
33rd Chaos Communication Congress Livestreams - mpoloton
http://streaming.media.ccc.de/33c3
======
iamtew
Some additional links:

* Schedule: [https://fahrplan.events.ccc.de/congress/2016/Fahrplan/](https://fahrplan.events.ccc.de/congress/2016/Fahrplan/)

* Media archive: [https://media.ccc.de/](https://media.ccc.de/)

Edit: formatting

~~~
digi_owl
Those security entries for security and ethics makes me want to shut down my
computer and disintegrate it to individual atoms. Its like the technologist
handed STASI their wet dream while trying to improve the world...

~~~
happynewyear
> Its like the technologist handed STASI their wet dream while trying to
> improve the world...

The error here is assuming that for all technologists "[handing] STASI their
wet dream" and "trying to improve the world" are mutually exclusive. I am
beginning to think they knew[/know] exactly what they were[/are] doing.

~~~
digi_owl
[https://en.wikipedia.org/wiki/Hanlon's_razor](https://en.wikipedia.org/wiki/Hanlon's_razor)

That said, there are times it reeks of "aimed for the moon, hit London" style
thinking...

~~~
happynewyear
I can not agree with applicability of that aphorism in this case.

We have had a very vocal feedback loop of raising issues ("stupidity",
"misunderstandings", "neglect") with OP conference as one type of such
feedback.

Nothing has been corrected. Do you happen to know of another aphorism that
covers the "willful stupidity", "willful neglect" etc. and what it all means
(as I certainly don't desire hitting London.)

Obviously those with their hands on the production pipeline of tech disagree
with the feedback. Is that really a controversial observation? Really?

------
iliis
Also quite cool:
[https://dashboard.congress.ccc.de/](https://dashboard.congress.ccc.de/)

~~~
r3bl
That _is_ cool! Looks like something like Zabbix.

Any idea what it is actually?

~~~
yati
That's Grafana[1]. You can build such dashboards from data in Graphite,
Elasticsearch or other sources. IIRC, they now also have support for alerting
based on these metrics (something for which we are using Bosun currently).

[1]: [http://grafana.org/](http://grafana.org/)

~~~
dijit
They also support pulling data from zabbix, which can be super handy. :D

------
mnutt
I recently came across the software they use for mixing their livestreams, and
it looks really useful for anyone trying to build out a system to stream or
record talks:

[https://github.com/voc/voctomix](https://github.com/voc/voctomix)

~~~
dividuum
And if you have seen the intermission screens and wondered how these work:
They run my software info-beamer ([https://info-
beamer.com/hosted](https://info-beamer.com/hosted)) on a Pi3 in each Hall.
Basically those intermission information screens are written in Lua. My info-
beamer software uses both hardware accelerated video decoding as well as
OpenGL(ES) to make things run smoothly. I'll release the complete Lua source
code early next year. If you want to see how these worked last year, take a
look at [https://github.com/info-
beamer/package-32c3-screens](https://github.com/info-
beamer/package-32c3-screens)

~~~
throwaway161220
> Our operating system detects even the tiniest corruption to files and will
> automatically restore them from our service. The system is completely self-
> healing.

Can you share details here?

~~~
dividuum
Sure. The base system is quite minimal an runs from a squashfs read only
image. Total size is ~40mb. The squashfs file is stored on the first partition
(FAT formatted) which is not mounted rw during normal operation (only while
updating the system which happens rarely). The second partition is the data
partition. It stores images, videos, the Lua code and other files that are
required to actually show content on the screen. This partition is mounted rw.

info-beamer hosted always stores those files using content based addressing.
So every file that enters the system gets hashed and is then addressed by that
hash both on the website itself as well as on the devices. On the website this
might look like this:
[https://cdn.infobeamer.com/dynimg/blob/image-c40ba24410fb9ca...](https://cdn.infobeamer.com/dynimg/blob/image-c40ba24410fb9caddeedfb4a8fba7471~lkpAslpl),
on the device they end up on /space/cache/<hash>. This is great for all kind
of reasons: Cache invalidation and offline verification. For the website, all
files can be cached indefinitely as the url changes once the content changes.
On the device each file required for a visualization must only be downloaded
once, as it's trivial to see if the same file was already downloaded earlier
by just comparing filenames. So fonts that might be shared by visualizations
are only downloaded once. Also the device can trivially verify that all files
are still correct by hashing all cached files and comparing the result with
the filename. If it matches, the file is correct. If it doesn't, something is
wrong and a new sync is started to repair the problem.

Works pretty well. Does that help?

------
Cyclenerd
TLS:
[https://streaming.media.ccc.de/33c3/](https://streaming.media.ccc.de/33c3/)

------
xorcist
The official IRC channels are #33c3-hall-X @hackint. They always take
questions from the channels. Almost as good as being there!

~~~
adito
it's irc.hackint.org right?

~~~
deutronium
Yup, that's correct, the channels seem to be: #33c3-hall-1 #33c3-hall-2
#33c3-hall-6 #33c3-hall-g

------
erhardm
I searched through the schedule and didn't find State of the Onion. That's
unfortunate.

Security Nightmares seems to be still going. That's always a good talk.

~~~
myrion
I think that's to avoid the whole Jakob Appelbaum kerfuffle. Both he and the
rest of the TOR leadership were banned from giving talks this year.

~~~
shawn-butler
That seems anathema to the stated aims of ccc.

Do you have a reference for this or personal knowledge?

~~~
Klasiaster
It's stated here: [http://www.taz.de/Der-Fall-Jacob-
Appelbaum/!5361578/](http://www.taz.de/Der-Fall-Jacob-Appelbaum/!5361578/)

No party should get the chance to defend their position.

------
silasb
My favorite talk is always the behind the scenes talk:

[https://fahrplan.events.ccc.de/congress/2016/Fahrplan/events...](https://fahrplan.events.ccc.de/congress/2016/Fahrplan/events/8243.html)

------
camperman
Holding my breath for Wikileaks insurance keys and Phase 3 files hidden in the
blockchain.

------
Mithaldu
Are they doing quality control on submitted talks this year, or are they still
fine with talks that spread outright and clear lies to people who come there
to learn and don't know any better?

Edit: They still let Rubin talk, so probably no quality control.

~~~
lawl
The exploits he presented in high profile perl software are very real,
irregardless of if you agree with his reasoning on what is broken or not.

So he gave a talk on exploits he found but you call the talk "outright and
clear lies", because you disagree with his conclusion that perl is broken?

~~~
Mithaldu
He found vulnerabilities in (very old) third-party software written in Perl
(that's the 1%) then did nothing but lie and attribute them to the language
while demonstrating his (accidental or willful) lack of understanding of the
language. His code slides often aren't even valid Perl, which is an
achievement in itself.

~~~
berdario
I watched both of his talks, but I've never heard before about this "code on
the slide was not valid Perl" complaint.

You're not talking about a small typo, are you?

Can you point to the wrong examples/slides?

~~~
Mithaldu
Examples, with explanation of wrong in comment. First talk:

    
    
      print $hash;   # he accompanied this by a dump of the hash, when in reality it would print the reference id
      print ($a, $b, $c);   # same thing as above, pretends it does a dump, when the reality is wildly different
    

He does these repeatedly in his second talk:

    
    
      $arg1, $arg2 = @_;   # assigns the length of @_ to $arg2, instead of unpacking args. only the newest of newbies would get this wrong
      if(ref $arg1 eq 'HASH') print $arg1{'key'};   # perl does not have block-less pre-fixed ifs
      else print $arg1;   # same with this, entirely nonsense
    

The entire style of his code (paren-usage, quoted hash keys) also smells of
code copied from bad (w3schools) perl tutorials.

~~~
berdario
Yeah, quite damning and sloppy on his behalf...

Thanks for pointing this stuff out!

