diff --git a/.hugo_build.lock b/.hugo_build.lock new file mode 100644 index 0000000..e69de29 diff --git a/assets/img/avatar.jpg b/assets/img/avatar.jpg new file mode 100644 index 0000000..8f4ac6b Binary files /dev/null and b/assets/img/avatar.jpg differ diff --git a/assets/img/avatar.png b/assets/img/avatar.png deleted file mode 100644 index bab4bde..0000000 Binary files a/assets/img/avatar.png and /dev/null differ diff --git a/assets/jsconfig.json b/assets/jsconfig.json new file mode 100644 index 0000000..7e25739 --- /dev/null +++ b/assets/jsconfig.json @@ -0,0 +1,10 @@ +{ + "compilerOptions": { + "baseUrl": ".", + "paths": { + "*": [ + "../../../.cache/go/mod/github.com/!cai!jimmy/hugo-theme-stack/v3@v3.21.0/assets/*" + ] + } + } +} \ No newline at end of file diff --git a/config/_default/config.toml b/config/_default/config.toml index ffdf378..93473c5 100644 --- a/config/_default/config.toml +++ b/config/_default/config.toml @@ -2,7 +2,7 @@ baseurl = "https://demo.stack.jimmycai.com" languageCode = "en-us" paginate = 5 -title = "Hugo Theme Stack Starter" +title = "Byte me if you can" # Theme i18n support # Available values: en, fr, id, ja, ko, pt-br, zh-cn, zh-tw, es, de, nl, it, th, el, uk, ar @@ -13,4 +13,4 @@ defaultContentLanguage = "en" hasCJKLanguage = false # Change it to your Disqus shortname before using -disqusShortname = "hugo-theme-stack" \ No newline at end of file +disqusShortname = "hugo-theme-stack" diff --git a/config/_default/menu.toml b/config/_default/menu.toml index 20bdb9e..0916a64 100644 --- a/config/_default/menu.toml +++ b/config/_default/menu.toml @@ -10,15 +10,15 @@ [[social]] identifier = "github" name = "GitHub" -url = "https://github.com/CaiJimmy/hugo-theme-stack" +url = "https://github.com/filippo-ferrari" [social.params] icon = "brand-github" -[[social]] -identifier = "twitter" -name = "Twitter" -url = "https://twitter.com" +#[[social]] +#identifier = "twitter" +#name = "Twitter" +#url = "https://twitter.com" -[social.params] -icon = "brand-twitter" +#[social.params] +#icon = "brand-twitter" diff --git a/config/_default/params.toml b/config/_default/params.toml index 366020f..b2a2244 100644 --- a/config/_default/params.toml +++ b/config/_default/params.toml @@ -13,13 +13,13 @@ published = "Jan 02, 2006" lastUpdated = "Jan 02, 2006 15:04 MST" [sidebar] -emoji = "🍥" -subtitle = "Lorem ipsum dolor sit amet, consectetur adipiscing elit." +#emoji = "🍥" +subtitle = "I will post stuff mainly because i want to document my journey in the software development world and to keep track of my projects, conferences i go to and stuff i learn. One day, with enough knowledge, patience and hard work (or by pure chance) these contents will be useful to someone." [sidebar.avatar] enabled = true local = true -src = "img/avatar.png" +src = "img/avatar.jpg" [article] math = false diff --git a/content/post/books/books.jpg b/content/post/books/books.jpg new file mode 100644 index 0000000..d73fe85 Binary files /dev/null and b/content/post/books/books.jpg differ diff --git a/content/post/books/index.md b/content/post/books/index.md new file mode 100644 index 0000000..c9ff717 --- /dev/null +++ b/content/post/books/index.md @@ -0,0 +1,36 @@ +--- +title: Books +description: The books I'm reading/I've read/I plan to read +date: 2024-01-29 00:00:00+0000 +draft: false +image: books.jpg +categories: + - Programming + - Books +tags: + - programming + - books + - literature +--- + +This is just a collection, in so specific order, of books i read or i intent to read in the future. The all are related to the world of programming, hacking, FOOS, Linux and software in general. + +the [F] tag means that the book is available freely online. A great starting point if you want to look for books that are free on the topic of programming, computer vision, mathematics and much more is [this amazing repository](https://github.com/EbookFoundation/free-programming-books) + +# Programming +- Clean Code +- Clean Architecture +- Data Stuctures the fun way +- Essential Java +- The GO programming language +- Design Patterns: Elements of Reusable Object-Oriented Software +- The C Programming Language +- Crypto Dictionary: 500 Tasty Tidbits for the Curious Cryptographer +# Open Source/ Free software +- La cattedrale e il bazaar +- Open non e' Free [F] + +# Linux +- The Orange book pt. 2 [F] +- [How Linux Works, 3rd Edition: What Every Superuser Should Know](https://nostarch.com/howlinuxworks3) +- Linux Bible diff --git a/content/post/hello-world/index.md b/content/post/hello-world/index.md index 381ffff..c666790 100644 --- a/content/post/hello-world/index.md +++ b/content/post/hello-world/index.md @@ -3,6 +3,7 @@ title: Hello World description: Welcome to Hugo Theme Stack slug: hello-world date: 2022-03-06 00:00:00+0000 +draft: true image: cover.jpg categories: - Example Category @@ -17,4 +18,4 @@ For more information about this theme, check the documentation: https://stack.ji Want a site like this? Check out [hugo-theme-stack-stater](https://github.com/CaiJimmy/hugo-theme-stack-starter) -> Photo by [Pawel Czerwinski](https://unsplash.com/@pawel_czerwinski) on [Unsplash](https://unsplash.com/) \ No newline at end of file +> Photo by [Pawel Czerwinski](https://unsplash.com/@pawel_czerwinski) on [Unsplash](https://unsplash.com/) diff --git a/content/post/image-gallery/1.jpg b/content/post/image-gallery/1.jpg deleted file mode 100644 index 3f1f905..0000000 Binary files a/content/post/image-gallery/1.jpg and /dev/null differ diff --git a/content/post/image-gallery/2.jpg b/content/post/image-gallery/2.jpg deleted file mode 100644 index d19214e..0000000 Binary files a/content/post/image-gallery/2.jpg and /dev/null differ diff --git a/content/post/image-gallery/index.md b/content/post/image-gallery/index.md deleted file mode 100644 index 94bc377..0000000 --- a/content/post/image-gallery/index.md +++ /dev/null @@ -1,22 +0,0 @@ ---- -title: Image gallery -description: Create beautiful interactive image gallery using Markdown -date: 2023-08-26 00:00:00+0000 -image: 2.jpg ---- - -Hugo theme Stack supports the creation of interactive image galleries using Markdown. It's powered by [PhotoSwipe](https://photoswipe.com/) and its syntax was inspired by [Typlog](https://typlog.com/). - -To use this feature, the image must be in the same directory as the Markdown file, as it uses Hugo's page bundle feature to read the dimensions of the image. **External images are not supported.** - -## Syntax - -```markdown -![Image 1](1.jpg) ![Image 2](2.jpg) -``` - -## Result - -![Image 1](1.jpg) ![Image 2](2.jpg) - -> Photo by [mymind](https://unsplash.com/@mymind) and [Luke Chesser](https://unsplash.com/@lukechesser) on [Unsplash](https://unsplash.com/) \ No newline at end of file diff --git a/content/post/linux-setup/my-linux-setup.md b/content/post/linux-setup/my-linux-setup.md new file mode 100644 index 0000000..1fd59a3 --- /dev/null +++ b/content/post/linux-setup/my-linux-setup.md @@ -0,0 +1,102 @@ ++++ +title = "my neat linux setup" +date = "2023-09-07T23:20:19+02:00" +author = "" +cover = "" +tags = ["", ""] +keywords = ["", ""] +description = "" +showFullContent = false +readingTime = false +hideComments = false +color = "" #color from the theme settings +draft = false ++++ + +This is a simple collection of all the main tools that i have installed on my system. I do not consider the setup complete yet, but i have already collected enough pieces of software that justify start keeping track of them. + +I make heavy use of [Luke Smith](https://github.com/LukeSmithxyz)'s LARBS, a script that i recently forked and changed to better suit my needs. + +You can find my version of LARBS [here](https://github.com/filippo-ferrari/LARBS). In an ideal future, there will be a changelog with all the changes that i did from the base(d) version. + +# Distribution: artix +Artix is basically arch only without that piece of cringeware that is systemd. +When it comes to replacing it you have a number of choices that range from decent to very fucking good, i have only ever used runit but you're free to chose something else of course. + +Visit the [Artix](https://artixlinux.org/) website and check all the neat infos they have: + +"Q. Do you hate systemd? +A. No, we don't. In fact, we love systemd. But we would never use [such](https://thehackernews.com/2019/01/linux-systemd-exploit.html) a [sucky piece](https://suckless.org/sucks/systemd/) of [bloatware](https://chiefio.wordpress.com/2016/05/18/systemd-it-keeps-getting-worse/) near [anywhere](without-systemd.org/wiki/index.php/Arguments_against_systemd) we [cared](https://www.theregister.co.uk/2018/10/26/systemd_dhcpv6_rce/) [about](www.softpanorama.org/Commercial_linuxes/Startup_and_shutdown/systemd.shtml) [security](https://www.theregister.com/2019/01/31/systemd_exploit/)" + +# Disk encryption: +In all my devices i encrypt the root partition with a [LUKS](https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup)-formatted partition. + +# Window manager: dwm +"[dwm](https://dwm.suckless.org/) is a dynamic window manager for X. It manages windows in tiled, monocle and floating layouts. All of the layouts can be applied dynamically, optimising the environment for the application in use and the task performed. +In tiled layout windows are managed in a master and stacking area. The master area contains the window which currently needs most attention, whereas the stacking area contains all other windows. In monocle layout all windows are maximised to the screen size. In floating layout windows can be resized and moved freely. Dialog windows are always managed floating, regardless of the layout applied." +There is a ton of customization possible and patches that you can compile to modify the behaviour of the window manager, it's very lightweight and runs very well even on my 2008 T400, can't recommend it enough. + +# Status bar: dwmblocks +[dwmblocks](https://github.com/torrinfail/dwmblocks) is a modular status bar for dwm written in C, if you run the LARBS script, dwm will arrive with a bunch of very well done scripts for all your general needs. +You can also find pre-made scripts all over the world wide web. It's super minimalistic, super customizable and super light, love it. + +# Menu: dmenu +"[dmenu](https://wiki.archlinux.org/title/dmenu) is a fast and lightweight dynamic menu for X. It reads arbitrary text from stdin, and creates a menu with one item for each line. The user can then select an item, through the arrow keys or typing a part of the name, and the line is printed to stdout. dmenu_run is a wrapper that ships with the dmenu distribution that allows its use as an application launcher." +I haven't dabbled particulary with dmenu since it comes with everything you need already outside of the box, it's cool and it supports a ton of stuff, like pass and other shit. + +# File manager: lf +[lf](https://github.com/gokcehan/lf) (as in "list files") is a terminal file manager written in Go with a heavy inspiration from ranger file manager. See faq for more information and tutorial for a gentle introduction with screencasts. +super light, super easy to config, and, of course, supports vim bindings + +# Email client: neomutt +[neomutt](https://neomutt.org/) is a command line mail reader, has a ton of cool features, its super light and, of course, uses vim bindings. +You can use [mutt-wizard](https://github.com/LukeSmithxyz/mutt-wizard) to easily setup your email accounts. 10+ + +# Battery utility: battop +[battop](https://github.com/svartalf/rust-battop) is an interactive battery viewer written in rust that works from the terminal, it gives you all the basic battery info you want to know using a series of graphs, its very lightweight and supports multiple batteries (if you have a thinkpad you know what im talking about) + +# Battery optimization: TLP +[TLP](https://linrunner.de/tlp/index.html) is a feature-rich command line utility for Linux, saving laptop battery power without the need to delve deeper into technical details. +TLP’s default settings are already optimized for battery life and implement Powertop’s recommendations out of the box. So you may just install and forget it. +Nevertheless TLP is highly customizable to fulfill your specific requirements. + +P.S. i stil cant manage to make the TLP service work properly with runit, so if you want to create a highy customized config you might want to stick to [systemd](https://en.wikipedia.org/wiki/Trash) + +# Task manager: htop +Again, if you ever want to be taken into consideration by the cool guys and gals of the ricing sub-scene you have to have this process viewer. +All jokes aside [htop](https://htop.dev/) is a neat piece of software, very light and super useful, written in the mighty C languange. + +# Text editor: neovim +ok, big boys time, i use vim as my main text editor both to play around in linux and to write code +i use [AtroVim](https://astronvim.com/) setup, its a very IDE like setup and you can go much more minimalistic if you need to. +That being said i am constantly hopping among major neovim configs so this might very well change in the future. +i didnt customize the setup very much just: +- relative lines set to true +- catcapuccin as my theme +- path_display not truncated +- telescope search with hidden files enabled +- random nerdfont installed using this [guide](https://www.behova.net/install-nerd-font-on-arch-linux/) (i will probably copy it just in case this site cease to exists) +- macro changes +- lazygit +- other stuff I'm too lazy to remember + +# Calendar: calcurse +[calcurse](https://calcurse.org/) is a calendar and scheduling application. Terminal based, uses vim bindings, thats it. + +# RSS reader: newsboat +[newsboat](https://newsboat.org) is an RSS/Atom feed reader for the terminal. Super easy to setup and use, uses vim bindings + +# Browser: Librewolf +[Librewolf](https://librewolf.net/) is a custom and independent version of Firefox, with the primary goals of privacy, security and user freedom. + +# Audio: puslemixer +[Pulsemixer](https://pypi.org/project/pulsemixer/) is a self-sufficient single-file python app that doesn't require any extra libraries. A great CLI mixer. + +# logseq +[logseq](https://logseq.com/) is an open-source note taking application that i enjoy using (mainly at work), it supports markdown, tasks management, whiteboards and PDFs annotations. + +# Network Manager: nmtui +A text based network interface for NetworkManager, easy to use, configure and modify. + +# SWAG: neofetch +do i need to say more? you can have it start at login to flex on r/unixporn, normal users will be most likely disgusted (rightfully so) diff --git a/content/post/markdown-syntax/index.md b/content/post/markdown-syntax/index.md deleted file mode 100644 index e004892..0000000 --- a/content/post/markdown-syntax/index.md +++ /dev/null @@ -1,150 +0,0 @@ ---- -title: Markdown Syntax Guide -date: 2023-09-07 -description: Sample article showcasing basic Markdown syntax and formatting for HTML elements. -tags: - - markdown - - css - - html - - themes -categories: - - themes - - syntax ---- - -This article offers a sample of basic Markdown syntax that can be used in Hugo content files, also it shows whether basic HTML elements are decorated with CSS in a Hugo theme. - - - -## Headings - -The following HTML `

`—`

` elements represent six levels of section headings. `

` is the highest section level while `

` is the lowest. - -# H1 -## H2 -### H3 -#### H4 -##### H5 -###### H6 - -## Paragraph - -Xerum, quo qui aut unt expliquam qui dolut labo. Aque venitatiusda cum, voluptionse latur sitiae dolessi aut parist aut dollo enim qui voluptate ma dolestendit peritin re plis aut quas inctum laceat est volestemque commosa as cus endigna tectur, offic to cor sequas etum rerum idem sintibus eiur? Quianimin porecus evelectur, cum que nis nust voloribus ratem aut omnimi, sitatur? Quiatem. Nam, omnis sum am facea corem alique molestrunt et eos evelece arcillit ut aut eos eos nus, sin conecerem erum fuga. Ri oditatquam, ad quibus unda veliamenimin cusam et facea ipsamus es exerum sitate dolores editium rerore eost, temped molorro ratiae volorro te reribus dolorer sperchicium faceata tiustia prat. - -Itatur? Quiatae cullecum rem ent aut odis in re eossequodi nonsequ idebis ne sapicia is sinveli squiatum, core et que aut hariosam ex eat. - -## Blockquotes - -The blockquote element represents content that is quoted from another source, optionally with a citation which must be within a `footer` or `cite` element, and optionally with in-line changes such as annotations and abbreviations. - -### Blockquote without attribution - -> Tiam, ad mint andaepu dandae nostion secatur sequo quae. -> **Note** that you can use *Markdown syntax* within a blockquote. - -### Blockquote with attribution - -> Don't communicate by sharing memory, share memory by communicating.
-> — Rob Pike[^1] - -[^1]: The above quote is excerpted from Rob Pike's [talk](https://www.youtube.com/watch?v=PAAkCSZUG1c) during Gopherfest, November 18, 2015. - -## Tables - -Tables aren't part of the core Markdown spec, but Hugo supports supports them out-of-the-box. - - Name | Age ---------|------ - Bob | 27 - Alice | 23 - -### Inline Markdown within tables - -| Italics | Bold | Code | -| -------- | -------- | ------ | -| *italics* | **bold** | `code` | - -| A | B | C | D | E | F | -|----------------------------------------------------------|---------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------|------------------------------------------------------------|----------------------------------------------------------------------| -| Lorem ipsum dolor sit amet, consectetur adipiscing elit. | Phasellus ultricies, sapien non euismod aliquam, dui ligula tincidunt odio, at accumsan nulla sapien eget ex. | Proin eleifend dictum ipsum, non euismod ipsum pulvinar et. Vivamus sollicitudin, quam in pulvinar aliquam, metus elit pretium purus | Proin sit amet velit nec enim imperdiet vehicula. | Ut bibendum vestibulum quam, eu egestas turpis gravida nec | Sed scelerisque nec turpis vel viverra. Vivamus vitae pretium sapien | - -## Code Blocks -### Code block with backticks - -```html - - - - - Example HTML5 Document - - -

Test

- - -``` - -### Code block indented with four spaces - - - - - - Example HTML5 Document - - -

Test

- - - -### Diff code block - -```diff -[dependencies.bevy] -git = "https://github.com/bevyengine/bevy" -rev = "11f52b8c72fc3a568e8bb4a4cd1f3eb025ac2e13" -- features = ["dynamic"] -+ features = ["jpeg", "dynamic"] -``` - -### One line code block - -```html -

A paragraph

-``` - -## List Types - -### Ordered List - -1. First item -2. Second item -3. Third item - -### Unordered List - -* List item -* Another item -* And another item - -### Nested list - -* Fruit - * Apple - * Orange - * Banana -* Dairy - * Milk - * Cheese - -## Other Elements — abbr, sub, sup, kbd, mark - -GIF is a bitmap image format. - -H2O - -Xn + Yn = Zn - -Press CTRL + ALT + Delete to end the session. - -Most salamanders are nocturnal, and hunt for insects, worms, and other small creatures. \ No newline at end of file diff --git a/content/post/math-typesetting/index.md b/content/post/math-typesetting/index.md deleted file mode 100644 index d206914..0000000 --- a/content/post/math-typesetting/index.md +++ /dev/null @@ -1,40 +0,0 @@ ---- -title: Math Typesetting -description: Math typesetting using KaTeX -date: 2023-08-24 00:00:00+0000 -math: true ---- - -Stack has built-in support for math typesetting using [KaTeX](https://katex.org/). - -**It's not enabled by default side-wide,** but you can enable it for individual posts by adding `math: true` to the front matter. Or you can enable it side-wide by adding `math = true` to the `params.article` section in `config.toml`. - -## Inline math - -This is an inline mathematical expression: $\varphi = \dfrac{1+\sqrt5}{2}= 1.6180339887…$ - -```markdown -$\varphi = \dfrac{1+\sqrt5}{2}= 1.6180339887…$ -``` - -## Block math - -$$ - \varphi = 1+\frac{1} {1+\frac{1} {1+\frac{1} {1+\cdots} } } -$$ - -```markdown -$$ - \varphi = 1+\frac{1} {1+\frac{1} {1+\frac{1} {1+\cdots} } } -$$ -``` - -$$ - f(x) = \int_{-\infty}^\infty\hat f(\xi)\,e^{2 \pi i \xi x}\,d\xi -$$ - -```markdown -$$ - f(x) = \int_{-\infty}^\infty\hat f(\xi)\,e^{2 \pi i \xi x}\,d\xi -$$ -``` \ No newline at end of file diff --git a/content/post/parabola-install-guide/index.md b/content/post/parabola-install-guide/index.md new file mode 100644 index 0000000..4f3d171 --- /dev/null +++ b/content/post/parabola-install-guide/index.md @@ -0,0 +1,344 @@ +--- +title: Parabola Installation Guide +description: A recap of the commands needed to have an encryped, openRC Parabola setup. +date: 2024-02-08 00:00:00+0000 +image: parabola.jpg +categories: + - Linux + - Parabola +tags: + - linux + - parabola + - systemd +--- + +# Parabola Installation Guide + +This is a guide on how to install parabola that i created to have a reference for my eventual future installations on a librebooted system. +I decided to write this because I found that following the original guide in the Parabola wiki was not sufficent if you want to have an encrypted disk and no systemd in your system. +Still, this is to be considered just a recap of what you will need to to if you want to install Parabola this way, do not consider this official (or even unofficial) documentation at all. + +some info on [Parabola GNU/Linux-libre](https://www.parabola.nu/) + +I will assume that you already created a bootable drive of some kind with an image of Parabola CLI Edition that you can download from here: [download](https://wiki.parabola.nu/Get_Parabola)\ +I won't cover how to do so beacuse there are already hundreds of guides that perfectly teach you how to do it on every system with every image using every technique available. + +# Check if you have a UEFI machine or not +Type the following command to check if you have a UEFI machine or not, and keep that in mind, we will use this information later +``` +ls /sys/firmware/efi/efivars +``` +# Format your drive +The choice of partitions and filesystems is a matter of preference, and beyond the scope of this install guide. You can look at the Parabola wiki to know more. +If you already know what do you want and how you want it, you can skip this part. + +Proceed to format the drive you be installing Parabola on. I use fdisk, the most basic things you need to know about it are: +type **d** to delete a partition (will ask number), type **n** to create a partition (will ask usual info), type **w** to confirm the changes. + +Lets target the drive: +``` +fdisk /dev/sdX +``` +Assuming you deleted any existing partition, the next is to create two partitions, the first one will be a 1Gb partition and the second one will be the rest of the disk (or anyhow how much space yo want on your system) +This is just the way i do it, you might find your needs are different. + +``` +Command (m for help): n +Partition type + p primary (0 primary, 0 extended, 4 free) + e extended (container for logical partitions) +Select (default p): + +Using default response p. +Partition number (1-4, default 1): +First sector (2048-30277631, default 2048): +Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-30277631, default 30277631): +1G + +Created a new partition 1 of type 'Linux' and of size 1 GiB. +``` + +Then we are gonna create the second partition, you can press enter and use the default values for every option, you will have something similar to this: + +``` +Command (m for help): n +Partition type + p primary (0 primary, 0 extended, 4 free) + e extended (container for logical partitions) +Select (default p): + +Using default response p. +Partition number (1-4, default 1): +First sector (2048-30277631, default 2048): +Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-30277631, default 30277631): + +Created a new partition 1 of type 'Linux' and of size X.XX GiB. +``` +Modify the last sector if you need a specific amount of memory or leave it blank to take the entire free space of your drive. +It might ask you to remote an already present signature, in that case just remote it by pressing **Y** when asked to. + +# Filesystem of boot partition + +We are now gonna put a filesystem on the first partition, I use FAT partitioning beacuse it is versatile since it's compatibile with both legacy boot and UEFI. +``` +mkfs.fat -F32 /dev/sdX1 +``` + +# Encrypt the second partition +To encrypt out partition we run the command: +``` +cryptsetup luksFormat /dev/sdX2 +``` +You be ask to confirm the choice by typing **YES** and you will be asked to insert the passphrase for the partition. + +# Decrypt sdX2 +``` +cryptsetup open /dev/sdX2 partition-name +``` +We now decrypt the partition and assign a name to it (the name can be a random string, it will change later anyhow) +If we now run ```lsblk``` we should see something like this: +`` +NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS +nvme0n1 259:0 0 476.9G 0 disk +├─nvme0n1p1 259:1 0 1G 0 part +└─nvme0n1p2 259:2 0 475.9G 0 part + └─partition-name 254:0 0 475.9G 0 crypt + +# Create filesystem for partition-name +Create a [btrfs](https://wiki.archlinux.org/title/btrfs) partition on the decrypted partition +``` +mkfs.btrfs dev/mapper/partition-name +``` + +# Mount both partition +Mount the two partitions starting with partition-name: +``` +mount /dev/mapper/partition-name /mnt +``` +Then create a directory called **boot**: +``` +mkdir /mnt/boot +``` +And then mount the boot partition in the boot folder: +``` +mount /dev/sdX1 /mnt/boot +``` +If you now run ```lsblk``` again you should see the partition correctly mounted: +``` +NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS +nvme0n1 259:0 0 476.9G 0 disk +├─nvme0n1p1 259:1 0 1G 0 part /mnt/boot +└─nvme0n1p2 259:2 0 475.9G 0 part + └─partition-name 254:0 0 475.9G 0 crypt /mnt +``` +# (optional) Change mirrors +You might want to change the mirrors order to make installation of packages faster by going into this file (use your favorite text editor): +``` +/etc/pacman.d/mirrorlist +``` +From the list, move the servers that are closer to you to the top so that they will be the first ones to be chosen. + +# Install packages into the system +Install the needed packages into the ```/mnt``` partition, add what you know you will need: +``` +pacstrap /mnt base base-devel linux-libre linux-libre-firmware btrfs-progs grub networkmanager cryptsetup lvm2 vim neovim +``` +If youre in UEFI then add the following package: ```efibootmgr``` + +- base and base-devel:\ +base is the basic system and all the tools related to it, base-devel is necessary to compile packages and other stuff +- linux-libre:\ +the libre version of the linux kernel, with no binary blobs, obfuscated code, or code released under proprietary licenses +- linux-libre-firmware:\ +Some hardware devices such as the popular NetGear WNA1100 (aka: Wireless-N 150, aka: Atheros AR9271) require firmware (eg: ath9k_htc) from the linux-libre-firmware package +- grub:\ +the boot loader +- networkmanager:\ +internet 'n stuff +- cryptsetup and lvm2:\ +packages needed for encrypting and decrypting the drive +- vim and neovim:\ +i mean you know why + +# Chroot into your system +``` +arch-chroot /mnt bash +``` + +# Set the timezone and set the hardware clock +just run: +``` +ln -s /usr/share/zoneinfo/Europe/Rome /etc/localtime +``` + +Change country adn city based on your correct timezone +Then synch the hardware clock with the system clock: +``` +hwclock --systhoc +``` + +# Setup keyboard layout and language +Edit the locale.gen file: +``` +nvim /etc/locale.gen +``` +Uncomment the your langage and layout of choice + +Edit the file locale.conf: +``` +nvim /etc/locale.conf +``` +I will add the setup for the US keyboard but you might want a different layout: +``` +export LANG="en_US.UTF-8" +export LC_COLLATE="C" +``` +Run the locale-gen command: +``` +locale-gen +``` +# Name your computer +Run: +``` +echo "myhostname" > /etc/hostname +``` + +change **myhostname** with your desired name, then edit the following file: +``` +nvim /etc/hosts +``` +and add the follwing lines: +``` +127.0.0.1 localhost +::1 localhost +127.0.1.1 myhostname.localdomain myhostname +``` + +# Enable NetworkManager service +run: +``` +systemctl enable NetworkManager.service +``` + +# Add a user and set his groups and password +First add a password to your root with: +``` +passwd +``` +Then create a new user: +``` +useradd -G wheel -m user +``` +this way a user by the name of **user** has been created, added to the wheel group and a home directory has been created for him +Set the user user password: +``` +passwd user +``` + +# Edit the mkinitcpio configuration +Edit the **mkinitcpio.conf** file: +``` +nvim /etc/mkinitcpio.conf +``` +look for the line in which hooks are declared, it is going be like this: +``` +HOOKS=(base udev autodetect modconf kms keyboard keymap consolefont block filesystem fsck) +``` +add to the hooks **encrypt** and **lvm2**: +``` +HOOKS=(base udev autodetect modconf kms keyboard keymap consolefont block encrypt lvm2 filesystem fsck) +``` +**Optionally** you can add the following modules to same mkinitcpio.conf file: +``` +hid usbhid hid_generic ohci_pci +``` +If, at the end of the installation, the keyboard is not working during the decryption of the partition\ + +Update the conf by typing: +``` +mkinitcpio -p linux-libre +``` + +# Make the system able to decrypt the partition +Start by exiting the partition: +``` +exit +``` +Create an fstab and output it in the correct place: +``` +# genfstab -p /mnt >> /mnt/etc/fstab +``` +use **-U** or **-L** to define by UUID or labels, respectively + +Take the output of **lsblk -f** in put it in the following file: +``` +lsblk -f >> /mnt/etc/default/grub +``` +Go back into your system: +``` +arch-chroot /mnt bash +``` + +# Edit GRUB to make the system able to encrypt and decrypt the partition +Enter the following file: +``` +nvim /etc/default/grub +``` +At the end of the file you will find the output of our **lsblk -f** command, it will be something similar to this: +``` +NAME FSTYPE FSVER LABEL UUID FSAVAIL FSUSE% MOUNTPOINTS +sdb +nvme0n1 +├─nvme0n1p1 [UUID_0] 862.4M 16% /boot +└─nvme0n1p2 [UUID_1] + └─cryptlvm [UUID_2] 431.2G 9% / +``` +You will only need the two UUIDs: **[UUID_1]** and **[UUID_2]** + + +And at the top of this file there will be a line that looks like this: +``` +GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet" +``` +Now, take the UUID of the encrypted partition (in this case the **UUID_1**) and add the following to the GRUB_CMDLINE_LINUX_DEFAULT: +``` +cryptdevice=UUID=[UUID_1]:cryptlvm +``` +It will look something like this: +``` +cryptdevice=UUID=33dd1b52-a543-4143-8bf8-004390e411e0:cryptlvm +``` +Take the UUID of the decrypted partition (in this case the **UUID_2**) and add the following to the GRUB_CMDLINE_LINUX_DEFAULT: +``` +root=UUID=[UUID_2] +``` +It will look something like this: +``` +root=UUID=b720a64e-fdf2-462e-9231-d1a35ae2654e +``` +the **GRUB_CMDLINE_LINUX_DEFAULT** should look like this: +``` +GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet cryptdevice=UUID=33dd1b52-a543-4143-8bf8-004390e411e0:cryptlvm root=UUID=b720a64e-fdf2-462e-9231-d1a35ae2654e" +``` + +# Install Grub bootloader +Install GRUB for UEFI devices: + +**esp** denotes the mountpoint of the EFI system partition +``` +grub-install --target=x86_64-efi --efi-directory=[esp] --bootloader-id=grub +``` + +Install GRUB for legacy BIOS devices +``` +grub-install /dev/sdX +``` +Then create the grub configuration: +``` +grub-mkconfig -o /boot/grub/grub.cfg +``` + +Now you can unmount your partitions, remove your bootable device and reboot the system. +You now a have a fully libre system, you chad. + +# Migrate to Open-RC +For maximum chad-status you have to remote systemD in favour of Open-RC, the Parabola wiki has a section on how to do so [HERE](https://wiki.parabola.nu/OpenRC) diff --git a/content/post/parabola-install-guide/parabola.jpg b/content/post/parabola-install-guide/parabola.jpg new file mode 100644 index 0000000..f15e33f Binary files /dev/null and b/content/post/parabola-install-guide/parabola.jpg differ diff --git a/content/post/t400-libreboot-guide/index.md b/content/post/t400-libreboot-guide/index.md new file mode 100644 index 0000000..30d6809 --- /dev/null +++ b/content/post/t400-libreboot-guide/index.md @@ -0,0 +1,51 @@ +--- +title: My T400 Libreboot Guide +description: Simplest Libreboot guide I can write +date: 2024-01-22 00:00:00+0000 +image: libreboot.png +categories: + - Libreboot + - Thinkpad +tags: + - libreboot + - thinkpad + - bios +--- + +[DRAFT] // It's a fucking DRAFT, WAIT + +# The bestest most amazing T400 setup possible + +**T400? Why? TODO** + +The first step is to flash libreboot on your T400, the libreboot docs have a ton of information about installing libreboot on any compatible device, but I found it confusing to read given the huge amount of information on the site and the way they are structured. If you're not yet knowledgeable on the matter and you "just" want to libreboot your T400 (or X200), you might want to follow a simpler guide with just the must-know information and not much else. + +## What hardware is needed: + +1. Some type of programmer: The two most common programmers that I would suggest are either a Raspberry Pi or the CH341A programmer. The case for the Pi is that if you just plan to flash your device, you will afterward still have a usable Pi with a lot of potential for homemade projects. The case of the CH341A is that it is inexpensive (I paid around 5 bucks for it). Still, when you're done, you won't have any use for the CH341A unless you want to flash other devices with an SPI interface. + + Given my personal experience, I would suggest the CH341A simply because I tried and tried to flash my T400 with Pi 4 B without any luck. I was not able to read from the chip at any time, though after more research, I think these issues might be due to my clip. + + It's important to be aware that there are multiple versions of the CH341A programmer, the most common one being a version that delivers 3.3 volts to the motherboard chip, a voltage that is too big and could potentially fry the chip (even though multiple people have used it with no issue). If you opt for the CH341A and want to be as safe as possible, you must consider either finding the model that delivers 1.8V or modding the standard 3.3v version for 1.8v delivery. How: [LINK] + +2. SOIC clip: You will need a SOIC clip to connect to the flash chip and the programmer. I cannot stress enough how important the quality of the clip is. I have struggled for weeks to make awful Chinese clips work due to me being a cheap fuck, but I assure that a good clip is gonna make the process simpler and less frustrating. The best and most quoted clip is the POMONA clip, which is also way more expensive than the clones that you will find on Aliexpress, eBay, or similar stores, will make your life easier. I'm not saying you HAVE to use it, but it's definitely recommended. It is rare, but not impossible, that you will have a chip that will require a different clip, statistically it will be [placeholder], aside from buying a clip that is compatible with your chip the rest of the process is virtually the same. + + [TO BE MOVED] Clip size: Most T400s will require a SOIC 16 or SOIC 8 depending on the chip size. If your T400 is already disassembled, you can just look at the pins of the clip; a 16-pin chip will require a SOIC 16, and an 8-pin chip will require a SOIC 8. If your T400 is not disassembled yet, you can read the chip with the flashrom package and know, based on the memory size of the chip, what clip you will need: an 8mb chip will correspond to a 16 pins chip and a 4mb chip will correspond to an 8 pins chip. + +3. Jumper cables: Standard jumper cables are fine; have an assortment of female-male, female-female ready depending on what the interface of your programmer and clip will need. Probably won't need male-male jumpers. + +4. Disassembly: You will need to disassemble the T400 for the first flashing of libreboot, once it is installed every next flash of the bios can happen internally. You have two options when it comes to disassembly: you can completely disassemble every single component of the pc, including detaching the motherboard from the plastic cage; or you can just remove the battery and palm rest and "mod" (AKA break) the plastic cage to have access to the chip. + + [PHOTOS] + + Why do I illustrate these two options? Because, in case you just want to libreboot the laptop without doing any additional mods then the less invasive method will save you time and energy, but if you plan to mod further the laptop you can do everything in a single go and disassemble it once (hopefully) The only other mod that will be illustrated in this guide will be the quad-core mod, that allows installing a range of quad-core CPUs on a T400 that would otherwise only have dual-core CPUs compatible. For the cooling mod, that makes sense only after you do the quad-core mod, follow this guide: [LINK] + +5. Flashrom installation: If you're using a raspberry as a programmer, ssh into it to install the flashrom package, if you're using the CH341A install the package on the pc you will be connection the programmer to. The package comes with the "flashrom" command, in most cases, this is all you will need to use (we will see common (and less common) flashing errors and their workarounds. + +6. Flashrom reading: TODO + +## Clip -> chip connection + +After having disassembled the device, you will have access, just on top of the two RAM slots, to the bios chip. Using the jumper cables connect your programmer of choice to the Clip and then the clip to the chip. REMEMBER to turn on the programmer only AFTER a solid connection between the clip and chip is established, to avoid any kind of voltage issue. Similarly, turn off the programmer BEFORE removing the clip. + +the next step is to read and save the current BIOS, so that, in case anything goes wrong while writing onto the chip, you will have a backup to use to go back to a working BIOS. It is highly recommended to backup the .bin a couple of times and use the command "diff" to check the you have two exact copies of the BIOS, keep trying untill you do. This is the safest option, i never do it cause it bothers me trying to have a working BIOS. diff --git a/content/post/t400-libreboot-guide/libreboot.png b/content/post/t400-libreboot-guide/libreboot.png new file mode 100644 index 0000000..ca1d1cd Binary files /dev/null and b/content/post/t400-libreboot-guide/libreboot.png differ diff --git a/content/post/t400-setup/my-t400-setup.md b/content/post/t400-setup/my-t400-setup.md new file mode 100644 index 0000000..d73ba7b --- /dev/null +++ b/content/post/t400-setup/my-t400-setup.md @@ -0,0 +1,42 @@ +--- +title: T400 mods +description: A collection of ways you can mod a Thinkpad T400 +date = 2023-09-08T16:29:32+02:00 +draft = false +--- + +--- +title: My T400 Libreboot Guide +description: Simplest Libreboot guide I can write +date: 2024-01-22 00:00:00+0000 +image: libreboot.png +categories: + - Libreboot + - Thinkpad +tags: + - libreboot + - thinkpad + - bios +--- +# thinkpad t400 setup + +my daily driver is the Thinkpad T400, the most powerful laptop that you can libreboot to remove completely the propietary Lenovo BIOS in favor of a fully open source BIOS. + +some info on the [Thinkpad T400](https://mcdojf.wixsite.com/t400) + +# MODS +ive done a small number of mods to my stock T400, here they are: +# Libreboot +TODO: guide will be done +# Quad-core mod +TODO: guide will be done +# bluetooth +the bluetooth of the T400 is 2.1, you can easily upgrade the bluetooth 4.0 easily by swapping the card located behind the LCD front bezel +# Ultra-bay mod +TODO: who the fuck knows if i will ever do this +# Express Card slot +The T400 Express Card slot allows you to slot in any compatibile Express Card 54, i think the most used card is the one that gives you one or two (depending on the model) USB 3.0 plugs, with up to (i think) 5Gbps transfert speed. Cool shit. +# Parabola GNU/Linux-libre +The distro i use on my librebooted T400 is Parabola GNU/Linux-libre, a community-driven, "labour-of-love" effort to maintain a 100% free (as in: freedom) operating system distribution that is lean, clean, and hackable. +A guide on installing parabola with a encrypted root partition using luks and open-rc could be created in the future. + diff --git a/content/post/talks/cover.jpg b/content/post/talks/cover.jpg new file mode 100644 index 0000000..1634e85 Binary files /dev/null and b/content/post/talks/cover.jpg differ diff --git a/content/post/talks/index.md b/content/post/talks/index.md new file mode 100644 index 0000000..a92b9a4 --- /dev/null +++ b/content/post/talks/index.md @@ -0,0 +1,16 @@ +--- +title: Talks +description: A list of talks I have seen at various events +date: 2024-02-08 00:00:00+0000 +image: talks.png +categories: + - Talks + - Events +tags: + - talks + - events + - conferences +--- +This are most (if not all) of the talks that ive seen, either online or live during conferences and events i have traveled to.\ +They are divided by event, in the future i might create some kind of filtering system. URLs are provided when available. +{{< talks >}} diff --git a/content/post/talks/talks.png b/content/post/talks/talks.png new file mode 100644 index 0000000..ff08621 Binary files /dev/null and b/content/post/talks/talks.png differ diff --git a/data/talks.json b/data/talks.json new file mode 100644 index 0000000..42ff0d9 --- /dev/null +++ b/data/talks.json @@ -0,0 +1,546 @@ +{ + "talks": [ + { + "title": "Apple's iPhone 15: Under the C", + "subtitle": "Hardware hacking tooling for the new iPhone generation", + "speakers": ["stacksmashing"], + "date": "2023-12-27T12:00:00", + "location": "37C3", + "tags": ["iphone", "reverse-engineering", "uart"], + "url": "https://media.ccc.de/v/37c3-12074-apple_s_iphone_15_under_the_c", + "duration": "PT36M25S", + "description": "The iPhone's Lightning connector was a proprietary beast with a lot of hidden features: By sending custom SDQ commands there, it was possible to get it to expose hardware debugging features such as JTAG and UART. For a long time, this was only easily possible using either gray and black-market cables such as the Kanzi-Cable, or proprietary tools such as the Bonobo Cable. Last year, we released an open-source tool to get access to the iPhone debugging features called the Tamarin Cable - finally allowing anyone to get JTAG and UART on the iPhone for just a couple of $ in parts.\nBut then the iPhone 15 came along, and with that USB-C: All previous hardware and software tooling basically became useless, but that did not stop us from trying: We knew from the Apple Silicon macs and the work of t8012-team and the AsahiLinux project that Apple uses USB-C's VDM feature - Vendor Defined Messages - to allow access to features such as the UART console, and so chances were high that we could use something similar to get access to the hardware debugging features on the iPhone 15.\nSo we pre-ordered the iPhone 15, a couple of PCBs, a case of Club Mate and got started: And less than 48 hours after the launch we got JTAG working on the iPhone 15.\nIn this talk we will start by looking at the history of iPhone and Lightning hardware hacking, and then look at how USB-C is used for debugging on Apple Silicon devices, and what we had to do to get JTAG on the iPhone 15.\nWe will also use this talk to release the new version of the open-source Tamarin Cable firmware: Tamarin-C. A fully integrated, open-source debugging probe for the iPhone 15 and other Apple Silicon devices. Tamarin-C is also able to give access to a DFU mode that you can't access without sending VDMs.\nNote: This talk will not contain any 0days or previously unknown vulnerabilities. Production iPhones are locked, and so while we get access to some of the device's busses we can't for example access the CPU core.\nThis talk is about building tooling for future work.", + "liked": true, + "attended": true + }, + { + "title": "Please Identify Yourself!", + "subtitle": "Digital Identity Systems in the EU & around the world", + "speakers": ["socialhack", "Ubdhav Tiwari"], + "date": "2023-12-27T13:50:00", + "location": "37C3", + "tags": ["eidas", "eu", "politics"], + "url": "https://media.ccc.de/v/37c3-12004-please_identify_yourself", + "duration": "PT45M31S", + "description": "After over two years of intense negotiations, the EU recently agreed to their Digital Identity Reform (eIDAS). In this talk we analyse the result, what safeguards we can realistically expect and how our online and offline interactions might change because of this new European Digital Identity Wallet. Other regions in the world are much further ahead in this issue and we will also try to learn from the experiences from India and Kenya. Both countries had unique strategies from civil society to fight back against the introduction of digital identity systems, focusing on interrogating their design, raising awareness, strategic litigation and civil disobedience post deployment . Lastly, this issue pops up in many countries and is actively promoted as \"Digital Public Infrastructure\" by global organisations like UNDP and the World Bank - often with little to know credence to privacy or local realities. This global trend is very worrying due to the shiny veneer hiding their dark reality of exploitation by local and foreign actors. We will showcase strategies how local actors have resisted and shaped the introduction of these systems with a combination of technical, advocacy, and interdisciplinary ally building. Our goal is to provide knowledge about how exactly these systems work, who benefits from them and what strategies could be deployed against them.", + "liked": true, + "attended": true + }, + { + "title": "Operation Triangulation", + "subtitle": "What You Get When Attack iPhones of Researchers", + "speakers": ["oct0xor", "kucher1n", "bzvr_"], + "date": "2023-12-27T14:45:00", + "location": "37C3", + "tags": ["cve", "iphone", "security"], + "url": "https://media.ccc.de/v/37c3-11859-operation_triangulation_what_you_get_when_attack_iphones_of_researchers", + "duration": "PT58M5S", + "description": "Imagine discovering a zero-click attack targeting Apple mobile devices of your colleagues and managing to capture all the stages of the attack. That’s exactly what happened to us! This led to the fixing of four zero-day vulnerabilities and discovering of a previously unknown and highly sophisticated spyware that had been around for years without anyone noticing. We call it Operation Triangulation. We've been teasing this story for almost six months, while thoroughly analyzing every stage of the attack. Now, for the first time, we're ready to tell you all about it. This is the story of the most sophisticated attack chain and spyware ever discovered by Kaspersky.", + "liked": true, + "attended": true + }, + { + "title": "YOU'VE JUST BEEN FUCKED BY PSYOPS", + "subtitle": "UFOS, MAGIC, MIND CONTROL, ELECTRONIC WARFARE, AI, AND THE DEATH OF THE INTERNET", + "speakers": ["Trevor Paglen"], + "date": "2023-12-27T16:00:00", + "location": "37C3", + "tags": ["history", "psyops", "surveillance"], + "url": "https://media.ccc.de/v/37c3-12326-you_ve_just_been_fucked_by_psyops", + "duration": "PT55M49S", + "description": "How the history of military and government PSYOPS involving mind-control, UFOs, magic, and remote-control zombies, explains the future of AI and generative media. Along the way, talk attendees will be given an enrollment code to join a specialized CTF/ARG game called CYCLOPS that explores these themes and that will run the duration of Congress.\nAs AI-generated content, social-media influence operations, micro-targeted advertising, and ubiquitous surveillance have become the norm on the Internet and in the market in general, we have entered an era of PSYOP Capitalism. This is an era of hallucinations designed to transform each of us into a “targeted individual” through the manipulation of perception. This talk explores a secret history of reality-altering military and intelligence programs that serve as antecedents to a phantasmagoric present.\nAt the talk, attendees will be given a registration code to play “CYCLOPS,” a CTF/ARG game that will run the duration of Congress. CYCLOPS explores the themes of the mind-control and PSYOPS through an interactive parafictional narrative taking place in the context of an obscure CIA cognitive warfare program from the early days of the Cold War.", + "liked": true, + "attended": true + }, + { + "title": "Mobile phone privacy with silent.link (Workshop)", + "speakers": ["anonymous-speaker"], + "date": "2023-12-27T17:00:00", + "location": "37C3", + "tags": ["anonimity", "esim"], + "notes": "Couldn't hear anything, left after paper data eSIM giveaway.", + "url": "https://events.ccc.de/congress/2023/hub/en/event/mobile-phone-privacy-with-silentlink-workshop/", + "duration": "PT1H", + "description": "ZeroKYC Anonymous eSIM service: security and privacy implications for mobile users. Use cases. Advantages and limitations. Questions and answers. Hands-on experience.", + "attended": true + }, + { + "title": "SMTP Smuggling – Spoofing E-Mails Worldwide", + "speakers": ["Timo Longin"], + "date": "2023-12-27T22:05:00", + "location": "37C3", + "tags": ["cve", "email", "smtp"], + "notes": "Had to fix my Postfix installation after this one", + "url": "https://media.ccc.de/v/37c3-11782-smtp_smuggling_spoofing_e-mails_worldwide", + "duration": "PT31M39S", + "description": "SMTP, the Simple Mail Transfer Protocol, allows e-mailing since 1982. This easily makes it one of the oldest technologies amongst the Internet. However, even though it seems to have stood the test of time, there was still a trivial but novel exploitation technique just waiting to be discovered – SMTP smuggling! In this talk, we'll explore how SMTP smuggling breaks the interpretation of the SMTP protocol in vulnerable server constellations worldwide, allowing some more than unwanted behavior. Sending e-mails as admin@microsoft.com to fortune 500 companies – while still passing SPF checks – will be the least of our problems! From identifying this novel technique to exploiting it in one of the most used e-mail services on the Internet, we'll dive into all the little details this attack has to offer. Therefore, in this talk, we'll embark on an expedition beyond the known limits of SMTP, and venture into the uncharted territories of SMTP smuggling!", + "liked": true, + "attended": true + }, + { + "title": "Sucking dust and cutting grass: reversing robots and bypassing security", + "speakers": ["Dennis Giese", "braelynn"], + "date": "2023-12-27T23:00:00", + "location": "37C3", + "tags": ["iot", "reverse-engineering", "security", "vaccum-robot"], + "url": "https://media.ccc.de/v/37c3-11943-sucking_dust_and_cutting_grass_reversing_robots_and_bypassing_security", + "duration": "PT1H11M32S", + "description": "For the past 5 years we have been presenting ways to hack and root vacuum robots at various events like the c3 or the DEFCON. In all these cases it covered vacuum robots by Roborock, Dreame, Xiaomi and some smaller companies. However, did we ever take a look at other vendors and maybe some new interesting device classes? In this talk we do exactly that, and will take a deep dive into Ecovacs robots!\nWe will present the result of the research that started back in 2018. Explore with us the development on the last years. How did the security and privacy of \"Ecovacs\" change in contrast to other companies? What kind of cool hardware is out there? Can the devices be used to potentially spy on you?\nLearn how reverse engineering works and how to get root access on the devices. Let us show you how you maintain persistence on the devices and run your own software.\nCome with us on a journey of having fun hacking interesting devices while exploring bad oversights and real problems. You will be surprised what we found. Let's discuss together what impact this devices will have on our (social) life and what the future of vacuum robot hacking will bring.", + "liked": true, + "attended": true + }, + { + "title": "(Looking at) Functional Programming in Assembly", + "speakers": ["lj"], + "date": "2023-12-28T12:00:00", + "location": "37C3", + "tags": ["assembly", "functional-programming", "haskell", "optimization"], + "url": "https://events.ccc.de/congress/2023/hub/en/event/looking-at-functional-programming-in-assembly/", + "duration": "PT1H30M", + "description": "While Functional Programming usually happens quite far away from Assembly programming, in order to get functional programs performant, quite some tricks are used that have effects that reach down into the dark abyss of Assembly.\nIn this talk I want to focus on the optimizing strategy \"Tail Call Elimination\", a compiler optimization of particular importance for recursive function calls. Every functional programmer will tell you that writing your code using tail recursion (it doesn't matter whether you know what that is, you'll see then!) or using Haskell's \"foldl\" is \"generally faster than foldr (Terms and Conditions apply)\". But even seasoned developers often struggle explaining why and quickly resort to pointing to benchmarks or giving some vague answers around \"you need less stack\".\nIn this talk I want to introduce you to what recursion is, some of the reasons why it's computationally expensive, what tail recursion is and why it's better, and why tail call elimination makes it even more awesome. We will go through some example programs implemented in Assembly (for those who ask: I'll use x86 and maybe aarch64 examples) where we, step-by-step, transform our function from head recursive to tail recursive and then will go further by eliminating the recursive call altogether.", + "liked": true, + "attended": true + }, + { + "title": "The impact of quantum computers in cybersecurity", + "subtitle": "Estimating the costs of algorithms for attacks and defense applications", + "speakers": ["Alessandro Luongo"], + "date": "2023-12-28T12:55:00", + "location": "37C3", + "tags": ["quantum", "security"], + "notes": "The font size defeated my squinting abilities.", + "url": "https://media.ccc.de/v/37c3-12034-the_impact_of_quantum_computers_in_cybersecurity", + "duration": "PT38M57S", + "description": "In in this talk we explore the potential ramifications of quantum computing in the field of cybersecurity We'll delve into two critical aspects: the application of quantum machine learning algorithms for defence and the impact of quantum attacks on cryptography and post-quantum cryptography for offence. We'll present insights on the theoretical advantages of quantum algorithms, improvements in factoring large numbers, and the impacts of post-quantum crypto attacks. While the hype around quantum technologies is growing, the estimates in the resources needed to run a quantum algorithm and the current number of qubits pose caution in the enthusiasm. The limitations in terms of available qubits, error rates, and scalability are critical factors that need to be considered when assessing the real-world applicability of quantum computing.", + "liked": true, + "attended": true + }, + { + "title": "Nintendo hacking 2023: 2008", + "subtitle": "Finishing off the Nintendo DSi", + "speakers": ["PoroCYon"], + "date": "2023-12-28", + "location": "37C3", + "tags": ["nintendo-dsi"], + "url": "https://media.ccc.de/v/37c3-11736-nintendo_hacking_2023_2008", + "duration": "PT42M26S", + "description": "Over the years, many talks about console jailbreaks have been presented at CCC. However, one console has been left overlooked: the Nintendo DSi. It didn't see any serious hacks in its active lifetime, the ones that eventually appeared aren't completely satisfactory, and several components (such as its boot ROMs) were left untouched. In this presentation, we rectify the situation, explain how to extract the boot ROMs, and demonstrate new jailbreaks that can take over the console at an even deeper level. As a bonus, this work makes it possible to revive consoles with worn-out eMMC NAND chips.\nThis presentation will start with an introduction to the hardware of the Nintendo DSi and the history of earlier hacking attempts. This is followed by an explanation on how to extract, analyze, and exploit the boot ROMs of the console, leading to a complete defeat of the security of the system.\nThis presentation will not shy away from technical explanations involving software exploitation, fault injection, cryptography, and hardware design. We will however try to make it understandable and enjoyable to less technically-inclined audiences.", + "liked": true, + "attended": true + }, + { + "title": "Honey I federated the search engine - finding stuff online post-big tech", + "speakers": ["Martin Hamilton"], + "date": "2023-12-28T17:20:00", + "location": "37C3", + "tags": ["federated-services", "lightning-talk", "search-engines"], + "url": "https://media.ccc.de/v/37c3-lightningtalks-58060-honey-i-federated-the-search-engine-finding-stuff-online-post-big-tech", + "duration": "PT4M1S", + "description": "It's getting harder and harder to find stuff on the Internet as search engines fill up with ads, SEO spam and AI generated hallucinations. In this talk I'll sketch out some possible options for truly personal Internet search that don't require nation state levels of resources, piggybacking on widely deployed standards like RSS and XML sitemaps, and meta search engines like SearXNG.", + "liked": true + }, + { + "title": "Current status on post-quantum cryptography and ongoing standardization and implementations/protocols", + "speakers": ["elfy"], + "date": "2023-12-28T16:05:00", + "location": "37C3", + "tags": ["cryptography", "lightning-talk", "security", "quantum"], + "url": "https://media.ccc.de/v/37c3-lightningtalks-58017-current-status-on-post-quantum-cryptography-and-ongoing-standardization-and-implementations-protocols", + "duration": "PT5M11S", + "description": "This lightning talk will give a brief and up-to-date overview of the on-going standardization processes of post-quantum cryptography (PQC) algorithms and methods (also called \"Quantum-Safe Cryptography\").\nThe main focus will be the relevant current developments of specific technical standards such as IETF RFC drafts for implementation and usage of post-quantum cryptography both on a conceptual and protocol level. A concise and rough timeline what to expect in terms of PQC will also be provided.", + "liked": true + }, + { + "title": "The Sorbus Computer", + "speakers": ["SvOlli"], + "date": "2023-12-28T16:10:00", + "location": "37C3", + "tags": ["lightning-talk", "retrocomputing"], + "url": "https://media.ccc.de/v/37c3-lightningtalks-57995-the-sorbus-computer-a-cheap-8-bit-computer-for-tinkering", + "duration": "PT4M53S", + "description": "The Sorbus Computer is a cheap 8-bit software defined computer. For under 15 Euros you can build a machine that you can run like an Apple 1, an educational system or a totally new machine.", + "liked": true, + "attended": true + }, + { + "title": "Reliable Radio Communications", + "speakers": ["Bernerd DO3RB"], + "date": "2023-12-28T16:15:00", + "location": "37C3", + "tags": ["lightning-talk", "radio"], + "url": "https://media.ccc.de/v/37c3-lightningtalks-58000-reliable-radio-communications", + "duration": "PT3M20S", + "description": "Using Coding Theory to get LoRa-like performance from every ISM Radio Transceiver.", + "liked": true, + "attended": true + }, + { + "title": "InvenTree: Inventory management software", + "speakers": ["matmair"], + "date": "2023-12-28T16:20:00", + "location": "37C3", + "tags": ["lightning-talk", "makerspace"], + "url": "https://media.ccc.de/v/37c3-lightningtalks-58014-inventree-oss-inventory-and-plm", + "duration": "PT4M58S", + "attended": true + }, + { + "title": "Sunjuice Collector for our Makerspace", + "speakers": ["lemmi25"], + "date": "2023-12-28T16:25:00", + "location": "37C3", + "tags": ["lightning-talk", "solar-panels"], + "url": "https://media.ccc.de/v/37c3-lightningtalks-58058-sunjuice-collector-for-our-makerspace", + "duration": "PT3M55S", + "description": "We recently installed a self-built photovoltaic system at our makerspace in Freiburg, utilizing repurposed solar panels. This eco-friendly initiative allows us to directly feed the generated energy into our power grid, enabling us to produce our own sustainable energy.\nI'll be presenting a brief overview of how we collaboratively constructed this innovative photovoltaic system within our community, highlighting the shared effort and ingenuity that went into its creation.", + "attended": true + }, + { + "title": "Youth Hacking 4 Freedom", + "speakers": ["Bonnie Mehring"], + "date": "2023-12-28T16:30:00", + "location": "37C3", + "tags": ["competition", "lightning-talk", "youth"], + "url": "https://media.ccc.de/v/37c3-lightningtalks-58015-youth-hacking-4-freedom", + "duration": "PT3M38S", + "description": "You like coding and tinkering with software or hardware? And you are up for a challenge? Then the “Youth Hacking 4 Freedom” is the perfect competition to test your skills.\nThe third round of the FSFE's programming competition “Youth Hacking 4 Freedom” is open for registration. \"Youth Hacking 4 Freedom\" is a programming competition for European teenagers from 14 to 18 years old. The participants have the chance to work on their own project idea with the guidance of experts from the Free Software universe. There are no limitations for the projects as long as they are published under a Free Software license. In this competition young people can test their skills, learn how to work on a project under a deadline, and most importantly have fun while meeting different people from Europe. Hear all about the competition and how to participate in this lightning talk.", + "attended": true + }, + { + "title": "TeX Time Travel", + "speakers": ["Oliver"], + "date": "2023-12-28T16:35:00", + "location": "37C3", + "tags": ["history", "tex"], + "url": "https://media.ccc.de/v/37c3-lightningtalks-58020-tex-time-travel", + "duration": "PT4M13S", + "description": "I tracked down a four decade old TeX file Knuth used in a lecture from 1981 and restored the printed version.\nOn a whim I tried to find the handout Donald E. Knuth used in an intro course for TeX back in 1981, which I watched on YouTube. After finding a few specific search strings I came across files generated during that course in a big archive of the first Stanford A.I. Laboratory, where I found much more than I had hoped, including all the original TeX files for the course, which can still be processed by TeX today, after some adjustments.", + "liked": true, + "attended": true + }, + { + "title": "Synthetic Sentience", + "subtitle": "Can Artificial Intelligence become conscious?", + "speakers": ["Joscha"], + "date": "2023-12-28T17:15:00", + "location": "37C3", + "tags": ["artificial-intelligence", "philosophy"], + "url": "https://media.ccc.de/v/37c3-12167-synthetic_sentience", + "duration": "PT1H3M20S", + "description": "Despite the rapid progress of AI capabilities, the core question of Artificial Intelligence seems to be still unanswered: What does it take to create a mind? Let us explore the boundaries of AI: sentience, self awareness, and the possibility of machine consciousness.\nAfter many attempts to build AI models that are smarter than human beings, we find ourselves confronted with a family of surprisingly successful systems that match many of our abilities through text prediction and text/image correlation. The limits of these approaches are presently unclear, and while they work in very different ways than our minds, they pose the question whether consciousness, embodiment and motivation are necessary for achieving general intelligence. What are the differences between human (and animal) minds and the current generation of AI models? When we compare perspectives on mind and consciousness that have been developed in neuroscience, philosophy of mind, theoretical and therapeutic psychology, and numerous cultural traditions, and translate them into the metaphysics and conceptual frameworks of artificial intelligence, we may gain insights into this question.", + "liked": true, + "attended": true + }, + { + "title": "Demoscene now and then", + "subtitle": "The demoscene is an underground computer art culture.", + "speakers": ["Lord/Spreadpoint"], + "date": "2023-12-28T20:15:00", + "location": "37C3", + "tags": ["amiga", "art", "commodore", "demoscene"], + "notes": "This one is good but it felt more like a fever dream.", + "url": "https://media.ccc.de/v/37c3-11846-demoscene_now_and_then", + "duration": "PT41M40S", + "description": "The demoscene is an underground computer art culture. The Speaker is a member of the Demoscene since the 1980ies and gives insights how it is now and how it was back in the days and how you can participate!\nThe term demoscene comes from the word demo, short for demonstration. In the context of the demoscene the word demo means a realtime audiovisual application which is demonstrating the capabilities of the machine it runs on.\nDemosceners (\"sceners\") are what we call the folks with too much free time that abuse their computer skills to create releases under the demoscene.\nDemosceners often use nicknames (\"nicks\" or \"handles\") to identify themselves. They also tend to hang out in so-called demogroups. Some demosceners are active members of multiple demogroups, with or without using the same nickname.\nLet's get one thing clear: the demoscene has no commercial purpose. The only thing you'll get out of the demoscene, and this only comes after investing a significant amount of your free time into it, is a few useful soft skills and a large community of computer nerd friends.\nDemoscene releases are meant to show the limits of the machines, the technical skills and artistic sensibility of the makers. There are no rules to what kind of release you can make on the demoscene. Some demos are made as technical benchmarks, others as conceptual art, most are done just for fun. It is entirely up to you to explore what you like doing and share it with other demosceners.\nDemoscene releases can be divided into certain categories:\nTrack, an audio piece, can be in an executable format, in a tracker module format or in a pre-rendered wav/mp3 format Graphics entry, drawn or rendered images with fixed resolutions and/or a restricted color palette Demo, an audiovisual real-time executable demonstration for a certain platform Intro, typically a demo with file size limitation all packed into a single executable file that includes all the assets (popular size formats are 256bytes, 512bytes, 1kb, 4kb, 8kb, 64kb) Animation, rendered graphics videos Demopack, a collection of demos in a single disk Musicdisk, a collection of demoscene tracks with an executable player interface Diskmag, a collection of texts about the demoscene with an executable graphics interface Wild entry, everything else (including live performances, videos of demos on uncommon platforms, videos about demomaking, etc) Releases typically occur at demoparties, gathering events for demosceners.", + "liked": true, + "attended": true + }, + { + "title": "Tor censorship attempts in Russia, Iran, Turkmenistan", + "speakers": ["Roger Dingledine"], + "date": "2023-12-28T23:00:00", + "location": "37C3", + "tags": ["anonimity", "censorship", "obfs4", "politics", "snowflake", "tor"], + "notes": "I really enjoyed this one.", + "url": "https://media.ccc.de/v/37c3-12040-tor_censorship_attempts_in_russia_iran_turkmenistan", + "duration": "PT1H2M41S", + "description": "In December 2021, months before the world watched Russia invade Ukraine, Russia rolled out comprehensive censorship of the Tor network and related Tor protocols. Then in October 2022, the latest wave of protests in Iran saw a huge spike in Tor usage followed by a swift crackdown of the most successful techniques. Meanwhile in 2023, Turkmenistan has blocked popular CDNs like Cloudflare and Akamai, most hosting providers like Hetzner and OVH, and much more.\nOn the depressing side, the global censorship trend continues to gain momentum, with some European countries alarmingly eager to get in on it. But resignation is boring: here we are, a tiny community of activists and relay/bridge operators around the world continuing to provide safe and private internet reachability for hundreds of thousands of people who are trying to be human beings under authoritarian regimes.\nWe will walk through \\*how\\* each of these countries deployed their Tor blocks, and what changes we made to let citizens continue to reach the Tor network. Looking at each case study through a Tor lens will let us compare/contrast the censorship attempts from each country, discuss future ideas for how to make sure the bytes can keep flowing, and talk through the political impacts.", + "liked": true, + "attended": true + }, + { + "title": "Formalizing mathematics in the proof assistant Agda", + "speakers": ["iblech"], + "date": "2023-12-29T11:00:00", + "location": "37C3", + "tags": ["agda", "formal-proofs", "mathematics", "proof-assistants"], + "url": "https://events.ccc.de/congress/2023/hub/en/event/formalizing-mathematics-in-the-proof-assistant-agd/", + "duration": "PT2H", + "description": "Some day, computers will help working mathematicians of all disciplines in finding and checking proofs. It will feel easy, effortless and natural. Computers might even surpass us, creating a new exciting niche for mathematicians: understanding the mathematical advances put forward by computers. The univalent foundations program by the late Vladimir Voevodsky was an important step towards this vision. However, we aren't there yet.\nStill even the current generation of theorem provers is very exciting. It's fun to talk the computer into accepting our proofs, and invariably we learn something about our proofs in the process.\nIn this workshop, we'll cover the basics of Agda, one of the well-known proof assistants. The workshop will start as a guided tour. You belong to the target audience iff you have some experience in writing down mathematical proofs, for instance if at some point you proved Gauß's sum formula using induction. Knowledge of Haskell is beneficiary (modulo syntax, Agda is a superset of a subset of Haskell), but not required.\nYou don't need to install Agda beforehand, we will use the online version at https://agdapad.quasicoherent.io/.\nLiterature: https://plfa.github.io/\nNote to other people planning self-organized sessions: We don't actually need the full size of Saal D. A room with about 20 seats is sufficient. On Day 0, we will scout the building for alternative options.", + "liked": true, + "attended": true + }, + { + "title": "About Gamma-Ray Bursts And Boats", + "subtitle": "What We (Don't) Know About the Most Energetic Events in the Universe", + "speakers": ["Annika Rudolph", "Sylvia Zhu"], + "date": "2023-12-29T16:00:00", + "location": "37C3", + "tags": ["gamma-rays", "type-theory"], + "url": "https://media.ccc.de/v/37c3-12032-about_gamma-ray_bursts_and_boats", + "duration": "PT1H1M23S", + "description": "In October 2022 a gamma-ray burst dubbed the 'Brightest Of All Times' smashed records. But what is that actually, a gamma-ray burst? How do we detect it? And why was the BOAT so special?\nGamma-ray bursts are the biggest explosions in our Universe since the Big Bang: In just a few seconds, they release as much energy as the Sun will radiate over its entire lifetime. Even though they occur in far-away galaxies, their emission dominates the high-energy astrophysical sky during their seconds-long duration. They come from the cataclysmic deaths of very massive stars or the mergers of two compact objects such as neutron stars and black holes. In both cases the energy is concentrated in an astrophysical jet moving at approximately the speed of light.\nIn October 2022, a once-in-a-lifetime gamma-ray burst smashed records and was dubbed the 'Brightest of All Time,' or the BOAT. In fact, it was so bright that it oversaturated the most sensitive gamma-ray burst monitors, posing a challenge for data reconstruction and analysis. But why was it so bright? And how long do we have to wait until the next one?\nUsing the BOAT as an example, we will give an introduction about the fascinating phenomena called gamma-ray bursts. From their accidental discovery during the Cold War to our still surprisingly limited understanding of their nature. The talk will revisit the state-of-the-art of theoretical modelling/interpretations (how are jets launched? what produces the gamma rays?), as well as current detector techniques (how do we catch a gamma-ray photon on Earth or in space?). Naturally, we will also discuss what we really learn from prominent, outstanding events such as the BOAT -- and the questions that still give scientists headaches.", + "attended": true + }, + { + "title": "How Many Planets in Our Solar System? Glad You Asked!", + "subtitle": "How Astronomy Knew 6 Planets, Then Found 20 More, Then Went Back To 8 (For Now)", + "speakers": ["Michael Büker"], + "date": "2023-12-29T17:15:00", + "location": "37C3", + "tags": ["astronomy", "planets"], + "notes": "Funny talk.", + "url": "https://media.ccc.de/v/37c3-11734-how_many_planets_in_our_solar_system_glad_you_asked", + "duration": "PT1H1M45S", + "description": "The Solar System has had 8 planets ever since Pluto was excluded in 2006. This has made a lot of people very angry and been widely regarded as a bad move. But did you know Neptune was discovered as the 12th planet? Or that, 80 years before Star Trek, astronomers seriously suspected a planet called Vulcan near the Sun? This talk will take you through centuries of struggling with the question: Do you even planet?!\nIn antiquity, scientists counted the 7 classical planets: the Moon, Mercury, Venus, the Sun, Mars, Jupiter and Saturn - but their model of the universe was wrong. Two thousand years later, a new model was introduced. It was less wrong, and it brought the number of planets down to 6: Mercury, Venus, Earth, Mars, Jupiter, Saturn. Since then, it's been a roller coaster ride of planet discoveries and dismissals.\nIn this talk, we stagger through the smoke and mirrors of scientific history. We meet old friends like Uranus and Neptune, forgotten lovers like Ceres, Psyche and Eros, fallen celebrities like Pluto, regicidal interlopers like Eris and Makemake as well as mysterious strangers like Vulcan, Planet X and Planet Nine.\nFind out how science has been tricked by its own vanity, been hampered by too little (or too much!) imagination, and how human drama can make a soap opera out of a question as simple as: How Many Planets in Our Solar System?", + "attended": true + }, + { + "title": "How to build a submarine and survive", + "subtitle": "Wie wir mit begrenzten Mitteln ein U-Boot gebaut haben und was ihr draus lernen könnt.", + "speakers": ["Elias", "quirsh"], + "date": "2023-12-29T21:45:00", + "location": "37C3", + "tags": ["engineering"], + "notes": "This one was as funny as it was insightful.", + "url": "https://media.ccc.de/v/37c3-11828-how_to_build_a_submarine_and_survive", + "duration": "PT59M34S", + "description": "3,4 Tonnen schwer, 4,3 Meter lang, Material: Stahl, Farbe: Orange und der Fahrzeugtyp ist „Sporttauchboot”. Vom Fund eines Drucktanks bis zum ersten Tauchgang auf den Grund eines Tagebausees – wir erzählen von unseren größten Herausforderungen sowie Fehlschlägen.\nWir laden euch ein zu einem technischen Beratungsgespräch für alle, die schonmal mit dem Gedanken gespielt haben, ein U-Boot zu bauen.\nDie einzelnen Systeme eines U-Boots sind nicht kompliziert. Aber die Schwierigkeit liegt in der Summe der Einzelsysteme, die auf engem Raum im Zusammenspiel sicher funktionieren müssen. Der Fokus des Vortrags liegt neben unserer kurzweiligen Geschichte auf den technischen Schwierigkeiten, zu denen sich in der Literatur wenig findet oder wegen derer es nicht gleich auf Anhieb funktioniert hat. Damit ihr, falls ihr ähnliches plant, einen besseren Start habt und von unseren Fehlern profitieren könnt.\nWas gibt es bei der Wahl eines geeigneten Drucktanks zu beachten?\nWie lässt sich eine wasserdichte Luke konstruieren?\nDrahtlose Unterwasserkommunikation mittels Ultraschall?\nWie bauen wir Redundanz in die Systeme ein?\nWie werden wir das CO2 los, um nicht zu ersticken?\nWarum sind auf einmal Risse in den Scheiben?\nWas tun, wenn nichts mehr geht?\nUnd was, wenn dann auch noch die Polizei kommt?\nIn dem Vortrag geht es nicht um Probleme anderer kaputter U-Boote. Wir werden das Titan-Desaster mit maximal einer Folie behandeln.\nMit Fotos von Selene Magnolia", + "liked": true, + "attended": true + }, + { + "title": "Breathing Life into Legacy: An Open-Source Emulator of Legacy Apple Devices", + "subtitle": "A Dive into Reverse Engineering and Understanding the iPod Touch", + "speakers": ["Martijn de Vos"], + "date": "2023-12-28", + "location": "37C3", + "tags": ["emulation", "ipod-touch", "reverse-engineering"], + "notes": "I don't know why but the room for this talk was almost empty. I really enjoyed it anyway.", + "url": "https://media.ccc.de/v/37c3-11871-breathing_life_into_legacy_an_open-source_emulator_of_legacy_apple_devices", + "duration": "PT41M44S", + "description": "This talk presents QEMU-iOS, an open-source emulator of legacy Apple devices. I outline the process of emulating an iPod Touch 2G, discussing the technical challenges and reverse engineering methodologies applied. The talk starts with an overview of the project's goals and then outlines the reverse engineering process, utilizing tools like Ghidra for disassembling the Apple bootloader, XNU kernel, and other binaries. Then, I describe QEMU, a popular framework for emulation, and show how essential iPod Touch peripherals such as the touchscreen, storage, and display have been implemented. Finally, this talk touches upon the implications of open-sourcing this project, its contribution to the emulation and reverse engineering landscape, and its potential for future efforts to emulate newer Apple devices.\nDuring the past decades, Apple has created iconic devices that have found a place in the hands and hearts of millions of people around the world. As many of these devices have become obsolete, the importance of preserving their digital essence has grown. The emulation of legacy devices with software allows enthusiasts and researchers to explore and interact with them long after the original hardware has ceased to be available. Emulation, therefore, allows the digital preservation of obsolete hardware, ensuring these devices are accessible to future generations.\nThis talk describes a multi-year project named QEMU-iOS that lays the groundwork for emulating legacy Apple devices. In particular, we have focussed on emulating the iPod Touch 2G using QEMU, an open-source framework for hardware emulation. Yet, even emulating an old device with a few peripherals compared to contemporary devices is challenging since the specifications and inner workings of many peripherals are proprietary and completely undocumented.\nThe talk first describes the overall project motivation, goals, and vision. Then, I will discuss the reverse engineering process where multiple undocumented peripherals of the iPod Touch have been analyzed to understand and replicate their specifications in software. A key talking point will be the working of essential peripherals, including the cryptographic engines, the LCD, the Flash memory controller, various hardware communication protocols, the touchscreen driver, and other peripherals. The talk will also detail the booting procedure of the iPod Touch, elaborating on the emulation of the iBoot bootloader, the XNU kernel, and the Springboard application in iOS. Getting the boot chain up and running required extensive debugging efforts using powerful reverse engineering tools such as Ghidra to disassemble and analyze all essential binaries in the boot procedure. After outlining the reverse engineering process, I will present the implementation of QEMU-iOS, which entails a functional emulator that boots the iOS operating system, renders the display, and responds to touches on the screen.\nThe final part of this talk will touch upon the implications of open-sourcing this project, its contribution to the broader emulation and reverse engineering landscape, and the potential it holds for future efforts in emulating other legacy Apple devices, as well as the viability of emulating newer devices with advanced peripherals such as the Neural Engine. I will also discuss existing approaches, highlight where QEMU-iOS differs, and summarize the lessons learned while emulating these devices.\nThis talk is designed for a wide range of people, whether you are new to reverse engineering and emulation or have experience in these fields. The goal is to explain the technical challenges faced during this project in a way that's easy for beginners to understand while also providing more in-depth insights I discovered while working on QEMU-iOS. Through this talk, the aim is not only to share the technical knowledge gained from this project but also to explore the merits of emulation and reverse engineering to keep old devices alive.", + "liked": true, + "attended": true + }, + { + "title": "Prompt Battle", + "speakers": ["Ella Zickerick", "Lina Schwarzenberg", "Sebastian Schmieg"], + "date": "2023-12-30T00:00:00", + "location": "37C3", + "tags": ["artificial-intelligence", "competition"], + "notes": "I left the room after a few minutes because I couldn't understand.", + "url": "https://events.ccc.de/congress/2023/hub/en/event/prompt_battle/", + "duration": "PT1H30M", + "description": "Do you have what it takes to become a Prompt Designer? Based on the Rap Battle format, Prompt Battle is a game show in which people compete against each other with the performative use of language. AI-supported text-to-image software enables the candidates to generate complex photos, images, and illustrations, seemingly out of thin air, by typing in image descriptions, so-called prompts. The audience will decide who will elicit the most surprising, disturbing or beautiful images from the latent space, and who will walk away carrying the prestigious title Prompt Battle Winner. \nThe Prompt Battle is a game show format with audience involvement that questions the meaning of prompt engineering in a playful and critical way. Based on the format of the Rap Battle, eight candidates compete against each other under time pressure on stage in a tournament to solve image and text tasks set for them. The audience decides who has won after each round. The rounds are interrupted by video interludes that illuminate the implications of text-to-image tools from different perspectives. The aim of the Prompt Battle is to address the numerous controversial questions that tools such as DALL·E, Stable Diffusion and Midjourney raise for professional creatives. Questions about the origin of training data, the value of creative work, the inflation of images, and the intellectual property of the content produced.\nSince 2022, rapid technological advances in the field of AI-generated content have raised a series of fundamental questions. For artists and designers, the first question is whether creativity can really be automated, and whether prompt engineering really is the future-proof key capability that some believe it to be. Behind the hype, far-reaching ethical, economic, copyright and aesthetic challenges and contradictions are emerging. The Prompt Battle uses the game show format to address these questions in a playful way by confronting the candidates and the audience with prompt engineering tasks tailored to the occasion.\nThe original Prompt Battle was developed at HTW Dresden by Sebastian Schmieg, Florian A. Schmidt, Bernadette Geiger, Robert Hellwig, Emily Krause, Levi Stein, Lina Schwarzenberg and Ella Zickerick.", + "attended": true + }, + { + "title": "From Hacker to Furry - Why cat ears are just the beginning", + "speakers": ["CheetahSpottycat"], + "date": "2023-12-30T00:15:00", + "location": "37C3", + "tags": ["furries", "hacking-lore"], + "notes": "This talk was extremely good, I didn't expect such an experience.", + "url": "https://media.ccc.de/v/37c3-other-59123-from-hacker-to-furry", + "duration": "PT1H19M10S", + "description": "The chairman of Europe's biggest furry conference explores the metaphysical and historical connection between furries and the information technology / hacker sphere through a bunch of war stories, anecdotes and drunken shower thoughts. Also a chance to ask a fandom veteran anything you can come up with you always (or never) wanted to know about furries.", + "liked": true, + "attended": true + }, + { + "title": "Science-based psychedelic pharmacology", + "subtitle": "Recreational harm reduction", + "speakers": ["hummuscience"], + "date": "2023-12-30T16:00:00", + "location": "37C3", + "tags": ["psychedelics"], + "notes": "Most of the information from the slides comes from PsychonautWiki.", + "url": "https://events.ccc.de/congress/2023/hub/en/event/science-based-psychedelic-pharmacology/", + "duration": "PT2H", + "description": "I know we are all experts... But are we really? Most of our knowledge about mental enhancement comes from experience, friends or social context. Some of it is true, some of it is not. In this workshop we will try to go through some of the common myths and misconceptions in recreational contexts. Safety and Common mistakes. Backed by science 🤓! Let's make our spaces safer, for ourselves and our surroundings ❤️ This is not a Nootropic talk.", + "liked": true, + "attended": true + }, + { + "title": "10 Tips for failing badly at Microservices", + "speakers": ["David Schmitz"], + "date": "2017-12-28", + "location": "Voxxed Days Vienna 2017", + "tags": ["cqrs", "event-sourcing", "microservices"], + "url": "https://www.youtube.com/watch?v=r8mtXJh3hzM", + "duration": "PT43M7S", + "description": "Microservices are just a bunch hip new framework plus some AngularJS frontend or React, right? So, if you want to make sure that you absolutely and definitely fail at your Microservice project, then watch this talk and learn how. Using real world experience from multiple green field and brown field projects, I can show you: - how to ignore the mandatory organizational impact - how to focus on the code only without any regard towards ops and testing - continuous deployment is for losers. Real projects use their meat cloud for delivery - jumping onto every new and untested framework is a must - EventSourcing and CQRS are both free lunches. So, you can add complexity without any real need - ...and more. If you mind my tips, then surely you will fail at Microservices and your boss will never again try to move away from your beloved vintage monolith.", + "liked": true, + "attended": false + }, + { + "title": "From phone hardware to mobile Linux", + "speakers": ["Luca Weiss"], + "date": "2024-02-03T10:30:00", + "location": "Fosdem23", + "tags": ["linux", "mobile"], + "url": "https://ftp.belnet.be/mirror/FOSDEM/video/2024/h1309/fosdem-2024-2234-from-phone-hardware-to-mobile-linux.mp4", + "duration": "PT25M", + "description": "An exploration from the chips on the PCB to how Linux makes the phone work. We'll go into how the hardware and the Linux device tree files are connected, how the different chips communicate, etc. Things I wish I had learned years ago!", + "liked": true, + "attended": true + }, + { + "title": "The state of OpenJDK", + "speakers": ["Dalibor Topic"], + "date": "2024-02-03T10:30:00", + "location": "Fosdem23", + "tags": ["java"], + "url": "https://mirror.as35701.net/video.fosdem.org/2024/ub5132/fosdem-2024-3254-the-state-of-openjdk.mp4", + "duration": "PT30M", + "description": "A review of the past four years in the life of the OpenJDK Community, and a look at what’s ahead.", + "liked": true, + "attended": true + }, + { + "title": "Exploring Quarkus Native: Choices and Implementation", + "speakers": ["Foivos Zakkak"], + "date": "2024-02-03T11:30:00", + "location": "Fosdem23", + "tags": ["java, quarkus"], + "url": "https://ftp.fau.de/fosdem/2024/ub5132/fosdem-2024-1876-exploring-quarkus-native-choices-and-implementation.mp4", + "duration": "PT20M", + "description": "In this presentation, we'll take a detailed look at how Quarkus approaches native compilation, highlighting what sets it apart from other frameworks. We'll start with an overview of Quarkus and its native compilation, then dive into the specific decisions made during the compilation process, explaining the reasons behind each choice. Finally we will go through parts of the Quarkus code to show how these decisions are practically implemented and how they benefit users.", + "liked": true, + "attended": true + }, + { + "title": "A decade of JDK Updates in OpenJDK", + "speakers": ["Dalibor Topic"], + "date": "2024-02-03T11:05:00", + "location": "Fosdem23", + "tags": ["java"], + "url": "https://ftp.belnet.be/mirror/FOSDEM/video/2024/ub5132/fosdem-2024-2427-a-decade-of-jdk-updates-in-openjdk.mp4", + "duration": "PT20M", + "description": "Since Oracle began developing updates for the JDK with the JDK 7 Updates Project in 2011, a lot has happened in the OpenJDK community. The development processes have been constantly adapted, so that today the changes to the updates begin their journey as pull requests on GitHub. But what happens next with the changes? In this lecture we'll take a look at how it all began and how the development of JDK updates works in practice today.", + "liked": true, + "attended": true + }, + { + "title": "Apache Maven 4.0.0 - Current State", + "speakers": ["Karl Heinz Marbaise"], + "date": "2024-02-03T18:40:00", + "location": "Fosdem23", + "tags": ["java", "apache"], + "url": "TDB", + "duration": "PT20M", + "description": "I would like to present the current state of the upcoming Apache Maven Version 4.0.0 development. The intention is to summarize the most important changes and get an overview for the audience. Also the different improvements for the future Apache Maven 4.0.0 release. Things like Consumer/Build pom. Improvements for the reactor. Version handling and improvement for better CI/CD support. Furthermore the improvements related to bom packaging and enhancements for support of different pom formats etc.", + "liked": true, + "attended": true + }, + { + "title": "Copyleft and the GPL: Finding the Path Forward to Defend our Software Right to Repair", + "speakers": ["Bradley M. Kuhn"], + "date": "2024-02-03T14:00:00", + "location": "Fosdem23", + "tags": ["GPL", "copyleft"], + "url": "https://mirror.as35701.net/video.fosdem.org/2024/janson/fosdem-2024-3163-copyleft-and-the-gpl-finding-the-path-forward-to-defend-our-software-right-to-repair.mp4", + "duration": "PT25M", + "description": "Since 1987, Copyleft licensing has been the primary strategy of the FOSS community to guarantee users' rights to copy, share, modify, redistribute, and reinstall modified versions of their software. In our earliest days, we naïvely thought that the GPL would work like magic pixie dust; we'd sprinkle it on our code, and our code would remain free as in freedom. The reality check that we've received over the last 35 years has been painful on this issue. While this talk will cover the few huge successes in copyleft enforcement that have lead to real improvements to the rights and freedoms of users, we'll also face frankly the compromises made and false paths taken in the earliest days, that have now led to a simple but unfortunate fact: almost every Linux-based device for sale on the market today does not comply with Linux's license (the GPLv2). This talk will not only discuss the primary past GPL enforcement efforts around the world, but also provide a whirlwind tour of how copyleft came to work in practice, how we wished it had worked, and discuss ideas, suggestions, and plans for the future strategies in copyleft that, informed by this history, are our best hope for software freedom and rights.", + "liked": true, + "attended": true + }, + { + "title": "Magic and Software", + "speakers": ["Steven Goodwin"], + "date": "2024-02-03T18:30:00", + "location": "Fosdem23", + "tags": ["magic"], + "url": "https://ftp.fau.de/fosdem/2024/janson/fosdem-2024-2332-magic-and-software.mp4", + "duration": "PT25M", + "description": "Software development is one large puzzle – how do I make my computer do this task, using that software, or this language. Luckily, we can search for the answer to our problems on sites like Google and StackOverflow. Magicians can't. The secrets to magic aren't readily available in any format, making study and search very difficult. In this talk-come-magic show, the speaker, who is also a magician, discusses some of the history of secrets and magic, and covers the problems of creating searchable taxonomies for magic, the cases of IP law which have surprising parallels to software, and even performs a few routines to keep you on your toes!", + "liked": true, + "attended": true + }, + { + "title": "Introducing Ratatui: A Rust library to cook up terminal user interfaces", + "speakers": ["Orhun Parmaksız"], + "date": "2024-02-03T14:50:00", + "location": "Fosdem23", + "tags": ["rust"], + "url": "https://ftp.fau.de/fosdem/2024/h1308/fosdem-2024-1934-introducing-ratatui-a-rust-library-to-cook-up-terminal-user-interfaces.mp4", + "duration": "PT20M", + "description": "Have you ever wondered how terminal user interface applications are built? Join me in this talk as we explore Ratatui which aims to provide a wide range of widgets to make it possible to design beautiful interfaces and push the limits of the terminal using Rust.", + "liked": true, + "attended": true + }, + { + "title": "QUBIK a 1p PocketQube satellite platform", + "speakers": ["Ilias Daradimos"], + "date": "2024-02-04T13:30:00", + "location": "Fosdem23", + "tags": ["open hardware"], + "url": "https://ftp.fau.de/fosdem/2024/h1308/fosdem-2024-2019-qubik-a-1p-pocketqube-satellite-platform.mp4", + "duration": "PT30M", + "description": "The story of QUBIK, an OpenSource/OpenHardware PocketQube satellite. Ηow it came to be, challenges faced, its mission in space and its ongoing development as an experimentation and educational platform", + "liked": true, + "attended": true + }, + { + "title": "A satellite's final safehouse: The deployer", + "speakers": ["Thanos Patsas"], + "date": "2024-02-04T14:00:00", + "location": "Fosdem23", + "tags": ["open hardware"], + "url": "TBD", + "duration": "PT30M", + "description": "What happens after a rocket achieves orbit? How does a satellite stay safe during launch and what happens after they leave their final home, right before starting their mission in orbit? The answer is revealed during this talk. PICOBUS, developed by the Libre Space Foundation, is an 8p PocketQube satellite deployer. It's a groundbreaking open-source deployer capable of storing and deploying up to 8 PocketQube Units while in orbit. The first PICOBUS deployer was manufactured to fly onboard the maiden flight of Firefly Aerospace's Alpha rocket, carrying two sets of QUBIK satellites, which are our very own open-source PocketQube satellites. The first launch faced a setback with an explosion shortly after liftoff, posing a threat to our deployer and satellites. However, an interesting turn of events followed! This will be discussed during this talk.", + "liked": true, + "attended": true + }, + { + "title": "So you think you know Git", + "speakers": ["Scott Chacon"], + "date": "2024-02-04T14:00:00", + "location": "Fosdem23", + "tags": ["git"], + "url": "https://www.youtube.com/watch?v=aolI_Rz0ZqY", + "duration": "PT50M", + "description": "Git has been the de-facto version control system used by nearly every developer in the world for almost a decade now. While most of us know the basics, there are depths and hidden valleys of our Git tooling that even the most experienced of us may have never even heard of. Join Scott Chacon, a GitHub co-founder and the author of Pro Git, to dig into the hidden depths of obscure command line invocations to get more out of the amazing tool you use every day.", + "liked": true, + "attended": true + }, + { + "title": "NetBSD 10: Thirty years, still going strong!", + "speakers": ["Benny Siegert"], + "date": "2024-02-03T11:00:00", + "location": "Fosdem23", + "tags": ["netbsd"], + "url": "https://ftp.fau.de/fosdem/2024/k1105/fosdem-2024-3508-netbsd-10-thirty-years-still-going-strong-.mp4", + "duration": "PT50M", + "description": "In 2023, the NetBSD project celebrated 30 years since its first release, 0.8. Now, four years after NetBSD 9, NetBSD 10 brings a huge number of changes and improvements. This talk will dive into the most important new features of NetBSD 10, such as performance and security improvements, expanded CPU and GPU support, improved virtualization and more! But over all this, the question remains: how relevant is NetBSD these days? There is a small but friendly, and tight-knit community of users and developers. The focus on portability and cleanliness provides a good system for both beginners and tinkerers, but also a rock-solid server or workstation system. We will go over some cool use cases and show ways that you can get involved.", + "liked": true, + "attended": true + }, + { + "title": "Getting to Know the Linux Kernel: A Beginner's Guide ", + "speakers": ["elsey Steele", "Nischala Yelchuri"], + "date": "2023-05-25T11:00:00", + "location": "Open Source Summit NA 2023", + "tags": ["linux"], + "url": "https://www.youtube.com/watch?v=QatE61Ynwrw", + "duration": "PT42M", + "description": "Getting to Know the Linux Kernel: A Beginner's Guide offers a comprehensive overview of the Linux kernel and its open source community. The talk covers the essential aspects of the Linux kernel, including its role as the core component of the Linux operating system, its structure and architecture, and the development process. This presentation will take a closer look at the design of the Linux kernel, including how it is structured, how it can be modified, and how it manages resources", + "liked": true, + "attended": false + }, + { + "title": "OpenJDK Project Wakefield : The Wayland Desktop for JDK on Linux", + "speakers": ["Aleksei Ushakov", "Phil Race", "Niels De Graef"], + "date": "2024-02-02T15:20:00", + "location": "Fosdem23", + "tags": ["java", "linux", "wayland"], + "url": "https://ftp.fau.de/fosdem/2024/ub5132/fosdem-2024-2154-openjdk-project-wakefield-the-wayland-desktop-for-jdk-on-linux.mp4", + "duration": "PT25M", + "description": "Getting to Know the Linux Kernel: A Beginner's Guide offers a comprehensive overview of the Linux kernel and its open source community. The talk covers the essential aspects of the Linux kernel, including its role as the core component of the Linux operating system, its structure and architecture, and the development process. This presentation will take a closer look at the design of the Linux kernel, including how it is structured, how it can be modified, and how it manages resources", + "liked": true, + "attended": true + } + ] +} diff --git a/layouts/shortcodes/talks.html b/layouts/shortcodes/talks.html new file mode 100644 index 0000000..74bf5b9 --- /dev/null +++ b/layouts/shortcodes/talks.html @@ -0,0 +1,69 @@ +{{ $json := getJSON "data/talks.json" }} + + +{{ $locations := slice }} +{{ range $json.talks }} + {{ $location := .location }} + {{ if not (in $locations $location) }} + {{ $locations = $locations | append $location }} + {{ end }} +{{ end }} + + +
+ {{ range $locations }} + + + {{ end }} +
+ + +{{ range $locations }} + +{{ end }} + + +