A short introduction into the session that shows how everything works.

2024 habe ich als Laie zusammen mit anderen Mitgliedern einer Bürgerenergie-Genossenschaft Dach-PV-Anlagen gebaut. Das kannst du auch! Keine Zeit ? ok, dann werde passives Mitglied und beschleunige so die Energiewende.

Wait a minute...! There are endlessly rotating pots? But how do they work, and why did neither I nor the internet know about them?

A digital sticker box for your chaos related stickers.

Ein kurzer Trip in die Welt der Euroboxen

The MIDI master clock for the jam session

In Hamburg steht eine Neuausschreibung der sogenannten "Werberechtsverträge" an, die es großen Werbekonzernen erlauben, die Stadt nach ihrem Gutdünken zu gestalten.

In den letzten Jahren ist die Dominanz von Bildschirmwerbung im Stadtbild dadurch sehr stark gestiegen, was wir belegen können. Die übermäßige Werbung hat viele schädliche Auswirkungen.

Unsere Initiative ist seit 2020 am Start, um diese Vereinnahmung unserer Stadt und unserer Gedanken durch die Werbekonzerne zu stoppen. Im April 2025 startet das Volksbegehren.

Keeping Radio hackable in the Maker-sense using Coding Theory to get reliable behaviour and performance out of common ISM Transceivers or how to go faster than Semtech’s LoRa and have more hardware variety available.

Imagine taking data from DNA, stock markets, and planets and using it as an input for your musical instrument. How would "38C3" in hexadecimal and then converted into Midi notes sound like?
Join me in this creative talk where seemingly random data turns into music.

Die moderne Landwirtschaft steht medial unter Druck. Landwirte vergiften die Umwelt und beuten Mensch und Tier für Ihren Profit aus - wenn man dem Tenor glauben kann.
Ich möchte einen kurzen Einblick in die komplexe Welt geben und ein paar Hinweise darauf geben, warum viele Forderungen praktisch nicht erfüllbar sind.

Algorithmen für old-school demos werden auf einer einfachen Game-Engine in Python umgesetzt.

Felt that last video yesterday was too much for you? Feeling like the rabbit hole about civil war history yesterday wasted your time? Reclaim control over your online consumption by reducing seeing what you'll regret later. I present a tool to collect information on what you regret online, and a tool to change what you see. Help building this out to work together, and for more places where you might regret.

Wie entwirft man eine umfangreiche Änderung von öffentlichen Satzungen? Natürlich unter Einsatz von Git, Python, ReStructuredText und Python

Kurzvorstellung von Pfandgeben

GLED is a open source software for doing spatial animations on artnet and dmx lights

Graphite is reinventing open source design tools by combining vector and raster workflows through a node-based, procedural approach borrowed from the 3D industry. This lightning talk showcases how nondestructive editing and procedural generation are making creative tools more powerful, hackable, and fun.

Wie viele andere Städte steht auch Dresden vor massiven Einschnitten: Kürzungen im ÖPNV, Schulsozialarbeit, Kinder- und Jugendarbeit, höhere Kita-Gebühren – die "Liste der Grausamkeiten" ist lang. Am Ende wird es die gesamte Stadtgesellschaft treffen, aber besonders diejenigen, die bereits jetzt mit vielen Problemlagen zu kämpfen haben.

Folien und Skript sind demnächst einsehbar unter www.das-bisschen-haushalt.de

Eine Organisation ohne Cloud-Anbieter und Microsoft betreiben? Und das mit über 100 Mitarbeitenden? Mit einer gemeinnützigen Organisation aus Berlin zeigen wir seit mehr als 10 Jahren: Das geht! Aber leider auch, dass es noch super aufwändig ist.

Taking a look inside Abletons new Raspberry Pi powered "Move"

GNU Boot is a 100% free software boot software distribution. It can replace the nonfree BIOS or UEFI on some computers. This talk will present the project and the necessary background to make it possible for less technical people to understand the talk.

Functional safety makes sure that people and things don't get hurt near dangerous machines. What could go wrong?

A short introduction into the session that shows how everything works.

The right to respect for digital integrity is an emerging right to protect people's digital lives.

This session explores a vulnerability in the RDP client (mstsc.exe) that leverages classic hacking techniques. By exploiting how resources are loaded, attackers can achieve Remote Code Execution (RCE). The issue highlights critical risks across systems. A security patch, CVE-2023-24905, has been released to address this vulnerability.

We give a short intro to static security analysis tools for Java and showcase three.

Historically, coding errors have resulted in significant breaches of personally identifiable information and other vulnerabilities (Equifax breach, Log4Shell, Heartbleed). To mitigate such risks in the future, developing secure applications is crucial. Static code analysis emerges as a valuable technique to assist developers in proactively identifying and rectifying security flaws. Leveraging compiler techniques, static analysis can be seamlessly integrated into established development workflows, including IDEs and CI/CD pipelines. We examine 19 static security analysis tools specifically for Java, categorizing them based on their security capabilities and design characteristics. The security features analyzed encompass coding standards adherence, bug detection, software bill of materials generation, secret detection, identification of dangerous API usage, and data flow analysis. From a design perspective, the tools are classified as general-purpose, deep analysis, security-focused, specialized for cryptographic APIs, and other specialized tools.

Legal and licensing issues can be daunting, but the Free Software Foundation Europe (FSFE) is here to help. We provide legal education resources that address key topics related to Free Software, maintain a robust network of experts specializing in these issues, and drive initiatives like REUSE, which offers practical recommendations to simplify Free Software licensing for developers. Additionally, we actively defend software freedom in critical cases, such as the Apple vs. EU Commission litigation concerning the Digital Markets Act.

Join this talk to get a glimpse of how the FSFE’s work in Legal & Licensing supports you, the Free Software community, and society as a whole.

Exploring the quantum-like dynamics within videogame glitches and their implications.

It is possible to profitably produce energy in a CO2 negative way by burning wood to coal.
Why is nobody talking about this?
It also could produce electricity, oils and plastics ...

CellGuard is a research project that analyzes how cellular networks are operated and possibly surveilled. The CellGuard app for iOS can uncover cellular attacks targeting your iPhone. It observes baseband packets and analyzes them for suspicious activities, hinting at fake base stations. Let’s catch them all!

Lessons learned for building your own inflatables

Machine learning systems are becoming increasingly important in critical applications, but their robustness against adversarial inputs remains an essential concern. This talk explores how small, strategically crafted perturbations can lead to catastrophic failures in ML systems. These vulnerabilities can be exploited in both digital and physical scenarios. From misleading autonomous vehicles to bypassing facial recognition, the implications are profound. I will examine the attack process, common types of adversarial attacks, the role of biases in data collection and learning processes, and tools like the Adversarial Robustness Toolbox (ART) to counteract these challenges.

When your phone is stolen, a simple reboot significantly improves the security of your data! Curious about how this protection works and how Apple automated reboots in iOS 18?

LLMs hallucinate. And they conveniently hallucinate graphs too, which allows for efficient comparisons between them, using simple graph library tools.

With the ZetaJS adapter LibreOffice can be controlled from a websites JavaScript. This enables using all of LibreOffice abilities to build web apps upon. I'm showcasing this for itself, but also to inspire you, to also port your FOSS programs to WASM, making it usable on pretty much every platform.

You like coding and tinkering with software or hardware? And you are up for a challenge? Then the “Youth Hacking 4 Freedom” is the perfect competition to test your skills.

Shovel is a traffic-analysis tool for Attack-Defense CTF games. It is a free software (GPLv2) developed during ECSC Team France training. Its primary focus is to help CTF players analyze network flows to defend themselves during stressful and time-limited attack-defense events. Shovel has been successfully used by multiple teams during the last editions of FAUSTCTF, ENOWARS and European Cybersecurity Challenge (ECSC).

During Attack-Defense Capture-the-Flag (CTF) competitions, teams are given machines to protect and may attack opponents machines to get points. Efficient network analysis is mandatory to observe services exploitations and write patches. Most top CTF teams have their own private tooling for network analysis.

Shovel leverages Suricata Intrusion and Detection System through a web interface. CTF players can explore Suricata dissections of various protocols such as HTTP, SMB, DNS and WebSocket in an easy-to-use interface. Using this information, players write Suricata rules to isolate attackers traffic, then may patch vulnerabilities or/and block attacks in the firewall.

Shovel tries to create an open-source baseline to improve the overall CTF tooling ecosystem while motivating people to learn and contribute back to Suricata.

The tiny platform I'd like to present is the result of doing things with colored LEDs, lights, motors, relays, and sensors for over 10 years, as a single person - for fun, art, theater, exhibitions, homes and offices.
Such installations are expected to last, so I had to find a way to minimize accumulating technical debt with every new idea. I wanted rather experimental installations to be quickly to set up, easy to tweak and debug, be accessible for end users, and still remain highly efficient to maintain for years, with zero external dependencies. And of course, all open source, as I believe infrastructure should always be.
By now this has become an easy to install (or even build from scatch) OpenWrt/Linux image, running on Raspberry Pi (oldest ones are enough) down to post stamp sized Omega2.

Commissioning a mobile robot involves a plethora of engineering disciplines from UI design to robot control algorithms. helyOS is an open source framework that brings them together and helps teams to focus on their individual contributions when orchestrating swarms of mobile robots.

When you think of remote desktop, you might think of slow corporate thin clients or the blockiness of game streaming with video compression. In this talk I share a proof of concept for fully uncompressed, low-latency, low-CPU-usage remote desktop using RDMA technology with you in the form of the Telescope Project / lgproxy.