The 37th edition of the Chaos Communication Congress (37c3) was held in Germany and was the first in person CCC event since the pandemic. The congress returns to the Congress Center Hamburg (CCH) in Hamburg after renovations, the event was originally held in Hamburg before moving to Leipzig for several years. Every year, hackers, artists, makers, activists, and security professionals from around the world converge at the conference to share insights and unique perspectives into cybersecurity and the hacker community.
The CCC isn’t a typical tech conference, it is one of the few true hacker community events. It is the EU’s version of Defcon, however both events have their own unique attributes and crowds that attend. The conference attendees which include organizers of maker spaces contribute to talks, workshops, villages, and other related activities. Talks cover a wide gambit of issues including security, hardware, ethics, policy, art amongst others.
One of the interesting things about 37c3 is that the network operations center sets up a world class network with it’s own ASN that has a large amount of network capacity. Someone created a message using IPv6 packets to form the message “37c3” in morse code that can be seen from the monitoring system.
Tor censorship attempts in Russia, Iran, Turkmenistan by Roger Dingledine
In this talk, Roger spoke about several censorship events with one of the notable events being the censorship in Russia in late 2021 in preparation for Russia’s invasion of Ukraine. Russia tried to block Tor traffic but landed up blocking legitimate websites including Microsoft Azure for a full day. Azure moved to new IP addresses and the block was not updated which also helped Azure and the Tor project. The Tor forum which runs on a separate domain was not affected by the block and enabled the Tor project to put instructions on how to get around the blocks.
During this block, the number of Tor users in Russia declined but the number of Bridge users in Russia increased. Russia blocked Snowflake traffic which was done by DPI filtering on TLS extensions which they removed and then it started working again.
Roger also spoke about work that Tor is doing to get around Tor censorship in the future and to strength defenses around traffic analysis. One of these methods is pluggable transports that can make traffic look like something else. By using obscure formats, Tor makes it hard for internet censors to block or restrict Tor traffic. One example is Snowflake which makes traffic look like WebRTC. Tor has also been working on new ways to distribute bridges while ensuring that bad actors can’t get their hands on the full list of bridges. One of the new methods to distribute bridges is a Telegram bot to distribute bridges. Russia created a large number of accounts to get these addresses but as Telegram creates IDs incrementally, it is easy to tell which accounts are new. To counter this activity, only a subset of bridges were given to these accounts.
Twitter thread:
Some other noteworthy talks:
Decentralized energy production: green future or cybersecurity nightmare?
Predator Files: How European spyware threatens civil society around the world by Donncha Ó Cearbhaill
Operation Triangulation: What You Get When Attack iPhones of Researchers
Apple’s iPhone 15: Under the C
