Communities and People

Here you can find the Communities and People that contributed to the RomHack Camp. Look at Camp github repo to find slides

[ Calendar view | Table view (mobile friendly) ]

8 Bit Inside

8 Bit Inside

8 Bit Inside is a non-profit association founded in 2016 with the following purpose: recover and possibly make/keep working Old Computers, Game Consoles, Computer Music Devices and Telecommunications Equipment with the ultimate aim of spreading their knowledge and making them available to those who want to know and deepen how Information Technology, Gaming, Computer Music and Telecommunications have evolved over time

During the Camp

  • you can find the 8 Bit Inside exhibit near the Hack Space
  • on Saturday, September 24th they will expose
    • Next Cube con Monitor, Mouse e Tastiera, Lettore CD-ROM esterno, Lettore Floppy 2.88 esterno, Stampante Laser, Convertitore A/D
    • Apple // EuroPlus
  • on Sunday, September 25th they will expose
    • Philips 8235 MSX2 con Mouse, Stampante, Registratore e Floppy di MSX Office in Italiano
    • Sinclair ZX Spectrum con Case Trasparente e Tastiera a MicroSwitch

 

[ Facebook ]

Berghem-in-the-Middle

Berghem-in-the-Middle

Berghem-in-the-Middle (BITM) is a non profit association, founded by a group of information security enthusiasts and professionals in north Italy. No Hat has more than 50 members, and its community encompasses more than 400 information security enthusiasts and professionals, in an open and friendly environment fostering technical development and knowledge sharing. Since 2019, BITM hosts No Hat, a recognized conference gathering researchers and specialists from the international InfoSec scene.

During the Camp

  • Into the dragon’s lair: unleash your own beacon on Friday, September 23rd @ 11:00 (Cyber Pompieri)
    by Alessio Dalla Piazza
    Cobalt Strike is a widely known commercial product to manage C2 communications that have drastically risen amongst criminal groups and threat actors. One of its core features allows its agents’ quick creation and deployment. These modules include a wealth of essential functionalities for the attacker, such as command execution, defense evasion, and persistence. However, agents have clear and well-defined memory structure patterns that can be easily detected in different ways by defensive solutions: due to the closed source nature of the whole project, reducing the number of detections is a complex and demanding task. For this reason, we decided to reverse the Cobalt Strike to create a new multi-platform agent capable of reducing the overall number of detections.
  • Evaluating CNC Controllers in Modern Industry 4.0 on Friday, September 23rd @ 16:00 (Hyper SOC)
    by Marco embyte Balduzzi
    Computer numerical control machines represent critical assets for organizations. At the same time, the strong push dictated by the Industry 4.0 led to the introduction of technologies that could be abused by attackers. In this talk, we discuss the risks associated with this development, and present some of the attacks that we conducted on real-world machines. We want to raise awareness in a domain in which security doesn’t seem to be an important driver yet.
  • OSINT for infrastructure and domain analysis on Saturday, September 24th @ 17:00 (Perimetro)
    by Mattia Coffetti
    How to expose infrastructure data behind an IP address/domain name, for Blue teams, pentesting or corporate intelligence
  • you can find Berghem-in-the-Middle in the Communities Area

 

[ Telegram | Twitter ]

Cyber Saiyan

Cyber Saiyan

Cyber Saiyan is a nonprofit organization that spreads security awareness. We organize RomHack Camp and Conference 🙂

During the Camp

  • Camp Opening – on Friday, September 23rd @ 10:00 (Cyber Pompieri)
  • The Camp Badge – on Friday, September 23rd @ 12:00 (Aspira Malware)
  • How we made the Camp – on Saturday, September 24th @ 21:00 (Perimetro)
  • Music Party – on Friday 23rd and Saturday 24th starting @ 22:00
  • Camp Closing – on Sunday, September 25th @ 12:00 (Cyber Pompieri)
  • We sell swags and beer 🍻🍻🍻

ESC

ESC

End Summer Camp is a not-for-profit meeting in the form of an hackercamp organized every year, attracting people interested in hacking, open source and DIY. The event’s contents are in continuous evolution and are all contributed by the community, you can check here.

During the Camp

  • you can find ESC in the Communities Area
  • you can “steal” from our ESC friends their soldering skills

[ telegram | instagram | facebook | twitter ]

Italian Hackers’ Embassy

Italian Hacker Embassy IHE

Italian Hackers’ Embassy (IHE) è il luogo dove le varie comunità di hacker italiani si riuniscono in occasione dei grandi eventi hacker europei (Camp, CCC Congress, Fosdem, etc), secondo un principio di aggregazione spontanea e auto-organizzazione.
La tradizione prosegue ormai dal 2001: iniziata al grido di “ITALIAN GRAPPA!”, diventata oggi un punto di incontro fatto di talk, contenuti, workshop e tanta buona pasta; all’insegna dell’ospitalità e amicizia che da sempre ci contraddistingue e ci ha portato ad essere così apprezzati dai nostri colleghi e amici europei.
Dal 2017 le iniziative di IHE sono affiancate dall’associazione Inclusive hacker framework (IHF) che, promuovendo la diffusione dei principi della Hacker Ethic, ha portato alla organizzazione anche di eventi in Italia quale l’Italian Hacker Camp 2018, oltre contribuire ala partecipazione alle CTF internazionali della comunità hacker mackeroni ed ad essere sempre pronta a mettersi al servizio di chiunque abbia bisogno di know how o asset per realizzare qualcosa compatibile con gli scopi associativi.

During the Camp

  • you can find IHE in the Communities Area

 

[ Telegram | Twitter | Facebook ]

Metro Olografix

Metro Olografix

Metro Olografix crewMetro Olografix telematic cultural association was born in Pescara in 1994 thanks to the commitment of computer enthusiasts, hackers and geeks as a response to the Italian Crackdown. The purpose of the Metro is to decline information technology in a social key with attention to the ethical use of IT tools, privacy, network security and open source. Metro is a virtual community based on the free circulation of information and has many members around the world who are committed to spread the culture of innovation in an ethical way.

During the Camp

  • Nova Voluptas – on Saturday, September 24th @ 18:00 (Perimetro)
    La piattaforma virtuale di intrattenimento sessuale personalizzabile sui delicati temi della privacy, del furto di dati e della sessualità online.
  • Metro Olografix BBS – on Friday, September 23rd @ 21:15 (Perimetro)
    by Stefano “neuro” Chiccarelli
    Riviviamo insieme l’atmosfera di una vera BBS degli anni ’90. Ci collegheremo a metro Olografix BBS, una vera BBS attiva e online dal 1997.
    Navigheremo insieme l’ambiente, raccontando cosa accadeva in quegli anni, cercando di trasmettere lo stupore dei primi collegamenti.
  • you can find Metro Olografix in the Communities Area
    • REFURBISH NINJA
      Progetto di Social Innovation e Circular Economy per superare i limiti dell’obsolescenza programmata dei RAEE verso un futuro migliore attraverso recupero di materiale di post consumo, formazione e creazione di un’opera relazionale.
      Realizzato in collaborazione con Melting Pro e sostenuto dal Comune di Pescara attraverso il fondo periferie della Presidenza del Consiglio dei Ministri (DPCM 25-05-16).
    • NOVA VOLUPTAS
      La piattaforma virtuale di intrattenimento sessuale personalizzabile sui delicati temi della privacy, del furto di dati e della sessualità online. Serious game immersivo prodotto da Isia Pescara Design sviluppato da Mariele Arcidiacono, Agnese Di Chio, Luca Notaro, Roberto Fuiano, Riccardo Ferrari, a cura di Prof.ssa Lucia Zappacosta e Prof. Alessandro Guariento
    • Everything is gonna be alright- or: How I Learned to Stop Worrying and Got a Mæssage
      La versione hackerata di PAC-MAN, Covid-19 edition interagisce col giocatore attraverso un massaggio realizzato da una poltrona vibrante progettata utilizzando materiali elettronici di post-consumo.
      Installazione audiovisiva, tattile e interattiva. Primo Premio Nazionale delle Arti (PNA) 2021 sezione design sviluppata da Samuel Hernandez De Luca in collaborazione con Metro Olografix.
    • ANTICORPI / POST-CYBERPUNK SOUNDSCAPE
      Perfetta colonna sonora di hackeraggi e smanettamenti della Metro Olografix, il progetto space-disco/synthpunk Anticorpi nasce assemblando un romanziere e dj (Giovanni Di Iacovo) con un musicista elettronico e sviluppatore software membro della Metro (Arnaldo Guido) insieme ad Electra, frontgirl virtuale della band.
      Anticorpi unisce musica elettronica veloce, intensa e ballabile con testi colti, coinvolgenti e provocatori, capace di far sudare sia i corpi che i cervelli.

 

[ Facebook | Twitter | YouTube | Wikipedia | website ]

 

openSUSE

openSUSE

The openSUSE project is a worldwide effort that promotes the use of Linux everywhere. openSUSE creates one of the world’s best Linux distributions, as well as a variety of tools, such as OBS, OpenQA, Kiwi, YaST, OSEM, working together in an open, transparent and friendly manner as part of the worldwide Free and Open Source Software community.

During the Camp

  • (opensource == secure)? Yes, if you audit it! on Saturday, September 24th @ 18:00 (Hyper SOC)
    by Paolo Perego
    Tales in the life of a product security engineer making Open Source software more secure one bit at a time. In this session, I will talk about what it means to be a product security engineer and how SUSE security team audits can help the Open Source community in having a better security posture.
    During the talk, I will audit a small package I wrote with some vulnerabilities, create a small exploit and show how to report to the upstream maintainer in a responsible way.
  • you can find openSUSE in the Communities Area

OWASP Italian Chapter

OWASP Italy

The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of their projects, tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

During the Camp

  • The OWASP Italian Chapter will present OWASP and a Web App Challenge on Friday, September 23rd @ 11:00 (Hyper SOC)
  • They will do a workshop on ZAP (OWASP Zed Attack Proxy) on Saturday, September 24th @ 15:00 (Perimetro)

Wireless BattleMesh

Wireless Battlemesh

The Wireless BattleMesh is an event that aims at bringing together people from across the world to test the performance of different routing protocols for wireless ad-hoc networks and talk about related topics. It is a tournament with a social character. If you are a mesh networking enthusiast, community networking activist, or have an interest in mesh networks you might want to check this out!
For 2022, the event will be held in Rome, September 19-22, just before RomHack Camp! More information on www.battlemesh.org

During the Camp

  • you can find Wireless BattleMesh in the Communities Area
  • the battlemeshers will show how to flash routers with OpenWRT, install routing protocol packages and configure them to build a mesh network

[ twitter ]

Zanshin Tech

Zanshin Tech

Lo Zanshin Tech è la prima arte marziale digitale al mondo. Nata in Italia nel 2015, si occupa di difesa dalle aggressioni digitali. Nella sua struttura interna riprende rispettosamente quella che è la struttura e la metodologia tradizionale  delle arti marziali orientali  (non violenza, rispetto dell’altro, serena concentrazione, disciplina) fondendole con conoscenze tecnologiche tratte dal mondo della cyber security.

L’Associazione Zanshin Tech è l’organismo che ha il compito di promuovere la pratica dello Zanshin Tech, favorirne lo sviluppo e supportare le realtà interessate a proporre questa disciplina a livello locale.

During the Camp

  • You can find Zanshin Tech in the Communities Area from Saturday 24th
    • Presidio informazioni
    • LABORATORI @ 11.30/12.30 – 15.30/16.30 – 17.30/18.30 on Saturday, September 24th
      • Laboratori Zanshin Tech di autodifesa digitale (dagli 11 anni in su) [for children]
      • Laboratorio: il bracciale del guerriero digitale
    • PRESIDIO E BRACCIALI from 10.30 to 18.30 on Saturday, September 24th and on Sunday, September 25th
  • Pietre e bastoni possono rompermi le ossa, ma le parole su di uno schermo possono colpirmi solo se e fino a che io glielo permetto – on Sunday, September 25th @ 11:00 (Aspira Malware)
    L’etica delle arti marziali applicate all’autodifesa digitale

[ www ]

Alessandro Farina

Alessandro Farina

Happy Father (10 year experience granted)
Addicted to volunteering in CyberSecurity Awareness, HackInBo Main Staff member, RomHack Main Staff Member, CyberSaiyan.
Information Technology Expert – Senior Project Manager, Working Partner of D.S.A. S.r.l.
Linux and Free software early and happy adopter and developer.
I’ve tried to spread the free software philosophy in every place where I’ve worked, sometimes achieving big successes.
I’m a digital forensics expert, I work with Ministry of Justice Office of Public Prosecutor – Guardia di Finanza – Carabinieri – Polizia di Stato (Italian Law Enforcement Agencies) – Private companies (names covered by NDA)
I give support for IT security, Incident response e Cybercrime to medium to big public and private companies.
I’ve been technical advisor for incident response and Computer Forensics with various Law firms. Law Enforcements assistant for inspections and searches.
Technical advisor for the Office of public prosecutor of Verona, Napoli, Torre Annunziata, Verona and Santa Maria Capua Vetere for IT investigations.

During the Camp:

  • Open Source Digital Forensics – on Friday, September 23rd @ 17:00 (Hyper SOC)
    The rise in technology related crime – from criminal cases, civil disputes, employee misconduct, to acts of terrorism, etc. – has generated an urgent need for a new type of “skills”.
    Digital forensics is a field of great interest for users, developers, CxO, law enforcement agencies, prosecutors, judges, lawyers.
    Whether it is internal incident response in our companies or law enforcement’s investigations, it is very important to know the technical and legal bases of digital forensics.
    Very often digital forensics we see in companies or in the courtrooms is of the “black box” type: hardware or software tools of renowned producers are used without awareness.
    This subverts the principle of scientific investigation, where every instrument and every move that is performed must be well known, fully managed and controlled by the researcher and his peers.
    The talk will present some of the main Linux Live distributions for Digital Forensics, based almost entirely on free software, as well as practical examples of acquiring digital memories with the Guymager software.
    The landscape of open / free software forensic investigation tools (Autopsy, Linux Leo, Photorec, etc.) will also be presented.
  • Open Source Digital Forensics Lab – on Saturday, September 24th @ 17:00 (Perimetro)
    Follow-up of the “Open Source Digital Forensics” talk, hands-on Lab

Gabriel Cirlig

Gabriel Cirlig

Gabriel is a software developer turned rogue, went from developing apps for small businesses to 2M+ DAU Facebook games while keeping an eye for everything shiny and new. For a couple of years he shifted gears and started a career as a security researcher while speaking at various conferences (SAS, AVAR, PHDays) showcasing whatever random stuff he hacked. With a background in electronics engineering and various programming languages, he likes to dismantle and hopefully put back whatever he gets his hands on.

During the Camp

  • One Small step for man, one giant step for researchers – on Friday, September 23rd @ 15:00 (Aspira Malware)
    This will be a simple and short (in the limit of the Camp splot) introduction into Android reverse engineering, taking the student from zero to hero. No previous reversing knowledge is required and all of the tools will be provided in the form of a VM packed with goodies. The course will cover the basics of Android, APK structure, DEX file internals and how this can be exploited in order to decompile and deobfuscate malware. In addition, hands-on exercises will be provided with fresh malware samples where the knowledge can be put to good use in extracting C2s and other interesting information.

 

[ Twitter | LinkedIn ]

Luca Bongiorni

Luca Bongiorni

Luca Bongiorni, has more than 15 years of experience in InfoSec and has been mostly involved into the Offensive side of it. He holds a B.Sc. in Security Networks & Systems and also some certifications (GCFA, GPEN, GRID). He is also actively involved in R&D, where the main fields are: Radio Networks, Hardware Hacking, (Industrial) Internet of Things and Physical Security. He created WHID – We Hack In Disguise – in 2017 with the goal of Prototyping Offensive & Opensource Hardware Implants for conducting HID & Mousejacking Attacks and Bypass AirGapped Environments.

During the camp

  • PhySec Lab Part 1: Lockpicking 101 – on Friday, September 23rd @ 11:00 (Perimetro) and Saturday, September 24th @ 15:00 (Aspira Malware)
    This 2 hours workshop (max 20 people) wants to be an introductory course to the marvelous world of picking locks. After an overview of the most common types of locks and how they operate, the instructor will show you which type of tools are needed to manipulate and open them. In the second part of this training, you will be provided with a lockpicking kit and some practice locks in order to try yourself.

 

 

  • PhySec Lab Part 2: Hacking Physical Access Control Systems – on Friday, September 23rd @ 15:00 (Perimetro) and Saturday, September 24th @ 17:00 (Aspira Malware)
    This 2 hours workshop (max 20 people) is designed to provide the attendees a good grasp on how Physical Access Control Systems work and how they can be defeated. During the course there will be multiple real examples and different offensive techniques will be explained. In the second part, it will be also possible to try exploiting them in live against real targets setup for the occasion.

 

 

OWASP Italian Chapter

OWASP Italy

The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of their projects, tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

During the Camp

  • The OWASP Italian Chapter will present OWASP and a Web App Challenge on Friday, September 23rd @ 11:00 (Hyper SOC)
  • They will do a workshop on ZAP (OWASP Zed Attack Proxy) on Saturday, September 24th @ 15:00 (Perimetro)

Rev3rse Security

Rev3rse Security is an online Italian community devoted to ICT Security: offensive, hardening, red team, blue team and more – https://www.rev3rse.it/

During the Camp

  • on Friday, September 23rd @ 15:00 (Cyber Pompieri) a defense lab (max 30 people) built on a real AWS environment where you will learn howto mitigate 2 real attacks (based on OWASP Automated Threats) to an e-commerce website based on WooCommerce. More information here (in Italian)

 

rev3rse security lab

 

[ Twitter | LinkedIN | Telegram | YouTube ]

Alessandro Farina

Alessandro Farina

Happy Father (10 year experience granted)
Addicted to volunteering in CyberSecurity Awareness, HackInBo Main Staff member, RomHack Main Staff Member, CyberSaiyan.
Information Technology Expert – Senior Project Manager, Working Partner of D.S.A. S.r.l.
Linux and Free software early and happy adopter and developer.
I’ve tried to spread the free software philosophy in every place where I’ve worked, sometimes achieving big successes.
I’m a digital forensics expert, I work with Ministry of Justice Office of Public Prosecutor – Guardia di Finanza – Carabinieri – Polizia di Stato (Italian Law Enforcement Agencies) – Private companies (names covered by NDA)
I give support for IT security, Incident response e Cybercrime to medium to big public and private companies.
I’ve been technical advisor for incident response and Computer Forensics with various Law firms. Law Enforcements assistant for inspections and searches.
Technical advisor for the Office of public prosecutor of Verona, Napoli, Torre Annunziata, Verona and Santa Maria Capua Vetere for IT investigations.

During the Camp:

  • Open Source Digital Forensics – on Friday, September 23rd @ 17:00 (Hyper SOC)
    The rise in technology related crime – from criminal cases, civil disputes, employee misconduct, to acts of terrorism, etc. – has generated an urgent need for a new type of “skills”.
    Digital forensics is a field of great interest for users, developers, CxO, law enforcement agencies, prosecutors, judges, lawyers.
    Whether it is internal incident response in our companies or law enforcement’s investigations, it is very important to know the technical and legal bases of digital forensics.
    Very often digital forensics we see in companies or in the courtrooms is of the “black box” type: hardware or software tools of renowned producers are used without awareness.
    This subverts the principle of scientific investigation, where every instrument and every move that is performed must be well known, fully managed and controlled by the researcher and his peers.
    The talk will present some of the main Linux Live distributions for Digital Forensics, based almost entirely on free software, as well as practical examples of acquiring digital memories with the Guymager software.
    The landscape of open / free software forensic investigation tools (Autopsy, Linux Leo, Photorec, etc.) will also be presented.
  • Open Source Digital Forensics Lab – on Saturday, September 24th @ 17:00 (Perimetro)
    Follow-up of the “Open Source Digital Forensics” talk, hands-on Lab

Berghem-in-the-Middle

Berghem-in-the-Middle

Berghem-in-the-Middle (BITM) is a non profit association, founded by a group of information security enthusiasts and professionals in north Italy. No Hat has more than 50 members, and its community encompasses more than 400 information security enthusiasts and professionals, in an open and friendly environment fostering technical development and knowledge sharing. Since 2019, BITM hosts No Hat, a recognized conference gathering researchers and specialists from the international InfoSec scene.

During the Camp

  • Into the dragon’s lair: unleash your own beacon on Friday, September 23rd @ 11:00 (Cyber Pompieri)
    by Alessio Dalla Piazza
    Cobalt Strike is a widely known commercial product to manage C2 communications that have drastically risen amongst criminal groups and threat actors. One of its core features allows its agents’ quick creation and deployment. These modules include a wealth of essential functionalities for the attacker, such as command execution, defense evasion, and persistence. However, agents have clear and well-defined memory structure patterns that can be easily detected in different ways by defensive solutions: due to the closed source nature of the whole project, reducing the number of detections is a complex and demanding task. For this reason, we decided to reverse the Cobalt Strike to create a new multi-platform agent capable of reducing the overall number of detections.
  • Evaluating CNC Controllers in Modern Industry 4.0 on Friday, September 23rd @ 16:00 (Hyper SOC)
    by Marco embyte Balduzzi
    Computer numerical control machines represent critical assets for organizations. At the same time, the strong push dictated by the Industry 4.0 led to the introduction of technologies that could be abused by attackers. In this talk, we discuss the risks associated with this development, and present some of the attacks that we conducted on real-world machines. We want to raise awareness in a domain in which security doesn’t seem to be an important driver yet.
  • OSINT for infrastructure and domain analysis on Saturday, September 24th @ 17:00 (Perimetro)
    by Mattia Coffetti
    How to expose infrastructure data behind an IP address/domain name, for Blue teams, pentesting or corporate intelligence
  • you can find Berghem-in-the-Middle in the Communities Area

 

[ Telegram | Twitter ]

Cyber Saiyan

Cyber Saiyan

Cyber Saiyan is a nonprofit organization that spreads security awareness. We organize RomHack Camp and Conference 🙂

During the Camp

  • Camp Opening – on Friday, September 23rd @ 10:00 (Cyber Pompieri)
  • The Camp Badge – on Friday, September 23rd @ 12:00 (Aspira Malware)
  • How we made the Camp – on Saturday, September 24th @ 21:00 (Perimetro)
  • Music Party – on Friday 23rd and Saturday 24th starting @ 22:00
  • Camp Closing – on Sunday, September 25th @ 12:00 (Cyber Pompieri)
  • We sell swags and beer 🍻🍻🍻

Guerre di Rete

Guerre di Rete community

Guerre di Rete is an Italian nonprofit association that publishes a weekly infosec newsletter, focusing on the intersection of cyber, human rights, surveillance, privacy.

In 2022, in a joint effort with Cyber Saiyan, maintans the cybersecurity news website guerredirete.it, which aims to publish extensive treatments on cybersecurity topics and their social aspects.

During the Camp

  • discussion panel on “Jobs in Cyber Security” on Saturday, September 24th @ 21:00 (Cyber Pompieri)
  • discussion panel with journalists that contributed to Guerre di Rete project on Sunday, September 25th @ 10:30 (Cyber Pompieri)

 

[ Twitter | LinkedIN | Facebook | Instagram ]

Reando “H4t4way” Veshi

Reando “H4t4way” Vesci

My name is Reando, but you can call me H4t4way. I am a penetration tester and occasional bug hunter. As a lover of WebSec, I always like to find something wrong and fix it !!!! 🙂 I have been passionate about computer science since childhood and have been in the security world for five and a half years. I started studying IT many years ago in school and university where I learned JAVA and C and during my working career PHP, Python, Javascript. I’m founder of Pentesting Made Simple an Italian community where we speak about Pentesting, Bug Bounty and Ethical Hacking in general.

During the Camp

  • Smart Contracts and Security Pitfalls – on Friday, September 23rd @ 21:00 (Cyber Pompieri)
    This talk aims at explaining some of the most common vulnerabilities that are specific to the application level of Blockchain technology by analyzing concrete exploitation case scenarios of these security vulnerabilities. We will also review some of the available tools and applications that detect these vulnerabilities in terms of their approach and effectiveness.

Spontaneous Content

During the Camp:

  • Federazione Hacker. Prossima frontiera? – on Friday, September 23rd @ 18:30 (Hyper SOC)
    Giornale di bordo, data stellare 2200271: durante i viaggi dell’astronave Hackerprise, nella missione diretta all’esplorazione di strani mondi, alla scoperta di nuove forme di vita e di civiltà, continuiamo a cercare poliedriche forme di vita con cui stabilire saldi legami diplomatici. Più lontano andiamo più dobbiamo tendere ad arrivare là dove nessun hacker è mai giunto prima.
    Dibattito aperto e proposto da Lucia Kundera Zappacosta (Metro Olografix), Andrea Ubi Urbani (IHF), Mario Anglani (HackInBo) e Cyber Saiyan

Tracking Exposed

Tracking Exposed

Tracking Exposed is a European non-profit organization defending digital rights through algorithmic investigations. Since 2016 Tracking Exposed has been pioneering new methodologies to scrutinize the most influential recommender systems, such as those of YouTube, Facebook, Amazon, PornHub and TikTok. The code is released as free software, enabling anyone to use, extend or review it.
Tracking Exposed’s infrastructure and methodologies have been validated in several peer-reviewed publications, and the works of the team have received coverage in major media outlets. Some of its reports have been cited in a United Nations report, a house testimony and a US Congress official letter to YouTube’s CEO.

During the Camp

  • Personalisation algorithms, their influence and how to analyse them from the outside on Friday, September 23rd @ 12:00 (Cyber Pompieri)
    by Claudio vecna Agosti
    One of the most invisible powers of surveillance capitalism is the ability to study people’s behaviour, detect weaknesses, and propose content to maximise attention capture.
    These mechanisms are personalisation algorithms; an Italian-born group, Tracking Exposed, has been developing tools and methodologies to study them for the past six years.
    Sometimes you have to do scraping in the browser and then on a dedicated server, sometimes you have to create botnets and train profiles. Depending on the AI you are analysing, you have to use different methods. The victory lies in bringing out the divergence between two profiles, quickly and reproducibly.
    Tracking Exposed has tried, as far as possible, to reverse engineer the algorithms of Facebook, Youtube, Amazon, Pornhub, Tiktok. This talk will recount everything we have discovered, with particular emphasis on the fourth platform among those mentioned.
    The technological complexities, the obstacles that corporations put in place to stay more opaque, and what legal and technological tools we have at our disposal to defend the self-determination of the connected citizenry.
  • Unveiling how porn platforms abuse personal data with Tracking Exposed and GDPR on Saturday, September 24th @ 18:00 (Perimetro)
    by Giulia Corona and Alessandro Polidoro
    Online pornography represents, according to many, one of the most widespread phenomenon of the whole internet. This industry alone generates billions of dollars in annual revenue, involving an ever growing number of people and occupying a very significant portion of the overall available bandwidth of the web. Given these premises, it comes with no surprise that porn-platforms have found an extremely profitable business in processing personal data of their users, often in ways yet to be fully disclosed and shared with the general public. However, the online pornography sector remains one of the most unregulated fields of the digital world even if it affects the sexual life of so many people everyday. This raises the question whether or not those in control of these incredibly powerful tools are still capable of acting responsibly without creating any harm.
    The non-profit organization Tracking Exposed, who fosters digital rights and algorithm accountability, have developed a set of free-software tools with the intent of bringing light into the underlying mechanisms of one of the major porn-platforms existing nowadays, deconstructing its recommender system. Thanks to these tools we have achieved an unprecedented point of view over biases and data processing malpractices that may affect these websites, collecting precious evidence that have proven useful for carrying out academic research and even digital forensics investigations. Our goal is to empower users and help them reclaim their rights recognized by the GDPR and even more. During this panel we will present our tools, Potrex and Guardoni, and the research we have conducted regarding the abuses spotted on a porn-platform whose algorithms seem to be operating in a seriously biased way. We will then explore signs of possible data protection law violations and together elaborate strategies and methodologies for the upcoming analysis of these platforms.

Claudio Agosti, also known as vecna since well before Stranger Things 4, is a digital rights activist, programmer and computer security expert. He started with hacking in the past millennia, but the security aspects he is most passionate about become those of individuals and communities, so passion and work converge in a technopolitical resistance action that sees Surveillance Capitalism as its main opponent. In 2016 he founded Tracking Exposed, a project to explain the power of algorithms and take back control of them.

Alessandro Polidoro is an attorney-at-law and the legal lead of Tracking Exposed, experienced in digital forensics and data protection law. Working closely with many hacktivist and civil society groups, Alessandro has always been passionate in advocating for digital rights

Giulia Corona is a communication designer and data analyst. She has been working on a Tracking Exposed’s investigation on porn platforms since its beginning, both with data analysis and technical writing. She is also interested in the role of UX and UI in influencing users’ decision making processes.

Zanshin Tech

Zanshin Tech

Lo Zanshin Tech è la prima arte marziale digitale al mondo. Nata in Italia nel 2015, si occupa di difesa dalle aggressioni digitali. Nella sua struttura interna riprende rispettosamente quella che è la struttura e la metodologia tradizionale  delle arti marziali orientali  (non violenza, rispetto dell’altro, serena concentrazione, disciplina) fondendole con conoscenze tecnologiche tratte dal mondo della cyber security.

L’Associazione Zanshin Tech è l’organismo che ha il compito di promuovere la pratica dello Zanshin Tech, favorirne lo sviluppo e supportare le realtà interessate a proporre questa disciplina a livello locale.

During the Camp

  • You can find Zanshin Tech in the Communities Area from Saturday 24th
    • Presidio informazioni
    • LABORATORI @ 11.30/12.30 – 15.30/16.30 – 17.30/18.30 on Saturday, September 24th
      • Laboratori Zanshin Tech di autodifesa digitale (dagli 11 anni in su) [for children]
      • Laboratorio: il bracciale del guerriero digitale
    • PRESIDIO E BRACCIALI from 10.30 to 18.30 on Saturday, September 24th and on Sunday, September 25th
  • Pietre e bastoni possono rompermi le ossa, ma le parole su di uno schermo possono colpirmi solo se e fino a che io glielo permetto – on Sunday, September 25th @ 11:00 (Aspira Malware)
    L’etica delle arti marziali applicate all’autodifesa digitale

[ www ]

Donne 4.0

Donne4.0

Donne 4.0 is a nonprofit association that supports, with real projects and activities, the empowerment of women in the digital world, thus increasing the full participation of women in the technology area, with the goal to close the gender gap in the IT sector.

During the Camp

  • On Saturday, September 24th @ 14:00 (Hyper SOC), during the RomHack Conference, Donne 4.0 will host a coding event for kids and teens. The event is for all kids from 8 to 15 year old, even without any previous coding experience. Kids and teens will be divided in groups according to their age and knowledge (if any) and will be guided in the development of a nice game in Scratch, a free visual coding language from MIT Media Lab.
    The event will start at 14:00 right after the conference lunch break and will finish around 17:00.

 

[ Facebook | Twitter | Instagram | LinkedIn | YouTube ]

Zanshin Tech

Zanshin Tech

Lo Zanshin Tech è la prima arte marziale digitale al mondo. Nata in Italia nel 2015, si occupa di difesa dalle aggressioni digitali. Nella sua struttura interna riprende rispettosamente quella che è la struttura e la metodologia tradizionale  delle arti marziali orientali  (non violenza, rispetto dell’altro, serena concentrazione, disciplina) fondendole con conoscenze tecnologiche tratte dal mondo della cyber security.

L’Associazione Zanshin Tech è l’organismo che ha il compito di promuovere la pratica dello Zanshin Tech, favorirne lo sviluppo e supportare le realtà interessate a proporre questa disciplina a livello locale.

During the Camp

  • You can find Zanshin Tech in the Communities Area from Saturday 24th
    • Presidio informazioni
    • LABORATORI @ 11.30/12.30 – 15.30/16.30 – 17.30/18.30 on Saturday, September 24th
      • Laboratori Zanshin Tech di autodifesa digitale (dagli 11 anni in su) [for children]
      • Laboratorio: il bracciale del guerriero digitale
    • PRESIDIO E BRACCIALI from 10.30 to 18.30 on Saturday, September 24th and on Sunday, September 25th
  • Pietre e bastoni possono rompermi le ossa, ma le parole su di uno schermo possono colpirmi solo se e fino a che io glielo permetto – on Sunday, September 25th @ 11:00 (Aspira Malware)
    L’etica delle arti marziali applicate all’autodifesa digitale

[ www ]

RomHack Camp 2022 Map