All your Nintendo Alarmo are belong to mew~ (Credit: GaryOderNichts, Blogspot) Most of us will probably have seen Nintendo’s latest gadget pop up recently. Rather than a Switch 2 announcement, we got greeted with a Nintendo-branded alarm clock. Featuring a 2.8″ color LCD and a range of sensors, it can detect and respond to a user, and even work as an alarm clock for the low, low price of €99. All of which takes the form of Nintendo-themed characters alongside some mini-games. Naturally this has led people like [Gary] to buy one to see just how hackable these alarm clocks are.
As can be expected from a ‘smart’ alarm clock it has 2.4 GHz WiFi connectivity for firmware and content download, as well as a 24 GHz millimeter wave presence sensor. Before [Gary] even had received his Alarmo, others had already torn into their unit, uncovering the main MCU (STM32H730ZBI6) alongside a 4 GB eMMC IC, as well as the MCU’s SWD pads on the PCB. This gave [Gary] a quick start with reverse-engineering, though of course the MCU was protected (readout protection, or RDP) against firmware dumps, but the main firmware could be dumped from the eMMC without issues.
After this [Gary] had a heap of fun decrypting the firmware, which seems to always get loaded into the external octal SPI RAM before execution, as per the boot sequence (see featured image). This boot sequence offers a few possibilities for inserting one’s own (properly signed) contents. As it turns out via the USB route arbitrary firmware binaries can be loaded, which provided a backdoor to defeat RDP. Unfortunately the MCU is further locked down with Secure Access Mode, which prevents dumping the firmware again.
So far firmware updates for the Alarmo have not nailed shut the USB backdoor, making further reverse-engineering quite easy for the time being. If you too wish to hack your Alarmo and maybe add some feline charm, you can check [Gary]’s GitHub project.
The Fediverse Schema Observatory helps to improve interoperability, the botsin.space server will shut down, and more.
The News
The Fediverse Schema Observatory is a new project by Darius Kazemi, who runs the Hometown fork of Mastodon as well as co-wrote to Fediverse Governance paper this year with Erin Kissane. The Observatory collects data structures from the fediverse; it looks how different fediverse softwares use and implement ActivityPub. It explicitly does not gather any personal data or posts; instead it looks at how the data is formatted in ActivityPub. ActivityPub and the fediverse has a long-standing problem in that the selling point is interoperability between different software, but every software has their own, slightly different implementation of ActivityPub, making good interoperability difficult to pull off. Kazemi has posted about the Observatory as a Request for Comments. The Observatory is explicitly not a scraper, but considering how sensitive the subject can be in the fediverse community, Kazemi has taken a careful approach of informing the community in detail beforehand about the proposed project, and how it deals with data. The easiest way to see and understand how the Observatory is works is with this demo video.
The botsin.space Mastodon server for bots will shut down in December. The botsin.space server is a server dedicated to running bots, with a few thousand active bots running. The server is a valued part of the community, with the wild variety of bots running on the server contributing to the Mastodon in both useful and silly ways. The admin states that over time running the servers has become too expensive over time, and that is was not feasible to keep the project going. The shutdown of botsin.space showcases an ongoing struggle in the fediverse, running a server is expensive and time-consuming, and every time a server shuts down the fediverse loses a block of its history.
Sub.club is a way to add monetization options to fediverse posts. Sub.club started with being able to add paywalls to Mastodon posts, recently expanded to long-form writing with support for Write.as, and now has added support for WordPress blogs as well. Sub.club has posted a tutorial on how to add the plugin to WordPress, making it an easy system to set up.
Bridgy Fed, the bridge between ActivityPub and ATproto has gotten some updates, with the main new feature is that you can now set custom domain handles on Bluesky for fediverse accounts that get bridged into Bluesky. This brings the interoperability between the networks closer to native accounts, and makes having a bridged account more attractive.
Upcoming fediverse platform for short-form video, Loops, got some press by The Verge and TechCrunch. Creator Daniel Supernault said that there are now 5k people on the waiting list, and that a TestFlight link will go out soon for the first 100 people. An Android APK will be made available at some point as well.
GoToSocial is working on the ability to for servers to subscribe to allowlists and denylists. This makes it easier to create clusters of servers with a shared allowlist, such as the Website League. As I recently wrote about Website League, it is a cluster of federating servers that uses ActivityPub but exists separately from the rest of the fediverse, and it is started by people who build a new shared space after Cohost shut down. Website League servers predominantly use GoToSocial or Akkoma, and have been actively working on tuning the software to meet their needs.
The Links
Flipboard is now federating accounts of publishers in Brazil, Canada, Germany and the UK.
A long read on Content Warnings, that extensively touches on the culture on using Content Warnings in Mastodon and the Website League as well.
Ghost’s weekly update on their project to implement ActivityPub, mentioning that they have bridged their ActivityPub-based Ghost account to Bluesky as well.
Some big news for Bluesky this week, as they raise $15M in their series A. Another new option to import your old tweets into Bluesky, and more.
Bluesky announces series A
Bluesky has announced their series A funding round, raising $15M, using the announcement to give a first look at some of their monetisation plans as well. The series A funding round is lead by Venture Capital firm Blockchain Capital. In summer 2023 Bluesky had an $8M seed round, and various investors of the seed round also returned for the series A. Kinjal Shah, a Partner at Blockchain Capital, will join the board of Bluesky.
The seed round already had investors from the crypto world, but this drew much more attention with the series A, as the headline of Blockchain Capital as a lead investor made the connection loud and clear. Bluesky is aware of the negative connotations that many people have regarding blockchains and crypto, explicitly stating that “the Bluesky app and the AT Protocol do not use blockchains or cryptocurrency, and we will not hyperfinancialize the social experience (through tokens, crypto trading, NFTs, etc.).”
Bluesky also announced two avenues they will start to explore for monetisation; a subscription model and payment processing. For the subscription model Bluesky will explore various additional features that do not touch on the core experience, such as higher quality video uploads, or profile customisations. Bluesky will also start working on payment services to support creators. Not much information is known yet on this, and Bluesky says they will share more information as it becomes available.
Kinjal Shah wrote the investment thesis for Blockchain Capital, which gives good insight in the vision of what Blockchain Capital hopes to get out of the investment. She writes: “With this investment, we’re investing in more than a product but rather a vision of what social infrastructure could be. A future where users own their identity and data, developers can innovate freely, and networks are as diverse as we are.” The reason for Blockchain Capital to invest into a social infrastructure is the new opportunities that an open developer ecosystem brings for (other) developers to build new products, which is also stated here by Bluesky developer Why.
On Enshittification
A common response to the news of Bluesky’s series A being lead by a VC firm called Blockchain Capital is that “the enshittification has started”. This response was dominant on the fediverse, and less so but still present on Bluesky. It’s been such a common response that I think it deserves a closer look at ‘enshittification’ and how it relates to Bluesky taking money from a blockchain VC firm. The meaning of the term enshittification has shifted over time, and both meanings provide an interesting lens to look at the news.
When Cory Doctorow coined the term enshittification in 2022, he used it to describe a process of platform decay. A platforms subsidises growth by operating at a loss, and places themselves in between the suppliers and customers on a two-sided marketplace. Once suppliers and customers are locked in on the platform and cannot easily leave, the enshittification cycle happens: the platform uses their control of the marketplace to take an ever increasing part of the value while while making the experience on the platform worse, for both suppliers and consumers.
What is interesting here is that in earlierinterviews, Jay Graber has mentioned the idea of building marketplaces on Bluesky as a way to make money. If enshittification is used to describe platform decay, it stands out that a marketplace is not present in the Series A announcement as a way for Bluesky to monetise. For a platform to become enshittified in this meaning of platform decay, a platform needs to have exclusive control of a marketplace on the platform. However, Bluesky is currently not taking the direction of a marketplace for monetisation, instead opting for subscriptions and payment processing. This is still open to change at a later point, as Graber has expressed interest in it before.
Doctorow also mentions two principles to combat platform enshittification. Platforms should be interoperable, allowing users can switch to a different provider. Users should also have the ability to control the content they see, and not be dependent on an opaque algorithm owned by the platform. As both of these principles are deeply embedded in the design of ATProto, Bluesky is an interesting case study if the principles that Doctorow mentioned are indeed good enough to stave off enshittification.
The meaning of the term enshittification has drifted and expanded over time. Enshittification is now commonly used to refer to any business practice that makes the company or product, well, shit. There is a fairly widespread negative attitude towards both venture capital as well as blockchains and crypto. People perceive that these systems have not brought benefits they promised, and enriched a small elite instead, all the while degrading the experience of using the internet. This is not a newsletter to deconstruct blockchains or VC (I’m sure you can find your own sources for that), but I do want to point out that public perception of both venture capital and blockchains matter here. Bluesky is in an active growth phase, and part of the sales pitch to get people to join the network is that Bluesky is a ‘better’ place, for various interpretations of ‘better’.
Getting people to join Bluesky while also being associated with technologies and organisations that many people perceive as ‘not better’ is much harder. People want to join a new network because they hope that the new network is a better experience for them. Judging from the outside if a network is a suitable place is hard, so people tend to fall back to simple heuristics to determine if a network is a good place for them. BlockChain Capital might provide valuable support to Bluesky, but this hard to see as an outsider that is considering joining Bluesky. Instead, it is more likely that they will fall back on their preexisting opinions about startups that take VC money or affiliated with blockchains.
The News
Porto is a new free tool that allows you to import your Twitter archive into Bluesky. The tool asks you to download your tweets from X as an archive, and upload the folder with your archive into the tool, via a browser extension.
Bridgy Fed, the bridge between ActivityPub and ATproto has gotten some updates, with the main new feature is that you can now set custom domain handles on Bluesky for fediverse accounts that get bridged into Bluesky. This brings the interoperability between the networks closer to native accounts, and makes having a bridged account more attractive. As such, you can now follow my fediverse account on Bluesky at @fediversereport.com.
Last week I wrote that the “new wave has a higher retention rate than other waves”. Another week later and this effect still holds.
ProtoScript is a tool that lets you publish Javascript code directly to your PDS, and then view and execute code from any user directly in your browser. Conceptually it is similar to ATFile, which lets you store arbitrary files on your PDS, but this time with Javascript code instead. Both ProtoScript and ATFile are exploring the idea that the PDS is a website, and it seems like there is still a lot of design space left to explore here.
The ATProto Tech Talks is back, with a new event November 7th. This event will feature various ways people build blogs on ATProto, including by Bluesky developers Samuel and Hailey. Smoke Signal event to register is available here.
Tracking how the space of labelers for self-identification is evolving:
The Games Industry Labeler now is now automated via DMs, where a chat interface walks a user through setting their labels.
The permissionless nature of ATProto allows people to backdate posts. This feature allows people to import their Twitter archive to the original date of posting, but can also create confusion. The Backdated Labeler labels posts that have a different timestamp than the time they first become visible on the network.
That’s all for this week, thanks for reading! You can subscribe to my newsletter to receive the weekly updates directly in your inbox below, and follow this blog @fediversereport.com and my personal account @laurenshof.online.
Welcome back to ATProtocol Tech Talks! For the November 7th edition, we'll be hearing from a number of builders who are creating on top of ATProtocol. 3 blogs and a client!
This week, Jonathan Bennett and Dan Lynch chat with Josh Bressers, VP of Security at Anchore, and host of the Open Source Security and Hacker History podcasts. We talk security, SBOMs, and how Josh almost became a Sun fan instead of a Linux geek.
Did you know you can watch the live recording of the show Right on our YouTube Channel? Have someone you’d like us to interview? Let us know, or contact the guest and have them contact us! Take a look at the schedule here.
The name BeOS is one which tends to evoke either sighs of nostalgia or blank stares, mostly determined by one’s knowledge of the 1990s operating system scene. Originally released in 1995 by Be Inc., it was featured primarily on the company’s PowerPC-based BeBox computers, as well as being pitched to potential customers including Apple, who was looking for a replacement for MacOS. By then running on both PowerPC and x86-based systems, BeOS remained one of those niche operating systems which even the free Personal Edition (PE) of BeOS Release 5 from 1998 could not change.
As one of the many who downloaded BeOS R5 PE and installed it on a Windows system to have a poke at it, I found it to be a visually charming and quite functional OS, but saw no urgent need to use it instead of Windows 98 SE or 2000. This would appear to have been the general response from the public, as no BeOS revival ensued. Yet even as BeOS floundered and Be Inc. got bought up, sold off and dissected for its parts, a group of fans who wanted to see BeOS live on decided to make their own version. First called OpenBeOS and now Haiku, it’s a fascinating look at a multimedia-centric desktop OS that feels both very 1990s, but also very modern.
With the recent release of the R1 Beta 5 much has been improved, which raises the interesting question of how close Haiku is to becoming a serious desktop OS contender.
Writing A Haiku
Although some parts of BeOS (e.g. Tracker and Deskbar UI components) were open sourced with BeOS R5, for the most part the code of the Haiku project has been written from scratch. What helped a lot here was that even beyond the modular hybrid kernel the entire architecture of BeOS focused on modularity, allowing these developers in the early 2000s to gradually create new components to replace the proprietary ones in BeOS while testing them for regressions and bugs.
Even so, it took until September 2009 for the first Alpha release to be published, following eight years of intensive work. The first Beta came nine years later, at the end of September 2018, by which time support for x86_64 systems had also been added. This created an interesting inflection point, as only the 32-bit x86 version is fully binary compatible with BeOS R5, while the 64-bit version merely has compatible APIs. Unless you intend to run proprietary BeOS software this is probably not much of a concern, of course.
Currently, the Haiku project describes the OS as an ‘easy to use and lean open source operating system’, rather than limiting itself to being merely a way to run 1990s BeOS applications. The implications of this are covered in the general FAQ on the Haiku website along with a whole range of other common questions. The tl;dr is that while Haiku grew out of BeOS, its focus is mostly on maintaining BeOS’s unified vision for the desktop OS experience, which is why merely putting another skin around the Linux kernel would not have worked.
This drive to keep Haiku as a spiritual successor to BeOS can be seen in this and many other aspects, from its general appearance, to the name. Within BeOS the use of haiku (Japanese short-form poetry) was quite common, in particular in its NetPositiveweb browser error messages, such as:
Sites you are seeking From your path they are fleeing Their winter has come.
So What Does It Do?
Inevitably, when someone is confronted with Yet Another Open Source OS (YAOSO), the first question that comes to mind is what it does that another OS does not. After all, there are so many hobby OSes out there, all too often merely written to promote one’s pet language like Zig, Dart, NodeJS, Rust, D or another collection of letters that may or may not be infuriating to search for on the Internet. All of these OSes will tend to have a GUI, a file & internet browser, maybe someone has ported Tux Racer and some other bits of Linux userland, but with less functionality than the average Linux distribution these OS projects mostly spend a lot of time coming to terms with being less relevant than BeOS R5 and OS/2 Warp still are in the 2020s.
Here Haiku of course is a far cry from a hobby OS. Its kernel is inspired by the NewOS kernel, written by a former Be Inc. employee, it uses C++ and even GCC 2.x in places for that BeOS compatibility, but for new code you will be using a current C++ toolchain. You find the same GUI-centric user interface as BeOS had, though in the Terminal application you quickly find that it’s as familiar as any Linux or BSD shell, a pattern which persists in its POSIX compatibility. Meanwhile the overall user experience feels familiar to both old-school BeOS users and the average Windows user.
Although this is decidedly a personal matter, Haiku for me is a breath of fresh air compared to Yet Another Linux Distro (YALD) in the user interface consistency and the sheer snappiness. Booting Haiku takes seconds before you’re on the desktop, and the whole experience is that of a nimble single-user desktop system, rather like something such as Windows 98, except even faster and less crash-y. As for what it does when you’re on the desktop, it of course has the usual assortment of web browsers, office applications, multimedia players and editors, but as said earlier all of that is rather beside the point when the real question is whether you can use it as a daily driver.
This was also the point of a recent video by the Action Retro channel on YouTube, in which Haiku as a daily driver OS is attempted and found to be working quite well, even with video hardware acceleration in the Beta 4 release not implemented yet. My own experiences this year with Beta 4 and 5 mostly confirm this take, albeit mostly from the experience of a software developer doing some serious application porting.
Basically, how badly does Haiku break when you try to use it as a serious OS and port FFmpeg and Qt5-based applications to it?
No YALD, Just Haiku
While I am not sure how enthusiastic I am about swapping the Windows-style taskbar (incidentally replicated by most Linux GUIs) for the BeOS-style Deskbar, or the BeOS window decorations, you do get used to these differences. To get started with porting software you ideally use the pkgman package manager, which is reminiscent of FreeBSD’s pkg (and ports, incidentally). As I found out earlier this year when I ported my FFmpeg-based NymphCast project to Haiku, the OS is a lot closer to FreeBSD than Linux in many respects, including its file stat handling. This means no hacky lstat64() as on 64-bit dirty Linux platforms.
The whole string of dependencies required by the NymphCast project were all present and easily installed with pkgman, with the next challenge being that Haiku does not follow the Linux or BSD filesystem conventions. This is not unexpected, as it’s a desktop OS with absolutely no need to pretend that it dates back to an era when PDP-8s roamed the Earth. Instead it’s a multimedia-focused OS from the 1990s, with a filesystem that has a lot of added meta-data features, and a layout for installed applications and development files that mostly non-confusing.
The only real showstoppers that I came across during the porting of NymphCast was a lack of IPv6 support in Haiku, and stability issues in Beta 4, but switching to Beta 5 (nightly) and improving IPv6 handling in my code fixed this. Running through the compilation and installation procedure again on Beta 5 recently, I encountered no stability issues, just an issue (#6400) in the SDL2 package for Haiku that makes SDL2-based applications still somewhat of a no-go until the responsible hack gets fixed, at least from how I understand the issue. Qt5-based NymphCast Player running on Haiku Beta 5. For fun, I also tried building the Qt5-based NymphCast Player client in Haiku R1 Beta 5, which succeeded with absolutely zero issues. This application ran fine, connected to NymphCast server and media server instances running elsewhere on the network just fine, allowing me to control them as I would have on any other OS. How perfectly boring.
Is It Boring Enough?
In the question of whether an OS can be a daily driver I feel that there’s a lot being implied. When I consider my own OS preferences, having used MS-DOS, Win3.x, Win9x, Win2k, etc., as well as desktop Linux since SuSE Linux 6.3 in ’99, the BSDs, OS X and MacOS (post-OS X), I feel strongly that a good daily driver OS is one that is so utterly boring and Just Works that you spend as little time as possible thinking about the OS, while maximizing the time you are productive, have fun playing games, being online, and so on.
Windows has become more and more boring in this regard until Windows 7, when it began to tailspin with Windows 8 and is with Windows 11 less functional than Windows 3.11, or Windows 9x during the delightful winmodem days. Similarly OS X/MacOS decided to lock down the OS with its rootless ‘feature’, among other unpopular decisions with power users and developers. Combined with the many bugs in MacOS (e.g. in its printer spool that existed since at least 10.4), I was happy to move to Windows 10, which is only infuriating due to the horrid Flat Design Language and completely unnecessary Settings app.
Although 1998 was supposed to be the Year of the Linux Desktop, the fact remains that Linux as a desktop OS is not boring, but a constant exercise in troubleshooting the window manager, desktop environment, audio subsystem, a kernel module that vanished after a kernel upgrade, an uncooperative driver, hunting down a non-existent driver for a new WiFi dongle and so on. This is why I use Linux on an almost daily basis, but run a Windows desktop system.
When it pertains to Haiku, I feel that there’s some real potential for it to become as boring as Windows 2000, or even Windows XP or 7. I will be using Haiku more the coming months and likely years as it matures towards Release 1, along with ReactOS and similar open source OSes that strive to provide the user with the most boring and pleasantly unremarkable desktop experience possible.
Si è conclusa la XIII edizione di #ExpoTraining! Due giornate dedicate all'orientamento, alla formazione e alla sicurezza sul lavoro.
Qui il video racconto integrale dell'evento ▶️ https://youtu.
L'articolo proviene da #Euractiv Italia ed è stato ricondiviso sulla comunità Lemmy @Intelligenza Artificiale On October 16th, Emiliyan Stanev School organized an event in relation to EU Code Week about the principles of artificial intelligence (AI), its capabilities
@Politica interna, europea e internazionale La CGIL e la Uil hanno proclamato uno sciopero generale di otto ore per la giornata di venerdì 29 novembre, una mobilitazione indetta per chiedere al governo di Giorgia Meloni e alla maggioranza di
Si è conclusa recentemente a Vienna la Conferenza delle Parti alla Convenzione della Nazioni Unite contro la Criminalità Organizzata Transazionale (#UNTOC) – nota come "Convenzione di Palermo" – l’appuntamento biennale più importante dell’agenda dell’Onu in tema di prevenzione e lotta alla criminalità organizzata tramite il rafforzamento della cooperazione transfrontaliera.
L’Italia, che da sempre riveste un ruolo di rilievo nell’azione internazionale di contrasto alle mafie, ha partecipato ai lavori con una delegazione interministeriale guidata dal Ministro della Giustizia, Carlo Nordio, che intervenendo in "plenaria" ha sottolineato l’urgenza di rafforzare, a livello nazionale e attraverso la collaborazione multilaterale, il contrasto alle nuove forme di criminalità organizzata, che sempre più spesso opera nel dominio cyber.
Insieme alla Direttrice Esecutiva dell’Ufficio Onu sulle Droghe e il Crimine, Ghada Waly, il Ministro ha inoltre preso parte ad un evento di alto livello che segna l’avvio di un mese di mobilitazione in vista della prima Giornata internazionale contro la Criminalità Organizzata Transnazionale (15 novembre), inaugurando in tale occasione anche la mostra ”Cooperation in the fight against transnational organized crime: Italy’s Experience’‘ che offre una testimonianza della storia e delle capacità italiane nella lotta alle mafie. La mostra rimarrà al Vienna International Center per essere poi esposta anche al Palazzo di Vetro di New York. La mostra che illustra l’esperienza del nostro Paese nella lotta alla criminalità organizzata transnazionale, è stata realizzata dai Ministeri degli Affari Esteri e della Cooperazione Internazionale, dell’Interno e della Giustizia.
Attraverso un percorso di immagini evocative (vedi foto in apertura), la mostra illustra alcune fasi cruciali della lotta contro la mafia, il ruolo dei magistrati Flacone e Borsellino, la reazione alle stragi del 1992, la strada che ha portato all’adozione della Convenzione di Palermo, le attività di cooperazione internazionale e le sfide future.
La settimana è stata animata anche da numerosi eventi a latere. La Rappresentante Permanente italiana, Amb. Debora Lepre, è intervenuta in un panel di alto livello sul meccanismo di verifica dell’attuazione della Convenzione di Palermo e in un side event sullo sfruttamento dei minori da parte delle organizzazioni criminali. L’Italia ha co-organizzato anche eventi incentrati su temi prioritari per il nostro Paese, quali il contrasto ai reati contro il patrimonio culturale, la prevenzione del terrorismo, le connessioni tra corruzione e criminalità organizzata, il traffico di armi da fuoco. La Conferenza ha adottato 4 risoluzioni e 2 decisioni: tra queste due importanti risoluzioni sul contrasto al traffico di armi da fuoco e sulla prevenzione e la lotta ai crimini ambientali.
🏆 #Scuola, oggi è stato conferito il Premio “Alfieri del Lavoro” dal Presidente della Repubblica Sergio Mattarella, presso il Quirinale, a 25 studenti e studentesse da tutta Italia.
🏆 #Scuola, oggi è stato conferito il Premio “Alfieri del Lavoro” dal Presidente della Repubblica Sergio Mattarella, presso il Quirinale, a 25 studenti e studentesse da tutta Italia.
We see a fair few glitcher projects, especially the simpler voltage glitchers. Still, quite often due to their relative simplicity, they’re little more than a microcontroller board and a few components hanging off some wires. PicoGlitcher by Hackaday.IO user [Matthias Kesenheimer] is a simple voltage glitcher which aims to make the hardware setup a little more robust without getting caught up in the complexities of other techniques. Based on the Raspberry Pico (obviously!), the board has sufficient niceties to simplify glitching attacks in various situations, providing controllable host power if required.
A pair of 74LVC8T245 (according to the provided BoM) level shifters allow connecting to targets at voltages from 1.8 V to 5 V if powered by PicoGlitcher or anything in spec for the ‘245 if target power is being used. In addition to the expected RESET and TRIGGER signals, spare GPIOs are brought out to a header for whatever purpose is needed to control a particular attack. If a programmed reset doesn’t get the job done, the target power is provided via a TPS2041 load switch to enable cold starts. The final part of the interface is an analog input provided by an SMA connector.
The glitching signal is also brought out to an SMA connector via a pair of transistors; an IRLML2502 NMOS performs ‘low power’ glitching by momentarily connecting the glitch output to ground. This ‘crowbarring’ causes a rapid dip in supply voltage and upsets the target, hopefully in a helpful way. An IRF7807 ‘NMOS device provides a higher power option, which can handle pulse loads of up to 66A. Which transistor you select in the Findus glitching toolchain depends on the type of load connected, particularly the amount of decoupling capacitance that needs to be discharged. For boards with heavier decoupling, use the beefy IRF7807 and accept the glitch won’t be as sharp as you’d like. For other hardware, the faster, smaller device is sufficient.
The software to drive PicoGlitcher and the hardware design files for KiCAD are provided on the project GitHub page. There also appears to be an Eagle project in there. You can’t have too much hardware documentation! For the software, check out the documentation for a quick overview of how it all works and some nice examples against some targets known to be susceptible to this type of attack.
@Politica interna, europea e internazionale Lucia Aleotti del Gruppo Menarini nominata Cavaliere del Lavoro Lucia Aleotti, azionista e membro del Board del Gruppo Menarini, è stata nominata Cavaliere del Lavoro dal Presidente della Repubblica Sergio Mattarella, su proposta del Ministro delle Imprese e
Nel Regno Unito si è concluso il primo processo nella storia del Paese contro il creatore di contenuti illegali che utilizzano l’intelligenza artificiale . Hugh Nelson, 27 anni, residente a Bolton, ha ricevuto 18 anni di prigione per aver creato e distribuito materiale proibito raffigurante minori. L’indagine è stata condotta dalla polizia di Greater Manchester.
Il criminale ha utilizzato Daz 3D, un programma di intelligenza artificiale, per convertire normali fotografie di minorenni in contenuti illegali. Secondo l’indagine, alcuni clienti hanno fornito fotografie di bambini veri con cui hanno avuto contatti.
Nel corso di un anno e mezzo l’aggressore ha guadagnato circa 5.000 sterline vendendo materiale creato nelle chat room di Internet. A differenza dei precedenti casi di “deepfake” in cui i volti venivano scambiati, Nelson ha creato modelli 3D basati su fotografiereali.
L’arresto è avvenuto dopo che Nelson ha detto a un agente di polizia sotto copertura in una chat online che era disposto a creare un nuovo “personaggio” per 80 sterline. Durante la perquisizione, è stato scoperto che il criminale aveva della corrispondenza in cui incoraggiava azioni illegali contro bambini di età inferiore a 13 anni. La polizia ha identificato diversi sospetti e vittime in tutto il mondo, tra cui Italia, Francia e Stati Uniti.
Hugh Nelson è stato giudicato colpevole di incitamento alla violenza contro i bambini sotto i 13 anni, tentando di indurre un adolescente sotto i 16 anni a impegnarsi in attività sessuali, distribuendo e realizzando immagini illegali.
L’avvocato ha cercato di presentare l’imputato come una persona sola che viveva nella casa dei suoi genitori e cercava riconoscimento nella comunità di Internet. Tuttavia, il giudice ha definito le azioni di Nelson “orribili e disgustose”, sottolineando la mancanza di comprensione da parte dell’imputato del danno causato.
Janette Smith, procuratore speciale del Crown Prosecution Service, ha affermato che il caso dimostra come la tecnologia in rapida evoluzione possa rappresentare una minaccia per i bambini. L’ispettore Jen Tattersall ha affermato che tali crimini che coinvolgono la computer grafica stanno diventando sempre più comuni. La scorsa settimana sono state avviate indagini su altri due casi simili.
nel senso che in uno stato USA, mi pare il Texas, la polizia ha usato la AI per creare un'entità virtuale con le sembianze di una teenager per attirare pedofili. Fino a dove si siano spinti non è stato pubblicizzato, ma ciò ha giustamente creato un dibattito sulla liceità di talu azioni.
DALLA SVEZIA: L' INVESTIMENTO EOLICO PORTA ALLA BANCAROTTA. CONVIENE A CINA E USA. SOLO DANNI PER L'UE - Ifanews - News Magazine ifanews.it/dalla-svezia-l-inve…
One is that Sweden does not appear to have our system of constraint payments:
Second is the fact that low winds mean high market prices, and vice versa. Obviously wind farms make their money when the wind blows, so low prices at those times drastically impact earnings.
In the UK, the CfD subsidy protects wind farms from these fluctuations, whilst ROC subsidies are generous enough to offset low market prices.
And thirdly, the article rightly notes that wind farms don’t have to pay for grid adaption and other wider system costs.
Even in the advanced world of 2024, robots are still better in science fiction than in reality. Star Trek gave us the erudite and refined Data, Rogue One gave us the fierce yet funny K-2SO, and Big Hero 6 gave us the caring charmer named Baymax. All these robots had smarts, capability, and agency. More than that, though—they were faithful(ish) companions to humans, fulfilling what that role entails.
The thing is, we’re not gonna get robots like that unless somebody builds them. [Angela Sheehan] is a artist and an educator, and a maker—and she’s trying to create exactly that. She came down to the 2023 Hackaday Supercon to tell us all about her efforts to create cuddly companion bots for real.
You might remember Angela from her 2019 Supercon costume—she showed up dressed as a color-changing fairy. In fact, she has dabbled in all kinds of fields, which has given her a broad skillset applicable to creating companion bots. She’s done lots of costuming and cosplay over the years, she’s worked in product design, and she brands herself a bit of a fashion hacker. These skills might not be particularly relevant to building a high-speed industrial robot arm to perform 2000 welds an hour. However, they come in absolute clutch when you’re trying to build a robot that acts as a soft, cuddly companion. She notes that she was inspired to create her own companion bots by the work of others formerly showcased by Hackaday—you might remember work in this field from Alex Glow and Jorvon Moss. That’s Nova, right there! Angela’s talk soon tackles the elephant in the room—from the drop, you’ve probably been wondering about the cute critter perched on her shoulder. The long-tailed creature is named Nova, and she’s remarkably friendly and soothing once you get to know her.
Development took some time, with Angela doing lots of research and development to create the Nova we see today. “I actually did a lot of the prototyping and field testing for this bot in the library makerspace that I work at,” she explains. “It was great to see people who don’t know the inside and out of technology interact with [Nova] and I could pinpoint the moment that she became alive to people.” The bot got quite a response, transcending the level of basic machine to something a little more. “People wanted to come in and visit her and pet her,” says Angela. “That was such a powerful moment… that happened as soon as I started putting a face on her.” Angela doesn’t just tell the tale—during the talk, she passes Nova to the audience so they can interact with her up close. She explains that this is something that she does regularly—and we get to see photos of the lovely interactions Nova has had with dozens of smiling, happy people.
[Angela] covers some of the tools and techniques she used to develop her robot companion. At times, she looked to commercial products to figure out how to make something that’s properly cuddleable.Nova leverages Angela’s skills in sewing, 3D modelling, and 3D printing. She explains how components like Nova’s wings were first drafted in Adobe Illustrator. From there, the structure was refined into actual models in Fusion 360, while a PCB was developed in Eagle for the lighting electronics.
The face, though, was perhaps most crucial—as is the case for any anthropomorphic character. She took inspiration from Toothless from How To Train Your Dragon, using a stuffed toy as reference. Initial attempts weren’t particularly satisfying though, so she learned 3D sculpting for a further attempt in clay. Feedback from Twitter helped her develop the face further into the Nova we see today. The eyes were sourced from an Etsy supplier specializing in doll eyes. Angela notes there’s some magic there—when backlit with LEDs, switching them on and off can create a really believable blink pattern that feels super realistic. “What are those elements that make it feel alive?” Angela muses. “There are just little pieces of the psychology of it that you can dial into and you can make something that feels very alive.” Part of the development process was figuring out how to make the eyes and movements feel natural—like a living creature rather than a pile of electronics, motors, and lights. The talk then covers the rest of the design that helps create the “illusion of life.” Angela explains using servos and a robot gripper mechanism to flap the wings, and dialing in the motion so it felt as authentic as possible. She also covers robustness, designing “cuddle-worthy” bodies, and the value of designing for modularity. There’s also a useful discussion about how to make these builds more accessible, including useful starting points like which microcontroller and code platforms are good to use.
Even better, we get a look into the companion bot community, and we learn about the emotional impact these robots can have. Sometimes that’s intentional, other times, it’s down to a happy accident. “There is an unintended effect with [Nova’s] servos, that it feels like a purr,” says Angela. “It’s very comforting right on your shoulder, and I was thinking maybe I should try and insulate it a little bit, but actually people love it.” Nova puts smiles on faces wherever she goes. Angela is always letting people hold her and get to know her, and this kind of gleeful response is a common one. Fundamentally, companion bots are a bit like virtual reality. We’ve seen a ton of products make big promises over the years, but we’ve never seen a killer app. However, as [Angela] demonstrates, it’s very possible to create something very real and very lovable if you pay attention to the right things. Perhaps it’s the personal touch that makes DIY companion bots so seemingly lifelike in a way that Furby never was.
In any case, if you’ve ever wanted a robot companion of your very own, there’s no reason you can’t start building your own. With maker skills, enthusiasm, and the will to succeed, you can create a fun and cuddly robot critter that has that magical spark of life.
Le immagini di Valencia ci confermano che questo è un Pianeta sovrappopolato, inquinato e preda di cambiamenti climatici che solo i mentecatti, gli opportunisti e i disonesti si ostinano a negare.
E in Usa stanno per rieleggere il comandante in capo dei mentecatti, degli opportunisti e dei disonesti.
Un delinquente ricco, golpista e razzista, il rappresentante della peggio umanità possibile, il disonesto in capo, un negazionista fanatico e violento. Il solo fatto che un simile individuo sia in lizza, è una sconfitta per il genere umano. Finirà malissimo, per tutti, anche per i 4 dementi che tifano che sarà meglio così, anche, e soprattutto, per i poveri che si illudono di trovare la soluzione magica votando un criminale simile o, in generale, votando la peggior destra reazionaria. Andrà male alla democrazia che sarà fatta a pezzi in America, subito seguito dai suoi emuli in Europa e Italia che non attendono altro, e ci consegnerà al criminale di Mosca, suo degno compare. Il baratro mondiale è ad un passo. Andrà bene solo per i ricchissimi, che infatti stanno con lui. Preparatevi al peggio.
The latest expansion of an Elon Musk-funded super PAC; how New York's largest hospital system is using AI; and how Epic Games' control over the 3D model market could "destroy" cultural heritage.
The latest expansion of an Elon Musk-funded super PAC; how New Yorkx27;s largest hospital system is using AI; and how Epic Gamesx27; control over the 3D model market could "destroy" cultural heritage.#Podcast
The latest expansion of an Elon Musk-funded super PAC; how New York's largest hospital system is using AI; and how Epic Games' control over the 3D model market could "destroy" cultural heritage.
se ti incazzi con una persona e dici peste e corna, ma poi neghi che sia autistica, neghi che abbia problemi, neghi qualsiasi motivazione o spiegazione, alla fine che coerenza stai dimostrando? anche senza essere psicologhi si capisce che è solo un accanimento senza senso. e pure inutile, se non dannoso. o fai finta di niente e va tutto bene, o se il problema esiste il problema esiste. ma difficilmente funzionerà come piace a te... statisticamente parlando.
[quote]La rapida evoluzione degli scenari securitari odierni pone Stati come l’Italia nella posizione di doversi interrogare sullo stato delle proprie Forze armate e sulle necessità espresse dallo strumento militare nazionale per garantire una difesa appropriata. In questo contesto si
@Informatica (Italy e non Italy 😁) Ieri, dopo 67 minuti, il Governo ha cancellato nell’ordine del giorno del Consiglio dei ministri, convocato alle 16 del 29 ottobre, il decreto-legge contenente “Misure urgenti in materia di ordinamento giudiziario, di personale di magistratura, di incarichi dirigenziali e di competenza investigativa
@Notizie dall'Italia e dal mondo Secondo il quotidiano americano, il Pentagono sta cercando di trasformare l'esercito Usa in una forza adatta ad uno scontro sul terreno con le truppe cinesi L'articolo New York Times: “l’esercito Usa prepara la guerra con la Cina” proviene da Pagine Esteri.
@Politica interna, europea e internazionale “Quella è la vera prova di colpevolezza di Silvio Berlusconi di come ha preso i soldi dalla mafia”. Lo dice Nunzio Samuele Calamucci a Massimiliano Camponovo in un’intercettazione telefonica agli atti dell’inchiesta
le parole dette feriscono molto più delle parole scritte. per questo l'idea secondo cui per non ferire le persone è meglio parlare che scrivere è sbagliata. ed è sbagliato pure che parlando si creano meno fraintendimenti, perché questo in realtà dipende dalle persone e dalla loro capacità di reagire immediatamente e con prontezza, e non è per niente scontato.
Il gruppo coinvolto nell’inchiesta di Milano faceva anche la manutenzione dei sistemi dell’Agenzia nazionale. Passando da quegli apparati il commando è riuscito a penetrare nei server del Viminale
Nasce il mito di Rodolfo Valentino, italiano di Castellaneta (Taranto) quando a Los Angeles vi è l’anteprima de Lo sceicco, il film che lo lancia a livello globale come primo “latin lover” della storia del cinema. The Sheik è un film muto del 1921, diretto da George Melford e interpretato oltre che da Rodolfo Valentino, da Agnes Ayres. E' tratto dal romanzo di Edith Maude Hull, pubblicato a Londra nel 1919.
Applying solder paste to a new custom PCB is always a little nerve-racking. One slip of the hand, and you have a smeared mess to clean up. To make this task a little easier, [Max Scheffler] built the Stencil Fix Portable, a compact self-contained vacuum table to hold your stencil firmly in place and pop it off cleanly every time.
The Stencil Fix V1 used a shop vac for suction, just like another stencil holder we’ve seen. The vacuum can take up precious space, makes the jig a little tricky to move, and bumping the hose can lead to the dreaded smear and colorful language. To get around this [Max] added a brushless drone motor with a 3D printed impeller, with a LiPo battery for power. The speed controller gets its PWM signal from a little RP2040 dev board connected to a potentiometer. [Max] could have used a servo tester, but he found the motor could be a little too responsive and would move the entire unit due to inertia from the impeller. The RP2040 allowed him to add a low pass filter to eliminate the issue. The adjustable speed also means the suction force can be reduced a little for easy alignment of the stencil before locking it down completely.
We love seeing tool projects like these that make future projects a little easier. Fortunately, [Max] made the designs available so you can build your own.
Emergono nuove indiscrezioni sconcertanti sullo scandalo di spionaggio e accesso abusivo a dati personali in Italia, legato alla società Equalize.
Sotto la lente degli inquirenti della Direzione Distrettuale Antimafia (DDA) di Milano e della Procura di Roma, questa inchiesta sta rivelando connessioni inaspettate e potenzialmente compromettenti tra organizzazioni private, ex membri delle forze di polizia e committenti di alto profilo, inclusi enti ecclesiastici.
Secondo quanto riportato dal Corriere della Sera, uno dei temi più delicati emersi riguarda un presunto mandato da parte di enti della Chiesa, che avrebbe permesso a Equalize di svolgere attività di intelligence a loro favore.
Un altro elemento di particolare rilievo è rappresentato dalle intercettazioni risalenti al dicembre 2022, che rivelano conversazioni tra i membri di Equalize riguardo a possibili vantaggi economici derivanti dalle operazioni di spionaggio e dossieraggio su temi sensibili, come le relazioni tra Italia e Russia e i cyber-attacchi sul territorio nazionale.
Parallelamente, la Procura di Roma sta indagando su un gruppo denominato “Squadra Fiore” che risulterebbe coinvolto, composto da almeno cinque ex membri delle forze dell’ordine, che operavano da un appartamento a Roma.
Questo gruppo avrebbe avuto il compito di raccogliere illegalmente informazioni sensibili, agendo al di fuori delle normative vigenti e, secondo alcune ipotesi, anche su incarico di committenti esteri, aumentando le preoccupazioni su eventuali infiltrazioni straniere in reti italiane.
L’inchiesta in corso evidenzia ancora una volta la vulnerabilità del sistema informativo nazionale e l’intreccio pericoloso tra pubblico e privato nel mondo della sicurezza informatica nazionale italiana. Con decine di indagati e un’indagine che ha già coinvolto più di 800 mila dossier, le implicazioni di questo scandalo si estendono ben oltre le questioni meramente di cybersecurity, mettendo in discussione la trasparenza e la sicurezza stessa dei dati all’interno del Paese.
Da destra verso sinistra Gigi Carrai, Edilio Tarantino, Gianni Rossi e Marco Ravia, quattro storici annunciatori, presentandosi sulle note del valzerino “E con questa zinfonia” aprono la quinta puntata di “Cari amici vicini e lontani”, con Renzo Arbore, e in onda stasera mercoledì 30 ottobre alle 21.10 in prima visione su Rai Storia.
Gli attivisti brasiliani per i diritti umani accusano i più grandi social network di trascurare la sicurezza dei bambini. Il Consumer Collective Law Institute ha intentato causa contro Meta, TikTok e la piattaforma cinese di brevi video Kwai. L’importo totale delle richieste ammontava a tre miliardi di reais (circa 526 milioni di dollari).
I querelanti insistono sul fatto che le piattaforme social devono avvisare apertamente gli utenti su come la dipendenza dai social media influisce sulla salute mentale di bambini e adolescenti. Inoltre, le aziende dovranno rendere pubblici tutti i meccanismi che utilizzano per proteggere i dati personali dei giovani utenti.
Uno dei promotori della causa, l’avvocato Lilian Salgado, sottolinea la necessità di una revisione urgente degli algoritmi della piattaforma e delle regole per il trattamento dei dati degli utenti minori di 18 anni. Secondo Salgado è necessario garantire agli adolescenti brasiliani lo stesso livello di protezione sui social media che già ricevono i loro coetanei nei paesi sviluppati.
Questa non è la prima volta che Meta e TikTok si trovano ad affrontare affermazioni del genere. Alla fine del 2023, le autorità del New Mexico hanno intentato una causa simile contro Meta: secondo loro, Facebook e Instagram mostravano materiale esplicito ai minori. Successivamente è emerso un documento interno di Meta del 2021, secondo il quale oltre 100mila giovani utenti erano vittime di bullismo ogni giorno. Tuttavia, la direzione dell’azienda ha ignorato le proposte.
All’inizio di quest’anno, i procuratori generali di 14 stati degli Stati Uniti si sono uniti in un’azione legale collettiva contro TikTok. Hanno accusato la piattaforma di ingannare deliberatamente il pubblico riguardo alla sicurezza dei giovani. Vale la pena notare che questi procedimenti sono solo la punta dell’iceberg di una serie di azioni legali contro i social network su questioni relative alla protezione dei minori.
Meta ha recentemente lanciato un formato speciale di profili per gli adolescenti su Instagram: ora tutti gli utenti sotto i 16 anni sono tenuti a utilizzarli. Tali profili operano con un elevato livello di privacy e qualsiasi modifica alle impostazioni richiede il consenso dei genitori.Questa funzionalità non è ancora disponibile in Brasile, anche se l’azienda promette di introdurla presto.
In un commento ufficiale, Meta afferma che sta cercando di rendere le sue applicazioni il più sicure possibile per i giovani. In dieci anni di attività, l’azienda ha creato più di 50 diversi strumenti e funzioni progettati per proteggere gli adolescenti e aiutare i loro genitori. Tuttavia, gli attivisti per i diritti umani considerano queste misure insufficienti e richiedono un approccio più serio.
@Notizie dall'Italia e dal mondo Membra sparse per le strade, rifugi dati alle fiamme, centinaia di persone intrappolate negli ospedali: I palestinesi raccontano le scene apocalittiche dell'ultima campagna di Israele L'articolo Dentro l’assedio del nord di Gaza, dove “la morte aspetta
Changelog: 🦝 add link to manual and Matrix room in "App information" dialog; 🦝 add possibility to make following/followed list private in profile settings; 🦝 fix making post indexable in profile settings; 🦝 fix pagination for followed users, followed hashtags and hashtag feed; 🦝 fix profile settings loading after account switch; 🦝 optimization of startup and account switch flows; 🦝 add experimental support for embedded images in posts; 🦝 as usual, dependency updates and more unit tests.
Reach out to me for bug reports and remember to #livefasteattrash!
It probably comes as little surprise that our planet is practically buzzing with radio waves. Most of it is of our own making, with cell phones, microwaves, WiFi, and broadcasts up and down the spectrum whizzing around all the time. But our transmissions aren’t the only RF show in town, as the Earth itself is more than capable of generating radio signals of its own, signals which you can explore with a simple sferics receiver like this one.
If you’ve never heard of sferics and other natural radio phenomena, we have a primer to get you started. Briefly, sferics, short for “atmospherics,” are RF signals in the VLF range generated by the millions of lightning discharges that strike the Earth daily. Tuning into them is a pretty simple proposition, as [DX Explorer]’s receiver demonstrates. His circuit, which is based on a design by [K8TND], is just a single JFET surrounded by a few caps and resistors, plus a simple trap to filter out the strong AM broadcast signals in his area. The output of the RF amplifier goes directly into an audio amp, which could be anything you have handy — but you risk breaking [Elliot]’s heart if you don’t use his beloved LM386.
This is definitely a “nothing fancy” build, with the RF section built ugly style on a scrap of PCB and a simple telescopic whip used for an antenna. Tuning into the Earth’s radio signals does take some care, though. Getting far away from power lines is important, to limit AC interference. [DX Explorer] also found how he held the receiver was important; unless he was touching the ground plane of the receiver, the receiver started self-oscillating. But the pips, crackles, and pings came in loud and clear on his rig; check out the video below for the VLF action.
@Notizie dall'Italia e dal mondo La casa automobilistica tedesca Volkswagen ha annunciato un piano "lacrime e sangue", che include 15 mila licenziamenti, la chiusura di tre fabbriche e riduzioni salariali. I sindacati promettono battaglia L'articolo Volkswagen licenzia e chiude le fabbriche, Germania sotto shock proviene da Pagine
@Informatica (Italy e non Italy 😁) Conversazione di Start Magazine con il professor Marco Mayer, già direttore del master Intelligence & Security alla Link Campus e docente al Cybersecurity Master della Luiss.
@Informatica (Italy e non Italy 😁) Ecco metodi e obiettivi di Equalize, la società di proprietà di Enrico Pazzali al centro delle indagini giudiziarie per spionaggi e dossieraggi illegali. Estratto di un articolo di Claudio Antonelli per il quotidiano La Verità
Gazzetta del Cadavere
in reply to Cybersecurity & cyberwarfare • • •Cybersecurity & cyberwarfare
in reply to Gazzetta del Cadavere • •Gazzetta del Cadavere
in reply to Cybersecurity & cyberwarfare • • •Cybersecurity & cyberwarfare likes this.
Cybersecurity & cyberwarfare
in reply to Gazzetta del Cadavere • •Gazzetta del Cadavere
in reply to Cybersecurity & cyberwarfare • • •Cybersecurity & cyberwarfare likes this.
Cybersecurity & cyberwarfare
in reply to Gazzetta del Cadavere • •Gazzetta del Cadavere
in reply to Cybersecurity & cyberwarfare • • •Cops lure pedophiles with AI pics of teen girl. Ethical triumph or new disaster?
Ars TechnicaCybersecurity & cyberwarfare likes this.
Cybersecurity & cyberwarfare reshared this.
Cybersecurity & cyberwarfare
in reply to Gazzetta del Cadavere • •