1.0 34c3-ChaosWest 4 2017-12-27 2017-12-30 0:05 2017-12-27T14:30:00 14:30 0:30 ChaosWest Stage 34c3-ChaosWest-1-three_ways_to_enhance_metadata_protection_beyond_tor_secushare_org Creative Commons Attribution 4.0 International false en First way: Cover traffic from file sharing, DHT and eventually multicast; Secondly, framing of application data, thirdly, mixnets for high-latency applications. http://secushare.cheettyiapsyciew.onion/anonymity lynX https://too.be/defined.mkv 2017-12-27T15:00:00 15:00 0:45 ChaosWest Stage 34c3-ChaosWest-2-modeling_trust_in_a_distributed_private_social_network_secushare_org Creative Commons Attribution 4.0 International false en Deeper aspects of the design of secushare, presented by t3sserakt and xrs. t3sserakt https://too.be/defined.mkv 2017-12-27T20:45:00 16:00 0:25 ChaosWest Stage 34c3-ChaosWest-3-namecoin_as_a_decentralized_alternative_to_certificate_authorities_for_tls Creative Commons Attribution 4.0 International false en Certificate authorities suck, but the proposed replacements (e.g. DNSSEC/DANE) aren't so great either. We think Namecoin can help here, and the code is working and released! Certificate authorities (CA's) pose a serious threat to the TLS ecosystem. Unfortunately, the various proposed solutions (e.g. Convergence, DANE, HPKP, CAA, and CT) do not solve the underlying problem: the existence of trusted parties in the process of converting a domain name to a certificate acceptance policy. While it may be an improvement to reshuffle the trusted parties to have more trust agility (Convergence), a smaller set of fully trusted parties (DANE), a more limited window of opportunity for attackers (HPKP and CT) or more accountability after-the-fact (HPKP, CAA, and CT), we think it's time to solve the underlying problem. Namecoin introduces the ability to do exactly that: if you know a Namecoin domain name, you can find out which TLS certificates are valid for it, with a threat model and codebase nearly identical to the battle-hardened Bitcoin. In addition, we figured out how to make this work in the real world of uncooperative web browsers: Namecoin TLS certificate validation works with Chromium on Windows, without the high attack surface of intercepting proxies or the cookie leakage of browser extension API's. JeremyRand https://too.be/defined.mkv 2017-12-27T19:00:00 19:00 0:30 ChaosWest Stage 34c3-ChaosWest-4-monerujo_android_monero_wallet Creative Commons Attribution 4.0 International false en Developing a Monero Wallet for Android. Process, Tools, People. https://monerujo.io Dimi https://too.be/defined.mkv 2017-12-27T19:00:00 19:30 0:30 ChaosWest Stage 34c3-ChaosWest-5-monero_hardware_development Creative Commons Attribution 4.0 International false en This half-hour talk will spend time answering the five most asked questions, accept and answer five more and explain the state of the hardware wallet project. https://getmonero.org Michael https://too.be/defined.mkv 2017-12-27T21:00:00 21:00 1:00 ChaosWest Stage 34c3-ChaosWest-6-privacy_oriented_distributed_networking_for_an_ethical_internet_including_50_subsystems_of_gnunet Creative Commons Attribution 4.0 International false en How can distributed systems be the decentralized alternative we have been hoping for? And why are blockchains only one out of fifty building blocks of a distributed Internet? - What distributed systems can do for a new, democracy-compliant Internet. TBC: Prof. Grothoff of GNUnet. https://gnunet.org lynX grothoff https://too.be/defined.mkv 2017-12-27T22:00:00 22:00 0:45 ChaosWest Stage 34c3-ChaosWest-7-scalable_and_privacy_respectful_distributed_systems_our_chance_to_avoid_cloud_computing Creative Commons Attribution 4.0 International false en We tried to make federation scale. We failed. We realized that cloud computing cannot be beaten by federated networks. Let's scale up distributed systems while maintaining metadata protection and privacy. http://secushare.cheettyiapsyciew.onion lynX https://too.be/defined.mkv 2017-12-28T15:30:00 15:30 0:25 ChaosWest Stage 34c3-ChaosWest-8-opentimestamps_scalable_trustless_distributed_timestamping_with_bitcoin Creative Commons Attribution 4.0 International false en timestamps are occasionally referred to as proofs-of-existence. Being able to prove that data existed prior to a point in time is surprisingly useful. Let‘s look at some use-cases to understand how Bitcoin Blockchain can help out here. Rootzoll 2017-12-28T17:30:00 17:30 0:25 ChaosWest Stage 34c3-ChaosWest-9-namecoin_for_tor_onion_service_naming_and_other_darknets Creative Commons Attribution 4.0 International false en Namecoin for Tor Onion Service Naming (And Other Darknets?): Fixing the usability issues caused by the longer v3 onion services. (Code is working and released.) JeremyRand https://too.be/defined.mkv 2017-12-28T18:00:00 18:00 0:40 ChaosWest Stage 34c3-ChaosWest-10-bisq_a_decentralized_bitcoin_exchange Creative Commons Attribution 4.0 International false en In this talk we'll explore Bisq – a decentralized, peer-to-peer bitcoin exchange that allows people to trade bitcoin for national currencies like US dollars and Euros, as well as for other cryptocurrencies like Litecoin, Monero and Namecoin. Bisq has been in development since early 2014 and in production since mid-2016, with a no-compromises approach to security, privacy and censorship resistance. https://bisq.network Cbeams https://too.be/defined.mkv 2017-12-28T18:45:00 18:45 0:25 ChaosWest Stage 34c3-ChaosWest-11-a_blueprint_for_making_namecoin_anonymous Creative Commons Attribution 4.0 International false en Namecoin aims to support anonymous name registrations, but our approach isn't to simply implement the Monero or Zcash anonymity features as consensus rules. I'll explain why we're taking a very different approach. JeremyRand https://too.be/defined.mkv 2017-12-28T19:15:00 19:15 0:45 ChaosWest Stage 34c3-ChaosWest-12-nextcloud_end_to_end_encryption Creative Commons Attribution 4.0 International false en Nextcloud 13, about to be released, will include end-to-end encryption. We've come up with a way to encrypt files on the client without the server having any way to gain access to the plain text format, despite the server facilitating the sharing and such. In the talk we'll explain what we wanted to achieve and how we did it - input very much welcome, of course. As you probably know, if you want End to End (end-to-end) encryption with file sync and share right now it is a game of compromises. You might not be able to share without giving out your passwords, or have no web interface at all, or compromise security by having browser side encryption and decryption, or have manage your own TrueCrypt file, use clunky third party tools and so on. Nextcloud designed a client-side end-to-end encryption protocol meant to protect user data from nosy system administrators or a full server security breach while limiting usability as little as possible. Of course, some functionality got lost but we think we struck a pretty decent balance between usefulness and security. The goal of being easy to use was central because complexity leads to mistakes and mistakes lead to security breaches. We avoided users picking and sharing passwords, for example, but also Our end-to-end works on a per-folder level and features an easy to use, server-assisted but fully secure key management with Cryptographic Identity Protection, our method of securely signing and handling user certificates. Users can easily access their data on any of their devices using the clients (not via the web interface) and share with other users, securely. But it also offers an audit log, optional offline admin recovery key and more features. We'll go over the design in this talk and take your feedback on it! - https://nextcloud.com/endtoend Jospoortvliet https://too.be/defined.mkv 2017-12-28T20:00:00 20:00 0:45 ChaosWest Stage 34c3-ChaosWest-13-eigenes_hacklab_bauen Creative Commons Attribution 4.0 International false en Aufbau eines HackLabs auf VM und oder Hardware basis für jedes Budget! D_Town und Christopher English 20 + 10 Thema: Aufbau eines HackLabs auf VM und oder Hardware basis für jedes Budget! Vortragende sind Whitehat mit Schwerpunkt Pentesting und Defensiv Security Cyber Security Threat and Awareness Coordination (Nicht an Tag 2 13-16, Nicht an Tag 3 10-17) D_Town ChristoperEnglish https://too.be/defined.mkv 2017-12-29T13:00:00 13:30 0:30 ChaosWest Stage 34c3-ChaosWest-14-hacking_worldviews_hacking_abstractions Creative Commons Attribution 4.0 International false en Worldview change and and critique are two related topics which can both be approached as a hunt for security vulnerabilities. In this talk, I will present a model for "inflitrating misconceptions" to upgrade worldviews, and I will show how this is similar to an enantiodromial model of conceptual critique. http://andersaamodt.com/oeuvre.php Deicidus https://too.be/defined.mkv 2017-12-29T14:00:00 14:00 0:40 ChaosWest Stage 34c3-ChaosWest-15-securedrop Creative Commons Attribution 4.0 International false en SecureDrop is an free software whistleblower submission system that media organizations can use to securely accept documents from and communicate with anonymous sources. It was originally created by the late Aaron Swartz and is currently managed by Freedom of the Press Foundation. Bmeson https://too.be/defined.mkv 2017-12-29T14:45:00 14:45 1:15 ChaosWest Stage 34c3-ChaosWest-16-net2o_gui_realtime_mixnet_and_ethical_micropayment_with_efficient_blockchain Creative Commons Attribution 4.0 International false en youbroketheinternet/wefixthenet session to discuss and report progress on a secure, private post-Snowden era Internet. http://youbroketheinternet.org/ Bernd Paysan https://too.be/defined.mkv 2017-12-29T16:00:00 16:00 0:45 ChaosWest Stage 34c3-ChaosWest-17-in_der_weihnachtsba_ckerei_data_science_und_kekse Creative Commons Attribution 4.0 International false de Quelle von Datensätzen, Logistik von Big Data, Bildung effizienter Features, Principal Component Analysis und andere statistische Methoden, Clustering, Neuronale Netzwerke vs. Deep Learning, Wie interpretiere ich Daten, Präsentation von Ergebnissen Limlug https://too.be/defined.mkv 2017-12-29T17:00:00 17:00 0:45 ChaosWest Stage 34c3-ChaosWest-18-inj4n_habitual_automation_because_we_have_to_script Creative Commons Attribution 4.0 International false en The assembly will try to collect your tool-stories, the mysterious setup of your most mundane tasks or the most elaborate (yet unfinished) projects to code where others have been using pen and paper for ages. In workshops we will tell our own stories and help you to become as addicted to the command line as we are. Most important, we will be there for all our fellow addicts of tool-chain-optimisation to have yet another endless discussion on the advantages of shell X, editor Y, or the usefulness of using graph databases for shopping lists. http://www.ccchb.de/wiki/34c3_Assembly_Habitual_Automation inj4n https://too.be/defined.mkv 2017-12-29T18:00:00 18:00 0:25 ChaosWest Stage 34c3-ChaosWest-19-p2p_with_javascript_to_defend_against_bad_lawmaking Creative Commons Attribution 4.0 International false en youbroketheinternet/wefixthenet session to discuss and report progress on a secure, private post-Snowden era Internet. http://youbroketheinternet.org/ Astro mafintosh https://too.be/defined.mkv 2017-12-29T18:30:00 18:30 0:30 ChaosWest Stage 34c3-ChaosWest-20-die_programmiersprache_forth Creative Commons Attribution 4.0 International false en youbroketheinternet/wefixthenet session to discuss and report progress on a secure, private post-Snowden era Internet. http://youbroketheinternet.org/ Twiddlebit https://too.be/defined.mkv 2017-12-29T19:15:00 19:15 1:00 ChaosWest Stage 34c3-ChaosWest-21-einfa1_4hrung_in_den_openstreetmap_online_editor_id Creative Commons Attribution 4.0 International false de In dieser Session wird euch der Online-Editor iD vorgestellt werden, mit dem ihr zu OpenStreetMap beitragen könnt. https://www.openstreetmap.de/ Nakaner https://too.be/defined.mkv 2017-12-29T20:20:00 20:20 0:30 ChaosWest Stage 34c3-ChaosWest-22-on_scripting Creative Commons Attribution 4.0 International false en Fabs https://too.be/defined.mkv 2017-12-29T21:30:00 21:30 2:00 ChaosWest Stage 34c3-ChaosWest-23-34c3_ctf_afterparty Creative Commons Attribution 4.0 International false en The 34C3 concludes and we will honor the first three teams. Then there will be ample opportunity to discuss challenges, CTF in general and drink beer. https://34c3ctf.ccc.ac/announcements/ Andy https://too.be/defined.mkv 2017-12-29T21:00:00 21:00 0:20 ChaosWest Stage 34c3-ChaosWest-29-session_statebox_compositional_smart_contracts_through_category_theory Creative Commons Attribution 4.0 International false en A short presentation on a new approach to writing programs inspired by graphical calculi developed for quantum protocols (amongst others). Wires https://too.be/defined.mkv 2017-12-30T13:00:00 13:00 0:30 ChaosWest Stage 34c3-ChaosWest-24-scuttlebutt_introduction Creative Commons Attribution 4.0 International false en Secure Scuttlebutt is a database protocol for unforgeable append-only message feeds. 'Unforgeable‘ means that only the owner of a feed can update that feed, as enforced by digital signing (see Security properties). This property makes Secure Scuttlebutt useful for peer-to-peer applications. Secure Scuttlebutt also makes it easy to encrypt messages. Scuttlebutt is the general idea or concept around all of this. It's definition is loose, and is often just meant to refer to this entire thing, in the way someone refers to "the internet" or "this afternoon". In this case, the thing is the idea of a network organized similar to an actual social graph, which communicates messages in a way similar to gossip. SSB stands for SecureScuttleButt. It is the protocol through which we can exchange messages, read each others' feeds, and make friends. You could compare it to TCP, which is an underlying protocol for how devices connect to one another on the internet. TCP is a network protocol, though, while SSB is a local protocol. This means it doesn't require any sort of internet connection to work. Patchwork,Patchbay, and Patchfoo are different applications used to interpret and display the various messages transmitted through SSB. A rough analogy would be that if SSB was like TCP, then an application like Patchwork would be like a web browser. A better analogy for all of this would be that Patchwork is a car you ride in and SecureScuttlebutt is the road you drive on. There are other types of cars that drive on the same road and you can drive a different car to the same place (car = application, road = protocol)- Your scuttlebutt is the data you carry with you - imagine a little slice of a parallel universe in your pocket. This data is yours and you can interact with it however you like. You can find more at https://www.scuttlebutt.nz/principles.html. There will be slides available. You can follow me at Patchwork/Scuttlebutt @NaDXehMSIgk08W5RXZJ0p+7m+19iIWEuAtD7FRESJX8=.ed25519 You can download Patchwork at https://github.com/ssbc/patchwork/releases Look for Pub at https://github.com/ssbc/scuttlebot/wiki/Pub-servers. https://www.scuttlebutt.nz/ Yangwao https://too.be/defined.mkv 2017-12-30T16:15:00 16:15 1:00 ChaosWest Stage 34c3-ChaosWest-25-ethereum_ama Creative Commons Attribution 4.0 International false en There are several Ethereum Superstars at this conference, they are congregating on the Chaos West Stage to answer all of your questions about the decentralized world computer. :-D www.ethereum.org Griff https://too.be/defined.mkv 2017-12-30T14:00:00 14:00 1:00 ChaosWest Stage 34c3-ChaosWest-26-magic_internet_money Creative Commons Attribution 4.0 International false en So you've probably heard that there is this relatively new thing called cryptocurrencies, supposedly some kind of revolutionary "magic internet money", which is gaining a lot of attention (and insane valuations) lately. But what is a crytocurrency anyway? does it work exactly? Most importantly - why does it work like that? Instead of answering these questions directly, we will answer them and more, by putting our Satoshi Nakamoto hats and inventing our own cryptocurrency from scratch. Kajilot https://too.be/defined.mkv 2017-12-30T15:15:00 15:15 0:50 ChaosWest Stage 34c3-ChaosWest-27-honigdachs_podcast_live Creative Commons Attribution 4.0 International false de Honigdachs ist das Podcast-Angebot des Leipziger Bitcoin-Stammtisches, in dem monatlich vertieft auf einzelne Themen rund um Bitcoin eingegangen wird. Hintergründig, praxisnah und meinungsstark richten sich die einzelnen Folgen sowohl an Einsteiger, wie auch an erfahrene Bitcoin- und Blockchain-Interessierte. Auf dem 34C3 machen wir einen Rückblick über das Jahr und den Kongress und wagen einen Ausblick auf das kommende Jahr 2018. https://coinspondent.de/news-nachrichten/bitcoin-podcasts/honigdachs-der-bitcoin-podcast-aus-leipzig/ Rootzoll https://too.be/defined.mkv 2017-12-30T13:30:00 13:30 0:25 ChaosWest Stage 34c3-ChaosWest-30-hacking_sovereignty_in_catalonia_1st_step_decentralized_infrastructure Creative Commons Attribution 4.0 International false en Jordi Baylina presents his plan to deploy personal servers throughout Europe to build a decentralized infrastructure for society. If you want to help, join Giveth's Riot channel and lets build the decentralized revolution together. https://giveth.io/join/ Jordi https://too.be/defined.mkv 2017-12-30T15:00:00 15:00 0:45 ChaosWest Stage 34c3-ChaosWest-31-ethereum_s_whg_tells_all_the_dao_hack_parity_hack_and_giveth Creative Commons Attribution 4.0 International false en Jordi Baylina and Griff Green tell the story of The DAO Hack, Giveth and Parity Hacks from the perspective of the WHG, Followed by QandA. https://giveth.io/join/ Jordi Griff https://too.be/defined.mkv 2017-12-30T17:00:00 17:00 0:30 ChaosWest Stage 34c3-ChaosWest-31-ethereum_s_whg_tells_all_the_dao_hack_parity_hack_and_giveth Creative Commons Attribution 4.0 International false en Griff, the Great, Giveth about his plan to decentralize the Non-Profit World. He displays the use of smart contracts to build and support communities. https://giveth.io/join/ Griff https://too.be/defined.mkv 2017-12-29T16:00:00 15:45 0:15 ChaosWest Stage 34c3-ChaosWest-17-matrix-org-and-usable-messaging-today Creative Commons Attribution 4.0 International false ene Wildhax and friend about matrix.org wildhax https://too.be/defined.mkv