Feed cleverhans-blog [copy] http://www.cleverhans.io/feed.xml has loading error: cURL error 22: The requested URL returned error: 404
Feed Security (b)log [copy] http://securityblogru.livejournal.com/data/rss has loading error: cURL error 22: The requested URL returned error: 403 Forbidden
Feed [bodyawm] Богдан [copy] https://habr.com/ru/rss/users/bodyawm/articles/?fl=ru has loading error: cURL error 22: The requested URL returned error: 404
BitUnlocker: Leveraging Windows Recovery to Extract BitLocker Secrets (39c3)
This talk reveals our in-depth vulnerability research on the Windows Recovery Environment (WinRE) and its implications for BitLocker, Windows’ cornerstone for data protection. We will walk through the research methodology, uncover new 0-day vulnerabilities, and showcase full-chain exploitations that enabled us to bypass BitLocker and extract all the protected data in several different ways. This talk goes beyond theory - as each vulnerability will be accompanied by a demo video showcasing the complete exploitation chain. To conclude the talk, we will share Microsoft’s key takeaways from this research and outline our approach to hardening...
Of Boot Vectors and Double Glitches: Bypassing RP2350's Secure Boot (39c3)
In August 2024, Raspberry Pi released their newest MCU: The RP2350. Alongside the chip, they also released the RP2350 Hacking Challenge: A public call to break the secure boot implementation of the RP2350. This challenge concluded in January 2025 and led to five exciting attacks discovered by different individuals. In this talk, we will provide a technical deep dive in the RP2350 security architecture and highlight the different attacks. Afterwards, we talk about two of the breaks in detail---each of them found by one of the speakers. In particular, we first discuss how fault injection...
Doomsday-Porn, Schäferhunde und die „niedliche Abschiebung“ von nebenan (39c3)
Der amtierende US-Präsident postet ein Video, in dem er Demonstrierende aus einem Kampfjet heraus mit Fäkalien bewirft und das Weiße Haus zelebriert den „Star Wars Day“ mit einem pompösen Trump-Bild mit Lichtschwert. Accounts von AfD-Sympathisanten posten KI-Kitsch einer vermeintlich heilen Welt voller blonder Kinder und Frauen im Dirndl. Ist das lediglich eine geschmackliche Entgleisung oder steckt da mehr dahinter? KI-generierter Content ist aus der Kommunikationsstrategie autoritärer Akteure nicht mehr wegzudenken. Social Media wird derzeit mit rechtem KI-Slop geflutet, in dem wahlweise die Welt dank Migration kurz vor dem Abgrund steht oder blonde, weiße Familien fröhlich...
Coding Dissent: Art, Technology, and Tactical Media (39c3)
This presentation examines artistic practices that engage with sociotechnical systems through tactical interventions. The talk proposes art as a form of infrastructural critique and counter-technology. It also introduces a forthcoming HackLab designed to foster collaborative development of open-source tools addressing digital authoritarianism, surveillance capitalism, propaganda infrastructures, and ideological warfare. In this talk, media artist and curator Helena Nikonole presents her work at the intersection of art, activism, and tactical technology — including interventions into surveillance systems, wearable mesh networks for off-grid communication, and AI-generated propaganda sabotage. Featuring projects like Antiwar AI, the 868labs initiative, and the...
Landtagsrevue Live - AUA (Ask us Anything) (39c3)
Live-Sonderausgabe der Landtagsrevue - dem Landespolitik-Ableger der Parlamentsrevue.
Wir schauen zurück auf das erste Jahr der Landtagsrevue und beantworten eure Fragen rund um die Parlamente - wie funktioniert das eigentlich alles? Wo können wir als Zivilgesellschaft am besten Einfluss nehmen? Wer sind all diese Leute?? Schickt uns eure Fragen gern vorab an landtag@parlamentsrevue.de - so können wir auch Antworten aus den Ländern mitbringen, die nicht live dabei sind.
Licensed to the public under http://creativecommons.org/licenses/by/4.0
about this event: https://events.ccc.de/congress/2025/hub/event/detail/landtagsrevue-live
Video:39c3-83768-deu-Landtagsrevue_Live_-_AUA_Ask_us_Anything_hd.mp4
1965 + 60 Years of Algorithmic Art with Computers (39c3)
What power structures are inherent to the field of computer-generated art? In the year 1965, so 60 years ago, the first three exhibitions of art created with the help of computers took place - in part independently of each other. We want to present the interesting aspects of developments since then and discuss them with Frieder Nake, one of the people who exhibited in those very beginnings and followed those developments with a critical attitude. We want to look at the complex topic of art created with computers, beginning with some careful and barely noticed...
Life on Hold: What Does True Solidarity Look Like Beyond Duldung, Camps, Deportation, and Payment Cards? (39c3)
Lager, Duldung, Bezahlkarte, Essensscheine – Criminalization, Radicalization, Reality for Many People in East Germany This talk sheds light on how these terms shape everyday life. We dive into an existence marked by uncertainty, isolation, and psychological strain, both in anonymous big cities and rural areas of East Germany. We ask: What does “solidarity” really mean in this context? In this session, people share everyday experiences with a system that often systematically undermines human rights and dignity. We don’t just talk about the obvious obstacles like the payment card or residency obligation, but also the invisible wounds: the...
Escaping Containment: A Security Analysis of FreeBSD Jails (39c3)
FreeBSD’s jail mechanism promises strong isolation—but how strong is it really? In this talk, we explore what it takes to escape a compromised FreeBSD jail by auditing the kernel’s attack surface, identifying dozens of vulnerabilities across exposed subsystems, and developing practical proof-of-concept exploits. We’ll share our findings, demo some real escapes, and discuss what they reveal about the challenges of maintaining robust OS isolation. FreeBSD’s jail feature is one of the oldest and most mature OS-level isolation mechanisms in use today, powering hosting environments, container frameworks, and security sandboxes. But as with any large and evolving...
Syncing visuals and stage lights against the beat of live music: an introduction (39c3)
Most clubs and concerts have predefined light and visuals, and often they are generic and not synced to the beat of the music. Today we will show you that it's actually possible to sync visual effects to the beat of live music recorded from the microphone, and it's pretty easy! Aimed at beginners. We will teach people how to set up and use TouchDesigner to perform audio analysis and how to draw basic effects and light shows that respond to the beat of the input audio. If you want to follow along, please come with ...
The Eyes of Photon Science: Imaging, Simulation and the Quest to Make the Invisible Visible (39c3)
Science advances by extending our senses beyond the limits of human perception, pushing the boundaries of what we can observe. In photon science, imaging detectors serve as the eyes of science, translating invisible processes into measurable and analysable data. Behind every image lies a deep understanding of how detectors see, respond and perform. At facilities like the European XFEL, the world's most powerful X-ray free-electron laser located in the Hamburg metropolitan area, imaging detectors capture ultrashort X-ray flashes at MHz frame rates and with high dynamic range. Without these advanced detectors, even the brightest...