Not long after the Christmas turkey leftovers have been polished off, the Chaos Communication Congress (CCC) [1] calls its devotees to Hamburg, Germany. This jaunt at the turn of the year is a mandatory part of the calendar for many a hacker, tinkerer, artist, and activist. The multiple-day educational event from December 27 to 30, 2015, attracted around 12,000 guests – too many, said some, whereas others were delighted to see such a varied cross-section of the community in attendance.

At the Congress

Although made up of a different breed of hackers in the early days, C3 conferences today are a meeting place for people from all walks of life who experiment with technology in various contexts, trying out new techniques and pushing boundaries. The gathering is about experiencing and demanding individual freedom and collaborating with other people. One of these collaborations is the Congress itself, which is a purely community-organized event – much like the Burning Man Festival [2], which has been around for a similar length of time.

The amount of work the organizers commit to the four days of the conference is amazing. The complete work is more than the sum of complex installations on the first floor, such as a working pneumatic dispatch system, or an enormous tree backdrop; it also comprises individual performances, like the one by Darsha Hewitt: In a very entertaining musical performance, she composed music with the help of 20 oscillators in a 20-minute session [3]. Hacking means being creative in your use of technology, which was accomplished both by the numerous works of art that played with the topic of technology and by the 7,000-square meter party arena with its sophisticated design, including a parked RV that recalled the sci-fi parody "Spaceballs."

Security Theater

Of course, classical hackers were also in attendance; however, those who identify technology vulnerabilities are not automatically freedom fighters, as the cliché would suggest. Many hackers earn a living as consultants in security businesses. When they demonstrate at a conference what can happen if an enterprise neglects the security of its products, they are not only showing themselves to advantage, they are doing the general public and the IT industry a favor.

For example, engineer Mathias Dahlheimer pointed out the risks of intelligent power grids. If hackers succeed in manipulating the gateways for smart meters, they could disconnect several consumers from the power grid in one fell swoop. Security expert Vincent Haupert explained why the pushTAN method [4] promoted by some banks is not as secure as they maintain. The problem, he said, is that the customers use the same machine to generate transaction numbers as they use for their online banking business [3].

In some cases, hackers just enjoyed demonstrating their can-do attitude. For example, in a live demonstration of a PlayStation 4 hack [5], Sony's gaming console booted Gentoo Linux, much to the amusement of the attendees. Without the preparatory work by another group of hackers, though, a Sony hack would have been difficult to achieve.

Free and Open

In contrast, most open source and free software hackers do not want to overcome technical obstacles but prefer to develop free software to satisfy genuine requirements, and they too attended CCC in large numbers.

Tools like Netstat and Nmap are not only popular with hackers, but also with network administrators, whether in the context of virtualization, the cloud, or the internet of things. Without free software, the world's data centers would look different. Although large corporations are not represented at CCC, their employees are, because open source has long since become part and parcel of Facebook, Google, and others. The many well-attended hackathons all over the world show that hacking is no longer simply about transcending security barriers.