The rest were less good for me personally. Either over-dramatic and shallow (with a sexy-sounding topic) or too procedural in topics I'm not an expert in.
Somehow it did not get much attention, but Signal president Meredith Whittaker (together with
Udbhav Tiwari) spoke about the risks and threats from AI-enabled systems.
Foundation workshop: Hands-on, how does the Internet work?
by Ingo Blechschmidt, is congress at its best. Getting a diverse set of people with various backgrounds and knowledge levels to
ARP spoof in a little over an hour is art.
"Liberation of the Freebox", A slightly crazy Frenchman embarks on a quest to find exploit and write a complex exploit chain, using PrDoom and the Linux HFS+ driver to gain root privileges on his set-top box. All this in order to unlock the recording of somewhat rubbish TV channels such as TF1 and M6.
And he waited almost ten years and the retirement of the hardware to reveal it because he didn't want it to be patched.
If you are into hardware emulation "From silicon to Darude sand-storm" is fun.
Absolutely Cory Doctorow's, for the showmanship alone. Lovely background slides. The message itself might not resonate with everyone.
The talk "Look Up" about unencrypted data over DVB satellite links was also though provoking, both in presentation and in technical content. If there's that much data unencrypted over a mainstream IP link, imagine how much is still on legacy protocols in 2025.
Just for sheer geekery's sake probably the ISDN talk.
For OMG eye opening factor the FreeBSD jails talk (how the hell is this thing still so buggy?) and the talk on unencrypted satellite links
For excellent follow-along value and dedication to ridiculously pointless cause the Freebox talk. "Technically I don't own this box so instead of risking damaging it I'm going to take the extremely long and entertaining route around, somehow involving Doom WAD files"
The biggest problem with ccc is that:
0. They are releasing too few tickets.
1. They are releasing the tickets too late.
3. Still not able to pay with card?
I live somewhat nearby, but can’t book or plan a visit because of this. I appreciate that they are releasing videos shortly afterwards though.
The Deutschlandticket talk was pretty cool. As Malcolm Tucker would say, "what a catastrofuck".
Miele washing machine hacking, very nice, I was going to say I'd be waiting to see someone integrate it into HA... and then looked up the Github repo and there's HA integration already there.
I haven't seen all of them (which I wanted to see) yet, I had a lot of fun with various talks. Thus far, my favourite one was hands down [1], and I can explain why. I am not at all good with hardware, nor hardware designing i.e. I'm not the target audience for this talk.
However, the talk was beautiful. It went quick, was informative, good slides, very respectful Q&A (comms and quality-wise), and it had a message of DIY _and_ inspiring hope. It is easy to criticize X or say we need to do better with Y. These guys are doing it, and their journey and findings is completely open source (even though there was substantial financial risk involved). The hacker spirit 101.
One interesting detail: In previous years, Joscha Bach gave a talk on AI, consciousness, and related topics (see e.g. [0]). A similar talk was planned for this year as well, but after emails between him and Epstein were made public (see his comment on this in [1]), his talk was canceled. Instead, there appears to have been an event that critically addressed the situation [2]. Unfortunately it was not recorded. Did anyone attend? A discussion between Joscha and his critics would have been really interesting.
Well that discussion talk is not an open discourse about the situation...
He quoted what he believed was scientific evidence in a private conversation that became public, has comments on fashism being efficient are clearly anti-facist and believed to observe a gender stereotype. No matter if the facts were true, it should be possible to discuss such things (especially those you think are facts) in private without getting canceled. Even if they would play in to the hand of racism or sexism if made as public statements.
I found his appology a bit weak, but I also don't see his offense, despite the messages in public being offensive and possibly harmful.
To add some context and to spare readers who, like me, know nothing about Joscha Bach and only little about Epstein from having to go through all the linked material:
The allegations do not appear to involve abuse or moral complicity with Epstein. Instead, they seem to focus on emails Bach exchanged with Epstein concerning IQ, race, and possibly sex. Bach denies these allegations of racism and sexism.
That is at least how I understand the material based on the provided links.
"All of the people I know who were friends with this sociopathic child-trafficking pedophile told me he was reformed now" is certainly something to put out there.
> I assume you've spotted the pattern by now: the US trade representative has forced every one of its trading partners to adopt anticircumvention law, to facilitate the extraction of their own people's data and money by American firms. But of course, that only raises a further question: Why would every other country in the world agree to let America steal its own people's money and data, and block its domestic tech sector from making interoperable products that would prevent this theft?
> Here's an anecdote that unravels this riddle: many years ago, in the years before Viktor Orban rose to power, I used to guest-lecture at a summer PhD program in political science at Budapest's Central European University. And one summer, after I'd lectured to my students about anticircumvention law, one of them approached me.
> They had been the information minister of a Central American nation during the CAFTA negotiations, and one day, they'd received a phone-call from their trade negotiator, calling from the CAFTA bargaining table. The negotiator said, "You know how you told me not to give the Americans anticircumvention under any circumstances? Well, they're saying that they won't take our coffee unless we give them anticircumvention. And I'm sorry, but we just can't lose the US coffee market. Our economy would collapse. So we're going to give them anticircumvention. I'm really sorry."
> That's it. That's why every government in the world allowed US Big Tech companies to declare open season on their people's private data and ready cash.
> The alternative was tariffs. Well, I don't know if you've heard, but we've got tariffs now!
> I mean, if someone threatens to burn your house down unless you follow their orders, and then they burn your house down anyway, you don't have to keep following their orders. So…Happy Liberation Day?
It has some long tradition placing those visibly on the podium. As the story goes, the idea is that you can immediately see if the video stream freezes up (because the cat in the video suddenly stops waving). You wouldn't immediately catch that in between talks (when you have some time to fix the issue) if the camera was just pointed at an empty stage with no movement. I think at 30C3 or so, I saw one that was placed so that it would repeatedly knock on the microphone as well.
Anyway, the waving cat has become a bit of a meme by itself and mascot of the VOC, hence also the (animated) icon in video player.
It is a Maneki-neko (beckoning cat / Winkekatze). The video team started putting them on podiums so they could see when a stream was frozen. So it became kind of a mascot.
What would be strange are hackers that are fascist. Fascism demands surrender to power and obedience, which is antithetical to the hacker sprit. Questioning systems, equalizing power imbalances is the hacker spirit.
Fighting fascism is required of every person who wants to keep a working democracy, regardless of your fiscal policy ideas or how egoistical you want your government to represent you.
Democracy is what allows you to remove bad leaders/parties without having to fight a bloody revolution. Fascism yearns to remove that possibility. Hence anti-fascism being needed.
That being said: Which part of the talk did you find especially extremist?
Unfortunately, the congress is getting worse and worse every year. There are fewer and fewer interesting and technical topics. "It used to be better" moment.
neiman|1 month ago
I attended 7 talks.
My favourite talk by far was hacking the GPG. Brilliant, really: https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical...
The "In-house electronics manufacturing from scratch" was a very inspiring talk: https://media.ccc.de/v/39c3-in-house-electronics-manufacturi...
The rest were less good for me personally. Either over-dramatic and shallow (with a sexy-sounding topic) or too procedural in topics I'm not an expert in.
weinzierl|1 month ago
AI Agent, AI Spy
https://media.ccc.de/v/39c3-ai-agent-ai-spy
I also found the talk about Asahi interesting, both from a technical standpoint but also as a nice update what the current status is.
Asahi Linux - Porting Linux to Apple Silicon
https://media.ccc.de/v/39c3-asahi-linux-porting-linux-to-app...
Finally, not recorded, but workshops like
Foundation workshop: Hands-on, how does the Internet work?
by Ingo Blechschmidt, is congress at its best. Getting a diverse set of people with various backgrounds and knowledge levels to ARP spoof in a little over an hour is art.
https://events.ccc.de/congress/2025/hub/event/detail/foundat...
Beretta_Vexee|1 month ago
And he waited almost ten years and the retirement of the hardware to reveal it because he didn't want it to be patched.
If you are into hardware emulation "From silicon to Darude sand-storm" is fun.
the https://media.ccc.de/v/39c3-from-silicon-to-darude-sand-stor...
pamcake|1 month ago
Not an Impasse: Child Safety, Privacy, and Healing Together: https://media.ccc.de/v/39c3-not-an-impasse-child-safety-priv...
APT Down and the mystery of the burning data centers: https://media.ccc.de/v/39c3-apt-down-and-the-mystery-of-the-...
Bluetooth Headphone Jacking: A Key to Your Phone: https://media.ccc.de/v/39c3-bluetooth-headphone-jacking-a-ke...
xorcist|1 month ago
The talk "Look Up" about unencrypted data over DVB satellite links was also though provoking, both in presentation and in technical content. If there's that much data unencrypted over a mainstream IP link, imagine how much is still on legacy protocols in 2025.
robingchan|1 month ago
Sandstorm JP-8000 sawtooth DSP reversing https://www.youtube.com/watch?v=XM_q5T7wTpQ
Washing machines hacking https://www.youtube.com/watch?v=Q1S-PVo3GlA
AMD (ps5 sorta) security: https://www.youtube.com/watch?v=cVJZYT8kYsI
cool demo for the BT headphones talk: https://www.youtube.com/watch?v=TK5Tz4Bt94Y
precise time syncing with PTP: https://www.youtube.com/watch?v=dOt-zRIG5co
x86 > arm with intermediate: https://www.youtube.com/watch?v=3yDXyW1WERg
g-mork|1 month ago
For OMG eye opening factor the FreeBSD jails talk (how the hell is this thing still so buggy?) and the talk on unencrypted satellite links
For excellent follow-along value and dedication to ridiculously pointless cause the Freebox talk. "Technically I don't own this box so instead of risking damaging it I'm going to take the extremely long and entertaining route around, somehow involving Doom WAD files"
For showmanship probably the Tegra talk
nickslaughter02|1 month ago
https://media.ccc.de/v/39c3-the-last-of-us-fighting-the-eu-s...
sunbum|1 month ago
lskkgklglw|1 month ago
I live somewhat nearby, but can’t book or plan a visit because of this. I appreciate that they are releasing videos shortly afterwards though.
rft|1 month ago
The 10 year of Dieselgate is interesting just from a "how bad is it really?" PoV, I saw the part about curves and other defeat devices already [1].
The Rowhammer talk is likely going to be great as well, I like Daniel's work [2].
The practical Cross-VM Spectre was interesting to show this is still a problem [3].
The opensource secure element was good for trying such a thing, but I wasn't that impressed with the content [4].
[1] https://cfp.cccv.de/39c3/talk/7MSRA7/ https://media.ccc.de/v/39c3-10-years-of-dieselgate
[2] https://cfp.cccv.de/39c3/talk/3JXAJJ/ https://media.ccc.de/v/39c3-rowhammer-in-the-wild-large-scal...
[3] https://cfp.cccv.de/39c3/talk/ATYLN9/ https://media.ccc.de/v/39c3-spectre-in-the-real-world-leakin...
[4] https://cfp.cccv.de/39c3/talk/9DYZXG/ https://media.ccc.de/v/39c3-lessons-from-building-an-open-ar...
rs_rs_rs_rs_rs|1 month ago
The one on whatsapp bugs https://media.ccc.de/v/39c3-dngerouslink-a-deep-dive-into-wh...
pseudohadamard|1 month ago
Miele washing machine hacking, very nice, I was going to say I'd be waiting to see someone integrate it into HA... and then looked up the Github repo and there's HA integration already there.
Alconicon|1 month ago
SoylentBob|1 month ago
weinzierl|1 month ago
https://m.youtube.com/watch?v=h3UcecN5fvQ
dkga|1 month ago
jacquesm|1 month ago
Fnoord|1 month ago
However, the talk was beautiful. It went quick, was informative, good slides, very respectful Q&A (comms and quality-wise), and it had a message of DIY _and_ inspiring hope. It is easy to criticize X or say we need to do better with Y. These guys are doing it, and their journey and findings is completely open source (even though there was substantial financial risk involved). The hacker spirit 101.
[1] https://media.ccc.de/v/39c3-in-house-electronics-manufacturi...
ekjhgkejhgk|1 month ago
cedws|1 month ago
the_biot|1 month ago
kherud|1 month ago
[0] https://media.ccc.de/v/38c3-self-models-of-loving-grace
[1] https://joscha.substack.com/p/on-the-jeffrey-epstein-affair
[2] https://events.ccc.de/congress/2025/hub/en/event/detail/tech...
anotheryou|1 month ago
He quoted what he believed was scientific evidence in a private conversation that became public, has comments on fashism being efficient are clearly anti-facist and believed to observe a gender stereotype. No matter if the facts were true, it should be possible to discuss such things (especially those you think are facts) in private without getting canceled. Even if they would play in to the hand of racism or sexism if made as public statements.
I found his appology a bit weak, but I also don't see his offense, despite the messages in public being offensive and possibly harmful.
unknown|1 month ago
[deleted]
weinzierl|1 month ago
The allegations do not appear to involve abuse or moral complicity with Epstein. Instead, they seem to focus on emails Bach exchanged with Epstein concerning IQ, race, and possibly sex. Bach denies these allegations of racism and sexism.
That is at least how I understand the material based on the provided links.
looperhacks|1 month ago
pantalaimon|1 month ago
https://media.ccc.de/search?p=Joscha
unknown|1 month ago
[deleted]
unknown|1 month ago
[deleted]
walls|1 month ago
Alconicon|1 month ago
[deleted]
ChrisArchitect|1 month ago
Bluetooth Headphone Jacking: A Key to Your Phone [video]
https://news.ycombinator.com/item?id=46453204
Hacking Washing Machines [video]
https://news.ycombinator.com/item?id=46428496
Escaping containment: A security analysis of FreeBSD jails [video]
https://news.ycombinator.com/item?id=46436828
All my Deutschlandtickets gone: Fraud at an industrial scale [video]
https://news.ycombinator.com/item?id=46411930
blakesterz|1 month ago
Cory Doctorow's talk is quite strong.
teroshan|1 month ago
An excerpt:
> I assume you've spotted the pattern by now: the US trade representative has forced every one of its trading partners to adopt anticircumvention law, to facilitate the extraction of their own people's data and money by American firms. But of course, that only raises a further question: Why would every other country in the world agree to let America steal its own people's money and data, and block its domestic tech sector from making interoperable products that would prevent this theft?
> Here's an anecdote that unravels this riddle: many years ago, in the years before Viktor Orban rose to power, I used to guest-lecture at a summer PhD program in political science at Budapest's Central European University. And one summer, after I'd lectured to my students about anticircumvention law, one of them approached me.
> They had been the information minister of a Central American nation during the CAFTA negotiations, and one day, they'd received a phone-call from their trade negotiator, calling from the CAFTA bargaining table. The negotiator said, "You know how you told me not to give the Americans anticircumvention under any circumstances? Well, they're saying that they won't take our coffee unless we give them anticircumvention. And I'm sorry, but we just can't lose the US coffee market. Our economy would collapse. So we're going to give them anticircumvention. I'm really sorry."
> That's it. That's why every government in the world allowed US Big Tech companies to declare open season on their people's private data and ready cash.
> The alternative was tariffs. Well, I don't know if you've heard, but we've got tariffs now!
> I mean, if someone threatens to burn your house down unless you follow their orders, and then they burn your house down anyway, you don't have to keep following their orders. So…Happy Liberation Day?
divan|1 month ago
yunnpp|1 month ago
It carries even more weight now that "post-American" is coming from...an American. This guy stands for his ideals, I envy such resolve.
Phelinofist|1 month ago
fbias|1 month ago
st_goliath|1 month ago
It has some long tradition placing those visibly on the podium. As the story goes, the idea is that you can immediately see if the video stream freezes up (because the cat in the video suddenly stops waving). You wouldn't immediately catch that in between talks (when you have some time to fix the issue) if the camera was just pointed at an empty stage with no movement. I think at 30C3 or so, I saw one that was placed so that it would repeatedly knock on the microphone as well.
Anyway, the waving cat has become a bit of a meme by itself and mascot of the VOC, hence also the (animated) icon in video player.
ximm|1 month ago
utopiah|1 month ago
PS: HN sucks with dupes.
dxdm|1 month ago
unknown|1 month ago
[deleted]
wormius|1 month ago
peterfirefly|1 month ago
I'm looking forward to watching "Who cares about the Baltic Jammer?" and "The art of text (rendering)" as examples of the former.
An example of the latter is "selbstverständlich antifaschistisch!"
BSVogler|1 month ago
What would be strange are hackers that are fascist. Fascism demands surrender to power and obedience, which is antithetical to the hacker sprit. Questioning systems, equalizing power imbalances is the hacker spirit.
pamcake|1 month ago
That last polarisation and othering is odd, unnecessary, divisive and not generally representative of 39c3 talks nor the CCC.
Antifascism is a long tradition among humanists and European hackers and not related to "left-wing extremism".
Why do you find it necessary to discredit the message of that talk? What's the supposedly extremist message in there?
atoav|1 month ago
Fighting fascism is required of every person who wants to keep a working democracy, regardless of your fiscal policy ideas or how egoistical you want your government to represent you.
Democracy is what allows you to remove bad leaders/parties without having to fight a bloody revolution. Fascism yearns to remove that possibility. Hence anti-fascism being needed.
That being said: Which part of the talk did you find especially extremist?
grantcas|1 month ago
[deleted]
fooqux|1 month ago
[deleted]
unknown|1 month ago
[deleted]
cocodill|1 month ago
sllabres|1 month ago
51 Ways to Spell the Image Giraffe
Who cares about the Baltic Jammer?
Asahi Linux - Porting Linux to Apple Silicon
The art of text (rendering)
Excuse me, what precise time is It?
DNGerousLINK
CPU Entwicklung in Factorio
How to render cloud FPGAs useless
Breaking architecture barriers: Running x86 games and apps on ARM
Cracking open what makes Apple's Low-Latency WiFi so fast
Reverse engineering the Pixel TitanM2 firmware
Not To Be Trusted - A Fiasco in Android TEEs
Celestial navigation with very little math
Textiles 101: Fast Fiber Transform
Escaping Containment: A Security Analysis of FreeBSD Jails
Don’t look up: There are sensitive internal links in the clear on GEO satellites
Opening pAMDora's box and unleashing a thousand paths on the journey to play Beatsaber custom songs
Lessons from Building an Open-Architecture Secure Element
And of course some of the Lightning Talks...