 So I hope all of you are here for lightning talks Because we've canceled them and we're now having the all kirls all the time show. I'm just kidding Kirls has been organizing all the speakers including the lightning talks And keeping everything running and in fact all of the angels have been doing a fantastic job keeping the things running So I try and do lightning talks when I can I apologize again that Nick far as in here I think he's on the other side of the river But I'll take over because I love lightning talks and I love seeing people talk about all the crazy projects They're working on whether they're artistic or technical or social or just plain weird That's that's the fun of the lightning talks. So I guess the first talk Rabouf are you here? Yeah, okay fantastic. So our first talk is gonna be from Rabouf and is a shot 2017 game review. So come on up here and get set up And I'll keep chatting with them while you do that. So did everyone sleep well? Yeah, I'm surprised. It was pretty noisy at least by my tent and is everybody looking forward to the end of camp No, of course not. Yeah, exactly final day. You don't have to go home, but you can't stay here, right? So all right first talk. All right. Thank you very much And so all of you got a really awesome batch and I made a little game for the batch So maybe a quick show of hands. Did anyone here play the game? Okay, so a couple of you that that's really great So I'll just show you what the game looks like and then tell you a little bit about the internals and what we saw happen during the event When you started the game you received the fragments and You were told to share this fragment with other other people on the field So you got a color and you could only share with people with the same color So if you share you were asked, do you want to receive or do you want to send? If you want to receive you were shown a receive code if you want to send you had to type in the receiver address Well after such an exchange you had more fragments and when you had 25 fragments you won the game And so congratulations and the price was that the leds would which would flash in your team color would then flash But also sparkle So how does it work internally? So first thing is how did you get assigned a color? Well, your color was based on your MAC address. So the last byte of your MAC address modulo 6 determined your color How did you get your first fragments? Well, the first fragment was just downloaded from the internet of the Wi-Fi and again based on your MAC address Next step of the game was how to share the fragments and the sharing was actually completely peer-to-peer So if you were the receiver Your batch would be a Wi-Fi access point If you were the sender the batch would connect to the Wi-Fi access point of the receiver and the fragments would be sent So every once in a while you would see a gamer then a caller and then the receive codes and in your Wi-Fi access points list So that was pretty cool because I mean, you know, it works Wi-Fi is not always stable. You could still play the game Final step of the game. How did winning work? This was actually pretty neat. So the fragments were actually Cryptographic fragments in a Shamir Shamir shared secret thing And so it was actually if you had 25 say fragments you could decode the original secrets and Then you could use the Wi-Fi to get your price bit with secrets. So that was fun So some statistics I put to go in game online on late at day zero and I think we saw the first normal win on day three and On day four when I prepared the slides We saw 700 people who actually downloaded and started the game and already something like a hundred wins So that was really pretty cool Now, of course, we are at the heck of camp. So there's not just the game There's also the meta game people will try to act the game. Well, of course they did and I tried to make it a little bit harder for them by Obfuscating the code fit by minifier. Nothing too fancy, but Oh and well the game opened on day zero I saw the first people like trying some stuff on day one and the first successful reverse engineering was on day two so well done So most people attacked the game by just seeing how the fragments were the initial fragments were downloaded Actually, I thought of that My original plan was to have a Wi-Fi physical thing which would give you the initial fragment based on your MAC address That didn't happen due to heart failure and I'm really glad it didn't happen Because this made the game much more playable for the normal players. So that's been a good accident So what kind of responses did I get from the players? Things like oh my god, I'm yellow and everyone I see is blue Or everyone is yellow Or everyone is red. So actually like it was pretty evenly distributed, but low sample sizes will get you in the butt Other than that it's been really cool to see people like finding other people and cheering if they're in the same color And I actually spoke to a number of people said, okay, we wouldn't have met if it weren't for the game So that's really really fun all in all people seem to have been having a really good time So that's what we were going for So I have a couple of people to thank First of all the batch team The batch has been a huge volunteer effort. It's been amazing to see like the the hardware the software but also like the rallies getting the 3,600 packages ready for all the visitors that's been amazing I'd like to thank all the players all the angels which make the event possible And of course all of you guys So I think I have some time So what would be fun is let's purpose the code so you can get the Code from my Github page that's remove slash shout to that as the sifting game After I made it to our shit. I'll do it after talk. Sorry I'll make it public have fun play with it Make another game for your next hacker event. It's been a really good experience. Thank you for that very much. Thanks again to There we go. All right. Thanks again to review and next up. We've got beta 4 some more gaming I believe this talk is about hacking the light infrastructure that everyone see the Shah 2017 light installation and then a changed color to the Italian flag I believe So This will be a presentation about that adventure So Hey, everyone, I'm beta 4 and this talk is about how a group of hackers from the Italian embassy Hacked the life the light infrastructure here at the camp. So first things first Credits because this is a collaborative effort from a group of hackers. So thanks everyone and So how we do started basically the Italian embassy is a village here at the campus is the tent and in front of us they put a nice sign saying in the shot 2017 with RGB LEDs all around the letters and it basically started as a joke One of us said a really be cool if we could hack the sign to show the colors of the Italian flag and It is actually dangerous to give good ideas to hackers because we start a grouping together and actually doing it So, how did we do it? We had a look at the sign behind there was a box with an Arduino light controller and an internet cable running all the way through a dating flow and The cable fortunately for us run very close to the Italian embassy. So we started Thinking about doing many to be the latac. We brought the cable inside the embassy connected the switch and We start as niffing packets, of course After Basically the protocol is DMX which makes sense it's made for stage lights and everything and every 20 milliseconds the UDP packets were sent to many IP addresses because each letter has its own IP address Okay, but as you see we hid in this slide the the full IP address Because we thought well for sure it is a separate network from the one where every one of you are connected And it is a separate network for sure. They're used VLAN and the routing rules to prevent anyone here at the camp to connecting And nope, okay you from your computer could ping the light infrastructure and could set packets to them And of course DMX is unauthenticated and it's UDP So and it doesn't even care about the source IP address So you could just spam it with more packets than the original controller and you could take control of it so we took the One of the packets from the TCP dump edited with an hex editor to change the color loaded it in memory in a C++ program and just flooded it Faster than the original controller. The original controller 20 millisecond as every 10 milliseconds This is the result before with the original animation and this is the result after with the colors of the Italian flag So The interesting thing The interesting thing is that that night one of us showed up at the Italian embassy saying hey I'm the original designer of the sign Could you please give us back control because we have some night animations for the night and We gave them back control of course, but we started thinking hey We know the network number so we should try to look for other science. We made a nice application with You could just put an IP address and hit the phone button to flood the MX packet to them and We scan at the network of course for port the 6454 which is the one of the MX We found a lot of things the third number in the P address is the data and clone number The fourth number is the individual device some of the data and glow have the 21 22 23 So they are the special light installation, but all of the data and glow had 20 What is 20 we targeted the attack is about 20 and it is the flame at the top of the dating Claw and it is a perfect way to spread the Italian flag all over the All over the embassy sorry all over the camp basically So we put all of the IP addresses that we could find not all of them And most of them and the next night all of the lights up top of the dating glow We're blinking with an Italian flag If you want to try this at home Be careful with two things we found that the damped packets had a maximum brightness of 7f the maximum is ff We don't know why still but we suspect some power limitation So not to let the smoke out of the installation please keep the brightness low if you try it and The second thing is that all of the network due to the Arduino controller limitation run on a 10 megabit per second Switch so also keep the traffic low please and thank you everyone at chat 2017 for providing The as with the best and intended CTF over my life. Thanks Fantastic All right So next up we've got Jan coming to speak to us about blockchains And about hacking blockchains in the meantime a little bit of housekeeping So I heard that the merchandise Can't be shipped to you if you pre-ordered it But you can go and still pick it up from the shops So if you've pre-ordered something go and pick it up from the shops Yesterday they were saying they were running out of items, but you can still ship them to Benelux and Germany if you want to purchase things Also No, okay, so Yeah, was there any other housekeeping I can't remember what was the sale so there's a sale. What was the price? Is it 20% off? Is it 30% off? Okay, they're selling merchandise in a shop news at 11, right? I'm just here to kill time. Here's the real pretty face So go ahead and tell us about hacking blockchains Welcome this talk was original a 99 second talk, so I thought let's expand it to a lightning talk and Well, it's basically we have a nice camp here at the hacker festival and we hear something about blockchains But I'm like I'm not really seeing the hacking things in blockchains and well since It's important technology with a big impact. I think we should so the biggest known block chain is of course Bitcoin and Well after take away comms Exciters fear Bitcoin we now have tricks paying for Access that came out in 2014 Um Well that Bitcoin is the biggest implementation of a blockchain that if you go way Further you get to Ethereum, which is actually a program which is to deploy this kind of thing So I guess or description how blockchain work You have all kinds of sections get into To be stored in the database every 10 minutes for Bitcoin It gets stored in the Blockchain and Also, the address of the hash of the Previous block is put into the block and so if you put all the blocks together you have big database So here we are at the camp and we see all these really important topics come on like the big companies Facebook Apple Google Amazon and Microsoft are owning our stuff Governments attack our rights hacker computers and they have clue what they're doing and Well, the best of IOT fails electronic locks fails and they're There's only all our people computers So add to that the blockchains which allow for global distributed uncensable Unchangeable irreversible real-time database just thinks of all the great things you can do with it and project that on the previous topics We had How did I get into it? Well, let's start in 2013. I thought Bitcoin. Hey, it reached 20 years shouldn't that be that this can't work I've start to figure out. Okay This can't work. Oh crap. It does and then you go to deeper down the rabbit hole Like all the other companies now do so we used to have many frames which did everything for aeroplanes and air traffic and Power infrastructure Now we do everything on the cloud everything to Amazon because they're the biggest and cheapest and Jeff Bezos doesn't want to make any profit so we invest everything and But he also doesn't want to attain all those computers. So we go to Everything on the blockchain and we don't know where everything is So how did we get here? This is a Possible scenario we started with Bitcoin in 2009 Then in 2015 Ethereum got developed and people Yeah, you get some smart contracts on a global mini computer like a sort of Python interpreter on the global mini computer where everybody agrees on and now kids are going crazy your developers quit at to retire and then one year later they come back to rip apart your marketplace and Take you over But one of the limitations is that big data box changes really difficult at this moment But the kids and the hackers are really busy getting that's going So all the you pick jump in and after that the financials the big stacks also go for it Government won't be able what to do and in 2020 we're like, okay crap. What happened? Where are my rights? Why is everything on the blockchain and get added and then after that the horrible things happens Because if you make really complex smart stuff something So we should start hacking blockchains and start a new blockchain and We can start of course with the blinking LED on the blockchain and also started discussions think really need as an Initiative we need our own blockchain, but we also need to start With the other blockchains and the people that are using them Excellent No, my it is working. Okay, good. Hmm. So Anybody here been here all three days for lightning talks Any serial offenders? Yeah, but you work here Yes, one of our speakers from the first day has made it all three days So then so then you will remember that we have a lightning talk legend here lightning talk department Genesis dot re here to speak But I have my own microphone Exactly, there's free about Command and control so I believe the previous speaker was talking about the rabbit hole of blockchain and all the places that it could go You see how we've Spared no expense and he is indeed wearing a white rabbit t-shirt just to symbolize exactly what you were talking about So I'm almost there. I just need to hack my own website because this little video Obstructs the better view and I didn't have a chance to make my own slides because everything is Improvised everything is work in progress. Okay, and I love energy coming from this place so much next year I'm opening my own stage so that I could talk forever Okay, so basically I gave this talk you two years ago at the chaos communication camp and Today when they gave me this microphone, I just cannot help each other I just I just I just must do it. I started doing yoga because I had some back issues sitting on the computer Very, you know, not optimal posture So I just want to show you like one or two very super basic Exercises and whenever you go to a yoga class. This is like a warm-up exercise. So there is like a no No, nothing serious. It is just to gently warm you up and by the way, I need to admit that about Genders and the sexuality Usually when you go to a yoga class, you are one of the very few men and back in a day Seeing girls going to yoga classes was one of my main motivations I'm not guarantee that you get laid But if you have a higher energy Better physique if you are just hanging out in right circles. Okay, so let's do this So this is called the Sun Salutation and first what you do is just hands up Then you bend over You just look back Then you just jump to the back then a little push-up then you look up Look down. This is called a downward dog and usually we stay here for for for a few breaths I usually like to move my move my ass move my legs and Then we we go to the front We bend and all the way up sometimes a little bit further and basically what it does It just works on your the whole body your spine feel as well. So I just do this again We look up We we bend Look up Walk or here we have some here. We have some variations Look up boom boom boom And This is basically a very simple exercise that you can do in any place at the airport on a grass You do not need to have a yoga mat or anything. It just works another exercise that I enjoy is like Touching touching the ground and Hands up and then the other side. I just feel like all my Arms and legs are are stretching and it is just I just feeling my body. Yes, my body feels good. My body feels amazing Another very simple exercise because all of this is super simple. It doesn't require any special fitness or anything is for for instance You just I Do not know what is the what is the official name But also I can feel all my muscles working My arms stretching. It is just And you can go on and on and on and then at some point you just know Oh, I have us I feel something in this part of my body and then you just do a special exercise that is meant to relieve your pain in that section and This can go on and on forever. I try to do something crazy I'm not sure if it will work. Don't do this at home. Never do this on the stage Okay, one more It is the last day. I've been tired. I didn't get much sleep You know it takes some time it takes some practice But the journey the journey never ends life is about the journey. Enjoy the process. Enjoy the ride Thank you Serial vendor was here on the first day as I as I recall yesterday yesterday second day, okay So Polto is here to speak to us about about bullshit bullshit about bullshit That's what I do up here mainly bullshit. Yeah, you know the difference between a lightning talk coordinator and a pizza is I don't have slides a pizza can feed a family of four Did your microphone working? Oh, yeah Hi, so I'm here to talk to you about bullshit and a very specific bullshit So first, thank you for the talk about Blockchains and that we need to hack the blockchains. I also think so. So thank you very much Probably most of you already heard about Blockchains Bitcoin, Ethereum and all the ICOs going on Most of that ICOs for those who don't know initial coin offering are scam bullshit Ponzi schemes Most of them like probably 95% So I got an idea. Why not create some bullshit token? So we created a bullshit ERC 20 talking on Ethereum and it's currently on the market You can buy bullshit on at her Delta decentralized exchange There are many fancy talking that you can buy like fact talking like the useless the freedom talking. There are many useless talking that make fun of the Currently useless and scammy ICOs. So we built this currently it's actually useless, but we will try to make something like a bullshit proof of concepts Bullshit profit proof of consensus Algorithm to prove that bullshit ICOs are bullshit. So we want to mark them with this coin as pure bullshit So people want to invest in them and would pay more attention before they invest in some ICOs So the website is currently It was published for the shot 2012. So it's really ugly and Quickly done. It's hosted on github. So feel free to do pull requests to make it better We have a brown paper that's described slightly how the thing works and we also for like increased security We issued a special free sheet Toilet paper wallet. So it's very secure. Please participate to the project. Thank you very much Wow fantastic It did smell a bit like cow patties for a moment there while that was my honest Don't know if that's just wafting in But our next speaker is going to talk to us about next generation internet Michael linear yeah, Michiel Lenas okay, so You know that moment when you when you go to a wedding and they say Speak up now or forever hold your breath. So I work for a charity called an illness foundation We were way back in the 80s We were part of the the beginning of the internet in Europe. It was a time when Unix bearded guys Actually, we're all young people and they set up this this network just for each other and then that grew into the European Internet And we've been giving money to people that do this kind of thing Even to this conference itself, but to people that fix the internet. So we were charity we give money to people and last year something came in our path because we found out that the European Commission was They were starting a new research and development program and and these things are big I mean think hundreds of millions of euros potentially billion of euros and They were sort of putting the challenge in front of the community saying, okay. Is anybody there out there to tell us What we should be funding and we looked back and we thought the last 20 years what you've been funding is crap The internet is still very much fossilized ossified in the in the in the first generation There we we're still using IPv4 everywhere. We're still using DNS With without security where we we don't we have not upgraded our technology stack They were looked at how they how they were faring and they were always getting these big consortia in with with telephone companies and then For some reason or another we were able to actually Get into the process and we're now writing the the plans for the European Commission their official vision for the next generation internet and We we are not doing this by ourselves we we hooked up with a number of Communities like the FSF e edry, but also the technical community to people that run the internet that like the ripe the people that run the domain names But obviously these organizations do not have a complete overview And so that's what I said the moment where you could speak up about what is wrong with the internet or what? What your wishes are what is wrong if you yell it to us now? We will produce it at verbatim to the European Commission. So unless it's total obscene bullshit crap But otherwise if you have a meaningful thing and it doesn't have to be long But if you have anything meaningful to contribute saying Either political issue or a technical issue and you can report it to us. We have this website up Called and and it's actually apt to be next to this thing because we're talking about alternate realities So I'm in front of the thing. This is not the internet Google is not the internet We can actually make the better internet tomorrow if all of us work together and So I'm asking you and asking the help of this community if you talk to people if you know Anybody that is always bitching about how the internet should be proved in one way or another Tell us because now we have the opportunity. We have sort of we've hacked the process to to to to to make the Commission Understand that it's public money that should go to a public resource that the internet is a commons And we really really really need your brain power to find the well just like the we don't we want this Italian flag on top of the internet right we want it back we want to own the thing and We want to strain every muscle that we have in our bodies to make now finally grab this what I mean I've been Working in this this fear for a long long time from almost my entire life. This is the best opportunity I've seen to get actual real large public money go to the things that we care about So I hope that you go to our website. It's called nl net dot nl. It's easy. You're in the Netherlands now There's only one network in the 80s. So it was called nl net From there on you click on the top right link Uh, and it's all about next generation internet or you you look for that And any input that you will give us we we promise to treat very carefully and look at it And if you uh, I'm here so you can just grab a card And please talk to us And send send us any idea that you have okay, that's it fantastic Thank you. So we don't have a full set We have two hours today for lightning talks Do a lightning talk It's all right. I can work with half a microphone So anyone anyone anyone if you don't speak I'm going to have to put genesis re up here again To do more yoga and keep things going It's going to keep going Come on anyone do the public We already picked on you yesterday. So you know not to raise your hands this time, right? I know one of the angels was in the workshop Opportunity public speaking. We only have two more talks. We have two hours to fill Oh god, it's endless All right worth the try Matias is here to speak to us about privacy scores, which I think is pretty cool So I'm going to let him do that Um and feel free to take an extra minute since we have You know two hours Great. Yeah, I will talk about privacy score a public scanning platform to assess privacy issues of websites our motivation When I'm visiting a website that Informs about social support. I want to know who knows that also So there are tools like privacy badger that show me trackers, but there are also other Scanning services You might know some of them most of them are focused on single side scans. For example, there is SSL labs SSL labs creates an overall rating and Shows you if your SSL config is bad or or not that bad Then there's also security headers. I owe they show you if you have a nice HTTP headers or not Other other websites to mention are the mozilla observatory or Web call web call shows you lots of cookies third party request and so on and so forth But the existing scanning services are only useful For mince that do ad hoc scanning and they use a predefined Evaluation methodology. We want to change that So we created privacy score The goals are We want to create incentives for providers to improve their security and their privacy By publishing our results as a ranked benchmark The user can influence his or her ranking the source code is open source and all results are published as open data A nice thing is that user can Define their own site properties that makes it easy to To understand the list that I created I will show you that in one slide Question I could answer then are something like do bavarian cities perform better than schools in hamburg Or is the size of a hospital correlated with its rank on privacy score? So I will show you a few screenshots first. This is a list named European data. I forgot the last thing And there are 36 websites in this list zero of them past all the checks we have so far 19 Failed at least one or more checks And 11 failed at least one critical check When you scan a bunch of websites such a ranking Created you have on the left the list of URLs then you can have one or More user defined columns and on the right side you have Certain categories like tracking encrypted web attacks encrypted mail and in the end the overall rating um If you click on a domain you can see The results in detail here for example the no tracking results Most checks are working some are not working yet or unreliable Yeah, check out our source code. You can contact us via twitter by mail try it out Since I have a minute left I will show you the website self Here it comes So you can upload a new List you can of course Scan the single site if you want to And it's pretty easy to create the own list. It's just a csv file comma separated and yeah, try it out That's it fantastic All right, and even on time i'm not used to all the lightning talk speakers Running absolutely on time You thought I was kidding, but we really do need speakers So if you are streaming this if you are out there in the ether Please come to the uh to the re tent Otherwise it's going to become the genesis re tent for the next hour Because we were in the bar last night and he was showing me all the projects that he's got and he's got plenty of projects I'm just kidding. He's going to give us another five or six minutes And then we do have two other new speakers who bravely stood up to come and join us so um Let's have more of that Okay, I Wasn't you're not on the screen kidding that I have uh many projects At some point I did a meta project 50 projects in 50 days Because I know that ideas creativity are infinite But then it is back to implementation execution processes and actually getting sheet done I am good at getting sheet started And uh, I would like to just show you high level overview of some of the stuff this this project is called renaissance Rns s and c and these are various various projects Uh like one project per day me doing very quick presentation. Here is the problem. Here is the solution Here is the existing example here is how it makes money and first it starts from cannabis Which is the fastest growing industry in the u.s. And hemp which is a non psychoactive variation and on the first day I gave the talk about illegal history of hemp and cannabis and second And then I realized after all these 20 projects Initially, I set up to 250 but in the process I've realized that I need to first work on the workspace so I could realize all these projects And that's how working on the astral ship started astral ship Is a building in the north wales in the in the uk We have this building and we converted into a visionary space to realize human potential and heal the planet We have enough Taxi or food delivery apps. We need to work on actual problems that matter and here at the shah So much work is invested into infrastructure toilets water. It is completely Unsustainable honestly so much work. So that is why we invest in the buildings. We already have and this is our second building This building is a ruin. You see the collapsed roof Uh, this building requires a lot of investment from a local council government european union Some lottery fund But hey, we have two buildings. We are all hackers. We are organizing an event 22 23 24th of september. I'll show you the link to the event and please You are invited. It is not fun to build a community and no one arrives We actually Anticipate you to come and some people will arrive early. Some people will Stay for an extended period of times so This is it two buildings and the invitation is right there astral ship slash Equinox Boom boom boom Okay, so this is it 20 22 23 24 of september. You are invited to to arrive early And and and and stay longer if required because we anticipate that some people will decide, huh? It makes sense. It is cool. I want to stay. So we are more than Welcome to stay for long. We are based in wales Flying to london is okay, but it's better when you fly to Liverpool or Manchester. It's just much much closer And this is something my my friend is doing and and and and we are like piggy piggy backing on on his idea First to global solutions day. We have all the solutions to all the all the human problems It is just the uneven distribution. There are some I would say There are some like a prawns the shrimps like these little Things that live in there in the water and they are caught in in netherlands They are shipped to marocco when they are appealed and then shipped back to Holland and then there are subsidies to pay For export taxes and import taxes. It's ridiculous or salmon caught in norway And then it is shipped to to china and then back to It doesn't make any sense at all, but we have two buildings. We organize the event You are more than welcome to join us. And by the way, I know this is not very popular Do I have time cool? I have a strange relationship with google Because google in my opinion is the most powerful company on the planet They are actually more powerful than any government For instance, they have access to all the knowledge all the books They have access to our emails search history and of course there are some privacy advocates that are not using google But on a larger scale google has all the information all the thoughts And they are investing in the browser operating system phones laptop telecom infrastructure fiber loon So this is only technology, but now they are also expanding into Machine learning artificial intelligence self-driving cars robots. They purchase all all the robotics company They purchase all deep learning company. They have also The biggest private investors in the space x via google ventures So all the knowledge all the information all the deep learning all the robots space technology and recently also a nuclear fusion So google quite literally owns the planet. They are Obiquitous I treat google as oxygen and I know that my my my security systems when I'm in this room You are much better at hacking than me and when I am defending my systems I need to be lucky all the time you as an attacker. You have to be lucky only once I am Relying on google when doing my infrastructure because google owns the planet google is already more more powerful than any government And I'm not sure if you know it. You may have heard of the rotschild family They are there's the famous family of bankers rotschild family It will give you some wikipedia links. They have many many multiple generations. They were fan of financing both sides of the war How do you make money? You just sell arms to both sides and then whoever wins you you have money So so this is one Very famous family and the second very famous thing is bilderberg group And believe me or not the eric schmidt The CEO of google is actually one of the chairmans of this organization. So Google owns the planet. I signed peace treaty with google because They own it. They own it. However, if you have better ideas, we can work on the alternative I'm inviting you to our place The equinox gathering we have two buildings. We need more hackers We need more people and you are invited to stay as long as you like just take your laptop take a sleeping bag Take pack yourself in a way that you don't want to go home. Just get yourself ready. We are starting something Don't forget your laptop So there you go, you have it Anyone been to snodonia? Really? Okay, good. It's beautiful, right Worth a visit. Okay. So, uh, I do want to remind people there's still space for speakers whether you're online streaming or whether you're here in the room Um, the traditionally over represented gender has been traditionally over represented in these particular lightning talks So I would like to invite all genders to come and give lightning talks If anyone is still interested come and see the angels at the front of the room Run down here from your tents and give us a talk Benjamin was here yesterday and I believe was part of the free software choir, which was quite a finale. Did anybody catch that? The one person who is here all three days, right? Okay, we all caught it, right? You actually work for us, don't you? No, no, you really just volunteered to see all three days of lightning talks. You deserve a round of applause All right, benjamin Take it away Ignore Yes, so yesterday I was we were singing with the choir and I thought I'll talk a bit about it. So, um, it all started with that at the last C3 congress, I noticed that at the tent at the table of the free software foundation europe Twice a day people would meet to sing and not everybody liked it because it was amateur singers and they also had a flute but I thought You know you to make something great you need motivation and you need skill. They already have motivation. So maybe I could so and so I took the song and made a choral arrangement and I just wanted to make a comment about it I put the melody in the tenor part because I expected more men than women on a tech conference um And we did perform it yesterday and for me it was great. It was the first time that I conducted something But I want to do it again. And so now basically what I'm Trying here is to find people to work with so if there are people who want to make music that glorifies Open source software, please talk to me So we can make something cool on the next congress I would be I I think I like the idea with the choir and I would like to optimize for Having a great experience while singing in the choir. So this song that we had was very fast And so people did not really have time to listen And it's it's quite some magic that evolves when you you learn that line that you have to sing and then you sing with someone together And suddenly it it sounds and I would like to find I would like to make music That is more optimized on that so it should have more harmony and more dynamics Yes, so I'm basically looking for collaborators people who have text Because I cannot write text. I can write music And other musicians and so maybe we'll have a choir again at another event. That would be cool. Thanks Thank you All right, so right now we're on to our last talk. So I'm disappointed in you Shame on you No, okay. We've got two more talks. Fantastic. Actually, we're starting to recycle speakers So rabuf is up here to speak to us about something new Compared to half an hour ago So you've evolved a lot in that time you've written a lot of code. It's all up on github. Uh, I understand. Is that true? Yes. All right. What are you going to speak to us about? Um, I'd like to do a quick picks for the Quick pitch for the reproducible builds project. So I'm not affiliated but I'm a fan Um, so the reason I want to do the pitch is um, who of you ship software? That's a good number of you So it could be a library or a program and when you ship software, it would be really bad if you shipped a backdoor to your users, right But if anything, uh, if you should learn anything from going to a hacker camp is that you don't know if you've been hacked Um, so how can you know that when you publish your software? You haven't been hacked and you're not publishing a backdoor to your users So that's a really hard problem because you can like say, okay, I use a contains integration server But hey, maybe the contains integration server sect. So that's a hard problem And the reproducible builds project is aimed to well, maybe not fix the problem, but uh contribute to the fix And the idea is really simple Uh, uh project that has a reproducible builds if you take the same version of the code It always produces the same binary like bite per bite The same binary and then you can just build it on several machines The chance that all of them are hacked is small and you have more confidence that there's no backdoor going to your users Um, so typically, um builds are not reproducible because there's timestamps in there and lists that are ordered in random fashion But it's a really worthwhile cause the debian project has done a lot of work creating tools to make it much easier So look into it. It's really recommended. Thanks Thanks So it's raining out and it looks like we might have some lightning a little bit So the lightning talks are actually going to be lightning talks Hopefully that will drive more people into the room and onto the stage Give a lightning talk all at the same time Uh, so again recycling another speaker Uh, he's going to speak to us about a hardware project. I believe this time once he gets everything set up Um, is everyone packed up their tents? Now would be a good time to do it Maybe not. Maybe not. I packed mine up earlier. I put it inside another tent because I like recursion Um, I think they took that tent down. So my tent is now inside a tent that's been packed away inside another tent that's been packed away Um, hey, do you use nixos? Hmm. Is this nixos Your operating system. No, it's debian. Okay, met kd recognize the background and I thought maybe you were a nixos user Okay, I hope this. Ah, okay. All right. Here we go. Um, last lightning talk unless somebody comes up here and volunteers This is a talk I did a couple of years ago based on hardware outsourcing because in the previous life There was a hardware engineer and it was the only time it went actually right in a complete co-creation fashion This used to take one and a half hours. So, um, here we go It's about that box. This is about me. Well, everybody knows how outsourcing projects go And bowing also has learned that the hard way Um, this is probably we worked on which was an x-ray machine for phillips and when we were almost done I was like, okay, it went so well. I went to my manager Can I publish everything I learned here and said well, we can release everything anyway in a couple of months. So be my guest. So That's great. This is the basic layout You have your stuff for your patient control and lots of 19 inch cabinets in the back logical view and this was the old crappy situation which was obsolete and we went to this And phillips didn't have any mechanical engineers. So we needed to outsource Cable overview and this is how it looked like This is nicely done in inkscape and this is how you mount it below a table in your lab and well main point of this talk is if you start outsourcing White box or black box outsourcing. It's all crap. Everybody should specify in what they're capable of and Everybody can use the tools they want to use and you communicate using open standards like pdf or whatever Requirement engineering, what kind of level? Yeah, not important. Okay. Don't invent the wheel buy stuff harass everyone that you need stuff I Make a good specification peer review it always peer review it make a prototype to see if your specification is correct And then you will start really outsourcing sourcing because what your customers is here Is what your supplier did here? And make sure that your supplier also knows what he's making and for who is it making and this is the only interface You have to your supplier. So get that right and get the trust with your supplier Well, then the mechanical engineer at the supplier start engineering So you give them all your stuff including the requirement specification. He sends back an axi with a 3d model You hack and slash and annotate it. You send it back in 24 hours later You got your next iteration and six weeks later. You got your first of a kind hardware Then you start testing of course EMC is crap. It's all it is So and then you solve all your change requests Problem reports your archive the whole design because it needs to be in the field 12 years or 20 years And you deploy it at your beta site Tools well, I used the gimp for making a simple pcb thing and specifications also give a good link to Some emcee requirements, but for your netlist use a real schematic program And you get your gerber bags for mechanical. I used inkscape It was a real one-on-one printed sheet So I could easily hang it under the table before we got the real hardware And it actually went quite well cables this I don't see anywhere People always try to make harnesses And they use the most difficult specification take a lot of work It's just use open office curate a table with five columns Specify connect on one side connect the other side what is in the middle? What needs to be a twisted pair and you get your nice cable drawings back out again And when it's not worth the trouble you don't outsource it you do it yourself So, um Yeah outsourcing it takes you yourself one Third to a quarter of the effort that it takes the outsources So for one people you for three people you have running around at the outsource party. You have one people running in-house That's it Thank you very much. I never thought I'd enjoy a talk about outsourcing, but I did actually learned a few things. That was pretty cool Um, can you imagine if all lightning talks were done by management? Wouldn't that be great management strategies? I think that would be for conference No, okay, never make that joke ever again