The holidays are rapidly approaching, and you probably already have a topic or two to argue with your family about. But what about with your hacker friends? We came upon an old favorite the other day: whether it “counts” as retrocomputing if you’re running a simulated version of the system or if it “needs” to run on old iron.

This lovely C64esque laptop sparked the controversy. It’s an absolute looker, with a custom keyboard and a retro-reimagining-period-correct flaptop design, but the beauty is only skin deep: the guts are a Raspberry Pi 5 running VICE. An emulator! Horrors!

We’ll admit to being entirely torn. There’s something about the old computers that’s very nice to lay hands on, and we just don’t get the same feels from an emulator running on our desktop. But a physical reproduction like with many of the modern C64 recreations, or [Oscar Vermeulen]’s PiDP-8/I really floats our boat in a way that an in-the-browser emulation experience simply doesn’t.

Another example was the Voja 4, the Supercon 2022 badge based on a CPU that never existed. It’s not literally retro, because [Voja Antonics] designed it during the COVID quarantines, so there’s no “old iron” at all. Worse, it’s emulated; the whole thing exists as a virtual machine inside the onboard PIC.

But we’d argue that this badge brought more people something very much like the authentic PDP-8 experience, or whatever. We saw people teaching themselves to do something functional in an imaginary 4-bit machine language over a weekend, and we know folks who’ve kept at it in the intervening years. Part of the appeal was that it reflected nearly everything about the machine state in myriad blinking lights. Or rather, it reflected the VM running on the PIC, because remember, it’s all just a trick.

So we’ll fittingly close this newsletter with a holiday message of peace to the two retrocomputing camps: Maybe you’re both right. Maybe the physical device and its human interfaces do matter – emulation sucks – but maybe it’s not entirely relevant what’s on the inside of the box if the outside is convincing enough. After all, if we hadn’t done [Kevin Noki] dirty by showing the insides of his C64 laptop, maybe nobody would ever have known.

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

hackaday.com/2025/12/20/retroc…

Riesba NC-559-ASM flux being applied. (Credit: Bits und Bolts, YouTube)
Flux is one of those things that you cannot really use too much of during soldering, as it is essential for cleaning the surface and keeping oxygen out, but as [Bits und Bolts] recently found, not all flux is made the same. After ordering the same fake Amtech flux from the same AliExpress store, he found that the latest batch didn’t work quite the same, resulting in a Geforce 2 GTS chip getting cooked while trying to reball the chip with uncooperative flux.

Although it’s easy to put this down to a ‘skill issue’, the subsequent test of eight different flux pastes ordered from both AliExpress and Amazon, including — presumably genuine — Mechanic flux pastes with reballing a section of a BGA chip, showed quite different flux characteristics, as you can see in the video below. Although all of these are fairly tacky flux pastes, with some, the solder balls snapped easily into place and gained a nice sheen afterwards, while others formed bridges and left a pockmarked surface that’s indicative of oxygen getting past the flux barrier.

Not all flux pastes are made the same, which also translates into how easy the flux remnants are to clean up. So-called ‘no clean’ flux pastes are popular, which take little more than some IPA to do the cleaning, rather than specialized PCB cleaners as with the used Mechanic flux. Although the results of these findings are up for debate, it can probably be said that ordering clearly faked brand flux paste is a terrible idea. While the top runner brand Riesba probably doesn’t ring any bells, it might be just a Chinese brand name that doesn’t have a Western presence.

As always, caveat emptor, and be sure to read those product datasheets. If your flux product doesn’t come with a datasheet, that would be your first major red flag. Why do we need flux? Find out.

youtube.com/embed/uAqofdpe744?…

hackaday.com/2025/12/20/testin…

Quando si pensa ad Amazon, viene subito in mente il colosso dell’e-commerce e della tecnologia, ma anche un’impresa che sta combattendo una battaglia silenziosa contro i cyber-attacchi.

Ultimamente, Amazon ha alzato il velo su una questione piuttosto spinosa: gli hacker nordcoreani stanno usando le cosiddette “fattorie di laptop” in Arizona per infiltrarsi nelle aziende statunitensi. È una storia che ha dell’incredibile, ma purtroppo è vera.

Questi “cyber-criminali” si travestono da candidati lavoro, si assicurano posizioni remote e poi rubano dati sensibili per estorcere soldi. Amazon ha rivelato che da aprile 2024 ha bloccato oltre 1.800 tentativi di hacking, e la cifra è in rapido aumento; evidentemente il problema è più grande di quanto si immaginasse. Questa è una questione che richiede attenzione, e Amazon sta facendo la sua parte per arginare il fenomeno. È arrivato il momento di parlare di cybersecurity.

L’azienda stima che, trimestre dopo trimestre, i tentativi di penetrare nei sistemi di Amazon da parte di questi attori siano aumentati del 27%. Il tipico schema inizia con il pagamento di residenti negli Stati Uniti per gestire quelle che sembrano innocue attività secondarie: l’acquisto e la manutenzione di un gran numero di computer portatili connessi alle reti nazionali.

Dopo essere stati creati, questi computer finiscono per supportare dei curriculum fasulli, studiati ad hoc per sembrare professionali e attendibili, in modo che gli hacker possano proporsi come candidati per posizioni lavorative da remoto in grosse aziende tech. Una volta che sono stati assunti, si ritrovano ad avere carta bianca, senza che nessuno gli cada alle calcagna.

Solo nel 2025, gli hacker nordcoreani hanno utilizzato questo metodo per attaccare diverse aziende e piattaforme di criptovalute, causando perdite sostanziali. Sebbene gli attacchi al settore delle criptovalute siano principalmente mirati al furto di fondi, Amazon ritiene che i tentativi di infiltrazione contro la propria organizzazione siano stati probabilmente motivati dalla ricerca di dati interni sensibili.

In effetti, l’azienda ha confermato che alcuni aggressori sono riusciti a entrare in Amazon utilizzando credenziali contraffatte. All’inizio del 2025, il monitoraggio comportamentale sul laptop di un amministratore di sistema appena assunto ha attivato degli avvisi, innescando un’indagine di sicurezza interna .

I ricercatori, a seguito di un’analisi dettagliata, hanno riscontrato che i computer portatili dei lavoratori a distanza erano soggetti a controlli remoti, con una conseguente latenza dei tempi di battitura estremamente alta. Normalmente, le pause tra le battiture sui laptop collegati direttamente alle reti degli Stati Uniti sono di solito poche decine di millisecondi. Tuttavia, in questo caso specifico, la latenza ha raggiunto un valore di 110 millisecondi. Nonostante si sia trattato di un episodio isolato, esso ha messo in luce che spesso è possibile individuare tracce di tale attività.

Amazon ha inoltre condiviso ulteriori indicatori che monitora. Durante le interazioni, gli hacker spesso si tradiscono attraverso sottili errori linguistici – difficoltà nell’uso naturale di espressioni idiomatiche americane o incongruenze nell’inglese scritto – che riflettono il fatto che l’inglese non è la loro lingua madre. Questi segnali sono tra i segnali che Amazon considera prioritari nei suoi sforzi difensivi.

In precedenza, l’FBI (Federal Bureau of Investigation) degli Stati Uniti aveva smantellato diverse fabbriche di computer portatili che facilitavano le operazioni informatiche nordcoreane. Queste strutture ospitavano computer per l’uso remoto da parte di hacker, e i loro operatori erano stati successivamente condannati per il loro ruolo nelle attività illecite.

L'articolo Amazon contro gli hacker nordcoreani: sventati oltre 1800 attacchi proviene da Red Hot Cyber.

Un nuovo e formidabile nemico è emerso nel panorama delle minacce informatiche: Kimwolf, una temibile botnet DDoS, sta avendo un impatto devastante sui dispositivi a livello mondiale. Le conseguenze di questa minaccia possono essere estremamente gravi e la sua portata è in costante aumento.

Per capire la reale entità di questo problema, è essenziale considerare che Kimwolf è una rete di dispositivi contaminati da malware, i quali possono essere controllati a distanza dagli aggressori. L’obiettivo principale di Kimwolf è quello di condurre attacchi DDoS, mirati a sovraccaricare e rendere inaccessibili sistemi o reti.

Secondo l’azienda cinese QiAnXin, Kimwolf è riuscita a compromettere almeno 1,8 milioni di dispositivi eterogenei, tra cui smart TV, decoder e tablet basati su Android. Questo numero è davvero impressionante e la varietà dei dispositivi colpiti rende la situazione ancora più preoccupante.

In definitiva, Kimwolf incarna un problema che non può essere ignorato. La sua capacità di propagarsi velocemente su dispositivi diversi e di effettuare attacchi DDoS. Considerando il numero elevato di dispositivi già coinvolti, Kimwolf rappresenta una minaccia significativa che richiede attenzione e azione.

Kimwolf è compilato utilizzando il Native Development Kit (NDK) e va oltre le funzionalità DDoS convenzionali. Oltre a lanciare attacchi denial-of-service su larga scala, integra funzionalità di proxy forwarding, reverse shell access e gestione dei file. Di conseguenza, gli aggressori possono non solo arruolare dispositivi come bot, ma anche sfruttarli per operazioni offensive più ampie.

Secondo le stime di QiAnXin, la botnet ha generato un totale di 1,7 miliardi di attacchi DDoS tra il 19 e il 22 novembre 2025. A causa dell’elevato volume di attività, il suo dominio di comando e controllo, 14emeliaterracewestroxburyma02132[.]su, si è posizionato al vertice della classifica DNS di Cloudflare.

I bersagli principali di questa botnet sono modelli come TV BOX, SuperBOX, HiDPTAndroid, P200, X96Q, XBOX, SmartTB, MX10 e vari altri. Sono state osservate infezioni in tutto il mondo, con concentrazioni particolarmente elevate in Brasile, India, Stati Uniti, Argentina, Sudafrica e Filippine. QiAnXin non ha ancora determinato come il malware iniziale sia stato distribuito a questi dispositivi.

In particolare, i domini di comando e controllo di Kimwolf sono stati disattivati con successo almeno tre volte a dicembre da soggetti non identificati, probabilmente attori rivali o ricercatori di sicurezza indipendenti . Questa interruzione ha costretto gli operatori della botnet a cambiare strategia e ad adottare l’Ethereum Name Service (ENS) per rafforzare la propria infrastruttura contro ulteriori rimozioni.

La botnet Kimwolf è anche collegata alla famigerata botnet AISURU. Gli investigatori hanno scoperto che gli aggressori hanno riutilizzato il codice di AISURU durante le prime fasi di sviluppo, prima di creare Kimwolf come successore più evasivo. QiAnXin sospetta che alcune campagne DDoS precedentemente attribuite ad AISURU possano aver coinvolto Kimwolf, o addirittura essere state orchestrate principalmente da quest’ultimo.

Si consiglia agli utenti di smart TV e decoder Android di verificare se i propri dispositivi utilizzano ancora le password predefinite e, in tal caso, di modificarle immediatamente. Se viene rilevato un comportamento anomalo, potrebbe essere necessario un ripristino completo del dispositivo.

Gli aggiornamenti del firmware o del sistema dovrebbero essere applicati tempestivamente non appena disponibili. Tuttavia, molti di questi dispositivi ricevono scarso o nessun supporto per gli aggiornamenti dopo il rilascio, rendendo difficile la correzione a lungo termine anche quando vengono identificate vulnerabilità .

L'articolo Kimwolf, la botnet che ha trasformato smart TV e decoder in un’arma globale proviene da Red Hot Cyber.

Back in the early days of Linux, there were multiple floppy disk distributions. They made handy rescue or tinkering environments, and they packed in a surprising amount of useful stuff. But a version 1.x kernel was not large in today’s context, so how does a floppy Linux fare in 2025? [Action Retro] is here to find out.

Following a guide from GitHub in the video below the break, he’s able to get a modern version 6.14 kernel compiled with minimal options, as well as just enough BusyBox to be useful. It boots on a gloriously minimalist 486 setup, and he spends a while trying to refine and add to it, but it’s evident from the errors he finds along the way that managing dependencies in such a small space is challenging. Even the floppy itself is problematic, as both the drive and the media are now long in the tooth; it takes him a while to find one that works. He promises us more in a future episode, but it’s clear this is more of an exercise in pushing the envelope than it is in making a useful distro. Floppy Linux was fun back in 1997, but we can tell it’s more of a curiosity in 2025.

Linux on a floppy has made it to these pages every few years during most of Hackaday’s existence, but perhaps instead of pointing you in that direction, it’s time to toss a wreath into the sea of abandonware with a reminder that the floppy drivers in Linux are now orphaned.

youtube.com/embed/SiHZbnFrHOY?…

hackaday.com/2025/12/20/linux-…

FOR IMMEDIATE RELEASE:

New York, Dec. 18, 2025 — Photojournalist Dave Decker was arrested in November while documenting a protest in Miami, Florida. A coalition of 23 press organizations spoke out against the charges — and this week the prosecutor agreed.

The following statement can be attributed to Adam Rose, deputy director of advocacy for Freedom of the Press Foundation (FPF):

“Journalists have a distinct role at protests. They are not participants, merely observers. A broad local and national coalition said this in unison, and we were glad to see all charges dropped against Dave Decker. Hats off to his attorneys, lawyers for the Florida State Attorney’s Office and the Miami-Dade Sheriff’s Office, and all the community groups who rallied to his side.

“At the same time, that’s a lot of people who had to work on something entirely preventable. I hope law enforcement officers take this to heart: Swearing an oath to protect the community means protecting everyone — including press. This is an opportunity for agencies like the sheriff’s office and Florida Highway Patrol to take proactive steps and review training approaches. Freedom of the Press Foundation is happy to help.

“And of course, it would be nice to see an apology to Dave and an offer to fix any of his equipment they damaged.”

Read the coalition’s letter:

freedom.press/static/pdf.js/we…

Please contact us if you would like further comment.

freedom.press/issues/florida-p…

Dear Friend of Press Freedom,

Rümeysa Öztürk has been facing deportation for 268 days for co-writing an op-ed the government didn’t like, and journalist Ya’akub Vijandre remains locked up by Immigration and Customs Enforcement over social media posts about issues he reported on.

Join us today and Dec. 21 in New York City for two special screenings of the Oscar-shortlisted film “Cover-Up” by Laura Poitras — an FPF founding board member — and Mark Obenhaus.

Read on for more on what we’re working on this week. We’ll be back in the new year.

Covering protests is a dangerous job for journalists

As of Dec. 15, the U.S. Press Freedom Tracker has documented 32 detainments or charges against journalists in the U.S. — 28 of those at immigration-related protests — according to a new report released by the Freedom of Press Foundation (FPF) project this week.

The report notes how, unlike most years, the majority of journalists were released without charges or had them soon dropped, with law enforcement instead focusing on deterring news gathering rather than pursuing charges.

• Read the report

Stop the deportation of Heng Guan

Use our action center to tell lawmakers to stop the Trump administration from deporting Heng Guan, who helped journalists expose the horrors of Uyghur prison camps in Xinjiang, China. He’s exactly the kind of person asylum laws are intended to protect.

The next hearing in Guan’s case is Jan. 12. He could be sent to Uganda, placing him at risk of being shipped back to China, where, according to his mother, he’d likely be killed.

• Write a letter to Congress

Sign Up. Take Action.

Join our email list to stay up to date on the issues and learn how you can help protect journalists and sources everywhere.

Full Name Email Address Subscribe See all newsletters Go to mailing list subscription page
Thanks for signing up for our newsletter. You are not yet subscribed! Please check your email for a message asking you to confirm your subscription.

The FCC’s declaration of dependence

Federal Communications Commission Chair Brendan Carr admitted at a Senate hearing on Wednesday that there had been a political “sea change” and he no longer viewed the FCC as an independent agency.

FPF Director of Advocacy Seth Stern wrote for The Guardian that Carr’s admission proves the danger of letting a self-proclaimed partisan weaponize the FCC’s public interest standard to grant himself amorphous censorship powers. “Carr avoids ever articulating his vision of public-interest news, forcing anyone seeking to avoid his ire to play ‘Whac-A-Mole.’ … The only discernible rule of Carr’s FCC is ’don’t piss off Trump’.”

• Read the op-ed here

Trump’s BBC lawsuit is nonsense, like his others

President Donald Trump on Monday followed through on his threats to sue the BBC over its editing of his remarks on Jan. 6, 2021, for a documentary.

“If any ordinary person filed as many frivolous multibillion-dollar lawsuits as Donald Trump, they’d be sanctioned and placed on a restricted filers list,” FPF said in a statement, noting that Trump has demanded a total of $65 billion in damages from media outlets since taking office.

• Read the statement

Under First Amendment, Diddy ‘can’t stop, won’t stop’ Netflix documentary

Sean “Diddy” Combs is threatening to sue Netflix for airing a docuseries that is, to say the least, unflattering to him. The disgraced music mogul’s cease-and-desist letter claims the series, “Sean Combs: The Reckoning,” uses “stolen footage.”

Stern wrote for Rolling Stone about why Diddy’s threatened lawsuit would be a non-starter: the right to publish content that sources obtain illegally is well established. But a series of recent cases nonetheless puts that right under unprecedented attack.

• Read the article

Body camera footage is for the public

The town of Hamburg, New York, claims its police body camera footage is copyrighted despite being a public record. It’s telling people who request footage under New York’s Freedom of Information Law that they can’t share the footage with others.

That’s ridiculous, and we wrote a letter to the police chief telling him to stop the nonsense and tell anyone who has received these frivolous warnings that they’re free to share body camera footage as they see fit.

• Read it here

Ask Lauren anything

FPF Daniel Ellsberg Chair on Government Secrecy Lauren Harper joined fellow Freedom of Information Act experts Jason Leopold, ​​Liz Hempowicz, and Kevin Bell to take questions about FOIA and the numerous ways that it’s broken. They teamed up for a Reddit “ask me anything” discussion this week.

• Read the Q&A

Free screening of “Cover-Up”

To our New York audiences and documentary film buffs: FPF is proud to host a special screening tonight of the Oscar-shortlisted film “Cover-Up” by award-winning directors Laura Poitras and Mark Obenhaus, followed by a Q&A moderated by our executive director, Trevor Timm. The film chronicles the career of legendary investigative journalist Seymour Hersh.

• Learn more here

What we're reading

The Pentagon and the press

NPR
It’s shameful the Department of Defense is curtailing press access five decades after the Supreme Court’s Pentagon Papers ruling, Harper told NPR’s “1A.” Harper also joined “1A” to discuss how the Trump administration is enhancing its surveillance capabilities.

The US supreme court’s TikTok ruling is a scandal

The Guardian
That TikTok remains available “makes a mockery” of the government’s earlier national security claims that the platform was “an urgent national security risk – and of the court that deferred to those claims.”

How an AM radio station in California weathered the Trump administration’s assault on media

Associated Press
“‘Chilling effect’ does not begin to describe the neutering of our political coverage,” said one former KCBS journalist about the aftermath of Carr’s threats.

Defend the press: Brendan Carr has gone too far with attacks on media

Courier
Read the op-ed we co-wrote with partner organizations demanding the FCC recommit to the First Amendment.

Paramount’s Warner Bros Discovery bid faces conflict of interest concerns

Al Jazeera
Stern explained, “Throwing out the credibility of CNN and other Warner Bros Discovery holdings might benefit the Ellisons in their efforts to curry favour with Trump, but it’s not going to benefit anyone else, including shareholders.”

freedom.press/issues/covering-…

Evolution Of the Internet

Comparing the internet’s growth to Darwin’s theory of evolution helps explain how it has changed over time, with each stage adapting to the needs, behaviours, and technologies of its time.

The initial phase, known as Web 1 (spanning the 1990s to the early 2000s), was characterised by the internet’s primary function as an information dissemination tool. During this period, only site owners managed content, resulting in a read-only experience for users and a unidirectional flow of information similar to a digital brochure.

Tim O’Reilly introduced the term “Web 2.0” in 2004, marking a new era as mobile services expanded, broadband connectivity improved, and technologies such as AJAX and HTML5 emerged. The internet became interactive, enabling users to create, share, and engage with content without needing special skills. This change opened new ways for people to communicate and connect worldwide.

But as Web 2.0 grew, a few big companies gained significant power and control over data. They decided how information was shared, which voices were heard, and how personal data was handled. Algorithms control every piece of information and opinion. At the same time, many of these platforms rely on business models that depend on extensive data collection, with user behaviour fueling targeted advertising. While these services often appear free, the trade-off is a gradual loss of privacy, autonomy, and control over one’s digital presence.

Concerns about this central control, privacy, and reliance on these platforms led to the idea of a new kind of internet, now called Web 3.0.

What is Web 3.0?

The internet is now moving toward a more user-focused phase, where data ownership is decentralised. Web 3.0 uses technologies such as blockchain and the Semantic Web to return control of data and digital assets to users rather than large technology companies. This change aims to enhance the transparency, security, and personalisation of online experiences.

Key Characteristics of Web 3.0

1. Decentralisation

Control is shared across networks rather than held by a single company or authority. This means that people need not rely on centralised platforms as much.

2. User control over data and identity

Users have more control over their digital identities and personal data, rather than giving that control to platforms by default.

3. Reduced intermediaries

Web 3.0 aims to cut out intermediaries by enabling people to interact, share, and make transactions directly, without needing a central platform to manage these actions.

4. Transparency by design

Many Web 3.0 systems are designed to make rules, transactions, and changes open and verifiable, rather than hidden within private systems.

5. Permissionless participation

Anyone can participate without approval from a central authority, provided they comply with the network’s rules.

6. Resilience and censorship resistance

The distribution of data and services increases the difficulty for any single entity to shut down platforms or completely silence users.

People often use the term Web 3.0 to refer to technologies such as cryptocurrencies, tokens, or blockchain-based finance. However, the main features listed above also make Web 3.0 useful in many areas, including supply chain management, gaming and the metaverse, healthcare, content creation and social media, intellectual property, and digital identity.

​

How Does Web 3.0 Work – A Brief Sneak Peek

At its core, Web 3.0 changes how information is stored and managed. Instead of storing data on servers owned by a single company, information is distributed across networks. The action is cryptographically signed by the user, verified by multiple participants, and recorded in a shared ledger that is difficult to alter. This structure reduces reliance on central intermediaries and makes manipulation or data abuse more difficult, while shifting greater control and responsibility to users. Although the technology driving Web 3.0 is complex, the primary goal is simple: to give users greater control and responsibility.

​

Web 3.0: An Emerging, Yet Unsettled, Part of the EU’s Digital Vision

Freedom, Democracy, and Respect for human rights have been the core pillars of the European Union since its inception. These principles have been a centre of discussion whenever policies are framed, and the digital space is no exception. The European Union has signalled a clear willingness to invest in the development of Web 3.0-relevant technologies through official strategies, infrastructure development, and research funding. The European Union is actively shaping the digital world by protecting users, ensuring fair competition, and defending fundamental rights.

​

A Few Examples:

• The Commission’s blockchain and Web3 strategy outlines policy support, funding programmes, and legal frameworks to foster innovation in decentralised systems.
• Web 3.0-aligned technologies are being evaluated for identity and credential management and secure data exchange.
• EU funding programmes support projects on decentralised data, privacy-preserving technologies, and interoperability. (In recent times, 2016-2019, the EU invested 180 million Euros in a project called Horizon Europe, with grants expected to flow in the future as well)

Web 3.0 Is Still A probability, Not A Concrete Solution Yet.

However, the EU also values legal certainty, accountability, and consumer protection, which can be challenging to achieve in decentralised systems. As a result, the relationship between Web 3.0 and EU policy is still developing, reflecting both a willingness to innovate and a careful approach to potential risks. In this light, it is imperative to understand the complications and challenges associated with Web 3.0.

Challenges of Web 3.0:

• Still in its nascent stage, the technology underlying Web 3.0 is complex and not widely known. Concepts such as private keys, smart contracts, wallets, and decentralised storage are still largely unfamiliar and challenging for non-tech-savvy users.
• Centralised platforms outperform Web 3.0 due to easier user navigation. Influencing users to shift from a seamless platform to a complex option would require substantial investment in digital education and community building, as well as time.
• Beneath the layers of immutable privacy structures, due to a decentralised mechanism for data sharing and storage, technologies such as Web 3.0 lack accountability systems. In the absence of a centralised moderation mechanism, addressing harmful or illegal content, misinformation, and responding to abuse becomes challenging. Once the content is stored, its removal becomes nearly impossible.
• Protocols may be decentralised in theory, but small groups of developers or influential participants still influence many major decisions. This can recreate power imbalances similar to centralised platforms, undermining ideals of shared governance.
• Although Web 3.0 may be emerging as a technical solution to censorship, it is critical to understand that technology alone cannot address deeper social and political issues. Issues such as governance, community norms, power dynamics, and regulatory compliance require broader approaches beyond code.
• For less experienced users, the sole onus for online security, privacy, and data management, owing to greater control, could be overwhelming.

Looking ahead: between regulation and re-imagining

As Europe debates the future of its digital space, organisations such as European Digital Rights reiterate that technology alone does not secure freedom or fairness online. ERDi firmly believes that human rights, data protection, and democratic accountability should be the core of any discussion of new digital systems. From this perspective, Web 3.0 is neither a solution nor a threat in itself, but offers a new avenue of technological experimentation that must operate within existing legal frameworks and fundamental rights.

In the current political landscape, EU initiatives such as the Digital Services Act, the Digital Markets Act, and ongoing discussions around chat control and the Digital Omnibus reflect growing concern about platform dominance, surveillance, and the limits of the Web 2.0 model. These laws aim to correct structural harms through regulation, but also raise deeper questions about how digital infrastructures are designed and who ultimately holds power over them.

In this context, Web 3.0 can be seen as part of a broader conversation about decentralisation and user agency rather than a finished alternative. While its principles resonate with long-standing European Pirate values around privacy, autonomy, and resistance to excessive central control, decentralised technologies also risk creating new concentrations of power if left unchecked. EDRI’s cautious approach emphasises the need for civic interest control, civil society involvement, and robust safeguards.

The interaction between regulation and experimentation will likely shape Europe’s digital future. If approached critically and inclusively, discussions around Web 3.0 can help imagine an internet where innovation supports user rights, rather than undermining them.

​

​

​

​

​

​

europeanpirates.eu/europes-nex…

Contro la falsa informazione pro-inceneritore.

Nell’articolo dell’edizione romana di ieri a firma di Salvatore Giuffrida leggiamo “Il cantiere a Santa Palomba partirà entro il primo trimestre del 2026 e durerà 32 mesi, fino a oltre la metà del 2028”. Il sottotitolo contiene la prima menzogna o bufala, come preferite. Le attività di costruzione dureranno 39 mesi e non 32 come scrive il giornalista e il cantiere terminerà nel maggio 2029. Attenzione, non siamo noi a dichiaralo ma è scritto nero su bianco sul più recente cronoprogramma del proponente.

“Il 2026 sarà l’anno del termovalorizzatore di Roma”. Nell’attacco del pezzo si condensa tutto lo strumentario della retorica tipica dei fan dell’incenerimento che si guarda bene dal ricordare, neppure incidentalmente che i poteri straordinari sono stati attributi per impiantistica destinata a far fronte all’afflusso straordinario dei pellegrini del Giubileo 2025. Un impianto che a Giubileo terminato non è ancora autorizzato e il cui iter è potuto andar avanti esclusivamente a forza di ordinanze, con la Procura di Roma che sta indagando al riguardo. Profili questi, guarda caso, del tutto omessi.

“Bisogna ancora aspettare due anni per inaugurare l’impianto, ma il percorso è già avviato: di fatto è ormai concluso il procedimento autorizzatorio unico regionale, Paur, che riunisce in un unico atto tutte le valutazioni, i pareri e le autorizzazioni di competenza regionale necessarie a realizzare il progetto e avviare il cantiere.”

Il procedimento non è affatto concluso. Ci sono i pareri contrari dei comuni di Albano, Ardea e Pomezia. C’è soprattutto la Soprintendenza Speciale di Roma ha tutta la competenza e decisive motivazioni per bocciare gli elaborati progettuali nella conferenza di servizi in corso e per contestare la procedura avviata in virtù delle proprie prerogative istituzionali discendenti dall’articolo 9 della Costituzione, attuato dal codice dei beni culturali.

Seguono poi i consueti ritornelli della propaganda inceneritorista: “Saranno inoltre realizzati quattro impianti ausiliari per recuperare le ceneri pesanti, un impianto fotovoltaico, una rete di teleriscaldamento e un sistema sperimentale per catturare l’anidride carbonica. Il termovalorizzatore sarà capace di bruciare 600mila tonnellate l’anno di rifiuti e di produrre energia elettrica per circa 200mila abitazioni”.

Al riguardo solo due repliche lampo a proposito di teleriscaldamento e sistema sperimentale cattura CO2. Il teleriscaldamento, conti alla mano, riguarderà un centinaio di famiglie. Dovranno provare di avere il contratto di fornitura indispensabile per la verifica del coefficiente R1 indice di efficienza energetica per ricondurre l’impianto tra quelli di recupero energetico.

Sull’impianto di cattura della CO2, oltre a non essere sperimentale come evidenziato dallo stesso proponente basti ricordare che la massima cattura equivale ad appena l’1per mille della Co 2 emessa. Su questo ci sono ben due esposti alla Corte dei conti ma anche su questo silenzio tombale.
Le 200 mila abitazioni che vorranno l’energia elettrica prodotta, non l’avranno certo a gratis ma dovranno pagarla a prezzi di mercato.

“Infine, a ottobre il Comune ha ratificato un protocollo d’intesa con Ferrovie dello Stato per gestire la logistica ambientale in merito al trasporto dei rifiuti senza costi aggiuntivi per le parti.” Un protocollo d’intesa privo di qualsivoglia autentica portata, chissà perché riportarlo?
Davanti a tanta spudorata propaganda rispondiamo con il nostro prossimo appuntamento: la mattina di lunedì 29 dicembre sit-in presso la Soprintendenza speciale di Roma per smuoverla a tutelare i beni archeologici presenti nell’area del progetto e che verrebbero irrimediabilmente distrutti.

Concludiamo il nostro comunicato richiamando il recentissimo parere contrario della Regione Lazio nella conferenza di servizi sulla discarica di Tor Tignosa che lascia l’inceneritore privo della sua discarica di servizio.
Non serve il giornalismo di inchiesta, sarebbe sufficiente il semplice giornalismo.
Buona serata!

19 dicembre 2025