What the Hack Day 3

The evening track started with a talk from the Tor and Mixmaster maintainers about future problems they need to resolve to improve anonymous communication over the net. The current state of affairs with regard to Tor seems rather solid, but there're still many research papers to be written. I guess I'll setup a Tor proxy on our home ADSL line as well.
As always, Ruediger Weis gave an interesting talk about the current state of crypto. SHA1 seems in the region where big government agencies can build sufficiently fast machines to break it, but it looks like there will be an AES-like competetion for the next-gen hashing algo. Until now SHA256/512 seems like
a good compromise. Unfortunately there's no implementation in coreutils and Debian base, this should really be fixed.
The last talk I heard "Futureshock", was surprislingly interesting, as I didn't expect much. The lecturer outlined some technological progress over the last 100 years and projected some upcoming developments in AI/robotics, bio tech and nano tech that are already being worked on in labs. The world record for 200 metres running with one artificial leg is already down to 26 secs, which is not that much longer than I need for that distance, so it may only be a question of time when paralympics and olympics get merged.
As it was rather cold and wet I spent the rest of the night hacking in the tent until the network was interrupted due to the rain sometime late in the night.

What the Hack Day 2.5

I started the morning with a talk about reverse-engineering XDA devices with WinCE. I don't own a handheld or a smartphone, but I don't want to see the engineering group that decided that it'd be a good idea to implement an AT command access arbitrary memory regions. This includes the position to unlock the devices safety mode as well...

The noon talk was excellent; a group of engineers implemented a 500km wifi link to bring internet connectivity to rural Peru. They're operating on some wave bands that get reflected in the Ionosphere layer and successfully implemented a stable 3 kbps link.

Later on I listened to a talk from some kernel security guy that evaluated attacks on /proc/pid/mem, which exposes adress segments into user space. The attack on Linux is somewhat theoretical, as the attacker would need to call execve() 2^32 times, but it was very interesting nonetheless.

The next talk about "Client security" was not too good and I left earlier for talk about forging fingerprints to fool biometric scanners. While fingerprints are publically conceived as secure measures, they've actually proven to be rather weak. The lecturer was able to make a working copy in abou ten minutes, really impressive. The followup talk about defeating biometric systems was hampered by the referent's extreme nerviosity and insufficient English, so I left early to drink Flens at the tents. Unfortunately iit started to rain again, but the evening
talks look promising.

What the Rain

It poured the whole night, sometimes to the extent that I woke up because the rain drops were so noisy. This morning a 20 square metres "puddle" emerged 10 metres away from our tents, but it's still a hell of a lot of fun.

What the Hack Day 2

I've spent noon lying in a hammock, sipping "Blender" drinks, a tasty fruit shake with crushed ice and doing some Debian testing security stuff.
Talks in the morning were mixed, the talk about hashes was interesting, but the rest didn't caught my attention were much. I was rather tired from the night, though, so I might have been a bit biased. At the late afternoon some astronomy geek gave a talk about hobbyist analysis of the pictures of the flight to the Titan moon. Pretty cool, the even presented it earlier than NASA/ESA.
The evening track started with an hour long rant by Andreas Bogk about UNIX and C and it's deficiencies. I agree with his analysis, but disagree with his proposed solution (Dylan). Python is ready for production use, has all the features you need and a refreshingly nice syntax, while Dylan fails to hide it's ugly Pascal legacy.
The talk about key banging from some lockpicking guy was very nice, if you ever need a secure lock, buy a Kata Penta Deluxe, it can resist forces of more than 1,500 newtons and it's completely banging proof.
The THX Olympic Quiz sucked alot, and as it started to thunderstorm again we left for the tents, where I'm now closing the day with some hacking and general worrying about the water-proofness of our power and network installation. :-)
Ahh, and in the arcade tent they have a light gun version of "Captain Wolf", I've played it for several levels, what an excellent game. Really great games don't lose attraction over the time

What The Hack Day 1

"What the Hack" started off very nicely.
Power and Internet connectivity were quickly
provided to the tents and made water-proof
in a hurry once a thunderstorm started
yesterday evening. I wish I had a digital
camera, as the lightnings have been very
impressive. The quality of the talks so far
was very good. There was a talk of a bio
scientist from Cambrigde, UK, who demonstrated
"Cyborgs: Practicai Experimentation". As of
today it possible to build devices that
allows paraphlegics to control wheel chairs
with neural commands and he showed a video
of remote controlled mice. They also
experimented with remote control over the
internet, pretty scary to see someone's
arm controlled by someone from the other
side of the ocean.

Also, there has been a talk of a crypto
guy that analysed the security of the new
digital European passports. The initial
key strength requires 35 years of brute
forcing on a standard PC, but they discovered
that one digit is a checksum that be easily
be computed after the attack and some other
patterns about the expiry, which in total
reduced the required computational time down
to two hours...
Yesterdays's final talk was from John
Gilmore, the 70s US hacker legend, who now
focuses on funding research on the medical
benefits of psychedelic drugs, which was
entertaining from a presentational point
of view, as he was obviously under the
influence when giving his talk.