38c3 - 38th Chaos Communication Congress

1. I know, this is bit much delayed post for topics like this. Sorry for that. But I checked following clips in detail. Yet these are all topics, which are going to persist and evolve, so the information itself and generic knowledge doesn't expire soon or instantly after the news release.

2. Breaking NATO Radio Encryption (@ media.ccc.de) - Tradition goes on. No wonder radio communications are being monitored everywhere. Even if encrypted, it won't help in all cases.

3. Fearsome File Formats - (@ media.ccc.de) - In some cases, it's just easiest to pickle the object gunk from memory to a file. It is then what it is. I do get the "memory dump" approach very well. As well as empty files. I just had argument on Matrix dev channel, if it's a bug, that Matrix can't handle empty file attachments. - kw: Binary, Executable, Polyglot, Mitra, KeyCom, Collision, Magika, Code Injection, Data Injection

4. State of Surveillance: A year of digital threats to civil society  (@ media.ccc.de) - Whoa, this was one of the best talks sofar. Well, as we know, nothing is safe, this just outlined it really well. kw: NSO Group, Amnesty International Security Lab, Intellexa, FinFisher, Wintego, Novispy, Candiru, Cellebrite

5. Reticulum: Unstoppable Networks for The People (@ media.ccc.de) - Excellent stuff, pointing out the obvious! Many "cloud native users" do not think about anything at all. But this is the talk which mostly make me thought, that I should check this stuff out. previous talks were just like, well, uh oh, acknowledged nothing new. - I've been asking these same questions over and over again. So good stuff, that I really have to link this: reticulum.network (@ reticulum.network ). Gotta study it bit more later. - Strongly reminds me from BitMessage, but in this case it got the routing part implemented properly.

6. Something not so different? I've got highly refined security rules for different domains, but the x.com / twitter.com mess is just ridiculous. It reminds me from companies like Microsoft which got total domain bleeping bleep show! You'll never know where you're being redirected and if it's authentic or not, without taking significant effort and even then you can't be absolutely sure. - But they've them selves created that mess. Can't blame the users for that.

2025-09-07