A Pavia: luci su Gaza
@Giornalismo e disordine informativo
articolo21.org/2025/10/a-pavia…
Con piccole torce in mano, candele, telefonini si è fatta luce ieri sera a Pavia, davanti al Policlinico San Matteo, presenti molti sanitari dell’ospedale pavese e altri cittadini interessati. Una commemorazione semplice e in larga parte spontanea durante la quale è stato letto un centinaio di nomi di medici,
SteBoc reshared this.
This Week in Security: CVSS 0, Chwoot, and Not in the Threat Model
This week a reader sent me a story about a CVE in Notepad++, and something isn’t quite right. The story is a DLL hijack, a technique where a legitimate program’s Dynamic Link Library (DLL) is replaced with a malicious DLL. This can be used for very stealthy persistence as well as escalation of privilege. This one was assigned CVE-2025-56383, and given a CVSS score of 8.4.
The problem? Notepad++ doesn’t run as a privileged user, and the install defaults to the right permissions for the folder where the “vulnerable” DLL is installed. Or as pointed out in a GitHub issue on the Proof of Concept (PoC) code, why not just hijack the notepad++ executable?
This is key when evaluating a vulnerability write-up. What exactly is the write-up claiming? And what security boundary is actually being broken? The Common Weakness Enumeration (CWE) list can be useful here. This vulnerability is classified as CWE-427, an uncontrolled search path element — which isn’t actually what the vulnerability claims, and that’s another clue that something is amiss here. In reality this “vulnerability” applies to every application that uses a DLL: a CVSS 0.
Smish Boxes
There’s a trend to replace land lines with cellular modems. While wearing my phone tech hat, I’ve even installed a few cellular routers in hotel telecom closets. It turns out there’s a potential problem with that particular arrangement. Hotels and other commercial installations often assign a public IP address to each piece of equipment, and as a result it’s not uncommon for that equipment to be directly exposed to the Internet. And what happens when cellular routers are exposed to the Internet, sometimes with vulnerabilities or even default credentials? Naturally, scammers use them to send spammy SMS messages.
The scale of the problem is surprising. After researchers at Sekoia discovered the problem, they discovered 18,000 of these devices accessible on the Internet. It seems like this campaign may be responsible for the majority of the SMS spam being sent in modern smishing campaigns. It also appears that there may be an unknown 0-day being exploited in the campaign.
VMWare
VMware just fixed CVE-2025-41244, a local privilege escalation vulnerability that has been in use in the wild since at least October of last year. This vulnerability is in the service discovery feature of VMware Aria. The idea is that the installed VMware Tools can discover running services and probe for version numbers.
On a Linux guest, this probe works by listing the currently running processes, and if the a process matches one of the regular expressions, that process is run with the -v flag. As root. Yes, this vulnerability that was being actively exploited in the wild by a Chinese threat actor for over a year, was as simple as an over-matching regex and carelessly running binaries as root. The trick favored by the attackers was to place a malicious binary at /tmp/httpd, run it as a regular user, and just wait for the VMware tooling to come along and run it as root.
Sudo Chwoot
The maintainers behind sudo fixed a pair of vulnerabilities back in June that allowed a local attacker to escalate privileges. The most interesting of the two abuses is in the handling of the chroot option, resulting in an attack [Rich Mirch] refers to as “chwoot”.
The actual weakness is that sudo would use the chroot() system call while setting up the chroot environment, prior to dropping privileges. In this state, sudo performs Name Service Switch calls as root, which results in looking for /etc/nsswitch.conf inside the chroot directory. This config file can trigger a shared library load, and since it’s happening in the context of a chroot, that library is also first loaded from the chroot directory if it exists there, resulting in a handy escalation to root.
This behavior is enabled for all users by default, resulting in a serious vulnerability on many Linux machines. It was fixed and disclosed back in June, but has now been added to the CISA list of known exploited vulnerabilities.
Not in the Threat Model
Intel and AMD both have trusted computing solutions for encrypted VMs, that among other things, encrypt the bits in memory so even a compromised kernel can’t extract data from the running VM. The approaches from both companies are similar, using symmetric encryption with the memory location as part of the encryption Initialization Vector (IV). This means that while the same key is in use, a plaintext value in a given memory location will always be represented by the same encrypted value. Two pieces of research came out this week suggesting that this codebook-like behavior has security ramifications.
Before we dive into the rest of the details, it’s worth pointing out that asymmetric encryption is likely not a viable option for VM memory encryption, due to the processing latency overhead. The exploit here is to physically connect to the memory sticks inside a target computer, and record the encrypted bits. In some cases, an attacker can later run a malicious VM on the same hardware, and use the physical hack to replay the captured bits, allowing easy decryption. Another option is to replay the VM attestation report, falsely claiming that the virtual machine is still fully protected.
What’s initially surprising is that both Intel and AMD have maintained that their SGX and SEV-SNP systems are not intended to protect against physical access. But seeing what is possible with physical modification to system memory, it’s no longer a surprising line to draw. The other interesting note is that so far these attacks are limited to DDR4, as DDR5 memory has a higher data rate, making the entire operation even more difficult.
Bit and Bytes
Red Hat has confirmed that one of its GitLab instances was compromised by Crimson Collective, leading to the exfiltration of over 500 GB of data. This seems to include customer data related to consulting contracts.
RCE Security dug into a product called TRUfusion Enterprise, a data transfer solution that is marketed as undergoing regular audits. It came as a surprise that they found four vulnerabilities that could be called low-hanging fruit. The takeaway: not all audits are created equal, and there’s no guarantee that this style of code review will catch every bug.
Our last two links are both about memory management. The first is from Cybervelia, looking at how to find uninitialized memory access with just a program binary and no source code. Binary Ninja is the tool that really shines here, but it’s certainly not an easy task.
The other is the latest from Google’s Project Zero, taking a look at some non-obvious ways to defeat Address Layout Randomization using careful analysis of hash tables. Very in-depth work, and on-brand for Project Zero. Enjoy!
100 ricercatori di bug, 32 milioni di dollari! HackerOne: I bug sulle AI stanno aumentando!
La piattaforma di ricompensa per le vulnerabilità HackerOne ha riferito che gli hacker white hat di tutto il mondo hanno ricevuto 81 milioni di dollari di risarcimenti negli ultimi 12 mesi. Secondo l’azienda, si tratta di un aumento del 13% rispetto all’anno precedente.
Oggi, HackerOne gestisce oltre 1.950 programmi di bug bounty e fornisce servizi di divulgazione delle vulnerabilità, penetration test e auditing della sicurezza del codice. Tra i suoi clienti figurano Anthropic, Crypto.com, General Motors, GitHub, Goldman Sachs, Uber e agenzie governative, tra cui il Dipartimento della Difesa degli Stati Uniti.
In media, i programmi attivi pagano ai ricercatori circa 42.000 dollari all’anno. I primi 100 programmi sulla piattaforma hanno erogato da soli un totale di 51 milioni di dollari tra luglio 2024 e giugno 2025. I primi dieci programmi hanno erogato 21,6 milioni di dollari del totale.
Anche i ricercatori stanno assistendo a una crescita dei guadagni: i primi 100 cacciatori di bug guadagnano complessivamente 31,8 milioni di dollari. Sempre più specialisti raggiungono stipendi annui a sei cifre.
HackerOne sottolinea che il forte aumento dei risarcimenti è dovuto al rapido sviluppo di vulnerabilità legate all’intelligenza artificiale. Nell’ultimo anno, il numero di tali segnalazioni è cresciuto di oltre il 200%, mentre i casi di “injection prompt” sono aumentati del 540%, rendendoli la classe di minaccia in più rapida crescita nel settore dell’intelligenza artificiale.
Allo stesso tempo, si registra un calo nelle categorie classiche: XSS e SQL injection stanno diventando meno comuni. Tuttavia, gli errori di autorizzazione, tra cui il controllo di accesso errato e l’IDOR (riferimento diretto a oggetti non sicuri), stanno mostrando un aumento significativo.
Secondo il rapporto, nel 2025 HackerOne ha contato 1.121 programmi che includevano tecnologie di intelligenza artificiale nelle proprie ricerche. Si tratta di un aumento del 270% rispetto all’anno precedente. Inoltre, sono state convalidate oltre 560 segnalazioni inviate da agenti di intelligenza artificiale autonomi.
L’azienda sottolinea che l’uso di strumenti di intelligenza artificiale sta diventando parte integrante dei flussi di lavoro dei ricercatori. Dei 1.820 specialisti intervistati, il 70% ha ammesso di utilizzare tali soluzioni per migliorare l’efficienza del rilevamento delle vulnerabilità.
“Le vulnerabilità dell’intelligenza artificiale sono aumentate di oltre il 200% su base annua e le iniziative aziendali di mitigazione stanno crescendo tre volte più velocemente rispetto allo scorso anno”, ha affermato Kara Sprague, CEO di HackerOne.
Secondo lei, una nuova generazione di cosiddetti “hacker bionici”, che utilizzano l’intelligenza artificiale per migliorare le proprie capacità, è in grado di individuare vulnerabilità su una scala senza precedenti.
L'articolo 100 ricercatori di bug, 32 milioni di dollari! HackerOne: I bug sulle AI stanno aumentando! proviene da il blog della sicurezza informatica.
Tg del 3 ottobre 2025
Conduzione: Lorenzo Giovanardi Coordinamento: Flavia Falduto Ticker: Enza Savarese e Alessio Garzina Collegamento: Sofia Landi Digiwall: Roberto Abela In redazione: Elisabetta Guglielmi, Alessio Corsaro, Valerio Francesco Silenzi, Flavia Falduto, Chiara…
L'articolo Tg del 3 ottobre 2025 su Lumsanews.
Abolition and Alternatives Conference (AAC) Starts Today
We are proud to sponsor The Abolition and Alternatives Conference (AAC) that starts today, October 3rd, and ends on the 5th. The conference is organized and hosted by The Black Response at their offices at 245 Main Street, Cambridge, MA, 02142 on Friday and Saturday. On Sunday, it will be at The Foundry – 101 Roger Street Cambridge, MA – Kendall Square. The conference schedule is available.
We encourage all Pirates to attend and support this conference, especially, but not exclusively, the ShotSpotter and Police Surveillance track. If you can not attend, or even if you can, please consider giving a donation to The Black Response or print out their poster and put it up in your neighborhood. See you next week!
Details on the conference are reproduced below. Edits are only for clarity:
This free, in-person event will bring together community members, organizers, and advocates for a weekend of in-depth learning and discussion focused on alternative public safety and community care, housing justice, and the impacts of surveillance technologies like ShotSpotter. It will include keynote addresses from Fatema Ahmad (Muslim Justice League), Stephanie Guirand (The Black Response), and Spencer Piston (Boston University).
Food will be provided, childcare will be available, and we encourage attendees to share any additional access needs via the conference interest form. TBR will be reaching out to invite participation as speakers and facilitators. For questions, please contact Stephanie at general@theblackresponsecambridge.com.
Throughout the conference, participants will have the opportunity to choose from panels in four tracks:
Housing Justice
This track features panels led by the Cambridge Housing Justice Coalition (CHJC). CHJC is a coalition of activist groups and concerned Cambridge residents who believe housing is a basic human right. The panels and workshops on this track will focus on housing justice and its intersections with the prison industrial complex.
ShotSpotter and Police Surveillance
This track will be led by the #StopShotSpotter Coalition Camberville. In this track, coalition members will provide an introduction to ShotSpotter, the audio-surveillance technology. We will examine its impact in Cambridge, the national landscape, and broader conversations about surveillance tech.
Alternatives and Community Care
This track will be led by members of the Massachusetts Community Care Network (MCCN). This track will include panels of responders, program directors, and organizers working to make alternatives to policing real. It includes a panel on the movement with Daanika Gordon, Spencer Piston, and Minali Aggarwal.
Community Concerns (Anti-Racism, Immigration Justice, Justice for Palestine, and Black Lives Matter)
This track will discuss concerns that come directly from the communities we serve and work with. These concerns also intersect with the movement for abolition and alternatives. They include Justice for Palestine, Immigration Justice, and Anti-Racism. In this tract we intend to learn from organizers leading these movements in Massachusetts.
Violenza in corsia, raddoppiano le aggressioni ai sanitari
Servizio di Filippo Saggioro e Sofia Silveri
L'articolo Violenza in corsia, raddoppiano le aggressioni ai sanitari su Lumsanews.
AI contro AI: la nuova frontiera del phishing
@Informatica (Italy e non Italy 😁)
La scoperta del Microsoft Threat Intelligence di una campagna di phishing dove il codice malevolo è stato probabilmente offuscato grazie a un modello di linguaggio generativo conferma che il confronto tra attaccanti e difensori si è spostato su un piano nuovo, quello dell’intelligenza artificiale. Che c’è da sapere
L’aumento delle spese militari finanzi una difesa europea sovranazionale. Parla Borghi
@Notizie dall'Italia e dal mondo
In data odierna, il governo ha trasmesso alle Camere il Documento programmatico di finanza pubblica (Dpfp), all’interno del quale è contemplato un aumento delle spese militari di circa 12 miliardi di euro entro i prossimi tre anni. Il tema è tra i
Flotilla, l’Italia in piazza. La replica di Bonelli e Fratoianni (Avs) a Giorgia Meloni
A cura di Sofia Landi
L'articolo Flotilla, l’Italia in piazza. La replica di Bonelli e Fratoianni (Avs) a Giorgia Meloni su Lumsanews.
Orvieto in piazza per la Flotilla
@Giornalismo e disordine informativo
articolo21.org/2025/10/orvieto…
Orvieto c’è ed è a fianco di Gaza dei Palestinesi e della Sumud Global Fottilla. Orvieto ha scelto di manifestare nella sua Città e oltre 1200 persone studenti lavoratori di scuola sanità e dei servizi insieme al coordinamento orvietano per la Palestina hanno dato vita ad
Carleigh Beriont is running for Congress as an “anti-social Democrat” and she thinks the party needs to abandon social media nationally also.#News
Can You Win a Congressional Seat Without Social Media?
Carleigh Beriont is running for Congress, and if you know about her campaign, it’s definitely not for the same reason you’ve learned about other local politicians in recent years. Alexandria Ocasio-Cortez has become a household name in part because of her ability to use social media and livestreams to talk to people directly. Zohran Mamdani hasn’t even won an election yet, but is already a national political figure thanks in part to his fluency on TikTok.Beriont, on the other hand, is not using social media at all. She’s been on Twitter, Linkedin, and Facebook in the past, but has not been on social media since 2020 after getting frustrated with the kind of discussions and divisiveness she saw there.
Beriont is a former union organizer, a teacher, and vice chair of the local Select Board. Now, she is not only trying to win the Democratic primary for the New Hampshire District 1 congressional race, she has also made social media abstinence a part of her platform.
Eric Schildge, Beriont’s husband, reached out to me after reading my article about an Instagram account promoting Holocaust denial t-shirts, and explained that Beriont was promoting herself as an “anti-social Democrat” because she thinks “Democracy works better offline.”
According to Beriont’s campaign manager Carly Colby, Beriont raised over $232,000 from over 2,300 individual donors. Over 250 of these individuals donated in response to receiving a message specifically about Carleigh not using social media.
I called Beriont to find out why she thinks it’s possible to win an election without social media.
This interview has been edited for clarity and length.
404 Media: Why did you get off social media?
Carleigh Beriont: I'm a millennial, so I grew up like when Facebook required the .edu and it was a great way to connect with new classmates going into college and old friends when you had moved away from where you grew up, which I did. During the height of the Black Lives Matter protests [in 2020], there were a number of conversations that I saw happening on my feed where one relative would post something and a friend from school would post something, and they'd be yelling at each other, and I was like, these people don't even know each other and they're fighting online. It just felt like the experience was getting more and more degraded. It was more and more ads, more and more videos, less and less communication between people, and I signed off because I think that it was making it hard for me as an academic and a parent and someone who was very busy, to think clearly.I was always worried about what I was going to say or that people were going to jump all over me, and I thought that was unhealthy. When I ran for office the first time in New Hampshire, I wasn't sure I'd be able to do it without social media. But I also realized that talking to people on the phone and meeting them at their doors or speaking in libraries, people weren't as angry or as opposed to one another as I'd been led to believe based on social media. And so I started to think, well, what if we don't use social media running for Congress? I mean, you've seen this week how bad things have gotten [Editor’s note: this interview took place the week Charlie Kirk was shot], and I just don't think that democracy works well online. We're seeing Donald Trump try to force the sale of Tiktok to one of his biggest supporters’ children. We're seeing Mark Zuckerberg and Elon Musk and Jeff Bezos sitting in the front row of Trump's inauguration. They had better seats than Greg Abbott did, and these people are making billions of dollars off of us, and they are destroying our democracy in the process. I don't want to be a part of it. So when I think of what can I do, What can I change, we decided not to use social media during the campaign because we don't want to live in a world where that is where our politics take place, and how they're outsourced, because we don't think that it's productive for democracy.
404 Media: I told my colleagues I was doing this interview and one of them joked that the headline for the story could be: “Can You Win an Election Without Telling Anyone You’re Running?” I hate social media also but I think I have to use it to promote our articles. Don’t you think it’s a necessary evil for you as well?
Beriont: It's so funny. I wish I could get a shirt that was like, “necessary evil?”. I do think that it's evil. I don't know that it's necessary. This campaign is a test for that. It's one thing for people who are trying to promote themselves or trying to sell things to use social media. I think it's another for our political leaders who are in a position where they should be holding corporations and the people who run them, like Mark Zuckerberg, responsible for their actions.We're watching how the government is literally using that to surveil us and fire people for things that they're allegedly posting that are inappropriate about Charlie Kirk's assassination and things like that. It's incredibly risky for people to be using social media who are trying to preach a message of connection and community and democracy and equality and respect and dignity. I am not seeing those things on social media. Most of what people see, I believe a lot of it is AI. I believe a lot of it is an attempt to sell you something. I believe little of it is things that your friends and family are using as a way to actually connect. In New Hampshire, we've seen local police departments shut down the comment sections on their Facebook. We see political candidates deleting things that they don't like or comments that are negative. And so I think it just skews our sense of what's real and what's possible right now. And so that's why we're not using it.
Instead, we're doing something I'm calling district dialogs. As a facilitator and teacher, I'm happy to involve myself in messy, awkward conversations with people. I love teaching people how to stay in conversations and hold spaces. And so we're asking people what they wish politicians understood better. And we've had about 40 of these conversations throughout the district, and in almost every one we're hearing the same things from people who are exhausted by social media. They go on to check something, and two hours later they realize that they've lost two hours of their life, or they tried to find a post from a candidate, and instead, they got sucked into like some type of Nazi propaganda. And it's just such a shitty way to run a communication system and to run a country, and I think that we've done too much outsourcing to it, so it needs to stop.
404 Media: How are you reaching people without social media?
Beriont: We've been meeting in like public libraries and school cafeterias and church basements and driveways and living rooms, and asking people to bring some of their friends, or if it's a local democratic committee or some type of organization, asking them to invite people, and just sitting around and asking one another what we think we need to be doing right now. What people are saying after those meetings is they're so grateful that they had a chance to hear other people and to be heard, and they don't feel alone, and social media makes them feel alone. It makes them feel crazy, it makes them feel overwhelmed. And actually sitting and talking with the people in your community about what you can do to make it better is, I think, an antidote for a lot of that feeling of overwhelm and disassociation that people have right now.I ask people what they think about my position on social media, and the number of people, especially millennials, say “I wish I could throw my phone out the window.” It seems to be really the political consultants and people who work in politics who are the most opposed to this idea, in part, because, for a lot of people, it's a low lift way to get involved. I think we have to ask ourselves whether it's actually an effective way of making a difference right now. I don't believe that that's the case in 2025.
404 Media: Have you done any polling or do you have any data that shows that this strategy is working?
Beriont: We haven't done any polling yet. It's tricky because there's six other people in this primary right now, one of the things that I think has been differentiating me is my willingness to sit and have a conversation. So a lot of politicians are operating the way that they have been trained to, which is to show up at a place, get a picture for Instagram or Facebook or Twitter, and then leave and people notice and are frustrated with that because they don't feel like they're actually getting an opportunity to talk with the people that want to represent them. As someone who has been on the other side of that, I decided to run because I was really frustrated with all of these monologues and these directed cameras telling me how to think or how to feel or how to vote or why, you know, the sense of reality that I had was wrong. And I think people really want more dialogue right now. They want more real, authentic exchanges. And I think they deserve that, and I think that that needs to be the foundation for democratic politics going forward.404 Media: When I was in the VICE union there was an organizer with Writers Guild of America East who told us that support for the union on social media doesn’t mean anything, and can be counter productive because it makes people feel like they’re supporting the union without actually supporting it. Is your no social media approach to campaigning influenced by your experience in union organizing?Beriont: Yeah, absolutely. I was one of the people that helped organize the graduate student union at Harvard with the UAW. I think you're absolutely right about that. I also think that local politics has been great for this, because it's nonpartisan. And one of the things that I've realized is that in order to get things done in a space that is politically quite divided, you can't just be posting shit about your opponents the minute you don't get your way. You need to really build relationships and recognize that you're not always going to get your way, and this is true in a negotiation. When you show up to bargain at a table, you don't assume that you're going to get every single one of the things that you ask for, but you assume that people meet you in good faith and you'll be able to move forward. And I think that a lot of the relationship building and the coalition building that we need right now is lacking at the national level. We're seeing people, pouring fuel on partisan fires and preaching to the choirs, and they're doing that to raise more money, and it's not winning over anybody, and it's not helping to de-escalate the situation that we're in right now. And I think that it's frankly making us a lot less safe, because instead of actually holding social media corporations accountable for what they're posting online, which they could be doing, they're choosing not to do that.
404 Media: Do you think a no social media strategy can work on a national level?
Beriont: Absolutely. I think it's well suited to New Hampshire because this is a state that is very used to hands on democracy. Our State House has 400 state reps in it, and we used to have the first primary in the nation. So most people in New Hampshire who are politically active are used to interacting with political candidates and politicians and getting to know them quite well, and expect that from their politicians. This is a state where the majority of politicians who run, if they're posting anything on Facebook, they're probably going to get like, two or three likes. And it just doesn't seem to be the most effective way to organize in a place like this. But I also think that, at the very least, we should be asking our politicians to get offline and stop exacerbating tensions on platforms that are only benefiting billionaires. They're buying our politicians. They're buying our politics. And it needs to stop somewhere. So it should probably start with the people who are attempting to be our leaders.
Che fine ha fatto l’amministratore di sistema con il GDPR?
Ah, l’amministratore di sistema. Old but gold. Figura che nell’organigramma privacy risale ad un provvedimento del Garante Privacy del 27 novembre 2008, modificato il 25 giugno 2009 e rimasto pressoché intatto fino ad oggi. Il tutto, nonostante il nuovo quadro normativo introdotto dal GDPR e, soprattutto, le rilevanti modifiche del contesto tecnologico e del ruolo del sysadmin.
Certo, la definizione di amministratore di sistema pecca di un certo grado di vaghezza:
figura professionale dedicata alla gestione e alla manutenzione di impianti di elaborazione con cui vengano effettuati trattamenti di dati personali, compresi i sistemi di gestione delle basi di dati, i sistemi software complessi quali i sistemi ERP (Enterprise resource planning) utilizzati in grandi aziende e organizzazioni, le reti locali e gli apparati di sicurezza, nella misura in cui consentano di intervenire sui dati personali.
Il comune denominatore di questa categoria di operatori è però individuato nella capacità di accedere in modo privilegiato a risorse del sistema informativo e dati personali. Quindi si può dire che ci troviamo di fronte ad una definizione volutamente ampia. Molto ampia. Forse troppo.
Ma volendo guardare alla sostanza, il concetto che si segue è che da grandi poteri derivano grandi responsabilità. Le quali, però, in ragione del quadro normativo in materia di protezione dei dati personali, comportano precisi obblighi di gestione in capo al titolare del trattamento. Che si traducono in misure da adottare.
Tutti questi obblighi permangono con l’applicazione del GDPR per espressa previsione dell’art. 22 co. 4 d.lgs. 101/2018, il quale prevede che i provvedimenti del Garante continuino ad applicarsi in quanto compatibili con il Regolamento.
Anzi, possiamo dire che in questo caso, ne escono rafforzati nelle proprie coordinate essenziali.
La designazione dell’amministratore di sistema.
All’interno delle misure e accorgimenti prescritti all’interno del provvedimento, al punto 4.2 è previsto l’obbligo di designazione individuale di ciascuno dei soggetti che svolgono le funzioni di amministratore di sistema, con l’elencazione analitica degli ambiti di operatività consentiti in base al profilo di autorizzazione assegnato.
Questa misura non è altro che una specificazione delle disposizioni degli artt. 29 e 32 par. 4 GDPR, che, rispettivamente, prevedono l’obbligo per il titolare di istruire i soggetti autorizzati all’accesso e di controllare che i soli soggetti istruiti abbiano accesso ai dati personali e svolgano operazioni di trattamento. Più in generale rientrano nelle misure organizzative di cui deve dotarsi il titolare per garantire un livello di sicurezza adeguato dei trattamenti.
In particolare, la designazione dell’amministratore di sistema è riconducibile nell’attribuzione di funzioni e compiti prevista dall’art. 2-quaterdecies Codice Privacy. Che nei contenuti minimi deve avere quanto previsto all’interno del citato punto del provvedimento, andando così a chiarire l´ambito di operatività in termini generali, per settori o per aree applicative. A ciò devono poi essere aggiunte tutte le istruzioni necessarie allo svolgimento delle operazioni, andando a specificare quali sono consentite nonché le eventuali condizioni per svolgere determinate attività.
Nel caso in cui un responsabile del trattamento svolga attività come amministratore di sistema, l’accordo di cui all’art. 28 GDPR andrà così integrato con la precisazione degli obblighi del provvedimento ivi inclusa la designazione individuale di tali soggetti. Che per buona prassi è bene che il titolare fornisca come modello allegato.
Gestire gli amministratori di sistema.
Andando un passo oltre, gli obblighi specifici riguardanti gli amministratori di sistema rientrano in una gestione degli accessi e dei privilegi. Attenzione, però, a ricordare che le misure indicate determinano delle soglie minime, ma non è detto che siano sufficienti. Come ricorda il Garante Privacy, infatti, adottare le misure “a catalogo” non significa avere un livello di sicurezza adeguato. Questo è infatti possibile raggiungerlo e comprovarlo solo attraverso un’analisi dei rischi.
Il provvedimento indica alcuni punti fondamentali di gestione, quali:
- la valutazione delle caratteristiche soggettive;
- la designazione individuale;
- la tenuta di un elenco aggiornato degli amministratori di sistema;
- la verifica delle attività svolte;
- la registrazione degli accessi.
Ciascuno di questi aspetti è bene che venga approfondito e declinato correttamente, tenendo conto del contesto organizzativo e secondo quell’approccio risk-based su cui si fonda il sistema del GDPR.
Insomma: gli amministratori di sistema continuano ad esistere anche con il GDPR e la gestione del loro operato è e rimane una responsabilità ineliminabile in capo al titolare del trattamento.
Responsabilità che permane nonostante qualsivoglia clausola di esenzione o limitazione di responsabilità si voglia imporre o far sottoscrivere, perché deriva direttamente dal Regolamento il quale non ammette alcuna deroga a riguardo.
L'articolo Che fine ha fatto l’amministratore di sistema con il GDPR? proviene da il blog della sicurezza informatica.
This week, we discuss characters in open source, that Saudi comedy festival, and asking ourselves if we're haters.
This week, we discuss characters in open source, that Saudi comedy festival, and asking ourselves if wex27;re haters.#BehindTheBlog
Behind the Blog: Open-Source Drama and Saudi-Approved Humor
This is Behind the Blog, where we share our behind-the-scenes thoughts about how a few of our top stories of the week came together. This week, we discuss characters in open source, that Saudi comedy festival, and asking ourselves if we're haters.EMANUEL: I swear I try my best not to use Behind the Blogs to pat myself on the back, but I’m very happy with how my piece about the recent Ruby Drama turned out. I got a lot of interesting responses to the the article, some of which I hope will result in new articles soon, but mostly I was happy that it appears I didn’t fuck up any of the details in what was a highly complicated, technical, and controversial story for people who care about this stuff.
That is not to say that I didn’t get any constructive criticism, some of which I’d like to address here. One piece of feedback I got from multiple people in the camp that is angry with Ruby Central’s ousting of contributors is their view that the article underplays the role David Heinemeier Hansson (DHH) played in this saga, and the political views he’s expressed on social media over the years.
This post is for subscribers only
Become a member to get access to all content
Subscribe nowBehind the Blog: Open-Source Drama and Saudi-Approved Humor
This week, we discuss characters in open source, that Saudi comedy festival, and asking ourselves if we're haters.Samantha Cole (404 Media)
A leggere l'articolo del Post sulle manifestazioni di oggi si trova un elenco morboso di petardi, tafferugli, occupazioni e blocchi.
Io ho sfilato a Firenze dalle 9:30 alle 12:00, ho visto decine di migliaia di persone sfilare in maniera assolutamente tranquilla ma di loro in quell'articolo non c'è traccia.
Mi domando se mi sono abbonato a Il Post o a Libero...
(Questo stesso messaggio l'ho mandato alla sua redazione via mail e invito gli abbonati che siano d'accordo a fare lo stesso).
Aggiornamento 4/10/2025 00:11: il testo dell'articolo è stato modificato, adesso dà qualche informazione in più.
Aggiornamento 4/10/2025 09:46: il testo dell'articolo è stato completamente rivisto.
ilpost.it/2025/10/03/sciopero-…
Lo sciopero e le manifestazioni in tutta Italia per la Flotilla e per Gaza
Centinaia di migliaia di persone stanno manifestando in moltissime città: sono state occupate università e porti, e cancellati treni e voliIl Post
like this
reshared this
Oltre lo schermo: l’evento della Polizia Postale per una vita sana oltre i social
La Community di Red Hot Cyber ha avuto l’opportunità di partecipare a “Oltre lo schermo”, l’importante iniziativa della Polizia Postale dedicata ai giovani del 2 ottobre, con l’obiettivo di invitarli a vivere la realtà oltre i confini dei social network. Un evento che conferma come, ormai da alcuni anni, la cyber security awareness sia diventata un pilastro fondamentale nei percorsi di formazione giovanile.
L’Auditorium Parco della Musica di Roma, gremito da oltre 1.200 studenti provenienti dalla capitale e dalla sua provincia, ha fatto da cornice all’incontro promosso dalla Polizia di Stato, in collaborazione con Google e One More Pictures. L’iniziativa rientra nella 13ª edizione di “Una Vita da Social”, la storica campagna educativa itinerante che porta nelle scuole italiane strumenti e riflessioni per un utilizzo sicuro e consapevole del web.
Il focus di quest’anno è stato il confronto tra i modelli di perfezione proposti dai social e l’identità dei più giovani, con particolare attenzione alla body positivity e alla riscoperta del valore delle relazioni autentiche nella vita reale.
Il messaggio delle istituzioni
Ad aprire l’incontro, il Capo della Polizia Vittorio Pisani che ha ricordato ai ragazzi di non farsi condizionare dall’identità digitale:
“I rapporti umani sono quelli che arricchiscono davvero e vi preparano a fare la differenza nella vita quotidiana e nel futuro mondo del lavoro”.
Il prefetto ha ringraziato gli insegnanti, riconoscendo il loro compito fondamentale nel trasmettere valori e responsabilità alle nuove generazioni. Anche l’on. Federico Mollicone ha sottolineato, con un messaggio il valore sociale ed educativo del tema, definendo l’educazione digitale una sfida decisiva per il futuro.
Storie ed emozioni: il cortometraggio (IM)PERFETTA
Il momento più atteso è stato la proiezione del cortometraggio “(IM)PERFETTA”, prodotto da One More Pictures con Rai Cinema e presentato alla Mostra del Cinema di Venezia.
La storia di una ragazza che, dopo una delusione amorosa, si rifugia nei social inseguendo un ideale di perfezione, ha emozionato gli studenti. La protagonista scopre infine che la vera unicità sta nelle imperfezioni, ciò che rende autentici e irripetibili.
Scritto da Margherita Pezzella, il corto ha stimolato un confronto sincero, in cui molti giovani si sono riconosciuti. Magistrale il finale del corto nel quale la protagonista, come un novello Amleto, fissa le pillole dimagranti prima della sfumatura finale lasciando allo spettatore sempre presente lo spettro della tentazione mai sopita delle scorciatoie (ingannevoli) verso il risultato.
Testimonianze e ospiti
A rendere speciale l’evento, la partecipazione del cast del film, di artisti, sportivi e personalità del mondo della comunicazione. Non sono mancati i videomessaggi dei calciatori di A.S. Roma e S.S. Lazio, che hanno invitato i ragazzi a credere nel sacrificio, nel lavoro di squadra e nel valore della vita reale rispetto a quella virtuale.
Il conduttore radiofonico Renzo Di Falco e la Dottoressa Roberta Mestichella hanno guidato la giornata con energia, lasciando spazio a riflessioni e interventi anche in collegamento: da New York con Marco Camisani Calzolari, esperto di comunicazione digitale, e da un set cinematografico in Trentino Alto Adige.
Educazione digitale e responsabilità condivisa
Il confronto tra istituzioni e aziende ha ribadito la necessità di un’alleanza tra pubblico e privato.
Barbara Strappato, direttrice della Prima Divisione della Polizia Postale, e Martina Colasante di Google Italia hanno sottolineato l’impegno per sviluppare tecnologie sicure e costruite su misura per i più giovani.
Il produttore Carlo Raffronti ha ricordato che oggi il rischio è l'”analfabetismo digitale”, invitando i ragazzi a domandarsi sempre perché un contenuto viene loro proposto online.
Quasi tutti gli ospiti del talk hanno posto l’accento sul valore delle emozioni reali, più durature di quelle virtuali.
Un invito a scegliere quindi la realtà e ad utilizzare i social responsabilmente
Il filo conduttore dell’evento è stato chiaro: educazione, rispetto e accettazione di sé e degli altri come strumenti per contrastare fenomeni come il cyberbullismo. “Non esistono scorciatoie” hanno ricordato gli sportivi di Roma e Lazio presenti con un video messaggio, “servono sacrificio e dedizione, nello sport come nella vita”.
Durante i vari speech della giornata, ogni partecipante ha ricevuto un kit con materiali informativi: un quaderno Comix, un volantino della Polizia Postale con utili consigli per una navigazione sicura e il “The Future Report” di Google, ricerca veramente accurata sugli adolescenti europei e il loro rapporto con internet e l’intelligenza artificiale.
Più che un evento, un messaggio alle nuove generazioni ed ai loro genitori
“Oltre lo schermo” non è stato solo un momento di riflessione, ma un invito a vivere la tecnologia senza subirla, a non lasciarsi ingannare dalle illusioni dei social e a dare valore alle relazioni autentiche.
Perché, come ha ricordato uno dei relatori, “ciò che conta davvero è quello che pensano di voi le persone che vi conoscono nella vita reale, coloro che vi vogliono bene, non i commenti sui social”.
L'articolo Oltre lo schermo: l’evento della Polizia Postale per una vita sana oltre i social proviene da il blog della sicurezza informatica.
like this
reshared this
@Max - Poliverso 🇪🇺🇮🇹 meraviglioso! --> ieri sera a Lugano
Lugano - eravamo più di "diverse centinaia"
Per testimonianze più vere, cercate sui social (di meta ahimè...)
https://www.cdt.ch/news/ticino/in-piazza-per-gaza-e-la-flotilla-diverse-centinaia-a-lugano-i-manifestanti-407478 (ah! hanno cambiato l'articolo nel frattempo - stamattina c'era scritto diverse centinaia di persone)#blocchiamotutto #Lugano #globalsumudflotilla #manifestazione #gaza #palestinalibera
Corriere del Ticino: In piazza per la Flotilla: un migliaio di manifestanti e disagi al traffico a Lugano (Valentina Coda)
Da piazza Dante allo svincolo autostradale, tante persone hanno partecipato al corteo scandendo slogan a sostegno della Global Sumud Flotilla - Traffico bloccato in entrata e uscita a causa di un'ora di sit-in ai semafori di Lugano Sud - FOTO E VIDEO
Lampedusa: L’Abbraccio che non Dimentica
@Giornalismo e disordine informativo
articolo21.org/2025/10/lampedu…
Il 3 ottobre, come tanti altri naufragi, rimane una ferita aperta, ma è anche un seme piantato nel mare: ci ricorda che un futuro diverso è possibile, se scegliamo di costruirlo insieme, ogni giorno, senza confini.
L'articolo Lampedusa: L’Abbraccio che non
Le aziende di marketing statunitensi che ripuliscono l’immagine di Israele
Bot, consulenti politici e multinazionali della comunicazione alimentano la propaganda per nascondere i crimini israeliani a Gaza. LeggiArwa Mahdawi (Internazionale)
freezonemagazine.com/articoli/…
Sul mio cammino di lettrice, ho incontrato ultimamente alcuni libri che raccontano di viaggi che mi hanno fatto appassionare alle avventure che vi vengono descritte. In questo caso, ho letto due libri che raccontano la Russia sovietica, con Steinbeck, e la stessa terra, nei primi anni duemila, ne L’alcol e la nostalgia di
Il mondo dice addio a Jane Goodall: morta la signora degli scimpanzé che ha rivoluzionato il nostro sguard ...
Jane Goodall se n'è andata, lasciando un vuoto impossibile da colmare. La regina degli scimpanzé è morta a 91 anni dopo una vita al servizio della naturaRosita Cipolla (GreenMe.it)
Donald Trump voleva una spada antica da regalare a Re Carlo III, ma…
Il direttore di un museo Usa gliel'ha negata. Poi è stato costretto alle dimissioniAlessandro D’Amato (Open)
reshared this
📣 Il #NextGenAI, il primo summit internazionale sull’Intelligenza Artificiale nella #scuola, si...
📣 Il #NextGenAI, il primo summit internazionale sull’Intelligenza Artificiale nella #scuola, si svolgerà a Napoli da mercoledì 8 a lunedì 13 ottobre 2025.
Ministero dell'Istruzione
📣 Il #NextGenAI, il primo summit internazionale sull’Intelligenza Artificiale nella #scuola, si svolgerà a Napoli da mercoledì 8 a lunedì 13 ottobre 2025.Telegram
reshared this
🔴 COMUNICATO STAMPA - Deepfake, Garante: stop a Clothoff, l’app che spoglia le persone
Il Garante per la protezione dei dati personali ha disposto, in via d’urgenza e con effetto immediato, la limitazione provvisoria del trattamento dei dati personali degli utenti italiani nei confronti di una società, con sede nelle Isole Vergini Britanniche, che gestisce l’app Clothoff.
#Clothoff offre un servizio di AI generativa che rende possibile – gratuitamente e a pagamento – la generazione di immagini di “deep nude”, ovvero foto e video falsi che ritraggono persone reali in pose nude o sessualmente esplicite o, addirittura, pornografiche.
CONTINUA A LEGGERE SUL SITO DEL GARANTE ➡
like this
reshared this
rif. gpdp.it/home/docweb/-/docweb-d…
a suo tempo sporsi reclamo per bikinioff e mi venne rigettato.
Felice che si sono svegliati adesso.
Il cervello in una mano
@Politica interna, europea e internazionale
L'articolo Il cervello in una mano proviene da Fondazione Luigi Einaudi.
Hacklab Cosenza - Linux Day Cosenza 2025 – Call 4 Talks
hlcs.it/2025/10/03/linux-day-c…
Segnalato da Linux Italia e pubblicato sulla comunità Lemmy @GNU/Linux Italia
La 25esima edizione del Linux Day, la giornata nazionale dedicata a Linux, al software libero e all’open source & open hardware, sarà anche a Cosenza,
reshared this
freezonemagazine.com/articoli/…
Quarto album per Nero Kane, nome d’arte sotto il quale si cela Marco Mezzadri, che ha iniziato a far parlare di se una decina di anni fa, quando ha dato vita a questo intrigante progetto a cavallo tra un folk che vira le sue tinte verso atmosfere sospese tra dark ed una certa psichedelia. Dischi […]
L'articolo Nero Kane – For The Love, The Death And The
freezonemagazine.com/news/ivan…
In libreria dal 10 Ottobre 2025 Un padre. Un figlio. Una terra selvaggia del Montana. La straordinaria memoria familiare di Ivan Doig lungo tre generazioni, tra perdite dolorose e legami indissolubili, in un viaggio emozionante attraverso i paesaggi mozzafiato dell’Ovest americano. Tra le vaste praterie del Montana e le aspre Montagne Rocciose, Ivan […]
L'articolo Ivan Doig – Questa casa di
Flotilla, il valore della vera testimonianza e tre dubbi scomodi
Se si vuole portare aiuti umanitari, i canali sono altri. Se si vuole provocare, si rischia di esacerbare la tensione. La domanda finale sulla spedizione verso Gaza è: a che pro?Davide Rondoni (Avvenire)
Fiumi vivi: la rivoluzione ecologica dell’Ecuador tra attivismo e giustizia
@Notizie dall'Italia e dal mondo
Comunità, attivisti e tribunali si mobilitano per salvare i corsi d’acqua dell’Ecuador, riconosciuti come soggetti di diritto. Tra pulizie collettive, cause legali e resistenza, i fiumi diventano simbolo di una nuova coscienza ambientale.
L'articolo
Qualcuno di quelli/e che votano PD e fanno la lezione agli altri, a quelli che non votano, dicendo che comunque i loro sono migliori e che se non voti consegni il paese alle destre, potrebbero ricordarmi quando un governo PD ha fatto un riconoscimento dello stato della Palestina migliore di questo?
È il riconoscimento totale, senza se e senza ma che vorrei io? No di certo, ma quelli che dovremmo votare tutti perché se no consegnamo il paese alle destre esattamente cosa hanno fatto di più sul tema?
rainews.it/articoli/2025/10/ca…
Sì della Camera al riconoscimento condizionato della Palestina. Tajani: "Voto molto chiaro"
Risoluzione su Gaza a maggioranza, rientro rapido per attivisti Flotilla. Aula approva risoluzioni Iv e Più Europa. Bocciato il documento unitario di Pd, M5s e Avs. Schlein: Meloni smetta di criminalizzare ogni piazzaRedazione di Rainews (RaiNews)
reshared this
Questo peoplepub.it/pagina-prodotto/i…
IL SEQUESTRO | People
Il sequestro. Controstoria del Partito Democratico non è un saggio sull’eterna crisi della sinistra, né vuole essere in nessun modo un contributo al dibattito che accompagnerà il prossimo congresso del Partito Democratico, piuttosto ambisce a costitu…People
Gaza nel futuro: amputazioni e disabilità permanenti
@Notizie dall'Italia e dal mondo
Il nuovo rapporto dell’OMS denuncia una catastrofe sanitaria e umanitaria nella Striscia: decine di migliaia di feriti, amputazioni di massa, ospedali al collasso e milioni di sfollati abbandonati alla fame.
L'articolo Gaza nel futuro: amputazioni e disabilità permanenti proviene da Pagine Esteri.
libero reshared this.
Apple removed ICEBlock reportedly after direct pressure from Department of Justice officials. “I am incredibly disappointed by Apple's actions today. Capitulating to an authoritarian regime is never the right move,” the developer said.
Apple removed ICEBlock reportedly after direct pressure from Department of Justice officials. “I am incredibly disappointed by Applex27;s actions today. Capitulating to an authoritarian regime is never the right move,” the developer said.#News
ICEBlock Owner After Apple Removes App: ‘We Are Determined to Fight This’
The developer of ICEBlock, an app that lets people crowdsource sightings of ICE officials, has said he is determined to fight back after Apple removed the app from its App Store on Thursday. The removal came after pressure from Department of Justice officials acting at the direction of Attorney General Pam Bondi, according to Fox which first reported the removal. Apple told 404 Media it has removed other similar apps too.“I am incredibly disappointed by Apple's actions today. Capitulating to an authoritarian regime is never the right move,” Joshua Aaron told 404 Media. “ICEBlock is no different from crowd sourcing speed traps, which every notable mapping application, including Apple's own Maps app, implements as part of its core services. This is protected speech under the first amendment of the United States Constitution.”
💡
Do you know anything else about this removal? Do you work at Apple or ICE? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.This post is for subscribers only
Become a member to get access to all content
Subscribe nowICEBlock Owner After Apple Removes App: ‘We Are Determined to Fight This’
Apple removed ICEBlock reportedly after direct pressure from Department of Justice officials. “I am incredibly disappointed by Apple's actions today. Capitulating to an authoritarian regime is never the right move,” the developer said.Joseph Cox (404 Media)
reshared this
Mario Guevara to be deported for reporting the truth
FOR IMMEDIATE RELEASE:
Atlanta-area journalist Mario Guevara’s family announced today that he will be deported to El Salvador tomorrow, after spending more than 100 days in detention.
Guevara was initially arrested on June 14 while reporting on a“No Kings” protest near Atlanta. Although the charges against him were dropped, the government argued during deportation proceedings that his filming of law enforcement activities — a constitutionally protected activity — created a threat to public safety.
The following statement can be attributed to Seth Stern, director of advocacy of Freedom of the Press Foundation (FPF):
“Mario Guevara was ripped from his family and community because the Trump administration punishes journalists to protect its own power.“The only thing that journalists like Guevara threaten is the government’s chokehold on information it doesn’t want the public to know. That’s why he’s being deported and why federal agents are assaulting and arresting journalists around the country.
“The full impact on our freedom of speech may never be known. But what is certain is that Guevara’s deportation sends a chilling message to other journalists: Tell the truth, and the state will come for you.
“This is unconstitutional, un-American, and wrong. It’s an assault on the First Amendment, and it won’t stop until we all fight back by speaking out.”
Before today’s news, more than 100 writers, journalists, and scholars signed a letter calling for his immediate release. For more about Guevara’s case, visit freedomformario.com/.
Please contact us if you would like further comment.
ROCCA DICE BENE: INCENERITORE = PIETRA TOMBALE DELLA DIFFERENZIATA
Le odierne dichiarazioni di Rocca sull'inceneritore come pietra tombale della differenziata a Roma esprimono alla perfezione le scelte politiche sulla gestione dei rifiuti della Capitale. I rifiuti che bruceranno saranno interamente composti da tal quale, non solo una parte, ovvero 600 mila tonnellate per oltre 30 anni.
Dopo tre anni, la raccolta differenziata è ancora ferma al palo. Le proiezioni al 2035 evidenziano un 20% di scarto: rifiuti che, pur raccolti come differenziati, finiscono comunque nell’indifferenziato.
Uno spreco enorme che potrebbe essere evitato con una efficace raccolta porta a porta, aprendo anche la strada a una futura tariffa puntuale. Invece la giunta Gualtieri certifica il fallimento del suo piano rifiuti, continuando a puntare sui cassonetti stradali, ormai trasformati in parte integrante dell'arredo urbano.
La preoccupazione espressa dal presidente Rocca si trasformi in un concreto ripensamento sulla gestione dei rifiuti a Roma favorendo il rilancio del recupero di materia possibile solo attraverso una raccolta differenziata di qualità in linea con gli ambiziosi obiettivi ambientali europei.
Martedì scorso abbiamo presentato 24mila firme alla Camera che dicono no ai poteri speciali: siamo ancora in tempo per evitare che nella Capitale si compia il crimine ambientale di bruciare rifiuti tal quale per i prossimi 30 anni.
Unione dei Comitati contro l'inceneritore a Santa Palomba
2 ottobre 2025
La Global Sumud Flotilla vista dalle pagine di Haaretz
GAZA FLOTILLA: Israeli forces intercepted 39 boats carrying aid and foreign activists to Gaza, including Swedish campaigner Greta Thunberg, leaving only one vessel still sailing towards the Palestinian enclave, the organizers of the Global Sumud Flotilla said on Thursday. The flotilla, carrying medicine and food to Gaza, consisted of more than 40 civilian boats carrying about 500 parliamentarians, lawyers and activists.
Israel's Foreign Ministry said the activists were on the way to the Israeli port of Ashdod ahead of deportation. A ministry video showed Thunberg, the most prominent of the flotilla's passengers, sitting on a deck surrounded by IDF soldiers.
South African President Cyril Ramaphosa called Israel's interception of the Global Sumud Flotilla a "grave offense" against "global solidarity and sentiment that is aimed at relieving suffering in Gaza." Ramaphosa called on Israel to immediately release South Africans, including a grandson of Nelson Mandela, Nkosi Zwelivelile Mandela, and other foreign nationals who were on the flotilla
Protests broke out in Italy following Israel's interception of the flotilla bound for Gaza. In Rome, dozens of demonstrators gathered outside the city's main train station. In Naples, several protesters blocked tracks at the main train station, forcing rail services to halt, news agency ANSA reported. Protests were also reported in Milan and Turin.
Colombian President Gustavo Petro ordered the expulsion of Israel's entire diplomatic delegation on Wednesday following the detention of two Colombians in the flotilla and terminated Colombia's free trade agreement with Israel. Petro's office said the government would pursue all legal avenues internationally and within Israel to secure the release of the detained citizens and seek reparations.
The Istanbul chief prosecutor's office said it had launched an investigation into the detention of 24 Turkish citizens on the vessels on charges including deprivation of liberty, seizure of transport vehicles and damage to property, Turkey's state-owned Anadolu news agency reported.
The legal team organized by the Adalah Legal Center for Arab Minority Rights in Israel said it had been granted access to the Ashdod Port, where the flotilla activists are held, and has begun providing legal advice.
reshared this
Leggendo, da non addetta ai lavori, l’articolo di ‘Guerre di Rete’ mi chiedevo se anche nelle Marche, magari nella provincia di Pesaro e Urbino ci fossero degli hacklab.
La resistenza ai social media riparte dal Fediverso e dai server ribelli - Guerre di Rete
Una ricostruzione di internet “dal basso” per combattere le aziende che mercificano i dati personali. Un libro teorizza il fediverso come campo base per l’attivismo digitale. Intervista all’autrice, Giuliana Sorci.Giuditta Mosca (Guerre di Rete)
Free Circle: Linux Day 2025 – Open Mobile Experience - Privacy e libertà nel palmo della mano
thefreecircle.org/
Segnalato dal calendario eventi di Linux Italia e pubblicato sulla comunità Lemmy @GNU/Linux Italia
Linux Day 2025 – Open Mobile Experience
Privacy e libertà nel palmo della mano
Gli smartphone sono diventati il centro della nostra vita digitale: strumenti di
Laic Salocin reshared this.
For decades, scientists assumed that symmetry between the reflectivity of Earth’s hemispheres was a “fundamental property” of our planet. Now, that’s changed.#News
Earth Is Getting Darker, Literally, and Scientists Are Trying To Find Out Why
🌘
Subscribe to 404 Media to get The Abstract, our newsletter about the most exciting and mind-boggling science news and studies of the week.It’s not the vibes; Earth is literally getting darker. Scientists have discovered that our planet has been reflecting less light in both hemispheres, with a more pronounced darkening in the Northern hemisphere, according to a study published on Monday in Proceedings of the National Academy of Sciences.
The new trend upends longstanding symmetry in the surface albedo, or reflectivity, of the Northern and Southern hemispheres. In other words, clouds circulate in a way that equalizes hemispheric differences, such as the uneven distribution of land, so that the albedos roughly match—though nobody knows why.
“There are all kinds of things that people have noticed in observations and simulations that tend to suggest that you have this hemispheric symmetry as a kind of fundamental property of the climate system, but nobody's really come up with a theoretical framework or explanation for it,” said Norman Loeb, a physical scientist at NASA’s Langley Research Center, who led the new study. “It's always been something that we've observed, but we haven't really explained it fully.”
To study this mystery, Loeb and his colleagues analyzed 24 years of observations captured since 2000 by the Clouds and the Earth’s Radiant Energy System (CERES), a network of instruments placed on several NOAA and NASA satellites. Instead of an explanation for the strange symmetry, the results revealed an emerging asymmetry in hemispheric albedo; though both hemispheres are darkening, the Northern hemisphere shows more pronounced changes which challenges “the hypothesis that hemispheric symmetry in albedo is a fundamental property of Earth,” according to the study.
Loeb and his colleagues suggest that asymmetry is primarily driven by the effects of climate change, reductions in aerosol pollution, and natural disasters like volcanic eruptions and wildfires. Since snow and ice are highly reflective, the thinking goes, the melting of glaciers and ice sheets due to anthropogenic gas emissions is causing a reduction in albedo, especially in the Northern hemisphere.
Meanwhile, aerosols—which stimulate the formation of clouds—are causing uneven regional albedo changes. For example, the international effort to remove harmful commercial aerosols from the atmosphere has resulted in a drop in these substances over the Northern hemisphere, and therefore cloud cover, exacerbating the darkening effect. In the Southern hemisphere, aerosol-heavy clouds generated just over the past few years by disasters like the 2019-2020 Australian bushfires and the 2021 to 2022 Hunga Tonga volcanic eruption may have brightened the albedo relative to the Northern hemisphere.
“The amount of aerosols has been increasing in the Southern hemisphere, and they've been decreasing in the Northern hemisphere,” explained Loeb. “Since aerosols reflect solar radiation, that would give you this asymmetry where you're seeing darkening in the Northern hemisphere compared to the southern Hemisphere.”
“All of these pieces added together give you this trend,” he continued. “But what was mysterious to me was that the clouds weren't compensating. If this hemispheric symmetry is a fundamental property of the system, the clouds should be giving you more reflection in the Northern hemisphere to compensate for the non-cloud properties. And I don’t see that—at least, not yet.”
Loeb’s team was able to spot this trend thanks to the long-term observations collected by CERES, a program that dates back to the late 1990s. The program has monitored the evolution of albedo in high resolution over decades, enabling the scientists to spot the new divergence from the normal symmetry.
“CERES has really opened up a new avenue of research that we couldn't do before,” Loeb said. “We had some measurements of Earth's radiation budget, but we struggled to have the same level of quality of the data.”
“Right now it's wonderful because we have very precise measurements over 25 years from CERES,” he continued. “It’s a unique opportunity for us to study things like this symmetry in a new light.”
To that end, Loeb and his colleagues plan to continue monitoring the asymmetry with CERES and probing its possible causes with more sophisticated climate models. The researchers are watching for signs that the symmetry might reemerge in the future, or if asymmetry is perhaps the new normal.
The overall darkening of Earth’s albedo is already accelerating the effects of climate change, and an asymmetric hemispheric darkening could produce its own complex impacts, including disruptive shifts in precipitation.
It’s very difficult to tease out the individual components that merge to create such complicated dynamics (Loeb calls it “unscrambling the egg”). To make matters worse, NASA is facing major cuts from the Trump administration, especially to its Earth observation satellites. CERES is due for one more launch in 2027, but these instruments are getting “long in the tooth,” Loeb said, and another program will eventually have to take up the mantle. Until then, researchers across disciplines will puzzle over why Earth is anomalously darkening, and what it might mean if this asymmetry is here to stay.
“We'll keep measuring and keep studying it, and I think this study should open the avenue for others to look at it,” Loeb concluded.
🌘
Subscribe to 404 Media to get The Abstract, our newsletter about the most exciting and mind-boggling science news and studies of the week.
Breaking News Channel reshared this.
A hacking group called the Crimson Collective says it pulled data from private GitHub repositories connected to Red Hat's consulting business. Red Hat has confirmed it is investigating the compromise.
A hacking group called the Crimson Collective says it pulled data from private GitHub repositories connected to Red Hatx27;s consulting business. Red Hat has confirmed it is investigating the compromise.#News #Hacking
Red Hat Investigating Breach Impacting as Many as 28,000 Customers, Including the Navy and Congress
A hacking group claims to have pulled data from a GitLab instance connected to Red Hat’s consulting business, scooping up 570 GB of compressed data from 28,000 customers.The hack was first reported by BleepingComputer and has been confirmed by Red Hat itself. “Red Hat is aware of reports regarding a security incident related to our consulting business and we have initiated necessary remediation steps,” Stephanie Wonderlick, Red Hat’s VP of communications told 404 Media.
A file released by the hackers and viewed by 404 Media suggested that the hacking group may have acquired some data related to about 800 clients, including Vodafone, T-Mobile, the US Navy’s Naval Surface Warfare Center, the Federal Aviation Administration, Bank of America, AT&T, the U.S. House of Representatives, and Walmart.
“The security and integrity of our systems and the data entrusted to us are our highest priority,” she said. “At this time, we have no reason to believe the security issue impacts any of our other Red Hat services or products and are highly confident in the integrity of our software supply chain.”
playlist.megaphone.fm?p=TBIEA2…
Red Hat is an open source software company that provides Linux-based enterprise software to a vast number of companies. As part of its business, Red Hat sells consulting contracts to users to help maintain their IT infrastructure. A hacking group that calls itself the Crimson Collective claims it breached a Red Hat GitLab repository that contained information related to Red Hat’s consulting clients.“Since RedHat doesn't want to answer to us,” the hackers wrote in a channel on Telegram viewed by 404 Media, suggesting they have attempted to contact Red Hat. “Over 28000 repositories were exported, it includes all their customer's CERs [customer engagement reports] and analysis of their infra' [infrastructure] + their other dev's private repositories, this one will be fun,” the message added.. A CER is an internal document consultancy firms use to understand how its clients interact with their business. For an IT firm like Red Hat, this kind of document would contain a lot of information about a client's tech infrastructure including configuration data, network maps, and information about authentication tokens. A CER could help someone breach a network.
💡
Do you know anything else about this story? I would love to hear from you. Using a non-work device, you can message me securely on Signal at +1 347 762-9212 or send me an email at matthew@404media.co.“We have given them too much time already to answer lol instead of just starting a discussion they kept ignoring the emails,” the message added.In another message, the group said it had “gained access to some of their clients' infrastructure as well, already warned them but yeah they preferred ignoring us.”
404 Media viewed data related to the breach and attempted to contact some of the affected clients, including the US Navy’s Naval Surface Warfare Center in Panama City and T-Mobile, but did not hear back.
Joseph Cox contributed additional reporting to this article.
Correction: this piece has been updated to say that the breach impacted a Red Hat GitLab, not a GitHub.
Breaking News Channel reshared this.
Retorica da guerra e tensioni con i vertici militari. Il “Gran Rapporto” di Hegseth letto da Caruso
@Notizie dall'Italia e dal mondo
“L’era del Dipartimento della Difesa è finita. Benvenuti al Dipartimento della Guerra”, ha esordito Hegseth davanti a un’aula che, come ha poi scherzato Trump, era “il pubblico più silenzioso che abbia mai avuto”. Il Segretario non ha usato mezzi termini nell’accusare i presenti: “Per
aimee80
in reply to Max - Poliverso 🇪🇺🇮🇹 • •Max - Poliverso 🇪🇺🇮🇹 likes this.
Max - Poliverso 🇪🇺🇮🇹
in reply to aimee80 • •@aimee80
Uellà, ogni tanto ricompari 😁
aimee80
in reply to Max - Poliverso 🇪🇺🇮🇹 • •