The telecommunications sector needs substantial investment and regulatory reforms to meet the European Union’s digital and sustainability targets. Nicolas Guérin, President of the French Telecoms Federation (FFTélécoms), spoke with Euractiv’s Xhoi Zajmi.

euractiv.com/section/digital/n…

Do you remember the fourth-place winner in the 2022 Hackaday Prize? If it’s slipped your mind, that’s okay—it was Boondock Echo. It was a radio project that aimed to make it easy to record and playback conversations from two-way radio communications. The project was entered via Hackaday.io, the judges dug it, and it was one of the top projects of that year’s competition.

The project was the brainchild of Mark Hughes and Kaushlesh Chandel. At the 2023 Hackaday Supercon, Mark and Kaushlesh (KC) came back to tell us all about the project, and how far it had come one year after its success in the 2022 Hackaday Prize.

Breaker, Breaker

youtube.com/embed/rg8EBrH9bMU?…

The talk begins with a simple video explainer of the Boondock Echo project. Basically, it points out the simple problem with two-way radio communications. If you’re not sitting in front of the receiver at the right time, you’re going to miss the message someone’s trying to send you. Unlike cellular communications, Skype calls, or email, there’s no log of missed calls or messages waiting for you. If you weren’t listening, you’re out of luck.
The device works with conventional amateur radios and can capture messages, store them in the cloud, and even react to them.
Mark was inspired to create a device to solve these problems by his father’s experience as an emergency responder with FEMA. Often, his father would tell stories about problems with radios and missed transmissions, and Mark had always wondered if something could be done.

Boondock Echo is the device that hopes to change all that. It’s a device designed for recording and playback of two-way radio communications. The hardware is based around the ESP32, which is able to capture analog audio from a radio, digitize it, and submit it to the Boondock Echo online service. This also enables more advanced features—the system can transcribe audio to text, and even do keyword monitoring on the results and email you any important relevant messages.
The Boondock Echo service can be set up to react to keywords and provide notifications in turn.
Rather amazingly, Hackaday actually helped spawn this project. Mark had an idea of what Boondock Echo should do, but he didn’t feel like he had the full set of technical skills to implement it. Then, Mark met KC via a Hackaday Hackchat, and the two started a partnership to develop the project further. Eventually, they won fourth place in the 2022 Hackaday Prize, which netted them a tasty $10,000 which they could use to develop the project further. They then brought in Mark’s friend Jesse on the hardware side, and things really got rolling.

The hope was to start producing and delivering Boondock Echo devices. Of course, nobody is immune to production hell, and it was no different for this team. KC dives into the story of how the device relied on the ESP32-A1S module. When they went to make more, this turned out to be problematic. They found some of the purchased modules worked and some didn’t. Stripping the RF shields off the pre-baked modules, they found that while they all included audio codec chips marked “8388,” some modules had a different layout and functioned differently. And these were parts with FCC IDs, identical part numbers, and everything! This turned into a huge mess that derailed the project for some time. The project had to be retooled to work with the ESP32-based AI Thinker Audio Kit, to which they added a custom “sidekick” board to handle interfacing with the desired radio hardware.
Dodgy parts caused a great deal of trouble for the team.
Mark notes that there were some organizational lessons learned through this difficult journey. He talks about the value of planning and budgets when it comes to any attempt to escape the “Valley of Death” as a nascent startup. Mark also explains how Boondock Echo came to seek investors to grow further when he realized they didn’t have the resources to make it on their own.

“You don’t go out asking for $10,000 from family and friends, you go out and you ask for a heck of a lot more than that from professional investors,” explains Mark. “It’s a lot easier to come up with $100,000 than $10,000, because the venture capitalists don’t play in the $10,000 price range.” Of course, he notes that this comes with a tradeoff—investors want a stake in the company in exchange for cold, hard cash. Moving to this mode of operation involved creating a company and then dividing up shares for all the relevant stakeholders—a unique challenge of its own. Mark and KC explain how they handled the growing pains and grew their team from there.
The successful live demo was a moment of some joy. It used a modified Supercon badge to display transcription of an audio message captured by a Boondock Echo device.
The rest of the talk covers the product itself, and we get a demo of what it can do. KC and Mark show us how the Boondock Echo units capture audio, record it, and submit it to the cloud. From there, we get to see how things like AI transcription, keyword triggers, and notifications work, and there’s even a fun live demo. Beyond that, Mark explains how you can order the hardware via CrowdSupply, and sign up with the Boondock Echo cloud service.

It’s not just neat to see a cool project, it’s neat to see something like this grow from an idea into a fully-fledged business. Even better, it grew out of the Hackaday community itself, and has flourished from there. It’s a wonderful testament to what hackers can achieve with a good idea and the will to pursue it.

hackaday.com/2024/11/07/2023-h…

Sound chips from back in the day were capable of much more than a few beeps and boops, and [InazumaDenki] proves it in a video recreating recognizable real-world sounds with the AY-3-8910, a chip that was in everything from arcade games to home computers. Results are a bit mixed but it’s surprising how versatile a vintage sound chip that first came out in the late 70s is capable of, with the right configuration.
Recreating a sound begins by analyzing a spectrograph.
Chips like the AY-3-8910 work at a low level, and rely on being driven with the right inputs to generate something useful. It can generate up to three independent square-wave tones, but with the right approach and setup that’s enough to get outputs of varying recognizability for a pedestrian signal, bird call, jackhammer, and referee’s whistle.

To recreate a sound [InazumaDenki] begins by analyzing a recording with a spectrogram, which is a visual representation of frequency changes over time. Because real-world sounds consist of more than just one frequency (and the AY-3-8910 can only do three at once), this is how [InazumaDenki] chooses what frequencies to play, and when. The limitations make it an imperfect reproduction, but as you can hear for yourself, it can certainly be enough to do the job.

How does one go about actually programming the AY-3-8910? Happily there’s a handy Arduino AY3891x library by [Andreas Taylor] that makes it about as simple as can be to explore this part’s capabilities for yourself.

If you think retro-styled sound synthesis might fit into your next project, keep in mind that just about any modern microcontrollers has more than enough capability to do things like 80s-style speech synthesis entirely in software.

youtube.com/embed/9UH4yG8BpEQ?…

hackaday.com/2024/11/07/hear-a…

È stata scoperta una vulnerabilità critica (CVE-2024-20445) in una serie di telefoni IP Cisco che consente agli aggressori remoti di accedere a informazioni sensibili. I modelli interessati includono il telefono da tavolo 9800, il telefono IP 7800 e 8800 e il videotelefono 8875.sec.cloudapps.cisco.com/securi…nvd.nist.gov/vuln/detail/CVE-2…

Il problema è legato all’errata memorizzazione dei dati nell’interfaccia web dei dispositivi che utilizzano il protocollo SIP, che porta all’esposizione di informazioni sensibili (CWE-200) quando la funzione Accesso Web è abilitata. Gli aggressori possono sfruttare questa vulnerabilità semplicemente visitando l’indirizzo IP di un dispositivo vulnerabile.

Un attacco riuscito potrebbe potenzialmente ottenere l’accesso a informazioni come le registrazioni delle chiamate, compromettendo la privacy dell’utente. È importante notare che l’accesso Web è disabilitato per impostazione predefinita, il che riduce leggermente il rischio. Tuttavia, una volta attivata, la vulnerabilità diventa sfruttabile.

Cisco ha confermato il problema e ha rilasciato aggiornamenti per risolvere la vulnerabilità. Sfortunatamente, è impossibile aggirare il problema se non aggiornando il software. Tutti gli utenti che hanno abilitato l’accesso Web devono disabilitare questa funzione o aggiornare immediatamente il software.

Al momento della pubblicazione, la vulnerabilità colpisce Cisco Desk Phone 9800, IP Phone 7800 e 8800 (escluso Wireless IP Phone 8821) e Video Phone 8875. Per proteggere i propri dati, si consiglia agli utenti di verificare se la funzione Accesso Web è abilitata e, se necessario, disabilitalo o installa gli aggiornamenti.

L'articolo Scoperta Vulnerabilità Critica nei Telefoni Cisco: A Rischio i Dati Sensibili di Migliaia di Utenti proviene da il blog della sicurezza informatica.

If there’s an enduring image of how large steel structures used to be made, it’s probably the hot riveting process. You’ve probably seen grainy old black-and-white films of a riveting gang — universally men in bib overalls with no more safety equipment than a cigarette, heating rivets to red heat in a forge and tossing them up to the riveters with a pair of tongs. There, the rivet is caught with a metal funnel or even a gloved hand, slipped into a waiting hole in a flange connecting a beam to a column, and beaten into submission by a pair of men with pneumatic hammers.

Dirty, hot, and dangerous though the work was, hot riveted joints were a practical and proven way to join members together in steel structures, and chances are good that any commercial building that dates from before the 1960s or so has at least some riveted joints. But times change and technology marches on, and riveted joints largely fell out of fashion in the construction trades in favor of bolted connections. Riveting crews of three or more men were replaced by a single ironworker making hundreds of predictable and precisely tensioned connections, resulting in better joints at lower costs.

Bolted joints being torqued to specs with an electric wrench might not have the flair of red-hot rivets flying around the job site, but they certainly have a lot of engineering behind them. And as it turns out, the secret to turning bolting into a one-person job is mostly in the bolt itself.

A Desk With a View

My first exposure to tension control bolts started with getting really lucky at work. Back in the early 2000s my department relocated, and somehow I managed to get a desk with an actual window. Being able to look out at the world was amazing, but then one day the company started building an addition right outside my window. That was a mixed bag for me; true, I’d lose my view as the six-story structure was built, but in the meantime, I’d get to watch its construction from the comfort of my desk.

I watched with amazement as the steel frame went up, the ironworkers quickly and efficiently bolting the columns and beams together. One thing I noticed was that bolting seemed to be a one-man job, with a single ironworker tightening the nut with an electric wrench without the need for anyone backing up the head of the bolt on the other side of the connection. This perplexed me; how could the bolt not just spin in the hole?

I got my answer when I saw something fall out of the wrench after the ironworker removed it from the tightened connection. From my perch by the window it looked like the end of a splined shaft, and I could see that one end was obviously sheared off. That’s when I noticed that all the as-yet untightened bolts had the same spline sticking out past the nut, and it all clicked: the spline must fit into a socket inside the wrench coaxial to the socket that tightens the nut, which holds the bolt so the nut can be tightened. What’s more, it was clear that you could use this scheme to automatically torque the connection by designing the spline to shear off at the required torque. Genius!

youtube.com/embed/3atVsn-4M1o?…

Stretch and Snap

While I wasn’t quite right with my analysis, I was pretty close. I only learned much later (like, while researching this article) that the bolts used for structural framing are called tension control bolts, or TCBs, and that there’s a lot of engineering that goes into them. But to understand them, we have to take a look at bolted connections, and find out how they work to keep everything from buildings to bridges from falling down.

We’ve taken an in-depth look at bolted connections before, but for the TL;DR set, the short story is that bolts are essentially really strong springs. When you tighten a nut on a bolt, the bolt stretches a bit, which provides a clamping force on whatever is trapped between the head of the bolt and the nut. The degree of stretching, and therefore the amount of clamping force, depends on the strength of the material used to make the bolt, the size of the bolt, and the amount of torque applied. That’s why most bolted assemblies have a specified torque for all the bolts in the joint.

For structural steel, joints between framing members are carefully designed by structural engineers. A host of calculations go into each joint, resulting in detailed bolting plans. Some joints have a lot of bolts, sometimes 20 or more depending on the application. The hole pattern for each member is determined before any steel is cut, and each framing member usually arrives from the fabricator with the exact number of holes specified in the plan. The plan also specifies which grade of TC bolt is to be used on each joint — more on that below — as well as the diameter and length of each bolt.
Typical tension control bolts. The internal socket on the shear wrench grips the spline feature at the far end to counter the torque applied while tensioning the bolt, then twists it off. Source: LeJeune Bolt
As ironworkers build the frame, they first use a spud wrench to line up the bolt holes in the two members they’re bolting together. A spud wrench is a large open-end or adjustable wrench on a long handle that tapers to a point. The handle is used to drift the bolt holes into alignment while the ironworker inserts a TC bolt into the other holes. The bolts are initially just hand-tightened, but a critical part of the assembly process, called snugging or pre-tensioning, follows.

Snugging is somewhat loosely defined as the tightness achieved “with a few impacts” of an impact wrench, or “the full effort of an ironworker” using a standard spud wrench. Everything about snugging is very subjective, since the number of “ugga-duggas” that count as a few impact wrench blasts varies from user to user, and ironworkers similarly can apply a wide range of force to a wrench. But the idea is to bring the framing members into “firm contact,” which generally amounts to about 10 kps or “kips”, which is 10,000 pounds per square inch (about 70 MPa).

Once all the bolts in the joint are pre-tensioned, final tensioning is performed. The tool I saw those ironworkers using on TC bolts all those years ago goes by many names, with “shear wrench” or “TC gun” being the most generic. It’s also known as a “LeJeune gun” after a major manufacturer of TC bolts and tooling. Some shear wrenches are pneumatically powered, but more are electrically operated, with cordless guns becoming increasingly popular. The final tightening cycle begins by engaging the TC bolt spline with the internal socket and the nut with the outer socket. The outer socket tightens the nut to a specified torque, at which point a slip-clutch shifts power transmission from the outer socket to the inner socket, reversing the direction of rotation in the process. This applies enough torque to the spline to twist it clean off the TC bolt at the weakest point — the narrowed neck between the spline and the threaded section of the bolt. This leaves the bolt properly tensioned and with just the right amount of thread showing.

Tools of the Trade

TC bolts generally come in two grades: A325 and A490. Both are based on ASTM International standards, with A325 bolts covering the tensile range of 120 to 150 kps (830 to 1,040 MPa), and A490 covering 150 to 173 kps (1,040 to 1,190 MPa). Most TC bolts have a rounded head, since there’s no need to grip the bolt from the head end. That provides a smoother surface on the head side of the joint, making it less likely to get damaged during installation. Depending on the application, TC bolts can be treated to prevent corrosion, either with galvanizing or a passivated treatment.

If a TC bolted joint needs to be taken apart, the fact that the spline has already been snapped off presents a problem. To get around this, a special accessory for the wrench known as a reaction bar is used. This is essentially an inner socket sized for the nut and an outer ring with a sturdy torque arm welded to it. The arm jams against and adjacent nut and provides the counter-rotation needed to loosen the nut.

youtube.com/embed/bVvkMvB4Dt8?…

Lot testing is also very important for code compliance. This involves picking random TC bolts from every lot to test on a Skidmore-Wilhelm machine, which hydraulically measures the tension on a bolt. Strict procedures for pretensioning and final tensioning of each bolt are followed, and results are recorded as part of the engineering records of a structure.

hackaday.com/2024/11/07/mechan…

Un'operazione internazionale coordinata da Eurojust e Europol ha interrotto il traffico di grandi quantità di cocaina dal Sud America a vari porti marittimi italiani.
In totale, 29 sospetti appartenenti a una rete criminale guidata da cittadini albanesi sono stati arrestati in Italia e in Albania.
Allo stesso tempo, in Francia, Romania e Spagna sono state effettuate perquisizioni per raccogliere informazioni e potenziali prove. Il successo delle indagini è il risultato di una squadra investigativa congiunta a lungo termine (JIT/SIC), sostenuta e finanziata da Eurojust.

Il gruppo criminale era attivo nella distribuzione all'ingrosso di droga sul mercato italiano. Le droghe illecite erano nascoste in contenitori con frutta esotica su navi che arrivavano nei porti europei del Sud America. La rete era capeggiata da due fratelli albanesi. L'operazione è culminata in una giornata di azione che ha visto l'arresto di 29 sospetti (27 in Italia, 2 in Albania). Gli investigatori della Struttura speciale anticorruzione e anticrimine organizzato dell'Albania, nonché della Guardia di Finanza italiana a Pisa e della Procura della Repubblica a Firenze, sono stati supportati dagli esperti di riciclaggio di denaro di Europol per individuare il flusso economico gestito dai criminali.

Dall'inizio delle indagini nel novembre 2021 e fino alla giornata di azione, alcuni membri sono stati arrestati mentre commettevano attivamente reati. Nello stesso periodo sono stati sequestrati oltre 2 000 kg di cocaina, 20 kg di marijuana e 46 kg di hashish. I criminali avevano messo in piedi un elaborato sistema di riciclaggio di denaro.

L'indagine è stata supportata da comunicazioni intercettate tra organizzazioni criminali, che hanno usato lo strumento di comunicazione mobile criptato SkyECC.
Su richiesta delle autorità italiane, Eurojust ha organizzato diverse riunioni di coordinamento tra tutti gli organi investigativi per preparare l'azione internazionale. Un centro di coordinamento è stato istituito presso la sede di Eurojust all'Aia per sostenere le ricerche e gli arresti in corso nei cinque paesi interessati. Eurojust ha inoltre assistito all'esecuzione degli ordini investigativi europei in Francia, Romania e Spagna e ha chiesto assistenza giudiziaria in Albania. I mandati d'arresto sono stati diffusi in tutto il mondo attraverso INTERPOL, grazie alla 3a divisione del Servizio Centrale per la Cooperazione Internazionale di Polizia.

#Eurojust #Europol #JIT #SIC #trafficococainaviamare #INTERPOL #Albania #guardiadifinanza #skyecc

@Notizie dall'Italia e dal mondo

Persone che condividono il suono delle loro foreste, che progetto meraviglioso!

Stefan Bohacek

2024-11-05 13:39:47

Ah, yes, this will be very useful today.

"People around the world recorded the sounds of their forests, so you can escape into nature, and unwind wherever you are. Take a breath and soak in the forest sounds as they breathe with life and beauty!"

tree.fm

via graphics.social/@metin/1134301…

#relax

tree.fm – Tune Into Forests From Around The World 🌳🔈

People around the world recorded the sounds of their forests, so you can escape into nature, while in lockdown or unable to travel. Use this site to chill, meditate or do some digital shinrin-yoku.

^www.tree.fm

Sicuri di far affari acquistando prodotti contraffatti? Un rapporto di Europol e dell'Ufficio dell'Unione europea per la proprietà intellettuale (EUIPO) avverte che i truffatori e le reti di criminalità organizzata utilizzano entità legali e scappatoie per evitare il rilevamento da parte delle autorità, e trarre profitto dall'appetito dei consumatori ’ a prezzi bassi con prodotti falsi.

Il rapporto di Europol «UNCOVERING THE ECOSYSTEM OF INTELLECTUAL PROPERTY CRIME / A focus on enablers and impact" («Scoprire l'ecosistema del crimine della proprietà intellettuale: un focus sugli abilitatori»), fa luce sui sofisticati metodi impiegati dai truffatori e dai gruppi criminali organizzati per commettere reati di proprietà intellettuale (PI) e sfruttare i comportamenti dei consumatori. Sottolinea l' impatto del crimine di proprietà intellettuale su una società più ampia, guidata da merci contraffatte e contenuti piratati. Il reato di proprietà intellettuale implica il furto, l'infrazione e l'uso non autorizzato della proprietà intellettuale, come i diritti d'autore, i disegni, i marchi, i brevetti e le indicazioni geografiche di origine, e i reati connessi ai segreti commerciali. Comprende la contraffazione, la produzione di beni che recano falsi marchi e la pirateria, la distribuzione illegale di materiali protetti. Il crimine IP minaccia quindi la sicurezza interna dell'UE, non solo l'economia, ma anche la salute dei consumatori, la sicurezza e l'ambiente naturale.

Questa relazione (un rapporto congiunto di analisi strategica EUIPO-Europol prodotto nell'ambito di EMPACT) descrive quindi i processi criminali alla base del crimine IP, esaminando i fattori che lo consentono e la sua connessione con altri reati organizzati. Sottolinea anche gli effetti dannosi sulle imprese e sui consumatori dell'UE.

Secondo il rapporto, circa 86 milioni di articoli falsi sono stati sequestrati nell'UE solo nel 2022, con un valore totale stimato superiore a 2 miliardi di EUR. Lo studio sottolinea che, sebbene i consumatori siano attratti da beni a basso prezzo, le loro decisioni supportano inavvertitamente una serie di altri reati gravi, tra cui il crimine informatico, il riciclaggio di denaro e persino il crimine ambientale.

João Negrão, direttore esecutivo dell'EUIPO, sottolinea l'importanza della consapevolezza dei consumatori: "Quando i consumatori optano per prodotti contraffatti o vengono indotti in errore nell'acquistare falsi, non solo ricevono beni scadenti, ma contribuiscono anche a un'economia sommersa che mina le imprese legittime e alimenta altre attività criminali. È essenziale comprendere il costo reale delle merci contraffatte – un costo che si estende oltre il prezzo e influisce sul benessere della nostra società ".

Salute e sicurezza dei consumatori sono messi a repentaglio quando prodotti farmaceutici scadenti o falsificati emergono da laboratori clandestini pericolosi, esponendo i lavoratori e il pubblico a sostanze nocive. Inoltre, il dominio digitale è diventato un campo di battaglia, con i criminali informatici che fabbricano sofisticati negozi online falsi che non solo vendono prodotti contraffatti ma raccolgono anche informazioni sensibili sui pagamenti dei consumatori, intrecciando ulteriormente il crimine IP con il crimine informatico.

(Un laboratorio clandestino di sostanze ormonali illecite)

A sua volta Catherine De Bolle, direttore esecutivo di Europol, sottolinea: "I gruppi criminali organizzati stanno continuamente innovando per sfruttare la domanda dei consumatori di prodotti contraffatti e piratati. Non stanno solo vendendo prodotti falsi, ma stanno anche rubando dati personali ed esponendo i consumatori a prodotti pericolosi. È un'arma a doppio taglio in cui i consumatori sono vittime e, inconsapevolmente, abilitatori di queste reti criminali ".

Nel complesso, il rapporto evidenzia la crescente raffinatezza dei criminali IP. Le reti criminali organizzate si estendono oltre i confini, impegnandosi nell'importazione, esportazione e produzione di merci contraffatte, la maggior parte delle quali sono prodotte in Cina, Hong Kong e Turchia.

Gli attori di queste operazioni non sono dilettanti. Secondo il rapporto si avvalgono di strutture legali in tutte le fasi del crimine di proprietà intellettuale e selezionano giurisdizioni in cui è difficile per le forze dell'ordine dell'UE chiuderle o dove le sanzioni sono basse. In molti casi, i prodotti contraffatti vengono prodotti al di fuori dell'UE e quindi finalizzati con tag, loghi falsi e imballaggi in siti in Europa.

Questa relazione congiunta UEIPO-Europol è stata al centro dell'attenzione alla Conferenza sulla criminalità IP, organizzata a Madrid il 24-25 ottobre 2024 dall'EUIPO, Europol e Guardia Civil spagnola.

L'evento, intitolato “Segui i soldi per combattere il crimine IP, ” ha riunito oltre 240 delegati di forze dell'ordine, enti governativi e rappresentanti del settore privato in tutto il mondo per discutere strategie innovative per combattere il crimine di proprietà intellettuale (IPC) e le relative implicazioni di criminalità finanziaria.

La conferenza ha sottolineato la necessità di un approccio multisettoriale alla lotta contro l'IPC, incentrato sulla traccia finanziaria e sui partenariati pubblico-privato. Le discussioni hanno enfatizzato la condivisione delle conoscenze, il miglioramento della capacità investigativa e le pratiche di recupero delle risorse collaborative. Inoltre, i rappresentanti di Europol e EUIPO hanno rafforzato il ruolo del settore privato nel sostenere l'applicazione della legge attraverso la condivisione e la formazione dei dati. Un panel è stato dedicato al ruolo degli influencer dei social media, concentrandosi sul loro impatto sui comportamenti di acquisto contraffatti e ha sottolineato l'importanza delle campagne di sensibilizzazione.

@Politica interna, europea e internazionale