Turning surplus LCD panels into stand-alone monitors with the help of a driver board is an established hack, and a search of eBay or AliExpress will turn up boards for almost any widely available panel. [Drygol] has a couple of old iPad screens, and has done exactly this with them. What makes these two projects stand aside from the crowd is their attention to detail, instead of creating a hacky monitor this is almost something you might buy as a product.

For a start, both screens sit in very smart 3D printed cases. Behind them is the LCD driver, and perhaps this is where many people might leave it. But the point of an iPad is portability, so the first one receives a suitably large lithium polymer battery and its associated electronics. As such a thing is of limited use without a battery level monitor, so one is mounted flush with the case on the outside. The final touch is a Bluetooth audio board and speaker, making an all-in-one peripheral we’d be happy to carry with us.

The second screen is a slimmer version of the first case, with a different board that has an onboard audio channel. It’s mounted in a stand with a MiSter FPGA emulator, for a very neat and compact desktop set-up.

This project shows what can be done with these screens, and raises the bar. All the files are included, so it should be possible to make your own. We expect someone might stick a Raspberry Pi in there, to make… something like an iPad.

This isn’t the first time we’ve seen an iPad screen mod.

hackaday.com/2025/02/24/old-ip…

Dopo che le autorità del Regno Unito hanno chiesto ad Apple di creare una backdoor che consentisse l’accesso ai dati cloud crittografati degli utenti, Apple ha deciso di disattivare del tutto la funzionalità Advanced Data Protection (ADP) nel Regno Unito.

Come riportato all’inizio di questo mese dal Washington Post, citando le proprie fonti, le autorità britanniche hanno emesso un ordine e hanno chiesto ad Apple di fornire l’accesso ai dati criptati degli utenti in tutto il mondo. Secondo la pubblicazione, l’ordine imponeva ad Apple di creare una backdoor che avrebbe consentito l’accesso a qualsiasi contenuto caricato sul cloud da qualsiasi utente.

In particolare, il governo voleva un accesso ai dati protetto dalla crittografia end-to-end mediante Advanced Data Protection, che garantisce che nemmeno Apple stessa possa vedere i dati degli utenti. ADP è stato introdotto nel 2022 ed è una funzionalità opzionale che gli utenti possono abilitare per i backup di iCloud, le foto, le note e altri dati. Nella loro pubblicazione, i giornalisti del Washington Post hanno ipotizzato che tali requisiti avrebbero costretto Apple a chiudere ADP, cosa che è accaduta alla fine della scorsa settimana.

“Apple non può più offrire la protezione avanzata dei dati (ADP) ai nuovi utenti nel Regno Unito e gli utenti esistenti nel Regno Unito dovranno presto disattivare questa funzione di sicurezza”, ha affermato Apple .

L’azienda riteneva che il rispetto dei requisiti delle autorità britanniche avrebbe potuto garantire l’accesso ai dati degli utenti non solo al governo, ma anche agli aggressori.

“Siamo profondamente delusi dal fatto che la protezione di ADP non sarà disponibile per i nostri clienti nel Regno Unito, dato il continuo aumento delle violazioni dei dati e di altre minacce alla privacy. Migliorare la sicurezza dell’archiviazione cloud con la crittografia end-to-end è più importante che mai”, ha affermato Apple.

Quindi per gli utenti Apple del Regno Unito alcuni dati rimangono crittografati. Pertanto, iCloud Keychain e Health, iMessage e FaceTime dispongono della crittografia end-to-end per impostazione predefinita. Tuttavia, altri servizi iCloud, tra cui iCloud Backup, iCloud Drive, Foto, Note, Promemoria, Segnalibri di Safari, Comandi rapidi di Siri e così via, non verranno crittografati.

Apple ha affermato che spera di ripristinare in futuro la protezione dei dati nel Regno Unito, ma si rifiuta di creare backdoor per i governi. “Come abbiamo affermato più volte, non abbiamo mai creato backdoor o chiavi master per i nostri prodotti e servizi. E non lo faremo mai”, hanno detto i rappresentanti di Apple ai media.

L'articolo Apple si rifiuta di creare una Backdoor per il governo del Regno Unito e disabilita ADP proviene da il blog della sicurezza informatica.

Okay, you have to see the gallery to appreciate it, but this keyboard was designed to resemble a red cedar tree with the green shell and wood bottom and the copper PCB showing through the tree cutouts on the sides.

Image by [WesternRedCdar] via redditBut you know why I chose this picture — those PS2 buttons. According to [WesternRedCdar] they are just for fun, although they do allow for pressing Ctrl and Alt at the same time with a single thumb.

Oh, and are those Nintendo Switch joysticks above the PS2 buttons? Those are for the mouse and vertical/horizontal scrolling. Honestly, this seems like a great amount of thumb controls. The basics are there (presumably), and there isn’t any thumb-extending excess, like keys on the insides by the mouse.

This bad mama jama runs on an RP2040 and has 50 hand-wired Cherry Brown switches plus the PS2 buttons. In the build guide, you can read all about [WesternRedCdar]’s troubles with integrating those. The Nintendo Switch joysticks weren’t terribly easy, either, since the ribbon connector can’t be soldered directly.

The final issue was one of weight. Since many of the switches stand quite tall, it sort of jostles the keyboard to actuate them. [WesternRedCdar] opined that that the ideal solution would have been to use metal base plates instead of wood, but took care of the issue by adding layers of 1/8″ steel flat bar inside the case.

Gone in 60 Seconds: the Micro Journal Rev. 7 From Tindie

Don’t know what took me so long to find r/writerDeck, but here we go! [WorkingAmbition7014] was quite excited to announce there that [Background_Ad_1810] aka [Un Kyu Lee]’s Micro Journal rev. 7 was up on Tindie. It’s already sold out, but that’s okay because previous versions are already open-source, and it’s just a matter of time before this new revision makes its way to the ole GitHub.

Nearly NSFW image by [Un Kyu Lee] via TindieYou may remember our coverage of the third iteration from about a year ago. Look how far it has come since then! Although the overall portability has kind of taken a dive, it sure does look great from where I’m sitting. Maybe it’s just that lovely color scheme, but to me it has sort of a softened-up mil-spec look.

This distraction-free machine is based on the ESP32-S3 microcontroller. It starts up right away, and you can start typing pretty much immediately on the ePaper screen. There are a pair of knobs that go a long way toward its typewriter looks; the left one wipes the screen and puts the machine to sleep, and the right knob clears the screen in the case of too much ghosting.

Files are saved on the SD card that sits behind the screen, or you can send them to Google Drive. Now, it doesn’t come with that cool clip light, but it doesn’t have a backlight, either, so you’ll probably want to bring your own. You will also have to source your own 18650. Be sure to check out the overview after the break.

youtube.com/embed/lNPzFL1a6mI?…

The Centerfold: Purple Paradise

Image by [Majestic-Fox-550] via redditIsn’t this cozy and fresh? Some might say it’s too cool-toned overall, but I think the peach parts help it strike a balance. Again, I don’t know much, but that keyboard is a Feker Galaxy 80, and the desk mat is from The Mousepad Company. I don’t think those cloud wrist rests are too hard to find; I’ve even seen them at Five Below before.

I love these setup pictures, but I have to wonder, does anyone really keep their desk this clean and tidy? Of course not, it’s for the shot, you’re saying. But that’s my point. Why does everyone always tidy up so hard first? I want to see battle stations in their true forms sometimes. I feel like we got sorta close last week in the one with all the screens. So do I need to inspire centerfold submissions by showing my own battle station one of these times? I don’t know if y’all really want that.

Do you rock a sweet set of peripherals on a screamin’ desk pad? Send me a picture along with your handle and all the gory details, and you could be featured here!

Historical Clackers: the Ford Typewriter

Isn’t this machine a beauty? And no, inventor Eugene A. Ford bore no relation to Henry Ford the automobile maker. But wouldn’t this look grand while perched briefly on the running board of your Model T for a quick daguerreotype?
Image via The Martin Howard Collection
Lovely as she was, the 1895 Ford was no fun for the typist. The Space bar-placed Shifts required real pressure to properly operate, and the keys are evidently springy and wobbly. “Springy” sounds intriguing; “wobbly” does not.

Additionally, the advancing lever doesn’t allow going backwards or forwards a line at a time. But the one great thing about the Ford was that it’s a visible writer, whereas most machines of the time were blind writers, meaning you were unable to see what you were typing without stopping and doing something first. It wasn’t the first visible writer, but it might be the easiest to look at.

What it did do first is use aluminium in its construction, although there were two versions, one with an all-aluminium frame and carriage, and the other with a black, enameled cast iron frame and and an aluminium carriage. The cast iron went for $75, and the lighter-weight aluminium machine for $85. Both were lateral thrust machines, which means that the type bars are spread out like a fan and move horizontally to strike the platen.

Eugene Ford had quite the career. After putting his typewriter on the market in 1895, he worked with IBM for the rest of his life, and became chief development engineer of the New York laboratories in 1911. During his tenure, he developed improvements to various punched card accounting machines, sorters, and counters.

Finally, a Keyboard for Cat Lovers

Cats and keyboards go together like peanut butter and jelly. When they’re not straight up walking across it, they’re fluffing it up. Well, why not admit defeat and get this cozy cat-themed keyboard?

This is the Dry Studio Petbrick 65, which comes in calico and black, which is called the odd-eyed design, presumably because the kitty on the Escape key has heterochromia.
Image via Dry Studio
Now that’s just the keyboard itself that comes in calico and black; soon you’ll be able to get all kinds of fuzzy bezels, which attach with magnets and are hand-washable, thankfully.

The Petbrick 65 isn’t just some cutesy little thing. This is a serious mechanical keyboard with a sandblasted POM plate, a specially-tuned (what? how?) cotton poron switch pad, PET film for the sake of acoustics, and two layers of sound-dampening foam.

The switches are custom-made ‘crystal pinks’ that were developed in-house and look pretty slick. If you don’t like them, the PCB is hot-swappable. And they didn’t stop there — the keycaps have dye-sublimated legends for longevity.

Would I type on this? I would, at least until it became uncomfortable for my RSI situation. I’m interested to try these crystal pink switches and feel the fluffiness of the frame on the heels of my hands.

Got a hot tip that has like, anything to do with keyboards? Help me out by sending in a link or two. Don’t want all the Hackaday scribes to see it? Feel free to email me directly.

hackaday.com/2025/02/24/keebin…

Normally, when you want a low DC voltage from the AC line, you think about using a transformer of some kind. [RCD66] noticed that an AC monitor meter must have some sort of power supply but had no transformers in sight. That led to an exploration of how those work and how you can use them, too. You can watch the work in the video below.

Sensibly, there is a transformer in the test setup — an isolation transformer to make it safe to probe the circuit. But there’s no transformer providing voltage changes. Isolation is important even if you are taking apart something commercial that might be trasformerless.

The circuit is simple enough: it uses a capacitor, a resistor, and a pair of diodes (one of them a zener diode). He uses this basic circuit to drive simple regulators with input and output filter capacitors. We’ve seen many variations on this design over the years.

You can’t draw a lot of power through this arrangement. But sometimes it is all you need. However, this is pretty dangerous, as we’ve discussed before. Be sure you understand exactly what the risks are before you decide to build something like this.

youtube.com/embed/zQxE7xRJsGo?…

hackaday.com/2025/02/24/line-p…

In an ideal world, devoid of pesky details like contact resistance and manufacturing imperfections, you would be able to double the current that can be provided to a device by doubling the number of conductors without altering the device’s circuitry, as each conductor would carry the exact same amount of current as its neighbors. Since we do not actually live inside a simplified physics question’s scenario, multi-wire powering of devices comes with a range of headaches, succinctly summarized in the well-known rule that electricity always seeks the path of least resistance.

As recently shown by NVidia with their newly released RTX 50-series graphics cards, failure to provide current balancing between said different conductors will quickly turn it into a practical physics demonstration of this rule. Initially pinned down as an issue with the new-ish 12VHPWR connector that was supposed to replace the 6-pin and 8-pin PCIe power connectors, it turns out that a lack of current balancing is plaguing NVidia GPUs, with predictably melty results when combined with low safety margins.

So what exactly changed that caused what seems to be a new problem, and why do you want multi-wire, multi-phase current balancing in your life when pumping hundreds of watts through copper wiring inside your PC?

Resistance Is Not Futile

Smoke coming off a 12VHPWR connector on NVidia RTX 4090 Founders Edition GPU. (Credit: Gamers Nexus, YouTube)
In the absence of cheap room-temperature superconducting wires, we have to treat each conductor as a combination of a resistor, inductor and capacitor. These parameters set limitations on properties such as how much current a conductor can carry without changing phase from solid to gaseous. The contact resistance between the conductors of both sides in a connector adds another variable here, especially when a connector wears out or the contacts become corroded.

In the case of the 6-pin and 8-pin PCIe power connector, these are based on the Molex Mini-Fit series, with the commonly used Mini-Fit Plus HCS (high current system) rated for 100 mating cycles in tin plating or 250 cycles in gold, and a current rating of 8.5 A to 10 A per pin depending on whether 18 AWG or 16 AWG wire is used. The much smaller connector of the 12-pin 12VHPWR, and equivalent 12V-2×6, standard is rated for only 30 mating cycles, and 9.5 A per pin. It is based on the Molex Micro-Fit+ connector.
Hot spot of a 12VHPWR connector on NVidia RTX 4090 Founders Edition GPU. (Credit: Gamers Nexus, YouTube)
The smaller pin size and lower endurance increases the possibility of poor contact, as first demonstrated with the 12VHPWR connector back in 2022 when NVidia RTX 40-series cards experienced run-away thermal events where this power connector on the GPU side melted. Subsequent research by the team at Gamers Nexusshowed this to be due to poor contact within the connector with resulting high resistance and thus a massive thermal hot spot. Following this event, the 12V-2×6 update to 12VHPWR increased the length of the power pins and decreased that of the four sense pins.

The idea behind this change is that by extending the length of the power and ground pins by 0.25 mm and shortening the sense pins by 1.5 mm there’s a higher chance of there being an actual good contact on the ground and power pins when the sense lines signal the GPU that it can start drawing hundreds of watts.

This change did only affect the male side of the connector, and not the cable itself. This made it very surprising to some when after the much higher wattage RTX 5090 GPUs were released and suddenly cables began burning up,with clear melting visible on the GPU and power supply side. What was going on here?

Multi-Phase Balance

Melted RTX 5090, PSU and cable power connectors. (Credit: der8auer, YouTube)
Shortly after the first melting cable event involving an RTX 5090 Founders Edition (FE) GPU popped up on the internet, Roman [Der8auer] Hartung reached out to this lucky person and – since both live quite close – borrowed the damaged GPU, PSU and cable for an investigative video. Involved were not only an RTX 5090 FE GPU, but also the PSU with its 12VHPWR connector. On each side the plastic around one pin was completely melted, with the cable having to be forcibly removed.
Shunt resistor comparison of NVidia GPUs. (Credit: Buildzoid, YouTube)
During Roman’s testing with another RTX 9050 FE and 12VHPWR cable he found that two of the six 12V wires were significantly warmer than the rest, courtesy of these carrying over 22 A versus around 2 A for the others while the PSU-side connector side hit a blistering 150 °C. This result was replicated by some and seems to be fully due to how the NVidia RTX 9050 FE card handles the incoming power, by tying all incoming power lines together. This a practice that began with the RTX 4090, but the RTX 5090 is the first to pull close to the rated 600 watts of the 12VHPWR/12V-2×6 connector. This was explained quite comprehensively in a comparison video by Buildzoid.

Because with the RTX 4090 and 5090 FE GPUs – as well as some GPUs by third-party manufacturers – these 12V lines are treated as a singular line, it is essential that the resistance on these lines is matched quite closely. If this is not the case, then physics does what it’s supposed to and the wires with the lowest resistance carry the most current. Because the 12V-2×6 connector on the GPU side sees only happy sense pins, it assumes that everything is fine and will pull 575 watts, or more, through a single 16 AWG wire if need be.

Meanwhile the Asus RTX 5090 Astral GPU does have individual shunt resistors to measure the current on the individual 12V lines, but no features to balance current or throttle/shutdown the GPU to prevent damage. This is actually a feature that used to be quite common, as demonstrated by this EVGA RTX 3090 Ti GPU:
EVGA RTX 3090 Ti GPU with triple phase distribution marked. Yellow is PCIe slot power. (Credit: taka, TechPowerUp forums)
On the top right the triple sense resistors (shunts) are visible, each of which is followed by its own filter coil and feeding its own set of power phases, marked in either red, green or blue. The yellow phases are for the RAM, and are fed from the PCIe slot’s 75 Watt. The bottom right controller controls the phases and based on the measured currents can balance the current per channel by shifting the load between parts of the phases.

This is a design that is completely omitted in the RTX 5090 FE design, which – as Igor Wallossek at Igor’s Lab describes it – has been minimized to the point where crucial parts have begun to be omitted. He also covers an MSI RTX 3090 Ti Suprim card which does a similar kind of phase balancing before the RTX 4090 and RTX 5090 versions of MSI’s GPUs begin to shed such features as well. It would seem that even as power demands by GPUs have increased, crucial safety features such as current balancing have been sacrificed. As it turns out, safety margins have also been sacrificed along with these features.

Safety Margins

The ugly truth about the switch from 8-pin PCIe connectors to 12-pin 12VHPWR connectors is that while the former is rated officially for 150 watts, this power level would be hit easily even by the cheapest implementation using crummy 18 AWG wiring. With the HCS connectors and 16 AWG wiring, you are looking at 10 A × 12 V × 3 = 360 watts, or a safety margin of 2.4. With cheaper connectors and a maximum of 7 A per wire it would still be a safety margin of 1.68.

Meanwhile, the 12VHPWR/12V-2×6 with the required 16 AWG wiring is rated for 9.5 A × 12 V × 6 = 684 watts, or a safety margin of 1.14. In a situation where one or more wires suddenly decide to become higher-resistance paths this means that the remaining wires have to pick up the slack, which in the case of a 575 watt RTX 5090 GPU means overloading these wires.

Meanwhile a 8-pin PCIe connector would be somewhat unhappy in this case and show elevated temperatures, but worst case even a single wire could carry 150 watts and be happier than the case demonstrated by [Der8auer] where two 12V-2×6 connector wires were forced to carry 260 watts each for the exact same wire gauge.

This is also the reason why [Der8auer]’s Corsair PSU 12V-2×6 cable is provided with two 8-pin PCIe-style connectors on the PSU side. Each of these is rated at 300 watts by Corsair, with Corsair PSU designer Jon Gerow, of JonnyGuru PSU review fame, going over the details on his personal site for the HCS connectors. As it turns out, two 8-pin PCIe connectors are an easy match for a ‘600 watt’ 12VHPWR connector, with over 680 watt available within margins.

There’s a good chance that this was the reason why [Der8auer]’s PSU and cable did not melt, even though it clearly really wanted to do so.

Balance Is Everything

Although it is doubtful that we have seen the last of this GPU power connector saga, it is telling that so far only GPUs with NVidia chips have gone full-in on the 12VHPWR/12V-2×6 connectors, no doubt also because the reference boards provided to board partners come with these connectors. Over in the Intel and AMD GPU camps there’s not even a tepid push for a change from PCIe power connectors, with so far just one still-to-be-released AMD GPU featuring the connector.

That said, the connector itself is not terrible by itself, with Jon Gerow making the case here quite clearly too. It’s simply a very fiddly and somewhat fragile connector that’s being pushed far beyond its specifications by PCI-SIG. Along the way it has also made it painfully clear that current balancing features which used to exist on GPUs have been quietly dropped for a few years now.

Obviously, adding multiple shunts and associated monitoring and phase balancing is not the easiest task, and will eat up a chunk of board real-estate while boosting BOM size. But as we can see, it can also prevent a lot of bad publicity and melting parts. Even if things should work fine without it – and they usually will – eating into safety margins and cutting components tends to be one of those things that will absolutely backfire in a spectacular fashion that should surprise absolutely nobody.

Featured image: [ivan6953]’s burnt cables.

hackaday.com/2025/02/24/the-im…

Google è da tempo lo strumento di ricerca principale per milioni di utenti, ma sempre più persone notano che i suoi risultati di ricerca stanno peggiorando. Giornalisti, esperti SEO e utenti comuni lamentano che la ricerca sta diventando meno utile e che Google promuove sempre più i propri servizi e materiali pubblicitari anziché informazioni oggettive.

Secondo WalletHub, solo il 36% delle ricerche negli Stati Uniti indirizza gli utenti a siti che non sono di proprietà di Google o che non pagano Google per la pubblicità. Inoltre, il 66% degli intervistati ritiene che ci siano troppi annunci nelle pagine di ricerca e il 35% nota che i risultati sono diventati meno pertinenti. Nel settore finanziario, Google fornisce spesso link a grandi marchi, anche se le loro informazioni sono inferiori a quelle di risorse meno note ma di qualità più elevata.

Il problema non riguarda solo la pubblicità. Ad esempio, gli utenti notano la predominanza di discussioni obsolete nei forum di Reddit nei risultati di ricerca. Google ha stipulato un accordo con la piattaforma per accedere ai suoi contenuti, il che comporta la comparsa di argomenti vecchi e irrilevanti in cima ai risultati di ricerca. Secondo un sondaggio, il 55% degli utenti ritiene che Google presti troppa attenzione a Reddit.

Inoltre, i documenti del caso antitrust USA contro Google dimostrano che l’azienda ha deliberatamente peggiorato la qualità della ricerca per aumentare i ricavi pubblicitari. Nel 2020, il responsabile della divisione pubblicitaria è stato nominato responsabile della ricerca e, da allora, la priorità si è spostata dalla comodità dell’utente all’aumento dei ricavi pubblicitari. Da allora, Alphabet, la società madre di Google, ha aumentato il suo valore di mercato del 160%, mentre l’indice S&P 500 è cresciuto solo del 100%.

WalletHub ritiene che Google voglia intenzionalmente rendere più difficile la ricerca di informazioni di qualità, costringendo gli utenti a effettuare ricerche più spesso e a visualizzare più annunci pubblicitari. Incoraggia le persone a utilizzare motori di ricerca alternativi come DuckDuckGo, Bing, Kagi e Brave.

Gli esempi del deterioramento della ricerca sono chiari. Nelle ricerche finanziarie, Google privilegia i marchi più grandi rispetto ai prodotti migliori. Ad esempio, Mastercard si classifica al primo posto per il termine di ricerca “migliori carte di credito per chi ha un cattivo credito”, nonostante la sua pagina non offra confronti indipendenti.

Una situazione simile si osserva con le raccomandazioni sui prodotti bancari: la ricerca dimostra che i risultati irrilevanti possono costare agli utenti una media di 202 dollari e, in alcuni casi, fino a 1.347 dollari.

Nonostante le crescenti critiche, Google non ha mostrato alcun segno di voler cambiare strategia. In assenza di concorrenti forti, un’azienda può permettersi di promuovere i propri interessi a scapito della qualità della ricerca. Ciò rende sempre più urgente la necessità di trovare strumenti di ricerca alternativi.

L'articolo Google si è rotto? Gli utenti denunciano scarsi risultati di ricerca e più pubblicità! proviene da il blog della sicurezza informatica.

GUTEN TAG! WELCOME BACK TO DIGITAL POLITICS. I'm Mark Scott, and Feb 24 marks the three-year anniversary of Russia's invasion of Ukraine. Roughly 150,000 people have died so far. For more on what the ongoing war has done to Ukraine, Russia and global relations, read here, here, here and here.

— Germany's federal election will now lead to haggling over a new coalition government. In the aftermath of the Feb 23 vote, social media's impact on voting remains unclear as ever.

— Don't expect the first transatlantic spat over digital regulation to come from social media rules. You should focus on digital competition, data protection and digital services taxes.

— The world almost got a new global tax regime, primarily focused on new levies on Big Tech, over the line. It would have generated $100 billion in additional government revenue a year. It's now kaput.

Let's get started:

digitalpolitics.co/newsletter0…

While we’re still waiting for ET to give us a ring, many worlds might not have life that’s discovered the joys of radio yet. Scientists ran a two-pronged study to see how bacteria might fare on other worlds.

We currently define the Habitable Zone (HZ) of a planet by the likelihood that particular planet can host liquid water due to its peculiar blend of atmosphere and distance from its star. While this doesn’t guarantee the presence of life, its a good first place to start. Trying to expand on this, the scientists used a climate model to refine the boundaries of the HZ for atmosphere’s dominated by H₂ and CO₂ gases.

Once they determined these limits, they then mixed up some example atmospheres and subjected E. coli to the environments. Their findings “indicate that atmospheric composition significantly affects bacterial growth patterns, highlighting the importance of considering diverse atmospheres in evaluating exoplanet habitability and advancing the search for life beyond Earth.”

If you want to look more into what might be out there, how about analyzing the WOW Signal or looking at what the Drake Equation is all about.

hackaday.com/2025/02/24/where-…

Il Segretario alla Difesa degli Stati Uniti, Pete Hegseth, ha ordinato al Cyber ​​Command degli Stati Uniti (USCYBERCOM) di accelerare i preparativi per un importante sforzo di modernizzazione noto come “Cyber ​​Command 2.0”. Invece dei 180 giorni previsti per elaborare un piano per attuare la riforma, il comando ora dato solo 45 giorni, il che gli impone di presentare il documento finale entro e non oltre il 22 marzo. Questa inaspettata riduzione dei tempi rappresenta una sfida significativa per la dirigenza dell’USCYBERCOM, in quanto richiede di riconsiderare una serie di processi chiave in un lasso di tempo ridotto.

Motivi per accelerare la riforma

Il piano “Cyber ​​​​Command 2.0” era stato originariamente approvato alla fine dell’anno scorso dall’ex Segretario alla Difesa Lloyd Austin. Tuttavia, da quando è salita al potere la nuova amministrazione di Donald Trump, le priorità della politica informatica degli Stati Uniti sono cambiate in modo significativo. Il nuovo team della Casa Bianca sta spingendo per un’azione più decisa e aggressiva nel cyberspazio, soprattutto in seguito ai recenti attacchi e alle operazioni di spionaggio da parte della Cina.

Secondo fonti a conoscenza della situazione, Hegseth, dopo aver preso conoscenza della bozza il 5 febbraio, ha chiesto al comando non solo di accelerare lo sviluppo della riforma, ma anche di preparare un elenco di poteri necessari per migliorare l’efficacia delle operazioni. Inoltre, il Pentagono ha ordinato l’identificazione delle limitazioni normative che impediscono alle forze informatiche statunitensi di operare in modo più rapido ed efficace.

Cosa cambia allo US Cyber ​​Command?

Gli ambiti chiave della riforma erano:

• Istituzione di un centro di innovazione per la guerra informatica che garantisca una stretta cooperazione tra l’esercito e le aziende tecnologiche private.
• Sviluppo di un nuovo centro di eccellenza per la formazione informatica al fine di ampliare la formazione in tutto il sistema militare.
• Introduzione di un nuovo modello per la formazione di unità informatiche in vari rami delle forze armate.
• Sviluppare una strategia di gestione dei talenti che includa un sistema unificato di pagamenti, bonus e fidelizzazione dei dipendenti.

Queste misure sono progettate non solo per modernizzare il Cyber ​​Command, ma anche per creare un sistema di difesa informatica statunitense più flessibile e reattivo, in grado di adattarsi ai rapidi cambiamenti delle minacce.

Revisione dei poteri e nuove regole del gioco

Sebbene i dettagli esatti della riforma non siano ancora stati resi noti, la Commissione per i servizi armati della Camera sarebbe stata informata sul progetto e i senatori e i loro assistenti avrebbero ricevuto presentazioni preliminari. Nell’ambito della riforma, il Cyber ​​Command degli Stati Uniti sta anche sviluppando un’analisi delle potenziali nuove autorità che potrebbero essere necessarie per l’azione operativa.

Le fonti sottolineano che la richiesta di ampliare l’autorità del Cyber ​​Command non è nuova. Un processo simile si era già verificato nel 2017 sotto la prima amministrazione Trump. Sempre nel 2020 è stato condotto uno studio completo di tutti i comandi combattenti degli Stati Uniti, che ha portato all’ampliamento del Cyber ​​Command con l’inclusione di altri 14 comandi.

La sfida principale è la mancanza di tempo

Nonostante l’alto livello di sostegno alla riforma, alcuni esperti temono che scadenze così ravvicinate possano complicare il processo di coordinamento della modernizzazione tra i diversi rami delle forze armate.

Un funzionario ha affermato che i tempi sono troppo stretti perché i servizi militari e il Cyber ​​Command degli Stati Uniti raggiungano un accordo sulla condivisione delle risorse. Molto probabilmente il comando preparerà un piano, che verrà prima presentato al Pentagono e poi sottoposto all’approvazione dell’esercito.

Altri esperti ritengono che i principali disaccordi siano già noti e che il compito di Hegseth sia quello di contribuire a risolverli. In caso di questioni controverse, potrà proporre soluzioni specifiche e accelerare il processo di riforma.

“Coinvolgimento continuo” invece di transazioni una tantum

Un altro aspetto importante della riforma sarà il passaggio da operazioni informatiche una tantum a campagne strategiche a lungo termine. Questo concetto si basa sulla strategia Defend Forward, sancita per la prima volta nella dottrina informatica del Pentagono nel 2018. Si tratta di contrastare attivamente le minacce il più vicino possibile alla fonte, anziché limitarsi a proteggere i sistemi che sono già stati attaccati.

La nuova strategia privilegia l’impegno continuo con il nemico piuttosto che operazioni mirate occasionali. Ciò consentirà a Cyber ​​Command di gestire le risorse in modo più flessibile, rispondere più rapidamente alle minacce ed evitare lungaggini burocratiche.

In particolare, si sta discutendo sulla possibilità di semplificare la procedura di approvazione degli attacchi digitali, il che consentirà ai comandanti di prendere decisioni più rapidamente, anziché attendere un’approvazione in più fasi. Un approccio simile era già stato utilizzato nel 2018, quando l’amministrazione Trump aveva reso più facile lanciare attacchi informatici contro le campagne di disinformazione russe.

Prospettive per la riforma del “Cyber ​​​​Command 2.0”

Resta aperta la questione su quale sarà il documento finale che USCYBERCOM presenterà al Pentagono. Secondo gli esperti, con ogni probabilità includerà sia indicatori di performance specifici sia obiettivi flessibili a lungo termine che consentiranno al team di adattarsi alle nuove sfide.

Se implementato, il nuovo approccio cambierebbe in modo significativo il modo in cui opera il Cyber ​​Command degli Stati Uniti. Si creerà un sistema di guerra digitale efficace e autonomo, in grado non solo di rispondere agli attacchi, ma anche di prevenire attivamente le minacce in una fase iniziale.

Il cyberspazio sta sempre di più diventando la nuova arena di scontro globale e gli Stati Uniti cercano non solo di mantenere, ma anche di rafforzare il loro predominio in questo ambito.

L'articolo Cyber Command 2.0: Gli USA accelerano la guerra digitale contro Cina e Russia proviene da il blog della sicurezza informatica.

In our modern world, it’s difficult to underestimate the impact that open-source code has on software development. Over the years, the global community has managed to publish a tremendous number of projects with freely accessible code that can be viewed and enhanced by anyone on the planet. Very frequently, code published on the Internet serves as a source of inspiration for software developers – whenever they need to implement a project feature, they often check whether the code they need is already available online. This way, they avoid reinventing the wheel and thus save their precious time.

With more and more open-source projects being published, both state-sponsored actors and cybercriminals started using freely available code as a lure to infect their targets. Of course, this trend shows no sign of slowing down as evidenced by a currently active campaign aimed at GitHub users that we dubbed GitVenom.

Promise-filled yet fake projects

Over the course of the GitVenom campaign, the threat actors behind it have created hundreds of repositories on GitHub that contain fake projects with malicious code – for example, an automation instrument for interacting with Instagram accounts, a Telegram bot allowing to manage Bitcoin wallets, and a hacking tool for the video game Valorant.

Clearly, in designing these fake projects, the actors went to great lengths to make the repositories appear legitimate to potential targets. For instance, the malicious repositories we discovered contained well-designed README.md files, possibly generated using AI tools. We observed these files to contain information about the projects, as well as instructions on how to compile their code.

Snippets of README.md pages with descriptions of fake projects

In addition to that, the attackers added multiple tags to their repositories, as well as artificially inflated the number of commits made to them. To do that, they placed a timestamp file in these repositories, which was updated every few minutes:

Example structure of a malicious repository

Malicious code implanted in many ways

While analyzing repositories created over the course of the GitVenom campaign, we noted that the fake projects we found were written in multiple programming languages – specifically Python, JavaScript, C, C++ and C#. As may be expected, these projects did not implement the features discussed in the README.md file, and their code mostly performed meaningless actions. At the same time, each of the projects was infected with malicious code, with its placement depending on the programming language used.

For instance, the attackers placed malicious code in Python-based projects by inserting a long line in one of the project files. This line consisted of about 2,000 tab characters, followed by the following code, responsible for decrypting and executing a Python script:
subprocess.run(['pip', 'install', 'cryptography'], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL); subprocess.run(['pip', 'install', 'fernet'], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL); from fernet import Fernet; import requests; exec(Fernet(b'<encrypted malicious Python script>'))
In the case of projects coded in JavaScript, the attackers created a malicious function inside them, which was in turn invoked from the main file of the project. Below is an example of such a function:

Example of a malicious function placed in JavaScript-based projects. It decodes a script from Base64 and executes it.

As for repositories containing C, C++ and C# code, the attackers decided to hide a malicious batch script inside Visual Studio project files, configuring it to execute at project build time:

Snippet from a malicious Visual Studio project file. It contains a PreBuildEvent attribute, which instructs the payload to execute at project build time.

Further payloads deployed

While coded in different programming languages, the malicious payloads stored inside the fake projects had the same goal – download further malicious components from an attacker-controlled GitHub repository (URL at the time of research:
hxxps://github[.]com/Dipo17/battle) and execute them. These components were as follows:

• A Node.js stealer that collects information such as saved credentials, cryptocurrency wallet data and browsing history, packs it into a .7z archive and uploads it to the attackers via Telegram.

Structure of the archive which the stealer sends to the attackers

• The open-source AsyncRAT implant (C2 server address: 68.81[.]155);
• The open-source Quasar backdoor (C2 server address: same as above)
• A clipboard hijacker, which searches the clipboard contents for cryptocurrency wallet addresses and replaces them with attacker-controlled ones. Notably, the attacker-controlled Bitcoin wallet (ID: bc1qtxlz2m6r[...]yspzt) received a lump sum of about 5 BTC (approximately 485,000 USD at the time of research) in November 2024.

Impact of the campaign

While investigating malicious repositories related to the GitVenom campaign, we found several fake projects published two years ago. Given that the attackers have been luring victims with these projects for several years, the infection vector is likely quite efficient. In fact, based on our telemetry, infection attempts related to GitVenom have been observed worldwide, with the highest number of them being in Russia, Brazil and Turkey. We expect these attempts to continue in the future, possibly with small changes in the TTPs.

Blindly running code from GitHub can be detrimental

As code-sharing platforms such as GitHub are used by millions of developers worldwide, threat actors will certainly continue using fake software as an infection lure. For that reason, it is crucial to handle processing of third-party code very carefully. Before attempting to run such code or integrate it into an existing project, it is paramount to thoroughly check what actions it performs. This way, it will be very easy to spot fake projects and prevent malicious code placed in them from being used to compromise the development environment.

Reference hashes for infected repository archives

63739e000601afde38570bfb9c8ba589 (06d0d13a4ce73775cf94a4a4f2314490de1d5b9af12db8ba9b01cd14222a2756)

3684907e595cd04bf30b27d21580a7c6 (bd44a831ecf463756e106668ac877c6b66a2c0b954d13d6f311800e75e9c6678)

securelist.com/gitvenom-campai…

Work in progress

Gnocchi alla romana with Carbonara sauce

[Dylan] has a fancy bed that can be set to any temperature. Apparently this set him back about $2,000, it only works if it has Internet, and the bed wants $19 a month for anything beyond basic features. Unsurprisingly, [Dylan] decided to try to hack the mattress firmware and share what he learned with us.

Oddly enough, it was easy to just ask the update URL for the firmware and download it. Inside, it turned out there was a mechanism for “eng@eightsleep.com” to remotely SSH into any bed and — well — do just about anything. You may wonder why anyone wants to gain control of your bed. But if you are on the network, this could be a perfect place to launch an attack on the network and beyond.

Of course, they can also figure out when you sleep, if you sleep alone or not, and, of course, when no one is in the bed. But if those things bother you, maybe don’t get an Internet-connected bed.

Oddly enough, the last time we saw a bed hack, it was from [Dillan], not [Dylan]. Just because you don’t want Big Sleep to know when you are in bed doesn’t mean it isn’t useful for your private purposes.

hackaday.com/2025/02/24/unhack…

Gli hacker di NoName057(16) continuano le loro attività ostili contro diversi obiettivi italiani, attraverso attacchi di Distributed Denial-of-Service (DDoS).

Questa volta a farne le spese sono le regioni italiane, i comuni e alcuni siti istituzionali delle città italiane. Al momento mentre scriviamo risulta offline il sito della Regione Lazio e il Comune di Taranto, mentre il sito del Comune di Roma risulta attivo.

NoName057(16) è un gruppo di hacker che si è dichiarato a marzo del 2022 a supporto della Federazione Russa. Hanno rivendicato la responsabilità di attacchi informatici a paesi come l’Ucraina, gli Stati Uniti e altri vari paesi europei. Questi attacchi vengono in genere eseguiti su agenzie governative, media e siti Web di società private.

La Regione Lazio ha pubblicato poco fa una pagina che riporta che al momento il sito non risulta raggiungibile in quanto in manutenzione

Che cos’è un attacco Distributed Denial of Service

Un attacco DDoS (Distributed Denial of Service) è un tipo di attacco informatico in cui vengono inviate una grande quantità di richieste a un server o a un sito web da molte macchine diverse contemporaneamente, al fine di sovraccaricare le risorse del server e renderlo inaccessibile ai suoi utenti legittimi.

Queste richieste possono essere inviate da un grande numero di dispositivi infetti da malware e controllati da un’organizzazione criminale, da una rete di computer compromessi chiamata botnet, o da altre fonti di traffico non legittime. L’obiettivo di un attacco DDoS è spesso quello di interrompere le attività online di un’organizzazione o di un’azienda, o di costringerla a pagare un riscatto per ripristinare l’accesso ai propri servizi online.

Gli attacchi DDoS possono causare danni significativi alle attività online di un’organizzazione, inclusi tempi di inattività prolungati, perdita di dati e danni reputazionali. Per proteggersi da questi attacchi, le organizzazioni possono adottare misure di sicurezza come la limitazione del traffico di rete proveniente da fonti sospette, l’utilizzo di servizi di protezione contro gli attacchi DDoS o la progettazione di sistemi resistenti agli attacchi DDoS.

Occorre precisare che gli attacchi di tipo DDoS, seppur provocano un disservizio temporaneo ai sistemi, non hanno impatti sulla Riservatezza e Integrità dei dati, ma solo sulla loro disponibilità. pertanto una volta concluso l’attacco DDoS, il sito riprende a funzionare esattamente come prima.

Che cos’è l’hacktivismo cibernetico

L’hacktivismo cibernetico è un movimento che si serve delle tecniche di hacking informatico per promuovere un messaggio politico o sociale. Gli hacktivisti usano le loro abilità informatiche per svolgere azioni online come l’accesso non autorizzato a siti web o a reti informatiche, la diffusione di informazioni riservate o il blocco dei servizi online di una determinata organizzazione.

L’obiettivo dell’hacktivismo cibernetico è di sensibilizzare l’opinione pubblica su questioni importanti come la libertà di espressione, la privacy, la libertà di accesso all’informazione o la lotta contro la censura online. Gli hacktivisti possono appartenere a gruppi organizzati o agire individualmente, ma in entrambi i casi utilizzano le loro competenze informatiche per creare un impatto sociale e politico.

È importante sottolineare che l’hacktivismo cibernetico non deve essere confuso con il cybercrime, ovvero la pratica di utilizzare le tecniche di hacking per scopi illeciti come il furto di dati personali o finanziari. Mentre il cybercrime è illegale, l’hacktivismo cibernetico può essere considerato legittimo se mira a portare all’attenzione pubblica questioni importanti e a favorire il dibattito democratico. Tuttavia, le azioni degli hacktivisti possono avere conseguenze legali e gli hacktivisti possono essere perseguiti per le loro azioni.

Chi sono gli hacktivisti di NoName057(16)

NoName057(16) è un gruppo di hacker che si è dichiarato a marzo del 2022 a supporto della Federazione Russa. Hanno rivendicato la responsabilità di attacchi informatici a paesi come l’Ucraina, gli Stati Uniti e altri vari paesi europei. Questi attacchi vengono in genere eseguiti su agenzie governative, media e siti Web di società private

Le informazioni sugli attacchi effettuati da NoName057(16) sono pubblicate nell’omonimo canale di messaggistica di Telegram. Secondo i media ucraini, il gruppo è anche coinvolto nell’invio di lettere di minaccia ai giornalisti ucraini. Gli hacker hanno guadagnato la loro popolarità durante una serie di massicci attacchi DDOS sui siti web lituani.

Le tecniche di attacco DDoS utilizzate dal gruppo sono miste, prediligendo la “Slow http attack”.

La tecnica del “Slow Http Attack”

L’attacco “Slow HTTP Attack” (l’articolo completo a questo link) è un tipo di attacco informatico che sfrutta una vulnerabilità dei server web. In questo tipo di attacco, l’attaccante invia molte richieste HTTP incomplete al server bersaglio, con lo scopo di tenere occupate le connessioni al server per un periodo prolungato e impedire l’accesso ai legittimi utenti del sito.

Nello specifico, l’attacco Slow HTTP sfrutta la modalità di funzionamento del protocollo HTTP, che prevede che una richiesta HTTP sia composta da tre parti: la richiesta, la risposta e il corpo del messaggio. L’attaccante invia molte richieste HTTP incomplete, in cui il corpo del messaggio viene inviato in modo molto lento o in modo incompleto, bloccando la connessione e impedendo al server di liberare le risorse necessarie per servire altre richieste.

Questo tipo di attacco è particolarmente difficile da rilevare e mitigare, poiché le richieste sembrano legittime, ma richiedono un tempo eccessivo per essere elaborate dal server. Gli attacchi Slow HTTP possono causare tempi di risposta molto lenti o tempi di inattività del server, rendendo impossibile l’accesso ai servizi online ospitati su quel sistema.

Per proteggersi da questi attacchi, le organizzazioni possono implementare soluzioni di sicurezza come l’uso di firewall applicativi (web application firewall o WAF), la limitazione delle connessioni al server e l’utilizzo di sistemi di rilevamento e mitigazione degli attacchi DDoS

L'articolo Ottavo giorno di attacchi DDoS! NoName057(16) colpisce Regioni, Comuni e Città Italiane proviene da il blog della sicurezza informatica.

When PCI-SIG introduced the 12VHPWR power connector as a replacement for the 6- and 8-pin PCIe power connectors, it created a wave of controversy. There were enough cases of melting GPUs, PSUs, and cables to set people on edge. Amidst this controversy, [JayzTwoCents] decided to do some scientific experimentation, Mythbusters-style, specifically: do these 12VHPWR (or the 12V-2×6 successor) wear out upon hitting the often cited 30 mating cycles? If this is the case, it could explain why people see wildly different current loads between the wires in their GPU power cables. Perhaps reviewers and hardware enthusiasts should replace their GPU power cables more often.

Like many Mythbuster experiments, the outcome is less than clear, as can be observed in the above graph from one data set. Even after 100 mating cycles, there was no observable change to the contact resistance. One caveat: this was only performed on the GPU side of the connector. The first cable tested was a newer connector type that uses a single-split leaf spring design. Initially, most of the 12VHPWR connectors had a double- or triple-dimple design to contact the pin, so [Jayz] tested one of these, too.

The amazing thing with the 2022-era cable that got pulled new out of packaging and tested was that it looked terrible under the microscope in terms of tolerances and provided a very uneven load, but it got better over time and also lasted 100 cycles. However, it must be said that ‘lasted’ is a big word here, as the retention tab wore off by this point, and the connector was ready to fall out with a light breeze.

Perhaps the ‘mating cycles’ specification is more about the connector as a whole, as well as how the connector is (ab)used, at which point good (long-term) contact is no longer assured. Along with the different types of Molex Mini- and Micro-Fit style connectors, it’s worth keeping an eye on with more applications than just GPUs.

We have certainly seen some burned connectors. Particularly in 3D printers.

youtube.com/embed/lAdLOf5of8Y?…

hackaday.com/2025/02/23/does-t…