MC's Journal

32nd Chaos Communication Congress

Never underestimate the bandwidth of a van full of cypherpunks hurling down the highway. Never mind that the van originally wouldn't start and that we had to get off and push it until it finally started. Now we were hurling along the Autobahn towards Berlin, praying silently to Eris that we wouldn't get an engine failure right there, with BMW's and Porsche's being shot from a cannon behind us.

Hours later we ended up in a fairly up-scale collective, or as the inhabitants called it, a “Wohnungsgemeinschaft”, in Kreuzberg. There was beer cooling in the snow on the balcony, fair wifi and plans for a vegan buffet for New Year's Eve.

The real treat of the trip was of course the ~4000 hackers that were noisily gathering close to Alexanderplatz for the annual Chaos Communication Congress.

This was the start of my first ever C3 conference, a wonderful gathering of hackers and makers that I for a long time had mistakenly thought was just about computer security. I was so wrong. The conference is very much about technology and politics and how they interact and far from being just about computer (in)security.

Now, many years later, the many C3s I've been to have been the best conferences of my life. The organizers and the many volunteers continue to impress me, for example by having their own phone networks (one GSM, one DECT), a working pneumatic tube system covering the entire congress, and one of the best conference networks ever made: this year 4 * 10 Gigabit/s upstream and a wifi with a peak of 8150 clients.

They also offer a temporary co-location facility for your own servers for the duration of the conference.

All talks are streamed in real-time, now without Flash, on some talks including real-time interpretation and subtitling to English and/or German, as well recording everything and offering it to the public.

The talks, workshops and, perhaps best of all, the chance meetings with interesting individuals is why I keep going back year after year.

32C3 Highlights

The 2015 version of the C3 had increased to about 14000 attendees with ~170 talks spread over four days from 11:30 to midnight every day.

If you just watch one of the talks, you should watch Shopshifting, where Karsten Nohl et al breaks commonly used payment protocols by... reading the manual! This includes attacks both against the customer and against the merchant.

If you have time for more, you should watch Alex Halderman's & Nadia Heninger's great talk about logjam: Diffie-Hellman, discrete logs, the NSA, and you. See, especially, the web page they have set up for helping mitigate the logjam:

https://weakdh.org/

A natural extension of the logjam talk is a talk about what happens if your adversary has a quantum computer (pro tip: they don't, yet) and how you might be able to mitigate that with post-quantum cryptography: PQCHacks with Daniel “djb” Bernstein and Tanja Lange.

Every year at least one of the talks at the C3 gets picked up by mainstream press. This year I would have guessed that the Shopshifting talk would get all the press. I was surprised to note that the thing the Swedish tabloids picked up was a closer look on a North Korean Linux distribution, Lifting the Fog on Red Star OS! I didn't even go to that talk, mostly because it seemed to mirror a similar talk on an earlier conference.

All talks are available at:

https://media.ccc.de/c/32c3

The congress main page is kept up at:

https://events.ccc.de/congress/2015/

The schedule or, as the C3 people call it, die Fahrplan:

https://events.ccc.de/congress/2015/Fahrplan/