Everyone at the Chaos Communication Congress wants to participate in hands-on experiments as much as possible. That's why the worshop areas in the Berlin Convention Center -- both the officially labeled "Workshop" and all the ad-hoc arrangements everywhere on tables and floors -- are some of the most popular spots here at CCC. Although it would be impossible for me to summarize every cool project I've seen here, I'll offer you a few highlights so you can plan your next long weekend around them.

1. Christian Daniel and Thomas Kleffel gave an excellent presentation on the new European digital television broadcast standard known as DVB-T. Eventually all TVs in Europe will receive TV signals through DVB set top boxes that de-scramble the digital signals send over the air, and already DVB has taken over in Germany. Daniel and Kleffel built their own DVB transmitter and explained it to an engrossed audience (at left, Daniel with the transmitter). According to Daniel, it's quite easy to inject your own data into the signal and take over somebody else's set top box. This is particularly spooky, he added, because most set top boxes can be reprogrammed remotely in a permanent way. (You can find out how to build a DVB transmitter and experiment with your own set top box here.) As Seth Schoen of the Electronic Frontier Foundation pointed out in his talk later that day, it's crucial to start hacking DVB now, before it has been locked down with DRM.

2. There's nothing like learning a made-up natural language when you've already mastered several computer languages, and Lojban was what everybody wanted to know more about at CCC. Lojban is  a constructed langauge or "conlang," and its main properties are beauty and complete adherence to the rules of logic. Lojban is an outgrowth of Loglan, a logical language developed in the 1950s. Today Lojban has several thousand speakers -- including one named Alexander Koch (at left) who took over the Workshop area in the Conference Center basement to teach us how to have rudamentary but completely unambiguous conversations. Want to learn Lojban? As Koch put it, "Lojban is the hacker's spoken language." Check out the book "What is Lojban?" and learn more.

3. During one of the five-minute "lightning talks," SJ from the US nonprofit One Laptop Per Child introduced the new version of the so-called "$100 computer." It looks fantastic, and is the perfect size and durability for tiny humans. He said his organization will be handing 5 million of them to children in five countries next year, with the idea that if they work in remote, rural regions they can work almost anywhere. Showing off the computer and grinning, he said, "Kids who try these never want to give them back. They know exactly what they want to do with them." SJ asked the audience to help improve the devices by submitting proposals for games, stories, and software appropriate for teaching kids. Why not help improve the computers yourself by coming up with your own project and volunteering to build it?

4. On the first day of the convention, Fabienne Serriere spent two hours teaching people how to make their backpacks into wifi-sensing devices by modifying a wifi detector and sewing it into a backpack strap. It was the ultimate blend of home economics and home electronics, and the workshop attendees loved it. Want to build your own, so that you can glow when passing through the 2.4 ghz range of the spectrum? Find out how to do it here.

These projects should amuse you for days on end, and if you need more you can always come to CCC next year. --Annalee Newitz

IT security expert Sebastian Wolfgarten wanted to find out if he could get
around the so-called Great Firewall of China, a vast Internet
censorship system that prevents Chinese citizens from accessing
information their government deems sensitive. Yesterday, he told Chaos Communication Congress attendees how he did it.

Researchers have known
for the past several years that when Chinese citizens type certain
phrases like “Falun Gong” and “Taiwan” into Google, they
receive very different results than people outside the region do. Wolfgarten
wanted to know why, and whether there might be a simple technical way
to dig a little escape route through the Great Firewall.

Getting into China's network turned out to be easier than you might imagine. Wolfgarten simply bought a server at a Chinese ISP by phone. Once the server was set up, he could log into it from Germany. And all the data that went through the server
would be subject to the same digital censorship that Chinese citizens
experience every day. He quickly discovered that when he requested
information on Taiwan through his Chinese server, he got
no data in return. Sometimes, he couldn't access his server for days
on end. When he phoned the ISP for information, workers there told
him the server was running. He was just blocked from reaching it.

Over the next year, he tried several
methods for getting uncensored data to his Chinese server through
the Great Firewall. He would log into the server, then make requests for information about Amnesty.org or
Falun Gong. What he discovered was that there are three fairly simple
ways to trick the automatic Chinese censorship system.

The first, and easiest, is to use the anonymous network Tor. Though there has been some debate as to whether Tor would work in China, it seems to be successful for now. Another method, which had been previously identified by researchers with the OpenNet Initiative a couple of years ago, involves essentially ignoring censorship commands sent by Chinese servers. Apparently the Great Firewall censors data by responding to forbidden key words with a network command called a "reset." The reset instructs the Chinese computer to drop its connection. The hitch is that the data is still coming in, but injected with the "reset" command. Program your own firewall to ignore "reset" commands and you've got uncensored data.

Crafty anti-censorship types in China can also get uncensored data by doing something called "tunnelling," which seems particularly appropros when dealing with a Great Firewall. Wolfgarten tested what happened when he hid requests for "Falun Gong" inside seemingly-innocuous requests for e-mail or basic network information. A computer outside the Wall unwraps the requests, gets the data, rewraps them and returns them to China uncensored.

Wolfgarten admitted that it's not clear that servers owned by foreigners are subject to the same treatment as Chinese-owned servers. He concluded by saying that a lot more research needs to be done, and invited others to help him.

You can read Wolfgarten's paper about his research here. --Annalee Newitz

At the Chaos Communication Congress, there are hackers and a hacker "scene." The two overlap like a Venn diagram of social life. But the differences between them are obvious to anyone who spends any length of time observing what happens at this conference in between the lectures and technical demonstrations.

This morning at the Chaos Communication Congress, Cambridge Ph.D. student Steven Murdoch (pictured at left) knocked everybody's socks off with a presentation about how people can unmask an anonymous online publisher by remotely monitoring his computer's temperature. It sounds about as tin foil hat as you can get, but the trick is real. Every computer's clock is run via quartz crystals, but those crystals change their speeds as the computer heats up. Therefore a computer's clock runs nanoseconds faster or slower depending on the overall temperature of the unit. This process is called clock skew, and it creates a uniquely off-kilter time "fingerprint" for every computer.

Researchers in the field have pointed out that asking a computer what time it is over and over for an extended period allows you to chart its time skew as it heats up and cools
off over a day's use. (See the chart at right for an example of a computer's unique time skew profile.) Murdoch talked about how time skew tracking could also be used to locate computers hidden via an anonymous network-within-a-network called Tor. Dissidents, whistleblowers, and other people who wish to remain anonymous can publish information on the Internet using Tor's "hidden services" mode. But a computer offering these hidden services can't hide its heat and resulting clock skew.

Somebody who wants to nab dissidents can send lots of data to the computer running hidden services, heat it up, take a measurement, and then compare those measurements to other computers in the Tor network. Once she has a match, that person will know the IP address of the computer hosting the formerly-anonymous publisher. She can now track the computer down and destroy it. Murdoch speculated that time skew might also reveal the whereabouts of a computer because one could figure out what time of day air conditioning got turned on and off, or when sun was heating up the room where the computer is located. One could also figure out, based on the heat signature, whether a computer was stored in a rack or under somebody's desk.

There are no good ways to defend against time skew monitoring. Fans and temperature regulators don't correct for the tiny changes in temperature required to produce skew. So even if you're hiding using advanced tech like Tor, your heat can give you away. Read Murdoch's paper on the topic here. -- Annalee Newitz

In a day of fantastic lectures and demonstrations at the Chaos Communication Congress, one of the most intriguing came from a computer science/artificial intelligence undergraduate at MIT named Christine Corbett Moran. She's been a very active contributor to an open source project called MOSES devoted to statistical machine translation (SMT). Although there are already a number of automatic translation software programs available -- many people are familiar with Google's translator and BabelFish -- few are open source and none are as robust as MOSES.

The advantage of making the program open source is that many people can implement it in various applications for an arbitrary number of languages. And the more that people implement it, the better MOSES gets. Moran joked that MOSES would be perfect for Finnish people who want to translate their writing into Klingon. But of course fast, automatic translation online is crucial to many people's daily lives -- not just Nordic Star Trek fans.

MOSES works sort of like a Bayesean spam filter, learning statistically which translations are "good" from vast quantities of language data. MOSES "learns" correct translations by poring over corpora of translations, the same way your spam filter "learns" when you mark some mail as spam. Moran said an excellent source of translations for MOSES are available from the European parliament, where speeches and discussions are translated into many languages at once. She urged the audience to test out the software, and add as many languages as possible to it.

A representative from Wikipedia seemed particularly excited by the possibilities, and vowed to test out MOSES on Wikipedia entries to see if it might work for mass translation on the huge community-edited encyclopedia. Moran thought that would be a great idea -- after all, the more correct translations MOSES sees, the better its  translations become. As Moran fielded dozens of questions in the hall after her talk, it was obvious that open source translation programs are sorely needed. MOSES, or perhaps the next version of MOSES, may be what allows you to talk to people around the world in their languages -- instantaneously. --Annalee Newitz

At the Chaos Communication Congress, a small group of hackers who love a strange computer langauge known as Dylan convinced several thousand people to voluntarily place themselves under surveillance with wearable radio frequency identification tags (RFIDs). They presented their project, called Sputnik, at the conference yesterday. The Sputnik crew placed RFID readers throughout the conference space, and anyone wearing the Sputnick RFID tags (on sale at the front desk for 10 Euros) would be tracked throughout the conference. Participants could register their RFID tag ID number online, and associate it with their name or other personal information. One of the project designers told a packed audience, "Anyone can click on your ID number via a web interface, and find out which lectures you have attended."

The RFID tags contain a transmitter, battery, and what appear to be two processors as well as two crystals (schematics will be posted on the Sputnik website soon). Best of all, the Sputnik crew set up a 3D visualization of the entire conference center, with avatars representing each person with an RFID tag. Using a large touchscreen (pictured at left), users could "look around" the 3D space, select avatars, and find out who they were and where they'd been. Essentially, the Sputnik visualization turned the entire conference into a virtual world containing real world data. As one person using the the display commented, "This is awesome!" Unfortunately, so many people hit the Sputnik website that the display was down for most of the day. But it appears to be back up today and there are more people than ever zooming around with the Sputnik RFID tags clipped to their jackets.

By the end of the conference, the Sputnik crew will know a great deal about what the typical person has done at CCC. They will also have sparked several debates about whether surveillance is ever a good thing -- even if it's done for amusement. --Annalee Newitz

I arrived at the 23rd annual Chaos
Communication Congress in Berlin early Tuesday evening. The conference wasn't set to start
until the next day, and the registration desk in the cavernous,
Soviet Era Berlin Conference Center wasn't open yet. But
there was already a huge line of people waiting to buy badges. The event they waited for so patiently is
one of the oldest hacker conferences in Europe, and is organized in
part by the Chaos Computer Club, a Berlin-based group that works
within the government and the European technical community for civil
liberties and freedom of expression in the digital world. On the
roster for the four day conference? Everything from tutorials on
hacking Xboxes to lectures about the politics of trust in an age of
electronic surveillance.

Chattering excitedly in a mix of English and German, people in
t-shirts advertising secure operating systems discussed things like
smart phones (called “handies” in German), techno music, and
politics. When registration finally opened, around 7 PM, the harried
volunteer behind the counter couldn't find my name in the system and
finally admitted, in German-flavored English, “It is a bit chaos.”
The conference runs 24 hours a day, with many people spending the
night on the conference room floor in sleeping bags, so he advised
that I come back for my badge around 3 AM.

I needed to sleep off my jetlag, so I
vowed to come back at  reasonable hour after poking around a bit.
Volunteers with Network Operations Center, or NOC, had a vast number
of tables laid out with equipment that would form the CCC computer
network. The central lounge, which normally serves as a cafeteria,
had been turned into a hipster-nerd haven full of sofas, computer
screens, a DJ station, and a display of LED confections that blinked
hypnotically in one corner. Groups of friends huddled in hacker
circles where laptops often outnumbered people.

The excitement of the hundreds of geeks
who had already arrived was palpable. By tomorrow, there would be
thousands of them. And I would be there too, playing with machines
and ideas just for the hell of it, and to make the world a better
place. That's what CCC is all about. Stay tuned for detailed reports about the stuff I'll learn over the next few days. —Annalee Newitz