If you are interested in retrocomputers, you might be like us and old enough to remember the old systems and still have some of the books. But what if you aren’t? No one is born knowing how to copy a file with PIP, for example, so [Kraileth] has the answer: A Gentle Introduction to CP/M.

Of course, by modern standards, CP/M isn’t very hard. You had disks and they had a single level of files in them. No subdirectories. We did eventually get user areas, and the post covers that near the end. It was a common mod to treat user 0 as a global user, but by default, no.

That leads to one of the classic dragon and egg problems. PIP copies files, among other things. It knows about user areas, too, but only for source files. You can copy from user 3, for example, but you can’t copy to user 3. But that leads to a problem.

Suppose you switch to user 3 for the first time. The disk is empty. So there’s no PIP command. To get it, you’ll need to copy it from user 0, but… you can’t without PIP. The solution is either genius or madness. You essentially load PIP into memory as user 0, switch users, then dump memory out to the disk. Who wouldn’t think of that?

Some people would load PIP with the debugger instead, but it is the same idea. But this is why you need some kind of help to use this important but archaic operating system.

Of course, this just gets you started. Formatting disks and adapting software to your terminal were always a challenge with CP/M. But at least this gives you a start.

Can’t afford a vintage CP/M machine? Build one. Or just emulate it.

hackaday.com/2025/09/03/cp-m-g…

Eggs are perhaps the most beloved staple of breakfast. However, they come with a flaw, they are incredibly messy to work with. Cracking in particular leaves egg on one’s hands and countertop, requiring frequent hand washing. This fundamental flaw of eggs inspired [Stuff Made Here] to fix it with an over-engineered egg cracking robot.

The machine works on the principle of scoring a line along an egg shell to weaken it, then gently tapping it to fracture the shell. A simple theory that proved complex to build into a machine. The first challenge was merely holding an egg as eggs come in all shapes and sizes. [Stuff Made Here] ended up settling on silicone over-molded with a 3D printed structure. After numerous prototypes, this evolved into including over-molded arms for added stiffness, and a vacuum seal for added rigidity.

After making two of these holders, [Stuff Made Here] added them to a roughly C shaped holder, which could spin the egg around, and slide the holders to allow fitting any egg shape. To this was added an arm which included a scoring blade and tiny hammer to crack the egg. The hammer can even be turned off while the blade is in use.
The over-molded egg holder
The mechanism runs off a sequence of score, hammer, dump, eject. It was attempted to run this sequence off a single crank, but ended up not working for a number of reasons, not least of which being some eggs required more scoring then others. Nonetheless, we love the mechanical computational mechanism used. Ultimately, while frivolous, the project provides a wonderful look at the highs and lows of the prototyping process with all its numerous broken eggs.

If you like over-engineered solutions to simple problems, [Stuff Made Here] has you covered. Make sure to check out this automatic postcard machine next!

youtube.com/embed/vJ43DjwLPGA?…

hackaday.com/2025/09/03/over-e…

A mule isn’t just a four-legged hybrid created of a union betwixt Donkey and Horse; in our circles, it’s much more likely to mean a testbed device you hang various bits of hardware off in order to evaluate. [Jenny List]’s 7″ touchscreen camera enclosure is just such a mule.

In this case, the hardware to be evaluated is camera modules– she’s starting out with the official RPi HQ camera, but the modular nature of the construction means it’s easy to swap modules for evaluation. The camera modules live on 3D printed front plates held to the similarly-printed body with self-tapping screws.

Any Pi will do, though depending on the camera module you may need one of the newer versions. [Jenny] has got Pi4 inside, which ought to handle anything. For control and preview, [Jenny] is using an old first-gen 7″ touchscreen from the Raspberry Pi foundation. Those were nice little screens back in the day, and they still serve well now.

There’s no provision for a battery because [Jenny] doesn’t need one– this isn’t a working camera, after all, it’s just a test mule for the sensors. Having it tethered to a wall wart or power bank is no problem in this application. All files are on GitHub under a CC4.0 license– not just STLs, either, proper CAD files that you can actually make your own. (SCAD files in this case, but who doesn’t love OpenSCAD?) That means if you love the look of this thing and want to squeeze in a battery or add a tripod mount, you can! It’s no shock that our own [Jenny List] would follow best-practice for open source hardware, but it’s so few people do that it’s worth calling out when we see it.

Thanks to [Jenny] for the tip, and don’t forget that the tip line is open to everyone, and everyone is equally welcome to toot their own horn.

hackaday.com/2025/09/03/one-ca…

Il gruppo di hacker LunaLock ha aggiunto un nuovo elemento al classico schema di estorsione, facendo leva sui timori di artisti e clienti. Il 30 agosto, sul sito web Artists&Clients, che mette in contatto illustratori indipendenti con i clienti, è apparso un messaggio: gli aggressori hanno segnalato il furto e la crittografia di tutti i dati della risorsa.

Gli hacker hanno promesso di pubblicare il codice sorgente del sito e le informazioni personali degli utenti nelle darknet se il proprietario non avesse pagato 50.000 dollari in criptovaluta. Ma la principale leva di pressione era la prospettiva di trasferire le opere e le informazioni rubate ad aziende che addestrano le reti neurali per includerle in set per modelli di addestramento.

Il sito ha pubblicato una nota con un timer per il conto alla rovescia, in cui si informava che se la vittima si fosse rifiutata di pagare, i file sarebbero stati resi pubblici. Gli autori hanno avvertito di possibili sanzioni per violazione del GDPR e di altre leggi. Il pagamento era richiesto in Bitcoin o Monero. Screenshot della notifica sono stati diffusi sui social network e persino Google è riuscito a indicizzare la pagina con il messaggio, dopodiché Artists&Clients ha smesso di funzionare: quando si tenta di accedere, gli utenti visualizzano un errore di Cloudflare.

La maggior parte del testo sembra un messaggio standard negli attacchi ransomware. La novità è l’accenno all’intenzione di consegnare i disegni e i dati rubati agli sviluppatori di intelligenza artificiale. Gli esperti hanno osservato che questa è la prima volta che vedono l’argomento relativo all’accesso ai set di addestramento utilizzato come metodo di pressione. Finora, tale possibilità era stata discussa solo teoricamente: ad esempio, che i criminali potessero analizzare i dati per calcolare l’importo del riscatto.

Non è ancora chiaro come gli aggressori trasferiranno esattamente i materiali artistici agli sviluppatori dell’algoritmo. Possono pubblicare le immagini su un sito normale e attendere che vengano rilevate dai crawler dei modelli linguistici. Un’altra opzione è caricare le immagini tramite i servizi stessi, se le loro regole consentono l’utilizzo dei contenuti degli utenti per l’addestramento. In ogni caso, la minaccia stessa spinge la comunità di artisti e clienti a fare pressione sull’amministrazione delle risorse chiedendo il pagamento di un riscatto per mantenere il controllo sulle proprie opere.

Al momento, il sito web di Artists&Clients rimane irraggiungibile. Nel frattempo, gli utenti continuano a discutere della minaccia e a condividere online screenshot acquisiti, il che non fa che aumentare la visibilità dell’attacco.

L'articolo Nuovi ricatti: se non paghi, daremo tutti i tuoi dati in pasto alle intelligenze artificiali! proviene da il blog della sicurezza informatica.

La casa automobilistica Jaguar Land Rover (JLR) ha annunciato di essere stata costretta a disattivare diversi sistemi a causa di un attacco hacker. L’incidente sembra aver avuto ripercussioni sulle attività produttive e di vendita al dettaglio della casa automobilistica.

“JLR è stata colpita da un incidente informatico. Abbiamo preso misure immediate per mitigare l’impatto spegnendo preventivamente i nostri sistemi”, ha dichiarato l’azienda in una nota. “Al momento non ci sono prove di furto di dati dei clienti, tuttavia le nostre attività di vendita al dettaglio e produzione hanno subito notevoli interruzioni”.

JLR ha inoltre affermato di essere attualmente al lavoro su un riavvio controllato di tutte le applicazioni globali. L’azienda non ha fornito una tempistica specifica per il ritorno alla normalità né dettagli sull’attacco subito.

Le prime segnalazioni di disagi alla JLR sono arrivate dai concessionari del Regno Unito, che si sono lamentati di non riuscire a immatricolare le nuove auto e a fornire i pezzi di ricambio ai centri di assistenza.

Secondo il Liverpool Echo, l’attacco è avvenuto nel fine settimana e l’incidente ha costretto la JLR a disattivare diversi sistemi, tra cui quelli utilizzati nello stabilimento produttivo di Solihull (dove vengono costruiti i modelli Land Rover Discovery, Range Rover e Range Rover Sport).

Secondo quanto riportato dai media, lunedì i lavoratori dello stabilimento di Halewood hanno ricevuto un’e-mail in cui si chiedeva loro di non presentarsi al lavoro, mentre altri membri dello staff sono stati mandati a casa.

Al momento, nessun gruppo di hacker ha rivendicato la responsabilità dell’attacco alla Jaguar Land Rover.

L'articolo Jaguar Land Rover vittima di attacco hacker: produzione interrotta! proviene da il blog della sicurezza informatica.

This week Jonathan and Randal talk Flutter and Dart! Is Google killing Flutter? What’s the challenge Randal sees in training new senior developers, and what’s the solution? Listen to find out!

youtube.com/embed/HzZQacDIxZg?…

Did you know you can watch the live recording of the show right on our YouTube Channel? Have someone you’d like us to interview? Let us know, or contact the guest and have them contact us! Take a look at the schedule here.

play.libsyn.com/embed/episode/…

Direct Download in DRM-free MP3.

If you’d rather read along, here’s the transcript for this week’s episode.

Places to follow the FLOSS Weekly Podcast:

• Spotify
• RSS

Theme music: “Newer Wave” Kevin MacLeod (incompetech.com)

Licensed under Creative Commons: By Attribution 4.0 License

hackaday.com/2025/09/03/floss-…

Something which may well unite Hackaday readers is the experience of being “The computer person” among your family or friends. You’ll know how it goes, when you go home for Christmas, stay with the in-laws, or go to see some friend from way back, you end up fixing their printer connection or something. You know that they would bridle somewhat if you asked them to do whatever it is they do for a living as a free service for you, but hey, that’s the penalty for working in technology.

Bad Laws Just Make People Avoid Them

There’s a new one that’s happened to me and no doubt other technically-minded Brits over the last few weeks: I’m being asked to recommend, and sometimes install, a VPN service. The British government recently introduced the Online Safety Act, which is imposing ID-backed age verification for British internet users when they access a large range of popular websites. The intent is to regulate access to pornography, but the net has been spread so wide that many essential or confidential services are being caught up in it. To be a British Internet user is to have your government peering over your shoulder, and while nobody’s on the side of online abusers, understandably a lot of my compatriots want no part of it. We’re in the odd position of having 4Chan and the right-wing Reform Party alongside Wikipedia among those at the front line on the matter. What a time to be alive.

VPN applications have shot to the top of all British app download charts, prompting the government to flirt with deny the idea of banning them, but as you might imagine therein lies a problem. Aside from the prospect of dodgy VPN apps to trap the unwary, the average Joe has no idea how to choose from the plethora of offerings. A YouTuber being paid to shill “that” VPN service is as close of they’ve ever come to a VPN, so they are simply unequipped to make a sound judgement when it comes to trusting a service with their web traffic. They have no hope of rolling their own VPN; setting up WireGuard and still further having a friend elsewhere in the world prepared to act as their endpoint are impractical.

It therefore lies upon us, their tech-savvy friends, to lead them through this maze. Which brings me to the point of this piece; are we even up to the job ourselves? I’ve been telling my friends to use ProtonVPN because their past behaviour means I trust Proton more than I do some of the other well-known players, but is my semi-informed opinion on the nose here? Even I need help!

Today Brits, Tomorrow The Rest Of You

At the moment it’s Brits who are scrambling for VPNs, but it seems very likely that with the EU yet again flirting with their ChatControl snooping law, and an American government whose actions are at best unpredictable, soon enough many of the rest of you will too. The question is then: where do we send the non-technical people, and how good are the offerings? A side-by-side review of VPNs has been done to death by many other sites, so there’s little point in repeating. Instead let’s talk to some experts. You lot, or at least those among the Hackaday readership who know their stuff when it comes to VPNs. What do you recommend for your friends and family?

Header image: Nenad Stojkovic, CC BY 2.0.

hackaday.com/2025/09/03/ask-ha…