.aware goes CCC

Last year, the Chaos Computer Club (CCC) held its annual Chaos Communication Congress under the motto "Full Steam Ahead" in Berlin, Germany. From the 27th to the 30th of December, nerds from all over the country gathered around and inside the Berlin Congress Center to attend the talks and workshops at one of the biggest community events in Germany. And on a blistering cold 26th of December, we prepared for our very own departure to the country's capitol, with the fierce intention to finish The Secret of Monkey Island in just 4 days already filled with plenty of m4d h4x.

born rattle toby

And the one in the middle, the one with the black hat, sucking on that bottle of coke like it's David Hasselhoff's weener, that's me. But, with no further ado, here is my journal of our trip to Berlin.

.day 0

Actually, born is the kind of guy who has a certain habit of being late, and when toby arrived at my place, we both had already received the text message that the departure would be delayed by an hour or such - so we fired up our laptops and got Monkey Island running on his box and blackthorne running on mine, then we played silently for about half an hour until the doorbell finally rang and we were ready to go.

We decided to have breakfast at the burgerking around the corner, which would prove to be the most healthy food we were going to get on this trip. After that, it was strictly 604 kilometers by car. I shan't, I can't and I won't reproduce our chats during the trip, but they weren't of particularly technical nature anyway. Against all odds, we even had music in born's car, which is sortof remarkable: The car does not posess any device such as a radio. However, we were able to attach a pair of kinky CreativeLabs™ speakers to born's mobile phone, which was loaded with some security backups of our favourite music albums. 21st century ftw!

Side Note:The fact that we had to pay like 12 Euros for the batteries at some gas station was silently ommitted.

Unfortunately, during the 7 hour trip, I realized that I had probably cought a cold, and towards the evening, I felt rather ill. I decided to ignore it, which was probably the only thing I could do anyway. When we arrived at the congress center, there was a huge queue in front of the ticket counter - but thanks to the heavens above, I could walk right past it to get my press ticket and 2 visitor tickets for born and toby. Having saved approximately 2 hours of standing in line, we went to see Aliens vs. Predator 2 instead. It's the shit.

.day 1

I woke up with a sore throat (as to be expected), but despite that, I felt surprisingly well. After an awesome breakfast we headed for the welcome event at the congress center. It basically consisted of a brief introduction, a map of the area, and presentation of some other nice features. For instance, every attendant was allowed free phone calls to anywhere in the world, from several public phones that had been placed in the hallways. There was LAN and WLAN all over the place, and although they apologized in advance for expected instabilities, I never had any problems getting online. People already put up their laptops and even some workstations everywhere - in the cafeteria, the floors, you name it. The interior design had been spiced up with some sweet light effects, and couches/tables had been placed everywhere around the switches and power sources. Some people had brought more tech, such as music players and their own switches, telephones or other fancy gadgets. The whole feeling was pretty cyberpunk, I liked that a lot.

<toby> I'm not getting an IP address assigned. Again.

<born> Well.

<born> Just take one, then.

12:45 We went to sit the talk on the "Bundestrojaner" (roughly translates to "national trojan"), which was in German. The name is a joke on proposed laws in Germany which basically legalize the electronic surveillance of any suspect without his or her knowledge. This includes, but is not limited to the following techniques:

By and means remotely infecting a suspects computer with spyware (keyloggers, trojans) of any kind.
Breaking into a suspects house, installing hardware keyloggers and other physical surveilance measures in his or her apartment.
Intercepting web traffic at ISP level and deploying sophisticated Man-In-The-Middle attacks to spy on a suspects communication and/or modify binaries at the time they are downloaded.

Well.

<toby> I suppose we should actually start to check those MD5 checksums now.

14:00 There was supposed to be a talk on "distributed security", which sounded pretty theoretical - but I wasn't any less disappointed to learn that the talk had been canceled. We decided to go and get some food in order to return for the talk about sidechannel attacks on AES at 1715. Next to the congress hall, there was a shopping center which also contained a couple of fast food restaurants - we quickly agreed on the chinese one. Born took the really tastey meatballs for 5 bucks, but toby and me thought that some grilled noodles for only 3 would cut it. We were wrong. What I imagined to be a huge bowl of yummy noodles with grilled chicken turned out to be a miserably tiny paper box the size of a rubix cube - stuffed with some lukewarm noodlegoo. Frustration level - elevated.

17:15 And so we returned, hungry. And the AES talk was canceled. And I was not happy. The only two talks that had really interested me did not happen at all. I wanted to make the best of it anyway and checked out the workshops downstairs.

scattered lego cool lego lockpicking

I ended up doing neither the lego nor the lockpicking thing, but it was fun to watch anyway. In case you are wondering - when questioned, the people at these tables did not allow me to take any pictures of them. Hence, no pics of cool lego hackers available. I got the same reaction from most people at the congress, which I rate somewhere between sad and ludicrous.

18:30 Finally, a technical talk! This one was dubbed "make cool things with microcontrollers". To be honest: I am not much of an electronics guy, so I didn't really pay any attention. Born was quite fascinated, though. The speaker was a pretty laidback American, talking about the joys of building microcontrollers. He presented a couple of witty projects, including the brain machine and a little gadget he called TV-B-Gone, which would just switch off all TV's in a certain radius. Memorable was also the SolarDog, which would wag its tail if you fed it with light. There was a huge workshop connected to this talk, where people could build their own microcontrollers. That was definitely pretty sexy stuff, but I am really not much into electronics, so I can't tell you much more.

20:30 CyberCrime 2.0! This talk could finally convince me that it had been a good idea to come all the way to Berlin. It was a really interesting Analysis of the networking mechanisms and protocols used by the Storm Worm. Thorsten Holz did a great job at presenting some very interesting results - without giving the audience too much of a headache. Great job! I would have loved to hear more about the kernelmode rootkit component of the Worm, but that was definitely outside the scope of this talk, so I am not complaining. Afterwards, I would have loved to stay for the VX talk at 23:00, but I felt so exhausted and ill that we had to head home.

.day 2

As you might have guessed, all three of us study mathematics. Hence, we wanted to go and check out the "Absurd Mathematics" talk at 12:45, but it was so crowded that we decided to camp somewhere and get our shit together instead. We were told later by a trustworthy source that it wasn't quite so mathematical, so I suppose it was not that much of a loss either.

<toby> rattle, could you tell me the MAC address of the node you are connected to?

<rattle> look, I just clicked on "connect". It doesn't tell me anything about MAC addresses.

<rattle> it's windows.

<toby> hm

14:00 Time for Quantum Cryptography and Possible Attacks! Although I have a firm interest in cryptography, it is motivated exclusively by mathematical fascination. Hence, I was never really into quantum cryptography, which is research done by physicists. Also, the last talk on the subject which I attended had been quite theoretical. Back then, it sounded like there was, theoretically, a way to securely transport, one bit of information, every couple of seconds, across a distance of roughly one meter, under laboratory conditions. As you can imagine, I wasn't really impressed back then. However, either I got the entirely wrong impression or a lot of progress has been made.
These guys were talking about transporting reasonably large amounts of information over a distance of several kilometers. Using photon emitters. Yea, light beams. Cool shit, huh? They lost me about half way into the talk and when they started about side channel attacks on the crypto, I had already given up. Physics really do my head in, but if you can handle it, this will be a real interesting video to watch.

After the talk, we went to have some lunch. By now, we had pretty much settled with McDonalds exclusively, because there was no better choice, at least not in close vicinity to the congress center. When we returned, people in front of the congress were showing off their wicked remote-controlled rotor-drones, which was really awesome to watch.

17:15 This one was a talk about breaking just in time compilers, in this case, some java VM. It was a good talk and a solid exploit - but then again, this kind of stuff is always the same. Someone wasn't paying attention to security issues when imeplementing a certain piece of software - in this case, a virtual machine - then someone comes along and does the h4x. Hence, I really can't remember any technical details, no matter how much I try.

Yea, that's a remote-controlled tank. There is absolutely no fucking need to grow up. Ever.

18:30 A talk about automatic memory management. Actually, I would not have attended if it hadn't been for the others (and the fact that the parallel talks were even less interesting). Anyway, from the few moments when I was really paying attention I could definitely tell that it was exactly how I expected it to be. We would listen to a lot of possible ways to garbage-collect and why this is so much better than coding in C. Phony crap.

20:30 and it was time for the absolute highlight of the day, and maybe the entire congress itself, to begin. I had so very been looking for the phenoelit talks, and my hopes would even be surpassed. The first talk was a hilarious compilation of crazy barcode hacks, ranging from video rental services over postal codes to cross site scripting attacks on hardcopy newspapers (check those slides and see for yourself). I got the impression that FX did some really thorough research on the topic and hence, the talk was very rich. He knew those barcodes inside out, and you could tell that it came from experience. Both talker and audience, I believe, had an incredible amount of fun - there were significantly more laughs and shouts than usually, and I still can't refrain from smirking devilishly when I think of certain episodes. Consequently, the single hour went by too quickly - but luckily, there was a second lecture waiting!

This one was entitled "Port Scanning Improved". The bottom line of the presentation was the release of a portscanner with innovative technical design: Portbunny uses congestion control mechanisms, adopted from TCP, to implement the fastest halfopen scan in the whole wild west. It does not care about fingerprinting or UDP scanning or similar gadgets, this is straightforward a barebone, radically fast TCP portscanning engine. I was totally in love, and as soon as I find me some spare weeks time, there will be a windows implementation of this concept available on .aware.

Afterwards, we also went to sit another talk on RFID chips and it was good, but I was used up for the day and unable to focus. It was a great day, and I had seen a lot of cool new things, and it was time to go home and sleep.

.day 3

This was the last day for us at CCC, because we wanted to be home one day before new year's evening. We didn't have a whole lot of talks planned this day, the first one starting at 17:15. We went to the center a bit earlier anyway to do some merchandise and have a look at the workshops again. I got me a green shirt that says WAR DRIVER, and a cool sticker. Unfortunately, the sticker would turn out to be not quite as sticky as I would have wanted it to be:

17:15 Time for our first talk. From Ring Zero to UID Zero suffered from a really frustrating problem: The topic was interesting, I was really curious about it - but the speakers had such strong accents that I was unable to follow the talk. On the one hand that's quite sad because these guys seemed to know their shit, and it would have probably been very interesting if it hadn't been for the language difficulties - on the other hand, though: I am really glad that this was the only time I had this sort of problem. The majority of other talks that we attended were in English as well, and I didn't have too many problems with the pronounciation.

After the talk we went to have dinner, and it was probably the best McDonalds food I have ever had, in my whole life. I took a picture of it to document how delicious it was.
As we returned to the center, a spontaneous demonstration against digital surveillance laws had cropped up. A bunch of people were standing out in the cold, holding up their banners and pointing out how much the whole monitoring of our private communications sucks. Call me bitter - but I believe that the time of political demonstrations is long gone, and that they have no significant effect these days. It's just a feeling.

"Dare to be free, stop the surveillance madness"

18:30 Needless to say, everyone was being peaceful, no arrests or riots. One reason may be that the audience was mainly of academic background, but then there were also some truly elite policemen guarding the scene.
Apart from the photos, we didn't really pay much attention to the demonstration and continued to sit the talk dubbed Relay attacks on card payment. To make a long story short, It did not scare the living hell out of me, although it might do that to you, if you are paranoid enough. They are describing an actual design flaw in card payment systems and that is definitly a serious problem. However, the exploit doesnt seem feasible enough to me to lose sleep over this.

20:30 Reverse Engineering of Embedded Devices was easy on the eyes and the ears, but that also means that I did not learn anything new here. I lost count to how many builtin telnet clients of routers, cable modems or coffee machines I already connected in my life - We all have toyed and tempered around with hardware devices, and he simply didn't talk about anything I had not done before.

In the evening, we went to check the cbase, a club / bar / meeting place for computer geeks and their computers. We didn't really stay till late at night because I was still having a sore throat and toby had caught my cold in the meanwhile, but I can imagine that you can have some kickass parties in this place. There were two huge screens where funky acid phantasy graphics and movies were being displayed, comfy sofas and, of course, a bar. I made some pictures so you get an idea:

.conclusion

It was a great trip to Berlin, and I saw quite a lot of very interesting and new stuff. It was an event well worth the long journey. Particularly the talks by Phenoelit made for a totally awesome second day, but that's probably a matter of personal taste. Talk about taste - what I really liked about the congress was the diversity. Every hour, there were three parallel talks. 24C3 always had something to offer for everyone. I found that particularly well-done; all we geeks ever want is infotainment, after all.

rattle out.