‘Twas the night before Christmas, and all through the house, hackers looked at each other and said : “w00t! Only two days to go until 28c3”.
This was the first year I went to the Chaos Computer Club’s annual Berlin shindig without taking my dictaphone. I was officially on holiday, hooking up with old friends from across the internet, and meeting a few new ones. This really is one of the finest, funnest events for computer obsessives in the whole world. Here are my highlights.
Roger Dingledine and Jacob Applebaum on TOR
For me, this talk illustrates the central role the hacker community is now playing in world events. The conference opened with a set piece from Evgeny Morozov on the perils of networked, digital surveillance, but it was this talk on Day 2 about the experiences of the TOR community with national network control infrastructures that felt like it united people at 28c3 against surveillance as a concept and a technology, in free societies as well as oppressed ones. The tub-thumping and the casual allusions to the technical vulnerabilities of state censorship technologies were tempered by the pair’s obvious expertise and considered ethical attitude. Gold.
Defending mobile phones
Two years ago, at 26c3, Karsten Nohl announced that the GSM encryption protocol had been cracked. This year, he detailed how network operators should be securing their networks while they upgrade the encryption, and asked the community to help him keep track of how the operators perform. He also previewed a new project, CatcherCatcher, which will track the activity of IMSI catchers on behalf of phone users. IMSI catchers are thought to be increasingly used by law enforcement agencies to track people via their mobile phones.
The coming war on general computation
An expertly delivered talk in which Cory Doctorow reminded congress that “information appliances” (like iPads, Kindles and all the rest) are simply fully functional computers with spyware in them out-of-the-box: “All attempts at controlling PCs converge on rootkits and all attempts at controlling the network converge on surveillance”.
The EFF’s Peter Eckersley proposes a way to fix the broken Certificate Authority system.
Towards a Single Secure European Cyberspace?
A beautifully constructed lecture cross-referencing the rhetoric used by European legislators to erode internet freedoms with the character of the new, networked activism which I ruin at the end by asking a stupid question no-one understands.