0.1
camppp7e3
Camp++ 0x7e3
2019-07-25
2019-07-28
4
00:05
https://pretalx.hsbp.org/camppp7e3/schedule/
2019-07-25T17:00:00+02:00
17:00
00:30
Klapka
camppp7e3-8-don-t-be-evil-googles-plans-for-privacy
https://pretalx.hsbp.org/camppp7e3/talk/38VL8D/
true
Don't be evil: Googles plans for privacy
Talk
en
There have been some announcements on how Google is planning to enhance privacy within their realm. What are these plans and are they really benign?
Working as Privacy Officer for one of the biggest partners of Google in Europe I have seen quite a lot of projects and contracts. Firebase and AdHub seem to be steps into the right direction. But we know only a few hard facts about these programs.
This presentation shows how it works now and what we could possibly face in the future.
eckartt
2019-07-25T17:45:00+02:00
17:45
00:30
Klapka
camppp7e3-5-gnupg-vs-signal-is-like-apples-versus-smart-light-bulbs-
https://pretalx.hsbp.org/camppp7e3/talk/B3BKJD/
false
GnuPG vs Signal is like apples versus smart light bulbs!
Talk
en
What you can do with GnuPG if you are not writing E-Mails.
There is more to GnuPG than writing E-Mails, as it drives basically the whole IT Infrastructure on my systems I will schow you the thinks I use GnuPG for that have nothing to do with mail.
Hans Freitag
2019-07-25T18:45:00+02:00
18:45
00:30
Klapka
camppp7e3-3-why-48v-is-good-for-you
https://pretalx.hsbp.org/camppp7e3/talk/KV8UNK/
false
Why 48V is good for you
Talk
en
A 48V DC grid on the small scale reduces the need for AC/DC conversion, and provides efficiency gains not only for off-grid systems.
There's not enough (talk about) open 48V DC power hardware. We'd like to change this, for a greener future. 48V can deliver enough power to be practical, while it's still safe to handle. We will show how it makes things easier to have a small 48V grid even at home (home automation, homelab) and of course, for off-grid use and hacker camps.
To show that it's not all just magic smoke and mirrors, we'll show some open hardware too.
What we will talk about:
1. Reasons for 48V
2. DC/DC conversion in a nutshell
3. (Open-) Hardware
4. Future
Links:
- [The Alternative Power Network wiki](https://altpwr.net/index.php?title=Main_Page)
Recording:
- [YouTube](https://www.youtube.com/watch?v=y-toWhkfZ-8)
- [MP4 download, Amazon S3 Frankfurt](https://hsbp.s3.eu-central-1.amazonaws.com/camppp7e3/48v.mp4)
Zoé
2019-07-25T19:30:00+02:00
19:30
01:00
Klapka
camppp7e3-2-setting-small-fully-redundant-datacenter-on-a-budget-how-hard-can-it-be-
https://pretalx.hsbp.org/camppp7e3/talk/WDFTLF/
false
Setting small fully redundant datacenter on a budget. How hard can it be?
Talk
en
Spoiler: It turns out to be very hard!
I want to tell you about the lessons that I have learned the hard way
when I extended my datacenter from one server setup to a multiserver
setup. I tested out several ways to actually do the virtualization on
those systems, from lxc over kvm to libvirt and finally oVirt which I
currently use.
I had some brilliant missideas while planning this like putting storage
and computenode services on the same host or even writing my own
virtualization engine in ansible, because no one did it
before, needless to say: that was a failure.
And while testing out ways to set it up, I also discovered some very
interesting bugs on the way.
Hans Freitag
2019-07-26T14:30:00+02:00
14:30
01:00
Klapka
camppp7e3-15-oldschool-is-still-cool
https://pretalx.hsbp.org/camppp7e3/talk/7K7NWA/
false
Oldschool is still cool
Fun
en
History repeats itself. All the time. If we learn the lessons from the
past and be mindful of what has already happened within the science of hacking,
we can move forward, spending time and energy on creating new technology and
techniques, and advancing the field. But we must never forget the instructive
lessons of the past.
Our hacking journey will start with blue and red boxes and bypassing the “one
phone call” restriction. More than 50 years later you can hack smart vending
machines with similar techniques. Technology may have evolved, but hacking
concepts remain the same.
Bulletin Board Systems were the first places to share information about hacking.
But they weren’t merely the place to share information – they were themselves
the target of hacking. A ZIP vulnerability was widely exploited to hack BBSs.
In 2018 the same hack was reinvented and overhyped.
The concepts of the ancient +++ath0 modem hack will be covered.
The Morris worm from 1988 was as sophisticated as worms like NotPetya from 2017.
Besides old school hacking, I will cover topics like Gopher, Usenet, IRC, Fluxay
and ezines.
You can learn how to pwn a misconfigured Windows 95 and achieve interactive
remote code execution on it. A Metasploit module will be released so that you
can pwn Win95 during your red teaming exercises.
[Presentation slides](https://web.tresorit.com/l#ktVfLOA4M9RDdQZgqWZmSA)
Recording:
- [YouTube](https://www.youtube.com/watch?v=Xn2LlAyL-Is)
- [MP4 download, Amazon S3 Frankfurt](https://hsbp.s3.eu-central-1.amazonaws.com/camppp7e3/oldschool.mp4)
Z
2019-07-26T16:00:00+02:00
16:00
01:00
Klapka
camppp7e3-4-the-anatomy-of-guineafowl-puffers
https://pretalx.hsbp.org/camppp7e3/talk/YP7GJ7/
false
The anatomy of guineafowl puffers
Workshop
en
Let's have a look at OpenBSD from a beginners perspective.
After some introduction what OpenBSD is I will run you through the installation Process and show you a bit around. OpenBSD. I will show you at least opensmtpd, signify, pkg_add, ksh, xenocara, vmm/vmd, ports, doas, tmux, openssh (ok you may know that by now)
At the moment I am using OpenBSD mainly as Mail Inbound/Spamfilter System due to its unique spamd blocker, but I will also show you how easy it is to make a graphical setup.
Some basic Linux/Unix commandline knowledge might come in handy, but not necessarily.
Recording:
- [YouTube](https://www.youtube.com/watch?v=vlL-c8jElfs)
- [MP4 download, Amazon S3 Frankfurt](https://hsbp.s3.eu-central-1.amazonaws.com/camppp7e3/guineafowl.mp4)
/media/camppp7e3/images/YP7GJ7/puffy_openbsd.png
Hans Freitag
2019-07-26T17:15:00+02:00
17:15
00:30
Klapka
camppp7e3-1-unix-vs-web-pentesting
https://pretalx.hsbp.org/camppp7e3/talk/TGYGQL/
false
Unix vs web pentesting
Talk
en
Combining small building blocks with pipes can be beneficial for web pentesters.
Unix is all about combining small building blocks with pipes, resulting in emergent solutions that solve all kinds of problems. Web pentesters also face problems, and current tools like Burp Suite offer bigger building blocks and less room for freestyle connections between said blocks. I've been developing a bridge between the two worlds that makes it possible for web pentesters to tap into the power of Unix and pipes.
Recording:
- [YouTube](https://www.youtube.com/watch?v=xrQode79hTM)
- [MP4 download, Amazon S3 Frankfurt](https://hsbp.s3.eu-central-1.amazonaws.com/camppp7e3/piper.mp4)
dnet
2019-07-26T18:15:00+02:00
18:15
00:30
Klapka
camppp7e3-6-sweet-authorization-cookies
https://pretalx.hsbp.org/camppp7e3/talk/CBGDGR/
false
Sweet Authorization Cookies
Talk
en
Macaroons are super delicious, they are also a means to authorize and delegate authorization, forget JWT and other cookies, this is the real thing.
Recording:
- [YouTube](https://www.youtube.com/watch?v=SsYX40Fp274)
- [MP4 download, Amazon S3 Frankfurt](https://hsbp.s3.eu-central-1.amazonaws.com/camppp7e3/macaroon.mp4)
s
2019-07-26T19:00:00+02:00
19:00
01:00
Klapka
camppp7e3-9-the-small-1-1-of-passwords-
https://pretalx.hsbp.org/camppp7e3/talk/SEFHDP/
false
The small 1*1 of passwords.
Talk
en
lets talk about authentication
I am frequently surprised how little is known about that password thingy.
How complicated do they have to be? Is a password really safe? I show you some basic regular school Math behind passwords. And I will discuss the security measures and strategies to make your password prompt a bit safer.
Hans Freitag
2019-07-26T20:30:00+02:00
20:30
01:00
Campsite
camppp7e3-10-game-music-quiz
https://pretalx.hsbp.org/camppp7e3/talk/YQK89P/
true
Game Music Quiz
Fun
en
Game Music Quiz
20 Song Clips - 20 Games
Let's have some fun at Camp++
I've prepared a song quiz.
20 Songs out of Games. Length of 30sec per Game.
Will be repeated one time.
Fun programm for camp++
Hetti
2019-07-27T15:45:00+02:00
15:45
01:00
Klapka
camppp7e3-12-remote-controlled-vehicles-rc-how-do-they-even-work-cars-quadcopters-boats-there-s-more-
https://pretalx.hsbp.org/camppp7e3/talk/KDUBXU/
false
Remote controlled vehicles (RC), how do they even work? (Cars, quadcopters, boats there's more…)
Fun
en
Remotely controlled vehicles are everywhere these days. Learn about the technology behind them and learn about the fun involved in actually building such things.
Maybe you had an RC car when you were younger, like me?
Wondering how that hobby evolved since the early days?
See a brief history of remote controlled vehicles. Learn about the different kinds of, well things, that you can use and how technology has advanced from strings to electromagnetic waves and protocols.
/media/camppp7e3/images/KDUBXU/RC-vehicles.png
MacLemon
2019-07-27T17:00:00+02:00
17:00
00:30
Klapka
camppp7e3-14-encrypting-data-for-the-cloud-like-we-mean-it
https://pretalx.hsbp.org/camppp7e3/talk/ZPSY8Z/
false
Encrypting data for the cloud like we mean it
Talk
en
Existing encrypted overlay filesystem solutions have tackled the easy problem: They encrypt. However, that alone doesn't hide a lot of interesting metadata: Which sized file was edited when. Let's dig into a filesystem design that balances practicality with hiding metadata in an untrusted storage provider setting.
Block level encryption works well in most cases on modern laptops and storage systems. It's great for the level of protection that it offers, assuming the parameters are correctly applied. However, apart from ZFS's encrypted volumes, there hasn't been a lot of activity in creating filesystems that focus on minimising metadata exposure while keeping the flexibility of an overlay filesystem. Most interestingly, overlay filesystems expose metadata such as file size, and access and modification times, even though scanning arxiv.org and The Pirate Bay shows that file size alone can be a good predictor of the contents of the file. Operating on the assumption that most users will store little original content, it seems straightforward for an adversary to guess the contents of a file with relative certainty.
The talk introduces a novel approach to an overlay filesystem construction that fulfils the following properties:
* Protect data integrity and confidentiality and authenticity
* The exact size of data should not be known by the storage provider
* Ensure encrypted data can be easily synchronised and wiped from storage
* Natively allows versioning and garbage collection (not write-only)
* Allow high-performance and portable implementations
rsdy
2019-07-27T18:00:00+02:00
18:00
00:45
Klapka
camppp7e3-11-urban-composting-for-geeks
https://pretalx.hsbp.org/camppp7e3/talk/JWZZLP/
false
Urban composting for geeks
Talk
en
Managing a vermiculture in a flat has its own ups and downs. I'll teach you how to build one and give an insight to our adventures.
Recording:
- [YouTube](https://www.youtube.com/watch?v=8sHKM9u-2bo)
- [MP4 download, Amazon S3 Frankfurt](https://hsbp.s3.eu-central-1.amazonaws.com/camppp7e3/vermiculture.mp4)
Judit
2019-07-27T19:00:00+02:00
19:00
00:30
Klapka
camppp7e3-7-hacking-for-future
https://pretalx.hsbp.org/camppp7e3/talk/E8FDAA/
false
Hacking for Future
Talk
en
We do change the world we are inhabiting, if we want or not. Therefore, we, working in the field of technology and data, should have a look at our possibilities to influence the direction: economically, ecologically, socially.
This talk is not intended to provide answers, but questions - which should be discussed together.
As a primer, I will try to give a framework of possibilities and problems, amongst others:
+ How to measure sustainability of software development, what are the key parameters (if there are any)?
+ Are there any chances for us to really change the way $things are done?
+ What is sustainable in an IT-context?
eckartt
2019-07-27T20:00:00+02:00
20:00
01:00
Campsite
camppp7e3-13-karaoke-again-
https://pretalx.hsbp.org/camppp7e3/talk/MCQK8P/
true
Karaoke (again)
Fun
en
It's karaoke…
…you sing a song you don't know the lyrics off. Everbody else get's drunk.
What's not to like?
Which part of singing and drinking did you not understand?
/media/camppp7e3/images/MCQK8P/performous.png
MacLemon