I dispositivi Bluetooth di decine di noti produttori si sono dimostrati vulnerabili ad attacchi che possono trasformare cuffie o altoparlanti wireless in strumenti di spionaggio. Lo hanno annunciato gli specialisti di ERNW alla conferenza TROOPERS tenutasi in Germania. Secondo loro, i chip Airoha problematici sono utilizzati in 29 modelli di dispositivi di marchi come Beyerdynamic, Bose, Sony, Marshall, Jabra, JBL, Jlab, EarisMax, MoerLabs e Teufel.

La lista non si limita a cuffie convenzionali e auricolari, ma comprende anche diffusori portatili, microfoni a trasmissione wireless e ulteriore strumentazione audio. Viene rilevata la presenza di vulnerabilità nel sistema su chip Airoha, estesamente impiegato in vari accessori wireless, come le popolari cuffie TWS.

In totale, gli esperti hanno identificato tre vulnerabilità, a cui sono stati assegnati identificatori ufficiali:

• CVE-2025-20700 (6,7 sulla scala CVSS) – mancanza di autenticazione per i servizi GATT;
• CVE-2025-20701 (6,7 sulla scala CVSS) – mancanza di autenticazione durante la connessione tramite Bluetooth BR/EDR;
• CVE-2025-20702 (7,5 sulla scala CVSS): vulnerabilità critiche nel protocollo del produttore.

Sebbene gli attacchi richiedano la presenza fisica dell’attaccante all’interno dell’area di copertura Bluetooth e un elevato livello di competenza tecnica, gli scenari di sfruttamento delle vulnerabilità appaiono piuttosto allarmanti. Gli specialisti di ERNW hanno sviluppato un prototipo funzionante dell’attacco che consente di leggere la traccia corrente o altri contenuti audio in streaming dalle cuffie.

Un rischio più serio è la possibilità di intercettare la connessione tra il telefono e le cuffie. Attraverso il profilo Bluetooth Hands-Free (HFP), un aggressore può impartire comandi allo smartphone. Secondo gli esperti, tutte le principali piattaforme mobili consentono almeno di avviare o ricevere chiamate dalle cuffie.

Grazie alle vulnerabilità scoperte, gli esperti hanno dimostrato di essere in grado di estrarre le chiavi di connessione Bluetooth dalla memoria delle cuffie. Ciò consente di sostituire il dispositivo originale e di intercettare la connessione, riuscendo in alcuni casi ad accedere al registro delle chiamate o ai contatti del proprietario del telefono.

Inoltre, con una determinata configurazione dello smartphone, un aggressore può chiamare un numero qualsiasi e poi ascoltare le conversazioni o i suoni provenienti dal telefono, utilizzandolo di fatto come un dispositivo di ascolto. Di particolare preoccupazione è la possibilità che i dispositivi vulnerabili vengano riprogrammati, il che potrebbe aprire la porta a codice dannoso o, nel peggiore dei casi, a un exploit “auto-propagante” che potrebbe infettare altri dispositivi tramite Bluetooth.

Tuttavia, nonostante la gravità della minaccia, gli esperti sottolineano che gli attacchi sono estremamente difficili da implementare su larga scala. La loro implementazione richiede non solo una profonda conoscenza dell’architettura Bluetooth e dei dispositivi Airoha, ma anche la prossimità fisica alla vittima. Per questo motivo, i bersagli più probabili potrebbero essere persone di particolare valore: giornalisti, diplomatici, rappresentanti aziendali o attivisti.

L'articolo Vulnerabilità Bluetooth: cuffie e altoparlanti wireless possono essere trasformati in strumenti di spionaggio proviene da il blog della sicurezza informatica.

People have been talking about switching from Windows to Linux since the 1990s, but in the world of open-source operating systems, there is much more variety than just the hundreds of flavors of Linux-based operating systems today. Take FreeBSD, for example. In a recent [GNULectures] video, we get to see a user’s attempt to switch from desktop Linux to desktop FreeBSD.

The interesting thing here is that both are similar and yet very different, mainly owing to their very different histories, with FreeBSD being a direct derivative of the original UNIX and its BSD derivative. One of the most significant differences is probably that Linux is just a kernel, with (usually) the GNU/Hurd userland glued on top of it to create GNU/Linux. GNU and BSD userland are similar, and yet different, with varying levels of POSIX support. This effectively means that FreeBSD is a singular OS with rather nice documentation (the FreeBSD handbook).

The basic summary here is that FreeBSD is rather impressive and easy to set up for a desktop, especially if you use a customized version like GhostBSD. Despite Libreboot, laptop power management, OSB NVENC, printer, and WiFi issues, it was noted that none of these are uncommon with GNU/Linux either. Having a single package manager (pkg) for all of FreeBSD (and derivatives) simplifies things a lot. The bhyve hypervisor makes running VMs a snap. A robust ZFS filesystem is also a big plus.

What counts against desktop FreeBSD in the end is a less refined experience in some areas, despite FreeBSD being able to run Linux applications courtesy of binary compatibility. With some developer love and care, FreeBSD might make for a nice desktop alternative to GNU/Linux before long, one that could be tempting even for the die-hard Windows holdouts among us.

youtube.com/embed/Rk5kJ2iWYaU?…

hackaday.com/2025/06/29/switch…

Sul forum underground russo XSS è apparso un post che offre una “Collection di Lead Verificati Italia 2025” con oltre 1 milione di record. Questo tipo di inserzioni evidenzia la continua mercificazione dei dati personali e aziendali nel sottobosco criminale online.

Cos’è una “Collezione Strutturata di Dati” nel Contesto Cybercriminale?

Nel mondo della criminalità informatica, una “collection strutturata di dati” si riferisce a un database organizzato contenente informazioni dettagliate su individui e aziende. Come descritto nel post, queste collezioni sono “pulite, strutturate per qualsiasi piattaforma di mailing o validazione” e includono contatti per privati e imprese.

La loro natura “strutturata” li rende immediatamente utilizzabili per attività su larga scala, come l’invio massivo di email o la verifica telefonica.

Origine e Utilizzo di Tali Collezioni

pesso, queste collezioni di dati provengono da “data breach” freschi, ovvero violazioni di sicurezza che espongono informazioni sensibili. I cybercriminali compromettono database, siti web o sistemi aziendali per estrarre grandi quantità di dati, che vengono poi aggregati, validati e venduti su mercati neri come i forum underground.

Lo scopo principale di queste collezioni è facilitare attività illecite, tra cui:

• Phishing e Malspam: Le liste di contatti dettagliate consentono ai criminali di condurre campagne di phishing (tentativi di frode per ottenere credenziali o informazioni sensibili) e malspam (invio di email contenenti malware) su larga scala e in modo più mirato. L’obiettivo è ingannare le vittime e ottenere accesso non autorizzato o diffondere software dannoso.
• Test di Truffe e Arricchimento di Lead Illegali: I dati vengono utilizzati per testare l’efficacia di nuove truffe o per arricchire database esistenti con informazioni aggiuntive, rendendo gli attacchi futuri ancora più sofisticati.
• Verifica di Numeri Telefonici e Frodi SMS: La presenza di numeri di telefono consente frodi via SMS (smishing) o chiamate (vishing), dove i criminali si spacciano per entità legittime per estorcere informazioni.

Il Ruolo degli IAB (Initial Access Brokers) nel Contesto Cybercriminale

È importante distinguere tra la vendita di collezioni di dati e il ruolo degli Initial Access Brokers (IAB). Sebbene il post in questione venda una collezione di dati di contatto, il termine “IAB” si riferisce a criminali informatici specializzati nell’ottenere e vendere accessi non autorizzati a reti e sistemi informatici.

Gli IAB agiscono come un anello cruciale nella catena del cybercrime, fornendo ad altri gruppi (come quelli che implementano ransomware) la “porta d’ingresso” a un’organizzazione. Questo accesso può essere ottenuto tramite phishing, sfruttamento di vulnerabilità o altre tecniche. Sebbene la vendita di dati e l’attività degli IAB siano entrambe prevalenti su forum come XSS, il post qui analizzato rientra nella categoria della vendita di database di contatti, piuttosto che di accessi a sistemi.

Conclusioni

La presenza di offerte come questa sul forum XSS sottolinea la costante minaccia rappresentata dal mercato sotterraneo dei dati.

La disponibilità di collezioni di “lead” strutturate e verificate abbassa la soglia per i criminali meno esperti, consentendo loro di lanciare attacchi più efficaci. È fondamentale che individui e organizzazioni adottino misure di sicurezza robuste, come l’autenticazione a due fattori, l’aggiornamento costante dei sistemi e la formazione sulla consapevolezza del rischio, per difendersi da queste minacce persistenti.

L'articolo Un milione di Lead Italiani del 2025 in vendita nelle underground. Per un Phishing senza domani! proviene da il blog della sicurezza informatica.

I ricercatori di sicurezza informatica hanno descritto nei dettagli una nuova campagna denominata OneClik che sfrutta la tecnologia di distribuzione del software ClickOnce di Microsoft e backdoor Golang personalizzate per compromettere le organizzazioni nei settori dell’energia, del petrolio e del gas.

“La campagna mostra caratteristiche in linea con quelle degli autori di minacce affiliati alla Cina, sebbene l’attribuzione rimanga cauta”, hanno affermato i ricercatori di Trellix Nico Paulo Yturriaga e Pham Duy Phuc in un articolo tecnico.”

In poche parole, gli attacchi di phishing sfruttano un loader basato su .NET denominato OneClikNet per distribuire una sofisticata backdoor basata su Go, nome in codice RunnerBeacon, progettata per comunicare con un’infrastruttura controllata dall’aggressore e oscurata tramite i servizi cloud di Amazon Web Services (AWS).

ClickOnce è offerto da Microsoft per installare e aggiornare applicazioni basate su Windows con un’interazione minima da parte dell’utente. È stato introdotto in .NET Framework 2.0. Tuttavia, la tecnologia può rivelarsi un mezzo interessante per gli autori di minacce che desiderano eseguire i propri payload dannosi senza destare sospetti.

Come indicato nel framework MITRE ATT&CK, le applicazioni ClickOnce possono essere utilizzate per eseguire codice dannoso tramite un binario Windows attendibile, “dfsvc.exe”, responsabile dell’installazione, dell’avvio e dell’aggiornamento delle app. Le app vengono avviate come processo figlio di “dfsvc.exe”.

“Poiché le applicazioni ClickOnce ricevono solo permessi limitati, non richiedono autorizzazioni amministrative per l’installazione”, spiega il MITRE . I ricercatori di Trellix hanno affermato che le catene di attacco iniziano con e-mail di phishing contenenti un collegamento a un falso sito Web di analisi hardware che funge da canale per la distribuzione di un’applicazione ClickOnce, la quale, a sua volta, esegue un file eseguibile utilizzando dfsvc.exe.

L’impianto Golang può comunicare con un server di comando e controllo (C2) tramite HTTP, WebSocket, TCP raw e pipe denominate SMB, consentendogli di eseguire operazioni sui file, enumerare e terminare processi in esecuzione, eseguire comandi shell, aumentare i privilegi tramite furto di token e impersonificazione e ottenere movimenti laterali.

Inoltre, la backdoor incorpora funzionalità anti-analisi per eludere il rilevamento e supporta operazioni di rete come la scansione delle porte, l’inoltro delle porte e il protocollo SOCKS5 per facilitare le funzionalità di proxy e routing. “Il design di RunnerBeacon è molto simile ai beacon Cobalt Strike basati su Go (ad esempio la famiglia Geacon/Geacon plus/Geacon Pro)”, hanno affermato i ricercatori.

Solo nel marzo 2025 sono state osservate tre diverse varianti di OneClick: v1a, BPI-MDM e v1d, con ogni iterazione che dimostra capacità progressivamente migliorate, consentendo di passare inosservate. Una variante di RunnerBeacon è stata invece identificata nel settembre 2023 presso un’azienda mediorientale operante nel settore petrolifero e del gas.

Sebbene in passato tecniche come l’iniezione di AppDomainManager siano state utilizzate da attori di minacce collegati alla Cina e alla Corea del Nord, l’attività non è mai stata formalmente attribuita ad alcun attore o gruppo di minacce noto.

Questo sviluppo arriva mentre QiAnXin ha descritto in dettaglio una campagna condotta da un autore di minacce che identifica come APT-Q-14, che ha anche utilizzato app ClickOnce per propagare malware sfruttando una falla di cross-site scripting (XSS) zero-day nella versione web di una piattaforma di posta elettronica anonima. La vulnerabilità, ha affermato, è stata nel frattempo risolta.

La sequenza di intrusione funge da escamotage nel manuale di istruzioni di una casella di posta, mentre un trojan dannoso viene installato furtivamente sull’host Windows per raccogliere ed esfiltrare informazioni di sistema su un server C2 e ricevere payload di fase successiva sconosciuti.

L’azienda cinese di sicurezza informatica ha affermato che APT-Q-14 si concentra anche sulle vulnerabilità zero-day nei software di posta elettronica per la piattaforma Android.

L'articolo Il malware OneClik prende di mira il settore energetico con backdoor Microsoft ClickOnce e Golang proviene da il blog della sicurezza informatica.

Nel cuore dei conflitti contemporanei, accanto ai carri armati, ai droni e alle truppe, si combatte una guerra invisibile, silenziosa e spesso sottovalutata: la cyber war.

Non è solo uno scenario futuristico o una minaccia ipotetica. È realtà. Dai conflitti tra Russia e Ucraina, passando per gli attacchi paralleli che si sono verificati durante lo scontro tra Israele e Hamas, fino alle recenti tensioni tra Israele e Iran, il cyberspazio è ormai diventato un vero campo di battaglia.

Il cyberspazio come nuovo dominio di guerra

Il cyberspace non è più soltanto l’ambiente dove si realizzano truffe informatiche, divulgazioni di materiale pedopornografico o accessi abusivi. È stato ufficialmente riconosciuto dalla NATO come quinto dominio della guerra, accanto a terra, mare, aria e spazio. Questo significa che operazioni offensive e difensive condotte attraverso sistemi informatici possono avere lo stesso peso strategico e geopolitico degli attacchi convenzionali.

Nel contesto delle relazioni internazionali, la cyber war si distingue da altre attività digitali come il cyber crimine, l’info war, il cyber terrorismo o la sorveglianza digitale statale.

Qui si parla di veri e propri attacchi portati da uno Stato contro un altro, con obiettivi di destabilizzazione, sabotaggio o acquisizione strategica di dati sensibili.

Il diritto internazionale e le sfide della cyber war

Una delle grandi questioni aperte è quella giuridica: come si regolano i conflitti cibernetici? Serve un diritto “su misura” per il cyberspazio?

La posizione prevalente, sostenuta anche dagli Stati Uniti, è che le regole del diritto internazionale – sia in tempo di pace che di guerra – si applicano anche nel cyberspazio. Tuttavia, permangono criticità evidenti:

• l’attribuzione dell’attacco: nel cyber spazio è difficile identificare con certezza l’aggressore;
• il concetto di arma cibernetica: quando un attacco informatico può essere considerato “militare”? Quando si può reagire anche con la forza?
• la proporzionalità della risposta: il diritto internazionale richiede che la risposta a un attacco armato sia proporzionata. Ma come si misura un attacco digitale?

Secondo molti esperti, un attacco cyber diventa “armato” se produce danni fisici, morti o distruzione di infrastrutture critiche. In questo contesto, si parla di cyber arma quando l’attacco:

1. avviene nel contesto di un conflitto tra attori statali o equiparabili;
2. ha lo scopo di danneggiare fisicamente o informaticamente infrastrutture sensibili;
3. è portato avanti tramite strumenti tecnologici avanzati.

Le operazioni cibernetiche: CNA, CNE e CND

Per il Dipartimento della Difesa degli Stati Uniti, le operazioni cibernetiche si dividono in:

• CNA (Computer Network Attack): attacchi finalizzati a disturbare, degradare o distruggere sistemi informativi (sono le vere operazioni da “cyber war”);
• CNE (Computer Network Exploitation): raccolta segreta di informazioni – si tratta di operazioni di intelligence;
• CND (Computer Network Defence): azioni difensive per proteggere reti e sistemi.

Solo le CNA che rappresentano una minaccia o un uso della forza rientrerebbero nella cyber war vera e propria. Le altre si collocano più propriamente nell’ambito dello spionaggio o della guerra dell’informazione.

Cyber attacco e articolo 5: quando può scattare la difesa collettiva della NATO?

L’articolo 5 del Trattato del Nord Atlantico, sottoscritto nel 1949, prevede che:

“Un attacco armato contro uno o più membri dell’Alleanza sarà considerato un attacco contro tutti, e ciascuno di essi prenderà le misure necessarie per aiutare lo Stato attaccato, anche con l’uso della forza armata.”

In origine, questa norma era pensata per attacchi militari convenzionali (terrestri, navali o aerei). Tuttavia, dal 2014 in poi – in particolare dopo gli attacchi hacker a infrastrutture occidentali e l’annessione della Crimea – la NATO ha esteso ufficialmente il concetto di “attacco armato” anche al cyberspazio.

Quando un cyber attacco può attivare l’art. 5?

Un cyber attacco può teoricamente innescare l’articolo 5 se raggiunge una soglia paragonabile a un attacco armato convenzionale in termini di:

• gravità (es. paralisi di un intero sistema elettrico nazionale, sabotaggio delle infrastrutture ospedaliere, disattivazione della difesa aerea);
• effetti (vittime umane, danni materiali su larga scala);
• chiarezza dell’attribuzione (identificabilità certa dell’attore responsabile, e che questo sia uno Stato o direttamente collegato a esso).

Nel 2007, l’Estonia – membro NATO – subì un attacco cyber massiccio attribuito a gruppi russi: non fu attivato l’art. 5, ma da quel momento la NATO ha istituito il Centro di Eccellenza per la Difesa Cibernetica a Tallinn.

• Nel 2021, la NATO ha dichiarato ufficialmente che “un attacco cyber significativo potrebbe portare all’attivazione dell’articolo 5″, senza però specificare soglie quantitative.
• La crisi Russia-Ucraina ha ulteriormente alzato il livello di attenzione: se la Russia dovesse lanciare un attacco informatico devastante contro un’infrastruttura critica NATO, l’Alleanza potrebbe considerarlo un attacco armato vero e proprio.

In conclusione, l’articolo 5 può essere applicato alla cyber war, ma solo in presenza di evidenze forti, impatti gravi e responsabilità statale accertata. L’Alleanza atlantica è ancora prudente: il cyberspazio è un campo di battaglia fluido, dove la risposta sbagliata rischia di far degenerare il conflitto invece che contenerlo.

Pertanto, l’articolo 5 oggi è uno strumento più politico che operativo nella cyber war: serve a dissuadere potenziali attaccanti, ma la sua attuazione concreta resta eccezionale e carica di implicazioni giuridiche e diplomatiche complesse.

Dai documenti normativi europei alla difesa nazionale

L’urgenza di proteggersi da queste minacce è testimoniata da una serie di atti normativi e strategici sia internazionali che nazionali. In ambito europeo, spiccano la Direttiva NIS del 2016, il Documento G7 di Taormina e i Manuali di Tallinn, veri e propri riferimenti giuridici sul tema.

In Italia, lo sforzo normativo si è concretizzato in provvedimenti come:

• il Libro Bianco per la Sicurezza Internazionale e la Difesa;
• il Piano nazionale per la protezione cibernetica;
• il DPCM del 17 febbraio 2017“Direttiva recante indirizzi per la protezione cibernetica e la sicurezza informatica nazionali” ;
• la legge n. 133/2019, istitutiva del perimetro di sicurezza nazionale cibernetica;
• la legge 109/2021, recante “ Disposizioni urgenti in materia di cybersicurezza, definizione dell’architettura nazionale di cybersicurezza e istituzione dell’Agenzia per la cybersicurezza nazionale “ , che ha istituito l’Agenzia per la cybersicurezza nazionale (ACN);
• la legge n. 90/2024,” Disposizioni in materia di rafforzamento della cybersicurezza nazionale e di reati informatici”, che impone nuovi obblighi di notifica, reazione e coordinamento in caso di incidenti informatici.

I Manuali di Tallinn: la cornice giuridica internazionale del conflitto cibernetico

I due Manuali di Tallinn (2013 e 2017), redatti da un gruppo internazionale di esperti sotto l’egida del Centro di Eccellenza NATO per la Cyber Difesa (CCDCOE), rappresentano il tentativo più avanzato di dare un’interpretazione giuridica al ruolo del diritto internazionale nel cyberspazio, in assenza di trattati specifici vincolanti.

Il primo Manuale si concentra esclusivamente sulle situazioni di conflitto armato: si applica, cioè, quando la cyber war raggiunge o affianca una guerra convenzionale. Analizza come si applichino al cyberspazio le regole del diritto internazionale umanitario (o diritto bellico), come la Convenzione di Ginevra, e quelle del diritto internazionale generale, compresi i principi di:

• sovranità: ogni Stato ha il diritto esclusivo di controllare il proprio cyberspazio e le proprie infrastrutture digitali;
• non ingerenza: le operazioni informatiche non devono compromettere la sovranità o l’indipendenza politica di un altro Stato;
• proibizione dell’uso della forza, salvo legittima difesa;
• responsabilità dello Stato: uno Stato è responsabile per gli atti compiuti nel suo cyberspazio o da soggetti sotto il suo controllo.

Viene anche definito cosa possa considerarsi “uso della forza” in ambito informatico, distinguendo tra azioni di disturbo (es. DDoS) e attacchi distruttivi a infrastrutture critiche, che possono potenzialmente giustificare una risposta militare.

Il secondo Manuale, amplia enormemente la portata del primo. Si concentra infatti sulle cyber operations che si verificano al di sotto della soglia del conflitto armato, cioè in tempo di pace, e spesso in assenza di dichiarazioni ufficiali di guerra.

Tallinn 2.0 affronta nuove questioni cruciali:

• la responsabilità degli Stati per attività di spionaggio, sabotaggio e disinformazione condotte da gruppi “non statali” ma tollerati o sostenuti;
• la definizione e protezione delle infrastrutture critiche;
• l’interazione tra cyber law e altri rami del diritto internazionale, come:
  
  • il diritto del mare (per es. cavi sottomarini);
  • il diritto dello spazio (per le comunicazioni satellitari);
  • il diritto diplomatico e consolare (in relazione alla violazione di sedi e dati di rappresentanze estere);

  
  

• l’applicazione dei diritti umani al cyberspazio: libertà di espressione, tutela della privacy, accesso all’informazione;
• il trattamento giuridico delle operazioni di spionaggio informatico, finora escluse da norme esplicite, ma che mettono a rischio la sicurezza nazionale e la fiducia tra Stati;
• le modalità di risoluzione pacifica delle controversie digitali e le responsabilità degli Stati nei confronti di attacchi cyber lanciati da attori interni o ospitati sul proprio territorio.

Se il primo Manuale rappresenta una sorta di “Manuale d’emergenza” per la guerra cibernetica, il secondo è una vera e propria enciclopedia del diritto internazionale applicato al cyberspazio, utile anche per prevenire escalation e promuovere un uso responsabile delle tecnologie digitali.

Le tre leggi cardine della cybersicurezza italiana: 133/2019, 109/2021 e 90/2024

Nel panorama normativo italiano, tre provvedimenti rappresentano le fondamenta della strategia nazionale di difesa cibernetica. Si tratta della legge 133/2019, del Decreto-legge 82/2021 (convertito nella legge 109/2021) e della legge 90/2024. Ciascuno di questi interventi normativi ha rafforzato progressivamente l’architettura istituzionale e operativa della cybersicurezza nel nostro Paese, con obiettivi crescenti di prevenzione, coordinamento e risposta efficace agli attacchi digitali.

La legge 133 nasce per difendere le infrastrutture digitali critiche italiane, pubbliche e private, da potenziali attacchi informatici. Convertendo il Decreto-legge n. 105/2019, istituisce il Perimetro di sicurezza nazionale cibernetica, che ha due obiettivi fondamentali:

1. individuare i soggetti strategici nazionali (ministeri, aziende, enti pubblici, operatori di servizi essenziali) che gestiscono sistemi e reti fondamentali per la sicurezza dello Stato;
2. imporre a questi soggetti l’adozione di specifiche misure di sicurezza, standard tecnologici, obblighi di notifica in caso di incidenti e di sottoporre a verifica preventiva i fornitori di tecnologie critiche.

La legge attribuisce alla Presidenza del Consiglio, tramite il DIS (Dipartimento delle informazioni per la sicurezza), un ruolo di coordinamento, con la collaborazione di altri organi, come il Ministero della Difesa e dell’Interno. Inoltre, prevede sanzioni per chi non si adegua agli obblighi di sicurezza, e introduce una valutazione preventiva per le forniture ICT in settori sensibili.

Con il Decreto-legge 82, convertito nella legge 109/2021, l’Italia compie un salto di qualità istituzionale istituendo l’ACN – Agenzia per la Cybersicurezza Nazionale. L’Agenzia ha il compito di:

• gestire, monitorare e potenziare la resilienza cibernetica del Paese;
• coordinare le attività di difesa informatica delle pubbliche amministrazioni;
• promuovere l’autonomia strategica italiana ed europea nel settore del digitale;
• collaborare con università, centri di ricerca e imprese per sviluppare tecnologie sicure;
• curare la formazione di una forza lavoro specializzata e promuovere campagne di educazione alla cybersicurezza tra cittadini e aziende.

L’ACN si occupa anche dell’attuazione operativa delle misure previste dalla legge 133/2019 e rappresenta l’interlocutore unico a livello europeo e internazionale per la cooperazione nel settore cyber.

Il modello italiano viene trasformato da reattivo a proattivo e integrato, riconoscendo il cyberspazio come elemento strutturale della sicurezza nazionale.

La legge 90 del 2024 ha aggiornato e rafforzato il sistema normativo già esistente, introducendo obblighi puntuali e tempestivi di segnalazione per gli incidenti informatici. In particolare, prevede:

• l’obbligo per determinati soggetti (amministrazioni pubbliche e operatori rilevanti) di inviare una prima segnalazione all’ACN entro 24 ore dal momento in cui vengono a conoscenza di un incidente cyber;
• la trasmissione di una notifica completa entro 72 ore, tramite le piattaforme messe a disposizione dall’Agenzia;
• l’obbligo per i soggetti segnalati di risolvere vulnerabilità indicate dall’ACN entro 15 giorni;
• l’individuazione all’interno delle PA di una struttura e un referente per la cybersicurezza, che fungano da punto di contatto unico con l’Agenzia.

Inoltre, la legge favorisce l’armonizzazione tra cybersicurezza e transizione digitale: il responsabile per la transizione al digitale (RTD) può coincidere con il referente per la sicurezza cibernetica.

Si tratta di un grande passo avanti verso un modello reattivo ma anche collaborativo, che premia la rapidità nella gestione delle crisi e impone tempistiche chiare per intervenire, riducendo i margini di incertezza o inazione.

Cyberwar e propaganda: il futuro dei conflitti è ibrido, ma l’Italia è ancora culturalmente disarmata

Oggi tutte le guerre sono ibride: non si combattono più solo con armi convenzionali, ma si estendono al cyberspazio, dove la linea tra attacco e difesa è sottile, invisibile e in continua evoluzione. In questa nuova dimensione, accanto ai malware e alle operazioni di sabotaggio, gioca un ruolo decisivo anche la disinformazione, alimentata da sofisticate tecniche di propaganda digitale, spesso potenziate dall’intelligenza artificiale. Le fake news diventano munizioni, i social network campi di battaglia, le menti dei cittadini obiettivi da manipolare.

Sul fronte normativo, qualcosa si muove: i legislatori internazionali – seppur con lentezza – stanno prendendo atto della portata della minaccia, adottando leggi sempre più orientate a proteggere i sistemi digitali critici, quelli cioè che custodiscono le informazioni vitali per la sicurezza nazionale. Anche in Italia, come dimostrano le leggi 133/2019, 109/2021 e 90/2024, la consapevolezza istituzionale è ormai chiara.

Tuttavia, resta un pesante ritardo culturale. L’educazione informatica, soprattutto nel campo della cybersicurezza, è ancora marginale. Le Università che formano specialisti in sicurezza digitale sono poche, spesso sottodimensionate rispetto alla domanda reale del mercato e alle esigenze dello Stato. In molte realtà strategiche mancano le competenze tecniche adeguate per gestire le minacce cyber, e spesso chi guida i processi decisionali non ha piena padronanza dei rischi digitali.

Inoltre, manca una definizione normativa chiara di cybersecurity: non è ancora stabilito fino a che punto possa spingersi un esperto della sicurezza informatica senza incorrere in violazioni di legge. Quando la difesa diventa intrusione? Quando la protezione diventa sorveglianza abusiva? Questi vuoti normativi creano incertezza e, in casi estremi, possono addirittura ostacolare la sicurezza stessa che si intende garantire.

In un contesto globale in cui la guerra si combatte con droni, codici e notizie manipolate, non possiamo più permetterci di rimanere indietro. Costruire una solida cultura della cybersicurezza è oggi una priorità nazionale, tanto quanto dotarsi di armamenti tradizionali. Perché nella guerra del futuro – che in parte è già il presente – la prima linea è fatta di competenza, consapevolezza e prontezza digitale.

L'articolo Cyber War: la guerra invisibile nel cyberspazio che decide i conflitti del presente proviene da il blog della sicurezza informatica.

Александр Исавнин, Член Федерального Штаба Пиратской партии России, Генеральный секретарь Пиратского Интернационала, в рамках форума Организации объединённых наций по управлению Интернетом 2025 (Internet Governance Forum 2025).

Пиратский интернационал, в том числе в лице Александра Исавнина, много лет подряд участвует в Форуме. В этом году главной темой юбилейного 20-ого форума, прошедшего в Норвегии, было «Совместное построение цифрового управления» (Building Digital Governance Together).

Второй год подряд Пиратский Интернационал проводит семинар Day 0. В этом году семинар назывался Этическое сетевое взаимодействие: устойчивость и ответственность (Ethical Networking: Sustainability and Accountability), и Александр принял в нём участие в качестве спикера. Семинар проводился совместно с программой Кембриджского университета по этике в математике, а также профессорами и интернет-экспертами со всего мира.

Александр рассказал об особенностях сетевой этики в России, разработке государством и подконтрольным ему структурам технологий, которые позиционируются как благо, но используются слежки и контроля, необходимости обучения молодёжи, неразвитии социально значимых технологий под предлогом безопасности, о том, что в разных местах мира разная этика, и IGF позволяет прежде всего не синхронизировать, а понять подходы друг друга.

Александр:

I’m from country which for a long time pretended to be global north, but now we’re pretending to be global south. But you also have to oversight really clearly, because in not very democratic developed countries, especially in countries of so-called global south, technology can easily be abused by the government, which will make gap to the north, economical gap, civilizational, well, not civilizational, societal gaps, democratic gaps, much bigger than it exists. Technology could not close gaps. You have to oversight really, really accurately and constantly and not releasing it.

Ключевые вопросы, поднятые в ходе обсуждения на семинаре:

• Этическое взаимодействие в сети требует междисциплинарного сотрудничества, что было продемонстрировано участием в этой сессии математиков, инженеров, социологов и политологов
• Проектирование технологий должно учитывать долгосрочную устойчивость, поскольку даже незначительные технические решения сегодня могут существенно повлиять на энергопотребление в будущем
• Обучение молодого поколения этике крайне важно для ответственного использования технологий
• Этический надзор за технологиями значительно различается в разных регионах мира
• Инженеры должны интегрировать этику и устойчивое развитие в основу технологического прогресса
• Оценка социальных последствий должна проводиться параллельно с разработкой технологий
• Этическое взаимодействие в сети требует инклюзивных международных перспектив и диалога, подобного практике встреч на IGF
• Гражданский контроль необходим для управления системами, основанными на данных
• Непрерывный мониторинг воздействия технологий критически важен для предотвращения злоупотреблений, а механизмы подотчетности должны включать долгосрочные меры принуждения
• Для оценки этических последствий и вовлечения сообщества необходимы выделенные ресурсы и время
• Человеческие ошибки остаются главной проблемой в социотехнических оценках
• Необходимо проводить больше междисциплинарных исследований, изучающих взаимодействие людей с машинами, их способность осваивать передовые технологии и типы образовательных мер, которые мотивируют внедрение новых технологий
• Практические инструменты исследований, такие как опросы, полезны для понимания этих человеческих факторов

Стенограмма семинара на сайте Пиратского интернационала: pp-international.net/2025/06/2…

Краткое изложение на сайте Форума: https://www.intgovforum.org/en/content/igf-2025-day-0-event-197-ethical-networking-sustainability-and-accountability

Сообщение Член Федерального Штаба Пиратской партии России принял участие в форуме ООН по управлению Интернетом 2025 появились сначала на Пиратская партия России | PPRU.

In questo episodio ci occupiamo dell'uso dell'intelligenza artificiale generativa per il miglioramento del testo.

zerodays.podbean.com/e/io-e-ch…

In the world of information security, much thought goes into ensuring that no information can leave computer networks without expressly being permitted to do so. Conversely, a lot of effort is expended on the part of would-be attackers to break through whatever layers are present. [Halcy] has a way to share data between computers, whether they are networked or not, and it uses ultrasound.

To be fair, this is more of a fun toy than an elite exploit, because it involves a web interface that encodes text as ultrasonic frequency shift keying. Your computer speakers and microphone can handle it, but it’s way above the human hearing range. Testing it here, we were able to send text mostly without errors over a short distance, but at least on this laptop, we wouldn’t call it reliable.

We doubt that many sensitive servers have a sound card and speakers installed where you can overhear them, but by contrast, there are doubtless many laptops containing valuable information, so we could imagine it as a possible attack vector. The code is on the linked page, should you be interested, and if you want more ultrasonic goodness, this definitely isn’t the first time we have touched upon it. While a sound card might be exotic on a server, a hard drive LED isn’t.

hackaday.com/2025/06/29/break-…

In today’s episode of “AI Is Why We Can’t Have Nice Things,” we feature the Hertz Corporation and its new AI-powered rental car damage scanners. Gone are the days when an overworked human in a snappy windbreaker would give your rental return a once-over with the old Mark Ones to make sure you hadn’t messed the car up too badly. Instead, Hertz is fielding up to 100 of these “MRI scanners for cars.” The “damage discovery tool” uses cameras to capture images of the car and compares them to a model that’s apparently been trained on nothing but showroom cars. Redditors who’ve had the displeasure of being subjected to this thing report being charged egregiously high damage fees for non-existent damage. To add insult to injury, if renters want to appeal those charges, they have to argue with a chatbot first, one that offers no path to speaking with a human. While this is likely to be quite a tidy profit center for Hertz, their customers still have a vote here, and backlash will likely lead the company to adjust the model to be a bit more lenient, if not outright scrapping the system.

Have you ever picked up a flashlight and tried to shine it through your hand? You probably have; it’s just a thing you do, like the “double tap” every time you pick up a power drill. We’ve yet to find a flashlight bright enough to sufficiently outline the bones in our palm, although we’ve had some luck looking through the flesh of our fingers. While that’s pretty cool, it’s quite a bit different from shining a light directly through a human head, which was recently accomplished for the first time at the University of Glasgow. The researchers blasted a powerful pulsed laser against the skull of a volunteer with “fair skin and no hair” and managed to pick up a few photons on the other side, despite an attenuation factor of about 10¹⁸. We haven’t read the paper yet, so it’s unclear if the researchers controlled for the possibility of the flesh on the volunteer’s skull acting like a light pipe and conducting the light around the skull rather than through it, but if the laser did indeed penetrate the skull and everything within it, it’s pretty cool. Why would you do this, especially when we already have powerful light sources that can easily penetrate the skull and create exquisitely detailed images of the internal structures? Why the hell wouldn’t you?!

TIG welding aluminum is a tough process to master, and just getting to the point where you’ve got a weld you’re not too embarrassed of would be so much easier if you could just watch someone who knows what they’re doing. That’s a tall order, though, as the work area is literally a tiny pool of molten metal no more than a centimeter in diameter that’s bathed in an ultra-bright arc that’s throwing off cornea-destroying UV light. Luckily, Aaron over at 6061.com on YouTube has a fantastic new video featuring up-close and personal shots of him welding up some aluminum coupons. He captured them with a Helios high-speed welding camera, and the detail is fantastic. You can watch the weld pool forming and see the cleaning action of the AC waveform clearly. The shots make it clear exactly where and when you should dip your filler rod into the pool, the effect of moving the torch smoothly and evenly, and how contaminants can find their way into your welds. The shots make it clear what a dynamic environment the weld pool is, and why it’s so hard to control.

youtube.com/embed/_2_TM0R97-8?…

And finally, the title may be provocative, but “The Sensual Wrench” is a must-see video for anyone even remotely interested in tools. It’s from the New Mind channel on YouTube, and it covers the complete history of wrenches. Our biggest surprise was learning how relatively recent an invention the wrench is; it didn’t really make an appearance in anything like its modern form until the 1800s. The video covers everything from the first adjustable wrenches, including the classic “monkey” and “Crescent” patterns, through socket wrenches with all their various elaborations, right through to impact wrenches. Check it out and get you ugga-dugga on.

youtube.com/embed/VxUE_C99PAw?…

hackaday.com/2025/06/29/hackad…

When you hear “PS2” and “Windows 95,” you probably think someone forgot a slash and are talking about peripherals, but no — this hack is very much about the Sony PlayStation 2, the best-selling game console of all time. [MeraByte] walks us through the possibly ridiculous task of installing Windows 95 on the last hardware anyone at Microsoft would ever endorse in a video you can watch below.

Obviously, the MIPS-based Emotion Engine at the heart of the PS2 is not going to be able to handle x86 instructions Win95 is expecting, but that’s all solved by the magic of emulation. [MeraByte] is running a version of Bochs, an x86 emulator that has been built for PS/2 after trying and failing to install Windows (both 3.1 and 95) to an experimental DOSBox build.

As expected, it is not a smooth journey for [MeraByte], but the flailing about and troubleshooting make for entertaining viewing. Once loaded, it works surprisingly well, in that anything works at all. Unfortunately, neither the mouse nor Ultimate Doom 95 worked. We suppose that ultimately means that this hack fails since even Doom can run Doom. The mouse thing is also important, probably.

If you have a PlayStation 2, maybe skip Windows 95 and try running GoLang. If you do have DOOM running on the PlayStation 2, send us a tip. There was never an official release for PS2, but after 26 years, someone must have done it by now.

youtube.com/embed/NJn9G5nzNj8?…

hackaday.com/2025/06/29/window…

The Internet Governance Forum (IGF) just ended, and PPI was lucky enough to host a workshop and have several representatives on site, together with our colleagues from PPEU. We have participated in this event for numerous years consecutively and view this forum as one of our main avenues to influence transnational governance on an issue that is very important to us, the Internet.

This was the 20th IGF and held in Norway. The overarching theme was “Building Digital Governance Together”.

PPI’s Ethical Networking Workshop
For the second year in a row we hosted a Day 0 workshop. This year´s workshop was titled “Ethical Networking: Sustainability and Accountability.” Our session collaborated with Cambridge University´s Ethics in Mathematics Program and professors and internet experts from around the globe. At the end of this blog we provide a copy of our report, which can also be read on the IGF website:
intgovforum.org/en/content/igf…

We also provide a transcript below of the entire discussion, which we hope will be the basis for future academic publications.

Other Takeaways from the IGF
Beyond the workshop, PPI shared a booth with the European Pirate Party (PPEU). Besides meeting with our PPEU colleagues, whom we have known and worked together for years, we were able to share in networking and information dissemination with other organizations. Many people have heard of Pirates but never met one. Others have never even heard of our movement. It is shocking to some to consider how successful our movement has been on a global scale and how much we are central to the discussion of internet governance.

Looking ahead this year´s IGF especially highlighted the accomplishments and dangers of AI. Prior IGFs have discussed AI, but the current IGF was able to showcase real projects that are in much more advanced stages of development. Technological developments with AI are happening at a brake-neck pace, and the Pirate movement definitely needs to put itself at the center of this debate.

PPI’s Ethical Networking Workshop Report

List of Speakers and their institutional affiliations:
• Daphne Tuncer, Institut Polytechnique de Paris
• Marc Bruyere, Civil Society
• Maurice Chiodo, University of Cambridge, Ethics in Mathematics Project
• Dennis Muller, University of Cologne, Ethics in Mathematics Project
• Alexander Isavnin, Free Moscow University, Pirate Party Russia
• Keith Goldstein, Pirate Parties International, University of Potsdam
• Sara Hjalmarsson, European Pirate Party

Key Issues raised:

• Ethical networking requires interdisciplinary collaboration, which was represented by the mathematicians, engineers, sociologist, and political scientists who participated in this session.
• Technology design must consider long-term sustainability, as minor technical design choices today can significantly affect energy consumption in the future.
• Educating young people on ethics is crucial for responsible technology use.
• Ethical oversight of technologies varies significantly across different global regions.
• Engineers should integrate ethics and sustainability at the core of technological development.
• Societal impact assessments must be made alongside the technology development process.
• Ethical networking demands inclusive international perspectives and dialogue, such as the practice of meeting at the IGF.
• Citizen oversight is essential for governance of data-driven systems.
• Continuous monitoring of technological impacts is critical to prevent misuse, and accountability mechanisms must include long-term enforcement measures.
• Dedicated resources and time are needed for ethical impact assessments and community engagement.
• Human failures are a primary concern in sociotechnical evaluations.
• We must conduct more interdisciplinary studies that examine how humans interact with machines, how they are able to learn state of the art technology, and what types of educational interventions will motivate the adoption of new technology.
• Practical research tools like surveys are valuable for understanding these human factors.

There were no formal presentations during this session.

The session began with the broad question about how to align network practices with ethical principles. Daphne Tuncher emphasized the need to make underlying assumptions explicit, noting that network research narratives “are just taken for granted” and arguing that we must “reserve time” to question them. She also warned that fast systems can hinder reflection: “We tend to value high speed as something good… but to some extent, I believe this is not really aligned with ethical principle where we require time to think.”

The next discussion focused on emerging technologies, and how ethics cannot be added later. Dennis Muller stressed that “ethics is not an optional extra or a bolt-on,” calling for “a fundamental systemic shift” in design processes. He argued that developers must balance technical success with social good at every stage: “Technical success must be balanced with success from an ethical and sustainability perspective.”

The third discussion addressed IGF’s role. Maurice Chiodo described the IGF as an organization that “breaks down the silos between the technical and non-technical experts” and spreads insights across communities. Marc Bruyere added that IGF should forge stronger ties with standards bodies like the IETF and W3C, urging “more participation from the IGF community” in those forums.

The final discussion discussed the way forward and potential next steps. Sara Hjalmarsson asked the speakers to sum up how they proposed evaluating how to learn about the human element in systems. Maurice Chiodo highlighted that socio-technical evaluations must assess not just failures of the technical or human components but also the human-machine interface itself. He called this “the primary site of miscommunication and error.” Keith Goldstein agreed, advocating surveys, quantitative, and qualitative methods to capture human experiences. The speakers recommended creating working groups that mix technical and social science experts. They suggested surveys/questionnaires to track human factors in networks. They also proposed case studies to document ethical failures. They called for ethics training as part of engineering curricula.

There were two questions from the audience. The first question asked how to democratize ethical networking so that ordinary citizens can meaningfully oversee data-driven public systems. Dennis Muller observed that “we need to respect the different cultures and different regions of this world.” Alexander Isavnin added that “technology cannot insure you in something. You are your own insurance. You have to communicate, you have to oversight, you have to think about what’s going on with your data. IGF is a good starting venue but your participation is also really important.” The second question probed how global North–South power dynamics influence networking ethics. Alexander Isavnen explained that while “Internet and these technologies could shorten the gap between what we call West world and the others, or North and South,” they can also be “easily abused by the government so technology alone cannot close gaps.”

Overall the speakers indicated a limitation involved the lack of dedicated budgets to make impact assessments. Ethics must be a core competency for all stakeholders, but it is too often secondary. Bridges must also be made between academics and standards organizations like the IETF and W3C. They urged the IGF to publish periodic policy briefs. They also recommended local IGF chapters engage with communities on these issues.

Transcript of Ethical Networking Workshop
# Transcription:
(00:00:07.507): you
(00:00:40.615) [Keith]: Okay, thank you everybody for coming.
(00:00:42.600) [Keith]: It’s a pleasure to see you all.
(00:00:44.805) [Keith]: This is the IGF Workshop on Ethical Networking, Sustainability and Accountability.
(00:00:52.122) [Keith]: Rather than introduce everyone, I’ll turn over to my colleague Sarah over here to ask our first question.
(00:00:58.334) [Sara]: Thanks, Keith.
(00:01:00.236) [Sara]: First of all, my name is Sarah.
(00:01:03.520) [Sara]: I’m the vice chair of the European Pirate Party.
(00:01:06.764) [Sara]: We have a booth here if you’re on site.
(00:01:09.707) [Sara]: So if you like what we’re talking about, please feel free to stop by.
(00:01:15.133) [Sara]: I’d like to start by letting our speakers introduce themselves first before we start with question one.
(00:01:22.882) [Sara]: So I’d like to hand over to Daphne.
(00:01:30.042) [Sara]: We have Daphne with us.
(00:01:35.050) [Sara]: Welcome, Daphne.
(00:01:35.892) [Sara]: Please introduce yourself and tell us a bit about what you do.
(00:01:39.478) [Sara]: Tell me something about yourself, your project, and how it relates to ethical networking.
(00:01:54.528) [Sara]: We’re having a bit of a… Yeah, now we can hear you.
(00:01:57.475) [Daphne]: Sorry, sorry.
(00:01:58.457) [Daphne]: I couldn’t turn on my mic.
(00:01:59.981) [Daphne]: Sorry about that.
(00:02:00.562) [Daphne]: That’s okay.
(00:02:02.487) [Daphne]: Happens sometimes.
(00:02:03.369) [Daphne]: Go for it.
(00:02:04.371) [Daphne]: Yeah.
(00:02:04.832) [Daphne]: Hi, hi, everyone.
(00:02:05.754) [Daphne]: Sorry, let me turn on the video as well.
(00:02:07.578) [Daphne]: It should be working now.
(00:02:08.621) [Daphne]: Yeah, great.
(00:02:09.563) [Daphne]: So hi everyone.
(00:02:11.808) [Daphne]: Thanks a lot for joining this session.
(00:02:13.451) [Daphne]: So my name is Daphne Tuncher.
(00:02:15.916) [Daphne]: I’m academic.
(00:02:17.038) [Daphne]: My research is in the domain of computer science, more specifically computer networks.
(00:02:22.009) [Daphne]: I’m affiliated with Institut Polytechnique de Paris in France.
(00:02:26.017) [Daphne]: So, over the years, I’ve been trying to work on putting together kind of actionable resources, both for research and education on what I call responsibility in our digital development.
(00:02:41.533) [Daphne]: So, thank you.
(00:02:43.455) [Sara]: Okay, wow.
(00:02:44.616) [Sara]: That’s a big responsibility.
(00:02:45.858) [Sara]: All right.
(00:02:47.660) [Sara]: Thank you, Daphne.
(00:02:51.323) [Sara]: Next.
(00:02:57.286) [Sara]: Next, we have Marc Brouillere.
(00:03:00.841) [Sara]: Marc, are you with us?
(00:03:02.628) [Marc]: Yes.
(00:03:03.371) [Marc]: Can you hear me and see me?
(00:03:04.837) [Sara]: Yes.
(00:03:05.741) [Sara]: Loud and clear.
(00:03:08.002) [Marc]: OK, quickly.
(00:03:09.624) [Marc]: Actually, I did a PhD when I was 40, like 10 years ago, coming from a long path from an industry and so on.
(00:03:18.035) [Marc]: And when you’re actually starting to do research, and you know what implication it is in research, you are actually influencing things and innovating stuff and so on.
(00:03:30.030) [Marc]: And it always questioned me how to do this without hurting
(00:03:35.457) [Marc]: society with an integral way.
(00:03:37.840) [Marc]: Then that’s what we with Daphne had a very first conversation about it.
(00:03:42.126) [Marc]: And I’m actually working for a large company back for 10 years in research for Airbus with everything’s do count in the choice you do.
(00:03:52.841) [Marc]: And it’s very valuable that we are actually all thinking of the impact of the choices we do.
(00:03:58.609) [Marc]: And I really appreciate we have this time together.
(00:04:02.947) [Sara]: Oh, wow.
(00:04:04.449) [Sara]: So you’ve had a lot of insight to share there.
(00:04:07.815) [Sara]: Looking forward to it.
(00:04:09.598) [Sara]: Next, we have Maurice.
(00:04:14.847) [Sara]: Maurice, are you with us?
(00:04:17.110) [Maurice]: Yes, thank you.
(00:04:17.892) [Maurice]: Can you hear me?
(00:04:18.573) [Sara]: Yep.
(00:04:18.994) [Sara]: Loud and clear.
(00:04:20.581) [Maurice]: Excellent.
(00:04:21.562) [Maurice]: Thank you.
(00:04:21.882) [Maurice]: It’s a pleasure to be able to speak here today.
(00:04:24.525) [Maurice]: So my name is Maurice Chiodo, and I’m a research associate at the Center for the Study of Existential Risk at the University of Cambridge.
(00:04:31.511) [Maurice]: I’m also the principal investigator and co-founder of the Ethics in Mathematics Project.
(00:04:36.016) [Maurice]: So a research mathematician by training, I specialized in computability theory and abstract algebra.
(00:04:41.341) [Maurice]: My work now looks at the ethical challenges and risks posed by mathematics, mathematicians, and mathematically-powered technologies.
(00:04:48.087) [Maurice]: I’ve been working on this for over nine years and have insights and industry experience as an ethics and safety consultant in AI and blockchain technologies.
(00:04:56.045) [Sara]: Oh wow, you’ve done a bit of everything.
(00:04:58.991) [Sara]: Thank you, Maurice.
(00:05:00.274) [Sara]: Next we have Dennis, Dennis Muller.
(00:05:03.521) [Sara]: Dennis, are you with us?
(00:05:05.350) [Dennis]: Yeah, I’m here.
(00:05:07.713) [Dennis]: Thank you very much.
(00:05:08.493) [Dennis]: It’s an honor to be here.
(00:05:09.415) [Dennis]: I’m also a co-founder of the Ethics in Mathematics Project.
(00:05:13.139) [Dennis]: I’m currently a research associate at the University of Cologne, where I work on mathematics education for sustainable development.
(00:05:19.986) [Dennis]: And I work with Maurice at the Center of the Study of Existential Risk, where I study extreme technological risks related to AI and the Internet.
(00:05:28.317) [Dennis]: Overall, my work sort of connects to ethics, education, mathematics, and I’m particularly interested in studying how mathematics and mathematically powered technologies are shaping our world.
(00:05:39.595) [Sara]: Okay, wow.
(00:05:42.640) [Sara]: All right, very good.
(00:05:43.862) [Sara]: Great to have you with us.
(00:05:45.806) [Sara]: Next, we have Alexander Isavnen.
(00:05:49.391) [Sara]: Alexander, are you with us?
(00:05:52.600) [Alex]: Yeah for sure.
(00:05:54.362) [Alex]: Hello.
(00:05:55.444) [Alex]: I’m Alexander.
(00:05:56.906) [Alex]: I’m a member of the Council of Russian Pirates Party.
(00:06:01.392) [Alex]: We live in very difficult countries and our party and citizens of our country constantly need to face ethical and sustainability challenges.
(00:06:13.508) [Alex]: I’m also a mathematician by education, but have no relations to ethics and mathematic projects.
(00:06:20.515) [Alex]: Thanks.
(00:06:21.376) [Sara]: Okay, welcome.
(00:06:23.498) [Sara]: Next, we have Keith.
(00:06:25.400) [Keith]: And I’ll just introduce myself.
(00:06:26.962) [Keith]: I’m Keith Goldstein, Chair of Pirate Parties International.
(00:06:31.367) [Keith]: I also have been involved with Daphne and Mark here on drafting a research project on computer networking ethics and looking at how humans are able to learn new systems.
(00:06:43.782) [Keith]: Okay, thanks.
(00:06:44.363) [Keith]: So, why don’t we move on to the next question?
(00:06:47.566) [Sara]: So, let’s start with the first question there.
(00:06:51.992) [Sara]: We’re sharing a little bit.
(00:06:54.715) [Sara]: So, how can we ensure that mathematics and computer networking practices align with ethical principles, including privacy, transparency, and accountability?
(00:07:09.893) [Keith]: So, Daphne, would you like to start?
(00:07:14.258) [Daphne]: Yeah sure.
(00:07:14.719) [Daphne]: I’m happy to start.
(00:07:16.042) [Daphne]: I mean so as I said earlier I’m a computer scientist.
(00:07:18.507) [Daphne]: But in the recent year I started working a lot with people from social science.
(00:07:23.739) [Daphne]: And through this collaboration I got to learn a lot about the role of narratives in how this contributes to how we approach and develop new technologies.
(00:07:33.580) [Daphne]: And if you take computer network research as an example, so a lot of the narratives that we have today have to do with hyperperformance, optimization, measurements.
(00:07:45.277) [Daphne]: So of course, there’s nothing wrong with that.
(00:07:47.901) [Daphne]: But my point is that very often, these things are just taken for granted.
(00:07:52.528) [Daphne]: We never really question these narratives.
(00:07:57.115) [Daphne]: And so it does subconsciously, us, like a researcher in computer networks,
(00:08:02.082) [Daphne]: influence the way we think.
(00:08:04.707) [Daphne]: So to me, spending time on talking about this narrative to make them explicit and also having a space to confront them is an essential part and also ingredient to get an alignment between our practices, for example, in computer networks and ethical principles.
(00:08:23.632) [Daphne]: So I think what is really important is to reserve time for that.
(00:08:28.058) [Daphne]: So today, and I think this has been driven a lot by all these developments in the computing technologies, we tend to value high speed as something good.
(00:08:36.510) [Daphne]: So it’s fast, it’s good.
(00:08:39.354) [Daphne]: But to some extent, I believe this is not really aligned with ethical principle where we require time to think.
(00:08:45.162) [Daphne]: So I think time is very key here.
(00:08:48.666) [Sara]: Thank you.
(00:08:49.127) [Sara]: Next, Maurice.
(00:08:53.534) [Maurice]: What are your thoughts on this?
(00:09:08.857) [Maurice]: Ensuring that networking practices align with core ethical principles requires us to address three distinct but ultimately interconnected challenges of the alignment problem.
(00:09:19.333) [Maurice]: So from the perspective of ethics and mathematics, we must first define what we want to achieve.
(00:09:24.922) [Maurice]: Second, we must determine how to achieve these outcomes by developing the right mathematical tools, technologies, and practices.
(00:09:32.496) [Maurice]: This involves examination of the methods we use.
(00:09:35.562) [Maurice]: For instance, a commitment to privacy requires not just policy, but the implementation of privacy-preserving mathematics from the ground up.
(00:09:42.655) [Maurice]: Third, and most crucially,
(00:09:45.543) [Maurice]: sticks.
(00:09:46.425) [Maurice]: This is the long-term challenge.
(00:09:47.587) [Maurice]: To get this right, we must scrutinize three areas simultaneously.
(00:09:51.174) [Maurice]: As I said, the ethical vision of our outcomes, the integrity of our tools, and the robustness of our processes.
(00:09:56.785) [Maurice]: Any one of these can undermine the others.
(00:09:59.490) [Maurice]: For example, an ethical process can still lead to a harmful outcome if the underlying technology is flawed.
(00:10:05.017) [Maurice]: Therefore, we must move beyond just analyzing intent and design aims.
(00:10:08.282) [Maurice]: We have to rigorously investigate the technologies and the technologists’ ability to do good or cause harm.
(00:10:14.352) [Maurice]: We must understand not only what they want to do, but also… Oh, we have a bit of a lag there.
(00:10:22.746) [Sara]: We missed the last thing you said, Maurice.
(00:10:26.272) [Maurice]: Oh, sorry.
(00:10:27.554) [Maurice]: So, I was saying that, therefore, we must move beyond just analyzing intent and design aims.
(00:10:32.455) [Maurice]: We have to rigorously investigate the technologies and the technologists’ ability to do good or cause harm.
(00:10:38.545) [Maurice]: And we must understand not only what they want to do, but also what they can do.
(00:10:43.494) [Maurice]: Okay.
(00:10:44.976) [Maurice]: Yeah, that’s a big point.
(00:10:47.761) [Sara]: Let’s see.
(00:10:48.923) [Sara]: We have Alexander.
(00:10:50.666) [Sara]: You have a slightly different cultural environment.
(00:10:54.753) [Sara]: What’s your perspective?
(00:10:56.873) [Alex]: Let me give perspective, not just from my cultural environment, but from my experience.
(00:11:04.203) [Alex]: We all know that technology and instrumentation and tools are being developed much faster than regulations or even spelling norms of what’s going on.
(00:11:17.582) [Alex]: At the beginning of the internet, there was no privacy considerations or security considerations because scientists have created internet
(00:11:26.675) [Alex]: for their own needs.
(00:11:28.798) [Alex]: They thought that only such good guys with scientific approaches will exist on the Internet.
(00:11:37.250) [Alex]: But actually, a lot happens in that.
(00:11:40.635) [Alex]: A lot of people came here, evil people, bad people, governments, corporations, and so on.
(00:11:47.144) [Alex]: So I think that our idea of sustainability and ethical networking should go towards understanding of what people need first of all and only then such formulated needs need to shape technology developments.
(00:12:09.942) [Alex]: Back to my cultural background, in Russia it’s happening always.
(00:12:15.309) [Alex]: The state and the state-controlled corporations are developing technologies.
(00:12:20.997) [Alex]: They are announcing that technologies are for the good of the people, but lately it appears that even network applications are developed for surveillance or control of people’s activities.
(00:12:36.819) [Alex]: Thanks.
(00:12:38.461) [Sara]: All right, very good.
(00:12:39.623) [Sara]: We’ll actually get into that topic in a moment.
(00:12:43.949) [Sara]: In the meantime, we have Dennis.
(00:12:49.917) [Dennis]: What’s your perspective?
(00:12:51.780) [Dennis]: I think to truly align our practices with ethical principles, we must understand that ethics is not an optional extra or a bolt-on.
(00:12:58.790) [Dennis]: It’s something that we must fundamentally embed within everything we do.
(00:13:03.723) [Dennis]: Principles like safety and sustainability cannot be bolted on at the end of a project, especially with decentralized technologies such as the internet, where retrospective fixes can be very difficult or even impossible.
(00:13:19.788) [Dennis]: I think that achieving this requires a fundamental systemic shift in how we work.
(00:13:24.917) [Dennis]: We need to communicate, hire and train with ethics as a core competency.
(00:13:31.149) [Dennis]: Technical success must sort of be balanced with success from an ethical and sustainability perspective and this can be quite challenging from my experience and from working with other
(00:13:41.928) [Dennis]: engineers and it requires sort of like an adjustment because engineers can be accustomed to viewing their work as sort of like a technological optimization problems and this perspective demands that technical and non-technical experts and the affected communities of those technologies must find a common language and build a shared understanding of the goals and risk involved.
(00:14:03.308) [Dennis]: And so ultimately, technical expertise and ethical expertise are sort of like two sides of the same coin.
(00:14:10.976) [Dennis]: And only by fostering a community that sort of like equally values forward-thinking responsibility and backward-looking accountability, we can ensure that this happens.
(00:14:21.108) [Sara]: Okay, very good.
(00:14:22.649) [Sara]: Thank you, Dennis.
(00:14:25.873) [Sara]: And finally, we have Mark.
(00:14:29.785) [Marc]: I think multi-depletionary groups and thinking is always a benefit.
(00:14:35.557) [Marc]: And then that’s something in the discipline of engineering, design, and so on, what those imply.
(00:14:42.046) [Marc]: Choices as well, with nautical think, ideas and thoughts actually have placed sometime in industry.
(00:14:49.596) [Marc]: Even in research and so on, that’s very important.
(00:14:52.319) [Marc]: We have also feedback and time to give proper response and ideas, review from other,
(00:15:01.291) [Marc]: people with all their field of research or activities and so on.
(00:15:06.358) [Marc]: For a simple story to illustrate this, we are actually, and I just verified, using IPv4 to communicate through Zoom.
(00:15:15.252) [Marc]: Think of a teeny details who has very profound impact today.
(00:15:20.119) [Marc]: Then the design on that IPv4, they actually place the source address before the destination address.
(00:15:26.869) [Marc]: What do you do when you are actually
(00:15:29.911) [Marc]: checking where the packets need to go.
(00:15:32.895) [Marc]: You’re expecting the destination, not the source, to be first.
(00:15:37.182) [Marc]: And these teeny details is actually using a lot of power and electricity every time for a very long time.
(00:15:44.292) [Marc]: Big impact on the consummation of electricity and so on.
(00:15:49.239) [Marc]: Because all the routers have to wait, have to wait for the destination field
(00:15:54.667) [Marc]: before having the source.
(00:15:57.110) [Marc]: Kind of a teeny mistakes, but big impact.
(00:16:00.615) [Marc]: Then obviously reviewing and so everyone and all disciplinary things for such things is very difficult.
(00:16:07.344) [Marc]: We don’t know, they didn’t know that actually that design they did will remain for that long.
(00:16:12.651) [Marc]: And in IPv6, destination comes first.
(00:16:16.925) [Sara]: All right, thank you very much.
(00:16:20.388) [Sara]: And I think that’s actually a wonderful segue into our next question.
(00:16:26.554) [Sara]: So we’ve already, Mark, sorry, Mark has mentioned the technology that we’ve had for quite a while now and how we’ve learned from that and made things more efficient.
(00:16:43.729) [Sara]: But we’re also seeing emerging technologies
(00:16:46.912) [Sara]: How can these emerging technologies such as automated language models, an artificial intelligence, the Internet of Things, and so on, be ethically developed and deployed to ensure they have positive social, cultural, political, academic, and environmental impacts?
(00:17:10.469) [Sara]: It’s like 10 minutes for that one.
(00:17:13.675) [Sara]: So let’s go back to Mark for that one.
(00:17:19.925) [Sara]: Everyone will have a chance to answer, but we’ll just do it in the opposite order this time.
(00:17:25.114) [Sara]: Go ahead, Mark.
(00:17:28.661) [Marc]: It’s a hard practice to have
(00:17:31.411) [Marc]: all the view and impact of what we do.
(00:17:33.993) [Marc]: But what I actually, when we started to open up ideas and thoughts with Daphne, we did find people who are working hard on those questions from the root practice of what we call computer science today, with mathematicians, or both of your, as Maurice and Dennis.
(00:17:55.413) [Marc]: They put together a lot of questions, a lot of way of asking yourself,
(00:18:00.638) [Marc]: It is a good project, and so on and so on.
(00:18:03.422) [Marc]: That practice needs to be every time for everything, mostly.
(00:18:07.147) [Marc]: It was very hard to have the time for this, but it’s necessary.
(00:18:11.172) [Marc]: Giving time for this kind of practice is essential.
(00:18:15.458) [Marc]: And it does, it has to cover a minimum of different payouts that’s been introduced by their works.
(00:18:23.709) [Marc]: And I think we rely on actually kind of future projects on their approaches, and it’s very valuable.
(00:18:30.558) [Marc]: And that’s why, yes, I let all the people already spend a lot of time thinking of it.
(00:18:38.175) [Sara]: OK.
(00:18:39.016) [Sara]: Very good.
(00:18:39.517) [Sara]: Thank you, Marc.
(00:18:43.501) [Sara]: Alexander, you have something specific, go ahead.
(00:18:49.090) [Alex]: Yeah, you asked a really broad question about the impact of very, very difficult fields of human society.
(00:19:00.008) [Alex]: But I would like to point two issues.
(00:19:02.693) [Alex]: First of all, for technologies, development of technology is something funny.
(00:19:08.442) [Alex]: So that’s more than young people who are rushing into technology, into education, into testing something.
(00:19:16.736) [Alex]: They don’t think about impact of their activities at all.
(00:19:21.805) [Alex]: So that’s why we have script kiddies, we have young hackers and so on.
(00:19:26.513) [Alex]: That’s, I think, the lack of education, overall education, general education, not technology education.
(00:19:34.902) [Alex]: That’s an issue.
(00:19:36.844) [Alex]: And I remember myself when I was young, the Internet was a university and so on.
(00:19:43.413) [Alex]: I definitely can confess I did some unethical things which I would not do now having understanding all this impact.
(00:19:52.164) [Alex]: So first of all, we need to educate young.
(00:19:54.967) [Alex]: The second approach, and this is actually a kind of experience from local, from Russia, because officials, corrupted officials or corporations which have ties to the government, stating nearly the same things, that technology needs to be ethical, technology needs to provide sustainability and be available for everyone.
(00:20:24.953) [Alex]: But in contrary, technology does not develop.
(00:20:31.443) [Alex]: For example, in Russia, we do not have 5G cellular networks because all their frequencies are stockpiled by few companies or militaries under the name of protecting common resource and so on.
(00:20:49.430) [Alex]: So it’s a development
(00:20:50.452) [Alex]: 5G networks is not possible, not because of sanctions, not because of some retrospective things, but just because somebody tries to keep us sustainable.
(00:21:03.968) [Alex]: So I think that’s two points I would like to bring to the table and maybe discuss later.
(00:21:11.998) [Alex]: Thanks.
(00:21:14.819) [Sara]: All right.
(00:21:15.420) [Sara]: Thank you very much, Alex.
(00:21:17.802) [Sara]: That’s an interesting point.
(00:21:19.784) [Sara]: And of course, we also invite questions from our online participants.
(00:21:26.011) [Sara]: Next, we have Maurice.
(00:21:28.294) [Sara]: Go ahead, Maurice.
(00:21:31.557) [Maurice]: Thank you very much.
(00:21:32.759) [Maurice]: So I’m going to sort of try and give this from an engineer’s viewpoint.
(00:21:36.403) [Maurice]: So from an engineer’s viewpoint, there are three key aspects to ethical development here.
(00:21:41.789) [Maurice]: Perspective, perspective, and perspective.
(00:21:45.700) [Maurice]: Even the most conscientious engineers cannot ensure positive impacts on their own.
(00:21:50.890) [Maurice]: We work deep within technical systems, but technologies like AI in the Internet of Things are fundamentally human endeavors.
(00:21:57.023) [Maurice]: They connect people and the object people use.
(00:21:59.828) [Maurice]: Therefore, human insights…
(00:22:01.732) [Maurice]: and a range of perspectives must be central throughout the entire development and deployment process, not just as an afterthought.
(00:22:09.000) [Maurice]: This requires a shift in resources.
(00:22:10.803) [Maurice]: Ethical development isn’t free.
(00:22:12.324) [Maurice]: It takes dedicated time and effort to consult with domain experts, conduct impact assessments, and engage with impacted communities.
(00:22:18.752) [Maurice]: This work must be budgeted for as a core project requirement, not an optional extra.
(00:22:23.197) [Maurice]: Furthermore, our motivation must be scrutinized.
(00:22:25.640) [Maurice]: We should focus on applying our skills to solve recognized societal problems rather than inventing new problems to fit a fancy technological tool.
(00:22:33.931) [Maurice]: With every step forward, we have to ask a critical question.
(00:22:36.394) [Maurice]: Who wins and who loses?
(00:22:38.477) [Maurice]: True ethical networking requires us to see and account for everyone.
(00:22:44.605) [Sara]: Absolutely.
(00:22:45.466) [Sara]: So, very good.
(00:22:46.727) [Sara]: Thank you, Maurice.
(00:22:48.410) [Sara]: And Daphne, what are your thoughts?
(00:22:53.285) [Daphne]: So I think kind of the key word here in this question is positive impacts, because positive for who and relative to what?
(00:23:00.416) [Daphne]: I mean, everything is subjective.
(00:23:01.878) [Daphne]: And that’s related to, I mean, what Alexander, you were saying about the situation in Russia, because what one might consider as being positive might be well perceived as negative by another.
(00:23:10.612) [Daphne]: Meanwhile, one can be, of course, a person.
(00:23:12.836) [Daphne]: They can be a community, a group of interest, can be a government, et cetera, et cetera.
(00:23:17.804) [Daphne]: So as the question shows, impact is multidimensional.
(00:23:20.508) [Daphne]: So we can’t expect there will be one group of people that will decide what positive impacts are.
(00:23:25.355) [Daphne]: So maybe here, I will answer as a researcher, because that’s my community.
(00:23:28.759) [Daphne]: But I think as researcher, the very important thing for us now is ready to engage in a practice that goes beyond this kind of mode of organization and silos that we’ve seen for research.
(00:23:39.715) [Daphne]: So you are a computer scientist, you are a mathematician, you are a biologist, you are a sociologist.
(00:23:43.680) [Daphne]: But at the end, what really matters is that we really work together.
(00:23:47.065) [Daphne]: so that we agree or at least we get some shared value on what positive impact we are aiming at, but also how we assess this impact.
(00:23:57.547) [Sara]: Okay, thank you Daphne.
(00:24:00.042) [Sara]: And Dennis, of course, go ahead.
(00:24:03.928) [Dennis]: The development of technologies like large language models or the Internet of Things hinges critically on understanding the interconnected nature.
(00:24:13.483) [Dennis]: So from an engineer’s perspective or from a management perspective, that means that we cannot compartmentalize ethics within single sub teams because things will just get overlooked.
(00:24:24.140) [Dennis]: Nor can we sort of like overlook that sort of like the social, cultural, political and environmental aspects are deeply intertwined.
(00:24:32.429) [Dennis]: So we cannot usually address one without affecting the other.
(00:24:35.472) [Dennis]: And so that means for developers, there’s sort of a dual responsibility here, building safety into the technical architecture or into the technical system, and also earning the public’s trust.
(00:24:46.804) [Dennis]: One does not necessarily imply the other in an interconnected world.
(00:24:51.528) [Dennis]: And we cannot assume that engineers or mathematicians or computer scientists by default understand how to navigate this complexity or how to raise the right questions.
(00:25:02.347) [Dennis]: They need to be taught this and given the space to think beyond immediate, localized, often monetary incentives.
(00:25:09.980) [Dennis]: And they need to be taught how to do this in a way that earns trust from society.
(00:25:16.351) [Dennis]: And once again, this sort of like requires balancing technical expertise and technical incentives with non-technical knowledge and non-technical incentives.
(00:25:27.324) [Dennis]: In this sense, I can only reiterate what Maurice said.
(00:25:30.207) [Dennis]: Perspective is really what matters here from my perspective.
(00:25:36.214) [Sara]: Okay, thank you very much.
(00:25:37.335) [Sara]: I think we have quite a few overlaps there.
(00:25:41.200) [Sara]: I think a common thread is education.
(00:25:45.022) [Sara]: education and integration with our interdisciplinary teams and interdisciplinary working environments.
(00:25:57.458) [Sara]: And in that sense, we kind of have this big interdisciplinary environment with the IGF.
(00:26:08.289) [Sara]: And that leads us to the next question.
(00:26:10.751) [Sara]: What role can the IGF and its stakeholders play in promoting sustainable and responsible internet governance?
(00:26:22.082) [Sara]: So let’s start with Daphne this time.
(00:26:24.985) [Sara]: Go ahead, Daphne.
(00:26:27.749) [Daphne]: Thanks.
(00:26:28.611) [Daphne]: Well, I think that really the idea is a platform to connect and get the visibility on what’s going on.
(00:26:34.285) [Daphne]: So, as I said earlier, I really think that understanding for who and relative to what technology, a model, a development demonstrates certain qualities is not simple.
(00:26:44.759) [Daphne]: So to me the idea really has the ability to reach out to a very worldwide audience.
(00:26:51.557) [Daphne]: So it must capitalize on that to provide I think a medium through which we can confront our perspective especially coming from different parts of the world.
(00:26:59.879) [Daphne]: because this raises perspectives that we need to embed into sustainable and responsible Internet governance.
(00:27:07.768) [Daphne]: I don’t think we should get a top-down approach where a small group of people would decide on the definition of these qualities for governance.
(00:27:15.376) [Daphne]: So I really believe that the IGF has a key role to play in supporting the diversity of background, cultural heritage, point of views that are really necessary to design and build this governance framework.
(00:27:28.448) [Sara]: OK, thank you, Daphne.
(00:27:30.313) [Sara]: Maurice, what’s your perspective?
(00:27:32.419) [Sara]: What do you think?
(00:27:35.628) [Maurice]: Thank you.
(00:27:36.109) [Maurice]: So in my view, the IGF’s most powerful role here is that of a convener.
(00:27:41.763) [Maurice]: provides the room and sets the tables for the essential multi-level ethical engagement that sustainable internet governance requires.
(00:27:48.993) [Maurice]: This is the space where dialogue is not just possible, but it’s the primary purpose.
(00:27:53.079) [Maurice]: By its very nature, the IGF assembles a diverse array of stakeholders needed to generate genuine perspective from governments and corporations to academics and activists.
(00:28:02.371) [Maurice]: As we’ve discussed, perspective is the single most critical ingredient for the ethical development of emerging technologies.
(00:28:08.948) [Maurice]: An engineer in a lab cannot foresee and understand all the implications of their work, just as a policymaker cannot grasp all the technical nuances.
(00:28:16.021) [Maurice]: The IGF is a place where these worlds connect.
(00:28:18.505) [Maurice]: It breaks down the silos between the technical and non-technical experts that often exist in industry and governments, which is crucial for finding and nurturing a common language.
(00:28:27.882) [Maurice]: In this way, the IGF already acts as the essential first step.
(00:28:31.149) [Maurice]: It gathers the necessary people and perspectives, creating the foundation upon which responsible governance of a decentralized mathematical technology like the Internet can be built.
(00:28:41.850) [Sara]: Okay.
(00:28:42.632) [Sara]: Thank you.
(00:28:43.073) [Sara]: Thank you, Maurice.
(00:28:46.980) [Sara]: Next, Alexander.
(00:28:48.323) [Sara]: Go ahead.
(00:28:50.461) [Alex]: Yes, for sure.
(00:28:52.624) [Alex]: But first I would like to point out that ethics and sustainability might be really different in different parts of the world.
(00:29:04.860) [Alex]: So I think that locations where a full-blast IGF was conducted have completely different approaches to what’s ethical, what’s not ethical.
(00:29:13.782) [Alex]: And events like Internet Governance Forum allows, first of all, to understand each other.
(00:29:20.250) [Alex]: Not to synchronize, but to understand each other’s approaches.
(00:29:24.936) [Alex]: So that still Internet Governance Forum not just connects different stakeholders from the same group, but understanding of what’s going on in different regions, different countries, different regions.
(00:29:38.352) [Alex]: Overall, IGF allows to connect all positively thinking people who are looking forward for development of the internet for good.
(00:29:51.246) [Alex]: I think not just IGF, maybe some other platforms like World Summit for Information Society, which actually spinned off IGF 20 years ago, it still have forums which are more populated by governmental people,
(00:30:08.390) [Alex]: So I think we should continue not just in IGF, in our local IGF, in our local communities, but also have broader interaction within United Nations and intergovernmental organizations.
(00:30:26.966) [Sara]: Okay, thank you, Alexander.
(00:30:28.309) [Sara]: Denis, what about you?
(00:30:32.572) [Dennis]: This is sort of a follow-up from Maurice’s answer.
(00:30:35.397) [Dennis]: I think that assembling the right people is only half of the process.
(00:30:39.164) [Dennis]: The IGF’s next crucial role is to ensure that the insights also radiate outwards.
(00:30:46.297) [Dennis]: And the IGF is already highly effective at collectively identifying emergent issues.
(00:30:52.969) [Dennis]: I think what can be done next is sort of like how do we
(00:30:57.040) [Dennis]: translate that awareness into action, because our research on ethics and mathematics has demonstrated that many technical practitioners, like mathematicians, computer scientists, network engineers, quite often view their work as separate from ethics, sustainability, and also from policy.
(00:31:15.552) [Dennis]: So while many people who are in this room understand that technology and ethics or technology and sustainability are inseparable, the understanding is not very widespread from our experience.
(00:31:30.608) [Dennis]: And so the primary role that we see here is for IGF stakeholders to act as ambassadors, championing this integrated perspective and spreading awareness within their respective fields, within their respective companies, and bringing it where
(00:31:45.404) [Dennis]: We are people who are not yet convinced that this is important.
(00:31:52.004) [Sara]: Very important point.
(00:31:54.191) [Sara]: Thank you.
(00:31:54.632) [Sara]: Thank you, Dennis.
(00:31:56.257) [Sara]: And finally, Mark.
(00:31:57.622) [Sara]: Go ahead.
(00:32:00.119) [Marc]: Well, when we look into the story of IGF and why it is and so, when we talk about internet, that’s not something we initially come up from the ITU.
(00:32:13.954) [Marc]: ITU has been, I mean, the very beginning of ITU was it weren’t before United Nations.
(00:32:20.321) [Marc]: But in 47, that was the very first chapter out of the Second War.
(00:32:26.208) [Marc]: to be United Nations before UNESCO and so on and so on.
(00:32:30.552) [Marc]: ITU is still there and so for standardizations for telecommunication.
(00:32:37.059) [Marc]: But come up in the meantime that we all know, internet, very different way of to be governed and coming origin and so the way to decide the standards are very, very different.
(00:32:49.252) [Marc]: And then it is actually winning compared to ITU standards.
(00:32:55.418) [Marc]: what we call about RSE, ETF, ERTF, the different things that’s coming up from this community.
(00:33:01.794) [Marc]: Very different.
(00:33:03.197) [Marc]: Then United Nations created IGF because they realized that something is missing.
(00:33:09.933) [Marc]: It went out of ITU.
(00:33:12.648) [Marc]: Then IGF is the good place actually to get many many people in a very different aspect to take over what we call the Internet today.
(00:33:21.523) [Marc]: But it’s not only in the tubes is in the way the protocol has been designed and also the content store all different aspects.
(00:33:30.417) [Marc]: And the thing that is very very open and we have this occasion today is very important.
(00:33:35.227) [Marc]: It could be, and then the missing part of it is how we can influence a little bit more.
(00:33:43.597) [Marc]: And participating a little bit more from the IGF community, interacting with EITF, the design and the department of technological standardizations as it is.
(00:33:57.934) [Marc]: There is gateway, people coming a little bit more in IGF from EITF and vice versa.
(00:34:03.661) [Marc]: But I think it’s very important as well.
(00:34:05.944) [Marc]: And then W3C and all different aspects and so on.
(00:34:11.532) [Marc]: Then I haven’t been participating much on understanding the relationship between studies and organization like this.
(00:34:18.422) [Marc]: But that’s very important.
(00:34:20.806) [Marc]: That could be for the future.
(00:34:22.949) [Sara]: So having those platforms in place gives us more leverage.
(00:34:29.160) [Sara]: Okay, thank you very much, everyone.
(00:34:32.666) [Sara]: Thank you, Mark and everyone.
(00:34:35.171) [Sara]: We’re doing okay time-wise, so we have time for one more question.
(00:34:38.477) [Keith]: Yeah, we have time for one more question.
(00:34:40.280) [Keith]: I’ll take that over as in sort of a question for myself as well.
(00:34:44.224) [Keith]: And then we’ll try and get some questions from the audience.
(00:34:46.247) [Keith]: So we have just about nine minutes left.
(00:34:48.990) [Keith]: And the last question is, how can we evaluate the human component of networks?
(00:34:52.614) [Keith]: We’ve talked a lot about the fact that these aren’t just systems, there’s people behind them.
(00:34:56.859) [Keith]: What can we do to learn more about how we learn new networks?
(00:35:00.723) [Keith]: What practical tools can we use to evaluate computer networking practices?
(00:35:05.068) [Keith]: So go back in reverse order maybe with Mark first.
(00:35:12.663) [Marc]: The human part of it is a good question.
(00:35:17.310) [Marc]: And we have some way of trying to understand this.
(00:35:24.582) [Marc]: But it is social work and so on.
(00:35:27.386) [Marc]: The only things I’ve learned recently, trying, and I mean it’s a fact, the quantitative space have nothing to see with the qualitative space.
(00:35:40.507) [Marc]: And trying to understand these two different spaces for deciding what quality we want to give to some evaluation we do as an engineer to get a better optimization process or performance of whatever system.
(00:35:57.683) [Marc]: And so finding the right gap to be able to get the quantitative design we want as a good quality as a beginning.
(00:36:06.612) [Marc]: We need people who guide us for pushing to the questions and finding the right way of making finite choices.
(00:36:20.668) [Keith]: Really quick, so maybe go off to Daphne next.
(00:36:26.204) [Daphne]: Yeah, I don’t know if I have much to add to this question.
(00:36:29.348) [Daphne]: So I think that’s really kind of a typical question.
(00:36:32.452) [Daphne]: Then we need collaboration across disciplines.
(00:36:35.095) [Daphne]: And yeah, for us, like people working on computer networks, that’s quite important.
(00:36:40.221) [Daphne]: We understand the human perspective.
(00:36:41.663) [Daphne]: But we don’t necessarily know, well, we don’t necessarily have the tools that we can use to actually access to human perception.
(00:36:48.631) [Daphne]: human feedback on this.
(00:36:50.313) [Daphne]: So I think that’s where we need to collaborate, for example, with social scientists.
(00:36:53.979) [Daphne]: I mean, we started working with you on that purpose, to learn how we can run survey, how we can do consultation, how do we analyze the feedback we get, I mean, through this method.
(00:37:07.358) [Keith]: Okay.
(00:37:08.680) [Keith]: Since we’re short on time, Maurice, Dennis, Alexander, would any of you like to chime in?
(00:37:14.585) [Maurice]: I’d be happy to, at this stage.
(00:37:17.508) [Maurice]: So I think the more pertinent question really to consider here is how to evaluate the network as a socio-technical system.
(00:37:25.237) [Maurice]: So humans and technical components cannot be assessed in isolation.
(00:37:28.340) [Maurice]: Their value and risks emerge from their interaction.
(00:37:31.003) [Maurice]: This becomes evident by looking at socio-technical systems potential points of failure.
(00:37:34.807) [Maurice]: So they must assess the potential for a failure of the technical or AI component, or a failure of the human component, or a failure of the process or workflow they’re meant to follow.
(00:37:43.677) [Maurice]: Crucially, we must also evaluate the human-machine interface itself, as this is the primary site of miscommunication and error.
(00:37:49.145) [Maurice]: And finally, we must account for failures caused by exogenous circumstances, acknowledging that no system operates in a vacuum.
(00:37:55.334) [Maurice]: This method ensures a comprehensive socio-technical evaluation.
(00:37:58.318) [Maurice]: And as you can clearly see, three-fifths of the problems listed above are neither purely human nor purely technical, instead stemming from their interaction.
(00:38:07.842) [Maurice]: Great.
(00:38:09.365) [Maurice]: Dennis or Alex?
(00:38:11.329) [Alex]: I just would like to add shortly that our main task is just not to lose our focus and continue observing developments.
(00:38:23.772) [Alex]: in case we shortly stop paying attention to latest developments, to technological advances, they could and I think will go the wrong way.
(00:38:36.679) [Alex]: So just keep an eye and follow and communicate with each other.
(00:38:41.188) [Alex]: That’s important.
(00:38:43.668) [Dennis]: Last thoughts, Dennis?
(00:38:46.493) [Dennis]: I think the really big first step is to not view human components of a network similar to technical or mathematical components.
(00:38:55.489) [Dennis]: Our experience of working with mathematicians, engineers, but also with users,
(00:39:00.037) [Dennis]: is that their actions, their awareness, and their motivation are almost equally important when it comes to eventual outcomes.
(00:39:08.010) [Dennis]: And the failure modes that Maurice outlined are deeply connected to who a human is.
(00:39:14.181) [Dennis]: So from that perspective, we really need to think about this question, how do we understand who the humans are involved in these networks?
(00:39:23.290) [Keith]: Thanks.
(00:39:24.351) [Keith]: And just to chime in myself, that this workshop itself really began as a questionnaire that Mark, Daphne, and I self-developed to try and learn about how humans are learning difficult new methods for operating computer networks.
(00:39:42.230) [Keith]: And just for our last four or five minutes, I ask Bailey, who’s with us online, to collect some questions from the audience, and maybe she can read them out to us.
(00:39:53.851) [SPEAKER_01]: Hello, everybody.
(00:39:55.875) [SPEAKER_01]: So we do have a couple of questions in the chat here.
(00:39:58.479) [SPEAKER_01]: I’ll start with the first question from Henan Zahir.
(00:40:04.950) [SPEAKER_01]: I apologize if I mispronounce anybody’s name.
(00:40:07.635) [SPEAKER_01]: But her question is, how can ethical networking be democratized to ensure meaningful citizen oversight over data-driven public systems?
(00:40:24.192) [Keith]: Would one any of you like to quickly quickly three minutes and 30 seconds half that time answer it No Alex did you wanna go ahead Dennis?
(00:40:42.753) [Dennis]: I think
(00:40:44.105) [Dennis]: It goes back to what Alex says.
(00:40:46.528) [Dennis]: We need to respect the different cultures and different regions of this world have different perspectives on this very question.
(00:40:53.736) [Dennis]: So in this sense, the IGF should probably try to be even more international and to really bring in these different cultures and perspectives.
(00:41:09.753) [Dennis]: But it’s a hard question.
(00:41:11.257) [Alex]: Yeah, and I would like to reply to this question by noting that technology could not insure you in something.
(00:41:22.418) [Alex]: You are your own insurance.
(00:41:24.843) [Alex]: You have to communicate, you have to oversight, you have to think about what’s going on with your data and how it’s being driven.
(00:41:33.920) [Alex]: So IGF is a good starting venue for discussions like this.
(00:41:39.732) [Alex]: But your participation is also really important.
(00:41:44.763) [Keith]: Great.
(00:41:44.903) [Keith]: And Bailey one more question.
(00:41:46.186) [Keith]: Two minutes.
(00:41:46.988) [Keith]: Question and answer.
(00:41:48.668) [SPEAKER_01]: Yep, so there’s one more question here from Anna Gretel Ichazu, and she’s asking, I would like to know how do you think of global north and global south dynamics across the issues you are arising?
(00:42:09.109) [Alex]: Yeah, let me answer this question because I’m from country which for a long time pretended to be global north, but now we’re pretending to be global south.
(00:42:17.677) [Alex]: So, Internet and these technologies actually could shorten the gap between what we call West world and the others, or North and South.
(00:42:32.334) [Alex]: But you also have to oversight really clearly, because in not very democratic developed countries,
(00:42:39.682) [Alex]: especially in countries of so-called global south, technology can easily be abused by the government, which will make gap to the north, economical gap, civilizational, well, not civilizational, societal gaps, democratic gaps, much bigger than it exists.
(00:42:58.588) [Alex]: So I will repeat my answer to previous questions.
(00:43:02.674) [Alex]: Technology could not
(00:43:06.192) [Alex]: close gaps.
(00:43:07.576) [Alex]: You have to oversight really, really accurately and constantly and not releasing it.
(00:43:13.714) [Alex]: Thanks.
(00:43:16.281) [Keith]: Last 40 seconds.
(00:43:17.164) [Keith]: Any other ideas?
(00:43:22.780) [Keith]: Okay, well then I will close off this session and thank everybody for coming.
(00:43:27.265) [Keith]: It was really interesting.
(00:43:29.248) [Keith]: I hope we can make a routine of this and produce some studies that also look into these very difficult questions.
(00:43:36.276) [Keith]: And hopefully we’ll have a publication or some other outputs for you all to read soon.
(00:43:40.120) [Keith]: So thank you everybody for coming.

pp-international.net/2025/06/2…

Our next member meeting is today, 6/29 at 8pm. The agenda page is up. Contact us if you want to add anything or bring it up at the meeting.

It will be a video meeting at our community bridge page.

Previous meeting details:

• agenda: masspirates.org/wiki/June_22nd…
• recording: youtu.be/DlIKd-PyIcI

masspirates.org/blog/2025/06/2…

Scanners for loose papers have become so commonplace that almost every printer includes one, but book scanners have remained frustratingly rare for non-librarians and archivists. [Brad Mattson] had some books to scan, but couldn’t find an affordable scanner that met his needs, so he took the obvious hacker solution and built his own.

The scanning process starts when a conveyor belt removes a book from a stack and drops it onto the scanner’s bed. Prods mounted on a rail beneath the bed straighten the book and move it into position for the overhead camera to take a picture of the cover. Next, an arm with a pneumatic gripper opens the cover, and a metal bar comes down to hold it in place.

The page-turning mechanism uses two fans: one fan blows from the side of the book to ruffle the pages and separate them, while the other is mounted on a swiveling arm. This fan blows away from the page, providing a gentle suction that holds the page to the arm as it turns the page over. Finally, a glass plate descends over the book to hold the pages flat, the camera takes a picture, the glass plate retracts, and the scanner moves on to the next page.

It is hard to imagine, but have a look at the video in the post if you really want to see it in action.

All of the hardware, except for the camera, is controlled by an Arduino Giga using a CNC shield; the camera is directly under the control of a host computer. The host computer checks each photo to make sure it’s not scanning a previously-scanned page, and if it finds that it’s scanned the same page three times in a row, it assumes that the book is finished. In this case, it instructs the Arduino to close the book, takes a picture of the back cover, and moves on to the next book. The design and software for the scanner don’t seem to be available yet, but [Brad] plans to give a more detailed video sometime in the future.

We’ve seen a couple of book scanners here in the past. Some, of course, are more useful than others.

Thanks to [Stu Smith] for the tip!

hackaday.com/2025/06/29/a-scan…

2 milioni di ostaggi
Israele vero terrorista

Non sempre le vernici a spruzzino servono alla demenziale metastasi delle tags.
Qualcuno, pare incredibile, le usa ancora per scrivere cose di senso compiuto.
Questa scritta è comparsa nel giugno 2025 al Polo della Memoria di San Rossore, dove un monumento ricorda docenti e studenti cacciati dall'Università per le leggi razziali del 1938.
I due milioni di ostaggi sono i prigionieri di Gaza, immenso carcere a cielo aperto. Un laboratorio permanente dell'avanguardia tecnologica della repressione, in cui lo stato sionista ha collaudato per decenni metodi e armamenti destinati anche a essere esportati con imparzialità e guadagno.
Una realtà messa rudemente in discussione da Hamas il 7 ottobre 2023.
Solo che il 7 ottobre 2023 nessuno si è alzato una mattina con l'inedito proposito di fare scempio gratuito di civili nello stato sionista, di sbaraccarne i rave con un'efficienza che il governo di Roma può solo invidiare e di portarsi via ostaggi a decine.
In due parole, il mondo non è iniziato il 7 ottobre. Non c'è hasbara' che tenga.
Tocca ricordarlo anche al fiorentino Enrico Fink, che tra le altre cose è fisico, musicista, scrittore e presidente della locale comunità ebraica -dunque non proprio un individuo dal peso trascurabile- e che ha affrontato la questione sul Libro dei Ceffi.

In questa sede nessuno fa il paladino degli oppressi, i boicottaggi sono gli stessi da almeno vent'anni, macchine fotografiche e tastiere obbediscono alla fondata convinzione che gli ebrei siano una cosa e lo stato sionista un'altra, ed è proprio per questo che nessuno augura al signor Fink una nuotata in liquidi sgradevoli.
Pare che lo stato sionista, che ha una decina di milioni di abitanti, abbia speso qualcosa come sessantasette miliardi di dollari per fare di Gaza un inferno ancora più inferno di quello che era. Ammettendo cinquantamila vittime e contando solo quelle, lo stato sionista avrebbe speso oltre un milione per ogni morto: molte volte la cifra che sarebbe stata necessaria per far vivere senza patemi ogni vittima e la sua famiglia per almeno tre generazioni. Una somma che qualcuno dovrà pur corrispondere all'erario, visto che sulla generosità d'oltre oceano si potrà fare affidamento fino a un certo punto. Dato che il sostegno alle iniziative dell'esecutivo pare sia stato e sia a tutt'oggi estremamente robusto e animato da un sincero entusiasmo e che le critiche prevalenti taccino anzi il governo sionista di eccessiva benevolenza, non meraviglia il fatto che fuori dallo stato sionista le persone serie e meno portate al suprematismo e al might is right oggi diventati la regola siano portate a generalizzare e a trarre conclusioni per niente diplomatiche.
Tuttavia non intendiamo rinforzare il coro di chi boicotta, disinveste e sanziona; si rischia, tra l'altro, di sovraesporre l'argomento e di ottenere l'effetto contrario. Anziché invitare a boicottare i datteri e la tehina prodotti nello stato sionista invitiamo quindi i nostri lettori a nonboicottare i datteri e la tehina prodotti altrove, come la tahina della foto che viene dalla Repubblica del Libano. Qualità eccellente, packaging al passo coi tempi, prezzo e formato di sicuro interesse rispetto alle controparti prodotte nello stato sionista. Il nostro fornitore a Firenze è la macelleria halal di Via dei Neri, dove si trovano anche prodotti palestinesi ed egiziani e di cui molti esponenti della Firenze Che Non Conta sono buoni cliente da anni.

Le autorità iberiche sono impegnate in un’indagine riguardante un pirata informatico che ha divulgato informazioni sensibili relative a funzionari pubblici e figure politiche di spicco. Tra i dati resi pubblici figurano il presunto numero di carta d’identità e l’indirizzo email personale del premier iberico, Pedro Sánchez.

Le informazioni raccolte riguardano decine di politici attuali ed ex politici, tra cui membri del Partito Socialista Operaio Spagnolo (PSO) socialdemocratico al governo, del Partito Popolare conservatore all’opposizione e del partito di sinistra Podemos, il cui nome significa “Noi Possiamo” e che fa parte di un governo di coalizione con il PSO. I dati includono numeri di cellulare, numeri di documento d’identità, indirizzi email e indirizzi fisici.

Un enorme documento elenca centinaia di password e alcune email di persone registrate su Podemos. Sono coinvolti anche giornalisti e commentatori definiti di sinistra. Un hacker con l’account “@akkaspacee“ si è assunto la responsabilità della fuga di informazioni, chiedendo al contempo le dimissioni di Sánchez. L’account dell’hacker sul social network X recita: “Sì, delinquenza informatica di estrema destra, molto, molto grave”.

Un leak di 500 pagine pubblicato venerdì è la terza fuga di dati dal 19 giugno. Una prima fuga di dati è apparsa sul canale Telegram “Alvise Pérez Chat”, che prende il nome da Luis “Alvise“ Pérez Fernández, fondatore del partito politico di estrema destra Se Acabó La Fiesta, che si traduce in “La festa è finita”.

La Polizia nazionale spagnola sta indagando e l’autorità giudiziaria, il Tribunale nazionale, ha già aperto un’inchiesta il giorno dopo la prima fuga di notizie, ha riferito Radiotelevisión Española. Come riportato domenica dal notiziario locale Publico, Akkaspace ha rivelato in una chat su Twitch di aver fatto trapelare le informazioni per denunciare la corruzione all’interno del governo spagnolo.

“Ci sono solo due opzioni: che mi prendano o non mi prendano. Continuerò a farlo finché non mi prenderanno o non mi prenderanno. La gente mi difenderà”, ha detto in spagnolo. L’hacker ha affermato di essere membro di un gruppo “terrorista di internet” chiamato “etarras“, aggiungendo però di operare “da solo”.

In seguito alle fughe di notizie iniziali, le autorità spagnole hanno bloccato la pagina Telegram creata inizialmente da Akkaspace, ma l’hacker ha successivamente creato un canale diverso. El Mundo ha riferito venerdì che la polizia aveva già monitorato l’hacker prima dell’inizio delle fughe di notizie, il 19 giugno.

Sánchez ha già attraversato un mese difficile a causa delle accuse secondo cui un alto funzionario del Partito dei Lavoratori Spagnolo avrebbe ceduto appalti pubblici a imprese privilegiate in cambio di tangenti, con il denaro riciclato tramite società di comodo. In un discorso del 12 giugno, il presidente ha espresso “enorme indignazione e profonda tristezza” e ha chiesto una verifica indipendente dei conti bancari del suo partito, ha denunciato El País.

L'articolo Una Hacker divulga i dati sensibili dei politici spagnoli. Coinvolto anche il premier Pedro Sánchez proviene da il blog della sicurezza informatica.

Ever since the invention of the microscope, humanity has gained access to the world of the incredibly small. Scientists discovered that creatures never known to exist before are alive in an uncountable number in spaces as small as the head of a pin. But the microscope unlocked some interesting forms of art as well. Not only could people view and photograph small objects with them, but in the mid-nineteenth century, various artists and scientists used them to shrink photographs themselves down into the world of the microscopic. This article goes into depth on how one man from this era invented the art form known as microphotography.

Compared to photomicroscopy, which uses a microscope or other similar optical device to take normal-sized photographs of incredibly small things, microphotography takes the reverse approach of taking pictures of normal-sized things and shrinking them down to small sizes. [John Benjamin Dancer] was the inventor of this method, which used optics to shrink an image to a small size. The pictures were developed onto photosensitive media just like normal-sized photographs. Not only were these unique pieces of art, which developed — no pun intended — into a large fad, but they also had plenty of other uses as well. For example, since the photographs weren’t at all obvious without a microscope, they found plenty of uses in espionage and erotica.

Although the uses for microphotography have declined in today’s digital world, there are still plenty of unique pieces of art around with these minuscule photographs, as well as a bustling collector culture around preserving some of the antique and historical microphotographs from before the turn of the century. There is also similar technology, like microfilm and microfiche, that were generally used to preserve data instead of creating art, although plenty of these are being converted to digital information storage now.

hackaday.com/2025/06/29/19th-c…

Un altro titolo che mi ha toccato nel profondo. Tocca argomenti spinosi e senza edulcorarli.

🌔 Anche questo da leggere almeno una volta nella vita.

There was a time when print-in-place moving parts were a curiosity, but [Tomek] shows that things are now at a point where a hand-cranked turbine blower with integrated planetary gears can be entirely 3D printed. Some assembly is needed, but there is no added hardware beyond the printed parts. The blower is capable of decent airflow and can probably be optimized even further. Have a look at it work in the video below.

Every piece being 3D printed brings a few advantages. Prefer the hand crank on the other side? Simply mirror everything. Want a bigger version? Just scale everything up. Because all of the fasteners are printed as well as the parts, there’s no worry about external hardware no longer fitting oversized holes after scaling things up (scaling down might run into issues with tolerances, but if you manage an extra-small version, we’d love to hear about it).

There are a few good tips that are worth keeping in mind when it comes to print-in-place assemblies with moving parts. First, changing the seam location for each layer to ‘Random’ helps make moving parts smoother. This helps prevent the formation of a seam line, which can act as a little speed bump that gets in the way of smooth movement.

The other thing that helps is lubrication. A plastic-safe lubricant like PTFE-based Super Lube is a handy thing to have around the workshop and does wonders for smoothing out the action of 3D-printed moving parts. And we can attest that rubbing candle wax on mating surfaces works pretty well in a pinch.

One downside is that the blower is noisy in operation. 3D printed gears (and even printed bearings) can be effective, but do contribute to a distinct lack of silence compared to their purpose-built versions.

Still, a device like this is a sign of how far 3D printing has come, and how it enables projects that would otherwise remain an idea in a notebook. We do love 3D-printed gears.

youtube.com/embed/HP8n2FPWxmk?…

hackaday.com/2025/06/29/turbin…

Taking a picture with a single photoresistor is a brain-breaking idea. But go deeper and imagine taking that same picture with the same photoresistor, but without even facing the object. [Jon Bumstead] did exactly that with compressed sensing and a projector. Incredibly, the resulting image is from the perspective of the projector, not the “camera”.

This camera setup is very similar to one we’ve seen before, but far more capable. The only required electronics are a small projector and a single photodiode. The secret sauce in this particular design lies in the pattern projected and the algorithm to parse the data.

Video is projected onto the target in the form of sinusoidal waves. As these waves change and move their way across the object, the sensor picks up whatever intensity value is reflected. Putting all this data together allows us to create a measured Fourier transform. Use the inverse Fourier transform, and BOOM, you got yourself an image. Better yet, you can even take a picture indirectly. Anything becomes a mirror — even paper — when all you rely on is the average relative intensity of light. If you want to take pictures like this on your own, check out [Jon]’s Instructable.

The science behind this technique is similar to the math that powers CT scanners and VAM 3D printing.

youtube.com/embed/dMH6VUs5u8k?…

Thanks, [MrSVCD], for the tip!

hackaday.com/2025/06/29/pictur…