Jeden Tag eine App
…
continue reading
Player FM - Internet Radio Done Right
28 subscribers
Checked 10h ago
اضافه شده در eight سال پیش
محتوای ارائه شده توسط CCC media team. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط CCC media team یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
مشابه Chaos Computer Club - recent events feed (low quality)
Jeden Samstag das Neueste aus Computertechnik und Informationstechnologie. Beiträge, Reportagen und Interviews zu IT-Sicherheit, Informatik, Datenschutz, Smartphones, Cloud-Computing und IT-Politik. Die Trends der IT werden kompakt und informativ zusammengefasst.
…
continue reading
In dieser Serie diskutieren wir interessante Themen aus Software-Entwicklung und -Architektur – immer mit dem Fokus auf Praxistauglichkeit.
…
continue reading
Immer donnerstags live um 17 Uhr sprechen Anna Kalinowsky, Malte Kirchner und Volker Zota von heise online bei YouTube über die Tech-Themen der Woche. Zum Nachhören gibt es die heiseshow auch als Podcast.
…
continue reading
1
Zurück zur Zukunft - Tech-News und Business Models
Zurück zur Zukunft - Tech-News und Business Models
3k
331
Nicht nostalgisch an Vergangenem kleben, sondern optimistisch die Zukunft gestalten: Zurück zur Zukunft! Denn: Institutionen werden immer versuchen, die Probleme zu erhalten, für die sie die Lösung sind (Clay Shirky). Wir fassen daher seit 2019 jede Woche die wichtigsten Entwicklungen im technologischen Umfeld zusammen und ordnen ihre Konsequenzen für Unternehmen und die Gesellschaft ein. Jeden Dienstag neu! Als Unternehmer aus Berlin befassen wir uns seit 1995 intensiv mit dem Internet und ...
…
continue reading
Ein Podcast über alte und neue Spiele
…
continue reading
Die wöchentliche Talkrunde rund um Apple, Mac, iPod + iPhone, Gadgets und so. Fast live aus München.
…
continue reading
Deutschlands erfolgreichste Nachrichtensendung als Video-Podcast.
…
continue reading
Das monatliche Radio des Chaos Computer Club Berlin
…
continue reading
1
Working Draft
Vanessa Otto, Peter Kröner, Hans Christian Reinl, Stefan Baumgartner, Christian »Schepp« Schaefer
3k697
Working Draft ist der deutschsprachige Podcast für Frontend-Entwicklung, Webdesign und UI Engineering. Bei uns geht’s um HTML, CSS, JavaScript, Frameworks wie React, Vue und Angular, Responsive Webdesign, User-Interfaces, moderne UI-Patterns, Barrierefreiheit, Tooling, Design-Systeme, Webstandards und mehr. Unser Team besteht aus erfahrenen Frontend-Entwickler:innen aus Deutschland und Österreich – mit Gästen aus der Praxis, die regelmäßig Einblicke in aktuelle Tech-Themen geben. Ob neue CSS ...
…
continue reading
Player FM - برنامه پادکست
با برنامه Player FM !
با برنامه Player FM !
))
Daily Deals
پادکست هایی که ارزش شنیدن دارند
حمایت شده
T
Tickets to Travel
Ep. 47 – Ticketing Chaos Explained: Bots, Brokers & Bold Claims with Joel Schwartz What do Donald Trump, Kid Rock, and a 200% ticket guarantee have in common? They’re all part of the chaotic, misunderstood world of live event ticketing—and veteran ticket broker, founding member of the National Association of Ticket Brokers (NATB) and attorney, Joel Schwartz is here to discuss the current executive order and how it affects ticket brokers and fans. In this high-impact episode, we sit down with one of the original voices in ticket resale to break down what’s really driving the headlines. From political theater to pricing transparency, Schwartz shares insider stories from decades in the game—starting with Lions games in the '70s and stretching all the way to Super Bowl holdbacks, Taylor Swift meltdowns, and FTC policy shifts. In this episode, you'll learn: Why bots aren’t the real problem—and who actually is How “dynamic pricing” impact fans, travel planners, and the entire resale market What the new executive orders and pricing laws could mean for concerts, sports, and festivals How fans, brokers, and platforms can navigate an increasingly complex and competitive marketplace Whether you're a travel professional, ticketing insider, or just a fan tired of hidden fees and vanishing inventory, this episode delivers clarity, context, and a dose of hard truth. Follow us at @Tix2TravelPod on all platforms and subscribe wherever you get your podcasts. www.tttpod.com www.xpotravel.com…
Instant Overflow Injection - Shifting traffic to overflow providers in a moment's notice (denog16)
Manage episode 450961968 series 1910928
محتوای ارائه شده توسط CCC media team. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط CCC media team یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
Single peering interfaces can get loaded during peak usage and/or failure scenarios while the network as a whole still has spare capacity. As remedy we can use upstream via our so-called overflow providers. In normal operation mode we will prefer direct peerings and only use overflow providers as fallback. For events like the European Football Championship we want to be able to shift traffic to those fallback routes with low effort, low wait times, high granularity and high confidence. We have implemented a service that injects on-demand copies of the existing fallback routes with the preferences tuned to let them be preferred over the "normal" peering routes. The routes are advertised via BGP sessions to our routers and are not distributed any further. The service is using GoBGP and running in Kubernetes. Licensed to the public under http://creativecommons.org/licenses/by/4.0 about this event: https://pretalx.com/denog16/talk/NCYK9Q/
…
continue reading
1765 قسمت
اشتراک گذاریManage episode 450961968 series 1910928
محتوای ارائه شده توسط CCC media team. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط CCC media team یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
Single peering interfaces can get loaded during peak usage and/or failure scenarios while the network as a whole still has spare capacity. As remedy we can use upstream via our so-called overflow providers. In normal operation mode we will prefer direct peerings and only use overflow providers as fallback. For events like the European Football Championship we want to be able to shift traffic to those fallback routes with low effort, low wait times, high granularity and high confidence. We have implemented a service that injects on-demand copies of the existing fallback routes with the preferences tuned to let them be preferred over the "normal" peering routes. The routes are advertised via BGP sessions to our routers and are not distributed any further. The service is using GoBGP and running in Kubernetes. Licensed to the public under http://creativecommons.org/licenses/by/4.0 about this event: https://pretalx.com/denog16/talk/NCYK9Q/
…
continue reading
1765 قسمت
كل الحلقات
×
The goodbye and look back on the camp. The thank you, the funny stories. All of them. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/VSKJMH/
Zero Trust (ZT) has evolved from pure network access to hype. ZT Everywhere has become a buzzword. If you ask about it during product presentations, the sales person sometimes runs out of the meeting. If we look beneath the surface, we find a lot of code that we trust in zero trust environments without realising it. Istio containers in service meshes, key management systems in SSH/Ansible environments and a whole lot of legacy code in confidential computing require trust in strange containers, ex-employees and attestation processes and a CI/CD pipeline for microcode in the cloud. What questions should we ask ZT? As the management of keys is crucial for TLS (encryption on transport), disk encryption (encryption on rest) and the new kid on the block confidential computing (encryption of data in use) we look under the carpet of implementations and raise a lot of questions to ask if implementing the concept. This immediately affects any digital souvereignty. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/3EHJGJ/…
A shared understanding of what time it is and the rate at which time progresses is essential in many areas of technology from industrial control to broadcast. There are two main ways of synchronizing time between multiple computers, Network Time Protocol (NTP) and Precision Time Protocol (PTP). NTP is sufficient for certificate validation, but when timing is crucial we need PTP. In this talk we will take a deep dive into PTP: what it is, how it works, and various ways to abuse it. In my previous talks about Audio over IP and AV technologies the Precision Time Protocol has come up repeatedly as something that deserves its own talk. PTP has a wider use case which makes it interesting as a target for shenanigans. The talk aims to consolidate several years of experience and research into a concise understanding of this fundamental technology. No prior knowledge about PTP or network time will be assumed. Some familiarity with networking basics will be helpful, but not essential. Warning may contain hacker humor. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/LJ9879/…
After some internal evaluation and a journalists inquiry on the possibility of chinese state actors having access to camera footage, Muncipality the Hague decided to do a security test focused on an APT threat on their traffic camera infrastructure. During the session we will show how the team approached this project, how some of the cinematic scenarios of causing traffic jams and using the camera's for espionage were possible in real life and what lessons were learned from the project. The session will start with providing a bit of context on why the project was started, what was already going on at that time and why the muncipality of the Hague had further questions for which they needed a hacking team. We then discuss how we approached the project in a complex environment, where APT threats are involved and how that changes how you assess certain systems and features. The core of the presentation focuses on disclosing the actual vulnerabilities found within the systems, how we went through the full cyber kill chain within the environment and what that actually means in the physical realm if this had been exploited with malicious intent. Finally we end the presentation with some details on how the discovered issues were addressed and what general lessons can be learned from this project that could also be applicable for other similar environments. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/RJTUR8/…
The Dutch Electoral Council builds its new software-to-be, with a small in-house team, open source and in public. We call her Abacus. In this talk we'll go in depth on the technical and management side of our project. We invite you to join and check out our work! Our talk contains actual code written in Rust. "The software used in elections is developed open source", according to the Dutch law on elections. As we are working on this software at the Dutch Electoral Council, we want to share our experience and invite you to check out our progress so far. We'll go into our development process and technical choices, show some of the cool contributions we received, some of our own code and show what happens when a small government organisation decides to take software development into its own hands. At the talk both the lead developer and teamlead are present, to be able to elaborate on the actual development and on the management of such a project. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/ALPRVC/…
This is NOT an introductory talk about ISMS (Information-Security-Management)! It is about my experiences and reflections about real-life issues when deploying an ISMS. There will be a section dedicated to 'hacking' an ISMS, though. The presumed audiences are: - individuals working in the realm of IS-/IT-security management - hackers working in environments that expose them to ISMS-related TODOs (I'll try to put these things into context!) - anyone trying to understand this ISMS-nonsense Agenda: 1) Introduction - Management-Systems - Information-Security-Management-Sytems (ISO 27001, German BSI IT-Grundschutz) 2) Theory - Corporate overlords (a.k.a "hacking ISMSes") - Risk-Management - Compliance(-Reporting) - Certifications 3) Reality - What? Why? How? - Anecdotes 4) Conclusion Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/RMHF3N/…
We in Quantum Development (WIQD) is a growing community dedicated to promoting diversity, equity, and inclusion (DEI) in the quantum ecosystem. In this presentation, we will introduce WIQD’s mission and activities, share insights from our first Women’s Day Hackathon, and highlight why fostering an inclusive quantum community is essential for innovation and impact. WIQD (We in Quantum Development) aims to build a thriving, inclusive network for professionals in quantum science and technology. During this 25-minute interactive presentation, we will briefly introduce WIQD and discuss the importance of DEI in quantum development. We will also share lessons learned from our 2024 Women’s Day Hackathon (https://www.wiqd.nl/event/womens-day-hackathon/), where participants collaborated to tackle technical and societal challenges in quantum. By reflecting on these experiences, we hope to inspire more people to get involved, collaborate across disciplines, and help shape an open, innovative quantum community. To make the talk interactive, we’ll use an e-tool to collect thoughts and ideas from the audience in real time. The speakers, Nina & Jay, will be based in the Quantum.Amsterdam village tent, please feel free to drop by to meet them. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/SUCW9S/…
This talk will take you along with a deep dive on how the internet works at its core and how you can participate yourself. You'll learn all about BGP, AS- numbers, IP-prefixes and more. Ever wanted to become sovereign on the internet? Want to know what its like to run an ISP? Are you a sysadmin that wants to learn more about networking? Then you're at the right place. This talk will take you along with a deep dive on how the internet works at its core and how you can participate yourself. You'll learn all about BGP, AS- numbers, IP-prefixes and what you need to do if you want to participate. You will walk away with practical knowledge on how you can get started. We'll also take a short tour of my own network, how I set it up and what I use it for. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/NCFHN3/…
How do you scale up victim notifications from a couple of hundreds, to thousands, to millions to billions of stolen credentials? Credential theft is on the rise. Cybercriminals are gettings smarter and more efficient. Why hack in, if you can log in? At the DIVD we see this trend in the cases where we assist with notifying victims of credential theft. Where our first such cases started with a mere threehundred-something credentials we are now sometimes faced with credential dumps that contains millions of even billions of credentials. How can we scale this up, what problems did we face, how did we solve them, and what haven;t we solved yet? Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/KUVEEL/…
Experiences from a hacker working at the Election Council of The Netherlands. After critically following the elections for 8 years from the outside, a hacker was employed as one of the functional administrators of the software supporting the elections. Sharing experiences of the use of election software during 7 elections (2020-2023), from local, national to European in The Netherlands. A governmental software project with strict deadlines, and high security expectations. The software project for elections in The Netherlands is build an IT organization owned by German local governments. More than 10.000 Java files, what can possible go wrong? During this time multiple emergency patches were needed and incidents occur. Although at first explicitly not hired as a coder, within 3 months a Java code contribution was made that was unexpectedly more crucial than anticipated. This talk will show some incidents with the election software in The Netherlands: how the software failed, and when/how it was discovered. Go over how seeing the elections from the outside, and give some history of voting computers and software. Ending with some reflecting on the future. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/MPH9CD/…
What happens when an attacker controls time on a Linux system? This talk looks at how system clocks work, and what breaks when they’re manipulated. From bypassing delays to triggering subtle logic errors, we’ll explore how unstable time can subvert assumptions, break security controls, and cause software to behave in unexpected or unsafe ways. This talk explores the consequences of full control over time on a Linux system. We’ll start with a brief overview of how system clocks work, highlighting common assumptions made by applications and security mechanisms. The focus will be on local manipulation of the system clock — jumping forward, rewinding, or freezing time — and the unexpected ways software can break when time becomes unreliable. Through practical examples, we’ll see how time-based defences and logic can be bypassed, exposing vulnerabilities that often go unnoticed. Not every issue leads to a full exploit, but many reveal fragile trust assumptions rarely tested in real environments. This talk is for hackers, tinkerers, and developers who’ve ever relied on `sleep(1)` as a defence mechanism. You might rethink your assumptions about time-based security after attending. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/NZRWGU/…
Are you interested in maps? Are you searching for a FLOSS mapping navigation? Do you need geodata? Do you need a map on your site? Do you want to help creating maps from your local environment or from vulnerable places? Then, you have come to the right talk! This talks gives a broad overview of OpenStreetMap, the community and how to get started with it. OpenStreetMap is an open database of geodata and has become the biggest geodataset of the world. It is often called 'the wikipedia of maps' and is getting used in more and more applications - from grassroot movements to big corporations. A tremendous lot is possible, but it can be confusing to get started and to dive into the ecosystem. In this talk, I'll give a high-level overview of OpenStreetMap and answer the most important questions: - What is OpenStreetMap (and what is it not?) - What applications exist? - What tools exist? - How can one contribute? - How can one export data? - How can one get in touch with the local mapping community? No previous experience with mapping or GIS needed! This is a talk, so you don't have to bring anything. However, if you need some help with your first OSM-edits, I'll stick around after the talk to get you started. In that case, it might be useful to bring your laptop (or smartphone) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/LLRPVY/…
1 Towards digital sovereignty with cloud federation: how to break the dominance of the hyperscalers (WHY2025) 45:52
A team of Dutch scientist and cloud engineers is working on Ecofed: European Cloud Services in an Open Federated Ecosystem. The objective and scope of the ECOFED project are to develop a technical framework for a more open and integrated cloud usage model. This framework will enable multiple clouds from various providers to function as a single, cohesive system, offering a European alternative to hyperscaler clouds. In this open cloud ecosystem, users can easily switch between different clouds. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/KVXYMB/…
As everybody knows, "L" in IoT stands for long-term support. I'll take you on a tour of my technical adventure where I revived an abandoned IoT "AI" translator and gave it a new life, 2025-style. Through deciphering peculiar protocols and formats, reverse engineering firmware and software and doing the necessary research to write new software, we'll see how curiosity and persistence can help you overcome the most obscure technical challenges. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/TUD7EB/…
Wikipedia tells us that _low-background steel_ is steel produced before the detonation of the first nuclear bombs. Yep, you guessed it, **this is a talk about Large Language Models**. LLM outputs have quickly spread like radionuclides, threatening everything from the scientific record to the existence of the Internet as we know it. In this talk I'll discuss _practical small web approaches_ that we can use to build a new Internet that doesn't suck quite so badly. There will also be memes ;-) Have you noticed how the **good stuff** on the Internet is increasingly hidden behind bot checks, subscriptions and paywalls? And that it's getting harder and harder to find things online due to LLM pollution? Welcome to the club! You are in the right place. In this talk I'll highlight some of the most egregious examples, consider how we can best preserve _low background information_ for future generations, and how we can use small web techniques like **self-hosted blogs and static site generators** to bootstrap a new infosphere that doesn't rely on a handful of _hyperscale operators_. I'm particularly interested in how we can _federate and syndicate search_, learning from protocols and standards like RSS and ActivityPub. As part of the talk I'll give you some practical tools and approaches to try. If you find this interesting, consider joining us in the [SearchClub](https://matrix.to/#/#searchclub:matrix.org). **Let's have fun building the new Internet together!** Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/FHLCMR/…
Lightning talks are a 5 to 10 minute quick talk on an interesting subject. They can be with or without slides, and with or without proper preparation. if you weren't accepted in the main CfP, this is also a great opportunity to give an abridged version of your talk. These sessions will be available to sign up to later on, with details on the wiki: https://wiki.why2025.org/Lightning_Talks Lightning talks are a 5 to 10 minute quick talk on an interesting subject. They can be with or without slides, and with or without proper preparation. if you weren't accepted in the main CfP, this is also a great opportunity to give an abridged version of your talk. These sessions will be available to sign up to later on, with details on the wiki.Lightning talks are a 5 to 10 minute quick talk on an interesting subject. They can be with or without slides, and with or without proper preparation. if you weren't accepted in the main CfP, this is also a great opportunity to give an abridged version of your talk. These sessions will be available to sign up to later on, with details on the wiki: https://wiki.why2025.org/Lightning_Talks Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: various…
Did you know that if you change a single bit from 1 to 0 (or vice versa) in the first 'g' of the domain name google.com (which is 01100111 in binary) you will end up with variety of valid "bitflip" domains like coogle.com, oogle.com, & woogle.com So what happens if you generate and register a bunch of cheap bitfliped versions of popular cloud / Saas provider domains, point them to your VPS, log all incoming requests & then forget about the whole thing for two years? Well you will in fact receive a stiff bill, generate huge log files and eventually run out of disk space. But on the upside, you will also have collected a treasure trove of legit credentials & interesting stuff like valid OAuth refresh tokens, JWT tokens, bearers, cookies, emails, meeting invites with passwords & truckloads of internet scanner noise. In this session we will revisit bitflip research from the last decade and weponize it. Showcase 'Certainly' a pioneering offensive / defensive tool that employs Wildcard DNS matching & on-the-fly generated SSL certificates and custom payloads for incoming requests across various protocols. All with the intention to downgrade security, harvest credentials, capture emails and replacing dependencies with custom "malicious" payloads Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/WQEGCU/…
1 A journey into reverse engineering arcade PCBs for video game preservation via FPGA emulation (WHY2025) 48:10
Sometimes ago, I embarked on a journey into the world of electronics and FPGA technology with no prior knowledge. What began as passion for retro gaming evolved into a quest for preservation via reverse engineering and FPGA-based emulation. This presentation will share my journey, highlighting the challenges of learning Verilog, the tools, the resources, and the lessons I learned along the way. By sharing my experiences I hope to inspire others to contribute to preservation of video games. **Abstract:** In an era where classic arcade games risk becoming obsolete, preserving them is crucial. This presentation chronicles a journey from curiosity to creation, demonstrating how FPGAs can be used to create accurate emulator. **Introduction to FPGAs:** FPGAs are versatile integrated circuits that offer unparalleled flexibility for hardware design. Unlike fixed CPUs or GPUs, FPGAs allow for reconfiguration, making them ideal for creating custom solutions like game emulators. This section will explore the advantages of FPGA-based emulation over traditional software emulators, and the existing plateform like the MiSTeR FPGA. **Verilog Programming:** Verilog is a hardware description language used for defining digital circuits in FPGAs. This part introduces Verilog's role in designing these circuits, and how it differ to traditional programming languages. **Reverse Engineering PCBs:** This segment breaks down the process of reverse engineering an arcade PCB. From identifying components and they're connections, to reverse custom IC and schematics creation. **Creating an arcade games core** A case study on the creation of an arcade game FPGA core. Challenges faced during development, and specifities of arcade games emulation. **Conclusion :** The presentation concludes by encouraging attendees to embark on their own journey, offering practical advice and resources tofacilitate their exploration into FPGA-based gaming preservation. The goal is to inspire and equip newcomers with the knowledge and tools to preserve classic arcade games through FPGA emulation. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/3AKXN7/…
Security teams want to prevent incidents - but what if controlled breaking prevents catastrophic failures? Drawing from aviation safety, chaos engineering, and resilience design, discover why 'unbreakable' security comes from breaking things on purpose. Learn to transform incident culture from blame to learning, implement controlled failure practices, and build psychological safety that turns near-misses into competitive advantages. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/AATCT7/…
I used CircuitPython (but could have also used MicroPython as well, so this is not about A vs. B) to implement various smart-home related projects. I will present some of my projects and also dive into what Python has to offer for (personal, not corporate-style) embedded devices (and the development process). 1) Introduction - My (past) smart-home setup - Moonshot: my future smart-home setup 2) Projects - Thermal printer(s) - RFID scanners - Media controls - Family calendar 3) Circuitpython - Ups and downs - Circuitpython on various Microcontrollers: real-life 4) Conclusion Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/M3GWAJ/…
Our digital communities are controlled by corporate platforms that surveil, manipulate, and arbitrarily deplatform us. We need a Bill of Digital Rights—ensuring privacy, ownership, algorithmic control, and self-governance. This talk lays out the Four Freedoms for Social Media and how open protocols like ATProtocol, ActivityPub, and Nostr make them possible. The future of social media must serve communities, not corporations—and we must demand it. The Four Freedoms of Social Media: A Bill of Rights for Digital Communities Just as free software has the Four Freedoms, our digital communities need Four Freedoms for Social Media—fundamental rights that ensure people, not corporations, control their online spaces. Social media today is defined by surveillance, manipulation, and arbitrary control—but it doesn’t have to be. This talk lays out what we must demand from social protocols: 1. The Freedom to Connect – No one should be prevented from communicating or organizing due to corporate interests or government pressure. 2. The Freedom to Move – Users and communities must be able to leave one platform and take their relationships, content, and identity elsewhere. 3. The Freedom to Understand & Control Algorithms – People should know how their feeds are shaped and have the power to change them. 4. The Freedom to Self-Govern – Communities should set their own rules, rather than being subject to arbitrary moderation and deplatforming. Technologies like AT Protocol (BlueSky), ActivityPub (the Fediverse), and Nostr offer glimpses of this future, but they must be built around these freedoms—not just as features, but as non-negotiable principles. This talk isn’t just about what’s possible—it’s about what we must demand from the next generation of social protocols. The future of digital communities should belong to us—not corporations. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/WDPPRA/…
TIC-80 fantasy console Byte Jam is a friendly competition to livecode a demo in a relaxed atmosphere. TIC-80 fantasy console Byte Jam is a friendly competition to livecode a demo in a relaxed atmosphere. This can take an hour or more depending on the inspiration and time needed of the participants. You could follow the suggested random chosen topic or do your own thing. TIC-80 is a fantasy console with limited resources like 240x136 pixels display, 16 color palette, 256 8x8 color sprites, 4 channel sound , etc. This gives the TIC-80 a very retro look and feel. This byte jam is a good representation of the demoscene, where coders/hackers with very limited resources in hard or software make stunning audio and visual effects. In Europe the demoscene got status of cultural heritage in Finland, Germany and Polen and requested for Netherlands and other countries. Want to join this ByteJ am as coder? Check with Dave / zeno4ever for the possibilities!! Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/ZRBZAC/…
Afturmath closes the live music program with an immersive journey of sound and light. Combining modular synthesizers, lasers, and abstract video synthesis, Afturmath crafts dense, evolving sonic landscapes that invite you to lose yourself in the experience. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/7W9GTM/…
This talk introduces participants to the Bosch BMI270 (inertial sensor) and BME690 (environmental sensor) on the WHY2025 Hackathon Badge. After a brief overview of MEMS technology and how these tiny sensors are made and used, we’ll dive into a hands-on session showing how to read sensor data using MicroPython — so you can start experimenting right away. MEMS (Micro-Electro-Mechanical Systems) sensors are miniature, highly precise components that detect motion, position, and environmental conditions. They are widely used in smartphones, cars, wearables, and smart home devices and are manufactured in specialized cleanrooms using advanced semiconductor processes. This talk starts with a short introduction covering: What are MEMS? How are they made? What can the Bosch BMI270 (6-axis IMU) and BME690 (gas, humidity, temperature, and pressure sensor) do? After this overview, we’ll switch to a practical session: you’ll learn how to get started with MicroPython to access real-time sensor data on the WHY2025 Badge. By the end, you’ll be ready to experiment with your own ideas and prototypes based on the badge’s powerful sensing capabilities. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/9HUFEX/…
Modern software development and operations heavily relies on third-party applications, libraries, containers etc. This presentation will showcase how dev, ops, but also security management can be transparent about dependency versioning and known vulnerabilities, while also staying on track with updates. It will show demos of Open Source Standards like SBOM and Frameworks like Dependency-Check, Dependency-Track and Renovate that can help automate the sadness of today's supply chain issues. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/7C8XYS/…
The Light and Music entertainment platform Lightupyourbanjo began in 2010 when “Cash-a-billy with a Bluegrass bite” band Ed and the Fretmen wanted to have better lights on their banjo. They developed banjo lights with addressable LEDs for in and outside mounting showing interactive animations, written in C++ supporting the songs, and wrote songs to support the lights. In 2025 the Lightupyourbanjo bands will be fighting the darkness with the new O4 model build into their 3 banjos. In the WHY Lightupyourbanjo talk, we will look at the world of banjo lights, present the new O4 model and features, apply the 5xWHY analysis on this all to explore the greater meaning, and finally we hope to bring some Light and Music to WHY 2025. https://www.youtube.com/watch?v=_j19nTYNWv4 Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/9NQTEL/…
This talk will enable you to lead architecture conversations and discuss their security options through an informal diagramming technique. I will use examples such as key/encryption architectures, DevOps, and even your home music system. Presentation at https://digitalinfrastructures.nl/why2025/ You have seen many diagrams of computer and information systems in your career. They have been around since the early days of computing. They can be useful, but there are a few typical problems with them: • They are drawn with obscure symbols that are only understood by architects • They are drawn in an inconsistent way • They are not used to their fullest potential. In my practice I have run into these problems often, and I have found ways to turn a certain type of diagram, a simplified version of deployment diagrams, into the cornerstone of explanation of what goes on in cloud and cybersecurity. In the talk I will lead you through the basic principles, and a few examples. This will enable you to lead architecture conversations and discuss their security options. I will use examples such as key/encryption architectures, DevOps, and even your home music system. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/PRV9UP/…
1 Offworld Voyage: Can Training for Mars Exploration Also Address Human Adaptation to Climate Bio-devastation on Earth? (WHY2025) 46:53
This talk will present the design philosophy behind Offworld Voyage, a decentralized science initiative that develops ecologically sustainable training habitats for use in simulated Mars surface exploration missions - while also solving for adaptation to extreme climate change on Earth. The Offworld Voyage M.A.R.S. Tesseract Space Analog Simulation Habitats were designed with a zero waste ethos for minimal environmental impact by inventor Scott Beibin and visual wizard Michael Flood. The modular and portable structures of the habitats include: a bio-dome for cultivating organic vegan plant-based and fungi-based nutrition sources, autonomous power production, advanced waste reclamation, a science laboratory for experimentation and research, a space medicine bay, a fabrication lab for prototyping and repair, facilities for fitness and creativity as well as a kitchen and living quarters. Mission immersions incorporate a vision of the future when space has become accessible to all through the use of emerging ecologically sustainable appropriate technologies enabled by new types of egalitarian economic structures and coordination methods. Crew activities include EVA explorations in pressurized space suits outfitted with bio-sensors, 3D printed construction using regolith, utilization of open source communications tools, cooperative governance exercises and the practice of mutual aid and consensus decision making in mission planning, problem-solving and self-sufficiency challenges in the face of extreme resource scarcity, simulated time-delayed communications and experiments to analyze the effects of isolation on astronauts during offworld missions. The inaugural mission for the M.A.R.S. Tesseract habitats will occur in a remote desert location in the near future. It will include the founders of the project, Scott Beibin and Elizabeth Jane Cole, who are both alumni of the Mars Desert Research Station (Mission 286) and core committee members of the Journal for Space Analog Research. Future plans for the project include the development of pressurized facilities and closed loop systems, as well as development of public goods including hardware and software for Space Analog Research and S.T.E.A.M based educational programs. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/ZDE7NN/…
You've maybee seen the raking robot that got a CEH (Certified Estetisch Harker) certificate, the Telex linked to Twitter/Telegram or the ASCII foto booth. They are all made by me. If this talk gets accepted I will do a deep dive on these three contraptions and what I learned building them. Beside Schuberg Philis, DIVD, attending the farm and keeping my bees I als build machines. It is an interesting process and I want to share it with you. Machiens I will be talking about: * The (worlds?) 1st 3d color printer from TNO * The raking robot * AI/Twitter/Telegram/Slack connected Telex * ASCII photo booth Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/FYPY7C/…
It's hard for a platform to have meaningful, useful ratings/reviews without both substantially Knowing Your Customer, engineering to detect manipulated reviews, and responding in a nuanced way -- to increase a fraudster's costs, and not just train them to hide better. Lots of examples of diverse platforms not doing a very good job of this. (I'll also talk about how this knowledge sometimes leads platforms try to manipulate their own customers to maximize their sales). Ratings and reviews, although almost universally relied on by consumers, are, like much other online info, often manipulated to increase sales, pump up merchant reputation but are sometimes used malicious to slam a competitor). Even sites that only allow reviews from purchasers can be manipulated, particularly on platforms when low cost products are sold. Ebay harbors fraudulent sellers by combining buyer and seller reputation, and not weighting by sale price. (So a 5 star rating for a trivial purchase accrues equal reputation as a large value sale.) Many manipulations should be easily detectable by looking for some clear behavioral signatures, and then not training the adversaries by using adversary engineering rather than simply deactivating accounts. (I'll show you how to spot a lot of the red flags.) Examples ranging from pumped up restaurant listings (up to #1 in London), Amazon and Ebay's problems, a puppy sales site that had a rating system so bad by design that they were sued by an animal rights org for facilitating fraud by puppy mills. (There are a lot of sick puppies out there...) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/CJQD7U/…
C
Chaos Computer Club - recent events feed (low quality)
1 Building Bitchat: Offline first protocols and E2E Encrypted Social Apps with Nostr, Noise, and MLS (WHY2025) 43:47
Learn how to build end-to-end encrypted social apps including the newly released Bitchat using Nostr and MLS (Messaging Layer Security). We'll go from Nostr basics through to encrypted groups, explore the open source libraries and apps already in production, and show how to build your own. Includes live coding demonstrating how to create secure, private social tools that actually scale. You'll leave knowing how to build real e2e apps using tested, working tools. Building truly private social applications isn't just about adding encryption - it's about rethinking how we build social spaces. By combining Nostr's decentralized protocol with MLS's efficient group encryption, we can create social apps that are both private and practical. The talk walks through: Technical Foundation: - How Nostr works: events, relays, and NIPs - Understanding MLS tree-based group key management - Implementing encrypted groups that actually scale - Real-world performance and security considerations Practical Building: - Tour of working libraries - Open source apps you can use today - Common implementation challenges and solutions - Live coding of a basic encrypted group chat Beyond the Code: - Why traditional platform encryption fails - How forking solves community governance - Building tools that empower rather than control - Real examples from nos.social and communities.nos.social You'll leave understanding not just the protocols, but how to build real applications that respect privacy and community autonomy. We'll look at actual code running in production, discuss practical challenges we've solved, and show how you can start building your own encrypted social tools today. This isn't just theory - everything shown is running in production now. Whether you're interested in cryptography, social protocols, or just want to build better tools for human communication, you'll get concrete knowledge you can use. Prerequisites: Basic familiarity with public key cryptography helpful but not required. Examples will use JavaScript/TypeScript but concepts apply to any language. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/3QQLRN/…
C
Chaos Computer Club - recent events feed (low quality)
During this talk we look at hardware and firmware reverse engineering, but also at corporate intimidation tactics and how to respond ethically as a security researcher. Leveraging the hard-coded AES keys, outdated software, and lots and lots of custom code we found, we were able to install "custom code" on some phones and access global customer configuration data by exploiting Yealink's global cloud provisioning service (RPS). Communication is the cornerstone of human collaboration and vital to functional governments, flourishing businesses, and our personal lives. We take for granted that sensitive information we send through our digital communication infrastructure is only received by the intended recipient. This puts immense responsibility on communication equipment manufacturers and service providers to keep our communications safe from prying eyes. Surely we can trust a global, leading manufacturer of video conferencing, voice communication and collaboration solutions to keep our data safe, right? ...right? They may have shiny devices and their marketing slides might be impressive, but we care about what's on the inside. In this talk, we take a look at Yealink VoIP business phones and their cloud infrastructure. Come with us on a technical deep dive involving hardware hacking and firmware reverse engineering, but also listen to a story about corporate intimidation tactics and lessons on how not to treat security researchers. What we find is a security researcher's dream: hard-coded AES keys, outdated software, and lots and lots of custom C code (including cryptography!). We were not only able to run custom code on some phones, but were also able to access configuration data of their global cloud provisioning service while casually answering the age-old question: "Does it run DOOM?". This project concluded in a wide-ranging coordinated vulnerability disclosure involving the manufacturer, telecom providers, national cybersecurity agencies, and major customers, which we will also outline in this talk. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/CXVW7V/…
C
Chaos Computer Club - recent events feed (low quality)
1 How we stopped a € 50 million project from destroying a forest (and other ways to pick fights with corporations and governments) (WHY2025) 37:31
In 2017 a large corporation announced that they wanted to build a € 50 million theme park in a small forest that I had known from my childhood, thus replacing the future of our children with simple entertainment. An overwhelming feeling of injustice came over us. We created a plan, and we stuck to it. We drew a line in the sand. Fatalism can be your greatest enemy, but it doesn’t have to be. Welcome to the rebellion. In 2017 a large corporation announced that they wanted to build a water theme park in a small forest that I had known from my childhood. Immediately an overwhelming feeling of injustice came over me. Why would you sacrifice the future of our children for a theme park? It turned out a number of neighbours had the same feeling. We decided to draw a line in the sand. For seven years we fought a battle with the corporation and the government, and the whole time everybody was telling us this was a fight we could not win. In 2024 we won that fight. It turned out it wasn’t just luck. We created a plan, and we stuck to it. Since then we have been sharing our experiences with other organisations. Fatalism can be your greatest enemy, but it doesn’t have to be. Welcome to the rebellion. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/7EMW3A/…
C
Chaos Computer Club - recent events feed (low quality)
My experience of contributing to an open-source project for the first time and the juicy details (maths) of the geometry of the Sferical lamps (the ones that hang in Heaven / Silent Lounge) I'd like to take you with me on how I build a generator for spherical lampshades. I'll talk about how math slowly turns into magic. The math is mainly trigonometry, so we can reminisce about highschool. But don't worry too much about it. It will be visualised, so everyone can follow along. The real magic happens when we introduce light into the equation, illuminating the creations in stunning ways. Plus, since this project is open source, you'll have the opportunity to craft your own unique lampshades! Or hack it into something else entirely... Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/Y9YKJF/…
C
Chaos Computer Club - recent events feed (low quality)
In a world of relentless cyber-threats, MIAUW (Methodology for Information Security Assessment with Audit Value) turns every pentest into a high-impact, traceable mission. This session reveals how its storyline-driven playbook fuses technical exploitation, legal rigor and forensic reporting into a reusable blueprint that regulators love and attackers fear. Expect war-stories, live-demo snippets, and a roadmap to weaponize compliance while clawing back control over risk. This talk introduces MIAUW — Methodology for Information Security Assessment with Audit Value — a structured approach to penetration testing that goes beyond technical exploits to deliver legal defensibility, governance value, and repeatable insight. We begin with a familiar problem: many pentests are technically sound but fail to produce lasting impact. Reports are delivered, risks are noted — and then nothing changes. There’s little accountability, no alignment with organizational processes, and limited value for oversight. MIAUW changes that. It brings structure, traceability, and dual accountability by involving not just the pentester, but also a dedicated auditor. Every step — from planning and scenario definition to execution, reporting, and organizational learning — is part of a documented process. The auditor produces a formal protocol, providing legal and governance-grade assurance over the findings. In this session, we’ll cover: - How MIAUW works: from the first conversation to the final deliverables. Why including an auditor raises the bar for quality, traceability, and board-level trust. - Real-world stories of organizations that transformed their security posture through structured offensive testing. - How to get started with MIAUW, even when working with external testing partners. Whether you're a CISO, security consultant, internal auditor or board advisor, this talk will challenge the way you think about pentests — and show you how to make every test a reusable asset for control and improvement. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/NLDDV7/…
C
Chaos Computer Club - recent events feed (low quality)
In 2017 (just before SHA2017) the Dutch healthcare sector came together to create Stichting Z-CERT, the Zorg Computer Emergency Response Team. A nonprofit to protect and advise the Dutch Healthcare sector. What started as a small startup has now grown into a scaleup with the ambitions to match. A lot has changed in the 3 years since the last talk about Z-CERT. In this talk we will: - Tell who we are - Show what we do - Give a little peak behind the curtain how we do that Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/KJEMMF/…
live-bootstrap is a worthy attempt to provide a reproducible, automatic, complete end-to-end bootstrap from a minimal number of binary seeds to a supported fully functioning operating system. Although it is starts with a minimal binary seed of only 280 bytes it also depends on a lot of other sources. What are those sources exactly and how can we review these to make sure that live-bootstrap can be trusted? In the past two years, I spend studying stage0 of the live-bootstrap project in order to understand how it works, to find out on what sources it depends, and to create an interactive documentation hopefully helping others to understand it and review the sources. In this process, I have written programs to interpret the kaem scripts, an emulator for stage0, and a program to analyze the strace output and generate a T-diagram. In the presentation, I will talk about the steps I have taken, present the results, and also discuss ways to simplify the stage0 sources, such as developing a C-compiler targeted for compiling the Tiny C Compiler using a small stack based languages as intermediate language. 'Slides' for the presentation: https://iwriteiam.nl/WHY2025_talk.html Links: - https://iwriteiam.nl/Software.html - https://iwriteiam.nl/livebootstrap.html - https://github.com/FransFaase/Emulator/ - https://fransfaase.github.io/Emulator/tdiagram.html - https://github.com/FransFaase/MES-replacement Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/33HD7W/…
C
Chaos Computer Club - recent events feed (low quality)
Over the past few years, I’ve been casually poking around and stumbling upon exposed data and insecure infrastructure all across the telco ecosystem. From unsecured debug portals to full backend access, the leaks themselves might seem technically boring. In this talk, I’ll walk through a handful of real-world cases, showing how misconfigurations, sloppy code, and forgotten interfaces can lead to serious exposures. These include: * an eSIM provisioning portal exposed via unauthenticated debug web interface * full backend access to a smartphone retail platform, including CRM data and hotline audio recordings * publicly accessible SIM inventory systems, Call Data Records (CDRs), and even passport scans * "open source" telco functions running in plain PHP, sometimes with hardcoded credentials * …and more strange eSIM-related findings This isn’t a high-end 0-day story. This is about minimal-effort, boring data leaks that still manage to have a surprisingly high impact. The talk will include examples, screenshots, and recurring patterns that keep coming up. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/7A7QJV/…
Adversary-in-the-Middle (AiTM) phishing kits have matured into full-service SaaS platforms. This talk dives into the infrastructure, control panels, and sellers behind modern AiTM attacks. From Dockerized environments to Telegram bot-based UIs, we unpack how these platforms operate, scale, and monetize. We also highlight how this SaaS model is spreading. Expect a technical walkthrough of the ecosystem fueling today’s phishing economy. This talk offers a deep dive into the infrastructure and operational models behind modern Adversary-in-the-Middle (AiTM) phishing attacks. These aren't hobbyist scripts—they are mature, productized platforms that resemble legitimate SaaS offerings. We explore how these platforms work under the hood: How attackers deploy dockerized phishing kits The use of CDNs, Telegram bots and proxy networks Panel features like token capture, mailers, and multi-user support Revenue models, actor branding, and upsells We will showcase real examples of AiTM panels (including EvilProxy, Tycoon, Mamba2FA, and Raccoon), backed by original research and detection data gathered from over 2,000 incidents across hundreds of Microsoft 365 tenants. Attendees will walk away with an understanding of how these platforms scale, how attackers manage their infrastructure, and how defenders can detect and preempt them using techniques like pixel beacons and certificate transparency. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/SKKCEM/…
C
Chaos Computer Club - recent events feed (low quality)
Placeholder for WHY2025 Infrastructure Review... various *OC teams will present about the infrastructure they have built for WHY2025. At least Team:NOC will join; previously also Team:Nuts (Power), Team:POC and Team:VOC have joined. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/FY8CXY/…
C
Chaos Computer Club - recent events feed (low quality)
You want to learn more about Linux permissions? This is the talk for you. Let's learn about the basic UID/GID concepts in Linux and expand into more complex ACLs. Then escalating on the "everything-is-a-file" concept and applying the learned security logic onto program behavior using SELinux or AppArmor. The first point a "normal" user encounters Linux permissions, is often when he wants to execute a downloaded file (from the internet) - requiring him to set the executable-bit... But this one bit is just a part of a much larger world of the Linux permissions - starting with the usual umask-reduced "drwxrwxr-x" and including access-contol-lists for more complex scenarios. The learned concepts can then be applied onto not only files, but also devices (e.g. using udev)... Most users also know how to bypass "Permission Denied" touble (by just using "sudo"), but how does that actually work? But managing access to files and devices from the users perspective is just one side of Linux security, as one can also apply these filtering logic onto system-calls programs make: For this we will take a quick look into SELinux and AppArmor, two of the more popular hardening frameworks and how their rulesets work. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/QNH3VU/…
C
Chaos Computer Club - recent events feed (low quality)
I (hopefully) will have cycled from my home city of Mannheim all the way to the WHY camping grounds (>500km) in one go. I will report how I approached the whole endeavour, how I prepared, what the challenges were and what the hard part was. If I happen to not make it, I will describe how, why and what I should have done better. Planing and executing a plan like that, cycling more than 500km in one go demands equal parts preparation and lack of sanity. I want to share the story in an attempt to inspire people to explore their limits and achieve things that they did not think they would be able to do. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/FQNMBE/…
C
Chaos Computer Club - recent events feed (low quality)
Afterparty for "Reverse Engineering Life: A teardown of the DNA source code of a whole bacterium". Q&A and some bonus content. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/A8LMHV/
C
Chaos Computer Club - recent events feed (low quality)
TETRA is a European standard for trunked radio used globally by police, military and civilian parties alike. In the past, we already published the hitherto secret inner workings of TETRA and on several of its severe security issues. We're now back to discuss the last crucial part of TETRA security - its optional (and costly) end-to-end encryption, reserved for the most sensitive use cases. We'll discuss in detail how we obtained and analyzed those elusive algorithms, and what we found. TETRA is a European standard for trunked radio used globally by police and military operators. Additionally, TETRA is widely deployed in industrial environments such as harbors and airports, as well as critical infrastructure such as SCADA telecontrol of pipelines, transportation and electric and water utilities. In previous research, we published [TETRA:BURST](https://www.midnightblue.nl/tetraburst), revealing vulnerabilities in the TETRA air interface encryption, and publishing the secret cryptographic primitives for public scrutiny. We now present all-new material, assessing the optional and often expensive end-to-end encryption, which adds an additional layer of encryption on top of the air interface encryption, a layer that can only be decrypted by the traffic's recipient, and not by the infrastructure. These solutions enjoy significant end-user trust and are intended for the most sensitive of use cases. While the ETSI standard on TETRA does facilitate integration of some E2EE solution, the solutions themselves are vendor-proprietary, and proved quite hard to obtain. The opaque nature of this solution and TETRA's history of offering significantly less security than advertised (including backdoored ciphers) is worrying enough, but given our previous TETRA:BURST research, E2EE is frequently mentioned as a potential mitigation. In order to shed light on its suitability, we decided to undertake the effort of reverse-engineering a TETRA E2EE solution. We'll discuss how we investigated the E2EE landscape, and how we (after being scammed on a Motorola device) managed to extract an implementation from a popular Sepura radio. We'll then discuss the E2EE design (that we have published on GitHub) along with a security analysis, identifying several severe shortcomings ranging from the ability to inject voice traffic into E2EE channels and replay SDS (short text) messages to an intentionally weakened E2EE variant, which reduces its 128-bit key to only 56 bits. In addition, we will discuss new findings related to multi-algorithm networks and official patches, relevant for asset owners mitigating the TETRA:BURST vulnerabilities previously uncovered by us. Finally, we will demonstrate the E2EE voice injection attack as well as the previously theoretical TETRA packet injection attack on SCADA networks. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/WSM3XV/…
C
Chaos Computer Club - recent events feed (low quality)
For a good decade now, containerisation has been a popular solution: Addressing issues such as security, fault tolerance, and scalability, it has turned into a mainstay in IT. Though with a technology that ubiquitous, it does deserve investigation whether it has been put to good use or rather pressed into service. This talk includes a brief history of container solutions while challenging a number of common assumptions. While geared at a more seasoned audience, the presentation is very much from the perspective of the ‘plumbing layers,’ which comes with the discussion of many core concepts of Docker/OCI. Hence this should be beginner-friendly to a degree. Mild audience participation is to be expected; may contain traces of DevOps. **Keywords:** *containers; cloud; linux; docker; oci; kubernetes* Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/MREBV9/…
C
Chaos Computer Club - recent events feed (low quality)
By 2025, an estimated 1.1 billion women globally will enter menopause, a natural, but misunderstood phase of life. This talk will address the stigma, myths, and misinformation surrounding menopause, focusing on the mental, physical, social, and economic challenges women face. It will also explore the struggles of LGBTQ+ individuals, often overlooked in discussions. The goal is to close the knowledge gap, empower women to advocate for their health, and foster a culture of support and inclusivity. Disclaimer: For the sake of simplicity, throughout this talk the term ‘women’ will be used when referring to individuals suffering the effects of menopause, however this information is relevant for all individuals born with female reproductive organs. Menopause remains shrouded in stigma, silence, and common misinformation, leaving many women unsupported and uninformed. Myths and a lack of understanding about menopause contribute to confusion, fear, and inadequate care. It will go beyond the well-known symptoms to uncover the diverse range of life changing symptoms women face during menopause. By openly discussing menopause and moving beyond the idea of 'fixing' women the focus can instead be on building a culture that recognizes and respects the diverse challenges for all women at every stage of life. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/9C7CHJ/…
C
Chaos Computer Club - recent events feed (low quality)
The most common configurations seen in scanning domain names with [Internet.nl](https://internet.nl), e.g. those found in [biannual governmental measurements](https://www.forumstandaardisatie.nl/metingen/informatieveiligheidstandaarden). This talk will explain how to configure modern security standards on your domain name with the help of [the open source](https://github.com/internetstandards/Internet.nl/) [Internet.nl](https://internet.nl). It will show common misconfigurations in DNS and security headers. Teach you why you should probably want to avoid `www CNAME @`, want to enable IPv6 and other observations from the [biannual measurements](https://www.forumstandaardisatie.nl/metingen/informatieveiligheidstandaarden) of scanning more than 10.000 governmental host names in The Netherlands. After this talk you'll know at least one DNS or security header improvement for your own or organization domain. This presentation will touch: - why enable DNSSEC ([RFC 4033](https://datatracker.ietf.org/doc/html/rfc4033) and many more), some common failures (e.g. CNAME's) - why enable IPv6, not talking about 'IPv4-mapped IPv6 address' here, issues if you're still not supporting IPv6 (almost 30 years after [RFC 1883](https://datatracker.ietf.org/doc/html/rfc1883)) - why not CNAME to your apex domain (if you have an Mx record) - why use Null MX ([RFC 7505](https://datatracker.ietf.org/doc/html/rfc7505)) - why configuration SPF ([RFC 7208](https://datatracker.ietf.org/doc/html/rfc7208)) on all hostnames - why there are more reasons to avoid CNAME's - why enable DANE ([RFC 6698](https://datatracker.ietf.org/doc/html/rfc6698)) and TLSRPT ([RFC 8460](https://datatracker.ietf.org/doc/html/rfc8460)) and why it's superior to MTA-STA ([RFC 8461](https://datatracker.ietf.org/doc/html/rfc8461)), how to rotate DANE - why monitoring matters - why first doing a `https://` redirect before a domain redirect - why a strict Content-Security-Policy ([CSP v3](https://www.w3.org/TR/CSP3/)) will save you - why configure `ssl_reject_handshake` (nginx only) - why have an accessible security.txt (special allow rule if you have basic auth!) that contains at least one email address - why start cookie names with `__Host-`or `__Secure-` ([MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Set-Cookie#cookie-namecookie-value)) Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/XVET7C/…
C
Chaos Computer Club - recent events feed (low quality)
Pwn2Own Ireland added a new target in the smarthome category: the Aeotec Smart Hub. We assumed this target would be an easy win. However, getting the firmware of this device turned out te be a lot harder than anticipated. First, we had to modify the board to dump the encrypted flash. Then, we abused a secure boot flaw to get the decryption key. This process took so long, we had no time left to look for vulnerabilities, but our approach may be interesting for others looking at similar targets. Usually extracting the firmware of an IoT device is easy. The firmware is often not encrypted on flash and debug interfaces such as UART are often exposed and left open. This was our assumption when we started investigation the Aeotec. However, we turned out to be very wrong on our assumptions. The Aeotec firmware is actually encrypted on flash, with a key that is stored in OTP. Furthermore, all debug interfaces such as UART were closed down. This meant we needed to go through great lengths, first doing in-circuit dumping of the flash, then breaking the encryption configuration in order to get code execution on the APCPU. Our goal was to do vulnerability research, but we ran out of time for that. By sharing our process, we hope to help others who are interested in this or other devices with a similar configuration. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/DJKYA7/…
C
Chaos Computer Club - recent events feed (low quality)
Ever received a phishing simulation so painfully obvious it offended your intelligence? This talk is for you. Join us as we turn the tables on corporate security theater and show how you can phish back, with humor, skill, and plausible deniability. Learn how to fingerprint your company’s phishing campaigns, spoof the spoofers, and maybe even get your CISO to click a link labeled “Definitely Not Malware.exe.” This talk is part satire, part technical walkthrough, and all rebellion. Corporate phishing simulations are broken. You know it, I know it. And yet, every quarter, some overfunded awareness campaign lands in your inbox with all the subtlety of a Nigerian prince. The goal? To test whether you're “cyber aware.” The result? A war of attrition between InfoSec and the click-happy masses. But what if we made visible what these simulations actually prove? In this talk, we explore how to recognize and hack your organization's phishing simulations. Without getting fired (probably, no guarantees). From fingerprinting CISO-run campaigns using SPF records, consistent sender patterns and timing, to launching your own “counter-phishing” emails that prove how absurd the entire exercise is. We’ll walk through real-world tactics for flipping the script: phishing the phishers, automating chaos, and pushing back against checkbox security culture. All with a healthy dose of satire, social engineering, and plausible deniability. If you’ve ever wanted to troll your security team for a good cause, this one’s for you. Just don’t click the link in the description. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/QX3G3G/…
C
Chaos Computer Club - recent events feed (low quality)
1 Decoding RFID: A comprehensive overview of security, attacks, and the latest innovations (WHY2025) 1:07:40
1:07:40 
پخش در آینده 
پخش در آینده 
لیست ها 
پسندیدن 
دوست داشته شد1:07:40
پخش در آینده پخش در آینده لیست ها پسندیدن دوست داشته شدRFID reverse engineering has seen significant advancements, yet a comprehensive overview of the field remains scattered across research and practitioner communities. Here the authors presents a structured survey of existing RFID technologies, encryption protocols, and known attack methodologies. Take the opportunity to listen to both Kirils' practical experiences and the deep insights of Iceman when it comes to RFID hacking. The talk will cover: 1) An overview of RFID types, including both low-frequency (LF) and high-frequency (HF) cards, briefly touching upon ultra-high-frequency (UHF) systems as well. 2) A breakdown of encryption protocols used in RFID security, highlighting their strengths and weaknesses. 3) A review of documented attacks, including cloning, sniffing, relay, cryptographic, and side-channel techniques. Additionally, analysis of the latest developments in magic RFID cards will be presented. Findings are based on an aggregation of academic research, industry reports, and hands-on testing of RFID systems in real-world environments. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/MWLGZB/…
An insight and analysis of the events leading up to and during the fight to preserve XS4ALL in 2019, as well as exploring the underlying issues that ultimately lead to its demise. In 2019 it was announced that XS4ALL as a brand and company would be integrated into KPN. What followed was a stormy year of customers rising up, employees resisting and frequent media coverage culminating in a court case which ultimately failed to preserve XS4ALL as an independent entity. How did the once happy union of XS4ALL and KPN turn sour, what events lead to the decision to integrate XS4ALL and what did the fight to preserve XS4AL look like from the inside? This talk will explore these topics from the perspective of history, the relationship of XS4ALL and KPN and the wider system into which they were embedded. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/GRPAX8/…
Serendiep is a 42m inland cargo barge with a theatre, a fablab and an art/science labyrinth on board. It's being converted to electric propulsion using second hand EV parts and hardware from openinverter. The ultimate goal is to harvest all the energy needed from solar panels mounted on the hatches covering the cargo hold. Sailing is among the most efficient modes of cargo transport. Yet in the much needed transition away from fossil it seems to be falling behind other sectors. We set ourselves the challenge to be sailing electrically, to harvest the energy needed on the ship itself, and to do all this with open tech and second hand parts, taking advantage of an upcoming category of e-waste and achieving a minimal budget as a result. In this talk we'll present a rundown of all the hurdles on the way, how they were overcome or which consequences they have for thoroughly low impact transport. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/JALJPD/…
Everybody talks about cryptography, but only a few understand what it means. This interactive session will explain the very basics of cryptography and will leave the attendants with more confidence why to use cryptography. Many talks mentioned cryptography somewhere along the presentation and everybody just nods. But how many people actually know the insights of cryptography? Why some things work and some things don't? During this talk I will explain the difference between encoding and encryption, the most common uses of cryptography, the difference between synchronous and asynchronous encryption, hashes. I will include some history and some future developments like quantum and why we call cryptocoin cryptocoin. In a slow pace, scratching the surface for uninitiated, but the scratches will go deep enough for more initiated to get some more background. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/7P3ZYV/…
C
Chaos Computer Club - recent events feed (low quality)
When embedded into JavaScript, WebAssembly modules can be "sandboxed" by defining a limited set of _imports_. It turns out that an obscure "feature" allows us to craft an exploit which bypasses this barrier, enabling us to run arbitrary JavaScript code (pop an alert) from within a malicious WASM module. All within spec... by accident? (Also released as write-up in Phrack #72) When talking about WebAssembly, the word "sandbox" comes up often: modules are isolated from eachother, and from the host runtime. Hence, it is perfectly safe to run untrusted WASM modules (e.g. plugins) in a web-app: the module's interfaces can be limited, making it such that any malicious code has no way of escaping. ... is what I thought. In this talk I will show how a sneaky specification detail allows us to program a JavaScript version of a _weird machine_, to eventually escape from WebAssembly into running arbitrary JavaScript code. This trick is fully in-spec and requires no actual browser exploitation (we don't break _that_ sandbox). Hence, this talk should be accessible for anyone with a basic JavaScript understanding. No WebAssembly experience is required: I will cover everything required to understand the exploit. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/NK7YTF/…
C
Chaos Computer Club - recent events feed (low quality)
ZenDiS, the Zentrum Digitale Souveränität in Germany, is at the forefront of loosening the grip the US tech industry (and, via the CLOUD act, the US government) has over the European governments by providing open source solutions for the public sector. Do we do it alone? No! The french and the dutch governments are also onboard and we welcome more countries into our fold! An overview over the ZenDiS‘ projects such as openDesk and the 100 day challenges together with our open source accomplices DINUM of France and the Ministerie van Binnenlandse Zaken en Koninkrijksrelaties of the Netherlands. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/EHZBQB/…
C
Chaos Computer Club - recent events feed (low quality)
RAdio-frequency Detection And Ranging (RADAR) aims at using electromagnetic signals for detecting target location and motion. We demonstrate in this talk various RADAR architectures using dual-channel coherent Software Defined Radio (SDR) receivers and the associated signal processing techniques relying heavily on cross-correlations. Embedded systems are tackled, with a Raspberry Pi providing enough computational power for recording and post-processing. RAdio-frequency Detection And Ranging (RADAR) aims at using electromagnetic signals for detecting target location and motion. Being constantly illuminated with electromagnetic smog, we can benefit from existing radiofrequency emitters meeting RADAR requirements -- strong power and wide bandwidth -- for passive RADAR measurements where no active emitter is needed, using only coherent passive dual-channel Software Defined Radio (SDR) receivers for passive recording of existing signals. If existing signals are unsuitable, we can use the same principle with non-cooperative emitters such as a Wi-Fi dongle in an active RADAR setup. All processing flowcharts are implemented using GNU Radio for real time acquisition, and GNU/Octave or Python for post-processing: generic principles will be demonstrated, applicable to all sorts of receiver hardware. We will conclude with Synthetic Aperture RADAR (SAR) where antenna motion is used to simulate wide aperture receiving antennas, adding azimuth resolution to range resolution. Supporting documents are found a https://github.com/jmfriedt/SDR-GB-SAR or https://github.com/jmfriedt/passive_radar or https://github.com/jmfriedt/sentinel1_pbr Addendum following feedback on the presentation: 1/ I should have made it clear that the first part of the presentation (pulse, FMCW, FSCW) involved emitting a signal which is often not legal, while the subsequent part involves PASSIVE radar using existing emitters, and hence becoming legal. 2/ the core parameter determining maximum target range is NOT emitted power but isolation between emitter and receiver (especially on a monostatic setup). Increasing TX power if saturating RX and hence reducing RX gain does not help: this is especially true in the VNA implementation when selecting between S11 measurement (limited by the circulator isolation) and S21 (limited by emitting/receiving antenna coupling) 3/ the rail system presented in the SAR part of the discussion uses a WiFi dongle broadcasting random signals as illuminating signal, halfway between passive (a WiFi signal can be many other things than for RADAR measurements) and active (we are controlling the WiFi emission) Thank you for attending or looking at this followup. Reach me (email on the front slide) for more information or corrections. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/YMLNME/…
I want to talk about how we are setting the standards for our digital world and society. Now that our whole world and everything in it seems to have become a business case for for-profit digitalisation, we are purposefully driven to use off the shelve, inflexible, data-absorbing and exploitative products marketed to us by big companies. Can standards help change that? And how do we do that? Here at WHY we are all curious about everything technical and, on average, also pretty adept at working with digital nails and hammers. But even so, these big companies drive out many grassroots alternatives, making it harder and harder to set your own course. And not just that. It is not everybody’s forte to ‘do digitalisation’. If not, you still deserve a decent quality product. Maybe you should not be tricked into handing over all your data to marketing companies, including pretty private information. And with promises of big profits come the investors, the people that don’t care about the product but instead focus on profit margins and return on investment - with varying levels of appreciation of trivialities like workers rights or environmental protection. (/s) Europe, and the Netherlands, has something to protect though, like the right not to be surveilled by big tech and employers, to have a high quality education system and medical devices that are catered to finding ailments rather than to selling medical interventions for instance. It also has a responsibility to ensure people outside of Europe are not abused and exploited for the products we use to enlighten our lives and avoid further climate catastrophe because we all want to make our own individual generated film of Will Smith slurping spaghetti. In the past decade(s), the EU has worked with the New Legislative Framework, the idea that standards organisations develop the ‘how to comply’ options that industry can use to make a product that is presumed to be in accordance with the European rules. This takes time and in AI we see the backlash of trying to do this for an area where there really isn’t a ‘state of the art’ yet. Much of it is still just experiments, and rules need to be in place before evaluation of experiments has even started. And hardly anyone is daring enough to address the question of sustainability with regards to the enormous demands of generative AI models, and the words copyrights and creator are nowhere to be found. I actually have little answers at all, iI wish I knew. I do however have a desire to ask: why are we not talking about this? Why are we not demanding the return on investment results of extremely demanding and expensive tools for our society? And why are we avoiding to remind the very few enormous companies (and their owners) making all the money that they need to pay for the costs of their resources they are ruthlessly seizing from our public domain? Why do we leave this depletion to individuals to solve - to the individual creator to go to court, to the tiny village where the water is being depleted, where is the support of those we need to help to stand up to this exhaustion? Can we please ask ourselves where ALL THIS will be addressed before it is too late? Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/TFRMSB/…
C
Chaos Computer Club - recent events feed (low quality)
We use it every day, but how does it really work? USB has been around for almost 30 years and it evolved into really universal interface that even extended from the world of computers into the world of extra low voltage electric distribution. In this talk, I will present the basic ideas of the interface with focus on physical layer. We will cover: - how the world of computer peripherals looked like before USB - how did USB evolved - how USB became the universal interface for delivering extra low voltage - how the Type-C connector changed everything Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/8MWKCY/…
C
Chaos Computer Club - recent events feed (low quality)
The need for digital sovereignty has always been great, but now there is an autocrat in the White house that is fighting everything he deems “Woke”. This renders USA Big Tech that is run by billionaires that have sworn loyalty to this new King unsuitable for use in education. In this presentation we'll present the WHY for the FOSS stack for schools, our plan how to get there, and the progress we have made so far on our pilot schools. The need for digital sovereignty has always been great, but now there is an autocrat in the White house that is fighting everything he deems “Woke”. This renders USA Big Tech that is run by billionaires that have sworn loyalty to this new King unsuitable for use in education. Schools are yearning for a more fair digital environment, but most schools don’t have the funding, knowledge or capacity to create a public-values-by-design school IT environment with all the fantastic free and open source software that is out there. That is why we started the coalition for fair digital education, so we can bring together the knowledge of free and opensource with the needs of the educational sector. In this presentation we'll present the WHY for the FOSS stack for schools, our plan how to get there, and the progress we have made so far on our pilot schools. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/XZBREW/…
C
Chaos Computer Club - recent events feed (low quality)
Fuzzing is one of the most effective ways to find elusive software vulnerabilities. Despite years of research, general purpose fuzzers such as AFL++ and Libfuzzer struggle to mutate complex data structures effectively, preventing them from exploring deep functionality. Grammar fuzzing, an alternative fuzzing strategy is much more effective but complex to setup and run. Autarkie abstracts away all complexity and and surpasses all other grammar fuzzers in performance while offering novel features. Gone are the days of finding bugs in the parser or on the surface of applications. The bugs now lie in the core application logic, well beyond the parser. Fuzzing complex targets such as interpreters, databases or network protocols has always been difficult due to their strict input structures. Autarkie was born out of the need of fuzzing complex and evolving data structures with the convenience of fuzzers such as AFL++. Autarkie leverages a simple insight: the target needs to parse the input, so it must define the structure internally. Macros could be used to gain insight into the structure and build a grammar fuzzer. Autarkie does not just out perform all other grammar fuzzers, but also offers novel features such as removing grammar derivation and maintenance, ability to learn from other fuzzers, constraint solving and resumable fuzzing campaigns. Join me for this talk where I go through Autarkie's internals, features, and its development journey. I will also talk about my journey hunting for bugs with Autarkie and hopefully convince you to use it on yours. Licensed to the public under https://creativecommons.org/licenses/by/4.0/ about this event: https://program.why2025.org/why2025/talk/BNTTXU/…
به Player FM خوش آمدید!
Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.
Daily Deals
مشابه Chaos Computer Club - recent events feed (low quality)
Jeden Tag eine App
…
continue reading
Jeden Samstag das Neueste aus Computertechnik und Informationstechnologie. Beiträge, Reportagen und Interviews zu IT-Sicherheit, Informatik, Datenschutz, Smartphones, Cloud-Computing und IT-Politik. Die Trends der IT werden kompakt und informativ zusammengefasst.
…
continue reading
In dieser Serie diskutieren wir interessante Themen aus Software-Entwicklung und -Architektur – immer mit dem Fokus auf Praxistauglichkeit.
…
continue reading
Immer donnerstags live um 17 Uhr sprechen Anna Kalinowsky, Malte Kirchner und Volker Zota von heise online bei YouTube über die Tech-Themen der Woche. Zum Nachhören gibt es die heiseshow auch als Podcast.
…
continue reading
1
Zurück zur Zukunft - Tech-News und Business Models
Zurück zur Zukunft - Tech-News und Business Models
3k331
Nicht nostalgisch an Vergangenem kleben, sondern optimistisch die Zukunft gestalten: Zurück zur Zukunft! Denn: Institutionen werden immer versuchen, die Probleme zu erhalten, für die sie die Lösung sind (Clay Shirky). Wir fassen daher seit 2019 jede Woche die wichtigsten Entwicklungen im technologischen Umfeld zusammen und ordnen ihre Konsequenzen für Unternehmen und die Gesellschaft ein. Jeden Dienstag neu! Als Unternehmer aus Berlin befassen wir uns seit 1995 intensiv mit dem Internet und ...
…
continue reading
Ein Podcast über alte und neue Spiele
…
continue reading
Die wöchentliche Talkrunde rund um Apple, Mac, iPod + iPhone, Gadgets und so. Fast live aus München.
…
continue reading
Deutschlands erfolgreichste Nachrichtensendung als Video-Podcast.
…
continue reading
Das monatliche Radio des Chaos Computer Club Berlin
…
continue reading
1
Working Draft
Vanessa Otto, Peter Kröner, Hans Christian Reinl, Stefan Baumgartner, Christian »Schepp« Schaefer
3k697
Working Draft ist der deutschsprachige Podcast für Frontend-Entwicklung, Webdesign und UI Engineering. Bei uns geht’s um HTML, CSS, JavaScript, Frameworks wie React, Vue und Angular, Responsive Webdesign, User-Interfaces, moderne UI-Patterns, Barrierefreiheit, Tooling, Design-Systeme, Webstandards und mehr. Unser Team besteht aus erfahrenen Frontend-Entwickler:innen aus Deutschland und Österreich – mit Gästen aus der Praxis, die regelmäßig Einblicke in aktuelle Tech-Themen geben. Ob neue CSS ...
…
continue reading
Player FM - برنامه پادکست
با برنامه Player FM !
با برنامه Player FM !
))
