The Headache of Fake 74LS Logic Chips
When you go on your favorite cheap online shopping platform and order a batch of 74LS logic ICs, what do you get? Most likely relabeled 74HC ICs, if the results of an AliExpress order by [More Fun Fixing It] on YouTube are anything to judge by. Despite the claims made by the somewhat suspect markings on the ICs, even the cheap component tester used immediately identified them as 74HC parts.
Why is this a problem, you might ask? Simply put, 74LS are Low-power Schottky chips using TTL logic levels, whereas 74HC are High-Speed CMOS, using CMOS logic levels. If these faked chips had used 74HCT, they would have been compatible with TTL logic levels, but with the TTL vs CMOS levels mismatch of 74HC, you are asking for trouble.
CMOS typically requires that high levels are at least 70% of Vcc, and low to be at most 30% of Vcc, whereas TTL high level is somewhere above 2.0V. 74HC also cannot drive its outputs as strongly as 74LC, which opens another can of potential issues. Meanwhile HCT can be substituted for LS, but with the same lower drive current, which may or may not be an issue.
Interestingly, when the AliExpress seller was contacted with these findings, a refund was issued practically immediately. This makes one wonder why exactly faked 74LS ICs are even being sold, when they’d most likely be stuffed into old home computers by presumably hardware enthusiasts with a modicum of skill and knowledge.
youtube.com/embed/yoV9hWPngzI?…
Pirate Candidate Announcement: Hunter Rand for Sparks City Council 2nd Ward
The United States Pirate Party, during our November 2nd meeting, voting to endorse Hunter Rand, who is running for 2nd Ward of the Sparks, Nevada city council!
The Pirate National Committee voted unanimously to endorse Hunter Rand.
This is not Hunter’s first time being involved with the party. Previously, Hunter was a guest speaker during our 2022 Pirate National Conference.
“He is a Pirate” is the sentiment echoed during last night’s meeting.
Hunter, pitching his campaign, went through our platform and discussed how “potholes don’t care who you vote for.”
“I don’t want to be a career politician and everything I do reflects that. My website isn’t ‘Hunter Rand for Office’ or ‘Hunter Rand for Ward 2′”.
In fact, his website is SparksTogether.com
Check out Hunter’s campaign, including the Notes section of his website which features what is essentially his platform page.
If you’re in Sparks, Nevada in their 2nd Ward, know you have a Pirate who wants to represent you.
Hunter Rand, Victory is Arrrs
A Paintball Turret Controlled Via Xbox Controller
Video games, movies, and modern militaries are all full of robotic gun turrets that allow for remotely-controlled carnage. [Paul Junkin] decided to build his own, albeit in a less-destructive paint-hurling fashion.
The turret sits upon a lazy susan bearing mounted atop a aluminium extrusion frame. A large gear is mounted to the bearing allowing the turret to pan when driven by a stepper motor. A pair of pillow block bearings hold a horizontal shaft which mounts the two paint markers, which again is controlled by another stepper motor to move in the tilt axis. An ESP32 microcontroller is responsible for running the show, panning and tilting the platform by commanding the large stepper motors. Firing the paintball markers is achieved with solenoids mounted to the triggers, which cycle fast enough to make the semi-auto markers fire in a way that almost feels like full-auto. Commanding the turret is via an Xbox One controller; communicating with the ESP32 over Bluetooth using the BluePad32 library.
It’s worth noting you shouldn’t shoot paintballs at unsuspecting individuals, since they can do extreme amounts of damage to those not wearing the proper protection. We’ve featured a great many other sentry guns over the years, too, like this impressive Portal-themed build. Video after the break.
youtube.com/embed/UVgqzoGp9NQ?…
Print in Place Pump Pushes Limits of Printing
3D printing has taken off into the hands of almost anyone with a knack for wanting something quick and easy. No more messing around with machining or complex assembly. However, with the general hands-off nature of most 3D prints, what could be possible with a little more intervention during the printing process? [Ben] from Designed to Make represents this perfectly with an entire centrifugal pump printed as one.
This project may not entirely fit into the most strict sense of “print in place”; however, the entire pump is printed as one print file. The catch is the steps taken during printing, where a bearing is placed and a couple of filament changes are made to allow dissolvable supports to be printed. Once these supports are dissolved away, the body is coated with epoxy to prevent any leakage.
Testing done by [Ben] showed more than impressive numbers from the experimental device. Compared to previous designs made to test impeller features, the all in one pump could stand its own against in most categories.
If you want to check out the project yourself, check out the Hackaday project here. One of the greatest parts of the open source 3D printing world is the absolute freedom and ingenuity that comes out of it, and this project is no exception. For more innovations, check out this DIY full color 3D printing!
youtube.com/embed/HDBhGS5r62c?…
Droni sull’aeroporto di Bruxelles e sulle basi militari. La sicurezza è a rischio
Martedì sera, a causa della presenza di un drone nello spazio aereo, il controllore del traffico aereo Skeyes ha disposto la sospensione temporanea dei voli in partenza e in arrivo all’aeroporto di Bruxelles, dalle 20:00 alle 21:30.
Successivamente, intorno alle 22:00, sono state ricevute le prime segnalazioni secondo le quali lo spazio aereo è stato nuovamente chiuso.
Diversi aerei stono stati dirottati verso altri aeroporti, come Maastricht e persino l’aeroporto di Schiphol (Amsterdam). È la prima volta che il traffico aereo all’aeroporto di Bruxelles viene interrotto a causa di un drone, ma incidenti simili si sono verificati anche in parti in Europa.
Infatti i droni hanno costretto gli aeroporti di Copenaghen, Oslo e Aalborg a chiudere temporaneamente a settembre, mentre l’aeroporto di Monaco ha dovuto sospendere le operazioni due volte in 24 ore a ottobre.
Gli aerei che non sono riusciti ad atterrare all’aeroporto di Bruxelles sono stati inizialmente dirottati verso l’aeroporto di Liegi, ma anche lì sono stati segnalati droni. I voli diretti a entrambi gli aeroporti sono stati successivamente dirottati verso gli aeroporti di Maastricht e Colonia, secondo l’emittente francese RTBF. “Non ci sono ancora prove di un collegamento tra le segnalazioni di Bruxelles e Liegi”, ha affermato Skeyes.
Dopo una breve riapertura intorno alle 21.30, anche lo spazio aereo sopra l’aeroporto di Liegi è stato nuovamente chiuso in seguito ai nuovi avvistamenti di droni, riporta l’agenzia di stampa Belga. Anche l’organizzazione europea per il controllo del traffico aereo Eurocontrol ha segnalato interruzioni del traffico aereo negli aeroporti regionali di Anversa, Ostenda, Liegi e Charleroi.
I cittadini hanno chiamato la polizia locale, che si è immediatamente recata sul posto ed è riuscita a confermare visivamente la presenza di due droni, ha confermato martedì sera il sindaco Steven Matheï (CD&V) all’agenzia di stampa Belga. I tentativi di intercettare o bloccare i droni sarebbero falliti.
“Non è ancora tutto chiaro, perché il Ministero della Difesa non è stato in grado di rilevare alcun drone. L’elicottero della polizia federale è stato chiamato per rintracciare il velivolo, se necessario”, ha detto Matheï. Non sarebbe stato rilevato nulla nella base aerea stessa.
Lo scorso fine settimana, i droni sono stati avvistati tre volte sopra la base aerea di Kleine-Brogel e di recente sono stati effettuati altri avvistamenti anche sopra altri siti militari.
Lunedì, all’esercito belga è stato ordinato di abbattere i droni che sorvolavano il territorio militare, a condizione che ciò potesse essere fatto in sicurezza: senza danni collaterali, ma questo non è scontato. Inoltre, dato che questi droni sono oggetti piccoli, veloci e molto manovrabili, non c’è alcuna certezza che possano essere colpiti.
Chi o cosa si nasconda dietro i numerosi droni avvistati di recente rimane per il momento poco chiaro. Il Ministro della Difesa Theo Francken (N-VA) ha ipotizzato che la Russia potrebbe essere il colpevole, ma finora non sono state trovate prove a conferma di tale affermazione.
L'articolo Droni sull’aeroporto di Bruxelles e sulle basi militari. La sicurezza è a rischio proviene da Red Hot Cyber.
Il nuovo video di Pasta Grannies: youtube.com/shorts/KhD_v4G-cC8
@Cucina e ricette
(HASHTAG)
Cucina e ricette reshared this.
2025 Component Abuse Challenge: Weigh With A TL074
The late and lamented [Bob Pease] was one of a select band of engineers, each of whose authority in the field of analogue integrated circuit design was at the peak of the art. So when he remarks on something in his books, it’s worth taking notice. It was just such an observation that caught the eye of [Trashtronic]; that the pressure on a precision op-amp from curing resin could be enough to change the device’s offset voltage. Could this property be used for something? The op-amp as a load cell was born!
The result is something of an op-amp torture device, resembling a small weighing machine with a couple of DIP-8 packages bearing the load. Surprisingly modest weights will change the offset voltage, though it was found that the value will drift over time.
This is clearly an experimental project and not a practical load cell, but it captures the essence of the 2025 Component Abuse Challenge of which it forms a part. Finding completely unexpected properties of components doesn’t always have to lead to useful results, and we’re glad someone had done this one just to find out whether or not it works. You still just about have time for an entry yourself if you fancy giving it a go.
Leone XIV: “preoccupati per il lavoro”, “unire le forze per trovare soluzioni, non solo per commentare problemi” - AgenSIR
“La voce della Chiesa è che sui diritti e sulla necessità del lavoro bisogna veramente lavorare tutti insieme”.M.Michela Nicolais (AgenSIR)
The app, called Mobile Identify and available on the Google Play Store, is specifically for local and regional law enforcement agencies working with ICE on immigration enforcement.#CBP #ICE #FacialRecognition #News
DHS Gives Local Cops a Facial Recognition App To Find Immigrants
Customs and Border Protection (CBP) has publicly released an app that Sheriff Offices, police departments, and other local or regional law enforcement can use to scan someone’s face as part of immigration enforcement, 404 Media has learned.The news follows Immigration and Customs Enforcement’s (ICE) use of another internal Department of Homeland Security (DHS) app called Mobile Fortify that uses facial recognition to nearly instantly bring up someone’s name, date of birth, alien number, and whether they’ve been given an order of deportation. The new local law enforcement-focused app, called Mobile Identify, crystallizes one of the exact criticisms of DHS’s facial recognition app from privacy and surveillance experts: that this sort of powerful technology would trickle down to local enforcement, some of which have a history of making anti-immigrant comments or supporting inhumane treatment of detainees.
Handing “this powerful tech to police is like asking a 16-year old who just failed their drivers exams to pick a dozen classmates to hand car keys to,” Jake Laperruque, deputy director of the Center for Democracy & Technology's Security and Surveillance Project, told 404 Media. “These careless and cavalier uses of facial recognition are going to lead to U.S. citizens and lawful residents being grabbed off the street and placed in ICE detention.”
💡
Do you know anything else about this app or others that CBP and ICE are using? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.Mobile Identify is designed “to identify and process individuals who may be in the country unlawfully,” according to its respective page on the Google Play Store. The app was published on Monday.
A source with knowledge of the app told 404 Media the app doesn’t return names after a face search. Instead it tells users to contact ICE and provides a reference number, or to not detain the person depending on the result. 404 Media granted the person anonymity because they weren’t permitted to speak to the press.
404 Media downloaded a copy of the app and decompiled its code, a common practice among security researchers and technology journalists. Although the Play Store page does not mention facial recognition, multiple parts of the app’s code make clear references to scanning faces. One package is called “facescanner.” Other parts mention “FacePresence” and “No facial image found.”
A screenshot from the app's Google Play Store page.
Screenshots of the app on the Play Store page show the app requires users to login with their Login.gov account, and that the app “requires camera access to take photos of subjects.” At the time of writing the app has “1+” downloads, according to the Play Store page.The Play Store page does not say exactly how the app processes scanned faces, such as what images it compares them to, or what data the app returns upon a hit. In statements to 404 Media, DHS and CBP did not provide any specifics.
The app is for agencies that are part of the 287(g) program, the Play Store page says. This program lets ICE delegate certain immigration-related authorities and powers to local and state agencies. Members of the 287(g) Task Force Model (TFM), for instance, are allowed to enforce certain immigration authorities during their police duties, ICE’s website explains. At the time of writing, 555 agencies in 34 states are part of the TFM program, according to data published by ICE.
The American Civil Liberties Union (ACLU) has criticized the 287(g) program because a large number of participating sheriffs have made anti-immigrant statements, supported inhumane immigration and border enforcement policies, and have a pattern of racial profiling and other civil rights violations.
Cooper Quintin, senior staff technologist at the Electronic Frontier Foundation (EFF), told 404 Media “Face surveillance in general, and this tool specifically, was already a dangerous infringement of civil liberties when in the hands of ICE agents. Putting a powerful surveillance tool like this in the hands of state and local law enforcement officials around the country will only further erode peoples’ Fourth Amendment rights, for citizens and non-citizens alike. This will further erode due process, and subject even more Americans to omnipresent surveillance and unjust detainment.”
Screenshots from the app's Google Play Store page.
Mobile Fortify—the facial recognition app used by ICE which 404 Media first revealed in June—uses the CBP Traveler Verification Service (TVS) ordinarily designed for when people enter the U.S. The app took those systems and an unprecedented collection of U.S. government databases and turned them inwards, letting officers in the field reveal a person’s identity and immigration status. The app also uses data from the State Department, FBI, and state databases, and uses a bank of 200 million images.
404 Media reported in October that multiple social media videos show Border Patrol and ICE officers scanning peoples’ faces on the street.
“I’m an American citizen so leave me alone,” a person stopped by ICE says in one video.
“Alright, we just got to verify that,” one of the officers replies.
404 Media also obtained an internal DHS document which says ICE does not let people decline or consent to being scanned by the app. The document, called a Privacy Threshold Analysis, said photos taken by the app will be stored for 15 years, including those of U.S. citizens.
Ranking member of the House Homeland Security Committee Bennie G. Thompson previously told 404 Media in a statement that ICE will prioritize the results of the Mobile Fortify app over birth certificates. “ICE officials have told us that an apparent biometric match by Mobile Fortify is a ‘definitive’ determination of a person’s status and that an ICE officer may ignore evidence of American citizenship—including a birth certificate—if the app says the person is an alien,” he said. “ICE using a mobile biometrics app in ways its developers at CBP never intended or tested is a frightening, repugnant, and unconstitutional attack on Americans’ rights and freedoms.”
In response to questions about the new app for Sheriff Offices and other local law enforcement, a DHS spokesperson told 404 Media in an email “While the Department does not discuss specific vendors or operational tools, any technology used by DHS Components must comply with the requirements and oversight framework.”
CBP responded with a statement primarily discussing Mobile Fortify. “Biometric data used to identify individuals through TVS are collected by government authorities consistent with the law, including issuing documents or processing illegal aliens. The Mobile Fortify Application provides a mobile capability that uses facial comparison as well as fingerprint matching to verify the identity of individuals against specific immigration related holdings,” the statement said. CBP added it built the Mobile Fortify application to support ICE, and confirmed ICE has used the app in its operations around the U.S.
Google did not respond to a request for comment.
Inside ICE’s Supercharged Facial Recognition App of 200 Million Images
404 Media has seen user manuals for Mobile Fortify, ICE’s new facial recognition app which allows officers to instantly look up DHS, State Department, and state law enforcement databases by just pointing a phone at someone’s face.Joseph Cox (404 Media)
#UE: l'#Ucraina presenta il conto
UE: l’Ucraina presenta il conto
L’avvicinarsi minaccioso del collasso forse definitivo delle linee di difesa ucraine sul fronte del Donbass sta alimentando un’amarissima riflessione in Europa circa gli effetti disastrosi delle politiche di sostegno incondizionato al regime di Zelen…www.altrenotizie.org
Jenny’s Daily Drivers: ReactOS 0.4.15
When picking operating systems for a closer look here in the Daily Drivers series, the aim has not been to merely pick the next well-known Linux distro off the pile, but to try out the interesting, esoteric or minority OS. The need remains to use it as a daily driver though, so each one we try has to have at least some chance of being a useful everyday environment in which a Hackaday piece could be written. With some of them such as the then-current BSD or Slackware versions we tried for interest’s sake a while back that’s not a surprising achievement, but for the minority operating systems it’s quite a thing. Today’s choice, ReactOS 0.4.15, is among the closest we’ve come so far to that ideal.
For The N’th Time In The Last 20 Years, I download A ReactOS ISO
ReactOS is an open-source clone of a Windows operating system from the early 2000s, having a lot on common with Windows XP. It started in the late 1990s and has slowly progressed ever since, making periodic releases that, bit-by-bit, have grown into a usable whole. I last looked at it for Hackaday with version 0.4.13 in 2020, so have five years made any difference? Time to download that ISO and give it a go.
Installing ReactOS has that bright blue and yellow screen feeling of a Windows install from around the millennium, but I found it to be surprisingly quick and pain free despite a few messages about unidentified hardware. The display driver it chose was a VESA one but since it supported all my monitor’s resolutions and colour depths that’s not the hardship it might once have been.
Once installed, the feeling is completely of a Windows desktop from that era except for the little ReactOS logo on the Start menu. I chose the classic Windows 95 style theme as I never liked the blue of Windows XP. Everything sits where you remember it and has the familiar names, and if you used a Microsoft computer in those days you’re immediately at home. There’s even a web browser, but since it’s the WINE version of Internet Explorer and dates from the Ark, we’re guessing you’ll want to replace it.
Most Of The Old Software You Might Need…
There’s a package manager to download and run open-source software, something which naturally Windows never had. Back in 2020 I found this to be the Achilies’ heel of the OS, with very little able to install and run without crashing, so i was very pleased to note that this situation has changed. Much of the software is out of date due to needing Windows XP compatibility, but I found it to be much more usable and stable. There’s a choice of web browsers but the Firefox and Chromium versions are too old to be useful, but I found its K-Meleon version to be the most recent of the bunch. Adding GIMP to my installed list, I was ready to try this OS as my daily driver.
I am very pleased to report that using K-Meleon and GIMP on ReactOS 0.4.15, I could do my work as a Hackaday writer and editor. This piece was in part written using it, and Hackaday’s WordPress backend is just the same as in Firefox on my everyday Manjaro Linux machine. There however the good news ends, because I’m sorry to report that the experience was at times a little slow and painful. Perhaps that’s the non-up-to-date hardware I’d installed it on, but it’s evident that 2025 tasks are a little taxing for an OS with its roots in 2003. That said it remained a usable experience, and I could just about do my job were I marooned on a desert island with my creaking old laptop and ReactOS.
… And It Works, Too!
So ReactOS 0.4.15 is a palpable hit, an OS that can indeed be a Daily Driver. It’s been a long time, but at last ReactOS seems mature enough to use. I have to admit that I won’t be making the switch though, but who should be thinking about it? I think perhaps back in 2020 I got it right, in suggesting that as a pretty good facsimile of Windows XP it is best thought of as an OS for people who need XP bur for whom the venerable OS is now less convenient. It’s more than just a retrocomputing platform, instead it’s a supported alternative to the abandonware original for anyone with hardware or software from that era which still needs to run. Just like FreeDOS is now the go-to place for people who need DOS, so if they continue on this trajectory, should ReactOS become for those needing a classic Windows. Given the still-installed rump of software and computer controlled machinery which runs XP, that could I think become a really useful niche to occupy.
Furto del Louvre: Windows 2000 e Windows XP nelle reti oltre che a password banali
I ladri sono entrati attraverso una finestra del secondo piano del Musée du Louvre, ma il museo aveva avuto anche altri problemi oltre alle finestre non protette, secondo un rapporto di audit sulla sicurezza informatica risalente a un decennio fa e ora venuto alla luce.
Sebbene la Ministra della Cultura Rachida Dati abbia affermato che «i sistemi di sicurezza del museo non hanno fallito», tutto suggerisce che si siano comunque verificate alcune violazioni della sicurezza informatica.
Secondo documenti riservati consultati dal quotidiano Libération, nel 2014 bastava digitare “LOUVRE” per accedere al server responsabile della videosorveglianza del museo più famoso della Francia. Oppure digitare “THALES” per avere accesso al software pubblicato dall’omonima azienda.
Queste password, che in gergo tecnico si chiamano “di default” o “predicibili banali”, erano già definite dall’ANSSI (Agenzia nazionale per la sicurezza informatica francese) come un grave rischio. Le stesse segnalavano che «la rete degli uffici del Museo del Louvre include anche sistemi obsoleti» come Windows 2000 — che non garantiva più né il blocco delle sessioni né aggiornamenti antivirus.
L’ANSSI aveva verificato tutto ciò con un audit interno del 2014. Microsoft aveva smesso di fornire aggiornamenti di sicurezza per Windows 2000 già nel luglio 2010. Nell’audit erano contenute raccomandazioni ben precise: usare password più complesse, migrare il software su versioni supportate, correggere le vulnerabilità. Ma il museo non ha risposto se abbia effettivamente seguito queste indicazioni.
Un secondo audit fu condotto nel 2017 dall’INHESJ (Istituto Nazionale di Studi Avanzati sulla Sicurezza e la Giustizia) e rilevò che «alcune postazioni di lavoro hanno sistemi operativi obsoleti (Windows 2000 e Windows XP) che non garantiscono più una sicurezza efficace (nessun aggiornamento antivirus, nessuna password o blocco di sessione…)». Microsoft interruppe il supporto esteso per Windows XP nel 2014.
Vent’anni di debito tecnico hanno gravato pesantemente sulla sicurezza del Louvre, con il continuo accumulo di sistemi di videosorveglianza analogica, videosorveglianza digitale, antintrusione e controllo accessi, alcuni dei quali con server dedicati o applicazioni proprietarie. Alcuni di questi sono diventati obsoleti nel tempo e avrebbero richiesto aggiornamenti o sostituzioni.
L'articolo Furto del Louvre: Windows 2000 e Windows XP nelle reti oltre che a password banali proviene da Red Hot Cyber.
SesameOp: il malware che usa OpenAI Assistants per il Comando e Controllo
Microsoft ha scoperto un nuovo malware, denominato SesameOp, e ha pubblicato i dettagli del suo funzionamento. Questa backdoor era insolita: i suoi creatori utilizzavano l’API OpenAI Assistants come canale di controllo nascosto, consentendo loro di mascherare l’attività all’interno del sistema infetto ed eludere i tradizionali strumenti di rilevamento.
L’attacco è stato scoperto nel luglio 2025 durante le indagini su un attacco complesso, durante il quale un gruppo sconosciuto è rimasto presente nell’infrastruttura della vittima per diversi mesi.
L’identità dell’organizzazione presa di mira non è stata rivelata, ma l’indagine ha rivelato la presenza di un’ampia rete di web shell interne e processi dannosi mascherati da legittime utility di Visual Studio. Il codice dannoso è stato iniettato tramite AppDomainManager: un file di configurazione modificato ha istruito l’eseguibile a caricare la libreria dinamica Netapi64.dll contenente logica dannosa.
La libreria è stata pesantemente offuscata utilizzando Eazfuscator.NET, garantendo una maggiore invisibilità. Ha svolto la funzione di loader per il modulo .NET OpenAIAgent.Netapi64, che richiedeva istruzioni tramite l’API OpenAI Assistants. I comandi ricevuti venivano prima decriptati, quindi eseguiti in un thread separato e i risultati dell’esecuzione venivano restituiti tramite la stessa API . Pertanto, l’ infrastruttura OpenAI è stata efficacemente utilizzata come nodo di controllo intermedio, non rilevabile durante l’analisi del traffico di rete.
La comunicazione tra il malware e il server di comando e controllo avviene tramite messaggi contenenti parametri chiave nel campo descrizione. Questi possono includere il comando SLEEP (per sospendere temporaneamente l’attività), il comando Payload (per eseguire istruzioni nidificate) e il comando Result (per restituire i risultati dell’esecuzione all’operatore dell’attacco).
Sebbene l’identità degli aggressori rimanga sconosciuta, lo schema in sé dimostra una tendenza a sfruttare servizi cloud legittimi per un controllo occulto. Ciò complica il rilevamento degli attacchi, poiché il traffico non supera il normale utilizzo delle API aziendali. Dopo aver ricevuto la notifica da Microsoft, il team di OpenAI ha condotto una revisione interna, identificato la chiave sospetta e bloccato l’account associato.
Secondo Microsoft, l’utilizzo di SesameOp indica un tentativo deliberato di ottenere l’accesso a lungo termine all’infrastruttura e di controllare i computer infetti all’insaputa dei proprietari. La piattaforma API OpenAI Assistants, attraverso la quale veniva esercitato il controllo, verrà disattivata nell’agosto 2026 e sostituita dalla nuova API Responses.
L'articolo SesameOp: il malware che usa OpenAI Assistants per il Comando e Controllo proviene da Red Hot Cyber.
Dänischer Vorschlag: Der Kampf um die Chatkontrolle ist noch nicht vorbei
netzpolitik.org/2025/daenische…
Cosa accade nel mondo digitale
E forse è proprio lì, in quella crepa nella logica, che sopravvive l’umano.
È incredibile quanta politica abbiano fatto i Radicali senza poltrone e con quattro spiccioli e quanta poca ne abbiano fatta politici con decenni di poltrone e il supporto di giornali e gruppi economici.
Ogni Comune è obbligato a fare un Piano per l'Eliminazione delle Barriere Architettoniche, ma in troppi se ne infischiano.
Ora il TAR Sicilia ha accolto il nostro ricorso contro il Comune di Catania, che sarà commissariato per il piano.
Faremo valere questo precedente ovunque.
Poliversity - Università ricerca e giornalismo reshared this.
freezonemagazine.com/articoli/…
Purtroppo le potenzialità tecnologiche di oggi permettono sempre più facilmente e a molti livelli di mistificare la realtà. Fare musica con l’AI può essere un esercizio creativo ma solo quando viene onestamente dichiarato ma il più delle volte questo non succede ed apre un grave aspetto anche etico in relazione all’enorme diffusione con cui questo […]
L'articolo La Musica on line è
Parte la Campagna per la libertà e la sovranità digitale europea
softwareliberoliguria.org/part…
Segnalato dall'Associazione Software Libero Liguria di #Genova e pubblicato sulla comunità Lemmy @GNU/Linux Italia
#Firenze
COMUNICATO STAMPA.
reshared this
L’Europa scopre di nuovo la guerra (e la propria fragilità strategica). Scrive Pagani
@Notizie dall'Italia e dal mondo
Fin dall’antichità l’Europa è stata teatro di continui conflitti, caratterizzato da un’alternanza tra brevi periodi di pace e lunghe, complesse fasi di guerra. Dalla Guerra dei Trent’anni (1618-1648), che devastò l’Europa Centrale e diede vita al
Notizie dall'Italia e dal mondo reshared this.
Lavoro e disabilità, il grande inganno dell’inclusione
[quote]Sospesi in attesa di un’opportunità. In Italia l’inclusione delle persone con disabilità funziona, ma solo fino a una certa età. Durante l’infanzia gli spazi di cura e di inserimento nella…
L'articolo Lavoro e disabilità, il grande inganno lumsanews.it/lavoro-e-disabili…
The Airlines Reporting Corporation (ARC), owned by major U.S. airlines, collects billions of ticketing records and sells them to the government to be searched without a warrant. I managed to opt-out of that data selling.#Privacy #arc
How to Opt-Out of Airlines Selling Your Travel Data to the Government
Most people probably have no idea that when you book a flight through major travel websites, a data broker owned by U.S. airlines then sells details about your flight, including your name, credit card used, and where you’re flying to the government. The data broker has compiled billions of ticketing records the government can search without a warrant or court order. The data broker is called the Airlines Reporting Corporation (ARC), and, as 404 Media has shown, it sells flight data to multiple parts of the Department of Homeland Security (DHS) and a host of other government agencies, while contractually demanding those agencies not reveal where the data came from.It turns out, it is possible to opt-out of this data selling, including to government agencies. At least, that’s what I found when I ran through the steps to tell ARC to stop selling my personal data. Here’s how I did that:
- I emailed privacy@arccorp.com and, not yet knowing the details of the process, simply said I wish to delete my personal data held by ARC.
- A few hours later the company replied with some information and what I needed to do. ARC said it needed my full name (including middle name if applicable), the last four digits of the credit card number used to purchase air travel, and my residential address.
- I provided that information. The following month, ARC said it was unable to delete my data because “we and our service providers require it for legitimate business purposes.” The company did say it would not sell my data to any third parties, though. “However, even though we cannot delete your data, we can confirm that we will not sell your personal data to any third party for any reason, including, but not limited to, for profiling, direct marketing, statistical, scientific, or historical research purposes,” ARC said in an email.
- I then followed up with ARC to ask specifically whether this included selling my travel data to the government. “Does the not selling of my data include not selling to government agencies as part of ARC’s Travel Intelligence Program or any other forms?” I wrote. The Travel Intelligence Program, or TIP, is the program ARC launched to sell data to the government. ARC updates it every day with the previous day’s ticket sales and it can show a person’s paid intent to travel.
- A few days later, ARC replied. “Yes, we can confirm that not selling your data includes not selling to any third party, including, but not limited to, any government agency as part of ARC’s Travel Intelligence Program,” the company said.
💡
Do you know anything else about ARC or other data being sold to government agencies? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.Honestly, I was quite surprised at how smooth and clear this process was. ARC only registered as a data broker with the state of California—a legal requirement—in June, despite selling data for years.
What I did was not a formal request under a specific piece of privacy legislation, such as the European Union’s General Data Privacy Regulation (GDPR) or the California Consumer Privacy Act (CCPA). Maybe a request to delete information under the CCPA would have more success; that law says California residents have the legal right to ask to have their personal data deleted “subject to certain exceptions (such as if the business is legally required to keep the information),” according to the California Department of Justice’s website.
ARC is owned and operated by at least eight major U.S. airlines, according to publicly released documents. Its board includes representatives from Delta, United, American Airlines, JetBlue, Alaska Airlines, Canada’s Air Canada, and European airlines Air France and Lufthansa.
Public procurement records show agencies such as ICE, CBP, ATF, TSA, the SEC, the Secret Service, the State Department, the U.S. Marshals, and the IRS have purchased ARC data. Agencies have given no indication they use a search warrant or other legal mechanism to search the data. In response to inquiries from 404 Media, ATF said it follows “DOJ policy and appropriate legal processes” and the Secret Service declined to answer.
An ARC spokesperson previously told 404 Media in an email that TIP “was established by ARC after the September 11, 2001, terrorist attacks and has since been used by the U.S. intelligence and law enforcement community to support national security and prevent criminal activity with bipartisan support. Over the years, TIP has likely contributed to the prevention and apprehension of criminals involved in human trafficking, drug trafficking, money laundering, sex trafficking, national security threats, terrorism and other imminent threats of harm to the United States.” At the time, the spokesperson added “Pursuant to ARC’s privacy policy, consumers may ask ARC to refrain from selling their personal data.”
Airlines Are Collecting Your Data And Selling It To ICE
An aviation industry clearinghouse is collecting passenger information from billions of past and future flights and selling it to Trump’s immigration enforcers.The Lever
Ministero dell'Istruzione
La sicurezza informatica, il social engineering, attenzione ai click e l'autenticazione sicura: questi sono i temi della campagna #Sicurnauti presente su #UNICA, per i DS e il personale docente.Telegram
Rocket Roll Control, The Old Fashioned Way
The vast majority of model rockets go vaguely up and float vaguely downwards without a lot of control. However, [newaysfactory] built a few rockets that were altogether more precise in their flight, thanks to his efforts to master active roll control.
[newaysfactory] started this work a long time ago, well before Arduinos, ESP32s, and other highly capable microcontroller platforms were on the market. In an era when you had to very much roll your own gear from the ground up, he whipped up a rocket control system based around a Microchip PIC18F2553. He paired it with a L3G4200D gyro, an MPXH6115A barometer, and an MMA2202KEG accelerometer, chosen for its ability to provide useful readings under high G acceleration. He then explains how these sensor outputs were knitted together to keep a rocket flying straight and true under active control.
[newaysfactory] didn’t just master roll control for small rockets; he ended up leveraging this work into a real career working on fully-fledged autopilot systems. Sometimes your personal projects can take your career in interesting directions.
youtube.com/embed/AFb85zKAyqU?…
Lithium-Ion Batteries: WHY They Demand Respect
This summer, we saw the WHY (What Hackers Yearn) event happen in Netherlands, of course, with a badge to match. Many badges these days embrace the QWERTY computer aesthetic, which I’m personally genuinely happy about. This one used 18650 batteries for power, in a dual parallel cell configuration… Oh snap, that’s my favourite LiIon cell in my favourite configuration, too! Surely, nothing bad could happen?
Whoops. That one almost caught me by surprise, I have to shamefully admit. I just genuinely love 18650 cells, in all glory they bring to hardware hacking, and my excitement must’ve blindsided me. They’re the closest possible entity to a “LiIon battery module”, surprisingly easy to find in most corners of this planet, cheap to acquire in large quantities, easy to interface to your projects, and packing a huge amount of power. It’s a perfect cell for many applications I and many other hackers hold dear.
Sadly, the 18650 cells were a bad choice for the WHY badge, for multiple reasons at once. If you’re considering building a 18650-based project, or even a product, let me show you what exactly made these cells a bad fit, and how you might be able to work around those limitations on your own journey. There’s plenty of technical factors, but I will tell you about the social factors, because these create the real dealbreaker here.
Three Thousand Participants
A 18650 cell is like a bigger sister to an AA battery – power at your fingertips, just, you’re playing with heaps more power. You can take a 18650 cell and have it power a small yet nimble robot on wheels, or an ultra powerful flashlight, or a handheld radio packing quite a transmit power punch. You can release its power on accident, too, and that gets nasty quick.
Short-circuiting a 18650 cell is a surprisingly straightforward way to melt metal, and by extent, start a small fire. It’s also not that hard to short-circuit a 18650 cell, especially and specifically unprotected ones. This is a big part of why consumer oriented gadgets use AAs instead of 18650s – it’s perhaps less powerful, sure, but it’s also a significantly less dangerous cell.
The Instructions, They Do Nothing!
WHY sold a little over 3700 tickets. I would not expect 100% attendance, but I’m comfortable saying it must’ve been around three thousand people. Sadly, “three thousand people” is far beyond the point when you can hope to give people handling instructions for something as easy to mishandle as LiIon cells, even for a nominally hacker audience.
Of course, you can try and give people instructions. You can talk to each badge recipient individually, release booklets demonstrating what to do and not to do with a 18650 cell, add silkscreen instructions for a just-in-place reminder, or maybe have them sign a release form, though it’s unlikely that kind of trick would be legal in the EU. Sadly, WHY organizers never came close to doing any of these things. It also wouldn’t really matter if they did. These instructions will always, inevitably be outright ignored by a sizeable percentage of users.
You can build a badge or any sort of other device using unprotected 18650s, which expects the end user to handle them, like the WHY badge does, and it will be more or less safe as long as the end user is yourself, with 18650 handling experience that I’m sure is to match. Giving it to a friend, caseless? You can talk to your friend and explain 18650 handling basics to them, sure, but you’re still running some degree of risk. My hunch is, your friend could very well refuse such a gift outright. Giving it to a hundred people? You’re essentially playing with fire at someone else’s house.
Just Why Did That Happen?
Hackaday has traditionally used AA cells for our badges, which has definitely help us mostly avoid any Lithium-related issues. Most other conferences have been using pouch cells, which traditionally come with short-circuit protection and don’t threaten to ignite stuff from contact with a piece of metal. 18650 cells are not even cheaper at scale – they’re nice, sure, I wrote as much, but those nice things are quickly negated by the whole “firestarter” thing.
On the other hand, 18650 cells do work for a hacker or a small team of hackers skilled enough to stay cautious, and it also works well at scale when the cell is permanently encased within the shell, like in most powerbanks and laptops. It fails as soon as you expect people to plug batteries in and out, or carry them separately. Respecting Lithium-Ion batteries means being aware of their shortcomings, and for 18650 cells, that means you should avoid having people manually handle them at scale.
Here’s the kicker about the WHY badge situation. I was confused by the WHY badge switching to 18650 cells this year, away from overcurrent-protected pouch cells, which were used by previous iterations of WHY (MCH, SHA) without an issue in sight. So, I’ve asked around, and what I got from multiple sources is – the 18650 usage decision was pushed top-down, with little regard for physical safety. Sadly, this makes sense – it’s how we saw it implemented, too.
Making Audible Sense Of A Radiation Hunt
The clicking of a Geiger counter is well enough known as a signifier of radioactive materials, due to it providing the menacing sound effect any time a film or TV show deals with radiation. What we’re hearing is the electronic detection of an ionization event in a Geiger-Muller tube due to alpha or beta radiation, which is great, but we’re not detecting gamma radiation.
For that a scintillation detector is required, but these are so sensitive to background radiation as to make the clicking effect relatively useless as an indicator to human ears. Could a microcontroller analyse the click rate and produce an audible indication? This is the basis of [maurycyz]’s project, adding a small processor board to a Ludlum radiation meter.
When everything sounds like a lot of clicks, an easy fix might be to use a divider to halve the number and make concentrations of clicks sound more obvious. It’s a strategy with merit, but one that results in weaker finds being subsumed. Instead the approach here is to take a long-term background reading, and compare the instantaneous time between clicks with it. Ths any immediate click densities can be highlighted, and those which match the background can be ignored. SO in goes an AVR128 for which the code can be found at the above link.
The result is intended for rock prospecting, a situation where it’s much more desirable to listen to the clicks than look at the meter as you scan the lumps of dirt. It’s not the first project in this line we’ve brought you, another one looked at the scintillation probe itself.