Intelligenza Artificiale Generativa: crescita esplosiva e sfide per la sicurezza
Di Umberto Pirovano, Senior Manager Technical Solutions di Palo Alto Networks
L’Intelligenza Artificiale Generativa (GenAI) sta ridefinendo il panorama tecnologico e aziendale a una velocità sorprendente. Secondo il report di Palo Alto Networks “The State of Generative AI in 2025”, il traffico GenAI ha registrato un’impennata di oltre l’890% nel 2024. Questa crescita esplosiva è attribuibile alla maturazione dei modelli di AI, alla sempre più spinta automazione aziendale e a una maggiore diffusione, guidata da ritorni di produttività sempre più evidenti. L’aumento in termini di adozione e utilizzo segna un passaggio definitivo: la GenAI non è più una novità, ma una utility essenziale.
Secondo la Ricerca dell’Osservatorio Artificial Intelligencedel Politecnico di Milano, nel 2024 in Italia è stata laGenAIa trainare il mercato dell’intelligenza artificiale: ben il43%della spesa in questa tipologia di soluzioni riguardava esclusivamente la GenAI o progetti ibridi, che includevano anche quella tradizionale.
Tuttavia, questa rapida espansione porta con sé sfide significative, in particolare per quanto riguarda la sicurezza dei dati. Gli incidenti di prevenzione della perdita di dati (DLP) legati alla GenAI sono più che raddoppiati: nel 2025, il numero medio mensile è aumentato di 2,5 volte, rappresentando ora il 14% di tutti gli incidenti legati ai dati. Le applicazioni di GenAI amplificano un vettore crescente di perdita di informazioni, poiché un utilizzo non consentito o disattento può portare a fughe di proprietà intellettuale, problemi di conformità normativa e violazioni.
Le aziende hanno rilevato in media 66 applicazioni GenAI in uso, di cui il 10% classificate come ad alto rischio. L’utilizzo diffuso di strumenti non autorizzati, la mancanza di policy di AI chiare e la pressione ad adottare rapidamente questa tecnologia – senza adeguati controlli di sicurezza – possono esporre le imprese a rischi significativi.
La maggioranza delle transazioni di GenAI (83,8%) deriva da quattro casi d’uso principali: assistenti di scrittura, agenti conversazionali, ricerca aziendale e piattaforme per sviluppatori. Si tratta di tool popolari tra i dipendenti perché eseguono direttamente attività quotidiane e ripetitive. Gli assistenti di scrittura, ad esempio, supportano gli utenti nelle varie fasi di preparazione di un testo, dalla stesura di email alla generazione di post fino alla creazione di report. Gli agenti conversazionali offrono invece risposte istantanee in linguaggio naturale a un’ampia gamma di domande, rendendoli utili nel servizio clienti, nell’apprendimento e nella produttività.
Che le tecnologie di GenAI stiano già dimostrando un impatto positivo in numerose aree è più che evidente, come emerso anche dal report di Gartner “Inform Your Generative AI Strategy With Healthcare Provider Case Examples“. Nel settore sanitario, ad esempio, si possono citare la documentazione clinica automatizzata, il supporto alle decisioni cliniche e la personalizzazione del percorso di cura del paziente.
Anche in Italia, settori cruciali come Oil & Gas, servizi finanziari, assicurativo e sanitario, che gestiscono e conservano dati e informazioni altamente sensibili, stanno integrando la GenAI nelle loro attività per ottimizzare le operazioni, snellire i processi e incrementare efficienza e produttività. Tuttavia, il loro utilizzo rappresenta un rischio intrinseco visto il potenziale da parte degli utenti di inserire informazioni ancora riservate, esponendole così a furto o esfiltrazione. Infatti, pur avendo a disposizione applicazioni controllate e protette dalla propria azienda, non tutti i dipendenti le utilizzano, affidandosi invece ad app di terze parti, magari percepite come più efficienti, comode o semplicemente più facili da usare.
In virtù delle sue avanzate capacità di analisi predittiva, l’intelligenza artificiale rappresenta inoltre un pilastro fondamentale nella prevenzione. Attraverso l’elaborazione di dati storici e informazioni in tempo reale, i sistemi AI sono in grado di prefigurare e segnalare potenziali problematiche prima che queste possano generare conseguenze negative. Ad esempio, nel contesto finanziario, ciò si traduce nella capacità di rilevare transazioni fraudolente, mitigando le perdite economiche; in ambito sanitario, l’AI può contribuire a salvare vite umane prevedendo gli esiti clinici dei pazienti e suggerendo appropriate misure preventive.
Sfide e rischi della GenAI
L’intelligenza artificiale è una tecnologia emergente che sta catalizzando un notevole interesse. Tuttavia, è fondamentale essere consapevoli delle potenziali sfide e complessità che essa comporta. Con un numero sempre più esteso di aziende che sperimentano app GenAI di terze parti, è importante comprendere appieno il panorama di rischio:
- Mancanza di visibilità sull’utilizzo dell’AI: la “Shadow AI” rende difficile per i team di sicurezza monitorare e controllare come gli strumenti di GenAI vengono utilizzati in azienda.
- Accesso non autorizzato ed esposizione dei dati: difficoltà nel limitare l’accesso agli strumenti di GenAI tramite account personali o nel rilevare (e bloccare) quando gli utenti caricano dati sensibili.
- Interazioni AI insicure: modelli di AI “jailbroken” o manipolati possono rispondere con link dannosi e malware, o consentire il loro utilizzo per scopi non intenzionali.
- Proliferazione di plugin, copilot e agenti AI: ecosistemi di AI complessi con plugin per browser, agenti AI, bot e copilot creano un “ingresso laterale” spesso trascurato, aumentando le vulnerabilità.
In conclusione, mentre la GenAI offre opportunità senza precedenti per innovazione ed efficienza, è imperativo che le aziende adottino un approccio proattivo e strategico alla gestione dei rischi. Consapevolezza, formazione degli utenti e implementazione di policy robuste e misure concrete di sicurezza sono passi fondamentali per sfruttare appieno il potenziale della GenAI e proteggere le risorse più preziose: i dati.
L'articolo Intelligenza Artificiale Generativa: crescita esplosiva e sfide per la sicurezza proviene da il blog della sicurezza informatica.
Think You Need a New PC for Windows 11? Think Again
As the sun sets on Windows 10 support, many venues online decry the tsunami of e-waste Windows 11’s nonsensical hardware requirements are expected to create. Still more will offer advice: which Linux distribution is best for your aging PC? [Sean] from Action Retro has an alternate solution: get a 20 year old Sun Workstation, and run Windows 11 on that.
The Workstation in question from 2005 is apparently among the first Sun made using AMD’s shiny new 64-bit Opteron processor. Since Windows has no legacy 32-bit support– something it shares with certain Linux distributions– this is amongst the oldest hardware that could conceivably install and run Redmond’s latest.
And it can! Not in unaltered form, of course– the real hack here is courtesy of [ntdevlabs], whose “Tiny11” project strips all the cruft from Windows 11, including its hardware compatibility checker. [ntdevlabs] has produced a Tiny11Builder script that is available on GitHub, but the specific version [Sean] used is available on Archive.org.
[Sean] needed the archived version of Tiny11 because Windows 11 builds newer than 22H2 use the POPCNT operation, which was not present in AMD’s first revision of the x86_64 instruction set. POPCNT is part of Intel’s SSE4 extension from 2007, a couple years after this workstation shipped.
If you’re sick of being told to switch to Linux, but can’t stomach staying with Windows either, maybe check out Haiku, which we reported as ready for daily driving early last year.
youtube.com/embed/LuyC0y7Ahfg?…
Mauro in montagna likes this.
Mauro in montagna reshared this.
A Deep Dive on Creepy Cameras
George Orwell might’ve predicted the surveillance state, but it’s still surprising how many entities took 1984 as a how-to manual instead of a cautionary tale. [Benn Jordan] decided to take a closer look at the creepy cameras invading our public spaces and how to circumvent them.
[Jordan] starts us off with an overview of how machine learning “AI” is used Automated License Plate Reader (ALPR) cameras and some of the history behind their usage in the United States. Basically, when you drive by one of these cameras, an ” image segmentation model or something similar” detects the license plate and then runs optical character recognition (OCR) on the plate contents. It will also catalog any bumper stickers with the make and model of the car for a pretty good guess of it being your vehicle, even if the OCR isn’t 100% on the exact plate sequence.
Where the video gets really interesting is when [Jordan] starts disassembling, building, and designing countermeasures to these systems. We get a teardown of a Motorola ALPR for in-vehicle use that is better at being closed hardware than it is at reading license plates, and [Jordan] uses a Raspberry Pi 5, a Halo AI board, and You Only Look Once (YOLO) recognition software to build a “computer vision system that’s much more accurate than anything on the market for law enforcement” for $250.
[Jordan] was able to develop a transparent sticker that renders a license plate unreadable to the ALPR but still plainly visible to a human observer. What’s interesting is that depending on the pattern, the system could read it as either an incorrect alphanumeric sequence or miss detecting the license plate entirely. It turns out, filtering all the rectangles in the world to find just license plates is a tricky problem if you’re a computer. You can find the code on his Github, if you want to take a gander.
You’ve probably heard about using IR LEDs to confuse security cameras, but what about yarn? If you’re looking for more artistic uses for AI image processing, how about this camera that only takes nudes or this one that generates a picture based on geographic data?
youtube.com/embed/Pp9MwZkHiMQ?…
reshared this
Global Sumud Flotilla: fermi ma non immobili
@Giornalismo e disordine informativo
articolo21.org/2025/09/global-…
L’attesa consuma. Schiaccia, scoperchia i corpi e fa volare via i pensieri come il vento che ci aspetta se solo riuscissimo a partire. Per mille ragioni, le barche da Tunisi hanno rallentato e noi ci siamo trovati ad aspettare in una baia con
Nicola Pizzamiglio likes this.
L’Italia ha la sua legge sull’AI, gli impatti privacy e cyber: tutti i punti chiave
@Informatica (Italy e non Italy 😁)
Il DDL sull’intelligenza artificiale tutto all’italiana è stato definitivamente approvato in Senato. L’obiettivo del legislatore è quello di regolare l’uso dell'AI in campi come sanità, lavoro e giustizia. Analizziamo il testo definitivo,
Appello contro il bullismo degli adulti
@Giornalismo e disordine informativo
articolo21.org/2025/09/appello…
Per una responsabilità educativa di chi ha voce, potere e rappresentanza In questi anni il fenomeno del bullismo giovanile è esploso in modo impressionante, i giornali riportano ogni giorno episodi che coinvolgono ragazzi e talvolta anche bambini. Ci sono
Enhanced Definition TV: “A Poor Man’s High-Def”
Although to many of us the progression from ‘standard definition’ TV and various levels of high-definition at 720p or better seemed to happen smoothly around the turn of the new century, there was a far messier technological battle that led up to this. One of these contenders was Enhanced Definition TV (EDTV), which was 480p in either 4:3 or 16:9, as a step up from Standard Definition TV (SDTV) traditional TV quality. The convoluted history of EDTV and the long transition to proper HDTV is the subject of a recent video by [VWestlife].
One reason why many people aren’t aware of EDTV is because of marketing. With HDTV being the hot new bullet point to slap on a product, a TV being widescreen was often enough to market an EDTV with 480p as ‘HD’, not to mention the ‘HD-compatible’ bullet point that you could see everywhere.
That said, the support for digital 480p and ‘simplified 1080i’ signals of EDTV makes these displays still quite usable today, more than SDTV CRTs and LCDs that are usually limited to analog signals-only at regular NTSC, PAL or SECAM. It may not be HD, but at least it’s enhanced.
youtube.com/embed/J0as4DiswGU?…
A La Spezia la presentazione de “Il bosco fiorito” – Psichedelia: orizzonti di cura
“Il bosco fiorito” – Psichedelia: orizzonti di cura
Venerdì 26 settembre 2025, ore 18:30 – Via Tommaseo 49, La Spezia
Venerdì 26 settembre, a La Spezia, si terrà la presentazione del libro “Il bosco fiorito – Psichedelia: orizzonti di cura”, edito da Animamundi Edizioni.
All’incontro interverranno Letizia Renzini, curatrice del volume e membro di MAPS Italia, Claudia Moretti e Marco Perduca, autori del libro.
L’evento è promosso dall’Associazione Luca Coscioni, MAPS Italia e Librerittutti, la partecipazione è libera e aperta a tutte e tutti, fino a esaurimento posti.
L'articolo A La Spezia la presentazione de “Il bosco fiorito” – Psichedelia: orizzonti di cura proviene da Associazione Luca Coscioni.
Radio Popolare: "Kimmel, Colbert e gli altri. L’attacco della destra di Trump alla libertà di parola negli Usa"
(articolo di Roberto Festa, Radio Popolare, 18 set. 2025
radiopopolare.it/kimmel-colber…)
“Sospensione” a tempo indeterminato per lo show di Jimmy Kimmel. Lo annuncia ABC, che di fatto “silura” uno dei suoi volti più popolari, star dell’intrattenimento della tarda serata TV. Kimmel, in trasmissione, aveva detto: “Abbiamo toccato nuovi minimi nel fine settimana, con la banda MAGA che cerca disperatamente di caratterizzare questo ragazzo che ha assassinato Charlie Kirk come qualcosa di diverso da uno di loro, e fa tutto il possibile per ottenerne vantaggi politici”. La sospensione dello show di Jimmy Kimmel è stata chiesta direttamente da Brendan Carr, avvocato, vicino a Donald Trump, chairman della Federal Communication Commission, l’agenzia responsabile di controlli e regolamentazioni del mondo dell’audiovisivo. Carr ha minacciato ABC – quindi la sua proprietà, Disney – di ritiro della licenza, nel caso non fossero stati presi provvedimenti contro Kimmel – che non è peraltro l’unica vittima della nuova, difficile fase nei rapporti tra media e governo americano. CBS ha chiuso il programma di Stephen Colbert, altro ospite della tarda serata americana, altro critico feroce di Trump. Il presidente ha appena chiesto al New York Times 15 miliardi di danni per averne messo in discussione la “reputazione personale e professionale”. Sempre ABC e CBS, nei mesi scorsi, si erano piegati a pagare 16 milioni di dollari al presidente in cause piuttosto pretestuose. L’omicidio di Charlie Kirk ha ulteriormente rafforzato la stretta repressiva. Il Washington Post ha licenziato una sua opinionista, Karen Attiah, che ha accusato la destra di “doppio standard razziale” nella morte di Kirk. MSNBC ha allontanato un suo analista, Matthew Dowd, che ha chiamato Kirk divisivo. Sono vicende che arrivano nel momento in cui le grandi corporation hanno bisogno del via libera dell’amministrazione per le loro strategie. Dalla fusione di Paramount Skydance e Warner Bros sta per nascere il più grande conglomerato americano della comunicazione – da CNN al cinema a MTV a TikTok – controllato da Larry Ellison, magnate e finanziatore della destra americana, intimo di Benjamin Netanyahu. Tra affari, cause, licenziamenti, la vittima è soprattutto una. La libertà di pensiero e parola negli Stati Uniti.
*
(cfr. anche radiopopolare.substack.com/)
Kimmel, Colbert e gli altri. L’attacco della destra di Trump alla libertà di parola negli Usa
“Sospensione” a tempo indeterminato per lo show di Jimmy Kimmel. Lo annuncia ABC, che di fatto “silura” uno dei suoi volti più popolari.Roberto Festa (Radio Popolare)
reshared this
A Roma Magick Talk – La cultura psichedelica in Italia
Magick Talk – La cultura psichedelica in Italia
Venerdì 19 settembre, alle ore 18:30, il Magick Bar di Roma ospita Magick Talk, un momento di confronto aperto e interdisciplinare tra studiosi, attivisti e ricercatori.
Intervengono:
Federico Di Vita
Sara Ballotti
Marco Perduca
Raffaello Caiano
Enrico Greco
Georgia Wilson Jones
L’evento è organizzato in collaborazione con The Magick Bar e Illuminismo Psichedelico, e intende contribuire al dibattito pubblico sull’uso consapevole delle sostanze psichedeliche, con particolare attenzione agli aspetti culturali, scientifici, terapeutici e politici.
Ingresso libero fino a esaurimento posti.
Per informazioni: Illuminismo Psichedelico – Instagram
L'articolo A Roma Magick Talk – La cultura psichedelica in Italia proviene da Associazione Luca Coscioni.
Worst Clock Ever Teaches You QR Codes
[WhiskeyTangoHotel] wrote in with his newest clock build — and he did warn us that it was minimalist and maybe less than useful. Indeed, it is nothing more than a super-cheap ESP32-C3 breakout board with an OLED screen and some code. Worse, you can’t even tell the time on it without pointing your cell phone at the QR code it generates. Plot twist: you skip the QR code and check the time on your phone.
But then we got to thinking, and there is actually a lot to learn from here on the software side. This thing pulls the time down from an NTP server, formats it into a nice human-readable string using strftime, throws that string into a QR code that’s generated on the fly, and then pushes the bits out to the screen. All in a handful of lines of code.
As always, the secret is in the libraries and how you use them, and we wanted to check out the QR code generator, but we couldn’t find an exact match for QRCodeGenerator.h. Probably the most popular library is the Arduino QRCode library by [ricmoo]. It’s bundled with Arduino, but labelled version 0.0.1, which we find a little bit modest given how widely it’s used. It also hasn’t been updated in eight years: proof that it just works?
That library drew from [nayuki]’s fantastically documented multi-language QR-Code-generator library, which should have you covered on any platform you can imagine, with additional third-party ports to languages you haven’t even heard of. That’s where we’d go for a non-Arduino project.
What library did [WTH] use? We hope to find out soon, but at least we found a couple good candidates, and it appears to be a version of one or the other.
We’ve seen a lot of projects where the hacker generates a QR code using some online tool, packs the bits into a C header array, and displays that. That’s fine when you only need a single static QR code, but absolutely limiting when you want to make something dynamic. You know, like an unreadable clock.
You will not be surprised to know that this isn’t the first unreadable QR-code clock we’ve featured here. But it’s definitely the smallest and most instructive.
youtube.com/embed/rA7HXQxqpPA?…
La democrazia delle democrazie, e i nostri governi,.come molti subnormali, ammirano questa società...
Giudice USA ordina espulsione del leader pro‐Palestina
Un giudice della Louisiana ha ordinato l’espulsione dagli Stati Uniti di Mahmoud Khalil, noto leader delle proteste filopalestinesi nei campus universitari a livello nazionale, verso l’Algeria o la Siria, sostenendo che nella sua domanda per la green card avrebbe intenzionalmente nascosto informazioni sostanziali. Khalil, residente permanente legale, sposato con una cittadina americana e padre di un figlio negli USA, in una dichiarazione all’ong American Civil Liberties Union (Aclu) ha risposto accusando l’amministrazione Trump di “vendicarsi” per il suo impegno politico.
L'indipendente.
lindipendente.online/2025/09/1…
24 MILA FIRME CONTRO I POTERI SPECIALI DI GUALTIERI
Il 23 e 24 settembre dalle 12.00 alle 18.00 l'Unione dei Comitati contro l'inceneritore sarà in presidio a Piazza Capranica, alle spalle di Montecitorio, perché le 24 mila firme raccolte contro i poteri speciali di Gualtieri sono il nostro biglietto da visita per la due giorni di mobilitazioni a Roma.
Le 24 mila firme chiedono alle due Camere del Parlamento che Gualtieri, al pari di ogni cittadino della Repubblica, sia tenuto al rispetto delle leggi, nel suo caso di tutte quelle di settore. Prima di ogni altra normativa chiediamo che sia tenuto al rispetto del testo unico ambientale perché è inconcepibile che si possa fare un impianto di incenerimento che brucerà 600mila tonnellate per oltre 30 anni senza rispettare il codice dell'ambiente che disciplina, tra l'altro, l'intera materia dei rifiuti, impianti compresi.
Le migliaia di persone che hanno sottoscritto la petizione hanno riposto fiducia nell'istituzione parlamentare. La prossima settimana saremo quindi in presidio rivolgendoci alla Camera dei deputati, un'assemblea legislativa differente da quella che ha convertito il decreto legge n. 50/22. In più circostanze la famigerata norma attributiva dei poteri speciali, articolo 13, è stata oggetto di discussione e votazioni senza però portare mai a una modifica normativa. Ora che però il Giubileo sta per concludersi, motivo alla base dell'attribuzione dei poteri speciali è necessario mettere termine alla stagione di un Gualtieri posto, dalla legge stessa, al di sopra delle leggi. Come Unione dei Comitati abbiamo il dovere di far valere ognuna di quelle 24 mila firme.
Alle deputate e ai deputati, di maggioranza come di minoranza, chiediamo la modifica normativa per ripristinare il diritto che con l'articolo 13 del DL n.50/2022 è stato irrimediabilmente leso laddove conferisce al Sindaco di Roma potere assoluto.
Per le bambine e i bambini che hanno aperto i nostri due cortei estivi e per tutti noi che abbiamo il diritto di vivere liberi dai veleni di Roma, chiediamo che il Parlamento ripristini la giustizia modificando la norma affinché anche Gualtieri finalmente rispetti le leggi.
#Ambiente #StopInceneritore #NoInceneritore #NoInceneritori #ZeroWaste #Rifiuti #Riciclo #EconomiaCircolare #NoAlCarbone #EnergiaPulita
si può pensare che l'articolo linkato contenga informazione. invece a leggerlo bene non contiene alcuna informazione ma ha l'unisco scopo di spaventare. spaventare invece di spaventare.
quale è il problema. una cultura alimentare sana deriva dalla conoscenza degli alimenti. dalla conoscenza di come gli alimenti si preparano o sono preparati. uno sheff moderno davvero preparato è di fatto praticamente un chimico.
e nell'articolo indicato dove sono esattamente le informazioni. un elenco degli additivi indicando additivo per additivo l'effetto e quali hanno un nome strano ma sono comunque prodotti direttamente presi da sostanza già trovare in natura? e invece gli accostamenti tra cibi?
è come quando si demonizzano le bevande (quelle gassate naturalmente, non si sa perché, sono le peggiori) facendo vedere immagini del contenuto di zucchero senza neppure riferirsi a prodotti specifici.
non si costruisce un mondo migliore e più consapevole spaventando, ma informando.
si insegna a leggere le etichette, a distinguere gli additivi sani (e ce ne sono), da quelli sospetti a quelli sicuramente dannosi. si specificano i dosaggi dei vari additivi e si indica a seconda del dosaggio quali sono le dosi di prodotto consigliate, tollerate e da evitare.
per le bevande si insegna a leggere l'etichetta.
a distinguere tra ciò che ha il sapore di zucchero ed è zucchero, a magari ciò che ha un sapore dolce ma è una proteina.
insomma. si informa. con pazienza. e non si fa solo terrorismo psicologico indiscriminato.
e perché? perché
1) il terrorismo psicologico non funziona perché siamo abituati a gente che ci terrorizza senza motivo
2) perché non è il modo di produrre una consapevolezza maggiore
Cibi ultra-processati: quali sono e perché fanno male | Mario Negri
Gli alimenti che fanno parte dell'elenco dei cibi ultra-processati e i loro effetti negativi sulla salute: cancro, diabete, mortalità precoce.www.marionegri.it
Dale Britt Bendler “earned approximately $360,000 in private client fees while also working as a full-time CIA contractor with daily access to highly classified material that he searched like it was his own personal Google,” according to a court record.#News
Contractor Used Classified CIA Systems as ‘His Own Personal Google’
This article was produced in collaboration with Court Watch, an independent outlet that unearths overlooked court records. Subscribe to them here.A former CIA official and contractor, who at the time of his employment dug through classified systems for information he then sold to a U.S. lobbying firm and foreign clients, used access to those CIA systems as “his own personal Google,” according to a court record reviewed by 404 Media and Court Watch.
💡
Do you know anything else about this case? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.Dale Britt Bendler, 68, was a long running CIA officer before retiring in 2014 with a full pension. He rejoined the agency as a contractor and sold a wealth of classified information, according to the government’s sentencing memorandum filed on Wednesday. His clients included a U.S. lobbying firm working for a foreigner being investigated for embezzlement and another foreign national trying to secure a U.S. visa, according to the court record.
This post is for subscribers only
Become a member to get access to all content
Subscribe nowContractor Used Classified CIA Systems as ‘His Own Personal Google’
Dale Britt Bendler “earned approximately $360,000 in private client fees while also working as a full-time CIA contractor with daily access to highly classified material that he searched like it was his own personal Google,” according to a court re…Joseph Cox (404 Media)
Breaking News Channel reshared this.
Academic workers are re-thinking how they live and work online after some have been fired for criticizing Charlie Kirk following his death.#News
Union Warns Professors About Posting In the ‘Current Climate’
A union that represents university professors and other academics published a guide on Wednesday tailored to help its members navigate social media during the “current climate.” The advice? Lock down your social media accounts, expect anything you post will be screenshotted, and keep things positive. The document ends with links to union provided trauma counseling and legal services.The American Association of University Professors (AAUP) published the two page document on September 17, days after the September 10 killing of right-wing pundit Charlie Kirk. The list of college professors and academics who've been censured or even fired for joking about, criticizing, or quoting Kirk after his death is long.
playlist.megaphone.fm?p=TBIEA2…
Clemson University in South Carolina fired multiple members of its faculty after investigating their Kirk-related social media posts. On Monday the state’s Attorney General sent the college a letter telling it that the first amendment did not protect the fired employees and that the state would not defend them. Two universities in Tennessee fired multiple members of the staff after getting complaints about their social media posts. The University of Mississippi let a member of the staff go because they re-shared a comment about Kirk that people found “insensitive.” Florida Atlantic University placed an art history professor on administrative leave after she posted about Kirk on social media. Florida's education commissioner later wrote a letter to school superintendents warning them there would be consequences for talking about Kirk in the wrong way. “Govern yourselves accordingly,” the letter said.AAUP’s advice is meant to help academic workers avoid ending up as a news story. “In a moment when it is becoming increasingly difficult to predict the consequences of our online speech and choices, we hope you will find these strategies and resources helpful,” it said.
Here are its five explicit tips: “1. Set your personal social media accounts to private mode. When prompted, approve the setting to make all previous posts private. 2. Be mindful that anything you post online can be screenshotted and shared. 3. Before posting or reposting online commentary, pause and ask yourself: a. Am I comfortable with this view potentially being shared with my employer, my students, or the public? Have I (or the person I am reposting) expressed this view in terms I would be comfortable sharing with my employer, my students, or the public?”
The advice continues: “4. In your social media bios, state that the views expressed through the account represent your own opinions and not your employer. You do not need to name your employer. Consider posting positive statements about positions you support rather than negative statements about positions you disagree with. Some examples could be: ‘Academic freedom is nonnegotiable,’ ‘The faculty united will never be divided,’ ‘Higher ed research saves lives,’ ‘Higher ed transforms lives,’ ‘Politicians are interfering with your child’s education.’”
The AAUPthen provides five digital safety tips that include setting up strong passwords, installing software updates as soon as they’re available, using two-factor authentication, and never using employer email addresses outside of work.
The last tip is the most revealing of how academics might be harassed online through campaigns like Turning Point USA’s “Professor Watchlist.” “Search for your name in common search engines to find out what is available about you online,” AAUP advises. “Put your name in quotation marks to narrow the search. Search both with and without your institution attached to your name.”
After that, the AAUP provided a list of trauma, counseling, and insurance services that its members have access to and a list of links to other pieces of information about protecting themselves.
“It’s good basic advice given that only a small number of faculty have spent years online in my experience, it’s a good place to start,” Pauline Shanks Kaurin, the former military ethics professor at the U.S. Naval War College told 404 Media. Kaurin resigned her position at the college earlier this year after realizing that the college would not defend academic freedom during Trump’s second term.
“I think this reflects the heightened level of scrutiny and targeting that higher ed is under,” Kaurin said. “While it’s not entirely new, the scale is certainly aided by many platforms and actors that are engaging on [social media] now when in the past faculty might have gotten threatening phone calls, emails and hard copy letters.”
The AAUP guidance was co-written by Isaac Kamola, an associate professor at Trinity College and the director of the AAUP’s Center for Academic Freedom. Kamola told 404 Media that the recommendations came for years of experience working with faculty who’ve been on the receiving end of targeted harassment campaigns. “That’s incredibly destabilizing,” he said. “It’s hard to explain what it’s like until it happens to you.”
Kamola said that academic freedom was already under threat before Kirk’s death. “It’s a multi-decade strategy of making sure that certain people, certain bodies, certain dies, are not in higher education, so that certain other ones can be, so that you can reproduce the ideas that a political apparatus would prefer existed in a university,” he said.
It’s telling that the AAUP felt the need to publish this, but the advice is practical and actionable, even for people outside of academia. Freedom of expression is under attack in America and though academics and other public figures are perhaps under the most threat, they aren’t the only ones. Secretary of Defense Pete Hegseth said the Pentagon is actively monitoring the social media activity of military personnel as well as civilian employees of the Department of Defense.
“It is unacceptable for military personnel and Department of War civilians to celebrate or mock the assassination of a fellow American,” Sean Parnell, public affairs officer at the Pentagon, wrote on X, using the new nickname for the Department of Defense. In the private sector, Sony fired one of its video game developers after they made a joke on X about Kirk’s death and multiple journalists have been fired for Kirk related comments.
AAUP did not immediately respond to 404 Media’s request for comment.
MSNBC fires analyst Matthew Dowd over Charlie Kirk shooting remarks
Dowd said the slain activist’s words may have fueled the violence that claimed his life, sparking backlashJoseph Gedeon (The Guardian)
Breaking News Channel reshared this.
La censura targata #MAGA
La censura targata MAGA
A poco più di una settimana dall’assassinio dell’attivista ultra-conservatore Charlie Kirk, ha già fatto numerose vittime la caccia alle streghe ordinata dalla Casa Bianca contro i presunti mandanti e chiunque si azzardi a mettere in dubbio la versio…www.altrenotizie.org
Mi ha contattato un bot, #awakari, qualcuno sa di cosa si tratti?
Ho visto che è un progetto su GitHub quindi ho pensato potesse non essere un vampiro-succhia-dati.
Poliversity - Università ricerca e giornalismo reshared this.
Radio Apocalypse: Clearing the Air with SCATANA
For the most part, the Radio Apocalypse series has focused on the radio systems developed during the early days of the atomic age to ensure that Armageddon would be as orderly an affair as possible. From systems that provided backup methods to ensure that launch orders would reach the bombers and missiles, to providing hardened communications systems to allow survivors to coordinate relief and start rebuilding civilization from the ashes, a lot of effort went into getting messages sent.
Strangely, though, the architects of the end of the world put just as much thought into making sure messages didn’t get sent. The electronic village of mid-century America was abuzz with signals, any of which could be abused by enemy forces. CONELRAD, which aimed to prevent enemy bombers from using civilian broadcast signals as navigation aids, is a perfect example of this. But the growth of civil aviation through the period presented a unique challenge, particularly with the radio navigation system built specifically to make air travel as safe and reliable as possible.
Balancing the needs of civil aviation against the possibility that the very infrastructure making it possible could be used as a weapon against the U.S. homeland is the purpose of a plan called Security Control of Air Traffic and Air Navigation Aids, or SCATANA. It’s a plan that cuts across jurisdictions, bringing military, aviation, and communications authorities into the loop for decisions regarding when and how to shut down the entire air traffic system, to sort friend from foe, to give the military room to work, and, perhaps most importantly, to keep enemy aircraft as blind as possible.
Highways in the Sky
As its name suggests, SCATANA has two primary objectives: to restrict the availability of radio navigation aids during emergencies and to clear the airspace over the United States of unauthorized traffic. For safety’s sake, the latter naturally follows the former. By the time the SCATANA rules were promulgated, commercial aviation had become almost entirely dependent on a complex array of beacons and other radio navigation aids. While shutting those aids down to deny their use to enemy bombers was obviously the priority, safety demanded that all the planes currently using those aids had to be grounded as quickly as possible.
Understanding the logic behind SCATANA requires at least a basic insight into these radio navigation aids. The Federal Communications Commission (FCC) has jurisdiction over these aids, listing “VOR/DME, ILS, MLS, LF and HF non-directional beacons” as subject to shutdown in times of emergency. That’s quite a list, and while the technical details of the others are interesting, particularly the Adcock LF beacon system used by pilots to maneuver onto a course until alternating “A” and “N” Morse characters merged into a single tone, but for practical purposes, the one with the most impact on wartime security is the VOR system.
VOR, which stands for “VHF omnidirectional range,” is a global system of short-range beacons used by aircraft to determine their direction of travel. The system dates back to the late 1940s and was extensively built out during the post-war boom in commercial aviation. VOR stations define the “highways in the air” that criss-cross the country; if you’ve ever wondered why the contrails of jet airliners all follow similar paths and why the planes make turns at more or less the same seemingly random point in the sky, it’s because they’re using VOR beacons as waypoints.
In its simplest form, a VOR station consists of an omnidirectional antenna transmitting at an assigned frequency between 108 MHz and 117.95 MHz, hence the “VHF” designation. The frequency of each VOR station is noted on the sectional charts pilots use for navigation, along with the three-letter station identifier, which is transmitted by the station in Morse so pilots can verify which station their cockpit VOR equipment is tuned to.
Each VOR station encodes azimuth information by the phase difference between two synchronized 30 Hz signals modulated onto the carrier, a reference signal and a variable signal. In conventional VOR, the amplitude-modulated variable signal is generated by a rotating directional antenna transmitting a signal in-phase with the reference signal. By aligning the reference signal with magnetic north, the phase angle between the FM reference and AM variable signals corresponds to the compass angle of the aircraft relative to the VOR station.
youtube.com/embed/R0Vzaf14SKQ?…
More modern Doppler VORs, or DVORs, use a ring of antennas to electronically create the reference and variable signals, rather than mechanically rotating the antenna. VOR stations are often colocated with other radio navigation aids, such as distance measuring equipment (DME), which measures the propagation delay between the ground station and the aircraft to determine the distance between them, or TACAN, a tactical air navigation system first developed by the military to provide bearing and distance information. When a VOR and TACAN stations are colocated, the station is referred to as a VORTAC.
Shutting It All Down
At its peak, the VOR network around the United States numbered almost 1,000 stations. That number is on the decrease now, thanks to the FAA’s Minimum Operational Network plan, which seeks to retire all but 580 VOR stations in favor of cockpit GPS receivers. But any number of stations sweeping out fully analog, unencrypted signals on well-known frequencies would be a bonanza of navigational information to enemy airplanes, which is why the SCATANA plan provides specific procedures to be followed to shut the whole thing down.
SCATANA is designed to address two types of emergencies. The first is a Defense Emergency, which is an outright attack on the United States homeland, overseas forces, or allied forces. The second is an Air Defense Emergency, which is an aircraft or missile attack on the continental U.S., Canada, Alaska, or U.S. military installations in Greenland — sorry, Hawaii. In either case, the attack can be in progress, imminent, or even just probable, as determined by high-ranking military commanders.
In both of those situations, military commanders will pass the SCATANA order to the FAA’s network of 22 Air Route Traffic Control Centers (ARTCC), the facilities that handle traffic on the routes defined by VOR stations. The SCATANA order can apply to all of the ARTCCs or to just a subset, depending on the scale of the emergency. Each of the concerned centers will then initiate physical control of their airspace, ordering all aircraft to land at the nearest available appropriate airport. Simultaneously, if ordered by military authority, the navigational aids within each ARTCC’s region will be shut down. Sufficient time is obviously needed to get planes safely to the ground; SCATANA plans allow for this, of course, but the goal is to shut down navaids as quickly as possible, to deny enemy aircraft or missiles any benefit from them.
As for the specific instructions for shutting down navigational aids, the SCATANA plan is understandable mute on this subject. It would not be advisable to have such instructions readily available, but there are a few crumbs of information available in the form of manuals and publicly accessible documents. Like most pieces of critical infrastructure these days, navaid ground stations tend to be equipped with remote control and monitoring equipment. This allows maintenance technicians quick and easy access without the need to travel. Techs can perform simple tasks, such as switching over from a defective primary transmitter to a backup, to maintain continuity of service while arrangements are made for a site visit. Given these facts, along with the obvious time-critical nature of an enemy attack, SCATANA-madated navaid shutdowns are probably as simple as a tech logging into the ground station remotely and issuing a few console commands.
A Day to Remember
For as long as SCATANA has been in effect — the earliest reference I could find to the plan under that name dates to 1968, but the essential elements of the plan seem to date back at least another 20 years — it has only been used in anger once, and even then only partially. That was on that fateful Tuesday, September 11, 2001, when a perfect crystal-blue sky was transformed into a battlefield over America.
By 9:25 AM Eastern, the Twin Towers had both been attacked, American Airlines Flight 77 had already been hijacked and was on its way to the Pentagon, and the battle for United Flight 93 was unfolding above Ohio. Aware of the scope of the disaster, staff at the FAA command center in Herndon, Virginia, asked FAA headquarters if they wanted to issue a “nationwide ground stop” order. While FAA brass discussed the matter, Ben Sliney, who had just started his first day on the job as operations manager at the FAA command center, made the fateful decision to implement the ground stop part of the SCATANA plan, without ordering the shutdown of navaids.
The “ground stop” orders went out to the 22 ARTCCs, which began the process of getting about 4,200 in-flight aircraft onto the ground as quickly and safely as possible. The ground stop was achieved within about two hours without any further incidents. The skies above the country would remain empty of civilian planes for the next two days, creating an eerie silence that emphasized just how much aviation contributes to the background noise of modern life.
youtube.com/embed/bo1ZtpKqlYw?…
GitLab risolve vulnerabilità critica: pericolo per server Community ed Enterprise
La piattaforma di sviluppo collaborativo GitLab ha annunciato la correzione di una vulnerabilità critica, identificata come CVE-2025-6454. Il problema riguardava le installazioni server delle edizioni Community ed Enterprise e consentiva l’esecuzione di richieste a risorse interne tramite intestazioni webhook appositamente create.
L’attacco richiedeva un account con privilegi di sviluppatore minimi e non era necessario alcun intervento da parte di altri utenti.
Il bug ha ricevuto un punteggio CVSS elevato di 8,5 su 10. Ha interessato le versioni dalla 16.11 alla 18.1.6, dalla 18.2 alla 18.2.6 e dalla 18.3 alla 18.3.2. Le correzioni sono state incluse nella versione 18.3.2, pubblicata il 10 settembre. GitLab ha sottolineato che il problema è stato scoperto tramite un programma di bug hunting e che il rapporto è stato redatto da un ricercatore con lo pseudonimo “ppee ” .
La vulnerabilità era unica in quanto consentiva di aggirare le restrizioni di isolamento della rete. Le richieste potevano essere inviate a proxy interni, servizi di metadati o API locali. Questo era visibile nei registri eventi tramite intestazioni HTTP non standard e richieste a indirizzi atipici. Gli esperti avvertono che tali attacchi potrebbero portare alla fuga di dati riservati e alla compromissione dell’integrità dell’infrastruttura.
Al momento della pubblicazione, non esiste alcun exploit pubblicamente disponibile, né vi sono prove di un effettivo sfruttamento. Tuttavia, il potenziale pericolo è elevato: la descrizione afferma che la vulnerabilità ha un impatto sulla riservatezza, la disponibilità e l’integrità dei dati.
Si consiglia agli sviluppatori di aggiornare GitLab alle versioni 18.1.6, 18.2.6 o 18.3.2 o successive il prima possibile. Si consiglia inoltre di rivedere le impostazioni dei webhook e di disabilitare l’uso di intestazioni personalizzate, se impostabili dagli utenti.
Per le distribuzioni basate su proxy inversi, si consiglia di limitare l’accesso di GitLab alle risorse interne. Si consiglia inoltre di monitorare i log per individuare richieste sospette e di segmentare la rete per impedire accessi indesiderati.
L'articolo GitLab risolve vulnerabilità critica: pericolo per server Community ed Enterprise proviene da il blog della sicurezza informatica.
Supply Chain Wormable? Arrivano i pacchetti NPM con malware auto-propagante
I ricercatori di sicurezza hanno scoperto la compromissione di oltre 180 pacchetti npm, infettati da un malware auto-propagante progettato per infettare altri pacchetti. La campagna, soprannominata Shai-Hulud, è probabilmente iniziata con l’hacking del pacchetto @ctrl/tinycolor, scaricato oltre 2 milioni di volte a settimana.
Il nome Shai-Hulud deriva dai file shai-hulud.yaml utilizzati dal malware. È un riferimento ai giganteschi vermi delle sabbie di Dune di Frank Herbert. Il problema è stato portato per la prima volta all’attenzione dello sviluppatore Daniel Pereira, che ha avvisato la comunità di un attacco su larga scala alla catena di fornitura.
“In questo momento, mentre leggete questo, è in corso la distribuzione di malware all’interno di npm”, ha affermato Pereira, esortando tutti a non installare le ultime versioni di @ctrl/tinycolor.
Lo sviluppatore ha tentato di avvisare il team di sicurezza di GitHub tramite canali privati, poiché gli aggressori avevano preso di mira “repository multipli” e divulgare pubblicamente l’attacco avrebbe potuto creare ulteriori rischi. Tuttavia, contattare GitHub si è rivelato troppo difficile, quindi Pereira ha segnalato pubblicamente il problema.
I ricercatori di Socket e Aikido stanno attualmente indagando sull’incidente e hanno scoperto che almeno 187 pacchetti sono stati compromessi. Tra i pacchetti interessati, diversi sono pubblicati dall’account npmjs dell’azienda di sicurezza informatica CrowdStrike.
“Dopo aver scoperto diversi pacchetti dannosi nel registro pubblico npm (un repository open source di terze parti), li abbiamo rimossi rapidamente e aggiornato preventivamente le nostre chiavi”, hanno riferito i rappresentanti di CrowdStrike. “Questi pacchetti non sono utilizzati da Falcon, la nostra piattaforma non è interessata e i clienti rimangono protetti. Stiamo collaborando con npm e conducendo un’indagine approfondita.”
ReversingLabs, a sua volta, descrive questo incidente come “il primo del suo genere, un worm autoreplicante che infetta i pacchetti npm e ruba i token cloud”. I ricercatori ritengono che l’attacco abbia avuto origine nel pacchetto rxnt-authentication, una versione dannosa del quale è stata pubblicata su npm il 14 settembre 2025.
Secondo ReversingLabs, il responsabile di techsupportrxnt può essere considerato il “paziente zero”. La chiave per scoprire la fonte dell’attacco risiede nel modo esatto in cui l’account techsupportrxnt è stato compromesso. È possibile che tutto sia iniziato con un’email di phishing o con lo sfruttamento di una GitHub Action vulnerabile.
Le versioni compromesse dei pacchetti sono dotate di un meccanismo di autopropagazione del malware, che prende di mira altri pacchetti dei gestori interessati. Secondo i ricercatori di Socket, il malware ha scaricato ogni pacchetto dal manutentore, ha modificato il suo package.json, ha iniettato lo script bundle.js, ha riconfezionato l’archivio e lo ha pubblicato di nuovo, “garantendo così la trojanizzazione automatica dei pacchetti downstream”.
Lo script bundle.js utilizza TruffleHog, uno scanner legittimo per la ricerca di segreti, progettato per sviluppatori e professionisti di sicurezza. TruffleHog consente di rilevare informazioni riservate trapelate accidentalmente, come chiavi API, password e token, da repository e altre fonti. Lo script dannoso ha abusato dello strumento per trovare token e credenziali cloud.
L'articolo Supply Chain Wormable? Arrivano i pacchetti NPM con malware auto-propagante proviene da il blog della sicurezza informatica.
PCBs the Prehistoric Way
When we see an extremely DIY project, you always get someone who jokes “well, you didn’t collect sand and grow your own silicon”. [Patrícia J. Reis] and [Stefanie Wuschitz] did the next best thing: they collected local soil, sieved it down, and fired their own clay PCB substrates over a campfire. They even built up a portable lab-in-a-backpack so they could go from dirt to blinky in the woods with just what they carried on their back.
This project is half art, half extreme DIY practice, and half environmental consciousness. (There’s overlap.) And the clay PCB is just part of the equation. In an effort to approach zero-impact electronics, they pulled ATmega328s out of broken Arduino boards, and otherwise “urban mined” everything else they could: desoldering components from the junk bin along the way.
The traces themselves turned out to be the tricky bit. They are embossed with a 3D print into the clay and then filled with silver before firing. The pair experimented with a variety of the obvious metals, and silver was the only candidate that was both conductive and could be soldered to after firing. Where did they get the silver dust? They bought silver paint from a local supplier who makes it out of waste dust from a jewelry factory. We suppose they could have sat around the campfire with some old silver spoons and a file, but you have to draw the line somewhere. These are clay PCBs, people!
Is this practical? Nope! It’s an experiment to see how far they can take the idea of the pre-industrial, or maybe post-apocalyptic, Arduino. [Patrícia] mentions that the firing is particularly unreliable, and variations in thickness and firing temperature lead to many cracks. It’s an art that takes experience to master.
We actually got to see the working demos in the flesh, and can confirm that they did indeed blink! Plus, they look super cool. The video from their talk is heavy on theory, but we love the practice.
DIY clay PCBs make our own toner transfer techniques look like something out of the Jetsons.
media.ccc.de/v/38c3-clay-pcb/o…
Il RE di RaidForums resta in bilico. La battaglia tra USA e Portogallo per la sua estradizione
L’Alta Corte di Londra ha annullato la decisione di estradare il cittadino portoghese Diogo Santos Coelho negli Stati Uniti. Il giovane, noto con lo pseudonimo di Omnipotent, era l’amministratore di uno dei più grandi forum di hacker, RaidForums.
La storia inizia nel gennaio 2022, quando Coelho si reca nel Regno Unito per far visita alla madre. Lì viene arrestato. Da allora, è in un limbo da più di tre anni: due Paesi si contendono la sua estradizione.
Gli Stati Uniti chiedono l’estradizione di Coelho per crimini legati alla gestione di RaidForums. Il Portogallo ha inviato un proprio ordine, citando i danni arrecati alle sue organizzazioni e ai suoi cittadini.
Lo stesso Coelho voleva recarsi in Portogallo e ha ufficialmente accettato l’estradizione.
Le autorità britanniche si sono trovate in una situazione difficile. La legge prevede una procedura speciale nel caso in cui più paesi richiedano l’estradizione di una persona. Ma nel suo caso queste regole non sono state rispettate.
Il Ministro dell’Interno ordinò che Coelho fosse trasferito negli Stati Uniti, ma lo fece frettolosamente. Il tribunale stabilì che la decisione si basava su documenti inesatti e che era stata presa senza tenere conto della posizione della difesa.
Il problema principale era che a Coelho non fu data l’opportunità di presentare le sue argomentazioni per l’estradizione in Portogallo. Le sue argomentazioni non furono nemmeno prese in considerazione.
Il giudice Linden ha riscontrato diverse violazioni. Secondo l’ordinanza del tribunale, al ministro è stato detto che le accuse statunitensi e portoghesi erano “identiche”, sebbene l’ordinanza portoghese includesse ulteriori accuse di riciclaggio di denaro e frode fiscale.
Inoltre, la decisione si basava sul presupposto che tutte le vittime si trovassero negli Stati Uniti. Ma le prove dimostravano il contrario: le vittime erano sparse in tutto il mondo, compreso il Portogallo stesso.
La corte ha inoltre affermato che il ministro non ha tenuto conto della natura più grave delle accuse portoghesi e dei legami personali di Coelho con il Paese. Gli è stato diagnosticato l’autismo, è a rischio di suicidio e riceve assistenza familiare e terapeutica nel suo Paese d’origine.
Il Ministero dell’Interno è ora tenuto a riesaminare le richieste concorrenti. A Coelho è stato concesso il diritto di presentare le sue argomentazioni prima che venga presa una nuova decisione.
Come ha osservato lo stesso Coelho, questo non garantisce l’estradizione in Portogallo, ma dà ai suoi avvocati la possibilità di essere ascoltati. Tra le argomentazioni della difesa c’è il fatto che alcuni dei presunti crimini siano stati commessi quando era minorenne, nonché il suo status di vittima della tratta di esseri umani.
L'articolo Il RE di RaidForums resta in bilico. La battaglia tra USA e Portogallo per la sua estradizione proviene da il blog della sicurezza informatica.
Le start-up europee possono sfuggire alla “valle della morte”?
L'articolo proviene da #Euractiv Italia ed è stato ricondiviso sulla comunità Lemmy @Intelligenza Artificiale
L’Europa è da tempo una fucina di idee brillanti. Dai progressi rivoluzionari in materia di IA compiuti a Parigi alle innovazioni tecnologiche verdi realizzate a Stoccolma, le start-up
A New Generation of Spacecraft Head to the ISS
While many in the industry were at first skeptical of NASA’s goal to put resupply flights to the International Space Station in the hands of commercial operators, the results speak for themselves. Since 2012, the SpaceX Dragon family of spacecraft has been transporting crew and cargo from American soil to the orbiting laboratory, a capability that the space agency had lost with the retirement of the Space Shuttle. Putting these relatively routine missions in the hands of a commercial provider like SpaceX takes some of the logistical and financial burden off of NASA, allowing them to focus on more forward-looking projects.
But as the saying goes, you should never put all of your eggs in one basket. As successful as SpaceX has been, there’s always a chance that some issue could temporarily ground either the Falcon 9 or the Dragon.
While Russia’s Progress and Soyuz vehicles would still be available in an emergency situation, it’s in everyone’s best interest that there be multiple backup vehicles that can bring critical supplies to the Station.
Which is precisely why several new or upgraded spacecraft, designed specifically for performing resupply missions to the ISS and any potential commercial successor, are coming online over the next few years.
In fact, one of them is already flying its first mission, and will likely have arrived at the International Space Station by the time you read this article.
Cygnus XL
The Cygnus was the second commercial spacecraft to deliver cargo to the ISS back in 2013, and like the Dragon, has gone through several upgrades and revisions over the years. Rather than starting from a clean slate, the Orbital Sciences Corporation based the vehicle’s pressurized module on the Multi-Purpose Logistics Module which was originally designed to fly inside the Space Shuttle’s cargo bay to provide onboard laboratory space before the construction of the ISS. This was paired with a service module that was derived from their line of communication satellites.
It retains the same 3.07 m (10.1 ft) diameter of the original Cygnus, but the length of the vehicle has been increased from 5.14 m (16.9 ft) to 8 m (26 ft). This has nearly doubled the internal pressurized volume of the craft, and the payload capacity has been increased from 2,000 kg (4,400 lb) to 5,000 kg (11,000 lb).
While the Dragon can autonomously dock with the ISS, the Cygnus XL needs to be captured by an astronaut using the Station’s robotic arm, and manually moved into position where it’s eventually bolted into place — a process known as berthing. This is a more labor intensive method of connecting a visiting spacecraft, but it does have at least one advantage, as the diameter of the berthing ports is larger than that of the docking ports. At least in theory, this means Cygnus XL would be able to deliver bulkier objects to the Station than the Dragon or any other spacecraft that makes use of the standard docking ports.
Like the earlier versions of the craft, Cygnus XL is an expendable vehicle, and lacks the heat shield that would be necessary to reenter Earth’s atmosphere safely. Once the vehicle delivers its cargo and is detached from the Station, it’s commanded to perform a deorbit maneuver which will cause it to burn up in the atmosphere. But even this serves an important function, as the astronauts will load the vehicle with trash before it departs, ensuring that refuse from the Station is destroyed in a safe and predictable manner.
HTV-X
Like the Cygnus XL, the HTV-X is an upgraded version of a spacecraft which has already visited the ISS, namely the H-II Transfer Vehicle (HTV). Designed and built by the Japan Aerospace Exploration Agency (JAXA), the first flight of this upgraded cargo vehicle is tentatively scheduled for late October.
Attached to the opposite side of the service module is an unpressurized cargo module. This is similar to the “trunk” of the Dragon spacecraft, in that it’s essentially just a hollow cylinder with shelves and mounting points inside. This module could potentially be used to bring up components that are intended to be attached to the outside of the ISS, or it could hold experiments and modules that are designed to be exposed to the space environment.
Like the Cgynus XL, the HTV-X will berth to the ISS rather than dock, and it will also burn up after its mission is complete. However the HTV-X is designed to fly freely on its own for up to 18 months after it delivers its cargo to the Station, which JAXA calls the “Technology Demonstration Phase” of the mission. This will essentially allow the agency to perform a second mission after the vehicle has completed its supply run, greatly improving the overall cost effectiveness of the program.
Dream Chaser
Far and away the most ambitious of these new spacecraft is the Dream Chaser, developed by Sierra Space. Reminiscent of a miniature version of the Space Shuttle, this winged vehicle is designed to land like an airplane at the end of its mission. This not only means it can bring material back down to Earth at the end of its mission, but that it can do so in a much less jarring manner than a capsule that ends up splashing down into the ocean under parachutes. This is a huge benefit when dealing with fragile cargo or scientific experiments, and is a capability not offered by any other currently operational spacecraft.
The Dream Chaser has been in active development for over 20 years, but its origins date back even farther than that, as it’s based on HL-20 Personnel Launch System concept from the 1980s. While it was initially designed for crew transport, it lost out to SpaceX and Boeing during NASA’s Commercial Crew Program selection in 2014. It did however secure a contract from the space agency in 2016 for six cargo missions to the ISS. To qualify for these missions, several changes were made to the original design, such as the addition of an expendable module that will attach to the rear of the vehicle to increase its relatively limited internal cargo capacity of 910 kg (2,000 lb) by 4,500 kg (10,000 lb).
The first orbital test flight of the Dream Chaser is currently scheduled to take place before the end of the year, but that date has already slipped several times. Being a reusable vehicle like the Dragon, the first Dream Chaser spaceplane is expected to fly multiple operational missions while a second craft is being assembled.
After completing their contractually obligated missions to the ISS, there are currently plans for the Dream Chaser to fly at least one mission for the United Nations Office for Outer Space Affairs, which will carry an array of scientific experiments provided by member nations that do not have their own domestic space programs. The company also says they remain committed to bringing the crewed version of Dream Chaser to fruition, likely as part of their partnership with Blue Origin to develop the Orbital Reef — a “mixed-use business park” in space.
Time is Running Out
It might seem strange that three different spacecraft are scheduled to enter service before the end of the year, but of course, the clock is ticking. Although the date has been pushed out a number of times over the years, the current 2030 timeline for the decommissioning of the International Space Station seems to be holding so far. With as little as five years left to go before the ISS joins us Earthlings back here on the surface, it’s now or never for any vehicles designed for service missions. This is doubly true for companies such as Sierra Space, who have already agreed to perform a set number of missions.
At the same time, any of these vehicles could support a future commercial space station, should one actually materialize. We’ve covered some of the post-ISS plans previously, but given how volatile the aerospace world is, nothing is a given until it’s actually in orbit.
La Spagna indagherà sulle violazioni dei diritti umani commesse da Israele nella Striscia di Gaza.
like this
reshared this
Librarians Are Being Asked to Find AI-Hallucinated Books#News
Librarians Are Being Asked to Find AI-Hallucinated Books
Reference librarian Eddie Kristan said lenders at the library where he works have been asking him to find books that don’t exist without realizing they were hallucinated by AI ever since the release of GPT-3.5 in late 2022. But the problem escalated over the summer after fielding patron requests for the same fake book titles from real authors—the consequences of an AI-generated summer reading list circulated in special editions of the Chicago Sun-Times and The Philadelphia Inquirer earlier this year. At the time, the freelancer told 404 Media he used AI to produce the list without fact checking outputs before syndication.“We had people coming into the library and asking for those authors,” Kristan told 404 Media. He’s receiving similar requests for other types of media that don’t exist because they’ve been hallucinated by other AI-powered features. “It’s really, really frustrating, and it’s really setting us back as far as the community’s info literacy.”
AI tools are changing the nature of how patrons treat librarians, both online and IRL. Alison Macrina, executive director of Library Freedom Project, told 404 Media early results from a recent survey of emerging trends in how AI tools are impacting libraries indicate that patrons are growing more trusting of their preferred generative AI tool or product, and the veracity of the outputs they receive. She said librarians report being treated like robots over library reference chat, and patrons getting defensive over the veracity of recommendations they’ve received from an AI-powered chatbot. Essentially, like more people trust their preferred LLM over their human librarian.
“Librarians are reporting this overall atmosphere of confusion and lack of trust they’re experiencing from their patrons,” Macrina told 404. “They’re seeing patrons having seemingly diminished critical thinking and curiosity. They’re definitely running into some of these psychosis and other mental health issues, and certainly seeing the people who are more widely adopting it also being those who have less digital literacy about it and a general sort of loss of retention.”
As a reference librarian, Kristan said he spends a lot of time thinking about how fallible the human mind can be, especially as he’s fielding more requests for things that don’t exist than ever before. Fortunately, he’s developed a system: Search for the presumed thing by title in the library catalog. If it’s not in the catalog, he checks the global library catalog WorldCat. If it isn’t there, he starts to get suspicious.
“Not being in WorldCat might mean it’s something that isn’t catalogued like a Zine, a broadcast, or something ephemeral, but if it’s parading as a traditional book and doesn’t have an entry in the collective library catalog, it might be AI,” Kristan explained.
From there, he might connect the title to a platform like Kindle Direct Publishing—one way AI-generated books enter the market—or the patron will tell him their source is an AI-powered chatbot, which he will have to explain, likely hallucinated the name of the thing they’re looking for. A thing that doesn't exist.
As much as library workers try to shield their institutions from the AI-generated content onslaught, the situation is and has been, in many ways, inevitable. Companies desperate to rush generative AI products to market are pushing flawed products onto the public that are predictably being used to pollute our information ecosystems. The consequences are that AI slop is entering libraries, everyone who uses AI products bears at least a little responsibility for the swarm, and every library worker, regardless of role, is being asked to try and mitigate the effects.
Collection development librarians are requesting digital book vendors like OverDrive, Hoopla and CloudLibrary to remove AI slop titles as they’re found. Subject specialists are expected to vet patron requested titles that may have been written in part with AI without having to read every single title. Library technology providers are rushing to implement tools that librarians say are making library systems catalogs harder to use.
Jaime Taylor, an academic library resource management systems supervisor with the University of Massachusetts, says vendors are shoehorning Large Language Models (LLMs) into library systems in one of two ways. The first is a natural language search (NLS) or a semantic search that attempts to draw meaning from the words to find complementary search results. Taylor says these products are misleading in that they claim to eliminate the need for the strict keyword searches or Boolean operators when searching library catalogs and databases, when really the LLM is doing the same work on the backend.
“These companies all advertise these tools as knowing your intent,” Taylor told 404 Media. “Understanding what you meant when you put those terms in. They don’t know. They don’t understand. None of those things are true. There is no technical way these tools can do that.”
The other tool Taylor is seeing in library technology are AI-generated summaries based on journal articles, monographs, and other academic sources through a product called AI Insights, which incorporates new information into an existing LLM with a system called retrieval-augmented generation (RAG). Taylor and colleagues have found RAG doesn’t really help improve the accuracy of AI-generated summaries through beta testing AI tools in library tech for companies like Clarivate, Elsevier and EBSCO.
“It reads everything on both pages,” she added. “It can’t tell where the article you’re looking for starts and stops, so it gives you takeaways from every word on the page. This was really bad when we tested it with book reviews, because book reviews are often very short and there’ll be half a dozen on one page, which would end up giving us really mixed up information about every book review on the page, even though the record we were looking at was only looking for one of them, because it was a scanned page from an older journal.”
Taylor says neither type of product is ready for market, but especially not the AI summaries that do what an abstract does but a lot worse. She’s turned what ones she can off, but expects fewer vendors will allow her and other librarians to do so in the future to record more favorable use cases. The problem, she says, is these companies are rushing products to market, making the skills academic librarians are trying to teach students and researchers to use obsolete.
“We are trying to teach how to construct useful, exact searching,” she said. “But really [these products’ intent] is to make that not happen. The problem with that in a university library is we’re trying to teach those skills but we have tools that negate that necessity. And because those tools don’t work well, you’ve not learned the skill and you’re still getting crap results, so you’re never going to get better results because you didn’t learn the skill.”
Plenty of library workers remain cautiously optimistic about the potential for generative AI integrations and what that could mean for information retrieval and categorization. But for most librarians, the rollout has been clunky, error-filled and disorienting, for them and their patrons.
“As someone who feels like a big part of my job is advocacy for the position, for the principles of the profession, I am here to not look at whether a resource is good or bad,” said Kristan. “I don’t look at the output, the relationship that it has with the patrons, and what it’s being used for in the long run of the future. Like, I’m not out here just breaking looms and machine weaving machinery just for the hell of it. I’m saying this is not good for the community and we need to find equitable alternatives to ensure that things are going well for the lives of our patrons.”
Readers Annoyed When Fantasy Novel Accidentally Leaves AI Prompt in Published Version, Showing Request to Copy Another Writer's Style
A scammer left glaringly obvious evidence of using AI to write portions of a fantasy novel and even tried to copy the style of a real author.Victor Tangermann (Futurism)
Breaking News Channel reshared this.
Per i morti di Reggio Emilia
Fausto Amodei, l'autore, ci ha lasciato oggi.
youtube.com/watch?v=WmFYVEiXGy…
- YouTube
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.www.youtube.com
reshared this
Ministero dell'Istruzione
Per la campagna #MiStaiACuore, tutte le classi dalla prima primaria alla terza della scuola secondaria dell’Istituto Comprensivo "Città dei Bambini" di Mentana (RM) hanno svolto lezioni di primo soccorso e BLSD.Telegram