The 23rd Chaos Communication Congress will be held later this month in Berlin, Germany on 27–30 December. I will be attending to give a talk on Hot or Not: Revealing Hidden Services by their Clock Skew. Another contributor to this blog, George Danezis, will be talking on An Introduction to Traffic Analysis.
This will be my third time speaking at the CCC (I previously talked on Hidden Data in Internet Published Documents and The Convergence of Anti-Counterfeiting and Computer Security in 2004 then Covert channels in TCP/IP: attack and defence in 2005) and I’ve always had a great time but this year looks to be the best yet. Here are a few highlights from the draft programme, although I am sure there are many great talks I have missed.
- Bernd R. Fix on A not so smart card — one of the rare cases where key length (320 bit RSA) was the major weakness in a security system
- Caspar Bowden, Chief Privacy Advisor, Microsoft EMEA (and former director of FIPR) on Transparency and Privacy, covering Kim Cameron’s 7 laws of identity
- Ilja (who has an amazing ability to exploit seemingly unexploitable bugs) on Unusual bugs and You can’t make this stuff up
- Jacob Appelbaum and Ralf-Philipp Weinmann on Unlocking FileVault — Jacob was at the CCC last year giving a summary of disk encryption systems; now he is back to go into more detail on the one from MacOS X
- Joanna Rutkowska, author of the Nushu TCP/IP steganography scheme (which I discussed in my paper on this topic) and the Blue Pill virtualization based rootkit, will be talking on Stealth malware — can good guys win?
- Melanie Rieback on A Hacker’s Toolkit for RFID Emulation and Jamming — covering the RFID Guardian, as featured on Schneier’s blog, Boing Boing and Slashdot. Melanie gave a talk on an early version of this project at the International Workshop on Security Protocols so I will be interested to see how it has progressed
- Roger Dingledine (co-designer of Tor) on Tor and China — censorship resistance has been a major interest of mine, particularly since I started working for the OpenNet Initiative
- Rop Gonggrijp on We don’t trust voting computers — from the team who made a Dutch voting computer play chess
It’s looking like a great line-up, so I hope many of you can make it. See you there!