The header image above shows a completely unsupported 3D-printed bridge, believe it or not. You’re looking at the bottom of the print. [Make Wonderful Things] wondered whether unsightly unsupported bridges could be improved, and has been busy nailing down remarkably high-quality results by exhaustive testing of different settings.
It all started when they thought that unsupported bridges looked a lot as though they were made from ropes stretched between two points. Unlike normal layers, these stretched extrusions didn’t adhere to their neighbors. They are too far apart from one another, and there’s no “squish” to them. But could this be overcome?
His experiments centered mainly around bridge printing speed, temperature, and bridge flow. That last setting affects how much the extrusion from the hot end is adjusted when printing a bridge. He accidentally increased it past 1.0 and thought the results were interesting enough to follow up on; it seemed that a higher flow rate when printing a bridge gave the nudge that was needed to get better inter-line adhesion. What followed was a lot of testing, finally settling on something that provided markedly better results than the stock slicer settings. Markedly better on his test pieces, anyway. BF = Bridge flow, BS = Bridge printing speed (in mm/sec) The best results seem to come from tweaking the Bridge Flow rate high enough that extrusions attach to their neighbors, printing slowly (he used 10 mm/sec), and ensuring the bridged area is as consistent as possible. There are still open questions, like some residual sagging at corners he hasn’t been able to eliminate, but the results otherwise look great. And it doesn’t even require laying one’s printer on its side!
All the latest is on the project page where you can download his test models, so if you’re of a mind to give it a try be sure to check it out and share your results. Watch a short video demonstrating everything, embedded just under the page break.
Nel mese di Settembre è uscita una nuova vulnerabilità che riguarda Notepad++. La vulnerabilità è stata identificata con la CVE-2025-56383 i dettagli possono essere consultati nel sito del NIST. La vulnerabilità CVE-2025-56383 è un caso di DLL Hijacking che interessa l’editor di testo Notepad++ v8.8.3 e potenzialmente versioni successive.
Sfruttando questa debolezza, un utente malintenzionato può ingannare l’applicazione per fargli caricare una DLL dannosa che ha lo stesso nome di una libreria legittima richiesta dal programma (un esempio comune riguarda i file DLL nella cartella dei plugin).
Se l’attacco riesce, il codice malevolo viene eseguito con gli stessi permessi dell’utente che sta utilizzando Notepad++, consentendo l’esecuzione di codice arbitrario sul sistema target.
Tuttavia, è fondamentale notare che questa CVE è stata etichettata come contestata (“Disputed”) da diverse fonti.
Ciò accade perché l’attacco è effettivamente possibile solo se l’utente ha installato Notepad++ in una directory che, per errore o cattiva configurazione, consente l’accesso in scrittura a utenti non privilegiati.
Nelle installazioni standard di Windows, un utente normale non dovrebbe avere i permessi per modificare i file nella cartella di installazione del programma, il che ridimensiona il problema da una vulnerabilità intrinseca del software a un rischio derivante da una configurazione del sistema operativo non sicura.
E’ stato rilasciato un poc che dimostra con alcuni screen come è possibile in notepad++ eseguire DLL Hijacking della libreria NppExport.dll visibile nel link sottoastante.
La tecnica del DLL Hijacking (letteralmente “dirottamento di DLL”) è un metodo di attacco che sfrutta il modo in cui il sistema operativo Windows cerca e carica le librerie di collegamento dinamico (Dynamic Link Libraries o DLL) necessarie a un’applicazione per funzionare.
In sostanza, un aggressore induce un’applicazione legittima a caricare ed eseguire una DLL malevola al posto della DLL originale e attesa.
La DLL Hijacking è simile alla DLL Injection ma se ne distingue per il meccanismo: la DLL Injection è una tecnica generica che forza un processo in esecuzione a caricare una DLL arbitraria (spesso dannosa) direttamente in memoria, mentre il DLL Hijacking sfrutta un’errata gestione del percorso di ricerca di una DLL esistente o mancante per far caricare la versione malevola al suo posto.
Analizziamo cosa di intende per DLL Hijacking e testiamo direttamente su Notepad++
Tipi Comuni di DLL Hijacking
Ci sono diverse varianti di questa tecnica:
DLL Search Order Hijacking (Dirottamento dell’ordine di ricerca DLL): sfrutta l’ordine predefinito di ricerca di Windows. L’aggressore inserisce la DLL in una cartella con precedenza (ad esempio, la stessa cartella dell’eseguibile dell’applicazione).
DLL Side-Loading (Caricamento laterale di DLL): Una forma molto comune. L’aggressore copia un eseguibile legittimo e affidabile (ad esempio, un programma firmato digitalmente) e la sua DLL malevola (con il nome della DLL attesa) in una cartella esterna, spesso accessibile all’utente. Il codice malevolo viene eseguito sotto il contesto di un processo affidabile, eludendo i controlli di sicurezza basati sull’integrità o sulla lista bianca degli eseguibili.
DLL Substitution (Sostituzione di DLL): Un approccio più aggressivo e diretto dove l’aggressore bypassa l’ordine di ricerca per sovrascrivere la DLL originale e legittima con un file malevolo nello stesso identico percorso.
Phantom DLL Hijacking (Dirottamento della DLL fantasma): sfrutta un’applicazione che tenta di caricare una DLL che non esiste affatto sul sistema (magari per un errore di programmazione o una dipendenza non necessaria). L’aggressore piazza la DLL malevola con il nome del file mancante, forzando il caricamento.
Come un applicazione carica un DLL?
Quando un’applicazione deve caricare una DLL e non ne specifica il percorso completo e assoluto, Windows inizia una ricerca in una serie di directory predefinite e in un ordine specifico.
L’ordine di ricerca per le DLL (che può variare leggermente a seconda delle API di caricamento e delle configurazioni di sistema) solitamente include:
La directory da cui viene caricata l’applicazione (la sua cartella).
Le directory elencate nella variabile d’ambiente PATH.
Per cui un aggressore sfrutta questa sequenza per piazzare una DLL malevola (con lo stesso nome della DLL legittima mancante, attesa oppure sostituendola) in una delle directory che Windows controlla prima della posizione della DLL vera.
Quando l’applicazione viene avviata, Windows trova e carica la DLL malevola prima di raggiungere la posizione della DLL legittima (oppure caricando la ddl diversa se è stata sostituita).
Il codice malevolo all’interno di questa DLL viene quindi eseguito, spesso con gli stessi privilegi dell’applicazione che l’ha caricata.
Obiettivi dell’Attacco
Questa tecnica è popolare tra gli aggressori perché consente di:
Esecuzione Stealthy (Furtiva): Il codice malevolo viene eseguito all’interno del processo di un’applicazione legittima (spesso anche firmata), rendendolo difficile da rilevare dai tradizionali sistemi antivirus o di monitoraggio.
Persistenza: Una volta piazzata, la DLL malevola può garantire che il codice dell’aggressore venga ri-eseguito ogni volta che l’applicazione legittima viene avviata.
Escalation dei Privilegi: Se l’applicazione legittima viene eseguita con privilegi elevati (ad esempio, come SYSTEM), anche il codice malevolo erediterà quegli stessi privilegi.
Esempio di DLL Hijacking substitution
Questo esempio è molto semplice e utilizzaremo Notepad++ per analizzare questo metodo di attacco.
Andremo a sostituire la libreria originale con una contenente solo un payload che farà avviare la calcolatrice.
In questo caso usiamo lo script sottostante per generare una nuova DLL dove nel MAIN è presente un payload che verrà avviato. #include <processthreadsapi.h> #include <memoryapi.h>
Dopo aver sostituito NppExport.dll e avviato l’applicazione la calcolatrice viene aperta.
Sfortunatamente l’applicazione rileva che qualcosa legato alla libreria e restituisce un errore.
Il motivo è molto semplice, questa non contiene gli export originali, per cui c’è un controllo che avvisa di questo, ostacolo che vedremo come superare nel passo successivo.
Nonostante questo errore Notepad++ prosegue la sua normale esecuzione.
E’ da considerare che in altri casi questa sostituzione potrebbe dare un errore critico e fermare l’esecuzione dell’applicazione, in quanto contenente funzioni essenziali per applicazione stessa.
Esempio tramite tramite proxy DLL
Nell’esempio precedente è stato visto come compilare una nuova libreria e sostituire a una originale al fine che app esegua del contenuto malevolo. Questa sostituzione però causare il crash dell’applicazione o errori vari.
Per cui vediamo una tecnica di DLL hijacking tramite proxy. Il DLL Hijacking by Proxying (dirottamento di DLL tramite proxy) è una tecnica avanzata di cyberattacco che permette all’aggressore di eseguire codice malevolo all’interno di un’applicazione legittima senza causare il crash o l’interruzione del programma.
Il concetto è molto semplice.
L’aggressore rinomina la DLL originale (es. libreria.dll in libreria_orig.dll). Successivamente, piazza la sua DLL malevola nella posizione prioritaria, chiamandola con il nome originale (libreria.dll).
L’applicazione app.exe una volta avviata chiede al sistema operativo di caricare legit.dll.
Il S.O. segue l’ordine di ricerca e trova per prima la DLL Malevola (libreria.dll). Quindi carica la DLL malevola nella memoria del processo app.exe.
Il codice d’attacco (il payload dannoso) viene eseguito immediatamente (ad esempio, all’interno della funzione DllMain).
La DLL malevola carica la DLL legittima rinominata (libreria_legit.dll) e la usa come proxy. Tutte le richieste di funzione successive provenienti da app.exe vengono inoltrate alla DLL originale (libreria_legit.dll).
L’applicazione riceve le risposte corrette dalla DLL originale tramite il proxy e continua a funzionare normalmente. L’utente non si accorge del dirottamento.
Qui uno schema semplificato del procedimento:
Analizziamo nella pratica cosa consiste questo attacco, prendiamo per comodità una repo esistente che contiene tutto quello che ci serve a questo scopo.
All’interno è presente una libreria base (che abbiamo usato nell’esempio precedente) per esecuzione di un payload una volta che questa viene caricata nell’app.
Preleviamo la DDL da eseguire Hijacking, in questo caso NPPExport.dll che è stata rinominata.
Generaimo attraverso li scoript deng_def.py il file version.def file contenente i reindirizzamenti di esportazione tramite lo script Python
Il file .def contiene una sezione chiamata EXPORTS che elenca tutte le funzioni che la DLL deve esporre, in modo da poterle reindirizzare alla DLL legittima originale.
Già da qui è possibile vedere che vari nomi di funzioni vengono reindirizzati a NppExport_orig.dll.
Per finire compiliamo la libreria attraverso mingw-w64:
Le opzioni di compilazione sono simili al primo esempio, ma in questo andiamo ad aggiungere le definizioni degli export aggiuntivi che questa libreria ha bisogno (version.def)
-shared: dice al compilatore di creare una libreria a collegamento dinamico (una DLL su Windows) invece di un eseguibile standard (.exe).
-o NppExport.dll: Specifica il nome del file di output.
version.def: specifica un file di definizione del modulo (Module Definition File) spiegato in precedenza.
./dll-hijack-by-proxying/version.c: Questo è il file sorgente C che farà aprire la calcolatrice una volta caricata la libreria.
Ora posizioniamo la nuova libreria di fianco a quella originale modificata
NppExport.dll esegiurà il proxy di tutte le chiamate alle funzioni esportate nel file legittimo NppExport_orig.dll evitando che applicazioni segnali malfunzionamenti.
Se eseguiamo il software non verrà dato nessun errore e il codice malevolo eseguito correttamente.
La Lomellina L'articolo Giustizia, l’Italia verso la separazione delle carriere: la Fondazione Einaudi guida il fronte del Si al prossimo referendum proviene da
Spesso, durante i penetration test, ci ritroviamo ad avere accessi elevati (Domain Admin) all’interno di un’organizzazione. Alcune aziende si fermano a questo, pensando che ottenere il Domain Admin sia l’obiettivo finale.
Ma non lo è. «Ottenere il Domain Admin» non significa molto per la maggior parte dei dirigenti , se non mostrare concretamente cosa comporta in termini di rischio. Uno dei modi migliori per dimostrare il rischio per un’organizzazione è mostrare la possibilità di accedere a dati sensibili.
Descriviamo qui il penetration testing di Exchange 2019 in un laboratorio GOADv3 configurato su Ludus/Debian.
Il server Exchange target
Strumenti Utilizzati
Il toolkit principale usato è MailSniper, una suite PowerShell progettata per l’enumerazione interna e l’abuso delle mailbox Exchange tramite Exchange Web Services (EWS), Outlook Web Access (OWA) e altri endpoint standard.
Ho usato anche NetExec da una macchina Kali ma MailSniper dava problemi su powershell-linux ed ho dovuto basarmi su una Win11Pro: MailSniper non ne voleva sapere di funzionare su Kali Qui la scansione NXC dell’intero ambiente
Fase 1: Ricognizione e Identificazione di Exchange Server
Prima di ogni attività di penetrazione è fondamentale localizzare con precisione il server Exchange.
Si parte dalla raccolta OSINT, tramite record MX DNS, URL pubblici di OWA, Autodiscover, certificati TLS e metadata visibili da post di lavoro o documenti pubblici.
Successivamente si eseguono scansioni mirate con Nmap verso servizi standard:
nmap -p25,80,443,445,587,993,995 -sV -oA exchange_scan 10.3.10.21 Questa scansione permette di individuare le porte di SMTP, HTTPS per OWA, SMB e servizi di posta sicura.
# Nmap 7.95 scan initiated Wed Oct 15 12:52:25 2025 as: /usr/lib/nmap/nmap --privileged -A -T 4 -Pn -oA /mnt/hgfs/VMsharedDownloads/Exchange2019InitialScan 10.3.10.21 Nmap scan report for 10.3.10.21 Host is up (0.0027s latency). Not shown: 975 closed tcp ports (reset) PORT STATE SERVICE VERSION 25/tcp open smtp Microsoft Exchange smtpd |_smtp-ntlm-info: ERROR: Script execution failed (use -d to debug) | ssl-cert: Subject: commonName=the-eyrie | Subject Alternative Name: DNS:the-eyrie, DNS:the-eyrie.sevenkingdoms.local | Not valid before: 2025-10-11T01:42:31 |_Not valid after: 2030-10-11T01:42:31 | smtp-commands: the-eyrie.sevenkingdoms.local Hello [198.51.100.2], SIZE 37748736, PIPELINING, DSN, ENHANCEDSTATUSCODES, STARTTLS, X-ANONYMOUSTLS, AUTH NTLM, X-EXPS GSSAPI NTLM, 8BITMIME, BINARYMIME, CHUNKING, SMTPUTF8, XRDST |_ This server supports the following commands: HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH BDAT 80/tcp open http Microsoft IIS httpd 10.0 |_http-title: Site doesn't have a title. 81/tcp open http Microsoft IIS httpd 10.0 |_http-title: 403 - Forbidden: Access is denied. 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn Microsoft Windows netbios-ssn 443/tcp open ssl/https | ssl-cert: Subject: commonName=the-eyrie | Subject Alternative Name: DNS:the-eyrie, DNS:the-eyrie.sevenkingdoms.local | Not valid before: 2025-10-11T01:42:31 |_Not valid after: 2030-10-11T01:42:31 | http-title: Outlook |_Requested resource was 10.3.10.21/owa/auth/logon.aspx… 444/tcp open snpp? 445/tcp open microsoft-ds? 465/tcp open smtp Microsoft Exchange smtpd | ssl-cert: Subject: commonName=the-eyrie | Subject Alternative Name: DNS:the-eyrie, DNS:the-eyrie.sevenkingdoms.local | Not valid before: 2025-10-11T01:42:31 |_Not valid after: 2030-10-11T01:42:31 | smtp-commands: the-eyrie.sevenkingdoms.local Hello [198.51.100.2], SIZE 37748736, PIPELINING, DSN, ENHANCEDSTATUSCODES, STARTTLS, X-ANONYMOUSTLS, AUTH GSSAPI NTLM, X-EXPS GSSAPI NTLM, 8BITMIME, BINARYMIME, CHUNKING, XEXCH50, SMTPUTF8, XRDST, XSHADOWREQUEST |_ This server supports the following commands: HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH BDAT | smtp-ntlm-info: | Target_Name: SEVENKINGDOMS | NetBIOS_Domain_Name: SEVENKINGDOMS | NetBIOS_Computer_Name: THE-EYRIE | DNS_Domain_Name: sevenkingdoms.local | DNS_Computer_Name: the-eyrie.sevenkingdoms.local | DNS_Tree_Name: sevenkingdoms.local |_ Product_Version: 10.0.17763 587/tcp open smtp Microsoft Exchange smtpd | ssl-cert: Subject: commonName=the-eyrie | Subject Alternative Name: DNS:the-eyrie, DNS:the-eyrie.sevenkingdoms.local | Not valid before: 2025-10-11T01:42:31 |_Not valid after: 2030-10-11T01:42:31 | smtp-commands: the-eyrie.sevenkingdoms.local Hello [198.51.100.2], SIZE 37748736, PIPELINING, DSN, ENHANCEDSTATUSCODES, STARTTLS, AUTH GSSAPI NTLM, 8BITMIME, BINARYMIME, CHUNKING, SMTPUTF8 |_ This server supports the following commands: HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH BDAT |_smtp-ntlm-info: ERROR: Script execution failed (use -d to debug) 593/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0 808/tcp open ccproxy-http? 1801/tcp open msmq? 2103/tcp open zephyr-clt? 2105/tcp open eklogin? 2107/tcp open msmq-mgmt? 2525/tcp open smtp Microsoft Exchange smtpd | smtp-commands: the-eyrie.sevenkingdoms.local Hello [198.51.100.2], SIZE, PIPELINING, DSN, ENHANCEDSTATUSCODES, STARTTLS, X-ANONYMOUSTLS, AUTH NTLM, X-EXPS GSSAPI NTLM, 8BITMIME, BINARYMIME, CHUNKING, XEXCH50, SMTPUTF8, XRDST, XSHADOWREQUEST |_ This server supports the following commands: HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH BDAT | ssl-cert: Subject: commonName=the-eyrie | Subject Alternative Name: DNS:the-eyrie, DNS:the-eyrie.sevenkingdoms.local | Not valid before: 2025-10-11T01:42:31 |_Not valid after: 2030-10-11T01:42:31 3389/tcp open ms-wbt-server? | rdp-ntlm-info: | Target_Name: SEVENKINGDOMS | NetBIOS_Domain_Name: SEVENKINGDOMS | NetBIOS_Computer_Name: THE-EYRIE | DNS_Domain_Name: sevenkingdoms.local | DNS_Computer_Name: the-eyrie.sevenkingdoms.local | DNS_Tree_Name: sevenkingdoms.local | Product_Version: 10.0.17763 |_ System_Time: 2025-10-15T16:52:55+00:00 | ssl-cert: Subject: commonName=the-eyrie.sevenkingdoms.local | Not valid before: 2025-10-07T10:19:37 |_Not valid after: 2026-04-08T10:19:37 3800/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) |_http-title: Not Found 3801/tcp open mc-nmf .NET Message Framing 3828/tcp open mc-nmf .NET Message Framing 5985/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP) |_http-title: Not Found 5986/tcp open wsmans? | ssl-cert: Subject: commonName=WIN2019-SRV-X64 | Subject Alternative Name: DNS:WIN2019-SRV-X64, DNS:WIN2019-SRV-X64 | Not valid before: 2025-09-19T18:32:07 |_Not valid after: 2035-09-17T18:32:07 6001/tcp open ncacn_http Microsoft Windows RPC over HTTP 1.0 6789/tcp open ibm-db2-admin? Device type: general purpose Running: Microsoft Windows 2019 OS CPE: cpe:/o:microsoft:windows_server_2019 OS details: Microsoft Windows Server 2019 Network Distance: 3 hops Service Info: Host: the-eyrie.sevenkingdoms.local; OS: Windows; CPE: cpe:/o:microsoft:windows
Enumerazione Utenti ed Endpoints Mail
Invoke-DomainHarvestOWA -ExchHostname 10.3.10.21
Enumerazione Utenti ed Endpoints Mail
Dopo aver localizzato il server, si procede con la raccolta di utenti validi, indispensabile per attacchi come password spraying o bruteforce.
Con MailSniper si possono estrarre gli utenti dall’endpoint OWA e dalla Global Address List (GAL):
Invoke-DomainHarvestOWA -ExchHostname 10.3.10.21 -OutFile userlist.txt Get-GlobalAddressList -ExchHostname 10.3.10.21 -UserName "domain\user" -Password "Password!" -OutFile gal.txt Una lista utenti ben definita consente di simulare attacchi mirati, testando password realistiche basate su contesto (ad es. Game of Thrones simulati nel laboratorio), ovviamente ci si serve a monte divarie tecniche di OSINT . MailSniper non fa altro estrarre li utenti dalla lista nota ad Exchange, questa che vediamo.
Fase 3: Password Spraying e Accesso Iniziale
Utilizzando password realistiche derivate da informazioni pubbliche e di contesto, si effettua il password spraying con MailSniper su ActiveSync EAS, OWA o SMTP: Invoke-PasswordSpray -UserList userlist.txt -ExchHost 10.3.10.21 -Password "ilovejaime" -OutFile spray_results.txt
Quando si ottiene un accesso valido, ad esempio una combinazione utente/password, si può utilizzare PowerShell per accedere al mailbox tramite EWS ed iniziare la fase di post-exploitation.
Le credenziali sono corrette:
Post-Exploitation e Ricerca di Informazioni Sensibili
Con MailSniper, da un account compromesso, si può:
Cercare all’interno della mailbox illeciti credenziali o informazioni sensibili:
Limitare permessi mailbox e delegation: solo i ruoli strettamente necessari devono poter impersonare o inviare mail per conto di altri.
Monitoraggio delle attività Exchange: logging approfondito per autenticazioni, uso di EWS e tentativi mail sospetti.
Aggiornamenti puntuali: installare le patch contro vulnerabilità note come ProxyLogon, ProxyShell, e zero-day emergenti.
Multi-Factor Authentication (MFA) su OWA, EAS e PowerShell remoting per ridurre l’efficacia di credential stuffing.
Segmentazione della rete: isolare i server Exchange e limitare l’accesso dalla DMZ e zona interna in base ai principi di least privilege.
Controlli e blocchi di password spraying: implementare politiche di lockout, analisi comportamentale e tool interni per identificare logon sospetti.
(Immagine: schema di rete con segmentazione e controllo accessi)
Conclusioni
Il penetration test di un Exchange Server 2019 richiede una metodologia articolata che va dalla ricognizione accurata, passando per attacchi mirati come password spraying, fino all’abuso post-compromissione di mailbox per avanzare nella rete.
Il laboratorio GOADv3 su Ludus/Debian fornisce un ambiente ideale per simulare queste tecniche in sicurezza, permettendo di affinare le capacità offensive e, soprattutto, di testare le difese IT.
L’uso di strumenti come MailSniper facilita la ricerca di credenziali, permessi e dati sensibili, dimostrando concretamente il rischio che una compromissione di Exchange comporta per un’organizzazione.
Implementare difese robuste e monitoraggio continuo è la chiave per ridurre la superficie di attacco e rallentare gli avversari informatici contemporanei.
Se interessa, posso anche fornire in seguito uno script PowerShell automatizzato per alcune delle procedure sopra descritte.
Se vuoi, posso creare il testo con formattazione markdown anche per post o documenti tecnici. Vuoi procedere?
Soldi e libertà. È questa la miscela giusta di Lavazza che “più lo mandi giù, più ti tira su”. Non è soltanto una pubblicità ben riuscita: è una filosofia aziendale che oggi diventa esempio concreto, riconosciuto ufficialmente dalla classifica “Best Employers 2026. Prima in Italia, non a caso. Torino, Settimo Torinese e Gattinara non sono
To our younger readers, a car without an all-touchscreen “infotainment” system may look clunky and dated, but really, you kids don’t know what they’re missing. Buttons, knobs, and switches all offer a level of satisfying tactility and feedback that touchscreens totally lack. [Garage Builds] on YouTube agrees; he also doesn’t like the way his aftermarket Kenwood head unit looks in his 2004-vintage Nissan. That’s why he decided to take matters into his own hands, and hack the buttons back on.
Rather than source a vintage stereo head unit, or try and DIY one from scratch, [Garage Builds] has actually hidden the modern touchscreen unit behind a button panel. That button panel is actually salvaged from the stock stereo, so the looks fit the car. The stereo’s LCD gets replaced with a modern color unit, but otherwise it looks pretty stock at the end.
Adding buttons to the Kenwood is all possible thanks to steering-wheel controls. In order to make use of those, the touchscreen head unit came with a little black box that translated the button press into some kind of one-wire protocol that turned out to be an inverted and carrier-less version of the NEC protocol used in IR TV remotes. (That bit of detective work comes from [michaelb], who figured all this out for his Ford years ago, but [Garage Builds] is also sharing his code on GitHub.)
Having the protocol, it simply becomes a matter of grabbing a microcontroller to scan the stock buttons and output the necessary codes to the Kenwood head unit. Of course now he has extra buttons, since the digital head unit has no tape or CD changer to control, nor AM/FM radio to tune. Those get repurposed for the interior and exterior RGB lighting [Garage Builds] has ̶i̶n̶f̶l̶i̶c̶t̶e̶d̶ mounted on this ̶p̶o̶o̶r̶ lovely car. (There’s no accounting for taste. Some of us love the look and some hate it, but he’s certainly captured an aesthetic, and now has easy control of it to boot.) [Garage Builds] has got custom digital gauges to put into the dash of his Nissan, and some of the extra buttons have been adapted to control those, too.
The whole car is actually a rolling hack as you can see from the back catalog of the [Garage Builds] YouTube channel, which might be worth a look if you’re in the intersection of the “electronics enthusiast” and “gearhead” Venn Diagram.
There’s no accounting for taste, but we absolutely agree with him that making everything black rectangles is the death of industrial design.
La netta vittoria di Zohran Mamdani nelle elezioni per la carica di sindaco di New York ha un significato politico enorme nel quadro della deriva autoritaria trumpiana in atto negli Stati Uniti.
#Scuola: firmato oggi il contratto 2022-2024 per il personale scolastico. Il secondo siglato con questo Governo: aumenti medi di 150 euro per i docenti e di 110 euro per gli ATA.
#Scuola: firmato oggi il contratto 2022-2024 per il personale scolastico. Il secondo siglato con questo Governo: aumenti medi di 150 euro per i docenti e di 110 euro per gli ATA.
One of the joys of writing up the entries for the 2025 Component Abuse Challenge has come in finding all the different alternative uses for the humble transistor. This building block of all modern electronics does a lot more than simply performing as a switch, for as [Aleksei Tertychnyi] tells us, it can also function as a temperature sensor.
How does this work? Simple enough, the base-emitter junction of a transistor can function as a diode, and like other diodes, it shows a roughly 0.2 volt per degree voltage shift with temperature (for a silicon transistor anyway). Taking a transistor and forward biasing the junction with a 33 K resistor, he can read the resulting voltage directly with an analogue to digital converter and derive a temperature reading.
The transistor features rarely as anything but a power device in the projects we bring you in 2025. Maybe you can find inspiration to experiment for yourself, and if you do, you still have a few days in which to make your own competition entry.
When you think of a US Nuclear accident, you probably think of Three Mile Island. However, there have been over 50 accidents of varying severity in the US, with few direct casualties. (No one died directly from the Three Mile Island incident, although there are some studies that show increased cancer rates in the area.)
Indeed, where there are fatalities, it hasn’t been really related to the reactor. Take the four people who died at the Surry Nuclear Power Plant accident: they were killed when a steam pipe burst and fatally scalded them. At Arkansas Nuclear One, a 525-ton generator was being moved, the crane failed to hold it, and one person died. That sort of thing could happen in any kind of industrial setting.
But one incident that you have probably never heard of took three lives as a direct result of the reactor. True, it was a misuse of the reactor, and it led to design changes to ensure it can’t happen again. And while the incident was nuclear-related, the radiation didn’t kill them, although it probably would have if they had survived their injuries.
Background
The large cylinder housed the SL-1 reactor. The picture is from some time before the accident (public domain). It may be a misattribution, but it is often said that Napoleon said something like, “An army marches on its stomach.” A modern army might just as well march on electrical power. So the military has a keen interest in small nuclear reactors to both heat sites in cold climates and generate electricity when in remote locations or in, as they like to call it, denied areas.
In the mid-1950s, the Army tasked Argonne National Laboratory to prototype a small reactor. They wanted it portable, so it had to break down to relatively small pieces, if you consider something weighing 10 tons as small, and could be set up in the field.
The resulting prototype was the Stationary Low-Power Reactor Number One, known as SL-1, operated by the Army in late 1958. It could provide about 400 kW of heating or 200 kW of electricity. The reactor core was rated for 3 MW (thermal) but had been tested at 4.7 MW a few times. It would end operations due to an accident in 1961.
Design
Sketch of the reactor internals (public domain). The reactor was a conventional boiling-water reactor design that used natural circulation of light water as both coolant and moderator. The fuel was in the form of plates of a uranium-aluminum alloy.
The reactor was inside a 48-foot-tall cylinder 38.5 feet in diameter. It was made of quarter-inch plate steel. Because the thing was in the middle of nowhere in Idaho, this was deemed sufficient. There was no containment shell like you’d find on reactors nearer to population centers.
The reactor, at the time of the accident, had five control rods, although it could accommodate nine. It could also hold 59 fuel assemblies, but only 40 were in use. Because of the reduced number of fuel plates, the reactor’s center region was more active than it would have been under full operation. The rods were eight in a circle with four dummies and a ninth one in the center. Because of the missing outer rods, the center control rod was more critical than the four others.
The Accident
In January of 1961, the reactor had been shut down for 11 days over the holiday. In preparation for restarting, workers had to reconnect the rods to their drive motors. The procedure was to pull the rod up four inches to allow the motor attachment. Cutaway of the SL-1 and the control building (public domain). There were three workers: Specialist Richard McKinley, Specialist John Byrnes, and a Navy Seabee Electrician First Class Richard Legg. Legg was in charge, and McKinley was a trainee.
From a post-accident investigation, they are fairly sure that Byrnes inexplicably pulled the center rod out 20 inches instead of the requisite four inches. The reactor went prompt critical, and, in roughly four milliseconds, the 3 MW core reached 20 GW. There wasn’t enough time for sufficient steam to form to trigger the safeties, which took 7.5 milliseconds.
The extreme heat melted the fuel, which explosively vaporized. The reactor couldn’t dissipate so much heat so quickly, and a pressure wave of about 10,000 pounds hit the top of the reactor vessel. The 13-ton vessel flew up at about 18 miles an hour, and plugs flew out, allowing radioactive boiling water and steam to spray the room. At about nine feet, it collided with the ceiling and a crane and fell back down. All this occurred in about two seconds.
As you might imagine, you didn’t want to be in the room, much less on top of the reactor. Two of the operators were thrown to the floor. Byrnes’ fall causes his rib to fatally pierce his heart. McKinley was also badly injured but only survived for about two hours after the accident. Legg was found dead and stuck to the ceiling, an ejected shield plug impaling him.
Why?
Actual photo of the destroyed reactor taken by a camera on the end of a crane. You can place a lot of blame here. Of course, you probably shouldn’t have been able to pull the rod up that far, especially given that it was carrying more of the load than the other rods. The contractor that helped operate the facility wasn’t available around the clock due to “budget reasons.” There’s no way to know if that would have helped, of course.
But the real question is: why did they pull the rod up 20 inches instead of four? We may never know. There are, of course, theories. Improbably, people have tried to explain it as sabotage or murder-suicide due to some dispute between Byrnes and one of the other men. But that doesn’t seem to be the most likely explanation.
Apparently, the rods sometimes stuck due to misalignment, corrosion, or wear. During a ten-month period, for example, about 2.5% of the drop-and-scram tests failed because of this sticking: a total of 40 incidents. However, many of those causes only apply when the rods are automatically moved. Logbooks showed that manual movement of the rods had been done well over 500 times. There was no record of any sticking during manual operations. Several operators were asked, and none could recall any sticking. However, the rate of sticking was increasing right before the incident, just not from manual motion.
However, it is easy to imagine the 48-pound rod being stuck, pulling hard on it, and then having it give way. We’ve all done something like that, just not with such dire consequences.
Aftermath
First responders had a difficult time with this incident due to radiological problems. There had been false alarms before, so when six firefighters arrived on the scene, they weren’t too concerned. But when they entered the building, they saw radiation warning lights on and their radiation detectors pegged.
Even specialized responders with better equipment couldn’t determine just how much radiation was there, except for “plenty.” Air packs were fogging, limiting visibility. During the rescue of McKinley, one rescuer had to remove a defective air pack and breathe contaminated air for about three minutes. Freeing Legg’s body required ten men working in pairs, because each team could only work in the contaminated zone for 65 seconds. The rule had been that you could tolerate 100 Röntgens (about 1 Sv or 100 rem) to save a life and 25 (0.25 Sv or 25 rem) to save valuable property. Of the 32 people involved in the initial response, 22 received between 3 and 27 Röntgens exposure. Further, 790 people were exposed to harmful radiation levels during the subsequent cleanup.
The reactor building did prevent most of the radioactive material from escaping, but iodine-131 levels in some areas reached about 50 times normal levels. The remains of the site are buried nearby, and that’s the source of most residual radiation.
Lessons Learned
Unsurprisingly, the SL-1 design was abandoned. Future designs require that the reactor be safe even if one rod is entirely removed: the so-called “one stuck rod” rule. This also led to stricter operating procedures. What’s more, it is now necessary to ensure emergency responders have radiation meters with higher ranges. Regulations are often written in blood.
The Atomic Energy Commission made a film about the incident for internal use but, of course, now, you can watch it from your computer, below.
You might also enjoy this presentation by one of the first responders who was actually there, which you can see below. If you want a more detailed history, check out Chapters 15 and 16 of [Susan M. Stacy’s] book “Proving the Principle” that you can read online.
La base militare di Amendola torna al centro dello scenario internazionale con Falcon strike 2025, l’esercitazione che riunisce le principali forze aeree della Nato per testare le capacità operative in contesti di alta complessità. Pensata come laboratorio di integrazione tra tecnologie e strategie,
US Army Tells Soldiers to Go to German Food Bank, Then Deletes It
A US Army website for its bases in Bavaria, Germany published a list of food banks in the area that could help soldiers and staff as part of its “Shutdown Guidance,” the subtext being that soldiers and base employees might need to obtain free food from German government services during the government shutdown.
The webpage included information about which services are affected by the ongoing shutdown of the federal government, FAQs about how to work during a furlough, and links to apply for emergency loans. After the shutdown guidance’s publication, the Army changed it and removed the list of food banks, but the original has been archived here. playlist.megaphone.fm?p=TBIEA2… The shutdown of the American federal government is affecting all its employees, from TSA agents to the troops, and the longer people go without paychecks, the more they’re turning to nonprofits and other services to survive. American military bases are like small cities with their own communities, stores, and schools. The US Army Garrison Bavaria covers four bases spread across the German state of Bavaria and is one of the largest garrisons in the world, hosting around 40,000 troops and civilians.
Like many other American military websites, the Garrison’s has stopped updating, but did publish a page of “Shutdown Guidance” to help the people living on its bases navigate the shutdown. At the very bottom of the page there was a “Running list of German support organizations for your kit bags” that included various local food banks. It listed Tafel Deutschland, which it called an “umbrella organization [that] distributes food to people in poverty through its more than 970 local food banks,” Foodsharing e.V, and Essen für Alle (Food for everyone). Image via the Wayback Machine. The guidance also provided a link to the German version of the Too Good to Go App, which it described as a service that sells surprise bags of food to reduce food waste. “These bags contain unsellable but perfectly good food from shops, cafés, and restaurants, which can be picked up at a reduced price. To obtain one of these bags, it must be reserved in the app and picked up at the store during a specified time window, presenting the reservation receipt in the app,” the US Army Garrison Bavaria’s shutdown guidance page said.
According to snapshots on the Wayback Machine, the list of food banks was up this morning but was removed sometime in the past few hours. The US Army Garrison Bavaria did not respond to 404 Media’s request for comment about the inclusion of the food banks on its shutdown guidance page.
The White House has kept paying America’s troops during the shut down, but not without struggle. At the end of October, the Trump administration accepted a $130 million donation from the billionaire Timothy Mellon to help keep America’s military paid. Though initially anonymous, The New York Times revealed Mellon’s identity. This donation only covered some of the costs,, however, and the White House has had to move money between accounts to keep the cash flowing to its troops.
But the US military isn’t just its soldiers, sailors, Marines, Guardians, and airmen. Every military base is staffed by thousands of civilian workers, many of them veterans, who do all the jobs that keep a base running. In Bavaria, those workers are a mix of German locals and Americans. The German government has approved a $50 million support package to cover the paychecks of its citizens affected by the shutdown. Any non-troop American working on those military bases is a federal employee, however, and they aren’t getting paid at all.
If the paychecks are delivered, it would be the second time the White House has avoided missing a pay period for troops during the shutdown, now in its 30th day.
Forza, voglio vedere chi è il primo delle persone che seguo a commentare l'arresto di Al Masri con qualcosa tipo "in Libia sì che rispettano il Diritto mica come qui da noi".
There are various CAD challenges out there that come with bragging rights. Some, like the Certified Solid Works Professional Exam (CWSP) might actually look good on a resume. [Deltahedra] is apparently not too interested in padding his resume, nor does he have much interest in SolidWorks, and so decided to conquer the CWSP with FreeCAD in the name of open source — and to show us all how he did it.
Because these CAD exams are meant to show your chops with the program, the resulting video makes an awesome FreeCAD tutorial. Spoiler alert: he’s able to model the part, though it takes him about 15 minutes. After modeling the part, the CWSP exam needs you to find the mass of the part, which [Deltahedra] does with the FCInfo macro — which, of course, he shows us how to install and use. The second and third questions are similar: change some variables (it is a parametric modeling software, after all) and find the new mass. In a second exercise, he needs to modify the model according to a new drawing. Modifying existing models can sometimes be more difficult than creating them, but [Deltahedra] and FreeCAD pass with flying colors once again.
If you’re at all curious about what FreeCAD can do, this video is a really impressive demonstration of FreeCAD’s part modeling workbench. We’ve had a few FreeCAD guides of our on on Hackaday, like this one on reverse engineering STLs and this one on best practices in the software, but if you’d asked us before the release of v1.0 we’d never have guessed you could use it for a SolidWorks exam in 2025. So while there are kudos due to [Deltahedra], the real accolades belong to the hardworking team behind FreeCAD that has brought it this far. Bravo!
Un’allerta urgente è stata diramata da Microsoft per gli utenti del sistema operativo Windows, in merito ad una problematica potenziale che, a partire dagli aggiornamenti di sicurezza distribuiti il 14 ottobre 2025, potrebbero causare l’avvio in alcuni dispositivi della schermata di ripristino BitLocker.
L’avviso sottolinea che non sono interessate le edizioni server, limitando l’ambito di applicazione agli ambienti client consumer e aziendali. Il problema riguarda tre piattaforme client chiave: Windows 11 versione 25H2 e 24H2, entrambe collegate all’articolo di origine della knowledge base KB5066835, e Windows 10 versione 22H2 nell’articolo KB5066791.
Una indagine approfondita è in corso da parte di Microsoft su specifiche versioni client di Windows, con un impatto soprattutto sui sistemi Intel-based che dispongono della funzione Connected Standby. Questa particolare opzione di risparmio energetico, permette ai dispositivi di rimanere connessi durante fasi di ridotto consumo di energia.
Sembra che i processori Intel dotati di supporto Connected Standby siano particolarmente esposti, in quanto la persistenza di rete propria di questa funzione potrebbe interferire con le procedure di avvio successive agli aggiornamenti. Gli aggiornamenti, volti a risolvere vulnerabilità critiche e a migliorare la stabilità del sistema, hanno inavvertitamente causato l’attivazione del comportamento di BitLocker sui dispositivi hardware compatibili.
Nonostante il problema non incida sulla sicurezza dei dati, può causare un’interruzione dei flussi di lavoro degli utenti, in quanto può essere necessario inserire la chiave di ripristino di BitLocker una volta al riavvio. Gli utenti coinvolti potrebbero essere tenuti a visualizzare la richiesta di ripristino durante l’avvio o nei riavvii successivi agli aggiornamenti, stando a quanto riportato nella documentazione sullo stato di salute delle versioni di Windows di Microsoft.
Una volta fornita la chiave, il dispositivo, dovrebbe riprendere il normale funzionamento senza ulteriori interruzioni. Questo modalità di ripristino è dovuto alle interazioni tra gli aggiornamenti e i meccanismi di crittografia di BitLocker, sebbene Microsoft non abbia ancora specificato la causa esatta.
Gli utenti possono fare riferimento ai tracker dei problemi di Microsoft, come WI1183025 per Windows 11 25H2, WI1183026 per 24H2 e WI1183027 per Windows 10 22H2, tramite il portale Windows Release Health per conoscere lo stato più recente.
Microsoft consiglia alle organizzazioni interessate di applicare un Known Issue Rollback (KIR) per aggirare il problema. Questo strumento di mitigazione, descritto in dettaglio nel blog IT Pro dell’azienda, richiede di contattare il Supporto Microsoft per le aziende per l’implementazione a livello aziendale.
I singoli utenti devono assicurarsi di avere a portata di mano le chiavi di ripristino di BitLocker, solitamente archiviate negli account Microsoft o stampate durante la configurazione, per evitare tempi di inattività prolungati.
I risultati approvati dal Consiglio di Amministrazione di Leonardo confermano la traiettoria di crescita e la solidità del gruppo lungo le direttrici del Piano Industriale 2025-2029. Nei primi nove mesi dell’anno, il colosso italiano dell’aerospazio e della difesa ha registrato un
@Informatica (Italy e non Italy 😁) È stato rilasciato l’Android Security Bulletin per il mese di novembre 2025: al suo interno, gli aggiornamenti per due vulnerabilità, di cui una di esecuzione remota del codice classificata come critica. Ecco i dettagli e i consigli per mettere in sicurezza
“La Charta resta una bussola che orienta il cammino ecumenico. La sua versione aggiornata è un ulteriore incoraggiamento a proseguire sulla strada intrapresa e ci conferma nella scelta di rinsaldare il rapporto di conoscenza, amicizia e accoglienza t…
When you hear it said that “Modern steel is disposable by design”, your ears perk up, as you just caught the unmistakable sound of faux romanticism along with ‘lost ancient technology‘ vibes. Although it happens sometimes that we did lose something important, as with for example the ancient Roman concrete that turns out to have self-healing properties as a result of so-called hot mixing, this is decidedly an exception.
We nearly lost that technology because of the technological and scientific bonfire that was the prelude to a thousand years of darkness over Europe: called the Dark Ages, Middle Ages as well as the medieval period. Thus when you come across a slideshow video with synthesized monotonal voice-over which makes the bold claim that somehow medieval iron was superior and today’s metallurgy both worse and designed to break, you really have to do a spit-take. The many corrections in the comment section further reinforces the feeling that it’s more slop than fact.
One of the claims made is that the bloomery furnace beats the blast furnace, due to beneficial additives to the iron. Considering that the video cites its sources, it’s at least worthy of a dive into the actual science here. Are modern iron and steel truly that inferior and disposable?
The Iron Age
Han Dynasty iron sickle and plow. (Credit: Gary Todd, Wikimedia) The Iron Age is defined as the point when a civilization begins to mass-produce tools and weapons made from processed iron ore rather than just the use of found meteoric iron. What makes this such a telling technological moment is because in order to smelt iron, you need to have a furnace capable of generating temperatures around 1,250 °C. The transition between the easier to process bronze and superior iron took place between 1,200 and 1,100 BCE in Europe, along with much of Asia, in particular India and China.
Processing iron ore to turn it into any of the types of iron alloys possible can be done in a variety of ways, with direct reduction through smelting commonly being used throughout history, alongside blast furnaces. These latter became the most common approach in the 20th century, using a two-stage process involving refining in a converter. Electric arc furnaces can take both the pig iron from blast furnaces and scrap metal as input. Regardless of the method used, the iron ore has to have its impurities removed or reduced to the desired levels for the target alloy. Bloomery smelting during the Middle Ages, as depicted in the De Re Metallica by Georgius Agricola, 1556 (Source: Wikimedia) Pig iron is the output of blast furnaces and can be used for cast iron when melted. This is different from the wrought iron, which traditionally was produced using the output from a bloomery. This is a type of metallurgical furnace capable of smelting iron ore. Using direct reduction with a reduction gas like carbon monoxide, methane or hydrogen, it produces direct reduced iron, also called sponge iron, with the intended reduction in carbon content. This can then be processed by a blacksmith into wrought iron products.
Blast furnaces also provide this carbon reduction, using coke or hydrogen as the redox agent, but as a continuous process the resulting pig iron has a carbon content of 3.8 – 4.7% compared to the higher purity of direct reduced iron that puts it on the level of scrap steel.
Currently blast furnaces and electric arc furnaces offer the most economical way to produce large amounts of steel. Modern direct reduction furnace types have been developed that while not directly competitive have certain advantages, such as being able to process certain ore types that blast furnaces struggle with.
That said, China in particular focused significantly on blast furnaces, with no significant use of bloomeries, but instead the use of finery forges to refine the pig iron from their blast furnaces. By using water power, the blast furnaces could produce massive amounts of pig iron, giving China a significant advantage over medieval Europe.
Archaeometallurgy
The Iron pillar of Delhi, erected around 400 CE. (Credit: Sujit Kumar, Wikimedia) So how did medieval iron alloys differ from that during the early days of the Iron Age in Europe and China, never mind during the technological boom of the ancient Roman Empire? Unsurprisingly the Early Middle Ages (500 – 1000 CE) saw mostly a sharp decline in mining and metallurgy that took until the High Middle Ages (11th to 13th centuries) to begin to recover and the Late Middle Ages to see a strong push for innovation. This was however not an easy period, as famine, war and pestilence kept ravaging economies and its people. Compared to the relative peace and structured society of the Roman times, things couldn’t have been more different.
The study of metallurgy from a historical context is called archaeometallurgy, which focuses on observable evidence such as slag and similar residues left over at former furnace and blacksmithing sites, as well as found metal artefacts. This latter aspect of found artefacts bears reminding, as these include the iron objects that survived often being buried for hundreds if not thousands of years. This risks indulging in survivorship bias, as we do not recover iron artefacts that did rust away, nor those that were tossed with other scrap metal into a furnace.
The iron pillar of Delhi is one such example. This six-ton, 7.21 m tall behemoth has drawn significant attention for its lack of corrosion despite having been exposed to the elements for more than a thousand years. After study of this pillar and other examples of Indian iron from roughly the same era, the levels of phosphor (P) were implicated in the formation of a corrosion resistant hydrate layer, as summarized in a 2000 article by R. Balasubramaniam in Corrosion Science. This is however a relatively thin and fragile layer. Before a protective cage was added, the constant touching of visitors would affect this layer, explaining why its bottom is rather rusty.
What this does however highlight is the importance of a passivation element in iron alloys to enable some level of corrosion resistance by preventing or slowing down the oxidation process. This, combined with environmental factors such as dry air and a low-oxygen environment can be key to the survival of an iron object. Spanish medieval gilded spur. 13th – 15th century as found (a) and preserved (b) (Credit: Marco Veneranda et al., 2016) In the case of modern stainless steel, this passivation is provided primarily by chromium which helps form a protective layer. As pre-Industrial Revolution iron alloys tended to have significant amounts of slag and other contaminants embedded in them, this provided enough opportunities for such a passivation layer to be formed.
A good study subject when it comes to medieval iron can be found in the surviving medieval structures, which are primarily churches and cathedrals. These have iron reinforcements that are exposed to various environments, ranging from an dry indoor climate to ones more conducive to corrosion. In a study of these iron rebars in the 13th century Bourges’ Cathedral attic, including a broken one, it was found that they were decidedly rusting away and that even these primarily indoor rebars need special preservation techniques to keep them from eventually failing.
During an excavation in a medieval necropolis in Spain, a gilded spur was uncovered. This was used for an experimental archaeological analysis method, detailing just how far this gilded, medieval iron object was decayed. While the gold layer provided some protection against corrosion, eventually moisture and oxygen managed to make its way past this layer and over the course of a few hundred years much of the spur decayed to the point where it was largely falling apart.
Modern Age
Although it’s tempting to hold modern day in contempt and indulge in romanticism of a past that never was, the fact of the matter is that these days we have ways to analyze and manipulate iron and other alloys in ways that the ancient Romans and medieval metallurgists could only dream of. While they had extensive institutional knowledge based on empirical findings, we can use methods like Raman spectroscopy to prod molecules to determine their identity and electron microscopes to find out their structure.
Whereas for ancient Roman concrete we can definitely state that it’s better in certain ways than the concrete we have been using since the Industrial Revolution, there we have the hard to miss evidence of Roman concrete structures like ancient seawalls and the Pantheon in Rome seemingly oblivious to the elements and weather of the past two thousand-odd years.
As far as miraculous ancient iron goes, there are definitely a few oddities out there like certain types of Indian iron, and using modern metallurgy we should definitely do our utmost to understand the materials science behind their longevity. That said, modern metallurgy is already pretty good. If your tools are rusting away, or your stainless steel car is taking on a disquieting orange sheen, you probably should have picked that 304 stainless steel instead of cheapening out with a 200-series or 301 stainless steel. We have the technology.
Come possono gli editori proteggersi dai browser “intelligenti” dotati di intelligenza artificiale se hanno l’aspetto di utenti normali? L’emergere di nuovi browser “intelligenti” basati sull’intelligenza artificiale sta mettendo in discussione i metodi tradizionali di protezione dei contenuti online.
Il browser Atlas di OpenAI, recentemente rilasciato, così come Comet di Perplexity e la modalità Copilot di Microsoft Edge, stanno diventando strumenti in grado di fare molto più che visualizzare pagine web: svolgono attività in più fasi, ad esempio raccogliendo informazioni di calendario e generando briefing per i clienti basati sulle notizie.
Le loro capacità stanno già ponendo serie sfide agli editori che cercano di limitare l’uso dell’intelligenza artificiale nei loro contenuti. Il problema è che tali browser sono esteriormente indistinguibili dagli utenti normali.
Quando Atlas o Comet accedono a un sito, vengono identificati come sessioni standard di Chrome, non come crawler automatici. Questo li rende impossibili da bloccare utilizzando il protocollo di esclusione dei robot, poiché bloccare tali richieste potrebbe contemporaneamente impedire l’accesso agli utenti normali. Il rapporto “State of the Bots” di TollBit osserva che la nuova generazione di visitatori AI è “sempre più simile a quella umana”, rendendo più impegnativo il monitoraggio e il filtraggio di tali agenti.
Un ulteriore vantaggio per i browser basati sull’intelligenza artificiale è il modo in cui sono strutturati gli abbonamenti a pagamento moderni. Molti siti web, tra cui MIT Technology Review, National Geographic e il Philadelphia Inquirer, utilizzano un approccio lato client: l’articolo viene caricato per intero ma viene nascosto dietro una finestra pop-up che offre un abbonamento. Mentre il testo rimane invisibile agli esseri umani, è accessibile all’intelligenza artificiale. Solo i paywall lato server, come quelli di Bloomberg o del Wall Street Journal, nascondono in modo affidabile i contenuti fino a quando l’utente non effettua l’accesso. Tuttavia, se l’utente ha effettuato l’accesso, l’agente di intelligenza artificiale può leggere liberamente l’articolo per suo conto. OpenAI Atlas ha ricevuto il testo completo di un articolo esclusivo per gli abbonati da MIT Technology Review (CJR).
Durante i test, Atlas e Comet hanno estratto facilmente il testo completo delle pubblicazioni classificate del MIT Technology Review, nonostante le restrizioni imposte da crawler aziendali come OpenAI e Perplexity.
In un caso, Atlas è anche riuscito a riassemblare un articolo bloccato di PCMag combinando informazioni provenienti da altre fonti, come tweet, aggregatori e citazioni di terze parti. Questa tecnica, soprannominata “digital breadcrumb”, è stata precedentemente descritta dallo specialista di ricerca online Henk van Ess.
OpenAI afferma che i contenuti visualizzati dagli utenti tramite Atlas non vengono utilizzati per addestrare i modelli, a meno che non sia abilitata la funzione “Memorie del browser”. Tuttavia, “ChatGPT ricorderà i dettagli chiave delle pagine visualizzate”, il che, come ha osservato Jeffrey Fowler, editorialista del Washington Post, rende l’informativa sulla privacy di OpenAI confusa e incoerente. Non è ancora chiaro in che misura l’azienda utilizzi i dati ottenuti tramite contenuti a pagamento.
Si osserva un approccio decisamente selettivo: Atlas evita di contattare direttamente i siti web che hanno intentato cause legali contro OpenAI , come il New York Times, ma cerca comunque di aggirare il divieto compilando un riassunto dell’argomento da altre pubblicazioni – The Guardian, Reuters, Associated Press e il Washington Post – che hanno accordi di licenza con OpenAI. Comet, al contrario, non mostra tale moderazione.
Questa strategia trasforma l’agente artificiale in un intermediario che decide quali fonti sono considerate “accettabili”. Anche se l’editore riesce a bloccare l’accesso diretto, l’agente sostituisce semplicemente l’originale con una versione alternativa degli eventi. Questo altera la percezione stessa dell’informazione: l’utente riceve non un articolo, ma un’interpretazione generata automaticamente.
I browser basati sull’intelligenza artificiale non hanno ancora raggiunto un’ampia diffusione, ma è già chiaro che le barriere tradizionali come i paywall e il blocco dei crawler non sono più efficaci. Se tali agenti dovessero diventare il mezzo principale per leggere le notizie, le case editrici dovranno trovare nuovi meccanismi per garantire la trasparenza e il controllo su come i loro contenuti vengono utilizzati dall’intelligenza artificiale.
Google ha emesso un avviso urgente riguardante una vulnerabilità critica in Android che consente agli aggressori di eseguire codice arbitrario sul dispositivo senza alcuna interazione da parte dell’utente. La vulnerabilità Zero Click è stata scoperta in componenti di sistema del sistema operativo e descritta nel Bollettino sulla sicurezza Android di novembre 2025.
La vulnerabilità, identificata come CVE-2025-48593, è considerata una delle più pericolose degli ultimi anni. Colpisce diverse versioni dell’Android Open Source Project (AOSP), dalla 13 alla 16, e può essere sfruttata per l’esecuzione di codice remoto ( RCE ) senza richiedere privilegi aggiuntivi o azioni da parte del proprietario del dispositivo.
Google stima che gli aggressori possano sfruttare il bug inviando pacchetti di rete appositamente creati o distribuendo app dannose tramite store di terze parti e installazioni sideloaded. Un attacco riuscito consente l’accesso completo al dispositivo, inclusa la possibilità di rubare dati, installare ransomware o trasformare lo smartphone in un componente botnet. Il problema è stato registrato internamente con l’ID bug Android A-374746961 ed è già stato risolto nelle ultime build di AOSP.
La vulnerabilità deriva da una gestione impropria dei processi di sistema, che consente l’iniezione di codice arbitrario durante le normali operazioni, ad esempio durante l’avvio di app o la sincronizzazione dei dati in background. I ricercatori osservano che i sintomi della vulnerabilità sono simili a quelli di precedenti episodi di danneggiamento della memoria utilizzati per aumentare i privilegi sul dispositivo.
Il bollettino identifica anche un’altra vulnerabilità, il CVE-2025-48581. È classificata come vulnerabilità di escalation dei privilegi (EoP) di gravità elevata ed è presente anche nel componente di sistema. A differenza dell’RCE, lo sfruttamento richiede un accesso preventivo al sistema, ma consente a un’applicazione di ottenere il controllo non autorizzato di funzioni sensibili del dispositivo.
I dispositivi con Android 10 e versioni successive potranno ricevere aggiornamenti di sicurezza, ma i possessori di modelli precedenti rischiano di rimanere senza protezione se i produttori ritardano il rilascio delle patch. Google consiglia a tutti gli utenti di verificare la presenza di aggiornamenti il prima possibile tramite Impostazioni > Sistema > Aggiornamento di sistema e di impostare il livello di patch di sicurezza al 2025-11-01, che risolve completamente questi problemi.
L’azienda sottolinea che non sono stati ancora registrati exploit attivi, ma la natura della vulnerabilità la rende particolarmente pericolosa per il governo e le personalità pubbliche, che sono spesso bersaglio di attacchi mirati.
La frammentazione di Android rimane un problema chiave nell’ecosistema, rendendo le risposte tempestive dei produttori fondamentali per la protezione degli utenti. Gli esperti raccomandano di abilitare gli aggiornamenti automatici ed evitare di installare app da fonti non attendibili: questo rimane il modo più affidabile per ridurre al minimo i rischi in un contesto di crescente minaccia per dispositivi mobili.
Allontanato dalla testata per cui si lavora per aver fatto una domanda scomoda durante una conferenza stampa. È quello che è accaduto a Gabriele Nunziati collaboratore dell’Agenzia Nova da Bruxelles. La colpa del collega è stata chiedere alla portavoce della Commissione dell’UE Paola Pinho se ritenesse che anche Israele a Gaza, come la Russia in Ucraina, dovesse farsi carico della ricostruzione. Pinho ha risposto con un imbarazzato no comment, rimbalzato sui social. Imbarazzo condiviso dall’editore di Nova Fabio Squillante, che ha interrotto il rapporto di collaborazione con Nunziati, cui va tutta la solidarietà di Stampa Romana. È un episodio gravissimo di lesione dell’autonomia professionale, che evidenzia ancora una volta la necessità di maggiori garanzie contrattuali per i collaboratori, i più esposti a pressioni e ingerenze.
Una mostra per prepararsi al viaggio del Santo Padre a Nicea. Si chiama “Luce da luce. Nicea 1700 anni dopo” e verrà presentata domani, 6 novembre, alle 12 presso la Sala Marconi (Piazza Pia, 3).
What’s the Difference Between AI Glasses and an iPhone? A Helpful Guide for Meta PR
Over the last few months 404 Media has covered some concerning but predictable uses for the Ray-Ban Meta glasses, which are equipped with a built-in camera, and for some models, AI. Aftermarket hobbyists have modified the glasses to add a facial recognition feature that could quietly dox whatever face a user is looking at, and they have been worn by CBP agents during the immigration raids that have come to define a new low for human rights in the United States. Most recently, exploitative Instagram users filmed themselves asking workers at massage parlors for sex and shared those videos online, a practice that experts told us put those workers’ lives at risk.
404 Media reached out to Meta for comment for each of these stories, and in each case Meta’s rebuttal was a mind-bending argument: What is the difference between Meta’s Ray-Ban glasses and an iPhone, really, when you think about it?
“Curious, would this have been a story had they used the new iPhone?” a Meta spokesperson asked me in an email when I reached out for comment about the massage parlor story.
Meta’s argument is that our recent stories about its glasses are not newsworthy because we wouldn’t bother writing them if the videos in question were filmed with an iPhone as opposed to a pair of smart glasses. Let’s ignore the fact that I would definitely still write my story about the massage parlor videos if they were filmed with an iPhone and “steelman” Meta’s provocative argument that glasses and a phone are essentially not meaningfully different objects.
Meta’s Ray-Ban glasses and an iPhone are both equipped with a small camera that can record someone secretly. If anything, the iPhone can record more discreetly because unlike Meta’s Ray-Ban glasses it’s not equipped with an LED that lights up to indicate that it’s recording. This, Meta would argue, means that the glasses are by design more respectful of people’s privacy than an iPhone.
Both are small electronic devices. Both can include various implementations of AI tools. Both are often black, and are made by one of the FAANG companies. Both items can be bought at a Best Buy. You get the point: There are too many similarities between the iPhone and Meta’s glasses to name them all here, just as one could strain to name infinite similarities between a table and an elephant if we chose to ignore the context that actually matters to a human being.
Whenever we published one of these stories the response from commenters and on social media has been primarily anger and disgust with Meta’s glasses enabling the behavior we reported on and a rejection of the device as a concept entirely. This is not surprising to anyone who has covered technology long enough to remember the launch and quick collapse of Google Glass, so-called “glassholes,” and the device being banned from bars.
There are two things Meta’s glasses have in common with Google Glass which also make it meaningfully different from an iPhone. The first is that the iPhone might not have a recording light, but in order to record something or take a picture, a user has to take it out of their pocket and hold it out, an awkward gesture all of us have come to recognize in the almost two decades since the launch of the first iPhone. It is an unmistakable signal that someone is recording. That is not the case with Meta’s glasses, which are meant to be worn as a normal pair of glasses, and are always pointing at something or someone if you see someone wearing them in public.
In fact, the entire motivation for building these glasses is that they are discreet and seamlessly integrate into your life. The point of putting a camera in the glasses is that it eliminates the need to take an iPhone out of your pocket. People working in the augmented reality and virtual reality space have talked about this for decades. In Meta’s own promotional video for the Meta Ray-Ban Display glasses, titled “10 years in the making,” the company shows Mark Zuckerberg on stage in 2016 saying that “over the next 10 years, the form factor is just going to keep getting smaller and smaller until, and eventually we’re going to have what looks like normal looking glasses.” And in 2020, “you see something awesome and you want to be able to share it without taking out your phone.” Meta's Ray-Ban glasses have not achieved their final form, but one thing that makes them different from Google Glass is that they are designed to look exactly like an iconic pair of glasses that people immediately recognize. People will probably notice the camera in the glasses, but they have been specifically designed to look like "normal” glasses.
Again, Meta would argue that the LED light solves this problem, but that leads me to the next important difference: Unlike the iPhone and other smartphones, one of the most widely adopted electronics in human history, only a tiny portion of the population has any idea what the fuck these glasses are. I have watched dozens of videos in which someone wearing Meta glasses is recording themselves harassing random people to boost engagement on Instagram or TikTok. Rarely do the people in the videos say anything about being recorded, and it’s very clear the women working at these massage parlors have no idea they’re being recorded. The Meta glasses have an LED light, sure, but these glasses are new, rare, and it’s not safe to assume everyone knows what that light means.
As Joseph and Jason recently reported, there are also cheap ways to modify Meta glasses to prevent the recording light from turning on. Search results, Reddit discussions, and a number of products for sale on Amazon all show that many Meta glasses customers are searching for a way to circumvent the recording light, meaning that many people are buying them to do exactly what Meta claims is not a real issue.
It is possible that in the future Meta glasses and similar devices will become so common that most people will understand that if they see them, they would assume they are being recorded, though that is not a future I hope for. Until then, if it is all helpful to the public relations team at Meta, these are what the glasses look like: And this is what an iPhone looks like: Photo by Bagus Hernawan / Unsplash Feel free to refer to this handy guide when needed.
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
Image via the Wayback Machine.
Photo by Bagus Hernawan / Unsplash
Otttoz
in reply to Cybersecurity & cyberwarfare • • •