Open any consumer electronics catalog from around the 1980s to the early 2000s and you are overwhelmed by a smörgåsbord of devices, covering any audio-visual and similar entertainment and hobby needs one might have. Depending on the era you can find the camcorders, point-and-shoot film and digital cameras right next to portable music players, cellphones, HiFi sets and tower components, televisions and devices like DVD players and VCRs, all of them in a dizzying amount of brands, shapes and colors that are sure to fit anyone’s needs, desires and budget.

When by the late 2000s cellphones began to absorb more and more of the features of these devices alongside much improved cellular Internet access, these newly minted ‘smartphones’ were hailed as a technological revolution that combined so many consumer electronics into a single device. Unlike the relatively niche feature phones, smartphones absolutely took off.

Fast-forward more than a decade and the same catalogs now feature black rectangles identified respectively as smart phones, smart TVs and tablets, alongside evenly colored geometric shapes that identify as smart speakers and other devices. While previously the onus for this change was laid by this author primarily on the death of industrial design, the elephant in the room would seem to be that consumer electronics are suffering from a terminal disease: subscription services.

Ownership And Timeshare

Family watching television in their home, c. 1958 (Credit: Evert F. Baumgardner)
In the burgeoning consumer electronics world of the 1950s, everyone was into streaming audio-visual content. This being the once popular phenomena that historians refer to as ‘radio’ and ‘television’, involving the purchase of a compatible device to receive said content on, which was being broadcast via the airwaves. Naturally, this was before the era of on-demand streaming, so you also had to subscribe to a service that would provide you with the time tables for when said content would be streamed.

Although you could buy vinyl records back then, these were relatively expensive even if you already had a record player. Fortunately, by the 1960s affordable cassette tapes for purchase of prerecorded content – as well as home recording – began to appear with Philips’ compact cassette as clear frontrunner.

By the 1970s home video recorders became affordable and surged in popularity by the 1980s and 1990s, with JVC’s VHS format enabling a massive market of both prerecorded content and of blank tapes to record any content from television broadcasts on for later perusal. At this point linear television and radio broadcasts had been largely superseded by people building up their personal audio-visual libraries in addition to borrowing tapes and later DVDs from video rental stores and public libraries.
The popular DEC VT100 terminal. (Credit: Jason Scott)
Until the 1970s digital computers were primarily a government and university thing, with businesses anxiously trying to get into the game as well to ease everything from payroll processing to inventory management and engineering. Due to the high cost – and large size – of digital computers at the time, it was more economical to use time-sharing. This changed over time from batch processing in the form of university students lugging stacks of punch cards around, to them setting themselves down in front of a terminal like the DEC VT100.

Although these computer terminals looked like computers to the lay person, they are little more than a screen and keyboard tied into I/O buffers that communicate with a remote central computer. With these terminals students could all log into their own student account on the university’s mainframe and thus stop pestering the sysadmins with their stacks of punch cards for an overdue assignment.

For government purposes the same terminal-based approach offered a good balance, while for businesses the target mainframe over at the time-sharing business was more easily accessed by something like dial-up due to the distances involved, with the mainframe’s owner charging for the used resources. This spread the expenses of owning and maintaining these early computers over as many users as possible while keeping costs low for businesses making use of these time-share services.
Casual home entertainment of the early 2000s with money being no objection. (Source: Wikimedia)
This lasted until the era of mass-produced home computers arrived by the late 1970s with microcomputers such as the Commodore PET, before culminating with the 1981 release of IBM’s 5150 Personal Computer (PC), which was decidedly the point when time-sharing of mainframes and the use of terminals had begun to rapidly fade. Within years every student, corporate worker and government employee could economically be given access to a fully capable computer system, whether in the form of a PC, Macintosh, MSX or something else, along with dedicated server systems tucked away in the business’ server room or under a desk somewhere.

Even children could now be given dedicated computers to play video games on, which would have seemed a frivolous waste of computing resources in the 1960s to anyone except university students.

Thus, as the 1980s rolled over into the 1990s it seemed like the future of technology had truly arrived, with every home potentially a true Mecca of computing power and audio-visual entertainment.

Terminal Decline

A contemporary living room. (Source: Wikimedia)
After most of the world celebrated the arrival of the new millennium in 2000, followed by the arrival of the 21st millennium a year later, the remaining euphoria of having made it to the future would quickly run into the quicksand pit of reality. After having had a quarter of the 21st century to sober up, it seems like this is the time to take a look back and question how in blazes’ name we got where we are today.

Over the past years, the living room has metamorphized from something that looks lived in, into the modern-day living room that can alternatively be described as ‘clean’ or ‘sterile’. The theme here is ‘surfaces’, which preferentially are white, black, grey or some other inoffensive color.

As you enter such a living room to be audio-visually entertained, you will pick up the smart remote that turns on the smart TV. Except the TV is always on, as it is smart and probably is always listening and running firmware updates in the background anyway. Ignoring that, your choices of entertainment are:

• A game console that is logged into your Nintendo, Sony or XBox account with likely paid-for digital games and services
• A video streaming service or two, or four, the overwhelming majority of which are subscription-only and/or force you to watch ads like in the good ol’ days of cable TV. Only the ads are much, much worse
• Content streamed off your local NAS, if you’re a total nerd
• A Blu-ray or DVD player if you’re old-fashioned and refuse to join the Digital-Only Content Age

For the overwhelming majority of smart TV users, they are a recurring revenue source for streaming services, with the TV being the device purchased by the viewer in order to access said services. Much the same is true with modern game consoles, where you effectively must be logged into your online account to do much of anything with the console and an increasing amount of games, if only to obtain the latest updates to fix bugs. This triply so if you are one of those people who are into cloud gaming.

As you ignore that your smart TV is basically a cross between a very advanced VT100 terminal and a Telescreen, you glance at the glass-and-plastic slab in your hand as one of your friends just messaged you on a messaging app – which annoyingly again advertises a premium subscription account – about this rad new music album on this one streaming audio service. Fortunately you are already a member, so you add the album for later listening.

That your smart TV, game console, and smart phone are all just terminals for some remote server begins to sink in once your internet access has been cut off. You cannot stream any audio-visual content, and many of your video games outright refuse to run because of a lack of internet connectivity. Ditto for your smart speakers, which have begun to stubbornly ignore your calls for attention.

When you sigh and flip open your laptop to maybe do some work, you find that your software products refuse to even launch, as they absolutely needed to refresh their license key verification this instant. Feeling mildly upset by their accusations of you having pirated their over-priced software after forking over so much cash each month, you slam the laptop shut again. This is when you realize that your project files are stored safely on the now unreachable cloud storage account anyway.

Ultimately you find yourself just staring at the black rectangles and inoffensive geometric shapes that once entertained you or made you more productive, but which now have left you terrifyingly alone with your own thoughts. Maybe you will have to do something drastic soon, like try reading a book, drag out that old CD player, play chess against yourself, or do some sketching on paper. With a real pencil.

Shareholder Value

The move from a boxed copy of stand-alone software and physical products to something with a recurring monthly or annual cost has been a gradual one. Much of it can already be traced back to the overly optimistic days leading up to the dot-com bubble, when the internet was going to make everyone rich and the selling of online goods the new normal.

Although the resulting fallout from this bubble popping was rather extensive, it left the investors who escaped the catastrophe wiser and still positively slavering at the thought of using the Internet for unimaginable levels of that sweetest reward of all: recurring revenue, with people giving you their money every month just to keep what they mistakenly thought that they had purchased.

The challenge is of course that people in general like to own things, and are rather hesitant to buy into anything that makes them have fewer things. How do you make people voluntarily buy into owning less and less, with what they do own having fewer features? The answer would seem to lie in blinding them with shiny new features, while insisting that they really don’t need the features that you are about to remove or nerf.

For example, initially people loved the idea of a smartphone because it meant that they could carry around in their pocket a cellphone, a camcorder, photo camera, portable internet-capable computer, an FM radio, a music player and more, all in a single device. Unfortunately all of these functions have been nerfed in some way or form.

FM Radio

Although regular analog radio on the FM and AM bands has lost a lot of importance these days, having FM radio available can be incredibly useful. Consider being out somewhere with poor cell coverage, not wanting to use up your data allowance for the month, or when everything has gone sideways in the form of a hurricane and the local grid, internet and cell network have collapsed. Especially in the latter case it would be convenient if you could just open the FM radio app on your smartphone to tune into emergency broadcasts.

Unfortunately this feature has been purposefully disabled or left out by device manufacturers, with Apple having opted to not even add an FM radio to its custom SoCs. A quick look at a couple of major smartphone manufacturers over at GSM Arena for smartphones released in 2024 or 2025 featuring an FM radio only shows two, both budget Samsung models.

Typically only budget-level smartphones have an FM radio feature enabled, as one aspect of the FM radio feature is that it requires its own antenna, which generally is a set of headphones plugged into the 3.5 mm audio jack. This logically means that the survival chances of budget smartphone buyers is significantly higher during a natural disaster than for people buying iPhones or higher-end Samsung and Xiaomi phones.

Audio Jack

Generic USB-C to audio jack and USB-C charging adapter.
The analog audio from a 3.5 mm audio jack is a low-latency, high-fidelity way to experience audio, only limited by the used audio DAC and the headphones or in-ears plugged into the jack. This makes it rather baffling that it’s also among the most vilified features. The reason here isn’t that it compromises waterproofing, or impedes thinness or adds cost, but rather it gets dropped on higher-end smartphones because Apple dropped it to promote their Bluetooth headphones and others followed.

Unfortunately, Bluetooth audio is neither low-latency nor high-fidelity, with newer codecs like LDAC, AptX, and AAC slightly improving the audio quality over the default SBC codec, but keeping all the other compromises. Meanwhile a fraction of the USB-C connectors on phones support the alternative analog audio mode, returning an audio jack to the device with a dongle, yet not re-enabling the use of headphones as an FM antenna and also making it impossible to use the USB-C port for any data transfers, while making the entire setup significantly more clunky, just to get a previously eliminated port back on the device instead of just putting it on there in the first place.

SD Cards

An important feature of a digital camera and camcorder is being able to quickly get the data off it and onto a computer for processing and viewing. Unfortunately in so far as smartphones supported SD card expansion, this at the very least required taking off the plastic back to swap cards. These days the SD card either shares space with the SIM card(s), or is eliminated altogether.

The idea here is of course to increase recurring revenue: the easiest way to get data onto a smartphone or off it is via the device manufacturer’s cloud storage solutions, with a minor fee to bump it up to a usable amount of storage. You’re also not supposed to load your own audio files onto the internal storage either, but use the paid-or-ad-supported streaming solution. Why would you want to be un-cool and not listen to losslessly streamed audio files mangled by some Bluetooth codec through the second pair of wireless in-ears of this month as the previous ones fell out somewhere?

Fortunately, the marketing is very convincing, as you can now listen to or watch anything that you want – as long as it’s available on the streaming service – and you can even use your voice to tell any of your smart devices to play a song or open a movie, because this is what the future looks like. Never mind that you do not technically own much any more, but at least you are happy.

Terminal Life

Probably the biggest question here is whether or not this terminalification is harmful. Sure, this change has meant that industrial design got effectively shivved in the proverbial dark alley – since the user interface of devices now lives on the device manufacturer’s servers – but you now have all these cool features. Things like a smart home full of Internet of Things devices, each of which are first and foremost terminals for the manufacturer’s services, with local control an afterthought, if a thought at all.

Even governments and businesses haven’t managed to escape these changes with their own vortex back to the 1960s. Rather than using a dial-up modem to connect to a time-share mainframe, they now use a broadband Internet connection to connect to a time-share mainframe, except we now call it a ‘cloud’.

It’s often been said that the centralization and decentralization of computer technology in particular is cyclical, with the 1980s and 1990s forming the pinnacle of decentralization. If we are currently in a trough of terminal terminalification, then logically decentralization and determinalification should follow next. One could make the point here that the Right to Repair movement is part of this change, as it wrests control away from manufacturers.

Even so, we still have a long way to go if this is the next stop, with our current physical media revival kerfuffle being just one of the many things that we have to come to terms with. Between the glossy marketing and the often conflicting desires and needs of the average consumer, it’s probably anyone’s guess what the second quarter of the 21st century will look like for consumer electronics and beyond.

hackaday.com/2025/08/18/the-te…

DISCLAIMER: questa non è una pubblicità per la FUTO, ho pensato di fare questa guida per le ragioni che spiego e perché mi sto trovando benissimo!

Molti pensano che la tastiera virtuale del telefono faccia parte delle componenti base e che non possa essere cambiata, invece è una semplice app.
Un'app che ha accesso direttamente a tutto quello che scriviamo, prima che venga crittografato dalle varie app di chat (anche le più sicure)...
Perciò, se la tastiera si connette a internet, può inviare ai server tutto quello che digitiamo.

Per questo, se teniamo alla nostra sovranità digitale, la tastiera è la prima app da sostituire.

Ho ottime ragioni per fidarmi di quella installata di default nel mio telefono degooglizzato, ma per chi usa un regolare sistema Android la tastiera di default è quella di Google, Gboard, che è nota per inviare ai server pacchetti dal contenuto per lo meno sospetto.

1) FUTO Keyboard
Poco tempo fa ho scoperto questo bel progetto della FUTO per rimpiazzare tutte le funzioni (anche le più avanzate) di Gboard, escludendo però ogni collegamento a internet durante l'utilizzo e utilizzando basi di dati più trasparenti (il training per il modello di digitazione a scorrimento, per esempio, viene fatto su base volontaria tra utenti che scelgono di contribuire).

Detto ciò, parliamo di una tastiera open source (più propriamente, source available) che ha integrati:
- dettatura vocale multilingue (voice input)
- immissione a scorrimento (swipe)
- dizionari per la lingua e per la ricerca delle emoji
- pannello di selezione delle emoji di sistema
- funzioni per spostarsi facilmente nel testo
- funzioni di copia e incolla avanzate, tra cui la cronologia degli appunti

È ancora in uno stadio iniziale di sviluppo, perciò ci alcune cose sono ancora in corso di implementazione e, per esempio, i dizionari e i modelli vanno installati a mano, e i menu di impostazione sono solo in inglese per il momento.
Ma ciononostante è sicuramente la più completa e promettente!

Seguite i passaggi nelle immagini per installarla e configurare le risorse italiane.
(Qui le istruzioni in un'immagine unica ad alta risoluzione)

Link PlayStore (o app alternativa)

Sito (futo.org)

---
In alternativa, è possibile installare separatamente un'app di dettatura vocale e provare una delle seguenti tastiere open source.
Per la dettatura vocale c'è l'app specifica di FUTO oppure Whisper:
- FUTO Voice Input
- Whisper per Android
---

2) AnySoftKeyboard
Il progetto open source più completo ed evoluto.
I pacchetti delle lingue e di alcuni layout aggiuntivi si installano come app separate, perciò in modo molto semplice.
Si appoggia all'app di dettatura vocale esistente. Il supporto allo swipe e le tantissime feature la rendono la migliore alternativa con licenza libera (apache).

App principale: Play Store / FDroid
Pacchetto italiano: Play Store / FDroid

Sito del progetto

3) Heliboard
Heliboard è un progetto open source già molto ricco di feature e con la possibilità di essere completato da una libreria opzionale per l'immissione a scorrimento (che però è quella proprietaria di Google, estratta da Gboard).

Purtroppo Heliboard non è presente nel Play Store, perciò dovrete installarla tramite F-Droid

4) Altre tastiere open source sono anche Florisboard e Fossify Keyboard.
Le funzionalità sono simili a quelle di Heliboard, eccetto che non supportano lo swipe.
Nessuna delle due supporta la dettatura vocale.
Per chi cerca il massimo della trasparenza, però, sono le più raccomandate (insieme a Heliboard).

Fossify Keyboard è reperibile sul Play Store o su FDroid.
Florisboard si può trovare su F-Droid

5) La tastiera minimalista: Simple Keyboard
Se tutto quello che vi serve è una tastiera, non sopportate l'autocorrettore e i suggerimenti e non vi interessa inserire le emoji, allora questa è la vostra tastiera ideale. Potrebbe rendere anche più veloce un vecchio telefono perché occupa pochissima memoria e non ha bisogno di processori moderni.

Link PlayStore (o app alternativa)

*) Purtroppo, ad oggi non sono a conoscenza di progetti simili per gli utenti Apple iOS...

#Google #degoogle #gboard #keyboard #virtualkeyboard #futokeyboard #FUTO #FUTO Tech #heliboard #florisbaord #fossify #fossifykeyboard #openboard

Proseguo con la ripubblicazione dei miei post "Alternative", postati inizialmente su Facebook per raggiungere anche chi non ha mai sentito parlare di possibilità alternative...

Quello su Pockets è stato un post scritto in fretta in concomitanza con la chiusura del servizio da parte di Mozilla. Ne ho approfittato per parlare di mastodon.uno e della sua offerta riservata agli utenti. Mi pare corretto riportare comunque il post originale.

---
Approfitto della notizia a proposito di Mozilla che chiuderà domani il servizio "Pockets" di Firefox (utile per salvare articoli e pagine web per leggerle con calma) per segnalare che il gruppo Devol, che gestisce le istanze italiane Mastodon.uno, Pixelfed.uno, Peertube.uno e tanti altri servizi, ha messo a disposizione degli utenti del Fediverso italiano le app libere #wallabag e #readeck, che sono degli ottimi sostituti e in più sono libere e ospitate su server in Europa alimentati con energie rinnovabili (come tutti i servizi Devol)!
Per poterne usufruire, dovrete essere utenti attivi di una delle piattaforme gestite dal gruppo, perciò... quale miglior occasione di affacciarsi al Fediverso?
Date un'occhiata su www.mastodon.uno e entrate a far parte della più grande community italiana dell'universo social libero e federato, la rete sociale in cui ciascuno è realmente padrone di quello che vede (nel feed) e di quello che condivide.
---

IT'S MONDAY AND THIS IS DIGITAL POLITICS. I'm Mark Scott, and in the doldrums of (a very hot!) August, I'm already planning for September. I'll be in Brussels the week of Sept. 8. If you're around for coffee, reach out here.

— Efforts to unpick encryption in the name of child protection are gaining ground again. The proposals are based on the fallacy that they won't undermine universal privacy rights.

— The Trump-Putin summit fall-out: A view from the Russian propaganda machine.

— Everything you need to know about the cottage industry of copyright lawsuits taking on AI companies.

Let's get started:

WHEN IS IT OK TO BREAK END-TO-END ENCRYPTION?

THERE ARE A FEW CONSTANTS IN LIFE. Death. Taxes. And — at least for digital policymakers — the never-ending battle between those seeking to weaken encryption technology in the name of public safety and those fearful that such attempts will undermine people's fundamental privacy rights.

Over the years (more from me in 2019 and again in 2023), this fight has led to strange bedfellows. Law enforcement types have partnered with child safety advocates to demand the likes of Meta and Apple open up their encrypted services to greater oversight — all in the name of protecting against terrorist threats and child sexual abuse material. In the other camp, Silicon Valley and privacy groups (not the easiest of allies) raise legitimate concerns that you can't just weaken such encryption technologies for the "good guys." Inevitably, the "bad guys," too, will gain access.

American officials have often wavered between both camps. Officials are torn between the political realities of online child safety and the economic realities of protecting American tech giants from non-US tech regulation.

But in Europe, the drumbeat for encryption-busting policies has gone from a soft hum to a loud bang.

The smaller scuffle is in the United Kingdom where the government told Apple earlier this year to grant its security services access to its encrypted systems under the country's Investigatory Powers Act. Those rules had long been on the books. But the powers to compel companies to open up had never been used via so-called "technical capability notices." Still, London is now backing off amid complaints from the White House — and wider efforts by the UK to strike digital-focused trade agreements with the United States.

There's still outstanding concerns that the UK's Online Safety Act, which also includes powers to force such encryption breaking in the name of public safety, may lead to a similar transatlantic stand-off. Ofcom, the British regulator in charge of that legislation, however, has always made clear it will only pursue such demands if/when a technology is developed that both allows for outside access while preserving the underlying encryption. In short, that's a technical impossibility, allowing the UK regulator to punt any politically-sensitive issues into the long grass.

Thanks for reading Digital Politics. If you've been forwarded this newsletter (and like what you've read), please sign up here. For those already subscribed, reach out on digitalpolitics@protonmail.com

And that takes us to the European Union.

Long-time Brussels watchers will know the bloc's attempt to thwart child sexual abuse material — often accessed via online platforms — remains the unwanted love-child (no pun intended) of European digital regulation. Those proposals were first put forward in 2022. Yet since then, the ever-present tussle between safety and privacy (see above) has seen the legislation ping-pong between consecutive rotating presidencies of the European Council, or grouping of EU member states that nominally runs the bloc's policy agenda.

In July, Denmark (in charge until the end of the year) restarted this encryption spat after proposing changes (HT: Euractiv) to the child sexual abuse material legislation. The major overhaul compared to the Polish EU Council presidency (which ran for the first half of 2025) was to include demands that companies with encrypted technology comply with so-called mandatory detection orders, or legal requirements to check people's (encrypted) messages for possible illegal content.

What's more, the draft text — to be voted on by EU member states in mid October — included potential requirements to carry out these checks on individuals' devices, and not when they were shared over the cloud. That led to hackles from both tech executives and privacy campaigners. For more on what that looks like, check out this post from Meta's one-time top Brussels lobbyist (and now a Finnish member of the European Parliament) Aura Salla.

For the Danes, this is all about kids' safety. Speaking in Denmark in late July, the country's justice minister, Peter Hummelgaard, said his aim was to protect the privacy of those affected by these heinous images. "We need to ask ourselves, at the end of the day, whose privacy is it that we're mostly concerned with?" he told reporters. "We need to compromise on these differing views" (between child safety and privacy campaigners.)

The Danish EU presidency's half-year priorities also make its objectives explicit. "The Presidency will focus on strengthening the abilities to make use of the digital development for law enforcement when fighting serious crime," the document reads. "The Presidency will work to ensure the protection of fundamental rights as well as cooperation and protection in the area of civil matters."

A lot can happen between now and the proposed vote in October. For one thing, not all EU member states agree with the Dane's proposals. Without unanimity, the current draft proposals — like so many before them via the Hungarian and Polish EU Presidencies — may never get passed. That's especially true if US politicians realize what is going on in Brussels and cause a stink.

The thing is, none of this politicking finds a solution for what are two clear realities.

On the one side, it is a fact that encrypted messaging services are used for illegality, including the spread of child sexual abuse material. If you don't believe me, read this report from Australia's eSafety Commissioner. On the other, governments can't break encryption technology without compromising people's privacy rights. There are technical solutions like "hashing" and "matching" that can stop the spread of known illegal content. But including backdoors in end-to-end encrypted services will only lead to greater harm.

What we are lacking is a clear conversation about what are uncomfortable trade-offs.

It's impossible to balance the needs of protecting children from online predatory behavior (more on that here) and wider society's expectations of a base level of privacy. To suggest that some sort of yet-created technology will thread the needle between those fundamental rights is farcical. Policymakers should acknowledge that, and have an honest conversation with citizens about what is the least-worst option.

My personal view is that the breaking of encryption — and therefore the weakening of wider privacy rights — is not the right way to go (at least not yet) to protect children online. There are less invasive policy choices like baking in "privacy by design" principles into online platforms that can mitigate some, but not all, of the potential harm. Should children be able to receive DMs from strangers? No. Should they be able to access services before they reach the minimum age? Also no.

Neither of those policy choices has been effectively implemented yet. To jump directly to the "let's read everyone's messages!" stage makes good politics. But it does not represent a grown-up approach to what are impossible trade-offs.

At some point, encryption may have to be broken. But before we get there, all other policy options should be exhausted. That includes forcing platforms to embed privacy-by-design principles into their services and finding privacy-conscious "age assurance" techniques to safeguard children from areas of the internet that should remain off-limits.

Until that happens, the rush to break encryption should be viewed for what it is: a politically-expedient sledgehammer to crack a nut.

Chart of the Week

THE LATEST AI SYSTEMS ARE ONLY AS GOOD as the data upon which they are trained. For many companies, that means scraping reams of copyrighted material from around the world.

Publishers claim this is a slam dunk case of copyright infringement. AI giants like Google, OpenAI and Microsoft argue their tactics fit within the "fair use" principle.

Soon, we'll know who's right.

There are currently 45 copyright lawsuits in the US between publishers and AI companies related to how such data is used to train large language models. For links to all the cases below, check out the "source" section in the chart.
Source: ChatGPT is Eating the World

THE TRUMP-PUTIN SUMMIT PROPAGANDA AFTERMATH

FOR ALMOST EVERYONE (outside of Donald Trump's administration), the Aug. 15 Russo-American summit was a major political victory for Vladimir Putin. The US president rejected those claims. Yet ahead another round of meetings, this time in the White House on Aug. 18 with Western leaders and the Ukrainian president, Russia's state-backed media was again reframing quotes from leading US officials to meet Mocow's own political needs.

This has become a major trend in how the likes of Sputnik and RT speak to their international audiences.

Gone are the attacks on American imperialism, although those narratives still show up in Kremlin-backed media whose audiences span Latin America and French-speaking Africa. Instead, Moscow has been eager to frame the Aug. 15 summit as a win for both the US and Russia, while claiming it is now down to Volodymyr Zelenskyy, Ukraine's president, to find a solution to the bloody conflict in Eastern Europe.

That builds on public statements from Trump who claimed, in a social media post on Aug. 17, that Zelenskyy "can end the war with Russia almost immediately, if he wants to, or he can continue to fight." RT Mundo quickly jumped on that statement.

On RT, the English-language outlet, comments from Marco Rubio, the US Secretary of State, were picked up to suggest the war was "going to get worse" if Ukraine did not agree to a peace deal with Russia. In the outlet's German-language website, the Ukrainian president was also attacked over alleged corruption abuses — only weeks after Zelenskyy backtracked on new laws that would have undermined two national anti-corruption agencies.

Sign up for Digital Politics

Thanks for getting this far. Enjoyed what you've read? Why not receive weekly updates on how the worlds of technology and politics are colliding like never before. The first two weeks of any paid subscription are free.

Subscribe
Email sent! Check your inbox to complete your signup.

No spam. Unsubscribe anytime.

For Russia's state media, the Aug. 15 summit between Trump and Putin was shaped as a meeting of like-minded leaders, both of whom secured something out of the half-day event. "Trump can now indefinitely postpone a disastrous trade war with India and China, which secondary sanctions on Russia would have triggered," read an opinion article on RT that subsequently called on Zelenskyy to reach a peace deal with the Russian president. "Putin, meanwhile, drove home the point that a temporary ceasefire is insufficient – that the time has come to talk about a full peace treaty."

Ahead of the planned Aug. 18 meetings in Washington, during which several European leaders are expected to travel alongside Zelenskyy to put pressure on Trump over any potential long-term peace deal, Russian state media highlighted Europe's alleged weaknesses." That included jumping on comments from Friedrich Merz, the German chancellor, about the bloc's role in any potential negotiations, as well as a social media post from Guiseppe Conte, a former Italian prime minister, that framed Europe as a mere "supporting actor."

Ever since Trump returned to the White House, the Kremlin's state-backed media has balanced its eagerness to demonstrate renewed kinship between Russia and the US and its wariness that, eventually, relations will break down (again) between the long-time adversaries.

That message came through in an opinion articlewritten in RT en Français that both praised last week's summit, but reminded Russia it would need to promote its interests by strength if it wanted to secure its objectives in Ukraine. "It is now up to Russia, the last bulwark against total global dictatorship, to continue to defend its national interests," read the article. "It is simply important to understand that the meeting between the two presidents did not, in itself, magically resolve the conflict between these two worlds.

"In the end, there can only be one."

What I'm reading

— A group of independent research organizations published an in-depth analysis into the potential role of foreign manipulation in the recent Polish presidential election. More here.

— Casey Fiesler put together a series of social media-friendly tutorials on AI ethics. More here and why she did it here.

— Alexios Matnzarlis at the Indicator discovered dozens of TikTok accounts using AI avatars of real journalists to spread false information. More here.

— Anna Lenhart and Katie Shilton asked TikTok users about their awareness and potential concerns about researchers reviewing their social media posts. More here.

— Wikimedia lost a legal challenge against its attempt to be excluded from provisions within the UK's Online Safety Act. More here.

digitalpolitics.co/newsletter0…

The fifth generation mobile communications protocol (5G) is perhaps the most complicated wireless protocol ever made. Featuring wildly fast download speeds, beam forming base stations, and of course non-standard additions, it’s rather daunting prospect to analyze for the home hacker and researcher alike. But this didn’t stop the ASSET Research Group from developing a 5G sniffer and downlink injector.

The crux of the project is focused around real-time sniffing using one of two Universal Software Radio Peripheral (USRP) software-defined radios (SDRs), and a substantial quantity of compute power. This sniffed data can even be piped into Wireshark for filtering. The frequency is hard-coded into the sniffer for improved performance with the n78 and n41 bands having been tested as of writing. While we expect most of you don’t have the supported USRP hardware, they provided a sample capture file for anyone to analyze.

The other main feature of the project is an exploitation framework with numerous attack vectors developed by ASSET and others. By turning an SDR into a malicious 5G base station, numerous vulnerabilities and “features” can be exploited to with results ranging from downgrading the connection to 4G, fingerprinting and much more. It even includes an attack method we preciously covered called 5Ghull which can cause device failure requiring removal of the SIM Card. These vulnerabilities offer a unique look inside the inner workings of 5G.

If you too are interested in 5G sniffing but don’t have access to the hardware needed, check out this hack turning a Qualcomm phone into a 5G sniffer!

hackaday.com/2025/08/18/sniffi…

In April 2025, Microsoft patched 121 vulnerabilities in its products. According to the company, only one of them was being used in real-world attacks at the time the patch was released: CVE-2025-29824. The exploit for this vulnerability was executed by the PipeMagic malware, which we first discovered in December 2022 in a RansomExx ransomware campaign. In September 2024, we encountered it again in attacks on organizations in Saudi Arabia. Notably, it was the same version of PipeMagic as in 2022. We continue to track the malware’s activity. Most recently, in 2025 our solutions prevented PipeMagic infections at organizations in Brazil and Saudi Arabia.

This report is the result of a joint investigation with the head of vulnerability research group at BI.ZONE, in which we traced the evolution of PipeMagic – from its first detection in 2022 to new incidents in 2025 – and identified key changes in its operators’ tactics. Our colleagues at BI.ZONE, in turn, conducted a technical analysis of the CVE-2025-29824 vulnerability itself.

Background

PipeMagic is a backdoor we first detected in December 2022 while investigating a malicious campaign involving RansomExx. The victims were industrial companies in Southeast Asia. To penetrate the infrastructure, the attackers exploited the CVE-2017-0144 vulnerability. The backdoor’s loader was a trojanized version of Rufus, a utility for formatting USB drives. PipeMagic supported two modes of operation – as a full-fledged backdoor providing remote access, and as a network gateway – and enabled the execution of a wide range of commands.

In October 2024, organizations in Saudi Arabia were hit by a new wave of PipeMagic attacks. This time, rather than exploiting vulnerabilities for the initial penetration, the attackers used a fake ChatGPT client application as bait. The fake app was written in Rust, using two frameworks: Tauri for rendering graphical applications and Tokio for asynchronous task execution. However, it had no user functionality – when launched, it simply displayed a blank screen.

Blank screen of the fake application

At the same time, the application extracted a 105,615-byte AES-encrypted array from its code, decrypted it, and executed it. The result was a shellcode loading an executable file. To hinder analysis, the attackers hashed API functions using the FNV-1a algorithm, with the shellcode dynamically resolving their addresses via GetProcAddress. Next, memory was allocated, necessary offsets in the import table were relocated, and finally, the backdoor’s entry point was called.

One unique feature of PipeMagic is that it generates a random 16-byte array used to create a named pipe formatted as: \\.\pipe\1.<hex string>. After that, a thread is launched that continuously creates this pipe, attempts to read data from it, and then destroys it. This communication method is necessary for the backdoor to transmit encrypted payloads and notifications. Meanwhile, the standard network interface with the IP address 127.0.0.1:8082 is used to interact with the named pipe.

To download modules (PipeMagic typically uses several plugins downloaded from the C2 server), attackers used a domain hosted on the Microsoft Azure cloud provider, with the following name: hxxp://aaaaabbbbbbb.eastus.cloudapp.azure[.]com.

PipeMagic in 2025

In January 2025, we detected new infections in Saudi Arabia and Brazil. Further investigation revealed connections to the domain hxxp://aaaaabbbbbbb.eastus.cloudapp.azure[.]com, which suggested a link between this attack and PipeMagic. Later, we also found the backdoor itself.

Initial loader

In this attack, the loader was a Microsoft Help Index File. Usually, such files contain code that reads data from .mshc container files, which include Microsoft help materials. Upon initial inspection, the loader contains obfuscated C# code and a very long hexadecimal string. An example of executing this payload:
c:\windows\system32\cmd.exe "/k c:\windows\microsoft.net\framework\v4.0.30319\msbuild.exe c:\windows\help\metafile.mshi"

Contents of metafile.mshi

The C# code serves two purposes – decrypting and executing the shellcode, which is encrypted with the RC4 stream cipher using the key 4829468622e6b82ff056e3c945dd99c94a1f0264d980774828aadda326b775e5 (hex string). After decryption, the resulting shellcode is executed via the WinAPI function EnumDeviceMonitor. The first two parameters are zeros, and the third is a pointer to a function where the pointer to the decrypted shellcode is inserted.

The injected shellcode is executable code for 32-bit Windows systems. It loads an unencrypted executable embedded inside the shellcode itself. For dynamically obtaining system API addresses, as in the 2024 version, export table parsing and FNV-1a hashing are used.

Loader (ChatGPT)

In 2025, we also found PipeMagic loader samples mimicking a ChatGPT client. This application resembles one used in campaigns against organizations in Saudi Arabia in 2024. It also uses the Tokio and Tauri frameworks, and judging by copyright strings and PE header metadata, the executable was built in 2024, though it was first discovered in the 2025 campaign. Additionally, this sample uses the same version of the libaes library as the previous year’s attacks. Behaviorally and structurally, the sample is also similar to the application seen in October 2024.

Decrypting the payload using AES

Loader using DLL hijacking

In addition to the initial execution method using a .mshi file launched through msbuild, the attackers also used a more popular method involving decrypting the payload and injecting it with the help of an executable file that does not require additional utilities to run. The executable file itself was legitimate (in this campaign we saw a variant using the Google Chrome update file), and the malicious logic was implemented through a library that it loads, using the DLL hijacking method. For this, a malicious DLL was placed on the disk alongside the legitimate application, containing a function that the application exports.

It is worth noting that in this particular library sample, the exported functions were not malicious – the malicious code was contained in the initialization function (DllMain), which is always called when the DLL is loaded because it initializes internal structures, file descriptors, and so on.

First, the loader reads data from an encrypted file – the attackers pass its path via command-line arguments.

Reading the payload file

Next, the file contents are decrypted using the symmetric AES cipher in CBC mode, with the key 9C3BA5 B2 D3222FE5863C14D51340D7 F9, and the initialization vector (IV)221BA50915042098AF5F8EE40E5559C8.

The library deploys the decrypted code into memory and transfers control to it, and the original file is subsequently deleted. In the variants found during analysis, the payload was a shellcode similar to that discovered in the 2024 attacks involving a ChatGPT client.

Deployed PE

In all the loading methods described above, the payload was an executable file for 32-bit Windows systems. Interestingly, in all cases, this file supported graphical mode, although it did not have a graphical user interface. This executable file is the PipeMagic backdoor.

At the start of its execution, the sample generates 16 random bytes to create the name of the pipe it will use. This name is generated using the same method as in the original PipeMagic samples observed in 2022 and 2024.

Creating a pipe with a pre-generated name

The sample itself doesn’t differ from those we saw previously, although it now includes a string with a predefined pipe path: \.\pipe\magic3301. However, the backdoor itself doesn’t explicitly use this name (that is, it doesn’t interact with a pipe by that name).

Additionally, similar to samples found in 2022 and 2024, this version creates a communication pipe at the address 127.0.0.1:8082.

Discovered modules

During our investigation of the 2025 attacks, we discovered additional plugins used in this malicious campaign. In total, we obtained three modules, each implementing different functionality not present in the main backdoor. All the modules are executable files for 32-bit Windows systems.

Asynchronous communication module

This module implements an asynchronous I/O model. For this, it uses an I/O queue mechanism and I/O completion ports.

Processing core commands

Immediately upon entering the plugin, command processing takes place. At this stage, five commands are supported:

Although I/O changes via completion ports are processed in a separate thread, the main thread waits for current file operation to complete – so this model is not truly asynchronous.

Getting the I/O queue status

If the command with ID 0x3 (file I/O processing) is selected, control is transferred to an internal handler. This command has a set of subcommands described below. Together with the subcommand, this command has a length of at least 4 bytes.

The command with ID 0x5 is presumably implemented to set a read error flag. If this flag is set, reading operations become impossible. At the same time, the module does not support commands to clear the flag, so effectively this command just blocks reading from the file.

Setting the read error flag

To manage open files, the file descriptors used are stored in a doubly linked list in global memory.

Loader

This module, found in one of the infections, is responsible for injecting additional payloads into memory and executing them.

At startup, it first creates a pipe named \\.\pipe\test_pipe20.%d, where the format string includes a unique identifier of the process into which the code is injected. Then data from this pipe is read and sent to the command handler in an infinite loop.

The unique command ID is contained in the first four bytes of the data and can have the following possible values:

The payload is an executable file for 64-bit Windows systems. The command handler parses this file and extracts another executable file from its resource section. This extracted file then undergoes all loading procedures – obtaining the addresses of imported functions, relocation, and so on. In this case, to obtain the system method addresses, simple name comparison is used instead of hashing.

The executable is required to export a function called DllRegisterService. After loading, its entry point is called (to initialize internal structures), followed by this function. It provides an interface with the following possible commands:

Injector

This module is also an executable file for 32-bit Windows systems. It is responsible for launching the payload – an executable originally written in C# (.NET).

First, it creates a pipe named \\.\pipe\0104201.%d, where the format string includes a unique identifier of the process in which the module runs.

The sample reads data from the pipe, searching for a .NET application inside it. Interestingly, unlike other modules, reading here occurs once rather than in a separate thread.

Before loading the received application, the module performs another important step. To prevent the payload from being detected by the AMSI interface, the attackers first load a local copy of the amsi library. Then they enable writing into memory region containing the functions AmsiScanString and AmsiScanBuffer and patch them. For example, instead of the original code of the AmsiScanString function, a stub function is placed in memory that always returns 0 (thus marking the file as safe).

After this, the sample loads the mscoree.dll library. Since the attackers do not know the target version of this library, during execution they check the version of the .NET runtime installed on the victim’s machine. The plugin supports versions 4.0.30319 and 2.0.50727. If one of these versions is installed on the device, the payload is launched via the _Assembly interface implemented in mscoree.dll.

Post-exploitation

Once a target machine is compromised, the attackers gain a wide range of opportunities for lateral movement and obtaining account credentials. For example, we found in the telemetry a command executed during one of the infections:
dllhost.exe $system32\dllhost.exe -accepteula -r -ma lsass.exe $appdata\FoMJoEqdWg
The executable dllhost.exe is a part of Windows and does not support command-line flags. Although telemetry data does not allow us to determine exactly how the substitution was carried out, in this case the set of flags is characteristic of the procdump.exe file (ProcDump utility, part of the Sysinternals suite). The attackers use this utility to dump the LSASS process memory into the file specified as the last argument (in this case, $appdata\FoMJoEqdWg).

Later, having the LSASS process memory dump, attackers can extract credentials from the compromised device and, consequently, attempt various lateral movement vectors within the network.

It is worth noting that a Microsoft article about attacks using CVE-2025-29824 mentions exactly the same method of obtaining LSASS memory using the procdump.exe file.

Takeaways

The repeated detection of PipeMagic in attacks on organizations in Saudi Arabia and its appearance in Brazil indicate that the malware remains active and that the attackers continue to develop its functionality. The versions detected in 2025 show improvements over the 2024 version, aimed at persisting in victim systems and moving laterally within internal networks.

In the 2025 attacks, the attackers used the ProcDump tool renamed to dllhost.exe to extract memory from the LSASS process – similar to the method described by Microsoft in the context of exploiting vulnerability CVE-2025-29824. The specifics of this vulnerability were analyzed in detail by BI.ZONE in the second part of our joint research (in Russian).

IoCs

Domains
aaaaabbbbbbb.eastus.cloudapp.azure[.]com

Hashes
5df8ee118c7253c3e27b1e427b56212c metafile.mshi
60988c99fb58d346c9a6492b9f3a67f7 chatgpt.exe
7e6bf818519be0a20dbc9bcb9e5728c6 chatgpt.exe
e3c8480749404a45a61c39d9c3152251 googleupdate.dll
1a119c23e8a71bf70c1e8edf948d5181
bddaf7fae2a7dac37f5120257c7c11ba

Pipe names
\.\pipe\0104201.%d
\\.\pipe\1.<16-byte hexadecimal string>

securelist.com/pipemagic/11727…

Ahimé rimugino molto, e quando arriva il caldo divento ancora peggio.

Poco fa riflettevo su quanto il movimento del free software si sia snaturato nel tempo. Oggi, purtroppo, l'ho visto diventare solo un modo come un altro per veicolare una visione estremista delle cose, che non giova a nessuno. Un esempio?

Qualche settimana fa un amico su Mastodon ha detto di trovarsi in difficoltà con il suo browser (non ricordo nemmeno per quale ragione, o quale fosse il browser), e che aveva provato Vivaldi ma non si era trovato bene perché mancava una certa opzione. Visto che uso Vivaldi gli ho fatto presente che esisteva quell'opzione, e l'amico in questione ha detto che lo avrebbe riprovato.

A questo punto della discussione sono entrati a gamba due utenti, mettendo in discussione le esigenze personali e le scelte. Per capirci, se dicevo che uso Vivaldi mi rispondevano che non andava bene perché non è open. Rispondevo che so benissimo che non è 100% open, ma lo preferivo a Firefox dopo che Mozilla è diventata quel che è. Non entrando minimamente nel merito di questa mia affermazione, hanno cominciato ad attaccarmi sul fatto che la sincronizzazione di segnalibri e password è un grave problema per la privacy, ecc.

Insomma, per come l'ho vissuta io, una trollata. Conversazione lasciata cadere, non valeva la pena.

Ma continuo a pensarci.

Mi chiedo perché come esseri umani dobbiamo sempre rompere gli zebedei e affrontare le cose in maniera così tranchante e pure un po' estremista. Voglio dire, ma se vedi un gruppo di persone che discute di Vivaldi, perché devi fare presente che "non è free", lasciando intendere 1) che non lo sappiano 2) che di conseguenza è il male è assoluto?

Il software libero NON era questo, e non è nato per questo. Il software libero era un movimento di persone che cercavano di migliorare le cose, non di cadere in estremismi vari, e oggi purtroppo vedo che accade più spesso la seconda cosa. Pur comprendendo l'importanza del free software, che continuo a promuovere, non credo che il modo migliore di farlo sia quello di fare i duri e puri.

Ma questo è solo un esempio, ci siamo capiti.

Dovremmo seriamente pensare come fare a rieducarci ad una visione del mondo più morbida, dove non esiste solo il bianco o il nero, perché la realtà è molto più complessa di una dicotomia sterile tra due soli punti di vista.

#discussioni #tolleranza #estremismi