The intersection between “woodworkers” and “programmers” is not a densely populated part of the Venn diagram, but [Michael Schiebler] is there with his Kerf Bend Wizard to help us make wood twist and bend like magic.
Kerf bending is a fine technique we have covered before: by cutting away material on the inside face of a piece of wood, you create an area weak enough to allow for bending. The question becomes: how much wood do I remove? And where? That’s where Kerf Bend Wizard comes to the rescue.
More after the break…
From spline (user input in black, expected output in pink)… You feed it a spline– either manually or via DXF–and it feeds you a cut pattern that will satisfy that spline: just enough wood removed in just the right places that the edges of the cut should touch when the bend is achieved. This means less cut time and a stronger piece than eyeballing the kerfs. It works with both a table saw blade or a tapered end mill on a CNC or manual router. You can specify the kerf width of your table saw, or angle of your end mill, along with your desired cut depth. … to cuts … The output is DXF, convenient for use with a CNC, and a simple table giving distances from the edge of the piece and which side to cut, which is probably easier for use on the table saw. (Kerf Bend Wizard is happy to handle complex bends that require kerfing both sides of the material, as you can see.) … to curved wood. This was [Michael]’s thesis project, for which he hopefully got a good grade. The code is “semi-open” according to [Michael]; there’s a GitHub where you can grab an offline version for your own use, but no open-source license is on offer. Being a broke student and an artist to boot, [Michael] also can’t promise he will be able to keep the web version available without ads or some kind of monetization, so enjoy it while you can!
Our thanks (which, as always, is worth its weight in gold) to [Michael] for the tip. If you’re in the intersection of the Venn diagram with [Michael], we’d love to hear what you’re up to.
Il consiglio comunale di San Giovanni Rotondo ha approvato ieri la revoca della cittadinanza onoraria che era stata conferita a Benito Mussolini negli anni del regime fascista. Anche la città di Padre Pio ripudia Mussolini. Ringrazio il nostro compagno consigliere comunale Roberto Cappucci e il circolo di Rifondazione Comunista di San Giovanni Rotondo (Fg) per [...]
The Switch 2 Pro controller’s battery is technically removable, if you can get to it. (Credit: VK’s Channel, YouTube) For those of us who have worked on SNES and GameCube controllers, we know that these are pretty simple to get into and maintain. However, in the trend of making modern game controllers more complex and less maintainable, Nintendo’s new Switch 2 Pro controller is giving modern Xbox and PlayStation controllers a run for their money in terms of repair complexity. As shown in a teardown by [VK] on YouTube (starting at nine minutes in), the first step is a disappointing removal of the glued-on front plate. After that you are dealing with thin plastic, the typical flimsy ribbon cables and a lot of screws.
The main controller IC on the primary PCB is an ARM-based MediaTek MT3689BCA Bluetooth SoC, which is also used in the Switch 2’s Joy-Cons. The 3.87V, 1070 mAh Li-ion battery is connected to the PCB with a connector, but getting to it during a battery replacement might be a bit of a chore.
More after the break…
The analog sticks are Alps-branded and do not seem to match any other sticks currently on the market. These are (disappointingly) also still resistive potentiometer sticks, meaning they might have to be replaced before long due to stick drift. Reassembly has a few tricky parts, especially with the two sticks being not identical, yet easy to swap by accident. Which would require a second disassembly round.
There’s also a soft-touch coating on these controllers, which have been known to get… gunky after a few years, so time will tell what the lifespan is here. As is typical, these controllers also only work with the Switch and not with a PC or other consoles. Overall, it seems like a nice, silent controller, but the repairability seems low at best.
In una recente intervista pubblicata dal Corriere della Sera, il Capo di Stato Maggiore della Marina Militare, Amm. Sq. Enrico Credendino, ha dichiarato che “la Marina ha un progetto di budget, da qui al 2040, si pensa a una portaerei ad energia nucleare, ma anche a droni di ogni tipo e
Most of us spend our lives within reach of a device that provides a clock, stopwatch, and a timer – you’re almost certainly reading this article on such a device – but there are fewer options if you want a screen-free clock. [Michael Suguitan]’s TOKIDOKI rectifies this situation by combining those three functions into a single, physical, analog clock face.
More after the break…
TOKIDOKI displays time by lighting the appropriate segments of two concentric rings of colored LEDs (Adafruit Neopixel rings); the inner ring indicates hours, while the outer ring displays minutes. There is one clock hand, and while it does indicate the passage of time in some situations, its main function is as a dial to control the clock’s different functions. The hand is connected to a Dynamixel XL-330 servo motor, which also serves as a position sensor. Winding the dial clockwise starts a countdown timer, with each successive full rotation switching to a larger unit of time (a fun/unsettling feature is that the largest chronometric unit is the user’s expected lifetime: 84 years). Winding counterclockwise either starts a stopwatch or sets an alarm, depending on how many full rotations you make.
A Raspberry Pi Pico running some MicroPython firmware manages the device and gets the current time from a local network. To soften the light’s quality, the LED rings are pointed backwards to provide back-lighting off of a recessed surface. The entire device is powered by USB-C, and is enclosed in a 3D-printed housing.
This project was designed as an experiment in minimal interfaces, and it certainly achieved that goal, though we imagine that it takes a bit of time to get used to using this clock. We always enjoy seeing innovative clocks here, from digital to analogue, and those that split the difference.
La "Valutazione delle minacce legate alla criminalità organizzata su Internet" (#IOCTA) è l'analisi di #Europol sulle minacce e le tendenze in evoluzione nel panorama della criminalità informatica, con particolare attenzione a come è cambiato negli ultimi 12 mesi.
Nell'ultimo anno, la criminalità organizzata ha continuato a evolversi a un ritmo senza precedenti. La rapida adozione di nuove tecnologie e la continua espansione della nostra infrastruttura digitale hanno ulteriormente spostato le attività criminali verso il dominio online. Questo cambiamento ha fatto sì che l'infrastruttura digitale e i dati in essa contenuti siano diventati obiettivi primari, trasformando i dati in una risorsa chiave, fungendo sia da bersaglio che da facilitatore nel panorama delle minacce informatiche.
Il rapporto IOCTA del 2025 "Steal, deal and repeat: How cybercriminals trade and exploit your data" (Nota a piè di pagina, scaricabile [en] qui europol.europa.eu/cms/sites/de…) analizza in dettaglio come i criminali informatici commerciano e sfruttano l'accesso illegale ai dati e come mercificano questi beni e servizi.
I dati personali sono una risorsa centrale per il crimine informatico: vengono rubati, venduti e sfruttati per frodi, estorsioni, attacchi informatici e sfruttamento sessuale. I criminali usano vulnerabilità dei sistemi e tecniche di ingegneria sociale, potenziate da Intelligenza Artificiale generativa (GenAI) e modelli linguistici (LLM). Broker di accesso e dati vendono credenziali e accessi compromessi su piattaforme criminali, spesso tramite app di messaggistica cifrata (E2EE). I dati rubati sono venduti su forum del dark web, marketplace automatizzati (AVC), e canali E2EE. Le minacce emergenti consistono nell'uso di deepfake vocali, attacchi supply-chain tramite AI, e tecniche come il “slopsquatting” per sfruttare errori degli assistenti AI.
In particolare i criminali ricercano: Credenziali di accesso (RDP, VPN, cloud) Informazioni personali (PII), dati finanziari, social media Dati aziendali e governativi per spionaggio o estorsione Come vengono sfruttati i dati:
Come obiettivo: ransomware, furto di identità, frodi
Come mezzo: per profilare vittime, estorcere denaro o informazioni
Come merce: venduti su forum, marketplace, canali E2EE Come vengono acquisiti dati e accessi
Gruppi APT e minacce ibride: spesso sponsorizzati da stati
Criminali specializzati in frodi e CSE: usano i dati direttamente Dove avviene la compravendita
Dark web: forum, marketplace, canali E2EE
Servizi offerti: phishing-kit, infostealer, spoofing, proxy residenziali Cultura criminale: reputazione, badge, ruoli da moderatore
Raccomandazioni del Rapporto La condivisione eccessiva di dati online aumenta la vulnerabilità, soprattutto per i minori. L’uso di E2EE ostacola le indagini; servono regole armonizzate per la conservazione dei metadati. Abuso dell’AI: deepfake, fingerprint digitali falsi, attacchi supply-chain tramite suggerimenti errati degli assistenti AI. Disgregazione dell’intelligence: doxxing e hacktivismo complicano le indagini e la validazione delle prove.
Conclusioni Il rapporto sottolinea la necessità di:
Accesso legale ai canali E2EE ((End-to-End Encrypted)
Standard UE armonizzati per la conservazione dei metadati
Educazione digitale e consapevolezza dei rischi online
Collaborazione tra forze dell’ordine, aziende e cittadini
Nota: Europol, Steal, deal and repeat - How cybercriminals trade and exploit your data – Internet Organised Crime Threat Assessment, Ufficio delle pubblicazioni dell'Unione Europea, Lussemburgo, 2025.
L'articolo proviene da #StartMag e viene ricondiviso sulla comunità Lemmy @Informatica (Italy e non Italy 😁) Il New York Times ha visto crollare negli ultimi tre anni la sua quota di traffico proveniente dalla ricerca organica verso i siti desktop e mobile del giornale dal 44% al 36,5% registrato nell'aprile 2025: tutta colpa, dice il Wall Street
Per la prima volta dopo l’annuncio di tornare a sviluppare internamente Android Google non pubblica i "device tree" per i dispositivi Pixel, i nuovi driver binari e la cronologia completa delle modifiche del kernel. Lavorare alle custom ROM diventa incredibilmente difficile.
Mi chiedo, ma se il kernel Linux, invece di una vecchia licenza GPL2, corredata pure di eccezioni per poter caricare moduli non liberi, avesse avuto una licenza GPL3 da quando quella esiste... queste sozzerie sarebbero state altrettanto facili?
speriamo uniscano un po tutti le forze per passare definitamente ad un linux phone veramente open (sullo stile di mobian, PMOS o ubuntu touch x intenderci)
Spero solo come ho già detto altrove che tutti uniscano le forze e nasca una vera alternativa competitiva hardware/software inutile avere progetti come #murena #graphene #lineageos #microg che devono tutti fare i conti con le limitazioni come il #playintegrtyapi #playservice ... Mi ricorda un po la situazione che si stava creando con i drm su linux. Ci vuole una mossa della comunità europea e delle big dell' #opensource non tanto per chiedere a google che può fare quello che vuole, più che altro per lo store, ci vuole uno storie alternativo libero, in modo da avere versioni di app che non hanno bisogno del integrità o che hanno bisogno ma che sia un controllo svincolato da google cosa fattibilissima!! Chissà come finirà, io al momento mi devo tenere stretta la crdroid ferma ad a13 altrimenti poi non posso più usare l'app della mia banca, e per assurdo via web non posso fare praticamente niente, quindi neppure una webapp posso fare! Non posso mettere i miei documenti nel #wallet di #io 🤷🏻♂️🤷🏻♂️🤷🏻♂️ non posso fare nulla!
La guerra in Ucraina ha rappresentato un punto di svolta nell’evoluzione delle tecnologie militari moderne. I droni, protagonisti indiscussi di questo conflitto, hanno completamente rivoluzionato le operazioni sul campo di battaglia, trasformando le tattiche militari tradizionali e costringendo gli eserciti
@Notizie dall'Italia e dal mondo SEGUI IL LIVE. Caccia israeliani colpiscono obiettivi strategici in Iran, inclusi impianti nucleari. Teheran risponde con centinaia di missili: 4 morti e oltre 70 feriti in Israele. In Iran le vittime sono quasi 80. Gli attacchi continuano. L'articolo
Paolo Pasi – L’albergo del tempo sospeso freezonemagazine.com/rubriche/… Cosa spinge tante persone a tornare ogni estate nello stesso luogo, una pensione familiare di Riccione che, allo scoccare delle vacanze, assume tinte magiche e fiabesche? Il mistero dell’austera proprietaria, una donna mai sposata e fiera di sé, s’intreccia a un racconto corale in cui le trentuno stanze della pensione Heaven parlano attraverso i loro […] L'articolo Paolo Pasi
a chi non è andato a votare al referendum dico solo una cosa: ne riparliamo la volta in cui tu sei favorevole al si ed io al no... quando presumibilmente arriverai alla conclusione che il no ha la vittoria automatica.
Kali Linux 2025.2 segna un nuovo passo avanti nel mondo del penetration testing, offrendo aggiornamenti che rafforzano ulteriormente la sua reputazione come strumento fondamentale per la sicurezza informatica. Tra le novità più rilevanti troviamo il supporto per smartwatch, un’interfaccia menu completamente rinnovata e una serie di nuovi strumenti pensati per potenziare le attività di Red Team e Blue Team.
Il sistema presenta un menu completamente riprogettato che abbandona la vecchia struttura BackTrack in favore del framework MITRE ATT&CK. Questa riorganizzazione rende l’individuazione degli strumenti notevolmente più intuitiva sia per i red team che per i blue team, risolvendo problemi di vecchia data relativi all’organizzazione e all’accessibilità degli strumenti.
Il nuovo sistema è completamente automatizzato e sostituisce il precedente approccio di gestione manuale, diventato sempre più difficile da gestire con l’aumento della collezione di strumenti. Questa versione apporta miglioramenti sostanziali agli ambienti desktop, con GNOME aggiornato alla versione 481. Tra i principali miglioramenti rientrano le notifiche, miglioramenti delle prestazioni, il triplo buffering dinamico, funzionalità avanzate di visualizzazione delle immagini, funzionalità di benessere digitale e supporto HDR.
Gli utenti KDE riceveranno Plasma 6.3, che presenta una revisione sostanziale del ridimensionamento frazionario, una migliore precisione dei colori dello schermo con Night Light e funzionalità di monitoraggio del sistema migliorate. Un’aggiunta degna di nota è la nuova estensione GNOME VPN IP, che visualizza l’indirizzo IP della connessione VPN corrente direttamente nel pannello e consente di copiarlo dagli appunti con un clic. Questa funzionalità, frutto del contributo della comunità, rispecchia funzionalità simili precedentemente disponibili solo negli ambienti Xfce.
Le funzionalità di ricognizione di Active Directory ricevono un notevole impulso con l’integrazione di BloodHound Community Edition. L’aggiornamento include un set completo di ingestori: azurehound, bloodhound-ce-python e sharphound. Questo aggiornamento fornisce un’interfaccia più fluida, prestazioni migliori e funzionalità avanzate per la mappatura di ambienti Active Directory complessi.
La versione 2025.2 di Kali Linux ha introdotto una funzionalità teaser che mostrava Kali NetHunter KeX in esecuzione su sistemi radio Android. Questo sviluppo rappresenta quello che sembra essere il primo caso d’uso del suo genere, e funge da anteprima per il futuro supporto ad Android Auto, che funzionerà con qualsiasi unità principale non basata su Android che supporti Android Auto. L’integrazione di Android Radio sfrutta la tecnologia Kali NetHunter Desktop Experience (KeX). KeX consente agli utenti di eseguire sessioni desktop complete di Kali Linux con supporto per il mirroring dello schermo tramite HDMI o trasmissione wireless.
Di seguito i nuovi strumenti introdotti nella nuova versione di Kali Linux
Il nuovo supporto del kernel si estende ad altri dispositivi, tra cui Xiaomi Redmi 4/4X e Redmi Note 11. Il supporto per i computer a scheda singola ARM è stato consolidato, con Raspberry Pi 5 ora supportato dall’immagine unificata a 64 bit e aggiornato a un kernel basato su 6.12. La sola capacità di iniezione Wi-Fi dello smartwatch rende questa versione un punto di svolta per le valutazioni della sicurezza mobile, mentre il sistema di menu ristrutturato e la raccolta di strumenti ampliata garantiscono una continua rilevanza per i professionisti della sicurezza informatica in tutto il mondo.
The city of London is no stranger to tall constructions today, but long before the first skyscrapers would loom above its streets, Watkin’s Tower was supposed to be the tallest structure in not only London but also the entirety of the UK. Inspired by France’s recently opened Eiffel tower, railway entrepreneur and Member of Parliament [Sir Edward Watkin] wanted to erect a structure that would rival the Eiffel tower, as part of a new attraction park to be constructed near the Middlesex hamlet of Wembley. In a retrospective, [Rob’s London] channel takes a look at what came to be known as Watkin’s Folly among other flattering names. The first stage of Watkin’s Tower at Wembley Park. The only to be ever completed. (Source: Wikimedia) After [Gustave Eiffel], the architect of the Eiffel tower recused himself, a design competition was held for a tower design, with the Illustrated Catalogue of the 68 designs submitted available for our perusal. The winner turned out to be #37, an eight-legged, 366 meter tall tower, much taller than the 312.2 meter tall Eiffel tower, along with multiple observation decks and various luxuries to be enjoyed by visitors to Wembley Park.
Naturally, [Watkin] commissioned a redesign to make it cheaper, which halved the number of legs, causing subsidence of the soil and other grievances later on. Before construction could finish, the responsible company went bankrupt and the one constructed section was demolished by 1907. Despite this, Wembley Park was a success and remains so to this day with Wembley Stadium built where Watkin’s Folly once stood.
Con il rallentamento della legge di Moore e l’aumento del consumo energetico dei data center, AMD si pone l’ambizioso obiettivo di aumentare l’efficienza energetica dei suoi chip di 20 volte entro il 2030. Un passo fondamentale in questa direzione sarà la transizione all’architettura rack-scale, ovvero la progettazione di sistemi di elaborazione su scala di rack di server, anziché di singoli chip.
Sam Naffziger, Senior Vice President di AMD, osserva che più grande è il dispositivo, maggiore è la sua efficienza. Questa logica è già implementata nell’architettura chiplet, che ha permesso ad AMD di superare i limiti e raggiungere elevate prestazioni per watt di potenza. Il culmine è stata la serie MI300: assemblaggi 3D densi che integrano elaborazione, I/O e interconnessioni in un unico package.
Il passo successivo sarà MI400, la prima piattaforma rack-scale completa di AMD. Utilizzerà la propria interfaccia di accelerazione UALink e competerà con le soluzioni Nvidia che scalano le GPU fino a centinaia di istanze per rack. In futuro, AMD potrebbe passare dalle connessioni in rame a quelle fotoniche, che promettono una maggiore larghezza di banda, ma sono attualmente limitate dalle difficoltà tecniche e dal consumo energetico dei laser.
L’efficienza energetica non riguarda solo l’hardware, tuttavia. AMD punta su una stretta integrazione tra hardware e software. L’azienda sta attivamente sviluppando la sua piattaforma ROCm, ottimizzandola per i framework più diffusi, da PyTorch a vLLM. Le acquisizioni di Nod.ai, Mipsology e Brium hanno rafforzato lo sviluppo software e Sharon Zhou della startup Lamini si è recentemente unita al team.
AMD sta inoltre implementando il supporto per i formati di dati di piccole dimensioni FP8 e FP4, che consentono di ridurre il consumo energetico senza compromettere la qualità dell’output. Ma questo richiederà tempo: il supporto per FP8 in vLLM è stato implementato quasi un anno dopo il rilascio di MI300X.
Per monitorare i progressi della sua iniziativa 20×30, AMD utilizzerà un indice personalizzato che tiene conto delle prestazioni della GPU, della larghezza di banda della memoria HBM e della rete, con pesi diversi per le attività di training e inferenza.
L’attenzione rivolta alle nuove tecnologie di packaging, alle architetture rack-scale e agli sviluppi software riflette la strategia di AMD volta a ridurre il consumo energetico di fronte alla rapida crescita dei carichi di lavoro di intelligenza artificiale.
Gli aggressori hanno violato oltre 260.000 siti web legittimi iniettandovi codice JavaScript dannoso, mascherato da una stringa di caratteri innocente. La campagna di massa, scoperta dagli specialisti di Palo Alto Networks, è iniziata a fine marzo e si è intensificata notevolmente a metà aprile. L’obiettivo principale è reindirizzare gli utenti a risorse dannose attraverso pagine infette, soprattutto se la transizione avviene dai motori di ricerca.
Per nascondere il vero scopo degli script, viene utilizzato uno stile di programmazione insolito chiamato JSFuck , che consente di scrivere programmi completi utilizzando solo sei caratteri: [, ], +, $, {, }. Il team di Unit 42 ha suggerito un nome meno provocatorio: JSFireTruck, che allude alla natura del codice. Tale offuscamento complica seriamente l’analisi e consente agli script di rimanere inosservati per lungo tempo.
Il codice infetto traccia la risorsa da cui proviene l’utente. Se si tratta di un motore di ricerca come Google, Bing o DuckDuckGo, il visitatore viene automaticamente reindirizzato a siti esterni con contenuti potenzialmente dannosi. Queste pagine possono contenere exploit, malware, falsi aggiornamenti del browser e utilizzare il traffico per scopi di monetizzazione e malvertising.
La campagna ha raggiunto il picco il 12 aprile, con oltre 50.000 pagine web infette registrate in un solo giorno. In un solo mese, il sistema di telemetria di Palo Alto Networks ha rilevato quasi 270.000 URL infetti. Parallelamente, è stata registrata un’altra attività pericolosa : un nuovo sistema di distribuzione del traffico (TDS) chiamato HelloTDS, scoperto dagli specialisti di Gen Digital.
Questa piattaforma si concentra sul reindirizzamento selettivo degli utenti in base al loro indirizzo IP, alla geolocalizzazione, alle caratteristiche del browser e del dispositivo. HelloTDS analizza innanzitutto il visitatore e solo in seguito decide se mostrargli un CAPTCHA falso, un’email di supporto tecnico, un presunto aggiornamento del browser o un altro trucchetto.
Se l’utente non soddisfa i parametri, viene reindirizzato a una pagina innocua: questa strategia aiuta gli aggressori a evitare di essere scoperti. Risorse di streaming, siti di file sharing e reti pubblicitarie che ospitano payload JavaScript dannosi sono stati spesso utilizzati come punti di lancio per gli attacchi.
Alcune catene di attacco hanno portato all’installazione del malware PEAKLIGHT, noto anche come Emmenhtal Loader. Questo loader viene utilizzato per distribuire infostealercome Lumma sui dispositivi, raccogliendo dati dai browser, rubando password e rubando criptovalute.
Il supporto dell’infrastruttura HelloTDS si basa sui domini di primo livello generati dinamicamente .top, .shop e .com. Questi vengono utilizzati per gestire codice e reindirizzamenti. Oltre a mascherarsi esternamente come siti legittimi, queste piattaforme sono dotate di script specifici che riconoscono VPN, emulatori di browser e ambienti di ricerca, al fine di bloccare l’accesso agli specialisti della sicurezza ed evitarne la divulgazione.
La portata, l’imitazione di pagine legittime e i sofisticati metodi di filtraggio rendono le campagne basate su JSFireTruck e HelloTDS particolarmente pericolose, sia per gli utenti comuni che per i proprietari di risorse compromesse.
The Portal games were revolutionary not only for their puzzle-based, narrative-driven gameplay, but also for their unique physics engine, which let players open portals anywhere and conserve momentum and direction through them. They’re widely regarded as some of the best video games ever made, but even beyond that they have some extra features that aren’t talked about as much. Namely, there are a number of level editors and mods that allow the in-game components to be used to build things like logic gates and computers, and this project goes even further by building a working NES emulator, all within Portal 2.
The main limitation here is that Portal 2 can only support a certain number of in-game objects without crashing, far lower than what would be needed to directly emulate NES hardware. The creator of the project, [PortalRunner], instead turned to Squirrel, the Portal 2 scripting language, and set about porting an existing NES emulator called smolnes to this scripting language. This is easier said than done, as everything in the code needs to be converted eight bits and then all of the pointers in smolnes need to be converted to use arrays, since Squirrel doesn’t support pointers at all. As can be easily imagined, this led to a number of bugs that needed to be sorted out before the game would run at all.
For those interested in code golfing, porting, or cross-compatibility, this project is a master class not only in the intricacies of the Portal 2 scripting language but in the way the NES behaves as well, not to mention the coding skill needed to recognize unique behaviors of the C language and the Squirrel scripting language. But eventually [PortalRunner] is able to get Super Mario Bros. running in Portal 2, albeit with low resolution and frame rate. Since we heard you like games within games, someone else put DOOM inside DOOM so you can DOOM while you DOOM.
How hard could it be to make a chicken coop door that can be configured to open and close automatically using a straightforward interface? That’s the question that [Jeff Sandberg] set out with, after three years of using a more basic off-the-shelf unit that offered no remote access nor a convenient user interface. The use case for [Jeff] was rather straightforward: the door would be open during the day and closed at night to keep the hens safely inside the coop.
The commercial solution offered an RTC-backed programmable interface as well as a light sensor, but the latter wasn’t always reliable in inclement weather and making simple changes to the programming when e.g. the hens had to stay inside a day due to work on the yard, was much more complicated than needed, plus had to be done on the spot. The new system would solve all these ills.
That said, the existing door mechanism was doing a fine job and could be kept. This just left making a new box with electronics to control it, starting with an ESP32C3 with the ESPHome firmware that is hooked into the local Home Assistant system, along with a motor to lift and lower the door and with magnetic contact sensors.
So far so easy. The hard part came with the installation, which involved trenching to the hen house for mains power, repairing the damage from this, and troubleshooting a power issue that turned out to be due to a dodgy power adapter. The payoff is that now the chicken coop is also part of the smart home and their owner never has to trudge through a soggy garden again to adjust the programming on a dim LC display with far too few buttons.
Fediforum happened this week, porting your social graph cross-protocol with Bounce, Bonfire gets closer to release, a prominent Lemmy server shuts down, and much more.
Fediforum happened this week, porting your social graph cross-protocol with Bounce, Bonfire gets closer to release, a prominent Lemmy server shuts down, and much more.
I also run a weekly newsletter, where you get all the articles I published this week directly in your inbox, as well as additional analysis. You can sign up right here, and get the next edition this Friday!
FediForum and related announcements
The FediForum unconference was this week, with three days of sessions, keynotes and demos. The event was originally scheduled for April, but got cancelled at the last minute due to drama around transphobic statements made by one of the co-organisers. The individual in question left FediForum, and instead FediForum set up an advisory board with a number of community members. This edition of FediForum had keynotes for the first time, by ActivityPub co-creator Christine Lemmer-Webber, author Cory Doctorow, and Ian Forrester, who lead a Mastodon instance at the BBC. There were also a large number of demos (list here) and unconference sessions about a wide variety of subjects. I’ll write more about both the demos and the keynotes once the videos of them will become available online, likely next week.
Bounce is a newly-announced tool that allows people to migrate their social graph across protocols. It is made by A New Social, the organisation behind Bridgy Fed. The ability to port a social graph from AT Protocol to ActivityPub reshapes what is possible within the Open Social Web. For that reason, I think Bounce is a meaningful release, with its power mainly being in altering the shape of these networks. I wrote an essay on that this week that goes into the philosophical side of Bounce. For more practical information I can recommend this coverage by TechCrunch and The Verge. Meanwhile, A New Social’s CTO Ryan Barrett has shared all the updates and new features that have happened to Bridgy Fed over the recent months.
Music sharing platform Bandwagon shared more information during Fediforum on their development work, and how they are working on integrating album sales. A dev blog by Bandwagon recently shared their plans on adding a premium subscription, and how album sales work. During a Fediforum session, developer Ben Pate shared some screenshots on what this looks like. WeDistribute has a deep dive into Bandwagon and the current state of development based on the latest FediForum session.
Bonfire is an upcoming fediverse platform that has slowly been reaching the end of the line for development, and they announced the release candidate version of Bonfire 1.0. It is a framework and platform for building communities on the fediverse, and has a large variety of features and extensibility. One of the standout features is circles and boundaries. Circles allow users to define lists of accounts, and boundaries allows users to determine on a per-post basis to what circles each post gets shared. This creates a significant amount of flexibility on how to handle private posts, something which is in huge demand within the open social web. Bonfire also gives users a large amount of control over how they see and filter their feed. For more of a philosophical take on that, I recently wrote about how Bonfire’s approach on custom feeds compares to Bluesky’s approach. The developers are inviting people to install their own instance and experiment with the new features. It is unknown when Bonfire will be ready for a full 1.0 release. For another look at Bonfire, TechCrunch also covered the story.
Filmmaker and fediverse evangelist Elena Rossini has released her fediverse promotion video, which was highly anticipated by the community. The video can be viewed here, and tells the story of why the fediverse matters for a lay audience. The video is worth paying attention to for two reasons: first of all, it is a well-produced promo video for the fediverse that explains some of the core ideas in an accessible manner. Secondly, the video has gotten a huge amount of support from within the fediverse community, with a large number of prominent people within the community supporting Rossini’s work. One of the challenges of analysing a decentralised community is that there is no singular decentralised community, there are a wide variety of different groups and cultures. However, by seeing how and who responded positively to the video, it becomes clear that Rossini’s video does represent a dominant and popular understanding of what the fediverse is, and why it matters. In that way, analysing the video does provide good insight into the one of the more dominant and popular cultures of the fediverse.
Shutdown of Lemmy and opportunity for PieFed
Lemm.ee, one of the biggest Lemmy servers, is shutting down at the end of June. The team says: “The key reason is that we just don’t have enough people on the admin team to keep the place running. Most of the admin team has stepped down, mostly due to burnout, and finding replacements hasn’t worked out.” This has some significant impact on the wider Threadiverse community, as the lemm.ee hosted a significant number of popular communities. This makes server shutdowns on Threadiverse platforms signficantly more impactful, as they also impact people who do not have an account on the platform. Community migration is challenging, and there are no specific tools to help with a community with migrating to a different server.
The shutdown of the Lemm.ee server provides an opportunity for PieFed, a link-aggregator platform similar to Lemmy. PieFed is over a year old, that has seen significant development and new features beyond Lemmy, but has not managed to gain traction yet, with growth of users being slow. However, now that communities on the lemm.ee. server need to find a new place, PieFed is emerging as one of the main destinations. In turn, this is giving PieFed some much need promotion and awareness within the Threadiverse community, with PieFed doubling the number of accounts within a week. Lemmy clients are also starting to add support for PieFed, with the Lemmy client Interstellar already supporting PieFed. PieFed also uploaded two PeerTube video walking through all the moderation and administration features the platform has.
Platform updates
Ghost’s work on implementing ActivityPub is getting close to an official release. In their latest update, Ghost said that their ActivityPub integration will be part of the Ghost 6.0 release, which will come in ‘a few weeks’. The team has been working on ActivityPub for over a year, and have grown from 3 people to 8 people now working on their social web integration. For Ghost, the ActivityPub integration is more than just another connector, describing it as ‘a statement that the open web still matters’.
Mastodon is planning to release a new update, version 4.4, with the first beta now available. Some of the new features include the ability to set more feature content on user profiles, more list and follow management tools. For admins, there are better tools for setting legal frameworks, moderation tweaks and more. The biggest feature of the patch is that it will display quoted posts. The highly requested feature will only be fully available in version 4.5, which will include the ability for users to create quoted posts. Mastodon CTO Renaud Chaput says that he expects version 4.4 to be released at the end of June, with version 4.5 scheduled a few months later in September of October. The organisation also shared their monthly engineering update for May.
PeerTube released their latest version, 7.2, with a new design for video management and publication pages. PeerTube also now has more features for handling sensitive content. Creators can now add an explanation of why the content is marked as sensitive. Users also have more flexibility with how they want sensitive content to be handled, with various different configurations between hiding, blurring or warning about a video with sensitive content. PeerTube is also running a crowdfunding campaign for the mobile app, which has now crossed the halfway mark at 35k EUR. This milestone is for video management from the mobile app, with the next milestone being for livestream support in-app. The PeerTube app developer also shared a blog post with his thoughts on the technical framework considerations for building the app.
Hollo is a single-user microblogging platform, and their latest release has a significant number of new features, including better OAuth and various upgrades to the UX. Developer Hong Minhee also announced that independent fediverse developer Emelia Smith will join as a co-maintainer for Hollo.
That’s all for this week, thanks for reading! You can subscribe to my newsletter to get all my weekly updates via email, which gets you some interesting extra analysis as a bonus, that is not posted here on the website. You can subscribe below:
### General:
- currencies can now be optionally limited by the admin. if a comma-separated set of currencies is chosen, the currency field of the new-item or edit-item dialogs will show up as a drop-down instead of a free-text field
### Backen…
Today in old school nostalgia our tipster [Clint Jay] wrote in to let us know about this rotary dial.
If you’re a young whippersnapper you might never have seen a rotary dial. These things were commonly used on telephones back in the day, and they were notoriously slow to use. The way they work is that they generate a number of pulses corresponding to the number you want to dial in. One pulse for 1, two pulses for 2, and so on, up to nine pulses for 9, then ten pulses for 0.
One thing that makes this particular project different from the ones we’ve seen before is that it doesn’t require a microcontroller. That said, our hacker [Mousa] shows us how to interface this dial with an Arduino, along with sample code, if that’s something you’d like to do. The schematic for the project shows how to connect the rotary dial (salvaged from an old telephone) to both a 7-segment display and a collection of ten LEDs.
The project write-up includes links to the PCB design files. The guts of the project are a 4017 decade counter and a 4026 7-segment display adapter. Good, honest, old school digital logic.
Negli Stati Uniti, due membri del gruppo di criminali informatici ViLE, specializzato nell’ottenimento e nella vendita di informazioni personali, nonché nell’estorsione e nelle minacce alle vittime, sono stati condannati. L’episodio centrale del caso è stato l’hacking di un portale sicuro utilizzato per lo scambio di dati tra le forze dell’ordine federali e locali. ViLE operava secondo uno schema collaudato: otteneva dati personali – inclusi numeri di previdenza sociale, patenti di guida e indirizzi – per poi ricattare i proprietari di queste informazioni.
L’arsenale dei partecipanti includeva non solo false richieste legali ai social network, documenti d’identità falsi e operatori di supporto ingannati, ma anche corruzione di dipendenti aziendali e utilizzo di database riservati. Il gruppo estorceva denaro per la cancellazione di informazioni da siti pubblici gestiti direttamente.
L’episodio chiave ha riguardato la violazione di un portale internet ritenuto appartenente alla Drug Enforcement Administration (DEA), come confermato dal giornalista Brian Krebs.
Il sistema conteneva dati provenienti da 16 database federali, inclusi rapporti su sequestri di droga e denaro contante. Gli hacker hanno utilizzato le credenziali rubate dei dipendenti per accedere. Una volta ottenuto l’accesso, hanno scaricato e iniziato a utilizzare dati sensibili a fini di estorsione.
It’s the 80th day that Rümeysa Öztürk is facing deportation by the United States government for writing an op-ed it didn’t like. Meanwhile, aggression from law enforcement at protests in California have landed journalists in the hospital. Read on for more press freedom news.
It’s a situation that is likely to get worse and spread to other cities, with local law enforcement emboldened by the administration’s rhetoric and federal agents being haphazardly thrown into situations they’re not trained to handle.
We worked with partner organizations in California to send letters to the Department of Homeland Security, Los Angeles law enforcement agencies, the Marines and National Guard informing them of their obligations under the First Amendment, and in the case of the local authorities, California law.
Of course, strongly worded letters are not nearly enough for situations like these, and there’s plenty more work to do. But in the meantime, we’re not going to stay silent. Read the letters here, here and here.
Superstar lawyers join our effort to stop Paramount settlement
As reported in the Los Angeles Times, we’ve got a legal all-star team behind our effort to stop Paramount Global from capitulating to President Donald Trump by settling his frivolous lawsuit over an edited “60 Minutes” interview with then Vice President Kamala Harris.
Abbe Lowell, a highly respected litigator who has handled countless high-profile cases, Norman Eisen, a former ambassador to the Czech Republic and White House ethics advisor and their respective teams sent a formal demand letter to Paramount’s directors on our behalf outlining our plans to file a shareholder derivative suit if Paramount tanks its reputation and furthers America’s democratic backslide by caving.
This is an expensive endeavor, and we don’t get a dime if we win — whatever we recover from rogue Paramount directors and officers goes back to Paramount. Read more here and support us if you can.
FPF takes State Department to court over Öztürk secrecy
Freedom of the Press Foundation (FPF) is taking the government to court over its refusal to disclose information about the arrest of Tufts graduate student Rümeysa Öztürk for exercising her constitutionally protected right to coauthor an op-ed the government didn’t like.
FPF, represented by Loevy and Loevy, filed a Freedom of Information Act lawsuit against the State Department in the District Court for the District of Columbia to force the release of two documents that will shed light on the government’s targeting of Öztürk. Read more here.
Documenting 10 years of Trump’s anti-press social media tirades
61,989. That’s how many social media posts by President Donald Trump over the past decade Tracker journalist Stephanie Sugars has single-handedly reviewed (at least as of yesterday).
Monday will mark 10 years since Trump famously descended a golden escalator at New York City’s Trump Tower in 2015 and launched his first winning bid for the Oval Office. The Tracker is marking the occasion by launching its Trump Anti-Press Social Media Tracker, a comprehensive database of Trump’s attacks on the press on Truth Social, X and elsewhere.
Read former Voice of America press freedom reporter Liam Scott’s article about Sugars and the database here.
Woman arrested after interview by St. Paul journalist (Monitor). Federal authorities must promptly explain both their basis for arresting Isabel Lopez and how they knew where and when she’d be talking to reporters. Surveilling journalists is unacceptable.
Condemning SFPD’s detention of Daily Cal staffers and suppression of student journalism(The Daily Californian). Detaining journalists, even for a minute, prevents them from covering events of public concern, and violates their rights. The San Francisco Police Department and other police departments around the country need a crash course on the First Amendment.
Small-town newspapers are dying because no one wants to run them (Columbia Journalism Review). Succession planning doesn’t usually make the list when people talk about the challenges facing the press, but Liam Scott explores the consequences of local newspaper publishers dying and retiring with no one there to take over.
@Notizie dall'Italia e dal mondo SEGUI IL LIVE. Una raffica di missili è stata lanciata dall'Iran verso Israele. Almeno uno ha colpito la capitale Tel Aviv. L'articolo Cominciata la risposta dell’Iran. Colpita Tel Aviv proviene da Pagine pagineesteri.it/2025/06/13/med…
#NoiSiamoLeScuole questa settimana è dedicato a cinque scuole toscane: l’Istituto Tecnico Professionale “Margaritone-Vasari”, il Liceo “Piero Della Francesca” e l’IC “Cesalpino” di Arezzo, l’Istituto Professionale “Avogadro” di Abbadia San Salvatore …
#NoiSiamoLeScuole questa settimana è dedicato a cinque scuole toscane: l’Istituto Tecnico Professionale “Margaritone-Vasari”, il Liceo “Piero Della Francesca” e l’IC “Cesalpino” di Arezzo, l’Istituto Professionale “Avogadro” di Abbadia San Salvatore …
When a wrist mounted keyboard floated past in the Hackaday feed, a mental image surfaced, perhaps something like a Blackberry keyboard mounted on a wrist cuff, maybe with some kind of display. It’s impressive indeed then to open the link and see [AdamLeBlanc]’s Schist01. It’s a wrist mounted keyboard, but with its bracket curving in front of the had to support a custom ergonomic chording keyboard, it’s definitely a break from the norm.
The wrist mount has clearly taken a lot of thought, and despite looking something like the arm of a Star Trek Borg, appears comfortable. It’s extremely adjustable, and can be demounted into several different parts. Meanwhile the keyboard itself has been formed to his hand by a trial and error process involving keycaps and a clay model. there’s even a thumb-operable touchpad.
We like this peripheral a lot, for the huge attention to detail that has gone into its design, for its boldness, and because we can’t help seeing ourselves using it as the input device for a futuristic head-mounted display. For now though we don’t have any futuristic silver clothing in the wardrobe, so that will have to wait. If you’d like to see more, there’s a video.
In the Blackberry-keyboard-based project lineage story last week, I covered how a series of open-source projects turned into Beepy, a cool Linux PDA with a lively community. To me, it’s yet another demonstration of power that open-source holds, and more importantly, it shows how even a small pet project of yours could cause big moves in the hardware world, provided you publish it – just ask [JoeN], [WoodWorkeR] and [arturo182].
The journey didn’t end there. For all its benefits, Beepy had some flaws to take care of, some board-killing flaws, even. The 5 V boost regulator was never intended for 4.7 V input it gets when charger is connected, and would occasionally cook itself. A charging current resistor was undersized, leading people to either bodge resistors onto their Beepy boards, or have their battery charge for 30 hours until full. A power path diode was undersized, too, and has burned out on more than a few devices. Also, Beepy’s feature package left things to be desired.
Beepy never made it beyond v1. If I had to guess, partially because of BB Q20 keyboard sourcing troubles, but also definitely some sort of loss of interest. Which is a shame, as the plans v1.5 of the hardware were pretty exciting. In the meantime, other players decided to take up the mantle – here’s a tale of three projects.
Improved, Colorful, Closed
I like to talk about all sides of open-source hardware, good and bad. We’ll start with the bad here. Sometimes, you’ll publish a project under an open license that requires other people to share their work if it’s based on your project files. Then, someone takes your files, makes none to minimal changes, closes the sources, maybe even completely removes the attribution, and starts selling them. That’s the story of Colorberry. Left: OG Beepy, right: Colorberry; spot 10 differences. If one of them is “stripped of all attribution”, you get bonus points. It was one of the first Beepy derivatives — seemingly fixing two of the three Beepy bugs, and adding support for a color display from JDI. Unfortunately, it also removed some important elements: namely the attribution to the Beepy on product or project pages – and closed-sourced the files.
Beepy’s PCB is licensed under a reciprocal (copyleft) license, which means that derivative product designers are supposed to share any changes they make. Without access to the source, it’s difficult to confirm that Colorberry really fixed the upstream Beepy bugs. It also makes it harder to diagnose and repair the hardware, and limits the chances the Colorberry would live on should its creator step away from the project.
Unfortunately, the problems don’t stop there. The code to drive the color screen is heavily based upon a driver produced by people in the Beepy community. Like the Beepy hardware, the license for the driver (GPL) requires that changes made to the code be made public. But when Alex, the Colorberry developer, was asked about publishing the code for this driver, he responded that it would happen “once the driver is ready.” A year later, the new story is apparently that he will release the sources once his personal stock of color screens runs out.
Because the driver is only published as (non-stripped) binaries on GitHub, it needs to be recompiled and republished by Alex with every Linux kernel update or distro that Colorberry could be used with. It’s also markedly harder to install (to the point people had to concoct multi-step install scripts), and I have it on good authority that the driver contains a bug that will actually reduce the lifetime of the display. But without the source for the driver, the community can’t fix it. I confirmed this later on, having looked at the binary files myself – indeed, even the typos from someone else’s open-source driver are still present in Colorberry driver code. From what I’ve seen, the Beepy open-source design has been a crucial factor for its community to flourish and keep thriving even two years later. Colorberry’s puzzling closed-source decisions just don’t add up to the same value, and I gather that’s a big part of why the project didn’t gain more traction.
The Colorberry isn’t the only Beepy clone to keep the hardware source to itself. The PiBerry from CarbonComputers doesn’t fix the bugs from the original handheld, unfortunately, but it does bring a higher resolution color display to the party. It also doesn’t try to erase its lineage, with both the PCB silkscreen and the documentation referencing the fact that it’s based on the Beepy. Even still, the board design files aren’t included in the PiBerry repository.
What’s interesting in this case is that CarbonComputers later made a newer PiBerry version in same form-factor, aimed at assembly from more off-the-shelf components, and that version does have its KiCad files published. I’m willing to give the creators the benefit of the doubt here, and say that not including the source files for the previous versions of the hardware might simply be an omission on their part and not intentional.
These two weren’t the only projects coming to life because of Beepy’s success – at times, if you get someone inspired enough with a project of yours, they could end up building an entire lineup of gadgets. Such is the case of Hackberry Pi, a project coming from a hacker named Zitao.
The Hackberry Family
Ever wanted the power of a Pi 5 in a portable package? That’s where you reach for the Hackberry Pi. The CM5 version is way sleeker than this one, I gotta say. You might’ve seen the Hackberry Pi around – it’s a Beepy-like device with a 720×720 DPI screen derived from Adafruit’s Hyperpixel design and a Q20 keyboard. A number of parts in the first Pi Zero-based versions of the Hackberry Pi were visibly derived from the Beepy design. However, at least the later versions have been re-drawn from scratch in EasyEDA, with a number of diverging design paths, and Zitao has been prolific in building newer and generally better versions of the platform.
From a Pi Zero-based version with Nokia batteries, to Pi 5-based device powered by 18650s, the Hackberry has gone through quite a journey. Just a couple days ago from the time of this writing, the Compute Module-based version of the Hackberry Pi has become available, and it’s been selling like hotcakes.
Zitao’s hardware is inspiring in a few ways. For instance, the ways in which these devices avoid driver installation requirements, with keyboard connected over USB instead of I2C, powerbank chips with LED battery level display instead of the Beepy’s RP2040, and it goes even to the point of soldering a small Bluetooth receiver module onto the board to drive the onboard speakers from the Pi running the show. It’s a kludge, but at the same time, it’s hard to argue with things that work well in practice!
Hackberry Pi devices are also closed source, but at least schematics have been made available. This is good enough to spot most bugs, and those schematics have already been useful for people pointing out poor design decisions in the first versions. Of course, it’s still against the spirit of open-source and in particular the project that made Hackberry Pi possible in the first place – but at least it’s a step in the right direction.
Our Radically Open Beepy Clone
As you might have guessed, I don’t like closed-source devices. In particular I dislike devices that benefit from an open-source ecosystem and then burn the goodwill provided, as if to sterilize and salt the land that would otherwise serve other projects in the future. Two v1 Blepis units: one assembled with a Sharp display, another with a cheaper color SPI one. Over the last half a year, I’ve had the privilege of working on the Blepis, a Beepy successor built by a hacker collective I’m a part of, called HackMods. We’ve designed, planned out, and assembled the first versions of these boards together, with the goal of having a fleet of Linux PDAs.
Made by hackers for hackers, it’s an experiment in just how far you can push the Beepy design, and we’re keeping things as open-source as we found them – arguably even more so! In particular, even our case design is in FreeCAD and open-source, with .FCstd files included.
First major improvement we made was in screen support. Sharp Memory screens can be expensive and are often out of stock for months, and JDI screens are even more expensive than that, often the only options are overpriced eBay listings. This is somewhat okay for a one-off, but it is very sub-optimal if you’re building a fleet of a dozen hacker PDAs for you and your friends.
That’s why we’ve added support for the commonly available 3.2″ 320×240 18-pin SPI color screens in addition to Sharp and JDI screens. We even have touchscreen controller support for the 18-pin panels that come with a touch layer, and support backlight on displays which have it. Of course, the known Beepy bugs are fixed as well. Our 5 V boost is operating within spec, and we have a switch-mode battery charger expected to give off barely any heat at all while providing a fair bit of charging current.
The PCB, done mainly by [LinaLinn] and me, with others’ contributing to it in various ways. It would probably be easier to talk about what we didn’t add. Thankfully, for those things, we have an expansion connector!What else? Just for a start, we added an RTC, a vibromotor driver, and an onboard buzzer, not to mention things like QWIIC connectors for I2C and USB.
The Beepy didn’t have any onboard USB peripherals – you were expected to make use of the Pi Zero’s microUSB port. But we’ve added a whole USB ecosystem onto all the free space on the board – including a microSD reader, a slanted USB-C slot letting you connect a small USB-C 3.5 mm dongle soundcard for music playback (or other devices), and a USB hub chip to tie it all together. Apart from that, we support host mode on the bottom “charging” USB-C port, too – complete with 5 V power output.
Some of these features, like power output on the main USB-C port, are not supported by the firmware yet, But we’ve gotten pretty familiar with Beepy firmware while building v1, so, adding firmware support for those features is not expected to be that complicated.
Our expansion connector is also unparalleled when it comes to interfaces we expose. A single-row 23-pin header has 3.3 V, 5 V and VBAT power rails with over-current and backflow protection, plus I2C, SPI, UART, SDIO, PWM, and I2S, all ESD-protected.
We’ve already had a LoRa expansion module contributed by someone from the Beepy community, and one of our members has designed a DECT board. We plan on doing doing boards aimed at general-purpose hacking & BIOS chip flashing soon. If you ever wanted a PDA with a powerful expansion header for hardware hacking purposes, this is the design for you.
The Gift Of Giving Back
If you’re looking for a Linux PDA board, I hope you can appreciate the Blepis hardware design we bring to you, only possible because of a string of open-source projects before it. Our design files and driver/firmware sources are all on GitHub and GitLab, with a summary available on [Michael]’s BBKB ecosystem website.
Blepis is meant to work with JLCPCB PCBA, and we have a GitLab integration for exporting the project files – all the JLC part numbers are input into the schematics, so just upload the files and get a batch of motherboards delivered to your doorstep. To complete it, get a Pi Zero, a battery, a Blackberry Q20 keyboard, a display out of the list of supported ones, print the shell (v2-compatible shell coming soon), and off you go.
Seeing entirely new projects happen, each cooler and more advanced than the previous one, all because people kept publishing their code and PCB files, and then, getting to build a dream device for me and my friends thanks to someone else’s work – these kinds of experiences are what radicalized me in favour of being fervently pro-open-source. I see open-source philosophy live and thrive through dreams of hackers and barrels of viral licenses, through publishing despite imperfections, and building off each other’s dreams to turn the tide of tomorrow. I hope you get to experience it, too.
Rifondazione Comunista sarà anche quest’anno al Roma Pride per esprimere solidarietà alla comunità LGBTQIA+ che in questo ultimo anno è il bersaglio di un’escalation di odio e violenza, quella di strada tanto quanto quella istituzionale. Ricordiamo che Rifondazione Comunista rimane l’unico partito in Italia a far eleggere una persona trans in parlamento, un fatto che a distanza di quasi vent’anni continuiamo a rivendicare con orgoglio – ancor più oggi quando le persone trans* in particolare sono nel mirino delle destre di tutto il mondo, Italia compresa.
Rifondazione proprio per questo è solidale con le le istanze delle persone trans, queer e non binary che si sentono sovradeterminatә dalle stesse circostanze che hanno portato alla nascita del Priot, pur non condividendo la scelta quest’anno di renderlo antagonista al Pride istituzionale e le pratiche che ne sono conseguite. Ma questo non ci esenta dal riconoscere anche le criticità della gestione di un momento e di uno spazio fondamentali nella vita delle persone LGBTQIA+.
Troviamo problematica la scelta di ridurre progressivamente la partecipazione di tutte le diverse realtà che compongono la comunità dopo averle ignorate anche quando partecipavano al comitato organizzativo perché il Pride e di tuttә; è simbolicamente molto problematico un nuovo percorso – inaugurato l’anno scorso – che prevede un corteo che va a chiudersi dentro un recinto nascosto al pubblico perché il Pride è rivolta di strada; è estremamente problematico un manifesto politico che pur apprezzabile per molti versi, si rifiuta di chiamare le cose col proprio nome perché quello che sta avvenendo in Palestina è un genocidio anche di nome e non solo di fatto; troviamo problematica la scelta della stesse forze che si arrogano il timone del movimento di ignorare selettivamente i risultati dei tavoli di lavoro a cui abbiamo partecipato (invitatә) soprattutto quando ignorano il nodo centrale che lega in modo inestricabile diritti civili e diritti sociali.
Per le stesse ragioni continuiamo a trovare problematica (se non tragicamente sbagliata nel caso di marchi apertamente sostenitori del genocidio palestinese) la scelta di perseguire la logica delle sponsorizzazioni private, perché ci rende tuttә fragilә e ricattabilә e soggettә all’aria politica che tira al momento – come dimostra il fuggi fuggi degli sponsor: se tanti servizi per la comunità dipendono dal privato, forse compito di chi è al timone del movimento dovrebbe essere quello di lottare contro la dismissione generale dello stato sociale, affinché si prenda carico in maniera specifica delle esigenze di una comunità che non deve dipendere dalle fluttuanti elemosine del capitalismo. E crediamo che sia profondamente problematica la scelta di interloquire e cercare punti di convergenze con le stesse forze che adesso hanno anche il potere istituzionale per negare, reprimere e distruggere concretamente le nostre identità e le nostre vite.
Lә compagnә di Rifondazione e Giovanә Comunistә però, nonostante tutte queste contraddizioni, anche quest’anno al Roma Pride ci saranno, perché gli spazi conquistati col sacrificio e anche col sangue di tantә non si abbandonano a nessun costo e saremo lì a portare anche le istanze di chi ha scelto di non esserci e di chi non può e per non smettere mai di denunciare tutte queste criticità nello spirito più unitario possibile. Le alleanze politiche e sociali perseguite in questi anni stanno mostrando tutta la loro volatilità e la realtà con cui dobbiamo continuare a fare i conti è sempre la stessa: da una parte ci sono i sistemi di dominio, dall’altra le soggettività oppresse. È il momento di schierarsi e restare unitә, prima che ci travolgano. Buon Roma Pride a tuttә
Federazione Roma Castelli Litoranea del Partito della Rifondazione Comunista
Il #MIM ha pubblicato l’ordinanza con cui vengono stabilite le date ufficiali relative al calendario scolastico nazionale per l’anno 2025/2026, comprese le festività riconosciute su tutto il territorio e le scadenze degli esami di Stato.
Il #MIM ha pubblicato l’ordinanza con cui vengono stabilite le date ufficiali relative al calendario scolastico nazionale per l’anno 2025/2026, comprese le festività riconosciute su tutto il territorio e le scadenze degli esami di Stato.
When home computers first appeared, disk drives were an expensive rarity. Consumers weren’t likely to be interested in punch cards or paper tape, but most people did have consumer-grade audio cassette recorders. There were a few attempts at storing data on tapes, which, in theory, is simple enough. But, practically, cheap audio recorders are far from perfect, which can complicate the situation.
A conference in Kansas City settled on a standard design, and the “Kansas City standard” tape format appeared. In a recent video, [Igor Brichkov] attempts to work with the format using 555s and op amps — the same way computers back in the day might have done it. Check out the video below to learn more.
These days, it would be dead simple to digitize audio and process it to recover data. The 1970s were a different time. The KC standard used frequency shift method with 2.4 kHz tones standing in for ones, and 1.2 kHz tones were zeros. The bit length was equal (at 300 baud), so a one had 8 cycles and a zero had 4 cycles. There were other mundane details like a start bit, a minimum stop bit, and the fact that the least significant bit was first.
The real world makes these things iffy. Stretched tape, varying motor speeds, and tape dropouts can all change things. The format makes it possible to detect the tones and then feed the output to a UART that you might use for a serial port.
There were many schemes. The one in the video uses an op-amp to square up the signal to a digital output. The digital pulses feed to a pair of 555s made to re-trigger during fast input trains but not during slower input trains. If that doesn’t make sense, watch the video!
Facebook and Yandex have been caught performing user-hostile tracking. This sort of makes today just another Friday, but this is a bit special. This time, it’s Local Mess. OK, it’s an attack with a dorky name, but very clever. The short explanation is that web sites can open connections to localhost. And on Android, apps can be listening to those ports, allowing web pages to talk to apps.
That may not sound too terrible, but there’s a couple things to be aware of. First, Android (and iOS) apps are sandboxed — intentionally making it difficult for one app to talk to another, except in ways approved by the OS maker. The browser is similarly sandboxed away from the apps. This is a security boundary, but it is especially an important security boundary when the user is in incognito mode.
The tracking Pixel is important to explain here. This is a snippet of code, that puts an invisible image on a website, and as a result allows the tracker to run JavaScript in your browser in the context of that site. Facebook is famous for this, but is not the only advertising service that tracks users in this way. If you’ve searched for an item on one site, and then suddenly been bombarded with ads for that item on other sites, you’ve been tracked by the pixel.
This is most useful when a user is logged in, but on a mobile device, the user is much more likely to be logged in on an app and not the browser. The constant pressure for more and better data led to a novel and completely unethical solution. On Android, applications with permission to access the Internet can listen on localhost (127.0.0.1) on unprivileged ports, those above 1024.
Facebook abused this quirk by opening a WebRTC connection to localhost, to one of the ports the Facebook app was listening on. This triggers an SDP connection to localhost, which starts by sending a STUN packet, a UDP tool for NAT traversal. Packed into that STUN packet is the contents of a Facebook Cookie, which the Facebook app happily forwards up to Facebook. The browser also sends that cookie to Facebook when loading the pixel, and boom Facebook knows what website you’re on. Even if you’re not logged in, or incognito mode is turned on.
Yandex has been doing something similar since 2017, though with a different, simpler mechanism. Rather than call localhost directly, Yandex just sets aside yandexmetrica.com for this purpose, with the domain pointing to 127.0.0.1. This was just used to open an HTTP connection to the native Yandex apps, which passed the data up to Yandex over HTTPS. Meta apps were first seen using this trick in September 2024, though it’s very possible it was in use earlier.
Both companies have ceased since this report was released. What’s interesting is that this is a flagrant violation of GDPR and CCPA, and will likely lead to record-setting fines, at least for Facebook.
What’s your Number?
An experiment in which Google sites still worked with JavaScript disabled led to a fun discovery about how to sidestep rate limiting and find any Google user’s phone number. Google has deployed defensive solutions to prevent attackers from abusing endpoints like accounts.google.com/signing/usernamerecovery. That particular endpoint still works without JS, but also still detects more than a few attempts, and throws the captcha at anyone trying to brute-force it.
This is intended to work by JS in your browser performing a minor proof-of-work calculation, and then sends in a bgRequest token. On the no-JavaScript version of the site, that field instead was set to js_disabled. What happens if you simply take the valid token, and stuff it into your request? Profit! This unintended combination bypassed rate-limiting, and means a phone number was trivially discoverable from just a user’s first and last names. It was mitigated in just over a month, and [brutecat] earned a nice $5000 for the effort.
It’s not a trivial attack, and just forcing a remote server to open an SMB connection to a location the attack controls is an impressive vulnerability. The trick is a hostname that includes the target name and a base64 encoded CREDENTIAL_TARGET_INFORMATIONW all inside the attacker’s valid hostname. This confuses the remote, triggering it to act as if it’s authenticating to itself. Forcing a Kerberos authentication instead of NTLM completes the attacker magic, though there’s one more mystery at play.
When the attack starts, the attacker has a low-privileged computer account. When it finishes, the access is at SYSTEM level on the target. It’s unclear exactly why, though the researchers theorize that a mitigation intended to prevent almost exactly this privilege escalation is the cause.
X And the Juicebox
X has rolled out a new end to end encrypted chat solution, XChat. It’s intended to be a significant upgrade from the previous iteration, but not everyone is impressed. Truly end to end encryption is extremely hard to roll out at scale, among other reasons, because users are terrible at managing cryptography keys. The solution generally is for the service provider to store the keys instead. But what is the point of end-to-end encryption when the company holds the keys? While there isn’t a complete solution for this problem, There is a very clever mitigation: Juicebox.
Juicebox lets users set a short PIN, uses that in the generation of the actual encryption key, breaks the key into parts to be held at different servers, and then promise to erase the key if the PIN is guessed incorrectly too many times. This is the solution X is using. Sounds great, right? There are two gotchas in that description. The first is the different servers: That’s only useful if those servers aren’t all run by the same company. And second, the promise to delete the key. That’s not cryptographically guaranteed.
There is some indication that X is running a pair of Hardware Security Modules (HSMs) as part of their Juicebox system, which significantly helps with both of those issues, but there just isn’t enough transparency into the system yet. For the time being, the consensus is that Signal is still the safest platform to use.
Bits and Bytes
We’re a bit light on Bits this week, so you’ll have to get by with the report that Secure Boot attacks are publicly available. It’s a firmware update tool from DT Research, and is signed by Microsoft’s UEFI keys. This tool contains a vulnerability that allows breaking out of it’s intended use, and running arbitrary code. This one has been patched, but there’s a second, similar problem in a Microsoft-signed IGEL kernel image, that allows running an arbitrary rootfs. This isn’t particularly a problem for us regular users, but the constant stream of compromised, signed UEFI boot images doesn’t bode well for the long term success of Secure Boot as a security measure.
Meta ha intentato una causa contro Joy Timeline HK Limited, con sede a Hong Kong, accusandola di aver distribuito in massa annunci su Facebook e Instagram per un’app che utilizza l’intelligenza artificiale per creare immagini di nudo senza il consenso degli utenti. La causa sostiene che Joy Timeline fosse dietro Crush AI, un servizio pubblicizzato come uno strumento in grado di “strappare i vestiti” da qualsiasi foto.
Decine di migliaia di annunci pubblicitari che promuovevano queste offerte sono stati distribuiti, nonostante Meta li abbia regolarmente rimossi, chiudendo pagine e account e bloccando domini che potevano essere utilizzati per accedere alle app. Secondo la causa, l’azienda ha intrapreso ripetuti provvedimenti contro Joy Timeline dal 2023, ma l’azienda ha continuato a pubblicare annunci NSFW che violavano le policy della piattaforma.
La causa sottolinea che Joy Timeline ha sistematicamente aggirato i divieti creando nuovi account aziendali e ripubblicando annunci simili. Meta insiste sul fatto che, senza l’intervento del tribunale, l’azienda continuerà ad agire in violazione delle sue regole. Entro febbraio 2025, più di 135 pagine Facebook e almeno 170 account aziendali distribuivano circa 87.000 annunci che promuovevano app di “spogliarello”, secondo i documenti.
Tra gli esempi citati nella causa figura uno di questi annunci, che mostra una donna in top nero e pantaloncini, con l’immagine divisa in due parti: a sinistra, vestita, con la scritta “NSFW”, e a destra, senza vestiti, con le didascalie “TOGLIERE IL REGGISENO” e “TOGLIERE I PANTALONI”. Gli annunci includevano inviti a caricare una foto per “spogliarsi in un minuto” o “creare un video di ballo”.
Meta afferma di considerare tali abusi una seria minaccia e di volerli contrastare attivamente. Oltre alla causa, l’azienda ha annunciato nuove misure per limitare la diffusione di tali servizi. Meta utilizza inoltre una tecnologia proprietaria per identificare tali annunci, anche se non contengono immagini di nudo dirette.
Utilizza un sistema di abbinamento per identificare rapidamente cloni e nuovi tentativi di inganno. L’azienda afferma che continuerà a ricorrere a misure legali e di altro tipo per limitare la diffusione di servizi di intelligenza artificiale che sfruttano e violano l’etica.
Apple ha corretto una vulnerabilità critica, utilizzata per sferrare attacchi Zero Click contro giornalisti in Europa. L’errore permetteva di infettare i dispositivi senza l’interazione dell’utente: era sufficiente ricevere un messaggio appositamente preparato tramite iCloud Link. I dettagli dell’attacco, i suoi meccanismi e le sue conseguenze sono stati svelati dagli specialisti di Citizen Lab, che hanno condotto un’indagine forense sulle conseguenze di attacchi reali.
Apple ha confermato ufficialmente che la vulnerabilità è stata sfruttata in un “attacco altamente sofisticato” contro individui specifici. Sebbene i dettagli dell’attacco in sé non siano stati divulgati nella notifica, l’analisi di Citizen Lab ha dimostrato che la falla è stata sfruttata per infettare gli iPhone di due giornalisti.
I dispositivi hackerati erano dotati di Graphite, uno strumento di sorveglianza avanzato sviluppato dall’azienda israeliana Paragon. Questo modulo spyware consente l’accesso remoto a messaggi, e-mail, microfono, fotocamera e posizione del dispositivo. Il suo utilizzo è solitamente limitato alle agenzie governative ed è ufficialmente considerato uno strumento per combattere la criminalità e le minacce alla sicurezza nazionale.
Citizen Lab ha scoperto che entrambi i giornalisti sono stati infettati dallo stesso account Apple, denominato “ATTACKER1“, il che indica che entrambi gli attacchi provenivano dallo stesso client Paragon. Le notifiche di Apple relative agli attacchi spyware sono state inviate alle vittime il 29 aprile 2025. Il sistema di allerta di Apple, in vigore dal 2021, avvisa gli utenti della potenziale esposizione a operatori governativi, ma non garantisce un’infezione effettiva.
Ciò che è ancora più allarmante è che Apple ha risolto contemporaneamente un’altra vulnerabilità, il CVE-2025-24200, anch’essa sfruttata in attacchi attivi. L’azienda ha segnalato questo bug solo qualche tempo dopo, senza specificare il motivo del ritardo. L’incidente è strettamente legato a un altro scandalo scoppiato a gennaio, quando Meta ha denunciato che Graphite era stato utilizzato per attaccare decine di utenti WhatsApp in tutto il mondo. Tra le vittime c’era anche il giornalista Francesco Cancellato, collega di Ciro Pellegrino. Questo porta il numero totale delle vittime note di Graphite a sette.
In mezzo alla controversia, la Commissione parlamentare per la sicurezza (COPASIR) ha pubblicato un rapporto in cui ha riconosciuto che le agenzie di intelligence italiane avevano effettivamente utilizzato Graphite per la sorveglianza mirata, ma solo nel rispetto della legge e dopo aver ottenuto tutte le autorizzazioni necessarie. Secondo la commissione, il programma era utilizzato per combattere il terrorismo, la criminalità organizzata,l’immigrazione clandestina, il contrabbando di carburante, lo spionaggio e i latitanti. Tuttavia, il dispositivo di Cancellato, come affermato nel documento, non era tra gli obiettivi, lasciando aperta la questione della vera fonte della sorveglianza.
Il rapporto rivela anche il funzionamento interno di Graphite. Per utilizzare lo spyware, un operatore deve accedere con nome utente e password. Ogni sessione viene registrata su un server gestito dal client: è il client, non Paragon, a controllare l’archiviazione e l’accesso ai registri delle attività. Ciò significa che l’utente finale può utilizzare Graphite in completa autonomia, senza controllo o monitoraggio esterno.
Citizen Lab ha sottolineato ancora una volta che tali incidenti dimostrano quanto i giornalisti rimangano vulnerabili agli strumenti commerciali di sorveglianza digitale. La difficoltà di rilevamento, la mancanza di procedure trasparenti e la possibilità di infezioni senza contatto rendono tali attacchi particolarmente pericolosi. La situazione dimostra chiaramente quanto sia urgente rafforzare il controllo internazionale e la regolamentazione giuridica nel campo della sorveglianza digitale.
Nel frattempo, un nuovo vettore di minaccia si sta sviluppando nel cyberspazio. Insikt Group di Recorded Future ha rilevato una ripresa dell’attività di un altro spyware israeliano, Predator, creato da Intellexa/Cytrox. A seguito delle sanzioni statunitensi, gli sviluppatori hanno modificato la propria infrastruttura e sono tornati in azione. I ricercatori hanno identificato nuovi server di livello 1 che indicano infezioni in Mozambico, nonché un collegamento con l’azienda ceca FoxITech sro, precedentemente affiliata al consorzio Intellexa.
Predator è stato utilizzato in più di una dozzina di paesi negli ultimi due anni, tra cui Angola, Armenia, Egitto, Indonesia, Mongolia, Arabia Saudita e Filippine. Più della metà dei clienti noti del programma si trova in Africa. Gli analisti affermano che l’impennata di attività è dovuta all’elevata domanda nei paesi soggetti a restrizioni all’esportazione, nonché all’utilizzo di strutture aziendali complesse che rendono difficile rintracciare l’origine e l’utente finale.
Gli esperti sottolineano che l’emergere di nuove infezioni, parallelamente agli attacchi con Graphite, evidenzia la portata della minaccia. Dispositivi, dati e privacy possono essere monitorati senza notifiche, mandati o segnali evidenti. La sorveglianza digitale sta diventando uno strumento privo di feedback e di controllo esterno.
The following was a letter submitted by an anonymous Pirate supporter using the pseudonym “Forward Thoughts”, sharing critiques of the gap between the rights and freedoms guaranteed by the U.S. Constitution and how they are often undermined in practice. This article is apart of the project “Message in a Bottle”, allowing supporters of the US Pirate Party to submit editorial articles to the United States Pirate Party website.
Not many people are educated on this matter, but there’s a difference between rights and freedoms. Rights are legal protection of entitlements in regards to ethical, social, or legal principles bestowed to a populace. Freedoms are the capability to believe, act, or think without inordinate deprivation focusing on freewill and autonomy.
Let’s talk about our good old rights. Made in your township, county, state, and in the case of our constitutional amends Washington D.C. Constitutional amendments, otherwise known as the Bill of Rights, are an example of rights you have.
Back in 1789 the US Constitution was conjured up to succeed the precursor to the Bill of Rights, which was called the Articles of Confederation. Difference between the US Constitution and the Articles of Confederation was the US Constitution was made for all states to abide by within the Union, emphasising on a sturdy centralized government while the Articles of Confederation was to confer autonomy to the states with an emphasis of there being amicable relations between the states.
Here in the USA we have constitutional amendments that are supposed to protect us against a tyrannical government. These rights include, but are not limited to, freedom of speech, fair trial, privacy, and right to bear arms (firearms).
Before America gained its independence from the British crown while under its colonial rule, our founding fathers included a statement in the Declaration of Independence that said “we hold these truths to be self-evident”.
Here’s something to think about: if these truths are self-evident, why do we need it written on a piece of paper by lawmakers in an ever ideological-shifting Congress subject to interpretation by Judges who again, shift from one ideology to another when they get impeached, pass away while in office, or retire?
Right to a fair and impartial trial is granted under the 6th amendment. Moreover, it entitles you the right to a speedy and jury trial.
Just because you have the right to a fair trial doesn’t mean you have the liberty to a fair trial. In other words, your rights are enshrined into law on a piece of paper in theory but not in practice.
For instance, 1969 U.S. Supreme Court case Frazier v. Cupp said the police can lie to you in an interrogation. That’s right, deception is not grounds for nullification of evidence in a criminal trial.
1986 U.S. Supreme Court case Lockhart v. McCree excludes objectors to the death penalty on juries in capital punishment cases.
1965 U.S. Supreme Court case Singer v. United States mandated jury trials in federal court unless given permission for a bench trial by the government.
2021 U.S. Supreme Court case Jones v. Mississippi rendered a finding of “permanent incorrigibility” in cases of sentencing minors to life imprisonment without the possibility of parole unnecessary.
1991 U.S. Supreme Court case Harmelin v. Michigan clarified that mandatory minimum sentences, even when excluding extenuating circumstances, don’t violate the 8th amendment.
1984 Pulley v. Harris determined courts aren’t required to compare death penalty eligible cases to that of other similar cases before meting out capital punishment to defendants.
Jurors in jury trials are mentally subjected to a litany of social, racial, ethnic, and mental biases clouding their judgement to deliver an impartial decision on deciding if a defendant or defendants are guilty or not guilty.
Anyone who understands the legal system knows it’s customary, a rite of passage if you will, to know about everyone’s Miranda rights stemming from the 1966 U.S. Supreme Court Miranda v. Arizona case that ruled evidence obtained, i.e. statements, without advising suspects of their rights cannot be used against them at a criminal trial.
Why would you need to be protected against self-incrimination? Surely it’s to prevent the government from coercing a confession out of the accused.
It’s not just made for that, it also stands in as a consolation for police officers who are trained in interrogation using what’s called the “Reid technique” ensuring the defendant makes a false confession.
Not only is that used as a statement of admittance at trial, the defendant may also get charged with perjury.
Would it be too much of a stretch to imagine if a cop uses deceptive tactics on a suspect on the street and/or the interrogation room they won’t lie on the witness stand during proceedings of a trial?
Prosecutors have unfettered powers for what charges can be brought up against a defendant, even if the charges don’t make sense to be brought up on to a defendant to begin with. A legal precedent in the court system.
Moreover, they’re allocated a well-endowed budget. More so than the defendant, thus tilting the legal playing field in their favor for the so-called “public” to win.
Lastly, prosecutors use this morally (though not legally) coercive strategy where they’ll overcharge a defendant on crimes in order for them to plead guilty to fewer and/or lesser criminal charges.
Judges tend to be vindictive. It’s not supposed to be this way, yet it is.
What I mean by vindictive is if you don’t plead guilty to a crime, you’re most likely gonna be “made an example out of” and sentenced to the maximum sentence allowed by statute.
In some cases, even flat-out pleading guilty can make Judges sentence you out of spite with zero consideration for severity of the crime or focus on rehabilitation, simply because no one can stop them from acting on feelings of lawfully despotism.
Cruel and usual punishment is protected under the 8th amendment. Ever wonder why we have the death penalty legal in the federal justice system and in some states across the USA?
After the U.S. Supreme Court ruled it as unconstitutional in 1972 in Furman v. Georgia, four years later in 1976 we saw it reinstated in Gregg v. Georgia.
What amendment was this decided under you may ask? The one protecting us against cruel and unusual punishment.
Compare this to other developed nations around the world, you’ll see they don’t have the death penalty, thus highlighting capital punishment as unusual.
1987 U.S. Supreme Court case Singer v. United States found capital punishment is fair game even if the defendant didn’t intend to cause a death in a felony murder case.
1987 U.S. Supreme Court case McCleskey v. Kemp disregards racial statistics on capital punishments.
2003 U.S. Supreme Court case Ewing v. California paved the way for the Golden State’s draconian 3-strikes law.
2006 U.S. Supreme Court case Oregon v. Guzek disregarded permitting defendants from submitting innocent-based evidence during a sentencing phase of trial.
2019 U.S. Supreme Court case Madison v. Alabama greenlights executions of those who didn’t remember committing a murder, i.e. dementia.
Protection against double jeopardy and self-incrimination, as well as protecting your right to have due process in the legal system, is protected under the 5th amendment.
In a sense, you’re innocent until proven guilty in a court of law.
Due process is futile when you have a bail system permitting courts to charge defendants bail to be released back into the community well before they’ve even been convicted of a crime of the nature brought forth against them by the state while awaiting their sentence.
Get this: courts have held that police can force you to unlock your cellphone if it has biometric (fingerprint and face scan) security.
2011 U.S. Supreme Court case Bobby v. Dixon contradicts Miranda v. Arizona in the way that police don’t have to tell you of your rights when you’re not in police custody.
2010 U.S. Supreme Court case Berghuis v. Thompkins spat in the face of Miranda v. Arizona by taking away your right to be silent.
What I’m trying to say is you need to explicitly verbalize your right to remain silent to invoke your right to remain silent.
When your partner chooses not to answer you about whether or not they want to have sex with you, that’s not consent towards intercourse. At that point it’d be sexual assault.
The 2nd amendment explicitly states “A well regulated Militia, being necessary to the security of a free State, the right of the people to keep and bear Arms, shall not be infringed.”
Meanwhile, people who use recreational drugs of any kind are statutorily prohibited by federal law from owning a firearm.
Granted, there’s been a federal case recently ruling in favor of a defendant charged with gun ownership while simultaneously being a user of marijuana and overturning their conviction at the time of this article being published.
To add insult to injury, any felonies on your record regardless if non-violent or violent is an automatic disqualifier from owning a gun.
If Uncle Sam wasn’t bad enough with unlawfully regulating firearms you should take a look at a handful of states.
California, Massachusetts, New Jersey, Hawaii, and New York are among the top 10 states for gun control in increments of high capacity bans, guns at protests prohibited, interview with local police chief for discretionary approval, fully-auto and assault weapon bans, and mandatory waiting periods for firearm purchases.
Freedom of speech in the 1st amendment is meant to protect you against unlawful curtailment of your right to say disparaging things about the government.
In addition, it gives you the right to practice any religion you see fit and to peacefully assemble (think protests).
Too bad the U.S. Supreme Court decided it didn’t retroactively apply in these cases.
1941 U.S. Supreme Court case Cox v. New Hampshire ruled that local and state governments can pass laws mandating permits for large gatherings of protests.
1969 U.S. Supreme Court case Shuttlesworth v. City of Birmingham gave way for townships and cities to deny permits to protest events if they deem it as a threat to public safety within their community.
2007 U.S. Supreme Court case Morse v. Frederick declared promoting illegal drug use was outside the protection of freedom of speech.
1988 U.S. Supreme Court Hazelwood School District v. Kuhlmeier held that student speech in a school-sponsored newspaper can be censored by the faculty.
2025 U.S. Supreme Court case TikTok, Inc. v. Garland eroded TikTok’s ability to fall under the dominion of a foreign company under the guise of “national security”.
Imagine this: the 1st amendment doesn’t just protect people from freedom of speech, it protects unions, super PACs, and corporations.
2010 U.S. Supreme Court case Citizens United v. FEC granted corporations, and super PACs (political action committees) and even unions the right to independently spend on politician and political issue-based campaigns.
Yes, you read that right! Super PACs, corporations, and unions have been recognized as being considered in the same category as people under the 1st amendment.
Right of privacy in the 4th amendment protects you against unlawful search and seizures without probable cause or a warrant.
However, you wouldn’t even think this for what I’m gonna explain to you.
1975 U.S. Supreme Court case United States v. Brignoni-Ponce has established warrantless searches within 100 miles of the border.
1976 U.S. Supreme Court case United States v. Martinez-Fuerte gave border patrol the okay to set up checkpoints within the border zone to crack down on illegal immigration.
That same year, Heien v. North Carolina ruled an officer who mistakens the law when conducting a traffic stop doesn’t violate the 4th amendment.
2009 U.S. Supreme Court Herring v. United States said police can search you and your property illegally over a mistake.
2013 U.S. Supreme Court case Maryland v. King ruled that buccal swabs are permissible as if it were fingerprinting.
1990 U.S. Supreme Court case Michigan Department of State Police v. Sitz ruled that police sobriety checkpoints are legal.
1984 U.S. Supreme Court case New Jersey v. T. L. O. constructed a path for school administrators to search students on school property without a warrant.
In the exact same year, Oliver v. United States sprouted up a legal doctrine known as the “open-field doctrine” where searches done in a field not immediately surrounding a private quarters does not violate the 4th amendment.
Safford United School District v. Redding, while declaring the broad search done on a pupil who at the time was a girl was unconstitutional, school administrators were granted legal immunity from conducting illegal searches.
Slavery was abolished thanks to the passing of the 13th amendment.
Sadly, our judicial branch partially eroded this freedom via court cases.
1918 U.S. Supreme Court case Arver v. United States, otherwise known as Selective Draft Law Cases, finds the selective services, or the draft for times of war, to be a constitutional government program.
Upon thorough examination of the 13th amendment you’ll notice slavery is illegal except for instances where a victim has been subjected to incarceration.
Because that loophole was added into the final version of the amendment, prison labor is a lucrative business to corporations to have modern day slave labor produce their products at miniscule wages where they’re often sold at exorbitant prices on markets.
Your scope of freedoms are at the mercy of our 3 branches of government.
Moreover, they’re subject to scrutiny at the state level too.
Do we really need lawmakers wearing suits and ties to determine what’s good and bad for us?
If we did, could we truly rely on them to grant us liberty for us to live out an average day-to-day life not impeding on the well-being and safety of another person?
Will corruption get in the way of how judges are influenced?
Can judges not allow ideologies to interfere with just decisions?
Is there a necessity for a centralized governmental power in regards to control over how free a person becomes before it encroaches on another person’s free will?
Should we have security and insurance to protect others while depriving freedoms to others?
Here’s a quote I came up with: “Societies managed by the inhabitants with direct action have the most freedom while societies managed by the lawmakers with police have the least freedom.”
OrionBelt©
in reply to Informa Pirata • • •Informa Pirata likes this.
Informatica (Italy e non Italy 😁) reshared this.
Informa Pirata
in reply to OrionBelt© • •Informatica (Italy e non Italy 😁) reshared this.