«
Expand/Collapse
123 items tagged "communication"
Related tags:
network [+],
video [+],
chaos [+],
security [+],
language [+],
tor [+],
tim pritlove [+],
radio [+],
privacy event [+],
chaos communication congress [+],
satellite [+],
protocol [+],
communication protocols [+],
talk [+],
system [+],
sven moritz hallberg [+],
sql injection [+],
sapir whorf hypothesis [+],
privacy [+],
model [+],
message construction [+],
message [+],
matrix workshop [+],
mac [+],
lojban [+],
language lojban [+],
hacks [+],
field communication [+],
field [+],
enjoygraph [+],
electromagnetic waves [+],
b keen [+],
wifi [+],
wes faler [+],
web [+],
video communication [+],
version [+],
vehicular communication [+],
traffic [+],
time scientists [+],
tim [+],
technical infrastructures [+],
system communications [+],
steganography [+],
shot [+],
search [+],
say [+],
satellite ground station [+],
richard bergmair [+],
podcast [+],
phone [+],
participation [+],
openview [+],
omnitouch [+],
nick farr [+],
nfc [+],
natural language text [+],
media hype [+],
john perry barlow [+],
java system [+],
isabel drost [+],
international research projects [+],
intelligent search engines [+],
instant [+],
injection [+],
ian clarke oskar sandberg [+],
hp openview [+],
ground station [+],
fresnel zone [+],
frank kargl [+],
forgery [+],
file deletion [+],
express [+],
event [+],
elektra wagenrad [+],
defcon 13 [+],
communications express [+],
communication suite [+],
broker [+],
audible web [+],
andreas hornig [+],
adversarial environment [+],
23th [+],
x insecurity [+],
x event [+],
worm [+],
workflow issues [+],
work [+],
wendy [+],
usa [+],
trance state [+],
trance [+],
toni [+],
timing channels [+],
tiger [+],
thorsten holz [+],
texas [+],
tcp implementations [+],
tandberg [+],
sven behnke [+],
storm [+],
storage channels [+],
state [+],
space station [+],
smart communication [+],
smart [+],
sim application toolkit [+],
sim application [+],
sim [+],
security implications [+],
satellite event [+],
satellite communication systems [+],
sat [+],
safer use [+],
resource record types [+],
related security [+],
public channels [+],
protocols [+],
propagation phase [+],
peer [+],
patrick strasser [+],
p event [+],
open source development [+],
onion routers [+],
onion router [+],
moon [+],
mixminion [+],
memory corruption [+],
measurement results [+],
magnus kolweyh [+],
mac os [+],
lisbon [+],
lecture [+],
lawful interception [+],
kismet [+],
johnnie [+],
jens kubieziel [+],
jaya baloo [+],
introduction [+],
interception [+],
information superiority [+],
information platforms [+],
information overflow [+],
information [+],
immanuel scholz [+],
idea [+],
humanoid [+],
houston [+],
hacker conference [+],
goal [+],
globecom [+],
germany [+],
george danezis [+],
g usim [+],
fabian yamaguchi [+],
earth moon earth [+],
dns [+],
design [+],
david chaum [+],
darwin [+],
cryptographers [+],
context [+],
communication signals [+],
communication endpoints [+],
client server systems [+],
clemens hopfer [+],
cisco telepresence [+],
chaos computer club [+],
body [+],
berlin [+],
authors [+],
audio [+],
attacker [+],
apple [+],
angelo laub [+],
andreas schreiner [+],
amateur radio satellites [+],
alpha [+],
3g usim [+],
workstation [+],
wireless infrastructures [+],
what is net neutrality [+],
vehicle communication [+],
vampirism [+],
usb protocol [+],
unicast [+],
telemetry [+],
telecommunications [+],
tdr [+],
stefan katzenbeisser [+],
stealth [+],
space event [+],
shutter release [+],
session initiation protocol [+],
server [+],
serial communication [+],
security tags [+],
security authors [+],
scott [+],
remote [+],
radio modules [+],
port [+],
personal communications [+],
pc communication [+],
patterns of behaviour [+],
news php [+],
new orleans [+],
neutrality [+],
net neutrality legislation [+],
net [+],
needle in the haystack [+],
navigation maps [+],
motorola c168i [+],
modem pools [+],
mobile phones [+],
mmcs [+],
mitsubishi [+],
microcontrollers [+],
microcontroller projects [+],
microcontroller [+],
max sobeil [+],
kiu [+],
kay hamacher [+],
katrina [+],
julius [+],
julia lning [+],
joy [+],
ir communication [+],
intro [+],
internets [+],
internet [+],
interface [+],
interesting solutions [+],
intelligence matter [+],
intellectual [+],
integration work [+],
insider attacks [+],
indelta [+],
hurricane katrina [+],
host keys [+],
hollywood [+],
ham [+],
google [+],
flood [+],
federal flood [+],
federal [+],
exploits [+],
exploit [+],
evolving [+],
europe [+],
egypt [+],
dslr [+],
documentation team [+],
directory traversal [+],
digital [+],
dettaglio [+],
day [+],
daniel burroughs [+],
cryptographic protocol [+],
covert channel [+],
communication server [+],
communication port [+],
communication channels [+],
collin mulliner [+],
cisco telepresence video [+],
cisco security advisory [+],
cisco security [+],
christiane ruetten [+],
charlaine harris [+],
cfp [+],
cellphones [+],
cell phone providers [+],
cell [+],
carrier [+],
card [+],
camp [+],
cameras [+],
burroughs [+],
bugtraq [+],
brian [+],
benninger [+],
availability of broadband [+],
auto adapting [+],
audio traffic [+],
atmega8 [+],
andre adelsbach [+],
ancient computer [+],
analysis [+],
advisory [+],
vulnerability [+],
sql [+],
chaos communication camp [+]
-
-
22:50
»
SecDocs
-
-
21:33
»
SecDocs
Tags:
network Event:
Chaos Communication Congress 18th (18C3) 2001 Abstract: As encryption is becomming a common feature of on line communication quite a few copmmentators predicted that individuals will at last be able to effectivelly protect their privacy. In this workshop we will see that not only the content but also the shape of the traffic, and other traffic data, can reveal a great deal of information about a users private patterns of behaviour. We will present practical ways one could use to extract information from these patters and techniques that have to be used in order to fool this type of traffic analysis.
-
-
9:45
»
SecDocs
Authors:
Jaya Baloo Tags:
network sniffer Event:
Chaos Communication Congress 19th (19C3) 2002 Abstract: Lawful Interception (LI) is currently in development internationally and the area of IP interception poses significant regulatory, as well as implementation, challenges. The presentation attempts to elucidate major legal and technical issues as well as citing the vendors, operators and governments involved in creating the standards and solutions. In the European context, all EU countries have been mandated to have LI capabilities in place and be able to provide assistance to other member states when tracking transborder criminals. Public Communications Providers must tread warily between privacy concerns and LI requirements. Especially with the new talks concerning Interpol, Enfopol, & Data Retention, communication over public channels is anything but private. The conditions for interception and the framework for oversight is not widely known.
-
9:42
»
SecDocs
Authors:
Jaya Baloo Tags:
network sniffer Event:
Chaos Communication Congress 19th (19C3) 2002 Abstract: Lawful Interception (LI) is currently in development internationally and the area of IP interception poses significant regulatory, as well as implementation, challenges. The presentation attempts to elucidate major legal and technical issues as well as citing the vendors, operators and governments involved in creating the standards and solutions. In the European context, all EU countries have been mandated to have LI capabilities in place and be able to provide assistance to other member states when tracking transborder criminals. Public Communications Providers must tread warily between privacy concerns and LI requirements. Especially with the new talks concerning Interpol, Enfopol, & Data Retention, communication over public channels is anything but private. The conditions for interception and the framework for oversight is not widely known.
-
-
21:51
»
SecDocs
Authors:
Angelo Laub Tags:
Mac OS X Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Some recent security problems with Mac OS X stem from the fact that Apple tries to combine the Unix security model with easy and convient usability and closed source. Showing examples from our own research we will take you on a pleasant journey to get root on almost any recent Macintosh. And of course, there will be "just one more thing". While rumors have it that Mac OS X is extremely secure due to its open-source Darwin core and the elaborate Unix security model, little is known about practical problems that hide under its hood. While the lack of serious worms and other malware for the Mac might give users a false sense of security, things aren't that pretty once you dig deeper in the system. SUID root programs, closed-source security components, and badly-chosen default settings pile up to a security nightmare waiting to happen. We will give an overview of the problems, demonstrate example code, and give you an insight into communication problems with Apple support on security issues. Both problems with Mac OS X 10.3 (Panther) and the future version 10.4 (Tiger) will be addressed. As you can expect from any decent Apple presentation, be prepared for "one more thing".
-
21:51
»
SecDocs
Authors:
Angelo Laub Tags:
Mac OS X Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Some recent security problems with Mac OS X stem from the fact that Apple tries to combine the Unix security model with easy and convient usability and closed source. Showing examples from our own research we will take you on a pleasant journey to get root on almost any recent Macintosh. And of course, there will be "just one more thing". While rumors have it that Mac OS X is extremely secure due to its open-source Darwin core and the elaborate Unix security model, little is known about practical problems that hide under its hood. While the lack of serious worms and other malware for the Mac might give users a false sense of security, things aren't that pretty once you dig deeper in the system. SUID root programs, closed-source security components, and badly-chosen default settings pile up to a security nightmare waiting to happen. We will give an overview of the problems, demonstrate example code, and give you an insight into communication problems with Apple support on security issues. Both problems with Mac OS X 10.3 (Panther) and the future version 10.4 (Tiger) will be addressed. As you can expect from any decent Apple presentation, be prepared for "one more thing".
-
15:31
»
SecDocs
Authors:
Magnus Kolweyh Tags:
P2P Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: A significant paradigm for the Internet are Peer-to-Peer Systems. Those networks form new types of distributed information platforms. The lecture will discuss concepts for Next-Generation Peer-to-Peer Systems that range beyond the scope of todays filesharing applications. The Internet has changed from a statically, television-like webpage space to a highly heterogeneous and extremely dynamically information platform. No other technology forced that development in the last few years like Peer-to-Peer. Those systems often contain Millions of nodes, terabytes of data and cause most of total Internet traffic nowadays. Despite their enormous performance power they are often reduced to the filesharing context. This limitation leads to a Peer-to-Peer discussion which focuses on terms like copyright and ownership and overlooks the power such networks accommodateon the technical site. This lecture tries to overcome that limitation and will discuss concepts for Peer-to-Peer Systems that go beyond filesharing networks. Today all Peer-to-Peer applications can be clutched into three areas: Filesharing, Distributed Computing and Communication. When we’re looking for new Peer-to-Peer application fields we definitely miss advanced services that go beyond communication and sharing of data or computer power. In contrast to Napster, the first prominent example of Peer-to-Peer, today’s systems do not employ any centrally stored index systems. Although it’s quite obvious Peer-to-Peer offers a lot of advantages compared to traditional client-server systems such as performance and cost reduction, Peer-to-Peer developers are confronted with quite a lot new challenges that traditional Web-Developers never had to handle. The lecture will discuss such challenges for developers like manageability, extensibility, fault tolerance, security and scalability. We will look at concepts like DHT’s for advanced searching, Replication Schemes for improved Data Management and Reputation Systems for Ring of Trusts. We will look at new emerging metadata concepts like Edutella and the adaptation of current standards like XML into the Peer-to-Peer context. While security became a highly discussed topic in distributed networks, Peerto-Peer Systems do not only need advanced security mechanisms, Peer-to-Peer technology can also help developing distributed services like Anti-Spamfilters. A special case will be a semantic approach to the problem of information management in such huge, highly dynamic and heterogeneous databases where we will discuss a traditional Data Mining concept, Association Rule Mining, in the context of Peer-to-Peer Systems to build novel kind of services. Agentorientated systems are strongly related to that semantic approach, where autonomous agents can act as peers, form hybrid sub networks and offer services. Finally the lecture will discuss the connection between Peer-to-Peer and Mobile Solutions. We will identify proposing mobile applications that have to integrate Peer-to-Peer concepts or Peer-to-Peer-like architectures and discuss challenges for developers.
-
15:31
»
SecDocs
Authors:
Magnus Kolweyh Tags:
P2P Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: A significant paradigm for the Internet are Peer-to-Peer Systems. Those networks form new types of distributed information platforms. The lecture will discuss concepts for Next-Generation Peer-to-Peer Systems that range beyond the scope of todays filesharing applications. The Internet has changed from a statically, television-like webpage space to a highly heterogeneous and extremely dynamically information platform. No other technology forced that development in the last few years like Peer-to-Peer. Those systems often contain Millions of nodes, terabytes of data and cause most of total Internet traffic nowadays. Despite their enormous performance power they are often reduced to the filesharing context. This limitation leads to a Peer-to-Peer discussion which focuses on terms like copyright and ownership and overlooks the power such networks accommodateon the technical site. This lecture tries to overcome that limitation and will discuss concepts for Peer-to-Peer Systems that go beyond filesharing networks. Today all Peer-to-Peer applications can be clutched into three areas: Filesharing, Distributed Computing and Communication. When we’re looking for new Peer-to-Peer application fields we definitely miss advanced services that go beyond communication and sharing of data or computer power. In contrast to Napster, the first prominent example of Peer-to-Peer, today’s systems do not employ any centrally stored index systems. Although it’s quite obvious Peer-to-Peer offers a lot of advantages compared to traditional client-server systems such as performance and cost reduction, Peer-to-Peer developers are confronted with quite a lot new challenges that traditional Web-Developers never had to handle. The lecture will discuss such challenges for developers like manageability, extensibility, fault tolerance, security and scalability. We will look at concepts like DHT’s for advanced searching, Replication Schemes for improved Data Management and Reputation Systems for Ring of Trusts. We will look at new emerging metadata concepts like Edutella and the adaptation of current standards like XML into the Peer-to-Peer context. While security became a highly discussed topic in distributed networks, Peerto-Peer Systems do not only need advanced security mechanisms, Peer-to-Peer technology can also help developing distributed services like Anti-Spamfilters. A special case will be a semantic approach to the problem of information management in such huge, highly dynamic and heterogeneous databases where we will discuss a traditional Data Mining concept, Association Rule Mining, in the context of Peer-to-Peer Systems to build novel kind of services. Agentorientated systems are strongly related to that semantic approach, where autonomous agents can act as peers, form hybrid sub networks and offer services. Finally the lecture will discuss the connection between Peer-to-Peer and Mobile Solutions. We will identify proposing mobile applications that have to integrate Peer-to-Peer concepts or Peer-to-Peer-like architectures and discuss challenges for developers.
-
-
9:44
»
SecDocs
Tags:
social Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Any goal-oriented group has to deal with workflow issues, but with capable, creative people this can often be a larger challenge then completing the goal. This talk will attempt to draw the line between management, tools, and communication in dealing with volunteer or professional workgroups. In terms of technique I will cover dialogue, debate, team management, hierarchies, and defining goals to determine necessary milestones/techniques. In terms of tools we will look at CVS, ticket systems, e-mail/instant mesaaging/IRC, and wikis for centralized data retrieval. In terms of scenarios there will be two major sections, goal oriented development/teams, and general research groups. In the first category would be open source development teams, CTF teams, and IT departments. In the second category would be meeting groups (CCC, 2600). Every section of this talk allows for a lot of expansion so the Q&A should be excellent. This talk will especially appeal to project managers, IT directors, educators, and involved hackers. Often the lack of social skills on the part of members of a team can destroy a project, this talk is meant to objectively analyze these weaknesses and suggest practical systems that allow people to work, learn, and even play together nicely.
-
9:44
»
SecDocs
Tags:
social Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Any goal-oriented group has to deal with workflow issues, but with capable, creative people this can often be a larger challenge then completing the goal. This talk will attempt to draw the line between management, tools, and communication in dealing with volunteer or professional workgroups. In terms of technique I will cover dialogue, debate, team management, hierarchies, and defining goals to determine necessary milestones/techniques. In terms of tools we will look at CVS, ticket systems, e-mail/instant mesaaging/IRC, and wikis for centralized data retrieval. In terms of scenarios there will be two major sections, goal oriented development/teams, and general research groups. In the first category would be open source development teams, CTF teams, and IT departments. In the second category would be meeting groups (CCC, 2600). Every section of this talk allows for a lot of expansion so the Q&A should be excellent. This talk will especially appeal to project managers, IT directors, educators, and involved hackers. Often the lack of social skills on the part of members of a team can destroy a project, this talk is meant to objectively analyze these weaknesses and suggest practical systems that allow people to work, learn, and even play together nicely.
-
-
15:40
»
SecDocs
Authors:
George Danezis Tags:
privacy Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: We will present the state of the art in deployed anonymous communication systems, and in particular Mixminion, for anonymous email, and Tor, for anonymous web browsing. We will focus on the concrete future challenges to deploy and strengthen theses systems. In the last few years there has been a renewed interest in anonymous communications, both in terms of accademic work but most importantly in terms of implemented and deployed systems. This talk will be geared towards those at the cross section of practice and reaserch that are interested in developing or strengthening applications that provide some anonymity protection. We will describe two systems that are based on solid theoretical work, and should provide a high degree of security: Mixminion, is a high latency remailer, that can be used to anonymise email, while Tor is a low latency Onion Router, supporting the transport of any TCP stream. The two architectures are complementary, and provide very different security properties. While deployed, for testing, they Mixminion and Tor are both works in progress, and many practical as well as research challenges need to be resolved before they become widely used. The talk will first give an overview of Mixminion and Tor, highlight their architectural similarities and differences. Some attention will be paid to the threat models that they try to protect against and the features that they provide. The key attack techniques will be presented, but without going into the mathematical details. Pointers for further reading will be provided for those who are keen. Then we shall focus on the issues that remain to be resolved to widely deploy these systems, and further strengthen them. These issues are both research questions or concern the practical implemetation of anonymous infrastructure and services. On the one hand there is a need to build more services merely to support anonymous communications: from the implementation of pseudonym servers, directory services, or integration into client applications to research on DoS prevention and flooding. On the other hand the communication infrastructure is only there to be used by higher level applications. Therefore there is a need to understand which applications can be used without modifications over anonymous communications, and which will require to be modified not to compromise identity information. As a result of this talk participants should feel confortable with the basic design of anonymity systems, and know where to find additional information to use or build on these systems. If they choose to further look into the subject they will know what the main issues are where more work is required, and know the venues where this work can be presented, used, and appreciated.
-
15:40
»
SecDocs
Authors:
George Danezis Tags:
privacy Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: We will present the state of the art in deployed anonymous communication systems, and in particular Mixminion, for anonymous email, and Tor, for anonymous web browsing. We will focus on the concrete future challenges to deploy and strengthen theses systems. In the last few years there has been a renewed interest in anonymous communications, both in terms of accademic work but most importantly in terms of implemented and deployed systems. This talk will be geared towards those at the cross section of practice and reaserch that are interested in developing or strengthening applications that provide some anonymity protection. We will describe two systems that are based on solid theoretical work, and should provide a high degree of security: Mixminion, is a high latency remailer, that can be used to anonymise email, while Tor is a low latency Onion Router, supporting the transport of any TCP stream. The two architectures are complementary, and provide very different security properties. While deployed, for testing, they Mixminion and Tor are both works in progress, and many practical as well as research challenges need to be resolved before they become widely used. The talk will first give an overview of Mixminion and Tor, highlight their architectural similarities and differences. Some attention will be paid to the threat models that they try to protect against and the features that they provide. The key attack techniques will be presented, but without going into the mathematical details. Pointers for further reading will be provided for those who are keen. Then we shall focus on the issues that remain to be resolved to widely deploy these systems, and further strengthen them. These issues are both research questions or concern the practical implemetation of anonymous infrastructure and services. On the one hand there is a need to build more services merely to support anonymous communications: from the implementation of pseudonym servers, directory services, or integration into client applications to research on DoS prevention and flooding. On the other hand the communication infrastructure is only there to be used by higher level applications. Therefore there is a need to understand which applications can be used without modifications over anonymous communications, and which will require to be modified not to compromise identity information. As a result of this talk participants should feel confortable with the basic design of anonymity systems, and know where to find additional information to use or build on these systems. If they choose to further look into the subject they will know what the main issues are where more work is required, and know the venues where this work can be presented, used, and appreciated.
-
-
21:46
»
SecDocs
Authors:
Richard Bergmair Tags:
cryptography steganography Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: The lecture gives some insight to the construction of natural language stegosystems. Such systems recode sensitive plaintext to innocuous natural language text, thereby providing security against arbitrators. The problem of central control and monitoring of communication is not new to history. What is new to history, is that we now rely heavily upon electronic means of communication. The fact that these infrastructures do not, by design, rule out the possibility of automated large-scale censorship, is dangerous in itself. However, the fact that we can now watch the necessary legislative and technical infrastructures being deployed should be highly alarming. Clearly the topic of steganography is more important today, than ever before. Steganographic systems provide a secure medium to covertly transmit information in the presence of an arbitrator. In natural language steganography, in particular, machine-readable data is to be encoded to innocuous natural language text, thereby providing security against any arbitrator tolerating natural language as a communication medium. We give detailed insights to the construction of a stegosystem that can embed a secret bitstring into an innocuous piece of natural language text. Furthermore we demonstrate, from a linguistic point of view, some interesting features of natural language, that allow the construction of linguistic stegosystems that are secure under the assumption that the arbitrator is a computer and not a human. From these specific features of natural language, we will turn to the more general notion of the ``AI-complete security primitive, which is a problem we assume to be hard, in a cryptographic context, much like the NP-complete problems used for current numeric cryptography techniques. Finally, it should be noted that the research presented herein is in a very early conceptual stage. However the topics outlined point out an exciting new direction of research in steganography and related fields and might give some inspiration for new creative uses of computer technology.
-
21:46
»
SecDocs
Authors:
Richard Bergmair Tags:
cryptography steganography Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: The lecture gives some insight to the construction of natural language stegosystems. Such systems recode sensitive plaintext to innocuous natural language text, thereby providing security against arbitrators. The problem of central control and monitoring of communication is not new to history. What is new to history, is that we now rely heavily upon electronic means of communication. The fact that these infrastructures do not, by design, rule out the possibility of automated large-scale censorship, is dangerous in itself. However, the fact that we can now watch the necessary legislative and technical infrastructures being deployed should be highly alarming. Clearly the topic of steganography is more important today, than ever before. Steganographic systems provide a secure medium to covertly transmit information in the presence of an arbitrator. In natural language steganography, in particular, machine-readable data is to be encoded to innocuous natural language text, thereby providing security against any arbitrator tolerating natural language as a communication medium. We give detailed insights to the construction of a stegosystem that can embed a secret bitstring into an innocuous piece of natural language text. Furthermore we demonstrate, from a linguistic point of view, some interesting features of natural language, that allow the construction of linguistic stegosystems that are secure under the assumption that the arbitrator is a computer and not a human. From these specific features of natural language, we will turn to the more general notion of the ``AI-complete security primitive, which is a problem we assume to be hard, in a cryptographic context, much like the NP-complete problems used for current numeric cryptography techniques. Finally, it should be noted that the research presented herein is in a very early conceptual stage. However the topics outlined point out an exciting new direction of research in steganography and related fields and might give some inspiration for new creative uses of computer technology.
-
21:46
»
SecDocs
Authors:
Richard Bergmair Tags:
cryptography steganography Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: The lecture gives some insight to the construction of natural language stegosystems. Such systems recode sensitive plaintext to innocuous natural language text, thereby providing security against arbitrators. The problem of central control and monitoring of communication is not new to history. What is new to history, is that we now rely heavily upon electronic means of communication. The fact that these infrastructures do not, by design, rule out the possibility of automated large-scale censorship, is dangerous in itself. However, the fact that we can now watch the necessary legislative and technical infrastructures being deployed should be highly alarming. Clearly the topic of steganography is more important today, than ever before. Steganographic systems provide a secure medium to covertly transmit information in the presence of an arbitrator. In natural language steganography, in particular, machine-readable data is to be encoded to innocuous natural language text, thereby providing security against any arbitrator tolerating natural language as a communication medium. We give detailed insights to the construction of a stegosystem that can embed a secret bitstring into an innocuous piece of natural language text. Furthermore we demonstrate, from a linguistic point of view, some interesting features of natural language, that allow the construction of linguistic stegosystems that are secure under the assumption that the arbitrator is a computer and not a human. From these specific features of natural language, we will turn to the more general notion of the ``AI-complete security primitive, which is a problem we assume to be hard, in a cryptographic context, much like the NP-complete problems used for current numeric cryptography techniques. Finally, it should be noted that the research presented herein is in a very early conceptual stage. However the topics outlined point out an exciting new direction of research in steganography and related fields and might give some inspiration for new creative uses of computer technology.
-
-
16:07
»
SecDocs
Authors:
Sven Behnke Tags:
robotics Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Humanoid robots are investigated, because the human body facilitates acting in a world designed for humans, simplifies the interaction with humans, and allows for intuitive multimodal communication. They are also a tool to understand human intelligence. In the talk I will review some humanoid robot projects and introduce you to our robots Alpha, Toni, Kondo, and RoboSapien. Humanoid robots recently received a lot of attention from the media and researchers. Such robots have a human-like body plan, their sensors can perceive the same modalities as humans do, and their actions resemble human ones. In order to act successfully in a complex environment, these robots should adapt their behavior to the encountered situation, learn, and develop. In my talk, I will first motivate why humanoid robots are worth being investigated. On the one hand, motivation comes from the practical side. A human-like body is the ideal shape for a robot acting in an environment designed for humans. Stairs, doorknobs, light switches, tools, etc. are adapted to human proportions. Signs, labels, and acoustic signals target the human visual and auditory system, respectively. The advantages of humanoid robots are most obvious in the direct interaction with humans. Humans practice multimodal communication via speech, gaze direction, facial expressions, gestures, and body language from early childhood on. This interface is hence ideally suited for the communication between man and machine. Another advantage is that the human-like motion of humanoid robots is easy to predict for humans. This facilitates human-robot cooperation based on non-verbal communication. On the other hand, motivation comes from artificial intelligence (AI) research. Building intelligent artifacts is one important method for AI researchers in their quest to understand intelligence. Many researchers now believe that intelligence cannot exist without a body (Embodiment) and that it shows itself only through interaction with an environment (Situatedness). Building robots that act in complex environments allows for the grounding of symbols, which would be meaningless without this link. Robots are also used to test models of biological systems, e.g. for the navigation of desert ants. If one wants to investigate human intelligence in this way, one has to build humanoid robots. In the talk, I will introduce some humanoid robot projects. In particular, I will discuss walking robots, like Asimo und Johnnie, manipulation robots, like Wendy und Armar, and communication robots, like Kismet und Mexi. I will also report about some activities within our research project "NimbRo - Leaning Humanoid Robots". I will introduce you to Alpha, a full-scale humanoid, and Toni, a smaller biped, under construction in our lab. I will discuss mechanical design, electronics, communication, perception, behavior control, and simulation of these robots. Furthermore I will describe the commercially available robots RoboSapien and Kondo that we augmented with a Pocket PC and a camera in order to make them autonomous. Because humanoid robots are supposed to carry out a large variety of tasks, their evaluation is not easy. One possible evaluation method is the organization of competitions. In order to give you an impression of the state of the art, I will report about this year's RoboCup Humanoid League competitions, which took place in Lisbon. It will become obvious that many research problems need to be solved, before humanoid robots can be used in the real world. Among them are the development of high-performance actuators, sensors, and power supplies. A big challenge is the realization of energy-efficient dynamic walking that supports the dynamics of the system. There is a need for modular behavior control architectures that make controlling the many degrees of freedom of humanoid robots tractable. Furthermore, the integration of individual components must be done in a way that produces synergy effects, such as in audio-visual speech recognition and in active perception. Last, but not least, learning techniques need to be developed to adapt the behavior of humanoid robots to the situation at hand. These methods must be able to learn from few examples. One way to achieve quick learning is imitation. The humanoid body and human-like motion primitives simplify the mopping of observed actions to the robot. This could allow even naive users to 'program' a humanoid robot by demonstration. My talk will conclude with a speculative outlook to the future of humanoid robots. Using them as personal robots could change the way we live significantly.
-
16:07
»
SecDocs
Authors:
Sven Behnke Tags:
robotics Event:
Chaos Communication Congress 21th (21C3) 2004 Abstract: Humanoid robots are investigated, because the human body facilitates acting in a world designed for humans, simplifies the interaction with humans, and allows for intuitive multimodal communication. They are also a tool to understand human intelligence. In the talk I will review some humanoid robot projects and introduce you to our robots Alpha, Toni, Kondo, and RoboSapien. Humanoid robots recently received a lot of attention from the media and researchers. Such robots have a human-like body plan, their sensors can perceive the same modalities as humans do, and their actions resemble human ones. In order to act successfully in a complex environment, these robots should adapt their behavior to the encountered situation, learn, and develop. In my talk, I will first motivate why humanoid robots are worth being investigated. On the one hand, motivation comes from the practical side. A human-like body is the ideal shape for a robot acting in an environment designed for humans. Stairs, doorknobs, light switches, tools, etc. are adapted to human proportions. Signs, labels, and acoustic signals target the human visual and auditory system, respectively. The advantages of humanoid robots are most obvious in the direct interaction with humans. Humans practice multimodal communication via speech, gaze direction, facial expressions, gestures, and body language from early childhood on. This interface is hence ideally suited for the communication between man and machine. Another advantage is that the human-like motion of humanoid robots is easy to predict for humans. This facilitates human-robot cooperation based on non-verbal communication. On the other hand, motivation comes from artificial intelligence (AI) research. Building intelligent artifacts is one important method for AI researchers in their quest to understand intelligence. Many researchers now believe that intelligence cannot exist without a body (Embodiment) and that it shows itself only through interaction with an environment (Situatedness). Building robots that act in complex environments allows for the grounding of symbols, which would be meaningless without this link. Robots are also used to test models of biological systems, e.g. for the navigation of desert ants. If one wants to investigate human intelligence in this way, one has to build humanoid robots. In the talk, I will introduce some humanoid robot projects. In particular, I will discuss walking robots, like Asimo und Johnnie, manipulation robots, like Wendy und Armar, and communication robots, like Kismet und Mexi. I will also report about some activities within our research project "NimbRo - Leaning Humanoid Robots". I will introduce you to Alpha, a full-scale humanoid, and Toni, a smaller biped, under construction in our lab. I will discuss mechanical design, electronics, communication, perception, behavior control, and simulation of these robots. Furthermore I will describe the commercially available robots RoboSapien and Kondo that we augmented with a Pocket PC and a camera in order to make them autonomous. Because humanoid robots are supposed to carry out a large variety of tasks, their evaluation is not easy. One possible evaluation method is the organization of competitions. In order to give you an impression of the state of the art, I will report about this year's RoboCup Humanoid League competitions, which took place in Lisbon. It will become obvious that many research problems need to be solved, before humanoid robots can be used in the real world. Among them are the development of high-performance actuators, sensors, and power supplies. A big challenge is the realization of energy-efficient dynamic walking that supports the dynamics of the system. There is a need for modular behavior control architectures that make controlling the many degrees of freedom of humanoid robots tractable. Furthermore, the integration of individual components must be done in a way that produces synergy effects, such as in audio-visual speech recognition and in active perception. Last, but not least, learning techniques need to be developed to adapt the behavior of humanoid robots to the situation at hand. These methods must be able to learn from few examples. One way to achieve quick learning is imitation. The humanoid body and human-like motion primitives simplify the mopping of observed actions to the robot. This could allow even naive users to 'program' a humanoid robot by demonstration. My talk will conclude with a speculative outlook to the future of humanoid robots. Using them as personal robots could change the way we live significantly.
-
-
21:52
»
SecDocs
Authors:
Elektra Wagenrad Tags:
WiFi Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: What you need to know to successfully design and build a wifi long shot. RF Calculation. Knowledge about the Fresnel Zone. Polarisation of electromagnetic waves. Tricks to avoid interference. Timeout problems of 802.11abg and how to deal with them. What you need to know to successfully design and build a wifi long shot. RF Calculation. Knowledge about the Fresnel Zone. Polarisation of electromagnetic waves. Tricks to avoid interference. Timeout problems of 802.11abg and how to deal with them. Slightly more comprehensive description: Wifi is a really inexpensive way to build datalinks up to 120 kilometer distance. Such use of Wifi is already relatively widespread in developing countries that lack communication infrastructure. The world wide web is so far not truly for everyone - may 1 billion people use it and about 5 billions don't. It maybe unavailable, too expensive or both. Indeed, Information needs to be free - that also means that there must be cheap ways to share it. So far WiFi is the cheap way to go where no infrastructure exists - although that may change with WiMax in the future. Even if you live in a developed country it is fun or may be necessary to build your own (community) network beyond the range a few hundred meters.
-
21:52
»
SecDocs
Authors:
Elektra Wagenrad Tags:
WiFi Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: What you need to know to successfully design and build a wifi long shot. RF Calculation. Knowledge about the Fresnel Zone. Polarisation of electromagnetic waves. Tricks to avoid interference. Timeout problems of 802.11abg and how to deal with them. What you need to know to successfully design and build a wifi long shot. RF Calculation. Knowledge about the Fresnel Zone. Polarisation of electromagnetic waves. Tricks to avoid interference. Timeout problems of 802.11abg and how to deal with them. Slightly more comprehensive description: Wifi is a really inexpensive way to build datalinks up to 120 kilometer distance. Such use of Wifi is already relatively widespread in developing countries that lack communication infrastructure. The world wide web is so far not truly for everyone - may 1 billion people use it and about 5 billions don't. It maybe unavailable, too expensive or both. Indeed, Information needs to be free - that also means that there must be cheap ways to share it. So far WiFi is the cheap way to go where no infrastructure exists - although that may change with WiMax in the future. Even if you live in a developed country it is fun or may be necessary to build your own (community) network beyond the range a few hundred meters.
-
21:52
»
SecDocs
Authors:
Elektra Wagenrad Tags:
WiFi Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: What you need to know to successfully design and build a wifi long shot. RF Calculation. Knowledge about the Fresnel Zone. Polarisation of electromagnetic waves. Tricks to avoid interference. Timeout problems of 802.11abg and how to deal with them. What you need to know to successfully design and build a wifi long shot. RF Calculation. Knowledge about the Fresnel Zone. Polarisation of electromagnetic waves. Tricks to avoid interference. Timeout problems of 802.11abg and how to deal with them. Slightly more comprehensive description: Wifi is a really inexpensive way to build datalinks up to 120 kilometer distance. Such use of Wifi is already relatively widespread in developing countries that lack communication infrastructure. The world wide web is so far not truly for everyone - may 1 billion people use it and about 5 billions don't. It maybe unavailable, too expensive or both. Indeed, Information needs to be free - that also means that there must be cheap ways to share it. So far WiFi is the cheap way to go where no infrastructure exists - although that may change with WiMax in the future. Even if you live in a developed country it is fun or may be necessary to build your own (community) network beyond the range a few hundred meters.
-
-
9:20
»
SecDocs
Authors:
Ian Clarke Oskar Sandberg Tags:
covert channel privacy Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: At Defcon 13, we presented our ideas for creating scalable networks where only trusted friends speak directly to each other. In this talk, we will elaborate on this, discussing further experiments and results, as well as our attempts to build such a network for real. We believe that such networks, because they are covert and difficult to detect, are the only viable future for peer-to-peer communication in a time when it is under attack from all sides. The problem with such "dark" networks, or Darknets, is that peers in general are connected only through sequences of friends knowing friends. In order to create a network that still allows global communication, one must find a way of searching efficiently for such paths between hosts. This is where we have focused our attention: if one can efficiently find such paths, then one can use the known techniques of distributed hashtables to make a working, searchable, network. We have now begun our plan towards actually deploying a version of Freenet based on these principles: a file sharing network where only once trusted friends will know that one is even participating. Since it is to be the next version of Freenet, we also intend for it to offer anonymity and replication to protect against censorship. In this talk, we will further elaborate on the ideas and the issues we are facing. We will discuss further experiments and results, as well as our initial experiences of attempting to create such a network for the real world. As before, we will present both the theoretical aspects of our research, which has its roots in deep mathematical results, and the practical aspects of what we are trying to achieve.
-
9:20
»
SecDocs
Authors:
Ian Clarke Oskar Sandberg Tags:
covert channel privacy Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: At Defcon 13, we presented our ideas for creating scalable networks where only trusted friends speak directly to each other. In this talk, we will elaborate on this, discussing further experiments and results, as well as our attempts to build such a network for real. We believe that such networks, because they are covert and difficult to detect, are the only viable future for peer-to-peer communication in a time when it is under attack from all sides. The problem with such "dark" networks, or Darknets, is that peers in general are connected only through sequences of friends knowing friends. In order to create a network that still allows global communication, one must find a way of searching efficiently for such paths between hosts. This is where we have focused our attention: if one can efficiently find such paths, then one can use the known techniques of distributed hashtables to make a working, searchable, network. We have now begun our plan towards actually deploying a version of Freenet based on these principles: a file sharing network where only once trusted friends will know that one is even participating. Since it is to be the next version of Freenet, we also intend for it to offer anonymity and replication to protect against censorship. In this talk, we will further elaborate on the ideas and the issues we are facing. We will discuss further experiments and results, as well as our initial experiences of attempting to create such a network for the real world. As before, we will present both the theoretical aspects of our research, which has its roots in deep mathematical results, and the practical aspects of what we are trying to achieve.
-
9:20
»
SecDocs
Authors:
Ian Clarke Oskar Sandberg Tags:
covert channel privacy Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: At Defcon 13, we presented our ideas for creating scalable networks where only trusted friends speak directly to each other. In this talk, we will elaborate on this, discussing further experiments and results, as well as our attempts to build such a network for real. We believe that such networks, because they are covert and difficult to detect, are the only viable future for peer-to-peer communication in a time when it is under attack from all sides. The problem with such "dark" networks, or Darknets, is that peers in general are connected only through sequences of friends knowing friends. In order to create a network that still allows global communication, one must find a way of searching efficiently for such paths between hosts. This is where we have focused our attention: if one can efficiently find such paths, then one can use the known techniques of distributed hashtables to make a working, searchable, network. We have now begun our plan towards actually deploying a version of Freenet based on these principles: a file sharing network where only once trusted friends will know that one is even participating. Since it is to be the next version of Freenet, we also intend for it to offer anonymity and replication to protect against censorship. In this talk, we will further elaborate on the ideas and the issues we are facing. We will discuss further experiments and results, as well as our initial experiences of attempting to create such a network for the real world. As before, we will present both the theoretical aspects of our research, which has its roots in deep mathematical results, and the practical aspects of what we are trying to achieve.
-
-
21:35
»
SecDocs
Authors:
Sven Moritz Hallberg Tags:
technology Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: Lojban is an artificial language for humans. It was designed to be a more powerful means of communication between humans than "legacy" natural languages. Among other attractions, it is based on predicate logic and has an unambiguous grammar. It can be learnt within days. Lojban is an artificial language meant to be spoken by humans. Its distinctive features include a basis in logic (predicate calculus!), regularity (no exceptions), an isomorphic mapping between written and spoken form, and an unambiguous grammar. It was originally developed for research on the Sapir-Whorf hypothesis. This hypothesis states that the structure of one's language constrains one's thinking. Lojban was designed to minimize such constraints. It enables clear, powerful, and unambiguous communication among humans. Its rigorous grammar also makes it a prime candidate for communication with computers. Additionally, Lojban's clear phonetic structure makes it robust over noisy channels. This lecture aims to show that, just as we develop and use new programming languages for additional power, we can develop and use new languages for use among ourselves. It will provide a first glance at Lojban structure and grammar, and pointers to the readily-available learning material.
-
21:35
»
SecDocs
Authors:
Sven Moritz Hallberg Tags:
technology Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: Lojban is an artificial language for humans. It was designed to be a more powerful means of communication between humans than "legacy" natural languages. Among other attractions, it is based on predicate logic and has an unambiguous grammar. It can be learnt within days. Lojban is an artificial language meant to be spoken by humans. Its distinctive features include a basis in logic (predicate calculus!), regularity (no exceptions), an isomorphic mapping between written and spoken form, and an unambiguous grammar. It was originally developed for research on the Sapir-Whorf hypothesis. This hypothesis states that the structure of one's language constrains one's thinking. Lojban was designed to minimize such constraints. It enables clear, powerful, and unambiguous communication among humans. Its rigorous grammar also makes it a prime candidate for communication with computers. Additionally, Lojban's clear phonetic structure makes it robust over noisy channels. This lecture aims to show that, just as we develop and use new programming languages for additional power, we can develop and use new languages for use among ourselves. It will provide a first glance at Lojban structure and grammar, and pointers to the readily-available learning material.
-
21:35
»
SecDocs
Authors:
Sven Moritz Hallberg Tags:
technology Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: Lojban is an artificial language for humans. It was designed to be a more powerful means of communication between humans than "legacy" natural languages. Among other attractions, it is based on predicate logic and has an unambiguous grammar. It can be learnt within days. Lojban is an artificial language meant to be spoken by humans. Its distinctive features include a basis in logic (predicate calculus!), regularity (no exceptions), an isomorphic mapping between written and spoken form, and an unambiguous grammar. It was originally developed for research on the Sapir-Whorf hypothesis. This hypothesis states that the structure of one's language constrains one's thinking. Lojban was designed to minimize such constraints. It enables clear, powerful, and unambiguous communication among humans. Its rigorous grammar also makes it a prime candidate for communication with computers. Additionally, Lojban's clear phonetic structure makes it robust over noisy channels. This lecture aims to show that, just as we develop and use new programming languages for additional power, we can develop and use new languages for use among ourselves. It will provide a first glance at Lojban structure and grammar, and pointers to the readily-available learning material.
-
21:35
»
SecDocs
Authors:
Sven Moritz Hallberg Tags:
technology Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: Lojban is an artificial language for humans. It was designed to be a more powerful means of communication between humans than "legacy" natural languages. Among other attractions, it is based on predicate logic and has an unambiguous grammar. It can be learnt within days. Lojban is an artificial language meant to be spoken by humans. Its distinctive features include a basis in logic (predicate calculus!), regularity (no exceptions), an isomorphic mapping between written and spoken form, and an unambiguous grammar. It was originally developed for research on the Sapir-Whorf hypothesis. This hypothesis states that the structure of one's language constrains one's thinking. Lojban was designed to minimize such constraints. It enables clear, powerful, and unambiguous communication among humans. Its rigorous grammar also makes it a prime candidate for communication with computers. Additionally, Lojban's clear phonetic structure makes it robust over noisy channels. This lecture aims to show that, just as we develop and use new programming languages for additional power, we can develop and use new languages for use among ourselves. It will provide a first glance at Lojban structure and grammar, and pointers to the readily-available learning material.
-
-
5:40
»
SecDocs
Authors:
Tim Pritlove Tags:
social Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: This lecture is more of a live podcast recording session than a traditional talk. So you will be more of an audience in a radio studio while Tim is producing the podcast. In the podcast which is produced in realtime, Tim will lay out the various aspects of podcasting including history, background technology and future directions. Podcasting has taken a significant mind share in the recent months and is positioned to be the next big media hype. Podcasts are about to complement and enhance the radio landscape and appear to be a primary outlet for promoting both free speech and free music. So far broadcasting regulations haven't hit the scene which continues to create new formats and revolutionize audio-based communication on the web. The Podosphere emerges as the audible Usenet drawing people to the net that haven't been attracted before. The Audible Web is going to draw people to the Internet that haven't had much fun with the mainly text and image-based appearance. While many like to communication text-based in chats, e-mails, forums and other services some people not only prefer to listen and talk, it's the only thing you might get hold of their opinions and preferences. Podcasting is doing to radio and TV what the web did to printed magazines, newspapers and books. It's not going to replace, but significantly enhance the medium adding new value and formats to the line-up which can in return benefit the whole scene. Time-delayed listening much better fits the need of people in modern life that is dominated by tight schedules
-
-
21:55
»
SecDocs
Authors:
Tim Pritlove Tags:
social Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: This lecture is more of a live podcast recording session than a traditional talk. So you will be more of an audience in a radio studio while Tim is producing the podcast. In the podcast which is produced in realtime, Tim will lay out the various aspects of podcasting including history, background technology and future directions. Podcasting has taken a significant mind share in the recent months and is positioned to be the next big media hype. Podcasts are about to complement and enhance the radio landscape and appear to be a primary outlet for promoting both free speech and free music. So far broadcasting regulations haven't hit the scene which continues to create new formats and revolutionize audio-based communication on the web. The Podosphere emerges as the audible Usenet drawing people to the net that haven't been attracted before. The Audible Web is going to draw people to the Internet that haven't had much fun with the mainly text and image-based appearance. While many like to communication text-based in chats, e-mails, forums and other services some people not only prefer to listen and talk, it's the only thing you might get hold of their opinions and preferences. Podcasting is doing to radio and TV what the web did to printed magazines, newspapers and books. It's not going to replace, but significantly enhance the medium adding new value and formats to the line-up which can in return benefit the whole scene. Time-delayed listening much better fits the need of people in modern life that is dominated by tight schedules
-
21:55
»
SecDocs
Authors:
Tim Pritlove Tags:
social Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: This lecture is more of a live podcast recording session than a traditional talk. So you will be more of an audience in a radio studio while Tim is producing the podcast. In the podcast which is produced in realtime, Tim will lay out the various aspects of podcasting including history, background technology and future directions. Podcasting has taken a significant mind share in the recent months and is positioned to be the next big media hype. Podcasts are about to complement and enhance the radio landscape and appear to be a primary outlet for promoting both free speech and free music. So far broadcasting regulations haven't hit the scene which continues to create new formats and revolutionize audio-based communication on the web. The Podosphere emerges as the audible Usenet drawing people to the net that haven't been attracted before. The Audible Web is going to draw people to the Internet that haven't had much fun with the mainly text and image-based appearance. While many like to communication text-based in chats, e-mails, forums and other services some people not only prefer to listen and talk, it's the only thing you might get hold of their opinions and preferences. Podcasting is doing to radio and TV what the web did to printed magazines, newspapers and books. It's not going to replace, but significantly enhance the medium adding new value and formats to the line-up which can in return benefit the whole scene. Time-delayed listening much better fits the need of people in modern life that is dominated by tight schedules
-
-
5:23
»
SecDocs
Authors:
André Rebentisch Tags:
social Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: Information overflow is a general problem of today's open information infrastructures. Everything can be found on the web but unfortunately not by everyone. Getting informed about the European Union and its projects is a task which you cannot leave to the Commission's public relations department. You should better start your own investigation. European decisions effect your interests and your business. Community building, interest representation through communication and influencing public opinion is not sufficient for effective lobbying. Information superiority by better access, knowledge retrieval and social engineering techniques gives you an advantage.
-
5:23
»
SecDocs
Authors:
André Rebentisch Tags:
social Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: Information overflow is a general problem of today's open information infrastructures. Everything can be found on the web but unfortunately not by everyone. Getting informed about the European Union and its projects is a task which you cannot leave to the Commission's public relations department. You should better start your own investigation. European decisions effect your interests and your business. Community building, interest representation through communication and influencing public opinion is not sufficient for effective lobbying. Information superiority by better access, knowledge retrieval and social engineering techniques gives you an advantage.
-
-
21:38
»
SecDocs
Authors:
Isabel Drost Tags:
search engine Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: The presentation will give a short overview of the architecture of search engines and how machine learning can help improving search engines. In addition some projects you can take part in will be briefly introduced. Developers of search engines today do not only face technical problems such as designing an efficient crawler or distributing search requests among servers. Search has become a problem of identifying reliable information in an adversarial environment. Since the web is used for purposes as diverse as trade, communication, and advertisement search engines need to be able to distinguish different types of web pages. In this paper we describe some common properties of the WWW and social networks. We show one possibility of exploiting these properties for classifying web pages.
-
21:38
»
SecDocs
Authors:
Isabel Drost Tags:
search engine Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: The presentation will give a short overview of the architecture of search engines and how machine learning can help improving search engines. In addition some projects you can take part in will be briefly introduced. Developers of search engines today do not only face technical problems such as designing an efficient crawler or distributing search requests among servers. Search has become a problem of identifying reliable information in an adversarial environment. Since the web is used for purposes as diverse as trade, communication, and advertisement search engines need to be able to distinguish different types of web pages. In this paper we describe some common properties of the WWW and social networks. We show one possibility of exploiting these properties for classifying web pages.
-
21:38
»
SecDocs
Authors:
Isabel Drost Tags:
search engine Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: The presentation will give a short overview of the architecture of search engines and how machine learning can help improving search engines. In addition some projects you can take part in will be briefly introduced. Developers of search engines today do not only face technical problems such as designing an efficient crawler or distributing search requests among servers. Search has become a problem of identifying reliable information in an adversarial environment. Since the web is used for purposes as diverse as trade, communication, and advertisement search engines need to be able to distinguish different types of web pages. In this paper we describe some common properties of the WWW and social networks. We show one possibility of exploiting these properties for classifying web pages.
-
-
21:38
»
SecDocs
Tags:
network Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: What have talking to your lover and information warfare in common? After building a simple model on human communication and some introductions we begin to play with message construction learning about how to program the matrix. Workshop about message and campaign construction for nerds has to start with definitions and a basic model to work with. Looking at some specific forms of communication and communication errors, we can enhance model and knowledge about how to make a message clear and a campaign out of these messages. An improvement if those adressed won't listen to a techie community otherwise.
-
21:38
»
SecDocs
Tags:
network Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: What have talking to your lover and information warfare in common? After building a simple model on human communication and some introductions we begin to play with message construction learning about how to program the matrix. Workshop about message and campaign construction for nerds has to start with definitions and a basic model to work with. Looking at some specific forms of communication and communication errors, we can enhance model and knowledge about how to make a message clear and a campaign out of these messages. An improvement if those adressed won't listen to a techie community otherwise.
-
13:12
»
SecDocs
Tags:
network Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: What have talking to your lover and information warfare in common? After building a simple model on human communication and some introductions we begin to play with message construction learning about how to program the matrix. Workshop about message and campaign construction for nerds has to start with definitions and a basic model to work with. Looking at some specific forms of communication and communication errors, we can enhance model and knowledge about how to make a message clear and a campaign out of these messages. An improvement if those adressed won't listen to a techie community otherwise.
-
13:12
»
SecDocs
Tags:
network Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: What have talking to your lover and information warfare in common? After building a simple model on human communication and some introductions we begin to play with message construction learning about how to program the matrix. Workshop about message and campaign construction for nerds has to start with definitions and a basic model to work with. Looking at some specific forms of communication and communication errors, we can enhance model and knowledge about how to make a message clear and a campaign out of these messages. An improvement if those adressed won't listen to a techie community otherwise.
-
-
21:43
»
SecDocs
Tags:
social Event:
Chaos Communication Camp 2007 Abstract: Following hurricane Katrina, hundreds of thousands of people were hit with one of the worst disasters in US history; the mismanagement and neglect of the government, better known in New Orleans as the FEDERAL FLOOD. While the major media and the government itself carry out an information blackout about the details of this ongoing disaster, some bloggers and podcasters have taken matters into their own hands, reporting the news, exposing the corruption, and using the internet to speak directly to the outside world. This presentation is about my first hand experience, and their ongoing struggle.
-
-
8:01
»
Hack a Day
In the never-ending pursuit of cheap wireless communication for your microcontroller projects, [kiu] came up with a small board that allows for serial communication via a 433MHz radio link. [kiu]‘s transceiver uses an RFM12 wireless module available online for just a few dollars. Alongside this module is an ATMega8 and a USB to serial FTDI chip. [...]
-
-
21:33
»
SecDocs
Authors:
Frank Kargl Tags:
network Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Vehicle communication is a major research topic, covered by many national and international research projects. Applications promise to make our driving safer, more efficient, and more fun. The talk presents applications, technology, and also addresses security and privacy issues. The talk will first introduce the concept of vehicle communication. Vehicles can communicate with each other to form so called Vehicular Ad-hoc Networks (VANETs) or with road-side units that allow access to backend systems that provide warnings, traffic information, etc. Next, there will be a presentation of potential applications to motivate the need for such communication. This includes warning applications, e.g. cars can send warning messages to other cars including their exact position warning them of the danger ahead. As cars receiving such messages will forward them also to other cars, they form a multi-hop ad-hoc network. Other applications can warn cars about dangerous road conditions, increase traffic efficiency at intersections or on highways or may simply be used to send e.g. text messages between cars (did you ever wanted to tell the driver in front of you your oppinion regarding his driving style?;-) The talk will also cover technical details like position-based routing used in such networks or message dissemination protocols. It is evident that such systems will also introduce new dangers to security and privacy. Sending e.g. faked warning messages may affect traffic and recording the position information of cars severly affects the privacy of drivers. The speaker is member of the pan-european research project SEVECOM that especially addresses the security and privacy needs in car communication. He will present some results from the that project, describing security requirements, potential attackes, and first ideas for security and privacy mechanisms.
-
-
21:48
»
SecDocs
Authors:
Frank Kargl Tags:
network Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Vehicle communication is a major research topic, covered by many national and international research projects. Applications promise to make our driving safer, more efficient, and more fun. The talk presents applications, technology, and also addresses security and privacy issues. The talk will first introduce the concept of vehicle communication. Vehicles can communicate with each other to form so called Vehicular Ad-hoc Networks (VANETs) or with road-side units that allow access to backend systems that provide warnings, traffic information, etc. Next, there will be a presentation of potential applications to motivate the need for such communication. This includes warning applications, e.g. cars can send warning messages to other cars including their exact position warning them of the danger ahead. As cars receiving such messages will forward them also to other cars, they form a multi-hop ad-hoc network. Other applications can warn cars about dangerous road conditions, increase traffic efficiency at intersections or on highways or may simply be used to send e.g. text messages between cars (did you ever wanted to tell the driver in front of you your oppinion regarding his driving style?;-) The talk will also cover technical details like position-based routing used in such networks or message dissemination protocols. It is evident that such systems will also introduce new dangers to security and privacy. Sending e.g. faked warning messages may affect traffic and recording the position information of cars severly affects the privacy of drivers. The speaker is member of the pan-european research project SEVECOM that especially addresses the security and privacy needs in car communication. He will present some results from the that project, describing security requirements, potential attackes, and first ideas for security and privacy mechanisms.
-
21:48
»
SecDocs
Authors:
Frank Kargl Tags:
network Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Vehicle communication is a major research topic, covered by many national and international research projects. Applications promise to make our driving safer, more efficient, and more fun. The talk presents applications, technology, and also addresses security and privacy issues. The talk will first introduce the concept of vehicle communication. Vehicles can communicate with each other to form so called Vehicular Ad-hoc Networks (VANETs) or with road-side units that allow access to backend systems that provide warnings, traffic information, etc. Next, there will be a presentation of potential applications to motivate the need for such communication. This includes warning applications, e.g. cars can send warning messages to other cars including their exact position warning them of the danger ahead. As cars receiving such messages will forward them also to other cars, they form a multi-hop ad-hoc network. Other applications can warn cars about dangerous road conditions, increase traffic efficiency at intersections or on highways or may simply be used to send e.g. text messages between cars (did you ever wanted to tell the driver in front of you your oppinion regarding his driving style?;-) The talk will also cover technical details like position-based routing used in such networks or message dissemination protocols. It is evident that such systems will also introduce new dangers to security and privacy. Sending e.g. faked warning messages may affect traffic and recording the position information of cars severly affects the privacy of drivers. The speaker is member of the pan-european research project SEVECOM that especially addresses the security and privacy needs in car communication. He will present some results from the that project, describing security requirements, potential attackes, and first ideas for security and privacy mechanisms.
-
-
21:38
»
SecDocs
Tags:
technology Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: The main communication streams in our realities happen besides the exchange of facts and arguments. "The matrix" is built on emotions! Trance coded communication patterns are a natural thing to exchange emotions between individuals. Using them is as normal, as not to be aware of it. But once you recognize the patterns, it is playtime! Who do you trust putting you in a trance state? Our reality is not built on facts. What really matters, what really steers and guides you, as a human individual, are feelings, values and views. Try that experiment: Remember a very good lecture or talk. A talk you enjoyed, where you really had fun while you listened to it. Take a little time to recall how it looked like, try to remember some sounds. While you remember sitting in the audience, listening and laughing, you can also remember the feelings you had. Where did they come from? When you look carefully at that situation, you will see that your fun comes from the fun of the speaker. It is he, who gives you your share of his own experience. It is amplified by the communication signals of others in the audience. But as you are linked to the speaker, that communication happens without anyone aware of that communication layer. The speaker's brain communicates, in a covert but completely natural way, to your brain. It is bypassing your consciousness. Of course it does, because that transmission would not work otherwise, and what happens is called: Induction. He induces a part of his mindset into your mindset. Trance is just such a mindset. A mix of values, views but most of all: feelings. Since before birth everyone changes from one trance into another. You know how it feels when you have a bad day and do not feel good? And on another day, you can do anything and you have that feeling of a fresh and clear mind? It is natural to go from one trance state into another state. Induction is, simplified, just one mind in trance, communicating his trance state to another in a way so that this person can choose to follow or react. Fun, nervousness, arousal, confidence and all those feelings can travel along aside normal communication. The "mind in trance" embeds the proposals to change to that trance state. Everyone is doing that. We just differ in effectiveness. This talk will raise your awareness for trance commands in human interaction. While you can improve your own effectiveness a little bit, you will learn to look out for trance codes in communication.
-
21:38
»
SecDocs
Tags:
technology Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: The main communication streams in our realities happen besides the exchange of facts and arguments. "The matrix" is built on emotions! Trance coded communication patterns are a natural thing to exchange emotions between individuals. Using them is as normal, as not to be aware of it. But once you recognize the patterns, it is playtime! Who do you trust putting you in a trance state? Our reality is not built on facts. What really matters, what really steers and guides you, as a human individual, are feelings, values and views. Try that experiment: Remember a very good lecture or talk. A talk you enjoyed, where you really had fun while you listened to it. Take a little time to recall how it looked like, try to remember some sounds. While you remember sitting in the audience, listening and laughing, you can also remember the feelings you had. Where did they come from? When you look carefully at that situation, you will see that your fun comes from the fun of the speaker. It is he, who gives you your share of his own experience. It is amplified by the communication signals of others in the audience. But as you are linked to the speaker, that communication happens without anyone aware of that communication layer. The speaker's brain communicates, in a covert but completely natural way, to your brain. It is bypassing your consciousness. Of course it does, because that transmission would not work otherwise, and what happens is called: Induction. He induces a part of his mindset into your mindset. Trance is just such a mindset. A mix of values, views but most of all: feelings. Since before birth everyone changes from one trance into another. You know how it feels when you have a bad day and do not feel good? And on another day, you can do anything and you have that feeling of a fresh and clear mind? It is natural to go from one trance state into another state. Induction is, simplified, just one mind in trance, communicating his trance state to another in a way so that this person can choose to follow or react. Fun, nervousness, arousal, confidence and all those feelings can travel along aside normal communication. The "mind in trance" embeds the proposals to change to that trance state. Everyone is doing that. We just differ in effectiveness. This talk will raise your awareness for trance commands in human interaction. While you can improve your own effectiveness a little bit, you will learn to look out for trance codes in communication.
-
12:36
»
SecDocs
Authors:
John Perry Barlow Tim Pritlove Tags:
hacking Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Opening event of the 23rd Chaos Communication Congress. After a welcome talk, the 23C3's keynote will be delivered.
-
12:26
»
SecDocs
Authors:
John Perry Barlow Tim Pritlove Tags:
hacking Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Opening event of the 23rd Chaos Communication Congress. After a welcome talk, the 23C3's keynote will be delivered.
-
12:26
»
SecDocs
Authors:
John Perry Barlow Tim Pritlove Tags:
hacking Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Opening event of the 23rd Chaos Communication Congress. After a welcome talk, the 23C3's keynote will be delivered.
-
-
21:45
»
SecDocs
Authors:
Immanuel Scholz Tags:
cryptography Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Imi gives an introduction into the idea behind DC networks, how and why they work. With demonstration! Back in 1988, David Chaum proposed a protocol for perfect untracable communication. And it was completly different to the (former invented) Mix Cascades. While the Mixes got all the press (heard of "Tor" and "JAP"? Told you!), the idea of DC networks were silently ignored by the majority of the community. This talk is to show how DC networks work, why they are secure and presents an implementation.
-
21:45
»
SecDocs
Authors:
Immanuel Scholz Tags:
cryptography Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Imi gives an introduction into the idea behind DC networks, how and why they work. With demonstration! Back in 1988, David Chaum proposed a protocol for perfect untracable communication. And it was completly different to the (former invented) Mix Cascades. While the Mixes got all the press (heard of "Tor" and "JAP"? Told you!), the idea of DC networks were silently ignored by the majority of the community. This talk is to show how DC networks work, why they are secure and presents an implementation.
-
-
13:34
»
SecDocs
Authors:
Julia Lüning Kirian Scheuplein Tags:
hacking Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: The Chaos Communication Camp 2007 was an international, five-day open-air event for hackers and associated life-forms... let's see what the documentation team made out of it.
-
-
21:54
»
SecDocs
Authors:
Jens Kubieziel Tags:
privacy Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: I2P is a message-based anonymizing network. It builds a virtual network between the communication endpoints. This talk will introduce the technical details of I2P and show some exemplary applications. I2P has a different approach than most other known anonymous applications. Maybe you know about the anonymisation network Tor. Here you have central directory servers, onion routers (relaying traffic), onion proxies (send and receive data from the user) and other software roles within the network. I2P calls every software a router and it can send and receive data for the user as well as relay traffic for other users. Furthermore I2P uses no central server for distributing information about routers. You'll get the information from I2P's network database. This is a pair of algorithms which share the network metadata. The routers participate in the Kademlia algorithm. It is derived from distributed hash table. My talk will tell you in detail how I2P work, what roles routers, gateways, netDb etc. plays. Furthermore I'll show differences and similarities to other anonymizing networks e. g. Tor and introduce some exemplary applications.
-
21:54
»
SecDocs
Authors:
Jens Kubieziel Tags:
privacy Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: I2P is a message-based anonymizing network. It builds a virtual network between the communication endpoints. This talk will introduce the technical details of I2P and show some exemplary applications. I2P has a different approach than most other known anonymous applications. Maybe you know about the anonymisation network Tor. Here you have central directory servers, onion routers (relaying traffic), onion proxies (send and receive data from the user) and other software roles within the network. I2P calls every software a router and it can send and receive data for the user as well as relay traffic for other users. Furthermore I2P uses no central server for distributing information about routers. You'll get the information from I2P's network database. This is a pair of algorithms which share the network metadata. The routers participate in the Kademlia algorithm. It is derived from distributed hash table. My talk will tell you in detail how I2P work, what roles routers, gateways, netDb etc. plays. Furthermore I'll show differences and similarities to other anonymizing networks e. g. Tor and introduce some exemplary applications.
-
-
21:34
»
SecDocs
Authors:
Thorsten Holz Tags:
malware Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Not only the Web has reached level 2.0, also attacks against computer systems have advanced in the last few months: Storm Worm, a peer-to-peer based botnet, is presumably one of the best examples of this development. Instead of a central command & control infrastructure, Storm uses a distributed, peer-to-peer based communication channel on top of Kademlia / Overnet. Furthermore, the botherders use fast-flux service networks (FFSNs) to host some of the content. FFSNs use fast-changing DNS entries to build a reliable hosting infrastructure on top of compromised machines. Besides using the botnet for DDoS attacks, the attackers also send lots of spam - most often stock spam, i.e., spam messages that advertise stocks. This talk presents more information about Storm Worm and other aspects of modern cybercrime. The first part of the talk provides a brief history of Storm Worm (Peacomm, Nuwar, Zhelatin, ...), focusing on the actual propagation phase. Afterwards, we describe the network communication of the bot in detail and show how we can learn more about the botnet. We were able to infiltrate and analyze in-depth the peer-to-peer network used by Storm Worm and present some measurement results.
-
-
21:48
»
SecDocs
Authors:
Thorsten Holz Tags:
malware Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Not only the Web has reached level 2.0, also attacks against computer systems have advanced in the last few months: Storm Worm, a peer-to-peer based botnet, is presumably one of the best examples of this development. Instead of a central command & control infrastructure, Storm uses a distributed, peer-to-peer based communication channel on top of Kademlia / Overnet. Furthermore, the botherders use fast-flux service networks (FFSNs) to host some of the content. FFSNs use fast-changing DNS entries to build a reliable hosting infrastructure on top of compromised machines. Besides using the botnet for DDoS attacks, the attackers also send lots of spam - most often stock spam, i.e., spam messages that advertise stocks. This talk presents more information about Storm Worm and other aspects of modern cybercrime. The first part of the talk provides a brief history of Storm Worm (Peacomm, Nuwar, Zhelatin, ...), focusing on the actual propagation phase. Afterwards, we describe the network communication of the bot in detail and show how we can learn more about the botnet. We were able to infiltrate and analyze in-depth the peer-to-peer network used by Storm Worm and present some measurement results.
-
-
21:46
»
SecDocs
Authors:
Collin Mulliner Tags:
phone Event:
Chaos Communication Congress 25th (25C3) 2008 Abstract: Near Field Communication (NFC) based services and mobile phones are starting to appear in the field, therefore it is time to take a look at the security of the services and especially the NFC mobile phones themselves.
-
-
21:35
»
SecDocs
Tags:
security phone Event:
Chaos Communication Camp 2011 Abstract: Today, more and more real-world things and machines are equipped with some kind of connection back home to the vendor. Such machine-to-machine (M2M) communication is often poorly secured and some day, the shit will hit the fan! Due to the wide availability of broadband internet and mobile communication, the number of embedded systems that come with a network connection is constantly increasing. These devices are ubiquitous and used in a wide range of applications: smart grid, building management, surveillance, traffic control and individual vehicles. Those embedded devices are often poorly secured, if at all. But things get a lot worse: Vendors often don't take into account, that a device might get compromised, thus giving the attacker access to their network. This talk will give an overview over general machine-to-machine (M2M) communications and corresponding attack scenarios. In addition to wired systems, wireless systems will be considered. Of the latter, GSM based systems are the most interesting. Several ways to attack an embedded device, extract secret data and gain network access will be shown. Finally, some good and bad attempts to enhance the security of M2M systems will be presented.
-
21:35
»
SecDocs
Authors:
Christiane Ruetten Tags:
social Event:
Chaos Communication Camp 2011 Abstract: What makes us gravitate towards other people? In Intellectual Vampires it is the craving for fresh ideas, and in Intellectual Fangbangers it is the joy of sharing them. A talk on the fine art of communication, channels, contexts, and language. It was Charlaine Harris, author of The Sookie Stackhouse Novels behind the TV series True Blood, who portrayed vampirism as something potentially mutually enriching for both the sucker and the suckee. Intellectual Vampires need fresh ideas. They crave them, they seek inspiring people, feed on them, and leave as soon as there is nothing new to be learned. Their willing mindfuck partners are Intellectual Fangbangers who volunteer in providing for new ideas, take pleasure in sharing them, and see them evolve in emerging new contexts. Given that the human mind is all about information flow, interesting patterns emerge if IV/IFB thinking is applied to human relations in all walks of life. Which channels do we employ and what encodings do we use? Can we use them more efficiently? What does the Internet change? Why is secrecy harmful and transparency, openness, and honesty so compellingly satisfying? How do relationships evolve over time? Does intelligence matter? And what makes for mutually pleasing IV/IFB connections?
-
-
15:36
»
SecDocs
Authors:
Andreas Schreiner Clemens Hopfer Patrick Strasser Tags:
radio Event:
Chaos Communication Camp 2011 Abstract: Moon bounce, also known as EME (Earth-Moon-Earth), is a technique that allows two earth-based radio stations to communicate directly by using the moon as passive reflector. It is the longest path two stations on Earth can use to establish direct connection with each other. First developed the late 1940s by the United States Navy it was used as a revolutionary way to communicate without the uncertainties of shortwave radio propagation. The development of artificial satellites completely obsoleted this usecase only a few years later but the technique itself is still one of the most challenging tasks in radio communication. Today it's Amateur Radio stations that are practising the art of Moon bounce. We are here to tell and to show you how it is done. Amateur Radio Operators are one of the oldest sub-groups in the Hacker universe. Long before the term Hacker was coined there were people tinkering in their Shacks, building equipment and trying to communicate with like-minded spirits from all over the world. Moon bounce is not the newest kid on the block in the radio field but still most demanding in terms of necessary equipment as well as operating skills. We provide you with a little historic background, some basic facts about how radio communication even works and then explain what has to be done to achieve the goal of bouncing signals off the moon. In a weird coincidence we will actually have a Moon bounce setup at the camp site so expect some current pictures as well as juicy tales of the radio art. "But wait!" you say, "The moon's only up half of the day". Well, you're right. Remember those artificial satellites that replaced the moon in military as well as commercial applications? We have them too! Amateur Radio Satellites and even the International Space Station can easily be reached with a very modest radio setup so we will explore these communication modes too.
-
15:04
»
SecDocs
Tags:
space Event:
Chaos Communication Camp 2011 Abstract: Retrieval of information is essential for every experiment, especially involving rockets. The use of electromagnetic waves is the natural choice for communication with a rocket and sometimes the only means to retrieve flight hardware afterwards.
-
14:49
»
SecDocs
Authors:
Andreas Schreiner Clemens Hopfer Patrick Strasser Tags:
radio Event:
Chaos Communication Camp 2011 Abstract: Moon bounce, also known as EME (Earth-Moon-Earth), is a technique that allows two earth-based radio stations to communicate directly by using the moon as passive reflector. It is the longest path two stations on Earth can use to establish direct connection with each other. First developed the late 1940s by the United States Navy it was used as a revolutionary way to communicate without the uncertainties of shortwave radio propagation. The development of artificial satellites completely obsoleted this usecase only a few years later but the technique itself is still one of the most challenging tasks in radio communication. Today it's Amateur Radio stations that are practising the art of Moon bounce. We are here to tell and to show you how it is done. Amateur Radio Operators are one of the oldest sub-groups in the Hacker universe. Long before the term Hacker was coined there were people tinkering in their Shacks, building equipment and trying to communicate with like-minded spirits from all over the world. Moon bounce is not the newest kid on the block in the radio field but still most demanding in terms of necessary equipment as well as operating skills. We provide you with a little historic background, some basic facts about how radio communication even works and then explain what has to be done to achieve the goal of bouncing signals off the moon. In a weird coincidence we will actually have a Moon bounce setup at the camp site so expect some current pictures as well as juicy tales of the radio art. "But wait!" you say, "The moon's only up half of the day". Well, you're right. Remember those artificial satellites that replaced the moon in military as well as commercial applications? We have them too! Amateur Radio Satellites and even the International Space Station can easily be reached with a very modest radio setup so we will explore these communication modes too.
-
-
21:32
»
SecDocs
Authors:
Herr Urbach Tags:
privacy obfuscation Event:
Chaos Communication Camp 2011 Abstract: In January 2011 the fear of all internauts became bitter truth. A whole country was kill-switched by the government. The flow of data was interrupted, communication laid waste. Not only the Internets was taken down, other means of communication were interrupted too. Cell Phone providers took down their services. So, there was no Internets in Egypt. Internauts had no chance to communicate what is happening, mothers and fathers could not send emails to theire relatives. No data was flowing. As the phone lines were working, this was the solutions: Modems. In this talk I will describe what Telecomix agents had done during these days to bring back internet to the people of egypt. We used modem technology and set up dial up points all over the world and convinced providers with modem pools to open theire pools for the egyptians for free. Another thing we did was communication via HAM radio and of course fax. Not like anonymous who like to fax cables and stuff, but helpful information about medical help, how to communicate on a secure base and things like that. Furthermore I will describe the structure of Telecomix who are working as a decentralized cluster.
-
-
16:35
»
SecDocs
Tags:
smart card phone Event:
Chaos Communication Camp 2011 Abstract: This talk sheds some light on a cellphone-component, that's inevitable, virtually unclonable and as closed as it gets: the SIM. The SIM can do a lot more than just user-authentication nowadays: the SIM Application Toolkit gives it control over your phone Recently, location tracking in major smartphones caused quite a stir. Closed systems make discovering such unwanted behavior more difficult. While projects like osmocomBB aim at creating an open cellphone architecture, the SIM seems to be mostly inconsiderable and harmless. It's little known, that the SIM Application Toolkit (SAT) gives the SIM extensive control over the phone. Via the SAT, the SIM can obtain location information, monitor and redirect calls and send/receive short messages, as well as IP packets. The SIM-firmware can be updated over-the-air. Most of these features can even be used without the user noticing. Along with the mentioned SAT, this talk will illuminate the classic GSM SIM, as well as the 3G USIM altogether. After a quick introduction to smartcards in general, communication with the SIM will be explained in more detail. The most important SIM commands and files will be explained and how one can monitor communication with a SIM and inject arbitrary data into the session.
-
16:24
»
SecDocs
Tags:
smart card phone Event:
Chaos Communication Camp 2011 Abstract: This talk sheds some light on a cellphone-component, that's inevitable, virtually unclonable and as closed as it gets: the SIM. The SIM can do a lot more than just user-authentication nowadays: the SIM Application Toolkit gives it control over your phone Recently, location tracking in major smartphones caused quite a stir. Closed systems make discovering such unwanted behavior more difficult. While projects like osmocomBB aim at creating an open cellphone architecture, the SIM seems to be mostly inconsiderable and harmless. It's little known, that the SIM Application Toolkit (SAT) gives the SIM extensive control over the phone. Via the SAT, the SIM can obtain location information, monitor and redirect calls and send/receive short messages, as well as IP packets. The SIM-firmware can be updated over-the-air. Most of these features can even be used without the user noticing. Along with the mentioned SAT, this talk will illuminate the classic GSM SIM, as well as the 3G USIM altogether. After a quick introduction to smartcards in general, communication with the SIM will be explained in more detail. The most important SIM commands and files will be explained and how one can monitor communication with a SIM and inject arbitrary data into the session.
-
-
14:42
»
SecDocs
Authors:
Irmi Meister Tags:
satellite Event:
Chaos Communication Camp 2011 Abstract: In this lecture, I'll cover some satellite communication basics like pros and cons of different orbits, the characteristics of a satellite communications link and the difficulties regarding noise and attenuation when handling high frequency satellite communication systems. After a brief introduction to the history and development of satellites in general, we'll talk about different orbits and their characteristics regarding space conditions. After that, we'll have a look at a typical satellite communications link including channel characteristics, communications equipment and frequency considerations, before moving on to access techniques. If there's still time, there might be a short part about satellite navigation, too. And yes, to meet our need for pretty pictures, thematically related postage stamps (partly from a private collection) will be used to illustrate the topic.
-
14:40
»
SecDocs
Authors:
Irmi Meister Tags:
satellite Event:
Chaos Communication Camp 2011 Abstract: In this lecture, I'll cover some satellite communication basics like pros and cons of different orbits, the characteristics of a satellite communications link and the difficulties regarding noise and attenuation when handling high frequency satellite communication systems. After a brief introduction to the history and development of satellites in general, we'll talk about different orbits and their characteristics regarding space conditions. After that, we'll have a look at a typical satellite communications link including channel characteristics, communications equipment and frequency considerations, before moving on to access techniques. If there's still time, there might be a short part about satellite navigation, too. And yes, to meet our need for pretty pictures, thematically related postage stamps (partly from a private collection) will be used to illustrate the topic.
-
-
21:35
»
SecDocs
Authors:
Kay Hamacher Stefan Katzenbeisser Tags:
terrorism Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: Telecommunications data retention (TDR) has become a reality in most Western countries. Protagonists claim that the collection of massive amounts of data on the communication behavior of all individuals within a country would enable law enforcement agencies to exploit patterns in the stored data to uncover connections between suspects. While this is obviously true for investigations after an incident happened, there is up to now no critical and sound assessment publicly available that evaluates whether TDR brings any pro-active benefits for the above mentioned, justified purposes. In this talk we give for the first time a critical assessment of the power of TDR based on methods from information theory. To this end we have employed agent based simulations, which mimic the communication behavior of a large community including a dark-net of alleged suspects. The structure and statistics of our telecommunication simulation, which drive the dynamics of telephone calls and simulated TDR data, were generated according to known statistics of real-world telecommunications networks. Hiding in the unavoidable noise seems to be a passive strategy for terrorists to circumvent pro-active detection. This stems from a "needle in the haystack"-problem, that arises due to the small number of conspirators compared to the number of other participants. In particular situations and with adopted strategies suspected terrorists might be able to eventually exploit TDR for their purposes and take an active approach to hiding in the crowd. Such TDR exploits would lower the probability of detection by law enforcement agencies and render TDR a potential security threat. Again, we use our simulations and our analysis procedure to assess this problem.
-
-
12:00
»
SecDocs
Authors:
Wes Faler Tags:
network Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Even after years of committee review, communication protocols can certainly be hacked, sometimes highly entertainingly. What about creating a protocol the opposite way? Start with all the hacks that can be done and search for a protocol that gets around them all. Is it even possible? Part Time Scientists has used a GPU to help design our moon mission protocols and we'll show you the what and how. Danger: Real code will be shown!
-
11:49
»
SecDocs
Authors:
Wes Faler Tags:
network Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Even after years of committee review, communication protocols can certainly be hacked, sometimes highly entertainingly. What about creating a protocol the opposite way? Start with all the hacks that can be done and search for a protocol that gets around them all. Is it even possible? Part Time Scientists has used a GPU to help design our moon mission protocols and we'll show you the what and how. Danger: Real code will be shown!
-
11:48
»
SecDocs
Authors:
Wes Faler Tags:
network Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: Even after years of committee review, communication protocols can certainly be hacked, sometimes highly entertainingly. What about creating a protocol the opposite way? Start with all the hacks that can be done and search for a protocol that gets around them all. Is it even possible? Part Time Scientists has used a GPU to help design our moon mission protocols and we'll show you the what and how. Danger: Real code will be shown!
-
-
22:36
»
SecDocs
Authors:
Andreas Hornig Tags:
satellite Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: As proposed by Nick Farr et al at CCCamp11, we - the hacker community - are in desperate need for our own communication infrastructure. So here we are, answering the call for the Hacker Space Program with our proposal of a distributed satellite communications ground station network. An affordable way to bring satellite communications to a hackerspace near you. We're proposing a multi-step approach to work towards this goal by setting up a distributed network of ground stations which will ensure a 24/7 communication window - first tracking, then communicating with satellites. The current state of a proof of concept implementation will be presented. This is a project closely related to the academic femto-satellite movement, ham radio, Constellation@Home. The area of small satellites (femto-satellite
-
22:36
»
SecDocs
Authors:
Andreas Hornig Tags:
satellite Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: As proposed by Nick Farr et al at CCCamp11, we - the hacker community - are in desperate need for our own communication infrastructure. So here we are, answering the call for the Hacker Space Program with our proposal of a distributed satellite communications ground station network. An affordable way to bring satellite communications to a hackerspace near you. We're proposing a multi-step approach to work towards this goal by setting up a distributed network of ground stations which will ensure a 24/7 communication window - first tracking, then communicating with satellites. The current state of a proof of concept implementation will be presented. This is a project closely related to the academic femto-satellite movement, ham radio, Constellation@Home. The area of small satellites (femto-satellite
-
22:36
»
SecDocs
Authors:
Andreas Hornig Tags:
satellite Event:
Chaos Communication Congress 28th (28C3) 2011 Abstract: As proposed by Nick Farr et al at CCCamp11, we - the hacker community - are in desperate need for our own communication infrastructure. So here we are, answering the call for the Hacker Space Program with our proposal of a distributed satellite communications ground station network. An affordable way to bring satellite communications to a hackerspace near you. We're proposing a multi-step approach to work towards this goal by setting up a distributed network of ground stations which will ensure a 24/7 communication window - first tracking, then communicating with satellites. The current state of a proof of concept implementation will be presented. This is a project closely related to the academic femto-satellite movement, ham radio, Constellation@Home. The area of small satellites (femto-satellite
-
12:00
»
SecurityFocus Vulnerabilities
Cisco Security Advisory: Cisco TelePresence Video Communication Server Session Initiation Protocol Denial of Service Vulnerabilities
-
-
12:01
»
Hack a Day
Since most DSLR cameras now have an IR communication port, [Julius] thought it would be a good idea to build an IR shutter release remote. He has released the plans for two versions; a single sided hand etched one, and a double sided one to have made professionally. He notes that it should have a [...]
-
-
21:41
»
Packet Storm Security Recent Files
Call for participation for the 28C3 Chaos Communication Congress. The Chaos Communication Congress is the annual four-day conference organized by the Chaos Computer Club (CCC) in Berlin, Germany. First held in 1984, it has since established itself as "The European Hacker Conference" attracting a diverse audience of thousands of hackers, scientists, artists, and utopists from all around the world. It will be held from December 27th through the 30th, 2011.
-
21:41
»
Packet Storm Security Misc. Files
Call for participation for the 28C3 Chaos Communication Congress. The Chaos Communication Congress is the annual four-day conference organized by the Chaos Computer Club (CCC) in Berlin, Germany. First held in 1984, it has since established itself as "The European Hacker Conference" attracting a diverse audience of thousands of hackers, scientists, artists, and utopists from all around the world. It will be held from December 27th through the 30th, 2011.
-
-
13:29
»
SecDocs
Authors:
Kenton Born Tags:
covert channel Event:
Black Hat USA 2010 Abstract: This presentation analyzes a novel approach to covert communication over DNS by introducing PSUDP, a program demonstrating passive network-wide covert communication. While several high-bandwidth DNS tunnel implementations are freely available, they all use similar strategies. Storage channels are created in DNS requests by encoding data in subdomain labels, while responses take many forms such as TXT, NULL, and CNAME resource record types to complete the bi-directional link. However, these tunnels may be detected when examining subdomains and irregular resource records in responses. Additionally, these tunnels only provide communication through the active generation of traffic. The method and tool discussed in this paper allows a network of computers to participate in passive covert communication by piggy-backing on legitimate network DNS traffic. While low-bandwidth passive tunnels have been built using techniques such as timing channels and field manipulation, no passive high-bandwidth DNS tunnels exist. A novel approach is used to provide significantly higher bandwidth in network-wide covert communication by manipulating legitimate DNS traffic. It is also shown how, in certain scenarios, this method may be used for both covert data exfiltration and as a replacement for existing DNS tunnels. Additionally, it will be shown how a similar method can be applied to many other protocols, not being limited to DNS traffic. In addition to PSUDP, this presentation will briefly cover a few other recent findings I have had in DNS tunnel creation and detection. Firstly, I will show how bi-directional DNS tunnels may be created using a browser and fine-grained JavaScript manipulation. Secondly, I will show my work in detecting DNS tunnels using n-gram frequency analysis.
-
13:29
»
SecDocs
Authors:
Kenton Born Tags:
covert channel Event:
Black Hat USA 2010 Abstract: This presentation analyzes a novel approach to covert communication over DNS by introducing PSUDP, a program demonstrating passive network-wide covert communication. While several high-bandwidth DNS tunnel implementations are freely available, they all use similar strategies. Storage channels are created in DNS requests by encoding data in subdomain labels, while responses take many forms such as TXT, NULL, and CNAME resource record types to complete the bi-directional link. However, these tunnels may be detected when examining subdomains and irregular resource records in responses. Additionally, these tunnels only provide communication through the active generation of traffic. The method and tool discussed in this paper allows a network of computers to participate in passive covert communication by piggy-backing on legitimate network DNS traffic. While low-bandwidth passive tunnels have been built using techniques such as timing channels and field manipulation, no passive high-bandwidth DNS tunnels exist. A novel approach is used to provide significantly higher bandwidth in network-wide covert communication by manipulating legitimate DNS traffic. It is also shown how, in certain scenarios, this method may be used for both covert data exfiltration and as a replacement for existing DNS tunnels. Additionally, it will be shown how a similar method can be applied to many other protocols, not being limited to DNS traffic. In addition to PSUDP, this presentation will briefly cover a few other recent findings I have had in DNS tunnel creation and detection. Firstly, I will show how bi-directional DNS tunnels may be created using a browser and fine-grained JavaScript manipulation. Secondly, I will show my work in detecting DNS tunnels using n-gram frequency analysis.
-
-
14:01
»
Hack a Day
The usual way send data from a microcontroller is either over RS-232 with MAX232 serial ICs, crystals, and a relatively ancient computer, or by bit-banging the USB protocol and worrying about driver issues. Not content with these solutions, [Scott] came up with sound card μC/PC communication that doesn’t require any extra components. [Scott] bought a [...]
-
-
17:55
»
Packet Storm Security Exploits
HP OpenView Communication Broker (ovbbccb.exe versions 11.0.43.0 and below) suffer from an arbitrary file deletion vulnerability.
-
-
19:01
»
Packet Storm Security Recent Files
The Smart Communication Protocols and Algorithms (SCPA 2011) Call For Papers has been announced. It will take place December 5th through the 9th, 2011 in Houston, Texas in conjunction with Globecom 2011.
-
19:01
»
Packet Storm Security Misc. Files
The Smart Communication Protocols and Algorithms (SCPA 2011) Call For Papers has been announced. It will take place December 5th through the 9th, 2011 in Houston, Texas in conjunction with Globecom 2011.
-
-
8:01
»
Hack a Day
It’s a few years old, but [Brian360's] method of unlocking the hard drive on his Mitsubishi Multi-Communication System is quite interesting. Mitsubishi describes their MMCS as a human-vehicle communication tool. It’s basically an in-dash screen and controls to display navigation maps and play music. [Brian] found that the hard drive for the MMCS in his [...]
-
-
11:57
»
SecuriTeam
A directory traversal and file retrieval vulnerability was discovered in TANDBERG's Video Communication Server.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
16:55
»
SecuriTeam
An SSH service authentication weakness vulnerability was discovered in the TANDBERG's Video Communication Server.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
5:51
»
SecDocs
Authors:
Moxie Marlinspike Tags:
privacy Event:
Black Hat EU 2010 Abstract: We won the war for strong cryptography, anonymous darknets exist in the wild today, and decentralized communication networks have emerged to become reality. These strategies for communicating online were conceived of in anticipation of a dystopian future, but somehow these original efforts have fallen short of delivering us from the most pernicious threats to privacy that we're now facing. Rather than a centralized state-based database of all our communication and movements, modern threats to privacy have become something much more subtle, and perhaps all the more sinister. This talk will explore these evolving trends and discuss some interesting solutions in the works.
-
-
1:47
»
SecDocs
Authors:
Andre Adelsbach Tags:
wireless WiFi WiMAX Event:
Black Hat EU 2010 Abstract: Most wireless communication techniques are broadcast media by nature on the physical layer, i.e., the actual signal can be received by any party in a certain coverage area. A common means to perform secure unicast point-to-point communication over such wireless infrastructures is by applying cryptographic protocols on higher layers: both communication end-points (commonly user and carrier) set up a session key, which is then used to build private and authentic unicast communication by means of encryption and message authentication. As of today, a common assumption in the design and analysis of such communication protocols is that both end-points (user and carrier) behave correctly according to the cryptographic protocol, because they want to preserve security against outsiders. However, if carriers have more power/resources in terms of bandwidth or coverage, users may not be interested in protecting their unicast communication against outsiders at all. Instead, users may try to extend their communication power/resources by means of insider attacks against the communication protocol. Therefore, such insider attacks pose new threats to these protocols and have, to the best of our knowledge, been neglected so far. In this presentation we will present several insider attacks, which break the unicast communication imposed by the carrier of the infrastructure. The most striking example of highly asymmetric resources are satellite ISPs: here the user normally has a terrestrial link to the carrier and no means to broadcast data at all. On the other side, the carrier can broadcast its signals over huge footprints, covering thousands of kilometers. Therefore, we will illustrate our attacks mainly in terms of satellite ISPs, but also discuss other examples such as WIMAX. Our strongest insider attack allows any end-user to make the satellite ISP broadcast data as clear text, even if the downlink (data sent from the satellite to the user) is properly encrypted by the satellite ISP, thereby breaking the unicast communication structure imposed by the satellite ISP. Finally, we discuss how the presented findings can be used to set up communication channels, achieving perfect receiver anonymity.
-
-
9:00
»
Hack a Day
Hackaday alum [Will O'Brien] has been doing some cellphone integration work. He recently picked up some Motorola c168i cellphones from eBay. It turns out there is a serial port that uses TTL communication with a standard head-phone jack as an interface. [Will] soldered up a connector and used a USB to FTDI cable to interface [...]
-
-
4:33
»
SecDocs
Authors:
Fabian Yamaguchi Tags:
exploiting client side Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: We will be presenting a number of previously undisclosed network-related design errors, ranging from data-link-layer bugs in Ethernet-drivers across issues in TCP/IP stacks all the way up to communication infrastructure components on layer 5. Our focus is on subtle mistakes, which do not fall into the memory-corruption category and yet in combination provide an attacker with a powerful bag of tricks. Built around a fictional average company network, we will tell the story of an attack making use of subtle bugs across the layers all of which are as of yet undisclosed. This will include a bug in an Ethernet-driver, which allows an attacker to bypass MAC- and IP-based filters, bugs in TCP-implementations that are assumed to be fixed but aren't, a web-cache which confuses itself and an instant-messenger, which was fooled by the protocol specification. All of these bugs share a common property: They are a consequence of insecure design and not of insecure coding-practices.
-
4:33
»
SecDocs
Authors:
Fabian Yamaguchi Tags:
exploiting client side Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: We will be presenting a number of previously undisclosed network-related design errors, ranging from data-link-layer bugs in Ethernet-drivers across issues in TCP/IP stacks all the way up to communication infrastructure components on layer 5. Our focus is on subtle mistakes, which do not fall into the memory-corruption category and yet in combination provide an attacker with a powerful bag of tricks. Built around a fictional average company network, we will tell the story of an attack making use of subtle bugs across the layers all of which are as of yet undisclosed. This will include a bug in an Ethernet-driver, which allows an attacker to bypass MAC- and IP-based filters, bugs in TCP-implementations that are assumed to be fixed but aren't, a web-cache which confuses itself and an instant-messenger, which was fooled by the protocol specification. All of these bugs share a common property: They are a consequence of insecure design and not of insecure coding-practices.
-
-
3:22
»
SecDocs
Authors:
Jérémie Zimmermann Tags:
net neutrality Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: Net neutrality is an essential safeguard for competition, innovation, and fundamental freedoms. The debate is high in the US with the announce of FCC non discrimination principles (even if they sound irremediably bound to the interests of Hollywood industry). In the EU, the "Telecoms Package" has been the ground of intense debates on the issue. Dangerous provisions were voted, yet a very high level of awareness was raised, giving hope into further positive outcome of the debate. Why one shall care? What one can do about it? What is Net neutrality? Why is it crucial for the future of our online societies? What is the current state of Net neutrality legislation in the EU? What campaigns from civil societies, with what results? What will be the next steps? Net neutrality has been an indispensable catalyst of competition, innovation, and fundamental freedoms in the digital environment. A neutral Internet ensures that users face no conditions limiting access to applications and services. Likewise, it rules out any discrimination against the source, destination or actual content of the information transmitted over the network. Thanks to this principle, our society collectively built the Internet as we know it today. Except in some authoritarian regimes, everyone around the globe has access to the same Internet, and even the smallest entrepreneurs are on equal footing with the leading global enterprises. Moreover, Net neutrality stimulates the virtuous circle of a development model based on the growth of a common communication network that enables new uses and tools, as opposed to one relying on investments in filtering and controlling. Only under such conditions is Internet continuously improving our societies, enhancing freedom — including the freedom of expression and communication — and allowing for more efficient and creative markets. However, Net neutrality is now under the threat of telecom operators and content industries that see business opportunities in discriminating, filtering or prioritizing information flowing through the network. All around Europe, these kind of discriminatory practices, detrimental to both consumers and innovation, are emerging. No court or regulator seems to have adequate tools to counter these behaviors and preserve the general interest. Some provisions introduced in the EU "Telecoms Package" could even encourage such practices. We who build, use and love the Internet must be aware and active to protect it.