In a marvelous college lecture in front of a class of engineering students, V. Hunter Adams professed his love for embedded engineering, but he might as well have been singing the songs of our people – the hackers. If you occasionally feel the need to explain to people why you do what you do, at fancy cocktail parties or something, this talk is great food for thought. It’s about as good a “Why We Hack” as I’ve ever seen.

Among the zingers, “projects are filter removers” stuck out. When you go through life, there are a lot of things that you kinda understand. Or maybe you’ve not even gotten around to thinking about whether you understand them or not, and just take them for granted. Life would all simply be too complicated if you took it all sufficiently seriously. Birdsong, Bluetooth, the sun in the sky, the friction of your car’s tire on various surfaces. These are all incredibly deep subjects, when you start to peel back the layers.

And Hunter’s point is that if you are working on a project that involves USB, your success or failure depends on understanding USB. There’s no room for filters here – the illusion that it “just works” often comes crashing down until you learn enough to make it work. Some of his students are doing projects cooperatively with the ornithology department, classifying and creating birdsong. Did you know that birds do this elaborate frequency modulation thing when they sing? Once you hear it, you know, and you hear it ever more.

So we agree with Hunter. Dive into a project because you want to get the project done, sure, but pick the project because it’s a corner of the world that you’d like to shine light into, to remove the filters of “I think I basically understand that”. When you get it working, you’ll know that you really do. Hacking your way to enlightenment? We’ve heard crazier things.

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

hackaday.com/2025/05/31/pullin…

It would be hard to find any electronics still in production which use CRT displays, but for some inscrutable reason it’s easy to find cheap 4-inch CRTs on AliExpress. Not that we’re complaining, of course. Especially when they get picked up for projects like this Retro CRT Weather Display from [Conrad Farnsworth], which recreates the interface of The Weather Channel’s WeatherStar 4000+ in a suitably 90s-styled format.

The CRT itself takes up most of the space in the enclosure, with the control electronics situated in the base behind the display driver. A Raspberry Pi Zero W provides the necessary processing power, and connects to the CRT through its composite video output.

A custom PCB plugs into the GPIO header on the Raspberry Pi and provides some additional features, such as a rotary encoder for volume and brightness display, a control button, a serial UART interface, and a speaker driver. The design still has one or two caveats: it’s designed to powered by USB, but [Conrad] notes that it draws more current than USB 2.0 can provide, though USB-C should be able to keep up.

On the software side, a Python program displays a cycle of three slides: local weather, regional weather, and a radar display. For the local and regional weather display graphics, [Conrad] created a static background image containing most of the graphics, and the program only generated the dynamic components. For the radar display, the regional map’s outlines come from Natural Earth, and a Python program overlays radar data on them.

We’ve seen other attempts at recreating the unique style of the WeatherStar system, but nothing quite beats the real thing.

youtube.com/embed/hUSNxKH7OT0?…

hackaday.com/2025/05/31/a-crt-…

La divisione russa del colosso tecnologico americano Microsoft si prepara alla bancarotta. La società “Microsoft Rus” ha notificato ufficialmente la sua intenzione di presentare una domanda corrispondente alla Corte arbitrale di Mosca tramite il portale “Fedresurs”.

La decisione di fallimento è stata la conclusione logica di un lungo periodo di controversie legali iniziato dopo l’uscita di Microsoft dal mercato russo nel marzo 2022. La società americana è stata tra le prime grandi aziende tecnologiche ad annunciare la cessazione delle operazioni in Russia a causa delle sanzioni internazionali.

Nei primi cinque mesi del 2025, le aziende russe hanno intentato quattro cause legali contro Microsoft Rus per un totale di circa 110 milioni di rubli. Si tratta di un aumento significativo rispetto agli anni precedenti: nel 2024 l’importo delle richieste era di soli 26,6 milioni di rubli, mentre nel 2023 ha raggiunto i 170 milioni.

Tra le aziende che chiedevano risarcimenti c’erano le più grandi società e banche russe. VTB, MegaFon, Gazprombank, Lenta, Severstal e Uralkali chiedono il rimborso delle somme spese per servizi che Microsoft non è più in grado di fornire. Le principali lamentele riguardano la fine improvvisa dei rinnovi degli abbonamenti aziendali a Microsoft 365, che comprende applicazioni per ufficio, servizi cloud e posta elettronica aziendale.

Ci sono già le prime decisioni giudiziarie: a febbraio, il tribunale ha ordinato a Microsoft Rus di pagare alla catena di vendita al dettaglio Lenta 16 milioni di rubli. I casi rimanenti sono in sospeso, ma le prospettive per la società americana appaiono cupe.

Microsoft ha definitivamente chiuso le sue attività in Russia, chiudendo filiali in 13 città, tra cui Mosca, San Pietroburgo, Ekaterinburg e Novosibirsk, a dicembre 2024 e gennaio 2025. L’azienda ha anche interrotto il supporto per i servizi cloud e per Skype Messenger, lasciando le organizzazioni russe senza supporto tecnico e aggiornamenti di sicurezza.

La situazione di Microsoft rientra in un processo più ampio di abbandono della Russia da parte delle aziende tecnologiche occidentali. Gli esperti hanno registrato un massiccio deflusso di aziende russe dalle e-mail aziendali di Google e Microsoft: nel corso di un anno, l’abbandono da Gmail è stato del 26% e da Outlook del 40%. Ciò ha creato serie sfide per le aziende russe, che sono state costrette a cercare alternative alle soluzioni tradizionali.

Il fallimento di Microsoft Rus potrebbe creare un precedente per altre aziende informatiche occidentali che hanno annunciato la loro partenza, lasciando però entità giuridiche in Russia con obblighi inadempiuti. La struttura Microsoft in Russia comprende altre tre società: Microsoft Development Center Rus, Microsoft Mobile Rus e Microsoft Payments Rus. Non è ancora noto se siano in programma iniziative simili.

Per gli utenti russi, la bancarotta significherebbe la fine definitiva di qualsiasi supporto per i prodotti Microsoft. Le aziende che utilizzano ancora software con licenza di uno sviluppatore americano saranno costrette a passare alle controparti russe o a cercare altre soluzioni. Il governo sta promuovendo attivamente la sostituzione delle importazioni nel settore IT, ma il processo di transizione verso piattaforme nazionali richiede tempo e risorse ingenti.

L'articolo Fallisce Microsoft in Russia: addio ufficiale dopo sanzioni e cause milionarie proviene da il blog della sicurezza informatica.

A treadmill-style bed can be a great addition to a 3D printer. It allows prints to be shifted out of the build volume as printing continues, greatly increasing the size and flexibility of what you can print. But [Ivan Miranda] and [Jón Schone] had a question. Instead of making a treadmill to suit a 3D printer, what if you just built a 3D printer on top of a full-size treadmill?

The duo sourced a piece of real gym equipment for this build. They then set about building a large-scale 3D printer on top of this platform. The linear rails were first mounted on to the treadmill’s frame, followed by a gantry for the print head itself and mounts for the necessary stepper motors. The printer also gained a custom extra-large extruder to ensure a satisfactory print speed that was suitable for the scale of the machine. From there, it was largely a case of fitting modules and running cables to complete the printer.

Soon enough, the machine was printing hot plastic on the treadmill surface, thereby greatly expanding the usable print volume. It’s a little tricky to wrap your head around at first, but when you see it in action, it’s easy to see the utility of a build like this, particularly at large scale. [Ivan] demonstrated this by printing a massive girder over two meters long.

We started seeing attempts at building a belt-equipped “infinite build volume” printer back in 2017, and it took awhile before the concept matured enough to be practical. Even today, they remain fairly uncommon.

youtube.com/embed/0rWxUpknTG0?…

hackaday.com/2025/05/31/making…

Se c’è un nome che nel 2025 continua a campeggiare con crescente insistenza nei report di incident response, nei feed di threat intelligence e nei blog degli analisti di cybersicurezza, è quello del gruppo Akira. Questo collettivo criminale, nato apparentemente dal nulla nel 2023, ha saputo in poco più di un anno scalare la gerarchia del ransomware-as-a-service (RaaS), costruendo un’infrastruttura solida, sofisticata e altamente redditizia.

Secondo quanto emerso dall’ultima intelligence card pubblicata da Recorded Future, Akira non è solo uno dei tanti nomi della galassia ransomware: è oggi uno degli attori più attivi, persistenti e pericolosi in circolazione. E dietro al nome – che evoca anime e distopie futuristiche – si cela una realtà ben più concreta: attacchi su larga scala, vittime illustri, una capacità adattiva degna di un APT e, soprattutto, una strategia operativa letale.

Crescita esponenziale e allarmi nella threat landscape globale

Partiamo dai numeri, perché i numeri non mentono: negli ultimi 30 giorni sono stati registrati 4.506 riferimenti a cyber attacchi correlati al gruppo Akira. Un balzo del +151% rispetto al mese precedente.

Questi dati non solo testimoniano una crescita allarmante, ma raccontano una tendenza: Akira sta diventando il nuovo volto dell’estorsione digitale, sfruttando strumenti moderni e metodologie raffinate, spesso in sinergia con partner affiliati nel dark web.

Un’eredità tossica: da Conti a Akira

Le analisi condotte su larga scala rivelano che il gruppo Akira presenta forti similitudini a livello di codice con il defunto gruppo Conti, noto collettivo filo-russo smantellato nel 2022 dopo una massiccia fuga di dati interni. Gli sviluppatori di Akira, identificati anche con l’alias Storm-1567, sembrano aver ripreso parte del codice sorgente di Conti, adattandolo a nuove esigenze e, soprattutto, integrandolo in una catena di attacco compatibile sia con Windows che con ambienti Linux/ESXi.

La prima variante Windows è stata individuata nel marzo 2023, seguita da una versione per sistemi Linux nel luglio dello stesso anno, con target espliciti verso server VMware ESXi, tipici degli ambienti aziendali virtualizzati.

Akira Attack Chain: l’autopsia di un attacco perfetto

Ogni attacco Akira si articola in una sequenza operativa meticolosa, ben rappresentata nello schema seguente tratto dall’analisi Recorded Future:

1. Phishing email: l’entry point più classico, ma ancora straordinariamente efficace. Vengono utilizzate tecniche di social engineering avanzate, spesso mascherate da messaggi legittimi (ordini, fatture, documenti HR).
2. Commandline scripting: una volta ottenuto l’accesso, vengono eseguiti script tramite PowerShell o cmd per iniziare la fase di dropper.
3. Registry manipulation: modifiche mirate al registro di sistema per garantire persistenza e disabilitare componenti di sicurezza.
4. Disabling defenses: vengono disattivati antivirus, EDR e tool di monitoraggio. Akira non vuole resistenza.
5. Credential harvesting: dump di LSASS, uso di Mimikatz e brute force, anche offline.
6. Network scanning: strumenti come Advanced IP Scanner e Sharphound mappano la rete e i gruppi di sicurezza.
7. Lateral movement: sfruttamento di credenziali e strumenti di remote desktop come AnyDesk, RustDesk o tunnel via Cloudflare.
8. Data collection: raccolta massiva di file sensibili, documenti legali, database, mail e file di backup.
9. Exfiltration: esfiltrazione dei dati verso server controllati o via canali cifrati (SFTP, FTP, proxy).
10. Ransomware deployment: cifratura finale con algoritmo personalizzato, estensione “.akira”, e rilascio del file di riscatto.

Le tecniche MITRE ATT&CK utilizzate da Akira

La completezza tecnica dell’approccio di Akira è impressionante, come evidenziato nella mappa MITRE ATT&CK fornita da Recorded Future:

Tra i punti salienti:

• T1078 – Valid Accounts: uso di account compromessi.
• T1133 – External Remote Services: sfruttamento di RDP, VPN non sicure e VNC.
• T1190 – Exploit Public-Facing Application: uso di exploit noti come CVE-2021-21972 e CVE-2023-27532.
• T1566 – Spearphishing: sia tramite allegati che link.
• T1059.003 – Windows Command Shell: scripting malevolo.
• T1547.009 – Shortcut Modification: alterazione dei collegamenti di avvio.
• T1003.001 – LSASS Memory Dump: estrazione delle credenziali.
• T1041 – Exfiltration Over C2 Channel: esfiltrazione in tempo reale.

Vittime illustri, settori bersaglio, impatti devastanti

Tra le vittime documentate troviamo aziende del calibro di Nissan Motor, Panasonic, Hitachi Vantara, ma anche istituti scolastici come l’Edmonds School District e società nel settore legale e bancario. Nessuno è immune. Dalla PMI al colosso internazionale, l’unico denominatore comune è la vulnerabilità.

Akira dimostra di non discriminare per geografia o dimensioni, ma solo per potenziale di ricatto: più dati sensibili ha, più alto sarà il riscatto.

Considerazioni finali: il ransomware non è più un’eccezione, è un modello

L’operatività di Akira rappresenta la quintessenza del ransomware moderno: flessibile, modulare, basato su affiliate e infrastrutture dark web, capace di colpire con precisione chirurgica. Non si tratta più di un “evento malevolo” isolato, ma di una vera e propria industria criminale, con tanto di helpdesk, politiche di prezzo, SLAs di pagamento e persino “sconti” per chi collabora.

Cosa possiamo fare?

1. Abbandonare la reattività: il tempo della difesa passiva è finito. Serve threat hunting proattivo.
2. Investire nella formazione: le mail di phishing non si fermano da sole. Serve awareness.
3. Rafforzare gli endpoint: EDR, MFA, segmentazione e backup offline.
4. Fare intelligence: piattaforme come Recorded Future offrono visibilità e contesto, e dovrebbero far parte della routine operativa di ogni SOC.

In conclusione

Akira è il risultato di una perfetta alchimia criminale: codice solido, distribuzione capillare, obiettivi chiari. E come ogni virus ben costruito, si adatta, apprende, persiste.

L’unico antidoto? Essere un passo avanti. E per farlo, bisogna smettere di pensare come vittime e iniziare a ragionare come bersagli mobili consapevoli.

L'articolo Akira Ransomware Group: l’ascesa inarrestabile di un predatore digitale proviene da il blog della sicurezza informatica.

Un bug del software nel servizio VoLTE ha permesso di tracciare la posizione di decine di milioni di utenti della compagnia di telecomunicazioni britannica Virgin Media O2, tra cui i clienti di Giffgaff e Tesco Mobile, collegati alla stessa infrastruttura.

La vulnerabilità è passata inosservata finché non è stata scoperta dall’ingegnere Dan Williams, dopodiché le informazioni sono state trasmesse all’Information Security Office (ICO) del Regno Unito e all’ente regolatore delle comunicazioni Ofcom.

Il problema ha interessato tutti i dispositivi con le chiamate 4G abilitate. Chiunque disponga di una scheda SIM Virgin Media O2 potrebbe ottenere gli identificatori tecnici delle chiamate (prefissi e ID delle celle) e utilizzarli per determinare a quale stazione base era connesso l’abbonato chiamato. Nelle aree densamente popolate, dove le celle sono molto vicine, la precisione della geolocalizzazione potrebbe raggiungere fino a 100 metri quadrati.

Il ricercatore ha affermato di aver inviato una notifica all’operatore a marzo, ma di non aver ricevuto risposta fino a maggio, quando ha pubblicato un post sul blog. Ha espresso delusione per la risposta dell’azienda e ha sottolineato che la sua motivazione era la sicurezza, non il confronto con l’operatore.

Virgin Media O2 ha dichiarato di aver risolto rapidamente il problema dopo essere stata avvisata e che per intervenire era necessaria una formazione tecnica specialistica. Allo stesso tempo, l’operatore ha riconosciuto che la vulnerabilità potrebbe essere esistita fin dall’introduzione del software nel 2023, ma non ha indicato la durata esatta della sua validità.

L’azienda ha sottolineato che gli utenti non devono intraprendere alcuna azione e non è stata trovata alcuna prova che la vulnerabilità sia stata sfruttata al di fuori del blog tecnico dello specialista. I rappresentanti hanno aggiunto che non vi è stata alcuna compromissione della rete esterna e che tutte le informazioni sono disponibili solo all’interno dell’infrastruttura stessa.

Williams condusse un esperimento per dimostrare la portata della minaccia: con l’aiuto di un volontario, anche lui abbonato all’O2, riuscì a determinare la sua posizione approssimativa nel centro di Copenaghen. Ha affermato che disabilitare la funzione di chiamata 4G potrebbe eliminare il rischio, ma su alcuni dispositivi, tra cui l’iPhone, ciò non è possibile.

L’operatore Giffgaff, che utilizza anch’esso l’infrastruttura O2 di Virgin Media, ha rifiutato di rilasciare dichiarazioni. Tesco Mobile, i cui clienti potrebbero essere stati anch’essi colpiti, non ha fornito alcuna risposta alle domande.

L’Ofcom ha affermato che sta indagando sull’incidente e che sta chiedendo all’operatore spiegazioni sulle cause e le conseguenze del problema. L’ICO, da parte sua, ha dichiarato che, dopo aver valutato la situazione e le misure adottate, non intraprenderà ulteriori azioni.

L'articolo Scoperto un bug VoLTE: tracciati milioni di utenti O2, Giffgaff e Tesco Mobile proviene da il blog della sicurezza informatica.

The AI effects we know these days were once preceded by CGI, and those were once preceded by true hand-built physical props. If that makes you think of Muppets, this video will change your mind. In a behind-the-scenes look with [Adam Savage], effects designer [Mark Setrakian] reveals the full animatronic glory of Mr. Wink’s mechanical fist from Hellboy II: The Golden Army (2008) – and this beast still flexes.

Most of this arm was actually made in 2003, when 3D printing was very different than what we think of today. Printed on a Stratasys Titan – think: large refrigerator-sized machine, expensive as sin – the parts were then hand-textured with a Dremel for that war-scarred, brutalist feel. This wasn’t just basic animatronics for set dressing. This was a fully actuated prop with servo-driven finger joints, a retractable chain weapon, and bevel-geared mechanisms that scream mechanical craftsmanship.

Each finger is individually designed. The chain reel: powered by a DeWalt drill motor and custom bevel gear assembly. Every department: sculptors, CAD modelers, machinists, contributed to this hybrid of analog and digital magic. Props like this are becoming unicorns.

youtube.com/embed/qKMFdbspHZ4?…

hackaday.com/2025/05/30/17-yea…

White LED bulbs are commonplace in households by now, mostly due to their low power usage and high reliability. Crank up the light output enough and you do however get high temperatures and corresponding interesting failure modes. An example is the one demonstrated by the [electronupdate] channel on YouTube with a Philips MR16 LED spot that had developed a distinct purple light output.
The crumbling phosphor coating on top of the now exposed UV LEDs. (Credit: electronupdate, YouTube)
After popping off the front to expose the PCB with the LED packages, the fault seemed to be due to the phosphor on one of the four LEDs flaking off, exposing the individual UV LEDs underneath. Generally, white LEDs are just UV LEDs that have a phosphor coating on top that converts this UV into broad band visible (white) or a specific wavelength, so this failure mode makes perfect sense.

After putting the PCB under a microscope and having a look at the failed and the other LED packages the crumbled phosphor on not just the one package became obvious, as the remaining three showed clear cracks in the phosphor coating. Whether due to the heat in these high-intensity spot lamps or just age, clearly over time these white LED packages become just UV LEDs. Ideally you could dab on some fresh phosphor, but likely the fix is to replace these LED packages every few years until the power supply in the bulb gives up the ghost.

youtube.com/embed/JHW5jcas-js?…

Thanks to [ludek111] for the tip.

hackaday.com/2025/05/30/white-…

At the end of the day, a skateboard boils down to a plank of wood with some wheels. They are wonderfully simple and fun and cheap modes of transportation. But this is Hackaday, so we are not here to talk about any normal skateboard, but one you can download and print. [megalog_’s] Skateboard MK2 is made almost entirely of 3D printed plastic, save some nuts and bolts.

The board’s four piece deck comes in at a modest 55cm length and features a rather stylish hexagonal pattern for grip. While you could presumably bring your own trucks, 3D printable ones are provided as well. The pieces bolt together to create a fairly strong deck with the option to make a rather stylish two tone print if you have the printer for it. Where the pieces meet is also the location of the truck mounting, further increasing the board’s strength. The weakest point is where the tail meets the main deck, which if pressed down to wheelie or ollie, the print breaks apart at the layer lines.

While you might be able to bring your own trucks, all be it with some modification to the deck, [megalog] also provided models for those as well. Not only were the bushings made of flexible TPE filament, but the outer wheel tire is too. It’s a little strange to see a wheel tire combo on a skateboard, when they are traditionally over moulded plastic with enough tire that you would be forgiven for thinking there is no wheel. While some reported using the more traditional threaded rod, the trucks used a metal rod with shaft collars to attach the wheels.

This is a neatly executed skateboard build with a well thought out design. Let us know in the comments if you will (or have) made one yourself! While you’re at it, maybe cast your own resin wheels for it!

hackaday.com/2025/05/30/you-wo…

Il 9 febbraio avevo cancellato l'account Facebook, il sistema mi aveva detto che per 30 giorni sarebbe stato solo disattivato e che l'eliminazione vera e propria sarebbe avvenuta solo 30 giorni dopo.

Siamo al 30 maggio e il mio account è ancora lì.

Stasera sono nuovamente entrato e ho rifatto la procedura, al termine della quale il sistema mi ha ancora una volta confermato che la mia richiesta di cancellazione era stata ricevuta, che l'account era stato programmato per l'eliminazione ma che per 30 giorni sarebbe stato solo disattivato, casomai avessi cambiato idea.

Qualcuno di voi è riuscito a cancellarsi per davvero?

Nel frattempo ho scritto al Garante per la Privacy segnalando il problema e chiedendo come fare per poter vedere rispettato il mio diritto ad essere rimosso da quel social network.

Ho visto il primo episodio di Adolescence.

Non avrei mai dovuto farlo.

When it comes to LED matrixes, building one is just the first step. Then you have to decide what to display on it. [panjanek] came up with a relatively flexible answer to this question, building an RGB LED matrix that can display the GIFs of your choice.
The web interface accepts GIFs for display.
[panjanek] grabbed WS2812B addressable LEDs for this project, assembling them into a 32 x 32 matrix that fits perfectly inside an off-the-shelf Ikea picture frame. The matrix is hooked up to an ESP8266 microcontroller, which acts as the brains of the operation. The WiFi-enabled microcontroller hosts its own web interface, with which the project can be controlled. Upon opening the page, it’s possible to upload a GIF file that will be displayed as an animation on the matrix itself. It’s also possible to stream UDP packets of bitmap data to the device to send real-time animations over a network.

It’s a neat build, and one that answers any questions of what you might display on your LED matrix when you’re finished assembling it. Code is on Github if you fancy implementing the GIF features in your own work. We’ve featured some unexpected LED matrix builds of late, like this innovative device for the M.2 slot. Meanwhile, if you’re cooking up your own creative LED builds, don’t hesitate to let us know on the tipsline!

hackaday.com/2025/05/30/tidy-l…

Dear Friend of Press Freedom,

It’s now the 66th day that Rümeysa Öztürk is facing deportation by the United States government for writing an op-ed it didn’t like. More press freedom news below.

Risking free speech won’t protect kids

Federal agencies are transforming into the speech police under President Donald Trump. So why are some Democrats supporting the Kids Online Safety Act, a recently reintroduced bill that would authorize the MAGA-controlled Federal Trade Commission to enforce censorship?

As Freedom of the Press Foundation (FPF) senior advocacy adviser Caitlin Vogus wrote for The Boston Globe, there’s never an excuse for supporting censorship bills, but especially when the political loyalists at the FTC are sure to abuse any power they’re given to stifle news on disfavored topics. Read the op-ed here.

We’re ready to sue if Paramount executives sell out the press

We’ve written previously about how Trump’s frivolous complaint against Paramount Global over CBS News’ editing of an interview with Kamala Harris threatens the freedoms of other news outlets. Yesterday, Trump proved it by claiming his $20 billion damages demand is based on “mental anguish” due to the answer – which doesn’t even mention him. How’s that for a “snowflake”?

As we informed Paramount Global executives last week, we plan to file a shareholder derivative lawsuit if Paramount settles. We believe any settlement – let alone the eight figure range being discussed – would be an effort to launder bribe money through the courts and would damage Paramount irreparably.

Reports this week in the Los Angeles Times, The Wall Street Journal, and elsewhere have noted that executives fear derivative liability if they settle. They should. Read more here.

Phone companies keep journalist surveillance secret

A letter by Sen. Ron Wyden about surveillance of senators’ phone lines has an important lesson for journalists, too: Be careful in selecting your phone carrier.

Wyden wrote his Senate colleagues revealing which wireless carriers inform customers about government surveillance requests (Cape, Google Fi, and US Mobile), and which don’t (AT&T, Boost Mobile, Charter/Spectrum, Comcast/Xfinity Mobile, T-Mobile, and Verizon). Read more here.

Fallout from silencing Voice of America

As a reporter on the press freedom beat, Liam Scott chronicled abuses against journalists for Voice of America. But now, Scott himself is part of the story.

In March, Trump signed an executive order gutting the United States Agency for Global Media, which oversees VOA. Scott and his colleagues have been or are set to be terminated imminently, and the website hasn’t published a new story in months.

We spoke to Scott about his unique perspective on current threats to press freedom, as both a victim and a journalist covering them. We were joined by Jason Scott of Archive Team, who is working to preserve VOA’s content should it be taken offline. Read more and watch the webinar here.

Administration abuses secrecy rules

Lauren Harper, FPF’s Daniel Ellsberg chair on government secrecy, joined MeidasTouch Network’s Legal AF podcast, “Court of History,” to explain how the Trump administration is abusing secrecy to control the news narrative — and how an FPF Freedom of Information Act win revealed the truth.

Harper was joined by University of Maryland professor Jason Baron in a wide-ranging discussion with co-hosts Sidney Blumenthal and Sean Wilentz. Watch the video podcast here.

Federal police reforms repealed

The same week the Justice Department announced it was dropping federal oversight programs and investigations into more than two dozen police departments, including in Minneapolis, the city held a remembrance marking five years since the murder of George Floyd by a local police officer.

Police abuses of protestors and journalists during the demonstrations that followed Floyd’s murder led to the now-abandoned reforms, including consent decrees in Minneapolis and Louisville dealing with how police should interact with journalists covering protests and their aftermaths. The U.S. Press Freedom Tracker, a project of FPF, has more. Read the Tracker’s coverage here.

What we’re reading

Greene County policy barring staff from speaking to press ‘unconstitutional,’ experts say (The Daily Progress). Local government employees should be able to talk to the press. But in Greene County, Virginia, they can’t. We told The Daily Progress that the county policy is unconstitutional.

Journalist sues LA county, ex-LA county sheriff for criminally investigating her (The Dissenter). It’s good to see journalist Maya Lau stand up for journalists’ right to not be investigated and harassed for doing their jobs.

How to stand your ground, in three (not so easy) steps (American Crisis). Institutions shouldn’t cave to Trump’s threats. Thanks to Margaret Sullivan for citing our plans to sue if Paramount settles with Trump as an example on how to stand your ground.

FBI visits me over manifesto (Ken Klippenstein). Journalists’ sources and newsgathering are none of the FBI’s business. They don’t seriously think Klippenstein was some kind of conspirator — they just want to intimidate him and other journalists.

freedom.press/issues/risking-f…

As a reporter on the press freedom beat, Liam Scott chronicled abuses against journalists at home and abroad for Voice of America. But he was shocked when the experiences of those on the other side of the page became his own.

In March, President Donald Trump signed an executive order suddenly gutting the United States Agency for Global Media, which oversees VOA. Scott and hundreds of colleagues have been or are set to be terminated imminently, and the international news service’s website hasn’t published a new story in months.

To understand more about how Trump’s anti-press tactics threaten the independence of public-interest journalism and what comes next for press freedom in the U.S. and around the world, Freedom of the Press Foundation (FPF) hosted an online webinar May 23 with Scott and Archive Team Co-founder Jason Scott, who is working to preserve VOA’s content should it be taken offline.

youtube.com/embed/mPh-iQlQuMU?…

“After several years of covering press freedom issues, it still feels weird to be in the midst of a press freedom issue that is affecting me and my colleagues,” Liam Scott said. “There is actually a lot that is happening here that reminds me of what I’ve reported on in other countries.”

He also expressed significant concern for colleagues who are in the U.S. on visas. Without authorization to continue working here, they will be forced to return home to countries where austere rules about free speech can lead to jail time or worse, he cautioned.

“VOA has journalists now imprisoned in Myanmar, Vietnam, and Azerbaijan, and there are other journalists from Radio Free Europe and Radio Free Asia who are imprisoned in other countries around the world as well, just for doing their jobs,” Liam Scott said, referring to two other international news services long supported by the U.S. government. “So my immediate concern was if VOA and its sister outlets shut down, who is going to advocate for these reporters?”

Preserving VOA’s online content

While the fate of VOA’s employees hangs in the balance, so too does its website, a resource for readers who live in regions of censorship and can’t access this information anywhere else. Amid fears that the site and the reporting it hosts will vanish from the internet and leave behind thousands of stories, efforts are underway to preserve its contents.

Archive Team members, including Jason Scott, have created an “online footprint” of VOA’s website that contains over 400 gigabytes worth of stories. It’s paramount to ensure a replica of the site exists before its potential takedown, he said, because the work cannot be done retroactively.

“The conversation about whether or not to save something usually stops once it’s gone,” he added.

As a general rule of thumb, Jason Scott recommended that journalists keep multiple copies of their work in different locations, in the event they lose access to where their work is published.

Doing so is especially important in the current digital climate under the Trump administration, which has scrubbed countless federal webpages.

In that sense, said Jason Scott, it bears resemblance to a startup company.

“You move fast, you break things, you work it out later. If something can’t be explained to you in two seconds, get rid of it,” he added. This slash-and-burn approach, a Trump administration hallmark, can wreak havoc for preservation efforts because it evokes a digital “entropy” that can change data access on a dime, said Jason Scott.

While trawling internet data can be exhausting, so can reporting through censorship. Liam Scott, who has continued his work on the press freedom beat at outlets elsewhere, said it’s important “to not get fatigued” and to remember that threats and retaliation are often reactions to strong journalism, which underscores the need to protect the rights of those doing the work.

“Attacks on journalists are also attacks on the public,” he said. “Because when you’re attacking a journalist, you’re attacking the information that they’re trying to share with their audience — information that is so important for how we live our lives.”

Just as accountability is met with reprisal, archiving data is met with unpredictability. As the Archive Team compiles the work of countless VOA journalists who risked their lives to report the truth, Jason Scott said to remember that data preservation is an uphill battle. The power to decide what stays online often belongs to those with the most effective keys to the internet: powerful institutions like the government.

“Data is an incredible devil’s bargain,” he said. “Entropy is the house, and the house always wins.”

freedom.press/issues/silencing…