BEGIN:VCALENDAR VERSION:2.0 PRODID:-//BornHack Website iCal Generator//bornhack.dk// NAME:BornHack 2018 X-WR-CALNAME:BornHack 2018 BEGIN:VEVENT SUMMARY:Hello World! DTSTART:20180816T190000Z DTEND:20180816T200000Z DTSTAMP:20260407T051557Z UID:15344460-0011-1698-91e1-746427849748 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/hello-world/\n\ nSpeaker(s): BornHack\n\nRecorded: No\n\nStreamed: No\n\nThe BornHack team would like to welcome you to this years BornHack event. We will walk over changes to the schedule\, facilities\, and other information about the ev ent itself.\n\nThis is also an excellent opportunity to meet the organisin g team. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:25th birthday of Debian DTSTART:20180816T200000Z DTEND:20180816T230000Z DTSTAMP:20260407T051557Z UID:15344496-0012-199b-3721-347b22f477a9 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/25th-birthday-o f-debian/\n\nSpeaker(s): Holger 'h01ger' Levsen\n\nRecorded: No\n\nStreame d: No\n\nThe Debian Project was officially founded[1] by Ian Murdock on 19 93-08-16[2]. The Debian Community celebrates its birthday\, '''Debian Day' ''\, on this day each year. ''(It has also been called Debian Appreciation Day.)''\n\n1) https://www.debian.org/doc/manuals/project-history/ch-intro .en.html#s1.1\n2) http://groups.google.com/groups?selm=CBusDD.MIK%40unix.p ortal.com&output=gplain LOCATION:Bar Area END:VEVENT BEGIN:VEVENT SUMMARY:Lunch break DTSTART:20180817T100000Z DTEND:20180817T110000Z DTSTAMP:20260407T051557Z UID:15345000-0015-1844-bdb0-136a43b4ac9a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/lunch-break/\n\ nSpeaker(s): BornHack\n\nRecorded: No\n\nStreamed: No\n\nLunch break. LOCATION:Food area END:VEVENT BEGIN:VEVENT SUMMARY:Futhark: A data-parallel pure functional programming language comp iling to GPU DTSTART:20180817T110000Z DTEND:20180817T120000Z DTSTAMP:20260407T051557Z UID:15345036-0011-149d-8afe-90ad76a47eaa DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/futhark-a-data- parallel-pure-functional-programming-language-compiling-to-gpu/\n\nSpeaker (s): Troels Henriksen\n\nRecorded: Yes\n\nStreamed: Yes\n\nComputers are a ll about computational performance. There is nothing your computer can do that a human could not also do. The only advantage of the computer is th at it does it much faster (and cheaper). However\, modern computers are * difficult* to program if we actually want to take advantage of their poten tial. There are a variety of reasons for that: the need for significant a mounts of parallelism\, performance booby traps that must be avoided\, and the memory wall. The situation is even more complex when it comes to res tricted high-performance processors like GPUs. Legacy ways of programming will not suffice. This talk is about why these problems are intrinsic to our current understanding of microprocessor manufacturing and the laws of physics\, how I have come to view the problem\, and the potential solutio ns I see.\n\nIn particular\, I will talk about how GPUs differ from CPUs - what makes them fast\, and at the same time so very hard to program. I wi ll (superficially) describe different solutions to GPU programming in vari ous languages\, with somewhat of a bias towards functional approaches. Mos tly\, however\, I will talk a programming language I have been implementin g as part of my PhD at DIKU. The language\, called Futhark\, is a high-lev el pure functional programming language that has been carefully designed t o permit compilation to efficient GPU code\, while not requiring any low-l evel GPU knowledge from the user. Our optimising compiler is able to gener ate code competitive with hand-written OpenCL programs\, and usually beati ng other parallel languages.\n\nI will show how easy it is to use Futhark for writing massively parallel functional programs that perform well on GP Us. I will also demonstrate how simple it can be interact with Futhark cod e from other languages. This mirrors our intended use case\, where Futhark is used only for computationally heavy parts of an application that can p rofitably run on the GPU\, with the CPU parts written in traditional langu ages. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:#badgelife DTSTART:20180817T120000Z DTEND:20180817T130000Z DTSTAMP:20260407T051557Z UID:15345072-0011-1577-dfed-ea13b314dc3a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/badgelife/\n\nS peaker(s): Thomas Flummer\n\nRecorded: Yes\n\nStreamed: Yes\n\nThis talk i s specifically about this years electronic badge for Bornhack\, some tech specs\, introduction to hacking it and a bit about the expansion options. But this talk is also about some of the other awesome badges that has been made for other events either official ones or the plethora of creative cr eations that badge makers spend a lot of time and money creating for other s to wear and hack at different events. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Introduction to Network Analysis - Now Without Buzzwords DTSTART:20180817T130000Z DTEND:20180817T140000Z DTSTAMP:20260407T051557Z UID:15345108-0011-1456-2e1a-12d40f54e0f9 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/introduction-to -network-analysis-now-without-buzzwords/\n\nSpeaker(s): Philip 'Xiao' Henr iques\n\nRecorded: No\n\nStreamed: No\n\nWelcome to the wild frontier in c omputing where the most complex tooling available are nothing more than th e equivalent objdump in reverse engineering.\n\n- Every system can be expl oited if directly targeted.\n- Static signatures cannot deal with heuristi cs.\n- Raw data/packet captures have way too much noise to analyze.\n- Pac kets do not contain network information.\n- Why am I seeing RFC1918 traffi c on my WAN?\n- Is that private/public address internal or external to my infrastructure?\n- Why is this documentation an abstract painting?\n- Why is the US DoD contacting that Chinese host?\n- Why did I capture a packet of the US DoD making contact with a Chinese host?\n- Why does Broscript ha ve no bignum\, when I am using it to count an infinity amount of packets?\ n\nIs network analysis actually a real job? LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:something about access control DTSTART:20180817T140000Z DTEND:20180817T150000Z DTSTAMP:20260407T051557Z UID:15345144-0011-1802-29a4-e75c2c74dba8 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/something-about -access-control/\n\nSpeaker(s): knud\n\nRecorded: No\n\nStreamed: No\n\na walkthrough of how to approach an audit of a physical (digital) access con trol system\, common issues identified in such systems and stuff like that LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Making Art Using Printed Circuit Boards DTSTART:20180817T150000Z DTEND:20180817T170000Z DTSTAMP:20260407T051557Z UID:15345180-0011-142f-14a6-d6d973b40818 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/making-art-usin g-printed-circuit-boards/\n\nSpeaker(s): Thomas Flummer\n\nRecorded: No\n\ nStreamed: No\n\nIn this workshop\, we will look at how PCBs are made and the different parts that go into them. We will then look into how we can u se or maybe abuse this to make artistic pieces of electronic.\n\nFor this workshop\, you will need to bring your own computer and have the following pieces of software installed:\n\n- InkScape or Adobe Illustrator (recent versions prefered)\n- KiCad (preferably the new 5.0 version that has just been released\, but rc2 is also ok)\n\nTo get the most out of the workshop \, please make sure that the above software is installed and running. Pay special attention to Inkscape on macOS\, where you need to have XQuarts in stalled for it to work. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Trip to Tejn open air hot tub and sauna DTSTART:20180817T171500Z DTEND:20180817T200000Z DTSTAMP:20260407T051557Z UID:15345261-0016-1643-6381-d236ee04f888 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/open-hot-tub-in -the-wellness-area/\n\nSpeaker(s): Graffen\n\nRecorded: No\n\nStreamed: No \n\nWe have booked Friday and Monday evenings at http://www.tejnborgerfore ning.dk/bad_sauna.htm from 20:00 until we feel like we've had enough. \nYo u must bring your bathing suit/trunks and a towel (and an extra towel to s it on in the sauna if you prefer to do that in the buff).\n\nThere is a li mit of six people per day due to the size of the sauna and hot tub. If we exceed the limit on Friday\, those people will have first priority on the Monday trip.\n\nWe will depart the BornHack site at 19:15\, please be punc tual. Our meeting place is in front of Simon's food wagon\, by the flag po le. \n\nIf you wish to bring something to drink (suggestion: beer)\, you c an buy "to go" at the bar before we leave. We will try to bring a bucket o f ice to keep things cool during transport and event.\n\nThe price of part icipating is **65 hax** per person to cover the cost of renting the place and to cover some of the cost of driving there in Mikjaer and BlackThorne' s cars. We ask that you please pay the fee when you sign up for the event. \nTo sign up\, just find **Graffen** or **Mikjaer** around the site. You can ask one of the organisers if you don't know how we look.\n\nAnd finall y: We prefer that you're an adult or can at least act like one. Considerin g the time of the event we don't expect this to be an issue :) LOCATION:External END:VEVENT BEGIN:VEVENT SUMMARY:Hacker Jeopardy (Round #1) DTSTART:20180817T210000Z DTEND:20180817T220000Z DTSTAMP:20260407T051557Z UID:15345396-0011-1900-eb2f-4a14f0e49ca9 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/hacker-jeopardy -round-1/\n\nSpeaker(s): BornHack\n\nRecorded: No\n\nStreamed: No\n\nFour teams of up to 3 persons compete in a game of classical jeopardy.\n\nSubmi t your teams to info@bornhack.dk with your team name. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Bornhack CTF Prologue and Introduction DTSTART:20180818T090000Z DTEND:20180818T100000Z DTSTAMP:20260407T051557Z UID:15345828-0011-187c-feb3-e00f7384490a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/bornhack-ctf-pr ologue-and-introduction/\n\nSpeaker(s): Pwnies\n\nRecorded: No\n\nStreamed : No\n\nIntroduction to CTF (capture the flag) hacking competitions\, with focus on the Bornhack CTF that will commence soon after this talk. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Lunch break DTSTART:20180818T100000Z DTEND:20180818T110000Z DTSTAMP:20260407T051557Z UID:15345864-0015-1844-bdb0-136a43b4ac9a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/lunch-break/\n\ nSpeaker(s): BornHack\n\nRecorded: No\n\nStreamed: No\n\nLunch break. LOCATION:Food area END:VEVENT BEGIN:VEVENT SUMMARY:Big Banko: Scaling for the Elder Generation DTSTART:20180818T110000Z DTEND:20180818T120000Z DTSTAMP:20260407T051557Z UID:15345900-0011-154a-4fab-efd34d74b1e9 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/big-banko-scali ng-for-the-elder-generation/\n\nSpeaker(s): Niels G. W. Serup\n\nRecorded: Yes\n\nStreamed: Yes\n\nBanko is a game of chance\, often played in a soc ial setting. It is somewhat similar to the U.S. variant of Bingo\, but ha s its own rules. The basics is that each player has one or more banko car ds -- each card having 15 numbers -- and must cover a set amount of random ly picked numbers to win\, at which point they yell "BANKO!".\n\nFor this talk I want to first explore existing problems related to scaling banko ga mes\, quickly discover that none exist\, and then spend the remaining time describing made-up problems and solutions to them.\n\nIn particular\, the umbrella term 'Big Banko' covers such diverse areas as:\n\n - Standardis ation: How do you transfer banko cards between different entities and not get confused? I present a well-defined and open banko card standard.\n\n - Visualisation: What is the most human-friendly non-print visualisation of one or more banko cards? I showcase several approaches and pick the be st one.\n\n - Validation: When you're in a hurry\, how do you quickly che ck the validity of millions of banko cards? I present a GPU-accelerated s olution that outperforms a human by several orders of magnitude.\n\n - Co mpression: Just how much can you compress (the digital representation of) a banko card? Whenever someone needs to transfer billions of banko cards over a slow internet connection\, they need a fast and reliable compressio n/decompression scheme. There are several low-hanging fruits in the quest for a good lossless compressor\, but it is a surprisingly complex and mat h-dense endavour to exploit all the banko card invariants and reach optima lity. I present a variety of algorithms and discuss their bit usage.\n\n - Simulation: Is it possible to remove the human element from banko altog ether\, and just let a computer play it? Yes\, of course it is.\n\nThis t alk is introductory in nature and is suited for all audiences\, including: \n\n - intermediate banko enthusiasts wanting to gain an edge\;\n - bank o business-doers wishing to modernise their enterprises\; and\n - banko n ewcomers working on becoming cool.\n\nThe contents of the talk will occasi onally require a good understanding of computer science\, but I will make sure to always give the big picture as well.\n\nThis is joint work with Tr oels Henriksen\, postdoc at DIKU\, and David Udsen\, software developer. Our Big Banko tools can be found at https://github.com/diku-dk/openbanko a nd are licensed under BSD 2. Part of our work is based on the 2003 scient ific paper "Hvor mange bankoplader er der?" (eng: "How many banko cards e xist?") by Nils Andersen\, professor emeritus at DIKU.\n\nAlso see https:/ /www.youtube.com/watch?v=0-h1Q8jkBto LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Making REST API in Sinatra with automation tests in bash DTSTART:20180818T120000Z DTEND:20180818T130000Z DTSTAMP:20260407T051557Z UID:15345936-0011-146a-b917-309e80b40b68 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/making-rest-api -in-sinatra-with-automation-tests-in-bash/\n\nSpeaker(s): Mateusz Wolsza\n \nRecorded: Yes\n\nStreamed: Yes\n\nGoals for this presentation is to show how to: \n\n- build authorization service which provides JSON Web Tokens using open source tools\,\n- explain how to use JWT to secure a REST API b uilt in Sinatra\,\n- mange complex REST tests of a secured API using a han dy tool called: bash \;).\n\nI believe that after this live session\, each participant will be able to increase security and stability of their proj ects.\n\nSpeech plan: \n\nIntroduction: \nIn a few words I give summary of JSON Web tokens\, what they are and how we can use them. \n\nPart I: \nUs e Rails API + Devise and JWT libs to build an authorization service which will authenticate users using email to provide JSON Web Tokens. I will sh ow core steps which are required to get it running then we will create a u ser and authorize them to obtain a JWT token. \n\nPart II: \nI will show a simple REST API built in Sinatra and what steps are necessary to apply JW T authorization on it\, with token blacklisting as the invalidation strate gy. \nSinatra is a great Ruby framework for small and large projects. It's lighter than Rails and really flexible.\n\nPart III: \nHaving free open s ource authorization service and secured REST API is not all. Now we should be able to run all bunch of tests on it. \nUsing bash with bats + jq + jo will give us powerful testing tool\, which can be used in command line or TeamCity. I will show how to test REST endpoints locally and remotely wit hout touching any commercial software or UI tools. We will run simple test s like GET /endpoint == status 200 but also a complex ones which require:\ n- authorization\,\n- JSON payload\, \n- multi line response parsing\,\n- matching regular expressions against the response. \n\nSummary: \nBiggest value of this is that each part can be done separately. Some of us alread y have API services but lack automated tests or maybe there is a need to s ecure them.\n\nThese 3 parts have been already combined in a new open sour ce deployment solution called PutIt. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:lock manipulation meetup DTSTART:20180818T120000Z DTEND:20180818T140000Z DTSTAMP:20260407T051557Z UID:15345936-0013-179f-1224-16aba7647659 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/lock-manipulati on-meetup/\n\nSpeaker(s): knud\n\nRecorded: No\n\nStreamed: No\n\nLearn ho w lockpicking works\, come open some locks\, make some lock picks and mayb e even do some impressioning. Lockpicks and equipment provided\, bring any spare locks you want to fiddle with. LOCATION:Workshop Rooms END:VEVENT BEGIN:VEVENT SUMMARY:Modern Mix Network Design DTSTART:20180818T130000Z DTEND:20180818T140000Z DTSTAMP:20260407T051557Z UID:15345972-0011-1481-e6ab-975fddc4052b DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/modern-mix-netw ork-design/\n\nSpeaker(s): David Stainton\n\nRecorded: Yes\n\nStreamed: Ye s\n\nI shall explain the renewed interest in mix networks. Like Tor\, mix networks protect metadata by using layered encryption and routing packets between a series of independent nodes. Mix networks resist vastly more pow erful adversary models than Tor though\, including partial defense against global passive adversaries. In so doing\, mix networks add both latency a nd cover traffic. I shall outline the basic components of a mix network\, touch on their roles in resisting active and passive attacks\, and discuss how the latency impacts reliability\, application design\, and user exper ience. In particular I'll mention how mix networks can be used with messag ing applications and crypto currency to resist network surveillance and tr affic analysis.\n\nAcademics have proposed various anonymity technologies with far stronger threat models than Tor\, but by far the most practical a nd efficient option remains mix networks\, which date to the founding of a nonymity research by David Chaum in 1981. Tor was inspired by mix networks and shares some superficial similarities\, but mix networks' are vastly s tronger if they judiciously add latency and cover traffic.\n\nThere are se veral historical reasons why mixnets lost popularity and why Tor's onion r outing won. Namely\, Tor is\nlow latency and really good at being usable. This is in contrast to mix networks which are essentially an unreliable pa cket switching network. Historically mix networks achieved enough mix entr opy by using long delays whereas it is becoming more widely understood tha t there exists a trade off between legit traffic\, decoy traffic and laten cy.\nAfter this introduction to mix networks I'll talk a bit about the Kat zenpost mix network software project which is based off of the recently pu blished academic paper "The Loopix Anonymity System". These new insights i nto mix network designs allow modern mix networks to make the correct desi gn trade offs so that we can keep the latency relatively low. Historically high latency and unreliability has been a major obstacle to mass adoption . I shall explain how Katzenpost solves both of these problems and allows developers to easily add network services to the mix network to support a wide variety of client applications including but not limited to: messagin g/chat\, crypto currency transaction transport\, offline browsing\, file s haring\, bulletine board systems et cetera. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:ici·bici: a £20 brain-computer interface for your phone\, tablet \, laptop... DTSTART:20180818T140000Z DTEND:20180818T150000Z DTSTAMP:20260407T051557Z UID:15346008-0013-141d-e48c-405938b4c32b DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/icibici-a-20-br ain-computer-interface-for-your-phone-tablet-laptop/\n\nSpeaker(s): Colin Rowat\n\nRecorded: No\n\nStreamed: No\n\nBuild and use the world's first £20 brain-smartphone interface to enter text on your phone by thinking (w ell\, we're getting there...)! This project drops the cost of brain-comput er interfaces by using your smartphone\, tin foil and a bathing cap in the hope of doing what Google Cardboard did for VR. We explain the theory (st eady-state visually evoked potential) behind the text entry app. Now in ei ght colours!\n\nEach icibici workshop is stand-alone: come to one to buy a nd build your kit\; come back to work on the software. Bring your device (smartphone/tablet/laptop...) and a pocket tool (with screwdriver and wire stripper).\n\niOS users need to register on Testflight.\n\nSee https://ic ibici.github.io/site/ for more details. LOCATION:Workshop Rooms END:VEVENT BEGIN:VEVENT SUMMARY:Learn Django and contribute to the BornHack website DTSTART:20180818T150000Z DTEND:20180818T183000Z DTSTAMP:20260407T051557Z UID:15346044-0013-177a-7eeb-92c574647409 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/learn-django-an d-contribute-to-the-bornhack-website/\n\nSpeaker(s): Benjamin Bach\, Víð ir Valberg Guðmundsson\n\nRecorded: No\n\nStreamed: No\n\nDo you have som ething that annoys you with the BornHack website? Do you need some pointer s on how to get started with Django so you can start that pull request of yours? Come to this workshop!\n\nIn this laid back workshop we will have a short introduction of the basics in Django and then we will dive head fir st into working on different issues for the BornHack website.\n\nIf you ha ve a small project you want to get started on with Django that is fine too :) LOCATION:Workshop Rooms END:VEVENT BEGIN:VEVENT SUMMARY:Setting up the DECT network for Bornhack DTSTART:20180818T160000Z DTEND:20180818T170000Z DTSTAMP:20260407T051557Z UID:15346080-0011-1738-4f75-607bba846758 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/setting-up-the- dect-network-for-bornhack/\n\nSpeaker(s): Francisco Blas Izquierdo Riera ( klondike)\n\nRecorded: Yes\n\nStreamed: Yes\n\nFor the first time we will try to set up a DECT network at Bornhack. It's still too early to say whet her it will work well or not\, but in this talk we will cover what we did and learnt and how it is set up. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:A Tale of Software Quality in the Cloud DTSTART:20180818T170000Z DTEND:20180818T180000Z DTSTAMP:20260407T051557Z UID:15346116-0011-1960-0849-f22b1cb43458 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/a-tale-of-cloud -services-and-software-quality/\n\nSpeaker(s): Peter Forsberg\n\nRecorded: Yes\n\nStreamed: Yes\n\nThe increasing reliance on cloud service provider s allows companies and organizations to drastically lessen the burden of s etting up and managing their IT infrastructures. This reliance comes with a wide variety of trade offs and drawbacks\, however. In this talk\, we wi ll look at the challenges faced when attempting to resolve\, mitigate\, an d correct issues in the software and services that you're already paying t o use. Specifically\, we will examine how a bug in the HTTP/2 implementati on of the AWS Application Load Balancer product was identified\, and how i t took more than 6 months to have it fixed. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:coreboot workshop DTSTART:20180818T183000Z DTEND:20180818T203000Z DTSTAMP:20260407T051557Z UID:15346170-0013-2013-072e-dc580d843b3b DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/coreboot-worksh op/\n\nSpeaker(s): lynxis\n\nRecorded: No\n\nStreamed: No\n\nThe coreboot workshop is open to everybody who likes to know more about coreboot.\nYou can also bring your device to compile and install it. I'll guide you throu gh the full procedure starting from compiling over disassemlbing and flash ing.\nDepending on your device\, this can be quickly done in under 30 minu te or might take 1h longer.\n\nYou can also send me a mail in advance to k now\, if it's supported or not. LOCATION:Workshop Rooms END:VEVENT BEGIN:VEVENT SUMMARY:Tor Relay Operators Meetup DTSTART:20180818T190000Z DTEND:20180818T200000Z DTSTAMP:20260407T051557Z UID:15346188-0012-1440-84f4-a69d60948af8 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/tor-relay-opera tors-meetup/\n\nSpeaker(s): Alexander Færøy\n\nRecorded: No\n\nStreamed: No\n\nFor people who are currently running or are considering to run Tor relay nodes. Let's meet and share experiences\, say hi to each other and h ave an open discussion about topics related to Tor relay operations.\n\nWi ll most likely take place in some corner of the bar. LOCATION:Bar Area END:VEVENT BEGIN:VEVENT SUMMARY:LibreBoot & Free Software&Hardware Philosophy DTSTART:20180819T090000Z DTEND:20180819T100000Z DTSTAMP:20260407T051557Z UID:15346692-0011-159a-8ada-cb6b3e1497c9 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/libreboot-free- softwarehardware-philosophy/\n\nSpeaker(s): marco\n\nRecorded: Yes\n\nStre amed: Yes\n\n•?((¯°·._.• ƒя€€-$๏ƒţώąя€ •._.·°¯) )؟•\n\nI help translate the GNU project and I am a volunteer for Techno ethical. \n\nI believe that free software and free-design hardware are par t of a free society. \n\nIn this talk you will listen to what Libreboot is \, what is needed to flash it and a small panoramic of free software inclu ding the Trisquel GNU/linux distribution.\n\nThis talk:\n* what the Libreb oot project is\n* you will see one of the programmers you can use to flash Libreboot on a compatible laptop \n* you will listen to presentations on various free operating systems such as Trisquel and Parabola.\n* I'll also talk a little on the Free Software and Free-design Hardware philosophy.\n * Hardware 100% compatible with free software\n* Libreboot workshop presen tation\n*...\n\n•?((¯°·._.• ƒя€€-hąяďώąя€ •._.·° ¯))؟• LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:User-testing as a service DTSTART:20180819T090000Z DTEND:20180819T100000Z DTSTAMP:20260407T051557Z UID:15346692-0013-1438-7750-4fdd2fd4315b DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/user-testing-as -a-service/\n\nSpeaker(s): elisa and rootkate\n\nRecorded: No\n\nStreamed: No\n\nRarely seen\, often misunderstood: Users are an elusive species tha t is hardly ever involved in the development process of software\, especia lly if it is FOSS. We don't know why that is\, but here we are: \n\nWe are to tech-happy\, friendly beings who want to bring users and developers to gether. \n\nYou are a developer? Then we can share some easy tricks about how to evaluate the usability of your shiny new software tool\, and how to get user feedback that is actually worth it. We are happy to be your test users\, and to give you instructional\, positive feedback. Let’s take t his ride together and improve the thing we all love: tech. \n\nYou are a u ser? Great\, so are we. We can show you which feedback actually helps the developers\, and which doesn't. LOCATION:Workshop Rooms END:VEVENT BEGIN:VEVENT SUMMARY:Lunch break DTSTART:20180819T100000Z DTEND:20180819T110000Z DTSTAMP:20260407T051557Z UID:15346728-0015-1844-bdb0-136a43b4ac9a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/lunch-break/\n\ nSpeaker(s): BornHack\n\nRecorded: No\n\nStreamed: No\n\nLunch break. LOCATION:Food area END:VEVENT BEGIN:VEVENT SUMMARY:Lightning talks DTSTART:20180819T110000Z DTEND:20180819T130000Z DTSTAMP:20260407T051557Z UID:15346764-0011-1713-6b2a-b4185964fd9a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/lightning-talks /\n\nSpeaker(s): BornHack\n\nRecorded: Yes\n\nStreamed: Yes\n\nDo a 5 min. presentation about a topic you find interesting.\n\nSign up talks via the website's normal talk submission system. Please add a link to your slides to your talk proposal. We will assign a 5 minute time slot after we have received your slides. If you don't use slides for your talk a title slide is enough. Please make sure your slides are in PDF or HTML (a URL is fine) format. You can update your slides until half an hour before the lightnin g talk event when we will download the final versions. We will schedule ta lks where we have to switch the laptop in the end to avoid delays.\n\nSund ay:\n\n13:00: Running a modular and fault-tolerant infoscreen system (Niel s G. W. Serup)\n\n13:07: Deploy & manage releases for free like a pro with new open source system - Putit (Piotr Skowron)\n\n13:14: Signing with Pic tures (Hanno Böck)\n\n13:21: [Diplomacy AI](https://bornhack.dk/bornhack- 2018/program/diplomacy-ai/) (Colin Rowat)\n\n13:28: [PBa in IT security](h ttps://bornhack.dk/bornhack-2018/program/pba-in-it-security/) (Morten Niel sen)\n\n13:35: [klondike diff\, an improved diff algorithm for making diff s more readable](https://bornhack.dk/bornhack-2018/program/klondike-diff-a n-improved-diff-algorithm-for-making-diffs-more-readable/) (Piers)\n\n13:4 2: [Striso\, development of a new musical instrument](https://bornhack.dk/ bornhack-2018/program/striso-development-of-a-new-musical-instrument/) (Pi ers)\n\n13:49: [hacking the huawei p9' fastboot android phone](https://bor nhack.dk/bornhack-2018/program/hacking-the-huawei-p9-fastboot-android-phon e/) (lynxis)\n\n--- Short Break ---\n\n14:10: net - the sane network manag er from pwnies (Xiao)\n\n14:17: \n\n14:24: \n\n14:31: \n\n14:38: \n\n14:45 :\n\nTuesday:\n\n13:00: [schleuder: encrypt email lists](https://bornhack. dk/bornhack-2018/program/schleuder-encrypt-email-lists/) (ilf)\n\n13:07: [ data.coop status update](https://bornhack.dk/bornhack-2018/program/datacoo p-status-update/) (Benjamin Balder)\n\n13:14: [Getting started with eXpres s Data Path](https://bornhack.dk/bornhack-2018/program/getting-started-wit h-xdp-express-data-path/) (Jesper Dangaard Brouer)\n\n13:21: An ssh-agent for Qubes (Reynir)\n\n13:28: [A brief intro to Genode and Sculpt OS](https ://bornhack.dk/bornhack-2018/program/a-brief-intro-to-genode-and-sculpt-os /) (ehmry)\n\n13:35: \n\n13:42: \n\n13:49:\n\nThanks to eightdot who creat ed the countdown animation for the OHM lights.\n\n[Recording from Sunday]( https://www.youtube.com/watch?v=Ojpn3UXZuGM)\n\n[Recording from Tuesday](h ttps://www.youtube.com/watch?v=78wuPQf5VfI) LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Fun with Bleach DTSTART:20180819T110000Z DTEND:20180819T140000Z DTSTAMP:20260407T051557Z UID:15346764-0015-1509-7aff-0201bdf48468 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/fun-with-bleach /\n\nSpeaker(s): Moem\n\nRecorded: No\n\nStreamed: No\n\nIn this workshop\ , we will be making boring T-shirts into interesting\, unique and cool T-s hirts\, using bleach and various techniques. Please bring your own boring T-shirts in darker colours\; prints are OK and will remain in place. If yo u want to use existing (simple) designs and (simple) logos\, print them on thick paper or thin cardboard and\, you guessed it\, bring them. LOCATION:Food area END:VEVENT BEGIN:VEVENT SUMMARY:VXLAN Security or Injection DTSTART:20180819T130000Z DTEND:20180819T140000Z DTSTAMP:20260407T051557Z UID:15346836-0011-1524-50f7-6fbb06a448ab DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/vxlan-security- or-injection/\n\nSpeaker(s): Kramse aka Henrik Kramshøj\n\nRecorded: Yes\ n\nStreamed: Yes\n\nVXLAN is an encapsulation protocol becoming more popul ar with cloud deployments these days. This talk will be a reminder that VX LAN encapsulation by itself does not have any security features\, so netwo rks must be protected by other means. The seriousness will be underlined u sing examples of injection and firewall circumvention with packet injectio n code examples including data and numbers from real life experiments.\n\n If you dont protect your VXLAN decapsulation remote layer 2 injection atta cks becomes a high risk.\n\nalso my patches for adding VXLAN header to hpi ng3 will be released LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:An tutorial on exhaustively testing threaded C or C++ with Nidhugg DTSTART:20180819T140000Z DTEND:20180819T150000Z DTSTAMP:20260407T051557Z UID:15346872-0011-1810-9e9a-d89335f424ba DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/an-tutorial-on- exhaustively-testing-threaded-c-or-c-with-nidhugg/\n\nSpeaker(s): Magnus L ång\n\nRecorded: Yes\n\nStreamed: Yes\n\nIn this tutorial I will teach yo u how to use a tool called Nidhugg in order to unit test your multi-thread ed C and C++ programs with the same guarantees and similar ease that you'r e used to testing single-threaded programs with.\n\nI will give you a high level overview of what tools like Nidhugg are and how they work\, and whe re the current state-of-the-art is. Through a series of examples\, I will walk you through the process of adapting a test case for use with a tool l ike Nidhugg\, and how to read it's output when it finds a problem. I will build you up to an example where we (re)discover and fix a bug in nontrivi al real-world code\, most likely from the Linux kernel. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:WhatTheHelmet DTSTART:20180819T140000Z DTEND:20180819T160000Z DTSTAMP:20260407T051557Z UID:15346872-0013-151e-4474-6e2a95c4a7c9 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/whatthehelmet/\ n\nSpeaker(s): Moem\n\nRecorded: No\n\nStreamed: No\n\nLife is dangerous\, protect yourself! But do it in style. This workshop will teach you how to change a normal\, boring hard hat / builder's helmet into a super cool\, metal like cyberpunk helmet. It can look like rusty iron\, pewter\, bronze or copper and it can have letters or logos of your own design. Your frien ds will envy you and wonder how you suddenly got so cool and crafty.
\ nThe workshop consists of two parts: in the first\, we prepare the helmet for painting\, add faux welding seams\, rivets\, and other 3D decorations. Then we paint it. In the second part\, we add the metal look for extra sh inies. If you want to use weird objects\, electronics or gears... bring th em.
\nThere is a 38 DKK fee for materials\, which covers the helmet it self and everything else. It's possible (and probably lots of fun) for a p arent and a child to work on a helmet together. LOCATION:Workshop Rooms END:VEVENT BEGIN:VEVENT SUMMARY:MirageOS: what did we achieve in the last year? DTSTART:20180819T150000Z DTEND:20180819T160000Z DTSTAMP:20260407T051557Z UID:15346908-0011-1858-bd09-8ef4aea48ce8 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/mirageos-what-d id-we-achieve-in-the-last-year/\n\nSpeaker(s): Hannes Mehnert\n\nRecorded: Yes\n\nStreamed: Yes\n\nMirageOS is a library operating system where spec ialisation of the running image is done at compile-time. This leads to si ngle-purpose systems with a minimal attack surface\, where lots of layers of complexity (file system\, scheduler\, process management\, virtual memo ry subsystem) are avoided.\n\nThis is a continuation of earlier talks at B ornhack (2016\, 2017)\, and will go into detail of some active projects\, such as: community repository signing (for secure updates)\, DNS infrastru cture\, a prototypefund.de-sponsored CalDAV-server. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Beyond Ulovlig Logning: Hvilke lovovertrædelser begår staten ell ers? DTSTART:20180819T160000Z DTEND:20180819T170000Z DTSTAMP:20260407T051557Z UID:15346944-0011-163c-1456-8268dd3404ca DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/beyond-ulovlig- logning-hvilke-lovovertrdelser-begar-staten-ellers/\n\nSpeaker(s): Rasmus Malver\n\nRecorded: Yes\n\nStreamed: Yes\n\nDer er ingen tvivl om at Justi tsministeriet vil blive dømt for den ulovlige logning af danskernes mobil - og internetbrug\, men hvad med de øvrige initiativer? Justitsministerie t har netop sendt en bekendtgørelse om ulovlig brug af droner i høring\, ministeriet har stadig ikke svaret på Folketingets spørgsmål\, de næg ter at fortælle om de selv synes at deres overvågning er lovlig\, og det er uvist om de stadig bruger Hjemmeværnets propelfly og forsvarets helik optere. Dertil kommer DNA-register\, genomcenter\, rejsekort og “smarte ” el-målere.\n\nSom menneskeretsjurist kan Rasmus gå hårdt til eksper terne\, og vi kan få en kvalificeret vurdering af statens magtmisbrug. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:The Dankort is insecure and illegal DTSTART:20180819T170000Z DTEND:20180819T180000Z DTSTAMP:20260407T051557Z UID:15346980-0011-2030-4f6f-9b7add34a7fb DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/the-dankort-is- insecure-and-illegal/\n\nSpeaker(s): Thue Janus Kristensen\n\nRecorded: Ye s\n\nStreamed: Yes\n\nThe Dankort is the main Danish payment debit card. I t is essentially identical to how Visacard and Mastercard are used in othe r countries\, as far as I know\, so security issues raised by me will prob ably also apply to them.\n\nThis talk will talk about the Dankort when use d in online transactions.\n\nThis talk will contain\n* The definition of s ecurity I am using\; what is a security hole\n* An analysis of the legal r equirements as set out in Law of Payments (lov om betalinger) §128 stk. 1 . and 2..\n* An analysis of how the Dankort blatantly obviously does not l ive up to those requirements.\n* An analysis of the answers (or lack of sa me) I have gotten from The Danish National Bank\, The Danish Financial Sup ervisory Authority and Nets.\n\nThe talk will use the debit card payment s ystem on bornhack.dk as an example of an insecure and payment process. (So rry - I love you Bornhack organizers!) LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Hardware\, Politics and Hacking DTSTART:20180819T180000Z DTEND:20180819T190000Z DTSTAMP:20260407T051557Z UID:15347016-0011-2044-43f0-0f91cdb4d3f9 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/hardware-politi cs-and-hacking/\n\nSpeaker(s): Peter Stuge\n\nRecorded: Yes\n\nStreamed: Y es\n\nIn a society with increasing divides\, hacking is an important force for good.\n\nThis talk explores the business and politics of x86 machines \, and goes on to\nargue that Hacking\, the Hacker Attitude and the Hacker Ethic are both vital\nfor society and completely natural. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Open Cyber table DTSTART:20180819T190000Z DTEND:20180819T200000Z DTSTAMP:20260407T051557Z UID:15347052-0012-1746-cbec-8e3ba914b418 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/open-cyber-tabl e/\n\nSpeaker(s): Francisco Blas Izquierdo Riera (klondike)\n\nRecorded: N o\n\nStreamed: No\n\nWhat says more about computer based security than cyb er? Of course it's hack the Gibson!\nThis meetup is open to everybody who wants to learn about computer security or wants to share knowledge in the field.\nAnd remind\, the only dumb question is the one that is not asked! LOCATION:Bar Area END:VEVENT BEGIN:VEVENT SUMMARY:Hacker Jeopardy (Round #2) DTSTART:20180819T210000Z DTEND:20180819T220000Z DTSTAMP:20260407T051557Z UID:15347124-0011-192a-66d6-337e9ac478da DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/hacker-jeopardy -round-2/\n\nSpeaker(s): BornHack\n\nRecorded: No\n\nStreamed: No\n\nFour teams of up to 3 persons compete in a game of classical jeopardy.\n\nSubmi t your teams to info@bornhack.dk with your team name. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Can democracy survive 4IR? DTSTART:20180820T090000Z DTEND:20180820T100000Z DTSTAMP:20260407T051557Z UID:15347556-0011-2185-9000-b88a0d34b8aa DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/lisbeth-bech-po ulsen-mp/\n\nSpeaker(s): Lisbeth Bech Poulsen\n\nRecorded: Yes\n\nStreamed : Yes\n\nHow to regulate Big Tech by policy\, and overturn surveillence ca pitalism by activism. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Lunch break DTSTART:20180820T100000Z DTEND:20180820T110000Z DTSTAMP:20260407T051557Z UID:15347592-0015-1844-bdb0-136a43b4ac9a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/lunch-break/\n\ nSpeaker(s): BornHack\n\nRecorded: No\n\nStreamed: No\n\nLunch break. LOCATION:Food area END:VEVENT BEGIN:VEVENT SUMMARY:Debat om Dansk IT-politik DTSTART:20180820T110000Z DTEND:20180820T130000Z DTSTAMP:20260407T051557Z UID:15347628-0011-1569-e771-aac3a8340779 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/debat-om-dansk- it-politik/\n\nSpeaker(s): Paneldebat\n\nRecorded: Yes\n\nStreamed: Yes\n\ nThis event is a Panel Discussion in Danish. The overall topic of the Disc ussion is Danish IT politics.\n\nThe panelists are Danish politicians who has views and ambitions for Danish IT politics\, but professionals\, influ encers and debaters / bloggers will also join the panel.\n\nThe specific t opics (in Danish) are:\n - Open source i det offentlige\n - Big data i det offentlige\n - Automatisering og kunstig intelligens - hvad er planen?\n\ nThe purpose of this event is to have a discussion between technicians and politicians about current events in IT politics in Denmark.\n\nThe member s of the panel are:\n - Lisbeth Bech Poulsen\, MF (SF)\n - Karen Melchior (R)\n - Michael Ørnø\, Direktør\, Statens IT\n - Poul-Henning Kamp\, Ud vikler og blogger\n\nWe want the technicians to educate the politicians on technical aspects of IT legislation. We also want the politicians to educ ate the technicians on why things are not necessarily as simple and clear- cut as they sometimes seem. We want everyone to walk away with new knowled ge\, new contacts\, and a better sense of where we are headed as an IT dep endent society.\n\nThe event will be moderated by Anders Kjærulff from th e Danish radio program "Aflyttet".\n\nWe hope that a lot of the technician s present at BornHack will take this opportunity to make your voice heard and move things forward. Shouting on Twitter will only get us so far\, at some point we have to interact with politicians if we want things to chang e. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Fun with Bleach DTSTART:20180820T110000Z DTEND:20180820T140000Z DTSTAMP:20260407T051557Z UID:15347628-0013-1509-7aff-0201bdf48468 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/fun-with-bleach /\n\nSpeaker(s): Moem\n\nRecorded: No\n\nStreamed: No\n\nIn this workshop\ , we will be making boring T-shirts into interesting\, unique and cool T-s hirts\, using bleach and various techniques. Please bring your own boring T-shirts in darker colours\; prints are OK and will remain in place. If yo u want to use existing (simple) designs and (simple) logos\, print them on thick paper or thin cardboard and\, you guessed it\, bring them. LOCATION:Workshop Rooms END:VEVENT BEGIN:VEVENT SUMMARY:Dansk IT historie - Mød 16 profiler\, der har skabt IT historie i Danmark og i resten af verden DTSTART:20180820T130000Z DTEND:20180820T140000Z DTSTAMP:20260407T051557Z UID:15347700-0011-200b-5279-14c20824b7da DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/dansk-it-histor ie-md-16-profiler-der-har-skabt-it-historie-i-danmark-og-i-resten-af-verde n/\n\nSpeaker(s): Michael Ørnø\n\nRecorded: Yes\n\nStreamed: Yes\n\nGenn em 16 portrætter af danske it-pionerer\, giver Michael Ørnø et bud på IT historien i Danmark – fra Marshallhjælp til det globale aftryk pione rerene har haft. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Algorithmically Inspirational Design DTSTART:20180820T140000Z DTEND:20180820T150000Z DTSTAMP:20260407T051557Z UID:15347736-0011-1786-a2f4-92e19b9433d8 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/algorithmically -inspirational-design/\n\nSpeaker(s): Morten Bo Rønsholdt\n\nRecorded: Ye s\n\nStreamed: Yes\n\nToday\, most content is presented in unexciting and repetitious ways\, such as vertical lists\, tables\, grids\, etc. This tal k will focus on how we can build more inspiring and varied layouts automat ically\, by algorithmically distilling much of the designer's work. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:News from the ESO/ELT telescope & The new NerdHouse DTSTART:20180820T150000Z DTEND:20180820T160000Z DTSTAMP:20260407T051557Z UID:15347772-0011-195d-2b32-f1c4c17414ca DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/news-from-the-e soelt-telescope-the-new-nerdhouse/\n\nSpeaker(s): Poul-Henning Kamp\n\nRec orded: Yes\n\nStreamed: Yes\n\nPHK is writing the new generation of Adapti ve Optics Real Time Computer for the ESO/ELT telescope\, and can't stop ta lking about it. He also built a new house and haven't stopped talking abou t that either. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Gentoo Install Party DTSTART:20180820T150000Z DTEND:20180820T180000Z DTSTAMP:20260407T051557Z UID:15347772-0013-1762-6dfa-09a493d4c0da DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/gentoo-install- party/\n\nSpeaker(s): Francisco Blas Izquierdo Riera (klondike)\n\nRecorde d: No\n\nStreamed: No\n\nSome say that Gentoo is the hardest Linux distro to install but that's not true. If you are curious about how Gentoo works and want to try installing it with yourself (having a Gentoo developer aro und to help you if needed). Bring your own system and a pendrive and we'll help you out. LOCATION:Workshop Rooms END:VEVENT BEGIN:VEVENT SUMMARY:Bornhack CTF Epilogue and Afterparty DTSTART:20180820T160000Z DTEND:20180820T170000Z DTSTAMP:20260407T051557Z UID:15347808-0011-1862-e869-20ed45c42bc9 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/bornhack-ctf-ep ilogue-and-afterparty/\n\nSpeaker(s): Pwnies\n\nRecorded: No\n\nStreamed: No\n\nThis talk will feature a dissection of some of the challenges presen ted at this years Bornhack CTF. Sober people not guaranteed. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Repeatable\, functional builds with Repeatr DTSTART:20180820T170000Z DTEND:20180820T180000Z DTSTAMP:20260407T051557Z UID:15347844-0011-202c-03b0-0fdd21541d79 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/repeatable-func tional-builds-with-repeatr/\n\nSpeaker(s): Eric Myhre\n\nRecorded: Yes\n\n Streamed: Yes\n\nReproducible builds are important. Tools for making build s repeatable are thus important\; and tools which make it both simple and more likely that users will check and expect reproducibility are desirable .\n\nWe'll present and do a live demo of Repeatr and the Timeless Stack: t ools for hash-addressed dependency management and building with containers . These tools are open-source and designed to be usable by anyone\, and es pecially\, to operate completely decentralized. By using hash-addressed s ystems for files\, we can easily mirror things anywhere\; by using contain ers\, we can pursue pure functional builds\; and by specifying an API for these together\, we can get build systems which are completely contextuali zed: so you can hand a build instruction to anyone\, and they can execute it unambiguously.\n\nAnd we can go further: by using hash-addressed filesy stems to describe both inputs and outputs\, and defining some hashing sche ma for container execution itself\, we can make immutable and repeatable d escriptions of whole systems. In other words: we can begin breaking down the distinction between source and binary distribution completely!\n\nFor fun\, we might do some things like demo Repeatr building Repeatr building Go building Go building Repeatr.\n\nThese tools all have a JSON API and af ter the talk let's see what else we can build together! LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Trip to Tejn open air hot tub and sauna DTSTART:20180820T170000Z DTEND:20180820T194500Z DTSTAMP:20260407T051557Z UID:15347844-0016-1643-6381-d236ee04f888 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/open-hot-tub-in -the-wellness-area/\n\nSpeaker(s): Graffen\n\nRecorded: No\n\nStreamed: No \n\nWe have booked Friday and Monday evenings at http://www.tejnborgerfore ning.dk/bad_sauna.htm from 20:00 until we feel like we've had enough. \nYo u must bring your bathing suit/trunks and a towel (and an extra towel to s it on in the sauna if you prefer to do that in the buff).\n\nThere is a li mit of six people per day due to the size of the sauna and hot tub. If we exceed the limit on Friday\, those people will have first priority on the Monday trip.\n\nWe will depart the BornHack site at 19:15\, please be punc tual. Our meeting place is in front of Simon's food wagon\, by the flag po le. \n\nIf you wish to bring something to drink (suggestion: beer)\, you c an buy "to go" at the bar before we leave. We will try to bring a bucket o f ice to keep things cool during transport and event.\n\nThe price of part icipating is **65 hax** per person to cover the cost of renting the place and to cover some of the cost of driving there in Mikjaer and BlackThorne' s cars. We ask that you please pay the fee when you sign up for the event. \nTo sign up\, just find **Graffen** or **Mikjaer** around the site. You can ask one of the organisers if you don't know how we look.\n\nAnd finall y: We prefer that you're an adult or can at least act like one. Considerin g the time of the event we don't expect this to be an issue :) LOCATION:External END:VEVENT BEGIN:VEVENT SUMMARY:The Striso and other synthesizer stuff DTSTART:20180820T180000Z DTEND:20180820T190000Z DTSTAMP:20260407T051557Z UID:15347880-0012-1971-30d4-fb5d8ee42698 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/the-striso-and- other-synthesizer-stuff/\n\nSpeaker(s): Piers\n\nRecorded: No\n\nStreamed: No\n\nTime to play and experiment with music\, and try the Striso\, the n ew musical instrument I'm developing.\nI'll bring a couple of Strisoboards \, Axoloti's\, a Striso and a Sensel Morph with Striso overlay.\n\nYou're invited to bring everything synth\, midi or otherwise music instrument rel ated\, let's make some sound!\nHome made instruments and MPE controllers a nd synths like the Linnstrument or Seaboard are extra welcome. See http:// www.rogerlinndesign.com/other-mpe-controllers.html for a short intro to MP E\n\nSee striso.org for more info about my instruments. LOCATION:Bar Area END:VEVENT BEGIN:VEVENT SUMMARY:Qubes User Meetup\, meet\, greet\, workshop\, tips and tricks DTSTART:20180820T190000Z DTEND:20180820T200000Z DTSTAMP:20260407T051557Z UID:15347916-0012-1534-df0a-c458d324ed39 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/qubes-user-meet up-meet-greet-workshop-tips-and-tricks/\n\nSpeaker(s): Kramse aka Henrik K ramshøj\n\nRecorded: No\n\nStreamed: No\n\nWe will meetup\, talk about Qu bes OS https://www.qubes-os.org/\n\nWe are a group which have moved to usi ng Qubes OS as our primary or private laptops\, and we have some experienc es to share. Maybe we will even have a presentation. \n\nThis is not an in stallfest\, but what comes after\, like: How to change Disposable VM setti ngs\, how to add another template for Kali Linux etc. LOCATION:Bar Area END:VEVENT BEGIN:VEVENT SUMMARY:30 Years of Danish Rap DTSTART:20180820T200000Z DTEND:20180820T213000Z DTSTAMP:20260407T051557Z UID:15347952-0012-1671-c9ce-6e910a34c01a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/30-years-of-dan ish-rap/\n\nSpeaker(s): Thomas Steen Rasmussen\n\nRecorded: No\n\nStreamed : No\n\nA journey from 1988 through to 2018 where we listen to Danish rap and hiphop evolve from then to now. LOCATION:Bar Area END:VEVENT BEGIN:VEVENT SUMMARY:BornCrag - A Day of Rock Climbing DTSTART:20180821T080000Z DTEND:20180821T160000Z DTSTAMP:20260407T051557Z UID:15348384-0016-1474-e85c-89895474561a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/borncrag-a-day- of-rock-climbing/\n\nSpeaker(s): Xiao\n\nRecorded: No\n\nStreamed: No\n\nI will arrange for a free one day sport climbing trip to Moseløkken Stenbr ud with an instructor in safety and climbing technique (me).\nEveryone is welcome regardless of how hard you climb (Moseløkken is notorious for hav ing loads of routes in the 4-5 range for beginners).\n\nHowever:\n- I\, an d BornHack\, do *not* take payment nor *legal* responsibility for others s afety\, but I will make sure that anyone that goes with me won't come to h arm if you follow my directions (check your personal insurance). This is a normal meet-and-climb climbing trip :)\n- I do not have extra equipment\, so you need to bring your own harness\, shoes and helmet(!) at the very l east.\n- I will exclude or call the police for anyone that acts irresponsi bly and endangers them self or other people.\n\nHow can you participate yo u ask?\nContact me on IRC 6nbtgccn5nbcodn3.onion or irc.baconsvin.org (TLS port 6697). My name is Xiao :)\nOr find me in the Pwnies village. LOCATION:External END:VEVENT BEGIN:VEVENT SUMMARY:Package Mis-Management DTSTART:20180821T090000Z DTEND:20180821T100000Z DTSTAMP:20260407T051557Z UID:15348420-0011-1897-4cfb-f7ba90c41449 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/package-mis-man agement/\n\nSpeaker(s): Bach & Böck\n\nRecorded: Yes\n\nStreamed: Yes\n\n An increase in demand for quick and easy distribution of software is pushi ng risky practices.\n\nPackage management systems claim to manage packages \, but they leave a lot to desire. The perception that users are stupid an d can't understand command line\, has turned many unsafe practices that we re meant to quickly install a pre-released package into primary means of d istribution.\n\nWe look at some of the most popular open source distributi on mechanisms and share our view through recent incidents\, a little bit o f research and some suggestions for attack vectors. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Lunch break DTSTART:20180821T100000Z DTEND:20180821T110000Z DTSTAMP:20260407T051557Z UID:15348456-0015-1844-bdb0-136a43b4ac9a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/lunch-break/\n\ nSpeaker(s): BornHack\n\nRecorded: No\n\nStreamed: No\n\nLunch break. LOCATION:Food area END:VEVENT BEGIN:VEVENT SUMMARY:Lightning talks DTSTART:20180821T110000Z DTEND:20180821T130000Z DTSTAMP:20260407T051557Z UID:15348492-0011-1713-6b2a-b4185964fd9a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/lightning-talks /\n\nSpeaker(s): BornHack\n\nRecorded: Yes\n\nStreamed: Yes\n\nDo a 5 min. presentation about a topic you find interesting.\n\nSign up talks via the website's normal talk submission system. Please add a link to your slides to your talk proposal. We will assign a 5 minute time slot after we have received your slides. If you don't use slides for your talk a title slide is enough. Please make sure your slides are in PDF or HTML (a URL is fine) format. You can update your slides until half an hour before the lightnin g talk event when we will download the final versions. We will schedule ta lks where we have to switch the laptop in the end to avoid delays.\n\nSund ay:\n\n13:00: Running a modular and fault-tolerant infoscreen system (Niel s G. W. Serup)\n\n13:07: Deploy & manage releases for free like a pro with new open source system - Putit (Piotr Skowron)\n\n13:14: Signing with Pic tures (Hanno Böck)\n\n13:21: [Diplomacy AI](https://bornhack.dk/bornhack- 2018/program/diplomacy-ai/) (Colin Rowat)\n\n13:28: [PBa in IT security](h ttps://bornhack.dk/bornhack-2018/program/pba-in-it-security/) (Morten Niel sen)\n\n13:35: [klondike diff\, an improved diff algorithm for making diff s more readable](https://bornhack.dk/bornhack-2018/program/klondike-diff-a n-improved-diff-algorithm-for-making-diffs-more-readable/) (Piers)\n\n13:4 2: [Striso\, development of a new musical instrument](https://bornhack.dk/ bornhack-2018/program/striso-development-of-a-new-musical-instrument/) (Pi ers)\n\n13:49: [hacking the huawei p9' fastboot android phone](https://bor nhack.dk/bornhack-2018/program/hacking-the-huawei-p9-fastboot-android-phon e/) (lynxis)\n\n--- Short Break ---\n\n14:10: net - the sane network manag er from pwnies (Xiao)\n\n14:17: \n\n14:24: \n\n14:31: \n\n14:38: \n\n14:45 :\n\nTuesday:\n\n13:00: [schleuder: encrypt email lists](https://bornhack. dk/bornhack-2018/program/schleuder-encrypt-email-lists/) (ilf)\n\n13:07: [ data.coop status update](https://bornhack.dk/bornhack-2018/program/datacoo p-status-update/) (Benjamin Balder)\n\n13:14: [Getting started with eXpres s Data Path](https://bornhack.dk/bornhack-2018/program/getting-started-wit h-xdp-express-data-path/) (Jesper Dangaard Brouer)\n\n13:21: An ssh-agent for Qubes (Reynir)\n\n13:28: [A brief intro to Genode and Sculpt OS](https ://bornhack.dk/bornhack-2018/program/a-brief-intro-to-genode-and-sculpt-os /) (ehmry)\n\n13:35: \n\n13:42: \n\n13:49:\n\nThanks to eightdot who creat ed the countdown animation for the OHM lights.\n\n[Recording from Sunday]( https://www.youtube.com/watch?v=Ojpn3UXZuGM)\n\n[Recording from Tuesday](h ttps://www.youtube.com/watch?v=78wuPQf5VfI) LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Saxo Bank HackMe! DTSTART:20180821T110000Z DTEND:20180821T130000Z DTSTAMP:20260407T051557Z UID:15348492-0013-2147-955c-671ab4f4cea9 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/saxo-bank-hackm e/\n\nSpeaker(s): Graffen\n\nRecorded: No\n\nStreamed: No\n\n# Saxo Bank O penAPI HackMe Contest\n\n## Who Are We\n\nSaxo Bank is a Danish investment bank specializing in online trading and investment founded in 1992\, and functioning as an online broker with a bank license\, without offering tra ditional banking products.\n\nWe offer trading through our online platform s in Forex\, stocks\, CFDs\, futures\, funds\, bonds and futures spreads.\ n\n## Why Are We at Bornhack\n\nBeing a global player in the financial mar kets\, we are naturally always looking for highly talented co-workers. Hav ing a presence at BornHack\, we believe we can showcase some of the cool t echnology we use\, as well as let the classic hacker types play with an AP I having a more material impact\, to either build something cool or surfac e flaws in our setup.\n\n## Contest Intro\n\nThe contest will run from Tue sday at 13:00 and will close twenty-four hours later. We will be in one of the workshop rooms for a couple of hours when the contest starts in case you need help registering for an account etc. If you need help during the contest\, catch us on IRC: graffen\, pewpie or Otto_Str0m. \n\nTo enter t he contest\, you must sign up on the participant roster\, so we know who's in. Please reach out to one of the Saxo Bank people in person or on IRC t o get your name on the list. When the contest starts\, you need to create an access token for yourself through our developer portal:\n\n1. Navigate to [https://developer.saxo](https://developer.saxo) and go through the fol lowing steps to sign up for a developer account\n1. Click on the burger me nu top right and then select "Get 24 Hour Token"\n1. You should now be pre sented with a login dialog. On the right you will see a button with the te xt "Simulation account signup"\n1. Fill out the form. You do not need to p rovide any identifying information (unless you want to be war-dialled by o ur sales people) but you will need to at least provide an email address th at can receive your initial password. You can use a disposable email addre ss like guerrillamail.com or lortemail.dk for this purpose\n1. Check your email and use the provided password to log in to your new Saxo Bank Simula tion account\n\nYou now have full access for 24 hours to the development p ortal and can start poking around. Have fun! If you're curious to try out our trading application you can use the information you have received to l og in to [SaxoTraderGO](https://saxotrader.com/sim/) to try some trading\, and to see how the application interacts with our API.\n\n### Tracks\n\nT here will be two "tracks":\n\n* Security findings & API flaws\n* Cool POCs using our API\n\nDuring the contest\, you must submit your entries/findin gs to one of the Saxo Bank representatives who will take a note of your na me/handle and validate what you have found/built.\n\nWinners of the contes t in the two categories will be elected by the team of Saxo Bank represent atives.\n\n### Points and Prizes\n\nPoints will be awarded for the followi ng:\n\n* Creativity: 25%\n* Impact: 25%\n* Design: 25%\n* Simplicity: 25%\ n\nWe will not award points for:\n\n* 500-type error codes returned by the API. There are many places where the API could behave better by returning proper response codes - this is already known and being worked on. What w e're looking for is for places where the API returns something unexpected and not just an error code.\n* (D)DOS-type attacks - don't do this\, pleas e.\n\nThere will be great prizes for the winner of each of the two categor ies.\n\n## Rules of Engagement / Code of Conduct\n\n*TLDR\; Be excellent t o each other.*\n\nBefore entering your name (or handle) on the contest ros ter\, please familarise yourself with our interim [Vulnerability Disclosur e Policy](https://here.dk/vulnerability_disclosure_policy.html).\n\nThe fo llowing are the general rules for the competition\n\n1. **Fresh code** \n To level the playing field\, each participant must start out fresh. Plea se don't build on top of previous projects. It's OK to use open-source fra meworks and tools\, though.\n1. **Code review** \n We might want to do a proper code review to validate your hack/project\, either just before we judge\, or immediately after.\n1. **Team Size** \n Single-human or teams of up to 3-4 humans are allowed. You may also add one cyborg\, Furby\, dr one or Sphero.\n1. **Submissions** \n We're doing this relatively ad-hoc . You may submit your hack/project in any way\, shape or form of your choo sing as long as we have a way of validating it.\n1. **Demo your hack** \n Before judging\, we will ask all participants to demo their hack. We won 't accept slide decks (Powerpoint). Also\, a partially complete hack is ju st fine\, as long as you can prove your concept.\n1. **Have fun** \n It' s a HackMe contest! Use whatever languages\, tools and hacks you have in y our arsenal. Show us hardware\, show us new concepts. Show us anything you 'd like.\n\nExamples of things that are **OK**:\n\n* Signing up for a demo account and playing with the API through the developer portal\n* Intercep ting requests and responses from the developer portal or SaxoTraderGO usin g a debugging proxy like BurpSuite\n* Fiddling with requests and responses using BurpSuite or the like\, to see if you can provoke the API to do wei rd stuff\n* Building an Arduino/ESP-based gadget that can talk to the API and do something fun based on market events\n\nExamples of things that are **NOT OK**:\n\n* DOS/DDOS attacks against our API. You will be playing ar ound in our Simulation environment and this does not have a lot of protect ion or massive hardware specs.\n* Deliberately breaking stuff "just for fu n". LOCATION:Workshop Rooms END:VEVENT BEGIN:VEVENT SUMMARY:Return of Bleichenbacher's Oracle Threat (ROBOT) DTSTART:20180821T120000Z DTEND:20180821T130000Z DTSTAMP:20260407T051557Z UID:15348528-0011-220b-da03-ae8df57414aa DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/return-of-bleic henbachers-oracle-threat-robot/\n\nSpeaker(s): Hanno Böck\n\nRecorded: Ye s\n\nStreamed: Yes\n\nWith a 19 year old vulnerability\, we were able to s ign a message with the private key of Facebook. I'll show how we found one of the oldest TLS vulnerabilities in products of 10 different vendors and how we practically exploited it on famous sites. I'll also discuss how th e countermeasures introduced back in TLS 1.0 and expanded over the years f ailed to prevent this and why RSA PKCS #1 v1.5 encryption should be deprec ated. Finally\, I'll present what related problems are still present and u nfixed in many popular TLS libraries. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Investigating Targeted Surveillance DTSTART:20180821T130000Z DTEND:20180821T140000Z DTSTAMP:20260407T051557Z UID:15348564-0011-221f-d005-c3041214a8db DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/investigating-t argeted-surveillance/\n\nSpeaker(s): Donncha\n\nRecorded: No\n\nStreamed: No\n\nStates and non-State actors are increasingly using digital surveilla nce\nto target human rights activists and civil society organizations. In\ nthis talk we will discuss how these types of targeted attacks are\ncarrie d out. We will also discuss these attacks can be detected\,\ninvestigated and evidence collected. We will illustrate the current\nstate of play by s howing some case studies from our recent\ninvestigations into human rights abuses. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Interpersonal Hacking DTSTART:20180821T130000Z DTEND:20180821T150000Z DTSTAMP:20260407T051557Z UID:15348564-0013-1944-cf87-2d624c147e58 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/interpersonal-h acking/\n\nSpeaker(s): Rian / Ash\n\nRecorded: No\n\nStreamed: No\n\nusing 3 different theories\, we'll disscuss how to better understand and handle interpersonal interactions.\nWe'll dive into Transactional Analysis (Game s people play by Eric Berne for more on the subject)\, into disfunctional triangles of interaction and a little deeper into what may lie behind func tional and non-functional interactions.\n\nIt's an interactive workshop an d it may be a bit intense\, so it's limited to 8 people. I can't juggle mo re than that \;-) LOCATION:Workshop Rooms END:VEVENT BEGIN:VEVENT SUMMARY:Experiences in disclosure DTSTART:20180821T140000Z DTEND:20180821T150000Z DTSTAMP:20260407T051557Z UID:15348600-0011-175b-3ada-9173fdf4d1ea DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/experiences-in- disclosure/\n\nSpeaker(s): Mr. K\n\nRecorded: No\n\nStreamed: No\n\nIn thi s talk I will share my experiences as grey hat disclosing found vulnerabil ities\, I will also cover the legal implications and risks of grey hat tes ting. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Boiling the ocean: Cooking with Qubes and MirageOS DTSTART:20180821T150000Z DTEND:20180821T160000Z DTSTAMP:20260407T051557Z UID:15348636-0011-1934-14e9-b2238614d31a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/boiling-the-oce an-cooking-with-qubes-and-mirageos/\n\nSpeaker(s): Joe\n\nRecorded: No\n\n Streamed: No\n\nA computer security-fundamentalist's tale of dogfooding "M irageOS on the desktop" piece-by-piece with Qubes\, rooted in the ongoing development of a secure image viewer application and a GnuPG-replacement i n OCaml.\n\nWe will be going over design considerations\, security implica tions\, the beautiful long hours spent trying to make sense of prose-based \, ambiguous protocol specifications\, live demos\, and much more!\n\nNo p rior knowledge of Qubes [1] / MirageOS [2] / OCaml required (the first sho t is free!)\, but a little bit of familiarity with operating systems and t erminals may make it more interesting. For the less ascetically inclined\, we will be playing Pong in privilege ring0 to the tune of the Tetris soun dtrack\, and the Bornhack logo will hopefully grace us with its on-screen presence.\n\n[1] https://qubes-os.org/ [2] https://mirage.io LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:OpenPGP (or whatever) Fingerprint Verification DTSTART:20180821T160000Z DTEND:20180821T170000Z DTSTAMP:20260407T051557Z UID:15348672-0013-1622-17ea-673a3e34bee9 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/openpgp-key-sig ning/\n\nSpeaker(s): Graffen\n\nRecorded: No\n\nStreamed: No\n\nLet's do a good\, old-fashioned OpenPGP key-signing event.\n\nThe concentration of O penPGP users is probably a lot higher at BornHack than at many other socia l gatherings. So why not use this opportunity to extend the number of sign atures on your OpenPGP key?\n\nFeel free to bring some form of official ID . Depending on the number of participants we will make the event more or l ess structured to make sure everyone's keys are signed.\n\nTo submit your key for the key signing party\, add it via the [web interface](https://hom er.netravnen.org) or simply push it directly from the command line: \n`gp g --keyserver hkps://homer.netravnen.org --send-keys 0xYour-Key-Id`\n\nPle ase submit your keys *no later than four hours before the scheduled time o f the event*. This gives us time to generate the final list of keys\, get it printed for everyone etc.\n\nNote: The server will be killed with fire after Bornhack for those of you who don't want your keys lying around on t he Internet for one reason or another. LOCATION:Workshop Rooms END:VEVENT BEGIN:VEVENT SUMMARY:Debian for contributing hackers / Ask me Anything DTSTART:20180821T160000Z DTEND:20180821T170000Z DTSTAMP:20260407T051557Z UID:15348672-0011-1984-8704-c50c5564d538 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/debian-for-cont ributing-hackers-ask-me-anything/\n\nSpeaker(s): Holger 'h01ger' Levsen\n\ nRecorded: Yes\n\nStreamed: Yes\n\nSome things about Debian you didn't kno w\, some things about Debian you didn't ask for\, some things you did know and hopefully some questions from you.\n\nDebian for contributing hackers - ask me anything\n\nif you only remember one thing from this: please fil e bugs. and do it again and again. also\, if possible\, send patches.\n\nD ebian turned 25 on August 16 2018!\n\n https://wiki.debian.org/DebianDa y\n\n\nDebian is the base for hundreds of distros and some of those are ag ain the basis for others.\n\n\n\n\n\n\n\n\n\n\n\n\n\nSo Debian was started in 1993\, I'm using Debian since 1995. Contributing since 2001\, first De bConf in 2003\, DD since 2007. Help running many DebConfs\, started the vi deoteam. Now mostly works on piuparts\, jenkins\, Reproducible Builds and Debian Edu. Was asked to do this last week.\n\nSo...\n\ntoy story names\, Bruce Perens used to work for Pixar...\n\n unstable is always sid\n\n experimental is always rc-buggy\n\n testing is now buster and will so on be bullseye\, than bookworm\n\n stable is stretch\, released every ~ 23 months\, since 14 years (or more?)...\n\n oldstable is jessie\, curr ently LTS (until 5 years after its original release)\n\n oldoldstable i s wheezy\, currently eLTS (currently 6 years\, maybe more in future)\n\n Buster will be Debian 10.\n\n Stretch is Debian 9.\n\n Jessie was Debian 8.\n\n\n Stretch 9.5 is the 6th point release of Stretch 9. Poin t releases contain important bug and security fixes and can be easily upgr aded too\, install media also usually keep working. Some places still spea k of 9.5.0...\n\n\n Debian unstable is pretty usable and has the latest shit. Stable is stable.\n\n\n\n\nsystemd - yes\, you can have Debian with out systemd. Just having a desktop is... more interesting \;)\n actually help is needed here..\n\n\nDebian is fundamentally package based. Everythi ng is in a package.\n apt install foo\n apt source foo && cd foo-* && de build -b\n man dpkg-buildpackage\n\nMaintaining packages\n\n anybody c an do this\, no affiliation with Debian required\, just working code.\n\n DM/DD/DD_nu\n\n anyone can triage any bug too\, without authenticati on\, just via email\n\n\nreal names / passport names\n\n not mandatory\ n\n\nexplain BTS first (BTS=bug tracking system)\n Debian is fundamentall y package based. Everything is in a package.\n See list of pseudo-package s\n\n bugs.debian.org/general\n\n bugs.debian.org/release.debian .org\n\n\nbugs.debian.org/$pkg\nmailto:submit@bugs.debian.org subject=titl e body\,1st line: package=$pkg\n\nbetter learn to use reportbug early\nx-d ebbugs-cc: foo@example.org\n\n\nSocial Contract\nDebian Free Software Guid elines (DFSG)\nDebian Constitution\nDebian Policy\nDiversity Statement\n\n \n\ntracker.debian.org/$src\n\n PTS subscription\n\n\nsalsa.debian.org GITlab\nsources.debian.org has all the sources\nsnapshot.debian.org\n\nbug s.debian.org/$src\n\n usertags\n\n simple yet powerful email interfa ce\n\n\nsecurity-tracker.debian.org/$src\n\nlintian.debian.org\npiuparts.d ebian.org\nci.debian.net\njenkins.debian.net\nvideo.debian.net\n\nreproduc ible builds\n\n started in Debian wiki\n\n reproducible.debian.net/$ src\n\n reproducible-builds.org/who and docs etc\n\n\nDebConf18 in Hsin chu\, DebConf19 in Curitiba - great community\nsmaller DebConfs are very n ice too\, but not the same :)\na miniDebConf 2019 in Hamburg\, several oth ers each year\n\n\n\nIRC\n\n irc.debian.org is an alias for irc.oftc.ne t\n\n #debian-namespace\n\n\nSponsors wanted:\n general (for hardwar e\, sprints\, GSoC\, etc)\n for DebConf\n (e)LTS\n\nThank you! Debia n is the product of the work of ten thousands.\n\nAsk me anything\n\n W hat (else) do you want to know? (General questions prefered\, specific que stions after the talk please) LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:bornmesh introduction and flashing DTSTART:20180821T170000Z DTEND:20180821T190000Z DTSTAMP:20260407T051557Z UID:15348708-0013-2280-f994-505bee242a79 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/bornmesh-introd uction-and-flashing/\n\nSpeaker(s): omni\n\nRecorded: No\n\nStreamed: No\n \nWe have set up a small wireless mesh network over the camp\, ssid:bornme sh\, with cheap hardware flashed with OpenWRT images built with the gluon framework. This is the same setup as we run our malmø mesh\, pjodd.se\, a nd also several other mesh communities use.\n\nIn this workshop we will ta lk about the network\, mesh networks in general\, and also flash additiona l nodes and watch them become part of bornmesh. For this we have three rou ters with stock firmware.\n\nWe hope this will spark interest in wireless meshing and in building mesh network communitys in your city.\n\nResources :\nhttps://gluon.readthedocs.io/en/v2018.1.x/\nhttps://www.open-mesh.org/p rojects/open-mesh/wiki\nhttps://openwrt.org/\nhttps://pjodd.se/\nhttps://g ithub.com/pjodd/\nhttps://freifunk.net/ LOCATION:Workshop Rooms END:VEVENT BEGIN:VEVENT SUMMARY:UncensoredDNS Users Meetup DTSTART:20180821T190000Z DTEND:20180821T200000Z DTSTAMP:20260407T051557Z UID:15348780-0012-1724-2e08-fbaee964cc9b DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/uncensoreddns-u sers-meetup/\n\nSpeaker(s): Thomas Steen Rasmussen\n\nRecorded: No\n\nStre amed: No\n\nLet's get together and discuss challenges and opportunities fo r the UncensoredDNS project. Any past\, present or potential UncensoredDNS users are very welcome to join! LOCATION:Bar Area END:VEVENT BEGIN:VEVENT SUMMARY:bytebeat livecoding 8-bit noise DTSTART:20180821T200000Z DTEND:20180821T203000Z DTSTAMP:20260407T051557Z UID:15348816-0012-222c-3fe4-e46b6b9403ea DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/bytebeat-liveco ding-8-bit-noise/\n\nSpeaker(s): endonym\n\nRecorded: No\n\nStreamed: No\n \nlive performance using Kragen's Pytebeat LOCATION:Bar Area END:VEVENT BEGIN:VEVENT SUMMARY:Hacker Jeopardy (Finals) DTSTART:20180821T210000Z DTEND:20180821T220000Z DTSTAMP:20260407T051557Z UID:15348852-0011-1915-727c-e24962d4bcd9 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/hacker-jeopardy -finals/\n\nSpeaker(s): BornHack\n\nRecorded: No\n\nStreamed: No\n\nThe wi nner teams from the first round competes in one final battle of jeopardy. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:State of the network DTSTART:20180822T090000Z DTEND:20180822T100000Z DTSTAMP:20260407T051557Z UID:15349284-0011-188d-b1d6-c2b52ec4954a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/state-of-the-ne twork/\n\nSpeaker(s): Kramse aka Henrik Kramshøj\n\nRecorded: Yes\n\nStre amed: Yes\n\nCome and meet the network team who will talk about the design and operation of the network at BornHack. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Ulovlig Logning: T-shirt tryk 👁️ DTSTART:20180822T090000Z DTEND:20180822T100000Z DTSTAMP:20260407T051557Z UID:15349284-0016-229a-f38d-16b589f4820a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/ulovlig-logning -t-shirt-tryk/\n\nSpeaker(s): Foreningen imod Ulovlig Logning\n\nRecorded: No\n\nStreamed: No\n\nKom forbi Labitat teltet og få trykt Ulovlig Logni ngs logoet 👁️ på din egen trøje/t-shirt/tøj.\nEller doner 200\,- o g få en T-shirt med logoet\, der er flere forskellige designs at vælge i mellem.\n\nDonations beløbet går ubeskåret til retssagen imod ulovlig l ogning. LOCATION:External END:VEVENT BEGIN:VEVENT SUMMARY:Libreboot flashing ^_^ Replicant installation DTSTART:20180822T090000Z DTEND:20180822T120000Z DTSTAMP:20260407T051557Z UID:15349284-0013-1604-89b5-3a34a11424e9 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/libreboot-flash ing-_-replicant-installation/\n\nSpeaker(s): marco\n\nRecorded: No\n\nStre amed: No\n\nMost users are not aware that lower levels of the software in their computer have privileged and unmanaged access to the hardware. That is why it's a matter of both freedom and privacy to have free drivers\, fr ee firmware and free BIOS running on your computer. \n\n•?((¯°·..• ţ€ȼhɲ๏€ţhɨȼąℓ •..·°¯))؟•\n\nDuring this workshop a volunteer of Technoethical will show you how to install Libreboot\, a full y free BIOS. If you have any Libreboot-compatible device\, you can bring i t for the installation.\n\n•?((¯°·..• ţ€ȼhɲ๏€ţhɨȼąℓ •..·°¯))؟•\n\nI am Marco\, I volunteer for Technoethical since not long ago and I have limited skills in this field atm. So far I have flash ed Libreboot only on these laptops: Lenovo X200 and Lenovo T400\, and hav e assisted with flashing a Lenovo X200s that is the laptop I currently use . Flashing on the X200s requires soldering wires on the flash chip and it' s beyond the scope of this workshop.\n\nI haven't tried a lot of smartphon es with Replicant as an OS\, but from my experience I can suggest you the Samsung Galaxy Note 2 (N7100)\, and the Samsung Galaxy S3 (I9300).\n\nAt t he workshop I will bring Technoethical WiFi mPCIe cards 100% compatible wi th free GNU/Linux-libre distributions and endorsed by the FSF.\n\n•?((¯ °·._.• ℓɨβя€β๏๏ţ •._.·°¯))؟•\n\nIn this workshop: *Libreboot flashing *Replicant installation *F-Droid\n\n•?((¯°·._. • я€ρℓɨȼąɲţ •._.·°¯))؟•\n\n\nTechnoethical is a free software project focused on compatible hardware. Headquartered in Romania and with members in countries on three different continents\, our project is mainly supported through worldwide sales of hardware compatible and pre -installed with completely libre OS/BIOS.\n\nWe are proud to have the larg est catalog of over 15 hardware products certified by the Free Software Fo undation to Respect Your Freedom. Richard Stallman himself has chosen Tech noethical for his computer\, a ThinkPad T400s liberated by us. This is our flagship product and currently the most modern x86_64 laptop to work with a fully free BIOS.\n\nOur international team is regularly invited to free software conferences around the globe to deliver workshops on how to libe rate computers and smartphones. If you like our work\, you can visit our w ebsite technoethical.com. To get in touch\, send an e-mail to info@technoe thical.com. LOCATION:Workshop Rooms END:VEVENT BEGIN:VEVENT SUMMARY:Lunch break DTSTART:20180822T100000Z DTEND:20180822T110000Z DTSTAMP:20260407T051557Z UID:15349320-0015-1844-bdb0-136a43b4ac9a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/lunch-break/\n\ nSpeaker(s): BornHack\n\nRecorded: No\n\nStreamed: No\n\nLunch break. LOCATION:Food area END:VEVENT BEGIN:VEVENT SUMMARY:Onion Bandwidth Scanner DTSTART:20180822T110000Z DTEND:20180822T120000Z DTSTAMP:20260407T051557Z UID:15349356-0011-1826-f0af-83f324444989 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/onion-bandwidth -scanner/\n\nSpeaker(s): juga\n\nRecorded: No\n\nStreamed: No\n\nTor bandw idth authorities run bandwidth scanners to measure the relays' bandwidth c apacity in the Tor network. They send their results to the directory autho rities\, which use them to calculate the bandwidth weights of the relays\, which influences how clients choose paths through the network.\nTherefore \, bandwidth measurements play an important role in the performance and se curity of the Tor network.\n\nIn this talk\, we will cover (roughly) :\n- issues with the current bandwidth scanner\n- other implementations\n- othe r approaches\n- the new bandwidth scanner\n- bandwidth stuff in tor-core\n - comparative result graphs\n- what else we could do?\n- your ideas on pos sible attacks\n- your ideas or questions LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:The analogization council DTSTART:20180822T120000Z DTEND:20180822T130000Z DTSTAMP:20260407T051557Z UID:15349392-0011-1614-30e4-526b07b452ea DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/the-analogizati on-council/\n\nSpeaker(s): Anders Kjærulff\n\nRecorded: Yes\n\nStreamed: Yes\n\nTHE ANALOGIZATION COUNCIL - in the summer of 2018 three men formed a new think tank\, analogiseringsstyrelsen.dk.\n\nThe idea is to counter t he current digitalization-frenzy of the danish state\,reversing the syntax to promote a more analog world.\n\nThe Analogisation Council belives ther e is great potential in analogue technology\, and we believe in a future w here people will meet more\, interact more and touch more without the dist raction of digital technologies.\n\nHow will this future look like? Anders Kjærulff\, one of the three founders\, will give you a peek into a world of infinite possibilities. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:WhatTheHelmet DTSTART:20180822T130000Z DTEND:20180822T150000Z DTSTAMP:20260407T051557Z UID:15349428-0013-151e-4474-6e2a95c4a7c9 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/whatthehelmet/\ n\nSpeaker(s): Moem\n\nRecorded: No\n\nStreamed: No\n\nLife is dangerous\, protect yourself! But do it in style. This workshop will teach you how to change a normal\, boring hard hat / builder's helmet into a super cool\, metal like cyberpunk helmet. It can look like rusty iron\, pewter\, bronze or copper and it can have letters or logos of your own design. Your frien ds will envy you and wonder how you suddenly got so cool and crafty.
\ nThe workshop consists of two parts: in the first\, we prepare the helmet for painting\, add faux welding seams\, rivets\, and other 3D decorations. Then we paint it. In the second part\, we add the metal look for extra sh inies. If you want to use weird objects\, electronics or gears... bring th em.
\nThere is a 38 DKK fee for materials\, which covers the helmet it self and everything else. It's possible (and probably lots of fun) for a p arent and a child to work on a helmet together. LOCATION:Workshop Rooms END:VEVENT BEGIN:VEVENT SUMMARY:Knitting sweatshop DTSTART:20180822T130000Z DTEND:20180822T140000Z DTSTAMP:20260407T051557Z UID:15349428-0012-2305-b0ed-22891eb491da DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/knitting-sweats hop/\n\nSpeaker(s): Reynir\n\nRecorded: No\n\nStreamed: No\n\nIn this work shop we learn some basic knitting techniques sufficient for making a small butterfly / bowtie / time glass looking piece\, namely cast on\, purl kni t\, decreasing\, increasing\, and (hopefully) finishing off. These techniq ues can be used to keep 9-year old kids quiet and for generating extremely small profits with big time commitments.\n\nWe will be using cotton yarn with inexpensive bamboo grill spits. LOCATION:Bar Area END:VEVENT BEGIN:VEVENT SUMMARY:Introducing Certgrinder DTSTART:20180822T130000Z DTEND:20180822T140000Z DTSTAMP:20260407T051557Z UID:15349428-0011-1401-49f4-444b5a045149 DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/introducing-cer tgrinder/\n\nSpeaker(s): Thomas Steen Rasmussen\n\nRecorded: Yes\n\nStream ed: Yes\n\nCertgrinder is a LetsEncrypt SSH proxy which allows administrat ors to handle LetsEncrypt ACME challenges on a central server rather than on the individual servers which need the certificates. This software has c ome a long way since the lightning talk at BornHack 2017. It is written in Python and recently reached version 1.0.\n\nCertgrinder handles certifica tes for the BornHack infrastructure\, UncensoredDNS and more. \n\nThe talk will cover the basic principles of operation\, getting started\, and what kind of issues you might encounter. LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:My list of the first things to do as a windows admin to making lif e harder for redteam/hackers DTSTART:20180822T140000Z DTEND:20180822T150000Z DTSTAMP:20260407T051557Z UID:15349464-0011-155b-bd8c-7388c0d4816a DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/my-list-of-the- first-things-to-do-as-a-windows-admin-to-making-life-harder-for-redteamhac kers/\n\nSpeaker(s): Flemming Riis\n\nRecorded: Yes\n\nStreamed: Yes\n\nth e talk will go through some steps to help defenders in a windows infrastuc ture \, majority of the talk will suggest open source or free tools\n\ntop 10 things of what not to do \, and what we see today\n\nWhat we should be doing\n\nABC = Always be Current ( or at least close)\nReducing attack s urface on endpoints \nGetting started with application allow/deny on clien ts and servers\nGoing after the right targets first Admins/C Level/Legal/H R/Engineering/Company IP\nCentral Logging with open source tooling\nPasswo rd Rotation on endpoints\nUsing the Windows Firewall LOCATION:Speakers Tent END:VEVENT BEGIN:VEVENT SUMMARY:Goodbye World DTSTART:20180822T150000Z DTEND:20180822T160000Z DTSTAMP:20260407T051557Z UID:15349500-0011-1701-503a-2974a494ce7b DESCRIPTION:URL: https://bornhack.dk/bornhack-2018/program/goodbye-world/\ n\nSpeaker(s): BornHack\n\nRecorded: Yes\n\nStreamed: Yes\n\nBornHack is a lmost over at this point. We would like to say farewell for now and see yo u again at the next event.\n\nWe will walk over what we believe has worked and what we believe should change the next event. This is an excellent op portunity to submit ideas for BornHack 2019 while the memories are still f resh. LOCATION:Speakers Tent END:VEVENT END:VCALENDAR