39th Chaos Communication Congress Videos
Key topics
The 39th Chaos Communication Congress has dropped its videos online, sparking a lively discussion around a particular talk that caught many commenters' attention. As it turns out, Cory Doctorow's speech on a "post-American enshittification-resistant internet" was a highlight, with some users quickly sharing links to the video and transcript. However, not everyone was pleased, with one commenter lamenting Facebook's swift removal of their post sharing the link, prompting a debate about the trade-offs of using censorship-prone platforms for outreach. Despite some nitpicking about the speaker's nationality, the talk's themes resonated with many, who appreciated the weight of an "American" (or, as clarified, a Canadian living in LA) advocating for a post-American internet.
Snapshot generated from the HN discussion
Discussion Activity
Very active discussionFirst comment
36m
Peak period
43
0-6h
Avg / period
9.6
Based on 106 loaded comments
Key moments
- 01Story posted
Jan 2, 2026 at 8:17 AM EST
5d ago
Step 01 - 02First comment
Jan 2, 2026 at 8:53 AM EST
36m after posting
Step 02 - 03Peak activity
43 comments in 0-6h
Hottest window of the conversation
Step 03 - 04Latest activity
Jan 6, 2026 at 10:38 AM EST
1d ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
Cory Doctorow's talk is quite strong.
The Network Effect implies the platform gets better for you as more people join. If they are deleting your content, the network is no longer serving you—it’s just holding you hostage. This is enshitification as it best. (this ironie with a cory doctorow link)
At this stage, it’s just a walled garden. Staying because 'everyone is here' while being silenced is learned helplessness.
You're voluntarily staying in a walled garden that refuses to let you speak.
But: The door is wide open, you can go.
It carries even more weight now that "post-American" is coming from...an American. This guy stands for his ideals, I envy such resolve.
I attended 7 talks.
My favourite talk by far was hacking the GPG. Brilliant, really: https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical...
The "In-house electronics manufacturing from scratch" was a very inspiring talk: https://media.ccc.de/v/39c3-in-house-electronics-manufacturi...
The rest were less good for me personally. Either over-dramatic and shallow (with a sexy-sounding topic) or too procedural in topics I'm not an expert in.
Sandstorm JP-8000 sawtooth DSP reversing https://www.youtube.com/watch?v=XM_q5T7wTpQ
Washing machines hacking https://www.youtube.com/watch?v=Q1S-PVo3GlA
AMD (ps5 sorta) security: https://www.youtube.com/watch?v=cVJZYT8kYsI
cool demo for the BT headphones talk: https://www.youtube.com/watch?v=TK5Tz4Bt94Y
precise time syncing with PTP: https://www.youtube.com/watch?v=dOt-zRIG5co
x86 > arm with intermediate: https://www.youtube.com/watch?v=3yDXyW1WERg
I am not so much into videos but due to some extended interest in the matter I decided to watch the recording of that talk and I do not regret it. Much recommended to everyone who is interested in the state of the art of precision time synchronization over network. Also, in my opinion this talk is presented masterfully with most of the time actually spent on a convincing live demo.
https://media.ccc.de/v/39c3-excuse-me-what-precise-time-is-i...
AI Agent, AI Spy
https://media.ccc.de/v/39c3-ai-agent-ai-spy
Mona Wang's talk early on Day 2 wasn't recorded but was the polar opposite -- Original, off-the-cuff, engaging, and just fun to witness.
https://fahrplan.events.ccc.de/congress/2025/fahrplan/event/... https://m0na.net/papers/wirewatch.pdf
Maybe of relevance to non-security people here:
1. Most of it is about AI investigating event data in general, not just SOC/IR: cyber, intel, fraud, SRE, and we're even messing with customer 360 & social media data
2. For anyone into vibes coding or building agents, I encourage jumping to the "self-writing AI" section where we're finding we are moving internally from vibes coding -> vibes engineering -> and finally now to eval-driven AI coding loops
I personally work as pentester and we're still doing a lot of manual work with AI simply as a better version of Google, but seeing the BOTS presentation I feel we can do better. Do you have any idea if anyone's working on something similar to Louie in pentesting space, or if Louie could work with pentesting workflows?
Companies like trail of bits are more interesting to me here, because they historically do deeper analysis. A place to look there is the darpa cc x ai (?) competition that finished at blackhat last year.
If in the US, we may be looking for a pen testing partner on an upcoming agentic AI contract, so feel free to msg - Leo @ graphistry
For OMG eye opening factor the FreeBSD jails talk (how the hell is this thing still so buggy?) and the talk on unencrypted satellite links
For excellent follow-along value and dedication to ridiculously pointless cause the Freebox talk. "Technically I don't own this box so instead of risking damaging it I'm going to take the extremely long and entertaining route around, somehow involving Doom WAD files"
For showmanship probably the Tegra talk
Because everything that complex is going to be that buggy.
With the bugs they found fix a constant number of them still remains.
But bugs in large codebases will always be a thing, and even though the eyes looking at FreeBSD are very, very good eyes, indeed there are not enough of them. The more interesting thing here is that they picked a really hard target. If they had done the same with Linux I would expect the number of bugs to be quite a bit higher.
I live somewhat nearby, but can’t book or plan a visit because of this. I appreciate that they are releasing videos short afterwards though.
It was also a great excuse to spend New Year's Eve in Berlin.
I booked a refundable hotel already in the summer, in case I won't get the tickets. But getting the ticket this year was relatively easy (though maybe I just got lucky).
https://media.ccc.de/v/39c3-the-last-of-us-fighting-the-eu-s...
Not an Impasse: Child Safety, Privacy, and Healing Together: https://media.ccc.de/v/39c3-not-an-impasse-child-safety-priv...
APT Down and the mystery of the burning data centers: https://media.ccc.de/v/39c3-apt-down-and-the-mystery-of-the-...
Bluetooth Headphone Jacking: A Key to Your Phone: https://media.ccc.de/v/39c3-bluetooth-headphone-jacking-a-ke...
And he waited almost ten years and the retirement of the hardware to reveal it because he didn't want it to be patched.
The talk "Look Up" about unencrypted data over DVB satellite links was also though provoking, both in presentation and in technical content. If there's that much data unencrypted over a mainstream IP link, imagine how much is still on legacy protocols in 2025.
Miele washing machine hacking, very nice, I was going to say I'd be waiting to see someone integrate it into HA... and then looked up the Github repo and there's HA integration already there.
The 10 year of Dieselgate is interesting just from a "how bad is it really?" PoV, I saw the part about curves and other defeat devices already [1].
The Rowhammer talk is likely going to be great as well, I like Daniel's work [2].
The practical Cross-VM Spectre was interesting to show this is still a problem [3].
The opensource secure element was good for trying such a thing, but I wasn't that impressed with the content [4].
[1] https://cfp.cccv.de/39c3/talk/7MSRA7/ https://media.ccc.de/v/39c3-10-years-of-dieselgate
[2] https://cfp.cccv.de/39c3/talk/3JXAJJ/ https://media.ccc.de/v/39c3-rowhammer-in-the-wild-large-scal...
[3] https://cfp.cccv.de/39c3/talk/ATYLN9/ https://media.ccc.de/v/39c3-spectre-in-the-real-world-leakin...
[4] https://cfp.cccv.de/39c3/talk/9DYZXG/ https://media.ccc.de/v/39c3-lessons-from-building-an-open-ar...
The one on whatsapp bugs https://media.ccc.de/v/39c3-dngerouslink-a-deep-dive-into-wh...
https://m.youtube.com/watch?v=h3UcecN5fvQ
[0] https://media.ccc.de/v/38c3-self-models-of-loving-grace
[1] https://joscha.substack.com/p/on-the-jeffrey-epstein-affair
[2] https://events.ccc.de/congress/2025/hub/de/event/detail/tech...
The allegations do not appear to involve abuse or moral complicity with Epstein. Instead, they seem to focus on emails Bach exchanged with Epstein concerning IQ, race, and possibly sex. Bach denies these allegations of racism and sexism.
That is at least how I understand the material based on the provided links.
He quoted what he believed was scientific evidence in a private conversation that became public, has comments on fashism being efficient are clearly anti-facist and believed to observe a gender stereotype. No matter if the facts were true, it should be possible to discuss such things (especially those you think are facts) in private without getting canceled. Even if they would play in to the hand of racism or sexism if made as public statements.
I found his appology a bit weak, but I also don't see his offense, despite the messages in public being offensive and possibly harmful.
Indeed not HN standards. And if Joshua said killing people is good, I am interested in a full quote.
"The main part of the workshop consists of a moderated deliberative discussion with the audience."
I think it is a bit ironic, that Joshua got canceled because of a private conversation - and the debate about it is not recorded, so .. in effect people are more free to express their opinions without getting canceled.
Disapointing to me. Joshua seems to have points of views I find debatable (I don't know much about him) But canceling to not have to stand his opinions? That is very much against the hacker spirit to me and he is a smart guy who knows a lot about AI.
That is because with published recordings it often becomes purely performative, where people aren't actually interested in honestly engaging with each others thoughts, but instead (ab)using the recording as a stage to make a public statement. It essentially becomes a thinly veiled PR battle with multiple actors trying to control the narrative and the ones that prepared well (so not the general audience) tend to dominate the discussion. In my experience that is the opposite of a good discourse.
In the latter case the audience is only the audience that is already present and they are part of the discussion, if everything goes well a feeling of "we need to resolve this issue" is established, with a collective feeling emerging in the room. There is no guarantee that this happens and that there is a result, but in my experience (with well over 400 events) the tendency speaks for the closed room, especially with touchy subjects.
I do agree to that
I just would have prefered a closed room debate with him invited to adress those issues, not the cancel mentality and then speaking in a close room about him.
https://media.ccc.de/search?p=Joscha
This meta discussion synopsis "Tech-Transcendentalism as Hypermodern Myth and Neofeudal Ideology [all creatures welcome]" feels like reading a rabit hole of a mountain.
I would have loved another talk from Joscha, the critisism is weirdly ignorant.
>Last year, Bach presented at 38C3, where he reduced the human mind to software, fetishized the mismeasure of human intelligence by IQ, and called for the effective dehumanization of humanity (quote: "we anthropomorphize people way too much")
It seems the event you mentioned was not really about an open discussion of his ideas, but took a clearly negative stance even in the abstract...
It has some long tradition placing those visibly on stage. As the story goes, the idea is that you can immediately see if the video stream freezes up (because the cat in the video suddenly stops waving). You wouldn't immediately catch that in between talks (when you have some time to fix the issue) if the camera was just pointed at an empty stage with no movement. I think at 30C3 or so, I saw one that was placed so that it would repeatedly knock on the microphone as well.
PS: HN sucks with dupes.
51 Ways to Spell the Image Giraffe
Who cares about the Baltic Jammer?
Asahi Linux - Porting Linux to Apple Silicon
The art of text (rendering)
Excuse me, what precise time is It?
DNGerousLINK
CPU Entwicklung in Factorio
How to render cloud FPGAs useless
Breaking architecture barriers: Running x86 games and apps on ARM
Cracking open what makes Apple's Low-Latency WiFi so fast
Reverse engineering the Pixel TitanM2 firmware
Not To Be Trusted - A Fiasco in Android TEEs
Celestial navigation with very little math
Textiles 101: Fast Fiber Transform
Escaping Containment: A Security Analysis of FreeBSD Jails
Don’t look up: There are sensitive internal links in the clear on GEO satellites
Opening pAMDora's box and unleashing a thousand paths on the journey to play Beatsaber custom songs
Lessons from Building an Open-Architecture Secure Element
And of course some of the Lightning Talks...
I'm looking forward to watching "Who cares about the Baltic Jammer?" and "The art of text (rendering)" as examples of the former.
An example of the latter is "selbstverständlich antifaschistisch!"
Fighting fascism is required of every person who wants to keep a working democracy, regardless of your fiscal policy ideas or how egoistical you want your government to represent you.
Democracy is what allows you to remove bad leaders/parties without having to fight a bloody revolution. Fascism yearns to remove that possibility. Hence anti-fascism being needed.
That being said: Which part of the talk did you find especially extremist?
Ah yes, the non-existent fascists that:
1. Marched openly as neo-Nazis in Charlottesville (2017), chanting "Jews will not replace us," resulting in the murder of Heather Heyer
2. Organize under explicitly fascist banners like Atomwaffen Division, The Base, Patriot Front, Blood Tribe, Golden Dawn, CasaPound, etc., all of which self-describe using fascist or Nazi ideology
3. Attempted to overturn a democratic election on Jan 6, 2021, including coordinated efforts by elected officials to submit fake electors and pressure state officials to "find" votes
4. Advocate ethno-states and mass deportations, including prominent figures calling for the removal of citizenship, voting rights, or legal protections from minorities (see CPAC speeches, "remigration" rhetoric in Europe, AfD platform language)
5. Celebrate or inspire political violence, from the Christchurch, El Paso, Buffalo, Halle, and Oslo attackers, all of whom explicitly cited fascist or white supremacist ideology in their manifestos
6. Promote leader-worship and elimination of dissent, e.g. calls to jail journalists, dissolve independent courts, criminalize opposition parties, or rule "by decree" (explicit in Hungary, echoed rhetorically elsewhere)
7. Attack independent media and academia as enemies of the nation, while advocating state control or punishment for ideological non-compliance
8. Receive normalization or support from sitting politicians, including endorsement, retweets, pardons, or refusal to condemn clearly fascist groups when given the opportunity
Calling this non-existent requires either ignoring explicit self-identification or redefining fascism so narrowly that only a 1930s uniform and a written and signed oath counts. But that definition isn't what any serious person would dare to bring to a discussion.
Meanwhile, "antifa" is not a party, not a centralized organization, has no manifesto, no leadership, no unified program, and no plausible path to state power. Are there idiots who claim the label antifa? Sure. But there are idiots in literally every subset of the population. Conflating street-level illiberal behavior with an actual authoritarian nationalist movement collapses basic political distinctions however.
What would be strange are hackers that are fascist. Fascism demands surrender to power and obedience, which is antithetical to the hacker sprit. Questioning systems, equalizing power imbalances is the hacker spirit.
Bluetooth Headphone Jacking: A Key to Your Phone [video]
https://news.ycombinator.com/item?id=46453204
Hacking Washing Machines [video]
https://news.ycombinator.com/item?id=46428496
Escaping containment: A security analysis of FreeBSD jails [video]
https://news.ycombinator.com/item?id=46436828
All my Deutschlandtickets gone: Fraud at an industrial scale [video]
https://news.ycombinator.com/item?id=46411930
1 more comments available on Hacker News