There's a nicer web interface here (scroll down to releases), it even lets you watch things live or go back a few hours to something that just aired: http://streaming.media.ccc.de/
Reproducible Builds: on creating a build that produces the same exact binary on every machine so people can verify the integrity of the binaries published by an open source project).
Snitches get Stitches: pen testing switches used in utilities like furnaces.
The UEFI talk [1] and EFI bootkits for Apple MacBooks [2] are both really interesting. ( Both are about flashing firmware. )
And for a rather impressive demonstration how fucked the western IP law is, bunnie's and Xobs talk about the MT6260 SoC. [3] (They try to implement a free as in freedom OS on a cell phone SoC which is open in a Chinese context. The hops they have to jump through are rather ridiculous.)
https://events.ccc.de/congress/2014/Fahrplan/schedule/0.html has the schedule and full description text for the talks available, although at the moment it's a bit painful to navigate the site. Seems like their servers are being hammered right now.
Any favorites or good ones to watch? There a quite a few and I'm fairly certain many of us are busy. I've learned from the 1-2 conferences I've gone to that titles are deceiving as well.
14 comments
[ 2.7 ms ] story [ 46.6 ms ] threadEDIT: Oh, never mind then.
[1] http://media.ccc.de/browse/congress/2014/31c3_-_6236_-_en_-_...
https://www.youtube.com/playlist?list=PLOcrXzpA0W83uyr5LX-U4...
Iridium Pager Hacking. Turns out messages are not encrypted at all, and can be captured by any one over wide geographical ranges (~1000 km). https://www.youtube.com/watch?v=xCf5JFpOkDs&index=36&list=PL...
Security Analysis of Estonia's Internet Voting System. https://www.youtube.com/watch?v=JY_pHvhE4os&index=37&list=PL...
AMD x86 SMU firmware analysis. Not watched it yet, but topic seems interesting. https://www.youtube.com/watch?v=yE_PMcwltzo&index=16&list=PL...
And of course the SS7 talks showing glaring flaws in mobile networks:
Mobile self-defense. https://www.youtube.com/watch?v=GeCkO0fWWqc&index=10&list=PL...
SS7: Locate. Track. Manipulate. https://www.youtube.com/watch?v=lQ0I5tl0YLY&index=4&list=PLO...
SS7map: mapping vulnerability of the international mobile roaming infrastructure https://www.youtube.com/watch?v=SfPC9IHCW-U&index=27&list=PL...
Interesting attempt to bridge Chinese and Western cultures towards open collaboration.
https://youtube.com/watch?v=msrTR3hNDQM
Reproducible Builds: on creating a build that produces the same exact binary on every machine so people can verify the integrity of the binaries published by an open source project).
Snitches get Stitches: pen testing switches used in utilities like furnaces.
And of course the SS7 talks.
And for a rather impressive demonstration how fucked the western IP law is, bunnie's and Xobs talk about the MT6260 SoC. [3] (They try to implement a free as in freedom OS on a cell phone SoC which is open in a Chinese context. The hops they have to jump through are rather ridiculous.)
[1] http://media.ccc.de/browse/congress/2014/31c3_-_6129_-_en_-_...
[2] http://media.ccc.de/browse/congress/2014/31c3_-_6128_-_en_-_...
[3] http://media.ccc.de/browse/congress/2014/31c3_-_6156_-_en_-_...