25C3 hardware workshops

quadcopter

The 25C3 team has a post highlighting some of the hardware workshops that will be happening at Chaos Communication Congress this year. Our own [Jimmie Rodgers] will be in the microcontroller workshop area building kits with many others. The folks from mignon will be bringing several of their game kits for another workshop. We saw quite a few quadcopters at CCCamp and the team from Mikrokopter will be back to help you construct your own drone. They say it only takes five hours for the full build, but space is limited.

25th Chaos Communication Congress schedule

The team behind 25C3 has published the first draft of this year’s schedule. The annual Chaos Communication Congress is happening December 27th to 30th in Berlin, Germany. There are plenty of interesting talks already in place. We’re spotting things we want to attend already: The conference starts off with how to solar power your gear, which is followed by open source power line communication. A TOR-based VPN, an open source BIOS, rapid prototyping, holographic techniques, and running your own GSM network are on the bill too.

We’ll have at least three Hack a Day contributors in attendance. Last year featured two of our favorite conference talks: [Drew Endy]’s Biohacking and the MiFare crypto1 RFID crack. We hope to see you there.

Notacon call for papers

notaconbadge

Notacon has just announced their first round of talk selections. The Cleveland, OH area hacker conference will be celebrating its sixth year April 16th-19th. When we attended this year we saw talks that ranged from circuit bending to the infamous TSA bagcam. Self-taught silicon designer [Jeri Ellsworth] presented on FPGA demoing. [Trixter] covered his demo archiving process. You can find a video archive of this year’s talks here.

We’re really looking forward to the conference. [SigFLUP] is already on the schedule to cover Sega Genesis development. Get your talk in soon though; they’re already handing out space to the knitters.

Hacking at Random 2009 dates announced

Hacking at Random, an international technology and security conference, has just announced the dates for their 2009 event. The four day outdoor technology camp will be held August 13-16 near Vierhouten, Netherlands. HAR2009 is brought to you by the same people who held What the Hack, which we covered in 2005. They’ve done this every four years for the last 20. We’ll be sure to attend. We loved CCCamp in Germany last year and plan on attending ToorCamp in Seattle this year too.

[photo: mark]

Messing with barcodes

stencil

[nico] just received his credentials for an upcoming conference. On each badge, there’s a 2D barcode with the participant’s bio and contact info. These are meant to be scanned by vendors for future contact. [nico] isn’t so interested in that and plans on updating his personal info by generating a new barcode. To this end, he’s collected a number of links to help out barcode hackers. He used the SWIPE toolkit to identify the format and decode (it has an online component too). There are also several online encoders you can use, like this one from [Terry Burton]. If you’re wondering what sort of shenanigans you can get into faking barcodes, check out [fx]’s presentation from 24C3.

[photo: seanbonner]

Black Hat 2008: Dan Kaminsky releases DNS information


[Dan Kaminsky]’s much anticipated talk on his DNS findings finally happened at Black Hat 2008 in Las Vegas today. [Dan] has already uploaded the complete slides from his talk as well as posted a short summary to his site. New information in the slides since our previous coverage includes “Forgot My Password” attacks and new attacks on internal network vulnerabilities as a side of effect of DNS cache poisoning. [Dan]’s talk today was over capacity; our shot of the conference room overflow is shown above.

Black Hat 2008: EFF Coders’ Rights Project announced

The EFF has just announce the creation of the Coders’ Rights Project website at the Black Hat conference. The sites’ main goal is to centralize legal information for coders, and to help protect important security work from legal actions that may be taken against them with the DMCA and other legal black holes. While this is in no way a fully comprehensive list of everything you need to know, it looks like a good place to start, and provides a few FAQs for suggestions on how to stay in the legal clear as much as possible. At numerous points the documents suggest you speak with a lawyer, if you have any deeper questions, which you absolutely should. This can be very helpful if a person or group finds a security risk, and wants to publish it, or just wants to start looking into possible security risks.