Feed cleverhans-blog [copy] http://www.cleverhans.io/feed.xml has loading error: cURL error 22: The requested URL returned error: 404
Feed Security (b)log [copy] http://securityblogru.livejournal.com/data/rss has loading error: cURL error 22: The requested URL returned error: 403 Forbidden
Feed [bodyawm] Богдан [copy] https://habr.com/ru/rss/users/bodyawm/articles/?fl=ru has loading error: cURL error 22: The requested URL returned error: 404
Supplements und Social Media – wenn der Online-Hype zur realen Gesundheitsgefahr wird (39c3)
Nicht zuletzt durch die Werbung in den sozialen Medien werden in Deutschland immer mehr Nahrungsergänzungsmittel verkauft. Einige Influencer bringen sogar ihre eigenen Präparate auf den Markt. Gleichzeitig häufen sich Fälle, in denen die Einnahme von vermeintlich harmlosen „Supplements“ zu Gesundheitsschäden geführt hat. Der Vortrag will daher die Mechanismen hinter dem Supplement-Hype aufzeigen, zudem erklären, warum aktuell ein ausreichender Verbraucherschutz insbesondere im Internet nicht gewährleistet werden kann, wo Handlungsbedarf für die Politik besteht und wie man sich selbst vor fragwürdigen Produkten schützen kann. Der Markt für Nahrungsergänzungsmittel boomt seit Jahren. Dafür sorgen unter anderem verschiedenste Influencer,...
Teckids – eine verstehbare (digitale) Welt (39c3)
Die Teckids-Gemeinschaft bringt Kinder, Jugendliche und Erwachsene zusammen, um gemeinsam aktiv für eine verstehbare (digitale) Welt zu sein. Bei Teckids geht es nicht "nur" um Technikbasteln und Programmieren mit Kindern, sondern darum, mit anderen, für andere, bei Events und gesellschaftlich aktiv zu werden. In letzter Zeit haben wir viele Projekte dafür unternommen. Unter anderem haben wir den neuen Themen-Slot "Jung und überwacht" bei den BigBrotherAwards 2025 gestaltet und bereiten Jugendthemen für das nächste Jahr vor. Zum zweiten Mal laden wir beim 39c3 Kinder beim Fairydust-Türöffner-Tag "hinter die Kulissen" der Chaos-Teams ein. Unser Slogan mit dem etwas merkwürdigen...
APT Down and the mystery of the burning data centers (39c3)
In August 2025 Phrack published the dump of an APT member's workstation. It was full of exploits and loot from government networks, cell carriers and telcos. The dump sparked a government investigation, and corpos like LG and Korea Telecom were asked to explain themselves. Hours before an onsite audit, the data center mysteriously caught fire, destroying almost a hundred servers. Then another data center burned - and unfortunately, there was even one death. The talk aims to revisit this mysterious sequence of tragic incidents. [TW: Suicide, self-harm] In August 2025 Phrack published the dump of an APT...
Celestial navigation with very little math (39c3)
Learn how to find your position using a sextant and a custom slide rule, almost no math required! Since the dawn of time people have asked themselves: where am I and why am I here? This talk won't help you answer the why question, but it will discuss how determine the where in the pre-GPS age of sextants, slide rules and stopwatches by taking the noon sight, aka the meridian passage. The usual way to find your position using the Sun requires a large almanac of lookup tables and some challenging math. The books...
AI Agent, AI Spy (39c3)
Agentic AI is the catch-all term for AI-enabled systems that propose to complete more or less complex tasks on their own, without stopping to ask permission or consent. What could go wrong? These systems are being integrated directly into operating systems and applications, like web browsers. This move represents a fundamental paradigm shift, transforming them from relatively neutral resource managers into an active, goal-oriented infrastructure ultimately controlled by the companies that develop these systems, not by users or application developers. Systems like Microsoft's "Recall," which create a comprehensive "photographic memory" of all user activity,...
Race conditions, transactions and free parking (39c3)
ORM's and/or developers don't understand databases, transactions, or concurrency. After the [Air France-KLM dataleak](https://media.ccc.de/v/37c3-lightningtalks-58027-air-france-klm-6-char-short-code) I kept repeating this was not a real hack, and confessed I always wanted to hack a system based on triggering race conditions because the lack of proper transactions. This was way easier than expected. In this talk I will show how just adding `$ seq 0 9 | xargs -I@ -P10 ..` can break some systems, and how to write safe database transactions that prevent abuse. In this talk I will explain what race conditions are. Many examples of how and why...
Human microservices at the Dutch Railways: modern architecture, ancient hardware? (39c3)
The Dutch railways have been operating an increasingly complicated network of trains for over 80 years. The task of overseeing it is far too complex for a single human. As such, a network of specifically scoped humans has been connected. Over time, computers and software have been introduced into the system, but today there is still a significant role for humans. This talk describes the network of "human microservices" that is involved in the Dutch Railways' day to day operation from the eyes of a software developer. When a train breaks down in the Netherlands, a...
Greenhouse Gas Emission Data (39c3)
Data about greenhouse gas emissions, both from countries and individual factories, is often publicly available. However, the data sources are often not as accessible and reliable as they should be. EU emission databases contain obvious flaws, and nobody wants to be responsible. Which factory in my city is the largest emitter of CO2? Which industrial sector is responsible for the largest share of a country's contribution to climate change? It should not be difficult to answer these questions. Public databases and reporting required by international agreements usually allow us to access this data. However, trying to access and work with these datasets...
Wer hat Angst vor dem Neutralitätsgebot? (39c3)
Wer überhaupt „neutral“ sein muss, was das bedeutet, und wer sich jetzt wehren muss. „Neutralität“ wird zum neuen Kampfbegriff: Weil sie gegen die menschenfeindliche Politik von Friedrich Merz protestieren, wirft die CDU Gruppen wie Omas gegen Rechts, Greenpeace und Correctiv vor, nicht neutral zu sein. Unter Berufung auf ein angeblich verletztes Neutralitätsgebot werden staatliche Förderungen gestrichen und NGOs geraten unter Beobachtung des Verfassungsschutzes. Julia Klöckner verbietet im Namen der „Neutralität“ Palestine-Shirts, Anstecknadeln und Regenbogenflaggen im Parlament. Die AfD fordert dazu auf, Lehrkräfte zu melden, die sich gegen Rechtsextremismus einsetzen oder entsprechende Positionen innerhalb der AfD kritisieren. Doch...
Lightning Talks - Tag 3 (39c3)
Lightning Talks - Tag 3 - **Lightning Talks Introduction** - **"Oma, erzähl mir von der Zukunft" oder: Wie wir weiter interessante Sachen machen, ohne den Planeten zu ruinieren 🌱** — *EstherD* - **Don't abuse the ecosystem** — *michele* - **The Climatepoetry.org video tool** — *Magnus Ahltorp* - **Neo-Kolonialismus & Katzenbilder - Installation zur Lieferkette von GenAI** — *Stefan, Yannik & Rike* - **Build social inventories with StashSphere** — *Maximilian Güntner* - **Invitation to the Fermentation Camp "Kvas 2026"** — *algoldor* - **Stretching nginx to its limits: a music player in the config file** — *Eloy* - **2D Graphics Creation with Graphite -...