0.24 39c3 2025-12-27 2025-12-30 4 00:05 https://pretalx.riat.at Europe/Berlin CDC Triangle Talk 2025-12-27T11:00:00+01:00 11:00 00:10 Welcome and presentation of the CDC. 39c3-121-intro-to-the-critical-decentralization-cluster Diego Salazar en false https://pretalx.riat.at/39c3/talk/Z9FEAG/ https://pretalx.riat.at/39c3/talk/Z9FEAG/feedback/ CDC Triangle Talk 2025-12-27T11:10:00+01:00 11:10 00:40 Electronic hacker badge for the Critical Decentralization Cluster, featuring the TROPIC01 secure element with an ESP32-S3 microcontroller. Meant to be used for workshops and prototyping. It can also be worn as a mobile badge. Features an e-paper display with frontlight, a JST connector for single-cell LiPo batteries and a 12-button keypad. Designed with KiCad and released as open-hardware. https://github.com/riatlabs/cdc-badge 39c3-129-the-cdc-badge-conference-badge-devboard-with-tropic01-and-esp32-s3 dlludPavel Polachbobotronic en false https://pretalx.riat.at/39c3/talk/TJXALG/ https://pretalx.riat.at/39c3/talk/TJXALG/feedback/ CDC Triangle Workshop 2025-12-27T12:00:00+01:00 12:00 02:00 Learn modern OpenPGP with the new RFC 9580 and Sequoia’s sq CLI. In two hours you’ll generate a v6 certificate, create a revocation cert, and practice daily ops: encrypt/decrypt, sign/verify, and publish via WKD/keyservers. We’ll cover Web-of-Trust basics (link vs vouch, trusted introducers, approvals) and note a GnuPG/v4 compatibility path. Optional: quick smart-card demo. Bring: laptop with terminal, email address; Sequoia sq preferred. 39c3-61-openpgp-2025-zero-hero darko en false https://pretalx.riat.at/39c3/talk/FGHX77/ https://pretalx.riat.at/39c3/talk/FGHX77/feedback/ CDC Triangle Talk 2025-12-27T14:00:00+01:00 14:00 00:30 This session looks at where open hardware is heading, starting from recent ground up developments at FOSSASIA and extending to global trends across the open hardware community. With perspectives from FOSSASIA developers and open hardware experts, it explores decentralised collaboration, open silicon and firmware stacks, manufacturing realities, and how openness can be sustained at scale. 39c3-105-what-s-next-with-open-hardware-at-fossasia-and-beyond Mario Behling en In 2025, teams at FOSSASIA initiated several open hardware projects developed entirely from the ground up, including a new ARM based Pocket Science Lab, an updated LED Badge platform, and an NFC powered ePaper badge enabling energy independent content transfer. However, this session goes beyond a project update. It situates these developments within a wider global movement of open hardware initiatives across Asia, Europe, and other regions. Drawing on experiences from FOSSASIA as well as broader perspectives from the international open hardware community, the talk examines where open hardware is heading as a decentralised, collaborative practice. With input from international experts and community contributors, the session will explore trends emerging, including evolving manufacturing models, open silicon and firmware stacks, supply chain resilience, and the realities of sustaining openness at scale. false https://pretalx.riat.at/39c3/talk/ZPV3UT/ https://pretalx.riat.at/39c3/talk/ZPV3UT/feedback/ CDC Triangle Workshop 2025-12-27T14:30:00+01:00 14:30 02:00 Build your own open-source Bitcoin signing device with a Raspberry Pi Zero, camera and display! We have kits for 45€ 39c3-135-seedsigner-diy-bitcoin-signing-device-build-workshop /media/39c3/submissions/MMHXLC/Make-Your-Own-Case_1pFeL4l.png freerk en Seedsigners are open-source DIY signing devices which can be built using "normal" hardware like a Raspberry Pi and act as kind of hardware wallets to sign Bitcoin transactions. Since the hardware is missing a secure element chip, the keys are saved externally, usually via self-drawn QR-codes which are read again for every use via the build-in camera. We brought a few kits with us which we sell for 45€ and build together. We will solder the 40pin GPIO header to the Raspberry Pi Zero, flashing the firmware on the MicroSD card and then build everything together in the 3d-printed enclosure. The kit includes: Raspberry Pi Zero 1.3 (without Wifi or Bluetooth chip), GPIO-header to solder Display-Hat with joystick and buttons Camera 64GB MicroSD card MicroUSB to USB-C cable 3D printed enclosure 6 printed templates for self-drawn QR-Codes false https://pretalx.riat.at/39c3/talk/MMHXLC/ https://pretalx.riat.at/39c3/talk/MMHXLC/feedback/ CDC Triangle Workshop 2025-12-27T16:30:00+01:00 16:30 01:00 Free/libre software promotes users' rights, safeguards privacy, individual control over technology and fosters autonomy and decentralisation within our communities. In contrast, proprietary software limits user freedoms leading to centralised monopolies that often misuse their power to oppress and exploit. This imbalance can result in malware, degradation of privacy and service enshitification. Unfortunately, many remain unaware of the unjustices created by proprietary software, but increased awareness and shift towards free software can fuel resistance. Replacing of proprietary software is a crucial first step to liberate users, yet many need support to make this transition successfully. Workshops for system installation, repair centres and tech-savvy friends can offer essential assistance. However, what is the most effective way to offer this support? Which software should be recommended and how to engage the novice users while minimising the challenges associated with the transition? In this workshop we aim to discuss possible strategies of providing information on the path to software freedom. We will examine the installation process and ongoing use of free software within our circles. Key topics will include sparking interest in free distributions, selecting ideal software configuration, and exploring various forms of assistance during installation. Additionally, we'll address onboarding into the new system and troubleshooting potential issues. Finally, we hope to gather and share ideas on streamlining the process for everyone involved. 39c3-109-software-liberation-toolbox-exchange Zebra en false https://pretalx.riat.at/39c3/talk/SZWNVV/ https://pretalx.riat.at/39c3/talk/SZWNVV/feedback/ CDC Triangle Talk 2025-12-27T17:30:00+01:00 17:30 00:30 The right to respect for digital integrity is an emerging right to protect people's digital lives. This talk will introduce this new legal concept, its possible implications for data protection and how this concept is being introduced in the current legal framework. The talk will also be an update of the implementation work with the adoption of the right in the Constitution of Geneva voted with 94% approval rate on the 18th of June 2023 and with 91% in Neuchâtel in November 2024. Zurich will be voting in November 2025. 39c3-59-update-2025-digital-integrity-of-the-human-person-a-new-fundamental-right- Alexis Roussel en Every human evolves today in multi-dimensional physical and digital environment. If each individual is to keep its individuality and autonomy in its choices, it must be protected and given effective tools to defend its own autonomy. Recognizing that human life has been digitally extended must question ourselves on what makes us human today. Should personal data be considered as component of the person, rather than objects that can be owned by whoever collects that data? Should our digital integrity be protected? If each human person already has a right to physical and mental integrity (Swiss Constitution article 10 al.2), shouldn’t it have a right to digital integrity? Alexis Roussel has been co-authoring a book on the right to Digital Integrity. He is an advocate in digital public policies in Switzerland. false https://pretalx.riat.at/39c3/talk/ENXTHG/ https://pretalx.riat.at/39c3/talk/ENXTHG/feedback/ CDC Triangle Talk 2025-12-27T18:25:00+01:00 18:25 00:05 What went on and what is coming next. 39c3-123-recap-and-precap-of-critical-decentralization-cluster-sessions Diego Salazar en false https://pretalx.riat.at/39c3/talk/BUTR3W/ https://pretalx.riat.at/39c3/talk/BUTR3W/feedback/ CDC Triangle Talk 2025-12-27T18:30:00+01:00 18:30 00:30 Digital identity is sold as a path to trust, inclusion, and "digital empowerment." In practice, it is a brittle control surface: a set of design choices that decide who is seen, who is excluded, and who can be targeted at scale. Born from a landmark research project, _The Digital Identity Event Horizon_, this talk describes the 2025 "mask-off moment" for digital identity: the point where multiple comforting narratives collapse and the core use of identity systems as population-management infrastructure becomes hard to deny. Using short vignettes from New Design Congress case-study work (Estonia, the US, Australia, Gaza, and others), it shows how ambiguity, vendor incentives, and governance theatre turn identity into fraud-permissive, coercion-ready infrastructure In response to this decline, this talk concludes proposes a working model of the digital self as a socio-technical system with six properties: serialisation, custodianship, presentation, authentication, authorisation, and assetisation, and offers new framing and threat models to help understand how digital identity creates brittle societies. 39c3-110-the-mask-off-moment-for-digital-identity /media/39c3/submissions/ZPSSNE/ndc_digital_identity-lq_G7MC1GU.png Cade Diehm en Despite decades of cryptography, security practice, and best practice deployment, digital identity remains the weakest link in systems design because its core terms stay vague while its consequences are concrete. What does it actually take to assemble a digital identity? What do different implementations share, even when they claim to be radically different? And what happens when those definitions are left elastic enough to serve whoever holds power? "The mask-off moment" tracks the convergence of capability (biometrics, sensors, AI triage, mass digitisation), institutional incentives (risk scoring, eligibility gates, compliance automation), and political will. The result is an emerging form of bureaucratic violence we are not prepared to name, much less govern. This talk traces how digital identity became weapon-ready through optimistic framing and opportunistic ambiguity, then offers a concrete frame to interrogate any proposal: what it will do on its best day, what it will do on its worst day, and which parts of the system will be impossible to “add accountability to later.” The intended audience is policymakers, technologists, designers, and civil-society people who are tired of vague promises and want a usable model that survives contact with reality. false https://pretalx.riat.at/39c3/talk/ZPSSNE/ https://pretalx.riat.at/39c3/talk/ZPSSNE/feedback/ CDC Triangle Talk 2025-12-27T19:00:00+01:00 19:00 00:30 This talk will cover Z-Wave (an a bit of Zigbee and Matter) security mechanisms as well as different attack vectors on a Z-Wave network and describe how the protocol evolved to mitigate those threats. Many smart homes are still vulnerable to the described attacks. 39c3-133-breaking-into-wireless-smart-homes-z-wave-example PoltoS en You will learn: - security mechanisms and algorithms used in modern IoT smart home and smart building protocols and how they evolved, - various ways to break existing Z-Wave networks (DDOS or key stealing during inclusion), - new features in Z-Wave and Z-Wave Long Range protocol closing the described holes, false https://pretalx.riat.at/39c3/talk/7EKHXA/ https://pretalx.riat.at/39c3/talk/7EKHXA/feedback/ CDC Triangle Talk 2025-12-27T19:30:00+01:00 19:30 00:30 Namecoin has been used in the wild for years as a TLS Public Key Infrastructure, and using Tor onion services with TLS has been nearing deployment as well. But what kinds of other PKI wizardry can we do with Namecoin and Tor? 39c3-77-namecoin-and-tor-pki-2025 /media/39c3/submissions/39LAUG/namecoin-coin_1j2egNh.svg Jeremy Rand en Topics to be covered include: * How we can use Namecoin as a PKI with ~0 bytes of blockchain overhead. * How Namecoin's smart contract functionality (allowing multisig and timelocks to control updating a name) interacts with PKI use cases. * How we generalized Namecoin and Tor PKI to work with non-TLS protocols. * How revocations can be handled securely. * How we ensured anonymity (including Tor stream isolation) despite TLS implementations not providing API's for this. * How the anonymity protections actually *improved* performance. * How all of the above interoperates with existing software. false https://pretalx.riat.at/39c3/talk/39LAUG/ https://pretalx.riat.at/39c3/talk/39LAUG/feedback/ CDC Triangle Talk 2025-12-27T20:00:00+01:00 20:00 00:30 A walk-through of how to contribute to open source projects, with Stack Wallet, Monero, and Tor (Arti!) as examples. A quick guide to setting up development environments for each on Linux, macOS, and/or Windows, an update on where each project stands, and a list of big and small tasks to do for each. A "quickstart" guide for newcomers and a survey of outstanding TODOs for more experienced hands. 39c3-118-how-to-contribute-to-open-source-projects-stack-wallet-monero-tor-arti- Monero Joshua Babb en Starting with Tor and The Tor Project's new Rust project Arti (A Rust Tor Implementation), we'll walk through how to build, set up for development, and submit Pull Requests which have a good chance of being accepted. We'll proceed to Monero development, both for the original C++ codebase as well as the newer Cuprate project, a Rust Monero implementation, and what's coming for both. Finally, we'll look at how Stack Wallet incorporates and provides a UX for both Tor and Monero. false https://pretalx.riat.at/39c3/talk/9MBKDN/ https://pretalx.riat.at/39c3/talk/9MBKDN/feedback/ CDC Triangle Workshop 2025-12-27T20:30:00+01:00 20:30 02:00 This workshop will introduce mixnet technology as a tool to achieve network-level anonymity for internet traffic. We will see hands on how a mixnet works, where the idea came from, and discuss other strategies for protecting privacy online against state and corporate surveillance. 39c3-120--what-can-a-mixnet-do-strategies-for-network-level-anonymity- Alexis RousselCasey Ford en false https://pretalx.riat.at/39c3/talk/TGC97J/ https://pretalx.riat.at/39c3/talk/TGC97J/feedback/ CDC Triangle Talk 2025-12-28T10:50:00+01:00 10:50 00:10 Welcome and presentation of the CDC. 39c3-126-intro-to-the-critical-decentralization-cluster Diego Salazar en false https://pretalx.riat.at/39c3/talk/G7X9WM/ https://pretalx.riat.at/39c3/talk/G7X9WM/feedback/ CDC Triangle Talk 2025-12-28T11:00:00+01:00 11:00 00:20 Introduction to the TROPIC01 Open Source Secure Element and the CDC Badge. Kick-Off of the Workshop series at the Critical Decentralisation Cluster. 39c3-142-intro-to-tropicsquare-tropic01-workshops-at-cdc en false https://pretalx.riat.at/39c3/talk/PMUR9B/ https://pretalx.riat.at/39c3/talk/PMUR9B/feedback/ CDC Triangle Workshop 2025-12-28T11:20:00+01:00 11:20 01:00 Judith de Boer is leading the Alex Pertsev's legal defence team — fighting his "Alex could've thought that his code will be used by criminals, but still wrote it — so he's guilty of criminal conspiracy" verdict from a Dutch court. 39c3-114-open-legal-q-a-with-judith-de-boer-can-i-get-arrested-for-writing-code- Kirill en false https://pretalx.riat.at/39c3/talk/XFRQZQ/ https://pretalx.riat.at/39c3/talk/XFRQZQ/feedback/ CDC Triangle Workshop 2025-12-28T12:30:00+01:00 12:30 02:00 In this workshop we'll look at how iroh establishes p2p QUIC connections. Using holepunching to create direct connections where possible. Then we'll build on top of this by using the gossip protocol to build a group chat. 39c3-75-iroh-p2p-chat-over-gossip /media/39c3/submissions/SKBRPH/iroh-wordmark-purple_eeOv4Y2.svg Floris Bruynooghe en iroh is a library to establish direct connections between two peers. The workshop will start with an overview of how iroh works and what it provides. After this we'll explore establishing connections between two endpoints before progressing to using a gossip protocol to send messages to multiple peers. At the end we should have a simplistic group chat application. false https://pretalx.riat.at/39c3/talk/SKBRPH/ https://pretalx.riat.at/39c3/talk/SKBRPH/feedback/ CDC Triangle Workshop 2025-12-28T14:30:00+01:00 14:30 02:00 A deep dive into using Embedded I2P to seamlessly anonymize your applications 39c3-65-embedding-anonymity-directly-in-your-application Monero /media/39c3/submissions/JXG9XP/idk_IlsFAM6.png idk en Anonymity is more important than ever, and it's not an easy job. Our job is to make it easier! The I2P project is excited to demonstrate 2 new projects, the `go-i2p` and `emissary` embedded router projects. We'll look at how they work and why they're an easier, more accessible way of providing anonymity to your users than freestanding external services. Primary target audience is Go, Rust, and C developers, I2P library developers, and people working on anonymous P2P applications. false https://pretalx.riat.at/39c3/talk/JXG9XP/ https://pretalx.riat.at/39c3/talk/JXG9XP/feedback/ CDC Triangle Workshop 2025-12-28T16:30:00+01:00 16:30 01:00 Zero-knowledge proofs (ZKPs) are reshaping the landscape of privacy, scalability, and trust in decentralized systems. In this workshop, we’ll explore how ZKPs let one party convince another that a statement is true, without revealing anything else about it. We aim to demystify the core ideas behind interactive protocols, walk through modern ZKP constructions, and examine how they’re deployed in cryptocurrencies and modern privacy-preserving designs. Participants will leave with a clear understanding of how the "prove without revealing" paradigm is shaping blockchain technology, verifiable computation, and the next generation of cryptographic standards. 39c3-70-zero-knowledge-proofs-workshop Monero Freeman Slaughter en false https://pretalx.riat.at/39c3/talk/SANGLF/ https://pretalx.riat.at/39c3/talk/SANGLF/feedback/ CDC Triangle Talk 2025-12-28T17:30:00+01:00 17:30 00:30 [Radicle](https://radicle.xyz/) is an open source, peer-to-peer code collaboration stack built on Git. Unlike centralized code hosting platforms, such as GitHub or GitLab, there is no single entity controlling the network. Repositories are replicated across peers in a decentralized manner, and users retain sovereignty over their data and workflow. *Free your code!* 39c3-64-radicle-p2p-censorship-resistant-code-collaboration-based-on-git /media/39c3/submissions/CDSLJX/radicle_mvRS2xu_4bRQVgq.svg Lorenz Leutgeb en Today, much of the open-source ecosystem depends on a few centralized code forges, even though modern version control systems are designed with fully distributed collaboration in mind. This creates questionable dependencies with regards to governance and supply-chain security. In this talk, we explore an alternative: [Radicle](https://radicle.xyz/), a decentralized, peer-to-peer code collaboration stack built on Git, that empowers developers to work together while staying sovereign. Unlike traditional, centralized code forges that can impose censorship, Radicle ensures that each user retains control over their data, interactions, and collaboration, free from corporate influence. This aligns with broader movements toward decentralization, open-source software, and the democratization of internet services. We introduce the system, provide a progress update, and share what we are currently working on. Attendees gain a comprehensive understanding of Radicle’s technical architecture, its practical benefits for decentralized code collaboration, and how it contributes to a more autonomous and resilient future for open-source development. Find out more: - [FAQ of the project (radicle.xyz)](https://radicle.xyz/faq) - [*How we built a gossip layer and CRDT on top of Git* by Alexis Sellier at GitMerge 2024 (youtube.com)](https://www.youtube.com/watch?v=tsVa53SPIHc) - [Release Notes for 1.0 (radicle.xyz)](https://radicle.xyz/2024/09/10/radicle-1.0.html) - [radicle.zulipchat.com](https://radicle.zulipchat.com)d *Free your code!* false https://pretalx.riat.at/39c3/talk/CDSLJX/ https://pretalx.riat.at/39c3/talk/CDSLJX/feedback/ CDC Triangle Talk 2025-12-28T18:00:00+01:00 18:00 00:40 The Bitcoin security budget has profound implications for the long term security of Bitcoin and similar proof of work cryptocurrencies. In this talk we discuss the various types of transaction fee markets for different cryptocurrencies and the possibility of transaction fees replacing falling block rewards to provide security in the future. The results from our analysis of the Monero fee market in particular do pose some very serious questions regarding the long term security and viability of cryptocurrencies that do not have a minimum fixed block reward or tail emission. We will discuss these questions and their implications for the possibility of a worldwide peer-to-peer electronic cash system. 39c3-90-the-bitcoin-security-budget-and-its-implications-a-look-at-the-security-scaling-and-spam-resistance-of-proof-of-work-cryptocurrencies Monero Francisco "ArticMine" Cabañas en Satoshi Nakamoto released Bitcoin: A Peer-to-Peer Electronic Cash System, in October 2008, https://bitcoin.org/bitcoin.pdf, during the 2008 financial crisis. The Bitcoin genesis block was mined in January 2009 launching the Bitcoin network. The design of Bitcoin has a maximum money supply of 21 million Bitcoin (BTC). The security budget consisting of the block reward and transaction fees per block is paid to the miner (creator) of each block as an incentive to secure the network. The blocks in Bitcoin are approximately every 10 minutes. The block reward is required by consensus to halve approximately every 4 years, starting at 50 BTC per block in 2009, and is currently at 3.125 BTC per block. This leads to a current annual growth rate of the total Bitcoin money supply that is below 1%. The next halving to 1.5625 BTC is estimated to occur in April of 2028. Transaction fees are currently less than 1% of the total Bitcoin security budget. It is claimed in section 6 of the Bitcoin whitepaper that: “Once a predetermined number of coins have entered circulation, the incentive can transition entirely to transaction fees and be completely inflation free”; however no evidence, theory or references are provided to support this claim. The above model, with some variations, has been followed by most of the top proof of work cryptocurrencies, including Bitcoin Cash (BCH), Litecoin (LTC), and ZCash (ZEC). There are however some notable exceptions, Dogecoin (DOGE) and Monero (XMR). Both Dogecoin and Monero have fixed block rewards. In Dogecoin this was the result of a bug in the code; however in Monero a fixed minimum block reward or tail emission was deliberately set at the constant rate 0.6 XMR per block. The blocks in Monero are approximately every 2 minutes. This leads to an annual growth rate of the total Monero money supply that is below 1%. For comparison the historical annual compounded rate of growth of the gold money supply is close to 1%. The fee market in a cryptocurrency is also highly dependent on whether the blocksize is fixed, as in Bitcoin, Dogecoin, Litecoin and ZCash or adaptive as in Bitcoin Cash and Monero. In the case of adaptive blocksizes the question becomes: Is there a penalty (cost) to increase the blocksize as in Monero or no cost to increase the blocksize as in Bitcoin Cash? A balance needs to be found in the design of a cryptocurrency between allowing for blocksize growth in order to support the transaction demand for peer to peer electronic cash, and the necessity of spam mitigation. The use of privacy preserving technologies can also have a profound impact on this balance, by increasing the transaction size, while at the same time preventing the use of censorship, as a means of spam mitigation. In Monero for example this increase will be by a factor of around 20 times, after the upcoming Full Chain Membership Proofs, plus plus (FCMP++) hard fork. This makes finding this balance in cryptocurrencies such as Monero with no option to opt out of privacy, by far the hardest. On the other hand a solution that works in Monero will also work in a cryptocurrency with a lesser degree of privacy. In the presentation we will discuss the following questions: How do the various types of fee markets: fixed blocksize, adaptive blocksize with penalty, and adaptive blocksize without penalty work? Can transaction fees replace the falling block rewards or are fixed block rewards necessary? Are there advantages or disadvantages to replacing block rewards with transaction fees? Is it possible to have a fixed block reward and still be inflation free? Do we have a peer-to-peer electronic cash system or just another kind of asset for investment and speculation using centralized financial institutions? Is a worldwide peer-to-peer electronic cash system possible now or in the foreseeable future? We will also discuss some of the broader implications false https://pretalx.riat.at/39c3/talk/9ZX9ET/ https://pretalx.riat.at/39c3/talk/9ZX9ET/feedback/ CDC Triangle Talk 2025-12-28T19:00:00+01:00 19:00 00:30 How is OpenTimestamps used in the real world? We'll explain how it achieves cryptographic timestamping, and show some read world examples of it in use such as the Guatemalan Presidential Election. 39c3-86-real-world-timestamping-with-opentimestamps Peter Todd en false https://pretalx.riat.at/39c3/talk/TYKHNF/ https://pretalx.riat.at/39c3/talk/TYKHNF/feedback/ CDC Triangle Talk 2025-12-28T19:55:00+01:00 19:55 00:05 What went on and what is coming next. 39c3-122-recap-and-precap-of-critical-decentralization-cluster-sessions Diego Salazar en false https://pretalx.riat.at/39c3/talk/PH9LYH/ https://pretalx.riat.at/39c3/talk/PH9LYH/feedback/ CDC Triangle Talk 2025-12-28T20:00:00+01:00 20:00 00:30 Passkeys are the new hype for easy onboarding, but it's a quite old protocol that has been hijacked for crypto purposes. We'll dig through the standard history, the potentially misleading security expectations, and see how to reverse engineer an implementation to validate its soundness This is a rebroadcast of my devcon 7 presentation (https://archive.devcon.org/devcon-7/passkeys-the-good-the-bad-the-ugly/?tab=YouTube) with some additional details on modern ETH wallets implementations 39c3-134-passkeys-the-good-the-bad-the-ugly btchip en false https://pretalx.riat.at/39c3/talk/7TDXST/ https://pretalx.riat.at/39c3/talk/7TDXST/feedback/ CDC Triangle Talk 2025-12-28T20:30:00+01:00 20:30 00:30 Augustin Bielefeld, principal engineer at Eilbek Research, has been growing mycelium and other micro-organisms since 2023, and will present his journey building a reproducible and affordable bioreactor, which is destined to be open-sourced. This talk is aimed at people with an interest in mycology/microbiology but the principles demonstrated are accessible to everyone. 39c3-72-diy-bioreactors-for-mycology-and-biohacking Augustin Bielefeld en Mycology is one of the fastest growing hobbies in the biohacking/microbiology scene, people cultivate and grow mushrooms for their taste, nootropic properties, and even as construction materials. Bioreactors, while rarely found on a hobbyist's desk - are the proper way to carry out cultivation and innoculation of micro-organism. This talk will explain their principles in simple terms, as well as showing off the speaker's journey building a reproducible and affordable reactor. Bioreactors are not usually found in hobbyists mushroom growers yet they enable: - Very fast culture times compared to usual jars - Efficient and sterile innoculation and expansion - Cultivation not just of mycelium, but of any microorganism such as algae, or even insulin producing bacteria The demonstrator that will be presented enables not only cultivation of mycelium of all types, but also cultivation of complex micro-organisms such as insulin-producing bacteria, and other DIY-medicine goals. false https://pretalx.riat.at/39c3/talk/TRJTLG/ https://pretalx.riat.at/39c3/talk/TRJTLG/feedback/ CDC Triangle Talk 2025-12-28T21:00:00+01:00 21:00 00:30 this talk will present the story behind the "referendum citoyen" app, the ZK tech built by Rarimo team, but also how social movements are embracing cypherpunk tools to engage into challenging the structure of power in a country such France. 39c3-67--referendum-citoyen-the-revolutionnary-app Alexis Roussel en The voting app is a simple blockchain voting app, based on ZK proof generated from a french ID card. The presentation will deep dive in the tech part, first but also present the social movement that wants to bring the referendum culture in France through a voting system that is independent from the State infrastructure, but still can prove that voters are french with the ID digital signature. The voting app is Work in Progress and needs a lot of work. This is also an open call for hackers to help improve and make the app the easiest app for people. https://github.com/ReferendumCitoyen/referendum-citoyen-react-native false https://pretalx.riat.at/39c3/talk/YRYKY3/ https://pretalx.riat.at/39c3/talk/YRYKY3/feedback/ CDC Triangle Talk 2025-12-28T22:00:00+01:00 22:00 00:30 In this talk, I will cover how XMPP manages metadata, what is technically required for which reason, what could be avoided and with which drawbacks, and do some comparisons with centralized (e.g. signal), other decentralized (e.g. matrix) and other systems trying to solve the same issue. 39c3-87-xmpp-and-metadata mathieui en false https://pretalx.riat.at/39c3/talk/DCJXBV/ https://pretalx.riat.at/39c3/talk/DCJXBV/feedback/ CDC Triangle Workshop 2025-12-28T22:30:00+01:00 22:30 04:00 Boot software like BIOS or UEFI are usually nonfree. They still run after the operating system is booted and often contain restrictions (like refusing to boot when the WiFi card is replaced) and are usually related to technologies of control like the Management engine or similar. On computers with a Management engine, replacing the nonfree BIOS with GNU Boot also removes the Management Engine operating system. The install party will take place in a room at the GNU Boot assembly location and the maintainers will be available to help you install GNU Boot on a supported computer (see https://www.gnu.org/software/gnuboot/status.html for a list). 39c3-112-gnu-boot-install-party neoxGNUtoo en false https://pretalx.riat.at/39c3/talk/PLYJF8/ https://pretalx.riat.at/39c3/talk/PLYJF8/feedback/ CDC Circle Workshop 2025-12-28T11:00:00+01:00 11:00 02:00 Let's program it on the HATs and shields. 39c3-128-programming-with-the-tropic01-open-architecture-secure-element Pavel Polach en false https://pretalx.riat.at/39c3/talk/XF3RKT/ https://pretalx.riat.at/39c3/talk/XF3RKT/feedback/ CDC Circle Talk 2025-12-28T13:30:00+01:00 13:30 00:30 Anonymous, Uncensored, Sovereign: How DarkFi gives birth to a new Paradigm of Society. 39c3-73-the-darkfi-super-app /media/39c3/submissions/LK9MK3/media_GqwBPIVW8AAXeDU_2e2iV8F.jpeg Yuki en Hi, my name is Yuki and I am part of the DarkFi community. Out of this user/community perspective I will tell you something about the philosophy of DarkFi, the anonymous tech-stack, Lunarpunk, the Desert vs Forest, RegFi vs DarkFi and the DarkFi Vision. The talk will not go to deep in the low level tech, because I am also just learning about them :) I plan to keep the talk short and have a Q&A personally after the talk, in a more 'relaxed' environment. note: As you might expect, the talk will be held in english. But I can also speak german, if needed f.e P.S: This is the first talk I will hold, I am very excited :) false https://pretalx.riat.at/39c3/talk/LK9MK3/ https://pretalx.riat.at/39c3/talk/LK9MK3/feedback/ CDC Circle Workshop 2025-12-28T16:00:00+01:00 16:00 02:00 We will program a Z-Wave or a Zigbee device and add it into a Z-Way smart home controller installed on Linux or flashed into an ESP32. 39c3-131-making-own-z-wave-or-zigbee-device-from-scratch-and-assemble-a-z-wave-or-zigbee-matter-controller PoltoS en We will be making own Z-Wave and Z-Wave Long Range devices Z-Wave Open Source SDK an Trident IoT SDK. It will also be possible to do Zigbee devices. We will program a sensor and a switch using Z-Wave protocol and include it in a Z-Wave network. Or Zigbee. We will also browse the Z-Wave Open Source project, and how existing Trident IoT and SiLabs code differ from them. We will also install Linux version of Z-Way - Z-Wave/Zigbee/Matter Smart Home Controller. You will learn basics of Z-Wave and Z-Wave Long Range, how to include devices and set up security schemes. We will also master using Z-Way smart home controller, investigate it's API and create own Linux or ESP32-based Z-Wave or Zigbee controller. We will also discuss Z-Wave/Zigbee-to-Matter bridging. You will need a laptop (Linux, Mac or Windows) with SSH client, USB A, Google Chrome and internet access. Optionally you can use VS Code (install Trident IoT extension). Bring your Z-Wave devices with you! If you have Home Assistant Connect ZWA-2, take it too! Presentation: https://docs.google.com/presentation/d/1EJFr8toheFOOE_k4l23wkLd98NE8yb8UbnnkNd2UKqU false https://pretalx.riat.at/39c3/talk/8VNVWK/ https://pretalx.riat.at/39c3/talk/8VNVWK/feedback/ CDC Circle Workshop 2025-12-28T18:00:00+01:00 18:00 02:00 [Radicle](https://radicle.xyz/) is an open source, peer-to-peer code collaboration stack built on Git. Unlike centralized code hosting platforms, such as GitHub or GitLab, there is no single entity controlling the network. Repositories are replicated across peers in a decentralized manner, and users retain sovereignty over their data and workflow. *Free your code!* 39c3-82-radicle-setup-and-introduction /media/39c3/submissions/TXTPLK/radicle_mvRS2xu_yTrnGwu.svg Lorenz Leutgeb en Attend this workshop if you would like to try out Radicle. We'll set it up, and learn how to replicate a Git repository of your choice on the network. Further, learn how to use Radicle Patches and Radicle Issues for collaboration. false https://pretalx.riat.at/39c3/talk/TXTPLK/ https://pretalx.riat.at/39c3/talk/TXTPLK/feedback/ CDC Circle Workshop 2025-12-28T20:00:00+01:00 20:00 02:00 How do we create a pluralistic yet composable and interoperable ecosystem of decentralized applications? Introduction to the fantastic world of P2P μVMs and discussion about making them a reality. 39c3-111-p2p-vms-pluralistic-composability-interoperability-for-decentralized-networks-applications tg-x en ## Topics - μVMs & unikernels - pluralistic composability via minimalistic & layered protocol design - decentralized applications & services running in cryptographically addressed μVMs - using well-known protocols as unified message passing mechanism for decentralized applications - pluralism on the P2P transport, overlay, and application layers ## Format Short introduction followed by a discussion between researchers & developers working on projects related to μVMs, P2P/NGI protocols, and their intersection. ## Context See [WaxOS](https://WaxOS.net) for a brief overview of ongoing research. false https://pretalx.riat.at/39c3/talk/LGLTBV/ https://pretalx.riat.at/39c3/talk/LGLTBV/feedback/ CDC Circle Talk 2025-12-28T22:00:00+01:00 22:00 00:45 Introduction to miniscript with Liana for secure Bitcoin self-custody using hardware wallets and recovery paths. 39c3-143-new-features-in-bitcoin-self-custody Polto, Darko en false https://pretalx.riat.at/39c3/talk/JENEDU/ https://pretalx.riat.at/39c3/talk/JENEDU/feedback/ CDC Triangle Talk 2025-12-29T10:25:00+01:00 10:25 00:05 What went on and what is coming next. 39c3-124-welcome-to-cdc-day-3 Diego Salazar en false https://pretalx.riat.at/39c3/talk/WMMFFF/ https://pretalx.riat.at/39c3/talk/WMMFFF/feedback/ CDC Triangle Workshop 2025-12-29T10:30:00+01:00 10:30 02:00 In this self-paced workshop we will learn how to use the instruments of the Pocket Science Lab (PSLab) board, with the Python API and the Android app. 39c3-91-getting-started-with-the-pocket-science-lab Alexander Bessman en Learn how to use the PSLab's range of onboard instruments to make measurements and output control signals. This workshop will walk you through how to: - Measure voltage and resistance using the multimeter - Measure time-series voltage with the oscilloscope - Measure time-series digital signals with the logic analyzer - Output variable voltage with the signal generator - Output digital signals with the PWM generator Choose between using the Python API or the Android application, or both! false https://pretalx.riat.at/39c3/talk/RPPFJF/ https://pretalx.riat.at/39c3/talk/RPPFJF/feedback/ CDC Triangle Workshop 2025-12-29T13:00:00+01:00 13:00 00:15 We meet indoors at CDC Circle and go outside to launch some comms infrastructure on a tethered balloon. As every Star Trek fan knows, humans are "ugly bags of mostly water" [S1E18] so RF communication in areas densely packed with humans - or their infrastructure made of metal and stone - is problematic. We'll explore ideas to overcome or mitigate this problem, ideas that are possible due to miniaturisation of RF devices and their constraints. 39c3-116--outdoor-ballooning-with-antennas /media/39c3/submissions/3MUCCG/Screenshot_2025-12-22_at_14.20.04_tY4WY8C.png chris en Humans are ugly bags of mostly water and they and their infrastructure attenuate the RF signals we need for communication. We'll explore concepts that are possible due to miniaturisation of RF devices and their constraints. In the end we'll raise a tethered balloon with Meshcore and a Reticulum node indoors or - depending on the situation - outdoors and playfully check the range we can achieve. We'll discuss - what we trying to achieve / the problem at hand - the physical, electrical and financial constraints of our solution compared to other approaches - what changed, why can we do this in 2025 but not in 2015? In the end we'll raise a tethered balloon with Meshcore and a Reticulum nodes indoors or - depending on the situation - outdoors and playfully check the height and range we can achieve. This is a fun workshop that wants to encourage people to play with compact yet easily deployable communication infrastructure, there will be some basic maths and diagrams, but nothing intimidating. false https://pretalx.riat.at/39c3/talk/3MUCCG/ https://pretalx.riat.at/39c3/talk/3MUCCG/feedback/ CDC Triangle Talk 2025-12-29T13:15:00+01:00 13:15 00:15 Come hear about how decentralization is used and viewed in commercial projects, and how you can make a difference in real-world adoption. 39c3-138-state-of-the-decentralization-in-industry Monero Diego Salazar en Open-source is fun and exciting, but it often gets relegated to 'hobby', but there are industry applications. Come learn about various businesses that use open-source libraries every day, and how you can turn your open-source contributions into work, lifestyle, or even changing the world. false https://pretalx.riat.at/39c3/talk/9LHGTD/ https://pretalx.riat.at/39c3/talk/9LHGTD/feedback/ CDC Triangle Talk 2025-12-29T13:30:00+01:00 13:30 00:30 Electronic conference badge & devboard by the Critical Decentralization Cluster with: • TROPIC01 secure element • ESP32-S3 microcontroller • e-paper display with frontlight • battery charging IC and LiPo battery • 12-button keypad • Lots of IO: RasPi header, Grove, SAO https://github.com/riatlabs/cdc-badge 39c3-145-the-cdc-badge-conference-badge-devboard-with-tropic01-and-esp32-s3 dlludbobotronic en false https://pretalx.riat.at/39c3/talk/UKSKJF/ https://pretalx.riat.at/39c3/talk/UKSKJF/feedback/ CDC Triangle Workshop 2025-12-29T14:00:00+01:00 14:00 01:00 Real-world industry cryptographers and developers working on open-source projects, codebases, and research sit down to listen and answer your questions about how they got started, what they're doing, and how they make a difference. 39c3-139-talk-with-industry-cryptographers-and-developers Diego Salazar en false https://pretalx.riat.at/39c3/talk/CDCVQT/ https://pretalx.riat.at/39c3/talk/CDCVQT/feedback/ CDC Triangle Talk 2025-12-29T15:00:00+01:00 15:00 00:30 Personal data leaks can happen to the best of us. A unique development in machine learning gives us the opportunity to catch lapses before they're passed on for the world to see. This talk covers how Occlumask works and its developments so far. 39c3-62-leveraging-llms-for-preventing-de-anonymization-occlumask /media/39c3/submissions/UWJ8XB/namecoin-coin_YUI8Kw0.svg Alice Margatroid en Have you ever mentioned the weather? Maybe offhandedly complained about mosquitoes? Then you may have inadvertently given away crucial bits of who you are and where you are. Occlumask is a new tool for detecting content-based anonymity leaks like this, utilizing the capabilities of large language models to provide more accurate 'coverage'. Come and learn about the reasoning behind Occlumask's development, and the various considerations that had to be made during its development. Topics covered in this talk: * How does this work fill a gap in the broader anonymity tool context of Tor, stylometry, etc? * Background of content-based data-leak prevention tools. * What is Occlumask and how does it work? * Why use an LLM for this? * Unique challenges faced by using an LLM. false https://pretalx.riat.at/39c3/talk/UWJ8XB/ https://pretalx.riat.at/39c3/talk/UWJ8XB/feedback/ CDC Triangle Workshop 2025-12-29T15:30:00+01:00 15:30 02:00 Come and experience Occlumask in action! We want to make sure Occlumask can stand up to whatever situations you might find yourself in. Enter your own text and see if Occlumask can tell whether you're doxing yourself, and suggest what kinds of information Occlumask should be able to detect and notify you of. 39c3-63-occlumask-demo-brainstorming-session /media/39c3/submissions/MWLGQW/namecoin-coin_PWGCffn.svg Jeremy RandAlice Margatroid en Occlumask still has a long development ahead of it, and we want Occlumask to be as comprehensive as possible when it comes to detecting potential content-based data-leaks. In this workshop, we will be demoing a prototype of Occlumask for you to try. Alongside this, we will be asking how you would likely be using Occlumask, and what you think Occlumask should do for you. Come if you have ideas on: * What information do you consider important/sensitive? * What kinds of situations should Occlumask be able to handle? false https://pretalx.riat.at/39c3/talk/MWLGQW/ https://pretalx.riat.at/39c3/talk/MWLGQW/feedback/ CDC Triangle Talk 2025-12-29T17:30:00+01:00 17:30 00:30 When building privacy-sensitive applications, we often rely on proxies like Tor to ensure that no direct connections escape the intended anonymity network. However, verifying that every part of an application reliably goes through the proxy is surprisingly difficult. Even a single syscall escaping the proxy path can quietly deanonymize a user. SocksTrace is a lightweight proxy-leak detection tool that traces network-related syscalls and validates whether they correctly route through the configured proxy. In this talk, I’ll show how SocksTrace works under the hood, what kinds of leaks it can catch, and why syscall-level inspection is essential for high-assurance privacy tools. I’ll also walk through real-world findings: during our testing, we identified previously unknown proxy leaks in major browsers including Firefox and Brave, one of which resulted in a confirmed bug bounty. These results highlight how subtle proxy routing mistakes can occur even in widely-used, privacy-oriented software. 39c3-80-sockstrace-preventing-proxy-leaks-in-your-applications Robert Mindo en SocksTrace is a Linux-based proxy leak detector and traffic proxifier built on seccomp-notify. By intercepting network syscalls directly in the kernel, it provides runtime-agnostic visibility and enforcement that works even for statically linked binaries and modern browsers. The talk showcases real WebRTC-related proxy leaks discovered using SocksTrace, explains shortcomings of traditional tools, and demonstrates transparent SOCKSification, DNS enforcement, and safe handling of applications that launch their own Tor instances. We conclude with practical use cases and future directions for syscall-level network containment. false https://pretalx.riat.at/39c3/talk/AEQPXC/ https://pretalx.riat.at/39c3/talk/AEQPXC/feedback/ CDC Triangle Talk 2025-12-29T18:00:00+01:00 18:00 00:30 qaul is a P2P mesh communication app, with a strong focus on privacy and usability. Every user is identified via their self-sovereign cryptographic identity. It not only communicates P2P, but builds a mesh network, interconnecting multiple communication such as BLE (Bluetooth Low Energy), Local Area Networks, and Internet overlay links. The messaging app has an automated user discovery, end-to-end encrypted direct messaging and group chats for text, voice-messages and files, as well as public communication channels. https://qaul.net 39c3-79-qaul-decentralized-off-the-grid-mesh-communication-app /media/39c3/submissions/VG7YRC/qaul-splash_IhPhsvk.jpg Mathias Jud en false https://pretalx.riat.at/39c3/talk/VG7YRC/ https://pretalx.riat.at/39c3/talk/VG7YRC/feedback/ CDC Triangle Workshop 2025-12-29T18:30:00+01:00 18:30 00:30 The Internet is decentralized by design. It came into being not at once, but in parts.  New protocols were added on top of previous ones, with each new protocol extending and improving functionality of the global network. However one essential protocol is still missing  —  an open way to discover and publish content on the global web. 39c3-93-decentralized-syndication-the-missing-internet-protocol Tautvilas Mečinskas en I have implemented a conceptual decentralized content sydication platform and would like to tell more about the philosophy behind it. The workshop will consist of two parts: 30 min presentation about the concept and 30 min workshop where participants would try to publish their social post on RSDS network. false https://pretalx.riat.at/39c3/talk/DVEGM7/ https://pretalx.riat.at/39c3/talk/DVEGM7/feedback/ CDC Triangle Talk 2025-12-29T19:00:00+01:00 19:00 00:30 We walk from ancient Roman times to modern day, discussing the general advancement of applied cryptography across history. We begin with the Caesar cipher, fast forward to the World Wars of the early 20th century, before moving onto the rise and fall of elliptic curve cryptography, including Monero's past, present, and future protocol design philosophy. This talk is informal, intended as a primer for the historically-minded. 39c3-107-a-brief-history-of-keeping-secrets Monero Brandon Goodell en false https://pretalx.riat.at/39c3/talk/ZKYJ8N/ https://pretalx.riat.at/39c3/talk/ZKYJ8N/feedback/ CDC Triangle Workshop 2025-12-29T19:30:00+01:00 19:30 01:00 Quantum computers represent a looming threat to much of the critical foundations of modern cryptography. Post-quantum cryptography (PQC) utilizes hard mathematical problems that we believe resist the so-called "quantum advantage," to preserve security and privacy. In this workshop we will unpack the principles behind the leading PQC families such as lattice and code based constructions, then showcase their implications for cryptocurrencies, digital signatures, and zero-knowledge protocols. 39c3-71-pre-quantum-to-post-quantum-cryptography Monero Freeman Slaughter en false https://pretalx.riat.at/39c3/talk/AGLZXP/ https://pretalx.riat.at/39c3/talk/AGLZXP/feedback/ CDC Triangle Talk 2025-12-29T20:30:00+01:00 20:30 00:30 [be-BOP](https://be-bop.io/) is free and open-source software for **autonomous commerce**. It’s an all-in-one, batteries-included solution built for merchants, not engineers. It lets communities run markets without accounts, tracking, or gatekeepers. From shops to restaurants, ticketing to peer-funding — all self-hosted. Adoption grows among merchants and creators seeking real independence. Next steps: **multitenant** for specialization, **cross be-BOP** for **federation**. We’re building the foundations of a free, federated economy. 39c3-66-be-bop-ethical-commerce-without-the-middlemen Roos en **be-BOP is free and open-source software for sovereign commerce.** It’s built on a simple belief: merchants and communities should own the tools they depend on. We design technology that respects privacy, rejects dark patterns, and removes the need for accounts or intermediaries. Our vision is trade without platforms, data brokers, or gatekeepers — commerce as a public good, not a private empire. Unlike fragmented “self-commerce” tools, **be-BOP is a complete, batteries-included stack**. It supports e-commerce, point-of-sale, restaurant systems, ticketing, peer-funding, and subscriptions — all self-hosted, interoperable, and designed for real-world merchants. It aims for the reliability of a platform, without the capture of one. Adoption grows from the edges: merchants and cooperatives seeking independence, and creators tired of surrendering revenue to platforms. In **Goma**, communities use be-BOP to organize resources and stabilize local economies under pressure. Elsewhere, artists use it to sustain open culture without permission or lock-in. The roadmap pushes beyond software. **Multitenant be-BOP** will enable domain-specific ecosystems — tailor-made for farmers’ markets, repair collectives, or independent venues — while **cross be-BOP** will link autonomous nodes into a federation of mutual visibility. Together they answer the twin failures of centralized commerce: loss of agency and isolation. be-BOP aspires to be more than a toolchain. It’s an experiment in rebuilding economic infrastructure on open terms — a foundation for **free, federated, and sustainable digital economies** that can’t be quietly “enshittified.” false https://pretalx.riat.at/39c3/talk/ZGADCJ/ https://pretalx.riat.at/39c3/talk/ZGADCJ/feedback/ CDC Triangle Talk 2025-12-29T21:00:00+01:00 21:00 00:30 Proprietary tech from corporations and surveillance from governments never been more pervasive and it's becoming impossible to deflect it's patterns of control. Refuse the captured system and opt out into the parallel one, embracing FOSS, decentralization and freedom. Let's explore technologies we can use as an actual tools without serving third parties, building independent community coordination and distributed systems that cannot be controlled. Join us to share your stack and tips on surviving without proprietary technologies, banks and big brothers as an individual and a hackerspace. 39c3-88-applying-cryptoanarchy-in-individual-and-communal-sovereignty Mario en false https://pretalx.riat.at/39c3/talk/XPN8AE/ https://pretalx.riat.at/39c3/talk/XPN8AE/feedback/ CDC Triangle Workshop 2025-12-29T21:30:00+01:00 21:30 01:30 A collaborative dialogue to examine and unsettle the philosophical foundations of decentralization. What do we actually mean when we speak of decentralization, and what forms of order, asymmetry or coordination quietly sustain it? Where does decentralization end and centralization begin, and is this opposition as clear as it appears? Beyond familiar binaries such as order and chaos, what assumptions are embedded in the formal systems, protocols and narratives we rely on? What do participants experience when engaging with institutions, infrastructures or rulesets, and what recedes into the background as those systems operate? Through a self-reflective and performative inquiry, this dialogue explores decentralization not as a moral absolute but as a situated and contested design space shaped as much by what it excludes as by what it enables. 39c3-99-on-the-limits-of-decentralization Ome en In its iterative, by now familiar format, the workshop opens with a short framing by the facilitator, introducing the inquiry and reflecting on the asymmetry of facilitation itself and its relevance to decentralization. Participants then break into smaller groups to explore the questions raised, with room for divergence, contestation and parallel lines of inquiry. The format remains intentionally open to shifts in attention, authority and coordination as the session unfolds. We reconvene toward the end to share reflections, tensions and unresolved questions rather than to converge on a single conclusion. The workshop invites participants to engage not only with ideas of decentralization but with how those ideas are enacted, sustained or resisted in practice. false https://pretalx.riat.at/39c3/talk/WWSYUL/ https://pretalx.riat.at/39c3/talk/WWSYUL/feedback/ CDC Circle Workshop 2025-12-29T11:00:00+01:00 11:00 03:00 We will program a Z-Wave or a Zigbee device and add it into a Z-Way smart home controller installed on Linux or flashed into an ESP32. 39c3-130-making-own-z-wave-or-zigbee-device-from-scratch-and-assemble-a-z-wave-or-zigbee-matter-controller PoltoS en We will be making own Z-Wave and Z-Wave Long Range devices Z-Wave Open Source SDK an Trident IoT SDK. It will also be possible to do Zigbee devices. We will program a sensor and a switch using Z-Wave protocol and include it in a Z-Wave network. Or Zigbee. We will also browse the Z-Wave Open Source project, and how existing Trident IoT and SiLabs code differ from them. We will also install Linux version of Z-Way - Z-Wave/Zigbee/Matter Smart Home Controller. You will learn basics of Z-Wave and Z-Wave Long Range, how to include devices and set up security schemes. We will also master using Z-Way smart home controller, investigate it's API and create own Linux or ESP32-based Z-Wave or Zigbee controller. We will also discuss Z-Wave/Zigbee-to-Matter bridging. You will need a laptop (Linux, Mac or Windows) with SSH client, USB A, Google Chrome and internet access. Optionally you can use VS Code (install Trident IoT extension). Bring your Z-Wave devices with you! If you have Home Assistant Connect ZWA-2, take it too! Presentation: https://docs.google.com/presentation/d/1EJFr8toheFOOE_k4l23wkLd98NE8yb8UbnnkNd2UKqU false https://pretalx.riat.at/39c3/talk/7CVRJN/ https://pretalx.riat.at/39c3/talk/7CVRJN/feedback/ CDC Circle Workshop 2025-12-29T14:00:00+01:00 14:00 02:00 Let's program it on the badge. 39c3-127-programming-with-the-tropic01-open-architecture-secure-element Pavel Polach en false https://pretalx.riat.at/39c3/talk/XTWLFN/ https://pretalx.riat.at/39c3/talk/XTWLFN/feedback/ CDC Circle Workshop 2025-12-29T16:00:00+01:00 16:00 02:00 Let's build mesh radios from scratch. We will bring 20 PCB kits, containing all parts. Soldering is difficult but doable in the Congress. You have to be very proficient with soldering to get this done during Congress, but the Eternal Soldering Workshop is open and nearby. We also have solder paste and stencils for the real pros! If you don't want to get into soldering now, you can take one of the kits home. During the workshop you will get to know everything necessary to get the job done. 39c3-144-mesh-radio-workshop /media/39c3/submissions/YPX33R/boxes_F5DUHus.jpg Jitter en ### Building Autonomy: Mesh Radio Hardware Workshop Decentralized communication infrastructures require more than finished devices: understanding the hardware level enables critical engagement with proprietary designs and creates autonomy beyond commercial dependencies. The workshop covers complete assembly of an nRF52-based mesh node in Heltec form-factor, where participants gain practical comprehension of decentralized radio network architecture through soldering components, integrating LoRa modules, and installing firmware. Critical decentralization means not merely using distributed networks but mastering their technical foundations: building custom boards reveals trade-offs between energy efficiency, range, and cost, enables design adaptation to specific requirements, and develops capabilities for repairing and modifying existing infrastructure. Control over hardware design and firmware variants dissolves dependence on manufacturer decisions and permits experimental topologies that commercial solutions cannot accommodate. The workshop targets advanced participants with mesh operation experience, as technical fundamentals are prerequisite knowledge. false https://pretalx.riat.at/39c3/talk/YPX33R/ https://pretalx.riat.at/39c3/talk/YPX33R/feedback/ CDC Circle Workshop 2025-12-29T18:00:00+01:00 18:00 02:00 Join us for a practical session on auditing network traffic. In this workshop, you will learn how to use SocksTrace to intercept, analyze, and socksify applications. 39c3-81-a-hands-on-guide-for-people-who-want-to-install-and-use-sockstrace- Robert Mindo en Workshop Plan: - Setup & Installation - Basic Usage (Detecting Leaks) - Advanced Configuration (Whitelist/Blacklist) - Q&A and Debugging (Troubleshooting common setup) false https://pretalx.riat.at/39c3/talk/8UK8XJ/ https://pretalx.riat.at/39c3/talk/8UK8XJ/feedback/ CDC Circle Workshop 2025-12-29T20:00:00+01:00 20:00 02:00 Introduction into chip flasher device history and operation - get trained! 39c3-119-zerocat-chipflasher /media/39c3/submissions/YSX8LU/chipflasher-device.1_wVMlAWi.png Zerocat en The Zerocat Chipflasher is a versatile device that is made for firmware replacement. Its operation requires some training and some knowledge about typical difficulties in in-system flash programming. This device comes with freedom in mind, down to details. It started as a cellar-project during the time of Snowden revelations, and now reaches a point of maturity in cooperation with the GNU Boot project. Key features that make this device a reproducable tool on GNU/Linux-Libre systems, now and in future, will be explained. You will be trained in device operation, targeting a hard-to-flash ThinkPad T60 systemboard. Successful operation should result in a successful boot of the liberated T60 laptop - but let’s see! -- https://www.zerocat.org false https://pretalx.riat.at/39c3/talk/YSX8LU/ https://pretalx.riat.at/39c3/talk/YSX8LU/feedback/ CDC Triangle Talk 2025-12-30T10:25:00+01:00 10:25 00:05 What went on and what is coming next. 39c3-125-welcome-to-the-last-cdc-day Diego Salazar en false https://pretalx.riat.at/39c3/talk/XPKCMD/ https://pretalx.riat.at/39c3/talk/XPKCMD/feedback/ CDC Triangle Talk 2025-12-30T10:30:00+01:00 10:30 00:15 [NextGraph](https://nextgraph.org/) is a framework aimed at making live collaboration, offline support, end to end encryption, and application interoperability easy. In this demo, I will walk you through the basics of NextGraph and our new TypeScript SDK. The new TypeScript SDK turns RDF graph database records into ordinary, typed objects with instant two‑way binding. By proxying those objects and emitting signals, the SDK provides a framework‑agnostic reactive layer that integrates cleanly with React, Vue, and Svelte. **You will** get a short introduction to NextGraph, RDF (a graph data format designed for interoperability), and a live demo walking through a simple property change, showing how a mutation is instantly persisted to the database, syncronized, and reflected in UI components across React, Vue, and Svelte. 39c3-98-nextgraph-demo-local-first-e2ee-rdf-graph-db-and-a-reactive-orm-sdk /media/39c3/submissions/QTQHYH/a7c8b107494862a5a52734575d6aafd3_1KlsQga.png Laurin Weger en false https://pretalx.riat.at/39c3/talk/QTQHYH/ https://pretalx.riat.at/39c3/talk/QTQHYH/feedback/ CDC Triangle Workshop 2025-12-30T10:45:00+01:00 10:45 02:00 Build your own open-source Bitcoin signing device with a Raspberry Pi Zero, camera and display! We have kits for 45€ 39c3-140-seedsigner-diy-bitcoin-signing-device-build-workshop /media/39c3/submissions/UZPXRN/Make-Your-Own-Case_5rF3wqh.png freerk en Seedsigners are open-source DIY signing devices which can be built using "normal" hardware like a Raspberry Pi and act as kind of hardware wallets to sign Bitcoin transactions. Since the hardware is missing a secure element chip, the keys are saved externally, usually via self-drawn QR-codes which are read again for every use via the build-in camera. We brought a few kits with us which we sell for 45€ and build together. We will lashing the firmware on the MicroSD card and then build everything together in the 3d-printed enclosure. The kit includes: Raspberry Pi Zero 1.3 (without Wifi or Bluetooth chip), GPIO-header already soldered Display-Hat with joystick and buttons Camera 64GB MicroSD card MicroUSB to USB-C cable 3D printed enclosure 6 printed templates for self-drawn QR-Codes false https://pretalx.riat.at/39c3/talk/UZPXRN/ https://pretalx.riat.at/39c3/talk/UZPXRN/feedback/ CDC Triangle Talk 2025-12-30T13:00:00+01:00 13:00 00:30 We will give a brief introduction to the Reticulum Network Stack and announce what is new in 2025: - Reticulum will soon be available in Rust, which will allow users of embedded systems a better performance. - The new Reticulum BLE Interface enables the creation of autonomous mesh networks without any further hardware or central server. The interface can be used on Linux and Android. - The Columba App for Reticulum lowers the barrier of entry for using Reticulum. 39c3-141-whats-new-in-reticulum fluorescent_beigeLiam en false https://pretalx.riat.at/39c3/talk/LZWMFU/ https://pretalx.riat.at/39c3/talk/LZWMFU/feedback/ CDC Triangle Talk 2025-12-30T13:30:00+01:00 13:30 00:30 What would it look like to build financial infrastructure for solidarity rather than speculation? While blockchain technology has largely been captured by libertarian and extractive market logic, it certainly does not need to be that way. In this talk, we'll explore Solidarity Primitives, development and architectural design patterns designed to forge economic solidarity between individuals and collectives. Drawing from our work at Bread Cooperative and research I've documented through my podcast, The Blockchain Socialist, we'll examine concrete examples like the BREAD community token, savings circles implementation, and the Solidarity Fund mechanisms that enable participatory funding without relying on venture capital or traditional financial intermediaries. We'll discuss how these primitives address a critical gap: the technical and coordination barriers that have historically made alternative economic models difficult to implement at scale. From worker cooperatives to mutual aid networks, the infrastructure simply hasn't existed. Peer-to-peer technologies can change that but only if designed with solidarity, not profit maximization, as the core principle. This talk is for anyone interested in the practical dimensions of building a post-capitalist economy: what does it actually look like to write code for collective autonomy? How do we ensure decentralized systems serve communities rather than concentrating power? 39c3-89-solidarity-finance-on-p2p-rails Joshua Davila en This talk will last approximately 15 to 20 minutes followed by Q&A discussion for the rest of the time. false https://pretalx.riat.at/39c3/talk/9HTCKF/ https://pretalx.riat.at/39c3/talk/9HTCKF/feedback/ CDC Triangle Talk 2025-12-30T14:00:00+01:00 14:00 00:30 Online anonymity is being demonized and undermined. But anonymity has an important social function for preserving individuals and group against social threats. We will argue for the philosophical and political value of being anonymous, especially against the rising state of capture in state and corporate surveillance. Anonymity is more than namelessness: it's a tool of resistance. 39c3-117-who-s-afraid-of-anonymity-a-philosophical-and-political-toolkit Casey Ford en false https://pretalx.riat.at/39c3/talk/NBWHGM/ https://pretalx.riat.at/39c3/talk/NBWHGM/feedback/ CDC Triangle Talk 2025-12-30T14:30:00+01:00 14:30 00:30 Mutual-vend.com - smallest self contained coop decentrally owned and operated infra 39c3-94-mutual-vend-decentralized-coop-vending-machine Ron Turetzky en Come learn about how digital ledgers and peer to peer vending machines challenge existing labor rights, profit margins , and finance legalities! false https://pretalx.riat.at/39c3/talk/V9CPMV/ https://pretalx.riat.at/39c3/talk/V9CPMV/feedback/ CDC Triangle Talk 2025-12-30T15:00:00+01:00 15:00 00:30 Looking at how decentralized social networks, AI, XR, blockchain, and other technologies come together to shape the next stages of web evolution. 39c3-74-building-the-next-web Ryta en Let’s figure out - what are the ingredients of the web evolution we all actually want? First - we look into the evolution we’ve had until now - in Decentralized communication, AI, XR, Bitcoin, & other forefront technologies that shape the internet as we know it. Then - we brainstorm - What are potential outcomes of our best & worst decisions there? They will shape how we build the next web. false https://pretalx.riat.at/39c3/talk/ZJBBSC/ https://pretalx.riat.at/39c3/talk/ZJBBSC/feedback/ CDC Triangle Talk 2025-12-30T15:30:00+01:00 15:30 00:30 ++ ++ ++ ++ ++ ++ ++ ++ The closing presentation at the Critical Decentralization Cluster assembly during 39C3 is a progress report on Offworld Voyage, a Space Analog Research project dedicated to the design of environmentally sustainable interplanetary exploration training habitats that also solve for adaptation to climate biodevastation on Earth. The talk will focus on some of the various ways in which Free/Libre Open Source technologies are incorporated into the project - with a strong focus on the development of decentralized and distributed coordination systems for autonomous and collective action - and how creative technologists can plug in and participate in the project. As a special show-and-tell treat Scott Beibin and Elizabeth Jane Cole, founders of Offworld Voyage will display the new pressurized training spacesuit prototypes they recently commissioned Smith Exploration Garments to build for the project. See you there! 39c3-146-offworld-voyage-39c3-astronaut-collectives-are-beautiful-a-progress-report- /media/39c3/submissions/9KZ3CB/Offworld_Voyage_Ecotopias_5YLA5oj.png Scott BeibinElizabeth Jane Cole en false https://pretalx.riat.at/39c3/talk/9KZ3CB/ https://pretalx.riat.at/39c3/talk/9KZ3CB/feedback/