This week, Jonathan Bennett, Randal Schwartz, and Aaron Newcomb chat about Linux, the challenges with using system modules like the Raspberry Pi, challenges with funding development, and more!

youtube.com/embed/GCKJShpxa1I?…

Did you know you can watch the live recording of the show Right on our YouTube Channel? Have someone you’d like us to interview? Let us know, or contact the guest and have them contact us! Take a look at the schedule here.

play.libsyn.com/embed/episode/…

Direct Download in DRM-free MP3.

If you’d rather read along, here’s the transcript for this week’s episode.

Places to follow the FLOSS Weekly Podcast:

• Spotify
• RSS

hackaday.com/2024/11/20/floss-…

What if your 3D printer could fit in a box of filament but still rival the build plate size of heavyweights? Enter the Lemontron, a free and open source portable printer making waves in the maker community for its compact form factor and budget-friendly price. Watch [James]’ video on his build story here. Built around the Positron drive—a unique mechanism introduced by [Kralyn] in 2022—the Lemontron is the latest evolution of this innovative design. Although Kralyn mysteriously disappeared, their work inspired other projects like the Positron JourneyMaker and this Lemontron.

The Lemontron started as a unibody chassis mod for the JourneyMaker but grew into a complete redesign, cutting costs in half without sacrificing performance. By eliminating expensive CNC parts, it’s entirely made from off-the-shelf components, bringing the build cost to just $413. Compare that to $800 for the JourneyMaker and $699 for the Positron v3.2 kit.

Recent video updates show the Lemontron in action, printing impressively large and complex models. It tackled a marble run with 80-degree unsupported overhangs and a ‘comically large’ Benchy, proving its capability. Its compact design, paired with robust performance, is an exciting alternative for tinkerers seeking quality on a budget.

The Lemontron is in its final development stages, with frequent updates dropping on its YouTube channel. If you’re in the market for a more “traditional” mini-printer, check out this cool suitcase model from 2014.

youtube.com/embed/jw9OEQeSKPE?…

hackaday.com/2024/11/20/if-lif…

Yesterday, Prusa Research officially unveiled their next printer, the Core ONE. Going over the features and capabilities of this new machine, it’s clear that Prusa has kept a close eye on the rapidly changing desktop 3D printer market and designed a machine to better position themselves within a field of increasingly capable machines from other manufacturers.

While some saw the incremental upgrades of the i3 MK4 as being too conservative, the Core ONE ticks all the boxes of what today’s consumer is looking for — namely high-speed CoreXY movement with a fully enclosed chamber — while still offering the build quality, upgradability, and support that the company has built its reputation on. Put simply it’s one of the most exciting products they’ve introduced in a long time, and exactly the kind of machine that many Prusa fans have been waiting for.

Unfortunately, there’s one feature that’s ominously absent from the Core ONE announcement post. It’s easy to overlook, and indeed, most consumers probably won’t even know it’s missing. But for those of us who are concerned with such matters, it’s an unspoken confirmation that an era has finally come to an end.

With the Core ONE, Prusa Research is no longer in the business of making open source 3D printer hardware, but that doesn’t mean that the printer isn’t hackable. It’s complicated, so read on.

Death by a Thousand Cuts

To say that Prusa Research pivoting away from the open source hardware (OSHW) principles that guided the company, and indeed the 3D printing community, through its early years is a disappointment would be quite an understatement. It’s a crushing blow. One which critics will use to call into question the viability of building a sustainable business model around OSHW. But it’s also not hard to see how we got to this point.
Prusa XL
The first warning sign came back in 2021, with the announcement of the Prusa XL. With this new high-end printer, the company seemed uncharacteristically hesitant to open things up, which frankly wasn’t entirely unreasonable. The pricing of the XL put it closer into the professional market than a traditional hobbyist machine, and there were some new features like tool changing and a segmented heated bed that were unique enough that they’d want to keep the details under wraps until the machine at least got a foothold in the market. So if Prusa wanted to play this one a little closer to the chest, so be it.

But things took a concerning turn last year with the release of the i3 MK4. Although Prusa still called the printer open source in their marketing, the reality was a bit more complicated. While at least some of the printer’s technical information was made available, especially the elements that were inherited from the earlier i3 models, there were several rather large omissions.

Printable parts were available only as STLs, there were no design files released for the printer’s control board, and the Nextruder (which was introduced with the XL) remained all but completely proprietary. Many argued that the MK4 didn’t meet the standards that Prusa had set with their previous printers, and that continuing to call it open source was misleading.

If it wasn’t already obvious that Prusa’s commitment to open source was beginning to waiver, Josef’s post on the Prusa Blog made his position abundantly clear. Framed as a call for discussion, the post outlined his feelings on the open source community and what he perceived as the failures of common licenses such as the GPL. While he said that the company still intended to make their machines open, the writing was clearly on the wall.

A New Chapter for Prusa

To be clear, the Core ONE is of critical strategic importance to Prusa. The company needed a revamped machine to combat increased competition from Chinese printer manufacturers, and while it’s not being marketed as a replacement for the i3 MK4, it’s not hard to see the direction the market is moving in. The i3 is a workhorse, and won’t be going away anytime soon, but the chances that it will see a MK5 at this point seem exceptionally slim.
Prusa will give you STLs for the Nextruder, but that’s about it.
But the Core ONE also represents a mostly clean slate design, one that shares relatively little with the i3. This frees Prusa from any obligation, perceived or otherwise, to continue releasing the printer’s design files. Indeed, the term “open source” only appears once in the announcement post for the printer — and that’s when referring to the firmware and slicer code, which are.

Although we don’t have documentation or an assembly guide for the Core ONE or the MK4S->Core upgrade kits yet, it looks as if very little of Prusa’s remaining open source hardware has been brought forward.

Potentially the Core ONE is using some variation of the CC BY-SA 4.0 licensed MK52 magnetic heated bed, but beyond that, we already know that Prusa is still keeping the design files for major components such as the Nextruder and xBuddy 32-bit control board under wraps for the time being.

Not Open, But Hackable

So we know that Prusa isn’t advertising the Core ONE design as open source hardware, and that only limited technical data has been released for the few components and subsystems that it inherits from the XL and MK4S. But what does that actually mean for users like us?

That’s where things get a little tricky. While Prusa’s newer printers certainly do not meet the literal requirements of OSHW, they’re still remarkably transparent in a world of proprietary black boxes. We might not get the design files for the printed parts in these new machines, but you’ll get STLs that you can run off if you need a replacement. We can also be fairly sure that Prusa will continue their tradition of releasing wiring schematics for the Core ONE as they’ve done with essentially all of their previous printers, which is more than we can say for the vast majority of consumer products.

While the lack of design files for these new Prusa printers is unfortunate on a philosophical level, it’s hard to argue that they’re any less repairable, upgradable, or hackable than their predecessors. In fact, Prusa’s actually made at least one improvement in that department — announcing that breaking off the control board’s “Appendix” security device and installing a new firmware will no longer void the printer’s warranty.
An increasingly inaccurate message on the Prusa website.
We should also consider that even Prusa’s earlier printers have not always been as open as the company would perhaps like us to believe. Sure, for the Prusa Mini you could hop on GitHub and grab the KiCad files for its mainboard, and the design files for the i3 up until the MK3 are available as GPLv2 licensed OpenSCAD code. But the company has never actually released the complete Bill of Materials for their printers, and even after years of requests from the community, they have still yet to release the source code for their bootloader as they consider it a separate project from the main GPL-licensed firmware.

Prusa has always used a somewhat piecemeal method of releasing the source and design files for their products. But it’s worked for them up to this point. The bottom line is, makers and hackers will still have plenty to work with, even if things aren’t quite as open as we’d prefer.

Becoming Your Own Enemy

On a personal note, I find myself conflicted. I’d argue that the i3 MK3 is one of the best purchases I’ve ever made, and there’s no doubt in my mind that the “Prusa Experience” — support, reliability, upgradability — is worth spending the extra money on. I’m also confident that the Core ONE is precisely the kind of machine Prusa needed to remain competitive in today’s market.
Who’s copying who?
At the same time, there were issues that I was willing to overlook because the company was producing open source hardware. When a shipping date slipped, or a firmware update introduced a new issue, I let it slide because it was for the greater good. But now that they’re no longer calling their printers open source, I can’t help but feel some of that goodwill evaporating — and I’m probably not the only one having similar thoughts.

Ultimately, the part that bothers me the most about this change in Prusa’s approach is that it all seems predicated on a bogeyman that I’m not convinced actually exists. The company line is that releasing the source for their printers allows competitors to churn out cheap clones of their hardware — but where are they?

Let’s be honest, Bambu didn’t need to copy any of Prusa’s hardware to take their lunch money. You can only protect your edge in the market if you’re ahead of the game to begin with, and if anything, Prusa is currently playing catch-up to the rest of the industry that has moved on to faster designs. The only thing Prusa produces that their competitors are actually able to take advantage of is their slicer, but that’s another story entirely. (And of course, it is still open source, and widely forked.)

So will the Prusa Core ONE be a good printer? Almost certainly. Will I buy one? Very likely. But part of me will always be disappointed that the guy with the open source hardware logo tattoo took his ball and went home as soon as the game starting getting tough.

hackaday.com/2024/11/20/with-c…

After 22 years of development, FreeCAD has at long last reached the milestone of version 1.0. On this momentous occasion, it’s good to remember what a version 1.0 is supposed to mean, as also highlighted in the release blog post: FreeCAD is now considered stable and ready for ‘real work’. One of the most important changes here is that the topological naming problem (TNP) that has plagued FreeCAD since its inception has now finally been addressed using Realthunders’ mitigation algorithm, which puts it closer to parity here with other CAD packages. The other major change is that assemblies are now supported with the assembly workbench, which uses the Ondsel solver.

Other changes include an updated user interface and other features that should make using FreeCAD easier and closer in line with industry standards. In the run-up to the 1.0 release we already addressed the nightmare that is chamfering in FreeCAD, and the many overlapping-yet-uniquely-incomplete workbenches, much of which should be far less of a confabulated nightmare in this bright new 1.0 future.

Naturally, the big zero behind the major version number also means that there will still be plenty of issues to fix and bugs to hunt down, but it’s a promising point of progress in the development of this OSS CAD package.

hackaday.com/2024/11/20/freeca…

A marzo WhatsApp ha ottenuto un’importante vittoria in tribunale contro la società israeliana NSO Group, che ha sviluppato lo spyware Pegasus. Un tribunale federale degli Stati Uniti ha consentito il rilascio di tre documenti che rivelano nuovi fatti sul lavoro di Pegasus.

I documenti includono dichiarazioni dei dipendenti di NSO, documenti interni dell’azienda e corrispondenza WhatsApp ottenuta tramite richieste legali. Tra i nuovi dati c’è l’informazione che NSO ha disabilitato l’accesso a Pegasus a 10 clienti governativi a causa di irregolarità nell’uso del programma.

La causa WhatsApp è stata intentata nel 2019. La società ha accusato NSO di attacchi informatici contro giornalisti, difensori dei diritti umani e attivisti, che hanno violato la legge statunitense sulla sicurezza informatica e le normative WhatsApp. Un portavoce del servizio di messaggistica ha affermato che nuove prove confermano come Pegasus sia stato utilizzato per la sorveglianza.

I documenti del tribunale indicano che NSO ha sviluppato gli exploit “Eden” e “Heaven“, che consentivano di penetrare nei dispositivi tramite i messaggi WhatsApp. I clienti dovevano semplicemente specificare il numero di destinazione, dopodiché Pegasus avrebbe installato automaticamente lo spyware. Una licenza annuale per questo software costava fino a 6,8 milioni di dollari e il reddito dell’azienda derivante dal suo utilizzo nel 2019 ammontava ad almeno 31 milioni di dollari.

NSO ha precedentemente sostenuto di non essere coinvolta nelle attività dei suoi clienti, ma i documenti indicano il contrario. Uno dei dipendenti dell’azienda ha ammesso che la decisione di lanciare gli exploit è stata presa all’interno di NSO. Si è anche saputo che sono stati creati account e server WhatsApp falsi per effettuare gli attacchi. Dopo gli aggiornamenti di sicurezza nel 2018, il messenger ha bloccato gli exploit “Heaven” ed “Eden” e nel 2020 ha bloccato un altro strumento NSO “Erised”, che poteva infettare i dispositivi senza alcuna interazione da parte della vittima.

Gli atti hanno anche rivelato che Pegasus veniva utilizzato per spiare la principessa Haya di Dubai, un fatto precedentemente coperto da diverse importanti pubblicazioni. Allo stesso tempo, NSO ha disabilitato 10 client a causa dell’abuso di spyware.

WhatsApp è ora in attesa della decisione del tribunale per prendere una decisione definitiva a suo favore. Gli esperti sottolineano che i dati divulgati potrebbero essere utilizzati in altre cause legali contro NSO in vari paesi. Access Now ha osservato che gli sforzi di WhatsApp stanno già producendo risultati. Nonostante il rifiuto della NSO di fornire informazioni complete, anche i dati disponibili sono utili per rafforzare la posizione dei querelanti in casi simili in tutto il mondo.

Recentemente a Barcellona, ​​un avvocato ha intentato una causa contro i fondatori e uno dei leader del gruppo NSO, accusandoli di attacchi di spionaggio. Si tratta del primo precedente in cui sono state mosse accuse non solo contro l’azienda, ma anche contro specifici soggetti dietro le sue attività. La causa è stata intentata per conto di Andreu Van den Eynde, avvocato e professore specializzato in sicurezza informatica. Nel 2022 è diventato una delle vittime di una campagna di sorveglianza contro i catalani che sostengono l’indipendenza della regione.

L'articolo WhatsApp vs Pegasus: Le Verità prendono Luce! Eden, Heaven e Erised gli Exploit che fanno paura proviene da il blog della sicurezza informatica.

The impulse to boycott seems entirely the wrong instinct in the face of a fragmenting media landscape.

euractiv.com/section/digital/o…

Some lovely orange calthemite flowstone colored so by iron oxide from rusting steel reinforcing. Image via Wikipedia
At this point, we’ve learned about man-made byproducts and nature-made byproducts. But how about one that’s a little of both? I’m talking about calthemites, which are secondary deposits that form in those man-made caves such as parking garages, mines, and tunnels.

Calthemites grow both on and under these structures in forms that mimic natural cave speleothems like stalactites, stalagmites, flowstone, and so on. They are often the result of an hyperalkalinic solution of pH 9-14 seeping through a concrete structure to the point of coming into contact with the air on the underside. Here, carbon dioxide in the air facilitates the necessary reactions to secondarily deposit calcium carbonate.

These calcium carbonate deposits are usually white, but can be colored red, orange, or yellow thanks to iron oxide. If copper pipes are around, copper oxide can cause calthemites to be blue or green. As pretty as all that sounds, I didn’t find any evidence of these parking garage growths having been turned into jewelry. So there’s your million-dollar idea.

Calthemite Chemistry

The calthemite class also includes secondary deposits in man-made caves and tunnels where there is no concrete lining. Instead, the deposit is derived from limestone or dolomite or some other calcareous rock from which the thing was hollowed out.
A calthemite straw stalactite shows off its drip. Image via Wikipedia
Concrete stalactites and such are formed so due to their chemistry, which differs from those formed in limestone caves. They come as a result of calcium oxide in cement. If you’ll recall, concrete is a mixture of sand, aggregate, and cement. When water is added, calcium oxide in the cement reacts and forms calcium hydroxide. Under certain conditions, this can separate out into calcium and hydroxide ions.

The calcium hydroxide readily reacts with carbon dioxide to form calcium carbonate. This happens as soon as the concrete starts to set — the calcium carbonate takes over the mixture, using up all the carbon dioxide within. Atmospheric carbon dioxide continues to react just outside the surface. But it can’t penetrate very far, and so some free calcium hydroxide remains within the concrete.

Any external water source that’s able to seep into the micro cracks and air voids in the set concrete will carry that carbon hydroxide to the underside of the structure. When it hits the atmosphere, carbon dioxide will diffuse into the solution. Over time, the reaction deposits straw-shaped stalactites.

Of course, not all calthemites are flowstone or stalactites. Some times the flow rate is so fast that the water drips to the ground, where stalagmites can form. Of course, depending on the location, they can be trod upon and driven over and thus continually ground down into nothing noticeable.

A Growth Mindset

The growth rates of the various types of calthemites highly depends on the drip rate and supply of calthemite solution to the calcium carbonate deposition site. Growth also depends on the available carbon dioxide, as it dictates how much calcium carbonate can be created, and how quickly. Conversely, evaporation and ambient temperature appear to have little influence on growth rate.
The mighty calthemite straw stalactite can grow up to 2mm per day in favorable conditions. Image via Wikipedia
Calthemite stalactites, on average, grow much faster than natural cave speleothems — up to nearly 200 times as fast. There’s a calthemite straw out there that has been recorded over several consecutive days as growing 2 mm per day thanks to a drip rate of one every 11 minutes.

If the drip rate exceeds one drop per minute, a straw cannot form. Instead, the solution falls to the ground and the calcium carbonate is deposited as a stalagmite. On the other end, a drip rate greater than ~25-30 minutes, there’s a chance that the tip of the straw will calcify and become blocked. New calthemite straws can often grow next to dormant ones when the solution finds a path of lesser resistance.

Although both are composed of calcium carbonate, calthemite straw walls are quite a bit thinner than those of their natural cave speleological brethren. This is because the chemistry differs in creating the straws. On average, calthemite straws are 40% the mass per unit length of cave straws with equivalent diameter.

Beautiful Bones

This type of accidental semi-man-made ite has a kind of beauty I didn’t expect to find when I started writing this article. I’ll definitely be looking out for these formations the next time I’m in a parking garage, and I might even be tempted to break one off.

Unfortunately, not every byproduct can be beautiful. Some are just terrifying. Stay tuned!

hackaday.com/2024/11/20/boss-b…

Una ricerca del Capgemini Research Institute ha rilevato una schiacciante maggioranza (97%) delle organizzazioni che hanno segnalato incidenti di sicurezza correlati alla Gen AI nell’ultimo anno. Le organizzazioni devono fare i conti con una superficie di attacco ampliata a causa di rischi quali iniezione rapida, vulnerabilità nelle applicazioni integrate con l’IA, IA underground e uso improprio interno.

Inoltre, l’intero ciclo di vita delle soluzioni Gen AI, dalla raccolta dei dati aziendali e dalla personalizzazione del modello allo sviluppo e alla manutenzione, deve essere protetto.

Oltre la metà (52%) ha indicato perdite dirette e indirette di almeno 50 milioni di dollari derivanti da questi incidenti. Di conseguenza, quasi sei su dieci (62%) hanno affermato di aver bisogno di aumentare i propri budget per mitigare i rischi.

Capgemini ha affermato che i problemi di sicurezza sono stati causati dall’aumento della sofisticatezza degli attacchi da parte di una gamma più ampia di avversari, nonché dall’espansione della superficie di attacco informatico e dalle vulnerabilità riscontrate in tutti gli aspetti delle soluzioni di intelligenza artificiale generativa personalizzate.

Allo stesso tempo, l’uso improprio dell’IA generativa da parte dei dipendenti può aumentare significativamente il rischio di fuga di dati. Due organizzazioni su tre hanno affermato di essere preoccupate per l’avvelenamento dei dati e la possibile fuga di dati sensibili attraverso la raccolta di dati utilizzati per addestrare modelli di IA generativa.

L’intelligenza artificiale può introdurre rischi aggiuntivi tramite il materiale che produce, tra cui allucinazioni, generazione di contenuti distorti, dannosi o inappropriati. Inoltre il 43% degli intervistati ha affermato di aver subito perdite finanziarie tramite l’uso di deepfake.

Vantaggi della sicurezza

Non sono tutte cattive notizie. L’intelligenza artificiale viene utilizzata per analizzare rapidamente grandi quantità di dati, identificare modelli e prevedere potenziali violazioni, rafforzando la sicurezza nei dati aziendali, nelle applicazioni e nel cloud.

Oltre sei intervistati su dieci (64%) hanno segnalato una riduzione di almeno il 5% nei tempi di rilevamento e quasi il 40% ha affermato che i tempi di correzione sono diminuiti del 5% o più dopo aver implementato l’intelligenza artificiale nei propri centri operativi di sicurezza (SOC).

Tre su cinque (60%) delle organizzazioni intervistate hanno affermato che l’intelligenza artificiale è essenziale per una risposta efficace alle minacce, consentendo loro di implementare strategie di sicurezza proattive contro autori di minacce sempre più sofisticati.

Lo stesso numero prevede che l’intelligenza artificiale generativa rafforzerà potenzialmente le strategie di difesa proattiva a lungo termine attraverso un rilevamento più rapido delle minacce, con oltre la metà (58%) che ritiene inoltre che la tecnologia consentirà agli analisti della sicurezza informatica di concentrarsi maggiormente sulla strategia per combattere le minacce complesse.

Spada a doppio taglio

Marco Pereira, responsabile globale dei servizi di sicurezza informatica, cloud e infrastruttura di Capgemini, ha affermato che la ricerca suggerisce che l’intelligenza artificiale generativa si sta rivelando un’arma a doppio taglio per le aziende. “Sebbene introduca rischi senza precedenti, le organizzazioni si affidano sempre di più all’intelligenza artificiale per un rilevamento più rapido e accurato degli incidenti informatici”, ha affermato.

“L’intelligenza artificiale e l’intelligenza artificiale generativa forniscono ai team di sicurezza nuovi potenti strumenti per mitigare questi incidenti e trasformare le loro strategie di difesa”, ha aggiunto Pereira. “Per garantire che rappresentino un vantaggio netto di fronte all’evoluzione della sofisticatezza delle minacce, le organizzazioni devono mantenere e dare priorità al monitoraggio continuo del panorama della sicurezza, creare l’infrastruttura di gestione dei dati, i framework e le linee guida etiche necessarie per l’adozione dell’intelligenza artificiale e stabilire solidi programmi di formazione e sensibilizzazione dei dipendenti”.

L'articolo Generative AI: il 97% delle Aziende Colpite da Violazioni di Sicurezza. Ecco i Rischi e le Soluzioni proviene da il blog della sicurezza informatica.

La rielezione di Donald Trump potrebbe avere un impatto importante sulle capacità cibernetiche della NATO e sull’efficacia delle alleanze strategiche occidentali. Un indebolimento, alimentato da un possibile distacco degli USA, che segnerebbe un grave passo indietro nella lotta contro le sfide del futuro. Quali scenari

L'articolo Così la rielezione di Trump può cambiare gli equilibri cyber a livello mondiale proviene da Cyber Security 360.

L'incidente di sicurezza che ha coinvolto un fornitore di servizi utilizzato da Amazon per la gestione dei dati dei dipendenti mette in evidenza come la revisione dei fornitori e la loro corretta gestione sia cruciale, anche in relazione ai nuovi adempimenti normativi

L'articolo Data breach Amazon: cosa ci insegna sulla corretta gestione dei fornitori proviene da Cyber Security 360.

L'analisi della Cloud Security Alliance sui rischi e le problematiche del nuovo paradigma per l'hosting e la distribuzione di servizi su Internet. Con un sguardo al futuro prossimo venturo

L'articolo Cloud computing: vantaggi, minacce, sfide attuali e future proviene da Cyber Security 360.

L'ACN, nell'ultimo rapporto di ottobre 2024, fotografa un aumento dei cyber attacchi tale da aumentare il rischio di subire il furto di informazioni rilevanti, compreso il know-how delle nostre aziende. Ma la direttiva NIS2 e una corretta postura di cyber sicurezza permettono di mitigare i rischi. Ecco perché l'Italia deve cambiare marcia

L'articolo ACN: attacchi cyber sempre più sofisticati, ma l’Italia ha ancora poca capacità di difesa proviene da Cyber Security 360.

Una ricerca Axitea rileva come gli asset strategici su cui le imprese investono, sul fronte della sicurezza cyber e fisica, sono intelligenza artificiale, analisi dei dati e integrazione tra soluzioni digital e analogiche: ecco lo scenario

L'articolo AI, integrazione e analisi dati: le previsioni 2025 per la sicurezza aziendale proviene da Cyber Security 360.

È stata identificata una campagna di phishing su Facebook che prende di mira gli utenti che usano il password manager Bitwarden: mediante messaggi malevoli, le vittime vengono indotte a installare un’estensione di sicurezza del browser che ruba dati personali. Ecco come riconoscerla e difendersi

L'articolo Phishing su Facebook, utenti Bitwarden a rischio: attenti a questi messaggi proviene da Cyber Security 360.

L’implementazione dell’audit a seguito di un incidente cyber, come indicato nel D.lgs. 138/2024, rappresenta uno dei pilastri della conformità alla NIS 2. Audit richiesti anche nel corso del periodico monitoraggio da parte dell’organizzazione. Ecco le caratteristiche distintive di una corretta valutazione post-incidente

L'articolo Dalla reattività al controllo continuo: le tipologie di audit previsti dalla NIS 2 proviene da Cyber Security 360.

Gli attacchi cross-domain si estendono su più domini all’interno di un’architettura IT e, grazie all’utilizzo di strumenti di monitoraggio e gestione remota, lasciano impronte minime per renderne difficoltosa sia la rilevazione sia l’interruzione. Ecco i più pericolosi e i consigli per mitigarli

L'articolo Attacchi cross-domain: come superare le minacce furtive dell’eCrime e Nation-State proviene da Cyber Security 360.

Gli asset digitali si stanno sempre più integrando con il sistema finanziario tradizionale, portandoli a essere un bersaglio frequente dei criminali. Per questo, sempre più autorità di pubblica sicurezza si armano di blockchain intelligence. Ecco di cosa si tratta

L'articolo La blockchain analysis contro i crimini legati alle criptovalute proviene da Cyber Security 360.

Il web 2.0, consentendo partecipazione, interattività e condivisione, ha dato a ogni singolo utente la possibilità di diventare creatore di contenuti. Ma questa opportunità, insieme a tecniche di manipolazione psicologica, ha consentito lo sviluppo malevolo delle psyops. Ecco con quali impatti e scenari

L'articolo La nuova era delle psyops: come il web 2.0 ha trasformato la manipolazione digitale proviene da Cyber Security 360.

A questo punto amici della Rogue Records vi attendiamo al varco.

Eh sì perché continuare a dare luce a prodotti di così alto lignaggio senza sbagliare un colpo sembra impresa davvero titanica. Certo, conosciamo la vostra competenza e la vostra passione, ma perdio fatelo uscire un 7" un po' inferiore alla media.
iyezine.com/the-woggles-anyway…
@Musica Agorà

The Woggles - Anyway the Wind / Slippin'out 7"

The Woggles - Anyway the Wind / Slippin'out 7" - The Woggles - Anyway the Wind / Slippin'out 7" se tale occasione ci sarà non si tratta comunque di questa perché la recente infornata di singoli offertaci dall'etichetta di Tolosa è nuovamente di una q…

^{Il Santo (In Your Eyes ezine)}

If you wonder how Large Language Models (LLMs) work and aren’t afraid of getting a bit technical, don’t miss [Brendan Bycroft]’s LLM Visualization. It is an interactively-animated step-by-step walk-through of a GPT large language model complete with animated and interactive 3D block diagram of everything going on under the hood. Check it out!
nano-gpt has only around 85,000 parameters, but the operating principles are all the same as for larger models.
The demonstration walks through a simple task and shows every step. The task is this: using the nano-gpt model, take a sequence of six letters and put them into alphabetical order.

A GPT model is a highly complex prediction engine, so the whole process begins with tokenizing the input (breaking up words and assigning numerical values to the chunks) and ends with choosing an appropriate output from a list of probabilities. There are of course many more steps in between, and different ways to adjust the model’s behavior. All of these are made quite clear by [Brendan]’s process breakdown.

We’ve previously covered how LLMs work, explained without math which eschews gritty technical details in favor of focusing on functionality, but it’s also nice to see an approach like this one, which embraces the technical elements of exactly what is going on.

We’ve also seen a much higher-level peek at how a modern AI model like Anthropic’s Claude works when it processes requests, extracting human-understandable concepts that illustrate what’s going on under the hood.

hackaday.com/2024/11/20/an-ani…