In the days of 8-bit home computing, the more fancy machines had sound chips containing complete synthesizers, while budget machines made do with simple output ports connected to a speaker — if they had anything at all. [Normal User] appears to be chasing the later route, making PCM sound by abusing the serial port on a 6522 VIA chip.

A serial port is when you think about it, a special case of a one-bit output port. It’s designed for byte data communication but it can also carry a PCM data stream. We’ve seen this used with microcontrollers and peripherals such as the I2S port plenty of times here at Hackaday, to produce such things as NTSC video. The 1970s-spec equivalent might not be as fast as its modern equivalent, but it’s capable of delivering audio at some level. The machine in question is a Ben Eater breadboard 6502 with a World’s Worst Video Card, and as you can hear in the video below the break, it’s not doing a bad job for the era,

If you think this hack sounds a little familiar then in a sense you’re right, because Ben Eater himself made noises with a 6522. However it differs from that in that he used the on-board timers instead. After all, the “V” in “VIA” stands for “versatile”.

youtube.com/embed/0glEfLZCwmc?…

hackaday.com/2025/11/14/2025-c…

We always enjoy [History Guy]’s musing on all things history, but we especially like it when his historical stories intersect with technology. A good example was his recent video about a small secret group during the Second World War that deployed to the European Theater of Operations, carrying out secret missions. How is that technology related? The group was largely made of scientists. In particular, the team of nineteen consisted of a geographer and an engineer. Many of the others were either fluent in some language or had been through “spy” training at the secret Military Intelligence Training Center at Camp Ritchie, Maryland. Their mission: survey Europe.

We are spoiled and enjoy several different GPS systems that can pinpoint our position quickly and easily, but that’s a modern invention. In the old days, everything came down to a geodetic reference point, usually an iron rod or some form of marker with a well-known position. Using surveying equipment, you could position other locations by referring to the reference points.

You might think that the exact location of a city isn’t that important if you are invading it. But, as the [History Guy] points out, sending artillery over the horizon being off even a little bit can have disastrous consequences. Of course, other countries had good references, but they were often not made available for obvious reasons.

The Army sent out a call for “geodesists.” They found Floyd Huff, a Civil Engineer with the requisite experience. They made him a major, and he led a secret band through liberated areas right behind the front line. They carried about 1,800 pounds of cameras and a database of both what was known and locations like libraries and schools that might have enemy geodetic data.

It paid off. Between talking to captured soldiers, finding sympathetic academics, and finding bombed-out libraries, they were able to use their cameras to make microfilm to get better data to the front lines immediately. They even found the entire database from the German Army, but had to mount a significant operation to secure it before the Russians took over the city. They even captured high-tech equipment the Germans used to change aerial photographs into topological maps.

Some of the techniques these secret scientists developed have had far-reaching consequences on mapping. The video explains it, and, as usual, it is fun to watch and educational. If you prefer to read, you might enjoy this older article from The Smithsonian.

Like many secret agents, they aren’t well known because — well, you know — they work in secret. Huff is featured in the — we aren’t making this up — National Geospatial Intelligence Hall of Fame.

With modern tech, it is easy to forget what a technical accomplishment it is to know exactly where things are. Of course, GPS is supremely complicated, but not for us, its users.

youtube.com/embed/l6ciUozP2vI?…

hackaday.com/2025/11/14/wwii-s…

It’s a wet November evening across Western Europe, the steel-grey clouds have obscured a rare low-latitude aurora this week, and Elliot Williams is joined by Jenny List for this week’s podcast. And we’ve got a fine selection for your listening pleasure!

The 2025 Component Abuse Challenge has come to an end, so this week you’ll be hearing about a few of the entries. We’ve received an impressive number, and as always we’re bowled over by the ingenuity of Hackaday readers in pushing parts beyond their limits.

In the news is the potential discovery of a lost UNIX version in a dusty store room at the University of Utah, Version 4 of the OS, which appeared in 1973. Check out your own stores, for hidden nuggets of gold. In the hacks, we have two cameras at the opposite end of the resolution spectrum, but sharing some impressive reverse engineering. Mouse cameras and scanner cameras were both a thing a couple of decades ago, and it’s great to see people still pushing the boundaries. Then we look at the challenge of encoding Chinese text as Morse code, an online-upgraded multimeter, the art of making lenses for an LED lighting effect, and what must be the best recreation of a Star Wars light sabre we have ever seen. In quick hacks we have a bevvy of Component Abuse Challenge projects, a Minecraft server on a smart light bulb, and a long term test of smartphone battery charging techniques.

We round off with a couple of our long-form pieces, first the uncertainties about iRobot’s future and what it might mean for their ecosystem — think: cheap hackable robotics platform! — and then a look at FreeBSD as an alternative upgrade path for Windows users. It’s a path not without challenges, but the venerable OS still has plenty to give.

As always, you can listen using the links below, and we’ve laidout links to all the articles under discussion at the bottom of the page.

html5-player.libsyn.com/embed/…

Download our finest MP3 right here.

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

• iTunes
• Spotify
• Stitcher
• RSS
• YouTube
• Check out our Libsyn landing page

Episode 345 Show Notes:

News:

• Component Abuse Challenge
• Have They Found A Complete UNIX V4?

What’s that Sound?

• Think you know what the sound is? Put your metaphorical two cents in here.

Interesting Hacks of the Week:

• Camera Capabilities Unlocked From A Mouse
  
  • Optical Mouse Based Scanner
  • DIY Optical Sensor Breakout Board Makes DIY Optical Mouse

  
  

• Medium Format, 3 GigaPixel Camera Puts It All On The Line (Sensor)
• Morse Code For China
  
  • UTF-8 Is Beautiful
  • UTF-8 – “The Most Elegant Hack”
  • Reproduced And Recovered: The First Chinese Keyboard-based MingKwai Typewriter

  
  

• Screen-Accurate Lightsaber As A Practical Effect
• Cheap Multimeter Gets Webified
• An LED Projector As A Lighting Effect

Quick Hacks:

• Elliot’s Picks:
  
  • RP2040 From Scratch: Roll Your Own Dev Board Magic
  • Running A Minecraft Server On A WiFi Light Bulb
  • Nest Thermostat: Now 100% Less Evil
  • Testing Whether Fast Charging Kills Smartphone Batteries, And Other Myths

  
  

• Jenny’s Picks:
  
  • 2025 Component Abuse Challenge: Dawg Gone LED Tester
  • 2025 Component Abuse Challenge: Glowing Neon From A 9 V Relay
  • 2025 Component Abuse Challenge: The Slip Ring In Your Parts Bin
  • Have A Slice Of Bumble Berry Pi

  
  

Can’t Miss Articles:

• If IRobot Falls, Hackers Are Ready To Wrangle Roombas
• Moving From Windows To FreeBSD As The Linux Chaos Alternative

hackaday.com/2025/11/14/hackad…

Molti di noi sono cresciuti con Hiroshi Shiba, di Jeeg robot d’acciaio che parlava con il defunto padre, il Professor Senjiro Shiba, scienziato e archeologo all’interno di un grande elaboratore.

In un futuro distopico – ma molto vicino – le persone defunte potranno parlare con i defunti, che saranno archiviate e indicizzate in un grande “archivio delle anime*, come una grande Wayback machine, ma per i defunti.

Lo scandalo dei “fantasmi” digitali è divampato di nuovo. Nel 2020, Kanye West regalò a Kim Kardashian un ologramma del suo defunto padre, Rob Kardashian, per il suo compleanno: all’epoca, questo gesto sembrò un regalo futuristico riservato solo alle celebrità.

Ora, diversi anni dopo, il mondo dell’intelligenza artificiale si sta muovendo con sicurezza verso un futuro in cui queste cose saranno accettate come parte della vita quotidiana.

La startup di Los Angeles 2Wai ha scatenato un’ondata di polemiche dopo aver lanciato un’app che permette agli utenti di creare avatar digitali interattivi di parenti defunti. L’azienda ha fatto subito notizia: il co-fondatore Calum Worthy ha pubblicato un video che è diventato virale sui social media nel giro di poche ore.

In questo video, una donna incinta parla al telefono con un’incarnazione artificiale della sua defunta madre. La scena fa poi un salto in avanti di dieci mesi: la “nonna” digitale legge una favola della buonanotte al bambino. Qualche anno dopo, il bambino, ormai scolaretto, discute con lei della strada per tornare a casa. La scena finale mostra un uomo adulto che informa la sua parente virtuale che diventerà bisnonna.

Sullo schermo appare lo slogan: “Con 2Wai, tre minuti possono durare per sempre”. Worthy, nei commenti, ha affermato che la sua azienda sta creando un “archivio vivente dell’umanità”, un social network basato sugli avatar. Ha anche formulato la principale domanda retorica del progetto: “E se le persone che abbiamo perso potessero far parte del nostro futuro?”

L’app è ora disponibile sull’App Store. Permette agli utenti di creare un cosiddetto HoloAvatar, un sosia digitale che, secondo gli sviluppatori, “ti assomiglia e parla come te, e condivide i tuoi ricordi“. Worthy ha incoraggiato gli utenti a provare la versione beta e ha sottolineato che una versione per Android sarà disponibile in seguito.

Gli utenti dei social media hanno immediatamente tracciato un parallelo con l’episodio “Return to Me” di Black Mirror, in cui una donna crea una copia IA del suo partner defunto e perde gradualmente il contatto con la realtà. Molti commentatori hanno definito il video di 2Wai un “incubo a occhi aperti“, una “tecnologia demoniaca” e hanno persino chiesto che tale tecnologia venisse “distrutta“.

La scena in cui un bambino instaura un legame emotivo con una versione digitale della nonna ha causato particolare tensione, sollevando preoccupazioni sul fatto che tali servizi possano distorcere la memoria, il dolore e il concetto stesso di relazioni familiari.

I sostenitori del progetto, al contrario, lo vedono come un modo per preservare la voce , il modo di parlare e le storie personali dei membri della famiglia per i decenni a venire. Vedono la tecnologia come un’opportunità per tramandare i ricordi di generazione in generazione.

Ma per ora, il dibattito rimane estremamente polarizzato. Alcuni credono che tali servizi inaugureranno una nuova forma di memoria digitale. Altri ritengono che questi deepfake rischino di offuscare il confine tra memoria e simulazione, oltre ad avere un impatto negativo sulla salute mentale degli individui.

Come dimostra la reazione al video, la società non ha ancora deciso dove tracciare il confine tra eredità digitale e interferenza con i sentimenti umani. Ma una cosa è chiara: l’intelligenza artificiale sta sempre più invadendo la sfera intima e tali strumenti solleveranno inevitabilmente nuove questioni psicologiche ed etiche per la società.

L'articolo La Wayback Machine “delle anime” sta per arrivare. E anche le polemiche proviene da Red Hot Cyber.

Let’s talk about LANDFALL. That was an Android spyware campaign specifically targeted at Samsung devices. The discovery story is interesting, and possibly an important clue to understanding this particular bit of commercial malware. Earlier this year Apple’s iOS was patched for a flaw in the handling of DNG (Digital NeGative) images, and WhatsApp issued an advisory with a second iOS vulnerability, that together may have been used in attacks in the wild.

Researchers at Unit 42 went looking for real-world examples of this iOS threat campaign, and instead found DNG images that exploited a similar-yet-distinct vulnerability in a Samsung image handling library. These images had a zip file appended to the end of these malicious DNG files. The attack seems to be launched via WhatsApp messaging, just like the iOS attack. That .zip contains a pair of .so shared object files, that are loaded to manipulate the system’s SELinux protections and install the long term spyware payload.

The earliest known sample of this spyware dates to July of 2024, and Samsung patched the DNG handling vulnerability in April 2025. Apple patched the similar DNG problem in August of 2025. The timing and similarities do suggest that these two spyware campaigns may have been related. Unit 42 has a brief accounting of the known threat actors that could have been behind LANDFALL, and concludes that there just isn’t enough solid evidence to make a determination.

Not as Bad as it Looks

Watchtowr is back with a couple more of their unique vulnerability write-ups. The first is a real tease, as they found a way to leak a healthy chunk of memory from Citrix NetScaler machines. The catch is that the memory leak is a part of an error message, complaining that user authentication is disabled. This configuration is already not appropriate for deployment, and the memory leak wasn’t assigned a CVE.

There was a second issue in the NetScaler system, an open redirect in the login system. This is where an attacker can craft a malicious link that points to a trusted NetScaler machine, and if a user follows the link, the NetScaler will redirect the user to a location specified in the malicious link. It’s not a high severity vulnerability, but still got a CVE and a fix.

Worse than it Looks

And then there’s the other WatchTowr write-up, on Monsta FTP. Here, old vulnerabilities continue to work in versions released after the fix. The worst one here is an unauthenticated RCE (Remote Code Execution) that can be pulled off by asking the server nicely to connect to a remote SFTP server and download a file. In this case, the specified path for saving that file isn’t validated, and can be written anywhere to the Monsta FTP filesystem. Instant webshell. This time it did get fixed, within a couple weeks of WatchTowr sending in the vulnerability disclosure.

Imunify AV

Antivirus software Imunify just fixed an issue that threatened a few million servers. Imunify is an antivirus product that scans for malicious code. It sounds great. The problem is that it worked to deobfuscate PHP code, by calling an executeWrapper helper function. The short explanation is that this approach wasn’t as safe as had been hoped, and this deobfuscation step can be manipulated into running malicious code itself. Whoops.

Patchstack reported on this issue, and indicated that it had been publicly known since November 4th. Patches have since been issued, and a simple message has been published that a critical security vulnerability has been fixed. There is a PoC (Proof of Concept) for this vulnerability, that would be trivial to develop into a full webshell. The only challenge is actually getting the file on a server to be scanned. Either way, if your servers run Imunify, be sure to update!

IndonesianFoods

There’s another NPM worm on the loose, and this one has quietly been around for a couple years. This one is a bit different, and the “malicious” packages aren’t doing anything malicious, at least not by default.

[Paul McCarty] first spotted this campaign, and gave it the name “IndonesianFoods”, inspired by the unique names the fake packages were using. It appears that a handful of malicious accounts have spent time running a script that generates these fake packages with unique names, and uploads them to NPM. Downloading one of these packages doesn’t run the script on the victim machine, and in fact doesn’t seem to do anything malicious. So what’s the point?

Endor Labs picked up this thread and continued to pull. The point seems to be TEA theft. That’s the Blockchain tech that’s intended to reward Open Source project and contributions. It’s yet another abuse of NPM, which has had a rough year.

Rusty Sudo

Canonical made a bold decision with Ubuntu 25.04, shipping the uutils Rust rewrite of coreutils and sudo-rs. That decision was controversial, and has proven to be a cause of a few issues. Most recently, the sudo-rs utility has made news due to security vulnerabilities. We know the details on a few of the issues fixed in this update of those, CVE-2025-64170. It’s a quirk when a user types a password into the prompt, but never presses return. The prompt times out, and the typed characters are echoed back to the terminal.

Another issue doesn’t have a CVE assigned yet, but is available as a GitHub Security Advisory, and the patch is published. This one has the potential to be an authentication bypass. Sudo has the feature that tracks how long it has been since the user has last authenticated. The flaw was that this state was leaking between different users, allowing a login by one user to count as a login for other users, allowing that password skip.

Bits and Bytes

And finally, there’s a bit of good news, even if it is temporary. Google has taken action against one of the larger SMS scam providers. The group operates under the name Lighthouse, and seems to use normal cloud infrastructure to run the scams, simply flying under the radar for now. Google has combined legal action with technical, and with any luck, law enforcement can join in on the fun.

hackaday.com/2025/11/14/this-w…

Europe stands at perhaps the most difficult crossroads of recent times, a tough call to make between social welfare and stabilizing fiscal balance. On 4 November 2025, the IMF issued a warning, citing the deep fiscal troubles the EU is facing and how the situation is likely to worsen if immediate and more decisive steps are not taken. The rising debt levels, which could double to 140% by 2040, as suggested by the IMF, pose an imminent threat to disturbing the existing fragile balance between revenue and expenditure. Funding various social schemes, including pensions, unemployment benefits, healthcare, and education, has long been a mainstay of government policies across the EU. Now, the IMF calls for a re-evaluation of those spending policies. The message is clear: harsh measures are crucial now to have a better future. Across Europe, governments have already joined the austerity drive. For the last 18 months, the EU has been experimenting with various ideas as part of a strict fiscal policy aimed at restoring the budgetary balance. Below is a list of measures adopted across the EU countries:

• Raising the statutory retirement age.
• Freezing or delaying pension indexation.
• Limiting the duration of unemployment benefits.
• Reducing public-sector wage growth or hiring.
• Cutting healthcare and education budgets.
• Phasing out early-retirement schemes.
• Increasing consumption or environmental taxes.
• Reducing energy or transport subsidies.
• Capping family and housing support payments.
• Restricting public investment spending.

These measures have either been implemented/approved, or are currently under parliamentary debate. As policymakers adjust the policy machinery to cope with an impending economic peril, implementations are faced with a formidable opposition from the affected groups. In fact, over the last two months, a wave of rising resentment has been evident. Belgium, France, Germany, Italy, and more have all witnessed nationwide strikes, and many more are likely to follow.

Although cutting public spending might seem like a straightforward solution to rectify the current fiscal imbalance from the government’s perspective, the situation is not entirely linear. Cutting public funding, such as pensions, social benefits, or unemployment funds, reduces the disposable income of the impacted groups. Low disposable income means lower consumer demand. With demand spiraling downward, supply needs to be downsized as well, following a fundamental economic principle that matches market demand. As a result, businesses respond with layoffs, further reducing tax revenues and pushing up unemployment levels. In short, economies can face a self-perpetuating cycle that widens inequality and, even worse, triggers an economic recession (something the world witnessed in the 1930s – The Great Depression).

Furthermore, a reduction in expenditure on human infrastructure, whether in health or education, has a long-term negative impact on the economy. The immediate effect could be a robust balance sheet and good fiscal ratios. In the longer run, it weakens the foundation for sustainable growth, something which the EU stands for and identifies with. Decline in human capital, lack of innovation and global competitiveness, brain drain, social inequality, and other issues are a few notable consequences. Excessively rigid austerity measures, in a way, can undermine growth and social cohesion.

The IMF’s warning, therefore, should not be examined in a single dimension. Instead of treating it as a call to cut, it can be perceived as an invitation to rethink how Europe balances its books while safeguarding its people.

The solution lies in achieving a balance:

According to Friedrich Ebert Stiftung’s “Alternative to Austerity”, if fiscal strategies are growth-oriented, rather than simply focusing on cutting expenditure, a balance can be reinstated without impacting the welfare. Budgetary discipline will have to be achieved through the use of a balanced mix of responsible budgeting and investing public funds wisely. Pumping investments into areas such as infrastructure, education, and green technology can help countries build strong and sustainable economies, as well as secure their futures. These investments can help create more jobs, improve skills, and support long-term growth. It also calls for a fairer tax system where the wealthy and large companies contribute more, reducing the pressure on working families.

The problem the EU is facing at this moment goes beyond the budget. The challenge is about protecting fairness and dignity. Financial discipline should always go hand-in-hand with social justice.

The goal should not be to weaken the social support systems people depend on, but to strengthen and make them more sustainable, so that growth and fairness work together, rather than against each other.

Reference Links:

politico.eu/article/police-cla… | archive.ph/pYghC

euronews.com/2025/09/24/french… | archive.ph/JetNb

berlintoday.com/public-sector-… | archive.ph/8ZdCM

european-pirateparty.eu/are-eu…

Per la soggettazione del fascicolo n. 3-2025 della Bibliografia Nazionale Italiana, serie Monografie, abbiamo introdotto nel Thesaurus del Nuovo soggettario i seguenti nuovi termini di soggetto:

• Arte camerunese IT 2025-2594
• Cinema polacco IT 2025-2732
• Detriti spaziali IT 2025-2448
• Diorami IT 2025-2659
• Educazione finanziaria IT 2025-2279
• Gnatologia IT 2025-2535
• Reti bayesiane IT 2025-2542
• Tarì IT 2025-2281

Per i fascicoli precedenti rimandiamo alla pagina BNI dedicata.

L'articolo BNI notizie 3-2025 proviene da Biblioteca nazionale centrale di Firenze.

Il Thesaurus Nuovo soggettario è un patrimonio lessicale in continua evoluzione, che si arricchisce di collegamenti, collaborazioni e nuove versioni linguistiche.

Le principali novità:

• Interoperabilità: nell’ottica del Web semantico, cresce ulteriormente il numero di link che connettono i termini del Thesaurus Nuovo soggettario agli equivalenti in inglese, francese, tedesco e spagnolo, facilitando i collegamenti con analoghi strumenti di indicizzazione semantica e cataloghi di altre biblioteche nazionali.
• Collaborazioni sempre più solide con il mondo GLAM (Galleries, Libraries, Archives, Museums): prosegue la condivisione e la riconciliazione reciproca delle entità con le risorse di archivi e musei. In particolare:
  
  • l’Art & Architecture Thesaurus del Getty Research Institute mappa i propri termini con quelli del Thesaurus Nuovo soggettario;
  • il Thesaurus Nuovo soggettario diventa il cuore del progetto Collezioni di immagini e strumenti condivisi fra musei, archivi e biblioteche, promosso da DicoLab – Cultura digitale, per esplorare in modo integrato e intuitivo le collezioni del Museo Galileo.

  
  

• Cresce il dialogo con Wikimedia Italia: sono 13.454 i link dei termini del Thesaurus con i corrispondenti item di Wikidata; inoltre, la voce Wikipedia dedicata al Nuovo soggettario è ora tradotta in sette lingue (coreano, russo, indonesiano, tedesco, inglese, spagnolo e francese).
• Online in inglese: tutte le pagine del sito web del Nuovo soggettario sono state tradotte in inglese per una consultazione più accessibile a livello globale.

L'articolo Nuovo soggettario – Notizie – novembre 2025 proviene da Biblioteca nazionale centrale di Firenze.

ATTENZIONE: Una nuova proposta di compromesso profondamente imperfetta (Doc. 14092/25 ) è stata frettolosamente approvata da un gruppo di lavoro dell’UE il 12 novembre 2025, dovrà essere approvata dagli ambasciatori dell’UE a breve (19 novembre?) e poi adottata dal Consiglio senza dibattito. Sebbene la Presidenza del Consiglio avesse promesso di abolire il controllo obbligatorio delle chat…

Source

The Black Response and Impact Boston will present The Criminalization of Self-Defense, a community education event on Thursday, November 20, from 6:00 to 8:30 PM at The Community Art Center in Cambridge, MA. We are proud to be one of the sponsors of it. Please register in advance.

It is a free and public gathering that will explore how self-defense is criminalized, particularly for Black, Brown, and marginalized survivors, and how communities can reclaim safety through resistance, advocacy, and care.

Featured Speakers will be:

• Prof. Alisa Bierria – Survived and Punished / UCLA
• Meg Stone – Impact Boston
• Kishana Smith-Osei – Massachusetts Women of Color Network
• Lea Kayali – Palestinian Youth Movement Boston

The Community Art Center is at 119 Windsor Street, Cambridge. It is a nine minute walk from Central Square and the MBTA Red Line stop there.

FREE food and childcare will be provided. TBR will collect food donations for the network of free CommunityFridges. Please bring nonperishable food items to contribute. More details are available.

masspirates.org/blog/2025/11/1…