newline
0x20 \n

tl_dr()

Friday 18h00 - 03h00

  • Retro games, arcade and music night We'll set up some old consoles, arcades and much more!

Saturday 13:00 - 02:00

Talks & Presentations

  • 13:15 - 13:30; Welcome! An introduction of the Hackerspace and Newline!
  • 13:30 - 14:00; From hacker enthousiast to professional pentester in one year. In november 2015 we started a small clandestine hackerspace in Antwerp with a couple of friends. Every week would come together, share our views and work on projects. One year later we have been engaged as professional pentesters by the City of Antwerp. During the talk I'll explain a bit about our learning process and our experiences.
  • 14:45 - 15:15; Place.Guru Place.Guru is a free to use progressive web app to communicate places. (maybe the best on the web) The app permits you to create and share (a list of) places in a jiffy. Since neutrallity rules, the user defines the purpose. March 2016 we demonstrated the beta version of the app. Today we show the progress, we share our story, and explore with you the future of place.guru!
  • 15:45 - 16:45; HEIST: HTTP Encrypted Information Can be Stolen through TCP-Windows Over the last few years, a worryingly number of attacks against SSL/TLS and other secure channels have been discovered. Fortunately, at least from a defenders perspective, these attacks require an adversary capable of observing or manipulating network traffic. This prevented a wide and easy exploitation of these vulnerabilities. In contrast, we introduce HEIST, a set of techniques that allows us to carry out attacks against SSL/TLS purely in the browser. More generally, and surprisingly, with HEIST it becomes possible to exploit certain flaws in network protocols without having to sniff actual traffic. HEIST abuses weaknesses and subtleties in the browser, and the underlying HTTP, SSL/TLS, and TCP layers. Most importantly, we discover a side-channel attack that leaks the exact size of any cross-origin response. This side-channel abuses the way responses are sent at the TCP level. Combined with the fact that SSL/TLS lacks length-hiding capabilities, HEIST can directly infer the length of the plaintext message. Concretely, this means that compression-based attacks such as CRIME and BREACH can now be performed purely in the browser, by any malicious website or script, without requiring network access. Moreover, we also show that our length-exposing attacks can be used to obtain sensitive information from unwitting victims by abusing services on popular websites. Finally, we explore the reach and feasibility of exploiting HEIST. We show that attacks can be performed on virtually every web service, even when HTTP/2 is used. In fact, HTTP/2 allows for more damaging attack techniques, further increasing the impact of HEIST. In short, HEIST is a set of novel attack techniques that brings network-level attacks to the browser, posing an imminent threat to our online security and privacy.
  • 17:15 - 18:15; Oops, I broke my API Breaking an API is a pain for many users, so you’d better have good arguments when you decide to do so. In this talk, we'll weigh different arguments against and in favor of API changes.
    • 1. Which arguments are valid and which arguments should be rejected?
    • 2. Should developers go for the short pain when they face a situation where an API change is necessary to solve a problem,

      Workshops

      or should they postpone the API change by introducing workarounds?
    • 3. How can you avoid that users migrate to another product instead of to the newer version of your own product?
    • 4. Which strategies can be used to introduce a new API?
    This thought-provoking talk is aimed at developers of SDKs and software libraries.
  • 19:15 - 19:45; Keep talking and nobody explodes contest!
  • 19:45 - 20:15; Introduction to Intel SGX Intel Software Guard Extensions is an Intel technology for application developers who are seeking to protect select code and data from disclosure or modification. Intel SGX makes such protections possible through the use of enclaves, which are protected areas of execution. Application code can be put into an enclave by special instructions and software.
  • 20:45 - 21:45; Wireless Belgium An introduction about Community based WAN (ISP) and LoRaWAN technology.
  • 22:15 - 02:00; Lightning Talks Anyone has the chance to present a 5 or 10 minut talk.
    Just show up if you have something interesting/entertaining.

Workshops

Much more!

Sunday 13:00 - 20:00

Workshops: no skills required

  • Lockpicking The workshop starts off with a short introduction of lock types, general safety measures and the ways to bypass or pick a lock. After this we do the lockpicking itself. We have locks and lockpicks everybody can use!
  • ESP32 introduction workshop The ESP32 is a micro-controller with a WiFi transmitter. During this hands-on workshop the capabilities of the device will be explained and explored. The aim is to first get the Arduino-based development environment running. Subsequently, we will build a TCP client that sends data over WiFi. Next we will try to recieve messages and finally a mesh-nework of ESP32's will be constructed. The workshop will feature the Sparkfun ESP32 Thing, which features a charging circuit. The devices will be up for sale. Please fill out this form to express your interest.
  • foodhacking; hacking the Belgian food traditions: go veggie! You care for our planet but you also love traditional (Belgian) dishes? Don't worry! In this demo I let you taste the most common vegetarian replacement foods and show you the use in different dishes. Bring your laptop/notebook if you want to take notes.
  • How Bitcoin works - a technical view This talk aims to explain Bitcoin from a technical/IT viewpoint. Expect bits, bytes and a bit of crypto; analogies will be shunned. After the talk you should know how bitcoins are created, how transactions are made and how the scripting language in Bitcoin works.
  • Arduino as input device Certain Arduino devices (like Leonardo and Due) have native USB support, and they can be used to emulate any USB device. This will show you how to implement input devices like keyboards, mice, joysticks and MIDI devices.
  • Open Source sucks! Open Source suck balls, so why TF is almost every company doing it?
  • LEGO Robotics Want to build and control a Robot? In this workshop you learn how to program your LEGO robot!
  • Lockpicking The workshop starts off with a short introduction of lock types, general safety measures and the ways to bypass or pick a lock. After this we do the lockpicking itself. We have locks and lockpicks everybody can use!
  • Art through destruction of Data An introduction to the art form known as glitch art, that will go over a few of the basic techniques used to create it.
    "Glitch art is the practice of using digital or analog errors for aesthetic purposes by either corrupting digital data or physically manipulating electronic devices."
    In this workshop you will learn:
    Hexediting: Breaking files through maually going into the data and editing it.
    Sonification: Ever wanted to hear how a jpg sound and see what it looks like when a reverb or delay is put on it?
    Processing: Emulation the real glitches by accesing the pixel data with the processing framework.
    Datamoshing: Breaking video files through manipulation of i-frames and p-frames
    And probably some other techniques, who knows.

Much more!

FAQ

  • Price? Free!
    (you do have to pay for the drinks at the bar but that's how we pay our rent)
  • Can I bring my own food? Yes, but we also provide snacks and warm meals (meat/vegetarian)
  • Where can I sleep? Send us a mail at info@0x20.be and we'll tell you about some options (free/cheap/...)
  • Where is Newline and how do I get there? Blekerijstraat 75 Gent, room 1.21
    Multiple busses and trams at walking distance.
    10 minutes walking from Ghent Dampoort train station.
    Parking: in the streets nearby, free after 19h and on Sundays.
    Look for the signs once you're at number 75.

Google Map of Blekerijstraat 75, 9000 Gent, Belgium