Camp++, the next H.A.C.K. camp

Schedule

The following schedule is up to hacking and improvements by the contributors to the camp.


	Aug 21	Aug 22	Aug 23	Aug 24
other			14:00- key signing party
workshops start in the afternoon, end at 16:45	Lightning talks	ARM32 workshop	Drunken Debugger	hack day
talks 17:00-18:00	Taziden: The DCP bay	Comparing the safety of pin tumbler and lever tumbler locks, opening techniques	Jérémie Zimmermann: Cyberpeace Building	hack day
talks 18:00-19:00	Molnár Gábor: The life of an Adobe Reader JavaScript bug	Domi: Yet another way to cause DoS for GSM devices	Boldizsár Bencsáth: How the threat intelligence process works for targeted attacks: Technical and non-technical processes	winding down
talks 19:00-19:30		Le Marietta: Freedom of Information Act: a technology for transparency
workshops 20:00-	Movie: The Internets own Boy	Confignight	Lockpicking basics and techniques

Details

The videos are available under the license CC Attribution ShareAlike 2.5 Hungary (CC BY SA 2.5 HU). This license allows commercial use of excerpts by media institutions as part of their reporting. Thanks to Endre, Jomat and Weasel for providing us with MKV video hosting! If you'd like to watch all the videos, there's a YouTube playlist, for downloading all videos in MKV format in a fast and robust way, we have a Metalink (v3) (recommended client: aria2).

How the threat intelligence process works for targeted attacks: Technical and non-technical processes (Boldizsár Bencsáth, CrySys lab) • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
Targeted attacks are uncovered now on a weekly basis, more and more attacks, threat actors and campaigns are identified. Generally, the goal of the investigations on them is not only to have technical insight into the threat, but to understand the attack, the campaign, the goal of the attacker and the risks posed. During these investigations the threat intelligence process evolved to have some standard way how information can be obtained related to the threat, what technical methods can be used to get actionable intelligence. In my talk, I will show technical details how important information can be found, how one single detail helps to get a trace for other information, and how the whole process comes together to have a detailed picture about the actual threat. I'll try to show exact tools, methods, services that help investigations, and show how those tools help the investigations, or how they speed up finding out clues in the puzzle. If possible, I will show case studies on actual threats regarding the tools and methods discussed.
Drunken Debuggers (Buherator)
"Your eyes are red from sleep deprivation. Your hands are shaking, the body is turning on its sirens of caffeine overdose. On the screen the debugger that once felt like home looks back at you angrily. You open another can of beer and close your eyes. As the cold nectar slips down your throat, your mind switches itself off for a moment. And when it comes back online, you finally get it. The instruction pointer shows 0x41414141."
Drunken Debuggers is an all-day workshop that provides space, ideas and booze for those who want to sharpen their reversing, coding and drinking skills during Camp++.

We collect ideas for micro-projects which can be accomplished in a few hours and result in useful code or knowledge by themselves or combined. By providing a meeting platform for people with different skills and experience we encourage everyone to learn, teach and cooperate. To facilitate the communication and the sharing of thoughts between the participants the organizers provide some fine drinks for everyone who joins.

Since this will be a prototype event the project pool will include developing games, contests and other kinds of fun activities for future Drunken Debuggers events.
The life of an Adobe Reader JavaScript bug (Molnár Gábor) • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
CVE-2014-0521 is a JavaScript based vulnerability in Adobe Reader that makes it possible to execute privileged JS code from a simple PDF file. Privileged JS code can read files and make HTTP request so this vulnerability is more than enough to assemble a PDF file that steals sensitive data. This talk will cover the life of this bug from the discovery to the fix, and will introduce new tools and techniques that make finding similar vulnerabilities easier in the future.
Cyberpeace Building (jz) • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
A strategy and action plan to protect digital commons
Our freedoms as well as the global infrastructure for the sharing of knowledge are under attack. Generalized surveillance of ourcommunications, sabotage of the security of the infrastructure, censorship, capture and centralization of personal data are as many tools used by some governments and economic powers to increase their controls over individuals. Their so-called "cyberwar" may actually bethe doctrine of a war against Internet and the general interest. It is our duty to articulate what we wish to see and what we wish to build, and it could be articulated it as "Cyberpeace" Therefore ourquestion is: what is peace? What does peace feel like on the Internet?

According to Wikipedia: "Peace is a state of harmony characterized by the lack of violence, conflict behaviors and the freedom from fear of violence. Commonly understood as the absence of hostility, peace also suggests the existence of healthy or newly healed interpersonal or international relationships, prosperity in matters of social or economic welfare, the establishment of equality, and a working political order that serves the true interests of all." - Wikipedia

The victories against SOPA/PIPA/ACTA, the courageous actions of Aaron Swartz, Julian Assange and Edward Snowden among others show the radical positive impact networked hackers and citizens can have on society. Recent revelations about the generalized monitoring and undermining of key Internet infrastructure by the NSA shows how urgent it is to build cyberpeace.

Let's reflect on what elements hackers and citizens can invent, develop and hack to guarantee peace on our Internets, to ensure thateveryone including the non-technician general public can benefit from technology that prevents surveillance while being empowered to better control their personal data and communications.

What technological tools are lacking today? What public policies must be enacted to create the means to achieve cyberpeace? Much work is necessary on these technical and political grounds, but they cannot be articulated independantly. We need to impulse through proper public debate a radical shift in society, where each and everyone can participate. This debate may come to question our very relationship to technology, as well as key architectural and design patterns. It could also be key to setting thebase of improved political processes.

"Peace is not solely a matter of military or technical problems--it is primarily a problem of politics and people. And unless man can matchhis strides in weaponry and technology with equal strides in social and political development, our great strength, like that of the dinosaur, will become incapable of proper control--and like the dinosaur vanish from the earth." - John F. Kennedy in his Address to the United Nations General Assembly (1961).

For a better world where our freedoms and the Internet will be protected, let's build, debate, shape and enforce cyberpeace!
The DCP Bay (taziden) • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
It's an application of what people can do with free software and community-driven Internet infrastructure : providing an alternative scheme for digital movie transport.
In France, as the cinema goes towards 100% digital at each level very fast, some little structures like theaters are under a lot of pressure. On some aspects of the movie chain, there is an actual monopoly/duopoly like for movie transport.

2 or 3 companies share the market for transporting digital movies from distributors to theaters. The DCP Bay is an alternative to this, using free software, bittorrent and DIY Internet access.

Today, several theaters and distributors are participating and dozens of movies have been transported through our infrastructure.
Yet another way to cause DoS for GSM devices (Domi) • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
Many methods have been shown that could cause a denial of service situation in a GSM network. While doing some research and tweaking the settings of my own network I accidentally came across a strange behavior pattern my test phones seemed to be following. So I decided to read some chapters from the standard and it turned out that my phones do this intentionally - they follow the standard. After that it wasn’t really hard to put together all the pieces and imagine an attack scenario in which the target phone will not be able to communicate with GSM towers until it is either rebooted or moved to a different cell. During the talk I will tell you what I found out, also I will probably be able to do a demonstration of the problem too. In the end I won’t be able to tell you countermeasures (except the classic: forget about GSM), instead I’m planning on giving some ideas why GSM-hacking is still something to tinker with even in today’s fast paced 3G-4G-5G-whateverG world.
ARM32 (stf)
ARM32 Cortex M3 CPUs are between the basic Arduinos and the more sophisticated Linux running raspberry pies. In terms of integrated peripherials there's a lot of potential in these powerful chips. Development for them is due to the availability of the GNU toolchain easy.
Bring your own Cortex M3(or M4), bring your bus pirate or jtag debugger, there will be a few but better have your own than to have to wait for a shared resource.
- general architecture
- toolchain
- development environment
- peripherials
- examples
Config Night (stf)
People present their configs they're proud of, and help others setting up similar setups. Emacs configs will be definitely shown off. ;) what else?
lightning talks (buher+stf)
submit your lightning talks to cfp@camp.hsbp.org
- buherator: drunken debuggers • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
- stf: fingerprinting pgp • github repo - video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
- buherator: fuzzing • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
- stf: wireless environment mapping with scapy • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
- stf: crypto with pbp and pysodium • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
- ~~asciimoo: searx~~ (talk was cancelled)
- stf: compartmentalizing pdf & video • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
- jz: "Nothing to Hide" - A musical Break about Personal Data and Privacy
- stf: ono the privacy challenge • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
- stf: debugging/testing/scripting with pyrsp • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
- dnet: reverse engineering USB protocols • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
- dnet: transmitting images over narrowband radio • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
- dnet: house of cards video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
Comparing the safety of pin tumbler and lever tumbler locks, opening techniques • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
The Internets own boy
we'll show the movie on Aaron Schwartz.
Freedom of Information Act: a technology for transparency (Marietta Le) • video on YouTube (download in MKV: Endre's mirror [Hungary] Jomat's mirror [Germany] Amazon S3 [Frankfurt] Weasel's mirror [Austria] )
In the never-ending fight against corruption the Freedom of Information Act (FOIA) is often referred to as the only viable option to reach some level of transparency. The FOIA allows citizens to request information from government bodies on budget spending and information related to their activities. The law is similar in many countries but the implementations are different; some nations enjoy the rays of the “sunshine law” meanwhile others have to deal with increasingly restrictive regulation. In the past years new methods have been tested in educating citizens about the FOIA, one of them is the use of FOI technologies, such as the FOIA request letter generators that help citizens to request information in an easy-to-use way. Hungary’s implementation of the Alaveteli FOI request generator has mainly been facilitating the work of investigative journalists but now Atlatszonet opens up the discussion to find out what sort of public information is valuable to other groups of society, and if there’s a chance that the Freedom of Information Act can contribute to greater transparency in the government's use of technology.
Key signing party (lo0na)
probably PGP, hopefully OTR and PBP key exchange as well. please add your information on the wiki.