to present in the lightning talks and so next we have how to enter a Linux PC with a manipulated USB device. Ready to go? Oh wow, he's on. Big round of applause for just being like, bam, right there. Thank you. Thank you, Nick. I'm Max Engelsberger from Fatsime University and I'm very glad to be here today speaking in front of this wonderful audience. My topic is about how to enter Linux PC with a manipulated USB device. Slight please, Nick. Oh, and just a quick note. When I screw up like that, the speaker automatically gets another 15 seconds so we'll reset his clock. This project is about security vulnerability which was first discovered by Rafael Dominguez Vega from the MRW Info Security Lab in UK and this was first discovered in May 2011. So shortly after this, the vulnerability was closed so this is definitely not a zero day slide please. On Linux, you have two ways to execute software. You can do this in user space or you can do this in kernel space. If you execute programs in kernel space, you should really know what you do because you can access any memory location you want. Slight please. My touch-up system is a PC running Linux with an unpatched kernel version 2.6.32 and the system has to be configured for dynamic loading of the kernel modules related to the Kayak USB audio interface. Slight please. Here you can see the init module and init function of the driver module which shows in the highlighted line how the product name which came from the USB device and is copied to the sound subsystem. As you can see, this is performed without a length check so the memory which was allocated here is just 80 bytes and if you copy more than or transmit more than 80 bytes from the device, this is no problem here. Slight please. Here you can see a small hardware setup I have done based on an 8-bit microcontroller and it's GPIOs are directly connected to the USB. Slight please. I'm using on the microcontroller and virtual USB stack from Objective Developments in Austria and I fear the possibility to freely configure all the parameters like product ID, vendor ID and of course my device name, Slight please. So I plug in the device and the USB subsystem recognizes hey there's a new device, loads the product, loads the kernel module related to the product ID and reads the very long device name in order to this the kernel freezes and system stops, Slight please. My constraints are you have to have physical access to the system and you need an unpatched kernel version, Slight please. So my conclusions are don't you spend functions calls? Code review is always a good idea and further work for this project could maybe be automated pen tests or educational purposes or scientific research. Slight please. If you want to ask me question or contribute to the system or just give feedback to me please send me an email. Thank you very much. Nice. All right, GNUnit for Network Neutrality. You ready to go? So actually real quickly. I just so that I make sure this is, is this the updated deck that you sent me? Okay, so are you good? Okay, all right. And time starts now. So hello everyone. It's a great pleasure for me to be here today. My name is Matthias Wachs and I'm a member of the GNUNIT project. I'm mainly working on the transport component of our peer-to-peer framework. And since we released our new version some weeks ago, I want to tell you about the latest developments and our vision about how we want to enforce network neutrality and censorship resistance with our framework. Slight please. So basically GNUNIT is free software and is an extensible peer-to-peer framework which you can use to easily develop your vision of a new peer-to-peer application. Our idea we want to give you with GNUNIT is connectivity everywhere without the possibility to limit your traffic or to censor your traffic. So if you want to exchange your information with your body, you should be able to do it anytime, anywhere and with whoever you want. So what does GNUNIT do to realize this vision? So basically GNUNIT has more than one transport protocol we can provide you. So if you have an internet service provider which improves your internet connectivity with techniques like quality of service or traffic shaping, you can just switch to a different transport plugin that is perfectly perhaps giving you a better performance. So we provide you with a TCP, UDP, HTTP and HTTPS. So if your connectivity is somehow limited, you can just switch the plugin. If you have one of these providers who protects you in your private network and uses techniques like network address translation, a proxy or a filter, that's also no problem with GNUNIT because with GNUNIT you have techniques like UMP various natural-versal techniques and we have also a client-only mode where you only use outbound connections. IPv6 is now, how old? I don't know, at least 10 years, but we have many of these internet service providers who still do not support IPv6. So if you have to access one of these fancy websites with IPv6 only hosting your latest government secrets, you should perhaps have a look at the GNUNIT VPN application. The GNUNIT VPN application is giving you address tunneling and no, protocol tunneling and protocol translation. So you get both four over six and six over four and 46 and six to four address translation in a peer-to-peer-based approach. So you don't need an external tunnel broker. Okay, so your ISP is old school? Okay, but what if you don't have any ISP? So with GNUNIT we support mesh networks, so we have an WLAN physical layer transport plugin. And so if you have a little hacking session near the campfire, it's no problem, you and your buddies can connect on Wi-Fi physical layer directly. And if you use our mesh service, if one of your buddies still has internet access, we can route with the mesh service to the internet. So I'm currently working on a new mathematical approach to select always the best transport mechanism for you and to automatically assign the correct amount of bandwidth to all the peers you communicate with. And for this, I'm trying to find a mathematical approach. One minute, extend time. Next. So thank you very much. It was really a huge audience. So you can find more information on our website. So visit GNUNIT.org or just join us. So me and our group on Free Note and the channel GNUNIT or just grab beer with me today in the evening after the talk. And our latest version is out now. So visit our website, download it and give it a try. So thank you. Thank you. All right, webmail with end-to-end PGP encryption. Okay. Visit to Brazil Hacker Culture. Okay, all right, Jens. And so I'm gonna start your time from, yeah, actually take it at the podium. So I'll start your time, pretty much when you get set up on the podium and time starts because when you have to use setup that takes away from your time. So it's to be fair to everybody else who submitted slides in advance. So time starts now. So my name is Jens, but it doesn't matter here. Earlier that month I was in Brazil too because there was an event called Couture Digital.br and I wanted to see the Brazilian hacker spaces. So this is one of the bus which was crowdfunded not by Kickstarter, but another Brazilian crowdfunding platform that drove the hackers from Sao Paulo to Rio de Janeiro to go to that kind of event which was happening at the Museum of Modern Art in Rio. Which happening in the Museum of Modern Art in Rio de Janeiro. This is an area which called the Arena and there was like political people coming to that event and then you got the discussion to debate with these people about open data transparency or these kinds of things. This is one of the reasons why I was also there. You can see there's a difference between culture in here and culture in there. Maybe they're being the same minded people when it comes to hacker spaces, but Brazil have much more have a culture inside of their society. You can see that already with the summer thing, but it's also going into digital culture. This was like the audience. The guy you see from the second from the left is like the former culture minister from Brazil who is very, very famous there. He got really, really good debates on the stage. I skip that. This is the Museum of Modern Art and it's really, really a nice event because they now are starting to get the idea building up hacker spaces. Rio de Janeiro not have yet a hacker space while I can say they're just founding another one. This is one of the robots I've seen there which is very impressive and it tries to get the clash with the technology and the culture change in there and the actual society. This is like the only the entrance. So it was completely for free for the conference. It looks like that. They're recording all the talks and streams them and this is like the posters. Everyone can contribute. Hey, we're doing that event. How do you wanna make our event looks like? So everyone was able to contribute the poster and they published all of these. This is like you can put little paper things and it's flying in the air. Very nice for kids. They have a make-up board and so everyone was like showing what's happening in their town. Brazil is really, really huge so people had to travel a lot in there. That was on stage and of course there was like street music outside playing music. What you can see here is like 50 people playing music and 200 people around it. So it's a completely different feeling to stand there. The evening concert. So I was taking that bus which was crowdfunded for hackers back to Sao Paulo to spend some days in Sao Paulo and there's a hacker space in Sao Paulo which is in the Castle de Couture which is that place. This is a former place which was used in a movie but now they use it in the basement to have a space. It's called the Garua Hacker Space. It's raining there a lot like in Hamburg, like in my town. So they have the umbrella as the sign. This is the reason why this space started because it was like one guy in the university wanted to build his own flipper. The university basically told him, hey, the university is not a good place to do so. So he started a hacker space a year ago. And now it's becoming bigger and bigger and bigger because they got our ideas, they have been on the camp and they really like that. So what I want to say is there's more hacker spaces between US and Europe. You have to watch over the board to also other countries. When you go to look at hackerspaces.org, check out if there is a space, announce yourself on the IRC and you will figure that out. These people was really, really hostile to me. They showed me a lot of things. We partied a lot. One minute call for extension. Like the day I had to drive back, they ordered me a special taxi called Jar Taxi, which has like you can see on the internet, which is his actual position. He has a New York, California, so when you're being in New York, you can call him to catch you up from the airport. He has an iPad in the car and Wi-Fi for free. That's basically it. Thank you very much. And give Yenens an extra special round of applause for actually being adventurous and running slides off his own laptop. Those are great pictures. Okay, Confine, you're up next. And just let me make sure that I got your latest deck. Nope, that's not it. That's definitely not it. That's it. Okay, so hi, my name is Aaron Kaplan. I'm one of the founders of the Funkfeuer Network in Austria. That's roughly equivalent to the Freifunk Networks in Germany. It's the widest community mesh network, covering multiple cities in Austria and covering also all of Vienna essentially and almost extending to Bratislava, which is the next largest capital, quite close to Vienna. So I'm involved with a Confine project. Next slide, please. That's a project, you project consisting of multiple partners, multiple community wireless networks. The Athens wireless network is part of that. That's covering all of Athens, roughly 5,000 mesh nodes. Wireless GIFI net in Barcelona, roughly 14,000 nodes. Maybe by now 15,000 are growing exponentially at the moment. Funkfeuer us, some research institutes and universities, the Fraunhofer Institute, the University of Polytechnic of Catalonia in Barcelona and a few other organizations. So what we're doing in the Confine project, next slide, please, is that we're building sort of a Planet Lab for mesh networks. Quick show of hands, who's familiar with Planet Lab? Okay, just a few. Okay, Planet Lab is essentially a distributed confederated testbed network for mainly researchers trying out new protocols, like let's say peer-to-peer protocols or something like BitTorrent or whatever. So usually a university will contribute one or two servers to the project and it's quite a large confederated test network where each server has multiple slices, so it's a virtualized network, virtualized VMs on each server and there were really many very interesting results from Planet Lab. Now the whole thing is very different if you go to wireless, the wireless layer because wireless is, it doesn't have these nice properties like the cable essentially. You have interference, you have lots of noise, you have lots of crappy stuff that really makes it totally different. So that's one lesson that all the community networks learned, the hardware. Every community wireless network that built a network and was just not theorizing about it, actually learned that layer one is the stuff that really sucks. So we also have these wireless battle mesh events regularly, maybe you have heard about them. That's where the community wireless networks folks meet in Europe every year. The next one is going to be in Greece and you can think of confine as sort of a permanent wireless battle mesh network with on different layers. So layer one would be a virtualized network in a virtual machine, let's say 1000 open WRT instances running in parallel in a virtual network in a server. You can test code there. Second thing would be to have actual hardware connected with coax cables, attenuators, and you can work on Wi-Fi drivers there without having interference. Third level would be the actual test network and for a funkfire we're going to build that in the Alps so we're going to exercise a bit. Will be very good for my tummy. And yeah, so essentially what we're having is the community wireless networks and the R&D institutes, the universities are finally working together there and it's not like the universities are just publishing about wireless mesh stuff and they get it all wrong because they didn't have a real network. That was their problem. They always simulated it in NS2 and the community wireless networks didn't have the scientific backing. So I think. Extend time. Oh, thanks. So I think that's essentially what's going to happen over the next four years. Next slide, please. And we need your input. So in case you're in that field or in case you're into a wireless community networks, mesh networks, R&D, you want to go in that direction, please contact us. Here you find my email address, the confineproject.au website has some background information and that's about it. Thanks. Find myself here. And net sob. Okay, ready to go? So hi everybody. I'm going to talk about an open source project called net sob. Just speak a little louder and more into the microphone. You can actually bring it towards you. So net sob is a framework dedicated to help you in the process of reverse engineering of communication protocols. Next slide, please. So by communication protocols, I mean every interaction. A little bit too close. I mean every interaction we can find between entities. Whether these entities is a binary, a library, process, a kernel module, a device or even a remote entity. Next slide. So there are different needs to do reverse engineering. So as I come from a security company, my main reason to do that is to assess the robustness of proprietary implementation of protocols. But you may also want to simulate traffic in order to test third-party products like IDS or firewalls. Previous slide, please. You may want to analyze traffic for potential information leakage and you also may want to develop an open source version of a proper protocol implementation. Slide, please. So this is a big picture of net sob. It's in five parts. The first part is to do data acquisition. So there are captors and sensors to retrieve data from network or API calls, for example. The heart of net sob is based on grammar and vocabulary in France. And as output, you have the simulation module. You can generate traffic, both client and server. You have the fuzzing part. So you use the simulation part and to do variation on data. And you can export protocol in third to do in the deceptor of Wireshark or SCAPI, for example. Slide, please. So one word on the vocabulary in France. So the goal is to retrieve the message format of protocol, of each message. And it's based on two main, two well-known algorithms in the DNA field. So we have implemented those protocols. The other steps is that net sob provides is a field type identification, the semantic identification. And one thing which is pretty good is that net sob is able to retrieve the file length field and it's associated payload. So you can, for example, retrieve the TCP payload above the IP payload, for example. Slide, please. One word on the grammar in France. So the goal is to retrieve the state machine of the protocol. It's based on two well-known algorithms, although. It's an active process. So you use an implementation of the protocol that you can stimulate and you can retrieve the state and transition between states. Slide, please. So this is a screenshot of the interface of net sob. Slide, please. So it's licensed under the GPL v3 license. It's developed notably as part of a CESIS. And it's sponsored by Amosys and Superlake, which are a French company and an engineer school. So this is our website, net sob.org, and we will release a Debian package in the next days. So I hope you will enjoy it. Thanks. All right, and with one minute and 42 seconds left, that's a record for today. Do we have harvesting boarding passes? Harvesting boarding passes? Okay, web FWD. Web FWD. Okay, so Opset top 10, Ultra Mega Man. Are you here? Okay, awesome, sweet. That one just worked. Can you hear me? Closer. This is good? Yeah, good? Okay, thanks. And yeah, this was scheduled for 13, 20, no. 35? 1335, yeah. So give him a round of applause for actually doing what I told him to do and showing up 15 minutes early. Because that's the funny thing about lightning talks is that you never know. I mean, I think last year we had five people in a row skip out on their presentations after they confirmed over email. And while I'm taking this break, you can submit a lightning talk. We have many, many slots open for tomorrow for the Pechakucha round, and we still have some slots open for day four. If you specifically requested day four and sent me an email about it, I skipped over your email. I probably didn't have a chance to reply to it, but I will include you on day four if you've emailed me already. The instructions for submitting a lightning talk are on the wiki. If you just go to events.ccc.de slash congress slash 2011 slash wiki slash lightning underscore talks, you will be able to find the page where you have the tiny little form. Send in your slides, keep your abstract short. And if you want to participate in the Pechakucha round, you can get an extra whole one and two thirds minutes. And it's also really fun. It's a format that's taking off that the Congress decided they wanted to do this year. And I thought, hey, why don't we try it? But without any further ado, Ultra Mega Man, you ready to go? Yeah. Awesome. Let's get this started. Time starts now. Hi, I'm Paul. I'm from Canada. I'm a security consultant. My interests include cryptography, civil liberties, remote code execution, and scotch. I'm here to talk to you about OPSEC as my top 10 list of things everyone should do. Should be quick and funny. My motivation for this talk is that in Canada, there's a bill in our parliament to allow the police to warrantlessly wiretap our cell phones and internet connections. I believe everyone should be prepared for this by knowing how to protect their data. Slide. Number 10, and to end encryption. We live in a surveillance society. This tech should be everyone's first countermeasure. Slide. Number nine, full disencryption. If your gadget gets stolen or seized, make sure they can't read your data. Number eight, oh, slide. Number eight, wipe your device. Even better than having your encrypted data stolen, not having your data stolen. Jake and Moxie aren't the only ones, but they're probably the best documented cases. Slide. Number seven, don't log chat. If your stuff gets seized and the feds get your logs, your friends are gonna be pissed. Slide. Number six, stop snitching. If you're an informant for the government or military turning in your friends, I hope your body shows up in a landfill. Next slide. Use Tor. The strong legal support behind running a Tor exit means that a suspicious traffic leaves your IP. It was Tor. Next slide. Don't host in America. I'm pretty sure I don't have to tell a roomful of Europeans about this. Slide. Number three, don't use closed source. Between the intentional back doors and the accidental bugs, I don't think you can trust it. Slide. Number two, prevent evil maid attacks. Biosuit kits exist. They're hard to detect. And the government pays five to six figures for them. Do the math. And the number one thing that everyone should do is don't fuck Swedish women. Oh. There's more? Yeah. Just next slide. Because I have a bit of time, I'd like to mention my favorite political prisoner. Byron Saund was arrested before the G20 in Toronto in 2010. He's the only person still left in the legal system. He's being punished by the state for embarrassing the police and the security apparatus. His trial is a grim precedent for all of us that would poke at holes in security system and support them that we all stand with him. Thanks. Did you realize that you had two minutes and 11 seconds left? That was, that was, wow. Woo! Second round of applause for that. Okay, yeah. Just send me an email. We'll postpone. It's okay. All right. Yeah, send me an email. Yeah? Yeah. And just say. Yeah. Day four, yep. That's fine. Yeah, just send me, no problem. Okay. Trojans? Hello? Oh, sorry. Okay. Did you, did you send me slides or no? Yes, I did. Okay. That's okay. We'll handle it. That's cool. This is the one for 1340. All right, and since we're a little bit ahead of time, how about, how do you guys feel about a quick stretch break? Quick stretch break? Get up, get up. Let's get all those bottles to fall right now so that doesn't happen during the talk. Yep. Yeah, cause lightning talks are intense. You know, that's a lot of information and not a lot of time. Gonna stretch it out a little bit. Also, we are going to be switching languages. So the next two talks are in German. So I should probably figure out what, yeah, I don't know how to feel about that. So, yeah, and this would also give a time. You know, only two talks in German. There will be no live translation because that would be probably next year. Actually, the people who are doing live translation of the German events this year are doing a really great job. And I think they deserve a round of applause. But in the meantime, I should probably figure out what the German word for slide is. Huh? It's just slide. Just slide. Oh, you're just going to do, just going to say slide? I'm curious now, though. What is the German word? I'm trying to learn German here. Mr. Fulia. Fulia? Did I get that kind of right? Fulia? Okay. Fulia. Fulia. Fulia. Fulia. Fulia. Okay, I think we'll just stick with slide. How about that? Okay, you ready to go? Okay, audience, you guys ready to go? All right, time starts now. Okay. Hello, my name is Jens Stromba. And when I saw this year what our government is doing with the government, it made me very angry. And then I started to deal with it. What can you actually do against it? And then I started to deal with it. On what basis are actually such measures being used at all? Slide, please. The point is that there are different laws that regulate that, like, for example, here, for example, telecommunications surveillance, how such measures are actually taken and how the specific administrative procedures in the government are. And you can practice relatively much criticism on it. I want to take it very briefly here. You can see here on the left, a first rule circle, where in that sense a measure is practically applied and where there is actually a legal procedure. In practice, this legal procedure is not lived effectively today. That is, a large part of the measure is simply approved without the right to check. That's the first big problem. Then, when such a measure is approved, it is carried out. We have seen that in the state of Troyana that it is relatively poorly technically implemented. Then there is another big problem. Basically, all the employees of a TKU measure are, for example, to report in detail. That's why it's important for these employees, that is, we as citizens, if we are informed about it, that we have been arrested, if we don't keep it right, we can also be politically active to defend ourselves against such things. Today, however, the fact is that in two-thirds of all expected connections there is absolutely no notification of employees taking place and in the absence of this notification we can then also not be against it. For this reason, I am of the opinion, Sleitlis, that in the basic law, you have to remove this monitoring measure on every floor. In the basic law, it is the private fair. I understand that, or the basic law, that phones are not heard, that there is no residential surveillance, that the post is not monitored, that the PC is not monitored. These things are already determined in the basic law. In recent years, there have been changes in the basic law, to allow these monitoring measures to be made. In the Pirate Party, I have started an initiative to remove these corresponding measures in the basic law, which allows it to be removed. Sleitlis, last slide. Here we see the link. I would like to ask all the Pirates to deal with it and to support this initiative. And otherwise, all the others who are interested in the topic, I am always happy to receive feedback and encouragement. Thank you. And you have two minutes left. Do we have a second microphone for questions? Okay, would you like to take questions real quick with your last two minutes? Yes, yes. Any questions? Maybe you should repeat that in German in case they didn't get it the first time. Questions? Exactly, if anyone has any questions. Okay, give them a round of applause. All right, do we have the Pirate Party talk? And did you guys submit slides? Or do you have background picture? Background picture? Okay, today? Okay. Securix, Securix. Do you want to take the microphone? Was that basic democratic? Come on, don't do that. I have the internets. Yes, very nice, ladies and gentlemen, dear president. Do we have a second handheld? Second what? A second handheld microphone. Or are you guys okay like this? Oh yeah, if you're fine with it, that's cool. Flexible, yeah. And since... I wanted to introduce you to the audience. God, that's complicated. The speaker list, okay. Ladies and gentlemen, dear... What? Can we? Yeah, if you guys are ready to go, everybody's good, audience is ready. We're all ready, time starts. Actually, I'm just waiting for 1340 so we can get exactly back on time. Time starts now. Okay, that's exactly what the president means. My name is Alexander Moorlank. I'm a pirate and I've been a member of the board of directors and I belong to the... About a third of the party of the Pirate Party, which has a CCC background, which is the Pirate Coordination with CCC background. The person here is Plätzchen. Plätzchen is our boss, our admin. And we're going to talk a bit about the machine room of the board. Plätzchen. Yeah. So my name is Plätzchen, but actually I'm Philipp Brechler. I somehow became an admin of the board. I do the job exactly one day after the election because we needed something. We now have a website, an LDAP, a functional webmailer system and calendar and so on. Now we get our own server room in the AGH, which is over-dimensioned. And now we need your help, because we thought it would be nice to have a wiki system, a media wiki, but to document and make machine readability of the board, we need something else and decided for a RedMind system to come out of the software development. We've adjusted it a bit and now we're looking for people who can help us to adapt. So someone who can program Ruby. And the same goes for RedPrice. We also need a bit of help. But that's not really a lot, and probably someone can do that quickly. And we actually have a budget for you to do that, because we want to support the open source development. And why do we want to do that and how? That's what Alex is saying now. Okay, you actually wanted to talk about the technology, right? How much technology can I tell your name? Yeah, that we have a bank backup. So we even make backups. Anyway, there are various things. We're doing this with this RedMind. We're actually trying to operate with modern means, a faction in a really old system. And there are a few things that have fallen off. The troubles, the failures. So we use Isapad to write our protocols. We finally need my LDAP connection for Isapad or Isapad Lite. We need an external server server, but it can't be applied that somehow 5,000 people don't download this server and we can't write any more protocols, so we can't publicize it anymore. We would like to have an Isapad Lite integration into RedMind. If I have a wiki or a pad, and it's separated, it's completely stupid. I would like to work collaboratively on these things. We need a collaborative mind mapping. We have a Doodle in the RedMind. That's great, if someone wants to run their own Doodle. But the thing has to be able to compare with the calendar server and talk cold. We need a document administration that goes beyond the layout of documents and is not made for office forces, but for nerds. We need an idea of decision tracking where we are in a position, an idea of the creation of a working group, the first entry into the wiki, the discussion of the mailing list, the process through the Liquid Feedback with the appropriate application for the fraction or the fraction collection, order in the cluster, cluster project, excise references to the excise reading and then the process through the parliament to track. So that you can see at one point where the thing has been, who wrote something about it, who thought about it, what if we want to recycle the one who wants to recycle can make sense. We need an Anything to Structure Data Connector because a lot of people put things into the web. These are some PDFs, these are some grueling websites that have to be scraped, there has to be an RSS feed, there has to be an ICS. And very, very important, we need to visualize all this dry waste. So that you can start something with it. That's the mood, that's the progress, that's the direction. And we said to ourselves, we'll take an Extended Time. Yes, wonderful. We have a budget and we will write out all these projects next to strengthen the open source development also in the area of parliamentary tools. Thank you very much for your attention. One more sentence. And we have a mailing list server under list.piratenfraktionminusberlin.de There is a list called IT. If you want to work with it, you can register there, then we can communicate. Thank you, bye. You actually have one question in 20 seconds left. No, that's not it. But we want to get our own tools in the right direction. We want to talk to the IT department, because they say we get along very well and they also have a lot of ideas, but they also need a parliamentary arm because they can't decide anything themselves. So that means we would like that for us and then we could see that we get that for the rest. Round of applause. Okay, social swarm, are you guys ready to go? And did I get new slides from you or are you ready to go? Okay, let me see. You realize I was on stage a half an hour ago, right? Let's see. Okay, that's the correct deck. All right. And for those of you playing along at home, shockingly, we are actually four minutes ahead of schedule. The social swarm talk is on the schedule for 1350. I'm not going to kill a whole four minutes, but I do want to say that I have plenty of slots open for tomorrow for the Pecha Kucha round. You can even email me as you're watching this talk right now with your 20 slide deck. And of course, day four, there are probably still some slots left. I answer all the emails in the order that I receive them. Day four is a pretty popular talk, so if you want to get one in, I would recommend doing that as quickly as possible. Or adjusting your slides to the Pecha Kucha format, which will probably result in brand new levels of lightning talk hilarity. That's what I'm counting on, lots and lots of humor. So are you guys ready to go? Everybody? Okay. And then I believe coming up at two o'clock we're just going to take a quick ten-minute break. But we've got Tinkerforge Bricks, Fats Latest Hits, Hacking a Trains Intercom, which I actually hope is here. And even if he's not, I'm going to play the video he sent me. Anyway, Code Hero, Queer Geeks panel, lots of other stuff. But without any further ado, round of applause. We'll start your time when it ends. Go. Hi, we are Reena Tangens and Leena Simon from Social Swarm. We do this talk in English because this is an international project, despite we both speak German usually. Well, next slide please. We all know Facebook is evil because depending on big corporations who give a shit about laws, privacy or any issues that concern us and you all know it's central data storage and the corporations have access to it. There is the danger of manipulation because Facebook knows it all and users are not the customers. They are the products being sold. We all know this. Facebook is evil but most people here even use it anyway. Boycott seems futile. Slide please. The problem is there's one other really important feature about Facebook. It's awesome. It really does a lot of good stuff and people can connect and that's why all the non-nerds use it very much and it really works in getting people wanting to use it and that's the reason why boycotting it doesn't really work as well because I don't want to live in a world where 80% of the people can be manipulated easily through social networks. Slide please. So far there has been a lot of ideas how to solve the problem. There was for example the Facebook day. We had the suicide machine where you could erase your Facebook profile. There was a huge donations when Diaz Borra launched the project and we have plenty of other alternative projects software projects or things like the freedom boxes where people put a lot of hard work to getting ideas how we can solve the Facebook problem. This year the Facebook was awarded with a big brother award and we are having more and more mostly negative headlines about Facebook and the media. Slide. Well what is the idea of the social swarm? We want to go somewhere nicer and we want to do it together and this means we want to reunite forces. We want to form a think tank with all the other projects. We don't want just to program one new project but we want to connect them and our goals are free software open standards to connect. We want end-to-end encryption we want decentral data storage and we want alternative funding. This means do not trade your data for free access we want to create a hype we want to make it cool to change somewhere else and to work on a new project and we want to have the cake and eat it too. We want to have real privacy and we want to connect. Next slide. So now it's your turn where we did our short version of the talk. It's your turn. You can come to the workshops and join the mailing list and you can visit our website. The workshops are there's one to they are both today. One is at quarter to four downstairs in the basement in the huge workshop room A3 and the other one the first one is about the strategy and mostly campaigning and the second one is about technical stuff it's a little more nerdy extend time and it's at the sea base at eight o'clock. With social swarm, thank you. Thanks. Coming up, Tinker Forge Bricks, is that correct? Yes. And then just double check this is the deck, is this the correct deck? Yes. Also another thing you don't have to add the please with the slide you can just say slide and that's it and then after this talk we're going to have a break and we will return back at ten after two right after this talk this last talk before the break if you have a talk coming up give me just a quick second to head out come back in, we'll take care of everything and without any further ado Tinker Forge Bricks, you ready to go? Alright, just say slide and your time starts now. Okay, thank you. My name is Alexander Schremer and I want to talk to you about Tinker Forge Bricks The mic is too... Okay, Tinker Forge Bricks no, I didn't say slide Sorry, that was the audience. 15 more seconds for you. It is an open source hardware building block project and everything here is open source or open hardware license on a CERN open hardware license and it was started by two friends of mine slide please. So electronics can be exhausting for example microcontroller programming can be very hard if you get timing problems or size problems your code doesn't fit in there or if you want to debug a breadboard like on the lower left then you might hit the wrong wires or connect them and end up with something which is very tedious to debug or if you want to solder you need to read complex data sheets if you want to make a new circuit so in the end to end up with such complex projects you need to do a lot of things and you need to learn a lot but sometimes you only want to program, you want to make something and that's where Tinker Forge Bricks come into play. Slide please. So the idea is to have to have bricks like in the upper middle part of the picture these bricks can be combined into a stack and then you can connect other things to these bricks so let's have an example slide please. Here we have a motor driver connected to a motor and a power supply unit and now imagine that this motor driver is connected to a computer and this computer is running some small program like two lines of code and these two lines of code and C-sharp, Python, Java whatever and control it so you actually need a connection to the system to the computer. Slide please. So you can also add a rotary poti here to control the motor more more complexly and this would add maybe one line of code in your piece of code. Slide please. You can also stack these bricks and then you end up with more complex systems and why would we want to do so? Slide please. We combine these bricks together on two sides and these could talk on a wireless connection which is a derivative of ZigBee, it's called Chibi and so you connect the left stack to the computer and turn the poti, the program is running on the computer and then it controls the second stack here in the room. So this is one simple idea of this whole concept. Slide please. More information is available on www.tingoforch.org or send an email to me I can also demo the stuff, I'm in the hack center at the MonMine table, I have a few bricks and biglets with me and if you want to order some there's a rebate code here, it gives you 5% of and I asked my friends to give out this code to get more traction maybe, to get more interest. It's only valid from January 1st. Thank you for your attention. You have a minute and 37 seconds left for questions and I think you have a question right there. Question, is it open hardware? Is it open hardware? Yes, it's open hardware as in certain license so you can get more information about and the layout files and stuff. Another question? Okay great, one last round of applause. And now we're going to head into a 10 minute break so we will see you back here at 10 after 2. Check, check, check, okay great. And we're back, we have two live demos. Yeah, you should just do a quick check. Can we check the sound off the laptop? Okay, we've got two live demos coming up. One from Code Hero, one from FatLab and then we're going to get right back into the schedule so without any further ado take it away. Let me just start the time and then you know basically just a quick introduction of how this works. Each speaker has five minutes but at the four minute mark we go to the audience and I say extend time. If you like it, applaud real quickly and he can get the last minute. And then when you've got 10 seconds left I go like this 8, 7, 6 and then at 5 your time is up so without any further ado Alex, Code Hero, take it away, time starts now. Yo dawg, I heard you like games and hacking. So I made you a game that teaches you how to make games so you can hack the Gibson's entire stack and so you can make games that teach us to hack the planet. See, we've been in the news lately for this thing called Code Hero and it is a game that teaches you how to make games so you can hack the Gibson's stack and hack the planet. What do we mean by the stack? Well, not just surface like oh you're going to teach kitty programming, no this is not logo, this is the whole stack. And secondly, what do you mean by planet hacking? Well we don't mean just raising your fists in the air, we mean hacking the planet all the way from the bottom to the top, the way civilization works. So I won the video game. They think oh video games, these are safe to give to my children. The first code hack they learn is they're learning to code. They enter game bridge unity versity and they're given a door by Ada Lovelace who says I'm the enchantress of numbers and the language is the land you can learn unity script for games and javascript for web apps. So they start with games because they want to blow stuff up. Hello world is not that exciting. And they get into transform position hacking level and they see okay this is x, y, z and the way I used to teach this so I'd say okay here's your z and then we do backwards and negative y, negative z, etc. But it's just not a scalable teaching method so instead in the level they get a code gun and they aim at the target and the code they have is y minus equals 4 and when they shoot it hits the object and y is the reference to the object that they hit and bam it evals javascript in real time in the game engine. Bam the object moves down, they get the gold star. That's how code hero works. This is your code gun. There are fizz bosses at every challenge that you learn that you have to master the concept. Fizz boss is the dumbers 1 to 100 turn into 100 evil robots you got to beat. And the challenge is a briefing you get and what you are told is your mission may seem impossible but impossible is what coders do and that's what you're learning how to do. You go through the door, you fight the robots, you get victory, you earn entry to the hall of heroes you're there as a peer not as a fanboy. And ultimately your real test is to ship something and the final boss is ship boss because real artists ship and you actually there's a real pirate ship in the game where you have to ship your game and you're taught how to do that. And the whole point is that this is the reverse rabbit hole. First they brought them into the world of code so we could bring them out of the world of code so they become a maker and actually feel they've made something. That's planet hack number one, make everybody a maker with unity so they can create their own games and we're creating a platform called primer where those games that people make will be able to teach all the things that need teaching and that's what I'm asking you people in the audience with all of your skills and brilliance to do afterwards. With this we then go to another rabbit hole we say well you know that's all well and good but what about the web? So first then we teach them web hacking so they learn to make these web apps and there's in-game web browsers it's not a browser game it has a browser in it but that's not enough because there's something behind the browser where does the code run? Actually just stop real one quick second your sound's kind of clipping out can you just step back just do a quick sound check? So where does the code run? Well it runs on servers and all that code is running on virtual machines which we use VNC and SSH sessions to pipe the player into so when they play this game they break into a backtrack and a virtual topology of networks that they're learning to hack the whole Linux all the way down and their first mission is you know break into a login system go through a door you guys have all seen Armitage I don't need to show you this video for most of you but if you want to watch it it's basically Mudge said hey kids do you like hacking? do you want to fight China? I'm not hacking the Gibson in the movies but it's a real Metasploit visual front end that does red team collaborative hacking so we give them tools like this to give them an intro into the world of code and how it actually works so the point of game bridge is if you look up in the sky there's all the stars they're actually the cities of the earth and we're telling them don't just play the game go to hacker spaces so planet hack number two meet at Unityversity which is our word for the universal college that is every hacker space we invite them to come to the space to teach each other and what they do is we get these like six and seven year old girls with their cute little skull mittens learning video game programming and teaching adults because they've been learning it and they go back to regular school and they look sad and they say teacher why can't this be a hacker space so suddenly we're going to hack into their entire school system by hacking the future one minute extend time we create maker hoods we have a maker hood that's not just hacker spaces it's hacker quarters where you live and you go to school the hacker space becomes a place to live a place to go to school hack the future is an example of the school we have Al Alcorn invented video games teaching next to a 12 year old who made 40 video games already and this is growing our power level is reaching over 9000 actually about 900 but we are being excellent to each other and our goals are simple teach each other to hack the Gibson by learning game code learning web code learning Linux so we can hack the planet ship something and make an entire maker hood we have billboards all over the cities where these are being told to people hack yourself, hack the planet, hack the future and what we're leading towards is a world where Code Hero is just a gateway drug into maker hoods so if you want to learn more about Code Hero we have a Kickstarter we just launched and it is primerlabs.com makerhoods.com thank you very much hack the planet wow there will be a live demo at Berlin if you want to see it again one more round of applause for Alex that was a really awesome demo and do we have fat labs okay you're good alright live demo number two okay and also just so you guys know live demos if you decide to do one your setup time your setup time is taken off of your time and you will be able to send in their slides in advance so we are going to start the clock right now might check real quick whoops it's kind of tall hi I'm Geraldine and I'm from Fat Lab I'm one of the almost 22 fellows that we are already we are celebrating this year our fifth anniversary already so probably next year we're going to do some trouble about it so I'm going to show you the last projects that we have done and this is the Googler which was made by Andy and basically it's like a dildo that pings when your browser pings Google so yeah this is very useful we have the project of our speedfellow Aram he made art with that sketchy art2d2 spyware that you Germans do to spy people in the world you can go to Cafe Morgan and see this code that was printing in fast I think with the whole reverse engineer code for the art2d2 thing so it's that easy to turn code into art and now it's your turn to make your own artwork and it's especially worthy doing this when you find I don't know a very beautiful code or maybe you find code which is very fucked up like this code we have the QR code generator that Golan Levin that it's our latest new fellow did so you can just generate some stencils for graffiti in the street your QR codes he made these cobalt codes based on that application you can download obviously from fat and then we make this project for Occupy we recruit a gift army we ask people to send us their protest gifts then we create a little code that you can add into your web page to protest from your browser not even your couch and we really took to the next level I don't know couch activism concept then we make these service once we have all these gifts that we recruit and people started like adding to their sites which were like more than 700 we gave them these service so you can force Occupy any website on the internet that you want so you can put like on Bloomberg on Goldman Sachs or whatever your protest your gift protest you can use plugin that you can just Occupy with a 99% and see how many people were protest and you could be in protest mode or in peaceful mode most lots of the screenshots we got from the people that actually put the protest in their website which as I said were more than 700 then it was our force Occupy plugin was also in the TEPCO one minute extend time ok we did all of that and also we have a new documentary that was on PBS but we don't have time to see it so you will have to see it in your house and yeah that's about it ok you got 31 seconds but yeah I guess we are in the internet can you use your protest widget for other things too yeah you can use it for instance I didn't show it but we did an exhibition so we use all the people that put their we use all the website that put this code to show them an exhibition we curate with some hackers and like some artists and other people that make internet art so yeah you can use it the code is in github so if you want to use it for force Occupy other things another thing you can do is show a video and our sound our audio angel big round of applause for these angels that are helping me do this thing right now because I could not do it without them and so he's got a video that he's going to be playing with his as a part of his lightning talk which is another thing you can do we have plenty of open room especially tomorrow for the Pechakucha round there are still some slots open on day 4 so get your entries in the email address is 28c3 at nickfarhnicarr.org and you can find all can I talk and do this at the same time and you can find all information on how to apply for a lightning talk on the wiki under the article lightning talks so that any further ado now you're going to do the talk first then video we'll tell you when to play okay and you've got the timing right because you've got 5 minutes okay so first quick introduction in Belgium we have the SNCB the railway company and this year they strike already 22 times so travelers of course aren't happy so that's why we decided to react and since I'm a hacker I reacted on the hacker way there's no audio but it's subtitled we didn't figure out you have to push the big red button so now it goes like so thanks we have 50,000 views and this is just Flanders so it's a really small area of the world and the subtitles in English are only on there since yesterday so like one minute later there was another broadcast from the conductive saying please ignore the previous message it was not from the NMVS we are tracking the guy down right now they didn't find me so why could we do this because the railway company for almost all their locks they use this generic square key that you can just get off eBay for $2 so the strike was on Thursday and we posted the video on Friday and Sunday I got a call from newsblood it's one of the major newspapers in Flanders and the next day so that was Christmas day and they send the photographer and the next day we had almost a full page interview in one of the biggest newspapers or not one of the biggest but one of the major and then was some small local TV station played it in the news the radio tried to get an interview but I was on my way here so so this is what you get if you use lame keys for security and the railway company they stated that they are still investigating or doubting if they will file a complaint but yeah the deputy on booth offers you a free beer at least it's stated by someone so thanks so I hope you enjoyed it and thank you and just so that you know all links will be available online on the wiki article lightning talks as well as information on how to apply for talks but since we're running a little bit slow on time we've got Willow and Jimmy who are going to be talking about the queer geeks panel so without any further ado go so my name is Jimmy Rogers and this is Willow Blue Mitch Altman couldn't be here because he's currently running a Arduino workshop in the hardware hacking area that's completely packed so it's actually kind of nice to have a break but tonight we are having in room A04 it's downstairs in the basement just to the right queer geeks panel so that's for everyone who's gay, bi transgendered whatever or just interested in queer issues and specifically talking about them in the hacker community in the hacker scene how that relates to pretty much everybody there it's a very welcoming environment and we'll be talking about our experiences with these things yeah so you don't have to be gay or queer to show up you can just really like rainbow dash or not that's cool too so it's in room A04 in the basement tonight at oh it's not on here but it's at 9 o'clock and then afterwards there is a meet up for queer geeks and naughty nerds which is a local Berlin thing at I know, I know speaking to the microphone please sorry I'm trying to unlock my phone and my passcode I've entered it incorrectly 5 times so anyways yeah it's a future yes future silver I can tell you in about 30 seconds anyways you can find it on the internet I trust your your foo so that should be about it any questions I guess okay and yeah and Nick Farr head rubs are still only 20 cents okay you're done you're done alright thank you Jimmy and ignore that last message alright and we're running a little bit behind so we're just gonna get it started right away would you mind pushing to day 4 I thought you were kidding okay then why don't we go to so I asked him before to open it with Eddie over reader because I have the malicious JavaScript code inside is the is the grep for python talk here grep for there's much to find in python and securing servers privacy policy for four providers are you still here okay you're ready to go okay well then I really don't want to install it I really don't want to do this I'm gonna is it here at the BCC okay yeah we'll do that okay I'm sorry yeah I really would rather not install don't be a reader but in the meantime so the grep python talk is not in attendance okay is there anybody here that has a quick lightning talk that they would just want to do right now while the computer is being fetched anybody nothing on their computer well just to kill time if you'll permit me I have a presentation that I actually gave at the meta lab so it's not totally appropriate for here but it is for an ongoing project of mine which I would not normally do just let me find it I'm going to breeze through this and maybe I should have the other Harold Angel time me just to make sure I usually breeze through this and this was originally given at the meta lab a hacker space in Austria but I figure while we're waiting just to kill time keep the things going oh you already started me okay alright well I guess and it's a silent lightning talk so so yes it is also possible to do silent lightning talks if you'd like and now we're going to get the video set up and I think we're perhaps even back on time because right after this presentation yep right after this presentation we will have we have securing the servers privacy policy providers and I believe they're going to be using the rest of the time in the room to do a workshop afterwards is that correct okay great so nothing further do ready? go so hi maybe you know no no my computer fucked up yeah great yeah that's why you should submit your pds nights before what I knew we were going to have a screw-up and a live demo today I knew it as well and therefore you know I'm actually halfway tempted to give you some time to screw up with the last minute me not having what you asked me for should I is that okay yeah okay I'm pretty sure in future years people are going to use that as a strategy how can I make a complicated enough request that's not too complicated to get Nick to screw up so that if I screw up I have time to fix it I probably shouldn't have said that should I if somebody wants to do a lightning talk about fixing screw ups fast I think that would be amazing can I get my best jokes from the audience in the front row it's all about misdirection yes it is all about misdirection and this is about restarting lightning fast I don't know if you can see them but there's some really cute photos here in the lower left-hand corner of his desktop yeah whatever I do it in this way so I start now you know maybe latech beamer a really cool tool to make presentations and usually you have this slide on the presentation and the problem of latech beamer is that adobe has no good presentation mode so you see it from powerpoint and all this stuff and yeah this is my attempt to create a good presentation mode for it so you configure your computer to this resolution you configure the project to have this resolution and you do it like this that you put it on a specific position then you see only this thing on the presentation and all the other only on my laptop that's what I tried when my computer fucked up yeah great and the thing is then you can use the rest of the page to show the next slide to show your presentation mode and even to show what you see in the bottom corner to count your time and this is done in javascript so you see it here down here it counts my time the total time it counts from this page it gets read because I'm a little too slow and you have other cool stuff like click per minute ratios and slide per minute ratios and you have some a field here in the top over there where you have all the pages and then you can go back because the problem is that the adobe pages which are in the pdf are not the pages you see here if afterwards somebody asks can you please go to slide 3 back then you can just click here and go to slide 3 which is not necessarily the adobe page 3 and one great addition you have in this thing too is you can do your talk you can just go to the first page unclick the count time and then you can review how long it took you to take this slide so for example on this slide I took I waited 33 seconds this everything can be exported of course so you have a summary here which just opens the javascript console then and then you have here this in text to have it for all slides and what you can do is you can go to your lathech code and write the frame time into your frame so just beneath begin frame you make frame time and then you put the seconds in and then you have for all the slides the time you have for this slide only and it counts down the slide only this slide the timer and it gets only for you have a really fine grain modification in the power point thing so I think this is not the end because I have ideas how this can be improved further so because when you have this presentation so this is one pdf and you come to another computer I mean you have to configure the other computer in this way which is really hard and it only works on linux this great what I have in mind is to have something where you have only this one as a pdf and then you have the other windows so controlling the adobe window and controlling another evans window or another adobe window which shows the next slide which you can have on your computer so and therefore I want to write this in this way so if you want to help me contact me you can just google for me you will find it real hackers will find it yeah this one and yeah that's it we will be really good in recovering because of our mutual mess up okay securing the servers you're up do you want to use your laptop for the presentation or should you go through the slides that you sent me and then do your workshop oh yeah that's probably best so how many people here are thinking about submitting a lightning talk for day three or day four got one two three okay you know I'm going to be pushing this really hard for the next two days so in tomorrow's lightning talks we have a lightning talk about dead drops an interesting x509 talk we have something from the hacker fleet and there's probably lots more in my email that I will get to shortly so ready to go okay and then you have a roughly 15 minutes for your workshop afterwards if you are absolutely desperate for finding workshop time we have a lightning talks we use the little tiny break there to give people a chance to do workshops and we will be doing that tomorrow and the day after the rocket badge people are probably going to be doing a workshop after lightning talks in here tomorrow and the last day we have Mitch doing a workshop on mental health issues so without any further ado you guys ready to go yeah last one do you have an additional question you sure? okay don't forget to it's bad to talk too far away from the microphone and then sometimes it's even worse when you talk way too close to the microphone so find an appropriate distance we'll signal you and take it away so hello chaos we are a group of system administrators that started to talk about how to care about our users and about the safety of our users and we put together a kind of checklist for everybody to understand how to run servers and care about the users and it is for system administrators, for users and also for everybody but we will explain in detail yeah so this is not sorry this is not just about running servers it's about primarily about running servers with their focus on privacy and secure setups and things like this so the problem we started with basically is that we've realized that many users cannot or should not trust their hosting or communication providers like ISPs and not ISPs only but mostly hosting yeah hosting and communication providers like yeah we know what this is especially commercial ones make claims on privacy and security which they cannot keep which you often find out in terms of data leaks or whatever and often anonymous access to services is not available on these terms so we need to we want to find a better way to manage this and why do we want to do that because we want to use the awareness of privacy issues and we want to make users able to choose their providers based on some more concrete information and information that they understand and also we want to increase the solidarity between groups and people who maintain but also people who use services because we think that we need to we need to we need to repression to leaks when it comes to defending ourselves and our community we also think that to have such a checklist is good for compatibility for connecting different projects and to ensuring that we have such a checklist as we do a checklist it's providing more security just because people can be aware and after they think that they have done everything they can check if something is missing from their setup so how do we get there we started by defining a set of standards that are easily understood with admins and users and we provided some we want to provide some examples for best practice how do we set up my server so that they are privacy enhanced secure and things like this and we want to provide a modular system which can be adapted to needs of different organizations and we want to provide a system which is just hosting providers but also other providers for internet services projects can announce and attach their talents to the policy so everybody who takes part in it can say we are doing this and we have like this privacy enhanced policy and they can use it as kind of advertisement and you can see on all slides the website address and you can read the whole document there and one minute, extend time so please contribute to the best practices document please make suggestions for the next version and please contact us on the address that you find on the website and basically this was what we wanted to give us a lightning talk I can give you more information soon because now we have I guess we have around 30 minutes right we have around 30 minutes in the room Closer to 15 for a break so we have around 15 minutes we actually have 5 come on so that's the end of your presentation and now you have 15 minutes for your workshop but the lightning talks are now over and they are going to have because of the last talk they get the opportunity to do workshop thank you so much for coming we have Pecha Kucha coming up on day 2 and the final round of lightning talks tomorrow so thank you again huge round of applause for all the lightning talks and for the upcoming workshop thank you