The police raid of the Marion County Record’s newsroom on Aug. 11, 2023, shocked the country but proved to be just one of a series of alarming attacks on local journalism that year. It was also a preview of how lawless and incompetent governments can use strained constructions of the law as pretext to retaliate against journalists they dislike, as we now see not only in small-town America but at the federal level. As the death of Record co-owner Joan Meyer the next day tragically proved, by the time justice takes its course — if it ever does — the damage has often already been done.

We asked investigative journalist Jessica McMaster to reflect on her award-winning coverage of the raid for KSHB-TV in Kansas City, Missouri. The interview is below. You can also read about or watch our discussion with Record publisher Eric Meyer earlier this year.

On a Friday afternoon in 2023, news broke of a police raid of the Marion County Record newsroom and its publisher Eric Meyer’s home. Did you realize right away that this needed to be not just a statewide story but a national one?

I realized right away this was a big story. Once the news broke that Joan Meyer died, I knew we had to go to Marion — the backlash was immediate and the responses were coming in from across the country.

Over the course of many months, it became clear that the raid wasn’t a random instance of police overresponding to a citizen complaint. Details began to emerge about local officials, including the police chief, Gideon Cody, and their conduct before, during, and after the raid — even before coming to Marion. Plenty of great local journalists did amazing work covering the story, but you seemed to get a large share of the big scoops. Without divulging any confidences, how were you able to pull it off, especially being based in Kansas City, not particularly close to Marion?

I worked a lot of hours. In the beginning, we stayed overnight in Marion. After that, it was a lot of driving back and forth, while taking calls from sources at all hours of the night. I’d been a journalist long enough to know that a story this big doesn’t die down for a few weeks. We made the commitment to drive the five-hour round trip daily. I didn’t always know what our angle would be, but I knew I’d find it.

“If journalists are not willing to report on the ongoing attacks against the free press, who will?”

Jessica McMaster

Talk about the level of transparency — or lack thereof — that you encountered from government officials, both in Marion and statewide, during your reporting on the raid. What were some of the challenges you needed to overcome, in terms of secrecy and accessing information that was of public interest?

Gideon Cody wasn’t talking. The county attorney wasn’t talking. The Kansas Bureau of Investigation was saying very little. Almost immediately, it had the appearance that everyone involved in this was covering their own tail — and of course they were. This was a huge mess. We leaned on the gift of open records laws to get most of our information. Getting emails and text messages helped piece the parts of the story together that those in power wanted to remain a secret. We knew they’d try and block us — we were prepared to fight back. There were times when we had to get our attorneys involved when information was being withheld. On a story like this, the details don’t reveal the truth all at once. It trickles out over time. It’s always fun to look back and see how it all comes together — one information request, or leak, at a time.

At Freedom of the Press Foundation (FPF), we were glued to your X feed for real-time updates. We probably weren’t the only ones. Can you talk about the challenge of breaking news on social media while also investigating the bigger stories?

This is one of my favorite parts about covering a big story — connecting with people in real time. I had people from other countries sending me emails and tweeting to me that they were following me for updates. I was not asked to use social media in real time by my employer — it’s just something I’d become accustomed to doing since early on in my career. With Marion, we were getting updates constantly — social media made it easy to get that information out quickly. I don’t see using social media as a challenge — I think it’s a tool to connect with our followers more authentically and bring them along on the journey with us. Of course, if I have to get my broadcast script in urgently, or I have to be on camera within the next few minutes, I’ll take a break from providing live updates and come back to it once I’m done.

Were there any stories you were able to break while covering the raid that you felt were particularly important to the public’s understanding of what went on?

We broke so many stories over the first couple of months. I remember driving to Marion during that first week of coverage. I didn’t know what the story would be on this particular day. It was our plan to find the story once we got there. About an hour into our trip, while driving past a cornfield, my cellphone rings and it’s the attorney for Marion County Record. He tips me off that the county attorney has revoked the search warrants. He gave me a two-minute head start before he planned to tell all the other reporters. This was arguably the biggest break in the case — it’s the first time officials publicly admitted the raids shouldn’t have happened. This squashed any doubts of wrongdoing on behalf of the newspaper — and people, especially in Marion — did have their doubts. So, of course, I’m scrambling to get this information out there. Minutes after I broke the news on X, the county attorney sent a press release to all newsrooms with his statement on revoking the warrants.

“It’s hard for a lot of us to grasp that so many people, in positions of power, failed in such spectacular fashion to do their jobs.”

Jessica McMaster

What insights did you come away with about the state of press freedom in Kansas and in the United States?

This was a massive failure by several people within the justice system. I think that’s what’s so shocking about this entire thing — most of us assume a police chief would understand press freedom laws. If a police chief doesn’t, we’d assume a county attorney would. If a county attorney doesn’t, we’d assume a district judge would. If no one understands these laws — surely someone will look it up. The amount of layers Gideon Cody’s attack on the newspaper survived is astonishing. What did all these people, who are supposed to understand the law, think the response would be? I think it’s hard for a lot of us to grasp that so many people, in positions of power, failed in such spectacular fashion to do their jobs.

Do you think the raid had an ongoing chilling effect on journalism?

I think the chilling effect comes from a culmination of attacks that have been launched against the free press over the past several years. We’ve seen this play out in other instances, during protests for example, where police assault or arrest journalists for doing their jobs. I think Marion was another example of that.

Despite your award-winning work on the raid and all the other great work you’ve done, less than two years after the raid, your position at KSHB-TV, Kansas City’s NBC affiliate, was eliminated. What does that say about the state of the news industry and whether local investigative reporting is valued these days?

The company I worked for always valued investigative journalism — it’s why I stayed in my position for a decade. I think what we’re seeing is that many local newsrooms are becoming more and more risk averse. I personally felt this shift over the past few years. When newsrooms operate from a place of fear, it’s very difficult for reporters to do their job, especially investigative reporters who, by nature, do more high-risk, accountability-focused stories.

What’s next for you? I saw that your X post about the layoff said your time as an investigative journalist was coming to an end. Are you done with journalism or are you going to look for a way back in? And why?

I love journalism. I believe in its purpose. I believe in its power. We need solid journalists who aren’t afraid to hold the powerful accountable. That said, I don’t see myself stepping back into a newsroom. At least not anytime soon. I took the summer off to focus on my kids and reflect on what I want to do next, which has been such a gift. I plan to keep writing and creating content for something I believe in.

Journalists often feel like covering press freedom stories is difficult, because they’re making themselves the story or because their objectivity will be questioned, for example. What do you say to that, and what’s your advice to journalists and editors wondering whether it’s a good idea to report on press freedom violations?

Stick to the facts. That’s my advice. While I didn’t initially know why police raided the newspaper, I knew this was fundamentally wrong. I knew police should’ve served a subpoena, as opposed to busting down the doors. I knew the free press has protections, both locally and federally. All of that gave me grounds to cover this story. It can be uncomfortable reporting on something so closely tied to our personal lives — but if journalists are not willing to report on the ongoing attacks against the free press, who will?

freedom.press/issues/a-massive…

Si tratta di un latitante 44enne, ricercato dalle autorità italiane per i reati di associazione a delinquere finalizzata al traffico internazionale di sostanze stupefacenti con le aggravanti connesse a due distinti tentativi di importazione di ingenti quantitativi di cocaina dal Sudamerica.

E' ritenuto legato alla 'Ndrangheta. E' stato catturato in un appartamento nel quartiere residenziale di Cali.

A carico di Starnone è stata già emessa una sentenza di condanna a 5 anni e mezzo per reati di droga. L'uomo è stato catturato dalla polizia colombiana mentre si trovava in un appartamento nel quartiere residenziale nel capoluogo del dipartimento Valle del Cauca.

Essenziale l'apporto del progetto INTERPOL Cooperation Against ‘Ndrangheta (I-CAN).

Si tratta di un'iniziativa lanciata dall'Italia e dall'INTERPOL nel gennaio 2020 per contrastare la minaccia globale rappresentata dalla ‘Ndrangheta, come noto un'organizzazione criminale transnazionale altamente organizzata e potente.

Finanziato dal Dipartimento della Pubblica Sicurezza italiano, il progetto mira a rafforzare la cooperazione internazionale tra forze di polizia sfruttando le capacità dell'INTERPOL di condividere intelligence, competenze e best practice, trasformando così le informazioni in arresti e smantellando le reti criminali.

Avviato a Reggio Calabria l'obiettivo principale del progetto è stato - da subito - quello di istituire un sistema globale di allerta precoce contro questo "nemico invisibile". I-CAN opera attraverso una rete di paesi pilota, che inizialmente includevano Australia, Argentina, Brasile, Canada, Colombia, Francia, Germania, Italia, Svizzera, Stati Uniti e Uruguay, che si è espanso a 13, tra cui Austria, Belgio e Spagna.

Il progetto facilita operazioni coordinate transfrontaliere, come dimostrato dall'operazione globale del 2020 che ha portato all'arresto di sei latitanti legati alla 'Ndrangheta in Albania, Argentina e Costa Rica, con conseguente sequestro di 400 kg di cocaina e smantellamento del clan Bellocco. Le operazioni successive hanno continuato a dare risultati, tra cui l'arresto nel 2023 di un latitante di 16 anni, Edgardo Greco, in Francia, con il supporto di I-CAN.

Il progetto si è evoluto oltre la sua fase iniziale, con iniziative in corso tra cui la Conferenza I-CAN del 2022 a Roma, che ha riunito le forze dell'ordine di 14 paesi per definire una strategia unitaria contro la 'Ndrangheta, oggi considerata un'entità criminale "silenziosa e pervasiva" che si infiltra nelle economie legittime attraverso la corruzione e il riciclaggio di denaro.

Il successo del progetto si basa su una combinazione di condivisione di intelligence, coordinamento internazionale e utilizzo di strumenti analitici avanzati per esplorare dati provenienti da diverse fonti, consentendo indagini transnazionali. Il suo quadro continua a sostenere gli sforzi in corso, tra cui il progetto I-FORCE, incentrato sulla cooperazione regionale nell'Europa orientale e sudorientale.

#ndrangheta #ican #interpol #iforce

@Attualità e Geopolitica - Gruppo di discussione

As you may have guessed given our name, we do love hacks around here, and this one is a great example of making some common, everyday things work in uncommon ways. [Nathan] sent in his hack to detect the door lock position in his basement.

Having a house that dates back to the 1890s, much of it was not very conducive to using off-the-shelf home automation devices. [Nathan] wanted a way to check the status of the basement deadbolt. He went about putting together a custom sensor using some spare parts, including a spare BeagleBone Black, and some springs from a ballpoint pen. Going full MacGyver, [Nathan] used springs from a ballpoint pen to craft a compliant contact for his sensor.

The pair of springs sat in the door frame and came in contact with the deadbolt; given they are springs, the exact position of the sensor was not very sensitive, as if too close it would just compress the springs slightly more. The springs were wired to the BeagleBone Black’s GPIO, acting as a switch to sense when there was conductivity between the springs through the deadbolt.

This wasn’t just a plug-it-in-and-it-works type of project, mind you; the BeagleBone Black was over 15 ft away from the sensors, lending plenty of opportunity for noise to be introduced into the lines. To combat this, [Nathan] created an RC filter to filter out all the high-frequency noise picked up by his sensor. Following the RC filter, he added in some code to handle the debounce of the sensor, as the springs have some inherent noise in them. Thanks [Nathan] for sending in your resourceful hack; we love seeing the resourcefulness of reusing things already on hand for other purposes. Be sure to check out some of the other repurposed components we’ve featured.

hackaday.com/2025/08/11/compli…

These days, if you want a reverb effect, you just dial up whatever software plugin most appeals to you and turn the dials to taste. However, [Something Physical] specialises in… physical things… and thus built a reverb the old fashioned way. Using a trashcan, of course.

The concept is simple enough—the method of operation is exactly the same as any old plate reverb. Audio is played through a speaker connected to the plate (or trashcan), causing it to vibrate. The sound is then picked up at another point on the plate (or trashcan) with some kind of microphonic pickups, amplified, and there you have your reverb signal.

Given it’s built around a piece of street furniture, [Something Physical] has dubbed this the Street-Verb. It uses a class D amp to drive a speaker with a bolt stuck to it. The bolt is then put in contact with the trashcan itself to transfer the vibration. A pair of piezo elements are used as the pickups, run through a preamps built with a humble BC109C transistor. Since there are two pickups, the Street-Verb is effectively a stereo reverb unit, though the input is only mono. [Something Physical] set up the speaker driver and pickups to be easily movable, and was able to test the device with all kinds of street furniture, like gates and street signs, but the trashcan ‘verb setup is by far the most compelling.

We’ve featured other plate reverb builds before, too, albeit less garbage-themed. Video after the break.

youtube.com/embed/J2e8JIxW1g4?…

hackaday.com/2025/08/11/buildi…

When you think of neon, you might think of neon signs or the tenth element, a noble gas. But there was a time when neon bulbs like the venerable NE-2 were the 555 of their day, with a seemingly endless number of clever circuits. What made this little device so versatile? And why do we see so few of them today?

Neon’s brilliant glow was noted when William Ramsay and Morris Travers discovered it in 1898. It would be 1910 before a practical lighting device using neon appeared. It was 1915 when the developer, Georges Claude, of Air Liquide fame, received a patent on the unique electrodes suitable for lighting and, thus, had a monopoly on the technology he sold through his company Claude Neon Lights.

However, Daniel Moore in 1917 developed a different kind of neon bulb while working for General Electric. These bulbs used coronal discharge to produce a red glow or, with argon, a blue glow. This was different enough to earn another patent, and neon bulbs found use primarily as indicator lamps before the advent of the LED. However, it would also find many other uses.

How It Worked

An NE-2 with AC power applied (public domain by [junkyardsparkle]).Despite the name, a neon bulb typically has only 99.5% neon, and the rest is usually argon, which tunes the voltage where the gas breaks down. This breakdown voltage is the key to the bulb’s properties. The gas is at a very low pressure. Other gases and impurities can also change the color of the bulb, but the most common ones were neon and argon.

There are two electrodes within, an anode and a cathode. When a DC voltage excites the bulb sufficiently, a glow forms around one electrode. AC makes both electrodes glow alternately. The striking voltage changes based on ambient light or radioactive exposure, as well as the bulb’s gas mix and pressure.

Until the strike voltage occurs, the bulb is effectively an open circuit. When it does strike, however, the resistance goes down and will sustain even at a lower voltage. Like an LED, current limiting is essential, or the bulb will burn out. The NE-2, arguably the most common neon bulb, triggers at 90 V, nominally, and will conduct until the voltage drops to about 60 V.

So It Lights Up?

The lighting up is good, but you do need a lot of voltage to get it going. The bulb will easily light up from 120 V line voltage, for example. But the really interesting property is that the bulbs, when glowing, exhibit negative resistance. That is, as current increases, voltage decreases.

You can also make the bulbs operate in a bistable mode, where they can work in logic circuits. They weren’t common, but some bulbs had special features for logic use. These bulbs were not made to glow necessarily, and sometimes had a third wire used as a control electrode.

Since the gas inside the tube can ionize, neon bulbs can also detect things like light, microwaves, or heavy electrostatic fields. They can even pick up audio.

What Could You Do?

Of course, the normal application was to use the devices as a lamp, like you’d use an LED today. Power pilot lights were common. Special neon lights looking like digits form the basis of nixie tubes.

Another neat display trick was the “blown fuse” indicator. Fuse holders often had neon bulbs in them that connected across the fuse terminals. In normal operation, the voltage across the fuse was practically zero, so the bulb stayed dark. But if the fuse blew, you’d have 120 V across the bulb, which would then light up. A high-value resistor prevented any significant current from flowing.

By far the most common non-lighting use was as a part of a relaxation oscillator. Consider a circuit with a resistor and a capacitor, but the capacitor has a neon bulb across it. The capacitor will charge until it hits the neon bulb’s trigger voltage. The bulb will light and discharge the capacitor until it drops below the holding voltage for the bulb. Then the process starts over. You could use neons to make a clock.

Long History

The NE-2 could create high-voltage regulator circuits (from Elementary Electronics, 1965)
[E. Norbert Smith] wrote about the “1001” uses for the NE-2 — probably not an exaggeration, but [Smith] didn’t get that many in the article — in a 1965 Elementary Electronics magazine article.

The circuits he shows include a 50 V regulated power supply. (Regulators weren’t held to the same standard in those days as we would expect now.) Need 150 V? Use three of them. Or put them in parallel to improve regulation performance.

Some of the circuits are probably not useful if you aren’t building with tubes. And, of course, if you aren’t building with tubes, you are less likely to have the high voltages you need, so there is that.

He also covers the classic self-indicating fuse and the relaxation oscillator. Of course, if you can make one neon bulb blink, you can also make two blink alternately. Blink it fast enough and you can make a code practice oscillator with just a few parts and a 90 V battery.
A 100 kHz oscillator gets the divide by 10 treatment with a simple neon bulb circuit (from Elementary Electronics, 1965)
If you wondered how neon bulbs could handle logic, that same article will answer that question, too. Just be aware that a logic 1 is 10 V — not a problem — but a logic 0 is -10 V. The nice thing about demonstrating logic circuits with neon bulbs is that you don’t need a logic probe or scope to see the state of the machine.

There were many other ways to use these bulbs. Since the trigger voltage was stable, you could use it as a voltage indicator if you coupled it with a voltage divider. In fact, many cheap AC socket testers still work this way. A typical circuit for a capacitor checker could be found in “36 Time Tested Circuits,” a book from Popular Electronics.
This capacitor tester required a keen eye and sense of timing. From a collection of circuits from Popular Electronics, 1992.
The capacitor is hooked up to the AC line via some 470 kΩ resistors. If you connect a capacitor to it, the neon bulb should light up. If not, it is open. When you push the button, you switch to DC, and you should be able to see one side of the neon bulb dim. If it doesn’t dim or doesn’t go all the way off, the capacitor is shorted or leaky. Supposedly, you could get a feel for the value of the capacitor by how long it took half of the bulb to go out. Makes you appreciate your digital capacitance meter, right?

Why Gone?

Why do you so rarely see neon bulbs today? They are still around, but the number of circuits you have where you have the requisite 100 V or so to drive them is not what it used to be. On top of that, as an indicator, an LED is usually a far better choice.

If you want negative resistance, your choices are less obvious. Some special diodes present a negative resistance in certain operating regimes, and you can coax the behavior from some transistors. However, as a matter of practicality, today, you’d probably just use an active switch and be done with it, especially for an oscillator circuit. Then again, if you really want an oscillator, as we are always reminded, you can do it with a 555, among other methods.

We have no doubt that [Smith] was right. There are probably at least 1,001 different uses, but you get the idea. Did you use an NE-2 for something interesting? Let us know about it in the comments. Still want more neon bulb circuits? We’ve seen plenty.

hackaday.com/2025/08/11/neon-b…

If you used the internet at home a couple of decades or more ago, you’ll know the characteristic sound of a modem connecting to its dial-up server. That noise is a thing of the past, as we long ago moved to fibre, DSL, or wireless providers that are always on. It’s a surprise then to read that AOL are discontinuing their dial-up service at the end of September this year, in part for the reminder that AOL are still a thing, and for the surprise that in 2025 they still operate a dial-up service.

There was a brief period in which instead of going online via the internet itself, the masses were offered online services through walled gardens of corporate content. Companies such as AOL and Compuserve bombarded consumers with floppies and CD-ROMs containing their software, and even Microsoft dipped a toe in the market with the original MSN service before famously pivoting the whole organisation in favour of the internet in mid 1995. Compuserve was absorbed by AOL, which morphed into the most popular consumer dial-up ISP over the rest of that decade. The dotcom boom saw them snapped up for an exorbitant price by Time Warner, only for the expected bonanza to never arrive, and by 2023 the AOL name was dropped from the parent company’s letterhead. Over the next decade it dwindled into something of an irrelevance, and is now owned by Yahoo! as a content and email portal. This dial-up service seems to have been the last gasp of its role as an ISP.

So the eternal September, so-called because the arrival of AOL users on Usenet felt like an everlasting version of the moment a fresh cadre of undergrads arrived in September, may at least in an AOL sense, finally be over. If you’re one of the estimated 0.2% of Americans still using a dial-up connection don’t despair, because there are a few other ISPs still (just) serving your needs.

hackaday.com/2025/08/11/end-of…

Gli esperti di Lumia hanno pubblicato un’indagine tecnica chiamata AppleStorm, in cui si sostiene che l’assistente vocale Siri trasmetta ai server Apple più dati utente di quanti ne siano necessari per completare le attività. In particolare, l’attenzione si è concentrata sui messaggi dettati tramite Siri nelle app di messaggistica WhatsApp e iMessage: a quanto pare, vengono inviati ai server dell’azienda anche se l’attività può essere elaborata localmente, senza accedere ai sistemi cloud.

Apple dichiara elevati standard di privacy e utilizza un modello di intelligenza artificiale ibrido che combina l’elaborazione locale con il servizio cloud Private Cloud Compute (PCC). Tuttavia, è emerso che Siri accede anche ad altri server che non fanno parte dell’architettura PCC. Tra questi, i server di dettatura, l’infrastruttura di ricerca (sottodominio smoot.apple.com) e server di estensione Apple Intelligence separati, attraverso i quali, ad esempio, avviene l’interazione con ChatGPT.

Durante gli esperimenti, i ricercatori hanno utilizzato gli strumenti mitmproxy e Frida su macOS Sequoia con Apple Intelligence abilitata. Semplici query come “Ciao” o “Che ore sono?” venivano elaborate localmente. Tuttavia, quando si chiedeva informazioni sul meteo, venivano registrate due connessioni esterne: una al server di riconoscimento vocale, la seconda al servizio di ricerca. L’analisi dei dati trasmessi ha mostrato che Siri raccoglie automaticamente informazioni sulle applicazioni installate sul dispositivo, anche se sono in esecuzione in un ambiente virtuale. Pertanto, quando si chiedeva informazioni sul meteo, le chiamate venivano registrate sia all’applicazione Apple Weather integrata che all’applicazione Windows nell’ambiente Parallels.

Inoltre, i dati inviati contenevano le coordinate esatte della posizione dell’utente. Anche con la trasmissione della geolocalizzazione formalmente abilitata, tali dettagli sarebbero stati ridondanti per una richiesta di informazioni meteo. L’analisi dei pacchetti ha anche rivelato la trasmissione di metadati relativi ad altre applicazioni, fino ai nomi dei file e dei processi aperti al momento della richiesta a Siri.

La trasmissione del contenuto dei messaggi solleva interrogativi particolarmente acuti. Utilizzando Siri per inviare una frase tramite WhatsApp, si è scoperto che il testo, il numero del destinatario e altri attributi del messaggio venivano inviati ai server Apple e non all’infrastruttura PCC. Tuttavia, la funzionalità non dipende dal lato server: anche quando le connessioni sono bloccate, il messaggio viene inviato correttamente. Ciò indica che l’invio al cloud avviene senza necessità tecnica.

Nel tentativo di chiarire se questo sia correlato alle specifiche dell’integrazione di WhatsApp tramite SiriKit, il ricercatore ha creato una propria applicazione basata sulla documentazione Apple, riscontrando un comportamento identico: anche i messaggi inviati tramite Siri dall’applicazione di prova venivano indirizzati ai server Apple. Un quadro simile si osserva con iMessage.

La complessità delle policy sulla privacy contribuisce ad aumentare la confusione. Siri e Apple Intelligence sono regolati da documenti diversi. Di conseguenza, due comandi quasi identici – ad esempio “Che tempo fa oggi?” e “Chiedi a ChatGPT che tempo fa?” – vengono elaborati da sistemi diversi con diversi livelli di protezione e diverse condizioni di raccolta dati. L’utente non ha modo di sapere quale sottosistema verrà utilizzato.

Apple ha riconosciuto il trasferimento di dati, ma non lo ha considerato un problema di Apple Intelligence . Ha invece attribuito parte della colpa agli sviluppatori terzi che utilizzano SiriKit. Tuttavia, Siri stessa sta chiaramente inviando più dati del necessario, e lo fa all’insaputa dell’utente. La trasparenza è uno degli slogan principali di Apple in materia di intelligenza artificiale, ma nella pratica viene implementata in modo selettivo.

L'articolo Siri invia i dati ad Apple senza preavviso: AppleStorm rivela la verità proviene da il blog della sicurezza informatica.

Linus Torvalds ha duramente criticato il primo lotto di patch RISC-V proposte per l’inclusione in Linux 6.17, affermando che le modifiche sono arrivate troppo tardi e contenevano quella che lui ha definito “spazzatura” non correlata a RISC-V e che interessava gli header comuni del kernel.

Era particolarmente infastidito dalla nuova macro helper make_u32_from_two_u16(), che secondo Torvalds rendeva il codice meno chiaro e peggiorava le cose. Notò che la semplice scrittura del form (a mostrava immediatamente cosa stava succedendo, mentre l’uso dell'”helper” oscurava l’ordine delle parole e introduceva ambiguità.
No, questa è spazzatura ed è arrivata troppo tardi. Ho chiesto un ritiro anticipato.richieste perché sono in viaggio, e se non riesci a seguire questa regola, almeno rendi le richieste di pull *buone*.Ciò aggiunge vari elementi indesiderati che non sono specifici di RISC-V ai file di intestazione generici.E con "spazzatura" intendo davvero. Questa è roba che nessuno dovrebbe inviami, figuriamoci in ritardo in una finestra di unione.Come questo folle e inutile "helper" make_u32_from_two_u16().Quella cosa rende il mondo un posto peggiore in cui vivere. È spazzatura inutile che rende incomprensibile qualsiasi utente, e attivamente *PEGGIO* che non usare quello stupido "aiutante".
Torvalds ha sottolineato che tali modifiche non dovrebbero comparire nelle intestazioni generali, né tantomeno essere apportate alla fine della finestra di merge. Ha avvertito che non accetterà più richieste di pull tardive né consentirà la creazione di “spazzatura” al di fuori dell’albero dell’architettura RISC-V.

Secondo lui, gli autori potranno riprovare queste modifiche solo nella versione 6.18 e solo all’inizio della finestra di unione, senza modifiche controverse e inutili.

La vicenda dimostra che, anche in un ecosistema aperto e collaborativo come quello di Linux, l’inclusività non significa accettare qualsiasi contributo senza filtro. L’open source nasce per essere accessibile, ma richiede disciplina, coerenza e qualità tecnica. Come ha dimostrato Torvalds, le regole di integrazione e revisione servono a preservare la stabilità e la chiarezza del codice, evitando l’introduzione di modifiche inutili o dannose.
Ma l’open source non doveva essere inclusivo? Sì, ma inclusivo non vuol dire indulgente con la “spazzatura”: vuol dire garantire che ogni contributo sia valido, utile e ben integrato nell’interesse di tutta la comunità.

L'articolo Linus Torvalds: “Questa è Spazzatura”! Critico per la patch RISC-V per Linux 6.17 proviene da il blog della sicurezza informatica.

È solo grazie al lavoro di questi cronisti che la tragedia di Gaza è sotto gli occhi del mondo, visto che l’esercito israeliano ha sempre negato l’accesso ai giornalisti indipendenti, lasciando spazio agli embedded sotto controllo. Proprio nelle ore in cui venivano uccisi Anas Al- Sharif e i suoi colleghi, sulla tv pubblica (RaiNews 24) veniva trasmessa senza filtri la conferenza stampa di Netanyahu. Episodi che devono far riflettere la categoria sul ruolo dell’informazione nei conflitti, sulla necessità di raccontare e testimoniare i fatti, di circostanziare le dichiarazioni, di sottrarsi alle pressioni delle propagande. È più che mai necessaria una vasta mobilitazione per difendere le ragioni di un’informazione libera e indipendente, il diritto e dovere di essere testimoni sul campo dei fatti.

La Segreteria dell’ASR

dicorinto.it/associazionismo/s…

Smartphones boggle my mind a whole lot – they’re pocket computers, with heaps of power to spare, and yet they feel like the furthest from it. As far as personal computers go, smartphones are surprisingly user-hostile.

In the last year’s time, even my YouTube recommendations are full of people, mostly millennials, talking about technology these days being uninspiring. In many of those videos, people will talk about phones and the ecosystems that they create, and even if they mostly talk about the symptoms rather than root causes, the overall mood is pretty clear – tech got bland, even the kinds of pocket tech you’d consider marvellous in abstract. It goes deeper than cell phones all looking alike, though. They all behave alike, to our detriment.

A thought-provoking exercise is to try to compare smartphone development timelines to those of home PCs, and see just in which ways the timelines diverged, which forces acted upon which aspect of the tech at what points, and how that impacted the alienation people feel when interacting with either of these devices long-term. You’ll see some major trends – lack of standardization through proprietary technology calling the shots, stifling of innovation both knowingly and unknowingly, and finance-first development as opposed to long-term investments.

Let’s start with a fun aspect, and that is hackability. It’s not perceived to be a significant driver of change, but I do believe it to be severely decreasing chances of regular people tinkering with their phones to any amount of success. In other words, if you can’t hack it in small ways, you can’t really make it yours.

Can’t Tinker, Don’t Own

In order to tinker with your personal computer, you need just that, the computer itself. Generally, you need a whole another computer to hack on your smartphone; sometimes you even need a custom cable, and it’s not rare you can’t do it at all. Phone tinkering is a path you explicitly set out to do, whereas computer-based hacking is something you can do idly.
A Nokia N900 in hands of a user (by Victorgrigas, CC BY-SA 3.0)
There’s good reasons for this, of course – first, a phone was generally always a “subservient” device not meant or able to be used as a development bench unto itself. Then – phones started really growing in an age and an environment where proprietary technology reigned supreme, with NDAs and utter secrecy (particularly for GSM modems with their inordinate amount of IP) being an especially prominent fixture in the industries surrounding phones. Even Android’s open-source technology was mostly for manufacturers’ benefit rather than a design advantage for users, as demonstrated by the ever-worsening non-open-source driver situation.

Only a few phones ever bucked these trends, and those that did, developed pretty devoted followings if the hardware was worthwhile. Just look at the Nokia N900 with its hardware capability and alt OS support combo, Pixel phones with their mainline kernel support letting alternative OSes flourish, or old keypad Motorolas with leaked baseband+OS source code. They’re remembered pretty fondly, and it’s because they facilitated hacking, on-device or even off-device.

Hacking starts by probing at a device’s inner workings, deducing how things work, and testing the boundaries, but it doesn’t happen when boundaries are well-protected and hidden away from your eyes. A typical app, even on Android, is surprisingly non-explorable, and unlike with PCs, again, if you want to explore it, you need a whole another device. Does it benefit app developers? For sure. I also have a strong hunch it doesn’t benefit users that we could otherwise see become developers.

Part of it is the need to provide a polished user experience, a respectable standard to have, especially so for producing pocket computers to be used by millions of people at once. However, I’d argue that modern phones are suffocating, and that the lack of transparency is more akin to encasing an already reliable device in epoxy for no reason. A device designed to never ever challenge you, is a device that can’t help you grow, and it’s not really a device you can grow attached to, either.

Of course, complaints are one thing, and actionable suggestions is another.

What Do?

If I were asked how to fix this, I wouldn’t limit myself to opening filesystems back up to a user’s exploration habits, beyond the way they were open even in early Android days. I think modern phones could use a pre-installed Python interpreter, with a healthy amount of graphics libraries, a decent amount of control over the system, snappy well-configured autocomplete, and a library of example scripts you could edit in place; essentially, an Arduino IDE-like environment.

In other words, let people easily program phones to flash the screen every time an SMS from a specific person is received, or start audio recording when the user taps the touchscreen three times as the phone’s locked, or send accelerometer movements into a network socket as fast as the OS can receive them. Then, let them wrap those programs into apps, share apps easily with each other, and, since the trend of fast obsolescence requires regular collectie infusions of cash, transfer them from phone to phone quickly.

By the way, if days of Bluetooth and IrDA transfers evaded you, you missed out. We used to stand next to each other and transfer things from one phone to another, a field previously handled, but nowadays these things are somehow relegated to proprietary technologies like Airdrop. This isn’t a problem for personal computers, in fact, they somehow keep getting better and better at it; just recently, I transferred some movies between two laptops using a Thunderbolt cable during a flight, and somehow, this was one of the few “wow” moments that I’ve had recently with consumer-grade tech.

The idea is pretty simple on its own – if phones are to be personal computers, they should be very easy to program.

The Doohickey Port

What about a bonus suggestion, for hardware customization? USB-C ports are really cool and powerful, but they’re relatively bespoke, and you only ever get one, to be unplugged every time you need to charge or sync. Plus, even if you have OTG, all that 5V step-up action isn’t great for the battery, and neither are USB hardware/firmware stacks.

I like I2C. Do you like I2C? I know most of you do. I enjoy I2C a lot, and I like how it’s decently well standardized, to the point things tend to just work. It’s not as great at as many things as USB can be, but it’s also comparably low-frills, you don’t need a software stack or a hefty bespoke board. For the most part, with I2C, you can just send bytes back and forth. It’s a low-bandwidth yet high-impact bus, with a healthy amount of devices you can attach to it. Also, CPUs tend to have plenty of I2C ports to go around, often leaving a good few to spare.

What else? Keeping up with the times, these days, you can manufacture flex PCBs decently quickly, with stiffener at no extra cost, and for dirt cheap, too. On a physical level, phones tend to come with cases, overwhelmingly so. In a way, there’s suddenly plenty of free space on the back of a phone, for those with the eyes to see, and that’s after accounting for the ever-increasing camera bump, too.

My bonus idea to make phones more customizable at low entry level, would be an I2C accessory port. In effect, a latch-less FFC socket with exposed I2C, and some 3.3V at non-negligible power. Of course, protect all lines electrically, current-limit the 3.3V and make its power switchable. With modern tech, you don’t need to compromise waterproofing, either, and you can add a whole bunch of protection to such a port.

From there, you can get GPIOs, you can get PWM, and so much more. You could have a reasonably simple GPIO expansion, but also a fully-fledged board with DACs and ADCs bolted on, or a servo control board, or an extra display of the kind phone designers like to add once in a generation, only to find it never be used by third-party apps as sales numbers never really reach the point of wider adoption. Experimental chording keyboards, touch surfaces, thermal pixel sensors,

Does it feel like you’ve seen that implemented? Of course, this resembles the PinePhone addon scheme, with FPCs wedged between the back cover and a set of pogo pins. Notably though, this kind of standard is about having compatibility between models and even manufacturers. You also shed a lot of Bluetooth cruft generally required when developing accessories for modern phones. It requires a flex PCB, sure, but so do pogopin schemes, and there’s barely any mechanics compared to a pogopin array. Is it more fragile than a pogopin array? Yes, but it’s fragile addon-side, not as much phone-side, whereas pogopin arrays tend to be the opposite.

A Sketch And A Dream

Of course, this also relies on the aforementioned Python interpreter, and a decent exposed I2C API. If the only way to tinker with yours and others’ accessories is through bespoke intransparent apps you need a whole different device to make (or modify, if you’re lucky), the hackability aspect wanes quick. In essence, what I’m proposing is a phone-contained sandbox, not in a security sense, but in an educational sense. Personal computers have been serving as sandboxes for decades now, and yet, phones could never really fulfill such a niche.

I think one of the big problems with modern phones is that a phone is barely ever a sandbox, all for mostly historic reasons. Now, if that’s the case, we should make it one. If it’s a sandbox, then it can be molded to your needs through hacking and tinkering. If it can be molded to your needs, then it belongs to you in a whole different way. Will this happen? Quite unlikely, though, I do feel like making some prototypes. Instead, it’s about highlighting a significant aspect that contributes to tech alienation, and imagining how we could solve it given enough market buy-in.

hackaday.com/2025/08/11/smartp…

Una falla di sicurezza recentemente individuata nel noto software per la compressione di file 7-Zip ha destato considerevoli timori all’interno della comunità dedicata alla sicurezza informatica. Tutte le versioni di 7-Zip antecedenti alla 25.01 sono interessate da tale vulnerabilità, la quale scaturisce da una gestione non appropriata dei collegamenti simbolici nel corso dell’estrazione dei file.

Si trattaCVE-2025-55188, scoperto e segnalato dal ricercatore di sicurezza Landon il 9 agosto 2025, consente agli aggressori di eseguire scritture arbitrarie di file durante l’estrazione dell’archivio, portando potenzialmente all’esecuzione di codice su sistemi vulnerabili. Quando gli utenti estraggono un archivio creato in modo dannoso contenente link simbolici non sicuri, 7-Zip segue questi link durante l’estrazione, consentendo agli aggressori di scrivere file in posizioni esterne alla directory di estrazione prevista.

La vulnerabilità sfrutta il meccanismo di elaborazione dei link simbolici di 7-Zip. Secondo l’avviso di sicurezza, l’attacco richiede condizioni specifiche per avere successo. Una volta soddisfatte queste condizioni, gli aggressori possono creare archivi dannosi contenenti link simbolici che puntano a file di sistema sensibili. Una volta estratti, 7-Zip segue questi link simbolici, consentendo agli aggressori di sovrascrivere file critici come chiavi SSH, file .bashrc o altre configurazioni di sistema.

Per i sistemi Linux, gli aggressori necessitano che l’obiettivo utilizzi una versione vulnerabile di 7-Zip durante l’estrazione di un formato di archivio che supporti i link simbolici, come file ZIP, TAR, 7Z o RAR. Il processo di sfruttamento è più semplice negli ambienti Linux. Sui sistemi Windows, è necessario soddisfare requisiti aggiuntivi per uno sfruttamento efficace. Il processo di estrazione 7-Zip deve disporre di privilegi elevati o operare in modalità sviluppatore Windows per creare collegamenti simbolici. Questo rende i sistemi Windows meno vulnerabili, ma non immuni all’attacco.

Nonostante abbia ricevuto un punteggio CVSS di 2,7, che lo classifica come di bassa gravità, gli esperti di sicurezza avvertono che l’impatto pratico potrebbe essere molto più significativo. La vulnerabilità consente agli aggressori di ottenere accessi non autorizzati ed eseguire codice prendendo di mira file sensibili che controllano il comportamento del sistema. La vulnerabilità è particolarmente preoccupante perché 7-Zip visualizza i percorsi dei file prima della risoluzione del collegamento simbolico, consentendo agli aggressori di nascondere la vera destinazione delle loro scritture dannose.

La versione 25.01 di 7-Zip, rilasciata il 3 agosto 2025, risolve questa vulnerabilità con una gestione avanzata dei link simbolici. L’aggiornamento include significativi miglioramenti alla sicurezza per impedire la creazione di link simbolici non sicuri durante l’estrazione degli archivi.

L'articolo Nuova falla in 7-Zip: link simbolici trasformano un’estrazione in un hack proviene da il blog della sicurezza informatica.

IT'S MONDAY, AND THIS IS DIGITAL POLITICS. I'm Mark Scott, and I'm having some serious FOMO about missing out on the Oasis reunion concerts touring the United Kingdom. In honor of that, I give you this banger.

— Everything you need to know about the upcoming AI Impact Summit to be hosted by India early next year.

— Ahead of Donald Trump's meeting with Vladimir Putin on Aug. 15, Russia's state-based media is in a full-court propaganda press.

— Who's who in the recent shake-up in the European Commission's Directorate-General for Communications Networks, Content and Technology.

Let's get started:

digitalpolitics.co/newsletter0…

Sometimes, you build a thing because you need a thing. Sometimes, you do it just to see if you can. This project is in category two: [polymatt] didn’t need to create a floppy disk from scratch-– plenty of old disks still exist– but we’re glad he made the attempt because it makes for a fascinating video that’s embedded below.

Some of you are going to quibble with the terminology [polymatt] uses in this video: first of all, he didn’t begin by creating the universe, so is he really starting “from scratch”? Secondly, the “floppy” format he’s attempting to copy is a 3½” diskette, which does not flop at all. Alas, the vernacular has decided that “stiffy” means something totally different that you ought not to hand a co-worker, and “floppy” is the word in use now.

Choosing newer stiff-walled medium does allow him to practice his CNC skills and make the coolest-looking floppy enclosure we’ve ever seen. (It turns out brushed aluminum is even cooler-looking than the translucent neon ones.) On the other hand, we can’t help but wonder if a lower-density format 5¼” disk might have been an easier hurdle to jump. The diskette that was built does magnetize, but it can’t read or write actual files. We wonder if the older format might have been more forgiving of grain size and composition of his ferrite coating. Even more forgiving still would be to use these techniques to make magnetic tape which is a perfectly viable way to store data.

Instead of storing data, you could make your own cleaning floppy. It’s not like data storage was really the point here, anyway– its not the destination, but the journey. So whatever you call this DIY diskette, please don’t call it a flop.

Thanks to [Anonymous] for the stiff tip! If you want to slip us your tip, rest assured we will grab on and milk it for all it is worth to our readers.

youtube.com/embed/TBiFGhnXsh8?…

hackaday.com/2025/08/11/dont-s…

Running out of filament mid-print is a surefire way to ruin your parts and waste a lot of time. [LayerLab] was sick of having this problem, and so sought to find a proper solution. Unfortunately, between off-the-shelf solutions and homebrew attempts, he was unable to solve the problem to his satisfaction.

[LayerLab] had a simple desire. He wanted his printer to swap to a second spool of filament when the first one runs out, without ruining or otherwise marring the print. It sounds simple, but the reality is more complicated. As an Australian, he couldn’t access anything from InfinityFlow, so he first attempted to use the “auto refill” features included on the Bambu Labs AMS 2. However, it would routinely make filament changes in outside wall areas of a print, leaving unsightly marks and producing poorer quality parts.

His next effort was to use the Wisepro Auto Refill Filament Buffer. It’s a feeder device that takes filament from two spools, and starts feeding the backup spool in to your printer when the primary spool runs out. Unfortunately, [LayerLab] had a cavalcade of issues with the device. It would routinely feed from the secondary spool when there was still primary filament available, jamming the device, and it didn’t come with a proper mounting solution to work with consumer printers. It also had bearings popping out the top of the housing. Attempts to rework the device into a larger twin-spool rig helped somewhat, but ultimately the unreliability of the Wisepro when changing from one spool to another meant it wasn’t fit for purpose. Its feeder motors were also to trigger the filament snag cutters that [LayerLab] had included in his design.

Ultimately, the problem remains unsolved for [LayerLab]. They learned a lot along the way, mostly about what not to do, but they’re still hunting for a viable automatic filament changer solution that suits their needs. Filament sensors help, but can only do so much. If you reckon you know the answer, or a good way forward, share your thoughts in the comments. Video after the break.

youtube.com/embed/zvCZANVXaKw?…

hackaday.com/2025/08/11/the-tr…