< up >
2024-09-23

Datenspuren 24

I’ve attended the Datenspuren 24 hosted by C3D2 in Dresden.

Some data:

• location: Dresden-Pieschen Zentralwerk
• lot of talks, workshops and get together
• since 2004
• focus: technology within society
• own payment system GNUTaler with the digital currency Spurlos

Contents

• SculptOS - a novel operating system, truly trustworthy computing
  • Microkernel mechanism
  • SculptOS
  • Update (26.09.2024) - Tryout
• SequoiaPGP - Implementation of PGP
• Travel report from the media jungle
• Lock picking village - workshop
• Linux hello world with hex editor
  • Hexylon
• Speedhacking
• The event
• Souvenirs and future rabbit holes
• DD Impressions

SculptOS - a novel operating system, truly trustworthy computing

If the wifi driver of a monolithic kernel (like Linux) crashes, the kernel crashes entirely. Compromizing one part of the kernel also enables access to all the other parts (CVE-2024-1086,CVE-2024-36971). Microkernel prevent this issue by separating all critical parts of a kernel from each other. Benjamin Lamowski from GenodeLabs started the talk (video) with this premise to show the advantages of the microkernel-based operating system SculptOS.

Microkernel mechanisms

In order to achieve this separation, some mechanism comes into play:

• protect domains, two domains can only communicate if given permission
• context switching
• IPC for connect domains
• resource arbitration, control hardware access
• principle of least authority
• one component can’t oversee the global system => like chroot for each domain
• no overcommitment to achieve dependability

SculptOS

The os provides components to isolate and connect domains.

Components can be connected on-the-fly within the config file or the UI.

The os reuses linux drivers to overcome reinventing the wheel. It keeps the scheduler and memory management within the kernel to avoid lots of context switching.

Update (26.09.2024) - Tryout

I’ve downloaded the 30 megs image from their website and pasted the qemu commandline right underneath adding -accel kvm, it worked out of the box \o/ The whole system along with its drivers can be configured with xml files life. Literally changing a value in the file will affect the system instantly. The immediate response makes it fun to play around and try things out.

SequoiaPGP - Implementation of PGP

Talks like Neil Walfields one (video) would be useful once a year like some sort of yearly safety instruction at work to refresh the PGP knowledge. BUT with a light on the horizon out of the GPG jungle.

SequioaPGP is a GPG replacement aiming for simplicity, secure by default but extensible where needed.

Travel report from the media jungle

The talk (video) held by Xyrill encouraged everyone to participate publicly within media where possible. It is easier to talk more than less. Publish media and work with journalists is both raising the self-efficacy such as making the world to a better place.

Within the talk, some takes were given why press seem to be biased sometimes:

• advertisement, brand/company loyalty
• people/companies strive to consistent world views
• people want to raise their social status
• availability-heuristics: media can only publish information they get

book recommendation: Manufacturing Consent: The Political Economy of the Mass Media by Edward S. Herman and Noam Chomsky

Lock picking village - workshop

We learned a lot about lock picking in this workshop and even tried ourselves with some simple pad-locks.

In the beginning we started with a tension wrench and a rake pick. The former is used to apply tension onto the lock and to rotate it when the pins are positioned properly. The later has a couple of bumps and is used to push down the pins randomly by quickly sliding it in and out within the lock. We had the first lock open within the first five minutes of trying. That feeling was satisfying!

The next step was to use a hook pick instead of the rake one. Each pin needed to be pushed down separately with the proper tension applied with the tension wrench. Pushing down not enough or too much will block an unlock. This method works as the pins are not aligned in a straight line due to manfacturing tolerance. There is an order of pins blocking the unlock. Pushing down the pins in the right order will unlock the lock. I didn’t accomplish it. But as the raketing was so satisfying and fun, I acquired myself my own set of tools right at the workshop.

Linux Hello World with hex editor

Katzenmann held my personal guilty pleasure talk (video) of this event. It was about writing hello world within hex hand crafting the binary format ELF while writing the actual hello-world code in x86_64 code.

hexylon

This talk motivated me to design a file format describing binary files with hex values along with documentation to maintain readability. It’s called hexylon and a hello world inspired by Katzenmann’s looks like this:

/* ELF Header */
0x7f 0x45 0x4c 0x46        // ELF magic number
0x02 0x01 0x01 0x03        // version, ABI and endianess stuff
00 00 00 00 00 00 00 00    // padding
02 00                      // file type
0x3e 00                    // Instruction set
01 00 00 00                // ELF version
78 10 40 00 00 00 00 00    // entry point: sizeof(ELF header) + sizeof(program header)
40 00 00 00 00 00 00 00    // ?
00 00 00 00 00 00 00 00    // 
00 00 00 00                //
40 00                      // ELF header size
38 00                      // program header entry size
01 00                      // program header entry count
00 00 00 00 00 00          // unused section stuff

/* Program header */
01 00 00 00                // entry type (LOAD)
05 00 00 00                // section permissions RWX, W+X = 3+2 = 5
00 00 00 00 00 00 00 00    // offset (no offset)
00 10 40 00 00 00 00 00    // virtual memory address
00 00 40 00 00 00 00 00    // physical memory address (where needed)
ac 00 00 00 00 00 00 00    // size in file
ac 00 00 00 00 00 00 00    // size in memory
00 10 00 00 00 00 00 00    // alignment

/* Program */
b8 01 00 00 00             // sys_write
bf 01 00 00 00             // arg0: stdout
48 0xbe                    // arg1: mov rsi
0x9f 10 40 00 00 00 00 00  // virtual memory address of string
ba                         // mov edx
0x0d 00 00 00              // arg2: string length
0x0f 05                    // call syscall
b8 0x3c 00 00 00           // sys_exit
0xbf 00 00 00 00           // arg0: exit code
0x0f 05                    // call syscall

/* data */
68 65 0x6c 0x6c 0x6f 20    // "hello "
77 0x6f 72 0x6c 64 21 0x0a // "world!\n"

This was so much fun. Thanks for the motivation!

Speedhacking

The speedhacking show was an entertaining specatle. I didn’t even know how much fun it would be watching people replacing hard disks, installing operating systems or solder with lighters as a challenge.

The event

I personally underestimated the value of a commerce-free opportunity to share ideas and knowledge about technology and how they affect society. This was a human-centric positive experience where I felt welcome in terms of my neurodivergence.

It was also enlighting to get in touch with the queer-community and be in a place where people can be people. The event helped be to lower unfounded inhibitions.

Souvenirs and future rabbit holes

• build a ferris split keyboard
• writing executable binaries by hand
• try out sequoiaPGP
• lock picking as replacement for fidget cubes
• attend more ccc events

DD Impressions

Finally I want to share some impressions from Dresden which I took with my DSLR.