Hacks / DIY


Thoughts on #28c3


So as i'm currently in berlin for 28c3 and i'd like to share some thoughts and share some of the most interesting talks that have been held over the course of 2 days.

For me it was the first time to attend 28c3 and untill now it has been really fun. It's great to see so many passionate hackers meet up and listen to new developments in the cyberspace. There where some very interesting talks over the course of the two days. A few i'd like to highlight.

First the talk there was an article about on The Verge about Mobile Phones and the weakness of 2G. It was pretty scary to see how they hacked a phone in just minutes and used the same PC to pretend they where the phone but in fact where not. The talk in itself is very fun to watch and I think this is really something providers should be looking in to very seriously. One of the best talks of the past days.

28c3: Defending mobile phones (via 28c3)

The second talk i'd like to highlight is the talk about how Apple and Google differ in their security of their products and how we as customers are essentially the ones who lose. It is a very nice and wel prepared talk (WOW, well-prepared at a chaotic conference) and it gives some nice insights. This is one that generated lots of discussion afterwards in the group of people i was with. The video below is actually a pre-release, so it will be taken down soon and then i'll replace it with the release that intergrates the slides.

28c3: Apple vs. Google Client Platforms (via 28c3)

The last talk is from Cory Doctorow about the coming war on general computing and how the war on copyright just has started. Great talk from a very respectable person. Also worth watching.

28c3: The coming war on general computation (via 28c3)

Untill now the conference has been really great and I think we all should be more concerned about online security and be more aware of the dangers that are out on the web. 28c3 made me realize that there are some pretty big problems around that can have a big impact on everything on the web. On the other side it's great to see there is such a vibrant community of people working together to fix these problems and finding solutions for these problems. They are actively working together with the companies that have leaks in their software and they are reporting to them to help them improve and fix those issues. The fact that those people are actively working on the problems makes me a lot less concerned, although I am still aware.

So these are three very interesting talks that where held on 28c3 in the first days. I can highlight several more but i decided I'll only link to them so you can check them out yourself.

Data Mining the israeli Census (also pre-release, info about the talk here: about what is possible with the leaked database of personal information of every israeli citizen starting from 1948 untill now. Short talk, but very very interesting what is possible with al this data.

Effective Denial of Service attacks with just using 1 HTTP-request. Very interesting talk that is showing the practical results of a leak that has been in big programming languages like PHP, JAVA etc for ±5 years but that hasn't been researched too deeply. They present a very practical way to exploit this leak.

These are the most interesting ones but I recommend you sure check out events.ccc.de for more information about the different talks or head over to youtube for the 28c3 channel to watch all talks back. There are some great talks to watch and learn some more about the recents development in online security.