Jared Naude (140)
We've not been trained for this: life after the Newag DRM disclosure by Michał Kowalczyk (@redford), q3k, Jakub Stepniewicz #38c3
The team also found that if you open the cabin doors of the train and push the emergency button in the toilet. The train will unlock itself. #38c3
It was found that trains were stopping at a certain train station that was close to a train workshop of the competitors. This was due to the GPS lock that was implemented. When they unplugged the GPS module, the issue went way. #38c3
This talk follows on from the talk last year about how trains have code that will detect servicing attempts. This was presented last year and this talk presents what happened afterwards. #38c3
Apple's lightning connector allowed JTAG, UART and SDQ. This changed with the switch to USB C and required new research on how to get access to these functions. #38c3
Classic signatures where built for machines and not people. Machines don't care about privacy but people do. Cryptographers were asked about the options to solve this problem. Anonymous credentials could be used to solve this problem through zero knowledge proofs (ZKP). The use of ZKP can enable the proof of data without revealing the underlying data. For example, you can prove that you are older than 18 without revealing your date of birth. #38c3
The fifth challenge is deniability which was debated a lot in Germany. The law does not make a specific mention of it but it should be included. There is a trend to signed data which could be a problem in a data breach. #38c3
Work is underway to get the privacy-preserving technology like zero knowledge proofs into the European Digital Identity Wallet. This would require the original law to be updated. #38c3
Breaking NATO Radio Encryption by
Lukas Stennes.
The US Miltary and NATO uses the HALFLOOP-24 algorithm. This talk explores how to break it. #38c3
