Vortrag auf dem Chaos Communication Congress

Gemeinsam mit dem Datenwissenschaftler Andreas Dewes werde ich zu den Hintergründen zu #nacktimnetz auf dem diesjährigen „Hackerkongress“, dem 33C3, vom 27.–30.12. in Hamburg, sprechen. Dabei werden wir zum Einen einen tieferen Einblick in die Recherche an sich geben und zum Anderen ausgewählte Ergebnisse vorstellen, die nochmal ein gutes Stück weiter als das gehen, was wir bislang veröffentlicht haben.

Und so lautet die Ankündigung:

When thinking about surveillance, everyone worries about government agencies like the NSA and big corporations like Google and Facebook. But actually there are hundreds of companies that have also discovered data collection as a revenue source. Companies which are quite big, with thousands of employees but names you maybe never heard of. They all try to get their hands on your personal data, often with illegal methods. Most of them keep their data to themselves, some exchange it, but a few sell it to anyone who’s willing to pay.

We decided to do an experiment: Using simple social engineering techniques, we tried to get the most personal you may have in your procession. Your “click-stream data”, every URL you have been visiting while browsing the web.

After a couple of weeks and some phone calls we were able to acquire the personal data of millions of German Internet users - from banking, over communication with insurance companies to porn. Including several public figures from politics, media and society. In the talk, we’ll explain how we got our hands on this data, what can be found inside and what this could mean for your own privacy and safety now and in the future.

Rakete vor dem CCH in der Dunkelheit