The Chaos Computer Club (CCC) is Europe’s largest association of hackers. The CCC is based in Germany and other German-speaking countries.
The CCC describes itself as “a galactic community of life forms, independent of age, sex, race or societal orientation, which strives across borders for freedom of information….” In general, the CCC advocates more transparency in government, freedom of information, and the human right to communication. Supporting the principles of the hacker ethic, the club also fights for free universal access to computers and technological infrastructure.
The CCC was founded in Berlin on September 12, 1981 at a table which had previously belonged to the Kommune 1 in the rooms of the newspaper Die Tageszeitung by Wau Holland and others in anticipation of the prominent role that information technology would play in the way people live and communicate.
The CCC became world famous when they drew public attention to the security flaws of the German Bildschirmtext computer network by causing it to debit DM 134,000 in a Hamburg bank in favor of the club. The money was returned the next day in front of the press. Prior to the incident, the system provider had failed to react to proof of the security flaw provided by the CCC, claiming to the public that their system was safe. Bildschirmtext was the biggest commercially available online system targeted at the general public in its region at that time, run and heavily advertised by the German telecommunications agency Deutsche Bundespost which also strove to keep up-to-date alternatives out of the market.
In 1989, the CCC was peripherally involved in the first cyberespionage case to make international headlines. A group of German hackers led by Karl Koch, who was loosely affiliated with the CCC, was arrested for breaking into US government and corporate computers and selling operating-system source code to the Soviet KGB.
Several of the CCC’s early exploits are documented in a paper, written by Digital Equipment Corporation‘s lead European Investigator of the CCC’s activities in the 1980s and 1990s. These include the CCC protests against French nuclear tests and members of the CCC involved with the German Green Party.
The CCC is more widely known for its public demonstrations of security risks. In 1996, CCC members demonstrated an attack against Microsoft’s ActiveX technology, changing personal data in a Quicken database. In April 1998, the CCC successfully demonstrated the cloning of a GSM customer card, breaking the COMP128 encryption algorithm used at that time by many GSM SIMs.
In 2001, the CCC celebrated its twentieth birthday with an interactive light installation dubbed Project Blinkenlights that turned the building Haus des Lehrers in Berlin into a giant computer screen. A follow up installation (dubbed “Arcade”) at the Bibliothèque nationale de France was the world’s biggest light installation.
In March 2008, the CCC acquired and published the fingerprints of German Minister of the Interior Wolfgang Schäuble. The magazine also included the fingerprint on a film that readers could use to fool fingerprint readers. This was done to protest the use of biometric data in German identity devices such as e-passports.
Later in October 2008, CCC’s Project Blinkenlights went to Toronto, Canada with project Stereoscope.
The Staatstrojaner (Federal Trojan horse) is a computer surveillance program installed secretly on a suspect’s computer, which the German police uses to wiretap Internet telephony. This “source wiretapping” is the only feasible way to wiretap in this case, since Internet telephony programs will usually encrypt the data when it leaves the computer. The Federal Constitutional Court of Germany has ruled that the police may only use such programs for telephony wiretapping, and for no other purpose, and that this restriction should be enforced through technical and legal means.
On October 8, 2011, the CCC published an analysis of the Staatstrojaner software. The software was found to have the ability to remote control the target computer, to capture screenshots, and to fetch and run arbitrary extra code. The CCC says that having this functionality built in is in direct contradiction to the ruling of the constitutional court.
In addition, there were a number of security problems with the implementation. The software was controllable over the Internet, but the commands were sent completely unencrypted, with no checks for authentication or integrity. This leaves any computer under surveillance using this software vulnerable to attack. The captured screenshots and audio files were encrypted, but so incompetently that the encryption was ineffective. All captured data was sent over a proxy server in the United States, which is problematic since the data is then temporarily outside the German jurisdiction.
The CCC’s findings were widely reported in the German press.
- The CCC hosts the annual Chaos Communication Congress, Europe’s biggest hacker congress. Every four years, the Chaos Communication Camp is the outdoor alternative for hackers worldwide.
- The CCC started a new yearly conference called SIGINT in May 2009 in Cologne, Germany.
- Another yearly CCC event taking place on the Easter weekend is the Easterhegg, which is more workshop oriented than the other events.
- Members of the CCC also participate in various technological and political conferences around the planet.
The CCC publishes the quarterly magazine Datenschleuder (data catapult) since 1984, and the CCC in Berlin also produces a monthly radio show called Chaosradio (de) which picks up various technical and political topics in a two-hour talk radio show. The program is aired on a local radio station named Fritz (de). There is also a podcast spin-off named Chaosradio Express, an international podcast called Chaosradio International (which as of 2012 has been inactive for several years), and other radio programs offered by some regional Chaos Groups.
Famous members are co-founder Wau Holland and Andy Müller-Maguhn, who was a member of the ICANN board of directors for Europe until 2002, and Karl Koch, who was a Cold War-era hacker featured in the movie 23. Former WikiLeaks spokesman Daniel Domscheit-Berg was expelled from CCC in August 2011, during its quadrennial camp. This decision was revoked on February 2012.
Chaos Computer Club France
The Chaos Computer Club France (CCCF) was a fake hacker organization created in 1989 in Lyon (France) by Jean-Bernard Condat, under the command of Jean-Luc Delacour, an agent of the Direction de la surveillance du territoire governmental agency. The primary goal of the CCCF was to watch and to gather information about the French hacker community. Journalist Jean Guisnel said that this organization also worked with the French National Gendarmerie.
The name of the organization is directly inspired by the name of the German Chaos Computer Club organization, which in contrast is a real hacker organization.
The CCCF had an electronic magazine called Chaos Digest (ChaosD). Between January 4, 1993 and August 5, 1993, seventy-three issues were published (ISSN 1244-4901).