Somehow it did not get much attention, but Signal president Meredith Whittaker (together with Udbhav Tiwari) spoke about the risks and threats from AI-enabled systems.

AI Agent, AI Spy

https://media.ccc.de/v/39c3-ai-agent-ai-spy

I also found the talk about Asahi interesting, both from a technical standpoint but also as a nice update what the current status is.

Asahi Linux - Porting Linux to Apple Silicon

https://media.ccc.de/v/39c3-asahi-linux-porting-linux-to-app...

Finally, not recorded, but workshops like

Foundation workshop: Hands-on, how does the Internet work?

by Ingo Blechschmidt, is congress at its best. Getting a diverse set of people with various backgrounds and knowledge levels to ARP spoof in a little over an hour is art.

https://events.ccc.de/congress/2025/hub/event/detail/foundat...

I also enjoyed the GPG talk. Other highlights:

Not an Impasse: Child Safety, Privacy, and Healing Together: https://media.ccc.de/v/39c3-not-an-impasse-child-safety-priv...

APT Down and the mystery of the burning data centers: https://media.ccc.de/v/39c3-apt-down-and-the-mystery-of-the-...

Bluetooth Headphone Jacking: A Key to Your Phone: https://media.ccc.de/v/39c3-bluetooth-headphone-jacking-a-ke...

Absolutely Cory Doctorow's, for the showmanship alone. Lovely background slides. The message itself might not resonate with everyone.

The talk "Look Up" about unencrypted data over DVB satellite links was also though provoking, both in presentation and in technical content. If there's that much data unencrypted over a mainstream IP link, imagine how much is still on legacy protocols in 2025.

order by personal rank:

Sandstorm JP-8000 sawtooth DSP reversing https://www.youtube.com/watch?v=XM_q5T7wTpQ

Washing machines hacking https://www.youtube.com/watch?v=Q1S-PVo3GlA

AMD (ps5 sorta) security: https://www.youtube.com/watch?v=cVJZYT8kYsI

cool demo for the BT headphones talk: https://www.youtube.com/watch?v=TK5Tz4Bt94Y

precise time syncing with PTP: https://www.youtube.com/watch?v=dOt-zRIG5co

x86 > arm with intermediate: https://www.youtube.com/watch?v=3yDXyW1WERg

"Liberation of the Freebox", A slightly crazy Frenchman embarks on a quest to find exploit and write a complex exploit chain, using PrDoom and the Linux HFS+ driver to gain root privileges on his set-top box. All this in order to unlock the recording of somewhat rubbish TV channels such as TF1 and M6.

And he waited almost ten years and the retirement of the hardware to reveal it because he didn't want it to be patched.

If you are into hardware emulation "From silicon to Darude sand-storm" is fun.

the https://media.ccc.de/v/39c3-from-silicon-to-darude-sand-stor...

Just for sheer geekery's sake probably the ISDN talk.

For OMG eye opening factor the FreeBSD jails talk (how the hell is this thing still so buggy?) and the talk on unencrypted satellite links

For excellent follow-along value and dedication to ridiculously pointless cause the Freebox talk. "Technically I don't own this box so instead of risking damaging it I'm going to take the extremely long and entertaining route around, somehow involving Doom WAD files"

For showmanship probably the Tegra talk

The biggest problem with ccc is that: 0. They are releasing too few tickets. 1. They are releasing the tickets too late. 3. Still not able to pay with card?

I live somewhat nearby, but can’t book or plan a visit because of this. I appreciate that they are releasing videos shortly afterwards though.

https://media.ccc.de/v/39c3-css-clicker-training-making-game... The CSS clicker talk was really entertaining as well as just technological amazing!

The Last of Us - Fighting the EU Surveillance Law Apocalypse

https://media.ccc.de/v/39c3-the-last-of-us-fighting-the-eu-s...

Demystifying Fuzzer Behaviour

https://m.youtube.com/watch?v=h3UcecN5fvQ

I think the blue team ctf ai talk was a good benchmark were we at right now https://media.ccc.de/v/39c3-breaking-bots-cheating-at-blue-t...

The one on the bluetooth headphone vulnerabilities was quite fun: https://media.ccc.de/v/39c3-bluetooth-headphone-jacking-a-ke...

That in-house electronics one is gold.

The one on bsd jails https://media.ccc.de/v/39c3-escaping-containment-a-security-...

The one on whatsapp bugs https://media.ccc.de/v/39c3-dngerouslink-a-deep-dive-into-wh...

His talk last year was clearly one of the most interesting and thought provoking presentations from the last CCC. It is sad that he and his talk is caught up in this.

>Last year, Bach presented at 38C3, where he reduced the human mind to software, fetishized the mismeasure of human intelligence by IQ, and called for the effective dehumanization of humanity (quote: "we anthropomorphize people way too much")

It seems the event you mentioned was not really about an open discussion of his ideas, but took a clearly negative stance even in the abstract...

Well that discussion talk is not an open discourse about the situation...

He quoted what he believed was scientific evidence in a private conversation that became public, has comments on fashism being efficient are clearly anti-facist and believed to observe a gender stereotype. No matter if the facts were true, it should be possible to discuss such things (especially those you think are facts) in private without getting canceled. Even if they would play in to the hand of racism or sexism if made as public statements.

I found his appology a bit weak, but I also don't see his offense, despite the messages in public being offensive and possibly harmful.

Assembly events like [2] are not recorded because they are largely self-organized and barely moderated (if at all).

Urgh wtf...

This meta discussion synopsis "Tech-Transcendentalism as Hypermodern Myth and Neofeudal Ideology [all creatures welcome]" feels like reading a rabit hole of a mountain.

I would have loved another talk from Joscha, the critisism is weirdly ignorant.

To add some context and to spare readers who, like me, know nothing about Joscha Bach and only little about Epstein from having to go through all the linked material:

The allegations do not appear to involve abuse or moral complicity with Epstein. Instead, they seem to focus on emails Bach exchanged with Epstein concerning IQ, race, and possibly sex. Bach denies these allegations of racism and sexism.

That is at least how I understand the material based on the provided links.

"All of the people I know who were friends with this sociopathic child-trafficking pedophile told me he was reformed now" is certainly something to put out there.

Transcript of the speech on his blog: https://pluralistic.net/2026/01/01/39c3/#the-new-coalition

An excerpt:

> I assume you've spotted the pattern by now: the US trade representative has forced every one of its trading partners to adopt anticircumvention law, to facilitate the extraction of their own people's data and money by American firms. But of course, that only raises a further question: Why would every other country in the world agree to let America steal its own people's money and data, and block its domestic tech sector from making interoperable products that would prevent this theft?

> Here's an anecdote that unravels this riddle: many years ago, in the years before Viktor Orban rose to power, I used to guest-lecture at a summer PhD program in political science at Budapest's Central European University. And one summer, after I'd lectured to my students about anticircumvention law, one of them approached me.

> They had been the information minister of a Central American nation during the CAFTA negotiations, and one day, they'd received a phone-call from their trade negotiator, calling from the CAFTA bargaining table. The negotiator said, "You know how you told me not to give the Americans anticircumvention under any circumstances? Well, they're saying that they won't take our coffee unless we give them anticircumvention. And I'm sorry, but we just can't lose the US coffee market. Our economy would collapse. So we're going to give them anticircumvention. I'm really sorry."

> That's it. That's why every government in the world allowed US Big Tech companies to declare open season on their people's private data and ready cash.

> The alternative was tariffs. Well, I don't know if you've heard, but we've got tariffs now!

> I mean, if someone threatens to burn your house down unless you follow their orders, and then they burn your house down anyway, you don't have to keep following their orders. So…Happy Liberation Day?

I shared this link on my personal FB page couple of times and it was automatically removed within seconds.

Precisely the first video I started downloading and I didn't even realize it was from Cory.

It carries even more weight now that "post-American" is coming from...an American. This guy stands for his ideals, I envy such resolve.

The icon is supposed to represent one of those waving cat figurines: https://en.wikipedia.org/wiki/Maneki-neko

It has some long tradition placing those visibly on the podium. As the story goes, the idea is that you can immediately see if the video stream freezes up (because the cat in the video suddenly stops waving). You wouldn't immediately catch that in between talks (when you have some time to fix the issue) if the camera was just pointed at an empty stage with no movement. I think at 30C3 or so, I saw one that was placed so that it would repeatedly knock on the microphone as well.

Anyway, the waving cat has become a bit of a meme by itself and mascot of the VOC, hence also the (animated) icon in video player.

It is a Maneki-neko (beckoning cat / Winkekatze). The video team started putting them on podiums so they could see when a stream was frozen. So it became kind of a mascot.