The current generation of USB-powered soldering irons have a lot going for them, chief among them being portability and automatic start and stop. But an iron that turns off in the middle of soldering a joint is a problem, one that this capacitive-touch replacement control module aims to fix.

The iron in question is an SJ1 from Awgem, which [DoganM95] picked up on Ali Express. It seems well-built, with a sturdy aluminum handle, a nice OLED display, and fast heat-up and cool-down. The problem is that the iron is triggered by motion, so if you leave it still for more than a second or two, such as when you’re soldering a big joint, it turns itself off. To fix that,[DoganM95] designed a piggyback board for the OEM controller with a TTP223 capacitive touch sensor. The board is carefully shaped to allow clearance for the existing PCB components and the heater cartridge terminals, and has castellated connections so it can connect to pads on the main board. You have to remove one MOSFET from the main board, but that’s about it for modifications. A nickel strip makes contact with the inside of the iron’s shell, turning it into the sensor plate for the TTP223.

[DoganM95] says that the BA6 variant of the chip is the one you want, as others have a 10-second timeout, which would defeat the purpose of the mod. It’s a very nice bit of design work, and we especially like how the mod board nests so nicely onto the OEM controller. It reminds us a little of those Quansheng handy-talkie all-band mods.

hackaday.com/2025/03/05/piggyb…

peertube.uno/w/g6JCBVHtnit3aZe…

Maurizio Delladio

2025-03-05 19:49:41

Parola Di Berlinguer

Ieri, 4 marzo 2025, presso il Teatro Portaportese in via Portuense a Roma, si è tenuta una iniziativa curata da Sergio Gentili e Lelio La Porta (voce narrante). La stessa si è articolata in una parte musicale, in alcuni ricordi/narrazioni legate agli anni tra il 1969 e 1984 ed in letture di articoli ed interviste di Enrico Berlinguer

This week, Jonathan Bennett and Aaron Newcomb talk with Joao Correia about TuxCare! What’s live patching, and why is it so hard? And how is this related to .NET 6? Watch to find out!

• tuxcare.com/blog/
• tuxcare.com/endless-lifecycle-…
• enterpriselinuxsecurity.show/

youtube.com/embed/tpSChIv7BOI?…

Did you know you can watch the live recording of the show right on our YouTube Channel? Have someone you’d like us to interview? Let us know, or contact the guest and have them contact us! Take a look at the schedule here.

play.libsyn.com/embed/episode/…

Direct Download in DRM-free MP3.

If you’d rather read along, here’s the transcript for this week’s episode.

Places to follow the FLOSS Weekly Podcast:

• Spotify
• RSS

Theme music: “Newer Wave” Kevin MacLeod (incompetech.com)

Licensed under Creative Commons: By Attribution 4.0 License

hackaday.com/2025/03/05/floss-…

When it comes to the majority of sports broadcasting, it’s all about the visual. The commentators call the plays, of course, but everything you’re being shown at home is on a screen. Similarly, if you’re in the stadium, it’s all about getting the best possible view from the best seats in the house.

Ultimately, the action can be a little harder to follow for the vision impaired. However, one company is working hard to make sports more accessible to everyone. Enter OneCourt, and their haptic sports display technology.

Haptic, Fantastic

If you can see, following just about any sport is relatively straightforward. Your eyes pick out the players and the lines on the field, and you can follow the ball or puck wherever it may land. Basically, interpreting a sport is just taking in a ton of positional data—the state of the game is represented by the position of the people and the fundamental game piece involved.

View this post on Instagram

A post shared by OneCourt Technologies, Inc. (@onecourt.io)

But how do you represent the state of a game to somebody who can’t see? Audio helps, but it’s hard for even the fastest commentator to explain the entire state of the game all at once. As it turns out, touch can be a great tool in this regard. Imagine if you could place your hands down on a football field, and instinctively feel the position of all the players and the ball. That would be impractical, of course, because the field is too big. But if there was a small surface that represented the field in a touchable manner, that might just work.

This is precisely what OneCourt has created. The company realized that many modern professional sports already had high-quality data streams that represented the positions of players and the ball in real time. With the data on hand, they just needed a way to “display” it in a touchable, feelable form. To that end, they created a range of haptic displays that use vibrations to represent the action on the field in a compact tablet-like device. They receive game data over a 5G or WiFi link, and translate it into vibrations across a miniature replica of the playing surface.

youtube.com/embed/5tm8Vo9LnT0?…

OneCourt created a range of devices to suit different sports. A basketball version is marked out with raised lines matching those on the court, and trackable vibrations on the surface tell the user where the ball is going. The company has teamed up to offer devices to spectators going to see the Sacramento Kings and the Portland Trail Blazers at their home games throughout the season. Those visiting the stadium can request to use one of the devices during the game via guest services, and get a greater insight into the play.

The company has also demonstrated a similar device for use at baseball games, with the characteristic diamond laid out on the haptic surface. The devices were demoted at Dallas’s Glove Life Field last year.

View this post on Instagram

A post shared by OneCourt Technologies, Inc. (@onecourt.io)

On a technological level, the hardware appears relatively straightforward. The OneCourt devices just pack an array of vibration motors into a rectangular surface, and they’re controlled based on a feed of gamestate data already collected by the professional leagues. However, for the vision impaired, it’s a gamechanger—allowing them to independently “watch” the game in far greater detail than before.
The Portland Trail Blazers were the first NBA team to get on board with the OneCourt devices. Credit: Portland Trail Blazers, press release
For now, the devices are very much in a pilot rollout phase. OneCourt is running activations with individual sports teams to offer the devices to vision impaired spectators at their stadiums. However, the intention is that this technology could also be just as useful for fans tuning into a sports broadcast at home. The company hopes to start pre-orders for individual customers in the near future.

Accessible technology doesn’t always have to be highly advanced or complicated to be useful—or, indeed, fun! Devices like these can open up a whole new world of perception to those that otherwise might find sports difficult or frustrating to follow. Ultimately, that’s a good thing—and something we hope to see more of in future!

hackaday.com/2025/03/05/haptic…

Negli Stati Uniti è stata individuata una nuova frode: i criminali inviano false richieste di riscatto via posta per conto del gruppo BianLian.

Le buste indicano che il mittente è “BIANLIAN GROUP” e che l’indirizzo del mittente è un edificio per uffici a Boston, Massachusetts. Le lettere venivano inviate ai dirigenti aziendali e recavano la dicitura “Urgente, leggere immediatamente”. Secondo i timbri postali, la spedizione è avvenuta il 25 febbraio 2025 dall’ufficio postale di Boston.

Il contenuto delle lettere è focalizzato sul campo di attività del destinatario. Le lettere inviate alle organizzazioni sanitarie affermano che i dati dei pazienti e dei dipendenti sono stati rubati e le aziende che gestiscono gli ordini dei clienti sono minacciate relativamente alla divulgazione di informazioni sensibili dei clienti.

Nel testo si sostiene che gli aggressori hanno ottenuto l’accesso ai sistemi aziendali e hanno presumibilmente rubato file riservati, tra cui bilanci, documenti fiscali e dati personali dei dipendenti.
Contenuto della lettera per una delle aziende (Guidepoint Security)
A differenza delle reali richieste di BianLian, le lettere affermano che non ci saranno ulteriori trattative con le vittime e danno loro 10 giorni di tempo per pagare il riscatto in Bitcoin.

Ogni lettera contiene un codice QR Code e un indirizzo di portafoglio Bitcoin per trasferire importi da 250.000 dollari a 500.000. Per le aziende mediche l’importo fisso è pari a 350.000 dollari.
Indirizzi wallet per il trasferimento di fondi in una lettera falsa (BleepingComputer)
Alcune e-mail contengono vere e proprie perdite di password per aumentare la credibilità minacce. Tuttavia, gli esperti non hanno trovato prove di veri e propri attacchi informatici. Secondo gli esperti di GuidePoint Security, le lettere non hanno alcun collegamento con il gruppo BianLian e rappresentano semplicemente un tentativo di intimidire i dirigenti aziendali affinché trasferiscano denaro ai truffatori.

Sebbene le e-mail non rappresentino una minaccia immediata, i reparti IT e di sicurezza dovrebbero avvisare i propri manager della nuova truffa. Questi messaggi sono un’evoluzione delle truffe un tempo diffuse tramite posta elettronica, ma ora prendono di mira i dirigenti di grandi aziende.

Intanto i rappresentanti del vero gruppo BianLian non hanno rilasciato dichiarazioni.

L'articolo Ora il Ransomware arriva per posta ordinaria! L’innovazione si firma Bianlian. Scopri i retroscena proviene da il blog della sicurezza informatica.

Take a look at this video from [Reely Interesting], showing scenes from traditional Japanese festivals. It’s well filmed, and as with any HD video, you can see real detail. But as you watch, you may see something a little out of the ordinary. It’s got noise, a little bit of distortion, and looking closely at the surroundings, it’s clearly from the 1980s. Something doesn’t add up, as surely we’d expect a video like this to be shot in glorious 525 line NTSC. In fact, what we’re seeing is a very rare demo reel from 1985, and it’s showing off the first commercial HDTV system. This is analogue video in 1035i, and its background as listed below the video makes for a very interesting story.

Most of us think of HDTV arriving some time in the 2000s when Blu-ray and digital broadcasting supplanted the NTSC or PAL systems. But in fact the Japanese companies had been experimenting since the 1960s, and these recordings are their first fruits. It’s been digitized from a very rare still-working Sony HDV-1000 reel-to-reel video recorder, and is thus possibly the oldest HD video viewable online. They’re looking for any HDV-1000 parts, should you happen to have one lying around. Meanwhile, the tape represents a fascinating window into a broadcast history very few of us had a chance to see back in the day.

This isn’t the first time we’ve touched on vintage reel-to-reel video.

youtube.com/embed/2vybIQ5o1yQ?…

hackaday.com/2025/03/05/is-thi…

Humans have been chemically modifying their world for far longer than you might think. Long before they had the slightest idea of what was happening chemically, they were turning clay into bricks, making cement from limestone, and figuring out how to mix metals in just the right proportions to make useful new alloys like bronze. The chemical principles behind all this could wait; there was a world to build, after all.

Among these early feats of chemical happenstance was the discovery that glass could be made from simple sand. The earliest glass, likely accidentally created by a big fire on a sandy surface, probably wasn’t good for much besides decorations. It wouldn’t have taken long to realize that this stuff was fantastically useful, both as a building material and a tool, and that a pinch of this and a little of that could greatly affect its properties. The chemistry of glass has been finely tuned since those early experiments, and the process has been scaled up to incredible proportions, enough to make glass production one of the largest chemical industries in the world today.

Sand++

When most of us use the word “glass,” we’ve got a pretty clear mental picture of what the term refers to. But from a solid-state chemistry viewpoint, glass means more than the stuff that fills the holes in your walls or makes up that beer bottle in your hand. Glasses, or more correctly glassy solids, are a class of amorphous solids that undergo a glass transition. Unpacking that, amorphous refers to the internal structure of the material, which lacks the long-range structural regularity characteristic of a crystalline solid. Long range in this context is a relative term, and refers to distances of more than a few nanometers.

As for the glass transition bit, that simply refers to the material changing from a brittle, hard solid state to a viscous liquid as it is heated past its glass transition temperature. Coupled together, these properties mean that many materials can be glassy solids, including plastics and metals. For our purposes, though, glass refers to glassy solids made primarily of silicates, with other materials added to change the properties of the finished material.

To understand the amorphous structure of glass, we need to look at the starting material for manufacturing glass: quartz. Quartz is a crystalline solid made from silicon dioxide (SiO₂), or silica. Inside the crystal, each silicon atom is bonded to four oxygen atoms, each of which forms a bridge to a neighboring silicon. This results in a tetrahedral unit cell, giving both natural and synthetic quartz many of their useful properties.

When quartz sand is ground up finely and heated above its melting point of 1,700C, the rigidly ordered crystal structure is disrupted and a thick, syrupy liquid forms. Cooling that liquid slowly would allow the crystal structure to reform, with the silicon atoms connected by a regular grid of bridging oxygen atoms. Glass production, though, uses faster cooling, which makes it harder for all the oxygen atoms to form bridges between the silicon atoms. The result is a disrupted pattern, with some silicon atoms bonded to four oxygens and some bonded to only two or three. This disrupts the long-range ordering seen in the original quartz crystals and results in the properties we normally associate with glassy solids, such as brittleness, low electrical conductivity, and a high melting temperature.
The crystal structure of silicates is disrupted by sodium, calcium, and aluminum, lowering the melting point and viscosity of soda-lime glass. Source: Mrmw, CC0.
Glass made from pure silica sand is called fused quartz, and while it’s commercially valuable, especially in situations requiring extreme temperature resistance and transparency over a wide range of the optical spectrum, it also has some drawbacks. First, the extreme temperatures needed to melt pure quartz sand require a lot of energy, making fused quartz expensive to produce in bulk. Also, the liquid glass is extremely viscous, making it difficult.

Luckily, these properties can be altered by adding a few impurities to the melt. Adding about 13% sodium oxide (Na₂O), 10% calcium oxide (CaO), and a percent or so of aluminum oxide (Al₂O₃) dramatically changes the physical and chemical properties of the mix. The sodium oxide generally comes from sodium carbonate (Na₂CO₃), which is known as soda, and the calcium carbonate comes from lime, which is limestone that has been heated. Together, the sodium and the calcium bind to some of the oxygen atoms in the silicates, blocking them from bridging to other silicates. This further disrupts any long-range interactions, lowering the melting point of the mix and decreasing its viscosity. The result is soda-lime glass, which accounts for about 90% of the 130 million tonnes of glass manufactured each year.

If You Can’t Stand the Heat…

Soda-lime glass is used for everything from food and beverage containers to window glass, with only slight adjustments to the mix of impurities to match the properties of the finished glass to the job. But if there’s one place where plain soda-lime glass falls short, it’s resistance to thermal shock. Thanks to the disruption of long-range interactions between silicates by sodium and calcium, soda-lime glass has a much higher coefficient of thermal expansion (CTE) than fused silica. This makes heating soda-lime glass risky, since the stress caused by expansion or contraction can cause the glass to shatter.

To lower the CTE of soda-lime glass, a small amount of boron trioxide (BO₃) is added to the melt. The boron atoms bind to two oxygen atoms, which forms a bridge between adjacent silicates, albeit slightly longer than an oxygen-only bridge. This would seem to raise the CTE, but boron has another trick up its sleeve. Boron normally only accepts three bonds, but in the presence of alkali metals like sodium, it will accept one more. That means the sodium atoms will bond to the boron, keeping them from blocking more bridging oxygens. The result is borosilicate glass, which has a viscosity low enough to ease manufacturing and a low CTE to withstand thermal shock.

Borosilicate glass has been around for more than a century, most recognizably under the trade name Pyrex. It quickly became a fixture in kitchens around the world as the miracle cookware that could go from refrigerator to oven without shattering. Sadly, Corning no longer sells borosilicate glass cookware in the North American market, opting to sell tempered soda-lime glassware under the Pyrex brand since about 1998. True borosilicate Pyrex glass is most limited to the laboratory and industrial market now, although Pyrex cookware is still available in Europe.

The Glassworks

In a way, glass is a bit like electricity, which is largely consumed the instant it’s produced since there aren’t many practical ways to store it at a grid scale. Similarly, glass really can’t be manufactured and stored in bulk the way other materials like aluminum and steel can, and shipping tankers of molten glass from one factory to another is a practical impossibility. So a glasswork generally has a complete manufacturing process under one roof, with raw materials coming in one end and finished products going out the other. This also makes glassworks very large facilities, especially ones that make float glass.

Another way in which glass manufacturing is similar to electric generation is that both are generally continuous processes. Large base load generators are most efficient when they are kept rotating continuously, and spinning them up from a standing start is a long and tedious process. Similarly, glass furnaces, which are often classified by the number of metric tons of melt they can supply per day, can take days or weeks to get up to working temperature. That means the entire glass factory has to be geared around keeping the furnace fed with raw material and ensuring the output is formed into finished products immediately and continuously.

On the supply side of the glassworks is the batch house, which serves as a warehouse for raw material. Sand, soda, lime, and other bulk ingredients arrive by truck or rail and are stored in silos or piled onto the batch house floor. It’s vitally important that the raw ingredients stay clean and dry; the results of a wet mix being dumped into a furnace full of 1,500° molten glass don’t bear thinking. An important raw material is cullet, which is broken glass either from recycling or from the production process; adding cullet to the mix reduces the energy needed to melt the batch. Ingredients are weighed and mixed in the batch house and transported by conveyors to the dog house, an area directly adjacent to the inlet of the furnace where the mix is prewarmed to remove any remaining moisture before being pushed into the furnace by a pusher arm.

The furnace is made from refractory bricks and usually has a long and broad but fairly shallow pool covered by an arched roof. Most furnaces are heated with natural gas, although some electric arc furnaces are used. The furnace often has two zones, the melting tank and the working tank, which are separated by a wall with narrow openings. The temperatures of the two chambers are maintained at different levels, with the melting tank generally hotter than the working tank. The working tank also sometimes has chlorine gas bubbled through it to consolidate any impurities into a slag that floats to the surface of the melt, where it can be skimmed off and added to the cullet in the batch house.

youtube.com/embed/1HDWJgFLCfA?…

Float, Blow, Press, Repeat

After the furnace, the liquid glass enters the cold end of the glassworks. This is a relative term, of course, since the glass is still incandescent at this point. How it exits the furnace and is formed depends on the finished product. For sheet glass such as architectural glass, the float process is generally used. Liquid glass exiting the furnace is floated on top of a pool of molten tin, which is denser than the glass. The liquid glass spreads out over the surface of the tin, forming wide sheets of perfectly flat glass. The thickness and width of the sheet can be controlled by rollers at the edge of the tin pool, which grab the glass sheet and pull it along.

Float baths can be up to four meters wide and 50 meters or more long, over which length the temperature is gradually reduced from about 1,100° to 600°. At that point, the glass rolls off the tin bath onto rollers and enters a long annealing oven called a lehr, which drops the temperature over 100 meters or more before the sheets are cut. The edges, which were dimpled by the rollers in the float bath, are cut off by scoring with diamond wheels and snapping with rollers, with the off-cuts added to the cullet in the batch house. The glass ribbon is cut to length by a scoring wheel set at an angle matched to the speed of the conveyor to make straight scores across the sheet and snapped by a conveyor belt that raises up at just the right time to snap the sheet.

Float glass often goes through additional post-processing modifications, such as tempering. While it’s still quite hot, float glass can be rapidly cooled with jets of air from above and below. This creates thin layers on both faces that have solidified while the core of the sheet is still fluid, putting the faces into tension relative to the core, which is in compression. This dramatically toughens the glass compared to plain annealed glass, and when it does break, the opposed forces within the glass force it to shatter into small fragments rather than large shards.

For hollow glass products, the arrangement of the cold end forming machines is a bit different. Rather than flowing horizontally out of the furnace, melted glass drops through holes in the bottom of the tank. Large shears close at intervals to cut the stream of molten glass into precisely sized pieces called gobs, which drop into curved chutes. The chutes rotate to direct the gobs into an automatic molding machine.

Molding something like a bottle is a multistage process, with gobs first formed into a rough hollow shape called a parison. The parison can be formed either by pressing the gob into an upside-down mold with a plunger to form a cavity, or by blowing compressed air into the mold from below. Either way, the parisons are flipped rightside-up by the molding machine and moved to a second mold, where the final shape of the bottle is formed by compressed air before being pushed onto a conveyor that takes the bottles to an annealing lehr. The entire process from furnace to formed bottle only takes a few seconds, and never stops.

youtube.com/embed/EL3gy4G0gcY?…

Some glass hollowware products, such as pie plates, baking dishes, and laboratory beakers, do not need to be blown at all. Rather, these are press molded by dropping gob directly into one half of a mold and pressing it with a matching mold. The mold halves squeeze the molten glass into its final shape before the mold opens and the formed item is whisked away for annealing

No matter what the final form of the glass being produced, the degree of coordination required to keep a glass factory running smoothly is pretty amazing. The speed with which ingredients are added to the furnace has to match the speed of finished products being taken off the line at the end, and temperatures have to be rigidly controlled all along the way. Also, all the machinery has to be engineered to withstand lava-like temperatures without breaking down; imagine the mess that would result if a furnace broke down with a couple of tonnes of molten glass in it. Also, molding machines have to deal with the fact that molds only last a few shifts before they need to be resurfaced, lest imperfections creep into the finished products. This means taking individual molding stations out of service while the rest stay in production, all while maintaining overall throughput.

hackaday.com/2025/03/05/big-ch…

Generali España, filiale del gruppo assicurativo Assicurazioni Generali S.p.A., ha subito un accesso non autorizzato ai propri sistemi informatici. La notizia è stata diffusa da VenariX en Español, una piattaforma che monitora le minacce informatiche.

Generali, tra le più grandi compagnie assicurative al mondo, è presente in Spagna con una vasta gamma di prodotti assicurativi e finanziari. Secondo quanto riportato, la società sta lavorando per mitigare i rischi e proteggere i dati sensibili dei clienti. Non sono stati ancora diffusi dettagli su eventuali conseguenze o furti di informazioni.

Questo è quanto riportato all’interno della print screen presente nel tweet di VenariX: “siamo costretti a informarla che abbiamo rilevato un incidente di sicurezza informatica presso Generali Seguros y Reaseguros, S.A.IJ., che ha portato una terza parte ad accedere al nostro Sistema Informativo, sostituendo le credenziali di un utente autorizzato, e ha causato l’esposizione di parte delle informazioni relative alla polizza auto da lei sottoscritta e che conserviamo dal momento della sottoscrizione della polizza in conformità ai nostri obblighi legali e contrattuali.”

Ennesimo attacco alla supply chain

Pertanto, l’incidente si configura come un attacco alla supply chain, ovvero un attacco che prende di mira non solo un’azienda specifica, ma anche i suoi fornitori, partner e sistemi interconnessi. La supply chain rappresenta l’intero ecosistema di servizi, software e infrastrutture che un’organizzazione utilizza per operare. Colpire un singolo anello della catena può generare un effetto domino, compromettendo più soggetti e amplificando l’impatto della violazione.

La direttiva NIS2, adottata dall’Unione Europea, mira proprio a rafforzare la sicurezza della supply chain imponendo obblighi più stringenti per le aziende considerate “essenziali” e “importanti”. Tra le novità introdotte, vi sono requisiti di gestione del rischio più severi, maggiore responsabilità per i dirigenti e una sorveglianza rafforzata sugli incidenti che coinvolgono fornitori terzi.

Per proteggersi da questi attacchi, le aziende devono adottare una strategia di cyber resilience basata su tre pilastri: verifica rigorosa dei fornitori, monitoraggio continuo delle reti e implementazione di misure di sicurezza avanzate come la segmentazione della rete e l’adozione di soluzioni zero trust. Solo attraverso un approccio proattivo è possibile ridurre i rischi e mitigare gli effetti di eventuali violazioni.

Generali Spagna

Presente in Spagna dal 1834, GENERALI è uno dei principali attori del mercato assicurativo spagnolo. L’azienda conta circa 2.000 dipendenti e una delle reti di consulenti più grandi del Paese, con oltre 1.600 uffici di assistenza clienti e 10.000 professionisti.

GENERALI focalizza la propria strategia sull’offerta di un’esperienza eccellente ai propri clienti. Per raggiungere questo obiettivo, ha sviluppato il progetto pionieristico di sondaggi denominato TNPS, attraverso il quale ogni anno vengono effettuati più di 900.000 sondaggi per conoscere l’opinione dei clienti. Grazie alle informazioni raccolte, l’azienda è in grado di migliorare costantemente i propri processi e la qualità del servizio offerto.

Nel suo impegno verso l’innovazione come leva di crescita, GENERALI mette a disposizione dei propri clienti prodotti e servizi telematici all’avanguardia e spazi di gestione privati ​​come My GENERALI. Tutti questi sviluppi soddisfano i più elevati standard di usabilità, in modo che i clienti e i canali di distribuzione possano svolgere qualsiasi tipo di procedura in modo rapido e semplice.

Questo articolo è stato redatto attraverso l’utilizzo della piattaforma Recorded Future, partner strategico di Red Hot Cyber e leader nell’intelligence sulle minacce informatiche, che fornisce analisi avanzate per identificare e contrastare le attività malevole nel cyberspazio.

L'articolo Attacco Informatico a Generali España. Ancora un attacco alla Supply Chain proviene da il blog della sicurezza informatica.

Vorrei condividere con voi tre canzoni che porto nel cuore da più o meno tempo ma che ritengo assai interessanti e che forse nell'italia di oggi mancano di essere conosciute perché non molto condivise sui social ma abbastanza conosciute nel resto del mondo e apprezzate davveeo tanto. Ritengo che mancano ancora tanto artisti di questo livello in italia e che spesso manca l'ascolto dalle persone distratte da tutto questo intrattenimento e ci vorrebbe una pausa per l'ascolto, pausa che è sostanzialmente la stessa concezione che danno anche i buddisti/mindfuless ed affini quando si dovrebbe parlare di vita, prezenza, di ascolto di se stessi e del corpo/cuore.

Ho parlato/scritto troppo, vi lascio alle tre canzoni da ca(r)pire da soli, vado via! *sciò*

- Delilah Montagu - Version Of Me -

(canzone riflessiva su chi si è veramente e cosa si comunica davvero se stessi della stessa artista di cui fred again ha campionato la sua voce per un suo pezzo molto famoso)

youtube.com/watch?v=wema_tYrK3…

- Regina Spektor - Loveology -

(consiglio l'ascolto in cuffia con bassissime aspettative arrivando al finale che vi stupirà di sicuro...non demordete che è un pezzo davvero incredibile che ho in loop da ore)

youtube.com/watch?v=lHaetZ-Vu8…

- Raphael Treza - We Are One -

(soundtrack favolosa con un testo poetico fantastico di un documentario di raphael treza trovabile facilmente free su youtube)
(raphaeltreza.com/)

youtube.com/watch?v=kSSlt7Uf_K…

ANOTHER WEEK, ANOTHER DIGITAL POLITICS. I'm Mark Scott, and will be in Washington next week — come say hello at an event I'm co-hosting on March 11 with Katie Harbath (and her excellent Anchor Change newsletter.)

I'll also be in Geneva on March 24 for a discussion on tech sovereignty and data governance (sign up here) and will be co-hosting another tech policy gathering in London on March 27 (sign up for more upcoming details here.)

— Under the Trump 2.0 administration, tech policy is now inextricably tied to trade and foreign policy. That's not so different than from before.

— The European Commission is reassessing its focus on digital regulation. That change is almost exclusively down to internal, not external, pressures.

— Artificial intelligence companies are in an arms race to sign up as many publishers worldwide to feed their large language models.

Let's get started:

Washington: same message, different delivery

AFTER DONALD TRUMP'S MEETING WITH Volodymyr Zelenskyy in the Oval Office last week, tech policy is certainly not at the top of anyone's agenda when it comes to souring transatlantic relations. But as I get ready for a week in North America (Washington: March 10-12; Montréal: March 13-14), it's time to unpack what the first six weeks of the new Trump administration means, both for America and the rest of the world, when it comes to digital.

At first glance, there appears to be a significant shift. In repeated White House executive orders, directives and policy decisions, the US president has signaled his dislike for greater checks on (American) tech companies. Gone is United States support for the global tax revamp, negotiated by the Organization for Economic Cooperation and Development (OECD). Gone is the support for greater content moderation on social media platforms — and the rise of threats if other countries follow that path. Gone is Washington's support for checks on artificial intelligence, including parts of an White House executive order from a Joe Biden-era. Gone is support for TikTok's ban within the US — a policy that Trump championed during his first term.

Taken as a whole, it feels like a upending of Washington's consensus that technology firms needed to be reined in; that cooperation with like-minded allies helped promote US economic interests; and that pushing back against foreign adversaries, in the online world, was a national security priority.

And yet, I'm not so sure.

It's sometimes easy to forget how past administrations acted when a new White House resident has his feet under the table. Dating back to Barack Obama's time in charge, consecutive US presidents have repeatedly pushed back against greater checks — from non-US countries — even when they promoted potential curbs at home. Obama, for instance, famously chided members of the European Parliament when they suggested that Google should be broken up. Let's leave aside the fact those lawmakers didn't have such powers. But fast forward a decade, and the European Union has never realistically considered forcing the split of these tech giants. But do you know who has? The US Department of Justice and its ongoing antitrust lawsuit against Alphabet and its dominance over search.

Let's look at other examples. Both Trump 1.0 and Biden's administrations, collectively, were never that excited about revamping the world's global tax regime — mostly because it would allow others to levy taxes against US tech firms. Washington would still come out net positive under those proposals, based on OECD calculations, as the US would earn additional revenue from taxing non-American firms, too. But the idea that pesky foreigners would impose levies on some of the most prominent US companies was something that garnered bipartisan anger.

Thanks for reading the free version of Digital Politics. Paid subscribers receive at least one newsletter a week. If that sounds like your jam, please sign up here.

Here's what paid subscribers read in February:
— How changing geopolitics affects platform governance, digital competition, internet governance, trade and data protection. More here
— What happens when the US doesn't follow the game plan in combating 'hybrid warfare?;' What lessons to take from the Paris AI Action Summit?; Fact-checkers underpin crowdsourced 'community notes.' More here.
— Germany's federal election is reminder we don't know what happens on social media; The first transatlantic fight over digital won't come around social media rules; What the global tax overhaul would have meant for tech. More here.
— In the wake of the German election, we shouldn't claim 'mission accomplished' when it comes to fighting foreign interference. More here.

I can go on. Yes, the Trump administration has a longstanding opinion that all forms of online safety/content moderation regulation represent an illegitimate attack on free speech. I would disagree with that assessment, but that is the current White House's starting point. And yes, current US officials are open about their willingness to use trade sanctions against regions/countries (the EU and United Kingdom have been specifically name-checked for attention) that impose such regimes that Trump 2.0 believes represent unfair trading practices against US firms.

But as someone who had a front row seat to the crafting of the EU's Digital Services Act, I remember well that the former Biden administration equally pushed back hard against what it similarly believed was unfair practices from Brussels primarily targeted at Silicon Valley. Yes, these officials did it mostly behind closed doors and in support of some tech firms. But the message — while not as vocal or transactional as the current White House — was clear: these content moderation rules are bad, and the EU should cut it out.

Where I do get confused is how part of the Trump 2.0 team appears to be copying, almost word for word, the transparency and accountability parts of international online safety regimes. The same rules, it should be pointed out, that allegedly represent a fundamental threat to people's free speech. The US Federal Trade Commission's recent request for information "regarding technology platform censorship," for instance, includes language around how these firms made their content moderation decisions that would not be out of place in European-style legislation.

"Did the policies or other public-facing representations describe how, when, or under what circumstances the platform would deny or degrade users’ access to its services?," one of the FTC question asks. "Did the platform offer a meaningful opportunity to challenge or appeal adverse actions that deny, or degrade users’ access, consistent with its users’ reasonable expectations based on its representations?," says another. Those questions are equally at the center of what non-US officials want to understand, too.

I get the public differences between how Trump 2.0 and previous administrations have approached these issues. And on other aspects — particularly in relation to artificial intelligence and short-term equality issues on datasets — there are significant differences.

But when I peel back the rhetoric and look at the underlying policies, what are the differences in how the current White House approaches digital compared to its predecessors? In officials like Michael Kratsios, director of the White House Office of Science and Technology Policy, and Gail Slater, the new head of the US Department of Justice's antitrust division, Trump 2.0 has picked well-qualified policymakers that aren't that different from who was in charge, only months ago, during Biden's time in charge.

One group I haven't mentioned is lawmakers in Congress. Sigh. The US House of Representatives and Senate certainly like to talk a good game on digital policy. (Anyone remember Chuck Schumer's AI Insight forums?) But I remain skeptical about any form of tech legislation making its way through Congress — mostly because it's not a high priority in the current political climate.

Some officials talk about renewed impetus for federal privacy rules (I've heard that before.) Others say more targeted legislation around online kids safety could win bipartisan support. Again, I have doubts.

But, if you take the recent US Inflation Reduction Act and US Chips Act — and their impact on the American domestic tech industry, as whole — then the view of Congress doesn't look too bad. Yes, the future of some of that legislation is in jeopardy under Trump 2.0. But, combined, the laws doubled down on US tech investment; provided federal subsidies to entice companies to spend locally; and positioned the country on a favorable footing in the increasingly geopolitical world that encompasses tech in 2025.

To me, that feels like a pretty familiar pitch no matter who currently resides in the White House.

Chart of the Week

TO COMPETE IN THE CUT-THROAT AI RACE, companies are rushing to pen deals with some of the largest newsletters and media outlets in the world.

The goal? To feed these firms' large language models with high-quality content that can make sophisticated systems more lifelike when they respond to real-world queries.

For publishers, it's a race for survival. Many have argued that AI companies have already scraped their sites — and the New York Times has sued OpenAI and Microsoft. But for others, these tech companies offer a new revenue opportunity to keep their legacy media businesses afloat.
Source: Ezra Eeman — which publishers have signed partnerships with individual AI firms

Brussels: different message, same delivery

CONVENTIONAL WISDOMS DICTATES that Brussels is firing on all cylinders. The EU has its shiny online safety rules (the Digital Services Act) and digital antitrust legislation (the Digital Markets Act), as well as the upcoming Artificial Intelligence Act — the world's first comprehensive rulebook for the emerging technology. In Ursula von der Leyen, the returning German head of the European Commission, the EU's executive branch, the 27-country bloc has a leader who helped pass those rules. Now, she's ready to wield them aggressively.

That is outdated thinking.

Yes, the EU is in the midst of implementing new digital rules, many of which have never been tested before. The Digital Markets Act's shift to ex ante oversight, or allowing regulators to determine where market abuse may happen before it occurs, is a significant departure from decades of competition jurisprudence, for instance. The Digital Services Act's transparency and accountability provisions for social media companies and search engines — that do not require platforms to remove legal content, to be clear — are being watched by other countries eager to follow that approach.

And yet, the political and economic winds have significantly shifted in Brussels.

For now, let's leave aside the increasingly fraught relationship between the EU and US after decades of close ties. Within the bloc, ongoing sluggish economic output and a failure to capture the next generation of technology advances by European firms have fundamentally altered how EU officials now approach questions around digital policymaking. At the center of that switch is last year's report from Mario Draghi, the former head of the European Central Bank. In his analysis, the ex-Italian prime blamed overburdensome regulation — including the AI Act and the EU's General Data Protection Regulation, or comprehensive privacy regime — for hamstringing the bloc's economy compared to international rivals.

That ethos has taken hold at the top of the European Commission. I would disagree that all regulation/legislation leads to poor economic outcomes, especially in the digital space. Personally, a lack of coordination EU-wide capital markets and a failure to create a "digital single market" across the 27 countries is more to blame for Europe's lack of tech champions. For me, generations of tech regulation is a secondary issue when, say, a Swedish startup founder can not easily reach out to an Italian investor to back her company to sell into a unified online market from Finland to Greece. But hey, I'm not a former head of the European Central Bank.

This 'de-regulate at all costs!' mantra is now playing out in how Brussels approaches digital. When I saw Henna Virkkunen, the newly-appointed European Commission executive vice president in charge of tech, at the Paris AI Action Summit, the Finnish politician wanted to talk about the EU's Apply AI Strategy and AI Factories initiative — policies aimed at using public funds to jumpstart European companies' use of the emerging technology. In her 10 minute speech, I counted at least 10 references to "innovation," and only a couple of mentions of "regulation." It's not a perfect metaphor for what's happening. But it's pretty close.

Sign up for Digital Politics

Thanks for getting this far. Enjoyed what you've read? Why not receive weekly updates on how the worlds of technology and politics are colliding like never before. The first two weeks of any paid subscription are free.

Subscribe
Email sent! Check your inbox to complete your signup.

No spam. Unsubscribe anytime.

To a degree, this makes sense. The EU's economy remains sluggish, and Brussels can't realistically compete with Beijing and Washington on the global stage if it doesn't have a homegrown tech industry. That goes for everything from AI startups to industrial champions making electric vehicles. All the best (or worst?) digital rules in the world don't matter if non-EU countries look at how that legislation hasn't helped local businesses, and say 'no thanks.' Caveat: such legislation is also about protecting citizens' from harm, but I digress.

This change of focus — where even returning EU officials who helped to craft these rules in the previous European Commission's tenure are shifting their policymaking approach — will inevitably have an impact on how digital rules are created.

Already, Brussels has shelved its so-called AI Liability Directive over concerns it would harm growth. I have questions about how future investigations, under the Digital Services Act and Digital Markets Act, will be pushed if such probes signal to all countries (both EU and non-EU) that the bloc isn't open for business. The AI Act's full implementation is still about 18 months away, and I equally question what resources will be provided to make sure those rules are effective given the change in political priorities at the top of the European Commission.

Much of this nuance is getting lost in the EU-US diplomatic spat over Washington's aversion to Brussels' regulatory rulebook. European fears over American retaliatory tariffs are certainly worrying many within the EU — both inside the so-called Brussels Bubble and across national capitals.

But it's the 180-degree internally-focused turn within the 27-country bloc that's driving the wider change in the EU's mood music around digital regulation.

No, the existing rules aren't going away — and will lead to likely enforcement actions against (some) American firms, given the ongoing probes into Meta, Alphabet and X, among others. Yet the era of 'let them have more digital rules!' is over within the EU. And that shift is coming from within, not from outside.

What I'm reading

— The geopolitical race on AI is fundamentally reshaping international data flows and leading to regulatory fragmentation, argue Christopher Kuner and Gabriela Zanfir-Fortuna for the Future of Privacy Forum.

— Japan approved new AI legislation that represents a so-called 'light touch' approach to the technology, and will require companies to voluntarily cooperate with Tokyo's safety measures. More here and here.

— The European Union and India held their second Trade and Technology Council meeting in New Delhi on Feb 28. Here are the outcomes.

— OpenAI updated its analysis on how malign actors were using its technology for 'malicious uses.' More here.

— The European Fact-Checking Standards Network condemned a recent police raid on its Serbian member organization Istinomer.rs. More here.

digitalpolitics.co/newsletter0…

C'era una volta un filo d'argento, sottile e lucente, che giaceva silenzioso in un angolo del laboratorio. Non era un filo come tanti, era un filo speciale, scelto con cura per la sua purezza e la sua capacità di catturare la luce. Un filo che aspettava di prendere vita, di trasformarsi in qualcosa di unico e prezioso.

Specifiche e curiosità 👇

solaraartigianatoartistico.wor…

Things are heating up in the world of nuclear fusion research, with most fundamental issues resolved and an increasing rate of announcements being made regarding commercial fusion power. China’s CNNC is one of the most recent voices here, with their statement that they expect to have commercial nuclear fusion plants online by 2050. Although scarce on details, China is one of the leading nations when it comes to nuclear fusion research, with multiple large tokamaks, including the HL-2M and the upcoming CFETR which we covered a few years ago.
Stellaris stellarator. (Credit: Proxima Fusion)
In addition to China’s fusion-related news, a German startup called Proxima Fusion announced their Stellaris commercial fusion plant design concept, with a targeted grid connection by the 2030s. Of note is that this involves a stellarator design, which has the major advantage of inherent plasma stability, dodging the confinement mode and Greenwald density issues that plague tokamaks. The Stellaris design is an evolution of the famous Wendelstein 7-X research stellarator at the Max Planck Institute.

While Wendelstein 7-X was not designed to produce power, it features everything from the complex coiled design and cooled divertors plus demonstrated long-term operation that a commercial reactor would need. This makes it quite likely that the coming decades we’ll be seeing the end spurt for commercial fusion power, with conceivably stellarators being the unlikely winner long before tokamaks cross the finish line.

hackaday.com/2025/03/05/china-…

Negli ultimi anni, il fenomeno del defacement di siti web ha subito un’evoluzione significativa. Se un tempo rappresentava principalmente una forma di protesta digitale da parte di gruppi hacktivisti, oggi si intreccia sempre più con la guerra psicologica, informatica e le operazioni di disinformazione.

Il defacement, o “deface”, consiste nella modifica non autorizzata di una pagina web, spesso per trasmettere messaggi politici, ideologici o propagandistici. Ma quali sono le dinamiche dietro questi attacchi?

E quali implicazioni hanno nell’attuale contesto geopolitico?

Il defacement: un’arma dell’hacktivismo

L’hacktivismo (in inglese hacktivims che nasce dall’unione di “hacking” ed “Attivism”), ha utilizzato il defacement come strumento di protesta sin dagli anni ’90. Gruppi come Anonymous e LulzSec hanno spesso attaccato siti governativi e aziendali per denunciare corruzione, censura e violazioni dei diritti umani. Questo tipo di attacco ha il vantaggio di essere visibile e di avere un forte impatto mediatico senza necessariamente causare danni permanenti ai sistemi informatici.

Un esempio storico è il deface della NASA del 2013, quando gli hacktivisti modificarono le pagine ufficiali cdel sito dell’agenzia spaziale statunitense. Tuttavia, l’hacktivismo basato sui deface è spesso criticato per la sua inefficacia a lungo termine: sebbene possa attirare l’attenzione su determinate cause, raramente porta a cambiamenti concreti.
Deface del 2013 della NASA da parte del Master Italian Hackers Team che a seguito delle indagini venne scoperto di essere stato eseguito da un hacker italiano.
L’invasione russa dell’Ucraina ha visto un’escalation senza precedenti di attività di hacktivismo, con numerosi gruppi schieratisi a sostegno di una delle due fazioni. Da un lato, gruppi pro-Russia come Killnet e Noname057(16) hanno condotto attacchi DDoS su larga scala contro infrastrutture critiche e siti governativi occidentali, cercando di destabilizzare la rete informatica dei loro avversari. Dall’altro, attori filo-ucraini, tra cui alcuni affiliati ad Anonymous, hanno risposto con attacchi mirati a siti russi, spesso utilizzando il defacement per diffondere messaggi contro il Cremlino e minare la propaganda di Mosca.

In particolare, Anonymous Italia, un gruppo che in passato ha effettuato numerosi defacement contro siti russi diffondendo il loro supporto verso i valori occidentali e verso l’ucraina. Il defacement, in questo contesto, si è rivelato uno strumento di guerra psicologia, capace di manipolare la percezione pubblica e l’opinione internazionale. Sebbene

Dalla protesta alla cyber war: quando il deface diventa strategico

Se in passato i defacement erano prevalentemente azioni simboliche, oggi sempre più spesso si inseriscono in strategie di guerra cibernetica. Stati e gruppi di cyber mercenari (o milizia cyber) utilizzano il deface non solo per propaganda, ma anche per diffondere disinformazione e destabilizzare i nemici.

Un caso esemplare è quello dei gruppi filo-russi e filo-ucraini che, dal 2022, si sono impegnati in campagne di defacement contro siti governativi, banche e media. L’obiettivo non è solo mostrare superiorità tecnica, ma anche minare la fiducia nelle istituzioni colpite e diffondere narrazioni favorevoli alla propria parte.

Questa transizione dall’hacktivismo verso la psyops e cyber war mostra come il cyberspazio sia diventato un nuovo campo di battaglia, dove l’informazione è un’arma tanto potente quanto i malware più sofisticati.
#OpSaveGaza; l’operazione di Luglio del 2014 di Anonymous_Arabe in relazione alle tensioni sulla striscia di Gaza

Tecniche e strumenti utilizzati nei defacement

Il defacement può avvenire attraverso diverse tecniche, a seconda delle vulnerabilità sfruttate dagli attaccanti. Tra i metodi più comuni troviamo:

• SQL Injection: permette di ottenere accesso ai database di un sito web e modificarne i contenuti.
• Exploiting di CMS vulnerabili: molte piattaforme, come WordPress e Joomla, sono prese di mira se non aggiornate.
• Credential stuffing: utilizzando credenziali rubate, gli hacker possono accedere ai sistemi di gestione del sito.
• Remote Code Execution: sfruttamento di bug di sicurezza e CVE note/0day per effettuare un accesso malevolo al sistema ed effettuare modifiche strutturali delle pagine

Per contrastare questi attacchi, le organizzazioni devono implementare buone pratiche di sicurezza, come aggiornamenti costanti, protezioni WAF (Web Application Firewall) e monitoraggio attivo delle minacce.

Il futuro dei deface: tra nuove minacce e misure di difesa

In un contesto di guerra ibrida, dove le operazioni cibernetiche si combinano con azioni di guerra tradizionale, il deface potrebbe diventare sempre più uno strumento di guerra psicologica (psyops). Un esempio è la possibilità di alterare siti di news per diffondere fake news credibili e manipolare l’opinione pubblica.

Le operazioni di guerra psicologica nel cyberspazio non si limitano al defacing, ma includono una gamma di tattiche come la manipolazione dei social media, la diffusione di propaganda attraverso botnet e la creazione di deepfake per screditare figure pubbliche o influenzare eventi geopolitici.

L’hacktivismo, spesso considerato un fenomeno separato dalla cyber war, può invece sovrapporsi alle psyops quando gruppi come Anonymous o altri collettivi che sfruttano gli attacchi DDoS, leak di documenti e sabotaggi digitali per influenzare la percezione pubblica e la narrativa politica. In scenari di conflitto, stati-nazione potrebbero anche sfruttare gruppi hacktivisti come proxy per condurre operazioni di disinformazione senza esporsi direttamente.

Un esempio storico è l’uso delle cyber psyops nel conflitto Russia-Ucraina, dove attori statali e non statali hanno alterato siti web, diffuso false notizie e sfruttato social media per destabilizzare il nemico. Questo dimostra come la guerra dell’informazione e le operazioni di influenza possano avere un impatto strategico, influenzando non solo l’opinione pubblica, ma anche le decisioni militari e politiche.

Deface utilizzato anche dalle forze dell’ordine

Le forze dell’ordine hanno iniziato a utilizzare il defacing come una strategia per dimostrare la compromissione delle infrastrutture informatiche di gruppi criminali, mostrando così la loro capacità di infiltrarsi nelle reti di attori malevoli. Un esempio significativo di questo approccio è l’operazione Cronos, un’azione internazionale contro il gruppo ransomware LockBit. Durante questa operazione, le autorità hanno preso il controllo dei sistemi utilizzati da LockBit per pubblicare i dati delle aziende violate e hanno effettuato il deface di alcuni dei loro siti web. Inoltre hanno utilizzato la tecnica del countdown (tipico delle cybergang ransomware) per mostrare informazioni inedite relativamente a LockBit e ai suoi affiliati.
Data Leak Site di Lockbit “deturpato” dalle forze dell’ordine nell’operazione cronos. (fonte RedHotCyber)
Un altro esempio notevole è stato l’intervento delle forze dell’ordine contro il noto marketplace del dark web Genesis Market, un sito utilizzato per la vendita di credenziali rubate e dati personali. Dopo aver smantellato il mercato, le autorità hanno sostituito il sito web con una pagina che notificava l’arresto e la rimozione della piattaforma.

Questa operazione non solo ha interrotto l’attività illegale nel clear web, ma ha anche servito a mostrare in modo visibile l’efficacia delle indagini e delle operazioni cyber nel disarticolare le reti criminali. Il defacing, in questo caso, è stato uno strumento di dimostrazione pubblica del successo delle forze dell’ordine nella lotta contro il crimine informatico.
Deface di Genesis Market alla quale chiusura ha partecipato anche la nostra Polizia Postale (Fonte RedHotCyber)
L’uso di tali tattiche da parte delle forze dell’ordine evidenzia il crescente impiego di operazioni di hacking legittimo per contrastare e smantellare le infrastrutture criminali, un approccio che potrebbe diventare sempre più comune nelle operazioni contro il crimine cibernetico.

Conclusione

Il defacement, nato come una semplice forma di protesta digitale, si è trasformato in uno strumento sofisticato per condurre psyops e guerra cibernetica e manipolazione delle informazioni. Mentre gli hacktivisti veri continuano a utilizzarlo per denunciare ingiustizie, gli attori statali – sotto doppia maschera – ingaggiano gruppi di cyber criminali mercenari integrando tali operazioni in strategie di cyber war.

Comprendere le dinamiche dietro questi attacchi è essenziale per difendersi e per anticipare le mosse di chi sfrutta il cyberspazio per fini politici e strategici.

La battaglia per la sicurezza digitale è appena iniziata, e il ruolo del defacement e del DDoS sta cambiando, e questo scenario continuerà a evolversi.

L'articolo Alla Scoperta dei Deface: tra Hacktivismo Cibernetico, Psy-Ops e Cyber Warfare proviene da il blog della sicurezza informatica.