It’s 5 pm, the sun is slowly setting on the Leipzig conference center, and although we’re only halfway through the first day, there’s a ton that you should see. We’ll report some more on the culture of the con later — for now here’s just the hacks. Continue reading “34C3: The First Day Is A Doozy”
It’s that time of year. While the rest of the Christmas-celebrating world sits around and plays with the toys that they got out from under the tree, German nerds head off to the biggest European hacker con: the 34th annual Chaos Communications Congress, running Dec. 27th through 30th.
The CCC is both a grandparent among hacker cons, and the most focused on using technology to improve the world and bringing folks together. (The “communications” in the name is a dead giveaway.) This year’s motto, “tuwat!” is slangy-dialecty for “do something!” and is call to get up off the couch and use your super-powers for good.
If you can’t get over to Leipzig to join us, you’ll be able to read our extensive coverage starting up shortly after the opening ceremonies, and probably stretching well into 2018. And since the CCC media folks manage to stream every talk, hackers all over the world can follow along live. Most talks are in English, so get together with folks in your hackspace and have a video night!
And if you are in Leipzig, be on the lookout for [Elliot] who will be wandering around, attending workshops, and writing down as much as possible. Show me something cool, rave about a particularly good talk, or just say “hi”.
Fairy Dust clipart courtesy [sonoftroll].
The Chaos Communication Congress (CCC) is the largest German hacker convention by a wide margin, and it’s now in its thirty-third year, hence 33C3. The Congress is a techno-utopian-anarchist-rave with a social conscience and a strong underpinning of straight-up hacking. In short, there’s something for everyone, and that’s partly because a CCC is like a hacker Rorschach test: everyone brings what they want to the CCC, figuratively and literally. Somehow the contributions of 12,000 people all hang together, more or less. The first “C” does stand for chaos, after all.
What brings these disparate types to Hamburg are the intersections in the Venn diagrams. Social activists who may actually be subject to state surveillance are just as interested in secure messaging as the paranoid security geek or the hardcore crypto nerd who’s just in it for the algorithms. Technology, and how we use it to communicate and organize society, is a pretty broad topic. Blinking lights also seem to be in the intersection. But on top of that, we are all geeks. There’s a lot of skill, smarts, and know-how here, and geeks like sharing, teaching, and showing off their crazy creations.
Possibly the greatest hacker show on Earth, the 33rd annual Chaos Communication Congress (33C3) begins Tuesday morning in Hamburg, Germany. And Hackaday will be there! Contributing Editor [Elliot Williams] is taking the night train up and will be trying to take it all in for you. The schedule looks tremendous.
If you can’t make it, don’t fret. There will be live streaming, and the talks are usually available in preliminary edit for viewing or download just a few minutes after they finish. It’s even cooler to watch the talks with friends, though. Every hackerspace with a video projector could be playing along, live or after the fact. Pick some cool talks and have a “movie night”.
If you’re going to be in Hamburg, and you want to show us something cool, tell us that something is NOTAHACK!1!! in person, or even just say “Hi”, we’ll be wandering around from talk to talk and session to session just like you, only with a backpack full of Hackaday stickers.
If there’s anything you think we should see, post up in the comments. If there’s enough call for it, we’ll have a Hackaday meetup once we can figure out a good time and location. Bring us a cool hack, and we’ll document it on the spot! Our DECT phone number is 2475.
The Chaos Communication Congress is growing! Actually, it’s not, but there may be an ‘overflow venue’ for everyone who didn’t get a ticket. There’s a slack up for people who didn’t get a ticket to 33C3 but would still like to rent a venue, set up some tables, stream some videos, and generally have a good time.
Need to test a lot of batteries? Have one of those magnetic parts tray/dish things sitting around? This is freakin’ brilliant. Put your batteries vertically in a metal dish, clip one lead of a meter to the dish and probe each battery with the other lead of your meter.
Pravda reports the USS Zumwalt and HMS Duncan – the most technologically advanced ships in the US and Royal Navies – have turned into, ‘useless tin cans due to China’, with ‘Microchips made in China putting the vessels out of action’. Again, Pravda reports this, so don’t worry. In other news, someone found a few USB drives in a parking lot in Norfolk, Virginia.
Here’s how discourse goes on the Internet. Someone does something. Everyone says it’s stupid. We wait a few days or weeks. Someone posts something on Medium telling everyone it’s actually okay. Public opinion is muddled until the actual issue being discussed is rendered technologically irrelevant. For the newest MacBook Pro, we’re currently at stage 3 and ‘it’s kind of great for hackers’. Now if only we knew how to make USB-C ports work with microcontrollers…
If you have a Prusa i3, here’s a free gift: a Spitfire. The files to print a remote control, 973mm Spitfire Mk XVI are now free for Prusa i3 and i3 Mk 2 owners. Why? Because it’s cool, duh, and [Stephan Dokupil] and [Patrik Svida], the guys behind the Spitfire and other 3D printed RC planes, are also in Czech. Now all we need are Czech roundel stickers.
At the 2010 Chaos Communication Congress, fail0verflow (that’s a zero, not the letter O) demonstrated their jailbreak of the PS3. At the 2013 CCC, fail0verflow demonstrated console hacking on the Wii U. In the last two years, this has led to an active homebrew scene on the Wii U, and the world is a better place. A few weeks ago, fail0verflow teased something concerning the Playstation 4. While this year’s announcement is just a demonstration of running Linux on the PS4, fail0verflow can again claim their title as the best console hackers on the planet.
Despite being able to run Linux, there are still a few things the PS4 can’t do yet. The current hack does not have 3D acceleration enabled; you won’t be playing video games under Linux with a PS4 any time soon. USB doesn’t work yet, and that means the HDD on the PS4 doesn’t work either. That said, everything to turn the PS4 into a basic computer running Linux – serial port, framebuffer, HDMI encoder, Ethernet, WiFi, Bluetooth, and the PS4 blinkenlights – is working.
Although the five-minute lightning talk didn’t go into much detail, there is enough information on their slides to show what a monumental task this was. fail0verflow changed 7443 lines in the kernel, and discovered the engineers responsible for the southbridge in the PS4 were ‘smoking some real good stuff’.
This is only fail0verflow’s announcement that Linux on the PS4 works, and the patches and bootstrap code are ‘coming soon’. Once this information is released, you’ll need to ‘Bring Your Own Exploit™’ to actually install Linux.
Video of the demo below.
North Korea is a surveillance state propped up by a totalitarian government infamous for human rights abuses and a huge military that serves the elite while the poor are left to fight over scraps. Coincidently, that’s exactly what North Korea says about the United States.
There is one significant difference between the two countries: North Korea has developed its own operating system for its citizens, called Red Star OS. It’s an operating system based on Linux, but that has a few interesting features that allow Glorious Leader to take care of his citizens. A deep teardown of what has gone into the development of Red Star OS hasn’t been available until now, with [Florian Grunow] and [Niklaus Schiess]’s talk at the Chaos Communication Congress this week.
The first question anyone must ask when confronted with an operating system built by a country that doesn’t have much electricity is, “why?” This question can only be answered philosophically; the late Kim Jong-Il stressed the importance of North Korea developing “their own style” of programming, and not relying on western operating systems. Nearly everything in Red Star has been modified, with a custom browser called Naenara, a crypto tool, a clone of Open Office, a software manager, and a custom music composition tool. Red Star also had to have the look and feel of OS X; that is, after all, what Glorious Leader uses.
Red Star goes much deeper than custom browsers and a desktop theme. There are other, subtler components inside the OS. There is a program that verifies the integrity of the system by checking signatures of the custom files against a database. If a file has been tampered with, the system reboots. Since this tamper check runs on bootup, Red Star makes it nearly impossible to modify files for study. This is one of the big features designed into Red Star – system integrity is paramount.
There are other custom bits of software that hide files from the user even if they have root, and a ‘virus scanner’ that is anything but. This virus scanner checks documents for patterns that, when put through Google Translate, are strange, weird, and somewhat understandable. Phrases like, “punishment”, “hungry”, and “strike with fists” are detected in all documents, and depending on what the developers decide, these documents can be deleted on a whim.
While scanning a system for documents that contain non-approved speech is abhorrent enough, there’s another feature that would make any privacy advocate weep. Media files including DOCX, JPG, PNG, and AVI files are watermarked by every computer that opened the files. This allows anyone to track the origin of a file, with the obvious consequences to free speech that entails.
While most people in the US consider North Korea to be a technological backwater and oppressive regime, the features that make Red Star OS useful to the DPRK are impressive. The developers touched nearly everything in Red Star, and the features inside it are rather clever and make their style of surveillance very useful. They’re also doing this without any apparent backdoors or other spycraft; they’re putting all their surveillance out in the open for all to see, which is, perhaps, the best way to go about it.
