Not every project has to be complicated– reinventing the wheel has its place, but sometimes you find a module or two that does exactly what you want, and the project is more than halfway done. That the kind of project [mircemk]’s Simple Retro Style VFO is — it’s a variable frequency oscillator for HAM and other use, built with just a couple of modules.
Strictly speaking, this is all you need for the project.
The modules in question are the SI5351 Clock Generator module, which is a handy bit of kit with its own crystal reference and PLL to generate frequencies up to 150 MHz, and the Elecrow CrowPanel 1.28inch-HMI ESP32 Rotary Display. The ESP32 in the CrowPanel controls the SI5351 module via I2C; control is via the rest of the CrowPanel module. This Rotary Display is a circular touchscreen surrounded by a rotary display, so [mircmk] has all the inputs he needs to control the VFO.

To round out the parts count, he adds an appropriate connector, plus a power switch, red LED and a lithium battery. One could include a battery charger module as well, but [mircmk] didn’t have one on hand. Even if he had, that still keeps the parts count well inside the single digits. If you like video, we’ve embedded his about the project below; if not the write up on Hackaday.io is upto [mircmk]’s typical standard.

People have been using the SI5351 to make VFOs for years now, but the addition of the round display makes for a delightfully retro presentation.

Thanks to [mircmk] for the tip.

youtube.com/embed/_3T-qhv57ZI?…

hackaday.com/2025/12/02/retro-…

Sometimes it makes sense to go with plain old batteries and off-the-shelf PVC pipe. That’s the thinking behind [Bertrand Selva]’s clever LoRaTube project.
PVC pipe houses a self-contained LoRa repeater, complete with a big stack of D-size alkaline cells.
LoRa is a fantastic solution for long-range and low-power wireless communication (and popular, judging by the number of projects built around it) and LoRaTube provides an autonomous repeater, contained entirely in a length of PVC pipe. Out the top comes the antenna and inside is all the necessary hardware, along with a stack of good old D-sized alkaline cells feeding a supercap-buffered power supply of his own design. It’s weatherproof, inexpensive, self-contained, and thanks to extremely low standby current should last a good five years by [Bertrand]’s reckoning.

One can make a quick LoRa repeater in about an hour but while the core hardware can be inexpensive, supporting electronics and components (not to mention enclosure) for off-grid deployment can quickly add significant cost. Solar panels, charge controllers, and a rechargeable power supply also add potential points of failure. Sometimes it makes more sense to go cheap, simple, and rugged. Eighteen D-sized alkaline cells stacked in a PVC tube is as rugged as it is affordable, especially if one gets several years’ worth of operation out of it.

You can watch [Bertrand] raise a LoRaTube repeater and do a range test in the video (French), embedded below. Source code and CAD files are on the project page. Black outdoor helper cat not included.

youtube.com/embed/_I2cU9q78XQ?…

hackaday.com/2025/12/02/lora-r…

Learning something on YouTube seems kind of modern. But if you are watching a 1957 instructional film about slide rules, it also seems old-fashioned. But Encyclopædia Britannica has a complete 30-minute training film, which, what it lacks in glitz, it makes up for in mathematical rigor.

We appreciated that it started out talking about numbers and significant figures instead of jumping right into the slide rule. One thing about the slide rule is that you have to sort of understand roughly what the answer is. So, on a rule, 2×3, 20×30, 20×3, and 0.2×300 are all the same operation.

You don’t actually get to the slide rule part for about seven minutes, but it is a good idea to watch the introductory part. The lecturer, [Dr. Havery E. White] shows a fifty-cent plastic rule and some larger ones, including a classroom demonstration model. We were a bit surprised that the prestigious Britannica wouldn’t have a bit better production values, but it is clear. Perhaps we are just spoiled by modern productions.

We love our slide rules. Maybe we are ready for the collapse of civilization and the need for advanced math with no computers. If you prefer reading something more modern, try this post. Our favorites, though, are the cylindrical ones that work the same, but have more digits.

youtube.com/embed/RA0uRxVjZL4?…

hackaday.com/2025/12/02/retrot…

During World War II, as the Allies planned the invasion of Normandy, there was one major hurdle to overcome—logistics. In particular, planners needed to guarantee a solid supply of fuel to keep the mechanized army functional. Tanks, trucks, jeeps, and aircraft all drink petroleum at a prodigious rate. The challenge, then, was to figure out how to get fuel over to France in as great a quantity as possible.

War planners took a diverse approach. A bulk supply of fuel in jerry cans was produced to supply the initial invasion effort, while plans were made to capture port facilities that could handle deliveries from ocean-going tankers. Both had their limitations, so a third method was sought to back them up. Thus was born Operation Pluto—an innovative plan to simply lay fuel pipelines right across the English channel.

Precious Juice

War is thirsty work, and for the soldiers too. Crown copyright, Imperial War Museums
Back in the 1940s, undersea pipelines were rather underexplored technology. However, they promised certain benefits over other methods of shipping fuel to the continent. They would be far more difficult to destroy by aerial attack compared to surface ships or floating pipelines. An undersea pipeline would also be less likely to be damaged by rough sea conditions that were typical in the English Channel.

The idea was granted the codename PLUTO—for Pipe-Line Under The Ocean. Development began as soon as 1942, and the engineering challenges ahead were formidable. The Channel stood a good twenty miles wide at its narrowest point, with strong currents, variable depths, and the ever-present threat of German interference. Any pipeline would need to withstand high pressure from the fuel flowing inside, resist corrosion in seawater, and be flexible enough to handle the uneven seabed. It also needed to be laid quickly and surreptitiously, to ensure that German forces weren’t able to identify and strike the pipelines supplying Allied forces.
A sectioned piece of HAIS pipeline. Note the similarities to then-contemporary undersea cable construction. Credit: Geni, CC BY-SA 3.0
The first pipe developed as part of the scheme was HAIS. It was developed by Siemens Brothers and was in part the brainchild of Clifford Hartley, then Chief Engineer of Anglo-Iranian Oil and an experienced hand at delivering fuel pipelines in tough conditions. Thus the name—which stood for Hartly-Anglo-Iranian-Siemens. It used a 2-inch diameter pipe of extruded pipe to carry the fuel, surrounded by asphalt and paper doused in a vinyl-based resin. It was then wound with a layer of steel tape for strength, and then further layered with jute fiber and more asphalt and paper. The final layers were an armored sheath of galvanized steel wires and a canvas outer cover. The techniques used were inspired by those that had proved successful in the construction of undersea telegraph cables. As designed, the two-inch diameter pipe was intended to flow up to 3,500 imperial gallons of fuel a day when running at 500 psi.

HAIS pipe was produced across several firms in the UK and the US. Initial testing took place with pipe laid across the River Medway. Early efforts proved unsuccessful, with leaks caused by lead from the central core pushing out through the steel tape layer. The steel tape wraps were increased, however, and subsequent testing over the Firth of Clyde was more successful. Trials pushed the pipe up to 1,500 psi, showing that up to 250,000 liters of fuel could be delivered per day. The pipeline also proved robust, surviving a chance attack by a German bomb landing nearby. The positive results from testing led to the development of a larger 3-inch verison of the HAIS pipe to support even greater flow.
HAMEL pipe in long lengths prior to loading on a Conundrum. Crown copyright, Imperial War Museums
By this point in the war, however, supplies were becoming constrained on all sides. In particular, lead was becoming scarce, which spurred a desire for a cheaper pipe design to support Operation PLUTO. Thus was born HAMEL, named after engineers Bernard J. Ellis and H.A. Hammick, who worked on the project.
HAMEL pipe loaded on a Conundrum, ready to be laid on the seafloor. Crown copyright, Imperial War Museums
The HAMEL design concerned a flexible pipe constructed out of mild steel, at 3-½ inches in diameter. Lengths of the pipe were produced in 40-foot segments which would then be resistance welded together to create a longer flexible pipeline that could be laid on the seafloor. The steel-based pipe was stiffer than the cable-like HAIS, which caused an issue—it couldn’t readily be coiled up in a ship’s hold. Instead, giant floating drums were constructed at some 40 feet in diameter, nicknamed “Conundrums.” These were to be towed by tugs or hauled by barges to lay the pipeline across the Channel. Testing took place by laying pipelines to the Isle of Wight, which proved the concept was viable for deployment.

Beyond the two types of pipeline, a great deal of work went into the supporting infrastructure for the project. War planners had to build pumping stations to feed the pipelines, as well as ensure that they could in turn be fed fresh fuel from the UK’s network of fuel storage facilities and refineries. All this had to be done with a certain level of camouflage, lest German aircraft destroy the coastal pumping stations prior to the British invasion of the continent. Two main stations at Sandown and Dungeness were selected, and were intended to be connected via undersea pipe to the French ports of Cherbourg and Ambleteuse, respectively. The Sandown-Cherbourg link was to be named Bambi, while the Dungeness-Ambleteuse link would be named Dumbo, referencing further Disney properties since the overall project was called Pluto.

The Big Dance

On D-Day, the initial landings and immediate securing of the beachhead would run on pre-packaged fuel supplies in jerry cans and drums. The pipelines were intended to come later, ensuring that the Allied forces had the fuel supplies to push deep into Europe as they forced back the German lines. It would take some time to lay the pipelines, and the work could only realistically begin once the initial ports were secure.
A map indicating the Bambi and Dumbo pipelines between England and France. Notably, the Dumbo pipelines were run to Boulogne instead of the original plan of Ambleteuse. Credit: public domain
Bambi was intended to go into operation just 75 days after D-Day, assuming that Allied forces had managed to capture the port of Cherbourg within eight days of the landings. This process instead took 21 days due to the vagaries of war. Efforts to lay a HAIS pipeline began as soon as 12 August 1944, just 67 days after D-Day, only to fail due to an anchor strike by an escort destroyer. The second effort days later was scuppered when the piping was wound up in the propeller of a supporting craft. A HAMEL pipelaying effort on 27 August would also fail thanks to barnacles jamming the massive Conundrum from rotating, and while cleaning efforts freed it up, the pipeline eventually broke after just 29 nautical miles of the 65 nautical mile journey.

It wasn’t until 22 September that a HAIS cable was successfully installed across the Channel, and began delivering 56,000 imperial gallons a day. A HAMEL pipe was then completed on the 29 September. However, both pipes would fail just days later on October 3 as pressure was increased to up the rate of fuel delivery, and the Bambi effort was cancelled. Despite the great efforts of all involved, the pipelines had delivered just 935,000 imperial gallons, or 3,300 long tons of fuel—a drop in the ocean relative to what the war effort required.
A Conundrum pictured as it was towed to Cherbourg to lay a HAMEL pipeline as part of Operation Bambi. Credit: public domain
Dumbo would prove more successful, perhaps with little surprise that the distances involved were shorter. The first HAIS pipeline was completed and operational by 26 October. The pipeline was redirected from Dungeness to Boulogne instead of the original plan to go to Ambleteuse thanks to heavy mining by the Germans, and covered a distance of 23 nautical miles. More HAIS and HAMEL pipelines followed, and the pipeline would later be extended to Calais to use its rail links for delivery further inland.

A total of 17 pipelines were eventually laid between the two coasts by the end of 1944. They could deliver up to 1,300 long tons of fuel per day—soon eclipsing the Bambi efforts many times over. The HAMEL pipelines proved somewhat unreliable, but the HAIS cable-like pipes held up well and none broke during their use until the end of the war in Europe. The pipelines stuck to supplying petrol, while initial plans to deliver other fuels such as high-octane aviation spirit were discarded.
Once a key piece of war infrastructure, now a small part of a thrilling minigolf course. Credit: Paul Coueslant, CC BY-SA 2.0
Overall, Operation Pluto would deliver 370,000 long tons of fuel to support Allied forces, or about 8 percent of the total. The rest was largely delivered by oceangoing tankers, with some additional highly-expensive aerial delivery operations used when logistical lines were stretched to their very limits. Bulk fuel delivery by undersea pipeline had been proven possible, but perhaps not decisively important when it came to wartime logistics.
A small section of pipeline left over from Operation Pluto at Shanklin Chine on the Isle of Wight. Credit: Crookesmoor, CC BY SA 3.0
Arguments as to the value of the project abound in war history circles. On the one hand, Operation Pluto was yet another impressive engineering feat achieved in the effort to bring the war to an end. On the other hand, it was a great deal of fuss and ultimately only delivered a moderate portion of the fuel needed to support forces in theatre. In any case, there are still lingering reminders of Operation Pluto today—like a former pumping station that has been converted into a minigolf course, or remnants of the pipelines on the Isle of Wight.

Since World War II, we’ve seen precious few conflicts where infrastructure plays such a grand role in the results of combat. Nevertheless, the old saying always rings true—when it comes to war, amateurs discuss tactics, while professionals study logistics.

hackaday.com/2025/12/02/how-cr…

Assuming you’re not stuck in a prison cell without windows, you could feasibly keep track of the moon and tides by walking outside and jotting things down in your notebook. Alternatively, you could save a lot of hassle by just building this moon and tide clock from [pjdines1994] instead.

The build is based on a Raspberry Pi Pico W, which is hooked up to a real-time clock module and a Waveshare 3.7-inch e-paper display. Upon this display, the clock draws an image relevant to the current phase of the moon. As the write-up notes, it was a tad fussy to store 24 images for all the different lunar phases within the Pi Pico, but it was achieved nonetheless with a touch of compression. As for tides, it covers those too by pulling in tide information from an online resource.

It’s specifically set up to report the local tides for [pjdines1994], reporting the high tide and low tide times for Whitstable in the United Kingdom. If you’re not in Whitstable, you’d probably want to reconfigure the clock before using it yourself. Unless you really want to know what’s up in Whitstable, of course. If you so wish, you can set the clock up to make its own tide predictions by running local calculations, but [pjdines1994] notes that this is rather more complicated to do. The finished result look quite good, because [pjdines1994] decided to build it inside an old carriage clock that only reveals parts of the display showing the moon and the relevant tide numbers.

We’ve featured some other great tide clocks before, like this grand 3D printed design. If you’ve built your own arcane machine to plot the dances of celestial objects, do be sure to let us know on the tipsline!

hackaday.com/2025/12/02/a-styl…

We’ve all been there. You’ve found a beautiful piece of older hardware at the thrift store, and bought it for a song. You rush it home, eager to tinker, but you soon find it’s just not working. You open it up to attempt a repair, but you could really use some information on what you’re looking at and how to enter service mode. Only… a Google search turns up nothing but dodgy websites offering blurry PDFs for entirely the wrong model, and you’re out of luck.

These days, when you buy an appliance, the best documentation you can expect is a Quick Start guide and a warranty card you’ll never use. Manufacturers simply don’t want to give you real information, because they think the average consumer will get scared and confused. I think they can do better. I’m demanding a new two-tier documentation system—the basics for the normies, and real manuals for the tech heads out there.

Give Us The Goods

Once upon a time, appliances came with real manuals and real documentation. You could buy a radio that came with a full list of valves that were used inside, while telephones used to come with printed circuit diagrams right inside the case. But then the world changed, and a new phrase became a common sight on consumer goods—”NO USER SERVICABLE PARTS INSIDE.” No more was the end user considered qualified or able to peek within the case of the hardware they’d bought. They were fools who could barely be trusted to turn the thing on and work it properly, let alone intervene in the event something needed attention.

This attitude has only grown over the years. As our devices have become ever more complex, the documentation delivered with them has shrunk to almost non-existent proportions. Where a Sony television manual from the 1980s contained a complete schematic of the whole set, a modern smartphone might only include a QR code linking to basic setup instructions on a website online. It’s all part of an effort by companies to protect the consumer from themselves, because they surely can’t be trusted with the arcane knowledge of what goes on inside a modern device.

This Sony tv manual from 1985 contained the complete electrical schematics for the set.
byu/a_seventh_knot inmildlyinteresting

This sort of intensely technical documentation was the norm just a few decades ago.
Some vintage appliances used to actually have the schematic printed inside the case for easy servicing. Credit: British Post Office
It’s understandable, to a degree. When a non-technical person buys a television, they really just need to know how to plug it in and hook it up to an aerial. With the ongoing decline in literacy rates, it’s perhaps a smart move by companies to not include any further information than that. Long words and technical information would just make it harder for these customers to figure out how to use the TV in the first place, and they might instead choose a brand that offers simpler documentation.

This doesn’t feel fair for the power user set. There are many of us who want to know how to change our television’s color mode, how to tinker with the motion smoothing settings, and how to enter deeper service modes when something seems awry. And yet, that information is kept from us quite intentionally. Often, it’s only accessible in service manuals that are only made available through obscure channels to selected people authorised by OEMs.

Two Tiers, Please

Finding old service manuals can be a crapshoot, but sometimes you get lucky with popular models. Credit: Google via screenshot
I don’t think it has to be this way. I think it’s perfectly fine for manufacturers to include simple, easy-to-follow instructions with consumer goods. However, I don’t think that should preclude them from also offering detailed technical manuals for those users that want and need them. I think, in fact, that these should be readily available as a matter of course.

Call it a “superuser manual,” and have it only available via a QR code in the back of the basic, regular documentation. Call it an “Advanced Technical Supplement” or a “Calibration And Maintenance Appendix.” Whatever jargon scares off the normies so they don’t accidentally come across it and then complain to tech support that they don’t know why their user interface is now only displaying garbled arcane runes. It can be a little hard to find, but at the end of the day, it should be a simple PDF that can be downloaded without a lot of hurdles or paywalls.

I’m not expecting manufacturers to go back to giving us full schematics for everything. It would be nice, but realistically it’s probably overkill. You can just imagine what that would like for a modern smartphone or even just a garden variety automobile in 2025. However, I think it’s pretty reasonable to expect something better than the bare basics of how to interact with the software and such. The techier manuals should, at a minimum, indicate how to do things like execute a full reset, enter any service modes, and indicate how the device is to be safely assembled and disassembled should one wish to execute repairs.

Of course, this won’t help those of us repairing older gear from the 90s and beyond. If you want to fix that old S-VHS camcorder from 1995, you’re still going to have to go to some weird website and risk your credit card details over a $30 charge for a service manual that might cover your problem. But it would be a great help for any new gear moving forward. Forums died years ago, so we can no longer Google for a post from some old retired tech who remembers the secret key combination to enter the service menu. We need that stuff hosted on manufacturer websites so we can get it in five minutes instead of five hours of strenuous research.

Will any manufacturers actually listen to this demand? Probably, no. This sort of change needs to happen at a higher level. Perhaps the right to repair movement and some boisterous EU legislation could make it happen. After all, there is an increasing clamour for users to have more rights over the hardware and appliances they pay for. If and when it happens, I will be cheering when the first manuals for techies become available. Heaven knows we deserve them!

hackaday.com/2025/12/02/give-u…

Connected devices are ubiquitous in our era of wireless chips heavily relying on streaming data to someone else’s servers. This sentence might already start to sound dodgy, and it doesn’t get better when you think about today’s smart glasses, like the ones built by Meta (aka Facebook).

[sh4d0wm45k] doesn’t shy away from fighting fire with fire, and shows you how to build a wireless device detecting Meta’s smart glasses – or any other company’s Bluetooth devices, really, as long as you can match them by the beginning of the Bluetooth MAC address.

[sh4d0wm45k]’s device is a mini light-up sign saying “GLASSHOLE”, that turns bright white as soon as a pair of Meta glasses is detected in the vicinity. Under the hood, a commonly found ESP32 devboard suffices for the task, coupled to two lines of white LEDs on a custom PCB. The code is super simple, sifting through packets flying through the air, and lets you easily contribute with your own OUIs (Organizationally Unique Identifier, first three bytes of a MAC address). It wouldn’t be hard to add such a feature to any device of your own with Arduino code under its hood, or to rewrite it to fit a platform of your choice.

We’ve been talking about smart glasses ever since Google Glass, but recently, with Meta’s offerings, the smart glasses debate has reignited. Due to inherent anti-social aspects of the technology, we can see what’d motivate one to build such a hack. Perhaps, the next thing we’ll see is some sort of spoofed packets shutting off the glasses, making them temporarily inoperable in your presence in a similar way we’ve seen with spamming proximity pairing packets onto iPhones.

hackaday.com/2025/12/02/build-…

Le autorità olandesi hanno pubblicato i dati che dimostrano come il coinvolgimento degli adolescenti nella criminalità digitale sia solitamente temporaneo. Un’analisi preparata dalla Camera dei Rappresentanti indica che l’interesse precoce per l’hacking spesso svanisce entro i 20 anni, e solo pochi mantengono un interesse duraturo.

Il rapporto sottolinea che gli adolescenti iniziano a commettere vari tipi di reati più o meno alla stessa età. I reati informatici non sono più comuni dei reati legati alle armi o alla droga, e significativamente meno comuni dei reati contro la proprietà. Inoltre, il percorso verso i primi tentativi passa in genere attraverso simulazioni di gioco che consentono loro di sviluppare competenze tecniche.

Secondo i dati raccolti nel corso degli anni, il picco di attività criminale tra i giovani criminali si è verificato tra i diciassette e i vent’anni. Questa tendenza è coerente con altre tipologie di reato. In uno studio condotto nel 2013 su un campione di diverse centinaia di giovani delinquenti, la maggior parte dei partecipanti ha cessato tale attività poco dopo aver raggiunto il picco.

I ricercatori stimano che la percentuale di coloro che continuano a commettere crimini digitali dopo i vent’anni sia pari a circa il quattro percento. La ricercatrice Alice Hutchings ha osservato già nel 2016 che il coinvolgimento a lungo termine deriva da un interesse costante per la tecnologia e dal desiderio di sviluppare competenze, piuttosto che da incentivi esterni.

Gli autori dell’analisi governativa sottolineano che la maggior parte degli studi sta diventando obsoleta a causa dei rapidi cambiamenti nell’ambiente digitale. A titolo di confronto, citano i dati sui costi sociali totali della criminalità minorile, pari a circa 10,3 miliardi di euro all’anno. La maggior parte dell’onere ricade sulle vittime, mentre la parte restante ricade sui servizi pubblici, tra cui la polizia e il sistema giudiziario.

I costi annuali precisi della criminalità digitale sono difficili da stimare a causa della mancanza di dati a lungo termine. Tuttavia, i dati indiretti ci permettono di stimare l’entità del problema. Ad esempio, uno studio commissionato dal governo del Regno Unito ha rilevato che i danni annuali causati da tre attacchi a un importante ospedale potrebbero superare gli 11 milioni di sterline. Questi importi sono paragonabili o superiori ai costi di molte categorie di criminalità nei Paesi Bassi.

In precedenza, le agenzie governative del Paese hanno ripetutamente sottolineato la difficoltà di quantificare l’impatto degli attacchi digitali. Ad esempio, un rapporto preparato da Deloitte per il governo olandese nel 2016 stimava le perdite annuali per le organizzazioni derivanti da incidenti informatici in circa 10 miliardi di euro, una cifra paragonabile al costo totale della delinquenza minorile.

L'articolo La maggior parte degli adolescenti abbandona la criminalità digitale entro i 20 anni proviene da Red Hot Cyber.

I proprietari di Porsche in Russia riscontrano sempre più problemi con gli allarmi da parte della fabbrica, rendendo impossibile l’utilizzo delle loro auto. Le loro auto non si avviano, si bloccano subito dopo l’avviamento o visualizzano errori relativi al motore. I responsabili della concessionaria Rolf hanno dichiarato a RBC di aver notato un aumento delle chiamate di assistenza dal 28 novembre a causa del blocco degli allarmi via satellite.

Secondo la responsabile del servizio clienti dell’azienda, Yulia Trushkova, attualmente non esiste alcuna correlazione tra i modelli e i tipi di motori e, in teoria, qualsiasi veicolo può essere immobilizzato.

Attualmente, l’immobilizzazione può essere aggirata resettando l’unità di allarme di fabbrica e smontandola. La causa del malfunzionamento non è ancora stata determinata, ma l’azienda osserva che è possibile che sia stata eseguita intenzionalmente. Situazioni simili, secondo Rolf, si sono verificate anche tra i proprietari di Mercedes-Benz, ma tali incidenti sono molto più rari.

In precedenza, il canale Telegram SHOT aveva riferito che centinaia di Porsche in tutta la Russia erano state dichiarate “illegali” a causa di un malfunzionamento del sistema di allarme di fabbrica, attribuito a problemi di comunicazione. I conducenti di Mosca, Krasnodar e altre città hanno segnalato problemi. Alcuni proprietari hanno riferito di aver temporaneamente bypassato il sistema scollegando la batteria per circa dieci ore per consentire al sistema di allarme di scaricarsi e riavviarsi.

Secondo la rivista Avto.ru, i proprietari di modelli Cayenne, Macan e Panamera si sono rivolti principalmente ai centri di assistenza per reclami simili. I reclami relativi a motori che si spengono e blocchi del motore si verificano da anni, ma sono diventati diffusi quest’autunno. Secondo i dati preliminari, il problema è prevalente nei veicoli prodotti prima del 2020 e dotati del vecchio sistema di localizzazione GSM/GPS VTS (Vehicle Tracking System). Il canale Telegram “Porsche Club Russia” cita come causa principale un malfunzionamento del modulo satellitare, con limitazioni e blocchi della comunicazione. I conducenti sottolineano che scollegare la batteria è visto come una soluzione temporanea, che consente loro di raggiungere un centro di assistenza.

Gli allarmi satellitari di questi veicoli si basano su sistemi di navigazione e sono progettati per migliorare la sicurezza e monitorare le condizioni del veicolo, anche in caso di tentativi di furto o fattori esterni. Se il veicolo è bloccato, il sistema antifurto può impedire l’avviamento del motore, del motorino di avviamento o dell’accensione, nonché interrompere l’alimentazione del carburante e attivare le spie luminose del veicolo in modalità anomala.

La casa automobilistica tedesca Porsche AG ha cessato le consegne ufficiali di auto in Russia nel 2022, citando “la grande incertezza e gli attuali sconvolgimenti”. Tuttavia, l’azienda gestisce ancora tre filiali russe: Porsche Russia, Porsche Center Moscow e PFS Russia.

I tentativi di vendere queste attività si sono finora rivelati infruttuosi. Autonews aveva precedentemente riportato, citando la sede centrale dell’azienda, che il Gruppo Volkswagen, che include Porsche, ha annullato i suoi obblighi di fornire assistenza post-vendita e ricambi per i veicoli precedentemente venduti in Russia.

L'articolo Le Porsche in Russia non si avviano più! Un presunto bug non fa partire il motore proviene da Red Hot Cyber.

Le forze dell’ordine in Svizzera e Germania hanno segnalato lo smantellamento di Cryptomixer, un importante servizio di mixing attivo dal 2016 che aiutava i criminali a riciclare fondi ottenuti illecitamente. Secondo l’Europol, negli ultimi anni il servizio ha elaborato oltre 1,3 miliardi di euro in Bitcoin (circa 1,5 miliardi di dollari).

L’Operazione Olympia ha avuto luogo a Zurigo a fine novembre. Durante i raid, durati dal 24 al 28 novembre, le forze dell’ordine, con il supporto di Europol ed Eurojust, hanno sequestrato tre server contenenti oltre 12 terabyte di dati, bloccato domini sulla rete Internet tradizionale e sulla rete Tor e confiscato Bitcoin per un valore di 24 milioni di euro (circa 29 milioni di dollari). Nessun arresto è stato segnalato nei comunicati stampa ufficiali.

“Cryptomixer era un servizio di mixing ibrido che operava simultaneamente su internet e sul darknet. Facilitava l’occultamento di proventi illeciti per gruppi estorsivi, forum ombra e mercati darknet. Il suo software bloccava il tracciamento dei fondi sulla blockchain, rendendo la piattaforma una delle preferite dai criminali informatici che cercavano di riciclare proventi illeciti provenienti da varie attività criminali (tra cui traffico di droga, traffico di armi, attacchi ransomware e frodi con carte di pagamento)”, riferiscono i rappresentanti dell’Europol.

Le autorità sottolineano che tali servizi garantiscono ai criminali l’anonimato in una fase critica, ovvero quando devono convertire i beni rubati in moneta fiat o altre criptovalute. Sebbene tali piattaforme possano teoricamente avere applicazioni legali, nella pratica i loro principali utenti rimangono gruppi criminali che cercano di eludere l’identificazione e l’arresto.

Vale la pena notare che questa non è la prima grande operazione delle forze dell’ordine contro i mixer di criptovalute.

Ad esempio, a del marzo 2023, l’Europol ha coordinato un’operazione simile contro ChipMixer, uno dei più grandi servizi di mixing di criptovalute sul darknet. La polizia tedesca e l’FBI sequestrarono quattro server, 7 TB di dati e 46,5 milioni di dollari in Bitcoin.

Ricordiamo inoltre che alla fine di novembre i fondatori del mixer di criptovalute Samourai sono stati condannati al carcere negli Stati Uniti, colpevoli di riciclaggio di oltre 237 milioni di dollari.

La chiusura di Cryptomixer rappresenta un altro duro colpo per l’ecosistema criminale delle criptovalute e dimostra che la comunità internazionale delle forze dell’ordine sta combattendo sempre più contro gli strumenti che consentono ai criminali di nascondere le loro attività illegali nello spazio digitale.

L'articolo Smantellato Cryptomixer, il servizio di mixing che aiutava i criminali a riciclare Bitcoin proviene da Red Hot Cyber.

Nel panorama dei forum underground esistono attori che operano in modo episodico, alla ricerca di un singolo colpo mediatico, e altri che costruiscono nel tempo una pipeline quasi industriale di compromissioni, rilasciando dataset tecnici e informazioni interne di aziende in tutto il mondo. Tra questi, uno dei profili più riconoscibili è quello che si presenta con il semplice alias “888”.

Attivo almeno dal 2024, 888 è oggi considerato uno dei data-leaker più prolifici della scena, con oltre un centinaio di breach rivendicati e una presenza costante nei forum più frequentati del cybercrime anglofono. A differenza dei gruppi ransomware strutturati, non opera con modalità estorsive, non negozia e non utilizza countdown: il suo modello è basato su vendita privata e rilascio pubblico di dataset selezionati, con l’obiettivo evidente di alimentare reputazione, visibilità e domanda.

A novembre 2025, 888 torna al centro dell’attenzione pubblicando un archivio dal titolo eloquente:
“Ryanair Internal Communications”.

Un dump che include dati relativi alle prenotazioni, alle tratte, ai numeri di volo, ai processi di gestione dei claim e soprattutto alle interazioni interne del dipartimento legal/claims della compagnia.

Il profilo operativo di 888: un attore individuale, costante e opportunistico

Ho fatto delle ricerche storiche sulle attività di 888 e le informazioni raccolte delineano un profilo chiaro:

• attore singolo: senza una struttura organizzata
• attivo nei vari dark forum: prima su Breach Forum adesso su Dark Forum, dove ha ricoperto anche ruoli moderativi
• tecnicamente competente: ma più orientato all’exploitation di misconfigurazioni, bucket cloud esposti e servizi pubblici vulnerabili
• finanziariamente motivato: con una storicità di vendite private di database
• nessuna agenda politica: nessuna connessione pubblica con gruppi RaaS
• pattern coerente: leak di codice sorgente, configurazioni, archivi corporate, database utenti

La sua attività attraversa settori diversi: tech, education, retail, automotive, energy, piattaforme SaaS, e più recentemente aviation.
888 punta ai dataset ripetibili e monetizzabili, non agli ambienti complessi come OT o ICS.

Una caratteristica rara che lo contraddistingue: la continuità. La sua reputazione deriva proprio da questo.

La fonte più interessante è l’intervista rilasciata a Sam Bent per la sua rubrica “Darknet Dialogues” dove emergono particolari interessanti su 888: il suo mentore? Kevin Mitnik. Il suo punto di vista su IA e Hacking? tutto il suo lavoro è solo frutto delle sue conoscenze e skills.

Il caso Ryanair: cosa emerge davvero dai sample

All’interno del thread dedicato alla compagnia aerea compaiono diversi sample CSV, che rappresentano estrazioni coerenti con un sistema di gestione delle dispute legali e dei reclami EU261.

La struttura dei dati evidenzia chiaramente:

• ticketId, groupTicketId, caseNo, decisionNo, refNumber
• aeroporti di partenza e destinazione (BVA, BLQ, PMO, TRN, BGY, AHO, GOA, BDS…)
• numeri di volo (FR 4831, FR 9369, FR 4916, FR 2254, FR 1011…)
• nome e cognome dei passeggeri coinvolti
• team interni assegnati alla pratica
• riferimenti a: “info retrieved from the summons”, meal expenses, hotel expenses, EU261
• timestamp ISO-8601 per gli aggiornamenti delle pratiche
• descrizioni testuali interne dei casi

Ho avuto modo di analizzare i sample “offerti” nel post su Dark Forum e si tratta di comunicazioni provenienti da passeggeri italiani, riferite a dispute legali o a richieste di rimborso per disservizi di varia natura.

I possibili vettori di compromissione possono essere solo ipotizzati, poiché 888 non fornisce alcun dettaglio sul metodo utilizzato per ottenere i dati. La pista più verosimile è la compromissione di un sistema di CRM o case management utilizzato per gestire le comunicazioni con i clienti e le pratiche legali, anche tramite partner esterni.

Come si inserisce il breach di Ryanair nella storia di 888

L’incidente aviation non è un’eccezione: si integra perfettamente nel modus operandi di 888.
Il threat actor infatti ha già rivendicato:

• dataset di IBM (17.500 dipendenti)
• archivi BMW Hong Kong
• dati di Microsoft
• codice sorgente di piattaforme brasiliane (CIEE One)
• database di piattaforme e-commerce, logistiche e retail
• dump di aziende fintech, ONG internazionali e marketplace online

888 non cerca mai l’effetto “shock”: non pubblica tutto subito, non crea negoziazioni, non orchestra estorsioni.
Semplicemente rilascia, spesso dopo aver venduto privatamente il materiale.

Ryanair, in questo contesto, è un tassello di una catena più ampia, non un focus specifico.

888 è un attore che vive nella zona grigia tra l’intrusion broker e il data-leaker opportunistico, con una pipeline strutturata di compromissioni, una forte attività nei forum underground e un occhio costante verso i dataset che possono generare ritorno economico o reputazionale.

Il caso Ryanair non rappresenta un incidente isolato, ma l’ennesima conferma della sua traiettoria: un attore singolo, costante, metodico, che si muove lungo una supply chain digitale globale dove ogni anello debole – un bucket esposto, un repository dimenticato, un servizio di ticketing non protetto – diventa un nuovo dump da pubblicare.

Fonti utilizzate per redigere l’articolo:

• Ryanair Data Breach: 7 Key Findings Revealed in This Urgent Analysis
• Threat Actor Releases Supposed Ryanair Internal Emails and Ticketing Data
• Threat Actor 888 (Malpedia Profile)
• IBM Hacked? Threat Actor ‘888’ Reveals Thousands of Employees’ Data Leak
• Cybercriminals Target Brazil: 248,725 Exposed in CIEE One Data Breach
• 888 Interview – Darknet Dialogues (YouTube)
• Brinztech Alert: Database of Ryanair is Leaked
• A data breach by threat actor 888 has exposed over 430,000 user records
• Hello Cake Data Breach (Have I Been Pwned)
• Dark Web Threats Targeting the Airline Industry
• Alleged Data Breach of LG A threat actor using the alias “888”
• Threat Actor “888” Claims LG Electronics Data Breach
• LG Data Leak: 888 Threat Actor Exposes Source Code
• Nutergia Laboratory Data Breach by Threat Actor “888”
• 888 – Details | BreachHQ by Beyond Identity
• IBM staff data allegedly leaked in cyber attack
• Cyber Intelligence – Darkeye

L'articolo 888: il data-leaker seriale! L’outsider del darkweb che ha costruito un impero di dati rubati proviene da Red Hot Cyber.

Michigan’s Grand Blanc Township thinks it has discovered a trick to weasel out of accountability: charging a reporter more for government records than most people earn in two years.

Independent journalist Anna Matson filed two requests for records about the township’s fire chief, Jamie Jent, being placed on administrative leave. That decision — later lifted after outcry from residents and firefighters — reportedly came after he raised concerns about staffing issues following the tragic September shooting at the township’s Church of Jesus Christ of Latter-day Saints.

The government told her she’d have to pay a combined $164,000 in labor costs ($100,000 for her first request and $64,000 for a second) for finding and reviewing the records in order for them to respond to the request. That’s ridiculous. Michigan’s legislature should act to ensure that other local governments don’t get any ideas.

There’s nothing unusually burdensome about Matson’s requests. If the township’s recordkeeping is so shoddy and its search capabilities so lacking that it costs six figures’ worth of employee time to find some emails and documents, that’s the township’s problem, not Matson’s. If anything, it begs another Freedom of Information Act request to figure out how the township reached that level of incompetence, and what officials are spending money on instead of basic software.

The township doubled down on evasiveness when Matson showed up to a board meeting last week to contest the fees, and it made nonsensical excuses to enter into closed session so that it could discuss its secrecy in secret.

Maybe the township thinks the fees will discourage the press from trying to hold it accountable. More likely, it will do the opposite: inspire reporters to keep digging. Intrepid journalists see obvious obstruction tactics like these and think, “I must be on to something.” We’re confident Matson will eventually uncover whatever the township doesn’t want her and her readers to see.

Michigan’s Freedom of Information Act, like the federal FOIA and state public records laws across the country, was intended to let everyone — not just rich people — find out what their government is up to and how their money is being spent.

The law allows agencies to charge reasonable fees — copying costs, mailing expenses, and limited labor charges calculated at the hourly wage of the lowest-paid employee capable of doing the work. Agencies aren’t permitted to charge for the first two hours of labor, and they can only charge for search and review time if not doing so would result in “unreasonably high costs.”

Officials are taking advantage of the media’s weak financial position to hold accountability for ransom.

We’re not fans of charging any labor costs for FOIAs. Tax dollars already pay for agencies to maintain public records. Allowing the public to access them is a basic government function. But putting that aside, how does finding records about one employee during a limited time frame — which was all her first request sought — cost six figures? The $64,000 price tag for the second request for departmental records is equally absurd and also shows the arbitrariness of the whole thing — how does the broader request cost less than the narrower one?

This obstruction tactic is hardly a local innovation. Last year, Nebraska’s legislature had to step in after the state’s Department of Environment and Energy tried charging the Flatwater Free Press more than $44,000 to review environmental records. It claimed figuring out what exemptions to the public’s records law applied would be time-consuming — essentially making the press pay for their time figuring out legal arguments to not give it the records it wanted.

The Trump administration — which has attempted to close FOIA offices and fired officials who released embarrassing information pursuant to FOIAs — recently demanded journalist Brian Karem pay a $50,000 bond just to expedite a lawsuit for documents about the classified records Trump took to Mar-a-Lago. It’s far from the first instance of fee bullying by the federal government, regardless of who is president.

Trump, of course, claims he did nothing wrong by taking those documents, but doesn’t want to let the public be the judge. The situation in Grand Blanc Township is similar — the same government that may have punished a fire chief for speaking up about public safety wants to punish a journalist for asking questions about it. It’s secrecy stacked on secrecy.

It’s no coincidence that so many of these overcharging cases involve requests by independent journalists or small local outlets. The government knows the news industry is struggling economically. That’s no secret. Officials are taking advantage of the media’s weak financial position to hold accountability for ransom. If they get their way, transparency will become a luxury only affordable to major media outlets that are unlikely to have much interest in public records from Grand Blanc Township in the first place.

The township needs to rescind its invoice, apologize to Matson, and get her the records she’s entitled to right away. Beyond that, state legislators need to put politics aside and follow Nebraska’s example by narrowing what the government can charge the public for its own records and making those limits unambiguous (and of course, they should also remove absurd provisions exempting the governor and legislature from transparency).

And if agencies have the nerve to defend these shakedowns in court, judges should hold government lawyers accountable for whatever frivolous legal arguments they concoct to justify charging well over the cost of a house in Detroit for basic transparency.

freedom.press/issues/censorshi…

FOR IMMEDIATE RELEASE:

The White House has launched a media bias tracker to catalog instances of supposedly distorted coverage by the press. Predictably, the site is long on hyperbole and short on substance.

The following statement can be attributed to Seth Stern, director of advocacy for Freedom of the Press Foundation (FPF):

“If Trump thinks the media is getting stories wrong or being unfair to him, he should release the public records, correspondence, and legal memoranda that prove it, instead of wasting time and taxpayer money on silly websites.

“He’s got more power than anyone to correct the record with documented facts and has countless platforms on which to do so. Instead, he calls reporters ‘piggy’ and posts empty rants that don’t refute anything, while doing everything in his power to hinder Americans’ access to public records containing verifiable facts.

“Trump’s anti-speech antics are highly unpopular, and I doubt many people take his ramblings about ‘fake news’ seriously at this point. He has made it extremely clear that his beef is not with media bias but with journalists not flattering him and regurgitating his lies. It’s a safe bet that his bias tracker will not have anything to say about the influencers and propagandists he favors over serious journalists.

“People understand the obvious conflict inherent in an image-obsessed presidential administration appointing itself the arbiter of media bias. I expect that after the initial wave of publicity, few Americans will be paying attention to this latest stunt, let alone consulting it when deciding what news to consume. The gimmick is wearing thin.”

Please contact us if you would like further comment.

freedom.press/issues/white-hou…

404 Media

2025-08-13 21:53:37

Trump Administration Outlines Plan to Throw Out an Agency's FOIA Requests En Masse

The Department of Energy (DOE) said in a public notice scheduled to be published Thursday that it will throw out all Freedom of Information Act (FOIA) requests sent to the agency before October 1, 2024 unless the requester proactively emails the agency to tell it they are still interested in the documents they requested. This will result in the improper closure of likely thousands of FOIA requests if not more; government transparency experts told 404 Media that the move is “insane,” “ludicrous,” a “Pandora’s Box,” and “an underhanded attempt to close out as many FOIA requests as possible.”

The DOE notice says “requesters who submitted a FOIA request to DOE HQ at any time prior to October 1, 2024 (FY25), that is still open and is not under active litigation with DOE (or another Federal agency) shall email StillInterestedFOIA@hq.doe.gov to continue processing of the FOIA request […] If DOE HQ does not receive a response from requesters within the 30-day time-period with a DOE control number, no further action will be taken on the open FOIA request(s), and the file may be administratively closed.” A note at the top of the notice says it is scheduled to be formally published in the Federal Register on Thursday.

The agency will send out what are known as “still interested” letters, which federal agencies have used over the years to see if a requester wants to withdraw their request after a certain period of inactivity. These types of letters are controversial and perhaps not legal, and previous administrations have said that they should be used rarely and that requests should only be closed after an agency made multiple attempts to contact a requester over multiple methods of communication. What the DOE is doing now is sending these letters to submitters of all requests prior to October 1, 2024, which is not really that long ago; it also said it will close the requests of people who do not respond in a specific way to a specific email address.

FOIA requests—especially complicated ones—can often take months or years to process. I have outstanding FOIA requests with numerous federal agencies that I filed years ago, and am still interested in getting back, and I have gotten useful documents from federal agencies after years of waiting. The notion that large numbers of people who filed FOIA requests as recently as September 2024, which is less than a year ago, are suddenly uninterested in getting the documents they requested is absurd and should be seen as an attack on public transparency, experts told 404 Media. The DOE’s own reports show that it often does not respond to FOIA requests within a year, and, of course, a backlog exists in part because agencies are not terribly responsive to FOIA.

“If a requester proactively reaches out and says I am withdrawing my request, then no problem, they don’t have to process it,” Adam Marshall, senior staff attorney at the Reporters Committee for Freedom of the Press, told me. “The agency can’t say we’ve decided we’ve gotten a lot of requests and we don’t want to do them so we’re throwing them out.”

“I was pretty shocked when I saw this to be honest,” Marshall added. “I’ve never seen anything like this in 10 years of doing FOIA work, and it’s egregious for a few reasons. I don’t think agencies have the authority to close a FOIA request if they don’t get a response to a ‘still interested’ letter. The statute doesn’t provide for that authority, and the amount of time the agency is giving people to respond—30 days—it sounds like a long time but if you happen to miss that email or aren’t digging through your backlogs, it’s not a lot of time. The notion that FOIA requesters should keep an eye out in the Federal Register for this kind of notice is ludicrous.”

The DOE notice essentially claims that the agency believes it gets too many FOIA requests and doesn’t feel like answering them. “DOE’s incoming FOIA requests have more than tripled in the past four years, with over 4,000 requests received in FY24, and an expected 5,000 or more requests in FY25. DOE has limited resources to process the burgeoning number of FOIA requests,” the notice says. “Therefore, DOE is undertaking this endeavor as an attempt to free up government resources to better serve the American people and focus its efforts on more efficiently connecting the citizenry with the work of its government.”

Lauren Harper of the Freedom of the Press Foundation told me in an email that she also has not seen any sort of precedent for this and that “it is an underhanded attempt to close out as many FOIA requests as possible, because who in their right mind checks the federal register regularly, and it should be challenged in court. (On that note, I am filing a FOIA request about this proposal.)”

“The use of still interested letters isn't explicitly allowed in the FOIA statute at all, and, as far as I know, there is absolutely zero case law that would support the department sending a mass ‘still interested’ letter via the federal register,” she added. “That they are also sending emails is not a saving grace; these types of letters are supposed to be used sparingly—not as a flagrant attempt to reduce their backlog by any means necessary. I also worry it will open a Pandora's Box—if other agencies see this, some are sure to follow.”

Marshall said that FOIA response times have been getting worse for years across multiple administrations (which has also been my experience). The Trump administration and the Department of Government Efficiency (DOGE) have cut a large number of jobs in many agencies across the government, which may have further degraded response times. But until this, there hadn’t been major proactive attempts taken by the self-defined “most transparent administration in history” to destroy FOIA.

“This is of a different nature than what we have seen so far, this affirmative, large-scale effort to purport to cancel a large number of pending FOIA requests,” Marshall said.

Limitations on Use of “Still-Interested” Inquiries

^{www.justice.gov}

Die Piratenpartei nimmt das Ergebnis der Volksabstimmung zur Digitalen Integrität in Zürich mit grossem Bedauern zur Kenntnis und wir bedanken uns bei allen, die Ja gestimmt haben. Wir respektieren selbstverständlich den demokratischen Entscheidungsprozess, doch das Ergebnis stellt einen Rückschlag für das wichtige Anliegen dar, ein Grundrecht auf ein selbstbestimmtes Offline‑Leben zu sichern.

Renato Sigg, Präsident Piratenpartei Zürich und Mitglied des Initiativkomitees: „Ohne die Digitale Integrität wird es keine menschenwürdige Digitalisierung geben. Sie braucht es auch, um eine nachhaltig erfolgreiche Resilienz und Digitale Souveränität sicherzustellen.“

Warum ist das Ergebnis problematisch?

Nur die AL stimmte für die Digitale Integrität. Die ablehnenden Parolen der etablierten Parteien – SVP, EDU, FDP, Mitte, EVP, GLP und Grüne signalisieren, dass Sie absichtlich in Kauf nehmen:

• Entscheidungen durch Algorithmen: Die Gefahr, dass Maschinen künftig über medizinische Eingriffe, Bewerbungsverfahren oder andere persönliche Angelegenheiten entscheiden.
• Umfassende Überwachung: Eine flächendeckende Erfassung, Vermessung und Analyse persönlicher Daten.
• Langfristige Datenspeicherung: Unbegrenzte Aufbewahrung personenbezogener Informationen ohne klare Fristen.
• Unsichere Datenlagerung: Risiken durch unzureichende Sicherheitsmassnahmen, die Missbrauch nahelegen.
• Digitale Monopolisierung von Dienstleistungen: Der Trend, physische Angebote (z. B. Billetautomaten) zugunsten rein digitaler Services abzuschaffen, wodurch Personen ohne digitale Anbindung benachteiligt werden.

Dies zeigt, dass die Piratenpartei die einzige Partei ist, die sich für eine menschenwürde Digitalisierung einsetzt und die Anliegen der Bevölkerung angemessen vertritt.

Melanie Hartmann, Vorstand Piratenpartei Schweiz: „Das Resultat an der Urne zeigt, dass Digitalpolitik immer noch nicht in der Mitte der Gesellschaft angekommen ist. Unabhängig davon ist und bleibt Digitale Integrität das dringend nötige Grundrecht für eine menschenwürdige Digitalisierung.“

Unser Appell

Wir fordern die politischen Entscheidungsträger auf, die Bedenken von Teilen der Bevölkerung ernst zu nehmen und die folgenden Prinzipien in zukünftige Gesetzgebungen einzubetten:

• Transparenz: Klare Offenlegung, welche Daten erhoben werden und zu welchem Zweck.
• Einwilligung: Strikte Vorgaben, dass jede Verarbeitung personenbezogener Daten restriktiver geregelt wird.
• Recht auf Vergessenwerden: Garantierte Löschung von Daten nach Ablauf eines angemessenen Zeitraums oder auf Wunsch der betroffenen Person.
• Datensicherheit: Verpflichtende technische und organisatorische Maßnahmen zum Schutz vor unbefugtem Zugriff.
• Option für Offline‑Dienstleistungen: Sicherstellung, dass grundlegende öffentliche Dienste weiterhin ohne digitale Voraussetzung verfügbar bleiben.

Johannes Neukom, Vorstand der Piratenpartei Zürich: „Wir akzeptieren das Resultat, finden es aber schade, dass die Menschen die Notwendigkeit der Digitalen Integrität noch nicht erkannt haben. Der Kanton hätte als erstes alle seine M365-Projekte stoppen müssen. Diese Niederlage wird kein Hindernis sein, dass wir weiterhin für die digitalen Rechte im ganzen Kanton kämpfen werden. Eine Annahme der Initiative hätte uns diesen Kampf aber enorm erleichtert. Eine demokratische Gesellschaft ist ohne einen festgeschriebenen Schutz im digitalen Raum nicht möglich. Mit den kommenden Überwachungswerkzeugen, die dem Staat zur Verfügung stehen, wird das umso wichtiger.“

Ausblick

Die Piratenpartei wird das Ergebnis gründlich analysieren und gemeinsam mit zivilgesellschaftlichen Akteuren, Experten und interessierten Bürgerinnen und Bürgern an konkreten Alternativen arbeiten. Ziel ist es, ein ausgewogenes Verhältnis zwischen technologischem Fortschritt und dem Schutz individueller Freiheitsrechte zu schaffen.

Ivan Büchi,Präsident Piratenpartei Ostschweiz: „Im Verlauf der nächsten Wochen werden wir im Kanton Glarus einen Memorialsantrag zur digitalen Integrität einreichen. Das Recht auf ein offline Leben schulden wir nicht nur unseren Kindern, sondern allen Menschen, die ein Leben ohne ständige Smartphone‑Nutzung führen möchten.“

Alexis Roussel, ehemaliger Co-Präsident der Piratenpartei Schweiz und Autor des Buches „Notre si précieuse intégrité numérique“ (Unsere so wertvolle digitale Unversehrtheit):
Der weitere Weg ist klar: Die Einführung des Grundrechts auf Digitale Integrität in anderen Kantonen und auf Bundesebene ist der Weg für eine digitale Gesellschaft, in der die Menschen respektiert und nicht eingeschränkt oder zur Nutzung gezwungen sind.

Die Piratenpartei dankt ausserdem Philippe Burger, der mit seiner generellen grossen Unterstützung und tatkräftigen Mithilfe sowie Formulierung des Abstimmungstextes diese Volksinitiative überhaupt erst möglich gemacht hat.

piratenpartei.ch/2025/12/02/ab…

Steve and James discuss holiday ICE raids and airlines announcing that they will shutdown a program that sold our travel data to the government.

youtube.com/embed/Eg_ci8PEozY?…

Sign up to our newsletter to get notified of new events or volunteer. Join us on:

• Mastodon;
• Facebook;
• Blue Sky;
• Twitter.

Check out:

• Surveillance Memory Bank and Resources;
• Our Administrative Coup Memory Bank;
• Our Things to Do when Fascists are Taking Over.

Some links we mentioned:

• Trump DHS Plans Immigration Raids on Churches Over Holidays;
• Airlines Will Shut Down Program That Sold Your Flights Records to Government.

Image Credit: 4300streetcar, CC By-SA 4.0, Wikimedia commons page.

masspirates.org/blog/2025/12/0…

404 Media

2025-11-18 18:43:23

Airlines Will Shut Down Program That Sold Your Flights Records to Government

Airlines Reporting Corporation (ARC), a data broker owned by the U.S.’s major airlines, will shut down a program in which it sold access to hundreds of millions of flight records to the government and let agencies track peoples’ movements without a warrant, according to a letter from ARC shared with 404 Media.

ARC says it informed lawmakers and customers about the decision earlier this month. The move comes after intense pressure from lawmakers and 404 Media’s months-long reporting about ARC’s data selling practices. The news also comes after 404 Media reported on Tuesday that the IRS had searched the massive database of Americans flight data without a warrant.

“As part of ARC’s programmatic review of its commercial portfolio, we have previously determined that TIP is no longer aligned with ARC’s core goals of serving the travel industry,” the letter, written by ARC President and CEO Lauri Reishus, reads. TIP is the Travel Intelligence Program. As part of that, ARC sold access to a massive database of peoples’ flights, showing who travelled where, and when, and what credit card they used.
The ARC letter.
“All TIP customers, including the government agencies referenced in your letter, were notified on November 12, 2025, that TIP is sunsetting this year,” Reishus continued. Reishus was responding to a letter sent to airline executives earlier on Tuesday by Senator Ron Wyden, Congressman Andy Biggs, Chair of the Congressional Hispanic Caucus Adriano Espaillat, and Senator Cynthia Lummis. That letter revealed the IRS’s warrantless use of ARC’s data and urged the airlines to stop the ARC program. ARC says it notified Espaillat's office on November 14.

ARC is co-owned by United, American, Delta, Southwest, JetBlue, Alaska, Lufthansa, Air France, and Air Canada. The data broker acts as a bridge between airlines and travel agencies. Whenever someone books a flight through one of more than 12,800 travel agencies, such as Expedia, Kayak, or Priceline, ARC receives information about that booking. It then packages much of that data and sells it to the government, which can search it by name, credit card, and more. 404 Media has reported that ARC’s customers include the FBI, multiple components of the Department of Homeland Security, ATF, the SEC, TSA, and the State Department.

Espaillat told 404 Media in a statement “this is what we do. This is how we’re fighting back. Other industry groups in the private sector should follow suit. They should not be in cahoots with ICE, especially in ways may be illegal.”

Wyden said in a statement “it shouldn't have taken pressure from Congress for the airlines to finally shut down the sale of their customers’ travel data to government agencies by ARC, but better late than never. I hope other industries will see that selling off their customers' data to the government and anyone with a checkbook is bad for business and follow suit.”

“Because ARC only has data on tickets booked through travel agencies, government agencies seeking information about Americans who book tickets directly with an airline must issue a subpoena or obtain a court order to obtain those records. But ARC’s data sales still enable government agencies to search through a database containing 50% of all tickets booked without seeking approval from a judge,” the letter from the lawmakers reads.

Update: this piece has been updated to include statements from CHC Chair Espaillat and Senator Wyden.

Airline-Owned Data Broker Selling Your Flight Info to DHS Finally Registers as a Data Broker

It’s a legal requirement for data brokers to register in the state of California. ARC, the airlines-owned data broker that has been selling your flight information to the government for years, only just registered after being contacted by the office …

^{Joseph Cox (404 Media)}