Previewing the must-attend hacker conference 22C3 - 22nd Chaos Communication Congress in Berlin, 27-30 Dec 05
The leading German hacker association called Chaos Computer Club organises the 22nd Chaos Communication Congress (22C3) from 27 to 30 December 2005 in Berlin in the wonderful Berlin Congress Centre at Alexanderplatz in Berlin-Mitte. I look forward to being there again during the whole 4 days as I simply love this event. In fact, the 22C3 assembles the smartest hackers and haecksen (female hackers) that not only enjoy controlling their computers but also investigating any knowledge area that must be shared to increase digital rights, information access and fair global lifestyles of individuals, corporations or governments. Read on to meet some of the hot topics at 22C3 - not all of them wireless, though.
If you can find the time I strongly recommend to attend 22C3, if not you should share the hacker wisdom by reading the
22C3 Public Wiki where you will find links to weblogs from participants or the recorded session videos by the time the CCC video team encoded, sorted and published them. To preview 22C3 it is also a good idea to surf last year's 21C3 Public Wiki and watch some of the session videos from December 2004.
22C3 is going to be massive again. This year, 3.500 technology, social and business hackers are expected to gather in Berlin. They will share a 10 Gbps Internet connection which will hopefully be enough. I have great respect for the organising team of the 22C3 as they do the whole project with a small 6-figure budget without any sponsoring money except for connectivity, network hardware and a big discount from the Berlin Congress Centre which is never as crowded and cool as during the chaos days. And imagine the event in 2006 when the hacker community finally will celebrate 23C3 and go completely nuts.
At the 22C3, the centre of attention is the congress agenda called "Fahrplan"
(German for train schedule). The majority of the sessions will be held in English now and the number of female speakers has risen nicely, too. The list of topics and the expertise level of the speakers is just amazing. Let me introduce a couple of cool sessions that I have identified in the Fahrplan.
Being a mobiliser myself, I am pretty sure about the coolness factor of the session titled "3G Investigations - Scanning your GPRS/UMTS IP network for fun and profit". The 2 presenters will talk about scanning the overlaying IP network, on different Voice-over-IP filter implementations and the possibilities to circumvent them. This should be fun as VoIP will be the ultimate voice revenue killer app of mobile network operators across the world. In fact, Vodafone et al. already announced plans to block VoIP traffic in the coming years. So wireless digital lifestylers that want to do "All-over-IP" with their data flat rates will appreciate this extra bit of knowledge empowering them to choose themselves which applications to run.
One of my favourite subjects still is "Free WLAN for the Masses" - an idea I presented at 20C3 back in 2003. It is good that there has been technical progress in making the free global WiFi idea become reality. OpenWRT is a Linux distribution for wireless routers that can be adapted to one's own needs.
The session "Hacking OpenWRT" will explain how to change the functionality of OpenWRT-based routers to serve your own WLAN sharing objectives. Some members of the free wireless network community Freifunk also develop an OpenWRT variant for managing other users in your own hotspot. There are also for-profit companies working on this idea. In Spain, for example, you have Fon which enables the owner of a shared hotspot to make money.
Some time ago I identified the battle of the open vs. closed, operator-controlled mobile economy. Complete control of the software on your handset is definitely the ultimate vision in the open mobile economy scenario. In the session "Towards the first Free Software GSM Phone" the speaker will talk about how far he developed his effort to replace all proprietary applications on a Linux-based Motorola phone with 100% free software. Sounds very promising to me.
Another interesting session explores the intransparent security of RIM's Blackberry: "Blackberry: call to arms, some provided". Apparently, RIM is very secret about how they secure the Blackberry platform. Given the fact that many managers love the Blackberry they should be interested in its security. Black box security is unwise to trust. Encryption that can be trusted is transparent when it comes to which algorithms are being used. My favourite example for the transparent approach is Berlin-based GSMK and its product cryptophone. Cryptophone's source code is published and can be analysed by the best security experts all over the world. With this approach you can really trust the encryption. Of course, Skype has the same secretive approach as RIM and will face similar problems and significant user churn soon due to intransparent security.
Maybe the Japanese are rather smart because it is super hard to find Bluetooth devices in Japan. At 22C3 you can learn "Bluetooth Hacking - The State of The Art". The Bluetooth experts of the Trifinite gang will give a roundup and live demonstrations of all currently known Bluetooth vulnerabilities. The session is bound to be packed again like last year and don't forget to switch off your Bluetooth before you enter it.
Bluetooth is not the only weak point of mobile devices. The session about "Exploring Protocols and Services on Internet Connected Embedded Devices" will shed light on further security weaknesses of connected devices. The speaker actually builds a database full of information regarding devices, their OS, their protocols, their services and their vulnerabilities.
"Covert Communication in a Dark Network" is a definite must-attend for me. Since a long time I am convinced that the DRM battle will lead to underground p2p networks based on levels of trust among friends. When people talk about Web 2.0 - the new generation of Internet applications - they should include solutions for the user needs of living a digital lifestyle without limits and restrictions. I wonder how many users are already in the online underground - enjoying themselves quite a bit I guess.
The fans of paranoia caused by the reality of industrial espionage should listen to the talk of the 2 Italian experts on "Corp vs. Corp". I am really curious to learn about the latest trends in buying and selling unauthorized competitive insights.
A real highlight will be the keynote of Joi Ito who will come back to Berlin's hacker heaven to talk about his thoughts on "Private Investigations".
In fact, most of the sessions really interest me and I will make sure to watch the videos of the ones I could not attend due to more interesting p2p discussions or other tempting reasons for changing (Fahr)plans spontaneously.
