È stato pubblicato ieri il consueto rapporto annuale della Polizia Postale e delle Comunicazioni relativo al 2024. Il documento evidenzia come l’istituzione abbia affrontato sfide sempre più complesse nel cyberspazio, rafforzando il suo ruolo di pilastro nella lotta contro i crimini informatici.

Il report offre una panoramica dettagliata delle attività svolte, mettendo in luce risultati significativi in molteplici ambiti, tra cui la protezione delle infrastrutture critiche, il contrasto alla criminalità digitale e la tutela dei minori online.

Un focus centrale del rapporto riguarda il contrasto alla pedopornografia online. Il Centro Nazionale per il Contrasto alla Pedopornografia Online (CNCPO) ha intensificato il monitoraggio della rete, inserendone 2.775 in una blacklist. Le operazioni investigative hanno portato all’arresto di 144 individui, segnando un aumento rispetto all’anno precedente. Questo risultato sottolinea l’efficacia di una strategia che combina tecnologie avanzate e cooperazione internazionale.

La tutela dei minori ha incluso anche campagne educative come “Una Vita da Social” e “Cuori Connessi,” che hanno raggiunto migliaia di giovani in tutta Italia. Queste iniziative, volte a promuovere un uso consapevole della rete, si sono affiancate a interventi diretti contro fenomeni quali sextortion, revenge porn e adescamento online. La crescente diffusione di queste minacce ha spinto la Polizia Postale a rafforzare i propri programmi di sensibilizzazione nelle scuole.

Parallelamente, il Centro Nazionale Anticrimine Informatico per la Protezione delle Infrastrutture Critiche (CNAIPIC) ha incrementato le attività di prevenzione contro attacchi ransomware e DDoS. In un contesto geopolitico instabile, gli attacchi sponsorizzati da stati o gruppi ideologici rappresentano una minaccia crescente. L’impegno della Polizia Postale è stato essenziale per garantire la sicurezza di eventi di rilievo come il Vertice G7 e il Giubileo della Speranza 2025.

Il Centro nazionale anticrimine informatico per la protezione delle infrastrutture critiche (Cnaipic) ha gestito circa 12.000 attacchi informatici e diramato 59.000 alert, concentrandosi su eventi critici come il Vertice G7 in Puglia. In un contesto caratterizzato da attacchi ransomware e DDoS, sono state identificate 180 persone coinvolte in attività cybercriminali, spesso legate a gruppi sponsorizzati da Stati.

Nel contrasto al cyberterrorismo, sono stati monitorati oltre 290.000 siti web e oscurati 2.364 per prevenire radicalizzazioni e minacce terroristiche.

Per quanto riguarda il contrasto al crimine finanziario online, l’analisi dei dati ha evidenziato un aumento costante di truffe nel tempo, che, nel quadro del generale rinnovamento della struttura organizzativa del Servizio Polizia Postale, ha portato all’istituzione di una Divisione operativa dedicata. I principali crimini riguardano il phishing, il vishing e lo smishing, frodi basate sul social engineering (come la BEC fraud) e truffe tramite investimenti online (falso trading). In crescita anche l’uso delle criptovalute, le cui transazioni sono più difficili da tracciare, richiedendo competenze specializzate.

Infine, il Commissariato di P.S. online, sito ufficiale della Polizia Postale e strumento di diretto contatto con i cittadini, ha ricevuto 3 milioni di visite e gestito oltre 82.000 segnalazioni e 23.000 richieste di assistenza. Attraverso iniziative come “Una vita da social” e “Cuori Connessi”, ha sensibilizzato studenti e cittadini sui rischi della rete, promuovendo comportamenti sicuri online con materiali informativi distribuiti in collaborazione con enti e aziende locali.

L'articolo Polizia Postale 2024: 144 Arrestati Per Pedopornografia e 2.300 siti oscurati per cyberterrorismo proviene da il blog della sicurezza informatica.

From the Institute of Computing Technology division of the Chinese Academy of Sciences and Peng Cheng Laboratory comes a high-performance and well-documented RISC-V core called XiangShan.

In the Git repository, you’ll find several branches including at least two stable branches: Yanqihu and Nanhu. The currently developed architecture, Kunminghu, is impressive, with a sophisticated instruction fetch unit, a reorder buffer, and a register renaming scheme.

The point of these types of circuits in a CPU is to allow multiple instructions to process at once. This also implies that instructions can be executed out of order. A cursory glance didn’t show any branch prediction logic, but that may be a limitation of the documentation. If there isn’t one, that would be an interesting thing to add in a fork if you are looking for a project.

On the computing side, the processor contains an integer block, a floating point unit, and a vector processor. Clearly, this isn’t a toy processor and has the capability to compete with serious modern CPUs.

There is a separate GitHub for documentation. It looks like they try to keep documentation in both Mandarin and English. You can also find some of the academic papers about the architecture there, too.

We love CPU design, and this is an interesting chance to contribute to an open CPU while there are still interesting things to do. If you need to start with something easier, plenty of small CPUs exist for educational purposes.

hackaday.com/2025/01/03/high-p…

The word “algorithm” can sometimes seem like a word designed to scare people away from math classes, much like the words “calculus”, “Fourier transform”, or “engineering exam”. But in reality it’s just a method for solving a specific problem, and we use them all the time whether or not we realize it. Taking a deep dive into some of the ways we solve problems, especially math problems, often leads to some surprising consequences as well like this set of algorithms for performing various calculations using nothing but a checkerboard.

This is actually a demonstration of a method called location arithmetic first described by [John Napier] in 1617. It breaks numbers into their binary equivalent and then uses those representations to perform multiplication, division, or to take the square root. Each operation is performed by sliding markers around the board to form certain shapes as required by the algorithms; with the shapes created the result can be viewed directly. This method solves a number of problems with other methods of performing math by hand, eliminating other methods like trial-and-error. The video’s creator [Wrath of Math] demonstrates all of these capabilities and the proper method of performing the algorithms in the video linked below as well.

While not a “hack” in the traditional sense, it’s important to be aware of algorithms like this as they can inform a lot of the way the world works on a fundamental level. Taking that knowledge into another arena like computer programming can often yield some interesting results. One famous example is the magic number found in the code for the video game Quake, but we’ve also seen algorithms like this used to create art as well.

youtube.com/embed/_Qe_0aj4eEM?…

hackaday.com/2025/01/03/math-o…

Although ham radio can be an engaging, rewarding hobby, it does have a certain reputation for being popular among those who would fit in well at gated Florida communities where the preferred mode of transportation is the golf cart. For radio manufacturers this can be a boon, as this group tends to have a lot of money and not demand many new features in their technology. But for those of us who skew a bit younger, there are a few radios with custom firmware available that can add a lot of extra capabilities.

The new firmware is developed by [NicSure] for the Tidradio TD-H3 and TD-H8 models and also includes a browser-based utility for flashing it to the radio without having to install any other utilities. Once installed, users of these handheld radios will get extras like an improved S-meter and detection and display of CTCSS tones for repeater usage. There’s also a programmer available that allows the radio’s memory channels to be programmed easily from a computer and a remote terminal of sorts that allows the radio to be operated from the computer.

One of the latest firmware upgrades also includes a feature called Ultra Graph which is a live display of the activity on a selected frequency viewable on a computer screen. With a radio like this and its upgraded firmware, a lot of the capabilities of radios that sell for hundreds of dollars more can be used on a much more inexpensive handheld. All of this is possible thanks to an on-board USB-C interface which is another feature surprisingly resisted by other manufacturers even just for charging the batteries.

youtube.com/embed/2QbwW1Sgy5o?…

hackaday.com/2025/01/03/custom…

All wiring is beautiful, except when it isn’t. But is there anything more lovely to behold than circuit sculpture? Once again, [Mohit Bhoite] has made this process look easy like Sunday morning. This time, he’s created a weather display in the form of a lander.

This lander runs on the Particle Photon 2, which connects over Wi-Fi and retrieves the weather forecast for the day, along with sunrise and sunset times and wind conditions. Everything is beautifully displayed on a vertically-oriented Adafruit 170×320 TFT screen.

There’s also a pulse-density microphone (PDM) breakout board and a buzzer, and the build is capped off with a red 0805 LED. We’re not sure what the feet are made of, but they sure make this lander cute (and accurate).

All the project logs are picture-rich, which is really the most we could ask for when trying to imitate this level of greatness. This is apparently an ongoing project, and we’re excited for the end result, although it looks fairly complete from here.

Do you want to bend it like Bhoite? Then be sure to check out his Hackaday Supercon talk on the subject.

hackaday.com/2025/01/03/landin…

There’s an old joke: What do you get someone who has everything? A place to put it. For hackers like [Christian], everything is a hoard of priceless electronic components. His solution is using small zipper bags, either regular plastic or anti-static. These attach using hook and loop fastener to plastic binder sheets which then live in a binder. Combined with some custom printed labels and a few other tricks, it makes for a nice system, as you can see in the video below.

Honestly, we’ve done something similar before, using a binder with little pockets, but the bag and custom labels beat our system. He even has QR codes on some of them to locate data sheets easily. Seems like a barcode for inventory management might have been good, too.

Some advice from us. If you are just starting out, this might seem like overkill. But if you start out doing something — this or something else — then ten years from now, you won’t have to be like us and think, “I’d get everything organized, but it is going to take months to work through what I already have…” That usually makes it a project you never really get started with. Develop good habits early!

Even if you don’t want to store your components this way, his binder hacks probably work for lots of other things, too. It isn’t as flashy as some systems we’ve seen, but it is very practical. If only you didn’t have to turn the pages in the binder yourself.

youtube.com/embed/N9kQCDN8lkk?…

hackaday.com/2025/01/03/organi…

Dear Friend of Press Freedom,

If you enjoy reading this newsletter, please support our work. Our impact in 2024 was made possible by supporters like you. If someone has forwarded you this newsletter, please subscribe here.

Democrats surrender on press freedom

Democrats spent election season fundraising by warning America that a second Trump term would kickstart America’s descent into fascism. It’d be logical to assume, then, that after Trump won, they’d do everything in their power to restrain his anti-democratic impulses. You’d think that even before he won, the mere prospect would spur some urgency to check his potential powers.

But they either didn’t really believe Trump posed the threats they campaigned on, or they don’t care. That’s evident because, despite Trump escalating his threats to retaliate against the media to unprecedented levels in the closing weeks of 2024, Senate leadership gave up on the PRESS Act — the bipartisan “shield” bill to protect journalist-source confidentiality.

There are no excuses for their failure. The bill passed the House unanimously and had bipartisan support in the Senate, which Democrats controlled. Sure, it didn’t help that Trump called on Republicans to kill the bill, or that Sen. Tom Cotton gave an irrational floor speech opposing it.

But those obstacles only arose because Senate Democrats waited 11 months to act, after the House passed the bill last January. And there were still opportunities in the closing days of the session, even if Sen. Schumer would’ve had to shorten senators’ holiday break. Bottom line, if leadership saw the bill as a higher priority, it would be the law of the land today.

The bill’s lead sponsors — Jamie Raskin and Kevin Kiley in the House and Ron Wyden and Mike Lee in the Senate — deserve credit for their diligent efforts. So do the newspapers that endorsed the bill, even though they should’ve done so sooner. But others — particularly those in leadership positions who could’ve done more — should be ashamed. If Trump follows through on his threats against the press they will share a significant portion of the blame.

Mohawk journalist speaks out about being arrested for reporting

Isaac White is a Mohawk journalist from the territory of Akwesasne in northern New York. He was arrested back in May for attempting to cover a demonstration in opposition to a land claim settlement.

White’s story about his arrest, which we published in December, discusses his shock at being arrested in violation of the Constitution his ancestors inspired and his suspicion that the charges against him and others were intended to silence critics of the settlement. These charges were dropped several months later, after Freedom of the Press Foundation (FPF) and other organizations wrote to local prosecutors.

If White’s suspicions are correct, those efforts failed. “While the thought of spending a year in county jail wasn’t appealing,” he writes, “there was no way I would bend to the state’s bullying.” Read White’s detailed and inspiring reflection on his ordeal here.

News outlets shouldn’t settle defensible cases

FPF Director of Advocacy Seth Stern argued in the Chicago Sun-Times that ABC could’ve defended Trump’s lawsuit alleging George Stephanopoulos defamed him by stating that he’d been found liable for rape, as opposed to sexual abuse. Instead, it settled for $15 million.

Stern would know — he helped defend the Sun-Times in a virtually identical case over 10 years ago. “Find me the person or company that’s eager to do business with alleged sexual assailants and abusers but draws the line at alleged rapists,” he writes, questioning whether Disney-owned ABC prioritized the interests of its nonmedia holdings over the First Amendment. You can read the op-ed here.

The 2025 journalist’s digital security checklist

In tumultuous times, we believe in being prepared, not scared. Sound digital security practice often involves forming and relying on good habits. Building these reflexes now will help keep journalists better protected against future threats.

This is why our digital security team distilled advice our trainers have shared with thousands of journalists over the years into actionable, concrete steps. Read more here.

What we’re reading

Federal lawsuit: Asheville journalists sue city, police over alleged illegal arrests (Asheville Citizen Times). Park curfews don’t mean police can evade scrutiny at night. The Asheville Blade had every right to cover a controversial Christmas night encampment sweep three years ago. Asheville officials must be held accountable for retaliating against journalists.

Indigenous journalism legacy ends in Akwesasne with Indian Time closing (Canadian Broadcasting Corporation). Sadly, Indigenous-owned news outlets face the same challenges as other local news outlets. Case in point, Indian Time, the newspaper White was reporting for when he was arrested, was recently forced to shutter. It covered Akwesasne, located at the U.S.-Canada border.

LA city officials use disappearing Google Chats. The city attorney is investigating (Los Angeles Times). When they’re not trying to sue or prosecute journalists for reporting on public records, Los Angeles officials use disappearing chats to avoid creating them in the first place. LA’s dismal track record on press freedom is a reminder for anyone who thinks it’s solely a Trump or Republican issue.

He leaked Trump’s tax returns. Will Biden protect him? (The Intercept). Charles Littlejohn didn’t leak tax evaders’ returns for personal gain, but because he saw no other path to accountability. We wrote last year that “even murder defendants are entitled to consideration of their motives at sentencing. Whistleblowers certainly should be as well.”

Meta’s WhatsApp wins ruling holding spyware maker NSO liable for hacking (The Washington Post). NSO Group, the maker of the notorious Pegasus spyware, cannot escape accountability in U.S. courts for its unlawful attacks on journalists and human rights activists in dozens of countries around the world.

Spyware is spreading — and it’s cheaper than ever (Columbia Journalism Review). Trevor Timm, FPF’s executive director, helped journalists Joel Simon and Ronan Farrow alongside Ela Stapley of the Committee to Protect Journalists come up with five tips for reporters worried about spyware attacks.

Check out our other newsletters

If you haven’t yet, subscribe to FPF’s other newsletters, including The Classifieds, our new newsletter on overclassification and more from Lauren Harper, our Daniel Ellsberg Chair on Government Secrecy.

freedom.press/issues/dems-fail…

After a bit too much eggnog, Elliot Williams and Al Williams got together to see what Hackaday had been up to over the holiday. Turns out, quite a bit. There was a lot to cover, but the big surprise was the “What’s that Sound” competition. Do you know who had the correct answer from the last show? No one! So they guys did the right thing and drew from all the entrants for a coveted Hackaday Podcast T-shirt.

Back to the hacks, you’ll hear about USB-C and the EU, what to do when the Kickstarter product you had your heart set on doesn’t deliver, and a very strange way to hack some power grids wirelessly.

If you are interested in physics cameras, modifying off-the-shelf gear, or a fresh approach to color 3D printing, they’ll talk about that, too. Finally, you can find out what Tom Nardi thought of Hackaday in the year past, and if your next ocean voyage will have to stop for a charge.

html5-player.libsyn.com/embed/…
Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

• iTunes
• Spotify
• Stitcher
• RSS
• YouTube
• Check out our Libsyn landing page

Download the MP3 full of optimism for 2025 resolutions.

Episode 302 Show Notes:

News:

• When The EU Speaks, Everyone Charges The Same Way

What’s that Sound?

• Congrats to [Henré Botha] for winning the dice roll. We’ll have to do whale sounds someday!
  
  • 52-hertz whale – Wikipedia

  
  

Interesting Hacks of the Week:

• Beam Me Up: Simple Free-Space Optical Communication
  
  • Gigabit Ethernet Through The Air
  • Hackaday Superconference 2017 – Michael Ossmann & Dominic Spill
  • Getting Started With GNU Radio

  
  

• Doomscroll Precisely, And Wirelessly
  
  • Classical VCR Head Jog Wheel

  
  

• 38C3: Taking Down The Power Grid Over Radio
• Ball Nut Modification Charts A Middle Course Between Building And Buying
  
  • Rolling Your Own Ball Screws
  • Improving Cheap Ball Screws
  • Mechanisms: Lead Screws And Ball Screws

  
  

• Taking “Movies” Of Light In Flight
  
  • Photoresistor-based Single Pixel Camera

  
  

• Full Color 3D Printing With PolyDye And Existing Inkjet Cartridges
  
  • Sprite_TM’s Magic Paintbrush

  
  

Quick Hacks:

• Elliot’s Picks
  
  • Protect Your Site With A DOOM Captcha
  • 2024 Brought Even More Customization To Boxes.py
  • VPlayer Puts Smart Display In Palm Of Your Hand

  
  

• Al’s Picks:
  
  • Wire Rope: Never Saddle A Dead Horse
  • Circuit Secrets: Exploring A $5 Emergency Light
  • Creating A Mechanical Qubit That Lasts Longer Than Other Qubits

  
  

Can’t-Miss Articles:

• 2024: As The Hardware World Turns
• Battery-Electric Ships: Coming Soon To A Harbor Near You?

hackaday.com/2025/01/03/hackad…

Despite initial interest in the 1990s and early 2000s, palmtop computers never really took off. Realistically most consumers were probably satisfied enough with smartphones as they became more widely available, but those of us who would prefer a real keyboard on our mobile devices are still feeling the pain. Today there are still a few commercial palmtop-like machines out there, but they aren’t exactly mainstream.

Which is why this 3D printed case for the Pixel 6 Pro from [TypingCat] is so interesting. It takes a relatively popular and capable contemporary phone, pairs it with a physical keyboard, and manages to create something that looks quite practical. Thanks to Termux, you can even get a fairly usable Linux environment going on the thing.

There aren’t too many components at play here, but still, we appreciate the fact that [TypingCat] provided links for not only the specific Bluetooth keyboard used, but the fasteners required to hold the three printed parts together. A link is also provided to the Termux-Desktops project, which allows you to get a Linux X11 desktop environment running on Android. It’s not the pocket Linux computer of our dreams, but it’s pretty close.

While the Pixel 6 Pro is a solid enough choice to base this project around, we’re interested in seeing if the community will come up with variants of this case to hold other similarly sized phones. It’s interesting to note that [TypingCat] has decided to use the “No Derivatives” variant of the Creative Commons license for the bottom half of the case. But since the top half is a remix of an existing Pixel 6 Pro case from [JoshCraft3D], it carries a more permissive license and must be distributed separately. Long story short, folks can create and distribute custom versions of the phone-side of this case, but the bottom needs to remain the same.

If you’ve got filament to burn extrude and would rather have a more pure Linux experience, we saw a printable Raspberry Pi Zero palmtop a couple months back that looked quite promising.

hackaday.com/2025/01/03/3d-pri…

Claroty’s TEAM82 has a report on a new malware strain, what they’re calling IOCONTROL. It’s a Linux malware strain aimed squarely at embedded devices. One of the first targets of this malware, surprisingly, is the Iraeli made Orpak gas station pumps. There’s a bit of history here, as IOCONTROL is believed to be used by CyberAv3ngers, a threat actor aligned with Iran. In 2023 a group aligned with Israel claimed to have compromised the majority of the gas stations in Iran. IOCONTROL seems to have been deployed as retribution.

There are a few particularly interesting aspects of this malware, and how TEAM82 went about analyzing it. The first is that they used unicorn to emulate the obscure ARM platform in question. This was quite an adventure, as they were running the malicious binary without the normal Linux OS under it, and had to re-implement system calls to make execution work. The actual configuration data was encrypted as the data section of the executable, presumably to avoid simple string matching detection and analysis.

Then to communicate with the upstream command and control infrastructure, the binary first used DNS-Over-HTTPS to resolve DNS addresses, and then used the MQTT message protocol for actual communications. Once in place, it has the normal suite of capabilities, like code execution, cleanup, lateral scanning, etc. An interesting speculation is that the level of control this malware had over these gas pumps, it was in a position to steal credit card information. This malware family isn’t limited to gas pumps, either, as it’s been spotted in IoT and SCADA devices from a whole host of vendors.

Bit-unlocker

We have another attack against TPM backed Bitlocker full disk encryption. The idea here is that by default Bitlocker uses an encryption key provided by the system’s Trusted Platform Module (TPM). Unless the user intentionally turns on Bitlocker PIN, this key from the TPM is the only credential needed to decrypt the drive, and is automatically provided at boot time. We’ve covered one attack against Bitlocker, where the key is sniffed while it’s being transferred from the external TPM. The conclusion as of that coverage was that a firmware TPM saves you from this attack, since there’s no accessible bus to sniff data from.

Well. There’s another approach, as you might have guessed. Modern memory requires constant refreshing to not lose its value, but that doesn’t mean that it’s entirely lost immediately. That’s what [Jack Crouse] discovered, and put to work here. Using the reset pins on a motherboard, the system is reset and booted off a flash drive. That drive contains a very minimal EFI application that just reads system memory and dumps it to the flash drive. Because the memory is mostly intact, if you reset the machine at the right point during boot, the memory dump includes the disk encryption key, allowing for easy drive decryption. If nothing else, this should be your queue to add a PIN to your Bitlocker setup. This was also a talk given at 38c3, which is now available!

Stars for Sale

GitHub stars are a useful way to determine the popularity of a project, and by extension how trustworthy that project is. At least, that’s the idea. Like any measure of popularity and trustworthiness, the GitHub Stars system has been gamed. Given how easy it is to create a GitHub account, and that giving out stars is a free action, it’s not surprising. The research suggested that between 3 and 4.5 million stars were fake, and GitHub has been quite responsive at removing the accounts and stars that are very likely to be inauthentic.

The Downside to a Connected Car

In a tale that gets worse the more you think about it, it’s revealed that 800,000 Volkswagen electric vehicles were leaking their precise information history via an unsecured Amazon storage instance. This wasn’t explicitly referred to as an S3 bucket, but we’ll use the “bucket” term for ease of discussion. This was discovered via an unnamed whistleblower, so it’s unclear whether the bucket name was accidentally made public. Regardless, it was accessible without any authentication. The broader question is why VW needs to keep these records on their drivers. It’s the downside to an always connected car.

How’s the Passkey Doing?

[Dan Goodin] is no stranger to the pages of this column, and he has thoughts about Passkeys. This isn’t a vulnerability — the FIDO2 specification hasn’t been broken in some new and clever way. Passkeys are still a good, secure way to use a trusted device as an authentication source. The problem is, they’re sort of a pain to use. Say you’re using Google Chrome on an Apple device. A site prompts you to create a passkey. Is that passkey managed by Apple, or Google? The answer is, by Apple, unless you explicitly ask Chrome to manage it. And then, Chrome on Mac isn’t allowed to sync Passkeys to Chrome on an iPhone.

And those are essentially the two problems with Passkeys: Every vendor wants users to use their platform to store passkeys, and once stored it’s devilishly difficult to manage and move passkeys to another device/platform. The silver lining is that many password managers can act as a Passkey store, and handle syncing between devices. But then again, there’s not much difference between passwords and passkeys, when you use a password manager to handle them.

Double-Click-Jack

And in related news, there’s a new approach to harvesting unintended clicks. Clickjacking is what happens when a site loads an advertisement at the top of the page, just as you’re trying to click on something, and your click gets hijacked to something else. Browsers have added protections to make truly malicious clickjacking harder to pull off. But Doubleclickjacking neatly sidesteps all of them. It’s simple: Launch another tab that claims to be a captcha, asking the user to double-click to prove they are human. Close the tab after a single click, and the second click goes to a different window. It’s clever and devious, and one more thing to watch out for.

youtube.com/embed/4rGvRRMrD18?…

Bits and Bytes

The US Treasury has reported that it was breached, via the ironically named BeyondTrust remote support vendor. It’s reported that this was an APT affiliated with the Chinese government, though very few details are available.

The intersection of data scraping and AI writing has led to dangerously good targeted phishing emails. Part of the danger here is that so much of the legitimate emails that spam filters are trained on are also written by LLMs, and executives are so used to that style of message, phishing emails fit right in.

[Mateusz Jurczyk] has released part five of the Windows Registry deep dive over at Google Project Zero. This installment is all about how the data is actually encoded into the registry files, as well as how those files are loaded and verified. Good stuff.

hackaday.com/2025/01/03/this-w…

Flying a first-person view (FPV) remote controlled aircraft with goggles is an immersive experience that makes you feel as if you’re really sitting in the cockpit of the plane or quadcopter. Unfortunately, while your wearing the goggles, you’re also completely blind to the world around you. That’s why you’re supposed to have a spotter nearby to keep watch on the local meatspace while you’re looping through the air.

But what if you could have the best of both worlds? What if your goggles not only allowed you to see the video stream from your craft’s FPV camera, but you could also see the world around you. That’s precisely the idea behind mixed reality goggles such as Apple Vision Pro and Meta’s Quest, you just need to put all the pieces together. In a recent video [Hoarder Sam] shows you exactly how to pull it off, and we have to say, the results look quite compelling.

[Sam]’s approach relies on the fact that there’s already cheap analog FPV receivers out there that act as a standard USB video device, with the idea being that they let you use your laptop, smartphone, or tablet as a monitor. But as the Meta Quest 3 is running a fork of Android, these devices are conveniently supported out of the box. The only thing you need to do other than plug them into the headset is head over to the software repository for the goggles and download a video player app.
The FPV receiver can literally be taped to the Meta Quest
With the receiver plugged in and the application running, you’re presented with a virtual display of your FPV feed hovering in front of you that can be moved around and resized. The trick is to get the size and placement of this virtual display down to the point where it doesn’t take up your entire field of vision, allowing you to see the FPV view and the actual aircraft at the same time. Of course, you don’t want to make it too small, or else flying might become difficult.

[Sam] says he didn’t realize just how comfortable this setup would be until he started flying around with it. Obviously being able to see your immediate surroundings is helpful, as it makes it much easier to talk to others and make sure nobody wanders into the flight area. But he says it’s also really nice when bringing your bird in for a landing, as you’ve got multiple viewpoints to work with.

Perhaps the best part of this whole thing is that anyone with a Meta Quest can do this right now. Just buy the appropriate receiver, stick it to your goggles, and go flying. If any readers give this a shot, we’d love to hear how it goes for you in the comments.

youtube.com/embed/XOmeAAlSTWM?…

hackaday.com/2025/01/03/fpv-fl…