Friday 18h00 - 03h00
- Retro games, arcade and music night
We'll set up some old consoles, arcades and much more!
Saturday 13:45 - 02:00
- 13:45 - 14:00; Welcome!
An introduction of the Hackerspace and Newline!
- 14:45 - 15:15; Place.Guru
Place.Guru is a free to use progressive web app to communicate places. (maybe the best on the web) The app permits you to create and share (a list of) places in a jiffy. Since neutrality rules, the user defines the purpose.
March 2016 we demonstrated the beta version of the app. Today we show the progress, we share our story, and explore with you the future of place.guru!
- 15:45 - 16:45; HEIST: HTTP Encrypted Information Can be Stolen through TCP-Windows
Over the last few years, a worryingly number of attacks against SSL/TLS and other secure channels have been discovered.
Fortunately, at least from a defenders perspective, these attacks require an adversary capable of observing or manipulating network traffic.
This prevented a wide and easy exploitation of these vulnerabilities.
In contrast, we introduce HEIST, a set of techniques that allows us to carry out attacks against SSL/TLS purely in the browser.
More generally, and surprisingly, with HEIST it becomes possible to exploit certain flaws in network protocols without having to sniff actual traffic.
HEIST abuses weaknesses and subtleties in the browser, and the underlying HTTP, SSL/TLS, and TCP layers.
HEIST: HTTP Encrypted Information Can be Stolen through TCP-Windows Most importantly, we discover a side-channel attack that leaks the exact size of any cross-origin response.
This side-channel abuses the way responses are sent at the TCP level.
Combined with the fact that SSL/TLS lacks length-hiding capabilities, HEIST can directly infer the length of the plaintext message.
Concretely, this means that compression-based attacks such as CRIME and BREACH can now be performed purely in the browser, by any malicious website or script, without requiring network access.
Moreover, we also show that our length-exposing attacks can be used to obtain sensitive information from unwitting victims by abusing services on popular websites.
Finally, we explore the reach and feasibility of exploiting HEIST. We show that attacks can be performed on virtually every web service, even when HTTP/2 is used.
In fact, HTTP/2 allows for more damaging attack techniques, further increasing the impact of HEIST.
In short, HEIST is a set of novel attack techniques that brings network-level attacks to the browser, posing an imminent threat to our online security and privacy.
- 17:15 - 18:15; Oops, I broke my API
Breaking an API is a pain for many users, so you’d better have good arguments when you decide to do so. In this talk, we'll weigh different arguments against and in favor of API changes.
This thought-provoking talk is aimed at developers of SDKs and software libraries.
- 1. Which arguments are valid and which arguments should be rejected?
- 2. Should developers go for the short pain when they face a situation where an API change is necessary to solve a problem,
or should they postpone the API change by introducing workarounds?
- 3. How can you avoid that users migrate to another product instead of to the newer version of your own product?
- 4. Which strategies can be used to introduce a new API?
- 19:15 - 19:45; Keep talking and nobody explodes contest!
- 19:45 - 20:15; Introduction to Intel SGX
Intel Software Guard Extensions is an Intel technology for application developers who are seeking to protect select code and data from disclosure or modification. Intel SGX makes such protections possible through the use of enclaves, which are protected areas of execution. Application code can be put into an enclave by special instructions and software.
- 20:45 - 21:45; Wireless Belgium
An introduction about Community based WAN (ISP) and LoRaWAN technology.
- 22:15 - 02:00; Lightning Talks
Anyone has the chance to present a 5 or 10 minut talk.
Just show up if you have something interesting/entertaining.
- 13:45 - 14:45; Lockpicking
The workshop starts off with a short introduction of picking a lock. After this we do the lockpicking itself. We have locks and lockpicks everybody can use!
- 15:30 - 17:30; ESP32 introduction workshop
The ESP32 is a micro-controller with a WiFi transmitter. During this hands-on workshop the capabilities of the device will be explained and explored. The aim is to first get the Arduino-based development environment running. Subsequently, we will build a TCP client that sends data over WiFi. Next we will try to recieve messages and finally a mesh-nework of ESP32's will be constructed.
The workshop will feature the Sparkfun ESP32 Thing, which features a charging circuit. The devices will be up for sale. Please fill out this form to express your interest.
- 18:00 - 19:00; Soldering
New to soldering, or starting out and looking for some advice? Experienced but feeling like some practice? Everyone's welcome for this workshop where we'll go over the basics quickly before giving everybody a chance to build a kit or maybe have a go at some prototyping or surface mount techniques. No knowledge required. All materials are provided and free.
Sunday 13:00 - 20:00
- 13:30 - 13:45; Arduino as input device
Certain Arduino devices (like Leonardo and Due) have native USB support, and they can be used to emulate any USB device. This will show you how to implement input devices like keyboards, mice, joysticks and MIDI devices.
- 14:15 - 15:15; foodhacking; hacking the Belgian food traditions: go veggie!
You care for our planet but you also love traditional (Belgian) dishes? Don't worry! In this demo I let you taste the most common vegetarian replacement foods and show you the use in different dishes. Bring your laptop/notebook if you want to take notes.
- 15:45 - 16:45; How Bitcoin works - a technical view
This talk aims to explain Bitcoin from a technical/IT viewpoint.
Expect bits, bytes and a bit of crypto; analogies will be shunned.
After the talk you should know how bitcoins are created, how transactions are made and how the scripting language in Bitcoin works.
- 16:55 - 17:45; Dustproof, measuring pollution caused by fine dust.
Using Arduino and ESP based hardware to measure the pollution caused by fine dust in your neighborhood. Using crowd based sensor data to influence policy makers.
- 17:55 - 18:25; Open Source sucks!
Open Source suck balls, so why TF is almost every company doing it?
- 18:45 - 19:45; Security Talk
An interesting person presenting some interesting facts.
- 14:00 - 16:00; Using Git, or "don't fear the Merge"
All developers have heard of Git. Many have seen it. Some have used it. A few actually understand it.
This workshop is for us mortals: what is Git? How do you use it?
Join this workshop for examples, discussions and more on Git!
- 16:30 - 19:30; Art through destruction of Data
An introduction to the art form known as glitch art, that will go over a few of the basic techniques used to create it.
"Glitch art is the practice of using digital or analog errors for aesthetic purposes by either corrupting digital data or physically manipulating electronic devices."
In this workshop you will learn:
Hexediting: Breaking files through maually going into the data and editing it.
Sonification: Ever wanted to hear how a jpg sound and see what it looks like when a reverb or delay is put on it?
Processing: Emulation the real glitches by accesing the pixel data with the processing framework.
Datamoshing: Breaking video files through manipulation of i-frames and p-frames
And probably some other techniques, who knows.
- 20:00 - 21:00; LEGO Robotics
Want to build and control a Robot? In this workshop you learn how to program your LEGO robot!
(you do have to pay for the drinks at the bar but that's how we pay our rent)
- Can I bring my own food?
Yes, but we also provide snacks and warm meals (meat/vegetarian)
- Where can I sleep?
Send us a mail at firstname.lastname@example.org and we'll tell you about some options (free/cheap/...)
- Where is Newline and how do I get there?
Blekerijstraat 75 Gent, room 1.21
Multiple busses and trams at walking distance.
10 minutes walking from Ghent Dampoort train station.
Parking: in the streets nearby, free after 19h and on Sundays.
Look for the signs once you're at number 75.