diff --git a/README.md b/README.md index 8f1cb705..0d0db7c6 100644 --- a/README.md +++ b/README.md @@ -65,7 +65,7 @@ The following instructions explain how to get, build and run the latest engelsys ``` ### Configuration and Setup - * The webserver must have write access to the ```import``` and ```storage``` directories and read access for all other directories + * The webserver must have write access to the ```storage``` directory and read access for all other directories * The webserver must point to the ```public``` directory. * The webserver must read the ```.htaccess``` file and ```mod_rewrite``` must be enabled diff --git a/composer.json b/composer.json index 0af3b2a6..ecd76a31 100644 --- a/composer.json +++ b/composer.json @@ -28,6 +28,7 @@ "doctrine/dbal": "^2.9", "erusev/parsedown": "^1.7", "gettext/gettext": "^4.6", + "guzzlehttp/guzzle": "^6.3", "illuminate/container": "5.8.*", "illuminate/database": "5.8.*", "illuminate/support": "5.8.*", diff --git a/config/app.php b/config/app.php index bfb66cf3..8ede567e 100644 --- a/config/app.php +++ b/config/app.php @@ -26,10 +26,12 @@ return [ \Engelsystem\Middleware\RequestHandlerServiceProvider::class, \Engelsystem\Middleware\SessionHandlerServiceProvider::class, \Engelsystem\Http\Validation\ValidationServiceProvider::class, + \Engelsystem\Http\RedirectServiceProvider::class, // Additional services \Engelsystem\Helpers\VersionServiceProvider::class, \Engelsystem\Mail\MailerServiceProvider::class, + \Engelsystem\Http\HttpClientServiceProvider::class, ], // Application middleware diff --git a/config/routes.php b/config/routes.php index e57d3079..e498b2b5 100644 --- a/config/routes.php +++ b/config/routes.php @@ -25,3 +25,19 @@ $route->get('/stats', 'Metrics\\Controller@stats'); // API $route->get('/api[/{resource:.+}]', 'ApiController@index'); + +// Administration +$route->addGroup( + '/admin', + function (RouteCollector $route) { + // Schedule + $route->addGroup( + '/schedule', + function (RouteCollector $route) { + $route->get('', 'Admin\\Schedule\\ImportSchedule@index'); + $route->post('/load', 'Admin\\Schedule\\ImportSchedule@loadSchedule'); + $route->post('/import', 'Admin\\Schedule\\ImportSchedule@importSchedule'); + } + ); + } +); diff --git a/db/migrations/2019_09_07_000000_migrate_admin_schedule_permissions.php b/db/migrations/2019_09_07_000000_migrate_admin_schedule_permissions.php new file mode 100644 index 00000000..e39e22d8 --- /dev/null +++ b/db/migrations/2019_09_07_000000_migrate_admin_schedule_permissions.php @@ -0,0 +1,48 @@ +schema->hasTable('Privileges')) { + return; + } + + $this->schema->getConnection() + ->table('Privileges') + ->where('name', 'admin_import') + ->update( + [ + 'name' => 'schedule.import', + 'desc' => 'Import rooms and shifts from schedule.xml', + ] + ); + } + + /** + * Reverse the migration + */ + public function down() + { + if (!$this->schema->hasTable('Privileges')) { + return; + } + + $this->schema->getConnection() + ->table('Privileges') + ->where('name', 'schedule.import') + ->update( + [ + 'name' => 'admin_import', + 'desc' => 'Import rooms and shifts from schedule.xcs/schedule.xcal', + ] + ); + } +} diff --git a/db/migrations/2019_09_07_000001_create_schedule_shift_table.php b/db/migrations/2019_09_07_000001_create_schedule_shift_table.php new file mode 100644 index 00000000..c9cd7cfe --- /dev/null +++ b/db/migrations/2019_09_07_000001_create_schedule_shift_table.php @@ -0,0 +1,90 @@ +schema->create( + 'schedules', + function (Blueprint $table) { + $table->increments('id'); + $table->string('url'); + } + ); + + $this->schema->create( + 'schedule_shift', + function (Blueprint $table) { + $table->integer('shift_id')->index()->unique(); + if ($this->schema->hasTable('Shifts')) { + // Legacy table access + $table->foreign('shift_id') + ->references('SID')->on('Shifts') + ->onUpdate('cascade') + ->onDelete('cascade'); + } + + $this->references($table, 'schedules'); + $table->uuid('guid'); + } + ); + + if ($this->schema->hasTable('Shifts')) { + $this->schema->table( + 'Shifts', + function (Blueprint $table) { + $table->dropColumn('PSID'); + } + ); + } + + if ($this->schema->hasTable('Room')) { + $this->schema->table( + 'Room', + function (Blueprint $table) { + $table->dropColumn('from_frab'); + } + ); + } + } + + /** + * Reverse the migration + */ + public function down() + { + if ($this->schema->hasTable('Room')) { + $this->schema->table( + 'Room', + function (Blueprint $table) { + $table->boolean('from_frab') + ->default(false); + } + ); + } + + if ($this->schema->hasTable('Shifts')) { + $this->schema->table( + 'Shifts', + function (Blueprint $table) { + $table->integer('PSID') + ->nullable()->default(null) + ->unique(); + } + ); + } + + $this->schema->drop('schedule_shift'); + $this->schema->drop('schedules'); + } +} diff --git a/db/migrations/Reference.php b/db/migrations/Reference.php index 49a1f9ea..d0550686 100644 --- a/db/migrations/Reference.php +++ b/db/migrations/Reference.php @@ -4,6 +4,7 @@ namespace Engelsystem\Migrations; use Illuminate\Database\Schema\Blueprint; use Illuminate\Database\Schema\ColumnDefinition; +use Illuminate\Support\Str; trait Reference { @@ -11,20 +12,25 @@ trait Reference * @param Blueprint $table * @param bool $setPrimary */ - protected function referencesUser(Blueprint $table, $setPrimary = false) + protected function referencesUser(Blueprint $table, bool $setPrimary = false) { - $this->references($table, 'users', 'user_id', $setPrimary); + $this->references($table, 'users', null, $setPrimary); } /** - * @param Blueprint $table - * @param string $targetTable - * @param string $fromColumn - * @param bool $setPrimary + * @param Blueprint $table + * @param string $targetTable + * @param string|null $fromColumn + * @param bool $setPrimary * @return ColumnDefinition */ - protected function references(Blueprint $table, $targetTable, $fromColumn, $setPrimary = false): ColumnDefinition - { + protected function references( + Blueprint $table, + string $targetTable, + ?string $fromColumn = null, + bool $setPrimary = false + ): ColumnDefinition { + $fromColumn = $fromColumn ?? Str::singular($targetTable) . '_id'; $col = $table->unsignedInteger($fromColumn); if ($setPrimary) { diff --git a/docker/Dockerfile b/docker/Dockerfile index 013ccf1d..50a638a3 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -15,7 +15,6 @@ COPY .babelrc .browserslistrc composer.json LICENSE package.json README.md webpa COPY bin/ /app/bin COPY config/ /app/config COPY db/ /app/db -RUN mkdir /app/import/ COPY includes/ /app/includes COPY public/ /app/public COPY resources/views /app/resources/views @@ -35,7 +34,7 @@ WORKDIR /var/www RUN apk add --no-cache icu-dev && \ docker-php-ext-install intl pdo_mysql COPY --from=data /app/ /var/www -RUN chown -R www-data:www-data /var/www/import/ /var/www/storage/ && \ +RUN chown -R www-data:www-data /var/www/storage/ && \ rm -r /var/www/html ARG VERSION diff --git a/import/27C3_sample.xcs b/import/27C3_sample.xcs deleted file mode 100644 index a84e31d3..00000000 --- a/import/27C3_sample.xcs +++ /dev/null @@ -1,2090 +0,0 @@ - - - - 2.0 - -//Pentabarf//Schedule #<Conference_release::Row:0x2eadcdf118d8>//EN - 27C3 Schedule Release #<Conference_release::Row:0x2eadcdf118d8> - 27C3 Schedule - - PUBLISH - 4302@27C3@pentabarf.org - 4302 - 27c3_keynote_we_come_in_peace - 27C3 Keynote - We come in Peace - English - en - 20101227T113000 - 20101227T123000 - 01H00M00S - 27C3 Keynote- We come in Peace - - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4302.en.html - Saal 1 - Rop Gonggrijp - - - PUBLISH - 4244@27C3@pentabarf.org - 4244 - critical_overview_of_10_years_pet - A Critical Overview of 10 years of Privacy Enhancing Technologies - - English - en - 20101229T113000 - 20101229T123000 - 01H00M00S - A Critical Overview of 10 years of Privacy Enhancing Technologies - The objective of the session is to provide a critical overview of "privacy research" within computer science. The mechanisms proposed in the last ten year include mechanisms for anonymous communications, censorship resistance, selective disclosure credentials (and their integration in identity management systems), as well as privacy in databases. All of these system are meant to shield the user from different aspects of on-line surveillance either through allowing a user to keep some of her data "confidential" or by allowing her to assert "control" over her data. We will illustrate using concrete examples, why some paradigms came to dominate the field, their advantages, but also their blind spots, and unfulfilled promises given the conditions of our surveillance societies. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4244.en.html - Saal 2 - seda - - - PUBLISH - 4245@27C3@pentabarf.org - 4245 - adventures_in_analyzing_stuxnet - Adventures in analyzing Stuxnet - - English - en - 20101227T230000 - 20101228T000000 - 01H00M00S - Adventures in analyzing Stuxnet - There has been many publications on the topic of Stuxnet and its "sophistication" in the mainstream press. However, there is not a complete publication which explains all of the technical vulnerability details and how they were discovered. In this talk, you will get a first-hand account of the entire story. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4245.en.html - Saal 1 - Bruce Dang - Peter Ferrie - - - PUBLISH - 4057@27C3@pentabarf.org - 4057 - adventures_in_mapping_afghanistan_elections - Adventures in Mapping Afghanistan Elections - The story of 3 Ushahidi mapping and reporting projects. - English - en - 20101228T214500 - 20101228T224500 - 01H00M00S - Adventures in Mapping Afghanistan Elections- The story of 3 Ushahidi mapping and reporting projects. - Monitoring and reporting about elections in a war zone is a complex and dangerous task. While crisis mapping carried out via sms and email proved highly successful with the use of Ushahidi in situations like post-election violence in Kenya, tracking crime in Atlanta, or earthquake recovery in Haiti, could it prove useful in such a complex situation as the Afghan political process? This year a team of people set out to do just that with three different Ushahidi mapping projects for national media, national election observers, and international observers. The following presentation is about the challenges we faced, successes we did or did not have, and the lessons learned for the future of crisis mapping. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4057.en.html - Saal 1 - Bicyclemark - - - PUBLISH - 4168@27C3@pentabarf.org - 4168 - automated_architecture_independent_gadget_search - A framework for automated architecture-independent gadget search - CCC edition - English - en - 20101230T143000 - 20101230T150000 - 00H30M00S - A framework for automated architecture-independent gadget search- CCC edition - We demonstrate that automated, architecture-independent gadget search is possible. Gadgets are code fragments which can be used to build unintended programs from existing code in memory. Our contribution is a framework of algorithms capable of locating a Turing-complete gadget set. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4168.en.html - Saal 2 - kornau - - - PUBLISH - 4046@27C3@pentabarf.org - 4046 - all_colours_are_beautiful - AllColoursAreBeautiful - interactive light installation inspired by blinkenlights - English - en - 20101227T183000 - 20101227T193000 - 01H00M00S - AllColoursAreBeautiful- interactive light installation inspired by blinkenlights - Starting in the beginning of August 2010 and lasting until the mid of November, the project AllColoursAreBeautiful by the Munich chapter of the Chaos Computer Club was serving as a platform for interested people on the world to illuminate, animate and interact with the front of a vacant department store in Munich. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4046.en.html - Saal 3 - Franz Pletz - lilafisch - - - PUBLISH - 4114@27C3@pentabarf.org - 4114 - analyzing_modern_cryptographic_rfid_stystem - Analyzing a modern cryptographic RFID system - HID iClass demystified - English - en - 20101229T171500 - 20101229T181500 - 01H00M00S - Analyzing a modern cryptographic RFID system- HID iClass demystified - Popular contactless systems for physical access control still rely on obscurity. As we have shown, time and time again, proprietary encryption systems are weak and easy to break. In a follow-up to last year's presentation we will now demonstrate attacks on systems with 'proper' cryptographic algorithms. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4114.en.html - Saal 2 - Henryk Plötz - Milosch Meriac - - - PUBLISH - 4151@27C3@pentabarf.org - 4151 - android_geolocation_using_gsm_network - Android geolocation using GSM network - "Where was Waldroid?" - English - en - 20101229T171500 - 20101229T181500 - 01H00M00S - Android geolocation using GSM network- "Where was Waldroid?" - We introduce a new forensic technique that allows to collect users' past locations on most current Android phones, within a few seconds. It becomes possible to tell where the user was at a given time, or where a phone call took place over the last few hours or days. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4151.en.html - Saal 3 - Renaud Lifchitz - - - PUBLISH - 4144@27C3@pentabarf.org - 4144 - short_political_history_of_acoustics - A short political history of acoustics - For whom, and to do what, the science of sound was developed in the 17th century - English - en - 20101228T160000 - 20101228T170000 - 01H00M00S - A short political history of acoustics- For whom, and to do what, the science of sound was developed in the 17th century - The birth of the modern science of acoustics was directly intertwined with the desires to surveill and communicate, either in secret or to everybody at once. Acoustics was not just about 'learning more about nature,' right from the start it was an applied science, driven by very clear notions of who has the right, and thus should have the possibility, of listening in on others, who needs to be able to converse in private, and who should be heard by everybody if he wishes to. How are these historical ideas related to those of today? - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4144.en.html - Saal 3 - Oona Leganovic - - - PUBLISH - 4160@27C3@pentabarf.org - 4160 - automatic_identification_cryptographic_primitives - Automatic Identification of Cryptographic Primitives in Software - - English - en - 20101227T160000 - 20101227T170000 - 01H00M00S - Automatic Identification of Cryptographic Primitives in Software - In this talk I demonstrate our research and the implementation of methods to detect cryptographic algorithms and their parameters in software. Based on -our observations on cryptographic code, I will point out several inherent characteristics to design signature-based and generic identification methods. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4160.en.html - Saal 3 - Felix Gröbert - - - PUBLISH - 4061@27C3@pentabarf.org - 4061 - bulding_custom_disassemblers - Building Custom Disassemblers - Instruction Set Reverse Engineering - English - en - 20101228T171500 - 20101228T181500 - 01H00M00S - Building Custom Disassemblers- Instruction Set Reverse Engineering - The Reverse Engineer occasionally faces situations where even his most advanced commercial tools do not support the instruction set of an arcane CPU. To overcome this situation, one can develop the missing disassembler. This talk is meant to be a tutorial on how to approach the task, what to focus on first and what surprises one may be in for. The primary focus will be on the transformation of byte code back into mnemonic representation where only the reverse transformation is available (i.e. you have the respective assembler). It also covers how to integrate your new disassembler into your reverse engineering tool chain. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4061.en.html - Saal 1 - FX of Phenoelit - - - PUBLISH - 4298@27C3@pentabarf.org - 4298 - ccc_jahresrueckblick_2010 - CCC-Jahresrückblick 2010 - - German - de - 20101229T113000 - 20101229T133000 - 02H00M00S - CCC-Jahresrückblick 2010 - Wir berichten über vergangene Veranstaltungen, Erfa-Aktivitäten, Demonstrationen, Hacks, Medienkontakte, Gerichtsverhandlungen, Lobbyarbeit sowie weiteres Erfreuliches und Ärgerliches des Jahres 2010 keinesfalls objektiv, sondern mit der gewohnten Hackerperspektive. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4298.en.html - Saal 1 - Andreas Bogk - Andy Müller-Maguhn - Constanze Kurz - Frank Rieger - - - PUBLISH - 4211@27C3@pentabarf.org - 4211 - chip_and_pin_is_broken - Chip and PIN is Broken - Vulnerabilities in the EMV Protocol - English - en - 20101229T203000 - 20101229T213000 - 01H00M00S - Chip and PIN is Broken- Vulnerabilities in the EMV Protocol - EMV is the dominant protocol used for smart card payments worldwide, with over 730 million cards in circulation. Known to bank customers as “Chip and PIN”, it is used in Europe; it is being introduced in Canada; and there is pressure from banks to introduce it in the USA too. EMV secures credit and debit card transactions by authenticating both the card and the customer presenting it through a combination of cryptographic authentication codes, digital signatures, and the entry of a PIN. In this paper we describe and demonstrate a protocol flaw which allows criminals to use a genuine card to make a payment without knowing the card’s PIN, and to remain undetected even when the merchant has an online connection to the banking network. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4211.en.html - Saal 1 - Steven J. Murdoch - - - PUBLISH - 4299@27C3@pentabarf.org - 4299 - closing_event - Closing Event - - English - en - 20101230T183000 - 20101230T193000 - 01H00M00S - Closing Event - - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4299.en.html - Saal 1 - Frank Rieger - - - PUBLISH - 4096@27C3@pentabarf.org - 4096 - code_deobfuscation_by_optimization - Code deobfuscation by optimization - - English - en - 20101227T124500 - 20101227T134500 - 01H00M00S - Code deobfuscation by optimization - Optimization algorithms present an effective way for removing most obfuscations that are used today. Much of the compiler theory can be applied in removing obfuscations and building fast and reliable deobfuscation systems. By understanding traditional optimization problems and techniques it is possible to develop and customize compiler optimization algorithms for usage in binary deobfuscation/analysis. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4096.en.html - Saal 2 - Branko Spasojevic - - - PUBLISH - 4276@27C3@pentabarf.org - 4276 - cognitive_psychology_for_hackers - Cognitive Psychology for Hackers - Bugs, exploits, and occasional patches - English - en - 20101229T140000 - 20101229T150000 - 01H00M00S - Cognitive Psychology for Hackers- Bugs, exploits, and occasional patches - Experience firsthand some of the most interesting, surprising, and perspective-changing findings from cognitive and social neuropsychology. With perceptual illusions, priming, biases, heuristics, and unconscious influences, humans have tons of firmware "bugs". All have exploits; some even have patches. - -Learn how to improve your own thinking, use others' bugs to your advantage, and gain new perspective on the unconscious and often illusory processes involved in your perceptions. - - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4276.en.html - Saal 3 - Sai - - - PUBLISH - 4087@27C3@pentabarf.org - 4087 - console_hacking_2010 - Console Hacking 2010 - PS3 Epic Fail - English - en - 20101229T160000 - 20101229T170000 - 01H00M00S - Console Hacking 2010- PS3 Epic Fail - Over 70 million Wiis, over 40 million Xbox 360s and over 35 million Playstation 3s have been sold in the last few years. That makes over 145 million embedded devices out there and most of them are just used to play games. But what can you do with them if you don't like playing games? You hack them to make them run your own code of course! -We're going to talk about the various hacks that you can use to gain control of your hardware and make it do what you want it to do. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4087.en.html - Saal 1 - bushing - marcan - sven - - - PUBLISH - 4140@27C3@pentabarf.org - 4140 - contemporary_profiling_of_web_users - Contemporary Profiling of Web Users - On Using Anonymizers and Still Get Fucked - English - en - 20101227T140000 - 20101227T150000 - 01H00M00S - Contemporary Profiling of Web Users- On Using Anonymizers and Still Get Fucked - This talk will provide a summary of recently discovered methods which allow to break the Internet's privacy and anonymity. - - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4140.en.html - Saal 2 - Dominik Herrmann - lexi - - - PUBLISH - 4103@27C3@pentabarf.org - 4103 - copyright_enforcement_versus_freedoms - Copyright Enforcement Vs. Freedoms - ACTA, IPRED3 and other upcoming battles of the crusade against sharing - English - en - 20101227T124500 - 20101227T134500 - 01H00M00S - Copyright Enforcement Vs. Freedoms- ACTA, IPRED3 and other upcoming battles of the crusade against sharing - ACTA, upcoming criminal enforcement directive, filtering of content... The entertainment industries go further and further into their crusade against sharing. They not only attack our fundamental freedoms, but also the very essence of the Internet. - -This session is a panorama of the current and upcoming battles, campaigns and actions. Everyone can help defeat the motherf#§$ers! - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4103.en.html - Saal 1 - Jérémie Zimmermann - - - PUBLISH - 4003@27C3@pentabarf.org - 4003 - cybernetics_for_the_masses - Cybernetics for the Masses - implants, sensory extension and silicon - all for you! - English - en - 20101230T124500 - 20101230T133000 - 00H45M00S - Cybernetics for the Masses- implants, sensory extension and silicon - all for you! - Lightning talk on biohacking, complete with cyborg speaker, implant demonstrations, and knowledge of how to hack your own perception of electromagnetic radiation for approximately thirty Euros. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4003.en.html - Saal 2 - Lepht Anonym - - - PUBLISH - 4067@27C3@pentabarf.org - 4067 - data_analysis_in_terabit_ethernet_traffic - Data Analysis in Terabit Ethernet Traffic - Solutions for monitoring and lawful interception within a lot of bits - English - en - 20101230T140000 - 20101230T150000 - 01H00M00S - Data Analysis in Terabit Ethernet Traffic- Solutions for monitoring and lawful interception within a lot of bits - Network traffic grows faster than monitoring and analysis tools can handle. During the last two years a couple of appliances hit the market which help in finding the “bits of interest”. Recently installed strategies and solutions for carriers, banks or lawful interception organizations will be discussed as examples. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4067.en.html - Saal 3 - Lars Weiler - - - PUBLISH - 4231@27C3@pentabarf.org - 4231 - datenrettung_fun_with_hard_drives - Data Recovery Techniques - Fun with Hard Drives - English - en - 20101228T214500 - 20101228T224500 - 01H00M00S - Data Recovery Techniques- Fun with Hard Drives - Data recovery has always been an area of myths. This lecture will lift some of their covers. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4231.en.html - Saal 3 - Peter Franck - - - PUBLISH - 4190@27C3@pentabarf.org - 4190 - data_retention_in_the_eu - Data Retention in the EU five years after the Directive - Why the time is now to get active - English - en - 20101227T203000 - 20101227T213000 - 01H00M00S - Data Retention in the EU five years after the Directive- Why the time is now to get active - 2011 will again be a crucial year in the battle against data retention and blanket surveillance. The EU Commission is planning to publish its review of the directive in December (right in time before 27C3), and the lobbying and PR battle has already begun. In six months from now, we will see the legislative proposal from the EU commission for the revision of data retention. - -The talk will give a full picture of the legal state of play, what is going on in Brussels, what is already being done and of course where you can help. The speakers are closely involved in the process on the European and national level. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4190.en.html - Saal 1 - axel - Katarzyna Szymielewicz - Patrick Breyer - Ralf Bendrath - - - PUBLISH - 4123@27C3@pentabarf.org - 4123 - defense_is_not_dead - Defense is not dead - Why we will have more secure computers - tomorrow - English - en - 20101228T183000 - 20101228T193000 - 01H00M00S - Defense is not dead- Why we will have more secure computers - tomorrow - The security model of our current computer architectures - kernel in ring 0, processes in ring 3 - goes back to the early 70s. However, science hasn't stopped. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4123.en.html - Saal 2 - Andreas Bogk - - - PUBLISH - 4017@27C3@pentabarf.org - 4017 - desktop_on_the_linux - Desktop on the Linux... (and BSD, of course) - you're doing it confused? weird? strange? wrong? - English - en - 20101227T203000 - 20101227T213000 - 01H00M00S - Desktop on the Linux... (and BSD, of course)- you're doing it confused? weird? strange? wrong? - Time to take a look back and under the hood of the current state of FOSS based desktops: The Good, The Bad and The Ugly – Bloat, strange APIs, too much complexity. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4017.en.html - Saal 2 - datenwolf - - - PUBLISH - 4297@27C3@pentabarf.org - 4297 - die_gesamte_technik_ist_sicher - "Die gesamte Technik ist sicher" - Besitz und Wissen: Relay-Angriffe auf den neuen Personalausweis - German - de - 20101227T214500 - 20101227T224500 - 01H00M00S - "Die gesamte Technik ist sicher"- Besitz und Wissen: Relay-Angriffe auf den neuen Personalausweis - Für den neuen elektronischen Personalausweis sind drei verschiedene Lesegeräteklassen spezifiziert, von denen die einfachste bereits einige Kritik erfahren hat. Nach der Diskussion um die Sicherheit des Personalausweises stellt sich die Frage: Können zertifizierte Lesegeräte den neuen Ausweis schützen? - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4297.en.html - Saal 1 - Dominik Oepen - Frank Morgner - - - PUBLISH - 4085@27C3@pentabarf.org - 4085 - digitale_spaltung_per_gesetz - Digitale Spaltung per Gesetz - Das Internet und geschaffene soziale Ungleichheit im Alltag von Erwerbslosen - German - de - 20101229T203000 - 20101229T213000 - 01H00M00S - Digitale Spaltung per Gesetz- Das Internet und geschaffene soziale Ungleichheit im Alltag von Erwerbslosen - Hartz IV-Empfangende brauchen keine internetfähigen Computer, weil sie Fernseher haben. Dieser Ansicht sind deutsche Sozialgerichte und forcieren damit eine digitale Spaltung per Gesetz. Im Zeitalter der digitalen Informations- und Kommunikationsgesellschaft mutet dieser Umstand absurd an, aber eine breite öffentlichkeitswirksame Debatte steht bisher aus. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4085.en.html - Saal 2 - Betje Schwarz - Doris Gerbig - Kathrin Englert - - - PUBLISH - 4203@27C3@pentabarf.org - 4203 - distributed_fpga_number_crunching_for_the_masses - Distributed FPGA Number Crunching For The Masses - How we obtained the equivalent power of a Deep Crack for a fistful of dollars - and how the community can benefit from this - English - en - 20101228T113000 - 20101228T123000 - 01H00M00S - Distributed FPGA Number Crunching For The Masses- How we obtained the equivalent power of a Deep Crack for a fistful of dollars - and how the community can benefit from this - In 1998, the EFF built "Deep Crack", a machine designed to perform a walk over DES's 56-bit keyspace in nine days, for $250.000. With today's FPGA technology, a cost decrease of 25x can be achieved, as the copacobana project has shown. If that's still too much, two approaches should be considered: Recycling hardware and distributed computing. This talk will be about combining both approaches for the greater good. - - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4203.en.html - Saal 2 - Felix Domke - - - PUBLISH - 4006@27C3@pentabarf.org - 4006 - diy_synthesizers_and_sound_generators - DIY synthesizers and sound generators - Where does the sound come from? - English - en - 20101229T160000 - 20101229T170000 - 01H00M00S - DIY synthesizers and sound generators- Where does the sound come from? - At least if you have used all the features of a synthesizer, you probably ask the questions: "How can I modify it? How can I build a synthesizer myself? What features do I personally need?" - -This talk covers this topic from a theoretical and technical point of view. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4006.en.html - Saal 2 - Sylwester - - - PUBLISH - 4111@27C3@pentabarf.org - 4111 - eins_zwei_drei_alle_sind_dabei - Eins, zwei, drei - alle sind dabei - Von der Volkszählung zum Bundesmelderegister - German - de - 20101227T160000 - 20101227T170000 - 01H00M00S - Eins, zwei, drei - alle sind dabei- Von der Volkszählung zum Bundesmelderegister - Neben einer kurzen Einführung in die Problematik des Zensus 2011, soll es in dem Vortrag auch über die CCC Stellungnahmen für mehrere Landetage gehen. Weiterhin geht es auch um die mittlerweile abgewiesene Verfassungsbeschwerde des AK Zensus sowie weitere Möglichkeiten "was zu machen". - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4111.en.html - Saal 2 - Oliver "Unicorn" Knapp - - - PUBLISH - 4099@27C3@pentabarf.org - 4099 - file_print_electronics - File -> Print -> Electronics - A new circuit board printer will liberate you from the Arduino-Industrial Complex - English - en - 20101228T113000 - 20101228T123000 - 01H00M00S - File -> Print -> Electronics- A new circuit board printer will liberate you from the Arduino-Industrial Complex - Are you ready to wake up from the cult of Arduino? Tired of plugging together black-box pre-built modules like a mindless drone, copying and pasting in code you found on Hackaday? You've soldered together your TV-Be-Gone, built your fifth Minty Boost, and your bench is awash with discarded Adafruit packaging and Make magazines. It's time to stop this passive consumption. It's time to create something that is truly yours. It's time, my friend, to design your first circuit board. And you'll need a machine to print it. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4099.en.html - Saal 1 - Jeff Gough - - - PUBLISH - 4070@27C3@pentabarf.org - 4070 - fnord_jahresrueckblick_2010 - Fnord-Jahresrückblick 2010 - von Atomausstieg bis Zwangsintegration - German - de - 20101229T214500 - 20101229T224500 - 01H00M00S - Fnord-Jahresrückblick 2010- von Atomausstieg bis Zwangsintegration - Auch dieses Jahr werden wir uns wieder bemühen, Euch mit einem Rückblick auf die Fnords des Jahres zu unterhalten. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4070.en.html - Saal 1 - Felix von Leitner - Frank Rieger - - - PUBLISH - 4334@27C3@pentabarf.org - 4334 - fnord_jahresrueckblick_2010_translation - Fnord-Jahresrückblick 2010 (english translation) - von Atomausstieg bis Zwangsintegration - English - en - 20101229T214500 - 20101229T224500 - 01H00M00S - Fnord-Jahresrückblick 2010 (english translation)- von Atomausstieg bis Zwangsintegration - Auch dieses Jahr werden wir uns wieder bemühen, Euch mit einem Rückblick auf die Fnords des Jahres zu unterhalten. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4334.en.html - Saal 2 - Felix von Leitner - Frank Rieger - - - PUBLISH - 4164@27C3@pentabarf.org - 4164 - friede_sei_mit_euren_daten - Friede sei mit Euren Daten - Ein datenschutzrechtlicher Ausflug in ein kirchliches Parelleluniversum - German - de - 20101227T171500 - 20101227T181500 - 01H00M00S - Friede sei mit Euren Daten- Ein datenschutzrechtlicher Ausflug in ein kirchliches Parelleluniversum - Bundesdeutscher und kirchlicher Datenschutz führen eine Parallelexistenz. Während das Bundesdatenschutzgesetz von der Öffentlichkeit wahrgenommen und kritisch begleitet wird, ist den Wenigsten überhaupt klar, dass es auch einen vom BDSG losgelösten Datenschutz innerhalb der Kirchen gibt, der sich in einigen wichtigen Punkten vom staatlichen unterscheidet. Dieser Vortrag soll das Bewusstsein für ein Recht wecken, von dem sechzig Prozent der Deutschen betroffen sind – oft ohne es zu wissen. Praxisbeispiele und Tipps inbegriffen. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4164.en.html - Saal 2 - Jochim Selzer - - - PUBLISH - 4175@27C3@pentabarf.org - 4175 - from_robot_to_robot - From robot to robot - Restoring creativity in school pupils using robotics - English - en - 20101227T124500 - 20101227T134500 - 01H00M00S - From robot to robot- Restoring creativity in school pupils using robotics - Today, hacking is reserved for the microscopic fraction of the population who manage to shake themselves free of the suppressive education regime. Student Robotics is the beginning of the solution. By fostering creativity through competition to solve engineering challenges, we provide the inspiration society desperately needs. We develop an open platform for robotics and provide it to schools to open students' minds to the world of hacking. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4175.en.html - Saal 3 - Robert Spanton - - - PUBLISH - 4018@27C3@pentabarf.org - 4018 - frozencache - FrozenCache - Mitigating cold-boot attacks for Full-Disk-Encryption software - English - en - 20101229T230000 - 20101230T000000 - 01H00M00S - FrozenCache- Mitigating cold-boot attacks for Full-Disk-Encryption software - Cold boot attacks are a major risk for the protection that Full-Disk-Encryption solutions provide. FrozenCache is a general-purpose solution to this attack for x86 based systems that employs a special CPU cache mode known as "Cache-as-RAM". Switching the CPU cache into a special mode forces data to held exclusively in the CPU cache and not to be written to the backing RAM locations, thus safeguarding data from being obtained from RAM by means of cold boot attacks. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4018.en.html - Saal 3 - Juergen Pabel - - - PUBLISH - 4141@27C3@pentabarf.org - 4141 - hacker_jeopardy - Hacker Jeopardy - Number guessing for geeks - German - de - 20101229T230000 - 20101230T010000 - 02H00M00S - Hacker Jeopardy- Number guessing for geeks - The Hacker Jeopardy is a quiz show. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4141.en.html - Saal 1 - Ray - Stefan 'Sec' Zehl - - - PUBLISH - 4333@27C3@pentabarf.org - 4333 - hacker_jeopardy_translation - Hacker Jeopardy (english translation) - Number guessing for geeks - English - en - 20101229T230000 - 20101230T010000 - 02H00M00S - Hacker Jeopardy (english translation)- Number guessing for geeks - The Hacker Jeopardy is a quiz show. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4333.en.html - Saal 2 - - - PUBLISH - 3983@27C3@pentabarf.org - 3983 - hackers_and_computer_science - Hackers and Computer Science - What hacker research taught me - English - en - 20101230T134500 - 20101230T141500 - 00H30M00S - Hackers and Computer Science- What hacker research taught me - Although most academics and industry practitioners regard "hacking" as mostly ad-hoc, a loose collection of useful tricks essentially random in nature, I will argue that hacking has in fact become a "distinct research and engineering discipline" with deep underlying engineering ideas and insights. Although not yet formally defined as such, it are these ideas and insights that drive the great contributions that hacking has been making to our understanding of computing, including the challenges of handling complexity, composition, and security in complex systems. I will argue that hacking uncovers and helps to understand (and teach) fundamental issues that go to the heart of Computer Science as we know it, and will try to formulate several such fundamental principles which I have learned from hacker research. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/3983.en.html - Saal 2 - Sergey - - - PUBLISH - 4176@27C3@pentabarf.org - 4176 - hacking_ibuttons - Hacking iButtons - - German - de - 20101227T203000 - 20101227T213000 - 01H00M00S - Hacking iButtons - - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4176.en.html - Saal 3 - Christian Brandt - - - PUBLISH - 4265@27C3@pentabarf.org - 4265 - hacking_smart_phones - hacking smart phones - expanding the attack surface and then some - English - en - 20101227T183000 - 20101227T193000 - 01H00M00S - hacking smart phones- expanding the attack surface and then some - There's been a fair bit written and presented about smartphone's, and yet, when it comes to the attack surface of the operating systems running on them, and the applications running on top of those, much still has to be explorer. This talk will dive a bit deeper into that attack surface. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4265.en.html - Saal 2 - Ilja van Sprundel - - - PUBLISH - 4193@27C3@pentabarf.org - 4193 - having_fun_with_rtp - Having fun with RTP - „Who is speaking???“ - English - en - 20101230T171500 - 20101230T181500 - 01H00M00S - Having fun with RTP- „Who is speaking???“ - A lot of people are interested and involved in voice over IP security. Most of the effort is concentrated on the security of the signalling protocols. This talk is focussing on the security of the voice part involved in todays voice over IP world. It is the result of the questions that I had to ask myself while i was debugging audio quality problems of customers and implementing a RTP stack from scratch. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4193.en.html - Saal 3 - kapejod - - - PUBLISH - 4295@27C3@pentabarf.org - 4295 - high_speed_high_security_cryptography - High-speed high-security cryptography: encrypting and authenticating the whole Internet - - English - en - 20101228T203000 - 20101228T213000 - 01H00M00S - High-speed high-security cryptography: encrypting and authenticating the whole Internet - Are you writing a program that sends data through the Internet? Are you sending the data through HTTP, or SMTP, or simply TCP, leaving it vulnerable to espionage, corruption, and sabotage by anyone who owns a machine connected to the same network? - -You can use SSH and IPsec to protect communication with your own machines, but how do you talk to the rest of the Internet? You can use TCPcrypt to protect yourself against attackers too lazy to forge packets, but how do you protect yourself against serious attackers? You can use HTTPS for low-frequency communication, but how do you handle heavy network traffic, and how do you protect yourself against the security flaws in HTTPS? Today's Internet cryptography is slow, untrustworthy, hard to use, and remarkably unsuccessful as a competitor to good old unprotected TCP. - -This talk will present a different approach to high-security Internet cryptography. This approach is easy for users, easy for system administrators, and, perhaps most importantly, easy for programmers. The main reason that the approach has not been tried before is that it seems to involve very slow cryptographic operations; this talk will show that the approach is extremely fast when it is done right. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4295.en.html - Saal 1 - Daniel J. Bernstein - - - PUBLISH - 4301@27C3@pentabarf.org - 4301 - flow_analysis_of_internet_activities - How the Internet sees you - demonstrating what activities most ISPs see you doing on the Internet - English - en - 20101230T160000 - 20101230T170000 - 01H00M00S - How the Internet sees you- demonstrating what activities most ISPs see you doing on the Internet - On the Internet one tends to think that one is pretty much safe from poking eyes. Taps in most countries can only be established after a judge has issued a warrant, thus upto such a tap is succesfully deployed one might think one is pretty much in the clear. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4301.en.html - Saal 1 - Jeroen Massar - - - PUBLISH - 4089@27C3@pentabarf.org - 4089 - ich_sehe_nicht_dass_wir_nicht_zustimmen_werden - Ich sehe nicht, dass wir nicht zustimmen werden - Die Sprache des politischen Verrats und seiner Rechtfertigung - German - de - 20101230T124500 - 20101230T134500 - 01H00M00S - Ich sehe nicht, dass wir nicht zustimmen werden- Die Sprache des politischen Verrats und seiner Rechtfertigung - Der Vortrag zeigt auf, wie sich Politiker rechtfertigen, wenn sie gegen ihre Argumentation und die Überzeugungen entscheiden oder handeln, für die sie stehen. Es ergibt sich dabei eine extreme Zwangslage, denn es ist oft nicht so einfach möglich, die zuvor vorgebrachten Argumente aufzugeben. Also muss auf Leerformeln, Nebelkerzen, Scheinargumente und spezielle grammatische Mittel zurückgegriffen werden, die die Regresspflicht mindern (Konjunktive, doppelte Verneinungen, Modalpartikeln usw.); dabei sind Kunstgriffe nötig, die über die inzwischen hinlänglich bekannte Leyen-Rhetorik hinausgehen. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4089.en.html - Saal 1 - maha/Martin Haase - - - PUBLISH - 4149@27C3@pentabarf.org - 4149 - i_control_your_code - I Control Your Code - Attack Vectors Through the Eyes of Software-based Fault Isolation - English - en - 20101228T140000 - 20101228T150000 - 01H00M00S - I Control Your Code- Attack Vectors Through the Eyes of Software-based Fault Isolation - Unsafe languages and an arms race for new bugs calls for an additional line of defense in software systems. User-space virtualization uses dynamic instrumentation to detect different attack vectors and protects from the execution of malicious code. An additional advantage of these virtualization systems is that they can be used to analyze different exploits step by step and to extract the exploit code from a running program. - -This talk explains the concept of different attack vectors (stack buffer overflows, format string attacks, return to libc attacks, race attacks / TOCTTOU, integer overflows, heap buffer overflows, and code anomalies). For each of these attack vectors we show possible exploits and explain how the virtualization system is able to detect and prevent the exploit. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4149.en.html - Saal 3 - Mathias Payer - - - PUBLISH - 4084@27C3@pentabarf.org - 4084 - ignorance_and_peace_narratives_in_cyberspace - Ignorance and Peace Narratives in Cyberspace - Cloud Computing, Assessment, and Fools like Me. - English - en - 20101229T134500 - 20101229T141500 - 00H30M00S - Ignorance and Peace Narratives in Cyberspace- Cloud Computing, Assessment, and Fools like Me. - This paper explores the challenges of being proactive with existing and future data mining possibilities when facing the realities of institutional expectations for assessment and when facing the fact that one’s own understanding of cyber capabilities is less than ideal. This paper discusses the current assessment cyber resources, trends, and pressures within USA academic institutions and the challenges of reactive/proactive labor in the midst of multiple levels of technological/informational literacies amongst administrators. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4084.en.html - Saal 2 - Angela Crow - - - PUBLISH - 4206@27C3@pentabarf.org - 4206 - immi_from_concept_to_reality - IMMI, from concept to reality - The Icelandic Modern Media Initiative and our need for a well-regulated flow of information - English - en - 20101229T171500 - 20101229T181500 - 01H00M00S - IMMI, from concept to reality- The Icelandic Modern Media Initiative and our need for a well-regulated flow of information - The talk will give an update on the status of the Icelandic Modern Media Initiative. If we put IMMI into the context of the bus Rop talked about in the keynote, then IMMI is the quality rubber for the tires that can ride that road safely. It is part of what our bus should look like, ride like, feel like. The talk will also try to define some more of that bus, and elaborate on what else we need apart from the best rubber we can get. - -The talk will hence deal with some of the latest developments in respect to freedom of speech, specifically that of the press, and political pressure being excersized on it, roles and responsibilities, and the role of responsibility. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4206.en.html - Saal 1 - Daniel Domscheit-Berg - - - PUBLISH - 4237@27C3@pentabarf.org - 4237 - indect_eu_surveillance_project - INDECT - an EU-Surveillance Project - - English - en - 20101229T183000 - 20101229T193000 - 01H00M00S - INDECT - an EU-Surveillance Project - INDECT - -The acronym stands for Intelligent Information System Supporting Observation, Searching and Detection for Security of Citizens in Urban Environment. -A total of 17 partners in nine member states are developing an infrastructure for linking existing surveillance technologies to form one mighty instrument for controlling the people. They are laying the foundation of a European police state, since INDECT's results serve to increase the effectiveness of police operation on the national and European level. -INDECT is funded under the European Commission's Seventh Framework Programme (FP7), the security-related research of which provides € 1.4 billion Euro for more than 60 partly interlaced projects. - - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4237.en.html - Saal 2 - Sylvia Johnigk - - - PUBLISH - 4236@27C3@pentabarf.org - 4236 - international_cyber_jurisdiction - International Cyber Jurisdiction - Kill Switching” Cyberspace, Cyber Criminal Prosecution & Jurisdiction Hopping - English - en - 20101230T160000 - 20101230T170000 - 01H00M00S - International Cyber Jurisdiction- Kill Switching” Cyberspace, Cyber Criminal Prosecution & Jurisdiction Hopping - Concepts of sovereignty, freedom, privacy and intellectual property become amorphous when discussing territories that only exists as far as the Internet connects. International cyber jurisdiction is supported by a complicated web of international law and treaties. Jurisdiction hopping, a technique that is becoming popular for controversial content, is one we have used for the U.S. 1st Amendment censorship-resistant and non-profit hosting company, Project DOD, by using PRQ's services in Sweden. This technique is used to place assets in a diverse, but accessible, web of countries in which that content may be legal in the hosting country, but may have legal complications in the country in which it is accessed. As ownership and protection of property becomes a concept that is difficult to maintain across boundaries that are not easily distinguishable, can the U.S. "kill-switch" parts of the Internet and under what authority can it be done? Similarly, the geographic challenges to international cyber criminal law – and the feasibility of new sovereign nations – will be analyzed. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4236.en.html - Saal 2 - TiffanyRad - - - PUBLISH - 4121@27C3@pentabarf.org - 4121 - is_the_ssliverse_a_safe_place - Is the SSLiverse a safe place? - An update on EFF's SSL Observatory project - English - en - 20101228T160000 - 20101228T170000 - 01H00M00S - Is the SSLiverse a safe place?- An update on EFF's SSL Observatory project - The EFF SSL Observatory has collected a dataset of all TLS/HTTPS certificates visible on the public web. We discuss this dataset - what we have learned from it, how you can use it, and how intend to offer a live, continually updated version of it. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4121.en.html - Saal 2 - Jesse - Peter Eckersley - - - PUBLISH - 4011@27C3@pentabarf.org - 4011 - embedded_reverse_engineering - JTAG/Serial/FLASH/PCB Embedded Reverse Engineering Tools and Techniques - a dump of simple tools for embedded analysis at many layers - English - en - 20101227T140000 - 20101227T150000 - 01H00M00S - JTAG/Serial/FLASH/PCB Embedded Reverse Engineering Tools and Techniques- a dump of simple tools for embedded analysis at many layers - Bring your target. Will release a slew of simple tools that explore attack surfaces and explain of how to use: jtag/serial scanners, parallel flash dumper, DePCB board routing analysis. So, crossover from software RE and start hacking/improving like its 1996 again. (full documentation and reference at: http://events.ccc.de/congress/2010/wiki/Embedded_Analysis) - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4011.en.html - Saal 3 - Nathan Fain - Vadik - - - PUBLISH - 4296@27C3@pentabarf.org - 4296 - lightning_days_d2 - Lightning Talks - Day 2 - 4 minutes of fame - English - en - 20101228T124500 - 20101228T134500 - 01H00M00S - Lightning Talks - Day 2- 4 minutes of fame - 4 minutes for every speaker. Learn about the good, the bad, and the ugly - in software, hardware, projects, and more. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4296.en.html - Saal 3 - Nick Farr - - - PUBLISH - 4239@27C3@pentabarf.org - 4239 - lightning_talks_d3 - Lightning Talks - Day 3 - where is my community? - English - en - 20101229T113000 - 20101229T134500 - 02H15M00S - Lightning Talks - Day 3- where is my community? - 4 minutes for every speaker. Learn about the good, the bad, and the ugly - in software, hardware, projects, and more. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4239.en.html - Saal 3 - Nick Farr - - - PUBLISH - 4300@27C3@pentabarf.org - 4300 - lightning_talks_d4 - Lightning Talks - Day 4 - where is my community? - English - en - 20101230T113000 - 20101230T134500 - 02H15M00S - Lightning Talks - Day 4- where is my community? - 4 minutes for every speaker. Learn about the good, the bad, and the ugly - in software, hardware, projects, and more. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4300.en.html - Saal 3 - Nick Farr - - - PUBLISH - 4195@27C3@pentabarf.org - 4195 - literarischer_abend - Literarischer Abend - - German - de - 20101228T171500 - 20101228T181500 - 01H00M00S - Literarischer Abend - Ein literarischer Abend im Quartett. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4195.en.html - Saal 2 - Andreas Lehner - Lars - - - PUBLISH - 4073@27C3@pentabarf.org - 4073 - logikschaltungen_ohne_elektronik - Logikschaltungen ohne Elektronik - logische Schaltungen mit Pneumatik - German - de - 20101228T143000 - 20101228T150000 - 00H30M00S - Logikschaltungen ohne Elektronik- logische Schaltungen mit Pneumatik - Ein kurzer Überblick über mechanische und strömungstechnische Logikschaltungen und Computer - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4073.en.html - Saal 2 - Äpex - xif - - - PUBLISH - 4210@27C3@pentabarf.org - 4210 - lying_to_the_neighbours - Lying To The Neighbours - Nasty effects with tracker-less BitTorrent - English - en - 20101228T130000 - 20101228T133000 - 00H30M00S - Lying To The Neighbours- Nasty effects with tracker-less BitTorrent - Distributed Hash Tables implement Routing and Addressability in large P2P networks. In the Kademlia adaption for Bittorrent a peer's address (NodeID) is to be generated randomly, or more appropriate: arbitrarily. Because randomness isn't verifiable, an implementation can advertise itself with popular NodeIDs or even change them on a per-packet basis. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4210.en.html - Saal 2 - Astro - - - PUBLISH - 4081@27C3@pentabarf.org - 4081 - netzmedienrecht_lobbyismus_korruption - Netzmedienrecht, Lobbyismus und Korruption - Wie wirkt die Lobby von Medienkonzernen? - German - de - 20101228T171500 - 20101228T181500 - 01H00M00S - Netzmedienrecht, Lobbyismus und Korruption- Wie wirkt die Lobby von Medienkonzernen? - Die Mediennutzung, aber auch ihre Verwaltung und Vergütung, also ihr Management, müssen an eine digitale Netzwelt angepasst werden. Wie ist der Stand der juristischen Auseinandersetzung um die Rechte von Urhebern, Verwertern und Nutzern von Medieninhalten? Wie und wo setzen sich starke Wirtschaftsinteressen mit Lobbygruppen durch? - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4081.en.html - Saal 3 - Thomas Barth - - - PUBLISH - 4094@27C3@pentabarf.org - 4094 - netzneutralitaet_und_qos - Netzneutralität und QoS - ein Widerspruch? - Fakten auf den Tisch - German - de - 20101227T183000 - 20101227T200000 - 01H30M00S - Netzneutralität und QoS - ein Widerspruch?- Fakten auf den Tisch - Geht es mit der Netzneutralität zu Ende? Was haben wir den Lobbyisten und PR-Leuten der Telekommunikationsunternehmen argumentativ entgegenzusetzen? Was sind die Fakten, was gehört ins Reich der Mythen? - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4094.en.html - Saal 1 - Andreas Bogk - Falk Lüke - scusi - Uli Blumenthal - - - PUBLISH - 4261@27C3@pentabarf.org - 4261 - key_recovery_attacks_rc4 - News Key Recovery Attacks on RC4/WEP - - English - en - 20101230T171500 - 20101230T181500 - 01H00M00S - News Key Recovery Attacks on RC4/WEP - In this paper, we present several weaknesses in the stream cipher RC4. -First, we present a technique to automatically reveal linear -correlations in the PRGA of RC4. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4261.en.html - Saal 2 - Martin Vuagnoux - - - PUBLISH - 4142@27C3@pentabarf.org - 4142 - nodejs_as_a_networking_tool - Node.js as a networking tool - - English - en - 20101228T134500 - 20101228T141500 - 00H30M00S - Node.js as a networking tool - Node.js is a library that provides non-blocking I/O for Google's V8 JavaScript engine. This talk explores node's suitability for a diverse range of networking applications. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4142.en.html - Saal 2 - Felix Geisendörfer - - - PUBLISH - 4221@27C3@pentabarf.org - 4221 - omg_wtf_pdf - OMG WTF PDF - What you didn't know about Acrobat - English - en - 20101230T113000 - 20101230T123000 - 01H00M00S - OMG WTF PDF- What you didn't know about Acrobat - Ambiguities in the PDF specification means that no two PDF parsers will see a file in the same way. This leads to many opportunities for exploit obfuscation. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4221.en.html - Saal 1 - Julia Wolf - - - PUBLISH - 4339@27C3@pentabarf.org - 4339 - openleaks - OpenLeaks - - English - en - 20101230T160000 - 20101230T170000 - 01H00M00S - OpenLeaks - - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4339.en.html - Saal 3 - Daniel Domscheit-Berg - - - PUBLISH - 4143@27C3@pentabarf.org - 4143 - parttimescientists - Part-Time Scientists - One year of Rocket Science! - English - en - 20101228T160000 - 20101228T170000 - 01H00M00S - Part-Time Scientists- One year of Rocket Science! - The Part-Time Scientists is an international team of Scientists and Engineers participating in the first private race to the moon, the Google Lunar X-Prize. Our approach to win this competition is quite unique as everyone involved really is a part-time scientist. - -In our presentation we will present our latest lunar rover, lander, electronic and communications developments. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4143.en.html - Saal 1 - Karsten Becker - Robert Boehme - - - PUBLISH - 4253@27C3@pentabarf.org - 4253 - pentanews_game_show - Pentanews Game Show - Your opponents will be riddled as well - English - en - 20101228T001500 - 20101228T011500 - 01H00M00S - Pentanews Game Show- Your opponents will be riddled as well - Out of the news section of the [C3D2](http://www.c3d2.de "CCC Dresden") [radio programme](http://www.pentamedia.org/pentaradio Pentaradio24) we've compiled an entertaining game show, an Internet-based multiplayer "Who becomes millionaire?" challenge. The audience and folks on the peace missions are asked to help the players. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4253.en.html - Saal 1 - Alien8 - Astro - - - PUBLISH - 4326@27C3@pentabarf.org - 4326 - radio_der_zukunft - Radio der Zukunft - Was kommt nach dem analogen Radio? - German - de - 20101229T140000 - 20101229T150000 - 01H00M00S - Radio der Zukunft- Was kommt nach dem analogen Radio? - Radio – das ist eine der wenigen elektronischen Medientechnologien, die den Sprung in die digitale Ära noch nicht richtig geschafft hat. Während die Fernsehverbreitung schon fast vollständig per volldigitalen Systemen wie DVB-T stattfindet, bleiben die Radiosender dem guten alten Analog-Funk auf UKW treu. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4326.en.html - Saal 1 - Peter Welchering - Ralph Müller-Schmid - Tim Pritlove - Willi Steul - - - PUBLISH - 3957@27C3@pentabarf.org - 3957 - ipv6_insecurities - Recent advances in IPv6 insecurities - - English - en - 20101227T214500 - 20101227T224500 - 01H00M00S - Recent advances in IPv6 insecurities - New protocol features have been proposed and implemented in the last 5 years and ISPs are now slowly starting to deploy IPv6. This talk starts with a brief summary of the issues presented five years ago, and then expands on the new risks. -Discovered implemention security issues in Windows 7/2008, Linux and Cisco will be shown too. Comes with a GPL'ed toolkit: thc-ipv6 - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/3957.en.html - Saal 2 - vanHauser - - - PUBLISH - 4036@27C3@pentabarf.org - 4036 - reverse_engineering_a_real_word_rfid_payment_system - Reverse Engineering a real-world RFID payment system - Corporations enabling citizens to print digital money - English - en - 20101229T203000 - 20101229T213000 - 01H00M00S - Reverse Engineering a real-world RFID payment system- Corporations enabling citizens to print digital money - How to reverse engineer the data format of a real-world RFID based debit card system. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4036.en.html - Saal 3 - Harald Welte - - - PUBLISH - 4159@27C3@pentabarf.org - 4159 - reverse_engineering_mos_6502 - Reverse Engineering the MOS 6502 CPU - 3510 transistors in 60 minutes - English - en - 20101228T124500 - 20101228T134500 - 01H00M00S - Reverse Engineering the MOS 6502 CPU- 3510 transistors in 60 minutes - The MOS 6502 CPU, which was designed in 1975 and powered systems like the Apple II, the Atari 2600, the Nintendo NES and the Commodore 64 for two decades, has always been subject to intense reverse engineering of its inner workings. Only recently, the Visual6502.org project has converted a hi-res die-shot of the 6502 into a polygon model suitable for visually simulating the original mask at the transistor level. This talk will present the way from a chip package to a digital representation, how to simulate transistors in software, and new insights gained form this research about 6502 internals, like "illegal" opcodes. - - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4159.en.html - Saal 1 - Michael Steil - - - PUBLISH - 4082@27C3@pentabarf.org - 4082 - sap_landscape - Rootkits and Trojans on Your SAP Landscape - SAP Security and the Enterprise - English - en - 20101227T230000 - 20101228T000000 - 01H00M00S - Rootkits and Trojans on Your SAP Landscape- SAP Security and the Enterprise - SAP systems are the heart of many enterprises. Most critical business functions run on SAP Applications and the complexity of these systems makes it very difficult to protect against attackers. Default setups, forgotten/unimplemented security configurations, weak password management and change processes that apply to one ‘unimportant’ system can result in complete compromise of the SAP landscape. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4082.en.html - Saal 3 - Ertunga Arsal - - - PUBLISH - 3952@27C3@pentabarf.org - 3952 - running_your_own_gsm_stack_on_a_phone_osmocombb - Running your own GSM stack on a phone - Introducing Project OsmocomBB - English - en - 20101229T183000 - 20101229T193000 - 01H00M00S - Running your own GSM stack on a phone- Introducing Project OsmocomBB - In recent years, we have seen several Free Software projects implementing the network side of the GSM protocol. In 2010, OsmocomBB was started to create a free software implementation of the telephone-side. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/3952.en.html - Saal 1 - Harald Welte - Steve Markgraf - - - PUBLISH - 4183@27C3@pentabarf.org - 4183 - safety_on_open_sea - Safety on the Open Sea - Safe navigation with the aid of an open sea chart. - English - en - 20101229T160000 - 20101229T170000 - 01H00M00S - Safety on the Open Sea- Safe navigation with the aid of an open sea chart. - In maritime shipping accurate positioning is vital to preserve damage to life, ship, and goods. Today, we might tend to think that this problem is sufficiently solved yet because of the existence of electronic positioning systems like, most notably, the Global Positioning System (GPS) or the Russian counterpart GLONASS. This is wrong. Positions in terms of latitude and longitude just make sense together with an accurate sea chart (and of course, together with a navigator that is able to translate charting data into reality). - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4183.en.html - Saal 3 - Bernhard Fischer - - - PUBLISH - 4138@27C3@pentabarf.org - 4138 - secure_communications_below_the_hearing_threshold - Secure communications below the hearing threshold - Improved approaches for auditive steganography - English - en - 20101228T230000 - 20101229T000000 - 01H00M00S - Secure communications below the hearing threshold- Improved approaches for auditive steganography - Auditive steganography allows for various usage scenarios. In our project we focused on hidden communications in VoIP and GSM in which voice data is typically compressed and transmitted in realtime. A framework has been developed to meet these requirements, providing interfaces for robust steganographic algorithms. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4138.en.html - Saal 2 - Marcus Nutzinger - Rainer Poisel - - - PUBLISH - 4230@27C3@pentabarf.org - 4230 - security_nightmares - Security Nightmares - - German - de - 20101230T171500 - 20101230T181500 - 01H00M00S - Security Nightmares - Was hat sich im letzten Jahr im Bereich IT-Sicherheit getan? Welche neuen Entwicklungen haben sich ergeben? Welche neuen Buzzwords und Trends waren zu sehen? - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4230.en.html - Saal 1 - Frank Rieger - Ron - - - PUBLISH - 4181@27C3@pentabarf.org - 4181 - sip_home_gateways_under_fire - SIP home gateways under fire - Source routing attacks applied to SIP - English - en - 20101229T143000 - 20101229T150000 - 00H30M00S - SIP home gateways under fire- Source routing attacks applied to SIP - The SIP home gateway -- which combines a NAT router, a SIP proxy, and analogue phone adapters -- is the weakest link in a Voice over IP network. SIP's numerous source routing mechanisms share the well-known security weaknesses of IP source routing. The talk discusses possible exploits and countermeasures. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4181.en.html - Saal 2 - Wolfgang Beck - - - PUBLISH - 4060@27C3@pentabarf.org - 4060 - attacking_mobile_phones - SMS-o-Death - From analyzing to attacking mobile phones on a large scale. - English - en - 20101227T171500 - 20101227T181500 - 01H00M00S - SMS-o-Death- From analyzing to attacking mobile phones on a large scale. - Smart phones, everybody has a smart phone! No! Just about 16% of all mobile phones are smart phones! Feature phones are the most common type of mobile phone in the world. Some time ago we decided to investigate the security of feature phones. In this talk we show how we analyzed feature phones for SMS security issues. We show our results and the kind of attacks that are possible with our bugs. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4060.en.html - Saal 1 - Collin Mulliner - Nico Golde - - - PUBLISH - 4125@27C3@pentabarf.org - 4125 - spinning_the_electronic_wheel - Spinning the electronic Wheel - Still the bicycles for the 21th century - German - de - 20101227T230000 - 20101228T000000 - 01H00M00S - Spinning the electronic Wheel- Still the bicycles for the 21th century - Dreieinhalb Jahre nach dem Talk '21st Century digital Bikes' auf dem Camp 2007 ist einiges in der Welt der elektrischen Fortbewegung passiert. Ende 2010 ist ein guter Zeitpunkt, den Stand der Dinge aufzurollen, die Neuigkeiten darzustellen und über eine mehr unschärfer als klarer werdende Zukunft der elektrischen Mobilität zu sprechen. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4125.en.html - Saal 2 - Betty - Gismo C. - - - PUBLISH - 4145@27C3@pentabarf.org - 4145 - spoilers_human_interfaces_airplanes - "Spoilers, Reverse Green, DECEL!" or "What's it doing now?" - Thoughts on the Automation and its Human interfaces on Airplanes - English - en - 20101228T203000 - 20101228T213000 - 01H00M00S - "Spoilers, Reverse Green, DECEL!" or "What's it doing now?"- Thoughts on the Automation and its Human interfaces on Airplanes - Getting the interfaces right to computers controlling complex and dangerous machines such as commercial airliners is crucial. I will present a successful accident analysis method and talk about interface design problems, ideas for solutions, methods for understanding causal control flow. There will be some spectacular aviation accident videos and stories of bad luck, bad design, bad decisions, and a hero that managed to turn a near-catastrophe into an accident without fatalities. - - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4145.en.html - Saal 3 - Bernd Sieker - - - PUBLISH - 4184@27C3@pentabarf.org - 4184 - stanislaw_lem_weltverbesserer - Stanislaw Lem - Der enttäuschte Weltverbesserer - Ein audiovisuelles Live-Feature - German - de - 20101229T001500 - 20101229T011500 - 01H00M00S - Stanislaw Lem - Der enttäuschte Weltverbesserer- Ein audiovisuelles Live-Feature - Man kennt ihn als einen der wichtigsten Science-Fiction-Autoren des zwanzigsten Jahrhunderts. Aber Lem war mehr als das: Als Philosoph und Wissenschaftler konnte er technische Entwicklungen der Menschheit und ihre Auswirkungen sogar voraussehen. Als solcher prägte er viele heute geläufige Begriffe für technische Errungenschaften, die seinerzeit noch gar nicht existierten. Seine teils utopische, teils humoristische und selbstironische Art zu schreiben, brachte ihm weltweit große Popularität ein, seine Bücher erreichten eine Auflage von mehr als 45 Millionen und wurden zum Teil verfilmt. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4184.en.html - Saal 1 - Agata Królikowski - Constanze Kurz - Ina Kwasniewski - Jens-Martin Loebel - Kai Kittler - Marcus Richter - - - PUBLISH - 4097@27C3@pentabarf.org - 4097 - identifizierung_von_netzwerkprotokollen - Techniken zur Identifizierung von Netzwerk-Protokollen - - German - de - 20101228T183000 - 20101228T193000 - 01H00M00S - Techniken zur Identifizierung von Netzwerk-Protokollen - Der Vortrag soll Techniken aufzeigen, mit denen man Netzwerk-Protokolle identifizieren kann, die in Layer 7 des OSI-Modells angesiedelt sind. Alle Techniken - darunter auch die Deep Packet Inspection (DPI) - werden technisch erläutert und kritisch bewertet. - - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4097.en.html - Saal 3 - Florian Adamsky - - - PUBLISH - 4055@27C3@pentabarf.org - 4055 - terrorists_win_exploiting_telecommunications_data - Terrorists Win - Exploiting Telecommunications Data Retention? - - English - en - 20101229T123000 - 20101229T133000 - 01H00M00S - Terrorists Win - Exploiting Telecommunications Data Retention? - Telecommunications data retention (TDR) has become a reality in most -Western countries. Protagonists claim that the collection of massive -amounts of data on the communication behavior of all individuals -within a country would enable law enforcement agencies to exploit -patterns in the stored data to uncover connections between suspects. - - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4055.en.html - Saal 2 - Kay Hamacher - Stefan Katzenbeisser - - - PUBLISH - 4090@27C3@pentabarf.org - 4090 - baseband_apocalypse - The Baseband Apocalypse - all your baseband are belong to us - English - en - 20101228T203000 - 20101228T213000 - 01H00M00S - The Baseband Apocalypse- all your baseband are belong to us - Attack scenarios against mobile phones have thus far concentrated on the application processor. The operating systems running on these processors are getting hardened by vendors as can be seen in the case of Apple's iOS -- the current release uses data execution prevention and code signing. In contrast, the GSM stack running on the baseband processor is neglected. The advent of open-source solutions such as OpenBSC and OpenBTS for running GSM base stations is a game-changer: Malicious base stations are not within the attack model assumed by the GSMA and ETSI. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4090.en.html - Saal 2 - Ralf-Philipp Weinmann - - - PUBLISH - 4201@27C3@pentabarf.org - 4201 - the_concert_a_disconcerting_moment_for_free_culture - "The Concert" - a disconcerting moment for free culture - English - en - 20101228T183000 - 20101228T193000 - 01H00M00S - "The Concert"- a disconcerting moment for free culture - Corey Cerovsek and Julien Quentin, accomplished musicians known worldwide for their classical recital performances, and media artist Alex Antener present something that's not quite an ordinary concert, to draw attention to the importance of the public domain in centuries of classical music tradition. It's both more — and less — than what you might expect to see and hear at a classical concert. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4201.en.html - Saal 1 - Alex Antener - Corey Cerovsek - Julien Quentin - - - PUBLISH - 4174@27C3@pentabarf.org - 4174 - the_hidden_nemesis - The Hidden Nemesis - Backdooring Embedded Controllers - English - en - 20101228T230000 - 20101229T000000 - 01H00M00S - The Hidden Nemesis- Backdooring Embedded Controllers - Want to persistently backdoor a laptop? Backdooring the BIOS is out of the question since your target can dump and diff it? Planting hardware is out of the question as well? Shhhhhhh.. I have something for you: - - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4174.en.html - Saal 3 - Ralf-Philipp Weinmann - - - PUBLISH - 4263@27C3@pentabarf.org - 4263 - resisting_excessive_government_surveillance - The importance of resisting Excessive Government Surveillance - Join me in exposing and challenging the constant violations of our right to privacy - English - en - 20101228T230000 - 20101229T000000 - 01H00M00S - The importance of resisting Excessive Government Surveillance- Join me in exposing and challenging the constant violations of our right to privacy - My name is Nicholas Merrill and I was the plaintiff in a legal case in the US court system where I challenged the FBI’s policy of using a feature of the so-called USA PATRIOT act - what are called “National Security Letters” - to bypass the American Constitution's system of checks and balances and in violation of the United Nations Universal Declaration of Human Rights - in order to obtain protected personal information and to unmask anonymous Internet users. I spent over 6 years not able to speak to anyone (other than my lawyers) about my case - forced to lie to those closest to me due to an FBI gag order that carried a possible 10 year prison sentence for violating it. However the lawsuit resulted in the establishment of two key legal precedents and made changes that affect every Internet worker and Telephone worker in America. I would like to speak to the 27C3 audience in order to tell about my experience and to challenge (and offer my support and assistance to) those individuals who are in a position to challenge government surveillance requests to follow their consciences and do so. - -People who work at Internet Service Providers and Telephone companies as well as IT workers at Universities and private businesses are increasingly likely to encounter government attempts at surveillance. I would like to speak to the CCC regarding my experiences in resisting a National Security Letter and also a “Grand Jury Subpoena” as well as my experience of being gagged by the FBI for nearly 7 years - unable to speak on the subject or identify myself as the plaintiff in the NSL lawsuit. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4263.en.html - Saal 1 - Nicholas Merrill - - - PUBLISH - 4124@27C3@pentabarf.org - 4124 - three_jobs_that_journalists_will_do_in_2050 - Three jobs that journalists will do in 2050 - Why future media may be more powerful (and more subversive) than ever before - English - en - 20101230T140000 - 20101230T150000 - 01H00M00S - Three jobs that journalists will do in 2050- Why future media may be more powerful (and more subversive) than ever before - Print media are dying, but what is rising up to take their place? In this presentation, I'll answer that question by describing three new kinds of jobs for journalists that do not exist in mainstream print media. These jobs are: hacker journalist, data-mining reporter, and crowd engineer. I'll be describing what these jobs entail, and current examples of organizations already employing people to do them. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4124.en.html - Saal 1 - Annalee Newitz - - - PUBLISH - 4098@27C3@pentabarf.org - 4098 - tor_is_peace_software_freedom_is_slavery - Tor is Peace, Software Freedom is Slavery, Wikipedia is Truth - The political philosophy of the Internet - English - en - 20101230T113000 - 20101230T123000 - 01H00M00S - Tor is Peace, Software Freedom is Slavery, Wikipedia is Truth- The political philosophy of the Internet - The Internet began as state-sponsored anarchy, but it is now the tool of first resort for dissidents and propagandists alike. The poster-child project of the Free Software Movement runs on the authority of a single person; the rest clash over the very definition of the word 'free'. A company which pictured itself as smashing Big Brother is now seen as one of the perceived secretive and authoritarian in the industry; and for another, 'Don't Be Evil' is proving to be a challenging motto to live by. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4098.en.html - Saal 2 - Adam - - - PUBLISH - 4234@27C3@pentabarf.org - 4234 - usb_and_libusb - USB and libusb - So much more than a serial port with power - English - en - 20101227T171500 - 20101227T181500 - 01H00M00S - USB and libusb- So much more than a serial port with power - Learn about the benefits and limitations of Universal Serial Bus, how communication works on the bus, how and why the right (and sometimes wrong?) driver can be loaded automatically by the operating system, and find out the easiest way to add USB to your washing machine, toaster, or other favorite appliance. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4234.en.html - Saal 3 - Peter Stuge - - - PUBLISH - 4252@27C3@pentabarf.org - 4252 - von_zensursula_ueber_censilia_zum_kindernet - Von Zensursula über Censilia hin zum Kindernet - Jahresrückblick rund um Internet-Sperren, Sendezeitbegrenzungen im Internet und vermeintlichen Jugendschutz - German - de - 20101227T140000 - 20101227T150000 - 01H00M00S - Von Zensursula über Censilia hin zum Kindernet- Jahresrückblick rund um Internet-Sperren, Sendezeitbegrenzungen im Internet und vermeintlichen Jugendschutz - Nach Zensursula kam Censilia und das Kindernet: 2010 brachte nach den hitzigen Diskussionen um Internet-Sperren und das Zugangserschwerungsgesetz einige neue Entwicklungen – und die Rundfunkkommission der Länder wollte mal wieder den Jugendschutz im Internet angehen. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4252.en.html - Saal 1 - Alvar C. H. Freude - - - PUBLISH - 4185@27C3@pentabarf.org - 4185 - whistleblowing__licht_ins_dunkel - Whistleblowing - Licht ins Dunkel! - German - de - 20101227T160000 - 20101227T170000 - 01H00M00S - Whistleblowing- Licht ins Dunkel! - Whistleblowing als universelles Konzept für mehr Transparenz – oder: über die Rückeroberung der Dunkelräume in Wirtschaft und Politik auch jenseits von Wikileaks. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4185.en.html - Saal 1 - Johannes Ludwig - Whistleblower-Netzwerk - - - PUBLISH - 4208@27C3@pentabarf.org - 4208 - wideband_gsm_sniffing - Wideband GSM Sniffing - - English - en - 20101228T140000 - 20101228T150000 - 01H00M00S - Wideband GSM Sniffing - GSM is still the most widely used security technology in the world with a user base of 5 billion and a quickly growing number of critical applications. 26C3's rainbow table attack on GSM's A5/1 encryption convinced many users that GSM calls should be considered unprotected. The network operators, however, have not woken up to the threat yet. Perhaps the new capabilities to be unleashed this year – like wide-band sniffing and real-time signal processing – will wake them up. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4208.en.html - Saal 1 - Karsten Nohl - Sylvain Munaut - - - PUBLISH - 4338@27C3@pentabarf.org - 4338 - wikileaks_und_mehr - Wikileaks und mehr - Eine Whistleblowerperspektive auf Leaking-Plattformen - German - de - 20101228T113000 - 20101228T123000 - 01H00M00S - Wikileaks und mehr- Eine Whistleblowerperspektive auf Leaking-Plattformen - Als kurzfristiger Ersatz für eine ausgefallenen Vortrag wurde die Entwicklung von Wikileaks kurz nachgezeichnet, bis hin zu den derzeit entstehenden weiteren Leaking-Plattformen. Im Mittelpunkt stand die Frage welchen Nutzen Wikileaks & Co. für Whistleblower bieten, welche Voraussetzungen für ihre anonyme Nutzung bestehen und wie die Entwicklung weitergehen wird. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4338.en.html - Saal 3 - Guido Strack - - - PUBLISH - 4187@27C3@pentabarf.org - 4187 - your_infrastructure_will_kill_you - Your Infrastructure Will Kill You - - English - en - 20101229T183000 - 20101229T193000 - 01H00M00S - Your Infrastructure Will Kill You - The past century our infrastructure has seen both massive expansion and heavy centralization. When it fails, it fails big -- this is the reality of our modern interconnectedness. We live in a world of crumbling bridges and bankrupt states, and our infrastructure will kill us. The people we’re relying on to keep us safe are trying to accomplish long-term risk management with short-term thinking. So, what now? We can't opt out, but we can become more resilient, and we can start thinking about risk differently. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4187.en.html - Saal 3 - Eleanor Saitta - - - PUBLISH - 4209@27C3@pentabarf.org - 4209 - zero_sized_heap_allocations_vulnerability_analysis - Zero-sized heap allocations vulnerability analysis - Applications of theorem proving for securing the windows kernel - English - en - 20101229T214500 - 20101229T224500 - 01H00M00S - Zero-sized heap allocations vulnerability analysis- Applications of theorem proving for securing the windows kernel - The dynamic memory allocator is a fundamental component of modern operating systems, and one of the most important sources of security vulnerabilities. In this presentation, we emphasize on a particular weakness of the heap management that has proven to be the root cause of many escalation of privilege bugs in the windows kernel and other critical remote vulnerabilities in user-land applications. - PUBLIC - CONFIRMED - Lecture - http://events.ccc.de/congress/2010/Fahrplan/events/4209.en.html - Saal 3 - Julien Vanegue - - - diff --git a/import/camp2011.en.xcs b/import/camp2011.en.xcs deleted file mode 100644 index 09499086..00000000 --- a/import/camp2011.en.xcs +++ /dev/null @@ -1,1257 +0,0 @@ - - - - 2.0 - -//Pentabarf//Schedule #<Conference_release::Row:0x309a0916eee0>//EN - Camp 2011 Schedule Release #<Conference_release::Row:0x309a0916eee0> - Camp 2011 Schedule - - PUBLISH - 4462@Camp 2011@pentabarf.org - 4462 - accessblocking - Accessblocking/Internetsperren - #Censilia and beyond - English - en - 20110811T210000 - 20110811T220000 - 01H00M00S - Accessblocking/Internetsperren- #Censilia and beyond - Die Debatte in Deutschland 2009 war nur der Auftakt für die EUweite Einführung vom Netzsperren. Durch das Inkrafttreten des Lissabon-Vertrages verzögert, wird seit dem Kommissionsentwurf im März 2010 die Einführung von Internetsperren in der EU diskutiert. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4462.en.html - Kourou - Christian Bahls MOGiS e.V. - Jérémie Zimmermann - - - PUBLISH - 4451@Camp 2011@pentabarf.org - 4451 - a_modern_manifest_of_cyberspace - A modern manifest of cyberspace - The internet is dead, long live the internet - English - en - 20110812T163000 - 20110812T173000 - 01H00M00S - A modern manifest of cyberspace- The internet is dead, long live the internet - The internet is increasingly falling under the control and restrictions of governments and multinational corporations. Internet connections are filtered and censored, not only in China but blatantly so in 'western' countries such as Australia and Canada. The content industry is clamping down on infringement on intellectual property and calls for ever more far-fetching and over-reaching laws to be put into effect. Meanwhile, telco's are making deals with content providers to decide how gets premium access and who gets degraded access to their networks. - - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4451.en.html - Kourou - gmc - - - PUBLISH - 4496@Camp 2011@pentabarf.org - 4496 - - Applied Research on security of TETRA radio - digital radio technology beyond GSM - English - en - 20110812T210000 - 20110812T220000 - 01H00M00S - Applied Research on security of TETRA radio- digital radio technology beyond GSM - The digital professional mobile radio system TETRA is used by a wide range of users in almost all continents of the world. - -The OsmocomTETRA project has created a software radio receiver for the TETRA air interface, similar to what airprobe has done for GSM. Using this receiver plus associated protocol analysis tools, we are able to investigate and research the security level of real-world TETRA networks. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4496.en.html - Baikonur - Harald Welte - - - PUBLISH - 4497@Camp 2011@pentabarf.org - 4497 - a_short_history_of_ipv4 - A short history of IPv4 - - English - en - 20110813T180000 - 20110813T190000 - 01H00M00S - A short history of IPv4 - A few short weeks ago, APNIC's supply of IPv4 address space reached depletion. ARIN and the RIPE NCC will follow soon, most likely somewhere this year. In this talk I will discuss the history of the internet as seen from the point of view of the RIRs. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4497.en.html - Baikonur - Djinh - - - PUBLISH - 4467@Camp 2011@pentabarf.org - 4467 - avionics - Avionics - Design and implementation of flight electronics - English - en - 20110813T150000 - 20110813T160000 - 01H00M00S - Avionics- Design and implementation of flight electronics - Flying hardware must peform its intended function under harsh environmental conditions while fulfilling strict requirements due to boundary conditions like weight, size, and power consumption. The design must exhibit redundancy and resilience against adversary conditions and special care has to be given to thermal management and energy sources. We will discuss design rules to cope with specific problems and present a prototype system based on the multicore chip P8X32A. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4467.en.html - Kourou - - - PUBLISH - 4426@Camp 2011@pentabarf.org - 4426 - - Certified programming with dependent types - Because the future of defense is liberal application of math - English - en - 20110812T223000 - 20110812T233000 - 01H00M00S - Certified programming with dependent types- Because the future of defense is liberal application of math - Dependent types expand the concept of types in programming languages by arbitrary predicates depending on the value of the type. This lecture will introduce the concept and show how it can be used to develop formally verified code. - - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4426.en.html - Baikonur - Andreas Bogk - - - PUBLISH - 4554@Camp 2011@pentabarf.org - 4554 - closing - Closing Event - Good Bye and have a safe trip home! - English - en - 20110814T180000 - 20110814T183000 - 00H30M00S - Closing Event- Good Bye and have a safe trip home! - - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4554.en.html - Kourou - - - PUBLISH - 4395@Camp 2011@pentabarf.org - 4395 - counselling_mischief_as_thought_crime - Counselling Mischief as Thought Crime - Social Networks, Free Speech and the Criminalization of Dissent in Canada - English - en - 20110812T193000 - 20110812T203000 - 01H00M00S - Counselling Mischief as Thought Crime- Social Networks, Free Speech and the Criminalization of Dissent in Canada - This presentation will show how the RCMP, CSIS, CSEC and other groups worked to "secure" the 2010 Olympics, G8 and G20 by criminalising dissent, and the use of "Open Source Surveillance" to attempt to crack down on all opposition to these mega-events. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4395.en.html - Kourou - Joe - - - PUBLISH - 4445@Camp 2011@pentabarf.org - 4445 - data_mining_your_city - Data Mining Your City - Early lessons in open city data from Philadelphia, PA, USA - English - en - 20110814T150000 - 20110814T160000 - 01H00M00S - Data Mining Your City- Early lessons in open city data from Philadelphia, PA, USA - Philadelphia (USA) recently launched an initiative to open up tons of city records and municipal data. This talk will review some of the things people are using it for, and show how open city data is useful to many kinds of people. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4445.en.html - Baikonur - Steph Alarcon - - - PUBLISH - 4389@Camp 2011@pentabarf.org - 4389 - decentralized_clustering - Decentralized clustering - Making the net - even if your local dicators hate it! - English - en - 20110812T133000 - 20110812T143000 - 01H00M00S - Decentralized clustering- Making the net - even if your local dicators hate it! - In January 2011 the fear of all internauts became bitter truth. A whole country was kill-switched by the government. The flow of data was interrupted, communication laid waste. Not only the Internets was taken down, other means of communication were interrupted too. Cell Phone providers took down their services. So, there was no Internets in Egypt. Internauts had no chance to communicate what is happening, mothers and fathers could not send emails to theire relatives. No data was flowing. As the phone lines were working, this was the solutions: Modems. - - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4389.en.html - Baikonur - Herr Urbach - - - PUBLISH - 4478@Camp 2011@pentabarf.org - 4478 - - Die psychologischen Grundlagen des Social Engineerings - - German - de - 20110811T150000 - 20110811T163000 - 01H30M00S - Die psychologischen Grundlagen des Social Engineerings - Dieser Vortrag zeigt, wie Social-Engineering funktioniert und erklärt die zugrundeliegenden Tricks und Kniffe anhand sozialpsychologischer Studien und Experimente. Außerdem werden Beispiele, Warnsignale und Gegenmaßnahmen vorgestellt. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4478.en.html - Baikonur - Stefan Schumacher - - - PUBLISH - 4449@Camp 2011@pentabarf.org - 4449 - - "Digitale Gesellschaft e.V." - Ein neuer Ansatz, um digitale Bürgerrechte zu erhalten - German - de - 20110811T133000 - 20110811T143000 - 01H00M00S - "Digitale Gesellschaft e.V." - Ein neuer Ansatz, um digitale Bürgerrechte zu erhalten - Im April 2011 wurde mit "Digitale Gesellschaft" ein neuer Verein zum Erhalt und Ausbau von digitalen Bürgerrechten präsentiert. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4449.en.html - Baikonur - Markus Beckedahl - - - PUBLISH - 4438@Camp 2011@pentabarf.org - 4438 - - Dudle: Mehrseitig sichere Web 2.0-Umfragen - - German - de - 20110814T120000 - 20110814T130000 - 01H00M00S - Dudle: Mehrseitig sichere Web 2.0-Umfragen - In diesem Vortrag wird eine Web-2.0 Applikation vorgestellt mit der Umfragen durchgeführt werden können. Im Gegensatz zu anderen Anwendungen muss bei dieser dem Serveradministrator nicht vertraut werden. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4438.en.html - Baikonur - Benjamin Kellermann - - - PUBLISH - 4406@Camp 2011@pentabarf.org - 4406 - giving_great_workshops - Giving Great Workshops - You can create your own successful workshop - English - en - 20110811T120000 - 20110811T130000 - 01H00M00S - Giving Great Workshops- You can create your own successful workshop - Mitch Altman has taught well over 10,000 people to solder and make cool things at workshops around the world. Drawing from his experiences, this lecture will show you how to create and give your own successful workshops about what you know. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4406.en.html - Kourou - Mitch - - - PUBLISH - 4504@Camp 2011@pentabarf.org - 4504 - - GPRS Intercept - Wardriving phone networks - English - en - 20110812T163000 - 20110812T173000 - 01H00M00S - GPRS Intercept- Wardriving phone networks - GPRS data networks provide the backbone for our mobile society. Just like their siblings, GSM networks, the GPRS infrastructure is often lacking an appropriate level of protection. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4504.en.html - Baikonur - Karsten Nohl - - - PUBLISH - 4561@Camp 2011@pentabarf.org - 4561 - hacker_jeopardy - Hacker Jeopardy - Number guessing for geeks - English - en - 20110814T000000 - 20110814T020000 - 02H00M00S - Hacker Jeopardy- Number guessing for geeks - The Hacker Jeopardy is a quiz show. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4561.en.html - Kourou - Ray - Stefan 'Sec' Zehl - - - PUBLISH - 4551@Camp 2011@pentabarf.org - 4551 - hackers_in_space - Hackers in Space - A Modest Proposal for the Next 23 Years - English - en - 20110810T123000 - 20110810T130000 - 00H30M00S - Hackers in Space- A Modest Proposal for the Next 23 Years - Four years ago, the global Hackerspace movement was kicked off at the 2007 CCCamp, having led to a worldwide, decentralised, collaborative network of hackerspaces on every continent. Fueled by the DIY and hacker spirit, we have come a long way. Now that we have the infrastructure in place, what do we do with it? In times when nation states abandon their space programs, we see the exploration of outer space as our goal for the coming decades. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4551.en.html - Kourou - - - PUBLISH - 4472@Camp 2011@pentabarf.org - 4472 - - Hacking DNA - Compiling code for living systems - English - en - 20110811T193000 - 20110811T203000 - 01H00M00S - Hacking DNA- Compiling code for living systems - Genetic modification is getting cheaper and biohackers are making it more accessible. This talk outlines the state of DIYbio and institutional synthetic biology; current challenges in biological programming and why you should be hacking biology. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4472.en.html - Baikonur - Marc Juul - - - PUBLISH - 4447@Camp 2011@pentabarf.org - 4447 - hybrid_rocket_engines - Hybrid rocket engines - Design and implementation of rocket engines with two-phase propellants - English - en - 20110812T133000 - 20110812T143000 - 01H00M00S - Hybrid rocket engines- Design and implementation of rocket engines with two-phase propellants - - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4447.en.html - Kourou - - - PUBLISH - 4503@Camp 2011@pentabarf.org - 4503 - - Ich und 23 - Fingerabdrücke der DNA - German - de - 20110811T180000 - 20110811T190000 - 01H00M00S - Ich und 23- Fingerabdrücke der DNA - Der Vortrag wird zunächst die Grundlagen des DNA-Fingerprinting auf unseren 23 Chromosomenpaaren zusammenfassen. Dabei wird besprochen, wie ein genetischer Fingerabdruck praktisch für die Verwendung in der Forensik entsteht und in welcher Form die Speicherung in einer Datenbank vorgenommen wird. Darauf aufbauend werden Stärken und Risiken der Technologie erörtert. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4503.en.html - Baikonur - Mirko Swillus - - - PUBLISH - 4423@Camp 2011@pentabarf.org - 4423 - - Ihr kotzt mich alle an. - Wir haben Probleme. Und ihr merkt es nicht mal. - German - de - 20110811T000000 - 20110811T010000 - 01H00M00S - Ihr kotzt mich alle an.- Wir haben Probleme. Und ihr merkt es nicht mal. - Manchmal find ich ja ganz toll was so geht, aber meistens kotzt ihr mich alle ziemlich an. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4423.en.html - Kourou - Moritz Bartl - - - PUBLISH - 4450@Camp 2011@pentabarf.org - 4450 - - Imagine the Future of Money - Economic transformations, hacker culture and why we should be so lucky - English - en - 20110811T223000 - 20110811T233000 - 01H00M00S - Imagine the Future of Money- Economic transformations, hacker culture and why we should be so lucky - What comes after capitalism? We will give an overview on the development of complementary and alternative monetary systems: Which ones are there to stay, how they influence social development, how they can be improved and why hackers should really care. - - - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4450.en.html - Baikonur - Jaromil - radium - - - PUBLISH - 4458@Camp 2011@pentabarf.org - 4458 - inertial_navigation - Inertial navigation - Rigid body dynamics and its application to dead reckoning - English - en - 20110811T150000 - 20110811T160000 - 01H00M00S - Inertial navigation- Rigid body dynamics and its application to dead reckoning - The motion of objects through space can be observed in everyday life and the analysis of their dynamics leads to a fundamental notion of theoretical mechanics, the rigid body. Inertial navigation is based on continuous measurement of acceleration and angular velocities and the inversion of the rigid body's equations of motion. Additionally, the modeling of noise and error propagation is essential to correctly estimate position and attitude. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4458.en.html - Kourou - - - PUBLISH - 4495@Camp 2011@pentabarf.org - 4495 - introduction_to_multicast_security - Introduction to Multicast Security - Beyond SSL/TLS - English - en - 20110814T120000 - 20110814T130000 - 01H00M00S - Introduction to Multicast Security- Beyond SSL/TLS - For scaling real time applications multicast transport is the enabling technology. This event will present solutions for multicast security, that can be used for group conferencing and scaling data distribution services as transport layer security. Keywords: SRTP, AES-CM, Keystream, Multimedia Internet KEYing - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4495.en.html - Kourou - frehberg - - - PUBLISH - 4442@Camp 2011@pentabarf.org - 4442 - satellite_communications - Introduction to Satellite Communications - Installation and Operation of Satellite Systems; illustrated with Postage Stamps - English - en - 20110810T150000 - 20110810T160000 - 01H00M00S - Introduction to Satellite Communications- Installation and Operation of Satellite Systems; illustrated with Postage Stamps - We've come a long way since Sputnik; in this talk I'll cover how, why and in which orbit different satellites operate, how they get there and what must be considered when establishing connections or determining positions on earth. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4442.en.html - Kourou - Irmi Meister - - - PUBLISH - 4490@Camp 2011@pentabarf.org - 4490 - - iOS application security - a look at the security of 3rd party iOS applications - English - en - 20110811T210000 - 20110811T220000 - 01H00M00S - iOS application security- a look at the security of 3rd party iOS applications - <todo> - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4490.en.html - Baikonur - Ilja van Sprundel - - - PUBLISH - 4502@Camp 2011@pentabarf.org - 4502 - is_this_the_mobile_gadget_world_we_created - Is this the Mobile Gadget World We Created? - The story of the world's first socially responsible mobile phone. - English - en - 20110810T163000 - 20110810T173000 - 01H00M00S - Is this the Mobile Gadget World We Created?- The story of the world's first socially responsible mobile phone. - The most ubiquitous device on the planet is arguably the mobile phone. Tragically, it is also a device built under some of the worst living and working conditions in the world. This is the story of a mission - To build the world's first ethical phone. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4502.en.html - Baikonur - Bicyclemark - - - PUBLISH - 4412@Camp 2011@pentabarf.org - 4412 - latest_developments_around_the_milkymist_system_on_chip - Latest developments around the Milkymist System-on-Chip - A roundup of one the most advanced open hardware projects - English - en - 20110811T193000 - 20110811T203000 - 01H00M00S - Latest developments around the Milkymist System-on-Chip- A roundup of one the most advanced open hardware projects - Milkymist develops a comprehensive solution for the live synthesis of interactive visual effects. It features one of the first open source system-on-chip designs. This talk gives a roundup of what has happened during the last 1.5 year in this project. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4412.en.html - Kourou - Sébastien Bourdeauducq - - - PUBLISH - 4550@Camp 2011@pentabarf.org - 4550 - learning_secrets_by_watching_people - Learning Secrets by Watching People - Gesture, Expression, and Behavior Analysis for Hackers - English - en - 20110813T133000 - 20110813T143000 - 01H00M00S - Learning Secrets by Watching People- Gesture, Expression, and Behavior Analysis for Hackers - If someone has a secret in their head, that secret may be visible in how they move, the expressions they make, and the actions they take -- even the person is trying to conceal the secret. This talk will cover ways to read those outward signs. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4550.en.html - Baikonur - spoolpin - - - PUBLISH - 4429@Camp 2011@pentabarf.org - 4429 - life_foods - Life foods - Benefits of use of microbial fermentations in food and beverage preparations. - English - en - 20110811T163000 - 20110811T173000 - 01H00M00S - Life foods- Benefits of use of microbial fermentations in food and beverage preparations. - The regular consumption of life foods was very important for healthy life style thousands years ago and the same applies for today. The use of today's scientific knowledge in combination with current technology will allow us to optimise these techniques. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4429.en.html - Kourou - - - PUBLISH - 4439@Camp 2011@pentabarf.org - 4439 - - Machine-to-machine (M2M) security - When physical security depends on IT security - English - en - 20110813T163000 - 20110813T173000 - 01H00M00S - Machine-to-machine (M2M) security- When physical security depends on IT security - Today, more and more real-world things and machines are equipped with some kind of connection back home to the vendor. Such machine-to-machine (M2M) communication is often poorly secured and some day, the shit will hit the fan! - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4439.en.html - Baikonur - hunz - - - PUBLISH - 4553@Camp 2011@pentabarf.org - 4553 - opening - Opening Event - Welcome to the Chaos Communication Camp 2011 - English - en - 20110810T120000 - 20110810T123000 - 00H30M00S - Opening Event- Welcome to the Chaos Communication Camp 2011 - - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4553.en.html - Kourou - - - PUBLISH - 4552@Camp 2011@pentabarf.org - 4552 - - OpenLeaks - where leaking meets engineering - English - en - 20110810T133000 - 20110810T143000 - 01H00M00S - OpenLeaks- where leaking meets engineering - This talk will introduce the next phase of the OpenLeaks project. We will present a more detailed insight into the project and take you on a tour around the different OL subprojects. We will also announce the activities we are planning for this years camp. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4552.en.html - Baikonur - OpenLeaks - - - PUBLISH - 4446@Camp 2011@pentabarf.org - 4446 - open_source_4g_radio - Open-source 4G radio - It's time to start WiMAX and LTE hacking - English - en - 20110812T150000 - 20110812T160000 - 01H00M00S - Open-source 4G radio- It's time to start WiMAX and LTE hacking - We will walk through a PHY level of mobile WiMAX and outline common and different parts with LTE. Surprisingly, the WiMAX PHY level is not as hard as you may think. We will also present our effort to create an open-source implementation of 4G radio modem. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4446.en.html - Baikonur - Alexander Chemeris - - - PUBLISH - 4476@Camp 2011@pentabarf.org - 4476 - photovoltaics - Open source photovoltaics - power for off-grid devices - English - en - 20110813T163000 - 20110813T170000 - 00H30M00S - Open source photovoltaics- power for off-grid devices - Opensource-solar.org is working on open hardware power supplies for off-grid applications. The systems consist of self-build solar panels, charge controllers with microcontroller, and LiFePo4 rechargeable batteries. Green energy for your gadgets ! - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4476.en.html - Kourou - Moritz von Buttlar - - - PUBLISH - 4424@Camp 2011@pentabarf.org - 4424 - poker_bots - Poker bots - Developing and running autonomous pokerbots at online casinos - English - en - 20110813T150000 - 20110813T160000 - 01H00M00S - Poker bots- Developing and running autonomous pokerbots at online casinos - For a few years I was part of a team that developed and ran autonomous poker playing robots on commercial Internet poker sites; playing poker with real money against real people in real time. The project failed... - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4424.en.html - Baikonur - Torbjörn Lofterud - - - PUBLISH - 4461@Camp 2011@pentabarf.org - 4461 - post_privacy_und_darueber_hinaus - Post-Privacy und darüber hinaus - Was, wenn wir alle nackt wären? - German - de - 20110813T120000 - 20110813T123000 - 00H30M00S - Post-Privacy und darüber hinaus- Was, wenn wir alle nackt wären? - Was passiert wenn wir die Idee der Sozialen Netze weiter spinnen und von einer Gesellschaft ausgehen, in der jeder alles über jeden weiß? -Mögliche Szenarien sollen hier an Situationen und Gesellschaftlichen Strukturen erläutert werden. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4461.en.html - Kourou - Daniel - - - PUBLISH - 4491@Camp 2011@pentabarf.org - 4491 - - Rethinking online news - Journalism needs hackers to survive - English - en - 20110813T223000 - 20110813T233000 - 01H00M00S - Rethinking online news- Journalism needs hackers to survive - Journalism needs hackers to survive. -We present our project to revolutionize online news and encourage you to start your own. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4491.en.html - Baikonur - Christopher Clay / c3o - fin - - - PUBLISH - 4500@Camp 2011@pentabarf.org - 4500 - - Reviving smart card analysis - - English - en - 20110813T210000 - 20110813T220000 - 01H00M00S - Reviving smart card analysis - Smart cards chips -- originally invented as a protection for cryptographic keys -- are increasingly used to keep protocols secret. This talk challenges the chips' security measures to unlock the protocols for public analysis. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4500.en.html - Baikonur - Karsten Nohl - - - PUBLISH - 4436@Camp 2011@pentabarf.org - 4436 - rocket_propulsion - Rocket propulsion basics - An introduction to rocket engines and their application for space travel - English - en - 20110810T133000 - 20110810T150000 - 01H30M00S - Rocket propulsion basics- An introduction to rocket engines and their application for space travel - We will discuss the basic principles of thermochemical engines and their application for rocket propulsion. The three main types of chemical rocket engines, i.e. solid, liquid, and hybrid, will be presented and compared. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4436.en.html - Kourou - - - PUBLISH - 4399@Camp 2011@pentabarf.org - 4399 - runtine_reconfigurable_processors - Runtime Reconfigurable Processors - - English - en - 20110812T120000 - 20110812T130000 - 01H00M00S - Runtime Reconfigurable Processors - The talk will give the audience an introduction to the world of runtime reconfigurable processors. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4399.en.html - Baikonur - Dominik Meyer - - - PUBLISH - 4440@Camp 2011@pentabarf.org - 4440 - solid_rocket_engines - Solid rocket engines - Design and implementation of engines with solid propellant - English - en - 20110811T133000 - 20110811T143000 - 01H00M00S - Solid rocket engines- Design and implementation of engines with solid propellant - We will present the design and construction of a solid rocket motor and discuss results from recent test campaigns. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4440.en.html - Kourou - - - PUBLISH - 4411@Camp 2011@pentabarf.org - 4411 - space_debris - Space Debris - Simulation of orbital debris and its impacts on space travel - English - en - 20110814T150000 - 20110814T160000 - 01H00M00S - Space Debris- Simulation of orbital debris and its impacts on space travel - This talk is about different sources of space debris and how they are a problem for current and future space travel. I'll introduce some of the computational models that are used to simulate space debris objects and some ideas to prevent them. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4411.en.html - Kourou - Marek Möckel - - - PUBLISH - 4493@Camp 2011@pentabarf.org - 4493 - - Space Federation - Linking and Launching Earth-Based Hacker Spaces - English - en - 20110810T180000 - 20110810T190000 - 01H00M00S - Space Federation- Linking and Launching Earth-Based Hacker Spaces - Our mission is to provide financial and organizational support to open communities in shared physical spaces who use innovative methods and technology in hands-on education. We'll speak to the global community about the progress in America. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4493.en.html - Kourou - willowbl00 - - - PUBLISH - 4549@Camp 2011@pentabarf.org - 4549 - sport_fuer_nerds - Sport für Nerds - - German - de - 20110812T120000 - 20110812T130000 - 01H00M00S - Sport für Nerds - Viele von uns sitzen länger vorm Rechner als es ihnen gut tut, irgendwann geht dann die Suche nach einer geeigneten Sportart los … - - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4549.en.html - Kourou - Shorty - - - PUBLISH - 4492@Camp 2011@pentabarf.org - 4492 - stalker - Stalker - Die strahlende Reise der Gebrüder Strugazki - Ein audiovisuelles Live-Hörspiel - German - de - 20110813T000000 - 20110813T010000 - 01H00M00S - Stalker - Die strahlende Reise der Gebrüder Strugazki- Ein audiovisuelles Live-Hörspiel - Die atomar verstrahlten Ruinen eines ehemaligen Kernkraftwerkes sind Symbole für das bevorstehende Ende der Zivilisation, aber gleichzeitig die Wunschmaschine, die alle Sehnsüchte stillen kann. Dieser Ort ist nicht Fukushima und auch nicht Tschernobyl, sondern der Zielort der Protagonisten im Roman „Picknick am Wegesrand“ der russischen Autorenbrüder Arkadi und Boris Strugazki. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4492.en.html - Kourou - Agata Królikowski - Ina Kwasniewski - Jens-Martin Loebel - Kai Kittler - Marcus Mews - Marcus Richter - - - PUBLISH - 4505@Camp 2011@pentabarf.org - 4505 - - Strahlung im Weltall - Hell yeah, it's radiation science! - German - de - 20110812T150000 - 20110812T160000 - 01H00M00S - Strahlung im Weltall- Hell yeah, it's radiation science! - Wer eine Mission zum Mond plant, muss sich über das, was die Umgebung dort bereithält, Gedanken machen. Neben Temperaturen von -180 bis +120° C ist Strahlung eine der größten Herausforderungen bei einer derartigen Mission. So genannte Single Event Upsets (SEU) können in einer Speicherzelle Datenbits flippen. Mit diesen umgekippten Bits muss man dann zurechtkommen. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4505.en.html - Kourou - - - PUBLISH - 4421@Camp 2011@pentabarf.org - 4421 - strong_encryption_of_credit_card_information - Strong encryption of credit card information - Attacks on common failures when encrypting credit card information - English - en - 20110810T150000 - 20110810T160000 - 01H00M00S - Strong encryption of credit card information- Attacks on common failures when encrypting credit card information - The PCI DSS standard require strong cryptography or secure hashing as ways to protect cardholder information. But one important factor is missing; detailed instructions for how to correctly apply cryptography to credit card numbers. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4421.en.html - Baikonur - Torbjörn Lofterud - - - PUBLISH - 4453@Camp 2011@pentabarf.org - 4453 - - Stuff you don't see - every day - GNU Radio Internals - how to use the Framework - English - en - 20110810T180000 - 20110810T190000 - 01H00M00S - Stuff you don't see - every day- GNU Radio Internals - how to use the Framework - Software Defined Radio defines a new approach to analyze signals with software. With the flexibility of software SDR literally opened a new spectrum of hacking. - - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4453.en.html - Baikonur - Marius Ciepluch - - - PUBLISH - 4466@Camp 2011@pentabarf.org - 4466 - rocket_telemetry - Telemetry - Real-time communication during rocket flight - English - en - 20110813T133000 - 20110813T143000 - 01H00M00S - Telemetry - Real-time communication during rocket flight - Retrieval of information is essential for every experiment, especially involving rockets. The use of electromagnetic waves is the natural choice for communication with a rocket and sometimes the only means to retrieve flight hardware afterwards. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4466.en.html - Kourou - - - PUBLISH - 4402@Camp 2011@pentabarf.org - 4402 - tempo_phythm_echo - Tempo/Rhythm/Echo extraction from Music - - English - en - 20110811T223000 - 20110811T233000 - 01H00M00S - Tempo/Rhythm/Echo extraction from Music - This talk explains how the tempo of music can accurately be measured and how it can be used afterwards to extract rhythmical information and composition properties. These can further be used to find similar songs, generate synthetic rhythms and mix music. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4402.en.html - Kourou - Werner Van Belle - - - PUBLISH - 4455@Camp 2011@pentabarf.org - 4455 - arguna - The "Arguna" rocket family - An overview of our recent sounding rocket campaigns - English - en - 20110814T133000 - 20110814T143000 - 01H00M00S - The "Arguna" rocket family- An overview of our recent sounding rocket campaigns - The "Arguna" rocket family consist of four one-stage sounding rockets that can reach altitudes up to 10km. We will present the designs of these rockets and discuss the performed flights and results from avionics experiments. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4455.en.html - Kourou - - - PUBLISH - 4427@Camp 2011@pentabarf.org - 4427 - - The blackbox in your phone - Some details about SIM cards - English - en - 20110810T210000 - 20110810T220000 - 01H00M00S - The blackbox in your phone- Some details about SIM cards - This talk sheds some light on a cellphone-component, that's inevitable, virtually unclonable and as closed as it gets: the SIM. The SIM can do a lot more than just user-authentication nowadays: the SIM Application Toolkit gives it control over your phone - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4427.en.html - Baikonur - hunz - - - PUBLISH - 4428@Camp 2011@pentabarf.org - 4428 - - The Joy of Intellectual Vampirism - Mindfucking with Shared Information - English - en - 20110813T193000 - 20110813T203000 - 01H00M00S - The Joy of Intellectual Vampirism- Mindfucking with Shared Information - What makes us gravitate towards other people? In Intellectual Vampires it is the craving for fresh ideas, and in Intellectual Fangbangers it is the joy of sharing them. A talk on the fine art of communication, channels, contexts, and language. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4428.en.html - Kourou - Christiane Ruetten - - - PUBLISH - 4443@Camp 2011@pentabarf.org - 4443 - theres_gold_in_them_circuit_boards - There's Gold in Them Circuit Boards - Why E-Waste Recycling Is Smart and How To Make It Smarter - English - en - 20110813T180000 - 20110813T190000 - 01H00M00S - There's Gold in Them Circuit Boards- Why E-Waste Recycling Is Smart and How To Make It Smarter - Everything we do as technologists depends on the critical minerals from which our devices are made. Recycling junk electronics is no longer just the right thing to do, it's the smart thing to do. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4443.en.html - Kourou - Steph Alarcon - - - PUBLISH - 4459@Camp 2011@pentabarf.org - 4459 - - Transition Telecom - Telecommunications and networking during energy descent - English - en - 20110810T193000 - 20110810T203000 - 01H00M00S - Transition Telecom- Telecommunications and networking during energy descent - We'll need to come to grips with the challenges that declining oil production and increasing temperatures present. This talk explores positive future scenarios for the world of networking and communications past the great global energy free-for-all. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4459.en.html - Baikonur - Frank Rieger - Rop Gonggrijp - - - PUBLISH - 4471@Camp 2011@pentabarf.org - 4471 - who_is_snitching_my_milk - Who's snitching my milk? - Nonlinear dynamics/analysis of vanishing bovine products in an office environment. - English - en - 20110812T000000 - 20110812T003000 - 00H30M00S - Who's snitching my milk?- Nonlinear dynamics/analysis of vanishing bovine products in an office environment. - Nowadays many office environments offer small tea kitchens for their employees. From subjective experiences there seems to be a milk drain in these environments. However, fundamentel research is still missing. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4471.en.html - Kourou - André Franz - - - PUBLISH - 4506@Camp 2011@pentabarf.org - 4506 - mondmission - Wie finanziere ich eine Mondmission? (Funtalk) - Von Würstchen verkaufen bis Ballonflüge - ein Erfahrungsbericht. - German - de - 20110814T163000 - 20110814T173000 - 01H00M00S - Wie finanziere ich eine Mondmission? (Funtalk)- Von Würstchen verkaufen bis Ballonflüge - ein Erfahrungsbericht. - - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4506.en.html - Kourou - - - PUBLISH - 4435@Camp 2011@pentabarf.org - 4435 - - Windkraftanlagen - Aufbau, Betrieb, Probleme - German - de - 20110812T180000 - 20110812T190000 - 01H00M00S - Windkraftanlagen- Aufbau, Betrieb, Probleme - Windenergie ist momentan noch interessanter geworden, aber kaum jemand weiß über die eingesetzte Technik Bescheid. -Daher soll sowohl der Aufbau als auch der Betrieb erklärt werden. Zusätzlich wird auf potentielle Probleme eingegangen. - PUBLIC - CONFIRMED - Lecture - https://events.ccc.de/camp/2011/Fahrplan/events/4435.en.html - Kourou - luky - - - diff --git a/import/har2009_sample.xcs b/import/har2009_sample.xcs deleted file mode 100644 index c192c046..00000000 --- a/import/har2009_sample.xcs +++ /dev/null @@ -1,5451 +0,0 @@ - - - - 2.0 - -//Pentabarf//Schedule #<Conference_release::Row:0x364a6f5f8e90>//EN - HAR2009 Schedule Release #<Conference_release::Row:0x364a6f5f67f8> - HAR2009 Schedule - - PUBLISH - 45@HAR2009@pentabarf.org - 45 - advanced_mysql_exploitation - Advanced MySQL Exploitation - - English - en - 20090813T210000 - 20090813T220000 - 01H00M00S - Advanced MySQL Exploitation - This talk focuses on how MySQL SQL injection vulnerabilites can be used to gain remote code execution on the LAMP and WAMP environments. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/45.en.html - The Birthday Tent - Muhaimin Dzulfakar - - - PUBLISH - 45@HAR2009@pentabarf.org - 45 - advanced_mysql_exploitation - Advanced MySQL Exploitation - - englisch - en - 20090813T210000 - 20090813T220000 - 01H00M00S - Advanced MySQL Exploitation - This talk focuses on how MySQL SQL injection vulnerabilites can be used to gain remote code execution on the LAMP and WAMP environments. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/45.en.html - The Birthday Tent - Muhaimin Dzulfakar - - - PUBLISH - 104@HAR2009@pentabarf.org - 104 - surviving_the_corporate_world - A hackers guide to surviving in the corporate world - - englisch - en - 20090814T120000 - 20090814T130000 - 01H00M00S - A hackers guide to surviving in the corporate world - A hacker’s guide to surviving in the corporate world. - -Large organizations, be it enterprises or government, are also large users of information technology. For people interested in the application of information technology, especially those interested in the risks that information technology brings, understanding the way large organizations work can therefore be very relevant. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/104.en.html - Monty Hall - Peter van Eijk - - - PUBLISH - 104@HAR2009@pentabarf.org - 104 - surviving_the_corporate_world - A hackers guide to surviving in the corporate world - - English - en - 20090814T120000 - 20090814T130000 - 01H00M00S - A hackers guide to surviving in the corporate world - A hacker’s guide to surviving in the corporate world. - -Large organizations, be it enterprises or government, are also large users of information technology. For people interested in the application of information technology, especially those interested in the risks that information technology brings, understanding the way large organizations work can therefore be very relevant. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/104.en.html - Monty Hall - Peter van Eijk - - - PUBLISH - 186@HAR2009@pentabarf.org - 186 - airprobe - Airprobe - Monitoring GSM traffic with USRP - English - en - 20090815T160000 - 20090815T170000 - 01H00M00S - Airprobe- Monitoring GSM traffic with USRP - The GNU Radio project, and the associated Universal Software Radio Peripheral hardware, has for the first time put access to wideband radio reception and digital signal processing into the hands of the average hacker. The airprobe project focuses on a software stack that provides GSM mobile phone reception and decoding. This talk gives a gentle introdoction into GSM, the airprobe software and its practical usage. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/186.en.html - Monty Hall - Harald Welte - - - PUBLISH - 186@HAR2009@pentabarf.org - 186 - airprobe - Airprobe - Monitoring GSM traffic with USRP - englisch - en - 20090815T160000 - 20090815T170000 - 01H00M00S - Airprobe- Monitoring GSM traffic with USRP - The GNU Radio project, and the associated Universal Software Radio Peripheral hardware, has for the first time put access to wideband radio reception and digital signal processing into the hands of the average hacker. The airprobe project focuses on a software stack that provides GSM mobile phone reception and decoding. This talk gives a gentle introdoction into GSM, the airprobe software and its practical usage. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/186.en.html - Monty Hall - Harald Welte - - - PUBLISH - 41@HAR2009@pentabarf.org - 41 - attacking_backbone_tech - All Your Packets Are Belong to Us - Attacking Backbone Technologies - englisch - en - 20090814T130000 - 20090814T140000 - 01H00M00S - All Your Packets Are Belong to Us- Attacking Backbone Technologies - The year 2008 has seen some severe attacks on infrastructure protocols (SNMP, DNS, BGP). We will continue down that road and discuss potential and real vulnerabilities in backbone technologies used in today's carrier space (e.g. MPLS, Carrier Ethernet, QinQ and the like). The talk includes a number of demos (like cracking BGP MD5 keys, redirecting MPLS traffic on a site level and some Carrier Ethernet stuff) all of which will be performed with a new tool kit made available at the con. It's about making the theoretical practical, once more! - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/41.en.html - The Two Envelopes Tent - Daniel Mende - Simon Rich - - - PUBLISH - 41@HAR2009@pentabarf.org - 41 - attacking_backbone_tech - All Your Packets Are Belong to Us - Attacking Backbone Technologies - English - en - 20090814T130000 - 20090814T140000 - 01H00M00S - All Your Packets Are Belong to Us- Attacking Backbone Technologies - The year 2008 has seen some severe attacks on infrastructure protocols (SNMP, DNS, BGP). We will continue down that road and discuss potential and real vulnerabilities in backbone technologies used in today's carrier space (e.g. MPLS, Carrier Ethernet, QinQ and the like). The talk includes a number of demos (like cracking BGP MD5 keys, redirecting MPLS traffic on a site level and some Carrier Ethernet stuff) all of which will be performed with a new tool kit made available at the con. It's about making the theoretical practical, once more! - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/41.en.html - The Two Envelopes Tent - Daniel Mende - Simon Rich - - - PUBLISH - 15@HAR2009@pentabarf.org - 15 - analog_circuit_design - Analog circuit design - How to create analog electronic circuits - English - en - 20090814T130000 - 20090814T140000 - 01H00M00S - Analog circuit design- How to create analog electronic circuits - Digital electronics is ubiquitous in our lives. While it is easy to design digital systems, it seems harder to create circuits amplifying or transforming analog signals. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/15.en.html - The Birthday Tent - Rüdiger Ranft - - - PUBLISH - 15@HAR2009@pentabarf.org - 15 - analog_circuit_design - Analog circuit design - How to create analog electronic circuits - englisch - en - 20090814T130000 - 20090814T140000 - 01H00M00S - Analog circuit design- How to create analog electronic circuits - Digital electronics is ubiquitous in our lives. While it is easy to design digital systems, it seems harder to create circuits amplifying or transforming analog signals. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/15.en.html - The Birthday Tent - Rüdiger Ranft - - - PUBLISH - 122@HAR2009@pentabarf.org - 122 - - An empirical study of division of labour in free software development - the case of the FreeBSD project - englisch - en - 20090816T120000 - 20090816T130000 - 01H00M00S - An empirical study of division of labour in free software development- the case of the FreeBSD project - For an overview of the presentation, see the slides attached. (The slides reflect the state of our research two months ago; but as the research is still in progress, the slides we intend to present at HAR will be further updated). - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/122.en.html - The Two Envelopes Tent - George Dafermos - - - PUBLISH - 122@HAR2009@pentabarf.org - 122 - - An empirical study of division of labour in free software development - the case of the FreeBSD project - English - en - 20090816T120000 - 20090816T130000 - 01H00M00S - An empirical study of division of labour in free software development- the case of the FreeBSD project - For an overview of the presentation, see the slides attached. (The slides reflect the state of our research two months ago; but as the research is still in progress, the slides we intend to present at HAR will be further updated). - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/122.en.html - The Two Envelopes Tent - George Dafermos - - - PUBLISH - 82@HAR2009@pentabarf.org - 82 - anonymous_vs_scientology - Anonymous Vs. Scientology - a case study in 2.0 hacktivism & how it could help future projects - englisch - en - 20090814T190000 - 20090814T200000 - 01H00M00S - Anonymous Vs. Scientology- a case study in 2.0 hacktivism & how it could help future projects - About Social organising via Web 2.0 - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/82.en.html - Monty Hall - Henk de Vries - - - PUBLISH - 82@HAR2009@pentabarf.org - 82 - anonymous_vs_scientology - Anonymous Vs. Scientology - a case study in 2.0 hacktivism & how it could help future projects - English - en - 20090814T190000 - 20090814T200000 - 01H00M00S - Anonymous Vs. Scientology- a case study in 2.0 hacktivism & how it could help future projects - About Social organising via Web 2.0 - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/82.en.html - Monty Hall - Henk de Vries - - - PUBLISH - 49@HAR2009@pentabarf.org - 49 - anti_counterfeiting_agreement - Anti-Counterfeiting Trade Agreement - New legislation for a billion people, made behind closed doors - englisch - en - 20090815T150000 - 20090815T160000 - 01H00M00S - Anti-Counterfeiting Trade Agreement- New legislation for a billion people, made behind closed doors - "Stringent intellectual property rules could hamper the spread of technology needed to fight climate change." - Paul David, professor of economics at Stanford University, California - -"If Hollywood could order intellectual property laws for Christmas, what would they look like? This is pretty close." - David Fewer, staff counsel at the Canadian Internet Policy and Public Interest Clinic, University of Ottawa, after looking at leaked ACTA documents. - - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/49.en.html - The Two Envelopes Tent - Ante Wessels - - - PUBLISH - 49@HAR2009@pentabarf.org - 49 - anti_counterfeiting_agreement - Anti-Counterfeiting Trade Agreement - New legislation for a billion people, made behind closed doors - English - en - 20090815T150000 - 20090815T160000 - 01H00M00S - Anti-Counterfeiting Trade Agreement- New legislation for a billion people, made behind closed doors - "Stringent intellectual property rules could hamper the spread of technology needed to fight climate change." - Paul David, professor of economics at Stanford University, California - -"If Hollywood could order intellectual property laws for Christmas, what would they look like? This is pretty close." - David Fewer, staff counsel at the Canadian Internet Policy and Public Interest Clinic, University of Ottawa, after looking at leaked ACTA documents. - - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/49.en.html - The Two Envelopes Tent - Ante Wessels - - - PUBLISH - 211@HAR2009@pentabarf.org - 211 - - A workshop on the ethics of piracy - (debating the arguments in the earlier talk) - English - en - 20090816T120000 - 20090816T130000 - 01H00M00S - A workshop on the ethics of piracy- (debating the arguments in the earlier talk) - Lots of people had questions, comments and counterarguments to the "Complex Ethics of Piracy" talk. Someone suggested we should have a Workshop to debate them further. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/211.en.html - Bike-shed Red - Peter Eckersley - - - PUBLISH - 211@HAR2009@pentabarf.org - 211 - - A workshop on the ethics of piracy - (debating the arguments in the earlier talk) - englisch - en - 20090816T120000 - 20090816T130000 - 01H00M00S - A workshop on the ethics of piracy- (debating the arguments in the earlier talk) - Lots of people had questions, comments and counterarguments to the "Complex Ethics of Piracy" talk. Someone suggested we should have a Workshop to debate them further. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/211.en.html - Bike-shed Red - Peter Eckersley - - - PUBLISH - 130@HAR2009@pentabarf.org - 130 - beautifulism_delight - Beautifulism & [de]light - Next generation of BlinkenArea projects - English - en - 20090813T160000 - 20090813T170000 - 01H00M00S - Beautifulism & [de]light- Next generation of BlinkenArea projects - After celebrating the 5th anniversary of the founding of the BlinkenArea last year, it is now time to start for the future of researching and operating flashlights. The new meme of beautifulism & [de]light will lead us to the next generation of BlinkenArea projects. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/130.en.html - The Birthday Tent - Juliane Pilster - Stephan 'ST' Kambor - - - PUBLISH - 130@HAR2009@pentabarf.org - 130 - beautifulism_delight - Beautifulism & [de]light - Next generation of BlinkenArea projects - englisch - en - 20090813T160000 - 20090813T170000 - 01H00M00S - Beautifulism & [de]light- Next generation of BlinkenArea projects - After celebrating the 5th anniversary of the founding of the BlinkenArea last year, it is now time to start for the future of researching and operating flashlights. The new meme of beautifulism & [de]light will lead us to the next generation of BlinkenArea projects. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/130.en.html - The Birthday Tent - Juliane Pilster - Stephan 'ST' Kambor - - - PUBLISH - 181@HAR2009@pentabarf.org - 181 - overheid20 - Becoming government 2.0 - - English - en - 20090815T120000 - 20090815T130000 - 01H00M00S - Becoming government 2.0 - Internet and web 2.0 are bringing a fundamental change to how society works and how organisations work. This means government will have to change as well. These changes will not only affect the relationship between citizens and government, but also the internal structure of governmental organizations and the way civil servants work. Quite a challenge. How is this change coming about? And what can be done to accelerate the process? What can you do? Davied van Berlo, founder of the Civil Servant Network (www.ambtenaar20.nl), will share his views and experiences. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/181.en.html - The Two Envelopes Tent - Davied van Berlo - - - PUBLISH - 181@HAR2009@pentabarf.org - 181 - overheid20 - Becoming government 2.0 - - englisch - en - 20090815T120000 - 20090815T130000 - 01H00M00S - Becoming government 2.0 - Internet and web 2.0 are bringing a fundamental change to how society works and how organisations work. This means government will have to change as well. These changes will not only affect the relationship between citizens and government, but also the internal structure of governmental organizations and the way civil servants work. Quite a challenge. How is this change coming about? And what can be done to accelerate the process? What can you do? Davied van Berlo, founder of the Civil Servant Network (www.ambtenaar20.nl), will share his views and experiences. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/181.en.html - The Two Envelopes Tent - Davied van Berlo - - - PUBLISH - 200@HAR2009@pentabarf.org - 200 - yroworkshop2 - Bits of Freedom online freedom activism workshop - - - - 20090815T150000 - 20090815T160000 - 01H00M00S - Bits of Freedom online freedom activism workshop - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/200.en.html - Bike-shed Green - Ot van Daalen - - - PUBLISH - 200@HAR2009@pentabarf.org - 200 - yroworkshop2 - Bits of Freedom online freedom activism workshop - - - - 20090815T150000 - 20090815T160000 - 01H00M00S - Bits of Freedom online freedom activism workshop - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/200.en.html - Bike-shed Green - Ot van Daalen - - - PUBLISH - 199@HAR2009@pentabarf.org - 199 - yroworkshop1 - Bits of Freedom privacy activism workshop - - englisch - en - 20090815T140000 - 20090815T150000 - 01H00M00S - Bits of Freedom privacy activism workshop - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/199.en.html - Bike-shed Green - Ot van Daalen - - - PUBLISH - 199@HAR2009@pentabarf.org - 199 - yroworkshop1 - Bits of Freedom privacy activism workshop - - English - en - 20090815T140000 - 20090815T150000 - 01H00M00S - Bits of Freedom privacy activism workshop - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/199.en.html - Bike-shed Green - Ot van Daalen - - - PUBLISH - 131@HAR2009@pentabarf.org - 131 - blinkenmovie - BlinkenArea - Movie Contest - beautifulism & [de]light - englisch - en - 20090813T200000 - 20090813T230000 - 03H00M00S - BlinkenArea - Movie Contest- beautifulism & [de]light - The BlinkenArea would like to organise a movie contest for HARCade (BlinkenArea project TroiCade, which is showcased somewhere at HAR area). Everybody can create movies shown on the project during the event by using a special software, provided on BlinkenArea website. A jury will be assembled to choose the best movie and to award a prize at the end of HAR. For further information have a look on https://wiki.blinkenarea.org/index.php/HAR2009 from time to time! - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/131.en.html - HARcade (valkennest) - Juliane Pilster - Stephan 'ST' Kambor - - - PUBLISH - 131@HAR2009@pentabarf.org - 131 - blinkenmovie - BlinkenArea - Movie Contest - beautifulism & [de]light - English - en - 20090813T200000 - 20090813T230000 - 03H00M00S - BlinkenArea - Movie Contest- beautifulism & [de]light - The BlinkenArea would like to organise a movie contest for HARCade (BlinkenArea project TroiCade, which is showcased somewhere at HAR area). Everybody can create movies shown on the project during the event by using a special software, provided on BlinkenArea website. A jury will be assembled to choose the best movie and to award a prize at the end of HAR. For further information have a look on https://wiki.blinkenarea.org/index.php/HAR2009 from time to time! - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/131.en.html - HARcade (valkennest) - Juliane Pilster - Stephan 'ST' Kambor - - - PUBLISH - 10@HAR2009@pentabarf.org - 10 - blinkensisters - BlinkenSisters Jump'n'Run - Open Source Retro-Gaming - English - en - 20090814T120000 - 20090814T130000 - 01H00M00S - BlinkenSisters Jump'n'Run- Open Source Retro-Gaming - There was a time when 2D Jump'n'Run games where state-of-the-art and you'd spend the whole weekend trying to get past the last boss monster. That time has long since gone... - -...or has it? - -"BlinkenSisters - Hunt for the Lost Pixels" is an extensible open source Jump'n'Run game that brings back the 80's. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/10.en.html - The Birthday Tent - Rene "cavac" Schickbauer - - - PUBLISH - 10@HAR2009@pentabarf.org - 10 - blinkensisters - BlinkenSisters Jump'n'Run - Open Source Retro-Gaming - englisch - en - 20090814T120000 - 20090814T130000 - 01H00M00S - BlinkenSisters Jump'n'Run- Open Source Retro-Gaming - There was a time when 2D Jump'n'Run games where state-of-the-art and you'd spend the whole weekend trying to get past the last boss monster. That time has long since gone... - -...or has it? - -"BlinkenSisters - Hunt for the Lost Pixels" is an extensible open source Jump'n'Run game that brings back the 80's. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/10.en.html - The Birthday Tent - Rene "cavac" Schickbauer - - - PUBLISH - 135@HAR2009@pentabarf.org - 135 - breaking_hitag2 - Breaking Hitag2 - - English - en - 20090815T120000 - 20090815T130000 - 01H00M00S - Breaking Hitag2 - Hitag2 is a low-frequency RFID system operating on a 120kHz using a proprietary 48-bit stream cipher which is only slightly harder to attack than the much-publicized Mifare Crypto-1 cipher. Hitag2 (with or without encryption) is mostly used for building access control or car immobilizers. - -The low operating frequency and low data rate (2, 4 or 8 kbit/s) makes building sniffers, replayers and emulators especially easy. The maximum frequency of the data signal is in the audio range, so a normal sound card can be used as an A/D and D/A converter, using a very cheap diode detector radio for reception and simple load modulation circuit for transmission. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/135.en.html - Monty Hall - Henryk Plötz - Karsten Nohl - - - PUBLISH - 135@HAR2009@pentabarf.org - 135 - breaking_hitag2 - Breaking Hitag2 - - englisch - en - 20090815T120000 - 20090815T130000 - 01H00M00S - Breaking Hitag2 - Hitag2 is a low-frequency RFID system operating on a 120kHz using a proprietary 48-bit stream cipher which is only slightly harder to attack than the much-publicized Mifare Crypto-1 cipher. Hitag2 (with or without encryption) is mostly used for building access control or car immobilizers. - -The low operating frequency and low data rate (2, 4 or 8 kbit/s) makes building sniffers, replayers and emulators especially easy. The maximum frequency of the data signal is in the audio range, so a normal sound card can be used as an A/D and D/A converter, using a very cheap diode detector radio for reception and simple load modulation circuit for transmission. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/135.en.html - Monty Hall - Henryk Plötz - Karsten Nohl - - - PUBLISH - 92@HAR2009@pentabarf.org - 92 - hacking_contest - Capture the flag - hacking contest - englisch - en - 20090813T130000 - 20090813T140000 - 01H00M00S - Capture the flag - hacking contest - In the talk we will give an introduction to CTF contests in IT security. Starting Friday, 10PM CEST, we will host a live CTF lasting 24 hours. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/92.en.html - The Birthday Tent - Hans-Christian Esperer - mc.fly - - - PUBLISH - 92@HAR2009@pentabarf.org - 92 - hacking_contest - Capture the flag - hacking contest - English - en - 20090813T130000 - 20090813T140000 - 01H00M00S - Capture the flag - hacking contest - In the talk we will give an introduction to CTF contests in IT security. Starting Friday, 10PM CEST, we will host a live CTF lasting 24 hours. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/92.en.html - The Birthday Tent - Hans-Christian Esperer - mc.fly - - - PUBLISH - 36@HAR2009@pentabarf.org - 36 - classic_mistakes - Classic Mistakes - Mistakes made with the Mifare Classic - englisch - en - 20090814T130000 - 20090814T140000 - 01H00M00S - Classic Mistakes- Mistakes made with the Mifare Classic - This lecture gives a broad overview of the vulnerabilities that exists in MIFARE Classic products and the way they are used by system integrators. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/36.en.html - Monty Hall - Roel Verdult - - - PUBLISH - 36@HAR2009@pentabarf.org - 36 - classic_mistakes - Classic Mistakes - Mistakes made with the Mifare Classic - English - en - 20090814T130000 - 20090814T140000 - 01H00M00S - Classic Mistakes- Mistakes made with the Mifare Classic - This lecture gives a broad overview of the vulnerabilities that exists in MIFARE Classic products and the way they are used by system integrators. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/36.en.html - Monty Hall - Roel Verdult - - - PUBLISH - 147@HAR2009@pentabarf.org - 147 - har_closing - Closing Ceremony - So Long, and Thanks for All the ... - englisch - en - 20090816T160000 - 20090816T170000 - 01H00M00S - Closing Ceremony- So Long, and Thanks for All the ... - Closing Ceremony - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/147.en.html - Monty Hall - Aldert Hazenberg - - - PUBLISH - 147@HAR2009@pentabarf.org - 147 - har_closing - Closing Ceremony - So Long, and Thanks for All the ... - English - en - 20090816T160000 - 20090816T170000 - 01H00M00S - Closing Ceremony- So Long, and Thanks for All the ... - Closing Ceremony - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/147.en.html - Monty Hall - Aldert Hazenberg - - - PUBLISH - 210@HAR2009@pentabarf.org - 210 - - coreboot - Beyond the final frontier - - - 20090813T140000 - 20090813T150000 - 01H00M00S - coreboot- Beyond the final frontier - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/210.en.html - Monty Hall - Peter Stuge - - - PUBLISH - 210@HAR2009@pentabarf.org - 210 - - coreboot - Beyond the final frontier - - - 20090813T140000 - 20090813T150000 - 01H00M00S - coreboot- Beyond the final frontier - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/210.en.html - Monty Hall - Peter Stuge - - - PUBLISH - 57@HAR2009@pentabarf.org - 57 - countering_malware_analysis - Countering behavior based malware analysis - - englisch - en - 20090813T200000 - 20090813T210000 - 01H00M00S - Countering behavior based malware analysis - This paper and the talk will deal with behavior-based malware -analysis, it's orgins and some general models. -The paper will describe how malware detection focussing on semantics works, dicuss some simple schemes and the overall -weaknesses of behavior-based malware detection. -The paper and talk will be rather theoretical in nature, although practical examples and explanations are given. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/57.en.html - The Two Envelopes Tent - Nomenumbra - - - PUBLISH - 57@HAR2009@pentabarf.org - 57 - countering_malware_analysis - Countering behavior based malware analysis - - English - en - 20090813T200000 - 20090813T210000 - 01H00M00S - Countering behavior based malware analysis - This paper and the talk will deal with behavior-based malware -analysis, it's orgins and some general models. -The paper will describe how malware detection focussing on semantics works, dicuss some simple schemes and the overall -weaknesses of behavior-based malware detection. -The paper and talk will be rather theoretical in nature, although practical examples and explanations are given. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/57.en.html - The Two Envelopes Tent - Nomenumbra - - - PUBLISH - 187@HAR2009@pentabarf.org - 187 - cracking_a5_crypto - Cracking A5 GSM encryption - State of affairs - englisch - en - 20090815T170000 - 20090815T180000 - 01H00M00S - Cracking A5 GSM encryption- State of affairs - Project web site: http://reflextor.com/trac/a51 - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/187.en.html - Monty Hall - Karsten Nohl - - - PUBLISH - 187@HAR2009@pentabarf.org - 187 - cracking_a5_crypto - Cracking A5 GSM encryption - State of affairs - English - en - 20090815T170000 - 20090815T180000 - 01H00M00S - Cracking A5 GSM encryption- State of affairs - Project web site: http://reflextor.com/trac/a51 - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/187.en.html - Monty Hall - Karsten Nohl - - - PUBLISH - 78@HAR2009@pentabarf.org - 78 - - Cracking Internet - The urgency of DNSSEC - English - en - 20090815T140000 - 20090815T150000 - 01H00M00S - Cracking Internet- The urgency of DNSSEC - This workshop will introduce the problems with DNS that jeapardise the Internet as a whole. We will begin with a general discussion, and argue that the only real solution that is ready now is DNSSEC. We will continue with more detailed discussions of the Kaminsky attack, and explain how to attack the machines that we prepared for attack during HAR2009. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/78.en.html - Monty Hall - Rick van Rein - - - PUBLISH - 78@HAR2009@pentabarf.org - 78 - - Cracking Internet - The urgency of DNSSEC - englisch - en - 20090815T140000 - 20090815T150000 - 01H00M00S - Cracking Internet- The urgency of DNSSEC - This workshop will introduce the problems with DNS that jeapardise the Internet as a whole. We will begin with a general discussion, and argue that the only real solution that is ready now is DNSSEC. We will continue with more detailed discussions of the Kaminsky attack, and explain how to attack the machines that we prepared for attack during HAR2009. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/78.en.html - Monty Hall - Rick van Rein - - - PUBLISH - 149@HAR2009@pentabarf.org - 149 - deep_silicon_analysis - Deep Silicon Analysis - - englisch - en - 20090815T210000 - 20090815T220000 - 01H00M00S - Deep Silicon Analysis - Microchips have long been objects of fascination for hackers and geeks. The manuals of processors and microcontrollers are well studied as are their assembly languages. Now, what if you could dig deeper into a chip and fully understand its hardware implementation? - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/149.en.html - The Two Envelopes Tent - Karsten Nohl - - - PUBLISH - 149@HAR2009@pentabarf.org - 149 - deep_silicon_analysis - Deep Silicon Analysis - - English - en - 20090815T210000 - 20090815T220000 - 01H00M00S - Deep Silicon Analysis - Microchips have long been objects of fascination for hackers and geeks. The manuals of processors and microcontrollers are well studied as are their assembly languages. Now, what if you could dig deeper into a chip and fully understand its hardware implementation? - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/149.en.html - The Two Envelopes Tent - Karsten Nohl - - - PUBLISH - 136@HAR2009@pentabarf.org - 136 - building_a_cyclotron - Design and Build a 2 MeV Cyclotron - - englisch - en - 20090813T170000 - 20090813T180000 - 01H00M00S - Design and Build a 2 MeV Cyclotron - Cyclotrons efficiently generate beams of charged particles at high energies, typically on the order of MeV. These charged particle beams have an immense range of applications in many different scientific and engineering fields--from biological engineering, to material science, to simple particle physics experiments. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/136.en.html - The Birthday Tent - Leslie Dewan - - - PUBLISH - 136@HAR2009@pentabarf.org - 136 - building_a_cyclotron - Design and Build a 2 MeV Cyclotron - - English - en - 20090813T170000 - 20090813T180000 - 01H00M00S - Design and Build a 2 MeV Cyclotron - Cyclotrons efficiently generate beams of charged particles at high energies, typically on the order of MeV. These charged particle beams have an immense range of applications in many different scientific and engineering fields--from biological engineering, to material science, to simple particle physics experiments. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/136.en.html - The Birthday Tent - Leslie Dewan - - - PUBLISH - 37@HAR2009@pentabarf.org - 37 - dev_embedded_devices - Developing embedded devices using opensource tools: application to handheld game consoles - - English - en - 20090814T140000 - 20090814T150000 - 01H00M00S - Developing embedded devices using opensource tools: application to handheld game consoles - Embedded device programming using opensource tools. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/37.en.html - The Birthday Tent - jmfriedt - - - PUBLISH - 37@HAR2009@pentabarf.org - 37 - dev_embedded_devices - Developing embedded devices using opensource tools: application to handheld game consoles - - englisch - en - 20090814T140000 - 20090814T150000 - 01H00M00S - Developing embedded devices using opensource tools: application to handheld game consoles - Embedded device programming using opensource tools. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/37.en.html - The Birthday Tent - jmfriedt - - - PUBLISH - 206@HAR2009@pentabarf.org - 206 - - Distributed social networking - - englisch - en - 20090813T150000 - 20090813T170000 - 02H00M00S - Distributed social networking - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/206.en.html - Bike-shed Red - Henry Story - - - PUBLISH - 206@HAR2009@pentabarf.org - 206 - - Distributed social networking - - English - en - 20090813T150000 - 20090813T170000 - 02H00M00S - Distributed social networking - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/206.en.html - Bike-shed Red - Henry Story - - - PUBLISH - 42@HAR2009@pentabarf.org - 42 - - DNS Security In The Broadest Sense - Why DNS Security does and does not matter - englisch - en - 20090814T140000 - 20090814T150000 - 01H00M00S - DNS Security In The Broadest Sense- Why DNS Security does and does not matter - The Domain Name System underlies almost any transaction on the internet, -from sending email to visiting a web page. Its security and reliability are -therefore of paramount importance. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/42.en.html - The Two Envelopes Tent - Bert Hubert - - - PUBLISH - 42@HAR2009@pentabarf.org - 42 - - DNS Security In The Broadest Sense - Why DNS Security does and does not matter - English - en - 20090814T140000 - 20090814T150000 - 01H00M00S - DNS Security In The Broadest Sense- Why DNS Security does and does not matter - The Domain Name System underlies almost any transaction on the internet, -from sending email to visiting a web page. Its security and reliability are -therefore of paramount importance. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/42.en.html - The Two Envelopes Tent - Bert Hubert - - - PUBLISH - 198@HAR2009@pentabarf.org - 198 - - EDRi meet & greet/workshop - Workshop for EDRi-members and related activist groups - - - 20090814T180000 - 20090814T190000 - 01H00M00S - EDRi meet & greet/workshop- Workshop for EDRi-members and related activist groups - Almost all European countries have one or more activist groups concerned with civil rights in a digital society. EDRi is a European platform for such organisations and has members in virtually all EU member states and the EFTA countries. A lot of the people involved hardly ever meet in person. Vrijschrift/Scriptum Libre would like to take advantage of the fact that quite a few Hacktivists will attend HAR2009 anyway and has found the HAR2009 organisation willing to provide room for just meeting each other as well as discussing the current state of European civil rights online and offline. More specific: what pieces of upcoming EU regulation warrant action by the various groups. This meeting is intended as a mostly free form event for those interested in this subject. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/198.en.html - Bike-shed Red - - - PUBLISH - 198@HAR2009@pentabarf.org - 198 - - EDRi meet & greet/workshop - Workshop for EDRi-members and related activist groups - - - 20090814T180000 - 20090814T190000 - 01H00M00S - EDRi meet & greet/workshop- Workshop for EDRi-members and related activist groups - Almost all European countries have one or more activist groups concerned with civil rights in a digital society. EDRi is a European platform for such organisations and has members in virtually all EU member states and the EFTA countries. A lot of the people involved hardly ever meet in person. Vrijschrift/Scriptum Libre would like to take advantage of the fact that quite a few Hacktivists will attend HAR2009 anyway and has found the HAR2009 organisation willing to provide room for just meeting each other as well as discussing the current state of European civil rights online and offline. More specific: what pieces of upcoming EU regulation warrant action by the various groups. This meeting is intended as a mostly free form event for those interested in this subject. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/198.en.html - Bike-shed Red - - - PUBLISH - 60@HAR2009@pentabarf.org - 60 - elec_engineering - Electrical enginering with free/libre open source software - gEDA, PCB, Emdebian, positive vs negative vs proprietary vs floss standoff - English - en - 20090813T150000 - 20090813T160000 - 01H00M00S - Electrical enginering with free/libre open source software- gEDA, PCB, Emdebian, positive vs negative vs proprietary vs floss standoff - In this talk Jelle is going to talk about hardware development with complete FLOSS based development tools. He is going to show the OpenARM Single Board Computer Project (SBC) and will explains some things about the Emdebbian project and the need of TDEBs. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/60.en.html - Monty Hall - Jelle de Jong - - - PUBLISH - 60@HAR2009@pentabarf.org - 60 - elec_engineering - Electrical enginering with free/libre open source software - gEDA, PCB, Emdebian, positive vs negative vs proprietary vs floss standoff - englisch - en - 20090813T150000 - 20090813T160000 - 01H00M00S - Electrical enginering with free/libre open source software- gEDA, PCB, Emdebian, positive vs negative vs proprietary vs floss standoff - In this talk Jelle is going to talk about hardware development with complete FLOSS based development tools. He is going to show the OpenARM Single Board Computer Project (SBC) and will explains some things about the Emdebbian project and the need of TDEBs. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/60.en.html - Monty Hall - Jelle de Jong - - - PUBLISH - 165@HAR2009@pentabarf.org - 165 - - Exploiting Native Client - Google Native Client Security in a Brave New World - English - en - 20090815T110000 - 20090815T120000 - 01H00M00S - Exploiting Native Client- Google Native Client Security in a Brave New World - In a world buzzing full with concepts of mobile-cloud-virtualized-software-as-a-service-2.0 technology, the science of actually delivering applications over the web has never been more relevant. Enter Google Native Client, a radical new player hoping to match up to the collective powerhouse of Microsoft ActiveX, Sun Java and Adobe Flash. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/165.en.html - The Two Envelopes Tent - Ben Hawkes - - - PUBLISH - 165@HAR2009@pentabarf.org - 165 - - Exploiting Native Client - Google Native Client Security in a Brave New World - englisch - en - 20090815T110000 - 20090815T120000 - 01H00M00S - Exploiting Native Client- Google Native Client Security in a Brave New World - In a world buzzing full with concepts of mobile-cloud-virtualized-software-as-a-service-2.0 technology, the science of actually delivering applications over the web has never been more relevant. Enter Google Native Client, a radical new player hoping to match up to the collective powerhouse of Microsoft ActiveX, Sun Java and Adobe Flash. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/165.en.html - The Two Envelopes Tent - Ben Hawkes - - - PUBLISH - 166@HAR2009@pentabarf.org - 166 - eyeborg - Eyeborg project - - English - en - 20090813T150000 - 20090813T160000 - 01H00M00S - Eyeborg project - Take a one eyed film maker, an unemployed engineer, and a vision for something that's never been done before and you have yourself the EyeBorg Project. Rob Spence and Kosta Grammatis are trying to make history by embedding a video camera and a transmitter in a prosthetic eye. That eye is going in Robs eye socket, and will record the world from a perspective that's never been seen before. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/166.en.html - The Two Envelopes Tent - Kosta Grammatis - - - PUBLISH - 166@HAR2009@pentabarf.org - 166 - eyeborg - Eyeborg project - - englisch - en - 20090813T150000 - 20090813T160000 - 01H00M00S - Eyeborg project - Take a one eyed film maker, an unemployed engineer, and a vision for something that's never been done before and you have yourself the EyeBorg Project. Rob Spence and Kosta Grammatis are trying to make history by embedding a video camera and a transmitter in a prosthetic eye. That eye is going in Robs eye socket, and will record the world from a perspective that's never been seen before. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/166.en.html - The Two Envelopes Tent - Kosta Grammatis - - - PUBLISH - 124@HAR2009@pentabarf.org - 124 - how_to_get_v6 - First woman on native IPv6, and other tales - How to get IPv6 - English - en - 20090814T160000 - 20090814T170000 - 01H00M00S - First woman on native IPv6, and other tales- How to get IPv6 - "All this, and native IPv6" - -Proud to be the first female XS4ALL customer using IPv6. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/124.en.html - The Birthday Tent - BECHA - - - PUBLISH - 124@HAR2009@pentabarf.org - 124 - how_to_get_v6 - First woman on native IPv6, and other tales - How to get IPv6 - englisch - en - 20090814T160000 - 20090814T170000 - 01H00M00S - First woman on native IPv6, and other tales- How to get IPv6 - "All this, and native IPv6" - -Proud to be the first female XS4ALL customer using IPv6. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/124.en.html - The Birthday Tent - BECHA - - - PUBLISH - 74@HAR2009@pentabarf.org - 74 - fishphucker - Flipping the Phishing Con Game - Design and Implementation of FishPhucker - Anti-Phishing Extension - English - en - 20090813T150000 - 20090813T160000 - 01H00M00S - Flipping the Phishing Con Game - Design and Implementation of FishPhucker- Anti-Phishing Extension - Numerous counter-measures against phishing have been evaluated in recent years. Users have been educated; authenticity in Bank websites was improved and out-of-band authentication methods were established, but phishing remains a problem. This work focuses on a new method which attempts to turn the tables on Phishers. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/74.en.html - The Birthday Tent - Dominik Birk - - - PUBLISH - 74@HAR2009@pentabarf.org - 74 - fishphucker - Flipping the Phishing Con Game - Design and Implementation of FishPhucker - Anti-Phishing Extension - englisch - en - 20090813T150000 - 20090813T160000 - 01H00M00S - Flipping the Phishing Con Game - Design and Implementation of FishPhucker- Anti-Phishing Extension - Numerous counter-measures against phishing have been evaluated in recent years. Users have been educated; authenticity in Bank websites was improved and out-of-band authentication methods were established, but phishing remains a problem. This work focuses on a new method which attempts to turn the tables on Phishers. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/74.en.html - The Birthday Tent - Dominik Birk - - - PUBLISH - 203@HAR2009@pentabarf.org - 203 - workshop_restful_auth - FOAF+SSL: RESTful authentication for the Social Web - - English - en - 20090814T160000 - 20090814T180000 - 02H00M00S - FOAF+SSL: RESTful authentication for the Social Web - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/203.en.html - Bike-shed Green - Henry Story - - - PUBLISH - 203@HAR2009@pentabarf.org - 203 - workshop_restful_auth - FOAF+SSL: RESTful authentication for the Social Web - - englisch - en - 20090814T160000 - 20090814T180000 - 02H00M00S - FOAF+SSL: RESTful authentication for the Social Web - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/203.en.html - Bike-shed Green - Henry Story - - - PUBLISH - 65@HAR2009@pentabarf.org - 65 - - Foundry CAM hacking - - Dutch - nl - 20090815T130000 - 20090815T140000 - 01H00M00S - Foundry CAM hacking - De presentatie zal de internals (CAM) tonen van een redelijk standaard chassis gebaseerde switch/router (Foundry), demonstreren dat het (alhoewel unsupported) mogelijk is packet headers te dumpen middels een aantal ongedocumenteerde commando's, en proberen het hackersgevoel te delen dit alles uit te vinden. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/65.en.html - The Birthday Tent - Vincent Bourgonjen - - - PUBLISH - 65@HAR2009@pentabarf.org - 65 - - Foundry CAM hacking - - niederländisch - nl - 20090815T130000 - 20090815T140000 - 01H00M00S - Foundry CAM hacking - De presentatie zal de internals (CAM) tonen van een redelijk standaard chassis gebaseerde switch/router (Foundry), demonstreren dat het (alhoewel unsupported) mogelijk is packet headers te dumpen middels een aantal ongedocumenteerde commando's, en proberen het hackersgevoel te delen dit alles uit te vinden. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/65.en.html - The Birthday Tent - Vincent Bourgonjen - - - PUBLISH - 152@HAR2009@pentabarf.org - 152 - futureshock - Futureshock, don't panic! - how do we deal with accelerating change? - englisch - en - 20090814T210000 - 20090814T220000 - 01H00M00S - Futureshock, don't panic!- how do we deal with accelerating change? - A much improved and updated version of my 2005 What The Hack talk about the future of information, bio and nanotechologies, their convergence and it's consequences. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/152.en.html - Monty Hall - Arjen Kamphuis - - - PUBLISH - 152@HAR2009@pentabarf.org - 152 - futureshock - Futureshock, don't panic! - how do we deal with accelerating change? - English - en - 20090814T210000 - 20090814T220000 - 01H00M00S - Futureshock, don't panic!- how do we deal with accelerating change? - A much improved and updated version of my 2005 What The Hack talk about the future of information, bio and nanotechologies, their convergence and it's consequences. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/152.en.html - Monty Hall - Arjen Kamphuis - - - PUBLISH - 195@HAR2009@pentabarf.org - 195 - - Gnuradio workshop - build your own wireless device in software (using Software Defined Radio) which can transmit and receive any wireless signal - English - en - 20090815T190000 - 20090815T220000 - 03H00M00S - Gnuradio workshop- build your own wireless device in software (using Software Defined Radio) which can transmit and receive any wireless signal - In this workshop you will learn how to use Gnuradio to build Software Defined Radio applications which can transmit or receive any type of radiosignal. We will bring a few USRP's (Universal Software Radio Peripheral) which is an opensource hardware device which will be used as RF-frontend. All the processing (demodulation, modulation and so on) will run on your PC running Linux (Ubuntu jaunty is the easiest). - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/195.en.html - Bike-shed Red - - - PUBLISH - 195@HAR2009@pentabarf.org - 195 - - Gnuradio workshop - build your own wireless device in software (using Software Defined Radio) which can transmit and receive any wireless signal - englisch - en - 20090815T190000 - 20090815T220000 - 03H00M00S - Gnuradio workshop- build your own wireless device in software (using Software Defined Radio) which can transmit and receive any wireless signal - In this workshop you will learn how to use Gnuradio to build Software Defined Radio applications which can transmit or receive any type of radiosignal. We will bring a few USRP's (Universal Software Radio Peripheral) which is an opensource hardware device which will be used as RF-frontend. All the processing (demodulation, modulation and so on) will run on your PC running Linux (Ubuntu jaunty is the easiest). - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/195.en.html - Bike-shed Red - - - PUBLISH - 180@HAR2009@pentabarf.org - 180 - biza - Government and trust - Government 2.0 - englisch - en - 20090814T150000 - 20090814T160000 - 01H00M00S - Government and trust- Government 2.0 - Governments are, on some levels, moving towards more transparency, yet they often are reluctant to really accept citizens' input. In turn, citizens often don't trust that their ideas and stories will really be taken into account. How do we get out of this deadlock? Can we? - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/180.en.html - The Two Envelopes Tent - Arnout Ponsioen - - - PUBLISH - 180@HAR2009@pentabarf.org - 180 - biza - Government and trust - Government 2.0 - English - en - 20090814T150000 - 20090814T160000 - 01H00M00S - Government and trust- Government 2.0 - Governments are, on some levels, moving towards more transparency, yet they often are reluctant to really accept citizens' input. In turn, citizens often don't trust that their ideas and stories will really be taken into account. How do we get out of this deadlock? Can we? - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/180.en.html - The Two Envelopes Tent - Arnout Ponsioen - - - PUBLISH - 137@HAR2009@pentabarf.org - 137 - hackerjeopardy - Hacker Jeopardy - Number guessing for geeks - englisch - en - 20090815T220000 - 20090815T230000 - 01H00M00S - Hacker Jeopardy- Number guessing for geeks - Hacker Jeopardy Quiz Show, entertainment - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/137.en.html - Monty Hall - Ray - Sec - - - PUBLISH - 137@HAR2009@pentabarf.org - 137 - hackerjeopardy - Hacker Jeopardy - Number guessing for geeks - English - en - 20090815T220000 - 20090815T230000 - 01H00M00S - Hacker Jeopardy- Number guessing for geeks - Hacker Jeopardy Quiz Show, entertainment - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/137.en.html - Monty Hall - Ray - Sec - - - PUBLISH - 101@HAR2009@pentabarf.org - 101 - hackerspaces_everywhere - Hackerspaces Everywhere - Building the Future - englisch - en - 20090816T130000 - 20090816T140000 - 01H00M00S - Hackerspaces Everywhere- Building the Future - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/101.en.html - The Two Envelopes Tent - astera - - - PUBLISH - 101@HAR2009@pentabarf.org - 101 - hackerspaces_everywhere - Hackerspaces Everywhere - Building the Future - English - en - 20090816T130000 - 20090816T140000 - 01H00M00S - Hackerspaces Everywhere- Building the Future - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/101.en.html - The Two Envelopes Tent - astera - - - PUBLISH - 96@HAR2009@pentabarf.org - 96 - - Hacking Mona Lisa - Technology and policy for the digital humanities and cultural heritage - englisch - en - 20090814T140000 - 20090814T150000 - 01H00M00S - Hacking Mona Lisa- Technology and policy for the digital humanities and cultural heritage - I'd like to show some examples of the technologies that are used in bringing the the research areas of the humanities - history, art history, literature - and cultural heritage - collections and museums - to the web and present some of the technical and political challenges thereof: How to create novel databases of objects and "thick relations" for islamic manuscripts and how to deal with anonymous authors. How to serve gigabyte-size images of historical architectural drawings and other scans over low bandwidth lines in the web. How to deal with historical texts in diverse dead and living languages either artful with morphological analysis and ontologies or quickly and dirtyly. How to establish open source solutions and open access to historical sources and cultural heritage in some good and some bad examples of technology and policy. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/96.en.html - Monty Hall - Robert Casties - - - PUBLISH - 96@HAR2009@pentabarf.org - 96 - - Hacking Mona Lisa - Technology and policy for the digital humanities and cultural heritage - English - en - 20090814T140000 - 20090814T150000 - 01H00M00S - Hacking Mona Lisa- Technology and policy for the digital humanities and cultural heritage - I'd like to show some examples of the technologies that are used in bringing the the research areas of the humanities - history, art history, literature - and cultural heritage - collections and museums - to the web and present some of the technical and political challenges thereof: How to create novel databases of objects and "thick relations" for islamic manuscripts and how to deal with anonymous authors. How to serve gigabyte-size images of historical architectural drawings and other scans over low bandwidth lines in the web. How to deal with historical texts in diverse dead and living languages either artful with morphological analysis and ontologies or quickly and dirtyly. How to establish open source solutions and open access to historical sources and cultural heritage in some good and some bad examples of technology and policy. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/96.en.html - Monty Hall - Robert Casties - - - PUBLISH - 150@HAR2009@pentabarf.org - 150 - future_of_science - Hacking the Future of Science - - English - en - 20090813T130000 - 20090813T140000 - 01H00M00S - Hacking the Future of Science - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/150.en.html - Monty Hall - Michael Nielsen - - - PUBLISH - 150@HAR2009@pentabarf.org - 150 - future_of_science - Hacking the Future of Science - - englisch - en - 20090813T130000 - 20090813T140000 - 01H00M00S - Hacking the Future of Science - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/150.en.html - Monty Hall - Michael Nielsen - - - PUBLISH - 79@HAR2009@pentabarf.org - 79 - hacking_plants - Hacking with Plants - Permaculture as another domain for (technical) design - English - en - 20090813T200000 - 20090813T210000 - 01H00M00S - Hacking with Plants- Permaculture as another domain for (technical) design - Permaculture makes designs in the domain of (mostly) plants. Surprisingly, the approach in this fields greatly overlaps that of technical design. This means that designing an optimal plant system can be very appealing to a technical mind. And being inspired by nature, we may even learn a thing or two about our technical design style... - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/79.en.html - The Birthday Tent - Rick van Rein - - - PUBLISH - 79@HAR2009@pentabarf.org - 79 - hacking_plants - Hacking with Plants - Permaculture as another domain for (technical) design - englisch - en - 20090813T200000 - 20090813T210000 - 01H00M00S - Hacking with Plants- Permaculture as another domain for (technical) design - Permaculture makes designs in the domain of (mostly) plants. Surprisingly, the approach in this fields greatly overlaps that of technical design. This means that designing an optimal plant system can be very appealing to a technical mind. And being inspired by nature, we may even learn a thing or two about our technical design style... - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/79.en.html - The Birthday Tent - Rick van Rein - - - PUBLISH - 110@HAR2009@pentabarf.org - 110 - - Hack the law! - Defend your freedoms while having fun! - englisch - en - 20090816T120000 - 20090816T130000 - 01H00M00S - Hack the law!- Defend your freedoms while having fun! - What happens when laws try to control the digital environment? Telecoms Package, "three strikes" (HADOPI), content filtering, software patents... It's all about control! - -Is law hackable like code? What can we do to change the law? How to do it? How can a bunch of hackers promote a better and more open society? - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/110.en.html - Monty Hall - Jérémie Zimmermann - - - PUBLISH - 110@HAR2009@pentabarf.org - 110 - - Hack the law! - Defend your freedoms while having fun! - English - en - 20090816T120000 - 20090816T130000 - 01H00M00S - Hack the law!- Defend your freedoms while having fun! - What happens when laws try to control the digital environment? Telecoms Package, "three strikes" (HADOPI), content filtering, software patents... It's all about control! - -Is law hackable like code? What can we do to change the law? How to do it? How can a bunch of hackers promote a better and more open society? - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/110.en.html - Monty Hall - Jérémie Zimmermann - - - PUBLISH - 100@HAR2009@pentabarf.org - 100 - har_network_overview - HAR Network Overview & BlinkenArea movie contest results - - English - en - 20090816T150000 - 20090816T160000 - 01H00M00S - HAR Network Overview & BlinkenArea movie contest results - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/100.en.html - Monty Hall - Elisa Jasinska - Leon Weber - Stephan 'ST' Kambor - - - PUBLISH - 100@HAR2009@pentabarf.org - 100 - har_network_overview - HAR Network Overview & BlinkenArea movie contest results - - englisch - en - 20090816T150000 - 20090816T160000 - 01H00M00S - HAR Network Overview & BlinkenArea movie contest results - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/100.en.html - Monty Hall - Elisa Jasinska - Leon Weber - Stephan 'ST' Kambor - - - PUBLISH - 103@HAR2009@pentabarf.org - 103 - - How to reverse engineer backdoor algoritms hidden in firmware. - Disclosure of a backdoor in Accton based switches (3com and others) - englisch - en - 20090815T140000 - 20090815T150000 - 01H00M00S - How to reverse engineer backdoor algoritms hidden in firmware.- Disclosure of a backdoor in Accton based switches (3com and others) - How we reverse engineered a remote accesible backdoor in Accton-based switches. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/103.en.html - The Birthday Tent - psy - - - PUBLISH - 103@HAR2009@pentabarf.org - 103 - - How to reverse engineer backdoor algoritms hidden in firmware. - Disclosure of a backdoor in Accton based switches (3com and others) - English - en - 20090815T140000 - 20090815T150000 - 01H00M00S - How to reverse engineer backdoor algoritms hidden in firmware.- Disclosure of a backdoor in Accton based switches (3com and others) - How we reverse engineered a remote accesible backdoor in Accton-based switches. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/103.en.html - The Birthday Tent - psy - - - PUBLISH - 153@HAR2009@pentabarf.org - 153 - quantum_crypto - How to use quantum cryptography for secure identification - Making the most of noise - englisch - en - 20090815T140000 - 20090815T150000 - 01H00M00S - How to use quantum cryptography for secure identification- Making the most of noise - The goal of secure identification is to enable a user, Alice, to identify herself to Bob without revealing her password. Unfortunately, like many other interesting cryptographic problems involving two parties, this is impossible to achieve without making assumptions. For example, we could assume that factoring a large number is difficult. However it is not known whether this assumption is correct. In this talk, we will instead assume that it is difficult to store quantum states, in the sense that the quantum memory available to an attacker is noisy. We propose a simple quantum protocol that can be used to solve this task which is implementable using present day hardware. - -No knowledge of quantum cryptography or math will be required. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/153.en.html - The Two Envelopes Tent - Stephanie Wehner - - - PUBLISH - 153@HAR2009@pentabarf.org - 153 - quantum_crypto - How to use quantum cryptography for secure identification - Making the most of noise - English - en - 20090815T140000 - 20090815T150000 - 01H00M00S - How to use quantum cryptography for secure identification- Making the most of noise - The goal of secure identification is to enable a user, Alice, to identify herself to Bob without revealing her password. Unfortunately, like many other interesting cryptographic problems involving two parties, this is impossible to achieve without making assumptions. For example, we could assume that factoring a large number is difficult. However it is not known whether this assumption is correct. In this talk, we will instead assume that it is difficult to store quantum states, in the sense that the quantum memory available to an attacker is noisy. We propose a simple quantum protocol that can be used to solve this task which is implementable using present day hardware. - -No knowledge of quantum cryptography or math will be required. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/153.en.html - The Two Envelopes Tent - Stephanie Wehner - - - PUBLISH - 63@HAR2009@pentabarf.org - 63 - how_we_hack - How we break into domains - What every admin should know about Windows security - englisch - en - 20090815T130000 - 20090815T140000 - 01H00M00S - How we break into domains- What every admin should know about Windows security - It's a cliché that most networks are hard on the outside and soft and chewy on the inside, but it's true. Securing networks is hard and it shows: most domains are easy to break into. I'll describe the weaknesses in networks we abuse to gain access to most, if not all, systems on a LAN. We'll go over some of the basics, such as problems with patching and passwords, but also some more advanced recent developments, such as hijacking Windows access tokens. I will describe how state of the art techniques can be combined to take over a domain, and how to protect your domain and your company. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/63.en.html - Monty Hall - Niels Teusink - - - PUBLISH - 63@HAR2009@pentabarf.org - 63 - how_we_hack - How we break into domains - What every admin should know about Windows security - English - en - 20090815T130000 - 20090815T140000 - 01H00M00S - How we break into domains- What every admin should know about Windows security - It's a cliché that most networks are hard on the outside and soft and chewy on the inside, but it's true. Securing networks is hard and it shows: most domains are easy to break into. I'll describe the weaknesses in networks we abuse to gain access to most, if not all, systems on a LAN. We'll go over some of the basics, such as problems with patching and passwords, but also some more advanced recent developments, such as hijacking Windows access tokens. I will describe how state of the art techniques can be combined to take over a domain, and how to protect your domain and your company. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/63.en.html - Monty Hall - Niels Teusink - - - PUBLISH - 168@HAR2009@pentabarf.org - 168 - quantum_eavesdropping - How we eavesdropped 100% of a quantum cryptographic key - - English - en - 20090814T200000 - 20090814T210000 - 01H00M00S - How we eavesdropped 100% of a quantum cryptographic key - Quantum cryptography, as being based on the laws of physics, was claimed to be much more secure than all classical cryptography schemes. (Un)fortunately -physical hardware is not beyond of an evil control: We present a successful attack of an existing quantum key distribution system exploiting a photon detector vulnerability which is probably present in all existing devices. Without Alice and Bob losing their faith in their secure communication, we recorded 100% of the supposedly secret key. - -The actual eavesdropping hardware we have built will be shown during the conference. - -A brief intro into quantum cryptography will be given at the beginning of the talk. Then, Vadim Makarov will explain the above attack. At the end of the talk, Ilja Gerhardt will (hopefully) present another application of the discovered detector vulnerability, which shall remain a surprise :) - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/168.en.html - Monty Hall - Ilja Gerhardt - Vadim Makarov - - - PUBLISH - 168@HAR2009@pentabarf.org - 168 - quantum_eavesdropping - How we eavesdropped 100% of a quantum cryptographic key - - englisch - en - 20090814T200000 - 20090814T210000 - 01H00M00S - How we eavesdropped 100% of a quantum cryptographic key - Quantum cryptography, as being based on the laws of physics, was claimed to be much more secure than all classical cryptography schemes. (Un)fortunately -physical hardware is not beyond of an evil control: We present a successful attack of an existing quantum key distribution system exploiting a photon detector vulnerability which is probably present in all existing devices. Without Alice and Bob losing their faith in their secure communication, we recorded 100% of the supposedly secret key. - -The actual eavesdropping hardware we have built will be shown during the conference. - -A brief intro into quantum cryptography will be given at the beginning of the talk. Then, Vadim Makarov will explain the above attack. At the end of the talk, Ilja Gerhardt will (hopefully) present another application of the discovered detector vulnerability, which shall remain a surprise :) - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/168.en.html - Monty Hall - Ilja Gerhardt - Vadim Makarov - - - PUBLISH - 75@HAR2009@pentabarf.org - 75 - identity_processes - Identity processes - Why we put our most intimate details on the net and are still worried about our privacy - English - en - 20090814T210000 - 20090814T220000 - 01H00M00S - Identity processes- Why we put our most intimate details on the net and are still worried about our privacy - When trying to understand what privacy is and how it works, it is very helpful to have some idea of what human identity is. In this presentation I will sharpen our concept of privacy by taking a 'discursive' view on identity as starting point. This enables us to understand the privacy challenges the digitalization of our society poses. After this presentation you will know: -- why identities can't be stolen -- why we put our most intimate details on the net and are still worried about our privacy -- why ISP's and search engines are in the frontline of the privacy debate -- what the problem is of modern surveillance -- And of course you will know the most brutal ways to violate somebodies privacy. - - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/75.en.html - The Two Envelopes Tent - Winfried Tilanus - - - PUBLISH - 75@HAR2009@pentabarf.org - 75 - identity_processes - Identity processes - Why we put our most intimate details on the net and are still worried about our privacy - englisch - en - 20090814T210000 - 20090814T220000 - 01H00M00S - Identity processes- Why we put our most intimate details on the net and are still worried about our privacy - When trying to understand what privacy is and how it works, it is very helpful to have some idea of what human identity is. In this presentation I will sharpen our concept of privacy by taking a 'discursive' view on identity as starting point. This enables us to understand the privacy challenges the digitalization of our society poses. After this presentation you will know: -- why identities can't be stolen -- why we put our most intimate details on the net and are still worried about our privacy -- why ISP's and search engines are in the frontline of the privacy debate -- what the problem is of modern surveillance -- And of course you will know the most brutal ways to violate somebodies privacy. - - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/75.en.html - The Two Envelopes Tent - Winfried Tilanus - - - PUBLISH - 209@HAR2009@pentabarf.org - 209 - - IPv6 - - - - 20090815T120000 - 20090815T130000 - 01H00M00S - IPv6 - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/209.en.html - Bike-shed Red - - - PUBLISH - 209@HAR2009@pentabarf.org - 209 - - IPv6 - - - - 20090815T120000 - 20090815T130000 - 01H00M00S - IPv6 - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/209.en.html - Bike-shed Red - - - PUBLISH - 127@HAR2009@pentabarf.org - 127 - java_card - Java Card - Another Java hype or what? - englisch - en - 20090814T120000 - 20090814T130000 - 01H00M00S - Java Card- Another Java hype or what? - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/127.en.html - The Two Envelopes Tent - Eduard Karel de Jong - - - PUBLISH - 127@HAR2009@pentabarf.org - 127 - java_card - Java Card - Another Java hype or what? - English - en - 20090814T120000 - 20090814T130000 - 01H00M00S - Java Card- Another Java hype or what? - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/127.en.html - The Two Envelopes Tent - Eduard Karel de Jong - - - PUBLISH - 68@HAR2009@pentabarf.org - 68 - - Life or Death Cryptology: it is not about the encryption algorithm - - englisch - en - 20090815T170000 - 20090815T180000 - 01H00M00S - Life or Death Cryptology: it is not about the encryption algorithm - Protecting secrets is hard. Some of the things you currently trust to protect your secrets may be totally wrong. Even more so if you look at international espionage and protecting Top Secret information at the government level. A view into the world of state level security may really influence the way you look at protecting secrets. As information becomes more important, more threats arise. It actually all boils down to one thing. Trust. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/68.en.html - The Two Envelopes Tent - Paul Bakker - - - PUBLISH - 68@HAR2009@pentabarf.org - 68 - - Life or Death Cryptology: it is not about the encryption algorithm - - English - en - 20090815T170000 - 20090815T180000 - 01H00M00S - Life or Death Cryptology: it is not about the encryption algorithm - Protecting secrets is hard. Some of the things you currently trust to protect your secrets may be totally wrong. Even more so if you look at international espionage and protecting Top Secret information at the government level. A view into the world of state level security may really influence the way you look at protecting secrets. As information becomes more important, more threats arise. It actually all boils down to one thing. Trust. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/68.en.html - The Two Envelopes Tent - Paul Bakker - - - PUBLISH - 182@HAR2009@pentabarf.org - 182 - lightning_friday - Lightning talks Friday - 7 short lectures in 2 hours - englisch - en - 20090814T110000 - 20090814T130000 - 02H00M00S - Lightning talks Friday- 7 short lectures in 2 hours - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/182.en.html - The Birthday Tent - Don Hopkins - Hoppel - jbe - Melvin Rook - Rene "cavac" Schickbauer - Sébastien Bourdeauducq - tille - - - PUBLISH - 182@HAR2009@pentabarf.org - 182 - lightning_friday - Lightning talks Friday - 7 short lectures in 2 hours - English - en - 20090814T110000 - 20090814T130000 - 02H00M00S - Lightning talks Friday- 7 short lectures in 2 hours - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/182.en.html - The Birthday Tent - Don Hopkins - Hoppel - jbe - Melvin Rook - Rene "cavac" Schickbauer - Sébastien Bourdeauducq - tille - - - PUBLISH - 183@HAR2009@pentabarf.org - 183 - lightning_saturday - Lightning talks Saturday - 7 short lectures in 2 hours - English - en - 20090815T110000 - 20090815T130000 - 02H00M00S - Lightning talks Saturday- 7 short lectures in 2 hours - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/183.en.html - The Birthday Tent - Elger 'Stitch' Jonker - Esther Weltevrede - Harmen P. (Murf) de Ruiter - Kristian Mueller - Menneau - Rene "cavac" Schickbauer - Ruediger Weis - Wouter Tebbens - - - PUBLISH - 183@HAR2009@pentabarf.org - 183 - lightning_saturday - Lightning talks Saturday - 7 short lectures in 2 hours - englisch - en - 20090815T110000 - 20090815T130000 - 02H00M00S - Lightning talks Saturday- 7 short lectures in 2 hours - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/183.en.html - The Birthday Tent - Elger 'Stitch' Jonker - Esther Weltevrede - Harmen P. (Murf) de Ruiter - Kristian Mueller - Menneau - Rene "cavac" Schickbauer - Ruediger Weis - Wouter Tebbens - - - PUBLISH - 32@HAR2009@pentabarf.org - 32 - - Locally Exploiting Wireless Sensors - Breaking AES by Syringe - englisch - en - 20090816T130000 - 20090816T140000 - 01H00M00S - Locally Exploiting Wireless Sensors- Breaking AES by Syringe - Wireless sensors are often built with a microcontroller and a radio chip, connected only by a SPI bus. The radio, not the MCU, is responsible for symmetric cryptography of each packet. When the key is loaded, it is sent as cleartext over the SPI bus, and an attacker with local access can steal the key using a few syringe probes and readily available hardware. This attack and other local attacks against wireless sensor networks will be presented in detail, including a live demo of an AES128 key being extracted from an operational network. Following the conclusion of the lecture, audience members will be brought onstage to perform the attack themselves on various pieces of example hardware. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/32.en.html - The Birthday Tent - Travis Goodspeed - - - PUBLISH - 32@HAR2009@pentabarf.org - 32 - - Locally Exploiting Wireless Sensors - Breaking AES by Syringe - English - en - 20090816T130000 - 20090816T140000 - 01H00M00S - Locally Exploiting Wireless Sensors- Breaking AES by Syringe - Wireless sensors are often built with a microcontroller and a radio chip, connected only by a SPI bus. The radio, not the MCU, is responsible for symmetric cryptography of each packet. When the key is loaded, it is sent as cleartext over the SPI bus, and an attacker with local access can steal the key using a few syringe probes and readily available hardware. This attack and other local attacks against wireless sensor networks will be presented in detail, including a live demo of an AES128 key being extracted from an operational network. Following the conclusion of the lecture, audience members will be brought onstage to perform the attack themselves on various pieces of example hardware. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/32.en.html - The Birthday Tent - Travis Goodspeed - - - PUBLISH - 159@HAR2009@pentabarf.org - 159 - - Lockpicking - How lock-enthousiasts are keeping up with the state of the art - English - en - 20090815T210000 - 20090815T220000 - 01H00M00S - Lockpicking- How lock-enthousiasts are keeping up with the state of the art - This talk will detail the changes in lockpicking. It will tell the story of a rapidly changing universe once dark and mysterious which is now increasingly populated by lock-enthousiasts that simply enjoy the challenge mechanical locks present and freely share what they learn. You will learn how the lock industry is coming to terms with all of this, about new developments in safes, locks and opening techniques and you will get a general idea of how the world of locks and lockpicking is maturing. - -Barry and Han have done entertaining presentations on lockpicking at past hacker events and both take pride in never doing the same talk twice and always coming up with something new to show. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/159.en.html - The Birthday Tent - Barry - The Key - Wels - Han Fey - - - PUBLISH - 159@HAR2009@pentabarf.org - 159 - - Lockpicking - How lock-enthousiasts are keeping up with the state of the art - englisch - en - 20090815T210000 - 20090815T220000 - 01H00M00S - Lockpicking- How lock-enthousiasts are keeping up with the state of the art - This talk will detail the changes in lockpicking. It will tell the story of a rapidly changing universe once dark and mysterious which is now increasingly populated by lock-enthousiasts that simply enjoy the challenge mechanical locks present and freely share what they learn. You will learn how the lock industry is coming to terms with all of this, about new developments in safes, locks and opening techniques and you will get a general idea of how the world of locks and lockpicking is maturing. - -Barry and Han have done entertaining presentations on lockpicking at past hacker events and both take pride in never doing the same talk twice and always coming up with something new to show. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/159.en.html - The Birthday Tent - Barry - The Key - Wels - Han Fey - - - PUBLISH - 205@HAR2009@pentabarf.org - 205 - - Massage for Nerds - - englisch - en - 20090814T210000 - 20090814T220000 - 01H00M00S - Massage for Nerds - Feeling tense? Overworked? Always wanted to know the secrets to good relaxation? - -The massage for nerds workshop may be of help. I will try to teach you some basic massage principles and skills and demonstrate some techniques to relax. -Wear loose clothing, you may want to bring a matress (not the big wobbly instable inflatable ones, they don't work well). Part of it is self-massage, the other part is work with a partner. You can bring your own nerd or find one on the spot. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/205.en.html - Bike-shed Green - - - PUBLISH - 205@HAR2009@pentabarf.org - 205 - - Massage for Nerds - - English - en - 20090814T210000 - 20090814T220000 - 01H00M00S - Massage for Nerds - Feeling tense? Overworked? Always wanted to know the secrets to good relaxation? - -The massage for nerds workshop may be of help. I will try to teach you some basic massage principles and skills and demonstrate some techniques to relax. -Wear loose clothing, you may want to bring a matress (not the big wobbly instable inflatable ones, they don't work well). Part of it is self-massage, the other part is work with a partner. You can bring your own nerd or find one on the spot. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/205.en.html - Bike-shed Green - - - PUBLISH - 77@HAR2009@pentabarf.org - 77 - - MinixWall - rethinking secure systems - English - en - 20090816T120000 - 20090816T130000 - 01H00M00S - MinixWall- rethinking secure systems - Two of the main points are size and isolation. The Minix 3 kernel is less -than thousand times smaller as Linux. All drivers and the IP stack live -in user land. And this time Minix is Open Source. -We show a portation of the netfilter framework, which leads to a -system with better stability and security than the widely used Linux solutions. -Additional we present some new result regarding virtualiced systems using -a small amount of resources to add MinixWall into existing systems. -Additional we present some new result regarding virtualized systems using -a small amount of resources to add MinixWall into existing systems. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/77.en.html - The Birthday Tent - Ruediger Weis - - - PUBLISH - 77@HAR2009@pentabarf.org - 77 - - MinixWall - rethinking secure systems - englisch - en - 20090816T120000 - 20090816T130000 - 01H00M00S - MinixWall- rethinking secure systems - Two of the main points are size and isolation. The Minix 3 kernel is less -than thousand times smaller as Linux. All drivers and the IP stack live -in user land. And this time Minix is Open Source. -We show a portation of the netfilter framework, which leads to a -system with better stability and security than the widely used Linux solutions. -Additional we present some new result regarding virtualiced systems using -a small amount of resources to add MinixWall into existing systems. -Additional we present some new result regarding virtualized systems using -a small amount of resources to add MinixWall into existing systems. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/77.en.html - The Birthday Tent - Ruediger Weis - - - PUBLISH - 204@HAR2009@pentabarf.org - 204 - - Multitouch workshop - Create your own multitouch application. - englisch - en - 20090814T180000 - 20090814T210000 - 03H00M00S - Multitouch workshop- Create your own multitouch application. - In this workshop you will learn the basics of multitouch software development with [libavg](http://libavg.de/ "libavg") and create your own multitouch application. - - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/204.en.html - Bike-shed Yellow - - - PUBLISH - 204@HAR2009@pentabarf.org - 204 - - Multitouch workshop - Create your own multitouch application. - English - en - 20090814T180000 - 20090814T210000 - 03H00M00S - Multitouch workshop- Create your own multitouch application. - In this workshop you will learn the basics of multitouch software development with [libavg](http://libavg.de/ "libavg") and create your own multitouch application. - - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/204.en.html - Bike-shed Yellow - - - PUBLISH - 188@HAR2009@pentabarf.org - 188 - - MultiVerse workshop - Creating an open, decentralized, virtual world. - englisch - en - 20090814T140000 - 20090814T160000 - 02H00M00S - MultiVerse workshop- Creating an open, decentralized, virtual world. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/188.en.html - Bike-shed Green - Gabriel Konat - Melvin Rook - - - PUBLISH - 188@HAR2009@pentabarf.org - 188 - - MultiVerse workshop - Creating an open, decentralized, virtual world. - English - en - 20090814T140000 - 20090814T160000 - 02H00M00S - MultiVerse workshop- Creating an open, decentralized, virtual world. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/188.en.html - Bike-shed Green - Gabriel Konat - Melvin Rook - - - PUBLISH - 145@HAR2009@pentabarf.org - 145 - - My BREIN hurts! - FTD's fight against the "Dutch RIAA" - englisch - en - 20090816T140000 - 20090816T150000 - 01H00M00S - My BREIN hurts! - FTD's fight against the "Dutch RIAA" - Under Dutch copyright law, downloading movies and songs for personal use is entirely legal. This presents a unique legal problem for copyright enforcers like "Dutch RIAA" /Stichting BREIN/. Many sites have popped up that point people to opportunities for legal downloading. One of them is FTD, a place to "spot" binaries posted on Usenet. BREIN has accused Usenet and FTD of "facilitating illegal uploading for profit" and called FTD's activities "a criminal act". In response, FTD has gone to court to demand a ruling that FTD is operating legally, that downloading is legal and that BREIN should just shut up. Dutch IT-lawyer Arnoud Engelfriet, one of the lawyers representing FTD in court, will discuss the court case and the Dutch legal situation. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/145.en.html - Monty Hall - Arnoud Engelfriet - - - PUBLISH - 145@HAR2009@pentabarf.org - 145 - - My BREIN hurts! - FTD's fight against the "Dutch RIAA" - English - en - 20090816T140000 - 20090816T150000 - 01H00M00S - My BREIN hurts! - FTD's fight against the "Dutch RIAA" - Under Dutch copyright law, downloading movies and songs for personal use is entirely legal. This presents a unique legal problem for copyright enforcers like "Dutch RIAA" /Stichting BREIN/. Many sites have popped up that point people to opportunities for legal downloading. One of them is FTD, a place to "spot" binaries posted on Usenet. BREIN has accused Usenet and FTD of "facilitating illegal uploading for profit" and called FTD's activities "a criminal act". In response, FTD has gone to court to demand a ruling that FTD is operating legally, that downloading is legal and that BREIN should just shut up. Dutch IT-lawyer Arnoud Engelfriet, one of the lawyers representing FTD in court, will discuss the court case and the Dutch legal situation. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/145.en.html - Monty Hall - Arnoud Engelfriet - - - PUBLISH - 94@HAR2009@pentabarf.org - 94 - - Native IPv6 deployment at XS4ALL - - English - en - 20090814T150000 - 20090814T160000 - 01H00M00S - Native IPv6 deployment at XS4ALL - XS4ALL is currently rolling out native IPv6 on it's network. This talk will show some of the technology involved and problems encountered. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/94.en.html - The Birthday Tent - Marco Hogewoning - - - PUBLISH - 94@HAR2009@pentabarf.org - 94 - - Native IPv6 deployment at XS4ALL - - englisch - en - 20090814T150000 - 20090814T160000 - 01H00M00S - Native IPv6 deployment at XS4ALL - XS4ALL is currently rolling out native IPv6 on it's network. This talk will show some of the technology involved and problems encountered. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/94.en.html - The Birthday Tent - Marco Hogewoning - - - PUBLISH - 53@HAR2009@pentabarf.org - 53 - openbeer_workshop - OpenBeer Workshop - Learn how to make a delicious home-brew beer - englisch - en - 20090814T150000 - 20090814T170000 - 02H00M00S - OpenBeer Workshop- Learn how to make a delicious home-brew beer - In this workshop we will first discuss the theory behind brewing. After that, we will do the actual brewing. The day after, fermentation starts. Participants can opt in to be sent a bottle of their own brew about 3 weeks after the event. There might also be some tasting sessions. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/53.en.html - Village BSD - tille - - - PUBLISH - 53@HAR2009@pentabarf.org - 53 - openbeer_workshop - OpenBeer Workshop - Learn how to make a delicious home-brew beer - English - en - 20090814T150000 - 20090814T170000 - 02H00M00S - OpenBeer Workshop- Learn how to make a delicious home-brew beer - In this workshop we will first discuss the theory behind brewing. After that, we will do the actual brewing. The day after, fermentation starts. Participants can opt in to be sent a bottle of their own brew about 3 weeks after the event. There might also be some tasting sessions. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/53.en.html - Village BSD - tille - - - PUBLISH - 194@HAR2009@pentabarf.org - 194 - - Open Blueprints - Creative Commons & Design - - - 20090815T150000 - 20090815T180000 - 03H00M00S - Open Blueprints- Creative Commons & Design - A workshop on how to apply a creative commons license for design and the judicial space between copyright and model right. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/194.en.html - Bike-shed Yellow - Ronen Kadushin - - - PUBLISH - 194@HAR2009@pentabarf.org - 194 - - Open Blueprints - Creative Commons & Design - - - 20090815T150000 - 20090815T180000 - 03H00M00S - Open Blueprints- Creative Commons & Design - A workshop on how to apply a creative commons license for design and the judicial space between copyright and model right. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/194.en.html - Bike-shed Yellow - Ronen Kadushin - - - PUBLISH - 185@HAR2009@pentabarf.org - 185 - openbsc - OpenBSC - Running your own GSM network - - - 20090815T150000 - 20090815T160000 - 01H00M00S - OpenBSC- Running your own GSM network - OpenBSC is a Free Software implementation of the minimal subset of -the major backend components of a GSM network, such as BSC, MSC, HLR, EIR. -Using a commercial GSM BTS and attaching it to a Linux system running -the OpenBSC software allows you to run your own GSM "network in a box". - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/185.en.html - Monty Hall - Harald Welte - - - PUBLISH - 185@HAR2009@pentabarf.org - 185 - openbsc - OpenBSC - Running your own GSM network - - - 20090815T150000 - 20090815T160000 - 01H00M00S - OpenBSC- Running your own GSM network - OpenBSC is a Free Software implementation of the minimal subset of -the major backend components of a GSM network, such as BSC, MSC, HLR, EIR. -Using a commercial GSM BTS and attaching it to a Linux system running -the OpenBSC software allows you to run your own GSM "network in a box". - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/185.en.html - Monty Hall - Harald Welte - - - PUBLISH - 85@HAR2009@pentabarf.org - 85 - har_opening - Opening ceremony - Welcome to HAR2009 - English - en - 20090813T110000 - 20090813T120000 - 01H00M00S - Opening ceremony- Welcome to HAR2009 - Opening ceremony. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/85.en.html - Monty Hall - Koen Martens - - - PUBLISH - 85@HAR2009@pentabarf.org - 85 - har_opening - Opening ceremony - Welcome to HAR2009 - englisch - en - 20090813T110000 - 20090813T120000 - 01H00M00S - Opening ceremony- Welcome to HAR2009 - Opening ceremony. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/85.en.html - Monty Hall - Koen Martens - - - PUBLISH - 61@HAR2009@pentabarf.org - 61 - opensolaris_workshop - OpenSolaris Workshop - Why switch? What's better? Why another open source operating system? - English - en - 20090813T200000 - 20090813T220000 - 02H00M00S - OpenSolaris Workshop- Why switch? What's better? Why another open source operating system? - At first glance, you may mistake OpenSolaris for any other Linux distro. It uses GNOME for its desktop and GNU utilities such as sudo and top work as expected. However, as you dig deeper you'll find some nice surprises - a truly granular security framework, a service management facility that replaces antiquated rc*.d scripts, a dynamic tracing utility with incredible insight and a a new file system that is utterly refreshing. In this hands-on-workshop we'll cover the following: - - * The OpenSolaris you already know - o GNOME - o GNU Utilities - * The OpenSolaris you want to know - o RBAC - o SMF - o DTrace - o ZFS w/ TimeSlider - * The OpenSolaris you need to know - o IPS - o Networking - o The Innovation Continues - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/61.en.html - Bike-shed Green - Brian Leonard - - - PUBLISH - 61@HAR2009@pentabarf.org - 61 - opensolaris_workshop - OpenSolaris Workshop - Why switch? What's better? Why another open source operating system? - englisch - en - 20090813T200000 - 20090813T220000 - 02H00M00S - OpenSolaris Workshop- Why switch? What's better? Why another open source operating system? - At first glance, you may mistake OpenSolaris for any other Linux distro. It uses GNOME for its desktop and GNU utilities such as sudo and top work as expected. However, as you dig deeper you'll find some nice surprises - a truly granular security framework, a service management facility that replaces antiquated rc*.d scripts, a dynamic tracing utility with incredible insight and a a new file system that is utterly refreshing. In this hands-on-workshop we'll cover the following: - - * The OpenSolaris you already know - o GNOME - o GNU Utilities - * The OpenSolaris you want to know - o RBAC - o SMF - o DTrace - o ZFS w/ TimeSlider - * The OpenSolaris you need to know - o IPS - o Networking - o The Innovation Continues - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/61.en.html - Bike-shed Green - Brian Leonard - - - PUBLISH - 113@HAR2009@pentabarf.org - 113 - organising_a_con - Organising a Con - - englisch - en - 20090816T140000 - 20090816T150000 - 01H00M00S - Organising a Con - Presentation and discussion from a panel of core conference organizers on their experiences in organizing conferences. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/113.en.html - The Two Envelopes Tent - David Dolphin (tyrion) - - - PUBLISH - 113@HAR2009@pentabarf.org - 113 - organising_a_con - Organising a Con - - English - en - 20090816T140000 - 20090816T150000 - 01H00M00S - Organising a Con - Presentation and discussion from a panel of core conference organizers on their experiences in organizing conferences. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/113.en.html - The Two Envelopes Tent - David Dolphin (tyrion) - - - PUBLISH - 59@HAR2009@pentabarf.org - 59 - government_transparency - Our dutch road to government transparency - Dutch road to help free our government from closed workflows and closed ict-systems - English - en - 20090815T130000 - 20090815T140000 - 01H00M00S - Our dutch road to government transparency- Dutch road to help free our government from closed workflows and closed ict-systems - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/59.en.html - Bike-shed Green - Jelle de Jong - - - PUBLISH - 59@HAR2009@pentabarf.org - 59 - government_transparency - Our dutch road to government transparency - Dutch road to help free our government from closed workflows and closed ict-systems - englisch - en - 20090815T130000 - 20090815T140000 - 01H00M00S - Our dutch road to government transparency- Dutch road to help free our government from closed workflows and closed ict-systems - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/59.en.html - Bike-shed Green - Jelle de Jong - - - PUBLISH - 170@HAR2009@pentabarf.org - 170 - panel_discussion - Panel discussion with Brein and HAR - - English - en - 20090814T170000 - 20090814T180000 - 01H00M00S - Panel discussion with Brein and HAR - Panel discussion with Brein, MPAA and HAR - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/170.en.html - Monty Hall - Arjen Kamphuis - Tim Kuik - Walter van Holst - - - PUBLISH - 170@HAR2009@pentabarf.org - 170 - panel_discussion - Panel discussion with Brein and HAR - - englisch - en - 20090814T170000 - 20090814T180000 - 01H00M00S - Panel discussion with Brein and HAR - Panel discussion with Brein, MPAA and HAR - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/170.en.html - Monty Hall - Arjen Kamphuis - Tim Kuik - Walter van Holst - - - PUBLISH - 193@HAR2009@pentabarf.org - 193 - pgp_and_cacert_key_signing_party - PGP and CAcert key signing party - Have your PGP key signed; have yourself assured - englisch - en - 20090815T180000 - 20090815T200000 - 02H00M00S - PGP and CAcert key signing party- Have your PGP key signed; have yourself assured - PGP public key and CAcert certificate identification is based on multiple (the more the better) persons doing an identification check with official identity document(s), like a driver license, passports, identity cards, etc.: the Web of Trustworthy. The Web of Trust is basically a reciprocal process: one has to identify to each other. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/193.en.html - The Birthday Tent - Udo - - - PUBLISH - 193@HAR2009@pentabarf.org - 193 - pgp_and_cacert_key_signing_party - PGP and CAcert key signing party - Have your PGP key signed; have yourself assured - English - en - 20090815T180000 - 20090815T200000 - 02H00M00S - PGP and CAcert key signing party- Have your PGP key signed; have yourself assured - PGP public key and CAcert certificate identification is based on multiple (the more the better) persons doing an identification check with official identity document(s), like a driver license, passports, identity cards, etc.: the Web of Trustworthy. The Web of Trust is basically a reciprocal process: one has to identify to each other. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/193.en.html - The Birthday Tent - Udo - - - PUBLISH - 151@HAR2009@pentabarf.org - 151 - - Policy hacking - Open Source Lobbying, tips from the trenches - englisch - en - 20090813T140000 - 20090813T150000 - 01H00M00S - Policy hacking- Open Source Lobbying, tips from the trenches - In 2007 The Netherlands became the first western country to have a national policy on the mandatory use of open standards and preferential use of opensource software in all public sector organisations (government, educations, healthcare ...). Having been involved in the process of creating this policy I will share some of my lesson learned about policy hacking. This talk will be an update of my 2007 CCC-talk about the same subject. Many things have happened since then and there are new tales to be told. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/151.en.html - The Birthday Tent - Arjen Kamphuis - - - PUBLISH - 151@HAR2009@pentabarf.org - 151 - - Policy hacking - Open Source Lobbying, tips from the trenches - English - en - 20090813T140000 - 20090813T150000 - 01H00M00S - Policy hacking- Open Source Lobbying, tips from the trenches - In 2007 The Netherlands became the first western country to have a national policy on the mandatory use of open standards and preferential use of opensource software in all public sector organisations (government, educations, healthcare ...). Having been involved in the process of creating this policy I will share some of my lesson learned about policy hacking. This talk will be an update of my 2007 CCC-talk about the same subject. Many things have happened since then and there are new tales to be told. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/151.en.html - The Birthday Tent - Arjen Kamphuis - - - PUBLISH - 133@HAR2009@pentabarf.org - 133 - privacy_and_stylometry - Privacy & Stylometry: Practical Attacks Against Authorship Attribution Techniques - Protecting your identity through your writing style: how can attacking stylometry improve privacy? - englisch - en - 20090814T220000 - 20090814T230000 - 01H00M00S - Privacy & Stylometry: Practical Attacks Against Authorship Attribution Techniques- Protecting your identity through your writing style: how can attacking stylometry improve privacy? - The use of statistical AI techniques in authorship recognition (or stylometry) has contributed to literary and historical breakthroughs. These successes have led to the use of these techniques in criminal investigations and prosecutions. However, few have studied adversarial attacks, motivated by a desire to protect anonymity and privacy in a variety of scenarios, and their devastating effect on the robustness of existing classification methods. Our research demonstrates how various types of attacks can reduce the effectiveness of stylometric techniques down to the level of random guessing and worse. These results are made more significant by the fact that the experimental subjects were unfamiliar with stylometric techniques, without specialized knowledge in linguistics, and spent little time on the attacks. Current work based on these results that looks deeper into implications of stylometry on privacy and anonymity on the Internet is also discussed. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/133.en.html - The Birthday Tent - Mike Brennan - - - PUBLISH - 133@HAR2009@pentabarf.org - 133 - privacy_and_stylometry - Privacy & Stylometry: Practical Attacks Against Authorship Attribution Techniques - Protecting your identity through your writing style: how can attacking stylometry improve privacy? - English - en - 20090814T220000 - 20090814T230000 - 01H00M00S - Privacy & Stylometry: Practical Attacks Against Authorship Attribution Techniques- Protecting your identity through your writing style: how can attacking stylometry improve privacy? - The use of statistical AI techniques in authorship recognition (or stylometry) has contributed to literary and historical breakthroughs. These successes have led to the use of these techniques in criminal investigations and prosecutions. However, few have studied adversarial attacks, motivated by a desire to protect anonymity and privacy in a variety of scenarios, and their devastating effect on the robustness of existing classification methods. Our research demonstrates how various types of attacks can reduce the effectiveness of stylometric techniques down to the level of random guessing and worse. These results are made more significant by the fact that the experimental subjects were unfamiliar with stylometric techniques, without specialized knowledge in linguistics, and spent little time on the attacks. Current work based on these results that looks deeper into implications of stylometry on privacy and anonymity on the Internet is also discussed. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/133.en.html - The Birthday Tent - Mike Brennan - - - PUBLISH - 28@HAR2009@pentabarf.org - 28 - programming_the_cloud - Programming the cloud - What will Cloud computing bring - English - en - 20090813T170000 - 20090813T180000 - 01H00M00S - Programming the cloud- What will Cloud computing bring - Cloud computing is rapidly gaining the interest of service providers, programmers and the public as no one wants to miss the new hype. While there are many theories on how the cloud will evolve no real discussion on the programmability has yet taken place. In this talk a programing language named objic is described, that enables programs to run in a distributed manner in the cloud. This is done by creating an object orientated syntax and interpretation environment that can create objects on various distributed locations throughout a network and address them in a scalable, fault tolerant and transparent way. This is followed by a discussion of the problems faced and an outlook into the future. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/28.en.html - The Two Envelopes Tent - Geerd-Dietger Hoffmann - - - PUBLISH - 28@HAR2009@pentabarf.org - 28 - programming_the_cloud - Programming the cloud - What will Cloud computing bring - englisch - en - 20090813T170000 - 20090813T180000 - 01H00M00S - Programming the cloud- What will Cloud computing bring - Cloud computing is rapidly gaining the interest of service providers, programmers and the public as no one wants to miss the new hype. While there are many theories on how the cloud will evolve no real discussion on the programmability has yet taken place. In this talk a programing language named objic is described, that enables programs to run in a distributed manner in the cloud. This is done by creating an object orientated syntax and interpretation environment that can create objects on various distributed locations throughout a network and address them in a scalable, fault tolerant and transparent way. This is followed by a discussion of the problems faced and an outlook into the future. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/28.en.html - The Two Envelopes Tent - Geerd-Dietger Hoffmann - - - PUBLISH - 155@HAR2009@pentabarf.org - 155 - protheses_for_50_USD - Protheses for $50 instead of $250.000 - - English - en - 20090813T140000 - 20090813T150000 - 01H00M00S - Protheses for $50 instead of $250.000 - Protheses voor $40 ipv $250.000 - -In May 2009 the House of Natural Fiber (HONF) from Indonesia was visiting the Netherlands. Their aim: to build cheap leg protheses. They visidet Fablab Amsterdam to build up a comprehensive knowledge base around making protheses and to make contact with experts in the field. Now they are back in Indonesia and applying their knowledge. While a high-tech prothese costs 200.000 Euro and a standard prothese is available for 10.000, the cheapest ones cost $ 150. These are produced and fitted in one day only by Jaipurfoot. Yet HONF's protheses are going to cost a mere $ 50. - -We will present how HONF have built up their knowledge, what the most relevant experiences were for them to take away. And we will report live from Indonesia how the project proceeds. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/155.en.html - The Two Envelopes Tent - Peter Troxler - - - PUBLISH - 155@HAR2009@pentabarf.org - 155 - protheses_for_50_USD - Protheses for $50 instead of $250.000 - - englisch - en - 20090813T140000 - 20090813T150000 - 01H00M00S - Protheses for $50 instead of $250.000 - Protheses voor $40 ipv $250.000 - -In May 2009 the House of Natural Fiber (HONF) from Indonesia was visiting the Netherlands. Their aim: to build cheap leg protheses. They visidet Fablab Amsterdam to build up a comprehensive knowledge base around making protheses and to make contact with experts in the field. Now they are back in Indonesia and applying their knowledge. While a high-tech prothese costs 200.000 Euro and a standard prothese is available for 10.000, the cheapest ones cost $ 150. These are produced and fitted in one day only by Jaipurfoot. Yet HONF's protheses are going to cost a mere $ 50. - -We will present how HONF have built up their knowledge, what the most relevant experiences were for them to take away. And we will report live from Indonesia how the project proceeds. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/155.en.html - The Two Envelopes Tent - Peter Troxler - - - PUBLISH - 89@HAR2009@pentabarf.org - 89 - - Public transport SMS ticket hacking - - englisch - en - 20090815T200000 - 20090815T210000 - 01H00M00S - Public transport SMS ticket hacking - The primary aim of this presentation is to show a serious inherent vulnerability in the public transport SMS tickets system widely used in many big cities. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/89.en.html - The Two Envelopes Tent - Pavol Luptak - - - PUBLISH - 89@HAR2009@pentabarf.org - 89 - - Public transport SMS ticket hacking - - English - en - 20090815T200000 - 20090815T210000 - 01H00M00S - Public transport SMS ticket hacking - The primary aim of this presentation is to show a serious inherent vulnerability in the public transport SMS tickets system widely used in many big cities. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/89.en.html - The Two Envelopes Tent - Pavol Luptak - - - PUBLISH - 157@HAR2009@pentabarf.org - 157 - - Realizing the RFID Guardian - - English - en - 20090816T130000 - 20090816T140000 - 01H00M00S - Realizing the RFID Guardian - The RFID Guardian Project is an initiative to put practical open-source HW/SW tools for RFID Security and Privacy into the hands of security consultants and the general public alike. This talk will discuss Radio Frequency Identification, its security and privacy implications, and will provide the newest information about Version 4 of the RFID Guardian, which we intend to launch soon to the general public. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/157.en.html - Monty Hall - Serge Keyser - - - PUBLISH - 157@HAR2009@pentabarf.org - 157 - - Realizing the RFID Guardian - - englisch - en - 20090816T130000 - 20090816T140000 - 01H00M00S - Realizing the RFID Guardian - The RFID Guardian Project is an initiative to put practical open-source HW/SW tools for RFID Security and Privacy into the hands of security consultants and the general public alike. This talk will discuss Radio Frequency Identification, its security and privacy implications, and will provide the newest information about Version 4 of the RFID Guardian, which we intend to launch soon to the general public. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/157.en.html - Monty Hall - Serge Keyser - - - PUBLISH - 161@HAR2009@pentabarf.org - 161 - yro2 - Relaunch Bits of Freedom - How have digital rights been affected in The Netherlands since 2006? How will Bits of Freedom defend these rights? - English - en - 20090814T160000 - 20090814T170000 - 01H00M00S - Relaunch Bits of Freedom- How have digital rights been affected in The Netherlands since 2006? How will Bits of Freedom defend these rights? - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/161.en.html - The Two Envelopes Tent - Ot van Daalen - - - PUBLISH - 161@HAR2009@pentabarf.org - 161 - yro2 - Relaunch Bits of Freedom - How have digital rights been affected in The Netherlands since 2006? How will Bits of Freedom defend these rights? - englisch - en - 20090814T160000 - 20090814T170000 - 01H00M00S - Relaunch Bits of Freedom- How have digital rights been affected in The Netherlands since 2006? How will Bits of Freedom defend these rights? - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/161.en.html - The Two Envelopes Tent - Ot van Daalen - - - PUBLISH - 207@HAR2009@pentabarf.org - 207 - - Remote Barcode Injection - - - - 20090814T120000 - 20090814T130000 - 01H00M00S - Remote Barcode Injection - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/207.en.html - The Birthday Tent - jbe - - - PUBLISH - 207@HAR2009@pentabarf.org - 207 - - Remote Barcode Injection - - - - 20090814T120000 - 20090814T130000 - 01H00M00S - Remote Barcode Injection - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/207.en.html - The Birthday Tent - jbe - - - PUBLISH - 35@HAR2009@pentabarf.org - 35 - - Results of a Security Assessment of Common Implementation Strategies of the TCP and IP Protocols - - englisch - en - 20090815T210000 - 20090815T220000 - 01H00M00S - Results of a Security Assessment of Common Implementation Strategies of the TCP and IP Protocols - Fernando Gont will present the results of a security assessment of the TCP and IP protocols carried out on behalf of the UK CPNI (United Kingdom's Centre for the Protection of National Infrastructure). He will explain the security implications arising from the protocol specifications themselves, and from a number of implementation strategies followed by most of the popular TCP/IP stacks, and will also discuss the new insights that were gained as a result of this project that can help to mitigate the aforementioned issues. Finally, Fernando will provide an overview of the ongoing efforts at the IETF community to incorporate these insights into the corresponding protocol specifications and the ongoing efforts in the vendor community to incorporate these recommendations into popular implementations of the protocols. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/35.en.html - Monty Hall - - - PUBLISH - 35@HAR2009@pentabarf.org - 35 - - Results of a Security Assessment of Common Implementation Strategies of the TCP and IP Protocols - - English - en - 20090815T210000 - 20090815T220000 - 01H00M00S - Results of a Security Assessment of Common Implementation Strategies of the TCP and IP Protocols - Fernando Gont will present the results of a security assessment of the TCP and IP protocols carried out on behalf of the UK CPNI (United Kingdom's Centre for the Protection of National Infrastructure). He will explain the security implications arising from the protocol specifications themselves, and from a number of implementation strategies followed by most of the popular TCP/IP stacks, and will also discuss the new insights that were gained as a result of this project that can help to mitigate the aforementioned issues. Finally, Fernando will provide an overview of the ongoing efforts at the IETF community to incorporate these insights into the corresponding protocol specifications and the ongoing efforts in the vendor community to incorporate these recommendations into popular implementations of the protocols. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/35.en.html - Monty Hall - - - PUBLISH - 46@HAR2009@pentabarf.org - 46 - rfid_sniffer_workshop - RFID sniffer workshop - Assemble your own RFID sniffer and find RFID tags in your wallet - English - en - 20090815T130000 - 20090815T170000 - 04H00M00S - RFID sniffer workshop- Assemble your own RFID sniffer and find RFID tags in your wallet - Assemble your own RFID sniffer and find RFID tags in your wallet - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/46.en.html - Bike-shed Red - Marc Boon - - - PUBLISH - 46@HAR2009@pentabarf.org - 46 - rfid_sniffer_workshop - RFID sniffer workshop - Assemble your own RFID sniffer and find RFID tags in your wallet - englisch - en - 20090815T130000 - 20090815T170000 - 04H00M00S - RFID sniffer workshop- Assemble your own RFID sniffer and find RFID tags in your wallet - Assemble your own RFID sniffer and find RFID tags in your wallet - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/46.en.html - Bike-shed Red - Marc Boon - - - PUBLISH - 163@HAR2009@pentabarf.org - 163 - rootkits - Rootkits are awesome - Insider Threat for Fun and Profit - englisch - en - 20090813T170000 - 20090813T180000 - 01H00M00S - Rootkits are awesome- Insider Threat for Fun and Profit - Rootkits are awesome: Insider Threat for Fun and Profit -Addressing the insider threat is now rightly recognised as playing a crucial element in improving the security posture of organisations and preventing all kinds of embarrassment. Recent years have seen a growth in all manner of vendors promising panaceas to address ordinary user activities, but what exactly are the solutions offered? In a lot of instances, legitimate rootkits. This talk examines the current state of the insider threat marketplace, the technical solutions to the issues presented, and an actual analysis of user activities in RL and how they may well negate the the promises of vendors and the expectations of security minded organisations. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/163.en.html - Monty Hall - Mike Kemp - - - PUBLISH - 163@HAR2009@pentabarf.org - 163 - rootkits - Rootkits are awesome - Insider Threat for Fun and Profit - English - en - 20090813T170000 - 20090813T180000 - 01H00M00S - Rootkits are awesome- Insider Threat for Fun and Profit - Rootkits are awesome: Insider Threat for Fun and Profit -Addressing the insider threat is now rightly recognised as playing a crucial element in improving the security posture of organisations and preventing all kinds of embarrassment. Recent years have seen a growth in all manner of vendors promising panaceas to address ordinary user activities, but what exactly are the solutions offered? In a lot of instances, legitimate rootkits. This talk examines the current state of the insider threat marketplace, the technical solutions to the issues presented, and an actual analysis of user activities in RL and how they may well negate the the promises of vendors and the expectations of security minded organisations. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/163.en.html - Monty Hall - Mike Kemp - - - PUBLISH - 169@HAR2009@pentabarf.org - 169 - runtime_osx_kernel_patching - Runtime Kernel Patching on Mac OS X - - englisch - en - 20090813T220000 - 20090813T230000 - 01H00M00S - Runtime Kernel Patching on Mac OS X - This talk will focus on rootkit development on Mac OS X. It will cover the basics as well as a couple of (somewhat) new tricks. -We will also talk about rootkit detection on Mac OS X. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/169.en.html - The Two Envelopes Tent - Bosse Eriksson - - - PUBLISH - 169@HAR2009@pentabarf.org - 169 - runtime_osx_kernel_patching - Runtime Kernel Patching on Mac OS X - - English - en - 20090813T220000 - 20090813T230000 - 01H00M00S - Runtime Kernel Patching on Mac OS X - This talk will focus on rootkit development on Mac OS X. It will cover the basics as well as a couple of (somewhat) new tricks. -We will also talk about rootkit detection on Mac OS X. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/169.en.html - The Two Envelopes Tent - Bosse Eriksson - - - PUBLISH - 91@HAR2009@pentabarf.org - 91 - searchengine_censorship - Search engines and censorship - The law and politics of the digital horizon - English - en - 20090813T200000 - 20090813T210000 - 01H00M00S - Search engines and censorship- The law and politics of the digital horizon - Search engines and censorship: the law and politics of the digital horizon - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/91.en.html - Monty Hall - Joris van Hoboken - - - PUBLISH - 91@HAR2009@pentabarf.org - 91 - searchengine_censorship - Search engines and censorship - The law and politics of the digital horizon - englisch - en - 20090813T200000 - 20090813T210000 - 01H00M00S - Search engines and censorship- The law and politics of the digital horizon - Search engines and censorship: the law and politics of the digital horizon - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/91.en.html - Monty Hall - Joris van Hoboken - - - PUBLISH - 173@HAR2009@pentabarf.org - 173 - securing_networks - Securing networks from an ISP perspective - The role of the JANET CSIRT - English - en - 20090813T220000 - 20090813T230000 - 01H00M00S - Securing networks from an ISP perspective- The role of the JANET CSIRT - As an ISP attempting to secure a large network with 18 million users and 40Gbs link speeds is a challenging task, this talk will discuss how we attempt to make the JANET network a safer place for its users and the Internet. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/173.en.html - The Birthday Tent - Bradley Freeman - - - PUBLISH - 173@HAR2009@pentabarf.org - 173 - securing_networks - Securing networks from an ISP perspective - The role of the JANET CSIRT - englisch - en - 20090813T220000 - 20090813T230000 - 01H00M00S - Securing networks from an ISP perspective- The role of the JANET CSIRT - As an ISP attempting to secure a large network with 18 million users and 40Gbs link speeds is a challenging task, this talk will discuss how we attempt to make the JANET network a safer place for its users and the Internet. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/173.en.html - The Birthday Tent - Bradley Freeman - - - PUBLISH - 167@HAR2009@pentabarf.org - 167 - - Side channel analysis and fault injection - Is that a smart card in your pocket? - English - en - 20090814T150000 - 20090814T160000 - 01H00M00S - Side channel analysis and fault injection- Is that a smart card in your pocket? - This talk explores the world of side channel analysis and fault injection on smart cards. The basics of side channel analysis are explained and it is demonstrated how a differential power attack works on a (not state of the art) smartcard. Furthermore, I will explain how fault injection is performed using a simple flashlight (and an advanced laser setup). - -This is a Side channel '101' lecture and should be interesting for anyone with an interest in hardware hacking, crypto and security. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/167.en.html - Monty Hall - Jasper van Woudenberg - - - PUBLISH - 167@HAR2009@pentabarf.org - 167 - - Side channel analysis and fault injection - Is that a smart card in your pocket? - englisch - en - 20090814T150000 - 20090814T160000 - 01H00M00S - Side channel analysis and fault injection- Is that a smart card in your pocket? - This talk explores the world of side channel analysis and fault injection on smart cards. The basics of side channel analysis are explained and it is demonstrated how a differential power attack works on a (not state of the art) smartcard. Furthermore, I will explain how fault injection is performed using a simple flashlight (and an advanced laser setup). - -This is a Side channel '101' lecture and should be interesting for anyone with an interest in hardware hacking, crypto and security. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/167.en.html - Monty Hall - Jasper van Woudenberg - - - PUBLISH - 132@HAR2009@pentabarf.org - 132 - - Side channel analysis on embedded systems - - englisch - en - 20090815T130000 - 20090815T140000 - 01H00M00S - Side channel analysis on embedded systems - The presentation briefly introduces the state of the art analysis techniques used on smart cards today. Further, we define the types of embedded systems that these attacks may apply to. Then we illustrate the differences and commonalities of side channel analysis on smart cards and embedded systems. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/132.en.html - The Two Envelopes Tent - Job de Haas - - - PUBLISH - 132@HAR2009@pentabarf.org - 132 - - Side channel analysis on embedded systems - - English - en - 20090815T130000 - 20090815T140000 - 01H00M00S - Side channel analysis on embedded systems - The presentation briefly introduces the state of the art analysis techniques used on smart cards today. Further, we define the types of embedded systems that these attacks may apply to. Then we illustrate the differences and commonalities of side channel analysis on smart cards and embedded systems. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/132.en.html - The Two Envelopes Tent - Job de Haas - - - PUBLISH - 139@HAR2009@pentabarf.org - 139 - smallsister_workshop - SmallSister or how to defeat data retention - Circumventing bureaucrats - English - en - 20090814T130000 - 20090814T140000 - 01H00M00S - SmallSister or how to defeat data retention- Circumventing bureaucrats - Data retention is one of the biggest dangers of free speech and a free society. Now there is software that at least secures e-mail. The best of all: it's easy to use and fully functional. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/139.en.html - Bike-shed Green - Brenno de Winter - - - PUBLISH - 139@HAR2009@pentabarf.org - 139 - smallsister_workshop - SmallSister or how to defeat data retention - Circumventing bureaucrats - englisch - en - 20090814T130000 - 20090814T140000 - 01H00M00S - SmallSister or how to defeat data retention- Circumventing bureaucrats - Data retention is one of the biggest dangers of free speech and a free society. Now there is software that at least secures e-mail. The best of all: it's easy to use and fully functional. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/139.en.html - Bike-shed Green - Brenno de Winter - - - PUBLISH - 128@HAR2009@pentabarf.org - 128 - - Sniffing cable modems - - English - en - 20090816T140000 - 20090816T150000 - 01H00M00S - Sniffing cable modems - Cable modems are widely used these days for internet connections or other applications. This talk gives a detailed overview of this mean of communication with a focus on its security. Additionally, I'll show how network forensics can easily be used with this media along with a few new attacks which can now be implemented thanks to the information being gathered. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/128.en.html - The Birthday Tent - Guy Martin - - - PUBLISH - 128@HAR2009@pentabarf.org - 128 - - Sniffing cable modems - - englisch - en - 20090816T140000 - 20090816T150000 - 01H00M00S - Sniffing cable modems - Cable modems are widely used these days for internet connections or other applications. This talk gives a detailed overview of this mean of communication with a focus on its security. Additionally, I'll show how network forensics can easily be used with this media along with a few new attacks which can now be implemented thanks to the information being gathered. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/128.en.html - The Birthday Tent - Guy Martin - - - PUBLISH - 51@HAR2009@pentabarf.org - 51 - statistics_and_law - Statistics and the Law - The case of Lucia de B., alleged serial killer, and others. - englisch - en - 20090815T160000 - 20090815T170000 - 01H00M00S - Statistics and the Law- The case of Lucia de B., alleged serial killer, and others. - The case of Lucia de B. is a highly controversial legal case in the -Netherlands, in which a statistically significant correlation between the -presence of a particular nurse and the occurrence of suspicious medical -incidents on her ward played a central role in getting her a life -conviction for serial murder. However, recent re-investigation of the -meagre medical evidence for wrong-doing, and re-investigation of the -statistics, makes it very plausible that no murders were committed at all, -by anybody. The Dutch supreme court has recently overturned the conviction -and a re-trial has started start. - -However a motto of the Dutch legal system could be "learning represents the possibility of failure and must thus be avoided if possible". Though innocence was obvious (to the well informed), the conviction was legally speaking watertight and irreversible. Yet a small band of "terrorists" (as they were characterized in legal magazines) managed to convince the legal system that this had to change, and change it did. How did they do it? Hacking into a complex human system... use it to make it do the work for you. - -Slides of the talk: http://www.math.leidenuniv.nl/~gill/Lucia.pdf - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/51.en.html - The Two Envelopes Tent - Richard Gill - - - PUBLISH - 51@HAR2009@pentabarf.org - 51 - statistics_and_law - Statistics and the Law - The case of Lucia de B., alleged serial killer, and others. - English - en - 20090815T160000 - 20090815T170000 - 01H00M00S - Statistics and the Law- The case of Lucia de B., alleged serial killer, and others. - The case of Lucia de B. is a highly controversial legal case in the -Netherlands, in which a statistically significant correlation between the -presence of a particular nurse and the occurrence of suspicious medical -incidents on her ward played a central role in getting her a life -conviction for serial murder. However, recent re-investigation of the -meagre medical evidence for wrong-doing, and re-investigation of the -statistics, makes it very plausible that no murders were committed at all, -by anybody. The Dutch supreme court has recently overturned the conviction -and a re-trial has started start. - -However a motto of the Dutch legal system could be "learning represents the possibility of failure and must thus be avoided if possible". Though innocence was obvious (to the well informed), the conviction was legally speaking watertight and irreversible. Yet a small band of "terrorists" (as they were characterized in legal magazines) managed to convince the legal system that this had to change, and change it did. How did they do it? Hacking into a complex human system... use it to make it do the work for you. - -Slides of the talk: http://www.math.leidenuniv.nl/~gill/Lucia.pdf - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/51.en.html - The Two Envelopes Tent - Richard Gill - - - PUBLISH - 86@HAR2009@pentabarf.org - 86 - stoned_bootkit - Stoned Bootkit - The Rise of MBR Rootkits & Bootkits in the Wild - English - en - 20090814T220000 - 20090814T230000 - 01H00M00S - Stoned Bootkit- The Rise of MBR Rootkits & Bootkits in the Wild - Stoned Bootkit is a new Windows bootkit. It is loaded before Windows starts and is memory resident up to the Windows kernel. Thus Stoned is executed beside the Windows kernel and has full access to the entire system. It attacks all Windows versions including XP, Vista and 7. It has exciting features like integrated file system drivers, automatic Windows pwning, plugins, boot applications, and much much more. Inside it is a small operating system! It finally goes back to the roots. So in this way, - -Your PC is now Stoned! ..again - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/86.en.html - The Two Envelopes Tent - Peter Kleissner - - - PUBLISH - 86@HAR2009@pentabarf.org - 86 - stoned_bootkit - Stoned Bootkit - The Rise of MBR Rootkits & Bootkits in the Wild - englisch - en - 20090814T220000 - 20090814T230000 - 01H00M00S - Stoned Bootkit- The Rise of MBR Rootkits & Bootkits in the Wild - Stoned Bootkit is a new Windows bootkit. It is loaded before Windows starts and is memory resident up to the Windows kernel. Thus Stoned is executed beside the Windows kernel and has full access to the entire system. It attacks all Windows versions including XP, Vista and 7. It has exciting features like integrated file system drivers, automatic Windows pwning, plugins, boot applications, and much much more. Inside it is a small operating system! It finally goes back to the roots. So in this way, - -Your PC is now Stoned! ..again - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/86.en.html - The Two Envelopes Tent - Peter Kleissner - - - PUBLISH - 174@HAR2009@pentabarf.org - 174 - - Surveillance Self-Defense - Teaching the community to defend itself against surveillance - englisch - en - 20090815T200000 - 20090815T210000 - 01H00M00S - Surveillance Self-Defense- Teaching the community to defend itself against surveillance - EFF created the Surveillance Self-Defense project (https://ssd.eff.org) to teach individuals and organisations within the U.S. about legal and technological strategies which can be used to minimise surveillance threats from US government actors. In this talk, we will discuss the lessons from this project and how to adapt or extend them to the European context. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/174.en.html - Monty Hall - Peter Eckersley - - - PUBLISH - 174@HAR2009@pentabarf.org - 174 - - Surveillance Self-Defense - Teaching the community to defend itself against surveillance - English - en - 20090815T200000 - 20090815T210000 - 01H00M00S - Surveillance Self-Defense- Teaching the community to defend itself against surveillance - EFF created the Surveillance Self-Defense project (https://ssd.eff.org) to teach individuals and organisations within the U.S. about legal and technological strategies which can be used to minimise surveillance threats from US government actors. In this talk, we will discuss the lessons from this project and how to adapt or extend them to the European context. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/174.en.html - Monty Hall - Peter Eckersley - - - PUBLISH - 171@HAR2009@pentabarf.org - 171 - internetz_are_pwned - Teh Internetz are pwned - How I learned to stop worrying and love teh Internetz - englisch - en - 20090813T160000 - 20090813T170000 - 01H00M00S - Teh Internetz are pwned- How I learned to stop worrying and love teh Internetz - Working as an operational Security Officer at an ISP for the better part of a decade brings with it many adventures, challenges, laughs and tears. This talk will cover some of the most recent issues to be causing hair loss to someone who can't afford it. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/171.en.html - Monty Hall - Scott McIntyre - - - PUBLISH - 171@HAR2009@pentabarf.org - 171 - internetz_are_pwned - Teh Internetz are pwned - How I learned to stop worrying and love teh Internetz - English - en - 20090813T160000 - 20090813T170000 - 01H00M00S - Teh Internetz are pwned- How I learned to stop worrying and love teh Internetz - Working as an operational Security Officer at an ISP for the better part of a decade brings with it many adventures, challenges, laughs and tears. This talk will cover some of the most recent issues to be causing hair loss to someone who can't afford it. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/171.en.html - Monty Hall - Scott McIntyre - - - PUBLISH - 114@HAR2009@pentabarf.org - 114 - tempest - TEMPEST for the casual election hacker - The 80s are calling and want their sploits back - English - en - 20090814T160000 - 20090814T170000 - 01H00M00S - TEMPEST for the casual election hacker- The 80s are calling and want their sploits back - Yes, German NEDAPs have TEMPEST issues too, and we have proof. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/114.en.html - Monty Hall - Andreas Bogk - - - PUBLISH - 114@HAR2009@pentabarf.org - 114 - tempest - TEMPEST for the casual election hacker - The 80s are calling and want their sploits back - englisch - en - 20090814T160000 - 20090814T170000 - 01H00M00S - TEMPEST for the casual election hacker- The 80s are calling and want their sploits back - Yes, German NEDAPs have TEMPEST issues too, and we have proof. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/114.en.html - Monty Hall - Andreas Bogk - - - PUBLISH - 156@HAR2009@pentabarf.org - 156 - censoring_mob - The Censoring Mob - How Social Media Destroy Freedom of Expression - And Why That Might Be a Good Thing - englisch - en - 20090813T220000 - 20090813T230000 - 01H00M00S - The Censoring Mob- How Social Media Destroy Freedom of Expression - And Why That Might Be a Good Thing - Social media is supposed to foster free speech by creating user-friendly web applications that let people talk, share ideas, and organize online. Instead it has created a new form of censorship, led by mobs who flag content as "inappropriate" to remove it, or who troll their victims out of existence. This talk will explore how these mobs work, what their politics are, and whether we should organize to stop them - or join them. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/156.en.html - Monty Hall - Annalee Newitz - - - PUBLISH - 156@HAR2009@pentabarf.org - 156 - censoring_mob - The Censoring Mob - How Social Media Destroy Freedom of Expression - And Why That Might Be a Good Thing - English - en - 20090813T220000 - 20090813T230000 - 01H00M00S - The Censoring Mob- How Social Media Destroy Freedom of Expression - And Why That Might Be a Good Thing - Social media is supposed to foster free speech by creating user-friendly web applications that let people talk, share ideas, and organize online. Instead it has created a new form of censorship, led by mobs who flag content as "inappropriate" to remove it, or who troll their victims out of existence. This talk will explore how these mobs work, what their politics are, and whether we should organize to stop them - or join them. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/156.en.html - Monty Hall - Annalee Newitz - - - PUBLISH - 62@HAR2009@pentabarf.org - 62 - ethics_of_piracy - The Complex Ethics of Piracy - Theft, civil disobedience, or something else? - englisch - en - 20090813T210000 - 20090813T220000 - 01H00M00S - The Complex Ethics of Piracy- Theft, civil disobedience, or something else? - The Complex Ethics of Piracy - -This talk aims to replace the "piracy is good" vs "piracy is theft" debate with a more nuanced understanding. It will investigate when piracy is selfish; when it is civil disobedience; whether it is ever constructive for cultural industries, or whether it is ever, as copyright holders argue, "theft". - -I will conclude that each of these things is *sometimes* true about piracy, and that simple views are inadequate for understanding the ethical dimension of copyright infringement. Both pirates and copyright industries need to develop more subtle understandings of the morality of file sharing. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/62.en.html - Monty Hall - Peter Eckersley - - - PUBLISH - 62@HAR2009@pentabarf.org - 62 - ethics_of_piracy - The Complex Ethics of Piracy - Theft, civil disobedience, or something else? - English - en - 20090813T210000 - 20090813T220000 - 01H00M00S - The Complex Ethics of Piracy- Theft, civil disobedience, or something else? - The Complex Ethics of Piracy - -This talk aims to replace the "piracy is good" vs "piracy is theft" debate with a more nuanced understanding. It will investigate when piracy is selfish; when it is civil disobedience; whether it is ever constructive for cultural industries, or whether it is ever, as copyright holders argue, "theft". - -I will conclude that each of these things is *sometimes* true about piracy, and that simple views are inadequate for understanding the ethical dimension of copyright infringement. Both pirates and copyright industries need to develop more subtle understandings of the morality of file sharing. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/62.en.html - Monty Hall - Peter Eckersley - - - PUBLISH - 95@HAR2009@pentabarf.org - 95 - carrier_grade_nat - The dangers (and merits) of carrier grade nat - Living in the twilight zone - English - en - 20090814T170000 - 20090814T180000 - 01H00M00S - The dangers (and merits) of carrier grade nat- Living in the twilight zone - As the point of IPv4 address depletion comes nearer it's getting clear the world won't be ready for large scale IPv6 deployment, at the same time expectations are IPv4 will be around for the next 40 years. To circumvent the problems this introduces large scale translation needs to take place to have the old world connect to the new world and make sure enough addresses are available. All these solutions introduce large scale NAT deployments or carrier grade nats. This will introduce the basic mechanisms used, after which you as the audience is inivted to comment on it. Hopefully sparking a discussion about the good anf bad things of these concepts and things people should become aware of. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/95.en.html - The Birthday Tent - Marco Hogewoning - - - PUBLISH - 95@HAR2009@pentabarf.org - 95 - carrier_grade_nat - The dangers (and merits) of carrier grade nat - Living in the twilight zone - englisch - en - 20090814T170000 - 20090814T180000 - 01H00M00S - The dangers (and merits) of carrier grade nat- Living in the twilight zone - As the point of IPv4 address depletion comes nearer it's getting clear the world won't be ready for large scale IPv6 deployment, at the same time expectations are IPv4 will be around for the next 40 years. To circumvent the problems this introduces large scale translation needs to take place to have the old world connect to the new world and make sure enough addresses are available. All these solutions introduce large scale NAT deployments or carrier grade nats. This will introduce the basic mechanisms used, after which you as the audience is inivted to comment on it. Hopefully sparking a discussion about the good anf bad things of these concepts and things people should become aware of. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/95.en.html - The Birthday Tent - Marco Hogewoning - - - PUBLISH - 120@HAR2009@pentabarf.org - 120 - jtag_howto - The Embedded JTAG interface HOWTO - What's a JTAG interface and how to find it? - English - en - 20090813T160000 - 20090813T170000 - 01H00M00S - The Embedded JTAG interface HOWTO- What's a JTAG interface and how to find it? - This presentation is all about the JTAG interface, commonly found in embedded devices such as (wireless) routers, satellite receivers and coffee machines. It will start with a trip down memory lane: the intended use of the JTAG interface, and why you would like to have access to it. The story continues with a guide on how to find it - visually and electronically. the round-up is how chip manufacturers like to prevent us from getting access. - - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/120.en.html - The Two Envelopes Tent - Gerrit van der Bij - - - PUBLISH - 120@HAR2009@pentabarf.org - 120 - jtag_howto - The Embedded JTAG interface HOWTO - What's a JTAG interface and how to find it? - englisch - en - 20090813T160000 - 20090813T170000 - 01H00M00S - The Embedded JTAG interface HOWTO- What's a JTAG interface and how to find it? - This presentation is all about the JTAG interface, commonly found in embedded devices such as (wireless) routers, satellite receivers and coffee machines. It will start with a trip down memory lane: the intended use of the JTAG interface, and why you would like to have access to it. The story continues with a guide on how to find it - visually and electronically. the round-up is how chip manufacturers like to prevent us from getting access. - - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/120.en.html - The Two Envelopes Tent - Gerrit van der Bij - - - PUBLISH - 7@HAR2009@pentabarf.org - 7 - as400_introduction - The IBM AS/400 - A technical introduction - English - en - 20090814T110000 - 20090814T120000 - 01H00M00S - The IBM AS/400- A technical introduction - This talk is intended for people who say "what the hell is an AS/400, what's so special about it / how does it work?". - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/7.en.html - The Two Envelopes Tent - Tom van Looy - - - PUBLISH - 7@HAR2009@pentabarf.org - 7 - as400_introduction - The IBM AS/400 - A technical introduction - englisch - en - 20090814T110000 - 20090814T120000 - 01H00M00S - The IBM AS/400- A technical introduction - This talk is intended for people who say "what the hell is an AS/400, what's so special about it / how does it work?". - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/7.en.html - The Two Envelopes Tent - Tom van Looy - - - PUBLISH - 134@HAR2009@pentabarf.org - 134 - power_of_decentralization - The power of decentralization - Agent-based simulation of a decentralized power network - englisch - en - 20090815T160000 - 20090815T170000 - 01H00M00S - The power of decentralization- Agent-based simulation of a decentralized power network - MADMAX AGAINST THE POWER OF DECENTRALIZATION -============================================ - -In a world where oil is scarce, violence, chaos and desperation rein. -But what about our world without power? Electricity has become vital -for all these appliances that make our daily life so enjoyable. Our -network, our tellies our fridges and freezers are as dependent on -their power supply that we are on them. In this paper, or should we -say in this fiction note, we investigate how a citizen based -decentralized power system could work and how an auction based bidding -system could insentivize people to switch off their devices so that -others, more eager to consume, could benefit from their spare capacity. -Would the theory of auction, combined with the next generation of micro -power sources, restore order in a place where scarcity would otherwise -prevail? - -On a more serious tone, we propose to first summarize what decentralized -power means today. We them bring the existing technology to a next hypothetical step -where sophisticated appliances are able to communicate with an electronic exchange -to make deals, confronting demand with offer. - -In order to study such a system, we collect realistic data and build a -simulator where households are equiped with solar panels, micro-turbines and -consumption devices that can potentially postpone or cancel their activity -on the basis of a utility function that is tuned by household members to suit -their need. The added flexibility is twofold. First, an added power capacity -is available due to the endogenous power supply available to the next generation -houses. Secondly, as users can tailor their activities, the aggregated -consumption pattern is smoothed out potentially leaving room for added efficiency. - -The contribution of this research is to shed the light on the quantitative figures -that make up such a network. What amount of flexibility and more crucially how -different should the utility functions be to flatten out the consumption -pattern so typical of our current system? - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/134.en.html - The Birthday Tent - Laurent de Wolf - Vincent Guffens - - - PUBLISH - 134@HAR2009@pentabarf.org - 134 - power_of_decentralization - The power of decentralization - Agent-based simulation of a decentralized power network - English - en - 20090815T160000 - 20090815T170000 - 01H00M00S - The power of decentralization- Agent-based simulation of a decentralized power network - MADMAX AGAINST THE POWER OF DECENTRALIZATION -============================================ - -In a world where oil is scarce, violence, chaos and desperation rein. -But what about our world without power? Electricity has become vital -for all these appliances that make our daily life so enjoyable. Our -network, our tellies our fridges and freezers are as dependent on -their power supply that we are on them. In this paper, or should we -say in this fiction note, we investigate how a citizen based -decentralized power system could work and how an auction based bidding -system could insentivize people to switch off their devices so that -others, more eager to consume, could benefit from their spare capacity. -Would the theory of auction, combined with the next generation of micro -power sources, restore order in a place where scarcity would otherwise -prevail? - -On a more serious tone, we propose to first summarize what decentralized -power means today. We them bring the existing technology to a next hypothetical step -where sophisticated appliances are able to communicate with an electronic exchange -to make deals, confronting demand with offer. - -In order to study such a system, we collect realistic data and build a -simulator where households are equiped with solar panels, micro-turbines and -consumption devices that can potentially postpone or cancel their activity -on the basis of a utility function that is tuned by household members to suit -their need. The added flexibility is twofold. First, an added power capacity -is available due to the endogenous power supply available to the next generation -houses. Secondly, as users can tailor their activities, the aggregated -consumption pattern is smoothed out potentially leaving room for added efficiency. - -The contribution of this research is to shed the light on the quantitative figures -that make up such a network. What amount of flexibility and more crucially how -different should the utility functions be to flatten out the consumption -pattern so typical of our current system? - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/134.en.html - The Birthday Tent - Laurent de Wolf - Vincent Guffens - - - PUBLISH - 56@HAR2009@pentabarf.org - 56 - cartoon_quizz - The Super Awesome Cartoon Quizz 2009 - Test your knowledge on cartoons from past and present - English - en - 20090814T220000 - 20090814T230000 - 01H00M00S - The Super Awesome Cartoon Quizz 2009- Test your knowledge on cartoons from past and present - Quiz with a lot of questions about all sorts of cartoons. Both old and new cartoons will be tested. There are modest prizes to win. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/56.en.html - Monty Hall - Elger 'Stitch' Jonker - - - PUBLISH - 56@HAR2009@pentabarf.org - 56 - cartoon_quizz - The Super Awesome Cartoon Quizz 2009 - Test your knowledge on cartoons from past and present - englisch - en - 20090814T220000 - 20090814T230000 - 01H00M00S - The Super Awesome Cartoon Quizz 2009- Test your knowledge on cartoons from past and present - Quiz with a lot of questions about all sorts of cartoons. Both old and new cartoons will be tested. There are modest prizes to win. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/56.en.html - Monty Hall - Elger 'Stitch' Jonker - - - PUBLISH - 40@HAR2009@pentabarf.org - 40 - zeus_evolution - The ZeuS evolution - A malware case study.. - englisch - en - 20090813T210000 - 20090813T220000 - 01H00M00S - The ZeuS evolution- A malware case study.. - The talk is intended to give an insight view of todays malware - major players, behavior and institutions involved. The focus will be on one of the main malware family we face today: Zeus / Zbot / Wsnpoem. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/40.en.html - The Two Envelopes Tent - Clemens Kurtenbach - - - PUBLISH - 40@HAR2009@pentabarf.org - 40 - zeus_evolution - The ZeuS evolution - A malware case study.. - English - en - 20090813T210000 - 20090813T220000 - 01H00M00S - The ZeuS evolution- A malware case study.. - The talk is intended to give an insight view of todays malware - major players, behavior and institutions involved. The focus will be on one of the main malware family we face today: Zeus / Zbot / Wsnpoem. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/40.en.html - The Two Envelopes Tent - Clemens Kurtenbach - - - PUBLISH - 178@HAR2009@pentabarf.org - 178 - designcontest - (Un)limited design - Open Design - englisch - en - 20090813T130000 - 20090813T140000 - 01H00M00S - (Un)limited design- Open Design - (un)limited Design Contest invites anybody -- designers, makers, amateurs -- to submit their own designs in the area of form, fashion and food. Unique about the (un)limited Design Contest is that all designs are open for anybody to be used, re-interpreted and redesigned. These derivative designs are also entitled to take part in the contest -- even more: copying and improving designs is strongly encouraged. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/178.en.html - The Two Envelopes Tent - Adrian Bowyer - Neil Gershenfeld - Ronen Kadushin - - - PUBLISH - 178@HAR2009@pentabarf.org - 178 - designcontest - (Un)limited design - Open Design - English - en - 20090813T130000 - 20090813T140000 - 01H00M00S - (Un)limited design- Open Design - (un)limited Design Contest invites anybody -- designers, makers, amateurs -- to submit their own designs in the area of form, fashion and food. Unique about the (un)limited Design Contest is that all designs are open for anybody to be used, re-interpreted and redesigned. These derivative designs are also entitled to take part in the contest -- even more: copying and improving designs is strongly encouraged. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/178.en.html - The Two Envelopes Tent - Adrian Bowyer - Neil Gershenfeld - Ronen Kadushin - - - PUBLISH - 190@HAR2009@pentabarf.org - 190 - - (Un)limited design contest - Friday Session - Open Design - englisch - en - 20090814T110000 - 20090814T180000 - 07H00M00S - (Un)limited design contest - Friday Session- Open Design - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/190.en.html - Bike-shed Yellow - Ronen Kadushin - - - PUBLISH - 190@HAR2009@pentabarf.org - 190 - - (Un)limited design contest - Friday Session - Open Design - English - en - 20090814T110000 - 20090814T180000 - 07H00M00S - (Un)limited design contest - Friday Session- Open Design - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/190.en.html - Bike-shed Yellow - Ronen Kadushin - - - PUBLISH - 191@HAR2009@pentabarf.org - 191 - - (Un)limited design contest - Saturday Session - Open Design - englisch - en - 20090815T110000 - 20090815T150000 - 04H00M00S - (Un)limited design contest - Saturday Session- Open Design - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/191.en.html - Bike-shed Yellow - Ronen Kadushin - - - PUBLISH - 191@HAR2009@pentabarf.org - 191 - - (Un)limited design contest - Saturday Session - Open Design - English - en - 20090815T110000 - 20090815T150000 - 04H00M00S - (Un)limited design contest - Saturday Session- Open Design - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/191.en.html - Bike-shed Yellow - Ronen Kadushin - - - PUBLISH - 192@HAR2009@pentabarf.org - 192 - - (Un)limited design contest- Sunday Session - Open Design - englisch - en - 20090816T110000 - 20090816T150000 - 04H00M00S - (Un)limited design contest- Sunday Session- Open Design - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/192.en.html - Bike-shed Yellow - Ronen Kadushin - - - PUBLISH - 192@HAR2009@pentabarf.org - 192 - - (Un)limited design contest- Sunday Session - Open Design - English - en - 20090816T110000 - 20090816T150000 - 04H00M00S - (Un)limited design contest- Sunday Session- Open Design - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/192.en.html - Bike-shed Yellow - Ronen Kadushin - - - PUBLISH - 189@HAR2009@pentabarf.org - 189 - - (Un)limited design contest - Thursday Session - Open Design - englisch - en - 20090813T150000 - 20090813T180000 - 03H00M00S - (Un)limited design contest - Thursday Session- Open Design - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/189.en.html - Bike-shed Yellow - Ronen Kadushin - - - PUBLISH - 189@HAR2009@pentabarf.org - 189 - - (Un)limited design contest - Thursday Session - Open Design - English - en - 20090813T150000 - 20090813T180000 - 03H00M00S - (Un)limited design contest - Thursday Session- Open Design - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/189.en.html - Bike-shed Yellow - Ronen Kadushin - - - PUBLISH - 138@HAR2009@pentabarf.org - 138 - unusual_lockpicking - Unusual lock picking - There's more than five pin tumblers - englisch - en - 20090815T200000 - 20090815T210000 - 01H00M00S - Unusual lock picking- There's more than five pin tumblers - A talk about some not so common, newly developed or unpublished attacks on some special (including maximum security) locks. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/138.en.html - The Birthday Tent - iggy - mh - Ray - - - PUBLISH - 138@HAR2009@pentabarf.org - 138 - unusual_lockpicking - Unusual lock picking - There's more than five pin tumblers - English - en - 20090815T200000 - 20090815T210000 - 01H00M00S - Unusual lock picking- There's more than five pin tumblers - A talk about some not so common, newly developed or unpublished attacks on some special (including maximum security) locks. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/138.en.html - The Birthday Tent - iggy - mh - Ray - - - PUBLISH - 80@HAR2009@pentabarf.org - 80 - sputnik_data - View from the orbit - Sputnik data description and analysis - English - en - 20090814T110000 - 20090814T120000 - 01H00M00S - View from the orbit- Sputnik data description and analysis - This presentation describes analysis of Sputnik data gathered during -24C3 and 25C3. It shows how simple techniques can be used to gather -knowledge about previous Congress participants. - -24C3 was the second Congress during which Sputnik tracking system was -used. Sputnik tags were given new firmware and more stations were -deployed this time. Less participants took part in Sputnik experiment -than during previous congress, but more data was acquired. -During 25C3 tags were equipped with firmware able to detect social -interactions, and tags were able to communicate with each other, -not only with the system. - -Techniques described in this talk can also be used in analysing data gathered from other sources, like cellular phones or bluetooth devices. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/80.en.html - Monty Hall - Tomasz Rybak - - - PUBLISH - 80@HAR2009@pentabarf.org - 80 - sputnik_data - View from the orbit - Sputnik data description and analysis - englisch - en - 20090814T110000 - 20090814T120000 - 01H00M00S - View from the orbit- Sputnik data description and analysis - This presentation describes analysis of Sputnik data gathered during -24C3 and 25C3. It shows how simple techniques can be used to gather -knowledge about previous Congress participants. - -24C3 was the second Congress during which Sputnik tracking system was -used. Sputnik tags were given new firmware and more stations were -deployed this time. Less participants took part in Sputnik experiment -than during previous congress, but more data was acquired. -During 25C3 tags were equipped with firmware able to detect social -interactions, and tags were able to communicate with each other, -not only with the system. - -Techniques described in this talk can also be used in analysing data gathered from other sources, like cellular phones or bluetooth devices. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/80.en.html - Monty Hall - Tomasz Rybak - - - PUBLISH - 126@HAR2009@pentabarf.org - 126 - webappinsec - WebAppInSec : 101 threats - The dirty tricks of the black art of WebAppInSec - englisch - en - 20090814T170000 - 20090814T180000 - 01H00M00S - WebAppInSec : 101 threats- The dirty tricks of the black art of WebAppInSec - About different types of (old)web application threats, how to find them and how to exploit them. The dirty tricks of the black art of WebAppInSec. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/126.en.html - The Two Envelopes Tent - Jacco van Tuijl - - - PUBLISH - 126@HAR2009@pentabarf.org - 126 - webappinsec - WebAppInSec : 101 threats - The dirty tricks of the black art of WebAppInSec - English - en - 20090814T170000 - 20090814T180000 - 01H00M00S - WebAppInSec : 101 threats- The dirty tricks of the black art of WebAppInSec - About different types of (old)web application threats, how to find them and how to exploit them. The dirty tricks of the black art of WebAppInSec. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/126.en.html - The Two Envelopes Tent - Jacco van Tuijl - - - PUBLISH - 16@HAR2009@pentabarf.org - 16 - - When nerds dream big - Nuancing a wireless utopia - English - en - 20090814T200000 - 20090814T210000 - 01H00M00S - When nerds dream big- Nuancing a wireless utopia - This talk will delve into my thesis on the growing criticism of Mark Weiser’s Ubiquitous Computing vision, a twenty year old ideal which still stands at the heart of our craving for location based services, smartphones and self-parking cars. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/16.en.html - The Birthday Tent - Tijmen Schep - - - PUBLISH - 16@HAR2009@pentabarf.org - 16 - - When nerds dream big - Nuancing a wireless utopia - englisch - en - 20090814T200000 - 20090814T210000 - 01H00M00S - When nerds dream big- Nuancing a wireless utopia - This talk will delve into my thesis on the growing criticism of Mark Weiser’s Ubiquitous Computing vision, a twenty year old ideal which still stands at the heart of our craving for location based services, smartphones and self-parking cars. - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/16.en.html - The Birthday Tent - Tijmen Schep - - - PUBLISH - 33@HAR2009@pentabarf.org - 33 - why_tor_is_slow - Why Tor is slow - and what we're doing about it - English - en - 20090814T210000 - 20090814T220000 - 01H00M00S - Why Tor is slow- and what we're doing about it - Many of you have probably tried Tor, and then stopped because you found -it too slow. Now that Tor has several hundred thousand users, our original -design decisions are showing their age. We need to figure out and -deploy some major changes if we want the Tor network to scale up to the -million-user mark. - -Problem #1 is that Tor's congestion control does not work well. We need -to come up with ways to let "quiet" streams like web browsing co-exist -better with "loud" streams like bulk transfer. Problem #2 is that some -Tor users simply put too much traffic onto the network relative to the -amount they contribute, so we need to work on ways to limit the effects -of those users and/or provide priority to the other users. Problem #3 -is that the Tor network simply doesn't have enough capacity to handle -all the users that want privacy on the Internet. We need to develop -strategies for increasing the overall community of relays, and consider -introducing incentives to make the network more self-sustaining. - -In this talk I'll walk through these problems and more: why we think -these are the right problems to solve, and how we're solving them. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/33.en.html - The Birthday Tent - Roger Dingledine - - - PUBLISH - 33@HAR2009@pentabarf.org - 33 - why_tor_is_slow - Why Tor is slow - and what we're doing about it - englisch - en - 20090814T210000 - 20090814T220000 - 01H00M00S - Why Tor is slow- and what we're doing about it - Many of you have probably tried Tor, and then stopped because you found -it too slow. Now that Tor has several hundred thousand users, our original -design decisions are showing their age. We need to figure out and -deploy some major changes if we want the Tor network to scale up to the -million-user mark. - -Problem #1 is that Tor's congestion control does not work well. We need -to come up with ways to let "quiet" streams like web browsing co-exist -better with "loud" streams like bulk transfer. Problem #2 is that some -Tor users simply put too much traffic onto the network relative to the -amount they contribute, so we need to work on ways to limit the effects -of those users and/or provide priority to the other users. Problem #3 -is that the Tor network simply doesn't have enough capacity to handle -all the users that want privacy on the Internet. We need to develop -strategies for increasing the overall community of relays, and consider -introducing incentives to make the network more self-sustaining. - -In this talk I'll walk through these problems and more: why we think -these are the right problems to solve, and how we're solving them. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/33.en.html - The Birthday Tent - Roger Dingledine - - - PUBLISH - 160@HAR2009@pentabarf.org - 160 - wikileaks - Wikileaks - History is the only guidebook civilization has, but who's the publisher? - englisch - en - 20090813T120000 - 20090813T130000 - 01H00M00S - Wikileaks- History is the only guidebook civilization has, but who's the publisher? - History is the only guidebook civilization has, but who's the -publisher? - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/160.en.html - Monty Hall - Daniel Schmitt - Julian Assange - - - PUBLISH - 160@HAR2009@pentabarf.org - 160 - wikileaks - Wikileaks - History is the only guidebook civilization has, but who's the publisher? - English - en - 20090813T120000 - 20090813T130000 - 01H00M00S - Wikileaks- History is the only guidebook civilization has, but who's the publisher? - History is the only guidebook civilization has, but who's the -publisher? - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/160.en.html - Monty Hall - Daniel Schmitt - Julian Assange - - - PUBLISH - 201@HAR2009@pentabarf.org - 201 - wikileaks-followup - Wikileaks -- followup - - englisch - en - 20090813T230000 - 20090814T000000 - 01H00M00S - Wikileaks -- followup - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/201.en.html - Monty Hall - Julian Assange - - - PUBLISH - 201@HAR2009@pentabarf.org - 201 - wikileaks-followup - Wikileaks -- followup - - English - en - 20090813T230000 - 20090814T000000 - 01H00M00S - Wikileaks -- followup - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/201.en.html - Monty Hall - Julian Assange - - - PUBLISH - 208@HAR2009@pentabarf.org - 208 - - Wikileaks panel - - - - 20090814T230000 - 20090815T000000 - 01H00M00S - Wikileaks panel - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/208.en.html - The Birthday Tent - - - PUBLISH - 208@HAR2009@pentabarf.org - 208 - - Wikileaks panel - - - - 20090814T230000 - 20090815T000000 - 01H00M00S - Wikileaks panel - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/208.en.html - The Birthday Tent - - - PUBLISH - 140@HAR2009@pentabarf.org - 140 - wok_the_wob - WokTheWob: FOIA for open source - Experiences of a transparancy nightmare - English - en - 20090815T150000 - 20090815T160000 - 01H00M00S - WokTheWob: FOIA for open source- Experiences of a transparancy nightmare - Many countries have a Freedom of Information Act. People can request transparency from their government in theory. But in practice bureaucrats are going out of their way to prevent 'open' from happening until they meet you. Based on experiences of an ethousiastic wobber you can learn how wobbing works in the Netherlands, what resistance you can expect and how you crack open those archives you already pay for. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/140.en.html - The Birthday Tent - Brenno de Winter - - - PUBLISH - 140@HAR2009@pentabarf.org - 140 - wok_the_wob - WokTheWob: FOIA for open source - Experiences of a transparancy nightmare - englisch - en - 20090815T150000 - 20090815T160000 - 01H00M00S - WokTheWob: FOIA for open source- Experiences of a transparancy nightmare - Many countries have a Freedom of Information Act. People can request transparency from their government in theory. But in practice bureaucrats are going out of their way to prevent 'open' from happening until they meet you. Based on experiences of an ethousiastic wobber you can learn how wobbing works in the Netherlands, what resistance you can expect and how you crack open those archives you already pay for. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/140.en.html - The Birthday Tent - Brenno de Winter - - - PUBLISH - 175@HAR2009@pentabarf.org - 175 - dakami - x509 is considered harmful - You will be amazed - englisch - en - 20090814T200000 - 20090814T210000 - 01H00M00S - x509 is considered harmful- You will be amazed - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/175.en.html - The Two Envelopes Tent - Dan Kaminsky - - - PUBLISH - 175@HAR2009@pentabarf.org - 175 - dakami - x509 is considered harmful - You will be amazed - English - en - 20090814T200000 - 20090814T210000 - 01H00M00S - x509 is considered harmful- You will be amazed - - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/175.en.html - The Two Envelopes Tent - Dan Kaminsky - - - PUBLISH - 116@HAR2009@pentabarf.org - 116 - your_mind - Your Mind: Legal Status, Rights and Securing Yourself - - English - en - 20090815T170000 - 20090815T180000 - 01H00M00S - Your Mind: Legal Status, Rights and Securing Yourself - As a participant in the information economy, you no longer exclusively own material originating from your organic brain; you leave a digital trail with your portable device’s transmitted communications and when your image is captured by surveillance cameras. Likewise, if you Tweet or blog, you have outsourced a large portion of your memory and some of your active cognition to inorganic systems. U.S. and International laws relating to protection of intellectual property and criminal search and seizure procedures puts into question protections of these ephemeral communications and memoranda stored on your personal computing devices, in cloud computing networks, on off-shore "subpoena proof" server/jurisdiction-hopping platforms, or on social networking sites. Although once considered to be futuristic technologies, as we move our ideas and memories onto external devices or are subjected to public surveillance with technology (Future Attribute Screening Technology) that assesses pre-crime thoughts by remotely measuring biometric data such as heart rate, body temperature, pheromone responses, and respiration, where do our personal privacy rights to our thoughts end and, instead, become public expressions with lesser legal protections? Similarly, at what state does data in-transit or stored in implantable medical devices continuously connected to the Internet become searchable? In a society in which there is little differentiation remaining between self/computer, thoughts/stored memoranda, and international boundaries, a technology lawyer/computer science professor and a security professional will recommend propositions to protect your data and yourself. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/116.en.html - The Birthday Tent - James "Myrcurial" Arlen - Tiffany Strauchs Rad - - - PUBLISH - 116@HAR2009@pentabarf.org - 116 - your_mind - Your Mind: Legal Status, Rights and Securing Yourself - - englisch - en - 20090815T170000 - 20090815T180000 - 01H00M00S - Your Mind: Legal Status, Rights and Securing Yourself - As a participant in the information economy, you no longer exclusively own material originating from your organic brain; you leave a digital trail with your portable device’s transmitted communications and when your image is captured by surveillance cameras. Likewise, if you Tweet or blog, you have outsourced a large portion of your memory and some of your active cognition to inorganic systems. U.S. and International laws relating to protection of intellectual property and criminal search and seizure procedures puts into question protections of these ephemeral communications and memoranda stored on your personal computing devices, in cloud computing networks, on off-shore "subpoena proof" server/jurisdiction-hopping platforms, or on social networking sites. Although once considered to be futuristic technologies, as we move our ideas and memories onto external devices or are subjected to public surveillance with technology (Future Attribute Screening Technology) that assesses pre-crime thoughts by remotely measuring biometric data such as heart rate, body temperature, pheromone responses, and respiration, where do our personal privacy rights to our thoughts end and, instead, become public expressions with lesser legal protections? Similarly, at what state does data in-transit or stored in implantable medical devices continuously connected to the Internet become searchable? In a society in which there is little differentiation remaining between self/computer, thoughts/stored memoranda, and international boundaries, a technology lawyer/computer science professor and a security professional will recommend propositions to protect your data and yourself. - PUBLIC - CONFIRMED - Lecture - https://har2009.org/program/events/116.en.html - The Birthday Tent - James "Myrcurial" Arlen - Tiffany Strauchs Rad - - - \ No newline at end of file diff --git a/includes/controller/angeltypes_controller.php b/includes/controller/angeltypes_controller.php index 63bf53bd..b06a258c 100644 --- a/includes/controller/angeltypes_controller.php +++ b/includes/controller/angeltypes_controller.php @@ -79,7 +79,7 @@ function angeltypes_about_controller() function angeltype_delete_controller() { if (!auth()->can('admin_angel_types')) { - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } $angeltype = load_angeltype(); @@ -87,7 +87,7 @@ function angeltype_delete_controller() if (request()->hasPostData('delete')) { AngelType_delete($angeltype); success(sprintf(__('Angeltype %s deleted.'), AngelType_name_render($angeltype))); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } return [ @@ -112,13 +112,13 @@ function angeltype_edit_controller() $angeltype = load_angeltype(); if (!User_is_AngelType_supporter(auth()->user(), $angeltype)) { - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } } else { // New angeltype if ($supporter_mode) { // Supporters aren't allowed to create new angeltypes. - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } $angeltype = AngelType_new(); } @@ -157,7 +157,7 @@ function angeltype_edit_controller() } success('Angel type saved.'); - redirect(angeltype_link($angeltype['id'])); + throw_redirect(angeltype_link($angeltype['id'])); } } @@ -177,7 +177,7 @@ function angeltype_controller() $user = auth()->user(); if (!auth()->can('angeltypes')) { - redirect(page_link_to('/')); + throw_redirect(page_link_to('/')); } $angeltype = load_angeltype(); @@ -275,7 +275,7 @@ function angeltypes_list_controller() $user = auth()->user(); if (!auth()->can('angeltypes')) { - redirect(page_link_to('/')); + throw_redirect(page_link_to('/')); } $angeltypes = AngelTypes_with_user($user->id); @@ -346,13 +346,13 @@ function load_angeltype() { $request = request(); if (!$request->has('angeltype_id')) { - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } $angeltype = AngelType($request->input('angeltype_id')); if (empty($angeltype)) { error(__('Angeltype doesn\'t exist . ')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } return $angeltype; diff --git a/includes/controller/event_config_controller.php b/includes/controller/event_config_controller.php index ff68c3ea..55071848 100644 --- a/includes/controller/event_config_controller.php +++ b/includes/controller/event_config_controller.php @@ -17,7 +17,7 @@ function event_config_title() function event_config_edit_controller() { if (!auth()->can('admin_event_config')) { - redirect(page_link_to('/')); + throw_redirect(page_link_to('/')); } $request = request(); @@ -118,7 +118,7 @@ function event_config_edit_controller() ) ); success(__('Settings saved.')); - redirect(page_link_to('admin_event_config')); + throw_redirect(page_link_to('admin_event_config')); } } diff --git a/includes/controller/rooms_controller.php b/includes/controller/rooms_controller.php index 01d4fd37..f0449439 100644 --- a/includes/controller/rooms_controller.php +++ b/includes/controller/rooms_controller.php @@ -15,7 +15,7 @@ use Engelsystem\ShiftsFilterRenderer; function room_controller() { if (!auth()->can('view_rooms')) { - redirect(page_link_to()); + throw_redirect(page_link_to()); } $request = request(); @@ -74,7 +74,7 @@ function rooms_controller() return room_controller(); case 'list': default: - redirect(page_link_to('admin_rooms')); + throw_redirect(page_link_to('admin_rooms')); } } @@ -104,12 +104,12 @@ function room_edit_link($room) function load_room() { if (!test_request_int('room_id')) { - redirect(page_link_to()); + throw_redirect(page_link_to()); } $room = Room(request()->input('room_id')); if (empty($room)) { - redirect(page_link_to()); + throw_redirect(page_link_to()); } return $room; diff --git a/includes/controller/shift_entries_controller.php b/includes/controller/shift_entries_controller.php index 5547c183..065f09cb 100644 --- a/includes/controller/shift_entries_controller.php +++ b/includes/controller/shift_entries_controller.php @@ -13,12 +13,12 @@ function shift_entries_controller() { $user = auth()->user(); if (!$user) { - redirect(page_link_to('login')); + throw_redirect(page_link_to('login')); } $action = strip_request_item('action'); if (empty($action)) { - redirect(user_link($user->id)); + throw_redirect(user_link($user->id)); } switch ($action) { @@ -40,12 +40,12 @@ function shift_entry_create_controller() $request = request(); if (User_is_freeloader($user)) { - redirect(page_link_to('user_myshifts')); + throw_redirect(page_link_to('user_myshifts')); } $shift = Shift($request->input('shift_id')); if (empty($shift)) { - redirect(user_link($user->id)); + throw_redirect(user_link($user->id)); } $angeltype = AngelType($request->input('angeltype_id')); @@ -55,7 +55,7 @@ function shift_entry_create_controller() } if (empty($angeltype)) { - redirect(user_link($user->id)); + throw_redirect(user_link($user->id)); } if (User_is_AngelType_supporter($user, $angeltype)) { @@ -82,7 +82,7 @@ function shift_entry_create_controller_admin($shift, $angeltype) $signup_user = User::find($request->input('user_id')); } if (!$signup_user) { - redirect(shift_link($shift)); + throw_redirect(shift_link($shift)); } $angeltypes = AngelTypes(); @@ -91,7 +91,7 @@ function shift_entry_create_controller_admin($shift, $angeltype) } if (empty($angeltype)) { if (count($angeltypes) == 0) { - redirect(shift_link($shift)); + throw_redirect(shift_link($shift)); } $angeltype = $angeltypes[0]; } @@ -107,7 +107,7 @@ function shift_entry_create_controller_admin($shift, $angeltype) ]); success(sprintf(__('%s has been subscribed to the shift.'), User_Nick_render($signup_user))); - redirect(shift_link($shift)); + throw_redirect(shift_link($shift)); } /** @var User[]|Collection $users */ @@ -147,7 +147,7 @@ function shift_entry_create_controller_supporter($shift, $angeltype) } if (!UserAngelType_exists($signup_user->id, $angeltype)) { error(__('User is not in angeltype.')); - redirect(shift_link($shift)); + throw_redirect(shift_link($shift)); } $needed_angeltype = NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype); @@ -165,7 +165,7 @@ function shift_entry_create_controller_supporter($shift, $angeltype) if ($shift_signup_state->getState() == ShiftSignupState::OCCUPIED) { error(__('This shift is already occupied.')); } - redirect(shift_link($shift)); + throw_redirect(shift_link($shift)); } if ($request->hasPostData('submit')) { @@ -179,7 +179,7 @@ function shift_entry_create_controller_supporter($shift, $angeltype) ]); success(sprintf(__('%s has been subscribed to the shift.'), User_Nick_render($signup_user))); - redirect(shift_link($shift)); + throw_redirect(shift_link($shift)); } $users = Users_by_angeltype($angeltype); @@ -245,7 +245,7 @@ function shift_entry_create_controller_user($shift, $angeltype) ); if (!$shift_signup_state->isSignupAllowed()) { shift_entry_error_message($shift_signup_state); - redirect(shift_link($shift)); + throw_redirect(shift_link($shift)); } $comment = ''; @@ -265,7 +265,7 @@ function shift_entry_create_controller_user($shift, $angeltype) } success(__('You are subscribed. Thank you!')); - redirect(shift_link($shift)); + throw_redirect(shift_link($shift)); } $room = Room($shift['RID']); @@ -319,12 +319,12 @@ function shift_entry_load() $request = request(); if (!$request->has('shift_entry_id') || !test_request_int('shift_entry_id')) { - redirect(page_link_to('user_shifts')); + throw_redirect(page_link_to('user_shifts')); } $shiftEntry = ShiftEntry($request->input('shift_entry_id')); if (empty($shiftEntry)) { error(__('Shift entry not found.')); - redirect(page_link_to('user_shifts')); + throw_redirect(page_link_to('user_shifts')); } return $shiftEntry; @@ -346,13 +346,13 @@ function shift_entry_delete_controller() $signout_user = User::find($shiftEntry['UID']); if (!Shift_signout_allowed($shift, $angeltype, $signout_user->id)) { error(__('You are not allowed to remove this shift entry. If necessary, ask your supporter or heaven to do so.')); - redirect(user_link($signout_user->id)); + throw_redirect(user_link($signout_user->id)); } if ($request->hasPostData('delete')) { ShiftEntry_delete($shiftEntry); success(__('Shift entry removed.')); - redirect(shift_link($shift)); + throw_redirect(shift_link($shift)); } if ($user->id == $signout_user->id) { diff --git a/includes/controller/shifts_controller.php b/includes/controller/shifts_controller.php index 15f92a9d..1cfc1107 100644 --- a/includes/controller/shifts_controller.php +++ b/includes/controller/shifts_controller.php @@ -49,11 +49,11 @@ function shift_edit_controller() $request = request(); if (!auth()->can('admin_shifts')) { - redirect(page_link_to('user_shifts')); + throw_redirect(page_link_to('user_shifts')); } if (!$request->has('edit_shift') || !test_request_int('edit_shift')) { - redirect(page_link_to('user_shifts')); + throw_redirect(page_link_to('user_shifts')); } $shift_id = $request->input('edit_shift'); @@ -164,7 +164,7 @@ function shift_edit_controller() ); success(__('Shift updated.')); - redirect(shift_link([ + throw_redirect(shift_link([ 'SID' => $shift_id ])); } @@ -205,18 +205,18 @@ function shift_delete_controller() $request = request(); if (!auth()->can('user_shifts_admin')) { - redirect(page_link_to('user_shifts')); + throw_redirect(page_link_to('user_shifts')); } // Schicht komplett löschen (nur für admins/user mit user_shifts_admin privileg) if (!$request->has('delete_shift') || !preg_match('/^\d+$/', $request->input('delete_shift'))) { - redirect(page_link_to('user_shifts')); + throw_redirect(page_link_to('user_shifts')); } $shift_id = $request->input('delete_shift'); $shift = Shift($shift_id); if (empty($shift)) { - redirect(page_link_to('user_shifts')); + throw_redirect(page_link_to('user_shifts')); } // Schicht löschen bestätigt @@ -230,7 +230,7 @@ function shift_delete_controller() . ' to ' . date('Y-m-d H:i', $shift['end']) ); success(__('Shift deleted.')); - redirect(page_link_to('user_shifts')); + throw_redirect(page_link_to('user_shifts')); } return page_with_title(shifts_title(), [ @@ -256,17 +256,17 @@ function shift_controller() $request = request(); if (!auth()->can('user_shifts')) { - redirect(page_link_to('/')); + throw_redirect(page_link_to('/')); } if (!$request->has('shift_id')) { - redirect(page_link_to('user_shifts')); + throw_redirect(page_link_to('user_shifts')); } $shift = Shift($request->input('shift_id')); if (empty($shift)) { error(__('Shift could not be found.')); - redirect(page_link_to('user_shifts')); + throw_redirect(page_link_to('user_shifts')); } $shifttype = ShiftType($shift['shifttype_id']); @@ -309,7 +309,7 @@ function shifts_controller() { $request = request(); if (!$request->has('action')) { - redirect(page_link_to('user_shifts')); + throw_redirect(page_link_to('user_shifts')); } switch ($request->input('action')) { @@ -319,7 +319,7 @@ function shifts_controller() case 'next': shift_next_controller(); default: - redirect(page_link_to('/')); + throw_redirect(page_link_to('/')); } return false; @@ -331,16 +331,16 @@ function shifts_controller() function shift_next_controller() { if (!auth()->can('user_shifts')) { - redirect(page_link_to('/')); + throw_redirect(page_link_to('/')); } $upcoming_shifts = ShiftEntries_upcoming_for_user(auth()->user()->id); if (!empty($upcoming_shifts)) { - redirect(shift_link($upcoming_shifts[0])); + throw_redirect(shift_link($upcoming_shifts[0])); } - redirect(page_link_to('user_shifts')); + throw_redirect(page_link_to('user_shifts')); } /** diff --git a/includes/controller/shifttypes_controller.php b/includes/controller/shifttypes_controller.php index 3c825d0c..ede360b8 100644 --- a/includes/controller/shifttypes_controller.php +++ b/includes/controller/shifttypes_controller.php @@ -18,12 +18,12 @@ function shifttype_delete_controller() { $request = request(); if (!$request->has('shifttype_id')) { - redirect(page_link_to('shifttypes')); + throw_redirect(page_link_to('shifttypes')); } $shifttype = ShiftType($request->input('shifttype_id')); if (empty($shifttype)) { - redirect(page_link_to('shifttypes')); + throw_redirect(page_link_to('shifttypes')); } if ($request->hasPostData('delete')) { @@ -31,7 +31,7 @@ function shifttype_delete_controller() engelsystem_log('Deleted shifttype ' . $shifttype['name']); success(sprintf(__('Shifttype %s deleted.'), $shifttype['name'])); - redirect(page_link_to('shifttypes')); + throw_redirect(page_link_to('shifttypes')); } return [ @@ -59,7 +59,7 @@ function shifttype_edit_controller() $shifttype = ShiftType($request->input('shifttype_id')); if (empty($shifttype)) { error(__('Shifttype not found.')); - redirect(page_link_to('shifttypes')); + throw_redirect(page_link_to('shifttypes')); } $shifttype_id = $shifttype['id']; $name = $shifttype['name']; @@ -99,7 +99,7 @@ function shifttype_edit_controller() engelsystem_log('Created shifttype ' . $name); success(__('Created shifttype.')); } - redirect(page_link_to('shifttypes', ['action' => 'view', 'shifttype_id' => $shifttype_id])); + throw_redirect(page_link_to('shifttypes', ['action' => 'view', 'shifttype_id' => $shifttype_id])); } } @@ -116,11 +116,11 @@ function shifttype_controller() { $request = request(); if (!$request->has('shifttype_id')) { - redirect(page_link_to('shifttypes')); + throw_redirect(page_link_to('shifttypes')); } $shifttype = ShiftType($request->input('shifttype_id')); if (empty($shifttype)) { - redirect(page_link_to('shifttypes')); + throw_redirect(page_link_to('shifttypes')); } $angeltype = []; diff --git a/includes/controller/user_angeltypes_controller.php b/includes/controller/user_angeltypes_controller.php index 6c64cb27..038d919e 100644 --- a/includes/controller/user_angeltypes_controller.php +++ b/includes/controller/user_angeltypes_controller.php @@ -45,18 +45,18 @@ function user_angeltypes_delete_all_controller() if (!$request->has('angeltype_id')) { error(__('Angeltype doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } $angeltype = AngelType($request->input('angeltype_id')); if (empty($angeltype)) { error(__('Angeltype doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } if (!User_is_AngelType_supporter(auth()->user(), $angeltype)) { error(__('You are not allowed to delete all users for this angeltype.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } if ($request->hasPostData('deny_all')) { @@ -64,7 +64,7 @@ function user_angeltypes_delete_all_controller() engelsystem_log(sprintf('Denied all users for angeltype %s', AngelType_name_render($angeltype, true))); success(sprintf(__('Denied all users for angeltype %s.'), AngelType_name_render($angeltype))); - redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); + throw_redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); } return [ @@ -85,18 +85,18 @@ function user_angeltypes_confirm_all_controller() if (!$request->has('angeltype_id')) { error(__('Angeltype doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } $angeltype = AngelType($request->input('angeltype_id')); if (empty($angeltype)) { error(__('Angeltype doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } if (!auth()->can('admin_user_angeltypes') && !User_is_AngelType_supporter($user, $angeltype)) { error(__('You are not allowed to confirm all users for this angeltype.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } if ($request->hasPostData('confirm_all')) { @@ -104,7 +104,7 @@ function user_angeltypes_confirm_all_controller() engelsystem_log(sprintf('Confirmed all users for angeltype %s', AngelType_name_render($angeltype, true))); success(sprintf(__('Confirmed all users for angeltype %s.'), AngelType_name_render($angeltype))); - redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); + throw_redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); } return [ @@ -125,30 +125,30 @@ function user_angeltype_confirm_controller() if (!$request->has('user_angeltype_id')) { error(__('User angeltype doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } $user_angeltype = UserAngelType($request->input('user_angeltype_id')); if (empty($user_angeltype)) { error(__('User angeltype doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } $angeltype = AngelType($user_angeltype['angeltype_id']); if (empty($angeltype)) { error(__('Angeltype doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } if (!User_is_AngelType_supporter($user, $angeltype)) { error(__('You are not allowed to confirm this users angeltype.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } $user_source = User::find($user_angeltype['user_id']); if (!$user_source) { error(__('User doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } if ($request->hasPostData('confirm_user')) { @@ -164,7 +164,7 @@ function user_angeltype_confirm_controller() User_Nick_render($user_source), AngelType_name_render($angeltype) )); - redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); + throw_redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); } return [ @@ -185,30 +185,30 @@ function user_angeltype_delete_controller() if (!$request->has('user_angeltype_id')) { error(__('User angeltype doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } $user_angeltype = UserAngelType($request->input('user_angeltype_id')); if (empty($user_angeltype)) { error(__('User angeltype doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } $angeltype = AngelType($user_angeltype['angeltype_id']); if (empty($angeltype)) { error(__('Angeltype doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } $user_source = User::find($user_angeltype['user_id']); if (!$user_source) { error(__('User doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } if ($user->id != $user_angeltype['user_id'] && !User_is_AngelType_supporter($user, $angeltype)) { error(__('You are not allowed to delete this users angeltype.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } if ($request->hasPostData('delete')) { @@ -217,7 +217,7 @@ function user_angeltype_delete_controller() engelsystem_log(sprintf('User %s removed from %s.', User_Nick_render($user_source, true), $angeltype['name'])); success(sprintf(__('User %s removed from %s.'), User_Nick_render($user_source), $angeltype['name'])); - redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); + throw_redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); } return [ @@ -238,37 +238,37 @@ function user_angeltype_update_controller() if (!auth()->can('admin_angel_types')) { error(__('You are not allowed to set supporter rights.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } if (!$request->has('user_angeltype_id')) { error(__('User angeltype doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } if ($request->has('supporter') && preg_match('/^[01]$/', $request->input('supporter'))) { $supporter = $request->input('supporter') == '1'; } else { error(__('No supporter update given.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } $user_angeltype = UserAngelType($request->input('user_angeltype_id')); if (empty($user_angeltype)) { error(__('User angeltype doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } $angeltype = AngelType($user_angeltype['angeltype_id']); if (empty($angeltype)) { error(__('Angeltype doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } $user_source = User::find($user_angeltype['user_id']); if (!$user_source) { error(__('User doesn\'t exist.')); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } if ($request->hasPostData('submit')) { @@ -288,7 +288,7 @@ function user_angeltype_update_controller() User_Nick_render($user_source) )); - redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); + throw_redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); } return [ @@ -343,7 +343,7 @@ function user_angeltype_add_controller() AngelType_name_render($angeltype, true) )); - redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); + throw_redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); } } @@ -366,7 +366,7 @@ function user_angeltype_join_controller($angeltype) $user_angeltype = UserAngelType_by_User_and_AngelType($user->id, $angeltype); if (!empty($user_angeltype)) { error(sprintf(__('You are already a %s.'), $angeltype['name'])); - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } if (request()->hasPostData('submit')) { @@ -389,7 +389,7 @@ function user_angeltype_join_controller($angeltype) )); } - redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); + throw_redirect(page_link_to('angeltypes', ['action' => 'view', 'angeltype_id' => $angeltype['id']])); } return [ @@ -407,7 +407,7 @@ function user_angeltypes_controller() { $request = request(); if (!$request->has('action')) { - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } switch ($request->input('action')) { @@ -424,6 +424,6 @@ function user_angeltypes_controller() case 'add': return user_angeltype_add_controller(); default: - redirect(page_link_to('angeltypes')); + throw_redirect(page_link_to('angeltypes')); } } diff --git a/includes/controller/user_driver_licenses_controller.php b/includes/controller/user_driver_licenses_controller.php index 9dc15f15..e6924182 100644 --- a/includes/controller/user_driver_licenses_controller.php +++ b/includes/controller/user_driver_licenses_controller.php @@ -42,7 +42,7 @@ function user_driver_licenses_controller() $user = auth()->user(); if (!$user) { - redirect(page_link_to('')); + throw_redirect(page_link_to('')); } $action = strip_request_item('action', 'edit'); @@ -82,7 +82,7 @@ function user_driver_license_load_user() if ($request->has('user_id')) { $user_source = User::find($request->input('user_id')); if (empty($user_source)) { - redirect(user_driver_license_edit_link()); + throw_redirect(user_driver_license_edit_link()); } } @@ -102,7 +102,7 @@ function user_driver_license_edit_controller() // only privilege admin_user can edit other users driver license information if ($user->id != $user_source->id && !auth()->can('admin_user')) { - redirect(user_driver_license_edit_link()); + throw_redirect(user_driver_license_edit_link()); } $user_driver_license = UserDriverLicense($user_source->id); @@ -131,7 +131,7 @@ function user_driver_license_edit_controller() } engelsystem_log('Driver license information updated.'); success(__('Your driver license information has been saved.')); - redirect(user_link($user_source->id)); + throw_redirect(user_link($user_source->id)); } else { error(__('Please select at least one driving license.')); } @@ -139,7 +139,7 @@ function user_driver_license_edit_controller() UserDriverLicenses_delete($user_source->id); engelsystem_log('Driver license information removed.'); success(__('Your driver license information has been removed.')); - redirect(user_link($user_source->id)); + throw_redirect(user_link($user_source->id)); } } diff --git a/includes/controller/user_worklog_controller.php b/includes/controller/user_worklog_controller.php index 7cedea92..6b100338 100644 --- a/includes/controller/user_worklog_controller.php +++ b/includes/controller/user_worklog_controller.php @@ -12,7 +12,7 @@ function user_worklog_delete_controller() $request = request(); $userWorkLog = UserWorkLog($request->input('user_worklog_id')); if (empty($userWorkLog)) { - redirect(user_link(auth()->user()->id)); + throw_redirect(user_link(auth()->user()->id)); } $user_source = User::find($userWorkLog['user_id']); @@ -20,7 +20,7 @@ function user_worklog_delete_controller() UserWorkLog_delete($userWorkLog); success(__('Work log entry deleted.')); - redirect(user_link($user_source->id)); + throw_redirect(user_link($user_source->id)); } return [ @@ -39,7 +39,7 @@ function user_worklog_edit_controller() $request = request(); $userWorkLog = UserWorkLog($request->input('user_worklog_id')); if (empty($userWorkLog)) { - redirect(user_link(auth()->user()->id)); + throw_redirect(user_link(auth()->user()->id)); } $user_source = User::find($userWorkLog['user_id']); @@ -50,7 +50,7 @@ function user_worklog_edit_controller() UserWorkLog_update($userWorkLog); success(__('Work log entry updated.')); - redirect(user_link($user_source->id)); + throw_redirect(user_link($user_source->id)); } } @@ -109,7 +109,7 @@ function user_worklog_add_controller() $request = request(); $user_source = User::find($request->input('user_id')); if (!$user_source) { - redirect(user_link(auth()->user()->id)); + throw_redirect(user_link(auth()->user()->id)); } $userWorkLog = UserWorkLog_new($user_source->id); @@ -121,7 +121,7 @@ function user_worklog_add_controller() UserWorkLog_create($userWorkLog); success(__('Work log entry created.')); - redirect(user_link($user_source->id)); + throw_redirect(user_link($user_source->id)); } } @@ -185,13 +185,13 @@ function user_worklog_controller() $user = auth()->user(); if (!auth()->can('admin_user_worklog')) { - redirect(user_link($user->id)); + throw_redirect(user_link($user->id)); } $request = request(); $action = $request->input('action'); if (!$request->has('action')) { - redirect(user_link($user->id)); + throw_redirect(user_link($user->id)); } switch ($action) { diff --git a/includes/controller/users_controller.php b/includes/controller/users_controller.php index 3ad2ffd9..da8a9339 100644 --- a/includes/controller/users_controller.php +++ b/includes/controller/users_controller.php @@ -17,7 +17,7 @@ function users_controller() $request = request(); if (!$user) { - redirect(page_link_to('')); + throw_redirect(page_link_to('')); } $action = 'list'; @@ -56,13 +56,13 @@ function user_delete_controller() } if (!auth()->can('admin_user')) { - redirect(page_link_to('')); + throw_redirect(page_link_to('')); } // You cannot delete yourself if ($user->id == $user_source->id) { error(__('You cannot delete yourself.')); - redirect(user_link($user->id)); + throw_redirect(user_link($user->id)); } if ($request->hasPostData('submit')) { @@ -85,7 +85,7 @@ function user_delete_controller() success(__('User deleted.')); engelsystem_log(sprintf('Deleted %s', User_Nick_render($user_source, true))); - redirect(users_link()); + throw_redirect(users_link()); } } @@ -145,7 +145,7 @@ function user_edit_vouchers_controller() } if (!auth()->can('admin_user')) { - redirect(page_link_to('')); + throw_redirect(page_link_to('')); } if ($request->hasPostData('submit')) { @@ -171,7 +171,7 @@ function user_edit_vouchers_controller() engelsystem_log(User_Nick_render($user_source, true) . ': ' . sprintf('Got %s vouchers', $user_source->state->got_voucher)); - redirect(user_link($user_source->id)); + throw_redirect(user_link($user_source->id)); } } @@ -194,7 +194,7 @@ function user_controller() $user_source = User::find($request->input('user_id')); if (!$user_source) { error(__('User not found.')); - redirect(page_link_to('/')); + throw_redirect(page_link_to('/')); } } @@ -261,7 +261,7 @@ function users_list_controller() $request = request(); if (!auth()->can('admin_user')) { - redirect(page_link_to('')); + throw_redirect(page_link_to('')); } $order_by = 'name'; @@ -319,13 +319,13 @@ function load_user() { $request = request(); if (!$request->has('user_id')) { - redirect(page_link_to()); + throw_redirect(page_link_to()); } $user = User::find($request->input('user_id')); if (!$user) { error(__('User doesn\'t exist.')); - redirect(page_link_to()); + throw_redirect(page_link_to()); } return $user; diff --git a/includes/includes.php b/includes/includes.php index 601a6ca2..50e98fe5 100644 --- a/includes/includes.php +++ b/includes/includes.php @@ -69,7 +69,6 @@ $includeFiles = [ __DIR__ . '/../includes/pages/admin_arrive.php', __DIR__ . '/../includes/pages/admin_free.php', __DIR__ . '/../includes/pages/admin_groups.php', - __DIR__ . '/../includes/pages/admin_import.php', __DIR__ . '/../includes/pages/admin_log.php', __DIR__ . '/../includes/pages/admin_questions.php', __DIR__ . '/../includes/pages/admin_rooms.php', @@ -82,6 +81,8 @@ $includeFiles = [ __DIR__ . '/../includes/pages/user_questions.php', __DIR__ . '/../includes/pages/user_settings.php', __DIR__ . '/../includes/pages/user_shifts.php', + + __DIR__ . '/../includes/pages/schedule/ImportSchedule.php', ]; foreach ($includeFiles as $file) { diff --git a/includes/model/Room_model.php b/includes/model/Room_model.php index b29f68fe..f9eaf31d 100644 --- a/includes/model/Room_model.php +++ b/includes/model/Room_model.php @@ -61,36 +61,21 @@ function Room_delete($room_id) engelsystem_log('Room deleted: ' . $room['Name']); } -/** - * Delete a room by its name - * - * @param string $name - */ -function Room_delete_by_name($name) -{ - DB::delete('DELETE FROM `Room` WHERE `Name` = ?', [ - $name - ]); - engelsystem_log('Room deleted: ' . $name); -} - /** * Create a new room * * @param string $name Name of the room - * @param boolean $from_frab Is this a frab imported room? * @param string $map_url URL to a map tha can be displayed in an iframe * @param string description Markdown description * @return false|int */ -function Room_create($name, $from_frab, $map_url, $description) +function Room_create($name, $map_url, $description) { DB::insert(' - INSERT INTO `Room` (`Name`, `from_frab`, `map_url`, `description`) - VALUES (?, ?, ?, ?) + INSERT INTO `Room` (`Name`, `map_url`, `description`) + VALUES (?, ?, ?) ', [ $name, - (int)$from_frab, $map_url, $description ]); @@ -98,7 +83,6 @@ function Room_create($name, $from_frab, $map_url, $description) engelsystem_log( 'Room created: ' . $name - . ', frab import: ' . ($from_frab ? 'Yes' : '') . ', map_url: ' . $map_url . ', description: ' . $description ); @@ -107,28 +91,25 @@ function Room_create($name, $from_frab, $map_url, $description) } /** - * update a room + * Update a room * * @param int $room_id The rooms id * @param string $name Name of the room - * @param boolean $from_frab Is this a frab imported room? * @param string $map_url URL to a map tha can be displayed in an iframe * @param string $description Markdown description * @return int */ -function Room_update($room_id, $name, $from_frab, $map_url, $description) +function Room_update($room_id, $name, $map_url, $description) { $result = DB::update(' UPDATE `Room` SET `Name`=?, - `from_frab`=?, `map_url`=?, `description`=? WHERE `RID`=? LIMIT 1', [ $name, - (int)$from_frab, $map_url, $description, $room_id @@ -136,7 +117,6 @@ function Room_update($room_id, $name, $from_frab, $map_url, $description) engelsystem_log( 'Room updated: ' . $name . - ', frab import: ' . ($from_frab ? 'Yes' : '') . ', map_url: ' . $map_url . ', description: ' . $description ); diff --git a/includes/model/Shifts_model.php b/includes/model/Shifts_model.php index 1f957c84..756d9284 100644 --- a/includes/model/Shifts_model.php +++ b/includes/model/Shifts_model.php @@ -14,17 +14,19 @@ function Shifts_by_angeltype($angeltype) return DB::select(' SELECT DISTINCT `Shifts`.* FROM `Shifts` JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id` = `Shifts`.`SID` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE `NeededAngelTypes`.`angel_type_id` = ? AND `NeededAngelTypes`.`count` > 0 - AND `Shifts`.`PSID` IS NULL + AND s.shift_id IS NULL UNION SELECT DISTINCT `Shifts`.* FROM `Shifts` JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id` = `Shifts`.`RID` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE `NeededAngelTypes`.`angel_type_id` = ? AND `NeededAngelTypes`.`count` > 0 - AND NOT `Shifts`.`PSID` IS NULL + AND NOT s.shift_id IS NULL ', [$angeltype['id'], $angeltype['id']]); } @@ -41,19 +43,21 @@ function Shifts_free($start, $end) SELECT * FROM ( SELECT * FROM `Shifts` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE (`end` > ? AND `start` < ?) AND (SELECT SUM(`count`) FROM `NeededAngelTypes` WHERE `NeededAngelTypes`.`shift_id`=`Shifts`.`SID`) > (SELECT COUNT(*) FROM `ShiftEntry` WHERE `ShiftEntry`.`SID`=`Shifts`.`SID` AND `freeloaded`=0) - AND `Shifts`.`PSID` IS NULL + AND s.shift_id IS NULL UNION SELECT * FROM `Shifts` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE (`end` > ? AND `start` < ?) AND (SELECT SUM(`count`) FROM `NeededAngelTypes` WHERE `NeededAngelTypes`.`room_id`=`Shifts`.`RID`) > (SELECT COUNT(*) FROM `ShiftEntry` WHERE `ShiftEntry`.`SID`=`Shifts`.`SID` AND `freeloaded`=0) - AND NOT `Shifts`.`PSID` IS NULL + AND NOT s.shift_id IS NULL ) AS `tmp` ORDER BY `tmp`.`start` ", [ @@ -69,16 +73,6 @@ function Shifts_free($start, $end) return $free_shifts; } -/** - * Returns all shifts with a PSID (from frab import) - * - * @return array[] - */ -function Shifts_from_frab() -{ - return DB::select('SELECT * FROM `Shifts` WHERE `PSID` IS NOT NULL ORDER BY `start`'); -} - /** * @param array|int $room * @return array[] @@ -103,11 +97,12 @@ function Shifts_by_ShiftsFilter(ShiftsFilter $shiftsFilter) JOIN `Room` USING (`RID`) JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id` JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id` = `Shifts`.`SID` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ') AND `start` BETWEEN ? AND ? AND `NeededAngelTypes`.`angel_type_id` IN (' . implode(',', $shiftsFilter->getTypes()) . ') AND `NeededAngelTypes`.`count` > 0 - AND `Shifts`.`PSID` IS NULL + AND s.shift_id IS NULL UNION @@ -116,11 +111,12 @@ function Shifts_by_ShiftsFilter(ShiftsFilter $shiftsFilter) JOIN `Room` USING (`RID`) JOIN `ShiftTypes` ON `ShiftTypes`.`id` = `Shifts`.`shifttype_id` JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ') AND `start` BETWEEN ? AND ? AND `NeededAngelTypes`.`angel_type_id` IN (' . implode(',', $shiftsFilter->getTypes()) . ') AND `NeededAngelTypes`.`count` > 0 - AND NOT `Shifts`.`PSID` IS NULL) AS tmp_shifts + AND NOT s.shift_id IS NULL) AS tmp_shifts ORDER BY `room_name`, `start`'; @@ -152,9 +148,10 @@ function NeededAngeltypes_by_ShiftsFilter(ShiftsFilter $shiftsFilter) FROM `Shifts` JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id`=`Shifts`.`SID` JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ') AND `start` BETWEEN ? AND ? - AND `Shifts`.`PSID` IS NULL + AND s.shift_id IS NULL UNION @@ -168,9 +165,10 @@ function NeededAngeltypes_by_ShiftsFilter(ShiftsFilter $shiftsFilter) FROM `Shifts` JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID` JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE `Shifts`.`RID` IN (' . implode(',', $shiftsFilter->getRooms()) . ') AND `start` BETWEEN ? AND ? - AND NOT `Shifts`.`PSID` IS NULL'; + AND NOT s.shift_id IS NULL'; return DB::select( $sql, @@ -201,9 +199,10 @@ function NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype) FROM `Shifts` JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`shift_id`=`Shifts`.`SID` JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE `Shifts`.`SID`=? AND `AngelTypes`.`id`=? - AND `Shifts`.`PSID` IS NULL + AND s.shift_id IS NULL UNION @@ -217,9 +216,10 @@ function NeededAngeltype_by_Shift_and_Angeltype($shift, $angeltype) FROM `Shifts` JOIN `NeededAngelTypes` ON `NeededAngelTypes`.`room_id`=`Shifts`.`RID` JOIN `AngelTypes` ON `AngelTypes`.`id`= `NeededAngelTypes`.`angel_type_id` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE `Shifts`.`SID`=? AND `AngelTypes`.`id`=? - AND NOT `Shifts`.`PSID` IS NULL + AND NOT s.shift_id IS NULL ', [ $shift['SID'], @@ -494,16 +494,6 @@ function Shift_signup_allowed( ); } -/** - * Delete a shift by its external id. - * - * @param int $shift_psid - */ -function Shift_delete_by_psid($shift_psid) -{ - DB::delete('DELETE FROM `Shifts` WHERE `PSID`=?', [$shift_psid]); -} - /** * Delete a shift. * @@ -535,7 +525,6 @@ function Shift_update($shift) `RID` = ?, `title` = ?, `URL` = ?, - `PSID` = ?, `edited_by_user_id` = ?, `edited_at_timestamp` = ? WHERE `SID` = ? @@ -547,7 +536,6 @@ function Shift_update($shift) $shift['RID'], $shift['title'], $shift['URL'], - $shift['PSID'], $user->id, time(), $shift['SID'] @@ -555,25 +543,6 @@ function Shift_update($shift) ); } -/** - * Update a shift by its external id. - * - * @param array $shift - * @return int - * @throws Exception - */ -function Shift_update_by_psid($shift) -{ - $shift_source = DB::selectOne('SELECT `SID` FROM `Shifts` WHERE `PSID`=?', [$shift['PSID']]); - - if (empty($shift_source)) { - throw new Exception('Shift not found.'); - } - - $shift['SID'] = $shift_source['SID']; - return Shift_update($shift); -} - /** * Create a new shift. * @@ -590,12 +559,11 @@ function Shift_create($shift) `RID`, `title`, `URL`, - `PSID`, `created_by_user_id`, `edited_at_timestamp`, `created_at_timestamp` ) - VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?) + VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?) ', [ $shift['shifttype_id'], @@ -604,7 +572,6 @@ function Shift_create($shift) $shift['RID'], $shift['title'], $shift['URL'], - $shift['PSID'], auth()->user()->id, time(), time(), diff --git a/includes/model/Stats.php b/includes/model/Stats.php index c8342d82..e355b064 100644 --- a/includes/model/Stats.php +++ b/includes/model/Stats.php @@ -39,8 +39,9 @@ function stats_hours_to_work() (SELECT SUM(`count`) FROM `NeededAngelTypes` WHERE `NeededAngelTypes`.`shift_id`=`Shifts`.`SID`) * (`Shifts`.`end` - `Shifts`.`start`)/3600 AS `count` FROM `Shifts` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE `end` >= ? - AND `Shifts`.`PSID` IS NULL + AND s.shift_id IS NULL UNION ALL @@ -48,8 +49,9 @@ function stats_hours_to_work() (SELECT SUM(`count`) FROM `NeededAngelTypes` WHERE `NeededAngelTypes`.`room_id`=`Shifts`.`RID`) * (`Shifts`.`end` - `Shifts`.`start`)/3600 AS `count` FROM `Shifts` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE `end` >= ? - AND NOT `Shifts`.`PSID` IS NULL + AND NOT s.shift_id IS NULL ) AS `tmp` ", [ time(), @@ -90,8 +92,9 @@ function stats_angels_needed_three_hours() ) AS `count` FROM `Shifts` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE `end` > ? AND `start` < ? - AND `Shifts`.`PSID` IS NULL + AND s.shift_id IS NULL UNION ALL @@ -113,8 +116,9 @@ function stats_angels_needed_three_hours() ) AS `count` FROM `Shifts` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE `end` > ? AND `start` < ? - AND NOT `Shifts`.`PSID` IS NULL + AND NOT s.shift_id IS NULL ) AS `tmp`", [ $now, $in3hours, @@ -163,8 +167,9 @@ function stats_angels_needed_for_nightshifts() ) AS `count` FROM `Shifts` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE `end` > ? AND `start` < ? - AND `Shifts`.`PSID` IS NULL + AND s.shift_id IS NULL UNION ALL @@ -186,8 +191,9 @@ function stats_angels_needed_for_nightshifts() ) AS `count` FROM `Shifts` + LEFT JOIN schedule_shift AS s on Shifts.SID = s.shift_id WHERE `end` > ? AND `start` < ? - AND NOT `Shifts`.`PSID` IS NULL + AND NOT s.shift_id IS NULL ) AS `tmp`", [ $night_start, $night_end, diff --git a/includes/pages/admin_active.php b/includes/pages/admin_active.php index 508f3d81..71d6914a 100644 --- a/includes/pages/admin_active.php +++ b/includes/pages/admin_active.php @@ -42,11 +42,11 @@ function admin_active() __('At least %s angels are forced to be active. The number has to be greater.'), $forced_count )); - redirect(page_link_to('admin_active')); + throw_redirect(page_link_to('admin_active')); } } else { $msg .= error(__('Please enter a number of angels to be marked as active.')); - redirect(page_link_to('admin_active')); + throw_redirect(page_link_to('admin_active')); } if ($request->hasPostData('ack')) { diff --git a/includes/pages/admin_arrive.php b/includes/pages/admin_arrive.php index 7a11f3ab..312fd6dc 100644 --- a/includes/pages/admin_arrive.php +++ b/includes/pages/admin_arrive.php @@ -39,7 +39,7 @@ function admin_arrive() engelsystem_log('User set to not arrived: ' . User_Nick_render($user_source, true)); success(__('Reset done. Angel has not arrived.')); - redirect(user_link($user_source->id)); + throw_redirect(user_link($user_source->id)); } else { $msg = error(__('Angel not found.'), true); } @@ -57,7 +57,7 @@ function admin_arrive() engelsystem_log('User set has arrived: ' . User_Nick_render($user_source, true)); success(__('Angel has been marked as arrived.')); - redirect(user_link($user_source->id)); + throw_redirect(user_link($user_source->id)); } else { $msg = error(__('Angel not found.'), true); } diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php index 6ba2ceaf..1d4a9e03 100644 --- a/includes/pages/admin_groups.php +++ b/includes/pages/admin_groups.php @@ -148,7 +148,7 @@ function admin_groups() 'Group privileges of group ' . $group['Name'] . ' edited: ' . join(', ', $privilege_names) ); - redirect(page_link_to('admin_groups')); + throw_redirect(page_link_to('admin_groups')); } else { return error('No Group found.', true); } diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php deleted file mode 100644 index 11c9729a..00000000 --- a/includes/pages/admin_import.php +++ /dev/null @@ -1,478 +0,0 @@ -user(); - $html = ''; - $import_dir = __DIR__ . '/../../import'; - $request = request(); - - $step = 'input'; - if ( - $request->has('step') - && in_array($request->input('step'), [ - 'input', - 'check', - 'import' - ]) - ) { - $step = $request->input('step'); - } - - try { - $test_handle = @fopen($import_dir . '/tmp', 'w'); - fclose($test_handle); - @unlink($import_dir . '/tmp'); - } catch (Exception $e) { - error(__('Webserver has no write-permission on import directory.')); - } - - $import_file = $import_dir . '/import_' . $user->id . '.xml'; - $shifttype_id = null; - $add_minutes_start = 15; - $add_minutes_end = 15; - - $shifttypes_source = ShiftTypes(); - $shifttypes = []; - foreach ($shifttypes_source as $shifttype) { - $shifttypes[$shifttype['id']] = $shifttype['name']; - } - - switch ($step) { - case 'input': - $valid = false; - - if ($request->hasPostData('submit')) { - $valid = true; - - if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) { - $shifttype_id = $request->input('shifttype_id'); - } else { - $valid = false; - error(__('Please select a shift type.')); - } - - $minutes_start = trim($request->input('add_minutes_start')); - if ($request->has('add_minutes_start') && is_numeric($minutes_start)) { - $add_minutes_start = $minutes_start; - } else { - $valid = false; - error(__('Please enter an amount of minutes to add to a talk\'s begin.')); - } - - if ($request->has('add_minutes_end') && is_numeric(trim($request->input('add_minutes_end')))) { - $add_minutes_end = trim($request->input('add_minutes_end')); - } else { - $valid = false; - error(__('Please enter an amount of minutes to add to a talk\'s end.')); - } - - if (isset($_FILES['xcal_file']) && ($_FILES['xcal_file']['error'] == 0)) { - if (move_uploaded_file($_FILES['xcal_file']['tmp_name'], $import_file)) { - libxml_use_internal_errors(true); - if (simplexml_load_file($import_file) === false) { - $valid = false; - error(__('No valid xml/xcal file provided.')); - unlink($import_file); - } - } else { - $valid = false; - error(__('File upload went wrong.')); - } - } else { - $valid = false; - error(__('Please provide some data.')); - } - } - - if ($valid) { - redirect( - page_link_to('admin_import', [ - 'step' => 'check', - 'shifttype_id' => $shifttype_id, - 'add_minutes_end' => $add_minutes_end, - 'add_minutes_start' => $add_minutes_start, - ]) - ); - } else { - $html .= div('well well-sm text-center', [ - __('File Upload') - . mute(glyph('arrow-right')) - . mute(__('Validation')) - . mute(glyph('arrow-right')) - . mute(__('Import')) - ]) . div('row', [ - div('col-md-offset-3 col-md-6', [ - form([ - form_info( - '', - __('This import will create/update/delete rooms and shifts by given FRAB-export file. The needed file format is xcal.') - ), - form_select('shifttype_id', __('Shifttype'), $shifttypes, $shifttype_id), - form_spinner('add_minutes_start', __('Add minutes to start'), $add_minutes_start), - form_spinner('add_minutes_end', __('Add minutes to end'), $add_minutes_end), - form_file('xcal_file', __('xcal-File (.xcal)')), - form_submit('submit', __('Import')) - ]) - ]) - ]); - } - break; - - case 'check': - if (!file_exists($import_file)) { - error(__('Missing import file.')); - redirect(page_link_to('admin_import')); - } - - if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) { - $shifttype_id = $request->input('shifttype_id'); - } else { - error(__('Please select a shift type.')); - redirect(page_link_to('admin_import')); - } - - if ($request->has('add_minutes_start') && is_numeric(trim($request->input('add_minutes_start')))) { - $add_minutes_start = trim($request->input('add_minutes_start')); - } else { - error(__('Please enter an amount of minutes to add to a talk\'s begin.')); - redirect(page_link_to('admin_import')); - } - - if ($request->has('add_minutes_end') && is_numeric(trim($request->input(('add_minutes_end'))))) { - $add_minutes_end = trim($request->input('add_minutes_end')); - } else { - error(__('Please enter an amount of minutes to add to a talk\'s end.')); - redirect(page_link_to('admin_import')); - } - - list($rooms_new, $rooms_deleted) = prepare_rooms($import_file); - list($events_new, $events_updated, $events_deleted) = prepare_events( - $import_file, - $shifttype_id, - $add_minutes_start, - $add_minutes_end - ); - - $html .= div( - 'well well-sm text-center', - [ - '' . __('File Upload') . glyph('ok-circle') . '' - . mute(glyph('arrow-right')) - . __('Validation') - . mute(glyph('arrow-right')) - . mute(__('Import')) - ] - ) - . form( - [ - div('row', [ - div('col-sm-6', [ - '

' . __('Rooms to create') . '

', - table(__('Name'), $rooms_new) - ]), - div('col-sm-6', [ - '

' . __('Rooms to delete') . '

', - table(__('Name'), $rooms_deleted) - ]) - ]), - '

' . __('Shifts to create') . '

', - table([ - 'day' => __('Day'), - 'start' => __('Start'), - 'end' => __('End'), - 'shifttype' => __('Shift type'), - 'title' => __('Title'), - 'room' => __('Room') - ], shifts_printable($events_new, $shifttypes)), - '

' . __('Shifts to update') . '

', - table([ - 'day' => __('Day'), - 'start' => __('Start'), - 'end' => __('End'), - 'shifttype' => __('Shift type'), - 'title' => __('Title'), - 'room' => __('Room') - ], shifts_printable($events_updated, $shifttypes)), - '

' . __('Shifts to delete') . '

', - table([ - 'day' => __('Day'), - 'start' => __('Start'), - 'end' => __('End'), - 'shifttype' => __('Shift type'), - 'title' => __('Title'), - 'room' => __('Room') - ], shifts_printable($events_deleted, $shifttypes)), - form_submit('submit', __('Import')) - ], - page_link_to('admin_import', [ - 'step' => 'import', - 'shifttype_id' => $shifttype_id, - 'add_minutes_end' => $add_minutes_end, - 'add_minutes_start' => $add_minutes_start, - ]) - ); - break; - - case 'import': - if (!file_exists($import_file)) { - error(__('Missing import file.')); - redirect(page_link_to('admin_import')); - } - - if (!file_exists($import_file)) { - redirect(page_link_to('admin_import')); - } - - if ($request->has('shifttype_id') && isset($shifttypes[$request->input('shifttype_id')])) { - $shifttype_id = $request->input('shifttype_id'); - } else { - error(__('Please select a shift type.')); - redirect(page_link_to('admin_import')); - } - - if ($request->has('add_minutes_start') && is_numeric(trim($request->input('add_minutes_start')))) { - $add_minutes_start = trim($request->input('add_minutes_start')); - } else { - error(__('Please enter an amount of minutes to add to a talk\'s begin.')); - redirect(page_link_to('admin_import')); - } - - if ($request->has('add_minutes_end') && is_numeric(trim($request->input('add_minutes_end')))) { - $add_minutes_end = trim($request->input('add_minutes_end')); - } else { - error(__('Please enter an amount of minutes to add to a talk\'s end.')); - redirect(page_link_to('admin_import')); - } - - list($rooms_new, $rooms_deleted) = prepare_rooms($import_file); - foreach ($rooms_new as $room) { - $result = Room_create($room, true, null, null); - $rooms_import[trim($room)] = $result; - } - foreach ($rooms_deleted as $room) { - Room_delete_by_name($room); - } - - list($events_new, $events_updated, $events_deleted) = prepare_events( - $import_file, - $shifttype_id, - $add_minutes_start, - $add_minutes_end - ); - foreach ($events_new as $event) { - Shift_create($event); - } - - foreach ($events_updated as $event) { - Shift_update_by_psid($event); - } - - foreach ($events_deleted as $event) { - Shift_delete_by_psid($event['PSID']); - } - - engelsystem_log('Frab import done'); - - unlink($import_file); - - $html .= div('well well-sm text-center', [ - '' . __('File Upload') . glyph('ok-circle') . '' - . mute(glyph('arrow-right')) - . '' . __('Validation') . glyph('ok-circle') . '' - . mute(glyph('arrow-right')) - . '' . __('Import') . glyph('ok-circle') . '' - ]) . success(__('It\'s done!'), true); - break; - default: - redirect(page_link_to('admin_import')); - } - - return page_with_title(admin_import_title(), [ - msg(), - $html - ]); -} - -/** - * @param string $file - * @return array - */ -function prepare_rooms($file) -{ - global $rooms_import; - $data = read_xml($file); - - // Load rooms from db for compare with input - $rooms = Rooms(); - // Contains rooms from db with from_frab==true - $rooms_db = []; - // Contains all rooms from db - $rooms_db_all = []; - // Contains all rooms from db and frab - $rooms_import = []; - foreach ($rooms as $room) { - if ($room['from_frab']) { - $rooms_db[] = $room['Name']; - } - $rooms_db_all[] = $room['Name']; - $rooms_import[$room['Name']] = $room['RID']; - } - - $events = $data->vcalendar->vevent; - $rooms_frab = []; - foreach ($events as $event) { - $rooms_frab[] = (string)$event->location; - if (!isset($rooms_import[trim($event->location)])) { - $rooms_import[trim($event->location)] = trim($event->location); - } - } - $rooms_frab = array_unique($rooms_frab); - - $rooms_new = array_diff($rooms_frab, $rooms_db_all); - $rooms_deleted = array_diff($rooms_db, $rooms_frab); - - return [ - $rooms_new, - $rooms_deleted - ]; -} - -/** - * @param string $file - * @param int $shifttype_id - * @param int $add_minutes_start - * @param int $add_minutes_end - * @return array - */ -function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_end) -{ - global $rooms_import; - $data = read_xml($file); - - $rooms = Rooms(); - $rooms_db = []; - foreach ($rooms as $room) { - $rooms_db[$room['Name']] = $room['RID']; - } - - $events = $data->vcalendar->vevent; - $shifts_pb = []; - foreach ($events as $event) { - $event_pb = $event->children('http://pentabarf.org'); - $event_id = trim($event_pb->{'event-id'}); - $shifts_pb[$event_id] = [ - 'shifttype_id' => $shifttype_id, - 'start' => parse_date("Ymd\THis", $event->dtstart) - $add_minutes_start * 60, - 'end' => parse_date("Ymd\THis", $event->dtend) + $add_minutes_end * 60, - 'RID' => $rooms_import[trim($event->location)], - 'title' => trim($event->summary), - 'URL' => trim($event->url), - 'PSID' => $event_id - ]; - } - - $shifts = Shifts_from_frab(); - $shifts_db = []; - foreach ($shifts as $shift) { - $shifts_db[$shift['PSID']] = $shift; - } - - $shifts_new = []; - $shifts_updated = []; - foreach ($shifts_pb as $shift) { - if (!isset($shifts_db[$shift['PSID']])) { - $shifts_new[] = $shift; - } else { - $tmp = $shifts_db[$shift['PSID']]; - if ( - $shift['shifttype_id'] != $tmp['shifttype_id'] - || $shift['title'] != $tmp['title'] - || $shift['start'] != $tmp['start'] - || $shift['end'] != $tmp['end'] - || $shift['RID'] != $tmp['RID'] - || $shift['URL'] != $tmp['URL'] - ) { - $shifts_updated[] = $shift; - } - } - } - - $shifts_deleted = []; - foreach ($shifts_db as $shift) { - if (!isset($shifts_pb[$shift['PSID']])) { - $shifts_deleted[] = $shift; - } - } - - return [ - $shifts_new, - $shifts_updated, - $shifts_deleted - ]; -} - -/** - * @param string $file - * @return SimpleXMLElement - */ -function read_xml($file) -{ - global $xml_import; - if (!isset($xml_import)) { - libxml_use_internal_errors(true); - $xml_import = simplexml_load_file($file); - } - return $xml_import; -} - -/** - * @param array $shifts - * @param array $shifttypes - * @return array - */ -function shifts_printable($shifts, $shifttypes) -{ - global $rooms_import; - $rooms = array_flip($rooms_import); - - uasort($shifts, 'shift_sort'); - - $shifts_printable = []; - foreach ($shifts as $shift) { - $shifts_printable[] = [ - 'day' => date('l, Y-m-d', $shift['start']), - 'start' => date('H:i', $shift['start']), - 'shifttype' => ShiftType_name_render([ - 'id' => $shift['shifttype_id'], - 'name' => $shifttypes[$shift['shifttype_id']] - ]), - 'title' => shorten($shift['title']), - 'end' => date('H:i', $shift['end']), - 'room' => $rooms[$shift['RID']] - ]; - } - return $shifts_printable; -} - -/** - * @param array $shift_a - * @param array $shift_b - * @return int - */ -function shift_sort($shift_a, $shift_b) -{ - return ($shift_a['start'] < $shift_b['start']) ? -1 : 1; -} diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php index 1d49af80..19d3c7ed 100644 --- a/includes/pages/admin_news.php +++ b/includes/pages/admin_news.php @@ -10,7 +10,7 @@ function admin_news() $request = request(); if (!$request->has('action')) { - redirect(page_link_to('news')); + throw_redirect(page_link_to('news')); } $html = '

' . __('Edit news entry') . '

' . msg(); @@ -70,17 +70,17 @@ function admin_news() engelsystem_log('News updated: ' . $request->postData('eBetreff')); success(__('News entry updated.')); - redirect(page_link_to('news')); + throw_redirect(page_link_to('news')); break; case 'delete': $news->delete(); engelsystem_log('News deleted: ' . $news->title); success(__('News entry deleted.')); - redirect(page_link_to('news')); + throw_redirect(page_link_to('news')); break; default: - redirect(page_link_to('news')); + throw_redirect(page_link_to('news')); } return $html . '
'; } diff --git a/includes/pages/admin_questions.php b/includes/pages/admin_questions.php index 54d5509b..8a63f8db 100644 --- a/includes/pages/admin_questions.php +++ b/includes/pages/admin_questions.php @@ -122,7 +122,7 @@ function admin_questions() . ' answered: ' . $answer ); - redirect(page_link_to('admin_questions')); + throw_redirect(page_link_to('admin_questions')); } else { return error('Enter an answer!', true); } @@ -145,7 +145,7 @@ function admin_questions() if (!empty($question)) { $question->delete(); engelsystem_log('Question deleted: ' . $question['Question']); - redirect(page_link_to('admin_questions')); + throw_redirect(page_link_to('admin_questions')); } else { return error('No question found.', true); } diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php index c55eb227..733e56af 100644 --- a/includes/pages/admin_rooms.php +++ b/includes/pages/admin_rooms.php @@ -19,7 +19,6 @@ function admin_rooms() foreach ($rooms_source as $room) { $rooms[] = [ 'name' => Room_name_render($room), - 'from_frab' => glyph_bool($room['from_frab']), 'map_url' => glyph_bool(!empty($room['map_url'])), 'actions' => table_buttons([ button( @@ -40,7 +39,6 @@ function admin_rooms() if ($request->has('show')) { $msg = ''; $name = ''; - $from_frab = false; $map_url = null; $description = null; $room_id = 0; @@ -56,12 +54,11 @@ function admin_rooms() if (test_request_int('id')) { $room = Room($request->input('id')); if (empty($room)) { - redirect(page_link_to('admin_rooms')); + throw_redirect(page_link_to('admin_rooms')); } $room_id = $request->input('id'); $name = $room['Name']; - $from_frab = $room['from_frab']; $map_url = $room['map_url']; $description = $room['description']; @@ -88,8 +85,6 @@ function admin_rooms() $msg .= error(__('Please enter a name.'), true); } - $from_frab = $request->has('from_frab'); - if ($request->has('map_url')) { $map_url = strip_request_item('map_url'); } @@ -118,9 +113,9 @@ function admin_rooms() if ($valid) { if (empty($room_id)) { - $room_id = Room_create($name, $from_frab, $map_url, $description); + $room_id = Room_create($name, $map_url, $description); } else { - Room_update($room_id, $name, $from_frab, $map_url, $description); + Room_update($room_id, $name, $map_url, $description); } NeededAngelTypes_delete_by_room($room_id); @@ -140,7 +135,7 @@ function admin_rooms() . ' to: ' . join(', ', $needed_angeltype_info) ); success(__('Room saved.')); - redirect(page_link_to('admin_rooms')); + throw_redirect(page_link_to('admin_rooms')); } } $angeltypes_count_form = []; @@ -159,7 +154,6 @@ function admin_rooms() div('row', [ div('col-md-6', [ form_text('name', __('Name'), $name, false, 35), - form_checkbox('from_frab', __('Frab import'), $from_frab), form_text('map_url', __('Map URL'), $map_url), form_info('', __('The map url is used to display an iframe on the room page.')), form_textarea('description', __('Description'), $description), @@ -190,7 +184,7 @@ function admin_rooms() Room_delete($room_id); success(sprintf(__('Room %s deleted.'), $name)); - redirect(page_link_to('admin_rooms')); + throw_redirect(page_link_to('admin_rooms')); } return page_with_title(admin_rooms_title(), [ @@ -212,7 +206,6 @@ function admin_rooms() msg(), table([ 'name' => __('Name'), - 'from_frab' => __('Frab import'), 'map_url' => __('Map'), 'actions' => '' ], $rooms) diff --git a/includes/pages/admin_shifts.php b/includes/pages/admin_shifts.php index c62ff995..dbcce180 100644 --- a/includes/pages/admin_shifts.php +++ b/includes/pages/admin_shifts.php @@ -345,12 +345,11 @@ function admin_shifts() !is_array($session->get('admin_shifts_shifts')) || !is_array($session->get('admin_shifts_types')) ) { - redirect(page_link_to('admin_shifts')); + throw_redirect(page_link_to('admin_shifts')); } foreach ($session->get('admin_shifts_shifts', []) as $shift) { $shift['URL'] = null; - $shift['PSID'] = null; $shift_id = Shift_create($shift); engelsystem_log( @@ -389,7 +388,7 @@ function admin_shifts() } success('Schichten angelegt.'); - redirect(page_link_to('admin_shifts')); + throw_redirect(page_link_to('admin_shifts')); } else { $session->remove('admin_shifts_shifts'); $session->remove('admin_shifts_types'); diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index 1c40586f..3fc4c694 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -22,7 +22,7 @@ function admin_user() $html = ''; if (!$request->has('id')) { - redirect(users_link()); + throw_redirect(users_link()); } $user_id = $request->input('id'); @@ -30,7 +30,7 @@ function admin_user() $user_source = User::find($user_id); if (!$user_source) { error(__('This user does not exist.')); - redirect(users_link()); + throw_redirect(users_link()); } $html .= 'Hallo,
' diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index 170572e4..820c84ea 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -239,7 +239,7 @@ function guest_register() // User is already logged in - that means a supporter has registered an angel. Return to register page. if ($authUser) { - redirect(page_link_to('register')); + throw_redirect(page_link_to('register')); } // If a welcome message is present, display it on the next page @@ -247,7 +247,7 @@ function guest_register() info((new Parsedown())->text($message)); } - redirect(page_link_to('/')); + throw_redirect(page_link_to('/')); } } diff --git a/includes/pages/schedule/ImportSchedule.php b/includes/pages/schedule/ImportSchedule.php new file mode 100644 index 00000000..136f1816 --- /dev/null +++ b/includes/pages/schedule/ImportSchedule.php @@ -0,0 +1,614 @@ +guzzle = $guzzle; + $this->parser = $parser; + $this->response = $response; + $this->session = $session; + $this->db = $db; + $this->log = $log; + } + + /** + * @return Response + */ + public function index(): Response + { + return $this->response->withView( + 'admin/schedule/index.twig', + [ + 'errors' => $this->getFromSession('errors'), + 'success' => $this->getFromSession('success'), + 'shift_types' => $this->getShiftTypes(), + ] + ); + } + + /** + * @param Request $request + * @return Response + */ + public function loadSchedule(Request $request): Response + { + try { + /** + * @var Event[] $newEvents + * @var Event[] $changeEvents + * @var Event[] $deleteEvents + * @var Room[] $newRooms + * @var int $shiftType + * @var ScheduleUrl $scheduleUrl + * @var Schedule $schedule + * @var int $minutesBefore + * @var int $minutesAfter + */ + list( + $newEvents, + $changeEvents, + $deleteEvents, + $newRooms, + $shiftType, + $scheduleUrl, + $schedule, + $minutesBefore, + $minutesAfter + ) = $this->getScheduleData($request); + } catch (ErrorException $e) { + return back()->with('errors', [$e->getMessage()]); + } + + return $this->response->withView( + 'admin/schedule/load.twig', + [ + 'errors' => $this->getFromSession('errors'), + 'schedule_url' => $scheduleUrl->url, + 'shift_type' => $shiftType, + 'minutes_before' => $minutesBefore, + 'minutes_after' => $minutesAfter, + 'schedule' => $schedule, + 'rooms' => [ + 'add' => $newRooms, + ], + 'shifts' => [ + 'add' => $newEvents, + 'update' => $changeEvents, + 'delete' => $deleteEvents, + ], + ] + ); + } + + /** + * @param Request $request + * + * @return Response + */ + public function importSchedule(Request $request): Response + { + try { + /** + * @var Event[] $newEvents + * @var Event[] $changeEvents + * @var Event[] $deleteEvents + * @var Room[] $newRooms + * @var int $shiftType + * @var ScheduleUrl $scheduleUrl + */ + list( + $newEvents, + $changeEvents, + $deleteEvents, + $newRooms, + $shiftType, + $scheduleUrl + ) = $this->getScheduleData($request); + } catch (ErrorException $e) { + return back()->with('errors', [$e->getMessage()]); + } + + $this->log('Started schedule "{schedule}" import', ['schedule' => $scheduleUrl->url]); + + foreach ($newRooms as $room) { + $this->createRoom($room); + } + + $rooms = $this->getAllRooms(); + foreach ($newEvents as $event) { + $this->createEvent( + $event, + (int)$shiftType, + $rooms + ->where('name', $event->getRoom()->getName()) + ->first(), + $scheduleUrl + ); + } + + foreach ($changeEvents as $event) { + $this->updateEvent( + $event, + (int)$shiftType, + $rooms + ->where('name', $event->getRoom()->getName()) + ->first() + ); + } + + foreach ($deleteEvents as $event) { + $this->deleteEvent($event); + } + + $this->log('Ended schedule "{schedule}" import', ['schedule' => $scheduleUrl->url]); + + return redirect($this->url, 303) + ->with('success', ['schedule.import.success']); + } + + /** + * @param Room $room + */ + protected function createRoom(Room $room): void + { + $this->db + ->table('Room') + ->insert( + [ + 'Name' => $room->getName(), + ] + ); + + $this->log('Created schedule room "{room}"', ['room' => $room->getName()]); + } + + /** + * @param Event $shift + * @param int $shiftTypeId + * @param stdClass $room + * @param ScheduleUrl $scheduleUrl + */ + protected function createEvent(Event $shift, int $shiftTypeId, stdClass $room, ScheduleUrl $scheduleUrl): void + { + $user = auth()->user(); + + $this->db + ->table('Shifts') + ->insert( + [ + 'title' => $shift->getTitle(), + 'shifttype_id' => $shiftTypeId, + 'start' => $shift->getDate()->unix(), + 'end' => $shift->getEndDate()->unix(), + 'RID' => $room->id, + 'URL' => $shift->getUrl(), + 'created_by_user_id' => $user->id, + 'created_at_timestamp' => time(), + 'edited_by_user_id' => null, + 'edited_at_timestamp' => 0, + ] + ); + + $shiftId = $this->db->getDoctrineConnection()->lastInsertId(); + + $scheduleShift = new ScheduleShift(['shift_id' => $shiftId, 'guid' => $shift->getGuid()]); + $scheduleShift->schedule()->associate($scheduleUrl); + $scheduleShift->save(); + + $this->log( + 'Created schedule shift "{shift}" in "{room}" ({from} {to}, {guid})', + [ + 'shift' => $shift->getTitle(), + 'room' => $room->name, + 'from' => $shift->getDate()->format(Carbon::RFC3339), + 'to' => $shift->getEndDate()->format(Carbon::RFC3339), + 'guid' => $shift->getGuid(), + ] + ); + } + + /** + * @param Event $shift + * @param int $shiftTypeId + * @param stdClass $room + */ + protected function updateEvent(Event $shift, int $shiftTypeId, stdClass $room): void + { + $user = auth()->user(); + + $this->db + ->table('Shifts') + ->join('schedule_shift', 'Shifts.SID', 'schedule_shift.shift_id') + ->where('schedule_shift.guid', $shift->getGuid()) + ->update( + [ + 'title' => $shift->getTitle(), + 'shifttype_id' => $shiftTypeId, + 'start' => $shift->getDate()->unix(), + 'end' => $shift->getEndDate()->unix(), + 'RID' => $room->id, + 'URL' => $shift->getUrl(), + 'edited_by_user_id' => $user->id, + 'edited_at_timestamp' => time(), + ] + ); + + $this->log( + 'Updated schedule shift "{shift}" in "{room}" ({from} {to}, {guid})', + [ + 'shift' => $shift->getTitle(), + 'room' => $room->name, + 'from' => $shift->getDate()->format(Carbon::RFC3339), + 'to' => $shift->getEndDate()->format(Carbon::RFC3339), + 'guid' => $shift->getGuid(), + ] + ); + } + + /** + * @param Event $shift + */ + protected function deleteEvent(Event $shift): void + { + $this->db + ->table('Shifts') + ->join('schedule_shift', 'Shifts.SID', 'schedule_shift.shift_id') + ->where('schedule_shift.guid', $shift->getGuid()) + ->delete(); + + $this->log( + 'Deleted schedule shift "{shift}" ({from} {to}, {guid})', + [ + 'shift' => $shift->getTitle(), + 'from' => $shift->getDate()->format(Carbon::RFC3339), + 'to' => $shift->getEndDate()->format(Carbon::RFC3339), + 'guid' => $shift->getGuid(), + ] + ); + } + + /** + * @param Request $request + * @return Event[]|Room[]|ScheduleUrl|Schedule|string + * @throws ErrorException + */ + protected function getScheduleData(Request $request) + { + $data = $this->validate( + $request, + [ + 'schedule-url' => 'required|url', + 'shift-type' => 'required|int', + 'minutes-before' => 'optional|int', + 'minutes-after' => 'optional|int', + ] + ); + + $scheduleResponse = $this->guzzle->get($data['schedule-url']); + if ($scheduleResponse->getStatusCode() != 200) { + throw new ErrorException('schedule.import.request-error'); + } + + $scheduleData = (string)$scheduleResponse->getBody(); + if (!$this->parser->load($scheduleData)) { + throw new ErrorException('schedule.import.read-error'); + } + + $shiftType = (int)$data['shift-type']; + if (!isset($this->getShiftTypes()[$shiftType])) { + throw new ErrorException('schedule.import.invalid-shift-type'); + } + + $scheduleUrl = $this->getScheduleUrl($data['schedule-url']); + $schedule = $this->parser->getSchedule(); + $minutesBefore = isset($data['minutes-before']) ? (int)$data['minutes-before'] : 15; + $minutesAfter = isset($data['minutes-after']) ? (int)$data['minutes-after'] : 15; + $newRooms = $this->newRooms($schedule->getRooms()); + return array_merge( + $this->shiftsDiff($schedule, $scheduleUrl, $shiftType, $minutesBefore, $minutesAfter), + [$newRooms, $shiftType, $scheduleUrl, $schedule, $minutesBefore, $minutesAfter] + ); + } + + /** + * @param string $name + * @return Collection + */ + protected function getFromSession(string $name): Collection + { + $data = Collection::make(Arr::flatten($this->session->get($name, []))); + $this->session->remove($name); + + return $data; + } + + /** + * @param Room[] $scheduleRooms + * @return Room[] + */ + protected function newRooms(array $scheduleRooms): array + { + $newRooms = []; + $allRooms = $this->getAllRooms(); + + foreach ($scheduleRooms as $room) { + if ($allRooms->where('name', $room->getName())->count()) { + continue; + } + + $newRooms[] = $room; + } + + return $newRooms; + } + + /** + * @param Schedule $schedule + * @param ScheduleUrl $scheduleUrl + * @param int $shiftType + * @param int $minutesBefore + * @param int $minutesAfter + * @return Event[] + */ + protected function shiftsDiff( + Schedule $schedule, + ScheduleUrl $scheduleUrl, + int $shiftType, + int $minutesBefore, + int $minutesAfter + ): array { + /** @var Event[] $newEvents */ + $newEvents = []; + /** @var Event[] $changeEvents */ + $changeEvents = []; + /** @var Event[] $scheduleEvents */ + $scheduleEvents = []; + /** @var Event[] $deleteEvents */ + $deleteEvents = []; + $rooms = $this->getAllRooms(); + + foreach ($schedule->getDay() as $day) { + foreach ($day->getRoom() as $room) { + foreach ($room->getEvent() as $event) { + $scheduleEvents[$event->getGuid()] = $event; + + $event->getDate()->subMinutes($minutesBefore); + $event->getEndDate()->addMinutes($minutesAfter); + $event->setTitle(sprintf('%s [%s]', $event->getTitle(), $event->getLanguage())); + } + } + } + + $scheduleEventsGuidList = array_keys($scheduleEvents); + $existingShifts = $this->getScheduleShiftsByGuid($scheduleUrl, $scheduleEventsGuidList); + foreach ($existingShifts as $shift) { + $guid = $shift->guid; + $shift = $this->loadShift($shift->shift_id); + $event = $scheduleEvents[$guid]; + $room = $rooms->where('name', $event->getRoom()->getName())->first(); + + if ( + $shift->title != $event->getTitle() + || $shift->shift_type_id != $shiftType + || Carbon::createFromTimestamp($shift->start) != $event->getDate() + || Carbon::createFromTimestamp($shift->end) != $event->getEndDate() + || $shift->room_id != ($room->id ?? '') + || $shift->url != $event->getUrl() + ) { + $changeEvents[$guid] = $event; + } + + unset($scheduleEvents[$guid]); + } + + foreach ($scheduleEvents as $scheduleEvent) { + $newEvents[$scheduleEvent->getGuid()] = $scheduleEvent; + } + + $scheduleShifts = $this->getScheduleShiftsWhereNotGuid($scheduleUrl, $scheduleEventsGuidList); + foreach ($scheduleShifts as $shift) { + $event = $this->eventFromScheduleShift($shift); + $deleteEvents[$event->getGuid()] = $event; + } + + return [$newEvents, $changeEvents, $deleteEvents]; + } + + /** + * @param ScheduleShift $scheduleShift + * @return Event + */ + protected function eventFromScheduleShift(ScheduleShift $scheduleShift): Event + { + $shift = $this->loadShift($scheduleShift->shift_id); + $start = Carbon::createFromTimestamp($shift->start); + $end = Carbon::createFromTimestamp($shift->end); + $duration = $start->diff($end); + + $event = new Event( + $scheduleShift->guid, + 0, + new Room($shift->room_name), + $shift->title, + '', + 'n/a', + Carbon::createFromTimestamp($shift->start), + $start->format('H:i'), + $duration->format('%H:%I'), + '', + '', + '' + ); + + return $event; + } + + /** + * @return Collection + */ + protected function getAllRooms(): Collection + { + return new Collection($this->db->select('SELECT RID as id, Name as name FROM Room')); + } + + /** + * @param ScheduleUrl $scheduleUrl + * @param string[] $events + * @return QueryBuilder[]|DatabaseCollection|ScheduleShift[] + */ + protected function getScheduleShiftsByGuid(ScheduleUrl $scheduleUrl, array $events) + { + return ScheduleShift::query() + ->whereIn('guid', $events) + ->where('schedule_id', $scheduleUrl->id) + ->get(); + } + + /** + * @param ScheduleUrl $scheduleUrl + * @param string[] $events + * @return QueryBuilder[]|DatabaseCollection|ScheduleShift[] + */ + protected function getScheduleShiftsWhereNotGuid(ScheduleUrl $scheduleUrl, array $events) + { + return ScheduleShift::query() + ->whereNotIn('guid', $events) + ->where('schedule_id', $scheduleUrl->id) + ->get(); + } + + /** + * @param $id + * @return stdClass|null + */ + protected function loadShift($id): ?stdClass + { + return $this->db->selectOne( + ' + SELECT + s.SID AS id, + s.title, + s.start, + s.end, + s.shifttype_id AS shift_type_id, + s.RID AS room_id, + r.Name AS room_name, + s.URL as url + FROM Shifts AS s + LEFT JOIN Room r on s.RID = r.RID + WHERE SID = ? + ', + [$id] + ); + } + + /** + * @return string[] + */ + protected function getShiftTypes() + { + $return = []; + /** @var stdClass[] $shiftTypes */ + $shiftTypes = $this->db->select('SELECT t.id, t.name FROM ShiftTypes AS t'); + + foreach ($shiftTypes as $shiftType) { + $return[$shiftType->id] = $shiftType->name; + } + + return $return; + } + + /** + * @param string $scheduleUrl + * @return ScheduleUrl + */ + protected function getScheduleUrl(string $scheduleUrl): ScheduleUrl + { + if (!$schedule = ScheduleUrl::whereUrl($scheduleUrl)->first()) { + $schedule = new ScheduleUrl(['url' => $scheduleUrl]); + $schedule->save(); + + $this->log('Created schedule "{schedule}"', ['schedule' => $schedule->url]); + } + + return $schedule; + } + + /** + * @param string $message + * @param array $context + */ + protected function log(string $message, array $context = []): void + { + $user = auth()->user(); + $message = sprintf('%s (%u): %s', $user->name, $user->id, $message); + + $this->log->info($message, $context); + } +} diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php index ce496132..72bb9ae2 100644 --- a/includes/pages/user_messages.php +++ b/includes/pages/user_messages.php @@ -141,7 +141,7 @@ function user_messages() 'UPDATE `Messages` SET `isRead`=\'Y\' WHERE `id`=? LIMIT 1', [$message_id] ); - redirect(page_link_to('user_messages')); + throw_redirect(page_link_to('user_messages')); } else { return error(__('No Message found.'), true); } @@ -160,7 +160,7 @@ function user_messages() ); if (!empty($message) && $message['SUID'] == $user->id) { DB::delete('DELETE FROM `Messages` WHERE `id`=? LIMIT 1', [$message_id]); - redirect(page_link_to('user_messages')); + throw_redirect(page_link_to('user_messages')); } else { return error(__('No Message found.'), true); } @@ -168,7 +168,7 @@ function user_messages() case 'send': if (Message_send($request->input('to'), $request->input('text'))) { - redirect(page_link_to('user_messages')); + throw_redirect(page_link_to('user_messages')); } else { return error(__('Transmitting was terminated with an Error.'), true); } diff --git a/includes/pages/user_myshifts.php b/includes/pages/user_myshifts.php index f962225e..ca6762f7 100644 --- a/includes/pages/user_myshifts.php +++ b/includes/pages/user_myshifts.php @@ -37,7 +37,7 @@ function user_myshifts() if ($request->input('reset') == 'ack') { User_reset_api_key($user); success(__('Key changed.')); - redirect(page_link_to('users', ['action' => 'view', 'user_id' => $shifts_user->id])); + throw_redirect(page_link_to('users', ['action' => 'view', 'user_id' => $shifts_user->id])); } return page_with_title(__('Reset API key'), [ error( @@ -109,7 +109,7 @@ function user_myshifts() . '. Freeloaded: ' . ($freeloaded ? 'YES Comment: ' . $freeload_comment : 'NO') ); success(__('Shift saved.')); - redirect(page_link_to('users', ['action' => 'view', 'user_id' => $shifts_user->id])); + throw_redirect(page_link_to('users', ['action' => 'view', 'user_id' => $shifts_user->id])); } } @@ -125,10 +125,10 @@ function user_myshifts() auth()->can('user_shifts_admin') ); } else { - redirect(page_link_to('user_myshifts')); + throw_redirect(page_link_to('user_myshifts')); } } - redirect(page_link_to('users', ['action' => 'view', 'user_id' => $shifts_user->id])); + throw_redirect(page_link_to('users', ['action' => 'view', 'user_id' => $shifts_user->id])); return ''; } diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index 4eb8f0ce..8b9c21ad 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -197,7 +197,7 @@ function user_news() engelsystem_log('Created news: ' . $news->title . ', is meeting: ' . ($news->is_meeting ? 'yes' : 'no')); success(__('Entry saved.')); - redirect(page_link_to('news')); + throw_redirect(page_link_to('news')); } if (preg_match('/^\d{1,}$/', $request->input('page', 0))) { diff --git a/includes/pages/user_questions.php b/includes/pages/user_questions.php index 13f58b10..7654d540 100644 --- a/includes/pages/user_questions.php +++ b/includes/pages/user_questions.php @@ -38,7 +38,7 @@ function user_questions() ]); success(__('You question was saved.')); - redirect(page_link_to('user_questions')); + throw_redirect(page_link_to('user_questions')); } else { return page_with_title(questions_title(), [ error(__('Please enter a question!'), true) @@ -59,7 +59,7 @@ function user_questions() $question = Question::find($question_id); if (!empty($question) && $question->user_id == $user->id) { $question->delete(); - redirect(page_link_to('user_questions')); + throw_redirect(page_link_to('user_questions')); } else { return page_with_title(questions_title(), [ error(__('No question found.'), true) diff --git a/includes/pages/user_settings.php b/includes/pages/user_settings.php index e398e3a8..5646b27f 100644 --- a/includes/pages/user_settings.php +++ b/includes/pages/user_settings.php @@ -91,7 +91,7 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes) $user_source->settings->save(); success(__('Settings saved.')); - redirect(page_link_to('user_settings')); + throw_redirect(page_link_to('user_settings')); } return $user_source; @@ -119,7 +119,7 @@ function user_settings_password($user_source) $auth->setPassword($user_source, $request->postData('new_password')); success(__('Password saved.')); } - redirect(page_link_to('user_settings')); + throw_redirect(page_link_to('user_settings')); } /** @@ -144,7 +144,7 @@ function user_settings_theme($user_source, $themes) $user_source->settings->save(); success(__('Theme changed.')); - redirect(page_link_to('user_settings')); + throw_redirect(page_link_to('user_settings')); } return $user_source; @@ -174,7 +174,7 @@ function user_settings_locale($user_source, $locales) $session->set('locale', $user_source->settings->language); success('Language changed.'); - redirect(page_link_to('user_settings')); + throw_redirect(page_link_to('user_settings')); } return $user_source; diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php index 8e3c8ded..20bcca86 100644 --- a/includes/pages/user_shifts.php +++ b/includes/pages/user_shifts.php @@ -25,7 +25,7 @@ function user_shifts() $request = request(); if (User_is_freeloader(auth()->user())) { - redirect(page_link_to('user_myshifts')); + throw_redirect(page_link_to('user_myshifts')); } if ($request->has('edit_shift')) { @@ -99,7 +99,7 @@ function load_rooms() ); if (empty($rooms)) { error(__('The administration has not configured any rooms yet.')); - redirect(page_link_to('/')); + throw_redirect(page_link_to('/')); } return $rooms; } @@ -120,7 +120,7 @@ function load_days() error(__('The administration has not configured any shifts yet.')); // Do not try to redirect to the current page if (config('home_site') != 'user_shifts') { - redirect(page_link_to('/')); + throw_redirect(page_link_to('/')); } } return $days; @@ -135,7 +135,7 @@ function load_types() if (!count(DB::select('SELECT `id`, `name` FROM `AngelTypes`'))) { error(__('The administration has not configured any angeltypes yet - or you are not subscribed to any angeltype.')); - redirect(page_link_to('/')); + throw_redirect(page_link_to('/')); } $types = DB::select(' SELECT diff --git a/includes/sys_menu.php b/includes/sys_menu.php index 3bb061ce..01a4b6d2 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -108,30 +108,38 @@ function make_navigation() $admin_menu = []; $admin_pages = [ - 'admin_arrive' => __('Arrived angels'), - 'admin_active' => __('Active angels'), - 'admin_user' => __('All Angels'), - 'admin_free' => __('Free angels'), - 'admin_questions' => __('Answer questions'), - 'shifttypes' => __('Shifttypes'), - 'admin_shifts' => __('Create shifts'), - 'admin_rooms' => __('Rooms'), - 'admin_groups' => __('Grouprights'), - 'admin_import' => __('Frab import'), - 'admin_log' => __('Log'), - 'admin_event_config' => __('Event config'), + 'admin_arrive' => 'Arrived angels', + 'admin_active' => 'Active angels', + 'admin_user' => 'All Angels', + 'admin_free' => 'Free angels', + 'admin_questions' => 'Answer questions', + 'shifttypes' => 'Shifttypes', + 'admin_shifts' => 'Create shifts', + 'admin_rooms' => 'Rooms', + 'admin_groups' => 'Grouprights', + 'admin/schedule' => ['schedule.import', 'schedule.import'], + 'admin_log' => 'Log', + 'admin_event_config' => 'Event config', ]; if (config('autoarrive')) { unset($admin_pages['admin_arrive']); } - foreach ($admin_pages as $menu_page => $title) { - if (auth()->can($menu_page)) { + foreach ($admin_pages as $menu_page => $options) { + $options = (array)$options; + $permissions = $menu_page; + $title = $options[0]; + + if (isset($options[1])) { + $permissions = $options[1]; + } + + if (auth()->can($permissions)) { $admin_menu[] = toolbar_item_link( page_link_to($menu_page), '', - $title, + __($title), $menu_page == $page ); } diff --git a/includes/sys_page.php b/includes/sys_page.php index c7b3ec74..d00a9b70 100644 --- a/includes/sys_page.php +++ b/includes/sys_page.php @@ -1,6 +1,7 @@ ' . join(' ', $buttons) . ''; } -/** - * @param string $str - * @param int $length - * @return string - */ -function shorten($str, $length = 50) -{ - if (strlen($str) < $length) { - return $str; - } - return '' - . substr($str, 0, $length - 3) - . '...'; -} - -/** - * @param array[] $array - * @return string - */ -function table_body($array) -{ - $html = ''; - foreach ($array as $line) { - $html .= ''; - if (is_array($line)) { - foreach ($line as $td) { - $html .= '' . $td . ''; - } - } else { - $html .= '' . $line . ''; - } - $html .= ''; - } - return $html; -} - /** * @param string $msg * @return mixed diff --git a/resources/lang/de_DE/additional.po b/resources/lang/de_DE/additional.po index 00eb90b3..ffbd7792 100644 --- a/resources/lang/de_DE/additional.po +++ b/resources/lang/de_DE/additional.po @@ -34,3 +34,36 @@ msgstr "Deine Passwörter stimmen nicht überein." msgid "validation.password_confirmation.required" msgstr "Du musst dein Passwort bestätigen." + +msgid "schedule.import" +msgstr "Programm importieren" + +msgid "schedule.import.request-error" +msgstr "Das Programm konnte nicht abgerufen werden." + +msgid "schedule.import.read-error" +msgstr "Das Programm konnte nicht gelesen werden." + +msgid "schedule.import.invalid-shift-type" +msgstr "Der Schichttyp konnte nicht gefunden werden." + +msgid "schedule.import.success" +msgstr "Das Programm wurde erfolgreich importiert." + +msgid "validation.schedule-url.required" +msgstr "Bitte gib eine Programm URL an." + +msgid "validation.schedule-url.url" +msgstr "Die Programm URL muss eine URL sein." + +msgid "validation.shift-type.required" +msgstr "Der Schichttyp ist erforderlich." + +msgid "validation.shift-type.int" +msgstr "Der Schichttyp muss eine Zahl sein." + +msgid "validation.minutes-before.int" +msgstr "Die Minuten vor dem Talk müssen eine Zahl sein." + +msgid "validation.minutes-after.int" +msgstr "Die Minuten nach dem Talk müssen eine Zahl sein." diff --git a/resources/lang/de_DE/default.po b/resources/lang/de_DE/default.po index d5a6c59e..7f017f13 100644 --- a/resources/lang/de_DE/default.po +++ b/resources/lang/de_DE/default.po @@ -2806,3 +2806,60 @@ msgstr "" #~ msgid "auth.no-nickname" #~ msgstr "Gib bitte einen Nick an." + +msgid "form.load_schedule" +msgstr "Programm laden" + +msgid "form.import" +msgstr "Importieren" + +msgid "schedule.import.title" +msgstr "Programm importieren" + +msgid "schedule.import.text" +msgstr "Dieser Import erstellt Räume und erstellt, aktualisiert und löscht Schichten anhand des schedule.xml exportes." + +msgid "schedule.import.load.title" +msgstr "Programm importieren: Vorschau" + +msgid "schedule.import.load.info" +msgstr "Importiere \"%s\" (Version \"%s\")" + +msgid "schedule.url" +msgstr "Programm URL (schedule.xml)" + +msgid "schedule.shift-type" +msgstr "Schichttyp" + +msgid "schedule.minutes-before" +msgstr "Minuten vor Talk beginn hinzufügen" + +msgid "schedule.minutes-after" +msgstr "Minuten nach Talk ende hinzufügen" + +msgid "schedule.import.rooms.add" +msgstr "Neue Räume" + +msgid "schedule.import.shifts.add" +msgstr "Neue Schichten" + +msgid "schedule.import.shifts.update" +msgstr "Zu aktualisierende Schichten" + +msgid "schedule.import.shifts.delete" +msgstr "Zu löschende Schichten" + +msgid "schedule.import.rooms.name" +msgstr "Name" + +msgid "schedule.import.shift.dates" +msgstr "Zeit" + +msgid "schedule.import.shift.type" +msgstr "Typ" + +msgid "schedule.import.shift.title" +msgstr "Titel" + +msgid "schedule.import.shift.room" +msgstr "Raum" diff --git a/resources/lang/en_US/additional.po b/resources/lang/en_US/additional.po index 9943b0ab..fa49ffdf 100644 --- a/resources/lang/en_US/additional.po +++ b/resources/lang/en_US/additional.po @@ -32,3 +32,36 @@ msgstr "Your passwords are not equal." msgid "validation.password_confirmation.required" msgstr "You have to confirm your password." + +msgid "schedule.import" +msgstr "Import schedule" + +msgid "schedule.import.request-error" +msgstr "The schedule could not be requested." + +msgid "schedule.import.read-error" +msgstr "Unable to parse schedule." + +msgid "schedule.import.invalid-shift-type" +msgstr "The shift type can't not be found." + +msgid "schedule.import.success" +msgstr "Schedule import successful." + +msgid "validation.schedule-url.required" +msgstr "The schedule URL is required." + +msgid "validation.schedule-url.url" +msgstr "The schedule URL needs to be of type URL." + +msgid "validation.shift-type.required" +msgstr "The shift type is required." + +msgid "validation.shift-type.int" +msgstr "The shift type has to ba a number." + +msgid "validation.minutes-before.int" +msgstr "The minutes before the talk have to be an integer." + +msgid "validation.minutes-after.int" +msgstr "The minutes after the talk have to be an integer." diff --git a/resources/lang/en_US/default.po b/resources/lang/en_US/default.po index cfb587f1..4ee92c78 100644 --- a/resources/lang/en_US/default.po +++ b/resources/lang/en_US/default.po @@ -45,3 +45,63 @@ msgstr "" "Please have a look at the " "[contributors list on GitHub](https://github.com/engelsystem/engelsystem/graphs/contributors)" " for a complete list." + +msgid "form.load_schedule" +msgstr "Load schedule" + +msgid "form.import" +msgstr "Import" + +msgid "schedule.import.title" +msgstr "Import schedule" + +msgid "schedule.import.text" +msgstr "This import creates rooms and creates, updates and deletes shifts according to the schedule.xml export." + +msgid "schedule.import.load.title" +msgstr "Import schedule: Preview" + +msgid "schedule.import.load.info" +msgstr "Import \"%s\" (version \"%s\")" + +msgid "schedule.url" +msgstr "Schedule URL (schedule.xml)" + +msgid "schedule.shift-type" +msgstr "Shift type" + +msgid "schedule.minutes-before" +msgstr "Add minutes before talk begins" + +msgid "schedule.minutes-after" +msgstr "Add minutes after talk ends" + +msgid "schedule.import.request_error" +msgstr "Unable to load schedule." + +msgid "schedule.import.rooms.add" +msgstr "Rooms to create" + +msgid "schedule.import.shifts.add" +msgstr "Shifts to create" + +msgid "schedule.import.shifts.update" +msgstr "Shifts to update" + +msgid "schedule.import.shifts.delete" +msgstr "Shifts to delete" + +msgid "schedule.import.rooms.name" +msgstr "Name" + +msgid "schedule.import.shift.dates" +msgstr "Times" + +msgid "schedule.import.shift.type" +msgstr "Type" + +msgid "schedule.import.shift.title" +msgstr "Title" + +msgid "schedule.import.shift.room" +msgstr "Room" diff --git a/resources/views/admin/schedule/index.twig b/resources/views/admin/schedule/index.twig new file mode 100644 index 00000000..08a9cb2b --- /dev/null +++ b/resources/views/admin/schedule/index.twig @@ -0,0 +1,41 @@ +{% extends 'layouts/app.twig' %} +{% import 'macros/base.twig' as m %} +{% import 'macros/form.twig' as f %} + +{% set title %}{% block title %}{{ __('schedule.import.title') }}{% endblock %}{% endset %} + +{% block content %} +
+

{% block content_title %}{{ title }}{% endblock %}

+ + {% for message in errors|default([]) %} + {{ m.alert(__(message), 'danger') }} + {% endfor %} + {% for message in success|default([]) %} + {{ m.alert(__(message), 'success') }} + {% endfor %} + +
+ {% block row_content %} +
+ {{ csrf() }} + +
+

{{ __('schedule.import.text') }}

+
+ +
+ {{ f.input('schedule-url', __('schedule.url'), 'url', {'required': true}) }} + + {{ f.select('shift-type', shift_types|default([]), __('schedule.shift-type')) }} + + {{ f.input('minutes-before', __('schedule.minutes-before'), 'number', {'value': 15, 'required': true}) }} + {{ f.input('minutes-after', __('schedule.minutes-after'), 'number', {'value': 15, 'required': true}) }} + + {{ f.submit(__('form.load_schedule')) }} +
+
+ {% endblock %} +
+
+{% endblock %} diff --git a/resources/views/admin/schedule/load.twig b/resources/views/admin/schedule/load.twig new file mode 100644 index 00000000..8c936bec --- /dev/null +++ b/resources/views/admin/schedule/load.twig @@ -0,0 +1,79 @@ +{% extends 'admin/schedule/index.twig' %} +{% import 'macros/form.twig' as f %} + +{% block title %}{{ __('schedule.import.load.title') }}{% endblock %} + +{% block row_content %} +
+ {{ csrf() }} + {{ f.hidden('schedule-url', schedule_url) }} + {{ f.hidden('shift-type', shift_type) }} + {{ f.hidden('minutes-before', minutes_before) }} + {{ f.hidden('minutes-after', minutes_after) }} + +
+

{{ __('schedule.import.load.info', [schedule.conference.title, schedule.version]) }}

+ +

{{ __('schedule.import.rooms.add') }}

+ {{ _self.roomsTable(rooms.add) }} + +

{{ __('schedule.import.shifts.add') }}

+ {{ _self.shiftsTable(shifts.add) }} + +

{{ __('schedule.import.shifts.update') }}

+ {{ _self.shiftsTable(shifts.update) }} + +

{{ __('schedule.import.shifts.delete') }}

+ {{ _self.shiftsTable(shifts.delete) }} + + {{ f.submit(__('form.import')) }} +
+
+{% endblock %} + + +{% macro roomsTable(rooms) %} +
+ + + + + + + + + {% for room in rooms %} + + + + {% endfor %} + +
{{ __('schedule.import.rooms.name') }}
{{ room.name }}
+
+{% endmacro %} + +{% macro shiftsTable(shifts) %} +
+ + + + + + + + + + + + {% for shift in shifts %} + + + + + + + {% endfor %} + +
{{ __('schedule.import.shift.dates') }}{{ __('schedule.import.shift.type') }}{{ __('schedule.import.shift.title') }}{{ __('schedule.import.shift.room') }}
{{ shift.date.format(__('Y-m-d H:i')) }} - {{ shift.endDate.format(__('H:i')) }}{{ shift.type }}{{ shift.title }}{% if shift.subtitle %}
{{ shift.subtitle }}{% endif %}
{{ shift.room.name }}
+
+{% endmacro %} diff --git a/resources/views/macros/form.twig b/resources/views/macros/form.twig index 5d41b085..ece85fcf 100644 --- a/resources/views/macros/form.twig +++ b/resources/views/macros/form.twig @@ -1,18 +1,35 @@ -{% macro input(name, label, type, required) %} +{% macro input(name, label, type, opt) %}
- {% if label %} + {% if label -%} - {% endif %} -
-{% endmacro %} +{%- endmacro %} + +{% macro select(name, data, label, selected) %} +
+ {% if label -%} + + {% endif %} + +
+{%- endmacro %} {% macro hidden(name, value) %} -{% endmacro %} +{%- endmacro %} {% macro submit(label) %} - -{% endmacro %} + +{%- endmacro %} diff --git a/resources/views/pages/password/reset-form.twig b/resources/views/pages/password/reset-form.twig index 60eb2499..a72dc92b 100644 --- a/resources/views/pages/password/reset-form.twig +++ b/resources/views/pages/password/reset-form.twig @@ -7,8 +7,8 @@
{{ csrf() }} - {{ f.input('password', __('Password'), 'password', true) }} - {{ f.input('password_confirmation', __('Confirm password'), 'password', true) }} + {{ f.input('password', __('Password'), 'password', {'required': true}) }} + {{ f.input('password_confirmation', __('Confirm password'), 'password', {'required': true}) }}
{{ f.submit(__('Save')) }} diff --git a/resources/views/pages/password/reset.twig b/resources/views/pages/password/reset.twig index 289152ea..b1de4eae 100644 --- a/resources/views/pages/password/reset.twig +++ b/resources/views/pages/password/reset.twig @@ -19,7 +19,7 @@ {{ csrf() }} {{ __('We will send you an e-mail with a password recovery link. Please use the email address you used for registration.') }} - {{ f.input('email', __('E-Mail'), 'email', true) }} + {{ f.input('email', __('E-Mail'), 'email', {'required': true}) }}
{{ f.submit(__('Recover')) }} diff --git a/src/Helpers/Schedule/CalculatesTime.php b/src/Helpers/Schedule/CalculatesTime.php new file mode 100644 index 00000000..c9dbeea1 --- /dev/null +++ b/src/Helpers/Schedule/CalculatesTime.php @@ -0,0 +1,24 @@ + $times) { + $seconds += [60 * 60, 60][$key] * $times; + } + + return $seconds; + } +} diff --git a/src/Helpers/Schedule/Conference.php b/src/Helpers/Schedule/Conference.php new file mode 100644 index 00000000..0819d059 --- /dev/null +++ b/src/Helpers/Schedule/Conference.php @@ -0,0 +1,129 @@ +title = $title; + $this->acronym = $acronym; + $this->start = $start; + $this->end = $end; + $this->days = $days; + $this->timeslotDuration = $timeslotDuration; + $this->baseUrl = $baseUrl; + } + + /** + * @return string + */ + public function getTitle(): string + { + return $this->title; + } + + /** + * @return string + */ + public function getAcronym(): string + { + return $this->acronym; + } + + /** + * @return string|null + */ + public function getStart(): ?string + { + return $this->start; + } + + /** + * @return string|null + */ + public function getEnd(): ?string + { + return $this->end; + } + + /** + * @return int|null + */ + public function getDays(): ?int + { + return $this->days; + } + + /** + * @return string|null + */ + public function getTimeslotDuration(): ?string + { + return $this->timeslotDuration; + } + + /** + * @return int|null + */ + public function getTimeslotDurationSeconds(): ?int + { + $duration = $this->getTimeslotDuration(); + if (!$duration) { + return null; + } + + return $this->secondsFromTime($duration); + } + + /** + * @return string|null + */ + public function getBaseUrl(): ?string + { + return $this->baseUrl; + } +} diff --git a/src/Helpers/Schedule/Day.php b/src/Helpers/Schedule/Day.php new file mode 100644 index 00000000..03106e8f --- /dev/null +++ b/src/Helpers/Schedule/Day.php @@ -0,0 +1,88 @@ +date = $date; + $this->start = $start; + $this->end = $end; + $this->index = $index; + $this->room = $rooms; + } + + /** + * @return string + */ + public function getDate(): string + { + return $this->date; + } + + /** + * @return Carbon + */ + public function getStart(): Carbon + { + return $this->start; + } + + /** + * @return Carbon + */ + public function getEnd(): Carbon + { + return $this->end; + } + + /** + * @return int + */ + public function getIndex(): int + { + return $this->index; + } + + /** + * @return Room[] + */ + public function getRoom(): array + { + return $this->room; + } +} diff --git a/src/Helpers/Schedule/Event.php b/src/Helpers/Schedule/Event.php new file mode 100644 index 00000000..ab3b39a5 --- /dev/null +++ b/src/Helpers/Schedule/Event.php @@ -0,0 +1,345 @@ + name */ + protected $persons; + + /** @var string|null two letter code */ + protected $language; + + /** @var string|null */ + protected $description; + + /** @var string|null license (and opt out in XML, null if not recorded, empty if no license defined) */ + protected $recording; + + /** @var array href => title */ + protected $links; + + /** @var array href => name */ + protected $attachments; + + /** @var string|null */ + protected $url; + + /** @var string|null */ + protected $videoDownloadUrl; + + /** @var Carbon Calculated */ + protected $endDate; + + /** + * Event constructor. + * + * @param string $guid + * @param int $id + * @param Room $room + * @param string $title + * @param string $subtitle + * @param string $type + * @param Carbon $date + * @param string $start + * @param string $duration + * @param string $abstract + * @param string $slug + * @param string $track + * @param string|null $logo + * @param string[] $persons + * @param string|null $language + * @param string|null $description + * @param string|null $recording license + * @param array $links + * @param array $attachments + * @param string|null $url + * @param string|null $videoDownloadUrl + */ + public function __construct( + string $guid, + int $id, + Room $room, + string $title, + string $subtitle, + string $type, + Carbon $date, + string $start, + string $duration, + string $abstract, + string $slug, + string $track, + ?string $logo = null, + array $persons = [], + ?string $language = null, + ?string $description = null, + string $recording = '', + array $links = [], + array $attachments = [], + ?string $url = null, + ?string $videoDownloadUrl = null + ) { + $this->guid = $guid; + $this->id = $id; + $this->room = $room; + $this->title = $title; + $this->subtitle = $subtitle; + $this->type = $type; + $this->date = $date; + $this->start = $start; + $this->duration = $duration; + $this->abstract = $abstract; + $this->slug = $slug; + $this->track = $track; + $this->logo = $logo; + $this->persons = $persons; + $this->language = $language; + $this->description = $description; + $this->recording = $recording; + $this->links = $links; + $this->attachments = $attachments; + $this->url = $url; + $this->videoDownloadUrl = $videoDownloadUrl; + + $this->endDate = $this->date + ->copy() + ->addSeconds($this->getDurationSeconds()); + } + + /** + * @return string + */ + public function getGuid(): string + { + return $this->guid; + } + + /** + * @return int + */ + public function getId(): int + { + return $this->id; + } + + /** + * @return Room + */ + public function getRoom(): Room + { + return $this->room; + } + + /** + * @return string + */ + public function getTitle(): string + { + return $this->title; + } + + /** + * @param string $title + */ + public function setTitle(string $title): void + { + $this->title = $title; + } + + /** + * @return string + */ + public function getSubtitle(): string + { + return $this->subtitle; + } + + /** + * @return string + */ + public function getType(): string + { + return $this->type; + } + + /** + * @return Carbon + */ + public function getDate(): Carbon + { + return $this->date; + } + + /** + * @return string + */ + public function getStart(): string + { + return $this->start; + } + + /** + * @return string + */ + public function getDuration(): string + { + return $this->duration; + } + + /** + * @return int + */ + public function getDurationSeconds(): int + { + return $this->secondsFromTime($this->duration); + } + + /** + * @return string + */ + public function getAbstract(): string + { + return $this->abstract; + } + + /** + * @return string + */ + public function getSlug(): string + { + return $this->slug; + } + + /** + * @return string + */ + public function getTrack(): string + { + return $this->track; + } + + /** + * @return string|null + */ + public function getLogo(): ?string + { + return $this->logo; + } + + /** + * @return string[] + */ + public function getPersons(): array + { + return $this->persons; + } + + /** + * @return string|null + */ + public function getLanguage(): ?string + { + return $this->language; + } + + /** + * @return string|null + */ + public function getDescription(): ?string + { + return $this->description; + } + + /** + * @return string|null + */ + public function getRecording(): ?string + { + return $this->recording; + } + + /** + * @return array + */ + public function getLinks(): array + { + return $this->links; + } + + /** + * @return array + */ + public function getAttachments(): array + { + return $this->attachments; + } + + /** + * @return string|null + */ + public function getUrl(): ?string + { + return $this->url; + } + + /** + * @return string|null + */ + public function getVideoDownloadUrl(): ?string + { + return $this->videoDownloadUrl; + } + + /** + * @return Carbon + */ + public function getEndDate(): Carbon + { + return $this->endDate; + } +} diff --git a/src/Helpers/Schedule/Room.php b/src/Helpers/Schedule/Room.php new file mode 100644 index 00000000..45a09f5f --- /dev/null +++ b/src/Helpers/Schedule/Room.php @@ -0,0 +1,52 @@ +name = $name; + $this->event = $events; + } + + /** + * @return string + */ + public function getName(): string + { + return $this->name; + } + + /** + * @return Event[] + */ + public function getEvent(): array + { + return $this->event; + } + + /** + * @param Event[] $event + */ + public function setEvent(array $event): void + { + $this->event = $event; + } +} diff --git a/src/Helpers/Schedule/Schedule.php b/src/Helpers/Schedule/Schedule.php new file mode 100644 index 00000000..7150480c --- /dev/null +++ b/src/Helpers/Schedule/Schedule.php @@ -0,0 +1,111 @@ +version = $version; + $this->conference = $conference; + $this->day = $days; + } + + /** + * @return string + */ + public function getVersion(): string + { + return $this->version; + } + + /** + * @return Conference + */ + public function getConference(): Conference + { + return $this->conference; + } + + /** + * @return Day[] + */ + public function getDay(): array + { + return $this->day; + } + + /** + * @return Room[] + */ + public function getRooms(): array + { + $rooms = []; + foreach ($this->day as $day) { + foreach ($day->getRoom() as $room) { + $name = $room->getName(); + $rooms[$name] = $room; + } + } + + return $rooms; + } + + + /** + * @return Carbon|null + */ + public function getStartDateTime(): ?Carbon + { + $start = null; + foreach ($this->day as $day) { + $time = $day->getStart(); + if ($time > $start && $start) { + continue; + } + + $start = $time; + } + + return $start; + } + + /** + * @return Carbon|null + */ + public function getEndDateTime(): ?Carbon + { + $end = null; + foreach ($this->day as $day) { + $time = $day->getEnd(); + if ($time < $end && $end) { + continue; + } + + $end = $time; + } + + return $end; + } +} diff --git a/src/Helpers/Schedule/XmlParser.php b/src/Helpers/Schedule/XmlParser.php new file mode 100644 index 00000000..1492aaca --- /dev/null +++ b/src/Helpers/Schedule/XmlParser.php @@ -0,0 +1,172 @@ +scheduleXML = simplexml_load_string($xml); + + if (!$this->scheduleXML) { + return false; + } + + $this->parseXml(); + + return true; + } + + /** + * Parse the predefined XML content + */ + protected function parseXml(): void + { + $version = $this->getFirstXpathContent('version'); + $conference = new Conference( + $this->getFirstXpathContent('conference/title'), + $this->getFirstXpathContent('conference/acronym'), + $this->getFirstXpathContent('conference/start'), + $this->getFirstXpathContent('conference/end'), + (int)$this->getFirstXpathContent('conference/days'), + $this->getFirstXpathContent('conference/timeslot_duration'), + $this->getFirstXpathContent('conference/base_url') + ); + $days = []; + + foreach ($this->scheduleXML->xpath('day') as $day) { + $rooms = []; + + foreach ($day->xpath('room') as $roomElement) { + $room = new Room( + (string)$roomElement->attributes()['name'] + ); + + $events = $this->parseEvents($roomElement->xpath('event'), $room); + $room->setEvent($events); + $rooms[] = $room; + } + + $days[] = new Day( + (string)$day->attributes()['date'], + new Carbon($day->attributes()['start']), + new Carbon($day->attributes()['end']), + (int)$day->attributes()['index'], + $rooms + ); + } + + $this->schedule = new Schedule( + $version, + $conference, + $days + ); + } + + /** + * @param SimpleXMLElement[] $eventElements + * @param Room $room + * @return array + */ + protected function parseEvents(array $eventElements, Room $room): array + { + $events = []; + + foreach ($eventElements as $event) { + $persons = $this->getListFromSequence($event, 'persons', 'person', 'id'); + $links = $this->getListFromSequence($event, 'links', 'link', 'href'); + $attachments = $this->getListFromSequence($event, 'attachments', 'attachment', 'href'); + + $recording = ''; + $recordingElement = $event->xpath('recording')[0]; + if ($this->getFirstXpathContent('optout', $recordingElement) == 'false') { + $recording = $this->getFirstXpathContent('license', $recordingElement); + } + + $events[] = new Event( + (string)$event->attributes()['guid'], + (int)$event->attributes()['id'], + $room, + $this->getFirstXpathContent('title', $event), + $this->getFirstXpathContent('subtitle', $event), + $this->getFirstXpathContent('type', $event), + new Carbon($this->getFirstXpathContent('date', $event)), + $this->getFirstXpathContent('start', $event), + $this->getFirstXpathContent('duration', $event), + $this->getFirstXpathContent('abstract', $event), + $this->getFirstXpathContent('slug', $event), + $this->getFirstXpathContent('track', $event), + $this->getFirstXpathContent('logo', $event) ?: null, + $persons, + $this->getFirstXpathContent('language', $event) ?: null, + $this->getFirstXpathContent('description', $event) ?: null, + $recording, + $links, + $attachments, + $this->getFirstXpathContent('url', $event) ?: null, + $this->getFirstXpathContent('video_download_url', $event) ?: null + ); + } + + return $events; + } + + /** + * @param string $path + * @param SimpleXMLElement|null $xml + * @return string + */ + protected function getFirstXpathContent(string $path, ?SimpleXMLElement $xml = null): string + { + $element = ($xml ?: $this->scheduleXML)->xpath($path); + + return $element ? (string)$element[0] : ''; + } + + /** + * Resolves a list from a sequence of elements + * + * @param SimpleXMLElement $element + * @param string $firstElement + * @param string $secondElement + * @param string $idAttribute + * @return array + */ + protected function getListFromSequence( + SimpleXMLElement $element, + string $firstElement, + string $secondElement, + string $idAttribute + ): array { + $items = []; + + foreach ($element->xpath($firstElement)[0]->xpath($secondElement) as $item) { + $items[(string)$item->attributes()[$idAttribute]] = (string)$item; + } + + return $items; + } + + /** + * @return Schedule + */ + public function getSchedule(): Schedule + { + return $this->schedule; + } +} diff --git a/src/Http/HttpClientServiceProvider.php b/src/Http/HttpClientServiceProvider.php new file mode 100644 index 00000000..113af713 --- /dev/null +++ b/src/Http/HttpClientServiceProvider.php @@ -0,0 +1,25 @@ +app->when(GuzzleClient::class) + ->needs('$config') + ->give( + function () { + return [ + // No exception on >= 400 responses + 'http_errors' => false, + // Wait max n seconds for a response + 'timeout' => 2.0, + ]; + } + ); + } +} diff --git a/src/Http/RedirectServiceProvider.php b/src/Http/RedirectServiceProvider.php new file mode 100644 index 00000000..70238d91 --- /dev/null +++ b/src/Http/RedirectServiceProvider.php @@ -0,0 +1,13 @@ +app->bind('redirect', Redirector::class); + } +} diff --git a/src/Http/Redirector.php b/src/Http/Redirector.php new file mode 100644 index 00000000..4149a8ec --- /dev/null +++ b/src/Http/Redirector.php @@ -0,0 +1,55 @@ +request = $request; + $this->response = $response; + } + + /** + * @param string $path + * @param int $status + * @param array $headers + * @return Response + */ + public function to(string $path, int $status = 302, array $headers = []): Response + { + return $this->response->redirectTo($path, $status, $headers); + } + + /** + * @param int $status + * @param array $headers + * @return Response + */ + public function back(int $status = 302, array $headers = []): Response + { + return $this->to($this->getPreviousUrl(), $status, $headers); + } + + /** + * @return string + */ + protected function getPreviousUrl(): string + { + if ($header = $this->request->getHeader('referer')) { + return array_pop($header); + } + + return '/'; + } +} diff --git a/src/Http/Response.php b/src/Http/Response.php index a6b4ab74..43bcb5d8 100644 --- a/src/Http/Response.php +++ b/src/Http/Response.php @@ -6,27 +6,37 @@ use Engelsystem\Renderer\Renderer; use InvalidArgumentException; use Psr\Http\Message\ResponseInterface; use Symfony\Component\HttpFoundation\Response as SymfonyResponse; +use Symfony\Component\HttpFoundation\Session\SessionInterface; class Response extends SymfonyResponse implements ResponseInterface { use MessageTrait; + /** + * @var SessionInterface + */ + protected $session; + /** @var Renderer */ protected $renderer; /** - * @param string $content - * @param int $status - * @param array $headers - * @param Renderer $renderer + * @param string $content + * @param int $status + * @param array $headers + * @param Renderer $renderer + * @param SessionInterface $session */ public function __construct( $content = '', int $status = 200, array $headers = [], - Renderer $renderer = null + Renderer $renderer = null, + SessionInterface $session = null ) { $this->renderer = $renderer; + $this->session = $session; + parent::__construct($content, $status, $headers); } @@ -155,4 +165,44 @@ class Response extends SymfonyResponse implements ResponseInterface { $this->renderer = $renderer; } + + /** + * Sets a session attribute (which is mutable) + * + * @param string $key + * @param mixed|mixed[] $value + * @return Response + */ + public function with(string $key, $value) + { + if (!$this->session instanceof SessionInterface) { + throw new InvalidArgumentException('Session not defined'); + } + + $data = $this->session->get($key); + if (is_array($data) && is_array($value)) { + $value = array_merge_recursive($data, $value); + } + + $this->session->set($key, $value); + + return $this; + } + + /** + * Sets form data to the mutable session + * + * @param array $input + * @return Response + */ + public function withInput(array $input) + { + if (!$this->session instanceof SessionInterface) { + throw new InvalidArgumentException('Session not defined'); + } + + $this->session->set('form-data', $input); + + return $this; + } } diff --git a/src/Middleware/ErrorHandler.php b/src/Middleware/ErrorHandler.php index 46e6e5a8..85f315d4 100644 --- a/src/Middleware/ErrorHandler.php +++ b/src/Middleware/ErrorHandler.php @@ -63,17 +63,11 @@ class ErrorHandler implements MiddlewareInterface } catch (HttpException $e) { $response = $this->createResponse($e->getMessage(), $e->getStatusCode(), $e->getHeaders()); } catch (ValidationException $e) { - $response = $this->createResponse('', 302, ['Location' => $this->getPreviousUrl($request)]); + $response = $this->redirectBack(); + $response->with('errors', ['validation' => $e->getValidator()->getErrors()]); if ($request instanceof Request) { - $session = $request->getSession(); - $errors = array_merge_recursive( - $session->get('errors', []), - ['validation' => $e->getValidator()->getErrors()] - ); - $session->set('errors', $errors); - - $session->set('form-data', Arr::except($request->request->all(), $this->formIgnore)); + $response->withInput(Arr::except($request->request->all(), $this->formIgnore)); } } @@ -140,15 +134,12 @@ class ErrorHandler implements MiddlewareInterface } /** - * @param ServerRequestInterface $request - * @return string + * Create a redirect back response + * + * @return Response */ - protected function getPreviousUrl(ServerRequestInterface $request) + protected function redirectBack() { - if ($header = $request->getHeader('referer')) { - return array_pop($header); - } - - return '/'; + return back(); } } diff --git a/src/Middleware/LegacyMiddleware.php b/src/Middleware/LegacyMiddleware.php index 8a0ff002..5e08858d 100644 --- a/src/Middleware/LegacyMiddleware.php +++ b/src/Middleware/LegacyMiddleware.php @@ -205,10 +205,6 @@ class LegacyMiddleware implements MiddlewareInterface $title = admin_groups_title(); $content = admin_groups(); return [$title, $content]; - case 'admin_import': - $title = admin_import_title(); - $content = admin_import(); - return [$title, $content]; case 'admin_shifts': $title = admin_shifts_title(); $content = admin_shifts(); @@ -219,7 +215,7 @@ class LegacyMiddleware implements MiddlewareInterface return [$title, $content]; } - redirect(page_link_to('login')); + throw_redirect(page_link_to('login')); return []; } @@ -239,9 +235,15 @@ class LegacyMiddleware implements MiddlewareInterface return response($content, (int)$page); } - return response(view('layouts/app', [ - 'title' => $title, - 'content' => msg() . $content, - ]), 200); + return response( + view( + 'layouts/app', + [ + 'title' => $title, + 'content' => msg() . $content, + ] + ), + 200 + ); } } diff --git a/src/Models/Shifts/Schedule.php b/src/Models/Shifts/Schedule.php new file mode 100644 index 00000000..c1eb2d9e --- /dev/null +++ b/src/Models/Shifts/Schedule.php @@ -0,0 +1,31 @@ +hasMany(ScheduleShift::class); + } +} diff --git a/src/Models/Shifts/ScheduleShift.php b/src/Models/Shifts/ScheduleShift.php new file mode 100644 index 00000000..368c60b1 --- /dev/null +++ b/src/Models/Shifts/ScheduleShift.php @@ -0,0 +1,38 @@ +belongsTo(Schedule::class); + } +} diff --git a/src/helpers.php b/src/helpers.php index de140c4e..7cb17ea9 100644 --- a/src/helpers.php +++ b/src/helpers.php @@ -4,6 +4,7 @@ use Engelsystem\Application; use Engelsystem\Config\Config; use Engelsystem\Helpers\Authenticator; use Engelsystem\Helpers\Translation\Translator; +use Engelsystem\Http\Redirector; use Engelsystem\Http\Request; use Engelsystem\Http\Response; use Engelsystem\Http\UrlGeneratorInterface; @@ -28,7 +29,7 @@ function app($id = null) /** * @return Authenticator */ -function auth() +function auth(): Authenticator { return app('authenticator'); } @@ -37,11 +38,24 @@ function auth() * @param string $path * @return string */ -function base_path($path = '') +function base_path($path = ''): string { return app('path') . (empty($path) ? '' : DIRECTORY_SEPARATOR . $path); } +/** + * @param int $status + * @param array $headers + * @return Response + */ +function back($status = 302, $headers = []): Response +{ + /** @var Redirector $redirect */ + $redirect = app('redirect'); + + return $redirect->back($status, $headers); +} + /** * Get or set config values * @@ -70,11 +84,25 @@ function config($key = null, $default = null) * @param string $path * @return string */ -function config_path($path = '') +function config_path($path = ''): string { return app('path.config') . (empty($path) ? '' : DIRECTORY_SEPARATOR . $path); } +/** + * @param string $path + * @param int $status + * @param array $headers + * @return Response + */ +function redirect(string $path, $status = 302, $headers = []): Response +{ + /** @var Redirector $redirect */ + $redirect = app('redirect'); + + return $redirect->to($path, $status, $headers); +} + /** * @param string $key * @param mixed $default @@ -97,7 +125,7 @@ function request($key = null, $default = null) * @param array $headers * @return Response */ -function response($content = '', $status = 200, $headers = []) +function response($content = '', $status = 200, $headers = []): Response { /** @var Response $response */ $response = app('psr7.response'); @@ -155,7 +183,7 @@ function trans($key = null, $replace = []) * @param array $replace * @return string */ -function __($key, $replace = []) +function __($key, $replace = []): string { /** @var Translator $translator */ $translator = app('translator'); @@ -172,7 +200,7 @@ function __($key, $replace = []) * @param array $replace * @return string */ -function _e($key, $keyPlural, $number, $replace = []) +function _e($key, $keyPlural, $number, $replace = []): string { /** @var Translator $translator */ $translator = app('translator'); diff --git a/tests/Feature/Model/RoomModelTest.php b/tests/Feature/Model/RoomModelTest.php index 9908082a..3ed4bcd2 100644 --- a/tests/Feature/Model/RoomModelTest.php +++ b/tests/Feature/Model/RoomModelTest.php @@ -13,7 +13,7 @@ class RoomModelTest extends TestCase */ public function createRoom() { - $this->room_id = Room_create('test', false, null, null); + $this->room_id = Room_create('test', null, null); } /** diff --git a/tests/Unit/HasDatabase.php b/tests/Unit/HasDatabase.php index dbaa253e..3fe29e4a 100644 --- a/tests/Unit/HasDatabase.php +++ b/tests/Unit/HasDatabase.php @@ -36,14 +36,17 @@ trait HasDatabase $this->database ->getConnection() ->table('migrations') - ->insert([ - ['migration' => '2018_01_01_000001_import_install_sql'], - ['migration' => '2018_01_01_000002_import_update_sql'], - ['migration' => '2018_01_01_000003_fix_old_tables'], - ['migration' => '2018_01_01_000004_cleanup_group_privileges'], - ['migration' => '2018_01_01_000005_add_angel_supporter_permissions'], - ['migration' => '2018_12_27_000000_fix_missing_arrival_dates'], - ]); + ->insert( + [ + ['migration' => '2018_01_01_000001_import_install_sql'], + ['migration' => '2018_01_01_000002_import_update_sql'], + ['migration' => '2018_01_01_000003_fix_old_tables'], + ['migration' => '2018_01_01_000004_cleanup_group_privileges'], + ['migration' => '2018_01_01_000005_add_angel_supporter_permissions'], + ['migration' => '2018_12_27_000000_fix_missing_arrival_dates'], + ['migration' => '2019_09_07_000000_migrate_admin_schedule_permissions'], + ] + ); $migration->run(__DIR__ . '/../../db/migrations'); } diff --git a/tests/Unit/Helpers/Schedule/Assets/schedule.xml b/tests/Unit/Helpers/Schedule/Assets/schedule.xml new file mode 100644 index 00000000..45aaaf35 --- /dev/null +++ b/tests/Unit/Helpers/Schedule/Assets/schedule.xml @@ -0,0 +1,46 @@ + + + Some version string + + Test Event + Test1 + 2042-01-01 + 2042-01-01 + 1 + 00:15 + https://foo.bar/baz/schedule/ + + + + + 2042-01-01T12:30:00+02:00 + Foo Bar Test + Some sub + 12:30 + 00:30 + Rooming + foo-bar-test + + WTFPL + false + + Testing + Talk + de + Foo bar is da best + Any describing stuff? + https://foo.bar/baz/schedule/ipsum + https://lorem.ipsum/foo/bar.png + + Some Person + + + Some Foo Bar + + + A PDF File + + + + + diff --git a/tests/Unit/Helpers/Schedule/CalculatesTimeTest.php b/tests/Unit/Helpers/Schedule/CalculatesTimeTest.php new file mode 100644 index 00000000..8f0123e9 --- /dev/null +++ b/tests/Unit/Helpers/Schedule/CalculatesTimeTest.php @@ -0,0 +1,33 @@ +secondsFromTime($time); + } + }; + + $this->assertEquals(0, $calc->calc('0:00')); + $this->assertEquals(60, $calc->calc('0:01')); + $this->assertEquals(60 * 60, $calc->calc('01:00')); + $this->assertEquals(60 * 60 * 10 + 60 * 11, $calc->calc('10:11')); + } +} diff --git a/tests/Unit/Helpers/Schedule/ConferenceTest.php b/tests/Unit/Helpers/Schedule/ConferenceTest.php new file mode 100644 index 00000000..959e272b --- /dev/null +++ b/tests/Unit/Helpers/Schedule/ConferenceTest.php @@ -0,0 +1,49 @@ +assertEquals('Doing stuff', $conference->getTitle()); + $this->assertEquals('DS', $conference->getAcronym()); + $this->assertNull($conference->getStart()); + $this->assertNull($conference->getEnd()); + $this->assertNull($conference->getDays()); + $this->assertNull($conference->getTimeslotDuration()); + $this->assertNull($conference->getTimeslotDurationSeconds()); + $this->assertNull($conference->getBaseUrl()); + + $conference = new Conference( + 'Doing stuff', + 'DS', + '2042-01-01', + '2042-01-10', + 10, + '00:10', + 'https://foo.bar/schedule' + ); + $this->assertEquals('2042-01-01', $conference->getStart()); + $this->assertEquals('2042-01-10', $conference->getEnd()); + $this->assertEquals(10, $conference->getDays()); + $this->assertEquals('00:10', $conference->getTimeslotDuration()); + $this->assertEquals(60 * 10, $conference->getTimeslotDurationSeconds()); + $this->assertEquals('https://foo.bar/schedule', $conference->getBaseUrl()); + } +} diff --git a/tests/Unit/Helpers/Schedule/DayTest.php b/tests/Unit/Helpers/Schedule/DayTest.php new file mode 100644 index 00000000..65704181 --- /dev/null +++ b/tests/Unit/Helpers/Schedule/DayTest.php @@ -0,0 +1,47 @@ +assertEquals('2000-01-01', $day->getDate()); + $this->assertEquals('2000-01-01T03:00:00+01:00', $day->getStart()->format(Carbon::RFC3339)); + $this->assertEquals('2000-01-02T05:59:00+00:00', $day->getEnd()->format(Carbon::RFC3339)); + $this->assertEquals(1, $day->getIndex()); + $this->assertEquals([], $day->getRoom()); + + $rooms = [ + new Room('Foo'), + new Room('Bar'), + ]; + $day = new Day( + '2001-01-01', + new Carbon('2001-01-01T03:00:00+01:00'), + new Carbon('2001-01-02T05:59:00+00:00'), + 1, + $rooms + ); + $this->assertEquals($rooms, $day->getRoom()); + } +} diff --git a/tests/Unit/Helpers/Schedule/EventTest.php b/tests/Unit/Helpers/Schedule/EventTest.php new file mode 100644 index 00000000..d9706b13 --- /dev/null +++ b/tests/Unit/Helpers/Schedule/EventTest.php @@ -0,0 +1,149 @@ +assertEquals('0-1-2-3', $event->getGuid()); + $this->assertEquals(1, $event->getId()); + $this->assertEquals($room, $event->getRoom()); + $this->assertEquals('Some stuff', $event->getTitle()); + $this->assertEquals('sub stuff', $event->getSubtitle()); + $this->assertEquals('Talk', $event->getType()); + $this->assertEquals($date, $event->getDate()); + $this->assertEquals('19:30:00', $event->getStart()); + $this->assertEquals('00:50', $event->getDuration()); + $this->assertEquals('Doing stuff is hard, plz try again', $event->getAbstract()); + $this->assertEquals('1-some-stuff', $event->getSlug()); + $this->assertEquals('Security', $event->getTrack()); + $this->assertNull($event->getLogo()); + $this->assertEquals([], $event->getPersons()); + $this->assertNull($event->getLanguage()); + $this->assertNull($event->getDescription()); + $this->assertEquals('', $event->getRecording()); + $this->assertEquals([], $event->getLinks()); + $this->assertEquals([], $event->getAttachments()); + $this->assertNull($event->getUrl()); + $this->assertNull($event->getVideoDownloadUrl()); + $this->assertEquals('2020-12-28T20:20:00+00:00', $event->getEndDate()->format(Carbon::RFC3339)); + } + + /** + * @covers \Engelsystem\Helpers\Schedule\Event::__construct + * @covers \Engelsystem\Helpers\Schedule\Event::getGuid + * @covers \Engelsystem\Helpers\Schedule\Event::getId + * @covers \Engelsystem\Helpers\Schedule\Event::getRoom + * @covers \Engelsystem\Helpers\Schedule\Event::getTitle + * @covers \Engelsystem\Helpers\Schedule\Event::setTitle + * @covers \Engelsystem\Helpers\Schedule\Event::getSubtitle + * @covers \Engelsystem\Helpers\Schedule\Event::getType + * @covers \Engelsystem\Helpers\Schedule\Event::getDate + * @covers \Engelsystem\Helpers\Schedule\Event::getStart + * @covers \Engelsystem\Helpers\Schedule\Event::getDuration + * @covers \Engelsystem\Helpers\Schedule\Event::getDurationSeconds + * @covers \Engelsystem\Helpers\Schedule\Event::getAbstract + * @covers \Engelsystem\Helpers\Schedule\Event::getSlug + * @covers \Engelsystem\Helpers\Schedule\Event::getTrack + * @covers \Engelsystem\Helpers\Schedule\Event::getLogo + * @covers \Engelsystem\Helpers\Schedule\Event::getPersons + * @covers \Engelsystem\Helpers\Schedule\Event::getLanguage + * @covers \Engelsystem\Helpers\Schedule\Event::getDescription + * @covers \Engelsystem\Helpers\Schedule\Event::getRecording + * @covers \Engelsystem\Helpers\Schedule\Event::getLinks + * @covers \Engelsystem\Helpers\Schedule\Event::getAttachments + * @covers \Engelsystem\Helpers\Schedule\Event::getUrl + * @covers \Engelsystem\Helpers\Schedule\Event::getVideoDownloadUrl + */ + public function testCreateNotDefault() + { + $persons = [1337 => 'Some Person']; + $links = ['https://foo.bar' => 'Foo Bar']; + $attachments = ['/files/foo.pdf' => 'Suspicious PDF']; + $event = new Event( + '3-2-1-0', + 2, + new Room('Bar'), + 'Lorem', + 'Ipsum', + 'Workshop', + new Carbon('2021-01-01T00:00:00+00:00'), + '00:00:00', + '00:30', + 'Lorem ipsum dolor sit amet', + '2-lorem', + 'DevOps', + '/foo/bar.png', + $persons, + 'de', + 'Foo bar is awesome! & That\'s why...', + 'CC BY SA', + $links, + $attachments, + 'https://foo.bar/2-lorem', + 'https://videos.orem.ipsum/2-lorem.mp4' + ); + + $this->assertEquals('/foo/bar.png', $event->getLogo()); + $this->assertEquals($persons, $event->getPersons()); + $this->assertEquals('de', $event->getLanguage()); + $this->assertEquals('Foo bar is awesome! & That\'s why...', $event->getDescription()); + $this->assertEquals('CC BY SA', $event->getRecording()); + $this->assertEquals($links, $event->getLinks()); + $this->assertEquals($attachments, $event->getAttachments()); + $this->assertEquals('https://foo.bar/2-lorem', $event->getUrl()); + $this->assertEquals('https://videos.orem.ipsum/2-lorem.mp4', $event->getVideoDownloadUrl()); + + $event->setTitle('Event title'); + $this->assertEquals('Event title', $event->getTitle()); + } +} diff --git a/tests/Unit/Helpers/Schedule/RoomTest.php b/tests/Unit/Helpers/Schedule/RoomTest.php new file mode 100644 index 00000000..8b9b600a --- /dev/null +++ b/tests/Unit/Helpers/Schedule/RoomTest.php @@ -0,0 +1,31 @@ +assertEquals('Test', $room->getName()); + $this->assertEquals([], $room->getEvent()); + + $events = [$this->createMock(Event::class), $this->createMock(Event::class)]; + $events2 = [$this->createMock(Event::class)]; + $room = new Room('Test2', $events); + $this->assertEquals($events, $room->getEvent()); + + $room->setEvent($events2); + $this->assertEquals($events2, $room->getEvent()); + } +} diff --git a/tests/Unit/Helpers/Schedule/ScheduleTest.php b/tests/Unit/Helpers/Schedule/ScheduleTest.php new file mode 100644 index 00000000..6a3634cf --- /dev/null +++ b/tests/Unit/Helpers/Schedule/ScheduleTest.php @@ -0,0 +1,112 @@ +createMock(Day::class)]; + $schedule = new Schedule('Foo\'ing stuff 1.0', $conference, $days); + + $this->assertEquals('Foo\'ing stuff 1.0', $schedule->getVersion()); + $this->assertEquals($conference, $schedule->getConference()); + $this->assertEquals($days, $schedule->getDay()); + } + + /** + * @covers \Engelsystem\Helpers\Schedule\Schedule::getRooms + */ + public function testGetRooms() + { + $conference = new Conference('Test', 'T'); + $room1 = new Room('Test 1'); + $room2 = new Room('Test 2'); + $room3 = new Room('Test 3'); + $days = [ + new Day( + '2042-01-01', + new Carbon('2042-01-01T00:00:00+00:00'), + new Carbon('2042-01-01T23:59:00+00:00'), + 1, + [$room1, $room2] + ), + new Day( + '2042-01-02', + new Carbon('2042-02-01T00:00:00+00:00'), + new Carbon('2042-02-01T23:59:00+00:00'), + 2, + [new Room('Test 2'), $room3] + ), + ]; + $schedule = new Schedule('Lorem 1.3.3.7', $conference, $days); + + $this->assertEquals(['Test 1' => $room1, 'Test 2' => $room2, 'Test 3' => $room3], $schedule->getRooms()); + + $schedule = new Schedule('Lorem 1.3.3.0', $conference, []); + $this->assertEquals([], $schedule->getRooms()); + } + + /** + * @covers \Engelsystem\Helpers\Schedule\Schedule::getStartDateTime + * @covers \Engelsystem\Helpers\Schedule\Schedule::getEndDateTime + */ + public function testGetDateTimes() + { + $conference = new Conference('Some Conference', 'SC'); + $days = [ + new Day( + '2042-01-02', + new Carbon('2042-01-02T00:00:00+00:00'), + new Carbon('2042-01-02T23:59:00+00:00'), + 2 + ), + new Day( + '2042-01-01', + new Carbon('2042-01-01T00:00:00+00:00'), + new Carbon('2042-01-01T23:59:00+00:00'), + 1 + ), + new Day( + '2042-01-04', + new Carbon('2042-01-04T00:00:00+00:00'), + new Carbon('2042-01-04T23:59:00+00:00'), + 3 + ), + ]; + $schedule = new Schedule('Ipsum tester', $conference, $days); + + $this->assertEquals('2042-01-01T00:00:00+00:00', $schedule->getStartDateTime()->format(Carbon::RFC3339)); + $this->assertEquals('2042-01-04T23:59:00+00:00', $schedule->getEndDateTime()->format(Carbon::RFC3339)); + + $schedule = new Schedule('Ipsum old', $conference, []); + $this->assertNull($schedule->getStartDateTime()); + $this->assertNull($schedule->getEndDateTime()); + } + + /** + * Prepare test + */ + protected function setUp(): void + { + parent::setUp(); + $this->initDatabase(); + } +} diff --git a/tests/Unit/Helpers/Schedule/XmlParserTest.php b/tests/Unit/Helpers/Schedule/XmlParserTest.php new file mode 100644 index 00000000..023e9c7d --- /dev/null +++ b/tests/Unit/Helpers/Schedule/XmlParserTest.php @@ -0,0 +1,54 @@ +assertFalse($parser->load('foo')); + $this->assertTrue($parser->load(file_get_contents(__DIR__ . '/Assets/schedule.xml'))); + + $schedule = $parser->getSchedule(); + $this->assertEquals('Some version string', $schedule->getVersion()); + $this->assertEquals('Test Event', $schedule->getConference()->getTitle()); + + /** @var Room $room */ + $room = Arr::first($schedule->getRooms()); + $this->assertEquals('Rooming', $room->getName()); + + /** @var Day $day */ + $day = Arr::first($schedule->getDay()); + $this->assertEquals('2042-01-01', $day->getDate()); + $this->assertEquals(1, $day->getIndex()); + + /** @var Room $room */ + $room = Arr::first($day->getRoom()); + /** @var Event $event */ + $event = Arr::first($room->getEvent()); + + $this->assertEquals('Foo Bar Test', $event->getTitle()); + $this->assertEquals('WTFPL', $event->getRecording()); + $this->assertEquals('de', $event->getLanguage()); + $this->assertEquals('12:30', $event->getStart()); + $this->assertEquals([1234 => 'Some Person'], $event->getPersons()); + } +} diff --git a/tests/Unit/HelpersTest.php b/tests/Unit/HelpersTest.php index 09362a90..710deff5 100644 --- a/tests/Unit/HelpersTest.php +++ b/tests/Unit/HelpersTest.php @@ -7,6 +7,7 @@ use Engelsystem\Config\Config; use Engelsystem\Container\Container; use Engelsystem\Helpers\Authenticator; use Engelsystem\Helpers\Translation\Translator; +use Engelsystem\Http\Redirector; use Engelsystem\Http\Request; use Engelsystem\Http\Response; use Engelsystem\Http\UrlGeneratorInterface; @@ -98,6 +99,29 @@ class HelpersTest extends TestCase $this->assertEquals(['user' => 'FooBar'], config('mail')); } + /** + * @covers \back + */ + public function testBack() + { + $response = new Response(); + /** @var Redirector|MockObject $redirect */ + $redirect = $this->createMock(Redirector::class); + $redirect->expects($this->exactly(2)) + ->method('back') + ->withConsecutive([302, []], [303, ['test' => 'ing']]) + ->willReturn($response); + + $app = new Application(); + $app->instance('redirect', $redirect); + + $return = back(); + $this->assertEquals($response, $return); + + $return = back(303, ['test' => 'ing']); + $this->assertEquals($response, $return); + } + /** * @covers \config_path */ @@ -117,6 +141,29 @@ class HelpersTest extends TestCase $this->assertEquals('/foo/conf/bar.php', config_path('bar.php')); } + /** + * @covers \redirect + */ + public function testRedirect() + { + $response = new Response(); + /** @var Redirector|MockObject $redirect */ + $redirect = $this->createMock(Redirector::class); + $redirect->expects($this->exactly(2)) + ->method('to') + ->withConsecutive(['/lorem', 302, []], ['/ipsum', 303, ['test' => 'er']]) + ->willReturn($response); + + $app = new Application(); + $app->instance('redirect', $redirect); + + $return = redirect('/lorem'); + $this->assertEquals($response, $return); + + $return = redirect('/ipsum', 303, ['test' => 'er']); + $this->assertEquals($response, $return); + } + /** * @covers \request */ diff --git a/tests/Unit/Http/HttpClientServiceProviderTest.php b/tests/Unit/Http/HttpClientServiceProviderTest.php new file mode 100644 index 00000000..7dfc0a3e --- /dev/null +++ b/tests/Unit/Http/HttpClientServiceProviderTest.php @@ -0,0 +1,29 @@ +register(); + + /** @var GuzzleClient $guzzle */ + $guzzle = $app->make(GuzzleClient::class); + $config = $guzzle->getConfig(); + + $this->assertFalse($config['http_errors']); + $this->assertArrayHasKey('timeout', $config); + } +} diff --git a/tests/Unit/Http/RedirectServiceProviderTest.php b/tests/Unit/Http/RedirectServiceProviderTest.php new file mode 100644 index 00000000..9c2a07fc --- /dev/null +++ b/tests/Unit/Http/RedirectServiceProviderTest.php @@ -0,0 +1,23 @@ +register(); + + $this->assertTrue($app->has('redirect')); + } +} diff --git a/tests/Unit/Http/RedirectorTest.php b/tests/Unit/Http/RedirectorTest.php new file mode 100644 index 00000000..300b0180 --- /dev/null +++ b/tests/Unit/Http/RedirectorTest.php @@ -0,0 +1,53 @@ +to('/test'); + $this->assertEquals(['/test'], $return->getHeader('location')); + $this->assertEquals(302, $return->getStatusCode()); + + $return = $redirector->to('/foo', 303, ['test' => 'data']); + $this->assertEquals(['/foo'], $return->getHeader('location')); + $this->assertEquals(303, $return->getStatusCode()); + $this->assertEquals(['data'], $return->getHeader('test')); + } + + /** + * @covers \Engelsystem\Http\Redirector::back + * @covers \Engelsystem\Http\Redirector::getPreviousUrl + */ + public function testBack() + { + $request = new Request(); + $response = new Response(); + $redirector = new Redirector($request, $response); + + $return = $redirector->back(); + $this->assertEquals(['/'], $return->getHeader('location')); + $this->assertEquals(302, $return->getStatusCode()); + + $request = $request->withHeader('referer', '/old-page'); + $redirector = new Redirector($request, $response); + $return = $redirector->back(303, ['foo' => 'bar']); + $this->assertEquals(303, $return->getStatusCode()); + $this->assertEquals(['/old-page'], $return->getHeader('location')); + $this->assertEquals(['bar'], $return->getHeader('foo')); + } +} diff --git a/tests/Unit/Http/ResponseTest.php b/tests/Unit/Http/ResponseTest.php index b8e6e527..56d8410f 100644 --- a/tests/Unit/Http/ResponseTest.php +++ b/tests/Unit/Http/ResponseTest.php @@ -10,6 +10,8 @@ use PHPUnit\Framework\MockObject\MockObject; use PHPUnit\Framework\TestCase; use Psr\Http\Message\ResponseInterface; use Symfony\Component\HttpFoundation\Response as SymfonyResponse; +use Symfony\Component\HttpFoundation\Session\Session; +use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage; class ResponseTest extends TestCase { @@ -116,4 +118,59 @@ class ResponseTest extends TestCase $newResponse->getHeaders() ); } + + /** + * @covers \Engelsystem\Http\Response::with + */ + public function testWith() + { + $session = new Session(new MockArraySessionStorage()); + $response = new Response('', 200, [], null, $session); + + $response->with('foo', 'bar'); + $this->assertEquals('bar', $session->get('foo')); + + $response->with('lorem', ['ipsum', 'dolor' => ['foo' => 'bar']]); + $this->assertEquals(['ipsum', 'dolor' => ['foo' => 'bar']], $session->get('lorem')); + + $response->with('lorem', ['dolor' => ['test' => 'er']]); + $this->assertEquals(['ipsum', 'dolor' => ['foo' => 'bar', 'test' => 'er']], $session->get('lorem')); + } + + /** + * @covers \Engelsystem\Http\Response::with + */ + public function testWithNoSession() + { + $this->expectException(InvalidArgumentException::class); + + $response = new Response(); + $response->with('foo', 'bar'); + } + + /** + * @covers \Engelsystem\Http\Response::withInput + */ + public function testWithInput() + { + $session = new Session(new MockArraySessionStorage()); + $response = new Response('', 200, [], null, $session); + + $response->withInput(['some' => 'value']); + $this->assertEquals(['some' => 'value'], $session->get('form-data')); + + $response->withInput(['lorem' => 'ipsum']); + $this->assertEquals(['lorem' => 'ipsum'], $session->get('form-data')); + } + + /** + * @covers \Engelsystem\Http\Response::withInput + */ + public function testWithInputNoSession() + { + $this->expectException(InvalidArgumentException::class); + + $response = new Response(); + $response->withInput(['some' => 'value']); + } } diff --git a/tests/Unit/Middleware/ErrorHandlerTest.php b/tests/Unit/Middleware/ErrorHandlerTest.php index ef2f7be0..91b59507 100644 --- a/tests/Unit/Middleware/ErrorHandlerTest.php +++ b/tests/Unit/Middleware/ErrorHandlerTest.php @@ -6,6 +6,7 @@ use Engelsystem\Application; use Engelsystem\Http\Exceptions\HttpException; use Engelsystem\Http\Exceptions\ValidationException; use Engelsystem\Http\Psr7ServiceProvider; +use Engelsystem\Http\RedirectServiceProvider; use Engelsystem\Http\Request; use Engelsystem\Http\Response; use Engelsystem\Http\ResponseServiceProvider; @@ -18,6 +19,7 @@ use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Server\RequestHandlerInterface; use Symfony\Component\HttpFoundation\Session\Session; +use Symfony\Component\HttpFoundation\Session\SessionInterface; use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage; use Twig\Loader\LoaderInterface as TwigLoader; @@ -155,7 +157,7 @@ class ErrorHandlerTest extends TestCase /** * @covers \Engelsystem\Middleware\ErrorHandler::process - * @covers \Engelsystem\Middleware\ErrorHandler::getPreviousUrl + * @covers \Engelsystem\Middleware\ErrorHandler::redirectBack */ public function testProcessValidationException() { @@ -185,11 +187,13 @@ class ErrorHandlerTest extends TestCase /** @var Application $app */ $app = app(); + $app->instance(Session::class, $session); + $app->bind(SessionInterface::class, Session::class); (new ResponseServiceProvider($app))->register(); (new Psr7ServiceProvider($app))->register(); + (new RedirectServiceProvider($app))->register(); $errorHandler = new ErrorHandler($twigLoader); - $return = $errorHandler->process($request, $handler); $this->assertEquals(302, $return->getStatusCode()); @@ -209,6 +213,7 @@ class ErrorHandlerTest extends TestCase ], $session->all()); $request = $request->withAddedHeader('referer', '/foo/batz'); + $app->instance(Request::class, $request); $return = $errorHandler->process($request, $handler); $this->assertEquals('/foo/batz', $return->getHeaderLine('location')); diff --git a/tests/Unit/Models/Shifts/ScheduleShiftTest.php b/tests/Unit/Models/Shifts/ScheduleShiftTest.php new file mode 100644 index 00000000..b615f90d --- /dev/null +++ b/tests/Unit/Models/Shifts/ScheduleShiftTest.php @@ -0,0 +1,41 @@ + 'https://lorem.ipsum/schedule.xml']); + $schedule->save(); + + $scheduleShift = new ScheduleShift(['shift_id' => 1, 'guid' => 'a']); + $scheduleShift->schedule()->associate($schedule); + $scheduleShift->save(); + + /** @var ScheduleShift $scheduleShift */ + $scheduleShift = (new ScheduleShift())->find(1); + $this->assertInstanceOf(BelongsTo::class, $scheduleShift->schedule()); + $this->assertEquals($schedule->id, $scheduleShift->schedule->id); + } + + /** + * Prepare test + */ + protected function setUp(): void + { + parent::setUp(); + $this->initDatabase(); + } +} diff --git a/tests/Unit/Models/Shifts/ScheduleTest.php b/tests/Unit/Models/Shifts/ScheduleTest.php new file mode 100644 index 00000000..34988afd --- /dev/null +++ b/tests/Unit/Models/Shifts/ScheduleTest.php @@ -0,0 +1,37 @@ + 'https://foo.bar/schedule.xml']); + $schedule->save(); + + (new ScheduleShift(['shift_id' => 1, 'schedule_id' => $schedule->id, 'guid' => 'a']))->save(); + (new ScheduleShift(['shift_id' => 2, 'schedule_id' => $schedule->id, 'guid' => 'b']))->save(); + (new ScheduleShift(['shift_id' => 3, 'schedule_id' => $schedule->id, 'guid' => 'c']))->save(); + + $this->assertCount(3, $schedule->scheduleShifts); + } + + /** + * Prepare test + */ + protected function setUp(): void + { + parent::setUp(); + $this->initDatabase(); + } +}