The loudspeaker on your home entertainment equipment is designed to project audio around the space in which it operates, if it’s not omnidirectional as such it can feel that way as the surroundings reflect the sound to you wherever you are. Making a directional speaker to project sound over a long distance is considerably more difficult than making one similar to your home speaker, and [Orange_Murker] is here with a solution. At the recent Hacker Hotel conference in the Netherlands, she presented an ultrasonic parametric speaker. It projects an extremely narrow beam of sound over a significant distance, but it’s not an audio frequency speaker at all.

Those of you familiar with radio will recognize its operation; an ultrasonic carrier is modulated with the audio to be projected, and the speaker transfers that to the air. Just like the diode detector in an old AM radio, air is a nonlinear medium, and it performs a demodulation of the ultrasound to produce an audio frequency that can be heard. She spends a while going into modulation schemes, before revealing that she drove her speaker with a 40 kHz PWM via an H bridge. The speaker itself is an array of in-phase ultrasonic transducers, and she demonstrates the result on her audience.

This project is surprisingly simple, should you wish to have a go yourself. There’s a video below the break, and she’s put all the files in a GitHub repository. Meanwhile this isn’t the first time we’ve seen a project like this.

media.ccc.de/v/2025-201-build-…

hackaday.com/2025/03/04/build-…

La società Broadcom ha rilasciato aggiornamenti di sicurezza per risolvere tre vulnerabilità attivamente sfruttate nei prodotti VMware ESXi, Workstation e Fusion che potrebbero causare l’esecuzione di codice e la divulgazione di informazioni.

• CVE-2025-22224 : ha ricevuto un punteggio critico di 9,3 sulla scala CVSS ed è associato a un errore Time-of-Check Time-of-Use (TOCTOU). Può causare una vulnerabilità di scrittura fuori dai limiti, che consente a un aggressore con privilegi amministrativi locali sulla macchina virtuale di eseguire codice per conto del processo VMX sull’host.
• CVE-2025-22225 : con una valutazione di 8,2 è associato alla scrittura di dati arbitrari e può essere utilizzato per uscire dall’ambiente isolato di una macchina virtuale.
• CVE-2025-22226 : ha un livello di minaccia pari a 7,1 e consente a un aggressore con privilegi amministrativi su una macchina virtuale di leggere i dati dalla memoria del processo VMX, causando la perdita di informazioni.

Le seguenti versioni software sono vulnerabili agli attacchi: VMware ESXi 8.0 e 7.0, VMware Workstation 17.x, VMware Fusion 13.x, nonché le piattaforme VMware Cloud Foundation e VMware Telco Cloud.

Broadcom ha già rilasciato delle patch per risolvere le vulnerabilità e consiglia vivamente agli utenti di installarle il prima possibile.

Il Microsoft Threat Intelligence Center è stato il primo a identificare e segnalare i problemi. Broadcom ha riconosciuto gli attacchi ma non ha divulgato dettagli su come sono state sfruttate le vulnerabilità o sui gruppi che le hanno sfruttate negli attacchi veri e propri.

Dato l’uso attivo delle vulnerabilità negli attacchi informatici, l’aggiornamento dei sistemi è una misura di sicurezza prioritaria per gli utenti VMware.

L'articolo Allarme VMware: 3 vulnerabilità critiche attivamente sfruttate – Aggiorna subito! proviene da il blog della sicurezza informatica.

Gli analisti di Cyfirma hanno scoperto che un malware per Android chiamato SpyLend si è infiltrato nello store ufficiale di Google Play ed è stato scaricato più di 100.000 volte. Il malware era camuffato da strumento finanziario ed è stato utilizzato in India per erogare prestiti nell’ambito del programma SpyLoan.

I malware di tipo SpyLoan solitamente si mascherano da strumenti finanziari o servizi di credito legittimi, attraverso i quali agli utenti vengono offerti prestiti con approvazione rapida, ma le condizioni di tali prestiti sono spesso molto fuorvianti o semplicemente false. Inoltre, le app rubano dati dai dispositivi delle vittime per utilizzarli in seguito a fini di ricatto.

Inoltre, le app SpyLoan richiedono sempre privilegi eccessivi sul dispositivo, tra cui: il permesso di utilizzare la fotocamera (presumibilmente per caricare foto KYC), l’accesso al calendario, ai contatti, agli SMS, alla posizione, ai dati dei sensori e così via. Di conseguenza, gli operatori di tali applicazioni possono rubare dati riservati dal dispositivo e utilizzarli a scopo di ricatto, per poi costringere la vittima a pagare.

I ricercatori di Cyfirma hanno scoperto nell’app store ufficiale un’app chiamata Finance Simplified, che è stata scaricata oltre 100.000 volte e che si vanta di essere uno strumento di gestione finanziaria.

Secondo gli esperti, in alcuni Paesi come l’India, l’applicazione mostra un comportamento dannoso e ruba dati dai dispositivi degli utenti. Inoltre, sono stati scoperti altri APK dannosi che sembrano essere varianti della stessa campagna malware: KreditApple, PokketMe e StashFur.

Sebbene l’app sia già stata rimossa da Google Play, potrebbe continuare a essere eseguita in background, raccogliendo informazioni sensibili dai dispositivi infetti, tra cui:

• contatti, registri delle chiamate, messaggi SMS e dati del dispositivo;
• foto, video e documenti da memorie interne ed esterne;
• Posizione in tempo reale della vittima (aggiornata ogni 3 secondi), cronologia delle posizioni e indirizzo IP;
• le ultime 20 voci di testo copiate negli appunti;
• cronologia creditizia e messaggi SMS sulle transazioni bancarie.

Numerose recensioni degli utenti di Finance Simplified su Google Play indicano che l’app offriva servizi di prestito e poi i suoi gestori cercavano di estorcere denaro ai mutuatari se si rifiutavano di pagare alti tassi di interesse.

Sebbene i dati sopra elencati siano stati utilizzati principalmente per estorcere denaro alle persone che hanno corso il rischio di contrarre un prestito tramite Finance Simplified, potrebbero anche essere utilizzati per frodi finanziarie o rivenduti a criminali informatici.

Per evitare di essere individuato su Google Play, Finance Simplified ha utilizzato una WebView per reindirizzare gli utenti a un sito esterno, dove hanno scaricato l’APK dei prestiti ospitato su Amazon EC2. Si noti che l’applicazione scaricava un APK aggiuntivo solo se l’utente si trovava in India.

L'articolo Attenti a SpyLend: Il Malware Android con 100.000 Download su Google Play! proviene da il blog della sicurezza informatica.

While we’d like to think that pandemics and lockdowns are behind us, the reality is that a warming climate and the fast-paced travel of modern life are a perfect storm for nasty viruses. One thing that could help us curb the spread of the next pandemic may already be on your wrist.

Researchers at Aalto University, Stanford University, and Texas A&M have found that the illness detection features common to modern smartwatches are advanced enough to help people make the call to stay home or mask up and avoid getting others sick. They note we’re already at 88% accuracy for early detection of COVID-19 and 90% for the flu. Combining data from a number of other studies on smartwatch accuracy, epidemiology, behavior, and biology, the researchers were able to model the possible outcomes of this early detection on the spread of future diseases.

“Even just a 66-75 percent reduction in social contacts soon after detection by smartwatches — keeping in mind that that’s on a par with what you’d normally do if you had cold symptoms — can lead to a 40-65 percent decrease in disease transmission compared to someone isolating from the onset of symptoms,” says Märt Vesinurm.

We’ve got you covered if you’re looking for a smartwatch that looks a bit like a hospital wristband and we’ve also covered one that’s alive. That way, you’ll have a slimy friend when you’re avoiding other humans this time around. And when it’s time to develop a vaccine for whatever new bug is after us, how do MRNA vaccines work anyway?

hackaday.com/2025/03/04/smartw…

Shortwave radio has a charm all its own: part history, part mystery, and a whole lot of tech nostalgia. The Hallicrafters S-53A is a prime example of mid-century engineering, but when you get your hands on one, chances are it won’t be in mint condition. Which was exactly the case for this restoration project by [Ken’s Lab], where the biggest challenge wasn’t fried capacitors or burned-out tubes, but a stubborn band selector switch that refused to budge.

What made it come to this point? The answer is: time, oxidation, and old-school metal tolerances. Instead of forcing it (and risking a very bad day), [Ken]’s repair involved careful disassembly, a strategic application of lubricant, and a bit of patience. As the switch started to free up, another pleasant surprise emerged: all the tubes were original Hallicrafters stock. A rare find, and a solid reason to get this radio working without unnecessary modifications. Because some day, owning a shortwave radio could be a good decision.

Once powered up, the receiver sprang to life, picking up shortwave stations loud and clear. Hallicrafters’ legendary durability proved itself once before, in this fix that we covered last year. It’s a reminder that sometimes, the best repairs aren’t about drastic changes, but small, well-placed fixes.

What golden oldie did you manage to fix up?

youtube.com/embed/Nx8Mq9OCoRo?…

hackaday.com/2025/03/04/shortw…

We return to [Tom Verbeure] hacking on Symmetricom GPS receivers. This time, the problem’s more complicated, but the solution remains the same – hardware hacking. If you recall, the previous frontier was active antenna voltage compatibility – now, it’s rollover. See, the GPS receiver chip has its internal rollover date set to 18th of September 2022. We’ve passed this date a while back, but the receiver’s firmware isn’t new enough to know how to handle this. What to do? Build an interposer, of course.

You can bring the by sending some extra init commands to the GPS chipset during bootup, and, firmware hacking just wasn’t the route. An RP2040 board, a custom PCB, a few semi-bespoke connectors, and a few zero-ohm resistors was all it took to make this work. From there, a MITM firmware wakes up, sends the extra commands during power-on, and passes all the other traffic right through – the system suspects nothing.

Everything is open-source, as we could expect. The problem’s been solved, and, as a bonus, this implant gives a workaround path for any future bugs we might encounter as far as GPS chipset-to-receiver comms are concerned. Now, the revived S200 serves [Tom] in his hacking journeys, and we’re reminded that interposers remain a viable way to work around firmware bugs. Also, if the firmware (or the CPU) is way too old to work with, an interposer is a great first step to removing it out of the equation completely.

hackaday.com/2025/03/04/interp…

Spesso parliamo di Backdoor e di come queste qualora presenti possano essere scoperte e utilizzate dai malintenzionati. E oggi ci troviamo a commentare un ennesimo caso di questo genere.

Oltre mezzo milione di dispositivi Android e diverse migliaia di dispositivi iOS sono stati messi a rischio a causa di una vulnerabilità nell’app spia Spyzie, progettata per la sorveglianza segreta.

Lo ha riferito un ricercatore di sicurezza informatica, il Quale ha fornito un report a TechCrunch. La maggior parte dei possessori di dispositivi probabilmente non sa che i propri dati personali, tra cui messaggi, foto e geolocalizzazione, erano stati compromessi.

L’app Spyzie è vulnerabile allo stesso bug di Cocospy e Spyic, precedentemente criticati per aver divulgato i dati di oltre 2 milioni di utenti. Il bug consente ad aggressori terzi di accedere alle informazioni raccolte da queste app (sebbene il concetto di app implichi l’accesso da parte di una sola persona), nonché agli indirizzi e-mail dei clienti che utilizzano Spyzie per la sorveglianza.

Un ricercatore ha scoperto e condiviso con TechCrunch un database contenente 518.643 indirizzi email univoci dei clienti di Spyzie. Questi dati inoltre sono stati inviati a Troy Hunt, creatore di Have I Been Pwned, un sito web che monitora le fughe di informazioni.

Spyzie, come altre app simili, rimane nascosta sui dispositivi, rendendone difficile il rilevamento. La maggior parte delle vittime sono proprietari di dispositivi Android a cui è stato fisicamente effettuato l’accesso, spesso nell’ambito di relazioni violente. Per iPhone e iPad, Spyzie utilizza i dati di iCloud per accedere tramite gli account delle vittime.

La violazione dei dati di Spyzie segna la 24a volta dal 2017 che le app di sorveglianza vengono hackerate a causa di una scarsa sicurezza. Gli operatori di Spyzie non hanno ancora commentato la situazione, ma la vulnerabilità non è ancora stata risolta.

Per verificare se Spyzie è disponibile sui dispositivi Android, puoi comporre **001** nel dialer. Se l’app è installata, apparirà sullo schermo. Si consiglia ai possessori di iPhone e iPad di abilitare l’autenticazione a due fattori e di controllare l’elenco dei dispositivi connessi al proprio ID Apple.

incidenti come Spyzie, Cocospy e Spyic si possono trarre alcune conclusioni: anche se hai motivo di sospettare qualcosa del tuo partner, non dovresti installare una app spia sul suo smartphone. Una piccola vulnerabilità può far sì che i dati riservati del tuo partner siano visibili non solo a te, ma all’intera Rete.

Invece di mettere a repentaglio la privacy della persona cara, è meglio risolvere i problemi attraverso un dialogo aperto. La sorveglianza segreta non solo viola i confini personali, ma espone anche i dati a pericoli che non possono più essere corretti.

L'articolo Una falla nell’app spia Spyzie ha esposto dati sensibili di migliaia di utenti! proviene da il blog della sicurezza informatica.

[Pete] had a friend who would powder coat metal parts for him, but when he needed 16 metal parts coated, he decided he needed to develop a way to do it himself. Some research turned up the fluid bed method and he decided to go that route. He 3D printed a holder and you can see how it all turned out in the video below.

A coffee filter holds the powder in place. The powder is “fluidized” by airflow, which, in this case, comes from an aquarium pump. The first few designs didn’t work out well. Eventually, though, he had a successful fluid bed. You preheat the part so the powder will stick and then, as usual, bake the part in an oven to cure the powder. You can expect to spend some time getting everything just right. [Pete] had to divert airflow and adjust the flow rate to get everything to work right.

With conventional powder coating, you usually charge the piece you want to coat, but that’s not necessary here. You could try a few other things as suggested in the video comments: some suggested ditching the coffee filter, while others think agitating the powder would make a difference. Let us know what you find out.

This seems neater than the powder coating guns we’ve seen. Of course, these wheels had a great shape for powder coating, but sometimes it is more challenging.

youtube.com/embed/Kh5TEMo2bdc?…

hackaday.com/2025/03/04/inexpe…

Image by [Sasha K.] via redditRemember that lovely Hacktric centerfold from a couple Keebins ago with the Selectric keycaps? Yeah you do. Well, so does [Sasha K.], who saw the original reddit post and got inspired. [Sasha K.] has more than one IBM Selectric lying around, which is a nice problem to have, and decided to strip one of its keycaps and get to experimenting.

The result is a nice adapter that allows them to be used with Kailh chocs — you can find the file on Thingiverse, and check out the video after the break to see how they sound on a set of clicky white chocs.

Those white chocs are attached to a ThumbsUp! v8 keyboard, a line that [Sasha K.] designed. His daily driver boards are on v9 and v10, but the caps were getting jammed up because of the spacing on those. So instead, he used v8 which has Cherry MX spacing but also supports chocs.

As you can see, there is not much to the adapter, which essentially plugs the Selectric keycap’s slot and splits the force into the electrical outlet-style pair of holes that chocs bear This feels like an easier problem to solve than making an adapter for MX-style switches. What do you think?

youtube.com/embed/5UlwyUif-mc?…

Desk-Mounted Macro Pad Does Not Control Desk Height

Image by [CloffWrangler] via redditBut it sure is a nice-looking first design, isn’t it? Especially with that colorway and the ISO Return. Mmm. Reminds me of the Data General Dasher, and for good reason — those are Drop’s Dasher key caps.

So why the number scheme? It means nothing more than that it is representative of the keycaps that [CloffWrangler] had lying around. They are currently used for volume control, toggling mic and webcam in Zoom, and some other stuff that [CloffWrangler] hasn’t landed on just yet.

This hand-wired, 3D-printed beauty is ruled by a Raspberry Pi Pico and contains Gateron Oil Kings switches. I sure would like to have something similar, but I think I would hit it with my chair quite a bit unless I put it way over there to the right or something. But then I wonder, would it be as useful? If it were at arm’s length, I might be tempted to rotate the thing 90° to the right so it wouldn’t be awkward to use.

The Centerfold: A Cat Person Lives Here

Image by [moobel] via redditDon’t these friendly keycaps look nice and soft? Apparently they’re not, according to [moobel]. That’s unfortunate. But they do feel nice to type on nonetheless.

So, that’s not too many keys, is it? That’s because this isn’t technically a keyboard. It’s a pair of Taipo keyboards, which are meant for to be used to chord with either one or both hands. I really appreciate that [moobel] discovered the Taipo and decided to make a pair in order to learn the layout.

Do you rock a sweet set of peripherals on a screamin’ desk pad? Send me a picture along with your handle and all the gory details, and you could be featured here!

Historical Clackers: Der Kanzler

Image by [DonaldDutchie] via redditHow quickly can you type on a typewriter? To a certain extent, it depends on the machine. Der Kanzler Schreibmaschine was a fine piece of German engineering that allowed one to type quickly for an interesting reason: it could print 88 characters using only 11 type bars with 8 characters each.

How did that work? Well, each key changed the position of the linkages, moving the slug either up or down. The top row articulates the deepest, while the home row doesn’t move at all. Makes sense.

The Kanzler was designed by Paul Gruetzmann, and the Kanzler model 1B shown here hit the market in 1903. With the Kanzler line, Gruetzmann was trying to produce a machine that was faster and more stable than others. The company claimed that 200 WPM was technically achievable. Can you imagine typing that fast on your best day, on your favorite keyboard? No chording allowed! 😛

Finally, Some 3D-Printed keycaps for the Kinesis Advantage

If you’re a Kinesis Advantage owner, one of the first things you notice is that you might not really like the ABS keycaps and will probably want something different. But then you find out that although you can get fun keycap sets in ergo layouts, they’re never gonna be contoured like the factory set, and that’s something you’ll have to get used to that, in my opinion, degrades the Kinesis experience. Right now, it seems like the best option is to just print your own.

Image by [SimplifyAndAddCoffee] via redditAnd here are the files. If you’re wondering about E, that is the original Maltron layout where this whole idea of the concave curvy girl got its start.

According to [SimplifyAndAddCoffee], these lovely keycaps were printed in Siraya Tech Blue Obsidian Black resin on an MSLA printer.

After printing, those inset legends were filled with white epoxy putty. [SimplifyAndAddCoffee] then scraped away the excess and completed the process by wiping them all with an isopropyl alcohol-soaked rag.

Personally, I suffer with the original ABS caps on my daily driver Kinesis, but my go-somewhere board has blank PBT caps for ultimate intrigue. I’d love to have a set of printed ones, but I’d have to have them made somewhere since I don’t have any type of resin printer around.

Got a hot tip that has like, anything to do with keyboards? Help me out by sending in a link or two. Don’t want all the Hackaday scribes to see it? Feel free to email me directly.

hackaday.com/2025/03/04/keebin…

C'è un'alternativa al cloud USA, ora che tutti scoprono che non sono alleati né affidabili? Sì? No? La risposta giusta è no. Ma è la domanda che è sbagliata.

spreaker.com/episode/dk-9x20-f…

We love camera hacking here at Hackaday, and it’s always fascinating to see new things being done in photography. Something rather special has come our way from [Camerdactyl], who hasn’t merely made a camera, instead he’s created an entirely new analogue film format. Move over 35mm and 120, here’s the RA-4 cartridge!

RA-4 is the colour print chemistry many of you will be familiar with from your holiday snaps back in the day. Normally a negative image is projected onto it from the negative your camera took, and the positive image is developed on the paper as the reverse of that. It can also be developed as a reversal process similar to slide film, in which the negative image is developed and bleached away leaving an unexposed positive image, which can then be exposed to light and developed to reveal a picture. This means that with carefully chosen colour correction filters it can be shot in a camera to make normal colour prints with this reversal process.

The new film format is a 3D printed cartridge system holding a long roll of RA-4 paper, which slots into a back for standard 5 by 4 inch cameras. He’s also made a modular developing machine for the process, and can get over 100 shots on a roll. A portion of the video below deals with how he wants to release it; since it has taken a huge amount of development resources he intends to release the files to the public in stages as he reaches sales milestones with his work. It’s an unusual strategy that we hope works for him, though we suspect that many camera hackers would be prepared to pay him directly for the files.

Either way, it’s a reminder that there’s still plenty of fun to be had with analogue film, and also that reversal development of RA-4 is possible. Some of us here at Hackaday have been known to hack a few cameras, we guess it’s another one to add to the “one day” list.

youtube.com/embed/PB0GPYUDBCM?…

Thanks [Chuck] for the tip!

hackaday.com/2025/03/04/its-20…

Le priorità, quelle vere...

Il ministro dell'Agricoltura suggerisce una riduzione dell'imposta dal 22 al 10%. Il Pd, "il governo fuori dalla realtà"

agi.it/economia/news/2025-03-0…

Long before the first airplanes took to the skies, humans had already overcome gravity with the help of airships. Starting with crude hot air balloons, the 18th century saw the development of more practical dirigible airships, including hydrogen gas balloons. On 7 January 1785, French inventor, and pioneer of gas balloon flight Jean-Pierre Blanchard would cross the English Channel in such a hydrogen gas balloon, which took a mere 2.5 hours. Despite the primitive propulsion and steering options available at the time, this provided continued inspiration for new inventors.

With steam engines being too heavy and cumbersome, it wasn’t until the era of internal combustion engines a century later that airships began to develop into practical designs. Until World War 2 it seemed that airships had a bright future ahead of them, but amidst a number of accidents and the rise of practical airplanes, airships found themselves mostly reduced to the not very flashy role of advertising blimps.

Yet despite popular media having declared rigid airships such as the German Zeppelins to be dead and a figment of a historic fevered imagination, new rigid airships are being constructed today, with improvements that would set the hearts of 1930s German and American airship builders aflutter. So what is going on here? Are we about to see these floating giants darken the skies once more?

A Simple Concept

Both balloons and airships are a type of aerostat, meaning an aircraft that is lighter than air and thus capable of sustained buoyancy. Much like a ship or a submarine, it uses this buoyancy to establish equilibrium with the surrounding air and thus maintain its position. In order to change their buoyancy, ships and submarines have ballast tanks, while airships can use mechanisms such as a ballonet. These are air-filled balloons inside the outer balloon which is filled with a lifting gas. Inflating the ballonet with more air or vice versa thus changes the buoyancy of the airship.

In the case of rigid airships like Zeppelins the concept of ballonet is somewhat reversed, in that the outer envelope contains air, while the lifting gas is inside gas bags attached to the upper part. If the rigid airship changes altitude using dynamic lift (i.e. using its propulsion and control surfaces), or by dropping ballast, the air pressure inside this outer envelope drops and the gas bags expand, which reduces the volume of air inside the outer envelope and thus adjusts the buoyancy.

This property makes both non-rigid (i.e. blimps, with ballonets) and rigid airships very stable platforms in most conditions with no real range limit beyond the fuel and food capacity for respectively the engines and onboard crew & passengers.

Why Airships Failed

The main issue with airships is that they are relatively large, and as a result cumbersome to handle, slow when moving, and susceptible to adverse weather conditions. In the list of airship accidents on Wikipedia one can get somewhat of an impression of the issues that airship crews had to deal with. Although there is some overlap with aircraft accidents, unique to airships is their large size which make them susceptible to strong winds and gusts, which can overpower the airship’s controls and cause it to crash.
Comparison of the LZ 129 Hindenburg with a number of very large airplanes. (Source: Wikimedia)
Other accidents involved the loss of lifting gas or a conflagration involving hydrogen lifting gas. The fatal accident involving the LZ 129 Hindenburg is probably the event which is most strongly etched onto people’s minds here, although ultimately the cause of what came to be called the Hindenburg disaster was never uncovered. This accident is often marked as ‘the end of the airship era’, although that seems to be rather exaggerated in the light of continued use of airships throughout World War 2 and beyond.

What is undeniably true, however, is that the rise of airplanes during the first half of the 20th century provided strong competition for airships when it came to passenger and cargo transport. Workhorses like the Douglas DC-3 airplane came to define travel by air, while airships saw themselves reduced to mostly military, observational and commercial use where aspects like speed were less important than endurance.

Meanwhile the much smaller and simpler non-rigid blimps were a popular choice for especially stationary applications, ranging from advertising and military monitoring and reconnaissance, to recording platforms for televised sport matches. Effectively airships didn’t go away, they just stopped being Hindenburg-class sized giants.

A Fresh Try

Zeppelin NT D-LZZR during low level flight, 2003 (Credit: Hansueli Krapf, Wikimedia)
Despite this reduced image of airships in people’s minds, the allure of these gentle giants quietly moving through the skies never went away. Beyond flashes of nostalgia and simple tourism, multiple start-ups have or are currently trying to come up with new business models that would reinvigorate the airship industry.

Notable mentions here include the semi-rigid Zeppelin NT, the hybrid Airlander 10, and more recently LTA’s rigid Pathfinder 1, which as the name suggests is a pathfinder airship. Of these the Zeppelin NT is the only one which is currently actively in production and flying. As a semi-rigid airship it doesn’t have the full supportive skeleton as a rigid airship, but instead only has a singular keel. Ballonets are further used as typical with a non-rigid design. So far seven of these have been built, for purposes ranging from tourism, aerial photography, and scientific studies.

The obvious advantage of a semi-rigid design is that it makes disassembling them for transport a lot easier. In comparison a hybrid airship like the Airlander 10 blends the airship design with that of an airplane by adding wings and other design elements which make it in many ways closer to a blended wing design, just with the ability to also float.

Unfortunately for the Airlander 10, it seems to be struggling to enter production since we last looked at it in 2021, with a tentative year of 2028 currently penciled in.

So in this landscape, what is the business model of LTA (Lighter Than Air), a company started and funded by Google co-founder Sergey Brin? As reported most recently by LTA, in October of 2024 they achieved the first untether flight of Pathfinder 1. Construction of Pathfinder 1 incidentally took place at Hangar Two at Moffett airfield, which some people may recognize as one of the filming locations for Mythbuster episodes, and which is a a WW2-era airship hangar.
Pathfinder 1 in Hangar 2 at Moffett Airfield. (Credit: LTA)
The rigid Pathfinder 1 uses many new technologies and materials, including titanium hubs and carbon fiber reinforced polymer tubes for the internal frame, LIDAR sensors and an outer skin made of laminated polyvinyl fluoride (PVF, trade name Tedlar). It also uses a landing gear adapted from the Zeppelin NT, with LTA having a working relationship with the company behind that airship.

Finally, it uses 13 helium bags made of ripstop nylon fabric with urethane coating, which should mean that leakage of the lifting gas is significantly less than with Hindenburg-era airships, which were originally designed to use helium as well. The use of titanium and carbon fiber also offer obvious advantages over the duralumin aluminium-copper alloy that was the peak of materials research in the 1930s.

From reading the press releases and the industry commentary to LTA’s efforts it is clear that there’s no clear-cut business model yet, and that Pathfinder 1 along with the upcoming Pathfinder 3 – which will be one-third larger – are pretty much what the name says. As a start-up bankrolled by someone with very deep pockets, the immediate need to attract funding is less severe, which should allow LTA to trial multiple of these prototype airships as they figure out what does and what does not work, also in terms of constructing these massive airships.

Perhaps much like the humble hovercraft which saw itself overhyped last century before seemingly vanishing by the late 90s from public view, there is a niche for even these large rigid airships. Whether this will be in the form of mostly tourist flights, perhaps something akin to cruise ships but in the sky, or something more serious is hard to say.

Who knows, maybe the idea of a flying aircraft carrier like the 1930s-era USS Macon (ZRS-5) will be revived once more, after that humble airship’s impressive list of successes.

hackaday.com/2025/03/04/ltas-p…

Gli aggressori sfruttano una vulnerabilità nel driver Paragon Partition Manager (BioNTdrv.sys) negli attacchi ransomware, utilizzando il driver per aumentare i privilegi ed eseguire codice arbitrario. Secondo CERT/CC , questa vulnerabilità zero-day (CVE-2025-0289) è una delle cinque vulnerabilità scoperte dai ricercatori Microsoft.

“Questi includono problemi relativi alla mappatura arbitraria e alla scrittura della memoria del kernel, alla dereferenziazione del puntatore NULL, all’accesso non sicuro alle risorse del kernel e a una vulnerabilità che consente lo spostamento arbitrario dei dati nella memoria”, ha affermato il CERT/CC in una nota.

Ciò significa che un aggressore con accesso locale a una macchina Windows può sfruttare le vulnerabilità per aumentare i privilegi o causare un diniego di servizio (DoS) sfruttando il fatto che il file BioNTdrv.sys è firmato da Microsoft ed è un driver a livello di kernel. Ciò consente di sfruttare le vulnerabilità per eseguire comandi con gli stessi privilegi del driver, aggirando la protezione.

Il problema apre anche la possibilità di attacchi BYOVD (Bring Your Own Vulnerable Driver) sui sistemi in cui Paragon Partition Manager e il driver non sono installati. Ciò consentirà agli aggressori di ottenere privilegi elevati ed eseguire codice dannoso. I ricercatori non hanno specificato quali gruppi di hacker hanno utilizzato specificatamente CVE-2025-0289 come vulnerabilità zero-day.

L’elenco dei problemi che interessano le versioni 1.3.0 e 1.5.1 di BioNTdrv.sys è il seguente:

• CVE-2025-0285 è una vulnerabilità di mappatura della memoria arbitraria nel kernel 7.9.1 causata da un errore nella convalida della lunghezza dei dati forniti dall’utente. Gli aggressori possono sfruttare questo problema per ottenere l’escalation dei privilegi;
• CVE-2025-0286 è una vulnerabilità di scrittura arbitraria nella memoria del kernel nella versione 7.9.1 dovuta a un controllo non corretto della lunghezza dei dati forniti dall’utente. Consente l’esecuzione di codice arbitrario sul computer della vittima;
• CVE-2025-0287 – Esiste una vulnerabilità di dereferenziazione del puntatore nullo nella versione 7.9.1 dovuta alla mancanza di una struttura MasterLrp valida nel buffer di input. Consente l’esecuzione di codice arbitrario a livello di kernel, consentendo l’escalation dei privilegi;
• CVE-2025-0288 è una vulnerabilità della memoria del kernel nella versione 7.9.1 correlata alla funzione memmove, che non pulisce l’input dell’utente. Consente di scrivere memoria kernel arbitraria e di aumentare i privilegi;
• CVE-2025-0289 – Vulnerabilità relativa alla mancanza di convalida del puntatore MappedSystemVa prima del passaggio a HalReturnToFirmware. Consente agli aggressori di compromettere un servizio vulnerabile.

Paragon Software ha corretto tutte le vulnerabilità nella versione 2.0.0 del driver. Inoltre, la versione vulnerabile del driver è già stata aggiunta alla lista nera di Microsoft .

L'articolo Nuova vulnerabilità zero-day su Paragon Partition Manager che consente attacchi BYOVD proviene da il blog della sicurezza informatica.